veryfront 0.1.75 → 0.1.76

package/src/src/platform/adapters/veryfront-api-client/retry-handler.ts

@@ -18,6 +18,9 @@ export interface RequestOptions {
   returnText?: boolean;
   /** Request timeout in milliseconds. Defaults to 30000ms (30 seconds). */
   timeoutMs?: number;
+  method?: string;
+  body?: dntShim.BodyInit | null;
+  headers?: dntShim.HeadersInit;
 }
 
 /** Default timeout for API requests (30 seconds) */
@@ -48,13 +51,19 @@ export async function requestWithRetry(
         async () => {
           const startTime = performance.now();
 
-          const headers = new dntShim.Headers({
-            Authorization: `Bearer ${apiToken}`,
-            "Content-Type": "application/json",
-          });
+          const headers = new dntShim.Headers(options.headers);
+          headers.set("Authorization", `Bearer ${apiToken}`);
+          if (!headers.has("Content-Type")) {
+            headers.set("Content-Type", "application/json");
+          }
           injectContext(headers);
 
-          const response = await dntShim.fetch(url, { headers, signal: controller.signal });
+          const response = await dntShim.fetch(url, {
+            method: options.method ?? "GET",
+            headers,
+            body: options.body,
+            signal: controller.signal,
+          });
           const duration = performance.now() - startTime;
 
           recordApiRequest(response.status);
@@ -89,7 +98,7 @@ export async function requestWithRetry(
           return { data, status: response.status, duration };
         },
         {
-          "http.method": "GET",
+          "http.method": options.method ?? "GET",
           "http.url": url,
           "http.target": urlPath,
           "http.host": urlObj.host,

package/src/src/proxy/handler.ts

@@ -3,10 +3,11 @@ import { TokenManager, type TokenScope } from "./token-manager.js";
 import { type ParsedDomain, parseProjectDomain } from "../server/utils/domain-parser.js";
 import type { TokenCache } from "./cache/types.js";
 import { createFileSystem } from "../platform/compat/fs.js";
-import { cwd } from "../platform/compat/process.js";
+import { cwd, getEnv } from "../platform/compat/process.js";
 import { join } from "../platform/compat/path/index.js";
 import { injectContext, ProxySpanNames, withSpan } from "./tracing.js";
 import { computeContentSourceId } from "../cache/keys.js";
+import { jwtVerify } from "jose";
 
 export const INTERNAL_PROXY_HEADERS = [
   "x-token",
@@ -151,19 +152,27 @@ function extractUserToken(cookieHeader: string): string | undefined {
   return match?.[1] ? decodeURIComponent(match[1]) : undefined;
 }
 
-function extractUserIdFromToken(token: string): string | undefined {
+async function extractUserIdFromToken(
+  token: string,
+  log?: ProxyLogger,
+): Promise<string | undefined> {
+  const jwtSecret = getEnv("JWT_SECRET");
+
+  if (!jwtSecret) {
+    log?.warn("JWT_SECRET not configured — cannot verify user token");
+    return undefined;
+  }
+
   try {
-    const payload = token.split(".")[1];
-    if (!payload) return undefined;
-    // JWT payloads are base64url-encoded: normalize to standard base64 before decoding
-    let base64 = payload.replace(/-/g, "+").replace(/_/g, "/");
-    const remainder = base64.length % 4;
-    if (remainder === 2) base64 += "==";
-    else if (remainder === 3) base64 += "=";
-    const decoded = JSON.parse(atob(base64));
-    return decoded?.userId;
-  } catch (_) {
-    /* expected: malformed JWT token */
+    const secret = new TextEncoder().encode(jwtSecret);
+    const { payload } = await jwtVerify(token, secret, {
+      algorithms: ["HS256"],
+    });
+    return (payload as { userId?: string }).userId;
+  } catch (error) {
+    log?.debug("JWT verification failed", {
+      error: error instanceof Error ? error.message : String(error),
+    });
     return undefined;
   }
 }
@@ -276,13 +285,13 @@ export function createProxyHandler(options: ProxyHandlerOptions) {
     return `https://veryfront.com/sign-in?from=${encodeURIComponent(returnPath)}`;
   }
 
-  function checkProtectedAccess(
+  async function checkProtectedAccess(
     req: dntShim.Request,
     matchingEnv: NonNullable<DomainLookupResult["environments"]>[number] | undefined,
     userToken: string | undefined,
     users: DomainLookupResult["users"],
     logContext: Record<string, unknown>,
-  ): { status: number; message: string; redirectUrl?: string } | null {
+  ): Promise<{ status: number; message: string; redirectUrl?: string } | null> {
     if (!matchingEnv?.protected) return null;
 
     if (!userToken) {
@@ -295,9 +304,8 @@ export function createProxyHandler(options: ProxyHandlerOptions) {
       return { status: 302, message: "Authentication required", redirectUrl };
     }
 
-    const userId = extractUserIdFromToken(userToken);
+    const userId = await extractUserIdFromToken(userToken, logger);
     if (!userId) {
-      // Malformed token — treat as unauthenticated so user can re-sign-in
       const redirectUrl = makeAuthRedirectUrl(req);
       logger?.info("Could not extract userId from token", {
         ...logContext,
@@ -334,7 +342,7 @@ export function createProxyHandler(options: ProxyHandlerOptions) {
 
     const matchingEnv = lookupResult.environments?.find(envMatcher);
 
-    const protectionError = checkProtectedAccess(
+    const protectionError = await checkProtectedAccess(
       req,
       matchingEnv,
       userToken,
@@ -442,7 +450,7 @@ export function createProxyHandler(options: ProxyHandlerOptions) {
         releaseId = matchingEnv?.active_release_id ?? undefined;
         environmentId = matchingEnv?.id;
 
-        const protectionError = checkProtectedAccess(
+        const protectionError = await checkProtectedAccess(
           req,
           matchingEnv,
           userToken,

package/src/src/routing/api/route-executor.ts

@@ -24,10 +24,11 @@ import {
   getWorkerPool,
   isWorkerIsolationEnabled,
 } from "../../security/sandbox/worker-pool.js";
-import type {
-  SerializedRequest,
-  SerializedResponse,
-  WorkerResponse,
+import {
+  MAX_WORKER_BODY_BYTES,
+  type SerializedRequest,
+  type SerializedResponse,
+  type WorkerResponse,
 } from "../../security/sandbox/worker-types.js";
 import { getProjectEnvSnapshot } from "../../server/project-env/storage.js";
 
@@ -129,13 +130,48 @@ function toHeadResponse(response: dntShim.Response): dntShim.Response {
 // Worker Isolation Helpers
 // ---------------------------------------------------------------------------
 
+function checkContentLengthLimit(request: dntShim.Request): void {
+  const contentLength = request.headers.get("content-length");
+  if (!contentLength) return;
+
+  const bytes = parseInt(contentLength, 10);
+  if (bytes > MAX_WORKER_BODY_BYTES) {
+    throw createError({
+      type: "api",
+      message: `Request body too large for isolated execution (${
+        (bytes / 1024 / 1024).toFixed(1)
+      } MB, limit ${MAX_WORKER_BODY_BYTES / 1024 / 1024} MB)`,
+    });
+  }
+}
+
+async function readBodyWithSizeGuard(request: dntShim.Request): Promise<Uint8Array | null> {
+  if (!request.body) return null;
+
+  // Fast path: reject before buffering if Content-Length is known
+  checkContentLengthLimit(request);
+
+  const body = new Uint8Array(await request.arrayBuffer());
+
+  // Fallback: check actual size for chunked/streaming bodies
+  if (body.byteLength > MAX_WORKER_BODY_BYTES) {
+    throw createError({
+      type: "api",
+      message: `Request body too large for isolated execution (${
+        (body.byteLength / 1024 / 1024).toFixed(1)
+      } MB, limit ${MAX_WORKER_BODY_BYTES / 1024 / 1024} MB)`,
+    });
+  }
+
+  return body;
+}
+
 async function serializeRequest(request: dntShim.Request): Promise<SerializedRequest> {
-  const body = request.body ? new Uint8Array(await request.arrayBuffer()) : null;
   return {
     url: request.url,
     method: request.method,
     headers: [...request.headers.entries()],
-    body,
+    body: await readBodyWithSizeGuard(request),
   };
 }
 
@@ -252,7 +288,7 @@ function executePagesRouteIsolated(
     async () => {
       try {
         const pool = getWorkerPool();
-        const body = request.body ? new Uint8Array(await request.arrayBuffer()) : null;
+        const body = await readBodyWithSizeGuard(request);
 
         const workerResponse = await pool.execute(
           projectDir,

package/src/src/security/deno-permissions.ts

@@ -17,8 +17,9 @@ export const SERVER_PERMISSIONS = [
   "--allow-net",
   "--allow-env",
   "--allow-run",
-  "--allow-ffi",
   "--allow-sys",
+  "--unstable-worker-options",
+  "--unstable-net",
 ] as const;
 
 /**

package/src/src/security/sandbox/project-worker.ts

@@ -23,6 +23,7 @@ import type {
 } from "./worker-types.js";
 
 const logger = serverLogger.component("project-worker");
+const textEncoder = new TextEncoder();
 
 type ExtendedWorkerOptions = {
   type: "module";
@@ -179,7 +180,6 @@ export class ProjectWorker {
     this._status = "busy";
 
     const requestId = request.id;
-    const encoder = new TextEncoder();
 
     return new ReadableStream<Uint8Array>({
       start: (controller) => {
@@ -240,7 +240,7 @@ export class ProjectWorker {
 
             // If we get an ssr-result, emit it as a single chunk
             if (response.type === "ssr-result") {
-              controller.enqueue(encoder.encode(response.html));
+              controller.enqueue(textEncoder.encode(response.html));
               controller.close();
             } else if (response.type === "error") {
               const err = new Error(response.error.message);

package/src/src/security/sandbox/worker-permissions.ts

@@ -23,6 +23,18 @@ export interface WorkerPermissions {
   sys: boolean;
 }
 
+// Cache compiled binary check — Deno.execPath() is a syscall that never changes at runtime
+const _isCompiledBinary = (() => {
+  try {
+    const exec = typeof dntShim.Deno !== "undefined" ? dntShim.Deno.execPath?.() : undefined;
+    if (!exec) return false;
+    const name = exec.split(/[/\\]/).pop()?.toLowerCase() ?? "";
+    return name !== "deno" && name !== "deno.exe";
+  } catch {
+    return false;
+  }
+})();
+
 /**
  * Build scoped permissions for a project worker.
  *
@@ -41,25 +53,16 @@ export function buildWorkerPermissions(
   // is outside the project directory. Rather than trying to enumerate all
   // read paths, grant full read access — the security boundary is enforced
   // by denying write/run/ffi/sys, not by restricting reads.
-  // Check for compiled binary by testing if execPath is NOT "deno"/"deno.exe"
-  try {
-    const exec = typeof dntShim.Deno !== "undefined" ? dntShim.Deno.execPath?.() : undefined;
-    if (exec) {
-      const name = exec.split(/[/\\]/).pop()?.toLowerCase() ?? "";
-      if (name !== "deno" && name !== "deno.exe") {
-        return {
-          read: true,
-          write: false,
-          net: true,
-          env: true,
-          run: false,
-          ffi: false,
-          sys: false,
-        };
-      }
-    }
-  } catch {
-    // execPath may not be available
+  if (_isCompiledBinary) {
+    return {
+      read: true,
+      write: false,
+      net: true,
+      env: true,
+      run: false,
+      ffi: false,
+      sys: false,
+    };
   }
 
   return {

package/src/src/security/sandbox/worker-pool.ts

@@ -121,21 +121,29 @@ export class WorkerPool {
 
         if (shouldRecycle && !this.recycling.has(projectId)) {
           this.recycling.add(projectId);
-          try {
-            logger.debug("Recycling worker", {
-              projectId,
-              requestCount: worker.requestCount,
-              ageMs: entry ? Date.now() - entry.createdAt : 0,
-              reason: worker.requestCount >= this.config.maxRequestsPerWorker
-                ? "request_count"
-                : "age",
-            });
+
+          logger.debug("Recycling worker", {
+            projectId,
+            requestCount: worker.requestCount,
+            ageMs: entry ? Date.now() - entry.createdAt : 0,
+            reason: worker.requestCount >= this.config.maxRequestsPerWorker
+              ? "request_count"
+              : "age",
+          });
+
+          // Warm replacement: let the old worker handle this last request,
+          // then evict it and create a replacement after the request settles.
+          // This avoids cold-start latency for the caller AND prevents the
+          // old worker from being terminated while it still has pending work.
+          const result = worker.execute(request);
+
+          void result.finally(() => {
             this.evictWorker(projectId);
-            const fresh = this.getOrCreateWorker(projectId, readPaths);
-            return fresh.execute(request);
-          } finally {
+            this.getOrCreateWorker(projectId, readPaths);
             this.recycling.delete(projectId);
-          }
+          });
+
+          return result;
         }
 
         return worker.execute(request);

package/src/src/security/sandbox/worker-types.ts

@@ -198,6 +198,9 @@ export interface WorkerPoolConfig {
   memoryBudgetMb: number;
 }
 
+/** Maximum request body size for worker isolation (10 MB) */
+export const MAX_WORKER_BODY_BYTES = 10 * 1024 * 1024;
+
 export const DEFAULT_WORKER_POOL_CONFIG: WorkerPoolConfig = {
   maxPoolSize: 20,
   idleTimeoutMs: 300_000,

package/src/src/server/handlers/request/internal-tasks-list.handler.ts

@@ -0,0 +1,103 @@
+import * as dntShim from "../../../../_dnt.shims.js";
+import { PRIORITY_MEDIUM_API } from "../../../utils/constants/index.js";
+import { ZodError } from "zod";
+import {
+  type ControlPlaneTasksListRequest,
+  ControlPlaneTasksListRequestSchema,
+  defaultRuntimeTaskDiscoveryDeps,
+  listRuntimeTasks,
+  type RuntimeTaskDiscoveryDeps,
+} from "../../../task/control-plane.js";
+import {
+  ControlPlaneRequestError,
+  verifyControlPlaneRequest,
+} from "../../../internal-agents/control-plane-auth.js";
+import {
+  INTERNAL_AGENT_CONTROL_PLANE_MAX_BODY_BYTES,
+  InternalAgentRequestBodyTooLargeError,
+  readInternalAgentRequestBody,
+} from "../../../internal-agents/request-body.js";
+import { BaseHandler } from "../response/base.js";
+import type { HandlerContext, HandlerMetadata, HandlerPriority, HandlerResult } from "../types.js";
+
+export class InternalTasksListHandler extends BaseHandler {
+  metadata: HandlerMetadata = {
+    name: "InternalTasksListHandler",
+    priority: PRIORITY_MEDIUM_API as HandlerPriority,
+    patterns: [{ pattern: "/internal/tasks/list", exact: true, method: "POST" }],
+  };
+
+  constructor(
+    private readonly deps: RuntimeTaskDiscoveryDeps = defaultRuntimeTaskDiscoveryDeps,
+  ) {
+    super();
+  }
+
+  async handle(req: dntShim.Request, ctx: HandlerContext): Promise<HandlerResult> {
+    if (!this.shouldHandle(req, ctx)) {
+      return this.continue();
+    }
+
+    return this.withProxyContext(ctx, async () => {
+      const builder = this.createResponseBuilder(ctx)
+        .withCORS(req, ctx.securityConfig?.cors)
+        .withSecurity(ctx.securityConfig ?? undefined, req);
+
+      try {
+        const rawBody = await readInternalAgentRequestBody(
+          req,
+          INTERNAL_AGENT_CONTROL_PLANE_MAX_BODY_BYTES,
+        );
+        const payload: ControlPlaneTasksListRequest = ControlPlaneTasksListRequestSchema.parse(
+          JSON.parse(rawBody),
+        );
+        const claims = await verifyControlPlaneRequest(req, ctx, rawBody, {
+          expectedSubject: payload.requestId,
+          expectedSurface: payload.surface,
+        });
+
+        if (
+          payload.projectId !== claims.project_id ||
+          (ctx.projectId !== undefined && payload.projectId !== ctx.projectId)
+        ) {
+          this.logWarn("Internal tasks list request body did not match signed claims", {
+            projectSlug: ctx.projectSlug,
+            projectId: ctx.projectId,
+            requestId: payload.requestId,
+            signedRequestId: claims.sub,
+            surface: payload.surface,
+            signedSurface: claims.surface,
+          });
+          return this.respond(builder.json({ error: "Invalid control-plane signature" }, 401));
+        }
+
+        const response = await listRuntimeTasks(ctx, this.deps);
+        return this.respond(builder.json(response, 200));
+      } catch (error) {
+        if (error instanceof InternalAgentRequestBodyTooLargeError) {
+          return this.respond(builder.json({ error: error.message }, error.status));
+        }
+
+        if (error instanceof ControlPlaneRequestError) {
+          this.logWarn("Internal tasks list signature verification failed", {
+            error: error.message,
+            projectSlug: ctx.projectSlug,
+            projectId: ctx.projectId,
+          });
+          return this.respond(builder.json({ error: error.message }, error.status));
+        }
+
+        if (error instanceof SyntaxError || error instanceof ZodError) {
+          this.logWarn("Internal tasks list request validation failed", {
+            error: error instanceof Error ? error.message : String(error),
+            projectSlug: ctx.projectSlug,
+            projectId: ctx.projectId,
+          });
+          return this.respond(builder.json({ error: "Invalid internal tasks request" }, 400));
+        }
+
+        throw error;
+      }
+    });
+  }
+}

package/src/src/server/runtime-handler/index.ts

@@ -55,6 +55,7 @@ import { MarkdownPreviewHandler } from "../handlers/preview/markdown-preview.han
 import { OpenAPIHandler } from "../handlers/request/openapi.handler.js";
 import { OpenAPIDocsHandler } from "../handlers/request/openapi-docs.handler.js";
 import { InternalAgentsListHandler } from "../handlers/request/internal-agents-list.handler.js";
+import { InternalTasksListHandler } from "../handlers/request/internal-tasks-list.handler.js";
 import { AgentStreamHandler } from "../handlers/request/agent-stream.handler.js";
 import { AgentRunResumeHandler } from "../handlers/request/agent-run-resume.handler.js";
 import { AgentRunCancelHandler } from "../handlers/request/agent-run-cancel.handler.js";
@@ -131,6 +132,7 @@ export const HANDLER_NAMES = [
   "OpenAPIHandler",
   "OpenAPIDocsHandler",
   "InternalAgentsListHandler",
+  "InternalTasksListHandler",
   "AgentStreamHandler",
   "AgentRunResumeHandler",
   "AgentRunCancelHandler",
@@ -185,6 +187,7 @@ const handlerFactories: Record<
   OpenAPIHandler: () => new OpenAPIHandler(),
   OpenAPIDocsHandler: () => new OpenAPIDocsHandler(),
   InternalAgentsListHandler: () => new InternalAgentsListHandler(),
+  InternalTasksListHandler: () => new InternalTasksListHandler(),
   AgentStreamHandler: () => new AgentStreamHandler(),
   AgentRunResumeHandler: () => new AgentRunResumeHandler(),
   AgentRunCancelHandler: () => new AgentRunCancelHandler(),

package/src/src/task/control-plane.ts

@@ -0,0 +1,76 @@
+import { ControlPlaneSurfaceSchema } from "../channels/control-plane.js";
+import type { HandlerContext } from "../types/index.js";
+import { z } from "zod";
+import { discoverTasks, type TaskDiscoveryOptions } from "./discovery.js";
+
+export const ControlPlaneTasksListRequestSchema = z.object({
+  requestId: z.string().min(1),
+  projectId: z.string().min(1),
+  surface: ControlPlaneSurfaceSchema,
+});
+
+const JsonSchemaRecordSchema = z.record(z.unknown());
+
+export const RuntimeTaskSchema = z.object({
+  id: z.string().min(1),
+  name: z.string().min(1),
+  description: z.string().nullable(),
+  target: z.string().min(1),
+  sourcePath: z.string().min(1),
+  inputSchema: JsonSchemaRecordSchema.nullable(),
+  outputSchema: JsonSchemaRecordSchema.nullable(),
+  schedulable: z.boolean(),
+});
+
+export const RuntimeTaskListResponseSchema = z.object({
+  tasks: z.array(RuntimeTaskSchema),
+});
+
+export type ControlPlaneTasksListRequest = z.infer<typeof ControlPlaneTasksListRequestSchema>;
+export type RuntimeTask = z.infer<typeof RuntimeTaskSchema>;
+export type RuntimeTaskListResponse = z.infer<typeof RuntimeTaskListResponseSchema>;
+
+export interface RuntimeTaskDiscoveryDeps {
+  discoverTasks: (options: TaskDiscoveryOptions) => ReturnType<typeof discoverTasks>;
+}
+
+export const defaultRuntimeTaskDiscoveryDeps: RuntimeTaskDiscoveryDeps = {
+  discoverTasks,
+};
+
+function normalizeJsonSchema(value: unknown): Record<string, unknown> | null {
+  if (value == null || typeof value !== "object" || Array.isArray(value)) {
+    return null;
+  }
+
+  return value as Record<string, unknown>;
+}
+
+export async function listRuntimeTasks(
+  ctx: HandlerContext,
+  deps: RuntimeTaskDiscoveryDeps = defaultRuntimeTaskDiscoveryDeps,
+): Promise<RuntimeTaskListResponse> {
+  const discovery = await deps.discoverTasks({
+    projectDir: ctx.projectDir,
+    adapter: ctx.adapter,
+    config: ctx.config,
+    debug: ctx.debug ?? false,
+  });
+
+  const tasks = discovery.tasks
+    .map((task) =>
+      RuntimeTaskSchema.parse({
+        id: task.id,
+        name: task.name,
+        description: task.definition.description ?? null,
+        target: `task:${task.id}`,
+        sourcePath: task.filePath,
+        inputSchema: normalizeJsonSchema(task.definition.inputSchema),
+        outputSchema: normalizeJsonSchema(task.definition.outputSchema),
+        schedulable: task.definition.schedulable ?? true,
+      })
+    )
+    .sort((left, right) => left.name.localeCompare(right.name));
+
+  return RuntimeTaskListResponseSchema.parse({ tasks });
+}

package/src/src/task/types.ts

@@ -26,6 +26,12 @@ export interface TaskDefinition {
   name?: string;
   /** Task description */
   description?: string;
+  /** Optional JSON-schema-like input contract surfaced in APIs/UIs */
+  inputSchema?: Record<string, unknown>;
+  /** Optional JSON-schema-like output contract surfaced in APIs/UIs */
+  outputSchema?: Record<string, unknown>;
+  /** Whether this task can be scheduled via cron jobs */
+  schedulable?: boolean;
   /** The function to execute */
   run: (ctx: TaskContext) => Promise<unknown> | unknown;
 }