npm - vibora - Versions diffs - 3.6.0 → 3.7.0 - Mend

vibora 3.6.0 → 3.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/README.md +7 -12
package/bin/vibora.js +0 -46
package/dist/assets/{index-r4Upl2GW.js → index-B_0ZMwER.js} +93 -93
package/dist/assets/index-D643AGV4.css +1 -0
package/dist/index.html +2 -2
package/package.json +1 -1
package/server/index.js +599 -1010
package/dist/assets/index-C9swvEK_.css +0 -1

package/README.md CHANGED Viewed

@@ -144,17 +144,18 @@ For Claude Desktop, add to your `claude_desktop_config.json`:
 Run the backend on a remote server and connect from anywhere. Launch tasks, close your laptop, and your agents keep working. As AI becomes more capable of autonomous work, this becomes essential.
-1. **On the remote server:**
+1. **Set up a secure tunnel** — Use Tailscale (recommended) or Cloudflare Tunnels to securely expose your server
+   - **Tailscale** — Works with both web and desktop app. No CORS configuration needed.
+   - **Cloudflare Tunnels** — Alternative for web-only usage. Note: Desktop app has CORS limitations with Cloudflare Tunnels.
+2. **On the remote server:**
    ```bash
    npx vibora@latest up
-   vibora config set remoteHost your-server.example.com
-   vibora config set basicAuthUsername admin
-   vibora config set basicAuthPassword your-secure-password
    ```
-2. **Connect from desktop app** — Click "Connect to Remote" and enter the server URL
+3. **Connect from desktop app** — Click "Connect to Remote" and enter the server URL (e.g., `http://your-server.tailnet.ts.net:7777`)
-3. **Or access via browser** — Open `http://your-server.example.com:7777`
+4. **Or access via browser** — Open the tunnel URL in your browser
 <details>
 <summary><strong>Configuration</strong></summary>
@@ -171,8 +172,6 @@ Settings are stored in `.vibora/settings.json`. The vibora directory is resolved
 | defaultGitReposDir | `VIBORA_GIT_REPOS_DIR` | ~ |
 | remoteHost | `VIBORA_REMOTE_HOST` | (empty) |
 | sshPort | `VIBORA_SSH_PORT` | 22 |
-| basicAuthUsername | `VIBORA_BASIC_AUTH_USERNAME` | null |
-| basicAuthPassword | `VIBORA_BASIC_AUTH_PASSWORD` | null |
 | linearApiKey | `LINEAR_API_KEY` | null |
 | githubPat | `GITHUB_PAT` | null |
 | language | — | null (auto-detect) |
@@ -185,10 +184,6 @@ Precedence: environment variable → settings.json → default
 Vibora can sync task status with Linear tickets. Configure `linearApiKey` in settings or set `LINEAR_API_KEY`. When a task is linked to a Linear ticket, status changes in Vibora automatically update Linear.
-### Basic Auth
-Set `basicAuthUsername` and `basicAuthPassword` to require authentication when exposing Vibora over a network.
 </details>
 <details>

package/bin/vibora.js CHANGED Viewed

@@ -43,23 +43,6 @@ function getPortFromSettings(settings) {
   }
   return null;
 }
-function getAuthFromSettings(settings) {
-  if (!settings)
-    return null;
-  if (settings.authentication?.username && settings.authentication?.password) {
-    return {
-      username: settings.authentication.username,
-      password: settings.authentication.password
-    };
-  }
-  if (settings.basicAuthUsername && settings.basicAuthPassword) {
-    return {
-      username: settings.basicAuthUsername,
-      password: settings.basicAuthPassword
-    };
-  }
-  return null;
-}
 function expandPath(p) {
   if (p.startsWith("~/")) {
     return join(homedir(), p.slice(2));
@@ -117,21 +100,6 @@ function getViboraDir() {
   }
   return join(homedir(), ".vibora");
 }
-function getAuthCredentials() {
-  const settingsPaths = [
-    process.env.VIBORA_DIR && join(expandPath(process.env.VIBORA_DIR), "settings.json"),
-    join(process.cwd(), ".vibora", "settings.json"),
-    join(homedir(), ".vibora", "settings.json")
-  ].filter(Boolean);
-  for (const path of settingsPaths) {
-    const settings = readSettingsFile(path);
-    const auth = getAuthFromSettings(settings);
-    if (auth) {
-      return auth;
-    }
-  }
-  return null;
-}
 var DEFAULT_PORT = 7777;
 var init_server = () => {};
@@ -171,16 +139,8 @@ var init_errors = __esm(() => {
 // cli/src/client.ts
 class ViboraClient {
   baseUrl;
-  authHeader;
   constructor(urlOverride, portOverride) {
     this.baseUrl = discoverServerUrl(urlOverride, portOverride);
-    const credentials = getAuthCredentials();
-    if (credentials) {
-      const encoded = btoa(`${credentials.username}:${credentials.password}`);
-      this.authHeader = `Basic ${encoded}`;
-    } else {
-      this.authHeader = null;
-    }
   }
   async fetch(path, options) {
     const url = `${this.baseUrl}${path}`;
@@ -188,17 +148,11 @@ class ViboraClient {
       "Content-Type": "application/json",
       ...options?.headers
     };
-    if (this.authHeader) {
-      headers["Authorization"] = this.authHeader;
-    }
     try {
       const res = await fetch(url, {
         ...options,
         headers
       });
-      if (res.status === 401) {
-        throw new ApiError(401, "Authentication required. Configure basicAuthUsername and basicAuthPassword in settings.json");
-      }
       if (!res.ok) {
         const body = await res.json().catch(() => ({}));
         throw new ApiError(res.status, body.error || body.message || `Request failed: ${res.status}`);