wiki-viewer 1.14.1 → 1.14.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (384) hide show
  1. package/.next/standalone/.next/BUILD_ID +1 -1
  2. package/.next/standalone/.next/build-manifest.json +3 -3
  3. package/.next/standalone/.next/server/app/_global-error.html +1 -1
  4. package/.next/standalone/.next/server/app/_global-error.rsc +1 -1
  5. package/.next/standalone/.next/server/app/_global-error.segments/__PAGE__.segment.rsc +1 -1
  6. package/.next/standalone/.next/server/app/_global-error.segments/_full.segment.rsc +1 -1
  7. package/.next/standalone/.next/server/app/_global-error.segments/_head.segment.rsc +1 -1
  8. package/.next/standalone/.next/server/app/_global-error.segments/_index.segment.rsc +1 -1
  9. package/.next/standalone/.next/server/app/_global-error.segments/_tree.segment.rsc +1 -1
  10. package/.next/standalone/.next/server/app/_not-found.html +1 -1
  11. package/.next/standalone/.next/server/app/_not-found.rsc +1 -1
  12. package/.next/standalone/.next/server/app/_not-found.segments/_full.segment.rsc +1 -1
  13. package/.next/standalone/.next/server/app/_not-found.segments/_head.segment.rsc +1 -1
  14. package/.next/standalone/.next/server/app/_not-found.segments/_index.segment.rsc +1 -1
  15. package/.next/standalone/.next/server/app/_not-found.segments/_not-found/__PAGE__.segment.rsc +1 -1
  16. package/.next/standalone/.next/server/app/_not-found.segments/_not-found.segment.rsc +1 -1
  17. package/.next/standalone/.next/server/app/_not-found.segments/_tree.segment.rsc +1 -1
  18. package/.next/standalone/.next/server/app/api/agent/activity/route.js.nft.json +1 -1
  19. package/.next/standalone/.next/server/app/api/agent/events/[...path]/route.js.nft.json +1 -1
  20. package/.next/standalone/.next/server/app/api/agent/files/[...path]/route.js.nft.json +1 -1
  21. package/.next/standalone/.next/server/app/api/agent/fs/file/[...path]/route.js.nft.json +1 -1
  22. package/.next/standalone/.next/server/app/api/agent/fs/ls/[[...path]]/route.js.nft.json +1 -1
  23. package/.next/standalone/.next/server/app/api/agent/fs/move/route.js.nft.json +1 -1
  24. package/.next/standalone/.next/server/app/api/agent/fs/search/route.js.nft.json +1 -1
  25. package/.next/standalone/.next/server/app/api/agent/internal/span/route.js.nft.json +1 -1
  26. package/.next/standalone/.next/server/app/api/agent/settings/route.js.nft.json +1 -1
  27. package/.next/standalone/.next/server/app/api/agent/sidecar/[...path]/route.js.nft.json +1 -1
  28. package/.next/standalone/.next/server/app/api/assets/[...path]/route.js.nft.json +1 -1
  29. package/.next/standalone/.next/server/app/api/share/[token]/route.js.nft.json +1 -1
  30. package/.next/standalone/.next/server/app/api/share/route.js.nft.json +1 -1
  31. package/.next/standalone/.next/server/app/api/system/reveal/route.js.nft.json +1 -1
  32. package/.next/standalone/.next/server/app/api/system/set-root/route.js.nft.json +1 -1
  33. package/.next/standalone/.next/server/app/api/system/workspaces/[id]/open/route.js.nft.json +1 -1
  34. package/.next/standalone/.next/server/app/api/system/workspaces/[id]/refresh/route.js.nft.json +1 -1
  35. package/.next/standalone/.next/server/app/api/system/workspaces/[id]/route.js.nft.json +1 -1
  36. package/.next/standalone/.next/server/app/api/system/workspaces/route.js.nft.json +1 -1
  37. package/.next/standalone/.next/server/app/api/upload/[...path]/route.js.nft.json +1 -1
  38. package/.next/standalone/.next/server/app/api/wiki/app/route.js.nft.json +1 -1
  39. package/.next/standalone/.next/server/app/api/wiki/backlinks/route.js.nft.json +1 -1
  40. package/.next/standalone/.next/server/app/api/wiki/content/route.js.nft.json +1 -1
  41. package/.next/standalone/.next/server/app/api/wiki/download/route.js.nft.json +1 -1
  42. package/.next/standalone/.next/server/app/api/wiki/file/route.js.nft.json +1 -1
  43. package/.next/standalone/.next/server/app/api/wiki/folder/route.js.nft.json +1 -1
  44. package/.next/standalone/.next/server/app/api/wiki/git-branches/route.js.nft.json +1 -1
  45. package/.next/standalone/.next/server/app/api/wiki/git-checkout/route.js.nft.json +1 -1
  46. package/.next/standalone/.next/server/app/api/wiki/git-diff/route.js.nft.json +1 -1
  47. package/.next/standalone/.next/server/app/api/wiki/git-file-info/route.js.nft.json +1 -1
  48. package/.next/standalone/.next/server/app/api/wiki/git-history/route.js.nft.json +1 -1
  49. package/.next/standalone/.next/server/app/api/wiki/git-pull/route.js.nft.json +1 -1
  50. package/.next/standalone/.next/server/app/api/wiki/move/route.js.nft.json +1 -1
  51. package/.next/standalone/.next/server/app/api/wiki/new-file/route.js.nft.json +1 -1
  52. package/.next/standalone/.next/server/app/api/wiki/outlinks/route.js.nft.json +1 -1
  53. package/.next/standalone/.next/server/app/api/wiki/page/route.js.nft.json +1 -1
  54. package/.next/standalone/.next/server/app/api/wiki/presence/route.js.nft.json +1 -1
  55. package/.next/standalone/.next/server/app/api/wiki/route.js.nft.json +1 -1
  56. package/.next/standalone/.next/server/app/api/wiki/search/route.js.nft.json +1 -1
  57. package/.next/standalone/.next/server/app/api/wiki/slugs/route.js.nft.json +1 -1
  58. package/.next/standalone/.next/server/app/api/wiki/upload/route.js.nft.json +1 -1
  59. package/.next/standalone/.next/server/app/api/wiki/watch/route.js.nft.json +1 -1
  60. package/.next/standalone/.next/server/app/index.html +1 -1
  61. package/.next/standalone/.next/server/app/index.rsc +1 -1
  62. package/.next/standalone/.next/server/app/index.segments/__PAGE__.segment.rsc +1 -1
  63. package/.next/standalone/.next/server/app/index.segments/_full.segment.rsc +1 -1
  64. package/.next/standalone/.next/server/app/index.segments/_head.segment.rsc +1 -1
  65. package/.next/standalone/.next/server/app/index.segments/_index.segment.rsc +1 -1
  66. package/.next/standalone/.next/server/app/index.segments/_tree.segment.rsc +1 -1
  67. package/.next/standalone/.next/server/middleware-build-manifest.js +3 -3
  68. package/.next/standalone/.next/server/middleware-manifest.json +1 -1
  69. package/.next/standalone/.next/server/pages/404.html +1 -1
  70. package/.next/standalone/.next/server/pages/500.html +1 -1
  71. package/.next/standalone/package.json +1 -1
  72. package/bin/postbuild.js +21 -0
  73. package/package.json +1 -1
  74. package/.next/standalone/.github/workflows/publish.yml +0 -37
  75. package/.next/standalone/.handoffs/archive/handoff-20260612-113332.md +0 -98
  76. package/.next/standalone/.handoffs/archive/handoff-20260612-141032.md +0 -73
  77. package/.next/standalone/.pi/ownership.json +0 -3
  78. package/.next/standalone/AGENTS.md +0 -114
  79. package/.next/standalone/DESIGN.md +0 -521
  80. package/.next/standalone/README.md +0 -821
  81. package/.next/standalone/TODO.md +0 -20
  82. package/.next/standalone/agents/bootstrap-prompt.md +0 -14
  83. package/.next/standalone/agents/wiki-viewer-skill/SKILL.md +0 -456
  84. package/.next/standalone/bin/postbuild.js +0 -78
  85. package/.next/standalone/bin/wiki-viewer.js +0 -922
  86. package/.next/standalone/certificates/localhost-key.pem +0 -28
  87. package/.next/standalone/certificates/localhost.pem +0 -24
  88. package/.next/standalone/docs/agent-collab-plan.md +0 -1615
  89. package/.next/standalone/docs/agent-collab-v2-plan.md +0 -771
  90. package/.next/standalone/docs/agent-fs-plan.md +0 -232
  91. package/.next/standalone/docs/editorial-skin-spec.md +0 -242
  92. package/.next/standalone/docs/file-vs-collab-authority.md +0 -124
  93. package/.next/standalone/docs/mobile-readiness-spec.md +0 -229
  94. package/.next/standalone/docs/workspacing-plan.md +0 -364
  95. package/.next/standalone/packages/wiki-viewer-mcp/README.md +0 -195
  96. package/.next/standalone/packages/wiki-viewer-mcp/bench-e2e.mjs +0 -166
  97. package/.next/standalone/packages/wiki-viewer-mcp/bench-latency.mjs +0 -87
  98. package/.next/standalone/packages/wiki-viewer-mcp/bench-payload.mjs +0 -45
  99. package/.next/standalone/packages/wiki-viewer-mcp/dist/http-client.js +0 -331
  100. package/.next/standalone/packages/wiki-viewer-mcp/dist/index.js +0 -531
  101. package/.next/standalone/packages/wiki-viewer-mcp/dist/register.js +0 -94
  102. package/.next/standalone/packages/wiki-viewer-mcp/dist/state-cache.js +0 -28
  103. package/.next/standalone/packages/wiki-viewer-mcp/package-lock.json +0 -1716
  104. package/.next/standalone/packages/wiki-viewer-mcp/package.json +0 -41
  105. package/.next/standalone/packages/wiki-viewer-mcp/src/http-client.ts +0 -459
  106. package/.next/standalone/packages/wiki-viewer-mcp/src/index.ts +0 -638
  107. package/.next/standalone/packages/wiki-viewer-mcp/src/register.ts +0 -144
  108. package/.next/standalone/packages/wiki-viewer-mcp/src/state-cache.ts +0 -55
  109. package/.next/standalone/packages/wiki-viewer-mcp/tsconfig.json +0 -19
  110. package/.next/standalone/pnpm-lock.yaml +0 -6697
  111. package/.next/standalone/pnpm-workspace.yaml +0 -8
  112. package/.next/standalone/postcss.config.mjs +0 -2
  113. package/.next/standalone/src/app/api/agent/activity/route.ts +0 -59
  114. package/.next/standalone/src/app/api/agent/admin/agents/[agentId]/revoke/route.ts +0 -40
  115. package/.next/standalone/src/app/api/agent/admin/agents/route.ts +0 -33
  116. package/.next/standalone/src/app/api/agent/admin/registrations/[regId]/approve/route.ts +0 -83
  117. package/.next/standalone/src/app/api/agent/admin/registrations/[regId]/deny/route.ts +0 -36
  118. package/.next/standalone/src/app/api/agent/admin/registrations/route.ts +0 -27
  119. package/.next/standalone/src/app/api/agent/events/[...path]/route.ts +0 -148
  120. package/.next/standalone/src/app/api/agent/files/[...path]/route.ts +0 -219
  121. package/.next/standalone/src/app/api/agent/fs/file/[...path]/route.ts +0 -446
  122. package/.next/standalone/src/app/api/agent/fs/ls/[[...path]]/route.ts +0 -152
  123. package/.next/standalone/src/app/api/agent/fs/move/route.ts +0 -130
  124. package/.next/standalone/src/app/api/agent/fs/search/route.ts +0 -272
  125. package/.next/standalone/src/app/api/agent/internal/span/route.ts +0 -121
  126. package/.next/standalone/src/app/api/agent/register/[regId]/route.ts +0 -50
  127. package/.next/standalone/src/app/api/agent/register/route.ts +0 -118
  128. package/.next/standalone/src/app/api/agent/settings/route.ts +0 -34
  129. package/.next/standalone/src/app/api/agent/settings/token/regenerate/route.ts +0 -20
  130. package/.next/standalone/src/app/api/agent/sidecar/[...path]/route.ts +0 -53
  131. package/.next/standalone/src/app/api/agents/install/route.ts +0 -143
  132. package/.next/standalone/src/app/api/agents/skill/route.ts +0 -20
  133. package/.next/standalone/src/app/api/agents/skill.tar.gz/route.ts +0 -87
  134. package/.next/standalone/src/app/api/app-proxy/[...path]/route.ts +0 -247
  135. package/.next/standalone/src/app/api/assets/[...path]/route.ts +0 -75
  136. package/.next/standalone/src/app/api/auth/[...all]/route.ts +0 -7
  137. package/.next/standalone/src/app/api/owner/init/route.ts +0 -14
  138. package/.next/standalone/src/app/api/share/[token]/route.ts +0 -269
  139. package/.next/standalone/src/app/api/share/route.ts +0 -127
  140. package/.next/standalone/src/app/api/system/admins/route.ts +0 -103
  141. package/.next/standalone/src/app/api/system/auth-config/route.ts +0 -22
  142. package/.next/standalone/src/app/api/system/auth-settings/route.ts +0 -86
  143. package/.next/standalone/src/app/api/system/browse/route.ts +0 -82
  144. package/.next/standalone/src/app/api/system/clear-root/route.ts +0 -16
  145. package/.next/standalone/src/app/api/system/config/route.ts +0 -14
  146. package/.next/standalone/src/app/api/system/pins/route.ts +0 -38
  147. package/.next/standalone/src/app/api/system/reveal/route.ts +0 -36
  148. package/.next/standalone/src/app/api/system/root-status/route.ts +0 -13
  149. package/.next/standalone/src/app/api/system/set-root/route.ts +0 -53
  150. package/.next/standalone/src/app/api/system/users/route.ts +0 -120
  151. package/.next/standalone/src/app/api/system/workspaces/[id]/open/route.ts +0 -34
  152. package/.next/standalone/src/app/api/system/workspaces/[id]/refresh/route.ts +0 -32
  153. package/.next/standalone/src/app/api/system/workspaces/[id]/route.ts +0 -78
  154. package/.next/standalone/src/app/api/system/workspaces/route.ts +0 -128
  155. package/.next/standalone/src/app/api/upload/[...path]/route.ts +0 -85
  156. package/.next/standalone/src/app/api/wiki/app/route.ts +0 -60
  157. package/.next/standalone/src/app/api/wiki/backlinks/route.ts +0 -29
  158. package/.next/standalone/src/app/api/wiki/content/route.ts +0 -159
  159. package/.next/standalone/src/app/api/wiki/download/route.ts +0 -100
  160. package/.next/standalone/src/app/api/wiki/file/route.ts +0 -57
  161. package/.next/standalone/src/app/api/wiki/folder/route.ts +0 -34
  162. package/.next/standalone/src/app/api/wiki/git-branches/route.ts +0 -32
  163. package/.next/standalone/src/app/api/wiki/git-checkout/route.ts +0 -45
  164. package/.next/standalone/src/app/api/wiki/git-diff/route.ts +0 -33
  165. package/.next/standalone/src/app/api/wiki/git-file-info/route.ts +0 -27
  166. package/.next/standalone/src/app/api/wiki/git-history/route.ts +0 -27
  167. package/.next/standalone/src/app/api/wiki/git-pull/route.ts +0 -48
  168. package/.next/standalone/src/app/api/wiki/move/route.ts +0 -61
  169. package/.next/standalone/src/app/api/wiki/new-file/route.ts +0 -56
  170. package/.next/standalone/src/app/api/wiki/outlinks/route.ts +0 -76
  171. package/.next/standalone/src/app/api/wiki/page/route.ts +0 -92
  172. package/.next/standalone/src/app/api/wiki/presence/route.ts +0 -56
  173. package/.next/standalone/src/app/api/wiki/route.ts +0 -116
  174. package/.next/standalone/src/app/api/wiki/search/route.ts +0 -44
  175. package/.next/standalone/src/app/api/wiki/slugs/route.ts +0 -54
  176. package/.next/standalone/src/app/api/wiki/upload/route.ts +0 -95
  177. package/.next/standalone/src/app/api/wiki/watch/route.ts +0 -67
  178. package/.next/standalone/src/app/globals.css +0 -1249
  179. package/.next/standalone/src/app/icon.svg +0 -11
  180. package/.next/standalone/src/app/layout.tsx +0 -78
  181. package/.next/standalone/src/app/manifest.ts +0 -30
  182. package/.next/standalone/src/app/page.tsx +0 -3260
  183. package/.next/standalone/src/app/s/[token]/page.tsx +0 -357
  184. package/.next/standalone/src/app/signin/page.tsx +0 -16
  185. package/.next/standalone/src/app/signin/signin-form.tsx +0 -238
  186. package/.next/standalone/src/components/ai-panel/activity-row.tsx +0 -284
  187. package/.next/standalone/src/components/ai-panel/ai-panel.tsx +0 -311
  188. package/.next/standalone/src/components/ai-panel/token-section.tsx +0 -313
  189. package/.next/standalone/src/components/auth-settings-sheet.tsx +0 -474
  190. package/.next/standalone/src/components/confirm-dialog.tsx +0 -56
  191. package/.next/standalone/src/components/dir-picker.tsx +0 -606
  192. package/.next/standalone/src/components/editor/backlinks-panel.tsx +0 -139
  193. package/.next/standalone/src/components/editor/bubble-menu.tsx +0 -346
  194. package/.next/standalone/src/components/editor/callout-extension.ts +0 -36
  195. package/.next/standalone/src/components/editor/comment-pip.tsx +0 -56
  196. package/.next/standalone/src/components/editor/comment-thread.tsx +0 -254
  197. package/.next/standalone/src/components/editor/csv-viewer.tsx +0 -379
  198. package/.next/standalone/src/components/editor/document-outline.tsx +0 -230
  199. package/.next/standalone/src/components/editor/editor-toolbar.tsx +0 -564
  200. package/.next/standalone/src/components/editor/editor.tsx +0 -1327
  201. package/.next/standalone/src/components/editor/extensions/drag-handle.ts +0 -325
  202. package/.next/standalone/src/components/editor/extensions/heading-anchors.ts +0 -55
  203. package/.next/standalone/src/components/editor/extensions/proof-span.ts +0 -60
  204. package/.next/standalone/src/components/editor/extensions/resizable-image.tsx +0 -159
  205. package/.next/standalone/src/components/editor/extensions.ts +0 -150
  206. package/.next/standalone/src/components/editor/file-fallback-viewer.tsx +0 -75
  207. package/.next/standalone/src/components/editor/folder-index.tsx +0 -236
  208. package/.next/standalone/src/components/editor/google-doc-viewer.tsx +0 -73
  209. package/.next/standalone/src/components/editor/image-viewer.tsx +0 -57
  210. package/.next/standalone/src/components/editor/large-file-gate.tsx +0 -108
  211. package/.next/standalone/src/components/editor/link-popover.tsx +0 -111
  212. package/.next/standalone/src/components/editor/media-popover.tsx +0 -212
  213. package/.next/standalone/src/components/editor/media-viewer.tsx +0 -70
  214. package/.next/standalone/src/components/editor/mermaid-viewer.tsx +0 -286
  215. package/.next/standalone/src/components/editor/node-app-viewer.tsx +0 -328
  216. package/.next/standalone/src/components/editor/notebook-viewer.tsx +0 -371
  217. package/.next/standalone/src/components/editor/office/docx-viewer.tsx +0 -93
  218. package/.next/standalone/src/components/editor/office/office-chrome.tsx +0 -83
  219. package/.next/standalone/src/components/editor/office/pptx-viewer.tsx +0 -104
  220. package/.next/standalone/src/components/editor/office/xlsx-viewer.tsx +0 -192
  221. package/.next/standalone/src/components/editor/pdf-viewer.tsx +0 -32
  222. package/.next/standalone/src/components/editor/proof-span-popover.tsx +0 -162
  223. package/.next/standalone/src/components/editor/slash-commands.tsx +0 -629
  224. package/.next/standalone/src/components/editor/source-viewer.tsx +0 -289
  225. package/.next/standalone/src/components/editor/suggest-edit-popover.tsx +0 -229
  226. package/.next/standalone/src/components/editor/suggestion-card.tsx +0 -206
  227. package/.next/standalone/src/components/editor/table-menu.tsx +0 -232
  228. package/.next/standalone/src/components/editor/view-mode-comment-button.tsx +0 -77
  229. package/.next/standalone/src/components/editor/website-viewer.tsx +0 -75
  230. package/.next/standalone/src/components/editor/wiki-link-create-dialog.tsx +0 -189
  231. package/.next/standalone/src/components/editor/wiki-link-decorator.ts +0 -79
  232. package/.next/standalone/src/components/editor/wiki-link-extension.ts +0 -120
  233. package/.next/standalone/src/components/editor/wiki-link-picker.tsx +0 -250
  234. package/.next/standalone/src/components/layout/viewer-toolbar.tsx +0 -54
  235. package/.next/standalone/src/components/search/search-command-dialog.tsx +0 -246
  236. package/.next/standalone/src/components/search/sidebar-search-box.tsx +0 -121
  237. package/.next/standalone/src/components/search/snippet-text.tsx +0 -48
  238. package/.next/standalone/src/components/share-dialog.tsx +0 -307
  239. package/.next/standalone/src/components/theme-provider.tsx +0 -16
  240. package/.next/standalone/src/components/theme-toggle.tsx +0 -24
  241. package/.next/standalone/src/components/ui/badge.tsx +0 -35
  242. package/.next/standalone/src/components/ui/button.tsx +0 -56
  243. package/.next/standalone/src/components/ui/card.tsx +0 -63
  244. package/.next/standalone/src/components/ui/collapsible.tsx +0 -9
  245. package/.next/standalone/src/components/ui/command.tsx +0 -151
  246. package/.next/standalone/src/components/ui/context-menu.tsx +0 -191
  247. package/.next/standalone/src/components/ui/dialog.tsx +0 -119
  248. package/.next/standalone/src/components/ui/dropdown-menu.tsx +0 -194
  249. package/.next/standalone/src/components/ui/input.tsx +0 -22
  250. package/.next/standalone/src/components/ui/label.tsx +0 -25
  251. package/.next/standalone/src/components/ui/popover.tsx +0 -33
  252. package/.next/standalone/src/components/ui/scroll-area.tsx +0 -47
  253. package/.next/standalone/src/components/ui/select.tsx +0 -156
  254. package/.next/standalone/src/components/ui/separator.tsx +0 -30
  255. package/.next/standalone/src/components/ui/sheet.tsx +0 -140
  256. package/.next/standalone/src/components/ui/skeleton.tsx +0 -15
  257. package/.next/standalone/src/components/ui/switch.tsx +0 -28
  258. package/.next/standalone/src/components/ui/tabs.tsx +0 -54
  259. package/.next/standalone/src/components/ui/textarea.tsx +0 -21
  260. package/.next/standalone/src/components/ui/tip.tsx +0 -23
  261. package/.next/standalone/src/components/ui/toggle-group.tsx +0 -41
  262. package/.next/standalone/src/components/ui/tooltip.tsx +0 -27
  263. package/.next/standalone/src/components/view-width-toggle.tsx +0 -70
  264. package/.next/standalone/src/components/wiki/frontmatter-header.tsx +0 -164
  265. package/.next/standalone/src/hooks/use-is-mobile.ts +0 -14
  266. package/.next/standalone/src/lib/app-runner.ts +0 -272
  267. package/.next/standalone/src/lib/auth/admin.ts +0 -120
  268. package/.next/standalone/src/lib/auth/allowlist.ts +0 -50
  269. package/.next/standalone/src/lib/auth/client.ts +0 -4
  270. package/.next/standalone/src/lib/auth/csrf.ts +0 -68
  271. package/.next/standalone/src/lib/auth/server.ts +0 -215
  272. package/.next/standalone/src/lib/cabinets/tree.ts +0 -75
  273. package/.next/standalone/src/lib/config.ts +0 -114
  274. package/.next/standalone/src/lib/embeds/detect.ts +0 -142
  275. package/.next/standalone/src/lib/git-secrets.ts +0 -65
  276. package/.next/standalone/src/lib/git.ts +0 -503
  277. package/.next/standalone/src/lib/google/detect.ts +0 -107
  278. package/.next/standalone/src/lib/markdown/parse-frontmatter.ts +0 -104
  279. package/.next/standalone/src/lib/markdown/remark-wikilinks.ts +0 -100
  280. package/.next/standalone/src/lib/markdown/sanitize-schema.ts +0 -106
  281. package/.next/standalone/src/lib/markdown/to-html.ts +0 -282
  282. package/.next/standalone/src/lib/markdown/to-markdown.ts +0 -252
  283. package/.next/standalone/src/lib/proof/activity-shared.ts +0 -31
  284. package/.next/standalone/src/lib/proof/activity.ts +0 -74
  285. package/.next/standalone/src/lib/proof/audit.ts +0 -88
  286. package/.next/standalone/src/lib/proof/auth.ts +0 -143
  287. package/.next/standalone/src/lib/proof/block-refs.ts +0 -133
  288. package/.next/standalone/src/lib/proof/blocks.ts +0 -73
  289. package/.next/standalone/src/lib/proof/client-auth.ts +0 -23
  290. package/.next/standalone/src/lib/proof/collab-state.ts +0 -81
  291. package/.next/standalone/src/lib/proof/event-bus.ts +0 -47
  292. package/.next/standalone/src/lib/proof/file-lock.ts +0 -43
  293. package/.next/standalone/src/lib/proof/glob.ts +0 -51
  294. package/.next/standalone/src/lib/proof/idempotency.ts +0 -37
  295. package/.next/standalone/src/lib/proof/lease.ts +0 -117
  296. package/.next/standalone/src/lib/proof/mutex.ts +0 -36
  297. package/.next/standalone/src/lib/proof/ops-applier.ts +0 -727
  298. package/.next/standalone/src/lib/proof/owner-auth.ts +0 -2
  299. package/.next/standalone/src/lib/proof/pending.ts +0 -97
  300. package/.next/standalone/src/lib/proof/proof-span.ts +0 -141
  301. package/.next/standalone/src/lib/proof/rate-limit.ts +0 -53
  302. package/.next/standalone/src/lib/proof/raw-fs.ts +0 -197
  303. package/.next/standalone/src/lib/proof/register-rate-limit.ts +0 -53
  304. package/.next/standalone/src/lib/proof/registry.ts +0 -195
  305. package/.next/standalone/src/lib/proof/sidecar.ts +0 -103
  306. package/.next/standalone/src/lib/proof/suggest-capture.ts +0 -69
  307. package/.next/standalone/src/lib/proof/types.ts +0 -182
  308. package/.next/standalone/src/lib/proof-config.ts +0 -14
  309. package/.next/standalone/src/lib/root-dir.ts +0 -35
  310. package/.next/standalone/src/lib/search/indexable-exts.ts +0 -25
  311. package/.next/standalone/src/lib/search/indexer.ts +0 -634
  312. package/.next/standalone/src/lib/search/sanitize.ts +0 -35
  313. package/.next/standalone/src/lib/search/search-db.ts +0 -57
  314. package/.next/standalone/src/lib/search/watcher-pool.ts +0 -79
  315. package/.next/standalone/src/lib/shared-docs/db.ts +0 -177
  316. package/.next/standalone/src/lib/toast.ts +0 -9
  317. package/.next/standalone/src/lib/utils.ts +0 -6
  318. package/.next/standalone/src/lib/wiki-helpers.ts +0 -36
  319. package/.next/standalone/src/lib/workspace-client.ts +0 -82
  320. package/.next/standalone/src/lib/workspace-context.ts +0 -173
  321. package/.next/standalone/src/lib/workspaces.ts +0 -400
  322. package/.next/standalone/src/middleware.ts +0 -44
  323. package/.next/standalone/src/stores/ai-panel-store.ts +0 -79
  324. package/.next/standalone/src/stores/editor-store.ts +0 -439
  325. package/.next/standalone/src/stores/pin-store.ts +0 -56
  326. package/.next/standalone/src/stores/proof-store.ts +0 -124
  327. package/.next/standalone/src/stores/recent-store.ts +0 -51
  328. package/.next/standalone/src/stores/search-store.ts +0 -104
  329. package/.next/standalone/src/stores/show-hidden-store.ts +0 -26
  330. package/.next/standalone/src/stores/sidebar-width-store.ts +0 -39
  331. package/.next/standalone/src/stores/skin-store.ts +0 -42
  332. package/.next/standalone/src/stores/tree-store.ts +0 -52
  333. package/.next/standalone/src/stores/view-width-store.ts +0 -101
  334. package/.next/standalone/src/stores/wiki-slugs-store.ts +0 -75
  335. package/.next/standalone/src/tests/proof/activity-aggregator.test.ts +0 -146
  336. package/.next/standalone/src/tests/proof/admin-create-user.test.ts +0 -43
  337. package/.next/standalone/src/tests/proof/agent-fs.test.ts +0 -973
  338. package/.next/standalone/src/tests/proof/agent-ownership.test.ts +0 -140
  339. package/.next/standalone/src/tests/proof/agent-workspace-scope.test.ts +0 -134
  340. package/.next/standalone/src/tests/proof/agents-install.test.ts +0 -110
  341. package/.next/standalone/src/tests/proof/bench-write.ts +0 -179
  342. package/.next/standalone/src/tests/proof/better-auth.test.ts +0 -68
  343. package/.next/standalone/src/tests/proof/block-refs.test.ts +0 -108
  344. package/.next/standalone/src/tests/proof/blocks.test.ts +0 -92
  345. package/.next/standalone/src/tests/proof/collab-state.test.ts +0 -501
  346. package/.next/standalone/src/tests/proof/comments-ops.test.ts +0 -177
  347. package/.next/standalone/src/tests/proof/editor-roundtrip.test.ts +0 -85
  348. package/.next/standalone/src/tests/proof/external-edit.test.ts +0 -58
  349. package/.next/standalone/src/tests/proof/file-lock.test.ts +0 -80
  350. package/.next/standalone/src/tests/proof/git-branches-checkout.test.ts +0 -136
  351. package/.next/standalone/src/tests/proof/git-read-features.test.ts +0 -473
  352. package/.next/standalone/src/tests/proof/git-secrets.test.ts +0 -138
  353. package/.next/standalone/src/tests/proof/git-sparse.test.ts +0 -257
  354. package/.next/standalone/src/tests/proof/git-workspace.test.ts +0 -135
  355. package/.next/standalone/src/tests/proof/git.test.ts +0 -243
  356. package/.next/standalone/src/tests/proof/glob.test.ts +0 -82
  357. package/.next/standalone/src/tests/proof/helpers/auth-session.ts +0 -27
  358. package/.next/standalone/src/tests/proof/markdown-to-html.test.ts +0 -46
  359. package/.next/standalone/src/tests/proof/ops-applier.test.ts +0 -368
  360. package/.next/standalone/src/tests/proof/owner-init.test.ts +0 -2
  361. package/.next/standalone/src/tests/proof/parse-frontmatter.test.ts +0 -60
  362. package/.next/standalone/src/tests/proof/preload.ts +0 -21
  363. package/.next/standalone/src/tests/proof/proof-span.test.ts +0 -98
  364. package/.next/standalone/src/tests/proof/rate-limit.test.ts +0 -54
  365. package/.next/standalone/src/tests/proof/readonly-enforcement.test.ts +0 -161
  366. package/.next/standalone/src/tests/proof/reconcile-sidecar.test.ts +0 -195
  367. package/.next/standalone/src/tests/proof/registration-flow.test.ts +0 -330
  368. package/.next/standalone/src/tests/proof/registry.test.ts +0 -169
  369. package/.next/standalone/src/tests/proof/routes.test.ts +0 -516
  370. package/.next/standalone/src/tests/proof/search-index.test.ts +0 -376
  371. package/.next/standalone/src/tests/proof/sidecar-lifecycle.test.ts +0 -177
  372. package/.next/standalone/src/tests/proof/sidecar-trim.test.ts +0 -58
  373. package/.next/standalone/src/tests/proof/suggestion-ops.test.ts +0 -280
  374. package/.next/standalone/src/tests/proof/wiki-content-put.test.ts +0 -140
  375. package/.next/standalone/src/tests/proof/wiki-routes-auth.test.ts +0 -208
  376. package/.next/standalone/src/tests/proof/workspace-isolation.test.ts +0 -87
  377. package/.next/standalone/src/tests/proof/workspaces-api.test.ts +0 -227
  378. package/.next/standalone/src/types/index.ts +0 -47
  379. package/.next/standalone/tailwind.config.ts +0 -191
  380. package/.next/standalone/tsconfig.json +0 -41
  381. package/.next/standalone/tsconfig.tsbuildinfo +0 -1
  382. /package/.next/standalone/.next/static/{WMOTgfV82apmdovxzgbMx → rRyvFORvJoc5OWbCR2A_P}/_buildManifest.js +0 -0
  383. /package/.next/standalone/.next/static/{WMOTgfV82apmdovxzgbMx → rRyvFORvJoc5OWbCR2A_P}/_clientMiddlewareManifest.js +0 -0
  384. /package/.next/standalone/.next/static/{WMOTgfV82apmdovxzgbMx → rRyvFORvJoc5OWbCR2A_P}/_ssgManifest.js +0 -0
@@ -1,821 +0,0 @@
1
- <div align="center">
2
- <img src="public/logo.svg" width="80" height="80" alt="wiki-viewer logo" />
3
- <h1>wiki-viewer</h1>
4
- <p><strong>Browse, read, and edit your local files from a clean web UI. Now with multi-user auth and an HTTP API for AI agents.</strong></p>
5
- <p>
6
- Markdown · PDF · Office docs · Notebooks · Images · Code · and more
7
- </p>
8
-
9
- <p>
10
- <a href="https://www.npmjs.com/package/wiki-viewer"><img src="https://img.shields.io/npm/v/wiki-viewer" alt="npm version" /></a>
11
- <img src="https://img.shields.io/badge/node-%3E%3D18-brightgreen" alt="Node.js ≥18" />
12
- <img src="https://img.shields.io/badge/license-MIT-blue" alt="MIT license" />
13
- </p>
14
- </div>
15
-
16
- ---
17
-
18
- ## What is it?
19
-
20
- **wiki-viewer** is a local-or-remote file browser and editor you run from your terminal. It starts a small web server and lets you navigate, read, and edit any directory on your machine.
21
-
22
- Originally a zero-config single-user tool, it now supports:
23
-
24
- - Multi-user sign-in (Google OAuth or email + password) for teams of 3 to 10 sharing a VPS.
25
- - An HTTP API for AI agents with **two tiers**: a raw filesystem (read/write/edit/list/search/move/delete for **all file types**) for fast filework, and a Markdown collaboration layer with provenance marks, comments, suggestions, and revision-checked mutations.
26
- - A **working-vs-collaborating** safety model: when you have a Markdown doc open, agents automatically defer to the reviewable collab path instead of overwriting it.
27
- - Per-agent registration and scoped tokens. No shared bearer secret.
28
- - An optional `npx wiki-viewer-mcp` adapter so MCP-capable agents (Claude Code, Cursor, Codex) get native file tools against a remote instance.
29
- - Full-text search (FTS5), public share links with optional password and expiry, git-backed read-only workspaces with history and diffs, and a Launch button to run any `package.json` app in place.
30
-
31
- Single-user, no-auth mode still works. Auth turns on automatically once anyone signs up.
32
-
33
- ---
34
-
35
- ## Features
36
-
37
- | Category | What's included |
38
- | ---------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
39
- | **File viewers** | Markdown (with frontmatter), PDF, images (PNG / JPG / SVG / WebP), video & audio, CSV (table view), source code (syntax highlighting), DOCX, XLSX, PPTX, Jupyter notebooks, Mermaid diagrams, HTML |
40
- | **Editor** | Rich TipTap editor for Markdown files, with an exit-edit toggle to flip between read and edit modes |
41
- | **File ops** | Upload files, create folders, delete, drag-to-move |
42
- | **Search** | Full-text search across the whole workspace, backed by SQLite FTS5 (BM25 ranking). Incremental indexing via file watcher. App and `.git` contents skipped. |
43
- | **Sharing** | Generate public, read-only share links for any file. Optional password protection and expiry date. View counts tracked. |
44
- | **Node apps** | A directory with a `package.json` becomes runnable: a Launch button starts any npm script (or the default), proxied through the viewer with live status and logs. |
45
- | **Git repos** | Add a remote git repo (GitHub, GitLab, Bitbucket, Gitea, GHE) as a read-only workspace. Clones on the server, browse with the full viewer, refresh on demand. Private repos via access token. Per-file commit history, diffs, last-commit metadata, and a branch switcher for git-backed content. |
46
- | **Wiki links** | `[[page-name]]` links between Markdown files |
47
- | **Layout** | Resizable sidebar (persisted), content width (narrow / normal / wide) and alignment (center / left), selectable Editorial reading skin. Mobile-responsive. |
48
- | **PWA** | Web app manifest, Apple meta tags, home-screen icons. Installable to the home screen. |
49
- | **Dark mode** | System-aware, with manual toggle |
50
- | **Auth** | Google OAuth and email + password via [Better Auth](https://better-auth.com). Email allowlist. SQLite-backed sessions. |
51
- | **AI agents** | Per-agent HTTP API. Trust On First Use registration. Comments, suggestions, inline provenance marks (`<proof-span>`). Block-level revision check. Idempotency keys. Per-IP rate limiting. |
52
- | **HTTPS** | Required for remote access. Self-signed cert (OpenSSL), trusted local cert (mkcert), or your own TLS in front of plain HTTP. |
53
-
54
- ---
55
-
56
- ## Quick start
57
-
58
- ```bash
59
- # Guided setup: directory, host/port, HTTPS, app settings, and optional
60
- # install as a reboot-persistent service. Recommended for first run.
61
- npx wiki-viewer init
62
-
63
- # Or run directly. Point it at a directory
64
- npx wiki-viewer ~/notes
65
-
66
- # No directory? Pick one in the browser
67
- npx wiki-viewer
68
-
69
- # Running on a remote machine? HTTPS is required (see note below)
70
- npx wiki-viewer ~/notes --https
71
- ```
72
-
73
- The wizard walks you through every option and writes `~/.wiki-viewer/config.json`, so you do not have to remember flags. You can re-run it any time, or edit the config with `wiki-viewer config set`.
74
-
75
- Open **http://localhost:3000** (or **https://localhost:3000** with `--https`).
76
-
77
- To switch between directories later, use the **workspace switcher** at the bottom of the sidebar. Each _workspace_ is a registered root directory; you can run several at once with no state bleed (open different workspaces in different browser tabs). See [Workspaces](#workspaces) below. No restart needed.
78
-
79
- On first run with no users in the database, the app works in single-user mode and any visitor on `localhost` can sign up. Set `AUTH_ALLOWED_DOMAIN` or `AUTH_ALLOWED_EMAILS` before exposing the server to anyone else.
80
-
81
- > ⚠️ **Running on a remote host?** The app must be accessed over **HTTPS**. Browsers gate several APIs (service workers, PDF.js, secure-context features) behind HTTPS. Plain HTTP only works on `localhost`.
82
-
83
- ### CLI options
84
-
85
- ```
86
- wiki-viewer [directory] [options]
87
-
88
- directory Directory to serve (optional — pick in the browser if omitted)
89
-
90
- Options:
91
- -p, --port <port> Port to listen on (default: 3000)
92
- -H, --host <host> Host to bind to (default: localhost)
93
- --https Enable HTTPS (self-signed cert, required on remote)
94
- --no-auth No sign-in, no session (open to anyone on the network)
95
- -v, --version Print version
96
- -h, --help Show this help message
97
-
98
- Commands:
99
- service install [dir] [options] Install as a user service (persists across reboot)
100
- service uninstall Remove the user service
101
- service status Show service status
102
- service logs Tail service logs
103
- service restart Restart the service
104
- update Update to the latest version and restart the service
105
- ```
106
-
107
- Examples:
108
-
109
- ```bash
110
- # Custom port
111
- npx wiki-viewer ~/notes -p 8080
112
-
113
- # Bind to all interfaces (accessible on your local network)
114
- npx wiki-viewer ~/notes -H 0.0.0.0
115
-
116
- # HTTPS on a custom port
117
- npx wiki-viewer ~/notes --https -p 8443
118
- ```
119
-
120
- ### Run as a service (reboot persistence)
121
-
122
- Install wiki-viewer as a user service so it starts at boot and restarts on failure. Linux uses `systemd --user`, macOS uses a launchd LaunchAgent. No root needed.
123
-
124
- ```bash
125
- # Install with the run config you want (dir, host, port, https)
126
- wiki-viewer service install ~/notes -H 0.0.0.0 -p 3003 --https
127
-
128
- # Manage it
129
- wiki-viewer service status
130
- wiki-viewer service logs
131
- wiki-viewer service restart
132
- wiki-viewer service uninstall
133
- ```
134
-
135
- The run config is saved to `~/.wiki-viewer/config.json`. Edit that file and run `wiki-viewer service restart` to change settings without reinstalling. To change the served directory at runtime, use the workspace switcher in the sidebar (see [Workspaces](#workspaces)).
136
-
137
- On Linux, install enables lingering (`loginctl enable-linger`) so the service runs without an active login session and survives reboot. If that step needs privileges, the installer prints the command to run manually.
138
-
139
- > Ad-hoc runs like `wiki-viewer ~/docs` ignore the saved bind (dir/host/port), but still read app env from `config.json`. Only the service (and `wiki-viewer service run`) reads the full config.
140
-
141
- ### App configuration (env)
142
-
143
- App settings (OAuth keys, allowlists, rate limits) are env vars. You can keep them in the config file instead of exporting them, and the service will load them on every start.
144
-
145
- ```bash
146
- # Set at install time
147
- wiki-viewer service install ~/notes --env GOOGLE_CLIENT_ID=... --env GOOGLE_CLIENT_SECRET=...
148
-
149
- # Or manage them later
150
- wiki-viewer config set AUTH_ALLOWED_DOMAIN=example.com
151
- wiki-viewer config set AGENT_RATE_LIMIT=120
152
- wiki-viewer config unset AGENT_RATE_LIMIT
153
- wiki-viewer config show
154
- wiki-viewer service restart # apply changes
155
- ```
156
-
157
- These land in the `env` block of `config.json`:
158
-
159
- ```json
160
- {
161
- "rootDir": "/home/you/notes",
162
- "host": "0.0.0.0",
163
- "port": "3003",
164
- "https": true,
165
- "env": {
166
- "GOOGLE_CLIENT_ID": "...",
167
- "AUTH_ALLOWED_DOMAIN": "example.com"
168
- }
169
- }
170
- ```
171
-
172
- **Precedence:** a variable exported in your shell always wins, then the `env` block in `config.json`, then values the CLI derives for you. So you can still override anything per run with `KEY=VALUE wiki-viewer ...` or `--env KEY=VALUE`.
173
-
174
- **`BETTER_AUTH_URL` is derived automatically** from the host, port, and scheme you run with, so the common case needs no config. On `localhost` over HTTP the CLI also sets `WIKI_ALLOW_INSECURE=1` for you (browsers treat localhost as a secure context). If you serve plain HTTP on a non-local host the CLI prints a warning, because login cookies and service workers will not work there. Use `--https`, or terminate TLS in a proxy and set `BETTER_AUTH_URL` to its public `https://` URL via `config set` or your shell.
175
-
176
- ### Update
177
-
178
- ```bash
179
- wiki-viewer update
180
- ```
181
-
182
- Updates the global install to the latest version (npm/pnpm/yarn auto-detected) and restarts the service if one is installed.
183
-
184
- ---
185
-
186
- ## Workspaces
187
-
188
- A **workspace** is a registered root directory. One running wiki-viewer can
189
- serve many workspaces at once, fully isolated from each other:
190
-
191
- - Two browser tabs can each open a different workspace (via a `?ws=<id>` URL
192
- param) and edit files concurrently. Edit leases, write locks, idempotency
193
- keys, collab sidecars, and the audit log are all namespaced per workspace —
194
- a `notes.md` in workspace A never collides with a `notes.md` in workspace B.
195
- - AI agents target a workspace with an `X-Workspace: <id>` header (or `?ws=`).
196
- An agent's grant may be pinned to one workspace; requests that resolve to a
197
- different workspace are rejected `403 FORBIDDEN`. Agents registered without a
198
- workspace id keep working across all workspaces (wildcard).
199
-
200
- ### Switching and creating
201
-
202
- The sidebar footer shows the active workspace. Click it to switch between the
203
- workspaces you can access, or (admins only) **Add workspace…** to register a
204
- new root directory. Switching navigates to `?ws=<id>` and resets the view.
205
-
206
- The legacy single-directory flow is unchanged: launching with `ROOT_DIR` or
207
- `wiki-viewer <dir>` auto-registers that directory as the first workspace, and a
208
- single-workspace install behaves exactly as before (no `?ws=` needed).
209
-
210
- ### Git-backed workspaces (read-only)
211
-
212
- Teams that keep docs in a git repo can browse them with the full viewer instead
213
- of reading raw files on a host like GitHub. In the directory picker, switch to
214
- **From Git**, paste a repository URL, and the server clones it into a managed
215
- workspace under `~/.wiki-viewer/repos/<id>/`.
216
-
217
- - **Read-only.** The clone is served for reading only. Every file-mutating route
218
- (editor saves, uploads, moves, deletes, and both agent API tiers) is rejected
219
- `403 WORKSPACE_READ_ONLY`. Edits belong upstream in git, not here.
220
- - **Any git host.** Works with GitHub, GitLab, Bitbucket, Gitea, and self-hosted
221
- GitHub Enterprise. Only `https://` URLs are accepted by default.
222
- - **Private repos.** Supply an access token (PAT). It is stored on the server in
223
- `~/.wiki-viewer/git-secrets.json` (chmod 0600), never written to `config.json`,
224
- never logged, and never returned by any API. Some hosts need a specific
225
- username (GitLab uses `oauth2`, Bitbucket uses your account username).
226
- - **Refresh.** Git workspaces show a **Refresh** button in the switcher. It runs
227
- `git pull --ff-only` to pull the latest commit. Refresh is manual by design,
228
- so there is no background polling or webhook to configure.
229
- - **Branch.** Leave the branch blank to track the default branch, or pin a
230
- specific one. Git-backed content shows a **branch switcher** in the UI to
231
- check out any branch on demand, plus a branch badge.
232
- - **History and diffs.** For files inside a git repo (including sub-folder repos
233
- detected automatically), the viewer surfaces per-file commit history, the diff
234
- for each commit, and last-commit metadata (author, date, message).
235
- - **Subdirectory.** If the docs live in a subfolder (for example `docs/`),
236
- set the optional **Subdirectory** field. The server does a blobless sparse
237
- checkout that fetches only that subtree, so a large repo with a small docs
238
- folder clones fast and uses little disk. The workspace then serves only that
239
- folder. Leave it blank to serve the whole repo.
240
-
241
- Host policy is configurable in `config.json` under a `git` block: set
242
- `git.allowedHosts` (a list) to restrict which hosts can be cloned, or
243
- `git.allowInsecureHttp: true` to permit plain `http://` for a trusted internal
244
- host. Both are optional; the default allows any `https://` host.
245
-
246
- ### Admins and access control
247
-
248
- Workspace management is **admin-gated** (organizational access control, not
249
- OS-level permissions):
250
-
251
- - The **first user to sign up** becomes an admin automatically. Admins can
252
- promote/demote other users from the settings sheet (gear icon → **Admins**).
253
- Seed or override admins headlessly with `WIKI_ADMIN_EMAILS` (csv).
254
- - Only admins can create/delete workspaces and edit a workspace's allowed-user
255
- list (`allowedUserIds`). An empty allow-list means any signed-in user may
256
- open the workspace (the default). Non-admins with access get full file
257
- read/write on the workspaces they can see.
258
- - Admin state lives in `~/.wiki-viewer/config.json` (`adminUserIds`), workspace
259
- records under `workspaces[]`.
260
-
261
- > Note: removing a workspace only unregisters it — the directory on disk is
262
- > never touched. The last admin cannot be demoted unless `WIKI_ADMIN_EMAILS`
263
- > provides a fallback.
264
-
265
- ## Search
266
-
267
- Full-text search runs across the whole active workspace. Press the search box
268
- in the sidebar, type a query, and results rank by relevance.
269
-
270
- - **FTS5 + BM25.** Backed by a SQLite FTS5 index, separate from `auth.db`, in
271
- `~/.wiki-viewer/`. Ranking uses BM25.
272
- - **Incremental.** A background initial scan builds the index on first use, then
273
- a file watcher keeps it current as files change. Search returns results from
274
- whatever is already indexed, so it is usable while the first scan runs.
275
- - **Scoped per workspace.** Each workspace has its own index. Deleting a
276
- workspace purges its index. Node-app directories and `.git`, `node_modules`,
277
- `.next`, `.proof` are skipped. Body indexing is capped at 1 MiB per file.
278
-
279
- ## Sharing documents
280
-
281
- Generate a public, read-only link to any file so people without an account can
282
- read it.
283
-
284
- - Open a file and use **Share** to mint a link. It serves a rendered, read-only
285
- view at `/share/<token>`.
286
- - **Password (optional).** Protect a link with a password; only the hash is
287
- stored. Visitors unlock before reading.
288
- - **Expiry (optional).** Set a number of days; the link returns `410` once
289
- expired.
290
- - **View counts.** Each open increments a counter visible in the share dialog.
291
-
292
- Share links are managed per file. Creating a link requires being signed in;
293
- reading one does not.
294
-
295
- ## Node apps
296
-
297
- Any directory containing a `package.json` is treated as a runnable node app. In
298
- the file browser it shows a **Launch** button.
299
-
300
- - **Pick a script.** Launch runs the default script (`start`, then `preview`
301
- when a `dist/` exists, then `dev`), or you choose any script from the
302
- package's `scripts`. A package with only a `main` entry runs that.
303
- - **Proxied.** The child process binds a free local port and is proxied through
304
- the viewer under `/app-proxy/`, so you view the running app inside
305
- wiki-viewer. Live status (`installing` / `starting` / `running` / `error`)
306
- and logs are shown.
307
- - **Package manager auto-detected.** pnpm / yarn / npm based on the lockfile.
308
- - A directory with an `index.html` but no `package.json` is served as a static
309
- app instead.
310
-
311
- > Launching runs arbitrary project code on the host. Only launch apps you
312
- > trust. Git-backed (read-only) workspaces still run apps but reject writes.
313
-
314
- ## Auth and multi-user mode
315
-
316
- wiki-viewer uses [Better Auth](https://better-auth.com) with SQLite. State lives at `~/.wiki-viewer/auth.db` (WAL mode) and `~/.wiki-viewer/auth.secret` (chmod 0600). Both are created on first start. Set `BETTER_AUTH_SECRET` in the environment to override the file-stored secret.
317
-
318
- Sign-in providers:
319
-
320
- - **Google OAuth.** Enabled when both `GOOGLE_CLIENT_ID` and `GOOGLE_CLIENT_SECRET` are set.
321
- - **Email + password.** Enabled by default. No verification email is sent.
322
-
323
- ### Require Google sign-in only
324
-
325
- To turn off email/password and force Google OAuth, set `AUTH_DISABLE_PASSWORD=1`:
326
-
327
- ```bash
328
- wiki-viewer config set AUTH_DISABLE_PASSWORD=1
329
- wiki-viewer service restart
330
- ```
331
-
332
- The sign-in page then shows only the Google button. As a safety guard, this is ignored unless a Google provider is configured, so you cannot lock yourself out: if `GOOGLE_CLIENT_ID`/`GOOGLE_CLIENT_SECRET` are missing, email/password stays on and a warning is logged.
333
-
334
- ### Linking Google to an existing account
335
-
336
- Better Auth only auto-links a Google sign-in to an existing account when both sides have a verified email. If you created a password account first (with an unverified email) and then try Google sign-in with the same address, you get an `account_not_linked` error.
337
-
338
- To force linking, list the provider in `AUTH_TRUSTED_PROVIDERS`:
339
-
340
- ```bash
341
- wiki-viewer config set AUTH_TRUSTED_PROVIDERS=google
342
- wiki-viewer service restart
343
- ```
344
-
345
- This links Google to the existing account even when its email is unverified. It slightly raises account-takeover risk, so enable it only when you control the accounts (for example, consolidating your own login onto Google).
346
-
347
- ### Email allowlist
348
-
349
- By default any email can sign up. Lock it down before exposing the server.
350
-
351
- There are two ways to set the allowlist. The settings sheet is the easy path; env vars are the fallback for headless or scripted deploys.
352
-
353
- **From the UI (recommended).** Click the gear icon in the sidebar toolbar to open Signup allowlist. Enter allowed emails and domains, one per line or comma-separated, then save. Changes are stored in `~/.wiki-viewer/config.json` and apply on the next signup with no restart. Clearing both lists reverts to the environment variables below.
354
-
355
- **From the environment.** Set either or both before starting the server:
356
-
357
- ```bash
358
- # Allow specific accounts
359
- export AUTH_ALLOWED_EMAILS="alice@team.com,bob@team.com"
360
-
361
- # Or whole domains (csv)
362
- export AUTH_ALLOWED_DOMAIN="team.com,partner.org"
363
- ```
364
-
365
- **Precedence.** If the UI allowlist in `config.json` is non-empty, it wins and the env vars are ignored. If it is empty, the env vars are used. If neither is set, any email can sign up. When both an email and a domain list apply, either match grants access.
366
-
367
- ### Production guard
368
-
369
- In production, the server refuses to boot unless `BETTER_AUTH_URL` is set to an `https://` origin. This prevents accidentally serving auth cookies over plain HTTP.
370
-
371
- ```bash
372
- export BETTER_AUTH_URL="https://wiki.team.com"
373
- ```
374
-
375
- For development or local smoke tests, set `WIKI_ALLOW_INSECURE=1` to bypass the guard.
376
-
377
- ### CSRF and trusted origins
378
-
379
- All state-changing routes (`POST` / `PUT` / `DELETE` / `PATCH`) under `/api/wiki/*` and `/api/system/*` check the request's `Origin` header against an allowlist. Cross-origin requests with a session cookie are rejected with `403 FORBIDDEN`.
380
-
381
- By default the allowlist includes `localhost` and `127.0.0.1`. Add hostnames you actually browse from:
382
-
383
- ```bash
384
- export WIKI_OWNER_HOSTS="wiki.team.com,office.lan"
385
- ```
386
-
387
- Do not place wiki-viewer behind a reverse proxy that rewrites `Host`. The Origin check assumes the browser-visible hostname matches what wiki-viewer sees. Bind to loopback and front with a TLS-terminating proxy that preserves the original `Host` (nginx `proxy_set_header Host $host;` or Caddy default).
388
-
389
- ### Rate limits
390
-
391
- | Endpoint | Default |
392
- | ----------------- | ------------------------- |
393
- | `/sign-in/email` | 20 requests / 60 seconds |
394
- | `/sign-up/email` | 10 requests / 60 seconds |
395
- | Other auth routes | 100 requests / 60 seconds |
396
-
397
- Rate limiting is disabled in development (`NODE_ENV !== "production"`).
398
-
399
- ### Recovering a locked-out account
400
-
401
- The rate limiter stores counts in memory. Restart the server to clear it.
402
-
403
- To delete and re-create a user from scratch:
404
-
405
- ```bash
406
- sqlite3 ~/.wiki-viewer/auth.db "DELETE FROM user WHERE email='you@team.com';"
407
- sqlite3 ~/.wiki-viewer/auth.db "DELETE FROM account WHERE userId NOT IN (SELECT id FROM user);"
408
- sqlite3 ~/.wiki-viewer/auth.db "DELETE FROM session WHERE userId NOT IN (SELECT id FROM user);"
409
- ```
410
-
411
- Then sign up again.
412
-
413
- ### Editor save conflicts
414
-
415
- The Markdown editor now sends a `baseRevision` with every save. If another user (or an agent) modified the file in the meantime, the server returns `409 STALE_REVISION` and the editor silently reloads the new content. Your in-progress edits in that tab are lost. Reload before making large changes if you know someone else is also editing.
416
-
417
- ---
418
-
419
- ## Working with AI agents
420
-
421
- wiki-viewer exposes an HTTP API so agents (Claude, Cursor, ChatGPT desktop, custom scripts) can work with files in a running instance — locally or remotely — almost as if they were on their own filesystem. There are **two tiers**, sharing one auth/scope/lock spine:
422
-
423
- - **Tier 1 — Raw filesystem** (`/api/agent/fs/*`): `read`, `write`, `edit`, `list`, `search`, `move`, `delete` for **every file type** (code, configs, PDFs, notebooks, Markdown — anything). Fast, boring, byte-accurate. Mutations are audited.
424
- - **Tier 2 — Markdown collaboration** (`/api/agent/files/*`): structured block-ops where every AI-authored insert is wrapped in an inline `<proof-span>` mark so the human reviewer can see, accept, or revert each change, plus comments and suggestions. Tier-2 is API-compatible in spirit with [Proof SDK](https://github.com/EveryInc/proof-sdk).
425
-
426
- ### Which tier? Working mode vs collaborating mode
427
-
428
- Before editing a Markdown file, an agent reads it and checks the **`X-Collab-State`** response header:
429
-
430
- | `X-Collab-State` | Meaning | Agent uses |
431
- | ---------------- | ---------------------------------------------------------------- | ------------------------------------------------------------------------------- |
432
- | `active` | A human has the doc open, or it has pending suggestions/comments | **Tier-2 block-ops** (reviewable). A raw write is rejected `409 COLLAB_ACTIVE`. |
433
- | `tracked` | Has a collab sidecar, nobody editing now | Prefer Tier-2 for prose; raw OK for mechanical edits |
434
- | `untracked` | Plain Markdown, never collaborated on | Either tier |
435
- | `not-markdown` | Any non-`.md` file | **Tier-1 raw only** |
436
-
437
- This is enforced, not advisory: the collab state is re-checked atomically inside the write lock, so an agent can never silently clobber a doc you just opened. The browser editor sends a presence heartbeat to drive the `active` state. See [`docs/file-vs-collab-authority.md`](docs/file-vs-collab-authority.md) for the full authority model.
438
-
439
- The protocol is intentionally API-compatible in spirit with [Proof SDK](https://github.com/EveryInc/proof-sdk).
440
-
441
- ### Trust On First Use registration
442
-
443
- Each agent gets its own bearer token tied to a stable identity. No shared secret.
444
-
445
- 1. Agent calls `POST /api/agent/register` with `id`, `displayName`, and requested `scope`.
446
- 2. Server returns `registrationId` and `pollUrl`. The id itself is the pickup secret.
447
- 3. Owner opens the AI Panel, sees the pending request, clicks **Approve**.
448
- 4. Agent polls and receives a one-shot `token`. Pickup deletes the token from the server.
449
- 5. Agent sends `Authorization: Bearer <token>` and `X-Agent-Id: <id>` on every later request.
450
-
451
- The registry lives in `~/.wiki-viewer/agents.json`. Only SHA-256 hashes of tokens are stored.
452
-
453
- ### Distribute the agent skill
454
-
455
- The running server exposes itself as an installable [Agent Skill](https://github.com/anthropics/skills):
456
-
457
- ```bash
458
- # Claude Code, Codex, Cursor, OpenCode
459
- npx skills add anh-chu/wiki-viewer/agents/wiki-viewer-skill
460
- ```
461
-
462
- For any chat agent, paste the bootstrap prompt from `<your-server>/agents/install` (also visible in the AI Panel). The agent fetches `/api/agents/install` and learns the full op vocabulary at runtime.
463
-
464
- ### Tier 1 — raw filesystem
465
-
466
- Work with any file type. All routes take `Authorization: Bearer <token>` + `X-Agent-Id`, are scope-checked, and reject path traversal, symlink escapes, and anything under `.proof/`.
467
-
468
- ```bash
469
- # Read (bytes; ETag is the sha256, supports Range, returns X-Collab-State)
470
- curl -sD- -H "Authorization: Bearer $TOKEN" -H "X-Agent-Id: ai:claude" \
471
- https://wiki.team.com/api/agent/fs/file/src/util.ts
472
-
473
- # Write/overwrite (atomic). If-Match: <sha256> is required to overwrite;
474
- # omit it to create. ?mkdirs=true creates parent dirs. ?force=true overrides (audited).
475
- curl -s -X PUT -H "Authorization: Bearer $TOKEN" -H "X-Agent-Id: ai:claude" \
476
- -H "If-Match: <sha256-from-read>" --data-binary @util.ts \
477
- https://wiki.team.com/api/agent/fs/file/src/util.ts
478
-
479
- # List a directory (scope-filtered)
480
- curl -s -H "Authorization: Bearer $TOKEN" -H "X-Agent-Id: ai:claude" \
481
- "https://wiki.team.com/api/agent/fs/ls/src?recursive=true&limit=500"
482
-
483
- # Search (server-side; kills round-trips)
484
- curl -s -X POST -H "Authorization: Bearer $TOKEN" -H "X-Agent-Id: ai:claude" \
485
- -H "Content-Type: application/json" \
486
- -d '{"kind":"grep","query":"TODO","glob":"**/*.ts"}' \
487
- https://wiki.team.com/api/agent/fs/search
488
-
489
- # Move and delete (delete needs the `delete` scope + If-Match)
490
- curl -s -X POST -H "Authorization: Bearer $TOKEN" -H "X-Agent-Id: ai:claude" \
491
- -H "Content-Type: application/json" -d '{"from":"a.md","to":"b.md"}' \
492
- https://wiki.team.com/api/agent/fs/move
493
- curl -s -X DELETE -H "Authorization: Bearer $TOKEN" -H "X-Agent-Id: ai:claude" \
494
- -H "If-Match: <sha256>" https://wiki.team.com/api/agent/fs/file/old.md
495
- ```
496
-
497
- Mutating a Markdown file via raw write emits a `file.rawWritten` event and re-binds the collab sidecar; if the doc is `active` it is rejected `409 COLLAB_ACTIVE` (use Tier-2 instead). Use the **`npx wiki-viewer-mcp`** adapter to get all of this as standard MCP file tools — it handles `If-Match`, mode-awareness, and edit-via-read-then-write for you.
498
-
499
- ### Tier 2 — op vocabulary (Markdown)
500
-
501
- Block-level edits (revision-checked, idempotent):
502
-
503
- ```json
504
- { "type": "block.replace", "ref": "b7f2c1", "markdown": "New content." }
505
- { "type": "block.insertAfter", "ref": "b7f2c1", "markdown": "..." }
506
- { "type": "block.insertBefore", "ref": "b7f2c1", "markdown": "..." }
507
- { "type": "block.delete", "ref": "b7f2c1" }
508
- { "type": "block.append", "markdown": "..." }
509
- { "type": "block.prepend", "markdown": "..." }
510
- ```
511
-
512
- Comments and suggestions:
513
-
514
- ```json
515
- { "type": "comment.add", "ref": "b7f2c1", "text": "Why end of June?" }
516
- { "type": "comment.reply", "commentId": "c4a1", "text": "API freeze." }
517
- { "type": "comment.resolve", "commentId": "c4a1" }
518
- { "type": "suggestion.add", "ref": "b7f2c1", "kind": "replace", "markdown": "...",
519
- "basis": "described", "basisDetail": "user asked" }
520
- { "type": "suggestion.accept", "suggestionId": "s3b2" }
521
- ```
522
-
523
- See [`docs/agent-collab-plan.md`](docs/agent-collab-plan.md) for the full spec: snapshot shape, event log, suggestion lifecycle, provenance attribute rules, and edge cases.
524
-
525
- ### Key routes
526
-
527
- Anonymous:
528
-
529
- | Method | Path | Description |
530
- | ------ | ----------------------------- | ----------------------------------------------- |
531
- | `POST` | `/api/agent/register` | Request registration. Returns `registrationId`. |
532
- | `GET` | `/api/agent/register/<regId>` | Poll status. Returns token once approved. |
533
- | `GET` | `/api/agents/install` | Discovery JSON for agents. |
534
- | `GET` | `/api/agents/skill` | Raw SKILL.md. |
535
- | `GET` | `/api/agents/skill.tar.gz` | Skill as gzip tarball. |
536
-
537
- Owner-only (session cookie):
538
-
539
- | Method | Path | Description |
540
- | ------ | ------------------------------------------------ | --------------------------- |
541
- | `GET` | `/api/agent/admin/registrations` | List pending registrations. |
542
- | `POST` | `/api/agent/admin/registrations/<regId>/approve` | Approve, mint token. |
543
- | `POST` | `/api/agent/admin/registrations/<regId>/deny` | Deny. |
544
- | `GET` | `/api/agent/admin/agents` | List your approved agents. |
545
- | `POST` | `/api/agent/admin/agents/<id>/revoke` | Revoke an agent. |
546
-
547
- Agent routes (bearer + `X-Agent-Id`, scope-checked):
548
-
549
- | Method | Path | Required scope | Tier |
550
- | -------- | ---------------------------------------- | --------------------- | ---- |
551
- | `GET` | `/api/agent/fs/file/<path>` | `read` + path match | 1 |
552
- | `PUT` | `/api/agent/fs/file/<path>` | `mutate` + path match | 1 |
553
- | `DELETE` | `/api/agent/fs/file/<path>` | `delete` + path match | 1 |
554
- | `GET` | `/api/agent/fs/ls/<path>` | `read` + path match | 1 |
555
- | `POST` | `/api/agent/fs/move` | `mutate` (src+dest) | 1 |
556
- | `POST` | `/api/agent/fs/search` | `read` (per match) | 1 |
557
- | `GET` | `/api/agent/files/<path.md>` | `read` + path match | 2 |
558
- | `POST` | `/api/agent/files/<path.md>` | `mutate` + path match | 2 |
559
- | `GET` | `/api/agent/events/<path.md>?after=<id>` | `read` + path match | 2 |
560
- | `POST` | `/api/agent/events/<path.md>` | `read` + path match | 2 |
561
- | `GET` | `/api/agent/sidecar/<path.md>` | `read` + path match | 2 |
562
- | `GET` | `/api/agent/settings` | `read` | — |
563
- | `GET` | `/api/agent/activity` | `read` | — |
564
-
565
- Scopes: `paths` is a glob list (directories work natively, e.g. `notes/**`); `ops` is any of `read`, `mutate` (create/overwrite/move), `delete` (remove). Grant `["read","mutate"]` for edit-but-never-delete.
566
-
567
- ### Full curl trace
568
-
569
- ```bash
570
- # 1. Agent registers
571
- curl -s -X POST https://wiki.team.com/api/agent/register \
572
- -H "Content-Type: application/json" \
573
- -d '{"id":"ai:claude","displayName":"Claude",
574
- "scope":{"paths":["**/*"],"ops":["read","mutate","delete"]}}'
575
- # -> { "registrationId":"reg_abc","pollUrl":"/api/agent/register/reg_abc","status":"pending" }
576
-
577
- # 2. Owner approves in the AI Panel.
578
-
579
- # 3. Agent picks up the token (one shot, 410 on replay)
580
- TOKEN=$(curl -s https://wiki.team.com/api/agent/register/reg_abc | jq -r .token)
581
-
582
- # 4. Read a file
583
- curl -s \
584
- -H "Authorization: Bearer $TOKEN" \
585
- -H "X-Agent-Id: ai:claude" \
586
- https://wiki.team.com/api/agent/files/notes.md | jq
587
-
588
- # 5. Mutate. `by` must equal `X-Agent-Id`. Idempotency-Key is required.
589
- curl -s -X POST \
590
- -H "Authorization: Bearer $TOKEN" \
591
- -H "X-Agent-Id: ai:claude" \
592
- -H "Content-Type: application/json" \
593
- -H "Idempotency-Key: req-$(cat /proc/sys/kernel/random/uuid)" \
594
- -d '{"baseRevision":7,"by":"ai:claude",
595
- "ops":[{"type":"block.append","markdown":"From your agent."}]}' \
596
- https://wiki.team.com/api/agent/files/notes.md
597
-
598
- # 6. Poll events to see human comments, suggestion accepts, external edits
599
- curl -s -H "Authorization: Bearer $TOKEN" -H "X-Agent-Id: ai:claude" \
600
- "https://wiki.team.com/api/agent/events/notes.md?after=0" | jq
601
- ```
602
-
603
- Response codes to handle:
604
-
605
- - `401 UNAUTHORIZED` — bad token or `X-Agent-Id`.
606
- - `403 FORBIDDEN` — out of scope or `by` mismatches identity.
607
- - `409 STALE_REVISION` — refetch and retry. Response includes a fresh snapshot. (Tier 2)
608
- - `409 BLOCK_NOT_FOUND` — the ref no longer exists. (Tier 2)
609
- - `409 IDEMPOTENCY_KEY_REUSED` — same key, different body. (Tier 2)
610
- - `409 COLLAB_ACTIVE` — raw write to a Markdown doc a human is editing; use Tier-2 block-ops (response includes the snapshot URL) or `?force=true`. (Tier 1)
611
- - `412 PRECONDITION_FAILED` — `If-Match` sha mismatch (file changed); re-read and retry. (Tier 1)
612
- - `429 RATE_LIMITED` — honor `Retry-After`. Default 60 ops/minute per agent.
613
-
614
- ### Agent rate limit override
615
-
616
- ```bash
617
- export AGENT_RATE_LIMIT=120
618
- ```
619
-
620
- Note: `AGENT_BEARER_TOKEN` (legacy single-secret mode) does nothing now. The server logs a one-time warning if it is set. Remove it.
621
-
622
- ---
623
-
624
- ## Dev setup
625
-
626
- ### Prerequisites
627
-
628
- - **Node.js** ≥ 18
629
- - **pnpm** — `npm install -g pnpm`
630
-
631
- ### Run from source
632
-
633
- ```bash
634
- git clone https://github.com/anh-chu/wiki-viewer.git
635
- cd wiki-viewer
636
- pnpm install
637
- ROOT_DIR=~/notes pnpm dev
638
- ```
639
-
640
- The dev server supports hot reload.
641
-
642
- ### Scripts
643
-
644
- | Command | Description |
645
- | ---------------- | -------------------------------------- |
646
- | `pnpm dev` | Next.js development server |
647
- | `pnpm dev:https` | Dev server with experimental HTTPS |
648
- | `pnpm build` | Production build |
649
- | `pnpm start` | Production server (after `build`) |
650
- | `pnpm wiki` | CLI entry point (after `build`) |
651
- | `pnpm test` | Run the proof + auth test suite (180+) |
652
-
653
- ### All environment variables
654
-
655
- | Variable | Description | Default |
656
- | ---------------------- | --------------------------------------------------------------------------------- | --------------------- |
657
- | `ROOT_DIR` | Directory to serve | `~/wiki-viewer-files` |
658
- | `PORT` | Port to listen on | `3000` |
659
- | `HOSTNAME` | Host / interface to bind | `localhost` |
660
- | `BETTER_AUTH_URL` | Public origin (required in production, must be `https://`) | unset |
661
- | `BETTER_AUTH_SECRET` | Override for the auto-generated session signing secret | file-stored |
662
- | `GOOGLE_CLIENT_ID` | Enable Google OAuth button | unset |
663
- | `GOOGLE_CLIENT_SECRET` | Enable Google OAuth button | unset |
664
- | `AUTH_ALLOWED_EMAILS` | csv: only these emails can sign up (overridden by UI allowlist if set) | unset (open) |
665
- | `AUTH_ALLOWED_DOMAIN` | csv: only emails on these domains can sign up (overridden by UI allowlist if set) | unset (open) |
666
- | `WIKI_OWNER_HOSTS` | csv: extra hostnames trusted for CSRF Origin check | `localhost,127.0.0.1` |
667
- | `WIKI_ALLOW_INSECURE` | Set to `1` to bypass the prod-https guard (dev / CI only) | unset |
668
- | `WIKI_ADMIN_EMAILS` | csv: emails treated as admins (seed/override; otherwise first signup is admin) | unset |
669
- | `AGENT_RATE_LIMIT` | Max mutation ops per minute per agent identity | `60` |
670
-
671
- ---
672
-
673
- ## Self-hosted deployment
674
-
675
- ### Option A — Build and run directly
676
-
677
- ```bash
678
- git clone https://github.com/anh-chu/wiki-viewer.git
679
- cd wiki-viewer
680
- pnpm install
681
- pnpm build
682
-
683
- # Static assets into the standalone output
684
- cp -r .next/static .next/standalone/.next/static
685
- cp -r public .next/standalone/public
686
-
687
- # Start
688
- ROOT_DIR=/srv/notes BETTER_AUTH_URL=https://wiki.team.com \
689
- AUTH_ALLOWED_DOMAIN=team.com \
690
- node .next/standalone/server.js
691
- ```
692
-
693
- Or use the CLI wrapper, which handles the static-asset copy:
694
-
695
- ```bash
696
- node bin/wiki-viewer.js /srv/notes
697
- ```
698
-
699
- ### Option B — PM2
700
-
701
- ```bash
702
- npm install -g pm2
703
-
704
- pm2 start bin/wiki-viewer.js \
705
- --name wiki-viewer \
706
- -- /srv/notes --port 3000
707
-
708
- pm2 save
709
- pm2 startup # follow printed instructions
710
- ```
711
-
712
- ### Option C — systemd
713
-
714
- `/etc/systemd/system/wiki-viewer.service`:
715
-
716
- ```ini
717
- [Unit]
718
- Description=wiki-viewer
719
- After=network.target
720
-
721
- [Service]
722
- Type=simple
723
- User=YOUR_USER
724
- WorkingDirectory=/home/YOUR_USER/wiki-viewer
725
- ExecStart=/usr/bin/node bin/wiki-viewer.js /srv/notes --port 3000 --host 0.0.0.0
726
- Restart=on-failure
727
- Environment=NODE_ENV=production
728
- Environment=BETTER_AUTH_URL=https://wiki.team.com
729
- Environment=AUTH_ALLOWED_DOMAIN=team.com
730
- Environment=WIKI_OWNER_HOSTS=wiki.team.com
731
-
732
- [Install]
733
- WantedBy=multi-user.target
734
- ```
735
-
736
- ```bash
737
- sudo systemctl daemon-reload
738
- sudo systemctl enable wiki-viewer
739
- sudo systemctl start wiki-viewer
740
- sudo journalctl -u wiki-viewer -f
741
- ```
742
-
743
- ### HTTPS
744
-
745
- `--https` runs an HTTPS reverse proxy in front of the internal HTTP server. mkcert is used when available, otherwise OpenSSL self-signed.
746
-
747
- For real deployments, run wiki-viewer on plain HTTP behind nginx or Caddy with a Let's Encrypt cert. Configure the proxy to:
748
-
749
- - Terminate TLS.
750
- - Preserve the original `Host` header (`proxy_set_header Host $host;` in nginx; Caddy does this by default).
751
- - Forward all paths.
752
-
753
- ### Production deployment checklist
754
-
755
- - [ ] `BETTER_AUTH_URL=https://your-domain` exported in the service environment.
756
- - [ ] `AUTH_ALLOWED_DOMAIN` or `AUTH_ALLOWED_EMAILS` set before opening the server to anyone.
757
- - [ ] `WIKI_OWNER_HOSTS` includes every hostname your users browse from.
758
- - [ ] TLS handled by your reverse proxy or `--https`. Plain HTTP rejects in prod.
759
- - [ ] `~/.wiki-viewer/` on local disk only. SQLite WAL is not safe on NFS or shared between replicas.
760
- - [ ] Single host. If you cluster, you also need a shared lock service. Out of scope today.
761
- - [ ] OAuth redirect URI registered with Google: `https://your-domain/api/auth/callback/google`.
762
- - [ ] If you ran an older version: legacy agents in `agents.json` without `ownerUserId` are visible to and revocable by any signed-in user. Either edit the file to add `"ownerUserId": "<your user id>"` to each, or revoke and re-register them.
763
-
764
- ---
765
-
766
- ## Project structure
767
-
768
- ```
769
- wiki-viewer/
770
- ├── agents/ Installable Agent Skill + bootstrap prompt
771
- │ ├── wiki-viewer-skill/ SKILL.md and assets
772
- │ └── bootstrap-prompt.md One-paragraph prompt for any chat agent
773
- ├── bin/
774
- │ └── wiki-viewer.js CLI entry point
775
- ├── docs/
776
- │ ├── agent-collab-plan.md Full v1 spec for the agent HTTP protocol
777
- │ └── agent-collab-v2-plan.md Reference for a future Yjs / multi-tenant pivot
778
- ├── src/
779
- │ ├── app/
780
- │ │ ├── api/agent/ Agent HTTP API
781
- │ │ ├── api/agents/ Public install endpoints
782
- │ │ ├── api/auth/ Better Auth handler
783
- │ │ ├── api/wiki/ File browser API (session-gated): search, git-*, app, share
784
- │ │ ├── api/share/ Public share-link resolve/unlock
785
- │ │ ├── api/app-proxy/ Reverse proxy to launched node apps
786
- │ │ ├── api/system/ System config API (session-gated)
787
- │ │ └── signin/ Sign-in page
788
- │ ├── components/
789
- │ │ ├── editor/ TipTap editor + proof-span + comment-pip + suggestion-card
790
- │ │ └── ai-panel/ Right-side AI panel (agents, activity, install)
791
- │ ├── lib/
792
- │ │ ├── auth/ Better Auth server + client + allowlist + CSRF
793
- │ │ ├── search/ FTS5 indexer + search DB + file-watcher pool
794
- │ │ ├── shared-docs/ Share-link store (tokens, password hash, expiry)
795
- │ │ ├── git.ts Git history / diff / branch / file-info helpers
796
- │ │ ├── app-runner.ts Launches and supervises node-app child processes
797
- │ │ └── proof/ Agent protocol core (ops-applier, registry, file-lock)
798
- │ ├── stores/ Zustand state
799
- │ ├── tests/proof/ Node test runner suite (180+ tests)
800
- │ └── middleware.ts Cookie-presence gate for UI routes
801
- ├── public/
802
- ├── next.config.ts
803
- └── package.json
804
- ```
805
-
806
- ---
807
-
808
- ## Contributing
809
-
810
- 1. Fork and branch: `git checkout -b my-feature`
811
- 2. `pnpm install && pnpm dev`
812
- 3. Run tests: `pnpm test`
813
- 4. Open a PR.
814
-
815
- Bug reports and feature requests welcome via [GitHub Issues](https://github.com/anh-chu/wiki-viewer/issues).
816
-
817
- ---
818
-
819
- ## License
820
-
821
- MIT © [anh-chu](https://github.com/anh-chu)