fix(terminal): PowerShell command execution in Agent Terminals #825
+1,170
−164
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- Add comprehensive branching strategy documentation - Explain main, develop, feature, fix, release, and hotfix branches - Clarify that all PRs should target develop (not main) - Add release process documentation for maintainers - Update PR process to branch from develop - Expand table of contents with new sections
* refactor: restructure project to Apps/frontend and Apps/backend - Move auto-claude-ui to Apps/frontend with feature-based architecture - Move auto-claude to Apps/backend - Switch from pnpm to npm for frontend - Update Node.js requirement to v24.12.0 LTS - Add pre-commit hooks for lint, typecheck, and security audit - Add commit-msg hook for conventional commits - Fix CommonJS compatibility issues (postcss.config, postinstall scripts) - Update README with comprehensive setup and contribution guidelines - Configure ESLint to ignore .cjs files - 0 npm vulnerabilities Co-authored-by: factory-droid[bot] <138933559+factory-droid[bot]@users.noreply.github.com> * feat(refactor): clean code and move to npm * feat(refactor): clean code and move to npm * chore: update to v2.7.0, remove Docker deps (LadybugDB is embedded) * feat: v2.8.0 - update workflows and configs for Apps/ structure, npm * fix: resolve Python lint errors (F401, I001) * fix: update test paths for Apps/backend structure * fix: add missing facade files and update paths for Apps/backend structure - Fix ruff lint error I001 in auto_claude_tools.py - Create missing facade files to match upstream (agent, ci_discovery, critique, etc.) - Update test paths from auto-claude/ to Apps/backend/ - Update .pre-commit-config.yaml paths for Apps/ structure - Add pytest to pre-commit hooks (skip slow/integration/Windows-incompatible tests) - Fix Unicode encoding in test_agent_architecture.py for Windows Co-authored-by: factory-droid[bot] <138933559+factory-droid[bot]@users.noreply.github.com> * feat: improve readme * fix: new path * fix: correct release workflow and docs for Apps/ restructure - Fix ARM64 macOS build: pnpm → npm, auto-claude-ui → Apps/frontend - Fix artifact upload paths in release.yml - Update Node.js version to 24 for consistency - Update CLI-USAGE.md with Apps/backend paths - Update RELEASE.md with Apps/frontend/package.json paths 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> * refactor: rename Apps/ to apps/ and fix backend path resolution - Rename Apps/ folder to apps/ for consistency with JS/Node conventions - Update all path references across CI/CD workflows, docs, and config files - Fix frontend Python path resolver to look for 'backend' instead of 'auto-claude' - Update path-resolver.ts to correctly find apps/backend in development mode This completes the Apps restructure from PR AndyMik90#122 and prepares for v2.8.0 release. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> * fix(electron): correct preload script path from .js to .mjs electron-vite builds the preload script as ESM (index.mjs) but the main process was looking for CommonJS (index.js). This caused the preload to fail silently, making the app fall back to browser mock mode with fake data and non-functional IPC handlers. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> * - Introduced `dev:debug` script to enable debugging during development. - Added `dev:mcp` script for running the frontend in MCP mode. These enhancements streamline the development process for frontend developers. * refactor(memory): make Graphiti memory mandatory and remove Docker dependency Memory is now a core component of Auto Claude rather than optional: - Python 3.12+ is required for the backend (not just memory layer) - Graphiti is enabled by default in .env.example - Removed all FalkorDB/Docker references (migrated to embedded LadybugDB) - Deleted guides/DOCKER-SETUP.md and docker-handlers.ts - Updated onboarding UI to remove "optional" language - Updated all documentation to reflect LadybugDB architecture 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> * feat: add cross-platform Windows support for npm scripts - Add scripts/install-backend.js for cross-platform Python venv setup - Auto-detects Python 3.12 (py -3.12 on Windows, python3.12 on Unix) - Handles platform-specific venv paths - Add scripts/test-backend.js for cross-platform pytest execution - Update package.json to use Node.js scripts instead of shell commands - Update CONTRIBUTING.md with correct paths and instructions: - apps/backend/ and apps/frontend/ paths - Python 3.12 requirement (memory system now required) - Platform-specific install commands (winget, brew, apt) - npm instead of pnpm - Quick Start section with npm run install:all 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> * remove doc * fix(frontend): correct Ollama detector script path after apps restructure The Ollama status check was failing because memory-handlers.ts was looking for ollama_model_detector.py at auto-claude/ but the script is now at apps/backend/ after the directory restructure. This caused "Ollama not running" to display even when Ollama was actually running and accessible. * chore: bump version to 2.7.2 Downgrade version from 2.8.0 to 2.7.2 as the Apps/ restructure is better suited as a patch release rather than a minor release. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> * chore: update package-lock.json for Windows compatibility 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> * docs(contributing): add hotfix workflow and update paths for apps/ structure Add Git Flow hotfix workflow documentation with step-by-step guide and ASCII diagram showing the branching strategy. Update all paths from auto-claude/auto-claude-ui to apps/backend/apps/frontend and migrate package manager references from pnpm to npm to match the new project structure. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> * fix(ci): remove duplicate ARM64 build from Intel runner The Intel runner was building both x64 and arm64 architectures, while a separate ARM64 runner also builds arm64 natively. This caused duplicate ARM64 builds, wasting CI resources. Now each runner builds only its native architecture: - Intel runner: x64 only - ARM64 runner: arm64 only 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> --------- Co-authored-by: Alex Madera <[email protected]> Co-authored-by: factory-droid[bot] <138933559+factory-droid[bot]@users.noreply.github.com> Co-authored-by: Claude Opus 4.5 <[email protected]>
…Mik90#141) * feat(ollama): add real-time download progress tracking for model downloads Implement comprehensive download progress tracking with: - NDJSON parsing for streaming progress data from Ollama API - Real-time speed calculation (MB/s, KB/s, B/s) with useRef for delta tracking - Time remaining estimation based on download speed - Animated progress bars in OllamaModelSelector component - IPC event streaming from main process to renderer - Proper listener management with cleanup functions Changes: - memory-handlers.ts: Parse NDJSON from Ollama stderr, emit progress events - OllamaModelSelector.tsx: Display progress bars with speed and time remaining - project-api.ts: Implement onDownloadProgress listener with cleanup - ipc.ts types: Define onDownloadProgress listener interface - infrastructure-mock.ts: Add mock implementation for browser testing This allows users to see real-time feedback when downloading Ollama models, including percentage complete, current download speed, and estimated time remaining. * test: add focused test coverage for Ollama download progress feature Add unit tests for the critical paths of the real-time download progress tracking: - Progress calculation tests (52 tests): Speed/time/percentage calculations with comprehensive edge case coverage (zero speeds, NaN, Infinity, large numbers) - NDJSON parser tests (33 tests): Streaming JSON parsing from Ollama, buffer management for incomplete lines, error handling All 562 unit tests passing with clean dependencies. Tests focus on critical mathematical logic and data processing - the most important paths that need verification. Test coverage: ✅ Speed calculation and formatting (B/s, KB/s, MB/s) ✅ Time remaining calculations (seconds, minutes, hours) ✅ Percentage clamping (0-100%) ✅ NDJSON streaming with partial line buffering ✅ Invalid JSON handling ✅ Real Ollama API responses ✅ Multi-chunk streaming scenarios * docs: add comprehensive JSDoc docstrings for Ollama download progress feature - Enhanced OllamaModelSelector component with detailed JSDoc * Documented component props, behavior, and usage examples * Added docstrings to internal functions (checkInstalledModels, handleDownload, handleSelect) * Explained progress tracking algorithm and useRef usage - Improved memory-handlers.ts documentation * Added docstring to main registerMemoryHandlers function * Documented all Ollama-related IPC handlers (check-status, list-embedding-models, pull-model) * Added JSDoc to executeOllamaDetector helper function * Documented interface types (OllamaStatus, OllamaModel, OllamaEmbeddingModel, OllamaPullResult) * Explained NDJSON parsing and progress event structure - Enhanced test file documentation * Added docstrings to NDJSON parser test utilities with algorithm explanation * Documented all calculation functions (speed, time, percentage) * Added detailed comments on formatting and bounds-checking logic - Improved overall code maintainability * Docstring coverage now meets 80%+ threshold for code review * Clear explanation of progress tracking implementation details * Better context for future maintainers working with download streaming * feat: add batch task creation and management CLI commands - Handle batch task creation from JSON files - Show status of all specs in project - Cleanup tool for completed specs - Full integration with new apps/backend structure - Compatible with implementation_plan.json workflow * test: add batch task test file and testing checklist - batch_test.json: Sample tasks for testing batch creation - TESTING_CHECKLIST.md: Comprehensive testing guide for Ollama and batch tasks - Includes UI testing steps, CLI testing steps, and edge cases - Ready for manual and automated testing * chore: update package-lock.json to match v2.7.2 * test: update checklist with verification results and architecture validation * docs: add comprehensive implementation summary for Ollama + Batch features * docs: add comprehensive Phase 2 testing guide with checklists and procedures * docs: add NEXT_STEPS guide for Phase 2 testing * fix: resolve merge conflict in project-api.ts from Ollama feature cherry-pick * fix: remove duplicate Ollama check status handler registration * test: update checklist with Phase 2 bug findings and fixes --------- Co-authored-by: ray <[email protected]>
Implemented promise queue pattern in PythonEnvManager to handle concurrent initialization requests. Previously, multiple simultaneous requests (e.g., startup + merge) would fail with "Already initializing" error. Also fixed parsePythonCommand() to handle file paths with spaces by checking file existence before splitting on whitespace. Changes: - Added initializationPromise field to queue concurrent requests - Split initialize() into public and private _doInitialize() - Enhanced parsePythonCommand() with existsSync() check Co-authored-by: Joris Slagter <[email protected]>
) Removes the legacy 'auto-claude' path from the possiblePaths array in agent-process.ts. This path was from before the monorepo restructure (v2.7.2) and is no longer needed. The legacy path was causing spec_runner.py to be looked up at the wrong location: - OLD (wrong): /path/to/auto-claude/auto-claude/runners/spec_runner.py - NEW (correct): /path/to/apps/backend/runners/spec_runner.py This aligns with the new monorepo structure where all backend code lives in apps/backend/. Fixes AndyMik90#147 Co-authored-by: Joris Slagter <[email protected]>
* fix: Linear API authentication and GraphQL types - Remove Bearer prefix from Authorization header (Linear API keys are sent directly) - Change GraphQL variable types from String! to ID! for teamId and issue IDs - Improve error handling to show detailed Linear API error messages 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> * fix: Radix Select empty value error in Linear import modal Use '__all__' sentinel value instead of empty string for "All projects" option, as Radix Select does not allow empty string values. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> * feat: add CodeRabbit configuration file Introduce a new .coderabbit.yaml file to configure CodeRabbit settings, including review profiles, automatic review options, path filters, and specific instructions for different file types. This enhances the code review process by providing tailored guidelines for Python, TypeScript, and test files. * fix: correct GraphQL types for Linear team queries Linear API uses different types for different queries: - team(id:) expects String! - issues(filter: { team: { id: { eq: } } }) expects ID! 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> * fix: refresh task list after Linear import Call loadTasks() after successful Linear import to update the kanban board without requiring a page reload. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> * cleanup * cleanup * fix: address CodeRabbit review comments for Linear integration - Fix unsafe JSON parsing: check response.ok before parsing JSON to handle non-JSON error responses (e.g., 503 from proxy) gracefully - Use ID! type instead of String! for teamId in LINEAR_GET_PROJECTS query for GraphQL type consistency - Remove debug console.log (ESLint config only allows warn/error) - Refresh task list on partial import success (imported > 0) instead of requiring full success - Fix pre-existing TypeScript and lint issues blocking commit 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> * version sync logic * lints for develop branch * chore: update CI workflow to include develop branch - Modified the CI configuration to trigger on pushes and pull requests to both main and develop branches, enhancing the workflow for development and integration processes. * fix: update project directory auto-detection for apps/backend structure The project directory auto-detection was checking for the old `auto-claude/` directory name but needed to check for `apps/backend/`. When running from `apps/backend/`, the directory name is `backend` not `auto-claude`, so the check would fail and `project_dir` would incorrectly remain as `apps/backend/` instead of resolving to the project root (2 levels up). 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> * fix: use GraphQL variables instead of string interpolation in LINEAR_GET_ISSUES Replace direct string interpolation of teamId and linearProjectId with proper GraphQL variables. This prevents potential query syntax errors if IDs contain special characters like double quotes, and aligns with the variable-based approach used elsewhere in the file. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> * fix(ui): correct logging level and await loadTasks on import complete - Change console.warn to console.log for import success messages (warn is incorrect severity for normal completion) - Make onImportComplete callback async and await loadTasks() to prevent potential unhandled promise rejections Applies CodeRabbit review feedback across 3 LinearTaskImportModal usages. * fix(hooks): use POSIX-compliant find instead of bash glob The pre-commit hook uses #!/bin/sh but had bash-specific ** glob pattern for staging ruff-formatted files. The ** pattern only works in bash with globstar enabled - in POSIX sh it expands literally and won't match subdirectories, causing formatted files in nested directories to not be staged. --------- Co-authored-by: Claude Opus 4.5 <[email protected]>
…_progress When a user drags a running task back to Planning (or any other column), the process was not being stopped, leaving a "ghost" process that prevented deletion with "Cannot delete a running task" error. Now the task process is automatically killed when status changes away from in_progress, ensuring the process state stays in sync with the UI.
* feat: add UI scale feature * refactor: extract UI scale bounds to shared constants * fix: duplicated import
…90#154) * fix: analyzer Python compatibility and settings integration Fixes project index analyzer failing with TypeError on Python type hints. Changes: - Added 'from __future__ import annotations' to all analysis modules - Fixed project discovery to support new analyzer JSON format - Read Python path directly from settings.json instead of pythonEnvManager - Added stderr/stdout logging for analyzer debugging Resolves 'Discovered 0 files' and 'TypeError: unsupported operand type' issues. * auto-claude: subtask-1-1 - Hide status badge when execution phase badge is showing When a task has an active execution (planning, coding, etc.), the execution phase badge already displays the correct state with a spinner. The status badge was also rendering, causing duplicate/confusing badges (e.g., both "Planning" and "Pending" showing at the same time). This fix wraps the status badge in a conditional that only renders when there's no active execution, eliminating the redundant badge display. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> * fix(ipc): remove unused pythonEnvManager parameter and fix ES6 import Address CodeRabbit review feedback: - Remove unused pythonEnvManager parameter from registerProjectContextHandlers and registerContextHandlers (the code reads Python path directly from settings.json instead) - Replace require('electron').app with proper ES6 import for consistency 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> * chore(lint): fix import sorting in analysis module Run ruff --fix to resolve I001 lint errors after merging develop. All 23 files in apps/backend/analysis/ now have properly sorted imports. --------- Co-authored-by: Joris Slagter <[email protected]> Co-authored-by: Claude Opus 4.5 <[email protected]>
* fix(core): add task persistence, terminal handling, and HTTP 300 fixes Consolidated bug fixes from PRs AndyMik90#168, AndyMik90#170, AndyMik90#171: - Task persistence (AndyMik90#168): Scan worktrees for tasks on app restart to prevent loss of in-progress work and wasted API credits. Tasks in .worktrees/*/specs are now loaded and deduplicated with main. - Terminal buttons (AndyMik90#170): Fix "Open Terminal" buttons silently failing on macOS by properly awaiting createTerminal() Promise. Added useTerminalHandler hook with loading states and error display. - HTTP 300 errors (AndyMik90#171): Handle branch/tag name collisions that cause update failures. Added validation script to prevent conflicts before releases and user-friendly error messages with manual download links. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> * fix(platform): add path resolution, spaces handling, and XDG support This commit consolidates multiple bug fixes from community PRs: - PR AndyMik90#187: Path resolution fix - Update path detection to find apps/backend instead of legacy auto-claude directory after v2.7.2 restructure - PR AndyMik90#182/AndyMik90#155: Python path spaces fix - Improve parsePythonCommand() to handle quoted paths and paths containing spaces without splitting - PR AndyMik90#161: Ollama detection fix - Add new apps structure paths for ollama_model_detector.py script discovery - PR AndyMik90#160: AppImage support - Add XDG Base Directory compliant paths for Linux sandboxed environments (AppImage, Flatpak, Snap). New files: - config-paths.ts: XDG path utilities - fs-utils.ts: Filesystem utilities with fallback support - PR AndyMik90#159: gh CLI PATH fix - Add getAugmentedEnv() utility to include common binary locations (Homebrew, snap, local) in PATH for child processes. Fixes gh CLI not found when app launched from Finder/Dock. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> * fix: address CodeRabbit/Cursor review comments on PR AndyMik90#185 Fixes from code review: - http-client.ts: Use GITHUB_CONFIG instead of hardcoded owner in HTTP 300 error message - validate-release.js: Fix substring matching bug in branch detection that could cause false positives (e.g., v2.7 matching v2.7.2) - bump-version.js: Remove unnecessary try-catch wrapper (exec() already exits on failure) - execution-handlers.ts: Capture original subtask status before mutation for accurate logging - fs-utils.ts: Add error handling to safeWriteFile with proper logging Dismissed as trivial/not applicable: - config-paths.ts: Exhaustive switch check (over-engineering) - env-utils.ts: PATH priority documentation (existing comments sufficient) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> * fix: address additional CodeRabbit review comments (round 2) Fixes from second round of code review: - fs-utils.ts: Wrap test file cleanup in try-catch for Windows file locking - fs-utils.ts: Add error handling to safeReadFile for consistency with safeWriteFile - http-client.ts: Use GITHUB_CONFIG in fetchJson (missed in first round) - validate-release.js: Exclude symbolic refs (origin/HEAD -> origin/main) from branch check - python-detector.ts: Return cleanPath instead of pythonPath for empty input edge case Dismissed as trivial/not applicable: - execution-handlers.ts: Redundant checkSubtasksCompletion call (micro-optimization) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> --------- Co-authored-by: Claude Opus 4.5 <[email protected]>
* chore: update README version to 2.7.1 Updated the version badge and download links in the README to reflect the new release version 2.7.1, ensuring users have the correct information for downloading the latest builds. * feat(releases): add beta release system with user opt-in Implements a complete beta release workflow that allows users to opt-in to receiving pre-release versions. This enables testing new features before they're included in stable releases. Changes: - Add beta-release.yml workflow for creating beta releases from develop - Add betaUpdates setting with UI toggle in Settings > Updates - Add update channel support to electron-updater (beta vs latest) - Extract shared settings-utils.ts to reduce code duplication - Add prepare-release.yml workflow for automated release preparation - Document beta release process in CONTRIBUTING.md and RELEASE.md Users can enable beta updates in Settings > Updates, and maintainers can trigger beta releases via the GitHub Actions workflow. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> * workflow update --------- Co-authored-by: Claude Opus 4.5 <[email protected]>
* chore: update README version to 2.7.1 Updated the version badge and download links in the README to reflect the new release version 2.7.1, ensuring users have the correct information for downloading the latest builds. * feat(releases): add beta release system with user opt-in Implements a complete beta release workflow that allows users to opt-in to receiving pre-release versions. This enables testing new features before they're included in stable releases. Changes: - Add beta-release.yml workflow for creating beta releases from develop - Add betaUpdates setting with UI toggle in Settings > Updates - Add update channel support to electron-updater (beta vs latest) - Extract shared settings-utils.ts to reduce code duplication - Add prepare-release.yml workflow for automated release preparation - Document beta release process in CONTRIBUTING.md and RELEASE.md Users can enable beta updates in Settings > Updates, and maintainers can trigger beta releases via the GitHub Actions workflow. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> * workflow update * ci(github): update Discord link and redirect feature requests to discussions Update Discord invite link to correct URL (QhRnz9m5HE) across all GitHub templates and workflows. Redirect feature requests from issue template to GitHub Discussions for better community engagement. Changes: - config.yml: Add feature request link to Discussions, fix Discord URL - question.yml: Update Discord link in pre-question guidance - welcome.yml: Update Discord link in first-time contributor message --------- Co-authored-by: Claude Opus 4.5 <[email protected]>
- Change branch reference from main to develop - Fix contribution guide link to use full URL - Remove hyphen from "Auto Claude" in welcome message
…tup (AndyMik90#180 AndyMik90#167) (AndyMik90#208) This fixes critical bug where macOS users with default Python 3.9.6 couldn't use Auto-Claude because claude-agent-sdk requires Python 3.10+. Root Cause: - Auto-Claude doesn't bundle Python, relies on system Python - python-detector.ts accepted any Python 3.x without checking minimum version - macOS ships with Python 3.9.6 by default (incompatible) - GitHub Actions runners didn't explicitly set Python version Changes: 1. python-detector.ts: - Added getPythonVersion() to extract version from command - Added validatePythonVersion() to check if >= 3.10.0 - Updated findPythonCommand() to skip Python < 3.10 with clear error messages 2. python-env-manager.ts: - Import and use findPythonCommand() (already has version validation) - Simplified findSystemPython() to use shared validation logic - Updated error message from "Python 3.9+" to "Python 3.10+" with download link 3. .github/workflows/release.yml: - Added Python 3.11 setup to all 4 build jobs (macOS Intel, macOS ARM64, Windows, Linux) - Ensures consistent Python version across all platforms during build Impact: - macOS users with Python 3.9 now see clear error with download link - macOS users with Python 3.10+ work normally - CI/CD builds use consistent Python 3.11 - Prevents "ModuleNotFoundError: dotenv" and dependency install failures Fixes AndyMik90#180, AndyMik90#167 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-authored-by: Claude Sonnet 4.5 <[email protected]>
* feat: Add OpenRouter as LLM/embedding provider Add OpenRouter provider support for Graphiti memory integration, enabling access to multiple LLM providers through a single API. Changes: Backend: - Created openrouter_llm.py: OpenRouter LLM provider using OpenAI-compatible API - Created openrouter_embedder.py: OpenRouter embedder provider - Updated config.py: Added OpenRouter to provider enums and configuration - New fields: openrouter_api_key, openrouter_base_url, openrouter_llm_model, openrouter_embedding_model - Validation methods updated for OpenRouter - Updated factory.py: Added OpenRouter to LLM and embedder factories - Updated provider __init__.py files: Exported new OpenRouter functions Frontend: - Updated project.ts types: Added 'openrouter' to provider type unions - GraphitiProviderConfig extended with OpenRouter fields - Updated GraphitiStep.tsx: Added OpenRouter to provider arrays - LLM_PROVIDERS: 'Multi-provider aggregator' - EMBEDDING_PROVIDERS: 'OpenAI-compatible embeddings' - Added OpenRouter API key input field with show/hide toggle - Link to https://openrouter.ai/keys - Updated env-handlers.ts: OpenRouter .env generation and parsing - Template generation for OPENROUTER_* variables - Parsing from .env files with proper type casting Documentation: - Updated .env.example with OpenRouter section - Configuration examples - Popular model recommendations - Example configuration (AndyMik90#6) Fixes AndyMik90#92 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Sonnet 4.5 <[email protected]> * refactor: address CodeRabbit review comments for OpenRouter - Add globalOpenRouterApiKey to settings types and store updates - Initialize openrouterApiKey from global settings - Update documentation to include OpenRouter in provider lists - Add OpenRouter handling to get_embedding_dimension() method - Add openrouter to provider cleanup list - Add OpenRouter to get_available_providers() function - Clarify Legacy comment for openrouterLlmModel These changes complete the OpenRouter integration by ensuring proper settings persistence and provider detection across the application. * fix: apply ruff formatting to OpenRouter code - Break long error message across multiple lines - Format provider list with one item per line - Fixes lint CI failure 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Sonnet 4.5 <[email protected]> --------- Co-authored-by: Claude Sonnet 4.5 <[email protected]>
…Mik90#209) Implements distributed file-based locking for spec number coordination across main project and all worktrees. Previously, parallel spec creation could assign the same number to different specs (e.g., 042-bmad-task and 042-gitlab-integration both using number 042). The fix adds SpecNumberLock class that: - Acquires exclusive lock before calculating spec numbers - Scans ALL locations (main project + worktrees) for global maximum - Creates spec directories atomically within the lock - Handles stale locks via PID-based detection with 30s timeout Applied to both Python backend (spec_runner.py flow) and TypeScript frontend (ideation conversion, GitHub/GitLab issue import). 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-authored-by: Claude Opus 4.5 <[email protected]>
* fix(ideation): add missing event forwarders for status sync - Add event forwarders in ideation-handlers.ts for progress, log, type-complete, type-failed, complete, error, and stopped events - Fix ideation-type-complete to load actual ideas array from JSON files instead of emitting only the count Resolves UI getting stuck at 0/3 complete during ideation generation. * fix(ideation): fix UI not updating after actions - Fix getIdeationSummary to count only active ideas (exclude dismissed/archived) This ensures header stats match the visible ideas count - Add transformSessionFromSnakeCase to properly transform session data from backend snake_case to frontend camelCase on ideation-complete event - Transform raw session before emitting ideation-complete event Resolves header showing stale counts after dismissing/deleting ideas. * fix(ideation): improve type safety and async handling in ideation type completion - Replace synchronous readFileSync with async fsPromises.readFile in ideation-type-complete handler - Wrap async file read in IIFE with proper error handling to prevent unhandled promise rejections - Add type validation for IdeationType with VALID_IDEATION_TYPES set and isValidIdeationType guard - Add validateEnabledTypes function to filter out invalid type values and log dropped entries - Handle ENOENT separately * fix(ideation): improve generation state management and error handling - Add explicit isGenerating flag to prevent race conditions during async operations - Implement 5-minute timeout for generation with automatic cleanup and error state - Add ideation-stopped event emission when process is intentionally killed - Replace console.warn/error with proper ideation-error events in agent-queue - Add resetGeneratingTypes helper to transition all generating types to a target state - Filter out dismissed/ * refactor(ideation): improve event listener cleanup and timeout management - Extract event handler functions in ideation-handlers.ts to enable proper cleanup - Return cleanup function from registerIdeationHandlers to remove all listeners - Replace single generationTimeoutId with Map to support multiple concurrent projects - Add clearGenerationTimeout helper to centralize timeout cleanup logic - Extract loadIdeationType IIFE to named function for better error context - Enhance error logging with projectId, * refactor: use async file read for ideation and roadmap session loading - Replace synchronous readFileSync with async fsPromises.readFile - Prevents blocking the event loop during file operations - Consistent with async pattern used elsewhere in the codebase - Improved error handling with proper event emission * fix(agent-queue): improve roadmap completion handling and error reporting - Add transformRoadmapFromSnakeCase to convert backend snake_case to frontend camelCase - Transform raw roadmap data before emitting roadmap-complete event - Add roadmap-error emission for unexpected errors during completion - Add roadmap-error emission when project path is unavailable - Remove duplicate ideation-type-complete emission from error handler (event already emitted in loadIdeationType) - Update error log message
Adds 'from __future__ import annotations' to spec/discovery.py for Python 3.9+ compatibility with type hints. This completes the Python compatibility fixes that were partially applied in previous commits. All 26 analysis and spec Python files now have the future annotations import. Related: AndyMik90#128 Co-authored-by: Joris Slagter <[email protected]>
…#241) * fix: resolve Python detection and backend packaging issues - Fix backend packaging path (auto-claude -> backend) to match path-resolver.ts expectations - Add future annotations import to config_parser.py for Python 3.9+ compatibility - Use findPythonCommand() in project-context-handlers to prioritize Homebrew Python - Improve Python detection to prefer Homebrew paths over system Python on macOS This resolves the following issues: - 'analyzer.py not found' error due to incorrect packaging destination - TypeError with 'dict | None' syntax on Python < 3.10 - Wrong Python interpreter being used (system Python instead of Homebrew Python 3.10+) Tested on macOS with packaged app - project index now loads successfully. * refactor: address PR review feedback - Extract findHomebrewPython() helper to eliminate code duplication between findPythonCommand() and getDefaultPythonCommand() - Remove hardcoded version-specific paths (python3.12) and rely only on generic Homebrew symlinks for better maintainability - Remove unnecessary 'from __future__ import annotations' from config_parser.py since backend requires Python 3.12+ where union types are native These changes make the code more maintainable, less fragile to Python version changes, and properly reflect the project's Python 3.12+ requirement.
…#250) * feat(github): add GitHub automation system for issues and PRs Implements comprehensive GitHub automation with three major components: 1. Issue Auto-Fix: Automatically creates specs from labeled issues - AutoFixButton component with progress tracking - useAutoFix hook for config and queue management - Backend handlers for spec creation from issues 2. GitHub PRs Tool: AI-powered PR review sidebar - New sidebar tab (Cmd+Shift+P) alongside GitHub Issues - PRList/PRDetail components for viewing PRs - Review system with findings by severity - Post review comments to GitHub 3. Issue Triage: Duplicate/spam/feature-creep detection - Triage handlers with label application - Configurable detection thresholds Also adds: - Debug logging (DEBUG=true) for all GitHub handlers - Backend runners/github module with orchestrator - AI prompts for PR review, triage, duplicate/spam detection - dev:debug npm script for development with logging 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> * fix(github-runner): resolve import errors for direct script execution Changes runner.py and orchestrator.py to handle both: - Package import: `from runners.github import ...` - Direct script: `python runners/github/runner.py` Uses try/except pattern for relative vs direct imports. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> * fix(github): correct argparse argument order for runner.py Move --project global argument before subcommand so argparse can correctly parse it. Fixes "unrecognized arguments: --project" error. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> * logs when debug mode is on * refactor(github): extract service layer and fix linting errors Major refactoring to improve maintainability and code quality: Backend (Python): - Extracted orchestrator.py (2,600 → 835 lines, 68% reduction) into 7 service modules: - prompt_manager.py: Prompt template management - response_parsers.py: AI response parsing - pr_review_engine.py: PR review orchestration - triage_engine.py: Issue triage logic - autofix_processor.py: Auto-fix workflow - batch_processor.py: Batch issue handling - Fixed 18 ruff linting errors (F401, C405, C414, E741): - Removed unused imports (BatchValidationResult, AuditAction, locked_json_write) - Optimized collection literals (set([n]) → {n}) - Removed unnecessary list() calls - Renamed ambiguous variable 'l' to 'label' throughout Frontend (TypeScript): - Refactored IPC handlers (19% overall reduction) with shared utilities: - autofix-handlers.ts: 1,042 → 818 lines - pr-handlers.ts: 648 → 543 lines - triage-handlers.ts: 437 lines (no duplication) - Created utils layer: logger, ipc-communicator, project-middleware, subprocess-runner - Split github-store.ts into focused stores: issues, pr-review, investigation, sync-status - Split ReviewFindings.tsx into focused components All imports verified, type checks passing, linting clean. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Sonnet 4.5 <[email protected]> --------- Co-authored-by: Claude Opus 4.5 <[email protected]>
…ndyMik90#250)" (AndyMik90#251) This reverts commit 348de6d.
* Add multilingual support and i18n integration - Implemented i18n framework using `react-i18next` for translation management. - Added support for English and French languages with translation files. - Integrated language selector into settings. - Updated all text strings in UI components to use translation keys. - Ensured smooth language switching with live updates. * Migrate remaining hard-coded strings to i18n system - TaskCard: status labels, review reasons, badges, action buttons - PhaseProgressIndicator: execution phases, progress labels - KanbanBoard: drop zone, show archived, tooltips - CustomModelModal: dialog title, description, labels - ProactiveSwapListener: account switch notifications - AgentProfileSelector: phase labels, custom configuration - GeneralSettings: agent framework option Added translation keys for en/fr locales in tasks.json, common.json, and settings.json for complete i18n coverage. * Add i18n support to dialogs and settings components - AddFeatureDialog: form labels, validation messages, buttons - AddProjectModal: dialog steps, form fields, actions - RateLimitIndicator: rate limit notifications - RateLimitModal: account switching, upgrade prompts - AdvancedSettings: updates and notifications sections - ThemeSettings: theme selection labels - Updated dialogs.json locales (en/fr) * Fix truncated 'ready' message in dialogs locales * Fix backlog terminology in i18n locales Change "Planning"/"Planification" to standard PM term "Backlog" * Migrate settings navigation and integration labels to i18n - AppSettings: nav items, section titles, buttons - IntegrationSettings: Claude accounts, auto-switch, API keys labels - Added settings nav/projectSections/integrations translation keys - Added buttons.saving to common translations * Migrate AgentProfileSettings and Sidebar init dialog to i18n - AgentProfileSettings: migrate phase config labels, section title, description, and all hardcoded strings to settings namespace - Sidebar: migrate init dialog strings to dialogs namespace with common buttons from common namespace - Add new translation keys for agent profile settings and update dialog * Migrate AppSettings navigation labels to i18n - Add useTranslation hook to AppSettings.tsx - Replace hardcoded section labels with dynamic translations - Add projectSections translations for project settings nav - Add rerunWizardDescription translation key * Add explicit typing to notificationItems array Import NotificationSettings type and use keyof to properly type the notification item keys, removing manual type assertion.
…AndyMik90#266) * ci: implement enterprise-grade PR quality gates and security scanning * ci: implement enterprise-grade PR quality gates and security scanning * fix:pr comments and improve code * fix: improve commit linting and code quality * Removed the dependency-review job (i added it) * fix: address CodeRabbit review comments - Expand scope pattern to allow uppercase, underscores, slashes, dots - Add concurrency control to cancel duplicate security scan runs - Add explanatory comment for Bandit CLI flags - Remove dependency-review job (requires repo settings) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> * docs: update commit lint examples with expanded scope patterns Show slashes and dots in scope examples to demonstrate the newly allowed characters (api/users, package.json) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> * chore: remove feature request issue template Feature requests are directed to GitHub Discussions via the issue template config.yml 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> * fix: address security vulnerabilities in service orchestrator - Fix port parsing crash on malformed docker-compose entries - Fix shell injection risk by using shlex.split() with shell=False Prevents crashes when docker-compose.yml contains environment variables in port mappings (e.g., '${PORT}:8080') and eliminates shell injection vulnerabilities in subprocess execution. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Sonnet 4.5 <[email protected]> --------- Co-authored-by: Claude Opus 4.5 <[email protected]>
…90#252) * feat(github): add GitHub automation system for issues and PRs Implements comprehensive GitHub automation with three major components: 1. Issue Auto-Fix: Automatically creates specs from labeled issues - AutoFixButton component with progress tracking - useAutoFix hook for config and queue management - Backend handlers for spec creation from issues 2. GitHub PRs Tool: AI-powered PR review sidebar - New sidebar tab (Cmd+Shift+P) alongside GitHub Issues - PRList/PRDetail components for viewing PRs - Review system with findings by severity - Post review comments to GitHub 3. Issue Triage: Duplicate/spam/feature-creep detection - Triage handlers with label application - Configurable detection thresholds Also adds: - Debug logging (DEBUG=true) for all GitHub handlers - Backend runners/github module with orchestrator - AI prompts for PR review, triage, duplicate/spam detection - dev:debug npm script for development with logging 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> * fix(github-runner): resolve import errors for direct script execution Changes runner.py and orchestrator.py to handle both: - Package import: `from runners.github import ...` - Direct script: `python runners/github/runner.py` Uses try/except pattern for relative vs direct imports. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> * fix(github): correct argparse argument order for runner.py Move --project global argument before subcommand so argparse can correctly parse it. Fixes "unrecognized arguments: --project" error. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> * logs when debug mode is on * refactor(github): extract service layer and fix linting errors Major refactoring to improve maintainability and code quality: Backend (Python): - Extracted orchestrator.py (2,600 → 835 lines, 68% reduction) into 7 service modules: - prompt_manager.py: Prompt template management - response_parsers.py: AI response parsing - pr_review_engine.py: PR review orchestration - triage_engine.py: Issue triage logic - autofix_processor.py: Auto-fix workflow - batch_processor.py: Batch issue handling - Fixed 18 ruff linting errors (F401, C405, C414, E741): - Removed unused imports (BatchValidationResult, AuditAction, locked_json_write) - Optimized collection literals (set([n]) → {n}) - Removed unnecessary list() calls - Renamed ambiguous variable 'l' to 'label' throughout Frontend (TypeScript): - Refactored IPC handlers (19% overall reduction) with shared utilities: - autofix-handlers.ts: 1,042 → 818 lines - pr-handlers.ts: 648 → 543 lines - triage-handlers.ts: 437 lines (no duplication) - Created utils layer: logger, ipc-communicator, project-middleware, subprocess-runner - Split github-store.ts into focused stores: issues, pr-review, investigation, sync-status - Split ReviewFindings.tsx into focused components All imports verified, type checks passing, linting clean. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Sonnet 4.5 <[email protected]> * fixes during testing of PR * feat(github): implement PR merge, assign, and comment features - Add auto-assignment when clicking "Run AI Review" - Implement PR merge functionality with squash method - Add ability to post comments on PRs - Display assignees in PR UI - Add Approve and Merge buttons when review passes - Update backend gh_client with pr_merge, pr_comment, pr_assign methods - Create IPC handlers for new PR operations - Update TypeScript interfaces and browser mocks 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Sonnet 4.5 <[email protected]> * Improve PR review AI * fix(github): use temp files for PR review posting to avoid shell escaping issues When posting PR reviews with findings containing special characters (backticks, parentheses, quotes), the shell command was interpreting them as commands instead of literal text, causing syntax errors. Changed both postPRReview and postPRComment handlers to write the body content to temporary files and use gh CLI's --body-file flag instead of --body with inline content. This safely handles ALL special characters without escaping issues. Fixes shell errors when posting reviews with suggested fixes containing code snippets. * fix(i18n): add missing GitHub PRs translation and document i18n requirements Fixed missing translation key for GitHub PRs feature that was causing "items.githubPRs" to display instead of the proper translated text. Added comprehensive i18n guidelines to CLAUDE.md to ensure all future frontend development follows the translation key pattern instead of using hardcoded strings. Also fixed missing deletePRReview mock function in browser-mock.ts to resolve TypeScript compilation errors. Changes: - Added githubPRs translation to en/navigation.json - Added githubPRs translation to fr/navigation.json - Added Development Guidelines section to CLAUDE.md with i18n requirements - Documented translation file locations and namespace usage patterns - Added deletePRReview mock function to browser-mock.ts 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Sonnet 4.5 <[email protected]> * fix ui loading * Github PR fixes * improve claude.md * lints/tests * fix(github): handle PRs exceeding GitHub's 20K line diff limit - Add PRTooLargeError exception for large PR detection - Update pr_diff() to catch and raise PRTooLargeError for HTTP 406 errors - Gracefully handle large PRs by skipping full diff and using individual file patches - Add diff_truncated flag to PRContext to track when diff was skipped - Large PRs will now review successfully using per-file diffs instead of failing Fixes issue with PR AndyMik90#252 which has 100+ files exceeding the 20,000 line limit. * fix: implement individual file patch fetching for large PRs The PR review was getting stuck for large PRs (>20K lines) because when we skipped the full diff due to GitHub API limits, we had no code to analyze. The individual file patches were also empty, leaving the AI with just file names and metadata. Changes: - Implemented _get_file_patch() to fetch individual patches via git diff - Updated PR review engine to build composite diff from file patches when diff_truncated is True - Added missing 'state' field to PRContext dataclass - Limits composite diff to first 50 files for very large PRs - Shows appropriate warnings when using reconstructed diffs This allows AI review to proceed with actual code analysis even when the full PR diff exceeds GitHub's limits. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Sonnet 4.5 <[email protected]> * 1min reduction * docs: add GitHub Sponsors funding configuration Enable the Sponsor button on the repository by adding FUNDING.yml with the AndyMik90 GitHub Sponsors profile. * feat(github-pr): add orchestrating agent for thorough PR reviews Implement a new Opus 4.5 orchestrating agent that performs comprehensive PR reviews regardless of size. Key changes: - Add orchestrator_reviewer.py with strategic review workflow - Add review_tools.py with subagent spawning capabilities - Add pr_orchestrator.md prompt emphasizing thorough analysis - Add pr_security_agent.md and pr_quality_agent.md subagent prompts - Integrate orchestrator into pr_review_engine.py with config flag - Fix critical bug where findings were extracted but not processed (indentation issue in _parse_orchestrator_output) The orchestrator now correctly identifies issues in PRs that were previously approved as "trivial". Testing showed 7 findings detected vs 0 before the fix. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> * i18n * fix(github-pr): restrict pr_reviewer to read-only permissions The PR review agent was using qa_reviewer agent type which has Bash access, allowing it to checkout branches and make changes during review. Created new pr_reviewer agent type with BASE_READ_TOOLS only (no Bash, no writes, no auto-claude tools). This prevents the PR review from accidentally modifying code or switching branches during analysis. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> * fix(github-pr): robust category mapping and JSON parsing for PR review The orchestrator PR review was failing to extract findings because: 1. AI generates category names like 'correctness', 'consistency', 'testing' that aren't in our ReviewCategory enum - added flexible mapping 2. JSON sometimes embedded in markdown code blocks (```json) which broke parsing - added code block extraction as first parsing attempt Changes: - Add _CATEGORY_MAPPING dict to map AI categories to valid enum values - Add _map_category() helper function with fallback to QUALITY - Add severity parsing with fallback to MEDIUM - Add markdown code block detection (```json) before raw JSON parsing - Add _extract_findings_from_data() helper to reduce code duplication - Apply same fixes to review_tools.py for subagent parsing 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> * fix(pr-review): improve post findings UX with batch support and feedback - Fix post findings failing on own PRs by falling back from REQUEST_CHANGES to COMMENT when GitHub returns 422 error - Change status badge to show "Reviewed" instead of "Commented" until findings are actually posted to GitHub - Add success notification when findings are posted (auto-dismisses after 3s) - Add batch posting support: track posted findings, show "Posted" badge, allow posting remaining findings in additional batches - Show loading state on button while posting 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> * fix(github): resolve stale timestamp and null author bugs - Fix stale timestamp in batch_issues.py: Move updated_at assignment BEFORE to_dict() serialization so the saved JSON contains the correct timestamp instead of the old value - Fix AttributeError in context_gatherer.py: Handle null author/user fields when GitHub API returns null for deleted/suspended users instead of an empty object 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> * fix(security): address all high and medium severity PR review findings HIGH severity fixes: - Command Injection in autofix-handlers.ts: Use execFileSync with args array - Command Injection in pr-handlers.ts (3 locations): Use execFileSync + validation - Command Injection in triage-handlers.ts: Use execFileSync + label validation - Token Exposure in bot_detection.py: Pass token via GH_TOKEN env var MEDIUM severity fixes: - Environment variable leakage in subprocess-runner.ts: Filter to safe vars only - Debug logging in subprocess-runner.ts: Only log in development mode - Delimiter escape bypass in sanitize.py: Use regex pattern for variations - Insecure file permissions in trust.py: Use os.open with 0o600 mode - No file locking in learning.py: Use FileLock + atomic_write utilities - Bare except in confidence.py: Log error with specific exception info - Fragile module import in pr_review_engine.py: Import at module level - State transition validation in models.py: Enforce can_transition_to() 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> * PR followup * fix(security): add usedforsecurity=False to MD5 hash calls MD5 is used for generating unique IDs/cache keys, not for security purposes. Adding usedforsecurity=False resolves Bandit B324 warnings. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> * fix(security): address all high-priority PR review findings Fixes 5 high-priority issues from Auto Claude PR Review: 1. orchestrator_reviewer.py: Token budget tracking now increments total_tokens from API response usage data 2. pr_review_engine.py: Async exceptions now re-raise RuntimeError instead of silently returning empty results 3. batch_issues.py: IssueBatch.save() now uses locked_json_write for atomic file operations with file locking 4. project-middleware.ts: Added validateProjectPath() to prevent path traversal attacks (checks absolute, no .., exists, is dir) 5. orchestrator.py: Exception handling now logs full traceback and preserves exception type/context in error messages 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> * fix(security): address all high-priority PR review findings Fixes 5 high-priority issues from Auto Claude PR Review: 1. orchestrator_reviewer.py: Token budget tracking now increments total_tokens from API response usage data 2. pr_review_engine.py: Async exceptions now re-raise RuntimeError instead of silently returning empty results 3. batch_issues.py: IssueBatch.save() now uses locked_json_write for atomic file operations with file locking 4. project-middleware.ts: Added validateProjectPath() to prevent path traversal attacks (checks absolute, no .., exists, is dir) 5. orchestrator.py: Exception handling now logs full traceback and preserves exception type/context in error messages 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> * feat(ui): add PR status labels to list view Add secondary status badges to the PR list showing review state at a glance: - "Changes Requested" (warning) - PRs with blocking issues (critical/high) - "Ready to Merge" (green) - PRs with only non-blocking suggestions - "Ready for Follow-up" (blue) - PRs with new commits since last review The "Ready for Follow-up" badge uses a cached new commits check from the store, only shown after the detail view confirms new commits via SHA comparison. This prevents false positives from PR updatedAt timestamp changes (which can happen from comments, labels, etc). 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> * PR labels * auto-claude: Initialize subtask-based implementation plan - Workflow type: feature - Phases: 3 - Subtasks: 6 - Ready for autonomous implementation --------- Co-authored-by: Claude Opus 4.5 <[email protected]>
…yMik90#272) Bumps [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) from 4.0.15 to 4.0.16. - [Release notes](https://github.com/vitest-dev/vitest/releases) - [Commits](https://github.com/vitest-dev/vitest/commits/v4.0.16/packages/vitest) --- updated-dependencies: - dependency-name: vitest dependency-version: 4.0.16 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [@electron/rebuild](https://github.com/electron/rebuild) from 3.7.2 to 4.0.2. - [Release notes](https://github.com/electron/rebuild/releases) - [Commits](electron/rebuild@v3.7.2...v4.0.2) --- updated-dependencies: - dependency-name: "@electron/rebuild" dependency-version: 4.0.2 dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Andy <[email protected]>
Co-authored-by: danielfrey63 <[email protected]> Co-authored-by: Andy <[email protected]>
* fix(planning): accept bug_fix workflow_type alias * style(planning): ruff format * fix: refatored common logic * fix: remove ruff errors * fix: remove duplicate _normalize_workflow_type method Remove the incorrectly placed duplicate method inside ContextLoader class. The module-level function is the correct implementation being used. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> --------- Co-authored-by: danielfrey63 <[email protected]> Co-authored-by: Andy <[email protected]> Co-authored-by: AndyMik90 <[email protected]> Co-authored-by: Claude Opus 4.5 <[email protected]>
…ow (AndyMik90#276) When dry_run=true, the workflow skipped creating the version tag but build jobs still tried to checkout that non-existent tag, causing all 4 platform builds to fail with "git failed with exit code 1". Now build jobs checkout develop branch for dry runs while still using the version tag for real releases. Closes: GitHub Actions run #20464082726
…ndyMik90#894) * fix(ui): add Post Clean Review button for clean PR reviews (ACS-201) When a PR review completes with no findings or only LOW severity findings, users can now post a clean review comment to GitHub. This posts a COMMENT (not APPROVE/REQUEST_CHANGES) to document the review without changing the PR's review status. Changes: - Add "Post Clean Review" button when review is clean and no findings selected - Add translation keys for clean review button (en/fr) - Add 29 unit tests for clean review functionality - Reset clean review posted state when PR changes Affected files: - src/renderer/components/github-prs/components/PRDetail.tsx - src/shared/i18n/locales/en/common.json - src/shared/i18n/locales/fr/common.json - src/renderer/components/github-prs/components/__tests__/PRDetail.cleanReview.test.ts * test: improve clean review tests with integration tests and error handling - Add error handling (try/catch) to handlePostCleanReview function - Add PRDetail.integration.test.tsx with React Testing Library integration tests - Update PRDetail.cleanReview.test.ts with improved state reset tests - Tests verify cleanReviewPosted state resets when pr.number changes - Tests verify button visibility based on review cleanliness * test: fix TypeScript errors in integration tests - Add required prNumber and repo to PRReviewResult mocks - Add required title and fixable to PRReviewFinding mocks * fix: add error handling and improve integration tests PRDetail.tsx: - Add cleanReviewError state for tracking posting errors - Update handlePostCleanReview with proper try/catch/finally - Set error message on failure, clear on success - Display error in UI (red text with XCircle icon) - Reset error state when PR changes PRDetail.integration.test.tsx: - Add renderPRDetail helper function to reduce code duplication - Update first test to actually click button and verify success message - Add error handling test for failed clean review posts - Use fireEvent instead of userEvent (not installed) - Tests verify full flow: click → wait for success → verify state reset * fix: resolve TypeScript errors in integration test - Import PRReviewResult from correct path (useGitHubPRs) - Fix mock type to avoid explicit any warning * fix(tests): resolve TypeScript errors in PRDetail integration test Fixed Mock type assignment errors by: - Defining PostCommentFn type alias matching (body: string) => void | Promise<void> - Using vi.fn<PostCommentFn>() for properly typed mock - Updating overrides.onPostComment type in renderPRDetail helper Resolves CI TypeScript errors on lines 108, 171, 283. * i18n: replace hardcoded clean review message with translation keys Replace the inline cleanReviewMessage construction in handlePostCleanReview with i18n translation keys for better localization support. Changes: - Added cleanReviewMessageTitle, cleanReviewMessageStatus, and cleanReviewMessageFooter keys to en/common.json - Added corresponding French translations to fr/common.json - Updated handlePostCleanReview to compose message from translation keys - Removed comment about English being lingua franca (now translatable) Error handling and behavior remain unchanged. * fix: improve clean review error handling and prevent state leaks This commit addresses several issues with the clean review functionality: Error Display (line 832-860): - Replace raw error display with normalized/friendly message - Add "View details"/"Hide details" toggle for full error text - Use translation key 'failedPostCleanReview' for user-facing message - Log full error to console before rendering for debugging Race Condition Prevention (line 737, 760): - Post Clean Review button now checks (isPostingCleanReview || isPosting) - Approve button now checks (isPosting || isPostingCleanReview) - Both buttons disable during either posting operation State Leak Prevention (line 542-645): - Capture current pr.number at start of all posting handlers - Guard all setState calls with pr.number === currentPr check - Reset isPostingCleanReview in PR change effect (line 266) - Use Promise.resolve() for onPostComment to handle non-Promise implementations Locale Updates: - Keep GitHub PR comments in English-only (lingua franca policy) - French locale now uses same English text for comment messages - Add French translations for UI error messages Test Updates: - Update integration test to check for normalized error message - Add assertion for "View details" button presence All posting handlers now consistently: - Capture PR number before async operations - Guard state updates against PR changes - Clear loading state only if PR hasn't changed * test: fix test issues and add accessibility attributes Fixes for code review findings: Test Fixes: - Fix test 'should show clean review success message after posting clean review' to actually click the button and verify the success message appears - Add documentation to unit tests clarifying they test algorithm, not React behavior - Add JSDoc comment explaining algorithm tests vs integration tests Accessibility: - Add useId import and generate stable ID for error details - Add aria-expanded and aria-controls attributes to error toggle button - Add corresponding id to error details div for proper accessibility Documentation: - Add comment explaining inline error pattern vs Card-based pattern - Document why action bar errors use inline layout for consistency All 35 tests pass. * feat: add startedAt prop to match upstream develop branch Add startedAt: string | null property throughout the PR review state chain: - PRDetailProps interface - PRReviewState interface in pr-review-store.ts - All store actions (startPRReview, startFollowupReview, setPRReviewProgress, setPRReviewResult, setPRReviewError, setNewCommitsCheck) - UseGitHubPRsResult interface and hook extraction/return - GitHubPRs.tsx destructuring and JSX props - All PRDetail renders in integration tests This aligns with upstream develop branch changes. * fix: remove duplicate startedAt declarations --------- Co-authored-by: StillKnotKnown <[email protected]> Co-authored-by: Andy <[email protected]>
The extraResources entry for node_modules/@lydell/node-pty was producing a "file source doesn't exist" warning during builds because the directory is empty. This entry was carried over from the migration away from node-pty (commit e1aee6a) but is unnecessary for @lydell/node-pty. Background: - @lydell/node-pty uses platform-specific optional dependencies (@lydell/node-pty-darwin-arm64, -win32-x64, -linux-x64, etc.) - The base @lydell/node-pty directory contains only metadata, not binaries - electron-builder automatically detects and handles native .node modules - The platform-specific packages are included via npm's dependency resolution Tested: macOS arm64 build works correctly with terminal functionality intact. The native binaries are properly included in app.asar.unpacked via electron-builder's automatic native module detection. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]>
AndyMik90#912) * fix(planner): enforce implementation_plan schema * fix(logs): sync planning->coding phase to source * style(backend): ruff format * fix(progress): backfill empty description from title * fix(planner): prevent post-processing during planning * fix(planner): normalize phase_id and reuse alias mapping * fix(planner): address review suggestions * fix(progress): prevent phase field overrides * test(planner): avoid hardcoded planner.md path * fix(auto-fix): normalize phase_id and depends_on * fix(planner): harden plan normalization edge cases * fix(auto-fix): handle file I/O errors
…ror (ACS-215) (AndyMik90#924) * fix(graphiti): add isinstance(dict) validation to prevent AttributeError (ACS-215) Add isinstance(data, dict) check before processing Graphiti search results to prevent crashes when non-dict objects are returned. This fixes AttributeError: 'str' object has no attribute 'get' in session history retrieval. Affected methods: - get_session_history() - primary bug location - get_similar_task_outcomes() - consistency fix - get_patterns_and_gotchas() - consistency fix (2 locations) Also add comprehensive unit tests for the bug fix. * style(tests): fix import order in test_graphiti_search.py Move 'import sys' to top-level imports before sys_path assignment. * refactor(tests): improve test coverage and use pytest-asyncio pattern - Add idempotent guard for sys.path mutation to prevent leaks - Remove unused spec_dir fixture from graphiti_search - Fix non-dict objects to include EPISODE_TYPE markers for proper testing - Fix invalid JSON test to include EPISODE_TYPE_SESSION_INSIGHT marker - Convert all tests to use @pytest.mark.asyncio, async def, and await - Improves test coverage for isinstance(dict) guard in all search methods * fix(tests): correct mock_client.graphiti.search reference Fix typo where mock_client.graphiti_search was used instead of mock_client.graphiti.search in test setup. * refactor(tests): remove unused asyncio import Tests now use @pytest.mark.asyncio pattern which doesn't require direct asyncio module usage. --------- Co-authored-by: StillKnotKnown <[email protected]> Co-authored-by: Andy <[email protected]>
…ndyMik90#905) * fix(memory): use shared project-wide memory for cross-spec learning Task execution memory was isolated per spec (GroupIdMode.SPEC), preventing learnings from one spec from benefiting other specs. Changed all GraphitiMemory instantiations to use GroupIdMode.PROJECT for shared project-wide context. This aligns task memory with PR review memory, which already uses shared databases for cross-session learning. Fixes AndyMik90#205 * refactor(memory): centralize GraphitiMemory instantiation via helper Use the existing get_graphiti_memory helper function instead of directly instantiating GraphitiMemory in multiple places. This reduces code duplication and improves maintainability by having a single source of truth for memory creation. The helper already uses GroupIdMode.PROJECT for cross-spec learning, so this refactor maintains the original fix while centralizing the logic. Addresses review comments on AndyMik90#905 * refactor(memory): improve error handling for GraphitiMemory instantiation Move get_graphiti_memory() calls inside try/except blocks to properly catch construction errors. Also use explicit 'is None' checks instead of truthiness to avoid surprising __bool__ behavior. - In get_graphiti_context: Move memory creation inside try block - In save_session_memory: Move memory creation inside try block - In _save_to_graphiti_async: Remove redundant is_graphiti_enabled check, use 'is None' for explicit None checking These changes ensure that any construction errors are caught and handled, allowing graceful fallback to file-based memory. Addresses additional review comments on AndyMik90#905 * style(memory): use explicit None checks in finally blocks Replace truthy checks with explicit 'is not None' checks in finally blocks for consistency with other explicit None checks in memory_manager.py. Addresses review comment on AndyMik90#905 * fix(memory): use explicit None check in second finally block Update the finally block in save_session_memory to use explicit None check for consistency. The first finally block was updated but this one was missed. Addresses remaining review comment on AndyMik90#905 * refactor(memory): use finally block for consistent cleanup in save_to_graphiti_async Refactor save_to_graphiti_async to use a finally block with explicit None check for resource cleanup, matching the pattern established in memory_manager.py. Previously, close() was called in both the try and except blocks, which could lead to resource leaks in certain edge cases. The finally block ensures cleanup always occurs. Addresses CodeRabbit review feedback on AndyMik90#905 * refactor(memory): add type hints and improve cleanup safety - Add return type annotation to get_graphiti_memory() using TYPE_CHECKING to avoid circular imports while keeping call sites honest - Wrap memory.close() in try/except within finally blocks to prevent close() exceptions from overriding success/failure flows - Use explicit 'memory is not None' checks to avoid misleading warnings when memory isn't available - Distinguish between 'memory is None' (not available) and 'memory.is_enabled is False' (disabled) for clearer logging Addresses CodeRabbit review feedback on AndyMik90#905 * fix(memory): wrap close() in try/except in save_to_graphiti_async finally Wrap graphiti.close() in try/except within the finally block to prevent close() exceptions from overriding successful outcomes. This matches the pattern established in memory_manager.py for consistent resource cleanup. Addresses CodeRabbit review feedback on AndyMik90#905 * fix(memory): address follow-up review findings - Wrap close() in try/except in tools/memory.py finally block to match the pattern in graphiti_helpers.py and memory_manager.py, preventing close() exceptions from overriding successful outcomes - Update get_graphiti_memory() default in integrations/graphiti/memory.py from GroupIdMode.SPEC to GroupIdMode.PROJECT for consistency with the PR's intent of enabling cross-spec learning by default - Add deprecation note explaining the default change Addresses follow-up review findings on AndyMik90#905: - NEW-001: Inconsistent close() handling - e87df0a37e94: Duplicate get_graphiti_memory function with different default * refactor(memory): log close failures at debug level Update all finally blocks to log memory.close() failures at debug level instead of silently swallowing them. This provides useful diagnostics while still preventing close() exceptions from overriding the main result. Changes: - tools/memory.py: Add logger.debug() with exc_info for close failures - graphiti_helpers.py: Add logger.debug() with exc_info for close failures - memory_manager.py: Add logger.debug() with exc_info for close failures (2 locations) The debug-level logging ensures close failures are visible for debugging but do not affect the primary operation outcome. Addresses review feedback on AndyMik90#905 * fix(memory): log close failures in nested finally block Add debug logging to the nested finally block in save_session_memory that was missed by the previous replace_all operation due to different indentation levels. This ensures all close failures are logged at debug level for debugging purposes while still preventing them from overriding the main result. Addresses review feedback on AndyMik90#905 * fix(logging): use exc_info=True for proper traceback in debug logs Change logger.debug calls to use exc_info=True instead of exc_info=e when logging close failures. This ensures the current exception's traceback is included in the log output for better debugging. exc_info=e only includes the exception object but not the traceback, while exc_info=True captures the full traceback information from the current exception context. Changes: - memory_manager.py: Update both finally blocks (2 locations) - graphiti_helpers.py: Update finally block - tools/memory.py: Update finally block Addresses review feedback on AndyMik90#905 --------- Co-authored-by: StillKnotKnown <[email protected]> Co-authored-by: Andy <[email protected]>
…ling (AndyMik90#839) * fix(ACS-175): Resolve integrations freeze and improve rate limit handling * fix(i18n): replace hardcoded toast strings with translation keys Addresses CodeRabbit review feedback on PR AndyMik90#839: - OAuthStep.tsx: use t() for all toast messages - RateLimitModal.tsx: use t() for toast messages - SDKRateLimitModal.tsx: add useTranslation hook, use t() for toasts - Add toast translation keys to en/fr onboarding.json and common.json * fix: replace console.log with debugLog in IntegrationSettings Addresses CodeRabbit review feedback - use project's debug logging utility for consistent and toggle-able logging in production. * fix: replace console.log with debugLog in main process files Addresses Auto-Claude PR Review feedback: - terminal-handlers.ts: 14 console.log → debugLog - pty-manager.ts: 10 console.log → debugLog/debugError - terminal-manager.ts: 4 console.log → debugLog/debugError Also fixes: - Extract magic numbers to CHUNKED_WRITE_THRESHOLD/CHUNK_SIZE constants - Add terminal validity check before chunked writes - Consistent error handling (no rethrow for fire-and-forget semantics) * fix: address Auto Claude PR review findings - console.error→debugError + i18n - Replace 8 remaining console.error/warn calls with debugError/debugLog: - terminal-handlers.ts: lines 59, 426, 660, 671 - terminal-manager.ts: lines 88, 320 - pty-manager.ts: lines 88, 141 - Fixed duplicate logging in exception handler - Add comprehensive i18n for SDKRateLimitModal.tsx (~20 strings): - Added rateLimit.sdk.* keys with swap notifications, buttons, labels - EN + FR translations in common.json - Add comprehensive i18n for OAuthStep.tsx (~15 strings): - Added oauth.badges.*, oauth.buttons.*, oauth.labels.* keys - EN + FR translations in onboarding.json All MEDIUM severity findings resolved except race condition (deferred). * fix: address Auto Claude PR review findings - race condition + console.error - Fix race condition in chunked PTY writes by serializing writes per terminal using Promise chaining (prevents interleaving of concurrent large writes) - Fix missing 't' in useEffect dependency array in OAuthStep.tsx - Convert all remaining console.error calls to debugError for consistency: - IntegrationSettings.tsx (9 occurrences) - RateLimitModal.tsx (3 occurrences) - SDKRateLimitModal.tsx (4 occurrences) Co-Authored-By: Claude Opus 4.5 <[email protected]> Signed-off-by: Black Circle Sentinel <[email protected]> --------- Signed-off-by: Black Circle Sentinel <[email protected]> Co-authored-by: Andy <[email protected]> Co-authored-by: Adam Slaker <[email protected]> Co-authored-by: Claude Opus 4.5 <[email protected]>
… messages (ACS-219) (AndyMik90#933) * fix(frontend): strip ANSI escape codes from roadmap/ideation progress messages (ACS-219) - Create ansi-sanitizer.ts utility with stripAnsiCodes() function - Apply to roadmap and ideation progress handlers in agent-queue.ts - Add 34 comprehensive test cases covering ANSI escape patterns - Fixes raw escape codes (e.g., \x1b[90m) displaying in UI * fix(frontend): extract first line before truncating roadmap progress messages Make roadmap progress message construction consistent with ideation by extracting the first line (split by newline) before applying the 200 character truncation. This ensures multi-line log output doesn't display partial lines in the UI. * refactor(frontend): extract repeated status message formatting to helper Add formatStatusMessage() helper function to centralize the sanitize+truncate pattern used in progress message handlers. This improves maintainability by: - Adding STATUS_MESSAGE_MAX_LENGTH constant (200) - Encapsulating ANSI stripping, line extraction, and truncation - Replacing 4 duplicated call sites with single helper Refactors lines 442, 461, 704, 718 to use formatStatusMessage(log). --------- Co-authored-by: StillKnotKnown <[email protected]>
…ndyMik90#918) * fix(frontend): prevent "Render frame was disposed" crash (ACS-211) Add safeSendToRenderer helper that validates frame state before IPC sends. Prevents app crash when renderer frames are disposed during heavy agent output. Fixes AndyMik90#211 Signed-off-by: StillKnotKnown <[email protected]> * refactor(utils): replace setInterval with timestamp-based cooldown, add \r\n support - Replace setInterval-based cooldown with timestamp Map approach to avoid timer leaks - Add isWithinCooldown() and recordWarning() helper functions - Optionally prune old entries when Map exceeds 100 entries - Update parseEnvFile to handle Windows \r\n line endings with /\r?\n/ regex Signed-off-by: StillKnotKnown <[email protected]> * refactor(utils): enforce hard cap of 100 entries in pruning logic - First remove expired entries (outside cooldown period) - If still over 100 entries, remove oldest by insertion order - Ensures Map never exceeds 100 entries even during heavy load Signed-off-by: StillKnotKnown <[email protected]> * test: fix module-level state issue in pruning tests - Add _clearWarnTimestampsForTest() helper to clear module-level Map - Call clear in parent beforeEach to ensure clean state for each test - Simplify pruning tests to avoid complex cooldown timing issues - All 28 tests now pass * fix: update generation-handlers.ts to use safeSendToRenderer Addresses finding NEW-003 from follow-up review: - Import safeSendToRenderer from '../utils' - Replace all 5 direct webContents.send() calls with safeSendToRenderer - Add getMainWindow wrapper for each function This ensures ideation generation IPC messages are protected from "Render frame was disposed" crashes. Related: ACS-211 --------- Signed-off-by: StillKnotKnown <[email protected]> Co-authored-by: StillKnotKnown <[email protected]>
…CS-209) (AndyMik90#915) * fix(core): implement atomic JSON writes to prevent file corruption (ACS-209) - Add write_json_atomic() utility using temp file + os.replace() - Add async_save() to ImplementationPlan for non-blocking I/O - Update planner.py to use async_save() in async context - Add 'error' status to TaskStatus for corrupted files - Enhance ProjectStore error handling to surface parse errors - Add recovery CLI utility (cli/recovery.py) for detecting/fixing corrupted files This fixes JSON parse errors that caused tasks to be silently skipped when implementation_plan.json was corrupted during crashes/interrupts. * fix(i18n): add error column to task status constants and translations - Add 'error' to TASK_STATUS_COLUMNS array - Add 'error' label and color to TASK_STATUS_LABELS and TASK_STATUS_COLORS - Add 'columns.error' translation key to en/tasks.json and fr/tasks.json This fixes TypeScript errors in KanbanBoard.tsx where the Record type was missing the 'error' status that was added to TaskStatus type. * refactor: improve code quality and add i18n support for error messages Backend improvements: - Fix duplicate JSON check in recovery.py (remove redundant plan_file check) - Update find_specs_dir return type to Path (always returns valid path) - Replace deprecated asyncio.get_event_loop() with asyncio.get_running_loop() - Use functools.partial for cleaner async_save implementation Frontend improvements: - Add TaskErrorInfo type for structured error information - Update project-store.ts to use errorInfo for i18n-compatible error messages - Tighten typing of TASK_STATUS_LABELS and TASK_STATUS_COLORS to use TaskStatusColumn - Add error column to KanbanBoard grouped tasks initialization - Add en/fr errors.json translation files for parse error messages * docs: add errors.json to i18n translation namespaces - Document new errors.json namespace for error messages - Add example showing interpolation/substitution pattern for dynamic error content * refactor: typing improvements, i18n fixes, and error UX enhancements Backend typing: - Add explicit return type hint (-> None) to main() in recovery.py - Add explicit return type hint (-> None) to async_save() in plan.py - Make recovery.py exit with code 1 when corrupted files are detected Error handling improvements: - Include specId in errorInfo meta for better error context - Cap error message length at 500 characters to prevent bloat - Update error translation keys to include specId substitution Frontend improvements: - Conditionally add reviewReason/errorInfo to task objects only when defined - Add 'error' case to KanbanBoard empty state with AlertCircle icon - Fix hardcoded "Refreshing..."/"Refresh Tasks" strings to use i18n i18n additions: - Add emptyError/emptyErrorHint to en/fr tasks.json - Add refreshing/refreshTasks to en/fr translation files * refactor: code quality improvements - Remove error truncation in recovery.py (show full error for debugging) - Extract duplicate timestamp/status update logic to _update_timestamps_and_status() helper - Fix MD031 in CLAUDE.md (add blank line before fenced code block) * refactor: code quality improvements - Remove error truncation in recovery.py (show full error for debugging) - Extract duplicate timestamp/status update logic to _update_timestamps_and_status() helper - Fix MD031 in CLAUDE.md (add blank line before fenced code block) * refactor: naming and typing improvements - Update docstring examples in recovery.py (--fix -> --delete) - Rename delete_corrupted_file to backup_corrupted_file for clarity - Add return type annotation -> None to save() method * fix: add error status handling to TaskCard - Add 'error' case to getStatusBadgeVariant() returning 'destructive' - Add 'error' case to getStatusLabel() returning t('columns.error') - Start/stop buttons already exclude error tasks (backlog/in_progress only) * fix: address PR review feedback Backend changes: - recovery.py: Change [DELETE] to [BACKUP] in output message to match operation - recovery.py: Replace startswith with is_relative_to for proper path validation - recovery.py: Handle existing .corrupted backup files with unique timestamp suffix - file_utils.py: Add Iterator[IO[str]] return type annotation to atomic_write Frontend changes: - KanbanBoard.tsx: Use column-error CSS class instead of inline border-t-destructive - globals.css: Add .column-error rule with destructive color for consistency - tasks.json: Add top-level refreshTasks translation key for en/fr locales * fix: address follow-up review findings Backend changes: - file_utils.py: Handle binary mode correctly (encoding=None for 'b' in mode) - file_utils.py: Change return type to Iterator[IO] for broader type support - file_utils.py: Add docstring note about binary mode support - plan.py: Fix async_save to restore state on write failure (captures timestamps) Frontend changes: - project-store.ts: Add 'error' to statusMap to preserve error status - project-store.ts: Add early return for 'error' status like 'done'/'pr_created' - task-store.ts: Allow recovery from error status to backlog/in_progress - task-store.ts: Allow transitions to error without completion validation * fix: address follow-up review findings Backend changes: - file_utils.py: Handle binary mode correctly (encoding=None for 'b' in mode) - file_utils.py: Change return type to Iterator[IO] for broader type support - file_utils.py: Add docstring note about binary mode support - plan.py: Fix async_save to restore state on write failure (captures timestamps) Frontend changes: - project-store.ts: Add 'error' to statusMap to preserve error status - project-store.ts: Add early return for 'error' status like 'done'/'pr_created' - task-store.ts: Allow recovery from error status to backlog/in_progress - task-store.ts: Allow transitions to error without completion validation * fix: address third follow-up review findings Backend changes: - recovery.py: Change spec_dir.glob to spec_dir.rglob for recursive JSON scan - file_utils.py: Fix fd leak when os.fdopen raises (close fd and unlink tmp_path) - plan.py: Capture full state with to_dict() for robust rollback in async_save * fix: address final review quality suggestions Backend changes: - plan.py: Add NOTE comment about rollback fields maintenance - file_utils.py: Add logging.warning for temp file cleanup failures * fix: address final review quality suggestions Backend changes: - plan.py: Add NOTE comment about rollback fields maintenance - file_utils.py: Add logging.warning for temp file cleanup failures * fix: address final review quality suggestions Backend changes: - plan.py: Add NOTE comment about rollback fields maintenance - file_utils.py: Add logging.warning for temp file cleanup failures * fix: include stack trace in temp file cleanup failure logging Add exc_info=True to logging.warning call when temp file cleanup fails. This captures the full stack trace for better postmortem debugging of orphaned temp files. --------- Co-authored-by: StillKnotKnown <[email protected]> Co-authored-by: Andy <[email protected]>
…yMik90#945) (AndyMik90#946) * fix(workspace): auto-rebase spec branch when behind before merge (ACS-224) When the "Merge with AI" button is clicked and the spec branch is behind the target branch, the system now automatically rebases before attempting to merge. Previously, the merge preview correctly detected the "behind" state but the actual merge process would fail with conflict errors. Changes: - Enhanced _check_git_conflicts() to detect needs_rebase and commits_behind - Added _rebase_spec_branch() to automatically rebase spec branch - Integrated rebase logic into _try_smart_merge_inner() before conflict resolution - Added 10 comprehensive tests for rebase detection and execution * fix(workspace): correct rebase invocation and use run_git helper Fixes issues in _rebase_spec_branch function: - Use run_git() instead of subprocess.run for allowlist compliance - Fix fragile git rebase arg order - use standard invocation - Remove misleading --strategy-option=theirs (not actually used) - Return False when conflicts abort (no ref movement occurred) - Verify branch actually moved after successful rebase Also updates test to check both .git/rebase-merge and .git/rebase-apply directories for robust git version compatibility. * fix: address PR review findings for rebase function Fixes 7 issues identified in PR review: HIGH: - Save and restore original branch after rebase (prevents leaving repo on spec branch) MEDIUM: - Return True when branch is already up-to-date (success, not failure) - Fix conflict detection to parse git status codes properly (not 'U' substring) - Check rebase abort result for inconsistent state LOW: - Remove unused variables git_dir and git_backup from test - Deduplicate git_conflicts.get('commits_behind', 0) call - Rename test to accurately describe what it tests * fix: address follow-up PR review findings Additional fixes from code review: workspace.py: - Remove duplicate "UD" from conflict status codes tuple - Add returncode check for original_branch_result with proper validation - Guard finally block restore with original_branch validity check - Replace subprocess.run with run_git for rev-list call - Add error logging when rev-list fails test_workspace.py: - Remove duplicate test test_rebase_handles_nonexistent_branch_gracefully (redundant with test_rebase_spec_branch_invalid_branch) - Strengthen merge assertion from "is not None" to "is True" * fix: replace remaining subprocess.run with run_git and add comprehensive tests workspace.py: - Replace all subprocess.run calls in _check_git_conflicts with run_git for consistent error handling, timeout handling, and centralized logging test_workspace.py: - Add test_rebase_spec_branch_already_up_to_date to verify function returns True when spec branch is already current - Add test_check_git_conflicts_handles_detached_head to verify graceful handling of detached HEAD state - Add test_check_git_conflicts_handles_corrupted_repo to verify graceful handling of corrupted .git directory with proper cleanup - Fix test_check_git_conflicts_no_commits_behind to checkout main before assertion (was comparing spec to itself, always returning 0) Test count: 42 -> 45 (+3 new tests) * fix: remove unused tempfile import from test * fix(workspace): final PR review fixes for ACS-224 rebase functionality This commit addresses the final batch of PR review findings for the rebase functionality added in ACS-224. All 45 tests pass. Changes: - NEW-001: Added branch restoration failure tracking and logging in finally block (noted limitation: cannot return False from finally block) - NEW-002: Added abort_failed tracking and checks before returning True to propagate abort failures to caller - NEW-004: Added state verification assertions to test_rebase_spec_branch_invalid_branch to verify current branch, no rebase state directories, and clean git status - LOGIC-002: Wrapped int() conversion in try-except to handle malformed rev-list output gracefully - LOGIC-003: Simplified redundant condition from checking both needs_rebase and commits_behind > 0 to just checking needs_rebase (which implies > 0) Files modified: - apps/backend/core/workspace.py: Added abort_failed tracking and error handling - tests/test_workspace.py: Added repo state verification assertions Related: ACS-224 * fix(workspace): fix CodeQL warnings for unreachable code and unused variable CodeQL detected unreachable code and unused variable issues in the rebase function. The abort_failed flag was only set when rebase failed, but was only checked in the success path (making it unreachable). Fixed by: - Removing abort_failed variable and its unreachable checks - Immediately returning False when abort fails (cannot safely continue) - Simplifying the finally block comment to reflect actual behavior All 45 tests pass. Related: ACS-224 --------- Co-authored-by: StillKnotKnown <[email protected]>
* chore: bump version to 2.7.3 * chore: update CHANGELOG for version 2.7.3, highlighting new features, improvements, and bug fixes --------- Co-authored-by: Test User <[email protected]>
- Merge main into develop to sync 6 missing commits (v2.7.2 hotfixes, CI fixes) - Keep develop's 2.7.3 release content for CHANGELOG and features - Fix CodeQL issues: - Add comments to empty except blocks in git_executable.py - Add comments to empty except blocks in modification_tracker.py - Add comments to empty except blocks in pr_worktree_manager.py - Consolidate ctypes imports in capabilities.py - Remove unused imports (sys, time, timedelta, pytest) from test files - Keep main's shell variable interpolation fix in release.yml Co-Authored-By: Claude Opus 4.5 <[email protected]>
- Fix shell command injection vulnerability in cli-tool-manager.ts by using cmd.exe with argument array instead of string interpolation - Fix unused variables in test files (PRDetail.test.tsx, ReviewStatusTree.test.tsx) - Remove unused 'issues' destructuring in GitLabIssues.tsx - Fix unused 'merge_base' variable in workspace.py - Remove INVESTIGATION.md (temporary investigation document) Co-Authored-By: Claude Opus 4.5 <[email protected]>
- Fix prepare-release.yml to use npx semver for proper version comparison (sort -V incorrectly ranked 2.7.3-beta.1 > 2.7.3) - Add workflow_dispatch trigger with force option for manual releases - Fix CHANGELOG.md formatting (remove # that caused header rendering) Co-Authored-By: Claude Opus 4.5 <[email protected]>
…ibility The terminal command generation was using bash-style syntax (&&, PATH='...', :) which fails in PowerShell. This fix: - Add ShellType tracking to TerminalProcess interface - Detect shell type (PowerShell, cmd, bash, zsh) when spawning PTY - Generate shell-appropriate command syntax: - PowerShell: Set-Location, $env:PATH=, ; separator - cmd.exe: cd /d, set "PATH=", && separator - bash/zsh: cd, PATH=, && separator (existing behavior) - Add escapeShellArgPowerShell() for PowerShell string escaping Fixes: "The token '&&' is not a valid statement separator" error when invoking Claude in PowerShell terminals on Windows. Co-Authored-By: Claude Opus 4.5 <[email protected]>
- Add escapeCommandForShell() that uses & operator for PowerShell execution - Add getClearCommand() for shell-specific screen clearing (cls/clear) - Fix escapeShellArg() backslash escape sequence regression - Update tests for cross-platform compatibility (Windows path handling) - Add explicit shellType to test mock for consistent behavior Fixes PowerShell command not executing (was just printing path). Co-Authored-By: Claude Opus 4.5 <[email protected]>
- Fix cmd.exe command injection: escape % in PATH assignment - Simplify escapeShellArgWindows: inside double quotes, only % needs escaping (&|<>^ are literals in quoted context) - Fix no-case-declarations lint error: wrap default case in braces - Remove unused buildCdCommand import Co-Authored-By: Claude Sonnet 4.5 <[email protected]>
- Add isBashCompatibleShell() to check if shell supports bash features - Add bash compatibility checks before using temp-file/config-dir methods - Fix platform-aware shellType fallback (cmd on Windows, bash on Unix) - Fix shell detection false positives (precise matching for cmd.exe) - Add double quote validation to escapeShellArgWindows (throws on quotes) - Add comprehensive unit tests for shell-escape functions (56 tests) - Add unit tests for detectShellType in pty-manager (25 tests) - Add tests for isBashCompatibleShell and shell type variations - Fix progress bar case-sensitivity issue in agent-events.ts Co-Authored-By: Claude Opus 4.5 <[email protected]>
VDT-91
force-pushed
the
fix/windows-powershell-terminal-commands
branch
from
8d09aca to
9514c2c
Compare
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Actionable comments posted: 2
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (3)
apps/frontend/src/main/agent/agent-events.ts (1)
48-61: Consider i18n for progress messages (optional, pre-existing).The hardcoded message strings (e.g.,
'Discovering project context...','Gathering requirements...') are potentially user-facing. Per coding guidelines, these should use translation keys. This is pre-existing and out of scope for this PR, but worth noting for future improvement.apps/frontend/src/main/terminal/claude-integration-handler.ts (2)
430-474: Consider user notification for profile feature limitation.When a non-bash shell is detected and the profile has a token or configDir, the code silently falls back to the default method. This means OAuth token injection won't work for PowerShell/cmd users.
The
console.warnhelps with debugging, but users won't know why their profile switch isn't working as expected. Consider:
- Sending an IPC notification to the renderer to show a user-facing warning
- Or documenting this limitation in the UI when users select non-default profiles on Windows
595-678: Code duplication between sync and async invoke methods.The shell-aware logic in
invokeClaudeAsyncis nearly identical toinvokeClaude. Consider extracting the shared logic (shell type resolution, command building, profile handling) into a helper function that both methods can call, differing only in their async/sync I/O operations.This would reduce maintenance burden when updating shell handling logic.
🤖 Fix all issues with AI agents
In @apps/frontend/src/main/terminal/__tests__/pty-manager.test.ts:
- Around line 127-147: The tests directly mutate process.platform using
Object.defineProperty in the "should return unknown for unrecognized Windows
shells" and "should fallback to bash for unrecognized Unix shells" blocks;
switch to using vitest's vi.stubGlobal to stub process.platform (e.g.,
vi.stubGlobal('process', { ...process, platform: 'win32' }) and similarly for
'darwin') and remove manual restores, or ensure you call the returned restore
function from vi.stubGlobal; update the two tests that call detectShellType(...)
to use vi.stubGlobal instead of Object.defineProperty for safer, cleaner
platform mocking while keeping the same assertions.
In @apps/frontend/src/main/terminal/claude-integration-handler.ts:
- Around line 406-414: The fallback shell on Windows currently defaults to 'cmd'
when terminal.shellType is undefined, which may cause issues for users on modern
Windows systems where PowerShell is standard. Update the fallback logic in the
section using shellType (around the terminal.shellType assignment) to use
'powershell' instead of 'cmd' for Windows platforms. Additionally, add a console
warning logging which fallback shell was chosen when terminal.shellType is not
detected to help with troubleshooting shell detection failures.
📜 Review details
Configuration used: Path: .coderabbit.yaml
Review profile: ASSERTIVE
Plan: Pro
⛔ Files ignored due to path filters (1)
package-lock.jsonis excluded by!**/package-lock.json,!**/package-lock.json
📒 Files selected for processing (10)
apps/frontend/src/main/__tests__/agent-events.test.tsapps/frontend/src/main/agent/agent-events.tsapps/frontend/src/main/terminal/__tests__/claude-integration-handler.test.tsapps/frontend/src/main/terminal/__tests__/pty-manager.test.tsapps/frontend/src/main/terminal/claude-integration-handler.tsapps/frontend/src/main/terminal/pty-manager.tsapps/frontend/src/main/terminal/terminal-lifecycle.tsapps/frontend/src/main/terminal/types.tsapps/frontend/src/shared/utils/__tests__/shell-escape.test.tsapps/frontend/src/shared/utils/shell-escape.ts
🧰 Additional context used
📓 Path-based instructions (2)
apps/frontend/src/**/*.{tsx,ts}
📄 CodeRabbit inference engine (CLAUDE.md)
apps/frontend/src/**/*.{tsx,ts}: Use i18n translation keys for all user-facing text in the frontend. All labels, buttons, messages must use translation keys from react-i18next with namespace:section.key format (e.g., 'navigation:items.githubPRs').
Never use hardcoded strings for UI text in JSX/TSX files. Always use translation keys via useTranslation() hook.
Files:
apps/frontend/src/main/__tests__/agent-events.test.tsapps/frontend/src/main/terminal/types.tsapps/frontend/src/main/terminal/__tests__/pty-manager.test.tsapps/frontend/src/shared/utils/__tests__/shell-escape.test.tsapps/frontend/src/main/terminal/terminal-lifecycle.tsapps/frontend/src/main/terminal/pty-manager.tsapps/frontend/src/main/agent/agent-events.tsapps/frontend/src/main/terminal/__tests__/claude-integration-handler.test.tsapps/frontend/src/main/terminal/claude-integration-handler.tsapps/frontend/src/shared/utils/shell-escape.ts
apps/frontend/**/*.{ts,tsx}
⚙️ CodeRabbit configuration file
apps/frontend/**/*.{ts,tsx}: Review React patterns and TypeScript type safety.
Check for proper state management and component composition.
Files:
apps/frontend/src/main/__tests__/agent-events.test.tsapps/frontend/src/main/terminal/types.tsapps/frontend/src/main/terminal/__tests__/pty-manager.test.tsapps/frontend/src/shared/utils/__tests__/shell-escape.test.tsapps/frontend/src/main/terminal/terminal-lifecycle.tsapps/frontend/src/main/terminal/pty-manager.tsapps/frontend/src/main/agent/agent-events.tsapps/frontend/src/main/terminal/__tests__/claude-integration-handler.test.tsapps/frontend/src/main/terminal/claude-integration-handler.tsapps/frontend/src/shared/utils/shell-escape.ts
🧬 Code graph analysis (5)
apps/frontend/src/main/terminal/__tests__/pty-manager.test.ts (1)
apps/frontend/src/main/terminal/pty-manager.ts (1)
detectShellType(32-75)
apps/frontend/src/shared/utils/__tests__/shell-escape.test.ts (1)
apps/frontend/src/shared/utils/shell-escape.ts (10)
escapeShellArg(26-31)escapeShellArgPowerShell(47-52)escapeShellArgWindows(66-78)escapeShellArgForShell(87-99)escapeCommandForShell(111-124)escapeShellPath(132-134)buildCdCommand(144-158)buildCdCommandForShell(167-188)buildPathPrefixForShell(197-221)isPathSafe(231-248)
apps/frontend/src/main/terminal/pty-manager.ts (1)
apps/frontend/src/main/terminal/types.ts (1)
ShellType(9-9)
apps/frontend/src/main/terminal/__tests__/claude-integration-handler.test.ts (1)
apps/frontend/src/main/terminal/claude-integration-handler.ts (2)
buildClaudeShellCommand(98-120)isBashCompatibleShell(63-65)
apps/frontend/src/shared/utils/shell-escape.ts (1)
apps/frontend/src/main/terminal/types.ts (1)
ShellType(9-9)
🔇 Additional comments (28)
apps/frontend/src/main/agent/agent-events.ts (1)
43-43: LGTM! Case-insensitive matching implementation is clean and consistent.The approach of creating
lowerLogonce and reusing it for all comparisons is efficient. The implementation correctly preserves the originallogfor structured markers like__TASK_LOG_(line 32) while usinglowerLogfor pattern matching.Also applies to: 146-147, 182-183
apps/frontend/src/main/__tests__/agent-events.test.ts (1)
531-584: LGTM! Good test coverage for case-insensitivity.The new tests comprehensively verify case-insensitive matching for both
parseRoadmapProgressandparseIdeationProgress. Combined with existing uppercase tests (e.g.,'PROJECT ANALYSIS starting'), the test suite now covers the full case spectrum (uppercase, mixed-case, lowercase).apps/frontend/src/main/terminal/types.ts (2)
5-9: LGTM!The
ShellTypeunion is well-defined, covering the major shells (bash, zsh, PowerShell variants, cmd) with anunknownfallback. This provides a solid foundation for shell-aware command generation.
28-29: LGTM!Adding
shellTypeas an optional property toTerminalProcessis appropriate since shell detection may not always succeed. The JSDoc comment clearly explains its purpose.apps/frontend/src/main/terminal/terminal-lifecycle.ts (2)
69-75: LGTM!The destructuring of
spawnPtyProcessresult correctly captures both the PTY process and the detected shell type. This aligns with the updatedSpawnResultinterface frompty-manager.ts.
87-88: LGTM!The
shellTypeis correctly propagated to theTerminalProcessobject, enabling shell-aware command generation downstream.apps/frontend/src/main/terminal/__tests__/pty-manager.test.ts (1)
76-84: LGTM!Good test coverage for preventing false positives when paths contain "cmd" as a substring. This validates the precise matching logic that avoids misidentifying paths like
mycmdtool\bash.exeas cmd.exe.apps/frontend/src/shared/utils/__tests__/shell-escape.test.ts (3)
1-21: LGTM!Comprehensive test file covering shell escaping utilities across POSIX, PowerShell, and cmd.exe. The imports are complete and the test structure is well-organized.
42-49: LGTM!Excellent security-focused tests validating that command injection attempts are safely wrapped in single quotes. This confirms the escaping logic prevents shell metacharacter exploitation.
111-115: LGTM!Good test for the defensive behavior that throws on double quotes in cmd.exe paths. This is the correct approach since double quotes cannot be reliably escaped inside double-quoted strings in cmd.exe.
apps/frontend/src/main/terminal/pty-manager.ts (3)
32-75: LGTM!The
detectShellTypefunction implements precise shell detection with well-ordered checks (more specific patterns first). Key strengths:
- pwsh checked before powershell to avoid false positives
- cmd.exe uses exact matching to prevent substring false positives
- Sensible Unix fallback to 'bash'
15-21: LGTM!The
SpawnResultinterface cleanly encapsulates the PTY process and detected shell type, enabling downstream consumers to access both values from a single spawn operation.
161-174: LGTM!The spawn logic correctly computes
shellTypebefore spawning and returns the composite result. The variable naming is clear (ptyProcessvsptyin the result) to avoid confusion.apps/frontend/src/shared/utils/shell-escape.ts (5)
26-31: LGTM!The POSIX shell escaping correctly uses the standard
'\''pattern to escape single quotes within single-quoted strings. This is the canonical and secure approach for POSIX shells.
66-78: LGTM!The defensive approach of throwing on double quotes in cmd.exe paths is correct. Double quotes cannot be reliably escaped inside double-quoted strings in cmd.exe, and this prevents potential command injection. The comment correctly notes this is rare in practice.
111-124: LGTM!The PowerShell call operator (
&) is correctly applied when escaping commands. This is necessary because PowerShell requires the call operator to execute a quoted string as a command path.
167-188: LGTM!Shell-aware
cdcommand construction is correctly implemented:
- PowerShell uses
Set-Locationwith semicolon separator- cmd.exe uses
cd /dfor drive switching with&&separator- POSIX shells use
cdwith&&separatorThe
/dflag for cmd.exe is important for changing drives on Windows.
197-221: LGTM!The PATH prefix construction correctly handles shell-specific syntax:
- PowerShell:
$env:PATH=with semicolons preserved- cmd.exe:
set "PATH="with%escaped to%%- POSIX: Windows semicolons converted to colons for compatibility
apps/frontend/src/main/terminal/__tests__/claude-integration-handler.test.ts (5)
43-45: LGTM!Adding explicit
shellType: 'bash'to the mock terminal ensures deterministic test behavior. The comment clearly explains the purpose.
239-240: LGTM!Using regex patterns with
[/\\]to match both forward and back slashes handles Windows path normalization correctly. This makes the tests cross-platform compatible.Also applies to: 282-283
433-445: LGTM!Tests correctly verify shell-specific clear command prefixes:
bash→clear &&powershell→cls;This validates the
getClearCommandhelper behavior.
626-656: LGTM!Comprehensive tests for
isBashCompatibleShellcovering allShellTypevariants. Correctly returnstrueonly forbashandzsh.
658-686: LGTM!Shell type variation tests correctly verify:
cmd→cls &&(uses&&like bash)pwsh→cls;(uses;like Windows PowerShell)zsh→clear &&unknown→ defaults toclear &&(POSIX fallback)apps/frontend/src/main/terminal/claude-integration-handler.ts (5)
16-24: LGTM!The imports and type updates correctly support the new shell-aware command construction. The discriminated union update to
ClaudeCommandConfigenforces that callers provideshellTypewhen using the default method.Also applies to: 34-37
39-65: LGTM!The shell-specific clear commands are correctly implemented:
- PowerShell uses
;as statement separator (not&&)- cmd.exe and bash/zsh use
&&for command chainingThe
isBashCompatibleShellhelper properly gates bash-specific features (source, export,bash -c).
98-120: LGTM!The function correctly:
- Preserves bash-specific syntax for
temp-fileandconfig-dirmethods with clear documentation- Uses shell-aware clear command for the
defaultmethod- Wraps the default case in braces to satisfy ESLint's
no-case-declarationsrule
511-534: LGTM!The resume function correctly applies shell-aware escaping and path prefix without the clear screen prefix (appropriate for resume operations where preserving terminal context is desirable).
694-717: LGTM!The async resume function correctly mirrors the sync version with shell-aware command construction.
Comment on lines
406
to
414
| // Use shell-aware command generation based on terminal's shell type | ||
| // Platform-aware fallback: 'cmd' on Windows, 'bash' on Unix | ||
| const shellType = terminal.shellType || (process.platform === 'win32' ? 'cmd' : 'bash'); | ||
| const cwdCommand = buildCdCommandForShell(cwd, shellType); | ||
| const { command: claudeCmd, env: claudeEnv } = getClaudeCliInvocation(); | ||
| const escapedClaudeCmd = escapeShellArg(claudeCmd); | ||
| const escapedClaudeCmd = escapeCommandForShell(claudeCmd, shellType); | ||
| const pathPrefix = claudeEnv.PATH | ||
| ? `PATH=${escapeShellArg(normalizePathForBash(claudeEnv.PATH))} ` | ||
| ? buildPathPrefixForShell(claudeEnv.PATH, shellType) | ||
| : ''; |
Contributor
There was a problem hiding this comment.
🧩 Analysis chain
🏁 Script executed:
rg -n "shellType" --type=ts -C3 -g '!*.test.ts' -g '!*.spec.ts'Repository: AndyMik90/Auto-Claude
Length of output: 23858
🏁 Script executed:
rg -n "function detectShellType|export.*detectShellType" --type=ts -C5Repository: AndyMik90/Auto-Claude
Length of output: 1085
🏁 Script executed:
rg -n "export function detectShellType" --type=ts -A30Repository: AndyMik90/Auto-Claude
Length of output: 2763
🏁 Script executed:
rg -n "export function detectShellType" --type=ts -A40Repository: AndyMik90/Auto-Claude
Length of output: 3507
🏁 Script executed:
rg -n "export function detectShellType" --type=ts -A45Repository: AndyMik90/Auto-Claude
Length of output: 3785
Consider using 'powershell' as the Windows fallback instead of 'cmd'.
The platform fallback logic (line 408) defaults to 'cmd' on Windows when terminal.shellType is undefined. However, PowerShell is the standard default shell on modern Windows systems (Windows Server 2016+, Windows 11). If shell detection fails, falling back to 'cmd' syntax may not work correctly for users running PowerShell.
The codebase already has full PowerShell support with dedicated escaping logic (buildCdCommandForShell, escapeCommandForShell, buildPathPrefixForShell all handle 'powershell' and 'pwsh'). Consider changing the fallback to 'powershell' on Windows to align with modern defaults, or add a console warning that explicitly logs which fallback is being used to help diagnose detection failures.
Note: This fallback only applies if terminal.shellType is undefined, which should be rare since shell detection runs during PTY creation. However, detection failures on unusual shell configurations would benefit from explicit logging.
🤖 Prompt for AI Agents
In @apps/frontend/src/main/terminal/claude-integration-handler.ts around lines
406 - 414, The fallback shell on Windows currently defaults to 'cmd' when
terminal.shellType is undefined, which may cause issues for users on modern
Windows systems where PowerShell is standard. Update the fallback logic in the
section using shellType (around the terminal.shellType assignment) to use
'powershell' instead of 'cmd' for Windows platforms. Additionally, add a console
warning logging which fallback shell was chosen when terminal.shellType is not
detected to help with troubleshooting shell detection failures.
- Use debugLog instead of console.warn for shell spawning - Keep shellType in log message for debugging Co-Authored-By: Claude Opus 4.5 <[email protected]>
- Add detailed comment explaining why cmd is used as Windows fallback - Add debug logging when shell type detection fails and fallback is used - Apply to all 4 functions: invokeClaude, resumeClaude, invokeClaudeAsync, resumeClaudeAsync This addresses CodeRabbit feedback about documenting the fallback choice. Co-Authored-By: Claude Opus 4.5 <[email protected]>
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| * Tests for shell detection and PTY process management. | ||
| */ | ||
|
|
||
| import { describe, it, expect, vi, beforeEach } from 'vitest'; |
Check notice
Code scanning / CodeQL
Unused variable, import, function or class Note test
Contributor
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Fix all issues with AI agents
In @apps/frontend/src/main/terminal/pty-manager.ts:
- Around line 33-70: The detectShellType function uses imprecise includes()
checks that cause false positives; change the path matching to use endsWith()
(or a boundary-aware regex) instead of includes() for the pwsh, powershell,
bash, and zsh checks so only true file-name or final path-segment matches are
accepted; update the pwsh branch to remove normalized.includes('/pwsh') and rely
on normalized.endsWith('/pwsh') or endsWith('pwsh'), do the same for powershell
(drop includes('/powershell')), bash (drop includes('/bash')), and zsh (drop
includes('/zsh')), ensuring the logic around
normalized.endsWith('\\cmd')/endsWith('/cmd') and normalized === 'cmd' for the
cmd branch remains unchanged.
📜 Review details
Configuration used: Path: .coderabbit.yaml
Review profile: ASSERTIVE
Plan: Pro
📒 Files selected for processing (2)
apps/frontend/src/main/terminal/claude-integration-handler.tsapps/frontend/src/main/terminal/pty-manager.ts
🧰 Additional context used
📓 Path-based instructions (2)
apps/frontend/src/**/*.{tsx,ts}
📄 CodeRabbit inference engine (CLAUDE.md)
apps/frontend/src/**/*.{tsx,ts}: Use i18n translation keys for all user-facing text in the frontend. All labels, buttons, messages must use translation keys from react-i18next with namespace:section.key format (e.g., 'navigation:items.githubPRs').
Never use hardcoded strings for UI text in JSX/TSX files. Always use translation keys via useTranslation() hook.
Files:
apps/frontend/src/main/terminal/pty-manager.tsapps/frontend/src/main/terminal/claude-integration-handler.ts
apps/frontend/**/*.{ts,tsx}
⚙️ CodeRabbit configuration file
apps/frontend/**/*.{ts,tsx}: Review React patterns and TypeScript type safety.
Check for proper state management and component composition.
Files:
apps/frontend/src/main/terminal/pty-manager.tsapps/frontend/src/main/terminal/claude-integration-handler.ts
🧬 Code graph analysis (2)
apps/frontend/src/main/terminal/pty-manager.ts (1)
apps/frontend/src/main/terminal/types.ts (1)
ShellType(9-9)
apps/frontend/src/main/terminal/claude-integration-handler.ts (3)
apps/frontend/src/main/terminal/types.ts (1)
ShellType(9-9)apps/frontend/src/shared/utils/shell-escape.ts (4)
buildCdCommandForShell(167-188)escapeCommandForShell(111-124)buildPathPrefixForShell(197-221)escapeShellArg(26-31)apps/frontend/src/main/claude-cli-utils.ts (2)
getClaudeCliInvocation(44-52)getClaudeCliInvocationAsync(66-77)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)
- GitHub Check: CodeQL (python)
- GitHub Check: CodeQL (javascript-typescript)
🔇 Additional comments (10)
apps/frontend/src/main/terminal/pty-manager.ts (2)
16-22: LGTM!The
SpawnResultinterface is well-structured, pairing the PTY handle with the detected shell type for downstream shell-aware command generation.
135-176: LGTM!The changes correctly detect the shell type from the resolved shell path and return it alongside the PTY handle. Good addition of
shellTypeto the debug log for troubleshooting shell detection issues.apps/frontend/src/main/terminal/claude-integration-handler.ts (8)
16-24: LGTM!Imports correctly updated to bring in shell-aware utilities and the
ShellTypetype.
34-37: LGTM!The discriminated union is correctly updated. The
defaultmethod now carriesshellTypefor shell-aware command generation, whiletemp-fileandconfig-dirremain bash-specific (guarded byisBashCompatibleShell()checks at call sites).
39-54: LGTM!Shell-specific clear commands are correct: PowerShell uses
cls;(semicolon separator), cmd usescls &&, and bash/zsh useclear &&. The default fallback to bash-style clear is appropriate.
56-65: LGTM!The helper correctly identifies bash-compatible shells for guarding bash-specific OAuth token injection methods.
98-120: LGTM!The shell-aware command construction is correct. The
defaultmethod usesgetClearCommand()for shell-specific clear commands, whiletemp-fileandconfig-dircontinue using bash-specific syntax (appropriately guarded byisBashCompatibleShell()at call sites).
406-499: LGTM!The shell-aware command generation is well-implemented:
- Good documentation explaining the
'cmd'fallback rationale on Windows- Consistent use of shell-aware utilities (
buildCdCommandForShell,escapeCommandForShell,buildPathPrefixForShell)- Proper guarding of bash-specific methods with
isBashCompatibleShell()checks- Clean fallback to the default method for non-bash shells
512-559: LGTM!The
resumeClaudefunction correctly applies shell-aware command escaping and path prefix. The omission of the clear command is appropriate for resume scenarios where preserving terminal context is desirable.
571-746: LGTM!The async versions correctly mirror their sync counterparts with consistent shell-aware logic. Good use of
fsPromises.writeFilefor non-blocking file operations in the async path.
Changed includes() to endsWith() for shell path matching to prevent false positives when shell names appear in directory paths: - /usr/local/pwsh-tools/bash no longer matches as 'pwsh' - /opt/powershell-scripts/zsh no longer matches as 'powershell' - /home/commander/bin/bash no longer matches as 'cmd' - C:\Users\cmd-admin\Git\bin\bash.exe correctly detects as 'bash' Added comprehensive test suite with 13 new false positive prevention tests covering pwsh, powershell, cmd, bash, and zsh edge cases. Addresses CodeRabbit review: shell detection uses imprecise substring matching that can cause false positives. Co-Authored-By: Claude Opus 4.5 <[email protected]>
Contributor
There was a problem hiding this comment.
Actionable comments posted: 2
🤖 Fix all issues with AI agents
In @apps/frontend/src/main/terminal/__tests__/pty-manager.test.ts:
- Around line 127-147: The tests that override process.platform (the two it
blocks asserting detectShellType for Windows and Unix) must restore the original
platform inside a finally to guarantee restoration on failure; wrap the platform
mutation and expect call in a try/finally, capturing originalPlatform before the
change and resetting process.platform in the finally block so detectShellType
tests cannot leak a modified process.platform to other tests.
In @apps/frontend/src/main/terminal/pty-manager.ts:
- Around line 33-84: detectShellType has redundant path checks like
endsWith('/pwsh'), endsWith('/powershell'), endsWith('/bash'), and
endsWith('/zsh') because endsWith('pwsh'|'powershell'|'bash'|'zsh') already
covers those cases; simplify the conditionals in detectShellType by removing the
redundant endsWith('/...') checks (leave platform-specific/backslash checks for
Windows cmd as-is) and update the related comments to reflect the simplified
matching logic so behavior remains identical but with fewer evaluations.
📜 Review details
Configuration used: Path: .coderabbit.yaml
Review profile: ASSERTIVE
Plan: Pro
📒 Files selected for processing (2)
apps/frontend/src/main/terminal/__tests__/pty-manager.test.tsapps/frontend/src/main/terminal/pty-manager.ts
🧰 Additional context used
📓 Path-based instructions (2)
apps/frontend/src/**/*.{tsx,ts}
📄 CodeRabbit inference engine (CLAUDE.md)
apps/frontend/src/**/*.{tsx,ts}: Use i18n translation keys for all user-facing text in the frontend. All labels, buttons, messages must use translation keys from react-i18next with namespace:section.key format (e.g., 'navigation:items.githubPRs').
Never use hardcoded strings for UI text in JSX/TSX files. Always use translation keys via useTranslation() hook.
Files:
apps/frontend/src/main/terminal/__tests__/pty-manager.test.tsapps/frontend/src/main/terminal/pty-manager.ts
apps/frontend/**/*.{ts,tsx}
⚙️ CodeRabbit configuration file
apps/frontend/**/*.{ts,tsx}: Review React patterns and TypeScript type safety.
Check for proper state management and component composition.
Files:
apps/frontend/src/main/terminal/__tests__/pty-manager.test.tsapps/frontend/src/main/terminal/pty-manager.ts
🧬 Code graph analysis (2)
apps/frontend/src/main/terminal/__tests__/pty-manager.test.ts (1)
apps/frontend/src/main/terminal/pty-manager.ts (1)
detectShellType(33-84)
apps/frontend/src/main/terminal/pty-manager.ts (1)
apps/frontend/src/main/terminal/types.ts (1)
ShellType(9-9)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)
- GitHub Check: CodeQL (javascript-typescript)
- GitHub Check: CodeQL (python)
🔇 Additional comments (5)
apps/frontend/src/main/terminal/pty-manager.ts (2)
16-22: LGTM! Clean interface design.The
SpawnResultinterface appropriately couples the PTY process with its detected shell type, enabling downstream code to make shell-aware command decisions.
143-183: LGTM! Clean refactor of return type.The function correctly detects the shell type before spawning and returns both the PTY process and shell type. The debug log at line 160 is helpful for troubleshooting shell detection issues.
apps/frontend/src/main/terminal/__tests__/pty-manager.test.ts (3)
10-29: LGTM! Proper mocking setup.The mocks correctly isolate the test from native modules and external dependencies, making the tests reliable and fast.
172-250: Excellent false-positive prevention test coverage.These tests comprehensively validate the
endsWith()matching strategy, ensuring shell names appearing as directory substrings (e.g.,pwsh-tools,bash-scripts,cmd-admin) don't cause misdetection. The complex mixed scenarios at lines 237-248 are particularly valuable.
35-118: LGTM! Comprehensive shell detection test coverage.The tests cover all supported shell types with multiple path variations (Windows
.exe, Unix paths, WSL, MSYS2, Cygwin). The cmd false-positive test at lines 76-83 directly validates the bug fix mentioned in the PR.
Comment on lines
+127
to
+147
| it('should return unknown for unrecognized Windows shells', () => { | ||
| // Save original platform | ||
| const originalPlatform = process.platform; | ||
| Object.defineProperty(process, 'platform', { value: 'win32' }); | ||
|
|
||
| expect(detectShellType('C:\\some\\random\\shell.exe')).toBe('unknown'); | ||
|
|
||
| // Restore platform | ||
| Object.defineProperty(process, 'platform', { value: originalPlatform }); | ||
| }); | ||
|
|
||
| it('should fallback to bash for unrecognized Unix shells', () => { | ||
| // Save original platform | ||
| const originalPlatform = process.platform; | ||
| Object.defineProperty(process, 'platform', { value: 'darwin' }); | ||
|
|
||
| expect(detectShellType('/usr/local/bin/fish')).toBe('bash'); | ||
|
|
||
| // Restore platform | ||
| Object.defineProperty(process, 'platform', { value: originalPlatform }); | ||
| }); |
Contributor
There was a problem hiding this comment.
Use try/finally to ensure platform restoration on test failure.
If an assertion fails before the restore line, process.platform remains modified, potentially affecting subsequent tests in the same run.
🧪 Suggested fix using try/finally
it('should return unknown for unrecognized Windows shells', () => {
// Save original platform
const originalPlatform = process.platform;
Object.defineProperty(process, 'platform', { value: 'win32' });
- expect(detectShellType('C:\\some\\random\\shell.exe')).toBe('unknown');
-
- // Restore platform
- Object.defineProperty(process, 'platform', { value: originalPlatform });
+ try {
+ expect(detectShellType('C:\\some\\random\\shell.exe')).toBe('unknown');
+ } finally {
+ // Restore platform
+ Object.defineProperty(process, 'platform', { value: originalPlatform });
+ }
});
it('should fallback to bash for unrecognized Unix shells', () => {
// Save original platform
const originalPlatform = process.platform;
Object.defineProperty(process, 'platform', { value: 'darwin' });
- expect(detectShellType('/usr/local/bin/fish')).toBe('bash');
-
- // Restore platform
- Object.defineProperty(process, 'platform', { value: originalPlatform });
+ try {
+ expect(detectShellType('/usr/local/bin/fish')).toBe('bash');
+ } finally {
+ // Restore platform
+ Object.defineProperty(process, 'platform', { value: originalPlatform });
+ }
});📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
Suggested change
| it('should return unknown for unrecognized Windows shells', () => { | |
| // Save original platform | |
| const originalPlatform = process.platform; | |
| Object.defineProperty(process, 'platform', { value: 'win32' }); | |
| expect(detectShellType('C:\\some\\random\\shell.exe')).toBe('unknown'); | |
| // Restore platform | |
| Object.defineProperty(process, 'platform', { value: originalPlatform }); | |
| }); | |
| it('should fallback to bash for unrecognized Unix shells', () => { | |
| // Save original platform | |
| const originalPlatform = process.platform; | |
| Object.defineProperty(process, 'platform', { value: 'darwin' }); | |
| expect(detectShellType('/usr/local/bin/fish')).toBe('bash'); | |
| // Restore platform | |
| Object.defineProperty(process, 'platform', { value: originalPlatform }); | |
| }); | |
| it('should return unknown for unrecognized Windows shells', () => { | |
| // Save original platform | |
| const originalPlatform = process.platform; | |
| Object.defineProperty(process, 'platform', { value: 'win32' }); | |
| try { | |
| expect(detectShellType('C:\\some\\random\\shell.exe')).toBe('unknown'); | |
| } finally { | |
| // Restore platform | |
| Object.defineProperty(process, 'platform', { value: originalPlatform }); | |
| } | |
| }); | |
| it('should fallback to bash for unrecognized Unix shells', () => { | |
| // Save original platform | |
| const originalPlatform = process.platform; | |
| Object.defineProperty(process, 'platform', { value: 'darwin' }); | |
| try { | |
| expect(detectShellType('/usr/local/bin/fish')).toBe('bash'); | |
| } finally { | |
| // Restore platform | |
| Object.defineProperty(process, 'platform', { value: originalPlatform }); | |
| } | |
| }); |
🤖 Prompt for AI Agents
In @apps/frontend/src/main/terminal/__tests__/pty-manager.test.ts around lines
127 - 147, The tests that override process.platform (the two it blocks asserting
detectShellType for Windows and Unix) must restore the original platform inside
a finally to guarantee restoration on failure; wrap the platform mutation and
expect call in a try/finally, capturing originalPlatform before the change and
resetting process.platform in the finally block so detectShellType tests cannot
leak a modified process.platform to other tests.
Comment on lines
+33
to
+84
| export function detectShellType(shellPath: string): ShellType { | ||
| const normalized = shellPath.toLowerCase(); | ||
|
|
||
| // Check for PowerShell Core (pwsh) first - more specific match | ||
| // Matches: pwsh.exe, pwsh, /usr/bin/pwsh | ||
| // Using endsWith() for precise path boundary matching to avoid false positives | ||
| // (e.g., /usr/local/pwsh-tools/bash should NOT match as pwsh) | ||
| if (normalized.endsWith('pwsh.exe') || normalized.endsWith('pwsh') || normalized.endsWith('/pwsh')) { | ||
| return 'pwsh'; | ||
| } | ||
|
|
||
| // Check for Windows PowerShell | ||
| // Matches: powershell.exe, powershell, /powershell | ||
| // Using endsWith() for precise path boundary matching to avoid false positives | ||
| // (e.g., /opt/powershell-scripts/zsh should NOT match as powershell) | ||
| if (normalized.endsWith('powershell.exe') || normalized.endsWith('powershell') || normalized.endsWith('/powershell')) { | ||
| return 'powershell'; | ||
| } | ||
|
|
||
| // Check for cmd.exe - use precise matching to avoid false positives | ||
| // A path like 'C:\Documents\mycmdtool\bash.exe' should NOT match as cmd | ||
| // Only match: cmd.exe, \cmd.exe, /cmd.exe, or just 'cmd' | ||
| if ( | ||
| normalized.endsWith('cmd.exe') || | ||
| normalized.endsWith('\\cmd') || | ||
| normalized.endsWith('/cmd') || | ||
| normalized === 'cmd' | ||
| ) { | ||
| return 'cmd'; | ||
| } | ||
|
|
||
| // Check for bash (includes Git Bash, Cygwin, MSYS2) | ||
| // Matches: bash.exe, bash, /bin/bash, /usr/bin/bash | ||
| // Using endsWith() for precise path boundary matching to avoid false positives | ||
| // (e.g., /path/to/bash-tools/zsh should NOT match as bash) | ||
| if (normalized.endsWith('bash.exe') || normalized.endsWith('bash') || normalized.endsWith('/bash')) { | ||
| return 'bash'; | ||
| } | ||
|
|
||
| // Check for zsh | ||
| // Matches: zsh, /bin/zsh, /usr/bin/zsh | ||
| // Using endsWith() for precise path boundary matching to avoid false positives | ||
| // (e.g., /path/to/zsh-plugin/bash should NOT match as zsh) | ||
| if (normalized.endsWith('zsh') || normalized.endsWith('/zsh')) { | ||
| return 'zsh'; | ||
| } | ||
|
|
||
| // Unix fallback based on platform | ||
| if (process.platform !== 'win32') return 'bash'; | ||
|
|
||
| return 'unknown'; | ||
| } |
Contributor
There was a problem hiding this comment.
🧹 Nitpick | 🔵 Trivial
Solid shell detection logic with minor redundancy.
The implementation correctly uses endsWith() for precise path-boundary matching. One minor observation: the checks like endsWith('/bash') on line 68 are redundant since endsWith('bash') already covers any path ending with /bash. The same applies to zsh (line 76), pwsh (line 40), and powershell (line 48).
This doesn't affect correctness—just introduces a few unnecessary evaluations. The extra clarity may justify keeping them as-is.
🤖 Prompt for AI Agents
In @apps/frontend/src/main/terminal/pty-manager.ts around lines 33 - 84,
detectShellType has redundant path checks like endsWith('/pwsh'),
endsWith('/powershell'), endsWith('/bash'), and endsWith('/zsh') because
endsWith('pwsh'|'powershell'|'bash'|'zsh') already covers those cases; simplify
the conditionals in detectShellType by removing the redundant endsWith('/...')
checks (leave platform-specific/backslash checks for Windows cmd as-is) and
update the related comments to reflect the simplified matching logic so behavior
remains identical but with fewer evaluations.
|
can we get this in pls? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
escapeShellArg()backslash escape regressionProblem
When using "Invoke Claude All" in Agent Terminals on Windows with PowerShell, Claude fails to start. The command was being generated with bash-style syntax that PowerShell doesn't understand.
Error:
The token '&&' is not a valid statement separator in this versionChanges
1. Added
escapeCommandForShell()function (shell-escape.ts)&(call) operator to execute quoted paths:& 'path.bat'2. Added screen clearing before Claude starts (
claude-integration-handler.ts)cls;cls &&clear &&3. Fixed
escapeShellArg()regression'\''→''')4. Fixed test cross-platform compatibility
shellTypeto test mocksBefore
After
Test plan
claude-integration-handlertests pass🤖 Generated with Claude Code
Summary by CodeRabbit
New Features
Cross-platform Compatibility
Tests
✏️ Tip: You can customize this high-level summary in your review settings.