-
Notifications
You must be signed in to change notification settings - Fork 316
feat: portable coding agent across cli, web, mobile, and p2p #1032
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merged
Merged
Changes from all commits
Commits
Show all changes
91 commits
Select commit
Hold shift + click to select a range
32c0ace
feat: add thunderbolt CLI, a Pi-harness coding agent with acp/mcp bri…
ital0 ad89a34
feat: run the built-in agent on an in-browser Pi harness
ital0 b8c2461
feat: add iroh P2P transport for the acp/mcp bridges
ital0 b075632
feat: harden the in-app Pi engine — browser-native tools, per-thread …
ital0 a4e79cd
feat: serve the built-in pi agent over an acp endpoint for the bridge
ital0 181633b
fix: bound iroh bridge handshakes and apply stdin backpressure
ital0 f690e35
feat: dial a laptop iroh bridge from the web app via a wasm client
ital0 7cd577d
feat: bind a device iroh node id via a canary-gated route with qr pai…
ital0 3ea443c
fix: surface device pairing errors and widen the node id length cap
ital0 251ca37
fix: cap qr scan image size and resolution to bound main-thread cost
ital0 b9fe7eb
feat: add openai-compat provider and model self-announce to the cli
ital0 58af582
fix: gate the cli bridge with an origin allowlist and per-run token
ital0 b35f8bc
fix: harden the embed workspace jail against symlink and path escape
ital0 9dc58ae
fix: bound iroh client warmup, cap qr decode, and clear credentials o…
ital0 24b7b14
feat: add iroh remote agents and bridged mcp servers to the app
ital0 95793a3
chore: drop the unneeded playwright and env-backup gitignore rules
ital0 b89699c
fix: cancel the remote acp turn when the user stops
ital0 0325eab
fix: contain the add-agent modal overflow and lead with the iroh ticket
ital0 224a810
feat: make the iroh relay configurable via env
ital0 91ca655
fix: harden the iroh bridge idle-accept and redact the api-key from logs
ital0 e541e2e
test: backfill unit tests for the cli agent, iroh, and agent-core
ital0 d16022a
ci: run the isolated agent-core test suite only when it changes
ital0 b4831af
build: scope the backend type-check to the shared modules it imports
ital0 e974e7a
test: make the agent-core mount test deterministic across reruns
ital0 ef34917
fix: clear the iroh node binding when a device re-registers or is denied
ital0 38e8590
fix: reject node-id attestation for denied devices
ital0 4e531aa
Merge branch 'main' into italomenezes/thunderbolt-cli-mvp
ital0 00e13a3
feat: persist acp sessions and add session/resume to the cli agent
ital0 889f8f6
feat: resume or replay acp sessions in the app by agent capability
ital0 542de75
ci: run cli test suite and typecheck in a dedicated CI job
ital0 2aa1291
ci: compile, lint, and test the thunderbolt-acp-client crate in the r…
ital0 b9ecb82
build: pin acp-client toolchain and checksum-gate the committed iroh …
ital0 3141962
docs: note deploy ordering for devices node_id synced columns
ital0 c85bd25
ci: gate committed wasm on crate-source changes to catch stale artifacts
ital0 0ee661c
build: strip builder paths from iroh wasm via --remap-path-prefix
ital0 d141a03
fix: redact joined --api-key=/--token= secrets in bridge command logs
ital0 691afef
Merge remote-tracking branch 'origin/main' into italomenezes/thunderb…
ital0 7623587
fix: bind a distinct iroh identity per bridge protocol
ital0 e36677a
refactor: extract reusable tool-activity formatters and banner text
ital0 e8f5cc8
feat: add interactive Pi TUI mode for the REPL
ital0 52a931a
feat: add per-agent setup dialog with run command and API-key instruc…
ital0 1703960
ci: publish CLI binaries and SHA256SUMS to GitHub releases
ital0 ca867eb
docs(cli): document prebuilt binary install from GitHub releases
ital0 e1c2e06
feat: add tauri command to download, verify and install the thunderbo…
ital0 e3f993d
feat: add desktop one-click thunderbolt cli install to agents settings
ital0 f900b3c
fix: scope pi-tui quarantine exemption to cli bunfig where it's pinned
ital0 0d0fa74
Merge remote-tracking branch 'origin/main' into italomenezes/thunderb…
ital0 acb87d1
ci: drop gratuitous secrets inherit from cli release job
ital0 a4a0393
docs: clarify CLI installer checksum guards transport not host integrity
ital0 c7910a4
Merge remote-tracking branch 'origin/main' into italomenezes/thunderb…
ital0 b6c98c2
Merge remote-tracking branch 'origin/main' into italomenezes/thunderb…
ital0 bd3437d
fix: add overall reqwest timeout to CLI download so a stalled host ca…
ital0 aa2ba20
fix: allow editing an existing iroh MCP server
ital0 3f2dabd
fix: redact token/secret/password env assignments in bridge command logs
ital0 a246f40
fix: guard websocket bridge stdin write against dead-pipe epipe
ital0 22ceb5b
fix: cap concurrent live subprocesses in websocket and iroh bridges
ital0 129847d
fix: strip terminal control sequences from untrusted CLI output
ital0 f965dfe
fix: abort the in-flight turn on TUI Ctrl-C and Ctrl-D
ital0 da84ea7
fix: reject path-traversal session ids at ACP resume boundary
ital0 b7294e3
fix: catch fire-and-forget session cancel on ACP abort
ital0 c363d3c
fix: widen backend agents.transport enum to include iroh
ital0 9ad4a69
ci: publish CLI release binaries and SHA256SUMS atomically
ital0 5c717d1
fix: settle iroh send() on actual QUIC write, not enqueue, to prevent…
ital0 478d504
style: use arrow functions for the device pairing components
ital0 43cd913
fix(csp): allow loopback bridge ports in connect-src
ital0 31a6133
fix(csp): allow WebAssembly via wasm-unsafe-eval for iroh
ital0 6822484
fix(cli): sanitize model-controlled text in permission prompt and tur…
ital0 30658e0
fix(chat): show tool command in bridged permission dialog
ital0 b87f7e5
fix(settings): gate CLI install card by CPU architecture
ital0 c3ed301
fix(cli): source version from package.json and stamp cli on release
ital0 fec711e
fix(cli): forward --help after -- to the connect client command
ital0 d19dd89
fix(acp): persist fresh session id before consuming its marker
ital0 28f5d8e
fix(acp): reach legacy-chat parity in the built-in agent
ital0 35b22a6
fix(cli): confine the bridged agent to a server-owned workspace
ital0 a974879
fix(agent-core): report write byte count in UTF-8 not code units
ital0 9a21e25
fix(agent-core): stop buffering discarded MCP result chunks
ital0 a7a97b4
fix(agent-core): surface partial output when a browser command times out
ital0 cc58da3
refactor(acp): share the tool-permission kernel across cli and built-…
ital0 d0aa70b
refactor(iroh): source the ALPN protocol string from one shared constant
ital0 07ca791
fix(iroh): don't leak the child when the connection-closed promise re…
ital0 d1a9c10
refactor(settings): extract the shared copy-command row
ital0 731cc48
fix(cli): honor THUNDERBOLT_HOME for the ACP sessions directory
ital0 647c573
fix(device): show a loading state while the QR code regenerates
ital0 7342954
docs(device): correct the node-id mutation's refresh comment
ital0 5294048
ci(wasm): verify the pkg file set and drop the stale determinism note
ital0 c6115fe
docs: refresh stale cli, transport, and crate documentation
ital0 6be900d
test(cli): use a placeholder host in the model test
ital0 53c3698
fix(shared): define tool-permission types locally so the isolated cli…
ital0 efd8f5a
fix(cli): drop bash from the workspace-jailed agent so it cannot esca…
ital0 6254796
test(acp): await the rejects assertion in the fresh-session persisten…
ital0 33fa0ae
docs(cli): document the served agent's workspace scope
ital0 File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,158 @@ | ||
| name: CLI Release | ||
| run-name: CLI release for v${{ inputs.version }} | ||
|
|
||
| # Builds the standalone `thunderbolt` CLI binaries and attaches them, plus a | ||
| # SHA256SUMS manifest, to the shared `v{version}` GitHub Release. The desktop | ||
| # app derives download URLs from its own version: | ||
| # | ||
| # https://github.com/thunderbird/thunderbolt/releases/download/v{APP_VERSION}/thunderbolt-{target} | ||
| # https://github.com/thunderbird/thunderbolt/releases/download/v{APP_VERSION}/SHA256SUMS | ||
| # | ||
| # where {target} is one of: darwin-arm64 | linux-x64 | linux-arm64. | ||
| # | ||
| # Native-runner matrix (no cross-compile): the CLI depends on @number0/iroh, a | ||
| # NAPI addon that ships a per-platform prebuilt `.node`. `bun build --compile` | ||
| # embeds only the `.node` that is installed on the build machine, so each target | ||
| # MUST build on a runner of its own architecture — `bun install` there pulls the | ||
| # matching optional iroh dependency automatically. | ||
| # | ||
| # darwin-x64 is intentionally absent: iroh 1.0.0 publishes no x86_64-apple-darwin | ||
| # addon (`@number0/iroh-darwin-x64` does not exist on npm), so an Intel-macOS CLI | ||
| # binary cannot load iroh and is not shipped. Intel-Mac desktop users therefore | ||
| # have no one-click CLI install until iroh gains that target upstream. | ||
| # | ||
| # Publishing (flipping the draft release to public) is owned by the desktop | ||
| # release workflow, which shares the `v{version}` tag. This workflow only uploads | ||
| # assets via `gh release upload`, which never mutates the release's draft state — | ||
| # so it cannot race the desktop publish flip back into draft. | ||
|
|
||
| on: | ||
| workflow_call: | ||
| inputs: | ||
| version: | ||
| description: 'Version to release (e.g., 1.2.3 without v prefix)' | ||
| required: true | ||
| type: string | ||
| nightly: | ||
| description: 'Is this a nightly build?' | ||
| required: false | ||
| default: false | ||
| type: boolean | ||
| workflow_dispatch: | ||
| inputs: | ||
| version: | ||
| description: 'Version to release (e.g., 1.2.3 without v prefix)' | ||
| required: true | ||
| type: string | ||
| nightly: | ||
| description: 'Is this a nightly build?' | ||
| required: false | ||
| default: false | ||
| type: boolean | ||
|
|
||
| concurrency: | ||
| group: cli-release-${{ inputs.version }} | ||
| cancel-in-progress: true | ||
|
|
||
| permissions: | ||
| contents: write | ||
|
|
||
| jobs: | ||
| ensure-release: | ||
| name: Ensure Draft Release | ||
| runs-on: ubuntu-24.04 | ||
| steps: | ||
| # For a regular release the draft already exists (version-bump created it). | ||
| # For a nightly it is created by the desktop workflow's draft job, which | ||
| # runs in parallel — create it here if we win the race, confirm it if we | ||
| # lose. Either way the build matrix can upload afterwards. | ||
| - name: Ensure the shared draft release exists | ||
| env: | ||
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| REPO: ${{ github.repository }} | ||
| VERSION: ${{ inputs.version }} | ||
| NIGHTLY: ${{ inputs.nightly }} | ||
| run: | | ||
| if gh release view "v${VERSION}" --repo "$REPO" >/dev/null 2>&1; then | ||
| exit 0 | ||
| fi | ||
| FLAGS="--draft" | ||
| [ "$NIGHTLY" = "true" ] && FLAGS="$FLAGS --prerelease" | ||
| gh release create "v${VERSION}" --repo "$REPO" $FLAGS \ | ||
| --title "Release v${VERSION}" \ | ||
| --notes "Release assets are uploaded by CI." \ | ||
| || gh release view "v${VERSION}" --repo "$REPO" | ||
|
|
||
| build: | ||
| name: Build ${{ matrix.target }} | ||
| needs: ensure-release | ||
| strategy: | ||
| fail-fast: false | ||
| matrix: | ||
| include: | ||
| - os: macos-latest | ||
| target: darwin-arm64 | ||
| - os: ubuntu-24.04 | ||
| target: linux-x64 | ||
| - os: ubuntu-24.04-arm | ||
| target: linux-arm64 | ||
| runs-on: ${{ matrix.os }} | ||
| timeout-minutes: 15 | ||
| steps: | ||
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 | ||
| with: | ||
| ref: v${{ inputs.version }} | ||
|
|
||
| - name: Install Bun | ||
| uses: oven-sh/setup-bun@0c5077e51419868618aeaa5fe8019c62421857d6 # v2 | ||
| with: | ||
| bun-version: 1.3.14 | ||
|
|
||
| - name: Cache Bun dependencies (cli) | ||
| uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5 | ||
| with: | ||
| path: | | ||
| ~/.bun/install/cache | ||
| cli/node_modules | ||
| key: cli-bun-${{ matrix.os }}-${{ hashFiles('cli/bun.lock') }} | ||
| restore-keys: | | ||
| cli-bun-${{ matrix.os }}- | ||
|
|
||
| - name: Build CLI binary | ||
| run: cd cli && bun install --frozen-lockfile && bun run build:${{ matrix.target }} | ||
|
|
||
| # Upload as a workflow artifact rather than straight to the Release, so a | ||
| # failed leg can never leave a partial set of binaries on the release with | ||
| # no SHA256SUMS. The publish job below attaches everything atomically once | ||
| # ALL legs have succeeded. | ||
| - name: Upload CLI binary artifact | ||
| uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 | ||
| with: | ||
| name: thunderbolt-${{ matrix.target }} | ||
| path: cli/dist/thunderbolt-${{ matrix.target }} | ||
| if-no-files-found: error | ||
| retention-days: 1 | ||
|
|
||
| publish: | ||
| name: Publish CLI assets | ||
| # `needs: build` (default success()) gates this on EVERY leg succeeding, so | ||
| # publishing is atomic: either all binaries + SHA256SUMS land, or nothing does. | ||
| needs: build | ||
| runs-on: ubuntu-24.04 | ||
| steps: | ||
| - name: Download all CLI binaries | ||
| uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 | ||
| with: | ||
| path: dist | ||
| pattern: thunderbolt-* | ||
| merge-multiple: true | ||
|
|
||
| - name: Generate SHA256SUMS and upload all assets to the release | ||
| env: | ||
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| REPO: ${{ github.repository }} | ||
| VERSION: ${{ inputs.version }} | ||
| run: | | ||
| cd dist | ||
| sha256sum thunderbolt-* > SHA256SUMS | ||
| gh release upload "v${VERSION}" thunderbolt-* SHA256SUMS --clobber --repo "$REPO" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,6 @@ | ||
| -- This Source Code Form is subject to the terms of the Mozilla Public | ||
| -- License, v. 2.0. If a copy of the MPL was not distributed with this | ||
| -- file, You can obtain one at http://mozilla.org/MPL/2.0/. | ||
|
|
||
| ALTER TABLE "powersync"."devices" ADD COLUMN "node_id" text;--> statement-breakpoint | ||
| ALTER TABLE "powersync"."devices" ADD COLUMN "node_id_attested_at" timestamp; |
Oops, something went wrong.
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.