Use HttpApi for Environment APIs & standardize authn/authz#2858
Open
juliusmarminge wants to merge 26 commits into
Open
Use HttpApi for Environment APIs & standardize authn/authz#2858juliusmarminge wants to merge 26 commits into
juliusmarminge wants to merge 26 commits into
Conversation
|
Important Review skippedAuto reviews are disabled on this repository. Please check the settings in the CodeRabbit UI or the ⚙️ Run configurationConfiguration used: Repository UI Review profile: CHILL Plan: Pro Run ID: You can disable this status message by setting the Use the checkbox below for a quick retry:
✨ Finishing Touches🧪 Generate unit tests (beta)
Comment |
github-actions
Bot
added
size:XXL
![macroscopeapp[bot]](https://avatars.githubusercontent.com/in/900172?s=60&v=4){kind=small}
juliusmarminge
force-pushed
the
codex/environment-httpapi-client-runtime
branch
from
28f8946 to
a9767d3
Compare
juliusmarminge
changed the title
juliusmarminge
changed the title
juliusmarminge
force-pushed
the
codex/environment-httpapi-client-runtime
branch
from
597e56d to
f9c9f4d
Compare
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
Contributor
ApprovabilityVerdict: Needs human review Diff is too large for automated approval analysis. A human reviewer should evaluate this PR. You can customize Macroscope's approvability policy. Learn more. |
Contributor
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 2 potential issues.
There are 3 total unresolved issues (including 1 from previous review).
Autofix Details
Bugbot Autofix prepared a fix for 1 of the 2 issues found in the latest run.
- ✅ Fixed: Local
requireEnvironmentScopeshadows exported function with different behavior- Renamed the local function from
requireEnvironmentScopetoauthenticateAndRequireScopeto clearly distinguish it from the exported function inauth/http.tsand reflect that it performs both authentication and scope checking.
- Renamed the local function from
Or push these changes by commenting:
@cursor push c2980e6b47
Preview (c2980e6b47)
diff --git a/apps/server/src/http.ts b/apps/server/src/http.ts
--- a/apps/server/src/http.ts
+++ b/apps/server/src/http.ts
@@ -81,7 +81,7 @@
return redirectUrl.toString();
}
-const requireEnvironmentScope = (
+const authenticateAndRequireScope = (
scope: typeof AuthOrchestrationReadScope | typeof AuthOrchestrationOperateScope,
) =>
Effect.gen(function* () {
@@ -123,7 +123,7 @@
"POST",
OTLP_TRACES_PROXY_PATH,
Effect.gen(function* () {
- yield* requireEnvironmentScope(AuthOrchestrationOperateScope);
+ yield* authenticateAndRequireScope(AuthOrchestrationOperateScope);
const request = yield* HttpServerRequest.HttpServerRequest;
const config = yield* ServerConfig;
const otlpTracesUrl = config.otlpTracesUrl;
@@ -177,7 +177,7 @@
"GET",
`${ATTACHMENTS_ROUTE_PREFIX}/*`,
Effect.gen(function* () {
- yield* requireEnvironmentScope(AuthOrchestrationReadScope);
+ yield* authenticateAndRequireScope(AuthOrchestrationReadScope);
const request = yield* HttpServerRequest.HttpServerRequest;
const url = HttpServerRequest.toURL(request);
if (Option.isNone(url)) {
@@ -238,7 +238,7 @@
"GET",
"/api/project-favicon",
Effect.gen(function* () {
- yield* requireEnvironmentScope(AuthOrchestrationReadScope);
+ yield* authenticateAndRequireScope(AuthOrchestrationReadScope);
const request = yield* HttpServerRequest.HttpServerRequest;
const url = HttpServerRequest.toURL(request);
if (Option.isNone(url)) {You can send follow-ups to the cloud agent here.
Contributor
|
Bugbot Autofix prepared a fix for the issue found in the latest run.
Or push these changes by commenting: Preview (7c9551256f)diff --git a/apps/server/src/http.ts b/apps/server/src/http.ts
--- a/apps/server/src/http.ts
+++ b/apps/server/src/http.ts
@@ -15,6 +15,7 @@
HttpBody,
HttpClient,
HttpClientResponse,
+ HttpEffect,
HttpRouter,
HttpServerResponse,
HttpServerRequest,
@@ -59,8 +60,14 @@
},
});
}
- const response = yield* httpEffect;
- return HttpServerResponse.setHeaders(response, browserApiCorsHeaders);
+ HttpEffect.appendPreResponseHandlerUnsafe(
+ request,
+ (
+ _req: HttpServerRequest.HttpServerRequest,
+ response: HttpServerResponse.HttpServerResponse,
+ ) => Effect.succeed(HttpServerResponse.setHeaders(response, browserApiCorsHeaders)),
+ );
+ return yield* httpEffect;
}),
{ global: true },
);You can send follow-ups to the cloud agent here. |
Contributor
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
There are 4 total unresolved issues (including 3 from previous reviews).
Autofix Details
Bugbot Autofix prepared a fix for the issue found in the latest run.
- ✅ Fixed: Pairing links with admin scope hidden from listings
- Decoupled the subject assignment so issuePairingCredential always uses 'one-time-token' (keeping user-created pairings visible), while issueStartupPairingUrl directly assigns 'administrative-bootstrap' (keeping startup links hidden).
Or push these changes by commenting:
@cursor push a9cff672ee
Preview (a9cff672ee)
diff --git a/apps/server/src/auth/Layers/ServerAuth.ts b/apps/server/src/auth/Layers/ServerAuth.ts
--- a/apps/server/src/auth/Layers/ServerAuth.ts
+++ b/apps/server/src/auth/Layers/ServerAuth.ts
@@ -1,5 +1,4 @@
import {
- AuthAccessManageScope,
AuthAccessTokenType,
AuthAdministrativeScopes,
AuthStandardClientScopes,
@@ -229,9 +228,7 @@
authControlPlane
.createPairingLink({
scopes: input?.scopes ?? AuthStandardClientScopes,
- subject: input?.scopes?.includes(AuthAccessManageScope)
- ? "administrative-bootstrap"
- : "one-time-token",
+ subject: "one-time-token",
...(input?.label ? { label: input.label } : {}),
})
.pipe(
@@ -329,15 +326,27 @@
);
const issueStartupPairingUrl: ServerAuthShape["issueStartupPairingUrl"] = (baseUrl) =>
- issuePairingCredential({ scopes: AuthAdministrativeScopes }).pipe(
- Effect.map((issued) => {
- const url = new URL(baseUrl);
- url.pathname = "/pair";
- url.searchParams.delete("token");
- url.hash = new URLSearchParams([["token", issued.credential]]).toString();
- return url.toString();
- }),
- );
+ authControlPlane
+ .createPairingLink({
+ scopes: AuthAdministrativeScopes,
+ subject: "administrative-bootstrap",
+ })
+ .pipe(
+ Effect.mapError(
+ (cause) =>
+ new ServerAuthInternalError({
+ message: "Failed to issue startup pairing credential.",
+ cause,
+ }),
+ ),
+ Effect.map((issued) => {
+ const url = new URL(baseUrl);
+ url.pathname = "/pair";
+ url.searchParams.delete("token");
+ url.hash = new URLSearchParams([["token", issued.credential]]).toString();
+ return url.toString();
+ }),
+ );
const issueWebSocketTicket: ServerAuthShape["issueWebSocketTicket"] = (session) =>
sessions.issueWebSocketToken(session.sessionId).pipe(You can send follow-ups to the cloud agent here.
Contributor
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
There are 5 total unresolved issues (including 4 from previous reviews).
Autofix Details
Bugbot Autofix prepared a fix for the issue found in the latest run.
- ✅ Fixed: CLI pairing list omits administrative-bootstrap exclusion filter
- Added { excludeSubjects: ["administrative-bootstrap"] } to the CLI's listPairingLinks() call to match the HTTP API behavior in ServerAuth.
Or push these changes by commenting:
@cursor push 33d826e224
Preview (33d826e224)
diff --git a/apps/server/src/cli/auth.ts b/apps/server/src/cli/auth.ts
--- a/apps/server/src/cli/auth.ts
+++ b/apps/server/src/cli/auth.ts
@@ -124,7 +124,9 @@
flags,
(authControlPlane) =>
Effect.gen(function* () {
- const pairingLinks = yield* authControlPlane.listPairingLinks();
+ const pairingLinks = yield* authControlPlane.listPairingLinks({
+ excludeSubjects: ["administrative-bootstrap"],
+ });
yield* Console.log(formatPairingCredentialList(pairingLinks, { json: flags.json }));
}),
{You can send follow-ups to the cloud agent here.
Contributor
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
Autofix Details
Bugbot Autofix prepared a fix for the issue found in the latest run.
- ✅ Fixed: Missing
scopesfield inAuthenticatedSessionreturned from auth- Added catchTag for ServerAuthInternalError in getSessionState to gracefully degrade to unauthenticated state on internal errors (e.g. database failures), restoring the never-fail contract and updated the type signature and caller accordingly.
Or push these changes by commenting:
@cursor push 9614dc8fc3
Preview (9614dc8fc3)
diff --git a/apps/server/src/auth/EnvironmentAuth.ts b/apps/server/src/auth/EnvironmentAuth.ts
--- a/apps/server/src/auth/EnvironmentAuth.ts
+++ b/apps/server/src/auth/EnvironmentAuth.ts
@@ -91,7 +91,7 @@
readonly getDescriptor: () => Effect.Effect<ServerAuthDescriptor>;
readonly getSessionState: (
request: HttpServerRequest.HttpServerRequest,
- ) => Effect.Effect<AuthSessionState, ServerAuthInternalError>;
+ ) => Effect.Effect<AuthSessionState>;
readonly createBrowserSession: (
credential: string,
requestMetadata: AuthClientMetadata,
@@ -296,12 +296,18 @@
...(session.expiresAt ? { expiresAt: DateTime.toUtc(session.expiresAt) } : {}),
}) satisfies AuthSessionState,
),
- Effect.catchTag("ServerAuthInvalidCredentialError", () =>
- Effect.succeed({
- authenticated: false,
- auth: descriptor,
- } satisfies AuthSessionState),
- ),
+ Effect.catchTags({
+ ServerAuthInvalidCredentialError: () =>
+ Effect.succeed({
+ authenticated: false,
+ auth: descriptor,
+ } satisfies AuthSessionState),
+ ServerAuthInternalError: () =>
+ Effect.succeed({
+ authenticated: false,
+ auth: descriptor,
+ } satisfies AuthSessionState),
+ }),
);
const createBrowserSession: EnvironmentAuthShape["createBrowserSession"] = (
diff --git a/apps/server/src/auth/http.ts b/apps/server/src/auth/http.ts
--- a/apps/server/src/auth/http.ts
+++ b/apps/server/src/auth/http.ts
@@ -167,13 +167,7 @@
Effect.fn("environment.auth.session")(function* (args) {
yield* annotateEnvironmentRequest(args.endpoint.name);
const request = yield* HttpServerRequest.HttpServerRequest;
- return yield* serverAuth
- .getSessionState(request)
- .pipe(
- Effect.catchTag("ServerAuthInternalError", (error) =>
- failEnvironmentInternal("internal_error", error),
- ),
- );
+ return yield* serverAuth.getSessionState(request);
}),
)
.handle(You can send follow-ups to the cloud agent here.
Contributor
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
Bugbot Autofix prepared a fix for the issue found in the latest run.
- ✅ Fixed: Entire external repository accidentally committed to git
- Added .repos/ to .gitignore and removed the 1917 tracked files from the git index using
git rm -r --cached .repos/, keeping them on disk as intended reference material.
- Added .repos/ to .gitignore and removed the 1917 tracked files from the git index using
Or push these changes by commenting:
@cursor push 30525aecd2
Preview (30525aecd2)
diff --git a/.gitignore b/.gitignore
--- a/.gitignore
+++ b/.gitignore
@@ -26,3 +26,4 @@
.gstack/
dist-electron/
.electron-runtime/
+.repos/
diff --git a/.repos/effect-smol/.agents/skills/grill-me/SKILL.md b/.repos/effect-smol/.agents/skills/grill-me/SKILL.md
deleted file mode 100644
--- a/.repos/effect-smol/.agents/skills/grill-me/SKILL.md
+++ /dev/null
@@ -1,43 +1,0 @@
----
-name: grill-me
-description: Interview the user about a plan or design until reaching shared understanding, resolving each branch of the decision tree. Use when user wants to stress-test a plan, get grilled on their design, or mentions "grill me".
----
-
-Interview me about every aspect of this plan until we reach a shared understanding and a defensible design.
-
-Ask exactly one question at a time, then wait for my answer before asking the next question.
-
-Use each answer to choose the next highest-leverage unresolved question. Maintain an implicit decision tree of resolved decisions, open questions, assumptions, dependencies, risks, and rejected alternatives.
-
-For each question, include:
-
-- clear answer options when appropriate
-- your recommended answer, marked as recommended
-- a brief reason for the recommendation
-
-Use open-ended questions when fixed options would prematurely constrain the design space.
-
-Challenge vague, inconsistent, risky, or unsupported assumptions. If an answer creates a contradiction or unresolved dependency, ask a follow-up before moving on.
-
-Cover, as relevant:
-
-- goals and non-goals
-- users and stakeholders
-- constraints
-- alternatives
-- APIs and interfaces
-- data model
-- error handling
-- security
-- observability
-- testing
-- migration and rollout
-- failure modes
-- operational ownership
-- success criteria
-
-If repository facts are needed, inspect the codebase instead of asking the user. Do not ask me to provide information that can be determined locally.
-
-When an available user-input tool such as `request_user_input` fits the question, use it to ask one short question with a small set of mutually exclusive options. Otherwise, ask in plain text and present clear possible answers as a numbered list when that helps me answer quickly. Include your recommended option and mark it as recommended.
-
-Stop when the major branches of the design tree have been resolved. Then summarize the agreed design, remaining risks, assumptions, rejected alternatives, and next steps.
\ No newline at end of file
diff --git a/.repos/effect-smol/.agents/skills/jsdocs/SKILL.md b/.repos/effect-smol/.agents/skills/jsdocs/SKILL.md
deleted file mode 100644
--- a/.repos/effect-smol/.agents/skills/jsdocs/SKILL.md
+++ /dev/null
@@ -1,188 +1,0 @@
----
-name: jsdocs
-description: Write, insert, or update Effect public API JSDoc so it satisfies the jsdocs oxlint rule. Use when adding or fixing JSDoc comments, resolving jsdocs diagnostics, preparing docs for JSON extraction, or reviewing public API documentation.
----
-
-Use this skill to write well-formed JSDoc for Effect public APIs.
-
-## Workflow
-
-When updating public API JSDoc:
-
-1. Inspect the declaration, implementation, nearby tests, and nearby JSDoc before editing.
-2. Decide whether the task is a single API fix or a module refinement pass.
-3. Rewrite comments into the required documentation shape while preserving correct facts and examples.
-4. For module refinements, complex APIs, or APIs with related alternatives, run the `@see` and `**Gotchas**` audits.
-5. Run the narrowest relevant validation.
-
-## Required documentation shape
-
-Use a normal multiline JSDoc comment in TypeScript source:
-
-```ts
-/**
- * Short description as one paragraph.
- *
- * **When to use**
- *
- * Optional practical usage guidance.
- *
- * **Details**
- *
- * Optional details for complex APIs, options, overloads, or behavior.
- *
- * **Gotchas**
- *
- * Optional edge cases, footguns, or surprising behavior.
- *
- * **Example** (Short title)
- *
- * Optional prose explaining the example.
- *
- * ```ts
- * const result = example()
- * ```
- *
- * @category constructors
- * @since 1.0.0
- */
-```
-
-## Prose Rules
-
-- Use sober, practical prose.
-- Write all public JSDoc prose in English.
-- Do not use jargon when a plain word works.
-- Do not be clever.
-- Do not add filler sections.
-- The short description is required and must be exactly one paragraph.
-- Make the short description stand on its own. Do not rely on `**When to use**`
- to make the API understandable.
-- For functions and methods, prefer present-tense, action-first prose such as
- `Creates`, `Returns`, `Checks`, `Provides`, `Represents`, `Converts`,
- `Decodes`, or `Formats`.
-- For technical value exports, use consistent noun forms such as `Schema for`,
- `Layer that`, `Service that`, `Context reference that`, or
- `Constructors and matchers for`.
-- Avoid leading `A` or `An` for canonical technical nouns when the surrounding
- module uses a standard noun family, for example prefer `Schema for ...` over
- `A schema for ...`.
-- Do not describe implementation mechanics when a public concept is clearer.
- For example, prefer `Constructors and matchers for ...` over wording that
- only says an API uses `Data.taggedEnum`.
-- Avoid generic purity or non-mutation remarks unless they document a real
- surprise, caveat, or meaningful contrast with a mutating-looking API.
-- Optional sections must appear in this order:
- 1. `**When to use**`
- 2. `**Details**`
- 3. `**Gotchas**`
-- Include an optional section only when it has useful, non-empty content.
-- Prefer prose over bullet lists for single-item `**Details**`, `**When to use**`, or `**Gotchas**` sections. Use bullets only when there are two or more parallel facts, options, cases, or caveats.
-- `**When to use**` describes the positive use case for the documented API. Do not use it as a routing section for sibling APIs. If neighboring APIs need to be mentioned, put that boundary in `@see` tag text instead.
-- `**When to use**` is important when the API has close alternatives, trade-offs, or `@see` tags. If `@see` tags are present, inspect the referenced APIs and add `**When to use**` when it clarifies the documented API's own use case.
-- `**When to use**` must start with one of these practical guidance forms: `Use to`, `Use when`, `Use as`, or `Use with`. Avoid bullet lists and vague openers such as `Use this...` or `Useful for...`.
-- Keep `short` and `**When to use**` distinct: the short description says what
- the API is or does; `**When to use**` says when to choose it.
-- Add internal `@see` tags only for semantically useful related public APIs.
-- Write `@see` tag text as normal prose after the link; no special separator is required. Prefer forms like `@see {@link otherApi} for ...` when a short explanation helps.
-- Use exactly one blank line between the short description, sections, examples, and tags.
-- Do not use Markdown headings such as `# Heading` or ad hoc bold headings such as `**Notes**`; only the standard headings are allowed.
-- Examples must use `**Example** (Title)`, optional prose, and exactly one non-empty `ts` code fence.
-- Example titles must be unique after trimming and lowercasing.
-- Prefer examples with stable, deterministic output. Avoid assertions or
- `console.log` comments that depend on stack traces, object inspection,
- `Error` formatting, concurrency order, timing, randomness, or
- environment-specific formatting. Examples may assume Node.js console
- formatting. Direct `Set` / `Map` output is acceptable when insertion order is
- deterministic and the expected output uses Node's format; otherwise
- demonstrate a stable property instead.
-- Do not use `@example`.
-- Do not put TypeScript code fences outside `**Example** (Title)` sections.
-- Inline `{@link Symbol}` targets must resolve to TypeScript symbols; do not link to URLs with `{@link}`.
-- Avoid overlinking in prose. Use `{@link Symbol}` only when navigation to
- that symbol helps the reader choose or understand the API. For the API being
- documented, the module's central type, nearby obvious names, or repeated
- mentions, prefer plain code formatting such as `Cause`, `Effect`, or
- `Context`.
-- Do not document module-level comments; module JSDoc is ignored by this rule.
-- `@internal` means the item is ignored; do not rewrite it as public docs.
-- Default exports are ignored by this rule and do not need JSDoc.
-- Do not add unsupported constructs such as enums or empty exports in checked files.
-- For low-level public values, prefer accurate categories such as `symbols`,
- `type IDs`, or `prototypes` over compensating with verbose descriptions.
-
-## Tag rules
-
-When multiple tags are present, keep them in this order:
-
-1. `@deprecated`
-2. `@default`
-3. `@see`
-4. `@category`
-5. `@since`
-
-Tag requirements by declaration kind:
-
-- Root declarations require `@category` and stable-semver `@since`, and must
- not use `@default`.
-- Namespaces and declarations inside namespaces require stable-semver `@since`,
- may use `@category`, and must not use `@default`.
-- Member JSDoc is optional. When present, it follows the same prose and layout
- rules, may use optional stable-semver `@since`, may use non-empty `@default`,
- and must not use `@category`.
-- Any declaration may use `@deprecated` with a non-empty message and repeated
- non-empty `@see` tags for semantically useful related public APIs.
-
-## Updating existing JSDoc
-
-When fixing or updating existing docs:
-
-1. Preserve correct facts and examples.
-2. Rewrite the layout into the standard template.
-3. Move usage guidance into `**When to use**`, behavior details into `**Details**`, and real caveats into `**Gotchas**`.
-4. Convert `@example` tags and loose `ts` fences into `**Example** (Title)` sections.
-5. Preserve valid `@see`, `@deprecated`, `@default`, `@category`, and `@since` tags.
-6. Remove `@see` tags that do not point to semantically useful related public APIs.
-7. Replace redundant inline `{@link ...}` tags with plain code formatting when
- the link target is already obvious from the current declaration or module.
-8. Remove sections that would be empty.
-
-## Module refinement
-
-When asked to refine an existing module:
-
-1. First scan the module for local documentation patterns, repeated API families, and category conventions.
-2. Keep the change focused on documentation quality unless the user also asked for rule or source changes.
-3. Prefer improving existing comments over rewriting every comment into a new voice.
-4. Preserve examples unless they are wrong, stale, nondeterministic, or fail
- the required documentation shape.
-5. Apply the `@see` and `**Gotchas**` audits across the module before finishing.
-
-## See audit
-
-When refining an existing public API module, always do a dedicated `@see` pass:
-
-1. Inspect existing `@see` tags and referenced APIs before keeping, changing, or removing them.
-2. Look for close alternatives in the same module or API family when the documented API is one of several ways to do similar work.
-3. Keep or add `@see` only when the linked API is semantically useful to understand the documented API.
-4. Good `@see` targets include sibling APIs, alternatives, inverse operations, lower-level or higher-level variants, complementary operations, and closely returned, consumed, or configured types/values.
-5. Do not use `@see` for implementation dependencies, broad concepts, external background links, APIs that merely share a word or name, helper APIs used only inside examples, undocumented/private members, or APIs that are only generally compatible.
-6. When `@see` tags are kept or added, include `**When to use**` guidance if the documented API's own use case is not obvious from the short description. Keep comparisons with sibling APIs in the `@see` tag text.
-
-## Gotchas audit
-
-When refining an existing public API module, always do a dedicated `**Gotchas**` pass:
-
-1. Scan existing prose for caveat language: warnings, exceptions, limitations, preconditions, special cases, or behavior that is easy to misuse.
-2. Inspect the implementation and nearby tests for behavior that is not obvious from the type signature or short description.
-3. Move real caveats from `**Details**` into `**Gotchas**` when they describe edge cases, footguns, preconditions, surprising behavior, or important failure modes.
-4. Add `**Gotchas**` only when the caveat is concrete and useful to a reader choosing or using the API.
-5. If no gotchas are added during a refinement pass, state that a gotchas audit was performed and why no caveats were worth documenting.
-
-## Validation
-
-Run the narrowest validation that matches the change:
-
-- For JSDoc or example changes in a package with generated docs, run `pnpm docgen` from that package directory.
-- Run `pnpm lint` because the linter includes the custom rule that checks public API JSDoc.
-- Do not run broad validation for prose-only skill edits.
\ No newline at end of file
diff --git a/.repos/effect-smol/.agents/skills/scratchpad/SKILL.md b/.repos/effect-smol/.agents/skills/scratchpad/SKILL.md
deleted file mode 100644
--- a/.repos/effect-smol/.agents/skills/scratchpad/SKILL.md
+++ /dev/null
@@ -1,44 +1,0 @@
----
-name: scratchpad
-description: Extract the JSDoc example nearest the active source selection or cursor into ./scratchpad as a TypeScript file. Use when the user asks to dump, copy, open, or try a source example in scratchpad.
----
-
-Use this skill to create a scratchpad TypeScript file from the JSDoc `**Example**`
-nearest the user's active source cursor or selection.
-
-## Workflow
-
-1. Determine the source path and line:
- - Use the IDE active file and selection/cursor line when present.
- - Use an explicit file and line when the user provides them.
- - If no line or selection is available, ask for it.
-2. Run:
-
- ```sh
- node .agents/skills/scratchpad/scripts/extract-example.mjs <source-path> <line>
- ```
-
-3. If the script exits with code 2 because there is no obvious runner, ask the
- user whether to preserve the example exactly, name an Effect value to run, or
- cancel.
- - To preserve exactly, rerun with `--mode preserve`.
- - To run a specific Effect value, rerun with `--runner <identifier>`.
-4. Report the created path as a clickable file link. This is the deterministic
- way to open it in the code pane.
-5. Do not run the scratchpad file unless the user explicitly asks.
-
-## Behavior
-
-- The script chooses the example whose `**Example**` section contains the line;
- otherwise it chooses the first following example; otherwise the nearest
- previous example.
-- Filenames are derived from the source file and example title, for example
- `scratchpad/Schedule-retrying-and-repeating-effects.ts`.
-- Existing files are not overwritten. The script appends a numeric suffix.
-- In auto mode, if a top-level `program` binding exists, the script appends:
-
- ```ts
- Effect.runPromise(program).then(console.log, console.error)
- ```
-
-- If the example already contains an Effect runner, the script preserves it.
\ No newline at end of file
diff --git a/.repos/effect-smol/.agents/skills/scratchpad/agents/openai.yaml b/.repos/effect-smol/.agents/skills/scratchpad/agents/openai.yaml
deleted file mode 100644
--- a/.repos/effect-smol/.agents/skills/scratchpad/agents/openai.yaml
+++ /dev/null
@@ -1,7 +1,0 @@
-interface:
- display_name: "Scratchpad"
- short_description: "Extract examples into scratchpad"
- default_prompt: "Use $scratchpad to extract the active JSDoc example into scratchpad."
-
-policy:
- allow_implicit_invocation: true
\ No newline at end of file
diff --git a/.repos/effect-smol/.agents/skills/scratchpad/scripts/extract-example.mjs b/.repos/effect-smol/.agents/skills/scratchpad/scripts/extract-example.mjs
deleted file mode 100644
--- a/.repos/effect-smol/.agents/skills/scratchpad/scripts/extract-example.mjs
+++ /dev/null
@@ -1,260 +1,0 @@
-#!/usr/bin/env node
-
-import { existsSync, mkdirSync, readFileSync, writeFileSync } from "node:fs"
-import { basename, extname, isAbsolute, join, relative, resolve } from "node:path"
-
-const usage = `Usage:
- node .agents/skills/scratchpad/scripts/extract-example.mjs <source-path> <line> [--mode auto|preserve] [--runner <identifier>] [--out-dir <dir>]
-
-Examples:
- node .agents/skills/scratchpad/scripts/extract-example.mjs packages/effect/src/Schedule.ts 9
- node .agents/skills/scratchpad/scripts/extract-example.mjs packages/effect/src/Schedule.ts 9 --mode preserve
- node .agents/skills/scratchpad/scripts/extract-example.mjs packages/effect/src/Schedule.ts 9 --runner myProgram
-`
-
-const args = process.argv.slice(2)
-const sourcePath = args[0]
-const lineInput = args[1]
-let mode = "auto"
-let runner = undefined
-let outDir = "scratchpad"
-
-for (let index = 2; index < args.length; index++) {
- const arg = args[index]
- if (arg === "--mode") {
- mode = args[++index]
- } else if (arg === "--runner") {
- runner = args[++index]
- } else if (arg === "--out-dir") {
- outDir = args[++index]
- } else {
- fail(`Unknown option: ${arg}`)
- }
-}
-
-if (!sourcePath || !lineInput) {
- fail(usage)
-}
-
-if (mode !== "auto" && mode !== "preserve") {
- fail(`Invalid --mode: ${mode}`)
-}
-
-if (runner !== undefined && !/^[A-Za-z_$][\w$]*$/.test(runner)) {
- fail(`Invalid --runner identifier: ${runner}`)
-}
-
-const line = Number.parseInt(lineInput, 10)
-
-if (!Number.isSafeInteger(line) || line < 1) {
- fail(`Invalid line number: ${lineInput}`)
-}
-
-const resolvedSourcePath = resolve(sourcePath)
-const source = readFileSync(resolvedSourcePath, "utf8")
-const sourceLines = source.split(/\r?\n/)
-const examples = findExamples(sourceLines)
-
-if (examples.length === 0) {
- fail(`No JSDoc examples found in ${sourcePath}`)
-}
-
-const example = chooseExample(examples, line)
-const hasRunner = /\bEffect\.run[A-Za-z]*\s*\(/.test(example.code)
-const programRunner = /^\s*(?:export\s+)?(?:const|let|var)\s+program\s*=/m.test(example.code)
-
-let code = example.code.trimEnd()
-let runnerStatus = "none"
-
-if (runner !== undefined) {
- code = appendRunner(code, runner)
- runnerStatus = `appended:${runner}`
-} else if (mode === "auto") {
- if (hasRunner) {
- runnerStatus = "already-present"
- } else if (programRunner) {
- code = appendRunner(code, "program")
- runnerStatus = "appended:program"
- } else {
- const payload = {
- status: "needs-runner",
- title: example.title,
- sourcePath: displayPath(resolvedSourcePath),
- titleLine: example.titleLine,
- codeStartLine: example.codeStartLine,
- codeEndLine: example.codeEndLine
- }
- process.stderr.write(`${JSON.stringify(payload, null, 2)}\n`)
- process.exit(2)
- }
-}
-
-mkdirSync(outDir, { recursive: true })
-
-const outputPath = uniqueOutputPath(outDir, resolvedSourcePath, example.title)
-writeFileSync(outputPath, `${code}\n`, "utf8")
-
-process.stdout.write(
- `${JSON.stringify(
- {
- outputPath: displayPath(resolve(outputPath)),
- title: example.title,
- sourcePath: displayPath(resolvedSourcePath),
- titleLine: example.titleLine,
- codeStartLine: example.codeStartLine,
- codeEndLine: example.codeEndLine,
- runner: runnerStatus
- },
- null,
- 2
- )}\n`
-)
-
-function findExamples(lines) {
- const examples = []
- let blockStart = -1
- let block = []
-
- for (let index = 0; index < lines.length; index++) {
- const line = lines[index]
-
- if (blockStart === -1 && line.includes("/**")) {
- blockStart = index
- block = [line]
- if (line.includes("*/")) {
- collectExamples(examples, block, blockStart)
- blockStart = -1
- }
- continue
- }
-
- if (blockStart !== -1) {
- block.push(line)
- if (line.includes("*/")) {
- collectExamples(examples, block, blockStart)
- blockStart = -1
- }
- }
- }
-
- return examples
-}
-
-function collectExamples(examples, block, blockStart) {
- const cleaned = block.map(cleanJSDocLine)
-
- for (let index = 0; index < cleaned.length; index++) {
- const line = cleaned[index]
- const titleMatch = line.match(/\*\*Example\*\*(?:\s*\(([^)]+)\))?/)
-
- if (titleMatch === null) {
- continue
- }
-
- const title = titleMatch[1]?.trim() || `example-${blockStart + index + 1}`
- const fenceStart = findFenceStart(cleaned, index + 1)
-
- if (fenceStart === -1) {
- continue
- }
-
- const fenceEnd = findFenceEnd(cleaned, fenceStart + 1)
-
- if (fenceEnd === -1) {
- continue
- }
-
- examples.push({
- title,
- titleLine: blockStart + index + 1,
- codeStartLine: blockStart + fenceStart + 2,
- codeEndLine: blockStart + fenceEnd,
- code: cleaned.slice(fenceStart + 1, fenceEnd).join("\n")
- })
-
- index = fenceEnd
- }
-}
-
-function findFenceStart(lines, startIndex) {
- for (let index = startIndex; index < lines.length; index++) {
- const trimmed = lines[index].trim()
-
- if (trimmed.startsWith("**Example**")) {
- return -1
- }
-
- if (/^```(?:ts|typescript)?\s*$/.test(trimmed)) {
- return index
- }
- }
-
- return -1
-}
-
-function findFenceEnd(lines, startIndex) {
- for (let index = startIndex; index < lines.length; index++) {
- if (lines[index].trim() === "```") {
- return index
- }
- }
-
- return -1
-}
-
-function cleanJSDocLine(line) {
- return line.replace(/^\s*\/\*\*\s?/, "").replace(/^\s*\*\/\s?$/, "").replace(/^\s*\* ?/, "")
-}
-
-function chooseExample(examples, line) {
- const containing = examples.find((example) => example.titleLine <= line && line <= example.codeEndLine)
-
- if (containing !== undefined) {
- return containing
- }
-
- const following = examples.find((example) => line < example.titleLine)
-
- if (following !== undefined) {
- return following
- }
-
- return examples[examples.length - 1]
-}
-
-function appendRunner(code, identifier) {
- return `${code.trimEnd()}\n\nEffect.runPromise(${identifier}).then(console.log, console.error)`
-}
-
-function uniqueOutputPath(directory, source, title) {
- const sourceName = basename(source, extname(source))
- const titleSlug = slug(title) || "example"
- const base = `${sourceName}-${titleSlug}`
- let candidate = join(directory, `${base}.ts`)
- let suffix = 2
-
- while (existsSync(candidate)) {
- candidate = join(directory, `${base}-${suffix}.ts`)
- suffix++
- }
-
- return candidate
-}
-
-function slug(value) {
- return value
- .normalize("NFKD")
- .replace(/[\u0300-\u036f]/g, "")
- .toLowerCase()
- .replace(/[^a-z0-9]+/g, "-")
- .replace(/^-+|-+$/g, "")
-}
-
-function displayPath(path) {
- return isAbsolute(path) ? relative(process.cwd(), path) || "." : path
-}
-
-function fail(message) {
- process.stderr.write(`${message}\n`)
- process.exit(1)
-}
\ No newline at end of file
diff --git a/.repos/effect-smol/.changeset/add-bigdecimal-sumall-multiplyall.md b/.repos/effect-smol/.changeset/add-bigdecimal-sumall-multiplyall.md
deleted file mode 100644
--- a/.repos/effect-smol/.changeset/add-bigdecimal-sumall-multiplyall.md
+++ /dev/null
@@ -1,5 +1,0 @@
----
-"effect": patch
----
-
-Added `BigDecimal.sumAll` and `BigDecimal.multiplyAll` for feature parity with `Number` and `BigInt`, closes #1880.
\ No newline at end of file
diff --git a/.repos/effect-smol/.changeset/add-chunk-schema.md b/.repos/effect-smol/.changeset/add-chunk-schema.md
deleted file mode 100644
--- a/.repos/effect-smol/.changeset/add-chunk-schema.md
+++ /dev/null
@@ -1,5 +1,0 @@
----
-"effect": patch
----
-
-Schema: add `Chunk` schema, closes #1585.
\ No newline at end of file
diff --git a/.repos/effect-smol/.changeset/add-command-hidden.md b/.repos/effect-smol/.changeset/add-command-hidden.md
deleted file mode 100644
--- a/.repos/effect-smol/.changeset/add-command-hidden.md
+++ /dev/null
@@ -1,19 +1,0 @@
----
-"effect": patch
----
-
-Add `Command.withHidden` to hide subcommands from `--help` output, shell completions, and "did you mean?" suggestions, while keeping them fully invocable by exact name.
-
-Useful for experimental or internal subcommands that should be accepted but not advertised on the public CLI surface.
-
-```ts
-import { Command } from "effect/unstable/cli"
-
-const experimental = Command.make("experimental").pipe(
- Command.withHidden
-)
-
-const root = Command.make("mycli").pipe(
- Command.withSubcommands([experimental])
-)
-```
\ No newline at end of file
diff --git a/.repos/effect-smol/.changeset/add-config-nested.md b/.repos/effect-smol/.changeset/add-config-nested.md
deleted file mode 100644
--- a/.repos/effect-smol/.changeset/add-config-nested.md
+++ /dev/null
@@ -1,5 +1,0 @@
----
-"effect": patch
----
-
-Add `Config.nested` combinator to scope a config under a named prefix, closes #1437.
\ No newline at end of file
diff --git a/.repos/effect-smol/.changeset/add-flag-hidden.md b/.repos/effect-smol/.changeset/add-flag-hidden.md
deleted file mode 100644
--- a/.repos/effect-smol/.changeset/add-flag-hidden.md
+++ /dev/null
@@ -1,15 +1,0 @@
----
-"effect": patch
----
-
-Add `Flag.withHidden` (and `Param.withHidden`) to hide flags from `--help` output and shell completions while keeping them fully parseable on the command line.
-
-Useful for experimental, internal, or deprecated flags that should be accepted but not advertised, e.g. `--experimental-foo`, debug toggles, or escape hatches that are not yet committed to the public CLI surface.
-
-```ts
-import { Flag } from "effect/unstable/cli"
-
-const experimental = Flag.boolean("experimental-foo").pipe(
- Flag.withHidden
-)
-```
\ No newline at end of file
diff --git a/.repos/effect-smol/.changeset/add-from-string-schemas.md b/.repos/effect-smol/.changeset/add-from-string-schemas.md
deleted file mode 100644
--- a/.repos/effect-smol/.changeset/add-from-string-schemas.md
+++ /dev/null
@@ -1,5 +1,0 @@
----
-"effect": patch
----
-
-Add `DateFromString`, `BigIntFromString`, `BigDecimalFromString`, `TimeZoneNamedFromString`, `TimeZoneFromString`, and `DateTimeZonedFromString` schemas, closes #1941.
\ No newline at end of file
diff --git a/.repos/effect-smol/.changeset/add-headers-remove-many.md b/.repos/effect-smol/.changeset/add-headers-remove-many.md
deleted file mode 100644
--- a/.repos/effect-smol/.changeset/add-headers-remove-many.md
+++ /dev/null
@@ -1,5 +1,0 @@
----
-"effect": patch
----
-
-unstable/http Headers: add `removeMany` combinator for removing multiple headers at once
\ No newline at end of file
diff --git a/.repos/effect-smol/.changeset/add-indexeddb-kvs-layer.md b/.repos/effect-smol/.changeset/add-indexeddb-kvs-layer.md
deleted file mode 100644
--- a/.repos/effect-smol/.changeset/add-indexeddb-kvs-layer.md
+++ /dev/null
@@ -1,5 +1,0 @@
----
-"@effect/platform-browser": patch
----
-
-Adds an IndexedDB backed implementation of `KeyValueStore` as `BrowserKeyValueStore.layerIndexedDb`. This backend allows for non-blocking `KeyValueStore` operations, unlike the existing `Storage` api backed implementations.
\ No newline at end of file
diff --git a/.repos/effect-smol/.changeset/add-make-msgpack.md b/.repos/effect-smol/.changeset/add-make-msgpack.md
deleted file mode 100644
--- a/.repos/effect-smol/.changeset/add-make-msgpack.md
+++ /dev/null
@@ -1,5 +1,0 @@
----
-"effect": patch
----
-
-Add `RpcSerialization.makeMsgPack` for creating MessagePack serialization with custom msgpackr options. On Cloudflare Workers with `allow_eval_during_startup` (default for `compatibility_date >= 2025-06-01`), pass `{ useRecords: false }` to prevent msgpackr's JIT code generation via `new Function()`, which is blocked during request handling. Also fixes silent error swallowing in the `msgPack` decode path — non-incomplete errors are now rethrown instead of returning `[]`.
\ No newline at end of file
diff --git a/.repos/effect-smol/.changeset/add-make-option.md b/.repos/effect-smol/.changeset/add-make-option.md
deleted file mode 100644
--- a/.repos/effect-smol/.changeset/add-make-option.md
+++ /dev/null
@@ -1,5 +1,0 @@
----
-"effect": patch
----
-
-Add `SchemaParser.makeOption` and `Schema.makeOption` for constructing schema values as `Option`.
\ No newline at end of file
diff --git a/.repos/effect-smol/.changeset/add-missing-tx-modules.md b/.repos/effect-smol/.changeset/add-missing-tx-modules.md
deleted file mode 100644
--- a/.repos/effect-smol/.changeset/add-missing-tx-modules.md
+++ /dev/null
@@ -1,11 +1,0 @@
----
-"effect": patch
----
-
-Add transactional STM modules: TxDeferred, TxPriorityQueue, TxPubSub, TxReentrantLock, TxSubscriptionRef.
-
-Refactor transaction model: remove `Effect.atomic`/`Effect.atomicWith`. All Tx operations now return `Effect<A, E, Transaction>` requiring explicit `Effect.tx(...)` at boundaries.
-
-Expose `TxPubSub.acquireSubscriber`/`releaseSubscriber` for composable transaction boundaries. Fix `TxSubscriptionRef.changes` race condition ensuring current value is delivered first.
-
-Remove `TxRandom` module.
\ No newline at end of file
diff --git a/.repos/effect-smol/.changeset/add-newtype-module.md b/.repos/effect-smol/.changeset/add-newtype-module.md
deleted file mode 100644
--- a/.repos/effect-smol/.changeset/add-newtype-module.md
+++ /dev/null
@@ -1,5 +1,0 @@
----
-"effect": patch
----
-
-Add `Newtype` module.
\ No newline at end of file
diff --git a/.repos/effect-smol/.changeset/add-scalar-show-operation-id.md b/.repos/effect-smol/.changeset/add-scalar-show-operation-id.md
deleted file mode 100644
--- a/.repos/effect-smol/.changeset/add-scalar-show-operation-id.md
+++ /dev/null
@@ -1,5 +1,0 @@
----
-"effect": patch
----
-
-Add `showOperationId` to `HttpApiScalar.ScalarConfig`.
\ No newline at end of file
diff --git a/.repos/effect-smol/.changeset/add-schedule-tap.md b/.repos/effect-smol/.changeset/add-schedule-tap.md
deleted file mode 100644
--- a/.repos/effect-smol/.changeset/add-schedule-tap.md
+++ /dev/null
@@ -1,5 +1,0 @@
----
-"effect": patch
----
-
-Added `Schedule.tap`, which allows observing full schedule metadata without altering schedule inputs or outputs.
\ No newline at end of file
diff --git a/.repos/effect-smol/.changeset/add-schema-annotate-encoded.md b/.repos/effect-smol/.changeset/add-schema-annotate-encoded.md
deleted file mode 100644
--- a/.repos/effect-smol/.changeset/add-schema-annotate-encoded.md
+++ /dev/null
@@ -1,5 +1,0 @@
----
-"effect": patch
----
-
-Schema: add `annotateEncoded` function for annotating the encoded side of a schema.
\ No newline at end of file
diff --git a/.repos/effect-smol/.changeset/add-schema-array-ensure.md b/.repos/effect-smol/.changeset/add-schema-array-ensure.md
deleted file mode 100644
--- a/.repos/effect-smol/.changeset/add-schema-array-ensure.md
+++ /dev/null
... diff truncated: showing 800 of 670521 linesYou can send follow-ups to the cloud agent here.
Reviewed by Cursor Bugbot for commit 9921c36. Configure here.
Co-authored-by: codex <codex@users.noreply.github.com>
git-subtree-dir: .repos/effect-smol git-subtree-split: 0de3cc2a2d51e98345f4bd37b649ecea3d90b51e
Co-authored-by: codex <codex@users.noreply.github.com>
Co-authored-by: codex <codex@users.noreply.github.com>
Co-authored-by: codex <codex@users.noreply.github.com>
Co-authored-by: codex <codex@users.noreply.github.com>
Co-authored-by: codex <codex@users.noreply.github.com>
Co-authored-by: codex <codex@users.noreply.github.com>
Co-authored-by: codex <codex@users.noreply.github.com>
Co-authored-by: codex <codex@users.noreply.github.com>
Co-authored-by: codex <codex@users.noreply.github.com>
Co-authored-by: codex <codex@users.noreply.github.com>
Co-authored-by: codex <codex@users.noreply.github.com>
Co-authored-by: codex <codex@users.noreply.github.com>
Co-authored-by: codex <codex@users.noreply.github.com>
Co-authored-by: codex <codex@users.noreply.github.com>
Co-authored-by: codex <codex@users.noreply.github.com>
Co-authored-by: codex <codex@users.noreply.github.com>
Co-authored-by: codex <codex@users.noreply.github.com>
Co-authored-by: codex <codex@users.noreply.github.com>
Co-authored-by: codex <codex@users.noreply.github.com>
Co-authored-by: codex <codex@users.noreply.github.com>
Co-authored-by: codex <codex@users.noreply.github.com>
Co-authored-by: codex <codex@users.noreply.github.com>
Co-authored-by: codex <codex@users.noreply.github.com>
juliusmarminge
force-pushed
the
codex/environment-httpapi-client-runtime
branch
from
9921c36 to
3c7aea5
Compare
juliusmarminge
changed the base branch from
main
to
codex/reference-repo-subtree-sync
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
EnvironmentHttpApicontractVerification
bun fmtbun lint(passes with existing warnings in mobile/web base)bun lint:mobilebun typecheckcd apps/server && bun run test -- src/server.test.ts src/bin.test.tscd packages/client-runtime && bun run test -- src/remote.test.tsNote
Replace role-based auth with scoped bearer access tokens across environment HTTP APIs
EnvironmentHttpApicontract inpackages/contracts/src/environmentHttp.tsdefining typed endpoints, error classes, and schemas for auth flows (access tokens, sessions, pairing, WebSocket tickets).rolefield with ascopesarray throughout auth session and pairing link persistence, CLI formatting, and runtime state; migration 031 drops and recreatesauth_pairing_linksandauth_sessionstables with ascopescolumn.issueSshWebSocketTokentoissueSshWebSocketTicketand changessessionToken/bearer-session-tokenreferences toaccess_token/bearer-access-tokenacross desktop IPC, preload, and web runtime.AuthOrchestrationScopevalues and return structuredEnvironmentAutherrors instead of generic HTTP responses.PrimaryEnvironmentHttpClientandrunPrimaryHttpfor browser-side typed HTTP access to the primary environment, backed by aManagedRuntimewith credentials included.auth_pairing_linksandauth_sessionstable data; any stored role-based sessions are lost on upgrade.Macroscope summarized 3c7aea5.
Note
High Risk
Auth model, session/pairing persistence, and desktop IPC/WebSocket naming change together; invalid or unreplaced callers break pairing and remote SSH.
Overview
This PR consolidates environment auth on the server into
EnvironmentAuth,PairingGrantStore, andSessionStore, and replaces owner/client roles with OAuth-style scopes on pairing grants and sessions (bearer-access-token, scope checks, token exchange).Desktop drops
DesktopSshRemoteApiin favor of@t3tools/client-runtime, adds loopback-only SSH HTTP calls, renames WebSocket issuance to tickets (issueSshWebSocketTicket), and moves IPC tests accordingly.Mobile sends client metadata on bootstrap and persists
access_tokenfrom the new access-token shape.Legacy
ServerAuth/AuthControlPlane/BootstrapCredentialServicelayers and their service interfaces are removed; behavior is covered by expandedEnvironmentAuth*and store tests.Reviewed by Cursor Bugbot for commit 3c7aea5. Bugbot is set up for automated code reviews on this repo. Configure here.