Loading source
Pulling the file list, source metadata, and syntax-aware rendering for this listing.
Source from repo
One-time setup that gathers your project's design context and saves it to CLAUDE.md for future sessions.
Files
Skill
Size
Entrypoint
Format
Open file
Syntax-highlighted preview of this file as included in the skill package.
scripts/live-server.mjs
1#!/usr/bin/env node2/**3* Live variant mode server (self-contained, zero dependencies).4*5* Serves the browser script (/live.js), the detection overlay (/detect.js),6* uses Server-Sent Events (SSE) for server→browser push, and HTTP POST for7* browser→server events. Agent communicates via HTTP long-poll (/poll).8*9* Usage:10* node <scripts_path>/live-server.mjs # start11* node <scripts_path>/live-server.mjs stop # stop + remove injected live.js tag12* node <scripts_path>/live-server.mjs stop --keep-inject # stop only13* node <scripts_path>/live-server.mjs --help14*/15import http from 'node:http';17import { randomUUID } from 'node:crypto';18import { spawn, execFileSync } from 'node:child_process';19import fs from 'node:fs';20import path from 'node:path';21import net from 'node:net';22import { fileURLToPath } from 'node:url';23import { parseDesignMd } from './lib/design-parser.mjs';24import { loadContext } from './context.mjs';25import {26assembleLiveBrowserScript,27assertLiveBrowserScriptParts,28readLiveBrowserScriptParts,29resolveLiveBrowserScriptParts,30} from './live/browser-script-parts.mjs';31import { createLiveSessionStore } from './live/session-store.mjs';32import { validateEvent } from './live/event-validation.mjs';33import { createManualEditRoutes } from './live/manual-edit-routes.mjs';34import { LIVE_COMMANDS } from './live/vocabulary.mjs';35import {36getDesignSidecarPath,37getLiveDir,38getLiveAnnotationsDir,39readLiveServerInfo,40removeLiveServerInfo,41resolveDesignSidecarPath,42writeLiveServerInfo,43} from './lib/impeccable-paths.mjs';44import { countByPage as countPendingByPage } from './live/manual-edits-buffer.mjs';45import {46createManualApplyController,47summarizeManualApplyFailures,48} from './live/manual-apply.mjs';49import {50applyDeferredSvelteComponentAccepts,51removeAllSvelteComponentSessions,52} from './live/svelte-component.mjs';53const __dirname = path.dirname(fileURLToPath(import.meta.url));55// PRODUCT.md / DESIGN.md live wherever context.mjs resolves. The generated56// DESIGN sidecar is project-local at .impeccable/design.json, with legacy57// DESIGN.json fallback for existing projects.58const PROJECT_CONTEXT = loadContext(process.cwd());59const CONTEXT_DIR = PROJECT_CONTEXT.contextDir;60const DESIGN_MD_PATH = PROJECT_CONTEXT.designPath61? path.resolve(process.cwd(), PROJECT_CONTEXT.designPath)62: null;63const DEFAULT_POLL_TIMEOUT = 600_000; // 10 min — agent re-polls on timeout anyway64const SSE_HEARTBEAT_INTERVAL = 30_000; // keepalive ping every 30s65// ---------------------------------------------------------------------------67// Port detection68// ---------------------------------------------------------------------------69async function findOpenPort(start = 8400) {71return new Promise((resolve) => {72const srv = net.createServer();73srv.listen(start, '127.0.0.1', () => {74const port = srv.address().port;75srv.close(() => resolve(port));76});77srv.on('error', () => resolve(findOpenPort(start + 1)));78});79}80// ---------------------------------------------------------------------------82// Session state83// ---------------------------------------------------------------------------84const state = {86token: null,87port: null,88sseClients: new Set(), // SSE response objects (server→browser push)89pendingEvents: [], // browser events waiting for agent ack ({ event, leaseUntil })90pendingPolls: [], // agent poll callbacks waiting for browser events91nextEventSeq: 1,92lastAgentPollingBroadcast: null,93exitTimer: null,94sessionDir: null, // per-session tmp dir for annotation screenshots95sessionStore: null,96leaseTimer: null,97manualEditActivity: null,98nextManualEditSeq: 1,99// Deferreds for in-flight chat-routed Apply events. Keyed by event id; each100// entry is resolved when the chat agent POSTs an ack carrying the batch101// result, or rejected when the hard timeout fires.102pendingApplyDeferreds: new Map(),103// Updated whenever a /poll long-poll request arrives or is resolved with an104// event. Used to detect "a chat agent is likely attached" without requiring105// a poll to be parked at the exact moment we dispatch.106lastPollAt: 0,107timedOutApplyIds: new Map(),108};109const CHAT_POLL_FRESHNESS_MS = 60_000;111const POLL_LEASE_EXPIRY_TIMER_GRACE_MS = 2;112const DEBUG_MANUAL_EDIT_EVENTS = /^(1|true|yes)$/i.test(process.env.IMPECCABLE_LIVE_DEBUG_EVENTS || '');113const manualApply = createManualApplyController({115pendingEvents: state.pendingEvents,116pendingApplyDeferreds: state.pendingApplyDeferreds,117timedOutApplyIds: state.timedOutApplyIds,118enqueueEvent,119acknowledgePendingEvent,120flushPendingPolls,121recordManualEditActivity,122cwd: () => process.cwd(),123});124const manualEditRoutes = createManualEditRoutes({126getToken: () => state.token,127manualApply,128recordManualEditActivity,129getManualEditStatus,130chatAgentLikelyActive,131cwd: () => process.cwd(),132env: () => process.env,133});134function chatAgentLikelyActive() {136if (state.pendingPolls.length > 0) return true;137if (!state.lastPollAt) return false;138return Date.now() - state.lastPollAt < CHAT_POLL_FRESHNESS_MS;139}140// Cap per-annotation upload size. A full 1920×1080 PNG is typically <1 MB;142// cap at 10 MB to guard against runaway writes from a misbehaving client.143const MAX_ANNOTATION_BYTES = 10 * 1024 * 1024;144function enqueueEvent(event) {146if (!event || (event.id && state.pendingEvents.some((entry) => entry.event?.id === event.id && entry.event?.type === event.type))) return;147state.pendingEvents.push({ event, leaseUntil: 0, seq: state.nextEventSeq++ });148flushPendingPolls();149}150function restorePendingEventsFromStore() {152if (!state.sessionStore) return;153for (const snapshot of state.sessionStore.listActiveSessions()) {154if (snapshot.pendingEvent) enqueueEvent(snapshot.pendingEvent);155}156}157function findAvailablePendingEvent(now = Date.now()) {159for (const entry of state.pendingEvents) {160if (entry.leaseUntil && entry.leaseUntil > now) continue;161return entry;162}163return null;164}165function leaseEvent(entry, leaseMs) {167if (!entry.event?.id) {168const idx = state.pendingEvents.indexOf(entry);169if (idx !== -1) state.pendingEvents.splice(idx, 1);170return entry.event;171}172entry.leaseUntil = Date.now() + leaseMs;173scheduleLeaseFlush();174broadcastAgentPollingIfChanged();175return entry.event;176}177function acknowledgePendingEvent(id) {179if (!id) return false;180const idx = state.pendingEvents.findIndex((entry) => entry.event?.id === id);181if (idx === -1) return false;182const acknowledged = state.pendingEvents[idx].event;183state.pendingEvents.splice(idx, 1);184scheduleLeaseFlush();185broadcastAgentPollingIfChanged();186return acknowledged;187}188function findPendingEventById(id) {190if (!id) return null;191const entry = state.pendingEvents.find((item) => item.event?.id === id);192return entry?.event || null;193}194function summarizePendingEventForStatus(entry) {196const event = entry.event || {};197const summary = {198id: event.id,199type: event.type,200leased: !!(entry.leaseUntil && entry.leaseUntil > Date.now()),201leaseUntil: entry.leaseUntil || null,202};203if (event.type === 'manual_edit_apply') {204summary.pageUrl = event.pageUrl || null;205summary.chunk = event.chunk || null;206summary.repair = event.repair || null;207summary.evidencePath = event.evidencePath || null;208summary.agentAction = event.agentAction || manualApply.buildAgentAction(event);209summary.manualApplySummary = manualApply.summarizeEvent(event, manualApply.getDeferred(event.id)?.batch || event.batch);210}211return summary;212}213function summarizeActiveSessionForClient(snapshot = {}) {215return {216id: snapshot.id,217phase: snapshot.phase,218pageUrl: snapshot.pageUrl ?? null,219sourceFile: snapshot.sourceFile ?? null,220previewFile: snapshot.previewFile ?? null,221previewMode: snapshot.previewMode ?? null,222expectedVariants: snapshot.expectedVariants ?? 0,223arrivedVariants: snapshot.arrivedVariants ?? 0,224visibleVariant: snapshot.visibleVariant ?? null,225checkpointRevision: snapshot.checkpointRevision ?? 0,226paramValues: snapshot.paramValues || {},227};228}229function activeSessionSummaries() {231if (!state.sessionStore) return [];232return state.sessionStore.listActiveSessions().map((snapshot) => summarizeActiveSessionForClient(snapshot));233}234function cancelQueuedAnonymousExitEvents() {236let removed = 0;237for (let i = state.pendingEvents.length - 1; i >= 0; i -= 1) {238const event = state.pendingEvents[i]?.event;239if (event?.type !== 'exit' || event.id) continue;240state.pendingEvents.splice(i, 1);241removed += 1;242}243if (removed > 0) {244scheduleLeaseFlush();245broadcastAgentPollingIfChanged();246}247return removed;248}249function scheduleLeaseFlush() {251if (state.leaseTimer) {252clearTimeout(state.leaseTimer);253state.leaseTimer = null;254}255const now = Date.now();256const nextLeaseUntil = state.pendingEvents257.map((entry) => entry.leaseUntil || 0)258.filter((leaseUntil) => leaseUntil > now)259.sort((a, b) => a - b)[0];260if (!nextLeaseUntil) return;261state.leaseTimer = setTimeout(() => {262state.leaseTimer = null;263flushPendingPolls();264broadcastAgentPollingIfChanged();265}, Math.max(0, nextLeaseUntil - now + POLL_LEASE_EXPIRY_TIMER_GRACE_MS));266}267function flushPendingPolls() {269let changed = false;270while (state.pendingPolls.length > 0) {271const entry = findAvailablePendingEvent();272if (!entry) {273scheduleLeaseFlush();274broadcastAgentPollingIfChanged();275return;276}277const poll = state.pendingPolls.shift();278poll.resolve(leaseEvent(entry, poll.leaseMs));279changed = true;280}281scheduleLeaseFlush();282if (changed) broadcastAgentPollingIfChanged();283}284function agentPollingConnected() {286const now = Date.now();287return state.pendingPolls.length > 0288|| state.pendingEvents.some((entry) => entry.leaseUntil && entry.leaseUntil > now);289}290function broadcastAgentPollingIfChanged() {292const connected = agentPollingConnected();293if (state.lastAgentPollingBroadcast === connected) return;294state.lastAgentPollingBroadcast = connected;295broadcast({ type: 'agent_polling', connected });296}297/** Push a message to all connected SSE clients. */299function broadcast(msg) {300const data = 'data: ' + JSON.stringify(msg) + '\n\n';301for (const res of state.sseClients) {302try { res.write(data); } catch { /* client gone */ }303}304}305function recordManualEditActivity(type, details = {}) {307const entry = {308seq: state.nextManualEditSeq++,309type,310ts: new Date().toISOString(),311...details,312};313state.manualEditActivity = entry;314if (DEBUG_MANUAL_EDIT_EVENTS) {315try {316const filePath = path.join(getLiveDir(process.cwd()), 'manual-edit-events.jsonl');317fs.mkdirSync(path.dirname(filePath), { recursive: true });318fs.appendFileSync(filePath, JSON.stringify(entry) + '\n');319} catch {320/* diagnostics are best-effort; never block live mode on observability */321}322}323broadcast(entry);324return entry;325}326function getManualEditStatus() {328try {329const { totalCount, perPage } = countPendingByPage(process.cwd());330return { totalCount, perPage, lastActivity: state.manualEditActivity };331} catch (err) {332return {333totalCount: null,334perPage: {},335lastActivity: state.manualEditActivity,336error: err.message,337};338}339}340// ---------------------------------------------------------------------------342// Load scripts343// ---------------------------------------------------------------------------344function loadBrowserScripts() {346// Detection script: prefer the skill-bundled detector, then fall back to347// source/npm package locations for local development and older installs.348// This one IS cached — detect.js rarely changes during a session.349const detectPaths = [350path.join(__dirname, 'detector', 'detect-antipatterns-browser.js'),351path.join(__dirname, '..', '..', 'cli', 'engine', 'detect-antipatterns-browser.js'),352path.join(__dirname, '..', '..', '..', '..', 'cli', 'engine', 'detect-antipatterns-browser.js'),353path.join(process.cwd(), 'node_modules', 'impeccable', 'cli', 'engine', 'detect-antipatterns-browser.js'),354];355let detectScript = '';356for (const p of detectPaths) {357try { detectScript = fs.readFileSync(p, 'utf-8'); break; } catch { /* try next */ }358}359// Browser script parts: DO NOT cache. Return paths so the /live.js handler361// can re-read every part on each request. Editing browser code during362// iteration should land on the next tab reload, not require a server restart.363const liveScriptParts = resolveLiveBrowserScriptParts(__dirname);364try {365assertLiveBrowserScriptParts(liveScriptParts);366} catch (err) {367process.stderr.write('Error: ' + err.message + '\n');368process.exit(1);369}370return { detectScript, liveScriptParts };372}373function hasProjectContext() {375// PRODUCT.md carries brand voice / anti-references — that's what determines376// whether variants are brand-aware. DESIGN.md (visual tokens) is a separate377// concern, surfaced by the design panel's own empty state.378return !!PROJECT_CONTEXT.hasProduct;379}380function statOrNull(filePath) {382try { return fs.statSync(filePath); } catch { return null; }383}384// HTTP request handler386// ---------------------------------------------------------------------------387function createRequestHandler({ detectScript, liveScriptParts }) {389return (req, res) => {390const url = new URL(req.url, `http://localhost:${state.port}`);391res.setHeader('Access-Control-Allow-Origin', '*');392res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS');393res.setHeader('Access-Control-Allow-Headers', 'Content-Type');394if (req.method === 'OPTIONS') { res.writeHead(204); res.end(); return; }395const p = url.pathname;397// --- Scripts ---399if (p === '/live.js') {400// Re-read from disk each request so edits to live-browser.js land on401// the next tab reload. No-store headers prevent browser caching across402// sessions — during iteration, a cached old script silently breaks403// every subsequent session.404let parts;405try {406parts = readLiveBrowserScriptParts(liveScriptParts);407} catch (err) {408res.writeHead(500, { 'Content-Type': 'text/plain' });409res.end('Error reading live browser scripts: ' + err.message);410return;411}412const body = assembleLiveBrowserScript({413token: state.token,414port: state.port,415vocabulary: LIVE_COMMANDS,416parts,417});418res.writeHead(200, {419'Content-Type': 'application/javascript',420'Cache-Control': 'no-store, no-cache, must-revalidate, max-age=0',421'Pragma': 'no-cache',422});423res.end(body);424return;425}426if (p === '/detect.js' || p === '/') {427if (!detectScript) { res.writeHead(404); res.end('Not available'); return; }428res.writeHead(200, { 'Content-Type': 'application/javascript' });429res.end(detectScript);430return;431}432// --- Vendored modern-screenshot (UMD build) ---434// Lazy-loaded by live.js when the user clicks Go; exposes435// window.modernScreenshot.domToBlob(...) for capture.436if (p === '/modern-screenshot.js') {437const vendorPath = path.join(__dirname, 'modern-screenshot.umd.js');438try {439res.writeHead(200, {440'Content-Type': 'application/javascript',441'Cache-Control': 'public, max-age=31536000, immutable',442});443res.end(fs.readFileSync(vendorPath));444} catch {445res.writeHead(404); res.end('Vendor script not found');446}447return;448}449// --- Annotation upload (browser → server, raw PNG body) ---451// Client generates the eventId, POSTs the PNG, then POSTs the generate452// event with screenshotPath already set. Keeps bytes out of the SSE/poll453// bridge and preserves the "one shot from the user's POV" UX.454if (p === '/annotation' && req.method === 'POST') {455const token = url.searchParams.get('token');456if (token !== state.token) { res.writeHead(401); res.end('Unauthorized'); return; }457const eventId = url.searchParams.get('eventId');458if (!eventId || !/^[A-Za-z0-9_-]{1,64}$/.test(eventId)) {459res.writeHead(400, { 'Content-Type': 'application/json' });460res.end(JSON.stringify({ error: 'Invalid eventId' }));461return;462}463if ((req.headers['content-type'] || '').toLowerCase() !== 'image/png') {464res.writeHead(415, { 'Content-Type': 'application/json' });465res.end(JSON.stringify({ error: 'Content-Type must be image/png' }));466return;467}468if (!state.sessionDir) {469res.writeHead(500, { 'Content-Type': 'application/json' });470res.end(JSON.stringify({ error: 'Session dir unavailable' }));471return;472}473const chunks = [];474let total = 0;475let aborted = false;476req.on('data', (c) => {477if (aborted) return;478total += c.length;479if (total > MAX_ANNOTATION_BYTES) {480aborted = true;481res.writeHead(413, { 'Content-Type': 'application/json' });482res.end(JSON.stringify({ error: 'Payload too large' }));483req.destroy();484return;485}486chunks.push(c);487});488req.on('end', () => {489if (aborted) return;490const absPath = path.join(state.sessionDir, eventId + '.png');491try {492fs.writeFileSync(absPath, Buffer.concat(chunks));493} catch (err) {494res.writeHead(500, { 'Content-Type': 'application/json' });495res.end(JSON.stringify({ error: 'Write failed: ' + err.message }));496return;497}498res.writeHead(200, { 'Content-Type': 'application/json' });499res.end(JSON.stringify({ ok: true, path: absPath }));500});501req.on('error', () => {502if (!aborted) {503res.writeHead(500, { 'Content-Type': 'application/json' });504res.end(JSON.stringify({ error: 'Upload failed' }));505}506});507return;508}509// --- Health ---511if (p === '/status') {512const token = url.searchParams.get('token');513if (token !== state.token) { res.writeHead(401, { 'Content-Type': 'application/json' }); res.end(JSON.stringify({ error: 'Unauthorized' })); return; }514const sessions = activeSessionSummaries();515res.writeHead(200, { 'Content-Type': 'application/json' });516res.end(JSON.stringify({517status: 'ok',518port: state.port,519connectedClients: state.sseClients.size,520pendingEvents: state.pendingEvents.map((entry) => summarizePendingEventForStatus(entry)),521agentPolling: agentPollingConnected(),522activeSessions: sessions,523manualEdits: getManualEditStatus(),524}));525return;526}527if (p === '/health') {529res.writeHead(200, { 'Content-Type': 'application/json' });530res.end(JSON.stringify({531status: 'ok', port: state.port, mode: 'variant',532hasProjectContext: hasProjectContext(),533connectedClients: state.sseClients.size,534}));535return;536}537// --- Design system (unified v2 response) + raw ---539// /design-system.json returns both parsed DESIGN.md and .impeccable/design.json540// sidecar when present. Panel merges them:541// { present, parsed, sidecar, hasMd, hasSidecar,542// mdNewerThanJson, parseError?, sidecarError? }543// - parsed: output of parseDesignMd (frontmatter544// + six canonical sections) when DESIGN.md exists.545// - sidecar: .impeccable/design.json contents when present.546// Expected shape: schemaVersion 2, carrying547// extensions + components + narrative.548// /design-system/raw returns DESIGN.md markdown verbatim549if (p === '/design-system.json' || p === '/design-system/raw') {550const token = url.searchParams.get('token');551if (token !== state.token) { res.writeHead(401); res.end('Unauthorized'); return; }552const mdPath = DESIGN_MD_PATH;554const jsonPath = resolveDesignSidecarPath(process.cwd(), PROJECT_CONTEXT.designContextDir || CONTEXT_DIR) || getDesignSidecarPath(process.cwd());555const mdStat = statOrNull(mdPath);556const jsonStat = statOrNull(jsonPath);557if (p === '/design-system/raw') {559if (!mdStat) { res.writeHead(404); res.end('Not found'); return; }560res.writeHead(200, { 'Content-Type': 'text/markdown; charset=utf-8' });561res.end(fs.readFileSync(mdPath, 'utf-8'));562return;563}564if (!mdStat && !jsonStat) {566res.writeHead(404, { 'Content-Type': 'application/json' });567res.end(JSON.stringify({ present: false }));568return;569}570const response = {572present: true,573hasMd: !!mdStat,574hasSidecar: !!jsonStat,575mdNewerThanJson: !!(mdStat && jsonStat && mdStat.mtimeMs > jsonStat.mtimeMs + 1000),576};577if (mdStat) {579try {580response.parsed = parseDesignMd(fs.readFileSync(mdPath, 'utf-8'));581} catch (err) {582response.parseError = err.message;583}584}585if (jsonStat) {587try {588response.sidecar = JSON.parse(fs.readFileSync(jsonPath, 'utf-8'));589} catch (err) {590response.sidecarError = 'Failed to parse .impeccable/design.json: ' + err.message;591}592}593res.writeHead(200, { 'Content-Type': 'application/json' });595res.end(JSON.stringify(response));596return;597}598// --- Source file (no-HMR fallback) ---600if (p === '/source') {601const token = url.searchParams.get('token');602if (token !== state.token) { res.writeHead(401); res.end('Unauthorized'); return; }603const filePath = url.searchParams.get('path');604if (!filePath || filePath.includes('..')) { res.writeHead(400); res.end('Bad path'); return; }605const absPath = path.resolve(process.cwd(), filePath);606if (!absPath.startsWith(process.cwd())) { res.writeHead(403); res.end('Forbidden'); return; }607let content;608try { content = fs.readFileSync(absPath, 'utf-8'); }609catch { res.writeHead(404); res.end('File not found'); return; }610res.writeHead(200, { 'Content-Type': 'text/html; charset=utf-8' });611res.end(content);612return;613}614// --- SSE: server→browser push (replaces WebSocket) ---616if (p === '/events' && req.method === 'GET') {617const token = url.searchParams.get('token');618if (token !== state.token) { res.writeHead(401); res.end('Unauthorized'); return; }619clearTimeout(state.exitTimer);620state.exitTimer = null;621cancelQueuedAnonymousExitEvents();622res.writeHead(200, {623'Content-Type': 'text/event-stream',624'Cache-Control': 'no-cache',625'Connection': 'keep-alive',626});627res.write('data: ' + JSON.stringify({628type: 'connected',629hasProjectContext: hasProjectContext(),630agentPolling: agentPollingConnected(),631activeSessions: activeSessionSummaries(),632}) + '\n\n');633state.sseClients.add(res);635// Keepalive: SSE comment every 30s prevents silent connection drops.637const heartbeat = setInterval(() => {638try { res.write(': keepalive\n\n'); } catch { clearInterval(heartbeat); }639}, SSE_HEARTBEAT_INTERVAL);640req.on('close', () => {642clearInterval(heartbeat);643state.sseClients.delete(res);644if (state.sseClients.size === 0) {645clearTimeout(state.exitTimer);646state.exitTimer = setTimeout(() => {647if (state.sseClients.size === 0) enqueueEvent({ type: 'exit' });648}, 8000);649}650});651return;652}653if (manualEditRoutes(req, res, url)) return;655// --- Browser→server events (replaces WebSocket messages) ---657if (p === '/events' && req.method === 'POST') {658let body = '';659req.on('data', (c) => { body += c; });660req.on('end', () => {661let msg;662try { msg = JSON.parse(body); } catch {663res.writeHead(400, { 'Content-Type': 'application/json' });664res.end(JSON.stringify({ error: 'Invalid JSON' }));665return;666}667if (msg.token !== state.token) {668res.writeHead(401, { 'Content-Type': 'application/json' });669res.end(JSON.stringify({ error: 'Unauthorized' }));670return;671}672// Defense in depth: manual copy edits must use the staged stash/apply673// endpoints. The direct Save event path is disabled in the browser.674if (msg.type === 'manual_edits') {675res.writeHead(400, { 'Content-Type': 'application/json' });676res.end(JSON.stringify({ error: 'manual_edits must POST to /manual-edit-stash, not /events' }));677return;678}679if (msg.type === 'manual_edit_apply') {680res.writeHead(400, { 'Content-Type': 'application/json' });681res.end(JSON.stringify({ error: 'manual_edit_apply is disabled; use /manual-edit-stash then /manual-edit-commit' }));682return;683}684const error = validateEvent(msg);685if (error) {686res.writeHead(400, { 'Content-Type': 'application/json' });687res.end(JSON.stringify({ error }));688return;689}690if (state.sessionStore && msg.id) {691try {692state.sessionStore.appendEvent(msg);693} catch (err) {694res.writeHead(500, { 'Content-Type': 'application/json' });695res.end(JSON.stringify({ error: 'session_store_append_failed', message: err.message }));696return;697}698}699if (msg.type === 'exit') {700cleanupSvelteComponentSessionsBeforeExit();701}702if (msg.type !== 'checkpoint') {703enqueueEvent(msg);704}705res.writeHead(200, { 'Content-Type': 'application/json' });706res.end(JSON.stringify({ ok: true }));707});708return;709}710// --- Stop ---712if (p === '/stop') {713const token = url.searchParams.get('token');714if (token !== state.token) { res.writeHead(401); res.end('Unauthorized'); return; }715res.writeHead(200, { 'Content-Type': 'text/plain' });716res.end('stopping');717shutdown();718return;719}720// --- Agent poll ---722if (p === '/poll' && req.method === 'GET') {723handlePollGet(req, res, url);724return;725}726if (p === '/poll' && req.method === 'POST') {727handlePollPost(req, res);728return;729}730res.writeHead(404); res.end('Not found');732};733}734// ---------------------------------------------------------------------------736// Agent poll endpoints (unchanged from WS version)737// ---------------------------------------------------------------------------738function handlePollGet(req, res, url) {740const token = url.searchParams.get('token');741if (token !== state.token) {742res.writeHead(401, { 'Content-Type': 'application/json' });743res.end(JSON.stringify({ error: 'Unauthorized' }));744return;745}746state.lastPollAt = Date.now();747const timeout = parseInt(url.searchParams.get('timeout') || DEFAULT_POLL_TIMEOUT, 10);748const leaseMs = parseInt(url.searchParams.get('leaseMs') || '30000', 10);749const available = findAvailablePendingEvent();750if (available) {751res.writeHead(200, { 'Content-Type': 'application/json' });752res.end(JSON.stringify(leaseEvent(available, leaseMs)));753return;754}755const poll = { resolve, leaseMs };756const timer = setTimeout(() => {757const idx = state.pendingPolls.indexOf(poll);758if (idx !== -1) state.pendingPolls.splice(idx, 1);759broadcastAgentPollingIfChanged();760res.writeHead(200, { 'Content-Type': 'application/json' });761res.end(JSON.stringify({ type: 'timeout' }));762}, timeout);763function resolve(event) {764clearTimeout(timer);765state.lastPollAt = Date.now();766res.writeHead(200, { 'Content-Type': 'application/json' });767res.end(JSON.stringify(event));768}769state.pendingPolls.push(poll);770broadcastAgentPollingIfChanged();771scheduleLeaseFlush();772req.on('close', () => {773clearTimeout(timer);774const idx = state.pendingPolls.indexOf(poll);775if (idx !== -1) state.pendingPolls.splice(idx, 1);776broadcastAgentPollingIfChanged();777});778}779function sessionFileMetadataFromPollReply(file) {781if (!file || typeof file !== 'string') return { file };782const normalized = file.split(path.sep).join('/');783const base = { file: normalized };784if (!normalized.endsWith('/manifest.json') && normalized !== 'manifest.json') return base;785if (!normalized.includes('node_modules/.impeccable-live/') && !normalized.includes('src/lib/impeccable/')) return base;786let full;788try {789full = path.resolve(process.cwd(), normalized);790const rel = path.relative(process.cwd(), full);791if (!rel || rel.startsWith('..') || path.isAbsolute(rel)) return base;792} catch {793return base;794}795try {797const manifest = JSON.parse(fs.readFileSync(full, 'utf-8'));798if (manifest?.previewMode !== 'svelte-component' || !manifest.sourceFile) return base;799return {800file: String(manifest.sourceFile).split(path.sep).join('/'),801sourceFile: String(manifest.sourceFile).split(path.sep).join('/'),802previewFile: normalized,803previewMode: 'svelte-component',804};805} catch {806return base;807}808}809function handlePollPost(req, res) {811let body = '';812req.on('data', (c) => { body += c; });813req.on('end', () => {814let msg;815try { msg = JSON.parse(body); } catch {816res.writeHead(400, { 'Content-Type': 'application/json' });817res.end(JSON.stringify({ error: 'Invalid JSON' }));818return;819}820if (msg.token !== state.token) {821res.writeHead(401, { 'Content-Type': 'application/json' });822res.end(JSON.stringify({ error: 'Unauthorized' }));823return;824}825const pendingApplyDeferred = manualApply.getDeferred(msg.id);826if (pendingApplyDeferred) {827const validation = manualApply.validateResultMessage(msg, pendingApplyDeferred);828if (!validation.ok) {829recordManualEditActivity('manual_edit_apply_reply_invalid', {830id: msg.id,831pageUrl: pendingApplyDeferred.pageUrl,832chunk: pendingApplyDeferred.event?.chunk || null,833repair: pendingApplyDeferred.event?.repair || null,834reason: validation.body?.reason || validation.body?.error || 'invalid_manual_apply_result',835status: msg.data?.status || null,836});837res.writeHead(400, { 'Content-Type': 'application/json' });838res.end(JSON.stringify(validation.body));839return;840}841recordManualEditActivity('manual_edit_apply_reply_received', {842id: msg.id,843pageUrl: pendingApplyDeferred.pageUrl,844chunk: pendingApplyDeferred.event?.chunk || null,845repair: pendingApplyDeferred.event?.repair || null,846status: validation.result.status,847appliedCount: validation.result.appliedEntryIds.length,848failed: summarizeManualApplyFailures(validation.result.failed),849fileCount: validation.result.files.length,850noteCount: validation.result.notes.length,851});852manualApply.resolveDeferred(msg.id, validation.result);853acknowledgePendingEvent(msg.id);854flushPendingPolls();855res.writeHead(200, { 'Content-Type': 'application/json' });856res.end(JSON.stringify({ ok: true }));857return;858}859if (manualApply.hasTimedOutId(msg.id)) {860const rollback = manualApply.rollbackTimedOutReply(msg);861recordManualEditActivity('manual_edit_apply_stale_reply_rejected', {862id: msg.id,863rolledBackFileCount: rollback.rolledBackFiles?.length || 0,864rollbackFailureCount: rollback.rollbackFailures?.length || 0,865});866res.writeHead(409, { 'Content-Type': 'application/json' });867res.end(JSON.stringify({ error: 'stale_manual_edit_apply_reply', ...rollback }));868return;869}870const pendingEventBeforeAck = findPendingEventById(msg.id);871if (pendingEventBeforeAck?.type === 'steer' && msg.type === 'steer_done'872&& !msg.file && !(typeof msg.message === 'string' && msg.message.trim())) {873res.writeHead(400, { 'Content-Type': 'application/json' });874res.end(JSON.stringify({875error: 'steer_done_requires_file_or_message',876hint: 'Reply with --file after writing source, or include a message explaining an intentional no-op.',877}));878return;879}880const acknowledgedEvent = acknowledgePendingEvent(msg.id);881let skipJournalReply = false;882let existingSession = null;883if (!acknowledgedEvent && state.sessionStore && msg.id) {884try {885existingSession = state.sessionStore.getSnapshot(msg.id, { includeCompleted: true });886if (!existingSession?.updatedAt) existingSession = null;887skipJournalReply = existingSession?.phase === 'completed' || existingSession?.phase === 'discarded';888} catch { /* fall through and record the reply normally */ }889}890if (!acknowledgedEvent && !existingSession) {891recordManualEditActivity('manual_edit_poll_reply_unknown', {892id: msg.id || null,893type: msg.type || null,894});895res.writeHead(msg.id ? 404 : 400, { 'Content-Type': 'application/json' });896res.end(JSON.stringify({897error: msg.id ? 'unknown_poll_reply_id' : 'missing_poll_reply_id',898id: msg.id,899}));900return;901}902const replyFileMeta = sessionFileMetadataFromPollReply(msg.file);903if (state.sessionStore && msg.id && !skipJournalReply) {904try {905const eventType = msg.type === 'steer_done'906? 'steer_done'907: msg.type === 'discard' || msg.type === 'discarded'908? 'discarded'909: msg.type === 'complete'910? 'complete'911: msg.type === 'error'912? 'agent_error'913: 'agent_done';914state.sessionStore.appendEvent({915type: eventType,916id: msg.id,917file: replyFileMeta.file,918sourceFile: replyFileMeta.sourceFile,919previewFile: replyFileMeta.previewFile,920previewMode: replyFileMeta.previewMode,921message: msg.message,922sourceEventType: acknowledgedEvent?.type,923carbonize: msg.data?.carbonize === true,924});925} catch { /* keep reply path best-effort; browser still needs SSE */ }926}927flushPendingPolls();928// Forward the reply to the browser via SSE929broadcast({930type: msg.type || 'done',931id: msg.id,932message: msg.message,933file: msg.file,934sourceFile: replyFileMeta.sourceFile,935previewFile: replyFileMeta.previewFile,936previewMode: replyFileMeta.previewMode,937data: msg.data,938});939res.writeHead(200, { 'Content-Type': 'application/json' });940res.end(JSON.stringify({ ok: true }));941});942}943// ---------------------------------------------------------------------------945// Lifecycle946// ---------------------------------------------------------------------------947let httpServer = null;949function shutdown() {951cleanupSvelteComponentSessionsBeforeExit();952removeLiveServerInfo(process.cwd());953if (state.leaseTimer) clearTimeout(state.leaseTimer);954state.leaseTimer = null;955if (state.sessionDir) {956try { fs.rmSync(state.sessionDir, { recursive: true, force: true }); } catch {}957}958for (const res of state.sseClients) { try { res.end(); } catch {} }959state.sseClients.clear();960for (const poll of state.pendingPolls) poll.resolve({ type: 'exit' });961state.pendingPolls.length = 0;962if (httpServer) httpServer.close();963process.exit(0);964}965function cleanupSvelteComponentSessionsBeforeExit() {967try {968removeAllSvelteComponentSessions(process.cwd());969} catch (err) {970console.warn('[impeccable] Svelte component session cleanup failed:', err.message);971}972}973function applyLegacyDeferredAcceptsOnStartup() {975try {976const result = applyDeferredSvelteComponentAccepts(process.cwd());977if (result.applied > 0 || result.failed > 0) {978console.log('[impeccable] applied legacy deferred Svelte component accepts:', JSON.stringify(result));979}980} catch (err) {981console.warn('[impeccable] legacy deferred Svelte component accept apply failed:', err.message);982}983}984// ---------------------------------------------------------------------------986// Main987// ---------------------------------------------------------------------------988const args = process.argv.slice(2);990if (args.includes('--help') || args.includes('-h')) {992console.log(`Usage: node live-server.mjs [options]993Start the live variant mode server (zero dependencies).995Commands:997(default) Start the server (foreground)998stop Stop the server and remove the injected live.js script tag999stop --keep-inject Stop the server only (leave the script tag in the HTML entry)1000Options:1002--background Start detached, print connection JSON to stdout, then exit1003--port=PORT Use a specific port (default: auto-detect starting at 8400)1004--keep-inject Only with stop: skip live-inject.mjs --remove1005--help Show this help1006Endpoints:1008/live.js Browser script (element picker + variant cycling)1009/detect.js Detection overlay (backwards compatible)1010/modern-screenshot.js Vendored modern-screenshot UMD build (lazy-loaded by live.js)1011/annotation POST raw image/png to stage a variant screenshot1012/events SSE stream (server→browser) + POST (browser→server)1013/poll Long-poll for agent CLI1014/manual-edit-stash Stage browser copy edits1015/manual-edit-commit Apply staged browser copy edits1016/manual-edit-discard Discard staged browser copy edits1017/source Raw source file reader (no-HMR fallback)1018/status Durable recovery status (token-protected)1019/health Health check`);1020process.exit(0);1021}1022if (args.includes('stop')) {1024const keepInject = args.includes('--keep-inject');1025try {1026const { info } = readLiveServerInfo(process.cwd()) || {};1027const res = await fetch(`http://localhost:${info.port}/stop?token=${info.token}`);1028if (res.ok) console.log(`Stopped live server on port ${info.port}.`);1029} catch {1030console.log('No running live server found.');1031}1032if (!keepInject) {1033const injectPath = path.join(__dirname, 'live-inject.mjs');1034try {1035const out = execFileSync(process.execPath, [injectPath, '--remove'], {1036encoding: 'utf-8',1037cwd: process.cwd(),1038});1039const line = out.trim().split('\n').filter(Boolean).pop();1040if (line) {1041try {1042const j = JSON.parse(line);1043if (j.removed === true) {1044console.log(`Removed live script tag from ${j.file}.`);1045}1046} catch {1047/* ignore non-JSON lines */1048}1049}1050} catch (err) {1051const detail = err.stderr?.toString?.().trim?.()1052|| err.stdout?.toString?.().trim?.()1053|| err.message1054|| String(err);1055console.warn(`Note: could not remove live script tag (${detail.split('\n')[0]})`);1056}1057}1058process.exit(0);1059}1060// --background: spawn a detached child server, wait for it to be ready,1062// print the connection JSON, then exit. This keeps the startup command1063// simple (no shell backgrounding or chained commands).1064if (args.includes('--background')) {1065const childArgs = args.filter(a => a !== '--background');1066const child = spawn(process.execPath, [fileURLToPath(import.meta.url), ...childArgs], {1067detached: true,1068stdio: 'ignore',1069cwd: process.cwd(),1070});1071child.unref();1072// Poll for the PID file (the child writes it once the HTTP server is listening).1074const deadline = Date.now() + 10_000;1075while (Date.now() < deadline) {1076try {1077const { info } = readLiveServerInfo(process.cwd()) || {};1078if (info.pid !== process.pid) {1079// Output JSON so the agent can read port + token from stdout.1080console.log(JSON.stringify(info));1081process.exit(0);1082}1083} catch { /* not ready yet */ }1084await new Promise(r => setTimeout(r, 200));1085}1086console.error('Timed out waiting for live server to start.');1087process.exit(1);1088}1089// Check for existing session1091const existingRecord = readLiveServerInfo(process.cwd());1092if (existingRecord?.info) {1093const existing = existingRecord.info;1094try {1095process.kill(existing.pid, 0);1096console.error(`Live server already running on port ${existing.port} (pid ${existing.pid}).`);1097console.error('Stop it first with: node ' + path.basename(fileURLToPath(import.meta.url)) + ' stop');1098process.exit(1);1099} catch {1100try { fs.unlinkSync(existingRecord.path); } catch {}1101}1102}1103state.token = randomUUID();1105state.sessionStore = createLiveSessionStore({ cwd: process.cwd() });1106manualApply.rollbackTransaction({1107reason: 'manual_edit_server_start_recovered_abandoned_transaction',1108});1109applyLegacyDeferredAcceptsOnStartup();1110restorePendingEventsFromStore();1111manualApply.pruneStaleEvidence();1112const portArg = args.find(a => a.startsWith('--port='));1113state.port = portArg ? parseInt(portArg.split('=')[1], 10) : await findOpenPort();1114// Annotation screenshots live in the project root so the agent's Read tool1115// doesn't trip a per-file permission prompt. Sessioned by token so concurrent1116// projects (or quick restarts) don't collide.1117const annotRoot = getLiveAnnotationsDir(process.cwd());1118fs.mkdirSync(annotRoot, { recursive: true });1119state.sessionDir = fs.mkdtempSync(path.join(annotRoot, 'session-'));1120const { detectScript, liveScriptParts } = loadBrowserScripts();1122httpServer = http.createServer(createRequestHandler({ detectScript, liveScriptParts }));1123httpServer.listen(state.port, '127.0.0.1', () => {1125writeLiveServerInfo(process.cwd(), { pid: process.pid, port: state.port, token: state.token });1126const url = `http://localhost:${state.port}`;1127console.log(`\nImpeccable live server running on ${url}`);1128console.log(`Token: ${state.token}\n`);1129console.log(`Script: ${url}/live.js`);1130console.log('Inject: managed by live-inject.mjs; Astro source tags use is:inline automatically.');1131console.log(`Stop: node ${path.basename(fileURLToPath(import.meta.url))} stop`);1132});1133process.on('SIGINT', shutdown);1135process.on('SIGTERM', shutdown);1136