Conversation
…ding This fixes HTTPS access to local dev domains (*.hack) when running with OrbStack and/or Tailscale VPN active. OrbStack's localhost port forwarding has issues with TLS on port 443 - IPv4 connections time out (stuck in SYN_RCVD) and IPv6 TLS handshakes fail with internal errors. Solution: Configure dnsmasq to return the Caddy container's static IP (172.30.0.2) directly, bypassing OrbStack's port forwarding entirely. This works reliably because: - The container IP is stable (defined in compose template) - Docker bridge networks are routable from macOS host - No port forwarding layer means no TLS interception issues Changes: - global.ts: Configure dnsmasq with container IP instead of localhost - doctor.ts: Accept container IP in checks, add migration from legacy configs - doctor-utils.ts: Accept container IP, IPv6, and legacy IPv4 configs - Added DNS cache flushing after config changes (dscacheutil + mDNSResponder) - Auto-migration: doctor --fix updates old 127.0.0.1/::1 configs Also includes session management improvements, tickets extension updates, biome linting setup, and various code quality improvements.
- Rename `escape` to `escaped` in config.ts (avoid shadowing global) - Remove unused `isTailscaleRunning` function in doctor.ts - Use template literal in session.ts for string concatenation - Update README.md and docs/architecture.md to reflect container IP DNS resolution instead of localhost
Two issues fixed:
1. "Install Hack CLI.command" now signed with Developer ID certificate
- Gatekeeper was blocking the unsigned .command file in the DMG
- Now codesign --options runtime is applied before DMG creation
2. Local release script now generates hack-install.sh
- Previously only the GitHub workflow created the download installer
- Now build-macos-release.sh outputs both hack-install.sh and
hack-VERSION-install.sh for upload to GitHub releases
This ensures local releases have all the same artifacts as CI releases.
Biome now only checks src/, tests/, and scripts/ directories. Reduces checked files from 224 to 198 and removes false positives from example code and vendored dependencies.
- Fix 285 useBlockStatements (auto-fixed) - Fix 107 noNestedTernary (refactored to if-else/helpers) - Fix 61 useTopLevelRegex (moved to module-level constants) - Fix 58 useLiteralKeys (auto-fixed) - Fix 24 useAwait (removed unnecessary async) - Fix 20 noNonNullAssertion (added null checks) - Fix misc warnings (shadow names, switch defaults, etc.) Simplify biome.jsonc: - Turn off rules for intentional patterns globally - Keep test/script overrides for test-specific patterns - Remaining 74 warnings are cognitive complexity (acceptable for CLI) All tests pass.
Implements T-00075 with tmux session management via REST API: - GET /v1/sessions - list sessions - POST /v1/sessions - create session - GET /v1/sessions/:id - get session details - POST /v1/sessions/:id/stop - stop session - POST /v1/sessions/:id/exec - execute command (with Enter) - POST /v1/sessions/:id/input - send raw keystrokes
- Add `hack ssh` command for remote SSH access via Tailscale or direct SSH - Show QR code for mobile SSH apps (Blink, Termius) - Interactive clack prompts for method selection and session picking - Add Tailscale status detection and turn-on prompt - Update `hack session` picker to use clack instead of fzf - Add attach/create-new option when session is attached elsewhere - Use `tmux attach -d` to detach other clients (fixes terminal size conflicts) - Add tailscale.ts library for Tailscale status and SSH command building - Simplify session API SSH command (no tmux baked in)
Add comprehensive documentation for session management: - docs/sessions.md: Session CLI commands, SSH access, and daemon API - Update gateway-api.md to include sessions endpoints in summary - Update docs/README.md to link to sessions documentation Documents: - hack session commands (list, start, stop, attach, exec) - hack ssh command with Tailscale/direct support - Daemon sessions API endpoints and examples
- global.ts: Use nullish coalescing for cloudflare config params - tickets/commands.ts: Use union type for agent doc results - daemon-sessions.test.ts: Use non-null assertion after null check
|
Running releases locally until Mac CI signing is configured. The workflow can still be triggered manually via workflow_dispatch.
|
Important Review skippedToo many files! 82 files out of 232 files are above the max files limit of 150. You can disable this status message by setting the Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
Session route tests require tmux which isn't available in CI. Use describe.skipIf to skip the entire test suite when tmux is not found.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.