M5: Python agent sidecar + SwiftUI agent panel#76
Open
kalil0321 wants to merge 45 commits into
Open
Conversation
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 386c5e907d
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
Comment on lines
+22
to
+23
| process.executableURL = URL(fileURLWithPath: spec.pythonExecutable) | ||
| process.arguments = ["-m", "rae_agent.server"] |
There was a problem hiding this comment.
With the default AgentSession initializer passing "/usr/bin/env python3", this assigns a single path to Process.executableURL; Process does not split shell-style commands, so startup tries to execute a non-existent file at /usr/bin/env python3 and throws before the agent sidecar can launch. Use /usr/bin/env as the executable and put python3 before -m in the arguments, or pass an actual Python binary path.
Useful? React with 👍 / 👎.
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
10 issues found across 15 files
Prompt for AI agents (unresolved issues)
Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.
<file name="backend/rae_agent/server.py">
<violation number="1" location="backend/rae_agent/server.py:35">
P1: Validate `request.id` before calling `run_chat`; path traversal sequences can escape `base_dir` when session directories are created.</violation>
</file>
Reply with feedback, questions, or to request a fix.
Re-trigger cubic
| return | ||
|
|
||
| try: | ||
| request = ChatRequest.from_payload(payload) |
Contributor
There was a problem hiding this comment.
P1: Validate request.id before calling run_chat; path traversal sequences can escape base_dir when session directories are created.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At backend/rae_agent/server.py, line 35:
<comment>Validate `request.id` before calling `run_chat`; path traversal sequences can escape `base_dir` when session directories are created.</comment>
<file context>
@@ -0,0 +1,76 @@
+ return
+
+ try:
+ request = ChatRequest.from_payload(payload)
+ except ProtocolError as exc:
+ await websocket.send(json.dumps(AgentEvent.error(None, str(exc)).to_dict()))
</file context>
This is likely a transient issue. You can re-trigger a run from the dashboard. |
kalil0321
pushed a commit
that referenced
this pull request
May 19, 2026
Fixes for PR #76 review comments (greptile, cubic, codex): backend/ - protocol.py: * FlowSummary now validates finishedAt as a float (raises ProtocolError instead of silently storing a non-numeric) * Coerce header pairs through str() for safety * New sanitize_session_id(raw, fallback) — restricts chat ids to [A-Za-z0-9._-], rejects "." / ".." / absolute paths / null bytes / 128+ chars, used by both server and session - server.py: * resolve_base_dir() helper; no longer appends "rae-agent-sessions" when RAE_AGENT_WORKDIR is set by the Swift sidecar, so sessions land at <support>/agent-sessions/<chat-id>/... instead of double nesting * ValueError from SessionDirs is surfaced as an AgentEvent.error - session.py: * SessionDirs.make resolves and verifies the session root stays inside base before creating directories (path traversal defense) * file_written event now fires from the ToolResult phase (not ToolUse), and only when the result is not an error — so the UI only badges files the SDK actually wrote * sanitize_session_id replaces raw chat ids before path joining macos/Sources/ReverseAPI/Agent/ - AgentSidecar: * LaunchSpec now carries (executablePath, arguments) explicitly, with factory `python3(workdir:)` that runs `/usr/bin/env` with `python3` as its first argument. Previously Process.executableURL was given the full "/usr/bin/env python3" string and failed to start. * waitForBoundPort uses readabilityHandler + an async sleep loop instead of blocking availableData reads, and respects the timeout * Process is terminated and cleared on port-discovery failure so failed launches do not leave orphans - AgentSession.clear: when status was .failed, drop to .idle (not .ready), so ensureRunning() can actually relaunch on the next send - AgentSession.ensureRunning: terminate sidecar + disconnect client on launch failure so the next attempt starts clean - AgentClient.connect: replaces a dead URLSessionWebSocketTask instead of returning early when one already exists - AgentFlowPayload.encodedBody: cap payloads at 64 KiB per body (configurable), with a "…<truncated N bytes>" suffix, to avoid hitting websocket message-too-large on large captures Tests: - backend/tests/test_protocol.py extended to 27 cases (sanitize_session_id subgroup, finishedAt type validation, event serializations) - backend/tests/test_server_resolution.py: 3 tests on resolve_base_dir - backend/tests/test_session_dirs.py: 5 tests including path-traversal rejection - macos/Tests/ReverseAPITests/AgentProtocolTests.swift: 13 tests on AgentFlowPayload.encodedBody (empty / UTF-8 / truncation / binary) and AgentEventDecoder (all event types + invalid input) - Package.swift: ReverseAPITests testTarget
Owner
Author
|
@greptile review Generated by Claude Code |
Contributor
There was a problem hiding this comment.
3 issues found across 13 files (changes from recent commits).
Prompt for AI agents (unresolved issues)
Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.
<file name="backend/rae_agent/server.py">
<violation number="1" location="backend/rae_agent/server.py:35">
P1: Validate `request.id` before calling `run_chat`; path traversal sequences can escape `base_dir` when session directories are created.</violation>
</file>
Reply with feedback, questions, or to request a fix.
Re-trigger cubic
kalil0321
force-pushed
the
claude/proxy-monitor-m4-alpn-har
branch
from
08f57a2 to
b80021e
Compare
kalil0321
pushed a commit
that referenced
this pull request
May 19, 2026
Fixes for PR #76 review comments (greptile, cubic, codex): backend/ - protocol.py: * FlowSummary now validates finishedAt as a float (raises ProtocolError instead of silently storing a non-numeric) * Coerce header pairs through str() for safety * New sanitize_session_id(raw, fallback) — restricts chat ids to [A-Za-z0-9._-], rejects "." / ".." / absolute paths / null bytes / 128+ chars, used by both server and session - server.py: * resolve_base_dir() helper; no longer appends "rae-agent-sessions" when RAE_AGENT_WORKDIR is set by the Swift sidecar, so sessions land at <support>/agent-sessions/<chat-id>/... instead of double nesting * ValueError from SessionDirs is surfaced as an AgentEvent.error - session.py: * SessionDirs.make resolves and verifies the session root stays inside base before creating directories (path traversal defense) * file_written event now fires from the ToolResult phase (not ToolUse), and only when the result is not an error — so the UI only badges files the SDK actually wrote * sanitize_session_id replaces raw chat ids before path joining macos/Sources/ReverseAPI/Agent/ - AgentSidecar: * LaunchSpec now carries (executablePath, arguments) explicitly, with factory `python3(workdir:)` that runs `/usr/bin/env` with `python3` as its first argument. Previously Process.executableURL was given the full "/usr/bin/env python3" string and failed to start. * waitForBoundPort uses readabilityHandler + an async sleep loop instead of blocking availableData reads, and respects the timeout * Process is terminated and cleared on port-discovery failure so failed launches do not leave orphans - AgentSession.clear: when status was .failed, drop to .idle (not .ready), so ensureRunning() can actually relaunch on the next send - AgentSession.ensureRunning: terminate sidecar + disconnect client on launch failure so the next attempt starts clean - AgentClient.connect: replaces a dead URLSessionWebSocketTask instead of returning early when one already exists - AgentFlowPayload.encodedBody: cap payloads at 64 KiB per body (configurable), with a "…<truncated N bytes>" suffix, to avoid hitting websocket message-too-large on large captures Tests: - backend/tests/test_protocol.py extended to 27 cases (sanitize_session_id subgroup, finishedAt type validation, event serializations) - backend/tests/test_server_resolution.py: 3 tests on resolve_base_dir - backend/tests/test_session_dirs.py: 5 tests including path-traversal rejection - macos/Tests/ReverseAPITests/AgentProtocolTests.swift: 13 tests on AgentFlowPayload.encodedBody (empty / UTF-8 / truncation / binary) and AgentEventDecoder (all event types + invalid input) - Package.swift: ReverseAPITests testTarget
kalil0321
force-pushed
the
claude/proxy-monitor-m5-agent-sidecar
branch
from
7d880c6 to
4acdba7
Compare
Owner
Author
|
@greptile review Generated by Claude Code |
kalil0321
force-pushed
the
claude/proxy-monitor-m4-alpn-har
branch
from
b80021e to
52acac0
Compare
kalil0321
pushed a commit
that referenced
this pull request
May 19, 2026
Fixes for PR #76 review comments (greptile, cubic, codex): backend/ - protocol.py: * FlowSummary now validates finishedAt as a float (raises ProtocolError instead of silently storing a non-numeric) * Coerce header pairs through str() for safety * New sanitize_session_id(raw, fallback) — restricts chat ids to [A-Za-z0-9._-], rejects "." / ".." / absolute paths / null bytes / 128+ chars, used by both server and session - server.py: * resolve_base_dir() helper; no longer appends "rae-agent-sessions" when RAE_AGENT_WORKDIR is set by the Swift sidecar, so sessions land at <support>/agent-sessions/<chat-id>/... instead of double nesting * ValueError from SessionDirs is surfaced as an AgentEvent.error - session.py: * SessionDirs.make resolves and verifies the session root stays inside base before creating directories (path traversal defense) * file_written event now fires from the ToolResult phase (not ToolUse), and only when the result is not an error — so the UI only badges files the SDK actually wrote * sanitize_session_id replaces raw chat ids before path joining macos/Sources/ReverseAPI/Agent/ - AgentSidecar: * LaunchSpec now carries (executablePath, arguments) explicitly, with factory `python3(workdir:)` that runs `/usr/bin/env` with `python3` as its first argument. Previously Process.executableURL was given the full "/usr/bin/env python3" string and failed to start. * waitForBoundPort uses readabilityHandler + an async sleep loop instead of blocking availableData reads, and respects the timeout * Process is terminated and cleared on port-discovery failure so failed launches do not leave orphans - AgentSession.clear: when status was .failed, drop to .idle (not .ready), so ensureRunning() can actually relaunch on the next send - AgentSession.ensureRunning: terminate sidecar + disconnect client on launch failure so the next attempt starts clean - AgentClient.connect: replaces a dead URLSessionWebSocketTask instead of returning early when one already exists - AgentFlowPayload.encodedBody: cap payloads at 64 KiB per body (configurable), with a "…<truncated N bytes>" suffix, to avoid hitting websocket message-too-large on large captures Tests: - backend/tests/test_protocol.py extended to 27 cases (sanitize_session_id subgroup, finishedAt type validation, event serializations) - backend/tests/test_server_resolution.py: 3 tests on resolve_base_dir - backend/tests/test_session_dirs.py: 5 tests including path-traversal rejection - macos/Tests/ReverseAPITests/AgentProtocolTests.swift: 13 tests on AgentFlowPayload.encodedBody (empty / UTF-8 / truncation / binary) and AgentEventDecoder (all event types + invalid input) - Package.swift: ReverseAPITests testTarget
kalil0321
force-pushed
the
claude/proxy-monitor-m5-agent-sidecar
branch
from
0f750b6 to
6a1d716
Compare
kalil0321
force-pushed
the
claude/proxy-monitor-m4-alpn-har
branch
from
52acac0 to
0bfcc68
Compare
backend/ — new Python package (rae-agent) - pyproject.toml with websockets + claude-agent-sdk deps - protocol.py: typed ChatRequest / FlowSummary / AgentEvent dataclasses with payload validation - prompts.py: system prompt + per-language guidelines (Python, TypeScript, Go) - session.py: per-chat workdir, persists selected flows to JSON, drives claude_agent_sdk.query, translates Assistant / Tool / Result blocks into AgentEvent stream - server.py: websockets server, RAE_AGENT_LISTENING:<port> handshake - pytest suite for the protocol layer macos/Sources/ReverseAPI/Agent/ - AgentSidecar: launches the Python backend, parses bound port from stdout, manages lifecycle - AgentClient: actor wrapping URLSessionWebSocketTask, AsyncStream of decoded AgentEvents - AgentProtocol: AgentEvent / AgentFlowPayload / AgentChatRequest + AgentEventDecoder - AgentSession: @mainactor @observable that coordinates sidecar + client, exposes status / events / history / generated files macos/Sources/ReverseAPI/UI/AgentPanel.swift - Header with status dot + target language picker + clear - Timeline of assistant text / tool use / tool result / file written / errors / completion card - Generated files card with reveal-in-Finder - Composer with cmd+return shortcut ContentView now wires AgentPanel as a third HSplitView column; AppState owns the AgentSession with a workdir under Application Support.
Fixes for PR #76 review comments (greptile, cubic, codex): backend/ - protocol.py: * FlowSummary now validates finishedAt as a float (raises ProtocolError instead of silently storing a non-numeric) * Coerce header pairs through str() for safety * New sanitize_session_id(raw, fallback) — restricts chat ids to [A-Za-z0-9._-], rejects "." / ".." / absolute paths / null bytes / 128+ chars, used by both server and session - server.py: * resolve_base_dir() helper; no longer appends "rae-agent-sessions" when RAE_AGENT_WORKDIR is set by the Swift sidecar, so sessions land at <support>/agent-sessions/<chat-id>/... instead of double nesting * ValueError from SessionDirs is surfaced as an AgentEvent.error - session.py: * SessionDirs.make resolves and verifies the session root stays inside base before creating directories (path traversal defense) * file_written event now fires from the ToolResult phase (not ToolUse), and only when the result is not an error — so the UI only badges files the SDK actually wrote * sanitize_session_id replaces raw chat ids before path joining macos/Sources/ReverseAPI/Agent/ - AgentSidecar: * LaunchSpec now carries (executablePath, arguments) explicitly, with factory `python3(workdir:)` that runs `/usr/bin/env` with `python3` as its first argument. Previously Process.executableURL was given the full "/usr/bin/env python3" string and failed to start. * waitForBoundPort uses readabilityHandler + an async sleep loop instead of blocking availableData reads, and respects the timeout * Process is terminated and cleared on port-discovery failure so failed launches do not leave orphans - AgentSession.clear: when status was .failed, drop to .idle (not .ready), so ensureRunning() can actually relaunch on the next send - AgentSession.ensureRunning: terminate sidecar + disconnect client on launch failure so the next attempt starts clean - AgentClient.connect: replaces a dead URLSessionWebSocketTask instead of returning early when one already exists - AgentFlowPayload.encodedBody: cap payloads at 64 KiB per body (configurable), with a "…<truncated N bytes>" suffix, to avoid hitting websocket message-too-large on large captures Tests: - backend/tests/test_protocol.py extended to 27 cases (sanitize_session_id subgroup, finishedAt type validation, event serializations) - backend/tests/test_server_resolution.py: 3 tests on resolve_base_dir - backend/tests/test_session_dirs.py: 5 tests including path-traversal rejection - macos/Tests/ReverseAPITests/AgentProtocolTests.swift: 13 tests on AgentFlowPayload.encodedBody (empty / UTF-8 / truncation / binary) and AgentEventDecoder (all event types + invalid input) - Package.swift: ReverseAPITests testTarget
kalil0321
force-pushed
the
claude/proxy-monitor-m5-agent-sidecar
branch
from
6a1d716 to
1d8eb1f
Compare
Introduce three foundation modules consumed by the upcoming UI redesign: - Theme: near-black dark palette (#050506 → #16161A surfaces), method/ status colors, border tokens. Replaces ad-hoc Color(nsColor: .windowBackgroundColor) references scattered across views. - Controls: NSSegmentedControl wrapper (.capsule style) and PillStyle primitives + .pillBackground modifier so chips, search button, and segmented tabs share identical hover/active states. - Markdown: lightweight block parser for assistant output. Supports fenced code blocks, headings, bullet/ordered lists, and inline bold/italic/code via AttributedString. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Replace the heavy 312pt sidebar + cluttered triple panel layout with a much cleaner shell: - Drop CaptureToolbar entirely. Capture/mode/CA/route/export/clear move to a borderless toolbar (record icon only, neutral tint, danger when active) plus a … menu. Window title is hidden via AppKit so no "rae" duplication. - ContentView: native NSWindow chrome via WindowAccessor — transparent titlebar + window.backgroundColor in sync with Theme.appBackground so the toolbar matches the rest of the canvas. Configure runs on the next runloop tick to avoid CATransaction commit-phase exceptions on macOS 14+. - ActionBar replaces the old sidebar sections: native NSSegmented capsule for Device/Manual, full-width scrollable filter chips with hover state, and a ⌘K SearchButton pill that opens the command palette. - TrafficListView: replace SwiftUI Table (which forces system accent selection blue) with a custom LazyVStack so selected rows use Theme.elevated instead of the system tint. Time/Method/Host/Path/ Status columns only — Size and Duration removed to reduce density. - AgentPanel always mounted with offset+width animation so toggling ⌘J slides the panel from the right without layout shift. - StatusBar pinned at the bottom with capture state, CA trust, and flow count. - CommandPalette (⌘K): two-pane layout — results list on the left, live preview pane on the right with method, status, content-type, size, duration. NSVisualEffectView glass background, scale+offset+ opacity transitions wired at the conditional root in ContentView so the panel actually animates (previous .transition() on inner VStack was ignored). Native SwiftUI TextField + @focusstate, .onKeyPress for up/down/escape (avoids the NSEvent monitor crash from earlier). Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Inspector gets a real Preview tab and unifies its tab bar with the
rest of the app:
- Tabs (Overview / Request / Response / Preview) now use the shared
NSSegmented capsule control — identical visuals + interactions to
ModeToggle in ActionBar.
- New Preview tab appears automatically when the response content-type
is renderable:
• image/*: NSImage decoded and drawn over a photoshop-style
checkerboard (white@7% / white@2% tiles, 12pt). Tiny assets are
capped at 16× scale instead of stretched to the full pane, and
.interpolation(.none) keeps pixel art crisp. Tracking pixels
(≤4×4) get a "tracking pixel" chip next to the dimensions so a
1×1 transparent GIF isn't mistaken for a broken image.
• text/html: WKWebView with JavaScript disabled
(defaultWebpagePreferences.allowsContentJavaScript = false) loads
the raw HTML with the flow URL as baseURL so relative assets
resolve. Layer-rounded container with subtle border to match the
rest of the dark surfaces.
• application/pdf: placeholder for a future PDFKit integration.
- Strip nested rounded panels and gradient backgrounds out of the
header/sections; rely on small SCREAMING-CAPS section labels and
Theme.* colors so the inspector matches the rest of the redesigned
shell.
- Close button to dismiss the inspector inline without selecting
another row.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
- AssistantRow renders the agent's text through MarkdownView so headings, lists, fenced code blocks (with language tag and copy button), and inline bold/italic/code show correctly instead of one flat blob. - Tool calls and tool results collapse to a single chevron row each by default — expand to reveal the JSON / output. Cuts the visual noise dramatically during long tool-use chains. - Header, timeline, and composer all share Theme.appBackground (no more border between header/messages or messages/composer). The composer is a real NSTextView wrapped in SwiftUI: multi-line, ⇧⏎ for newline, ⏎ to send, ⌘⏎ also sends. Placeholder is drawn via a CATextLayer when the field is empty. - Send button: white pill on black with arrow.up, disabled state in Theme.elevated. Matches the rest of the dark UI. - ThinkingRow with three pulsing dots when status is .streaming for feedback during long agent runs. - FileWritten / Complete / GeneratedFiles rows now share a consistent surface (Theme.elevated + Theme.border) so each event-type doesn't scream a different color. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Contributor
There was a problem hiding this comment.
8 issues found across 11 files (changes from recent commits).
Prompt for AI agents (unresolved issues)
Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.
<file name="backend/rae_agent/server.py">
<violation number="1" location="backend/rae_agent/server.py:35">
P1: Validate `request.id` before calling `run_chat`; path traversal sequences can escape `base_dir` when session directories are created.</violation>
</file>
<file name="macos/Sources/ReverseAPI/UI/CommandPalette.swift">
<violation number="1" location="macos/Sources/ReverseAPI/UI/CommandPalette.swift:24">
P3: `footer` is implemented but never added to the view hierarchy, so the keyboard-hint UI is dead code and never rendered.</violation>
<violation number="2" location="macos/Sources/ReverseAPI/UI/CommandPalette.swift:309">
P3: The HTTP method/status color mapping is duplicated in `ResultRow` and `PreviewPane`; extract one shared helper to avoid future inconsistency.</violation>
</file>
<file name="macos/Sources/ReverseAPI/UI/InspectorView.swift">
<violation number="1" location="macos/Sources/ReverseAPI/UI/InspectorView.swift:305">
P2: `copyableBody` now misclassifies many readable UTF-8 payloads as binary unless the content type includes `text`.</violation>
<violation number="2" location="macos/Sources/ReverseAPI/UI/InspectorView.swift:360">
P2: Using `flowURL` as the HTML preview base URL can replay network requests for relative resources when viewing captured responses.</violation>
</file>
<file name="macos/Sources/ReverseAPI/UI/AgentPanel.swift">
<violation number="1" location="macos/Sources/ReverseAPI/UI/AgentPanel.swift:546">
P2: Newline handling submits on plain Return, so the multiline composer sends unexpectedly instead of requiring ⌘↵ as indicated by the UI.</violation>
</file>
<file name="macos/Sources/ReverseAPI/UI/Markdown.swift">
<violation number="1" location="macos/Sources/ReverseAPI/UI/Markdown.swift:196">
P2: Trim parsed lines with `.whitespacesAndNewlines`; using `.whitespaces` breaks block detection for CRLF input.</violation>
<violation number="2" location="macos/Sources/ReverseAPI/UI/Markdown.swift:241">
P2: Use `.whitespacesAndNewlines` when trimming fence language to avoid misclassifying unlabeled CRLF fences.</violation>
</file>
Tip: Review your code locally with the cubic CLI to iterate faster.
Re-trigger cubic
Comment on lines
+546
to
+553
| let isShift = event?.modifierFlags.contains(.shift) ?? false | ||
| if isShift { | ||
| textView.insertNewlineIgnoringFieldEditor(nil) | ||
| return true | ||
| } else { | ||
| onSubmit() | ||
| return true | ||
| } |
Contributor
There was a problem hiding this comment.
P2: Newline handling submits on plain Return, so the multiline composer sends unexpectedly instead of requiring ⌘↵ as indicated by the UI.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At macos/Sources/ReverseAPI/UI/AgentPanel.swift, line 546:
<comment>Newline handling submits on plain Return, so the multiline composer sends unexpectedly instead of requiring ⌘↵ as indicated by the UI.</comment>
<file context>
@@ -122,211 +163,422 @@ private struct AgentTimeline: View {
+ func textView(_ textView: NSTextView, doCommandBy commandSelector: Selector) -> Bool {
+ if commandSelector == #selector(NSResponder.insertNewline(_:)) {
+ let event = NSApp.currentEvent
+ let isShift = event?.modifierFlags.contains(.shift) ?? false
+ if isShift {
+ textView.insertNewlineIgnoringFieldEditor(nil)
</file context>
Suggested change
| let isShift = event?.modifierFlags.contains(.shift) ?? false | |
| if isShift { | |
| textView.insertNewlineIgnoringFieldEditor(nil) | |
| return true | |
| } else { | |
| onSubmit() | |
| return true | |
| } | |
| let modifiers = event?.modifierFlags ?? [] | |
| if modifiers.contains(.command) { | |
| onSubmit() | |
| return true | |
| } | |
| textView.insertNewlineIgnoringFieldEditor(nil) | |
| return true |
Keyboard shortcuts (⌘R, ⌘J, ⌘K, ⌘E, ⌘↵) were error-prone — they
competed with text input focus on the search palette and agent
composer, and the NSEvent.addLocalMonitorForEvents bridge could be
ordered wrong with the responder chain. All actions are now
discoverable through the toolbar buttons and … menu:
- CaptureButton, agent toggle, Export HAR, Clear traffic: no more
.keyboardShortcut modifiers.
- Hidden Button("Search") used to surface ⌘K is removed.
- ⌘K badge stripped from the SearchButton (was misleading without the
shortcut) — it's just the magnifying glass icon now.
- AppDelegate.NSEvent monitor for ⌘J and the toggleRaeAgent
Notification.Name are deleted.
- ContentView's matching .onReceive observer is removed.
- The Hide/Show Agent CommandGroup is gone.
Also drop the slide-in animation on the agent panel: the
offset+width+clipped trick still produced visible layout shifts on
some configurations. The panel is now a plain conditional view —
shows / hides instantly without animating. The command palette
animation is unaffected.
WindowAccessor's NSView gains hitTest -> nil and
acceptsFirstResponder = false so it can never intercept clicks or
keystrokes intended for the SwiftUI content sitting in front of it.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
SwiftUI TextField + @focusstate wasn't reliably routing keystrokes when the command palette was presented as an overlay or when the agent composer was inside the right-hand panel — focus appeared to move but the field never received key events. Replace both with NSViewRepresentable wrappers that talk to AppKit directly: - NativeSearchField wraps NSTextField (single-line) for the command palette query. textColor / placeholderAttributedString / insertionPointColor are all set explicitly against Theme.* so the text stays visible on the near-black background. First responder is grabbed via window.makeFirstResponder(field) on the next runloop tick so the palette is type-ready the moment it opens. - NativeMultilineTextField wraps NSTextView (multi-line, axis is effectively vertical) for the agent composer. Same explicit color setup; Return submits, Shift-Return inserts a newline via the textView(_:doCommandBy:) delegate hook. Drops the previous CATextLayer placeholder hack (added a sublayer to NSTextView, which interfered with the field's internal layer management). Placeholder is now a SwiftUI Text overlay with .allowsHitTesting(false) shown when the bound string is empty. While in the same files, also clean up the agent panel's empty state: drop "Reverse engineer with the agent" + "N filtered flows will be shared" and show a single centered chevron.left.forwardslash. chevron.right — the </> SF Symbol that doubles as a logo for the reverse-API-engineer name. Less text, more breathing room when no conversation has started yet. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Contributor
There was a problem hiding this comment.
1 issue found across 4 files (changes from recent commits).
Prompt for AI agents (unresolved issues)
Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.
<file name="macos/Sources/ReverseAPI/UI/ContentView.swift">
<violation number="1" location="macos/Sources/ReverseAPI/UI/ContentView.swift:28">
P2: The AgentPanel is outside the HSplitView, making it unresizable and failing the 3-pane layout goal.</violation>
</file>
Tip: Review your code locally with the cubic CLI to iterate faster.
Re-trigger cubic
…completion pill Two quality-of-life fixes for the agent chat: - The user's own prompt was tracked only in the history list sent to the model, never displayed. Add UserMessageRow — a right-aligned Theme.elevated bubble — and inject a .userText event into the timeline at send time so the conversation looks like a chat, not a monologue. - CompleteRow used to fire after every turn, even on plain Q&A, showing "Finished · 0 files" which had no meaning since the model hadn't written anything. Render the completion pill only when at least one file was actually generated; otherwise drop it entirely via EmptyView so the timeline ends on the assistant's reply. - Tightened CompleteRow copy to "Wrote N files" since the workdir hash is already exposed via the Generated Files section below it. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
claude_agent_sdk 0.1.48 defines StreamEvent in its `types` module but does not re-export it from the package's public namespace, so the top-level import added in the streaming commit blew up with `ImportError: cannot import name 'StreamEvent' from 'claude_agent_sdk'`, taking the entire sidecar down at launch. Pull StreamEvent from claude_agent_sdk.types directly. If a future SDK release ever drops the type, fall back to a private stub class so `isinstance(message, StreamEvent)` is always callable — we just lose the streaming path and the sidecar still boots and serves non-streaming AssistantMessage events. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Replace the hand-rolled block parser in Markdown.swift with a thin wrapper around gonzalezreal/swift-markdown-ui's Markdown view. The new dependency handles the full CommonMark + GFM grammar — tables, task lists, nested code blocks, autolinks, soft/hard breaks, escapes — which our parser silently dropped. Theme.rae customizes the library for the dark agent panel: - Body text uses Theme.textPrimary at 13pt; links pick up Theme.accent with an underline. - Inline code gets a subtle white@8% pill on the monospaced font. - Headings 1-3 are sized down for the side panel (18 / 16 / 14pt semibold) instead of MarkdownUI's defaults that overpower a 380pt column. - Code blocks render against Theme.appBackground inside a rounded Theme.border outline, with the optional language label and a copy button living on a small Theme.elevated header — same look the old custom parser had, but now driven by the library. - Blockquotes get a 2pt Theme.border bar on the left and muted Theme.textSecondary content. - Paragraph/list spacing tightened with markdownMargin so consecutive blocks read like Claude's web chat rather than a Markdown rendered document. The AgentPanel.AssistantRow callsite is unchanged — it still imports `MarkdownView(text:)` from this file. The public surface stays the same; the implementation just defers to a tested library now. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Add FlowStore.delete(ids:) — single source of truth that removes the records from both the in-memory list and the on-disk SQLite table in one shot, then bumps the generation counter so any in-flight persistence task for one of the deleted ids is skipped. AppState.deleteFlows wraps it and also: - clears state.selectedFlowID if the deleted set included the row currently in the inspector (otherwise the inspector kept pointing at a dangling UUID) - prunes the agent selection (next commit) so the agent panel can't try to send rows the user just dropped The UI side comes in a follow-up commit — this one keeps the model plumbing focused. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
…xt menu
Sending every captured flow to the agent is too coarse — running the
proxy on the whole machine collects far more traffic than belongs in
a single reverse-engineering task. Give the user explicit control:
Traffic list:
- New checkbox column on the leading edge of every row. Tapping the
square toggles the flow's UUID in state.agentSelection — selected
rows are marked with a Theme.accent filled checkmark, deselected
ones with a Theme.textTertiary outline.
- Header checkbox does select-all / deselect-all over the currently
visible rows, with a tri-state minus glyph when only some of the
visible rows are selected.
- Context menu per row: "Add to agent selection" / "Remove from
agent selection", a divider, and a destructive "Delete" that
routes through AppState.deleteFlows.
AgentPanel:
- AgentPanel.flowsToSend prefers state.agentSelection when it's
non-empty; otherwise falls back to the existing
state.store.flows.filter { state.filter.matches } .prefix(100)
behavior so a fresh session still has context.
- AgentHeader subtitle now reads "Idle · 12 selected" or
"Ready · 47 filtered" so the user can see at a glance which set
of flows will be shared when they hit Send.
The bottom-status footer was already gone, so there's no other
place flow counts live — this is now the canonical "what does the
agent see" indicator.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Contributor
There was a problem hiding this comment.
4 issues found across 12 files (changes from recent commits).
Prompt for AI agents (unresolved issues)
Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.
<file name="backend/rae_agent/server.py">
<violation number="1" location="backend/rae_agent/server.py:35">
P1: Validate `request.id` before calling `run_chat`; path traversal sequences can escape `base_dir` when session directories are created.</violation>
</file>
<file name="macos/Sources/ReverseAPI/UI/AgentPanel.swift">
<violation number="1" location="macos/Sources/ReverseAPI/UI/AgentPanel.swift:546">
P2: Newline handling submits on plain Return, so the multiline composer sends unexpectedly instead of requiring ⌘↵ as indicated by the UI.</violation>
</file>
Tip: Review your code locally with the cubic CLI to iterate faster.
Re-trigger cubic
The agent kept stalling on prompts like "Claude requested permissions to read from <session>/flows/flows.json, but you haven't granted it yet." because acceptEdits only auto-approves Write/Edit — Read still surfaces a permission request, including for the session's own flows.json (which lives in the sibling flows/ directory of the cwd). Switch the sidecar's permission_mode to bypassPermissions, matching how reverse_api/collector.py and reverse_api/auto_engineer.py configure their long-running agent runs. The blast radius is still constrained: the sidecar process runs with cwd pinned to a per-chat session output directory and only requests Read/Write/Edit on allowed_tools, so this doesn't open up broader-than-intended filesystem access — it just stops asking for paths inside the session it already owns. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
The previous tool rows were two collapsible disclosure rows with generic icons — fine but noisy and offered no preview of what the agent was actually doing. ToolUseRow: - Rounded Theme.elevated card with a 1pt Theme.border so each tool call reads as a discrete event, not a flat list of toggles. - Semantic icon per tool name: doc.text for Read, square.and.pencil for Write, pencil for Edit, terminal for Bash, magnifyingglass for Glob/Grep. Falls back to wrench.adjustable for anything else. - Inline summary parses the tool input JSON and pulls the most meaningful argument (file_path / path / command / pattern / url / query) so the row reads "Read · flows.json", "Write · client.py", "Bash · npm install" before expansion. - Chevron is the same affordance everywhere and animates from 0° to 90° on expand via rotationEffect. - Expanded body sits below an inline Divider so the JSON args feel attached to the call, not a popover. ToolResultRow: - Renders flush against the preceding tool call (24pt leading indent so it sits under the call's content, no surrounding box). - Headline is the first non-empty line of output trimmed to 80 chars — quick "what came back" preview that matches the call's inline summary on the row above. Errors render in Theme.danger. - Same rotating chevron for the expand affordance. Net effect: a Read+result pair now reads more like a single git-style log entry than two unrelated rows. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Adds a built-in file viewer so the user doesn't have to reveal in
Finder + open the file in a separate editor just to confirm what
the agent produced. Tap a row in either FileWrittenRow (the inline
"Wrote foo.swift" pill) or GeneratedFilesRow and a sheet slides up
with the file contents.
AgentFileViewer (new):
- Rounded 14pt continuous-corner card on Theme.surface with a
Theme.border outline, sized 720-880pt wide × 480-640pt tall so
it's roomy without dominating the window.
- Header shows a tool-style icon picked from the file extension
(curlybraces for source code, doc.richtext for markdown, terminal
for shell, etc.), the filename in monospaced semibold, and a
metadata line ("Python · 3.4 KB" / "JSON · 821 bytes") parsed
from the file attributes. Right-aligned actions: Reveal in Finder,
Copy contents, Close.
- Body is a horizontally-and-vertically scrollable monospaced
rendering against Theme.appBackground with a Theme.surface line
gutter — the visual cue lands somewhere between a GitHub blob
preview and a side-by-side diff pane, which matches the user's
ask for "un truc un peu comme un git diff."
- File loads off-main on a detached task; binary files fall back to
a "<binary file · N bytes>" sentinel instead of crashing.
AppState:
- New `viewingFile: AgentFileRef?` slot (Identifiable URL wrapper for
SwiftUI's .sheet(item:) API) and `viewFile(at:)` helper that the
agent panel rows call.
ContentView:
- .sheet(item:) on the root binds to state.viewingFile, presenting
AgentFileViewer when set and clearing the slot on dismiss.
AgentPanel:
- FileWrittenRow + GeneratedFilesRow become Button wrappers so the
whole row is a tap target. Trailing chevron + cursor-pointer
affordance hints at the disclosure; "Reveal in Finder" moves to
the context menu on FileWrittenRow so the primary action stays
"view inline."
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Add RaeSyntaxHighlighter — a CodeSyntaxHighlighter implementation that ships with the app instead of pulling in a JS bundle or a TextMate-grammar dependency. Pure Swift, regex-based, tuned for the languages the agent realistically emits when reverse-engineering an API: Swift, Python, JavaScript / TypeScript / JSX / TSX, JSON, Shell (bash/zsh), HTML, CSS, and SQL. How it works: - SyntaxColorizer.colorize walks the source once per rule, in priority order (comments → strings → numbers → keywords → builtins → JSON property keys) and writes foregroundColor onto an AttributedString. A rule never overwrites a range that's already non-default-color, which prevents bugs like coloring the word "if" inside a string literal. - Per-language rule sets pick the right comment markers (`//`, `#`, `<!-- -->`) and string delimiters (triple-quoted for Python, backticks for JS template strings, etc.). - Palette inspired by VS Code Dark+: purple-pink keywords, warm orange strings, soft-green numbers, muted-green comments, teal types, yellow functions, light-blue JSON keys. Tuned against Theme.appBackground (#050506) so contrast is comfortable on the near-black canvas. - Exposes itself as `.rae` via a `CodeSyntaxHighlighter` extension so MarkdownUI consumers can write `.markdownCodeSyntaxHighlighter(.rae)`. Fallback language `.generic` still picks up strings + numbers so even an unknown fence has some visual structure. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
…ists, HR Extend the rae markdown theme so the agent's full GFM output renders properly inside the side panel. Previously only paragraphs / headings / lists / code blocks were styled; tables fell back to MarkdownUI's defaults (which on a dark background look unreadable), code blocks had no copy-state feedback, task lists rendered as ASCII brackets, images / horizontal rules / emphasis / strikethrough were all unstyled. Inline elements: - emphasis renders italic - strikethrough renders single-line through Theme.textTertiary - code uses white@8% backdrop on a monospaced variant — matches the inline-code pill style ChatGPT/Claude.app use Block elements: - heading4 styled (13pt semibold) so deep section nesting still reads as a heading instead of a paragraph - thematicBreak renders a Theme.border Divider with vertical padding instead of MarkdownUI's default Divider - image rendering clips to an 8pt rounded rect so inline screenshots don't blow out the panel edge - blockquote bar promoted to Theme.borderStrong so the left rail is visible Code blocks: - Hook in the syntax highlighter via `.markdownCodeSyntaxHighlighter(.rae)` - Header is a discrete view with `Theme.elevated` background, the language slug in lowercased monospace, and a copy button that swaps to a checkmark + "Copied" for 1.2s on click - Body still scrolls horizontally for long lines Task lists & list markers: - bulletedListMarker = .disc, numberedListMarker = .decimal so nested lists look consistent - taskListMarker renders an SF Symbol filled checkbox in Theme.accent for completed items, hollow square in Theme.textTertiary otherwise Tables (the previously broken bit): - `.table` wraps the content in a rounded Theme.border outline, picks up the `.alternatingRows` backgroundStyle so every other row has a Theme.textPrimary @ 2.5% wash for readability, and uses a 1pt all-borders style in Theme.border - `.tableCell` adds proper 10×6 padding, bumps the first row to semibold Theme.textPrimary (header row), keeps body cells at Theme.textSecondary The MarkdownView wrapper is unchanged externally — AssistantRow still just renders `MarkdownView(text:)`. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Contributor
|
You're iterating quickly on this pull request. To help protect your rate limits, cubic has paused automatic reviews on new pushes for now—when you're ready for another review, comment |
…on id Set up the data layer so conversations survive across app launches and the user can pick a previous session back up where they left off: Backend (rae_agent): - ChatRequest gains a claude_session_id field (accepts camelCase or snake_case from the wire). When present, we pass it as ClaudeAgentOptions.resume so the SDK rehydrates its own conversation state instead of asking us to replay history. - New AgentEvent.session_started(chat_id, claude_session_id) is emitted exactly once per chat — captured off the first SDK message that carries a session_id. Subsequent sends pass the captured id back as resume. macOS (Swift): - AgentEvent / AgentHistoryItem / AgentTargetLanguage are now Codable so the timeline + history can roundtrip through JSON. - AgentChatRequest gains claudeSessionId (Encodable, optional). When set, AgentSession ships an empty history array on the wire — the SDK already has the conversation context, no point shipping it twice. - New AgentEvent.sessionStarted case + decoder branch captures the id but doesn't render in the timeline. AgentPanel folds it into the same EmptyView path as assistantTextChunk. - AgentSession.handle stores the captured id in claudeSessionID and persists every event via store.save. Persistence layer (new): - AgentSessionRecord — the on-disk payload: id, title, createdAt, lastModifiedAt, target, events, history, lastWorkdir, generatedFiles, claudeSessionID. Saved as <agent-sessions-root>/<id>/session.json alongside the flows/ and out/ directories the sidecar already writes. - AgentSessionSummary — the lightweight row shown in lists (id, title, createdAt, lastModifiedAt, messageCount counting only user + assistant text events). - AgentSessionStore — @mainactor @observable owner of the sessions list. reload() scans the directory off-main and sorts by recency; save/load/delete run on detached tasks. Auto-loads on init. AgentSession lifecycle (new): - startNewSession() / openSession(id:) / backToList() / deleteSession(id:) — high-level operations that drive the upcoming sessions-list UI. - mode: Mode (list | session) — currently always defaults to .list so the panel opens on the history view (UI for it lands in the next commit). - Title auto-derives from the first 60 chars of the user's first message; falls back to "Untitled session" until that's written. - handle() now calls persist() after every event so a crash mid-stream still leaves a recoverable transcript. No UI changes in this commit — the storage layer is wired up but the sessions list view + cards layout follow in a separate change. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
The main window switches from "traffic | optional inspector | optional
agent" into two always-on inset cards: traffic on the left, agent on
the right, both with rounded corners + Theme.border on Theme.surface,
separated by an HSplitView so the user can resize the column ratio.
ContentView:
- New Card { content } wrapper applies clipShape(RoundedRectangle 10pt
continuous) + 1pt Theme.border outline + Theme.surface background.
- Outer HSplitView with 10pt padding around both cards. The agent card
starts at 380pt ideal width / 320pt min; the traffic card takes the
rest with a 420pt min.
- Inside the traffic card, an inner HSplitView shows the table on the
left and (when state.selectedFlowID is set) the inspector on the
right — both views now live inside the same card instead of as
separate columns.
- Drops the agent-toggle plumbing entirely: no more isAgentVisible
binding, no more sparkles button in the toolbar, no more AppStorage
key. The agent is always visible.
ReverseAPIApp:
- Removes the @AppStorage("rae.agent.visible") and the binding it
passed to ContentView.
SessionsListView (new):
- "Sessions" title + count chip + "+" button on the right of the
card header. Tap "+" to call agent.startNewSession().
- Body is a ScrollView+LazyVStack of SessionRow entries sorted by
recency (the store does that on reload). Each row shows the
auto-derived title (up to 2 lines), a relative "5m ago" timestamp,
and the user+assistant message count. Hover paints Theme.elevated.
- Context menu on each row exposes "Delete" (destructive) — routes
through agent.deleteSession(id:).
- Empty state when there are no sessions yet: bubble icon + "No
sessions yet · Tap + to start a new conversation".
AgentPanel:
- Now a 2-mode router: when agent.mode == .list, render
SessionsListView; when .session, render ActiveSessionView.
- ActiveSessionView wraps SessionHeader + AgentTimeline +
AgentComposer the way the old panel did, just split into a
separate type.
- SessionHeader replaces AgentHeader: drops the "Agent" label, the
status dot, the "Idle · N selected" subtitle, and the trash
button. Keeps just a back chevron (returns to the sessions list)
and the language picker. Status feedback is now implicit — the
composer's send button is disabled while launching, the streaming
dots still appear in the timeline.
The Card primitive is reusable: the file viewer could later adopt
it for consistency, but that's out of scope here.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
… fix card spacing, neutral checkboxes The previous tabular traffic row had fixed columns (time / method / host / path / status) that broke once the traffic card got squeezed below ~500pt with the inspector or a narrow window — the host column overflowed into the path column, columns collapsed onto themselves, and the header label row stopped lining up with the data rows. Same story in the inspector: 150pt fixed header-name column wasted space and the URL line ran past the card edge. TrafficListView: - Header row replaced with a compact "Traffic · N" title + select-all checkbox at the leading edge. No more tabular HeaderLabel columns — the new rows aren't strictly tabular anyway. - TrafficRow is a two-line layout: checkbox + method badge on the left, host on top and path below in the flex middle column, status + timestamp stacked on the right. The middle column truncates host and path with .middle so the most identifying part of the URL survives at any width. - Survives down to ~260pt of card width without overlap. Hover and selected backgrounds unchanged (Theme.elevated on select, white@3% on hover). - AgentCheckbox checked-state color flips from Theme.accent (blue) to Theme.textPrimary (off-white). The select-all header checkbox follows the same rule. The user kept asking for a less loud color for the selection affordance. InspectorView: - Header repacks: METHOD + STATUS on the top row with a Theme.elevated pill close button on the right; the URL splits into a host line + path line below in the same style as the traffic row so the identification stays consistent between the two views. - Padding tightened from 16pt to 14pt (matches the traffic header and rows). - Tab bar wraps in a horizontal ScrollView so the four-tab NSSegmented stays usable even when the card is too narrow to fit all labels. - HeadersSection switches from "name | value" fixed-width side-by-side to a vertical layout: lowercase muted name on top, mono value below. Reads like a typical HTTP request listing in browser devtools and stops clipping when the panel is narrow. - Overview metric rows: key column shrinks from 100pt to 84pt and values get a 2-line truncation cap so a long Content-Type header doesn't push the row off the trailing edge. ContentView: - Card spacing: traffic card gets `.padding(.trailing, 6)`, agent card gets `.padding(.leading, 6)` — visible 12pt gap between cards instead of the previous flush HSplitView divider. Outer padding around the pair bumped from 10pt to 12pt for breathing room. - Min widths: traffic card minWidth = 320pt (was 420), table inside it = 280pt (was 360), inspector inside it = 320pt (unchanged) so the user can shrink the window further without breaking the layout. Agent card stays 340–380pt range so it doesn't fall below the size where the composer becomes unusable. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
The ThinDivider() between the ActionBar (filters / search / state chips) and the HSplitView underneath was load-bearing back when the main area was a flat panel with no other visual separation. Now that the traffic and agent cards each draw their own RoundedRectangle outline with Theme.border and there's 12pt of padding around the pair, the divider is redundant — it just adds a horizontal line through what should already read as a clean separation between the action bar and the inset cards. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
… min width A small batch of cleanups so the two cards read as visually matched and the user can't squeeze the traffic card into a glitchy state any more. ContentView: - Traffic card minWidth bumps from 320pt to 540pt (~½ the 980pt minimum window). Below that we hit the layout issues from earlier iterations — host/path collisions, inspector tabs scrolling under themselves, the table header desync from rows. The HSplitView divider now stops at this floor so the user can't drag the traffic side narrower than usable. AgentPanel / SessionsListView: - AgentPanel drops its own `.background(Theme.appBackground)` override. Both modes (list + active session) now inherit Theme.surface from the enclosing Card, which keeps the agent card's color identical to the traffic card. Previously the agent card read distinctly darker because Theme.appBackground sits a shade below Theme.surface. - AgentTimeline ScrollView + EmptyAgentState frame + AgentComposer outer background all repointed to Theme.surface for the same reason. The send button's arrow glyph stays in Theme.appBackground since it sits against a Theme.textPrimary white circle and needs the contrast. - SessionsListView header drops the `N` session count chip — the count was already obvious from the visible list, the badge was just noise. Header content keeps the title + "+" affordance on the trailing edge. - New session "+" button shrinks to 22pt (from 26pt) so the header has the same intrinsic height as the traffic header. - Same 22pt sizing applied to the SessionHeader back-chevron button (active session mode). TrafficListView header: - Same horizontal padding (12pt) as TrafficRow so the select-all checkbox sits in the same column as the per-row AgentCheckbox. - Both headers (Sessions list, Traffic) now use `.frame(height: 44)` instead of varying vertical padding, so the title row in the two cards lines up at the exact same Y position. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
…verflow
The overflow glitch the user kept seeing on a narrow traffic card —
rounded border disappearing, rows clipped past the right edge, scroll
+ row hit-testing broken — was a hard layout conflict. The card's
inner HSplitView holds the table (minWidth 320) + the inspector
(minWidth 340) = 660pt minimum when both are shown. The outer Card
was capped at 540pt, so SwiftUI rendered the inner panes wider than
the Card frame, leaking past the clipShape.
Two fixes:
- Traffic card frame minWidth is now conditional:
- No flow selected: 380pt — the user can still compress the card
down when the inspector isn't taking up space.
- Flow selected: 700pt — covers the inner content min with
headroom for the HSplitView divider so the inner views always
fit inside the rounded clipShape.
When the user clicks a flow, SwiftUI smoothly grows the card to
the new minimum (eating into the agent card's flex room, which
has its own 340pt floor).
- Inner table minWidth bumped from 300pt → 320pt; inner inspector
from 320pt → 340pt. Both have a touch more breathing room before
their internal content (host/path stacks, header sections, tabs)
starts feeling cramped.
Window minimum width bumped from 980pt to 1100pt so the new
expanded layout (traffic 700 + agent 340 + 36pt padding/gap = 1076)
fits at the smallest window the user is allowed to create. On
13-inch MacBook Airs at scaled resolutions this still leaves plenty
of room above the 1100pt floor.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
…raffic card header The action bar was getting cluttered: it owned both window-level status (capture state, CA trust, search) and traffic-scoped controls (capture mode toggle, resource-kind filter chips, reset filters badge). Split them so each lives where it makes sense. ActionBar (top, app-wide controls): - Drops the Device/Manual NSSegmented capture mode toggle. The same setting is already exposed inside the … menu in the toolbar (ActionsMenu), so there's no functionality lost. - Drops the ResourceKindStrip chip row — that filter UI moves into the traffic card itself (next section). - Drops the inline "X filters active" reset badge — same reason; the filter UI now lives next to the traffic. - Result: ActionBar is just CaptureStateChip + CATrustChip + Search (⌘K) pill. Much calmer; reads as "the current state of the proxy" rather than "every control we have." - Also removes the now-orphaned ModeToggle, ResourceKindStrip, and Chip private structs from ContentView since nothing references them anymore. TrafficListHeader (per-card controls): - New FilterButton — round button on the right with a `line.3.horizontal.decrease` icon. Opens a SwiftUI Menu containing the full filter surface: Errors-only toggle at the top, then Sections for Type (resource kinds), Method (driven by the live store.methodOptions), and Status buckets. Each option is a Toggle bound through a Binding<Bool> wrapper that updates the TrafficFilter set in place. - When at least one filter is active, the button shows a small Theme.success dot in the top-right corner so the user always sees there's an active filter without opening the menu. The menu surface gets a trailing destructive "Reset filters" action under a Divider — appears only when activeFilterCount > 0 so the menu stays tight in the default case. - New DeleteAllButton — round trash icon button next to the filter, routes through state.clearFlows. Disabled (Theme.textTertiary) when the traffic list is empty. - Both new buttons sized at 22×22pt with Theme.elevated circle background, matching the "+" button in the sessions card header and the back chevron in the active-session header — same visual language across the two cards. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
User feedback: the previous near-black canvas (#050506) read too sharp. Bump every background tier up roughly 6% luminance and lean a touch into a cool grey so the surfaces still feel dark but no longer charcoal-black: - appBackground: #050506 → #12131A - surface : #0B0B0D → #1B1C1F - elevated : #16161A → #28292E - input : #0F0F11 → #1F2024 The relative gap between tiers stays ~5% luminance, so hover and selected states keep their contrast. Border + text tokens are untouched. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
User feedback: the black bar between the traffic + agent cards looked weird, and the traffic-card minWidth conditional wasn't actually forcing the card to grow when the inspector opened — SwiftUI was still letting the inner content overflow past the rounded clipShape. Swap the outer HSplitView for a hand-rolled HStack split: - SplitLayout (new): computes the traffic + agent widths from the current GeometryReader width, the user-driven trafficWidth state, and whether the inspector is open. Mins live as static constants (trafficMinNoInspector 380, trafficMinWithInspector 720, agentMin 340, handleWidth 12, outerPadding 12), so clamping is one struct away from any caller. trafficMax is `usable - agentMin` so the agent never gets squeezed under its minimum. - DragHandle (new): a 12pt-wide invisible Rectangle between the cards. NSCursor.resizeLeftRight on hover gives the resize affordance, and a DragGesture forwards the translation back to the parent. Because the rectangle is `Color.clear`, the gap between the two cards reads as just app-background showing through — no more system splitter line. - ContentView: tracks `@State var trafficWidth` (seed 720pt) and `@State var dragStartWidth: CGFloat?`. The drag start snapshot is what fixes the cumulative-translation drift you get from naïve DragGesture handling. - `onChange(of: selectedFlowID)` runs the new flow through SplitLayout to detect whether the inspector's bigger minimum pushed the traffic card past its current width — if so, it animates the traffic card open with easeOut(0.2). The animation smooths the layout shift that used to feel jarring. The inner HSplitView between table and inspector inside the traffic card is unchanged. That divider lives inside the card's rounded clipShape and reads as expected. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
…fic card The previous Filter button surfaced everything through a SwiftUI Menu which made multi-toggle filtering tedious (close menu to see the table, reopen to flip the next chip). Bring filters back inline — the user asked for the resource-kind chips like before, plus matching chip rows for methods and statuses, and a search input that isn't the system .searchable bar. TrafficFilterBar (new, lives between the card header and the row list): - Custom text filter row — an NSTextField wrapped via NSViewRepresentable so we don't ship the SwiftUI default search bar. Mag-glass icon on the left, "xmark.circle.fill" clear affordance on the right when there's content. Background is Theme.input behind a 7pt rounded rectangle, matching the agent composer's text well. Esc inside the field clears the search. - ResourceKindRow — horizontal scroll of chips, one per TrafficFilter.ResourceKind. Tint defaults to Theme.textPrimary. - MethodRow — same layout, but each chip is tinted with its method color (GET blue, POST green, PUT/PATCH orange, DELETE red, CONNECT purple) so selected method chips read at a glance. Only renders when state.store.methodOptions has at least one method (avoids an empty scroll strip on a fresh capture). - StatusRow — same again, tinted per status bucket: 1xx neutral, 2xx success green, 3xx blue, 4xx orange, 5xx red. FilterChip (new): reusable chip with a `tint` parameter. Selected state paints `tint.opacity(0.18)` background with a `tint.opacity(0.5)` stroke; idle state is transparent with a Theme.border stroke; hover nudges the background to white@5%. Foreground flips to the tint when selected so the chips read as colored pills, not generic toggles. TrafficListHeader cleanup: - Drops the old FilterButton menu — its job is now done by the inline chips + text filter. - Adds ResetFiltersButton next to DeleteAllButton, but only when at least one filter (search, kinds, methods, statuses, hosts, onlyErrors) is active. Same 22×22 round Theme.elevated button style as the trash and "+" buttons across the app. - DeleteAllButton stays untouched. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
The inline filter bar (text input + three chip rows under the header) read as too much chrome — three horizontally-scrolling chip strips plus a search field plus the row list itself, all stacked. Collapse the whole thing behind one filter button. TrafficListView body drops the always-visible TrafficFilterBar. The filter button in the header opens a SwiftUI popover containing the same surface, just hidden by default: FilterButton (header): - Same 22×22 round Theme.elevated affordance as DeleteAllButton. - `line.3.horizontal.decrease` glyph. - Theme.success dot in the top-right when at least one filter is active, so the user can see the state without opening the popover. The hasActiveFilters check covers search, only-errors, resource kinds, methods, status buckets, and host inclusions. - Tap toggles the popover, anchored to the top of the button. - Drops the inline ResetFiltersButton — reset lives inside the popover now (only rendered when at least one filter is active). FilterPopoverContent: - 320pt wide popover with 14pt padding. - Custom text filter row at the top (still the NSTextField wrapper, not SwiftUI's .searchable) on Theme.input rounded background with the mag-glass icon and a clear button. - Three sections — Type, Method, Status — each labeled with a small uppercased Theme.textTertiary header (FilterSectionLabel) above the corresponding chip row. Method section is skipped entirely when no traffic has been captured yet. - Errors-only toggle as a SwiftUI Toggle with .switch style tinted Theme.success. Sits as its own row under the chip groups. - Reset footer (Theme.border divider + counterclockwise icon + "Reset filters" label) appears under all sections only when there is something to reset. TrafficSearchField, ResourceKindRow, MethodRow, StatusRow, and FilterChip are unchanged — they were already the right primitives, they just moved from the inline bar to the popover content view. TrafficFilterBar struct itself is gone since the popover is its replacement. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Surface the response time inline so the user can spot slow requests without opening the inspector. The duration trails the start timestamp in parentheses, monospaced, slightly dimmer than the timestamp itself to keep the timestamp as the primary glance value: 200 12:34:56 (234ms) Format: - Sub-second responses render as "234ms" - Anything ≥ 1s renders as "1.23s" - Nothing shown while the response is still streaming (flow.finishedAt is nil) — the row simply ends after the timestamp until the response lands. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
…heck liveness Two P1 bugs in waitForBoundPort + takeLine surfaced in PR review: - takeLine matched the announcement line even when the trailing newline hadn't arrived yet, because `text.split(separator: "\n")` happily returns the final trailing fragment as its own segment. On a fragmented stdout read that's "RAE_AGENT_LISTENING:5" (the client still flushing the rest of "54321\n"), so `launch()` would hand back port 5 and the WebSocket client would connect to the wrong process. Now we only accept the prefixed line when it's truly complete: either `text` ends with `\n`, or the line sits before another segment. - After parsing the port, `launch()` returned immediately. If the sidecar announced the port and then crashed one runloop tick later (Python exception during `serve()` accept loop, etc.), callers connected a WebSocket to a dead pid and saw confusing "notConnected" errors with no signal of what went wrong. Sleep 20ms then re-check `process.isRunning`; if the process exited between the announcement and the recheck, surface the stderr snapshot (or processDied) so the UI gets the real cause. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
When `claude_agent_sdk.types.StreamEvent` isn't exposed by the installed SDK build, the import fallback substitutes a sentinel class so isinstance(...) checks never match. Previously the AssistantMessage handler still unconditionally `continue`d on every TextBlock — the rationale being "the text already came through as a StreamEvent chunk" — but with the stub class, no StreamEvents ever arrive, so the user got tool calls and the completion event but never the assistant's reply. Track whether streaming was actually wired up (`_STREAMING_ENABLED`) and only skip TextBlocks when it is. In the fallback path, emit the whole TextBlock as `assistant_text` so the UI still renders the reply — just bulk instead of streaming, matching the pre-streaming behavior. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
…lear Two related P2 issues around flow deletion: - FlowStore.delete(ids:) caught the database write failure, logged it, and then still purged the rows from the in-memory list. The on-disk store and the live `flows` array could drift apart, and the user could "delete" rows that reappeared on next launch. Return after the catch so failed deletes leave both sides untouched and the user can retry. - AppState.clearFlows wiped the store + selectedFlowID but never reset agentSelection. Stale UUIDs hung around, leaving the agent panel in explicit-selection mode (header reading "N selected") with nothing matchable in store.flows — so the next send went out with zero flows attached. Wipe agentSelection alongside selectedFlowID after a successful store.clear(). Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
…ntent-type
Two P2 inspector issues from PR review:
- The HTML Preview tab was passing the flow's original URL as the
WKWebView baseURL, so when the user inspected a captured HTML
response WebKit would resolve `<link href="…">`, `<img src="…">`,
`<script src="…">` etc. against the live site and silently fire
off network requests the proxy never saw — defeating the offline-
inspection guarantee and possibly re-pinging private endpoints.
Pass nil baseURL so all relative references resolve to nothing.
The `flowURL` parameter on PreviewPaneContent is gone too — it
was only used for this purpose.
- copyableBody gated the UTF-8 text path on
`contentType.contains("text")`. Tons of perfectly readable
payloads (JSON without an explicit Content-Type, application/xml,
application/x-www-form-urlencoded, application/csp-report, etc.)
fell through to the binary + base64 fallback even though they
decode cleanly. Always prefer the UTF-8 dump when the bytes
decode, regardless of MIME type — only fall back to base64 when
decoding actually fails.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
…to current turn Two P2 agent bugs flagged in PR review: - AgentFlowPayload.encodedBody truncated bodies at the raw byte limit and then ran `String(data:encoding: .utf8)` on the result. When the cut landed mid-codepoint the decode failed and a perfectly readable text body fell through to the "<binary:N bytes, truncated>" placeholder. Step back up to 3 bytes (max UTF-8 continuation length) to find a valid prefix before giving up — works for every payload that was misclassified before, no false binaries. - recordStreamedAssistantTextIntoHistory walked the entire timeline backward looking for the most recent assistantText. If the current turn ended without one (tool-only turn, error mid-stream), it would happily find the *previous* turn's reply and append it again, duplicating that message in history. Scope the walk to events after the most recent userText event — that's where the current turn started — so we never re-commit a past turn. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
PR review pointed out two P3 cleanups in CommandPalette: - `footer` (the ↑↓/↵/esc keyboard-hint strip) was implemented but never added to the view hierarchy after the user explicitly asked to remove the bottom bar. The view, FooterHint, and EscBadge helpers were all dead code — delete them. The hint information lives in tooltips on the relevant affordances now. - ResultRow and PreviewPane each carried identical methodColor / statusColor switches. Future palette changes had to be made in two places or risk visual drift. Extract a fileprivate PaletteColors enum with `method(_:)` and `status(_:)` static functions; both views now call into it. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Stacked on top of #75. The actual reverse-engineering loop.
Backend (
backend/)New Python package
rae-agent, totally independent of the existing CLI undersrc/reverse_api/(no shared code, per spec).protocol.py— typedChatRequest,FlowSummary,AgentEventdataclasses with payload validation.prompts.py— system prompt + per-language guidelines (Python / TypeScript / Go).session.py— per-chat workdir under<base>/agent-sessions/<chat-id>/{flows,out}. Drivesclaude_agent_sdk.querywithpermission_mode="acceptEdits", allowed toolsRead / Write / Edit. TranslatesAssistantMessage/UserMessage(tool results) /ResultMessageblocks into theAgentEventstream.server.py—websocketsserver. PrintsRAE_AGENT_LISTENING:<port>on bind so the Swift side can read the actual port.tests/test_protocol.py— 8 pytest cases on the protocol layer; all green.macOS (
macos/Sources/ReverseAPI/Agent/)AgentSidecar— actor that launches the Python backend, parses the bound port from stdout, manages lifecycle.AgentClient— actor wrappingURLSessionWebSocketTaskwith anAsyncThrowingStream<AgentEvent, Error>.AgentProtocol—AgentEvent,AgentFlowPayload,AgentChatRequest,AgentEventDecoder.AgentSession—@MainActor @Observablecoordinator. Exposesstatus / events / history / generatedFiles / lastWorkdir, owns the sidecar + client, exposessend / clear / shutdown.UI (
macos/Sources/ReverseAPI/UI/AgentPanel.swift)ContentViewnow lays outTrafficListView | InspectorView | AgentPanelin a 3-paneHSplitView.Try it
The agent uses whichever
python3is onPATH. App Support layout:Generated by Claude Code
Summary by cubic
Adds a Python
rae-agentsidecar and a SwiftUI Agent Panel that turn captured flows into a generated API client. The traffic card now uses a single Filter button popover and a smooth transparent split; rows also show request duration next to the timestamp.New Features
rae-agent): WebSocket server onclaude-agent-sdk(Read/Write/Edit,bypassPermissions); per‑chat workdir; validatedChatRequest/FlowSummary; incremental text chunks andsession_started; persists selected flows to JSON; prints bound port; resume viaclaude_session_id; base dir honorsRAE_AGENT_WORKDIR. Tests cover protocol, base‑dir resolution, and session‑dir safety.swift-markdown-uiwith syntax highlighting; compact tool/use result rows; improved inspector with Preview (images/HTML); command palette. Traffic card has a Filter button popover (chips for type/method/status, custom text filter, Reset inside; shows a dot when filters are active), a delete‑all button, and rows show request duration. Cards use a custom transparent split for smoother resizing; sessions auto‑save to JSON and reload; resume via captured Claude session id.AgentRuntime;macos/scripts/build-app.shbuilds a portable app;dev-setup.shcreates a venv forswift run.Bug Fixes
StreamEventimport fallback preserved, and when streaming is unavailable the backend now emits full TextBlocks so replies still render.file_writtenonly on successful ToolResult; cap flow bodies at 64 KiB and truncate on a UTF‑8 boundary..regularactivation forswift run; traffic card auto‑grows when the inspector opens; conditional min widths and unified card surfaces; two‑line traffic rows with select‑all header; keep in‑memory and persisted flows in sync on delete/clear; HTML preview uses nil baseURL to avoid live fetches, and text copy prefers UTF‑8 when decodable.Written for commit a04add5. Summary will update on new commits. Review in cubic
Greptile Summary
This PR introduces the full reverse-engineering loop: a Python
rae-agentWebSocket sidecar and a SwiftUI three-pane Agent Panel that streams agent events end-to-end. The backend protocol, server, and tests are well-structured, and several bugs from prior rounds are correctly addressed.AgentSession.send()appends the current user message tohistorybefore constructingAgentChatRequest, sobuild_user_promptemits the message twice on every single turn.AgentChatRequestis constructed withid: UUID().uuidStringon everysend()call, creating a brand-new session directory per message and making previously generated files unreachable.Confidence Score: 3/5
Two bugs in the send path corrupt every multi-turn interaction before the agent produces useful output.
Every message arrives at the model with its text duplicated in the prompt. More critically, each send generates a new random UUID as the session ID, so the agent file output directory is fresh per message — the agent cannot read or edit files it wrote in a previous turn, defeating the multi-turn reverse-engineering workflow.
macos/Sources/ReverseAPI/Agent/AgentSession.swift and backend/rae_agent/prompts.py / session.py need attention before merging.
Important Files Changed
Comments Outside Diff (4)
macos/Sources/ReverseAPI/Agent/AgentClient.swift, line 588-614 (link)Taskspawned inside theAsyncThrowingStreamclosure is never stored or cancelled. WhenAgentSession.shutdown()cancelsreceiverTask, the outerfor-try-awaitloop ends but the innerTaskkeeps callingtask.receive()until it gets a network error or the connection closes. Each call tostartReceiver()(which callsevents()) creates a new orphaned task. Holding aTaskhandle and calling.cancel()in the stream'sonTerminationhandler would plug the leak.Prompt To Fix With AI
macos/Sources/ReverseAPI/Agent/AgentSidecar.swift, line 1197-1199 (link)launch()guards withif let port { return port }but never checks whether the Python process is still alive. When the sidecar crashes after a successful start,self.portstays set whileself.processrefers to the dead process. The next call toensureRunning()(status.failed→ enters launch path) returns the stale port, creates a WebSocket task to a dead server, and setsstatus = .ready. Every subsequentsend()then fails, the receiver errors, andstatusbounces back to.failed— a permanent failure loop with no way to relaunch the Python process short of restarting the app.The
startReceivererror handler setsstatus = .failedbut never callssidecar.terminate(), soself.portis never cleared on a spontaneous crash. The fix is to add a liveness check to the early-return guard.Prompt To Fix With AI
macos/Sources/ReverseAPI/Agent/AgentSession.swift, line 1086-1093 (link)history.append(...)is called with the current user message beforeAgentChatRequestis constructed, sohistoryalready includes that message.build_user_promptthen emits the message a second time: once asUser request: {request.user_message}and again as- user: {trimmed}in theRecent conversationblock. Every turn delivers the current message twice to the model, which wastes context and can confuse multi-turn reasoning.Prompt To Fix With AI
macos/Sources/ReverseAPI/Agent/AgentSession.swift, line 1087-1093 (link)send()breaks multi-turn file-system continuityid: UUID().uuidStringgenerates a fresh UUID for every message. On the Python side,run_chatuses that UUID as thechat_idto create a brand-new session directory (agent-sessions/<uuid>/out/). Files generated in turn N land in a completely different directory from turn N+1 — the agent can neitherReadnorEditanything it wrote in the previous turn. TheEdittool inallowed_toolsis dead in practice after the first message.Prompt To Fix With AI
Prompt To Fix All With AI
Reviews (3): Last reviewed commit: "M5: resolve FlowStore conflict markers l..." | Re-trigger Greptile