Conversation
…utput stdout.trim() was stripping the leading space from git submodule status output, which is actually a status character meaning 'up to date'. This caused parseSubmoduleStatusLine regex to fail, making getSubmodules() and getSubmodulePaths() always return empty arrays. Split lines first, then filter by trimmed content to preserve the status character.
Pipe characters in task descriptions (e.g. 'update.sh|ps1') caused the parseBlocks function to enter an infinite loop — lines with '|' that weren't valid table headers were excluded from paragraph collection but never consumed, spinning the outer while loop forever. Fix: treat non-table pipes as normal paragraph text, hoist regexes to module-level constants, and add safety fallback for unconsumed lines. Also strip output arrays from the agents listing API (600KB→64KB) since output is loaded on demand when expanding individual agent cards.
…129) * feat: add Xcode multi-platform template with deploy and screenshot scripts New "Xcode Multi-Platform" app template scaffolds iOS + macOS + watchOS via XcodeGen with generic deploy.sh (TestFlight), take_screenshots.sh (iOS/iPad), and take_screenshots_macos.sh (macOS) automation scripts. PortOS now detects missing management scripts in Xcode-managed apps and surfaces a banner in the app detail overview with one-click install. Deploy panel adds --watch (watchOS) flag support. * address review: fix Xcode template scheme/script issues and add endpoint tests - Add UITests to iOS scheme testTargets for screenshot automation - Fix watchOS scheme name mismatch (use underscore to match target name) - Replace shell exec with execFile for chmod (avoid injection) - Add win32 platform guard to deriveProjectInfo - Surface partial install errors in OverviewTab toast notifications - Update deployApp JSDoc to include --watch flag - Add 5 tests for POST /api/apps/:id/xcode-scripts/install endpoint * address review: restrict script checks to Xcode types, add win32 chmod guard, reuse toTargetName - Replace NON_PM2_TYPES with XCODE_TYPES set (excludes 'swift'/SPM apps) - Add win32 platform guard for chmod in installScripts - Reuse shared toTargetName() in scaffold.js instead of inline regex * address review: scope deploy tests to iOS builds, use fs.chmod in scaffold - Only run iOS simulator tests when --ios is being built (not for macOS/watchOS-only deploys) - Replace shell exec chmod with fs.promises.chmod in scaffoldXcode.js * address review: consistent xcodeScripts in API response, safer bundle ID derivation - Add xcodeScripts to PM2 app enrichment for consistent response shape - Derive bundle ID from project name instead of regex match (avoids picking wrong target's PRODUCT_BUNDLE_IDENTIFIER in multi-target configs) * address review: expand tilde in deploy script KEY_PATH Tilde (~) doesn't expand inside double quotes in bash, so the generated deploy.sh now uses parameter substitution to replace leading ~ with $HOME before the -f check. * address review: fix Swift compilation, dynamic simulator detection, dedupe toasts - Add missing attributes: nil to FileManager.createDirectory call - Use sanitized targetName for Swift appName constant - Detect iOS runtime version dynamically instead of hard-coding 18.6 - Remove pinned OS version from deploy.sh test fallback - Fix duplicate error toasts by letting request() handle HTTP errors * address review: use shared XCODE_BUNDLE_PREFIX in iOS scaffold, parse actual bundle ID - Import XCODE_BUNDLE_PREFIX in scaffoldIOS instead of hard-coding - deriveProjectInfo now parses PRODUCT_BUNDLE_IDENTIFIER from project.yml, filtering out test/watch targets, with fallback to name-derived ID * address review: toBundleId fallback, quoted YAML handling, chmod error recovery, service tests - toBundleId falls back to 'app' suffix for names with no alphanumeric chars - deriveProjectInfo strips YAML wrapping quotes from scalar values - chmod failure pushed to errors array instead of throwing 500 - Add 20 unit tests for xcodeScripts service (toBundleId, toTargetName, checkScripts, generateDeployScript, generateScreenshotScript, etc.) * address review: validate repoPath existence in checkScripts and install route - checkScripts short-circuits when repoPath doesn't exist on disk - Install route returns PATH_NOT_FOUND (400) for missing repo paths - Add test for PATH_NOT_FOUND case, fix test mocks for repoPath check * address review: validate project.yml values against strict allowlists Parsed target names and bundle IDs from project.yml are now validated against safe character patterns before being interpolated into generated bash scripts. Falls back to sanitized toTargetName/toBundleId on invalid input. * address review: guard git commit in deploy.sh, skip chmod on win32 in scaffold - deploy.sh git commit only runs inside git repos with staged changes - scaffoldXcode skips chmod on Windows (consistent with installScripts) * address review: fix bash tilde expansion bug and expand installScripts test coverage - Generated deploy.sh used \~ instead of ~ in KEY_PATH parameter expansion, which only matched a literal backslash-tilde and left ~/Library/... paths unexpanded, causing the subsequent -f file check to fail. - Tightened the existing tilde expansion test to assert the exact pattern (KEY_PATH/#~/$HOME) so this regression cannot reappear silently. - Added unit tests for installScripts and deriveProjectInfo covering: project.yml parsing (name + bundle id, quote stripping, watchkit/Tests filtering, unsafe-name rejection), .xcodeproj fallback, win32 short-circuit, the never-overwrite guarantee, .env.example creation guard, chmod failure reporting, and the Windows chmod-not-supported message. * address review: restore process.platform descriptor cleanly in win32 test Capture the original property descriptor via getOwnPropertyDescriptor and re-define with configurable: true so the override can be reverted on Node versions where process.platform is not configurable by default. * address review: scope Xcode scripts by app type and validate via Zod enum - XCODE_MANAGEMENT_SCRIPTS entries now declare which app.types they apply to. ios-native apps no longer surface take_screenshots_macos.sh in the missing- scripts banner, and macos-native apps no longer surface take_screenshots.sh. - installScripts refuses to write a script that does not apply to the target app's type and reports a clear error. - Added scriptsForAppType helper and exported XCODE_SCRIPT_NAMES. - Tightened POST /api/apps/:id/xcode-scripts/install validation to a Zod enum bounded by XCODE_SCRIPT_NAMES, so unknown or oversized payloads are rejected at the validation layer instead of bouncing through installScripts. - Added unit tests covering type-scoped checkScripts/installScripts behavior and updated route tests for the new validation contract. * address review: harden toTargetName and quote .env example with spaces - toTargetName now produces a guaranteed-valid Swift identifier: trims whitespace, collapses runs of underscores, strips leading/trailing underscores, prefixes with 'App_' when the first character is not [A-Za-z_], and falls back to 'App' for empty/null/undefined input. This prevents the scaffolder from emitting uncompilable Swift like 'struct 123App' when the user names an app starting with a digit. - Quoted APPSTORE_API_PRIVATE_KEY_PATH in XCODE_ENV_EXAMPLE because deploy.sh loads .env via 'source .env' and the example path contains spaces; without quotes the shell would split on whitespace and break sourcing. - Added regression tests for digit-leading names, all-symbol names, runs of symbols collapsing, leading/trailing trimming, and null/undefined input.
Adds a Notes tab to the Brain section that connects to Obsidian vaults from iCloud directories. Supports browsing, searching, editing, and creating markdown notes with wikilink navigation, backlinks, tags, and frontmatter parsing.
Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 7.3.1 to 7.3.2. - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v7.3.2/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v7.3.2/packages/vite) --- updated-dependencies: - dependency-name: vite dependency-version: 7.3.2 dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
altool's multipart uploader logs every transient network/checksum
hiccup as "ERROR: [ContentDelivery.Uploader.X] WILL RETRY PART N",
followed by Apple's actual terminal failure banner ("UPLOAD FAILED")
only after all internal retries are exhausted. The template's grep
pattern matched plain "ERROR: " and killed deploys mid-recovery on
flaky networks.
Switch all three upload sections (iOS, macOS, watchOS) in the
generated deploy.sh template to grep for definitive failure markers
only: UPLOAD FAILED|Validation failed \(|ERROR ITMS-|product-errors
Tests pass (46/46). Sibling apps (ADultingHD, BarnHub, EquityAtlas,
Ideator, MortalLoom, PortOS_Recall) had the same bug and have been
patched in their own repos in parallel; future scaffolds will inherit
the corrected pattern.
Memory extractor now checks for semantically similar active memories (vector search at 0.82 threshold) and text-matching pending memories before creating or proposing new ones. The LLM classification prompt also receives existing memories so it avoids re-proposing known knowledge.
Completed agents that ran with /simplify now show a "Task Summary" section on the agent card, making it easy to see what was accomplished without scrolling through the simplify review output.
Disable dnd-kit sorting while a task is being edited, stop pointer event propagation from the edit form, and enlarge save/cancel button touch targets to 40px minimum height.
…repo Worktree cleanup now verifies rev-parse --show-toplevel matches the expected worktree path before trusting git status. When a worktree's .git file is missing, git walks up the directory tree and finds a parent repo (e.g. PortOS), causing git status to report that repo's dirty files and incorrectly blocking worktree removal. Also adds metadata.provider field for job-generated tasks.
…tions The numbered Instructions section lacked a commit step, and the Simplify Step section said "before committing" without reinforcing that the agent must then actually commit. Agents running /simplify could interpret their work as done after the review, leaving changes uncommitted. Added step 4 "commit and push" to Instructions and updated the Simplify Step to say "then commit and push."
Memory classifier chat completions failed with "No models loaded" when LM Studio had nothing in memory. Now discovers downloaded LLMs via /api/v0/models and auto-loads the configured model (or first available LLM) via /api/v1/models/load before sending the chat request.
…platform, memoryBM25, notifications, search, taskSchedule)
3-tier plan (quick wins, medium effort, ambitious) covering system health atmosphere, productivity district, goal monuments, chronotype overlay, knowledge district, and more. Priority-ordered by impact-to-effort ratio.
…ulls, wire expand buttons - socket.js: emit standardize:complete, app:update:error/complete, app:standardize:error in outer catch blocks so clients don't get stuck in loading state - socket.js: fix indentation inside standardize:start try block - UsagePage.jsx: guard formatNumber against null/undefined, use nullish coalescing for tokens/cost - RunsHistoryPage.jsx: wire onClick and aria-label on expand/collapse button - HistoryPage.jsx: wire onClick on expand/collapse button (with stopPropagation) - RunnerPage.jsx: add aria-label to dismiss context and remove screenshot buttons, add group-focus-within:opacity-100 for keyboard accessibility
- socket.js: use err?.message ?? String(err) in all catch blocks to handle non-Error rejection values; emit detect:complete on detect:start failure - cos.js: use err?.message ?? String(err) in event listener catch handlers
…ride on resume - UsagePage: clamp maxActivity to >= 1 to prevent NaN bar heights - UsagePage: compute maxHour once outside map loop (O(n) vs O(n^2)) - RunnerPage: use functional setState for workspace selection to avoid overriding continuation context workspace with default
Apply the same error handling pattern as other socket handlers: outer try/catch with safe error extraction and operation-specific error event emission.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 142 out of 143 changed files in this pull request and generated 1 comment.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
… deployments Default roots now include /Users (multiple macOS accounts with repos under their own homes), /Volumes (external drives), and /opt (Linux server layouts) in addition to home + /tmp. Operators with repos elsewhere can extend via PORTOS_WORKSPACE_ROOTS='/a:/b'. Roots are still realpath-resolved so symlinks cannot bypass containment.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 142 out of 143 changed files in this pull request and generated 4 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
…, symlink-aware vault containment, sync-throw catch
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 142 out of 143 changed files in this pull request and generated 1 comment.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 142 out of 143 changed files in this pull request and generated 2 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 142 out of 143 changed files in this pull request and generated 1 comment.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 142 out of 143 changed files in this pull request and generated 1 comment.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 142 out of 143 changed files in this pull request and generated 4 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
…ns, mirror realpath in test helper
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 142 out of 143 changed files in this pull request and generated 4 comments.
Comments suppressed due to low confidence (1)
server/routes/cosScheduleRoutes.js:90
- This PR removes the deprecated
/schedule/self-improvement/:taskTypeand/schedule/app-improvement/:taskTypealias endpoints. If any existing clients/scripts still call them, this is a breaking API change; consider keeping the aliases for one more release (or returning a clear 410/redirect) and make sure the removal is called out in the release notes/changelog.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Release v1.43.0
Released: 2026-04-14
Added
commandSecurity,httpClient,platform,memoryBM25,notifications,search, andtaskScheduledeploy.shwith--ios,--macos,--watch,--allflags for TestFlight deploymenttake_screenshots.shandtake_screenshots_macos.shfor App Store screenshot automationScreenshotTests.swiftstubs for XCUITest-based screenshot capture--watch(watchOS) flag optionWIKI.md) defining page types, frontmatter conventions, and workflowsjob-wiki-maintenance) auditing for contradictions, orphans, outdated claimsraw/assets/for Web Clipper image downloadsFixed
/simplifynow extract and display a separate "Task Summary" so the original work summary is no longer buried under the simplify review outputdeploy.shaltool false-positive — generated deploy scripts no longer fail on altool's transient retry events; switched to Apple's definitive failure markers onlyrev-parse --show-toplevelmatches expected pathPOST /api/v1/models/loadbefore classification~/DownloadsquestionIndex(was always scoring against prompt Release v0.2.0 - CI/CD, Documentation & DevTools #1)totalDisk === 0edge case no longer produces NaNusagePercentFull Changelog
Full Diff: v1.42.0...v1.43.0