- Update macOS marketing version to 1.0.0-beta.16
- Increment build number to 206
- Update web package.json version to 1.0.0-beta.16
- Prepare for next beta release
- Update all references from VibeTunnel-Mac.xcodeproj to VibeTunnel.xcodeproj
- Update scheme references from VibeTunnel-Mac to VibeTunnel
- These changes align the scripts with the actual project structure
- Replace python3 with opencode in position 3
- Replace pnpm run dev with crush in position 4
- Keep claude and gemini in positions 1-2
- Move zsh and node to positions 5-6
- Update both Mac (ConfigManager.swift) and Web (config.ts) configurations
- Maintain synchronization between platforms
- Add Lachlan Donald (@lox) for Tailscale Serve integration (#472)
- Add Diego Petrucci (@diegopetrucci) for push notifications onboarding (#474)
- Credit Tao Xu (@hewigovens) for CJK IME input support (#447, #480)
- Update Mac about screen with new contributors
- Add thank you message to contributors section
This ensures all contributors since beta.14 are properly credited
for their valuable contributions to VibeTunnel.
Co-Authored-By: Claude <noreply@anthropic.com>
- Add @jblwilliams as new contributor for removing unused ScreenCaptureKit import
- Maintains alphabetical order at end of contributor list
Co-Authored-By: Claude <noreply@anthropic.com>
- Updated macOS test bundle IDs to use consistent naming pattern:
- sh.vibetunnel.vibetunnelTests → sh.vibetunnel.vibetunnel.tests
- sh.vibetunnel.vibetunnelTests.debug → sh.vibetunnel.vibetunnel.tests.debug
- Updated iOS test bundle ID:
- sh.vibetunnel.VibeTunnelTests-Mobile → sh.vibetunnel.ios.tests
- Fixed iOS logging to use sh.vibetunnel.ios subsystem consistently
- Created logging configuration profile in apple/logging/ to enable full debug logging
- Configuration profile covers all VibeTunnel subsystems and bundle IDs
- Updated documentation to reflect new bundle identifiers and logging setup
The Mac app was still using the old query parameter format (?session=id)
while the web app expects path-based URLs (/session/id). This caused
sessions not backed by windows to open with the wrong URL format.
Updated DashboardURLBuilder to generate path-based URLs matching the
web app's routing expectations.
* feat: add secure Tailscale Serve integration support
- Add --enable-tailscale-serve flag to bind server to localhost
- Implement Tailscale identity header authentication
- Add security validations for localhost origin and proxy headers
- Create TailscaleServeService to manage tailscale serve process
- Fix dev script to properly pass arguments through pnpm
- Add comprehensive auth middleware tests for all auth methods
- Ensure secure integration with Tailscale's reverse proxy
* refactor: use isFromLocalhostAddress helper for Tailscale auth
- Extract localhost checking logic into dedicated helper function
- Makes the code clearer and addresses review feedback
- Maintains the same security checks for Tailscale authentication
* feat(web): Add Tailscale Serve integration support
- Add TailscaleServeService to manage background tailscale serve process
- Add --enable-tailscale-serve and --use-tailscale-serve flags
- Force localhost binding when Tailscale Serve is enabled
- Enhance auth middleware to support Tailscale identity headers
- Add isFromLocalhostAddress helper for secure localhost validation
- Fix dev script to properly pass CLI arguments through pnpm
- Add comprehensive auth middleware tests (17 tests)
- Use 'tailscale serve reset' for thorough cleanup
The server now automatically manages the Tailscale Serve proxy process,
providing secure HTTPS access through Tailscale networks without manual
configuration.
* feat(mac): Add Tailscale Serve toggle in Remote Access settings
- Add 'Enable Tailscale Serve Integration' toggle in RemoteAccessSettingsView
- Pass --use-tailscale-serve flag from both BunServer and DevServerManager
- Show HTTPS URL when Tailscale Serve is enabled, HTTP when disabled
- Fix URL copy bug in ServerInfoSection for Tailscale addresses
- Update authentication documentation with new integration mode
- Server automatically restarts when toggle is changed
The macOS app now provides a user-friendly toggle to enable secure
Tailscale Serve integration without manual configuration.
* fix(security): Remove dangerous --allow-tailscale-auth flag
- Remove --allow-tailscale-auth flag that allowed header spoofing
- Remove --use-tailscale-serve alias for consistency
- Keep only --enable-tailscale-serve which safely manages everything
- Update all references in server.ts to use enableTailscaleServe
- Update macOS app to use --enable-tailscale-serve flag
- Update documentation to remove manual setup mode
The --allow-tailscale-auth flag was dangerous because it allowed users to
enable Tailscale header authentication while binding to network interfaces,
which would allow anyone on the network to spoof the Tailscale headers.
Now there's only one safe way to use Tailscale integration: --enable-tailscale-serve,
which forces localhost binding and manages the proxy automatically.
* fix: address PR feedback from Peter and Cursor
- Fix Promise hang bug in TailscaleServeService when process exits with code 0
- Move tailscaleServeEnabled string to AppConstants.UserDefaultsKeys
- Create TailscaleURLHelper for URL construction logic
- Add Linux support to TailscaleServeService with common Tailscale paths
- Update all references to use centralized constants
- Fix code formatting issues
* feat: Add Tailscale Serve status monitoring and error visibility
* fix: Correct pass-through argument logic for boolean flags and duplicates
- Track processed argument indices instead of checking if arg already exists in serverArgs
- Add set of known boolean flags that don't take values
- Allow duplicate arguments to be passed through
- Only treat non-dash arguments as values for non-boolean flags
This fixes issues where:
1. Boolean flags like --verbose were incorrectly consuming the next argument
2. Duplicate flags couldn't be passed through to the server
* fix: Resolve promise hanging and orphaned processes in Tailscale serve
- Add settled flag to prevent multiple promise resolutions
- Handle exit code 0 as a failure case during startup
- Properly terminate child process in cleanup method
- Add timeout for graceful shutdown before force killing
This fixes:
1. Promise hanging when tailscale serve exits with code 0
2. Orphaned processes when startup fails or cleanup is called
---------
Co-authored-by: Peter Steinberger <steipete@gmail.com>
This toggle was UI-only with no actual implementation. It was intended for
controlling verbose logging of remote service health checks but was never
connected to any logging logic.
- Add auto-resubscribe logic to web push notification service
- Automatically restore push subscription if notifications were previously enabled
- Sync subscription state with saved preferences on initialization
- Handle failed resubscription by updating preferences accordingly
- Fix Mac app notification service startup check
- Only establish SSE connection if notifications are enabled in config
- Prevents unnecessary connection attempts when notifications are disabled
- Ensures consistent behavior between web and native components
This fixes the issue where notification settings appeared enabled but the
SSE connection indicator was red and test button was disabled until the
user manually toggled notifications off and on.
- Remove duplicate NotificationService.start() call from VibeTunnelApp
- Fix compression middleware blocking SSE events by excluding /api/events
- Add Accept-Encoding: identity header to EventSource to prevent compression
- Add comprehensive debugging to EventSource for data reception
- Fix Swift compilation errors with explicit self references
- The issue was that SSE events were being gzip compressed, preventing proper streaming
- Show real-time connection status with colored indicator
- Display 'Event Stream: Connected/Disconnected' on separate row
- Add warning message when notifications enabled but connection is down
- Update connection status via NotificationCenter events
- Add debugging logs to EventSource for better troubleshooting
- Add /api/test-notification endpoint that emits SSE events to all clients
- Include server version in test notifications for verification
- Update web client to listen for SSE test notifications
- Update Mac app to call server endpoint instead of local notification
- Add TestNotification to ServerEventType enum
- Ensure test notifications are distributed to ALL connected endpoints
This provides a complete test of the notification flow:
Web/Mac → Server → SSE → All clients (Web + Mac)
- Web UI: Changed 'Added' to 'New' for untracked files
- Mac UI: Changed 'Untracked' to 'New' and removed staged file display
- Both UIs now consistently show: New (green +), Modified (yellow ~), Deleted (red -)
- Focused on working directory changes, removed staging area counts
- Backend: Changed untracked to added in git-status.ts for consistency
- Remove redundant Unix socket notification path from SessionMonitor
- Fix Mac app to use correct /api/events endpoint (was missing /api prefix)
- Remove NotificationControlHandler as notifications now flow through SSE
- Clean up unused 'session-monitor' category from control protocol
- Simplify notification flow: Events → SessionMonitor → SSE → All clients
This eliminates duplicate code paths and makes the system more maintainable.
- Extended control protocol to support session-monitor events
- Modified SessionMonitor to emit events via Unix socket to Mac app
- Removed duplicate notification logic from Mac SessionMonitor
- All notifications now flow: Server → Unix Socket → Mac NotificationControlHandler
- Respects user notification preferences on Mac side
- Single source of truth for all notification events (server-side)
This eliminates the need for SSE connection from Mac app and removes
polling-based duplicate detection, simplifying the architecture.
- Move worktree toggle button inside responsive container
- Button now properly hides when compact menu is shown
- Prevents redundant display of same functionality on mobile
- Replace NSColor.controlBackgroundColor with .regularMaterial
- Remove unused VisualEffectBackground and AutocompletePopupContent
- Simplify code by using native SwiftUI material modifiers
- Replace SwiftUI overlay with custom NSWindow implementation
- Use NSColor.controlBackgroundColor for opaque background
- Add proper click-outside-to-dismiss functionality
- Handle Swift concurrency and actor isolation correctly
- Inspired by SuggestionsDemo but simplified for our use case
- Use invisible plus symbol under minus to ensure equal button sizes
- SF Symbol 'minus' is naturally smaller than 'plus', causing unequal click targets
- Both buttons now have identical 20x20 clickable areas
- Replace custom List implementation with native SwiftUI Table
- Add standard macOS +/- buttons with proper click targets
- Support inline editing with double-click and Enter key
- Fix text field alignment and padding issues
- Add proper focus management for keyboard navigation
- Remove redundant labels during inline editing
- Ensure table regains focus after editing completes
- Remove double border by restructuring to use Section with header/footer pattern
- Move "Quick Start Commands" title and description outside the content border
- Remove custom background and border from List to eliminate visual inconsistency
- Match the same visual hierarchy as Server Configuration and other settings panels
- Maintain single border around content area with consistent styling
- Add consistent error logging when terminate session fails from X button
- Match error handling behavior between list view and detail view
- Helps diagnose issues with session termination
Previously, when session termination failed from the X button in the list view,
the error was silently swallowed. This made it difficult to diagnose why
termination might fail compared to the menu action which has proper logging.
Now both termination paths log errors consistently, making debugging easier.
- Remove unnecessary nil check for non-optional URL in PathSplittingTests
- Add CodingKeys enum to ServerEvent to explicitly exclude auto-generated id property from encoding/decoding
This resolves all compilation warnings except the harmless AppIntents metadata warning.
