- Updated macOS test bundle IDs to use consistent naming pattern:
- sh.vibetunnel.vibetunnelTests → sh.vibetunnel.vibetunnel.tests
- sh.vibetunnel.vibetunnelTests.debug → sh.vibetunnel.vibetunnel.tests.debug
- Updated iOS test bundle ID:
- sh.vibetunnel.VibeTunnelTests-Mobile → sh.vibetunnel.ios.tests
- Fixed iOS logging to use sh.vibetunnel.ios subsystem consistently
- Created logging configuration profile in apple/logging/ to enable full debug logging
- Configuration profile covers all VibeTunnel subsystems and bundle IDs
- Updated documentation to reflect new bundle identifiers and logging setup
- Web: zod 4.0.14, @biomejs/biome 2.1.3, @testing-library/dom 10.4.1
- Mac: swift-log 1.6.4, SwiftFormat 0.57.2, and transitive dependencies
- iOS: all dependencies already up to date
- Reverted Tailwind CSS v4 update due to breaking changes
- Add detection for tmux attachment sessions (commands containing 'tmux attach' or names starting with 'tmux:')
- Implement smart detachment using Ctrl-B,d sequence instead of SIGTERM
- Add fallback to :detach-client command if initial detach fails
- Update API responses to distinguish between 'killed' and 'detached' sessions
- Prevents 500 errors when trying to kill the last tmux session
This allows users to cleanly exit VibeTunnel tmux attachments without destroying the underlying tmux session, which can then be reattached later.
- Add explicit TailscaleHeaders and TailscaleUser interfaces
- Export TailscaleUser type for use across modules
- Improve type-safe header access in getTailscaleUser function
- Fix auth middleware to properly skip /api/auth endpoints
- Update auth routes to use the exported types
* feat: add secure Tailscale Serve integration support
- Add --enable-tailscale-serve flag to bind server to localhost
- Implement Tailscale identity header authentication
- Add security validations for localhost origin and proxy headers
- Create TailscaleServeService to manage tailscale serve process
- Fix dev script to properly pass arguments through pnpm
- Add comprehensive auth middleware tests for all auth methods
- Ensure secure integration with Tailscale's reverse proxy
* refactor: use isFromLocalhostAddress helper for Tailscale auth
- Extract localhost checking logic into dedicated helper function
- Makes the code clearer and addresses review feedback
- Maintains the same security checks for Tailscale authentication
* feat(web): Add Tailscale Serve integration support
- Add TailscaleServeService to manage background tailscale serve process
- Add --enable-tailscale-serve and --use-tailscale-serve flags
- Force localhost binding when Tailscale Serve is enabled
- Enhance auth middleware to support Tailscale identity headers
- Add isFromLocalhostAddress helper for secure localhost validation
- Fix dev script to properly pass CLI arguments through pnpm
- Add comprehensive auth middleware tests (17 tests)
- Use 'tailscale serve reset' for thorough cleanup
The server now automatically manages the Tailscale Serve proxy process,
providing secure HTTPS access through Tailscale networks without manual
configuration.
* feat(mac): Add Tailscale Serve toggle in Remote Access settings
- Add 'Enable Tailscale Serve Integration' toggle in RemoteAccessSettingsView
- Pass --use-tailscale-serve flag from both BunServer and DevServerManager
- Show HTTPS URL when Tailscale Serve is enabled, HTTP when disabled
- Fix URL copy bug in ServerInfoSection for Tailscale addresses
- Update authentication documentation with new integration mode
- Server automatically restarts when toggle is changed
The macOS app now provides a user-friendly toggle to enable secure
Tailscale Serve integration without manual configuration.
* fix(security): Remove dangerous --allow-tailscale-auth flag
- Remove --allow-tailscale-auth flag that allowed header spoofing
- Remove --use-tailscale-serve alias for consistency
- Keep only --enable-tailscale-serve which safely manages everything
- Update all references in server.ts to use enableTailscaleServe
- Update macOS app to use --enable-tailscale-serve flag
- Update documentation to remove manual setup mode
The --allow-tailscale-auth flag was dangerous because it allowed users to
enable Tailscale header authentication while binding to network interfaces,
which would allow anyone on the network to spoof the Tailscale headers.
Now there's only one safe way to use Tailscale integration: --enable-tailscale-serve,
which forces localhost binding and manages the proxy automatically.
* fix: address PR feedback from Peter and Cursor
- Fix Promise hang bug in TailscaleServeService when process exits with code 0
- Move tailscaleServeEnabled string to AppConstants.UserDefaultsKeys
- Create TailscaleURLHelper for URL construction logic
- Add Linux support to TailscaleServeService with common Tailscale paths
- Update all references to use centralized constants
- Fix code formatting issues
* feat: Add Tailscale Serve status monitoring and error visibility
* fix: Correct pass-through argument logic for boolean flags and duplicates
- Track processed argument indices instead of checking if arg already exists in serverArgs
- Add set of known boolean flags that don't take values
- Allow duplicate arguments to be passed through
- Only treat non-dash arguments as values for non-boolean flags
This fixes issues where:
1. Boolean flags like --verbose were incorrectly consuming the next argument
2. Duplicate flags couldn't be passed through to the server
* fix: Resolve promise hanging and orphaned processes in Tailscale serve
- Add settled flag to prevent multiple promise resolutions
- Handle exit code 0 as a failure case during startup
- Properly terminate child process in cleanup method
- Add timeout for graceful shutdown before force killing
This fixes:
1. Promise hanging when tailscale serve exits with code 0
2. Orphaned processes when startup fails or cleanup is called
---------
Co-authored-by: Peter Steinberger <steipete@gmail.com>
- Add early command detection to skip version output for specific commands
- Commands that now run silently: vt title, vt status, vt version, vt --version
- Fixes ugly text wrapping in Claude Code when using vt title
- Preserves color information by eliminating wrapper output
- Requires Mac app rebuild to take effect
- Add isExitingNormally flag set during onExit callback
- Check for common normal disconnect errors (EPIPE, ECONNRESET, Unknown error)
- Log as debug instead of error for normal disconnects
- Prevents misleading error message when exiting Claude Code normally
- Shorten home directory paths to ~ for better readability
- Merge version and build date into single line
- Apply gray color to output using ANSI escape codes
- Add auto-resubscribe logic to web push notification service
- Automatically restore push subscription if notifications were previously enabled
- Sync subscription state with saved preferences on initialization
- Handle failed resubscription by updating preferences accordingly
- Fix Mac app notification service startup check
- Only establish SSE connection if notifications are enabled in config
- Prevents unnecessary connection attempts when notifications are disabled
- Ensures consistent behavior between web and native components
This fixes the issue where notification settings appeared enabled but the
SSE connection indicator was red and test button was disabled until the
user manually toggled notifications off and on.
- Remove duplicate NotificationService.start() call from VibeTunnelApp
- Fix compression middleware blocking SSE events by excluding /api/events
- Add Accept-Encoding: identity header to EventSource to prevent compression
- Add comprehensive debugging to EventSource for data reception
- Fix Swift compilation errors with explicit self references
- The issue was that SSE events were being gzip compressed, preventing proper streaming
- Show real-time connection status with colored indicator
- Display 'Event Stream: Connected/Disconnected' on separate row
- Add warning message when notifications enabled but connection is down
- Update connection status via NotificationCenter events
- Add debugging logs to EventSource for better troubleshooting
- Add /api/test-notification endpoint that emits SSE events to all clients
- Include server version in test notifications for verification
- Update web client to listen for SSE test notifications
- Update Mac app to call server endpoint instead of local notification
- Add TestNotification to ServerEventType enum
- Ensure test notifications are distributed to ALL connected endpoints
This provides a complete test of the notification flow:
Web/Mac → Server → SSE → All clients (Web + Mac)
Updated connection-manager to handle the new field names:
- Changed gitUntrackedCount to gitAddedCount
- Changed gitStagedCount to gitDeletedCount
This completes the git status terminology standardization.
- Web UI: Changed 'Added' to 'New' for untracked files
- Mac UI: Changed 'Untracked' to 'New' and removed staged file display
- Both UIs now consistently show: New (green +), Modified (yellow ~), Deleted (red -)
- Focused on working directory changes, removed staging area counts
- Backend: Changed untracked to added in git-status.ts for consistency
- Remove redundant Unix socket notification path from SessionMonitor
- Fix Mac app to use correct /api/events endpoint (was missing /api prefix)
- Remove NotificationControlHandler as notifications now flow through SSE
- Clean up unused 'session-monitor' category from control protocol
- Simplify notification flow: Events → SessionMonitor → SSE → All clients
This eliminates duplicate code paths and makes the system more maintainable.
The git-watcher was sending incomplete git status updates via SSE,
missing the gitDeletedCount field. This caused the UI to lose the
deleted files count after receiving real-time updates.
Note: gitAddedCount is defined in the Session type but is not computed
by the git status utility and remains unused throughout the codebase.
- Extended control protocol to support session-monitor events
- Modified SessionMonitor to emit events via Unix socket to Mac app
- Removed duplicate notification logic from Mac SessionMonitor
- All notifications now flow: Server → Unix Socket → Mac NotificationControlHandler
- Respects user notification preferences on Mac side
- Single source of truth for all notification events (server-side)
This eliminates the need for SSE connection from Mac app and removes
polling-based duplicate detection, simplifying the architecture.
- Use depth: 0 to watch only immediate children instead of recursive watching
- Prevents 'too many open files' errors in large repositories
- Still detects both tracked and untracked file changes
- Combines shallow watching with periodic polling for reliability
- Move worktree toggle button inside responsive container
- Button now properly hides when compact menu is shown
- Prevents redundant display of same functionality on mobile
- Remove HTTP fallback and PID file management from socket-api-client
- Delete ServerPidManager utility class
- Add type-safe sendMessage and sendMessageWithResponse methods to VibeTunnelSocketClient
- Add MessagePayloadMap for compile-time type safety of message payloads
- Refactor SocketApiClient to use clean API instead of brittle type casting
- Remove backwards compatibility code - only emit events with MessageType enum names
- Simplify message handling and response listeners
- Update buildMessage to properly handle CONTROL_CMD messages
- Create shared git-status utility to avoid code duplication
- Update git-watcher.ts to use the shared utility
- Update sessions.ts to use the shared utility
- Remove duplicate getDetailedGitStatus implementations
- Fix import and linting issues
The shared utility provides a single source of truth for parsing git status output,
making the codebase more maintainable.
- Add VIBETUNNEL_PREFER_DERIVED_DATA environment variable to vt script
- When set, prefers VibeTunnel builds from Xcode's DerivedData
- Logs binary location, version, and build timestamp
- Falls back to /Applications if no DerivedData build found
- Add version and buildDate to StatusResponse interface
- Include version info in api-socket-server status responses
- Add comprehensive documentation in README.md
- Version info already stored in session.json (was pre-existing)
This helps developers easily test changes without installing to /Applications
- Update notification preferences test to expect enabled: false as default (matching macOS defaults)
- Add PtyManager.initialize() calls to integration tests to fix initialization errors
- Make createTestServer async to properly initialize PtyManager
- Fix formatting issues in test files
This fixes the failing tests in config-service.test.ts, worktree-workflows.test.ts,
and socket-protocol-integration.test.ts.
- Add attachedViaVT to SessionInfo interface to identify nested sessions
- Set attachedViaVT=true when VIBETUNNEL_SESSION_ID env var is present
- Add property to Swift ServerSessionInfo for API compatibility
- Allows distinguishing between direct terminal sessions and those spawned from within VibeTunnel
