* feat(server): add scoped tokens, inbox/outbox, toy UI, and auth hardening
- TokenService with file-based persistence (tokens.json)
- /tokens CRUD (host auth), /whoami (client auth)
- Bearer token auth accepting OPENWORK_TOKEN or scoped tokens
- POST /workspace/:id/inbox (multipart upload)
- GET /workspace/:id/artifacts, /workspace/:id/artifacts/:id
- Toy UI at /ui with SSE, prompt send, inbox upload, outbox download
- Extended GET /capabilities with schemaVersion, serverVersion, approvals info
- Updated README with all new endpoints and auth model
* feat(headless): add sandbox runtime with Docker and Apple container backends
- --sandbox none|auto|docker|container CLI flag
- --sandbox-image, --sandbox-persist-dir, --sandbox-mount options
- Mount security: allowlist, blocked patterns, symlink resolution
- Docker backend: workspace/persist volumes, sidecar staging, entrypoint
- Apple container backend: --mount type=bind for ro mounts
- Sandbox mode proxies all OpenCode access through openwork-server
- Proxy health check (waitForHealthyViaProxy) avoids SDK auth issues
- Sandbox-specific check suite (runSandboxChecks) for --check mode
- Non-fatal verifyOpenworkServer in sandbox mode for version mismatches
- Updated README with sandbox docs and mount security
* feat(packaging): add Docker/docker-compose PaaS packaging
- Dockerfile (node:22-bookworm-slim, installs openwrk via npm)
- docker-compose.yml with workspace and data volumes
- README with usage instructions
* fix(headless): define sandbox owpenbot internal health port
- Default WhatsApp to disabled unless creds/config enable it\n- Never print QR codes from bridge startup (printQr=false)\n- Lazy-load WhatsApp adapter to avoid Bun ws warnings when disabled\n- Add REST endpoints: GET /whatsapp/qr, GET/POST /config/whatsapp-enabled\n- Only print CLI command hints in interactive TTY mode
Avoid hard-coding 3005 so owpenbot health checks don't fail when the default port is already in use. Still supports explicit --owpenbot-health-port / OWPENBOT_HEALTH_PORT overrides.
* fix(owpenbot): make token saves fast and resilient
Persist Telegram/Slack tokens even when owpenbot is offline, bound adapter restarts to avoid long hangs, and refresh UI status with apply warnings.
* chore: update Cargo.lock
Keep desktop Cargo.lock in sync with the crate version so CI cargo --locked passes.
Keep the dashboard stable when switching workspaces by preventing implicit session navigation during connect/reconnect flows. Delay the switch overlay to avoid flashes on fast switches and reuse an existing local host when bouncing remote<->local.
Filter sidebar sessions by workspace root so local workspaces don't show identical task lists. Also start the local host engine when switching from a remote workspace back to local, and hide the session count badge to prevent header overflow.
* feat(server): expose all workspaces and support mounted baseUrl
* feat(ui): keep tasks visible across workspaces
* feat(desktop): default engine runtime to openwrk
* feat(owpenbot): route chats by directory bindings
Stop pinning OpenCode in package metadata and resolve the latest release during sidecar bundling/runtime, while still allowing OPENCODE_VERSION to pin for reproducible builds.
Images are now compressed via canvas resize (max 2048px) + JPEG transcode
(quality 0.82, target <1.5MB) before base64 encoding. Uses OffscreenCanvas
when available to avoid blocking the main thread. Adds a post-encoding size
pre-check to show an explicit error instead of silently failing.
Fixes#481
* feat(workspace): add Share modal in workspace menu
* feat(workspace): share workspace from session view
* feat(workspace): store OpenWork token per workspace
* feat(workspace): scope OpenWork sharing via /w/:id mounts
Type / at the start of an empty input to trigger a command picker popup.
Commands are fetched from the OpenCode SDK (command.list()) and displayed
with fuzzy filtering via fuzzysort. Keyboard navigation (arrows, tab,
enter, escape) works like the existing @-mention popup.
Selecting a command inserts /<name> into the editor so the user can
add arguments. On submit, text starting with / is detected and routed
through session.command() instead of session.promptAsync().
Changes:
- types.ts: add SlashCommandOption type and command field on ComposerDraft
- composer.tsx: slash detection, popup UI, keyboard nav, command selection
- session.tsx: pass listCommands prop through to Composer
- app.tsx: add listCommands(), route command drafts via session.command()
