molecule-ai/molecule-core
34
0
Fork 2
Code Issues 16 Pull Requests 2 Actions 49 Packages Projects Releases Wiki Activity
d8026347e5
molecule-core/docs/edit-history/2026-04-02.md
Hongming Wang d8026347e5 chore: open-source restructure — rename dirs, remove internal files, scrub secrets 
Renames:
- platform/ → workspace-server/ (Go module path stays as "platform" for
  external dep compat — will update after plugin module republish)
- workspace-template/ → workspace/

Removed (moved to separate repos or deleted):
- PLAN.md — internal roadmap (move to private project board)
- HANDOFF.md, AGENTS.md — one-time internal session docs
- .claude/ — gitignored entirely (local agent config)
- infra/cloudflare-worker/ → Molecule-AI/molecule-tenant-proxy
- org-templates/molecule-dev/ → standalone template repo
- .mcp-eval/ → molecule-mcp-server repo
- test-results/ — ephemeral, gitignored

Security scrubbing:
- Cloudflare account/zone/KV IDs → placeholders
- Real EC2 IPs → <EC2_IP> in all docs
- CF token prefix, Neon project ID, Fly app names → redacted
- Langfuse dev credentials → parameterized
- Personal runner username/machine name → generic

Community files:
- CONTRIBUTING.md — build, test, branch conventions
- CODE_OF_CONDUCT.md — Contributor Covenant 2.1

All Dockerfiles, CI workflows, docker-compose, railway.toml, render.yaml,
README, CLAUDE.md updated for new directory names.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-18 00:24:44 -07:00

5.8 KiB
Raw Blame History

Edit History — 2026-04-02

Summary

Added Settings tab (per-workspace LLM/API key configuration), Terminal tab (shell access into containers), Restart button for offline workspaces, editable Agent Card, and coding-agent workspace template (OpenClaw-style). Six rounds of code review fixes for security, cleanup, and robustness.

Settings Tab (LLM & API Keys)

New files:

  • canvas/src/components/tabs/SettingsTab.tsx — Quick-set rows for ANTHROPIC_API_KEY, OPENAI_API_KEY, GOOGLE_API_KEY, SERP_API_KEY, MODEL_PROVIDER. Custom env var editor. Values stored via /workspaces/:id/secrets, never exposed to browser.
  • workspace-server/internal/handlers/secrets.go — GET/POST /workspaces/:id/secrets (keys only), DELETE /workspaces/:id/secrets/:key, GET /workspaces/:id/model. UUID validation on workspace ID, BYTEA scan for future encryption compat.

Terminal Tab (Container Shell Access)

New files:

  • canvas/src/components/tabs/TerminalTab.tsx — xterm.js terminal with dark theme, WebSocket to /workspaces/:id/terminal, status bar, reconnect button, proper cleanup on unmount.
  • workspace-server/internal/handlers/terminal.go — WebSocket upgrade, Docker exec /bin/sh, bridges stdin/stdout. Restricted origins (localhost only), shared Docker client from provisioner, 30min idle timeout.

Restart Button for Offline/Failed Workspaces

  • workspace-server/internal/handlers/workspace.go — Added POST /workspaces/:id/restart. Works for offline/failed/degraded. Stops existing container, resets to provisioning, auto-finds template by normalizing workspace name.
  • canvas/src/components/tabs/DetailsTab.tsx — Green Restart/Retry button visible when workspace is offline, failed, or degraded.

Editable Agent Card

  • canvas/src/components/tabs/DetailsTab.tsx — AgentCardEditor component. Click "Edit Agent Card" → JSON textarea → Save pushes via POST /registry/update-card. Validates JSON, shows success toast.

Coding Agent Template (OpenClaw-style)

New template: workspace-configs-templates/coding-agent/

  • config.yaml — Tier 2, 4 skills, filesystem + web_search tools
  • system-prompt.md — Full-stack engineer identity
  • skills/code-generation/ — SKILL.md + file_ops.py (read_file, write_file, list_files, search_code with path traversal protection)
  • skills/shell-exec/ — SKILL.md + shell.py (run_shell with timeout, output truncation, destructive command blocklist, process kill on timeout)
  • skills/code-review/ — SKILL.md (review checklist)
  • skills/debug-assist/ — SKILL.md (debug process)

Infrastructure:

  • workspace/Dockerfile — Added /workspace volume
  • workspace-server/internal/provisioner/provisioner.go — Mount ws-{id}-workspace named volume for Tier 2+ (Tier 1 stays read-only)

A2A Error Handling Fixes

  • workspace/a2a_executor.py — Catch exceptions from agent.astream(), return as agent message. Handle Anthropic content blocks (list of dicts).
  • canvas/src/components/tabs/ChatTab.tsx — Handle JSON-RPC error responses separately from results. Show "Agent error: ..." instead of "(empty response)".
  • workspace-server/internal/handlers/workspace.go — Inject messageId into A2A proxy requests (required by a2a-sdk v0.3+).

Code Review Fixes (Rounds 4-6)

  • Round 4: Remove debug logs, guard short ID slicing, fix findConfigDir name matching, handle WriteFile errors, handle DB error in agent Move, handle json.Unmarshal error, use optional chaining in isDescendant.
  • Round 5: Restrict WebSocket origins to localhost, use request context, share Docker client, fix reconnect via connectKey, fix cleanup with refs, validate UUID, per-row saving state, add session timeout, scan BYTEA as []byte.
  • Round 6: Fix path traversal in file_ops (_resolve validates path stays within WORKSPACE_DIR), add command blocklist in shell.py, kill subprocess on timeout, return error when no template found in Restart.

SidePanel Updates

  • Expanded from 5 tabs to 7 tabs (added Settings and Terminal)
  • Widened from 420px to 480px
  • Tab bar now scrollable with overflow-x-auto
  • PanelTab type expanded: "details" | "chat" | "settings" | "terminal" | "config" | "memory" | "events"

Arbitrary Prompt Files (prompt_files support)

Problem: Different agent frameworks use different file structures — OpenClaw has SOUL.md/AGENTS.md/HEARTBEAT.md/etc, Claude Code uses CLAUDE.md, Codex uses AGENTS.md. Our runtime only supported system-prompt.md.

Solution: Added prompt_files field to config.yaml that lists which markdown files to load (in order) as the system prompt:

# OpenClaw-style
prompt_files: [SOUL.md, BOOTSTRAP.md, AGENTS.md, HEARTBEAT.md, TOOLS.md, USER.md]

# Claude Code-style
prompt_files: [CLAUDE.md]

# Default (backwards compatible — if omitted, loads system-prompt.md)

Files changed:

  • workspace/config.py — Added prompt_files field to WorkspaceConfig
  • workspace/prompt.pybuild_system_prompt() loads prompt_files in order, falls back to system-prompt.md
  • workspace/main.py — Pass config.prompt_files to build_system_prompt()

Coding agent updated to use OpenClaw-style files:

  • Renamed system-prompt.mdSOUL.md (core identity)
  • New BOOTSTRAP.md (project orientation on first task)
  • New TOOLS.md (tool usage guidelines and safety rules)
  • New AGENTS.md (multi-agent delegation protocol)
  • config.yaml updated: prompt_files: [SOUL.md, BOOTSTRAP.md, TOOLS.md, AGENTS.md]

Tested with 5 agent frameworks:

  • OpenClaw (7 files) — PASS
  • Claude Code (CLAUDE.md) — PASS
  • OpenAI Codex (AGENTS.md) — PASS
  • SEO Agent (backwards compat, no prompt_files) — PASS
  • Coding Agent (OpenClaw-style, 4 files) — PASS

Full Docker skill loading and prompt assembly tests also pass (4/4 templates, 9/9 content checks).