SuperCoder v2: local-first desktop coding agent#129
Merged
Conversation
Pure relocation, no logic changes. Move all old code (the 2024 codegen pipeline) into /v1 via git mv to preserve history, in preparation for the polyglot monorepo rewrite.
Add root .gitignore (Rust/Node/Go/Bazel), placeholder README, LICENSE, and an empty apps/ directory.
Lift the agent harness and git-ops crate into crates/, with a Cargo workspace at the root (shared release profile: LTO, panic=abort, opt-level=s).
Lift the Go gateway (OpenAI-compatible API with Anthropic, OpenAI-compat, and OpenAI-responses provider adapters) into services/gateway, with a server entrypoint that builds the router and config from environment variables. Add the root Go module and Bazel build (rules_go + gazelle).
- Rename thread_id -> session_id across persister trait and internals; make the persistence id non-optional
- Merge load_ask_context into load_context(session_id); drop also_send_to_channel
- Remove start_session tool, AgentResult::StartSession, AgentEvent::SessionStart and its yield arm
- Decouple subagents: plain UUID session_id + parent_session_id stamped in metadata; drop PersisterFactory and {parent}-sub-{uuid} naming
Agent now edits the project in place instead of a per-session git worktree. Undo is provided by an app-managed file-snapshot layer that backs up a file's prior contents before write/edit/apply_patch mutate it, keyed by (session, turn) and stored outside the project. - git-ops: replace git-ref checkpoint.rs with file-snapshot module (backup_file/restore_to/diff_turn/list/delete_from); delete worktree.rs - agent: thread checkpoint_dir/turn through ToolContext + AgentConfig; capture pre-edit backups in write/edit/apply_patch - remove worktree machinery; repurpose codebase_search overlay to always reconcile against the live working copy - rewrite prompts for the in-place model
apps/desktop/src-tauri ported from chat-desktop and rewired to crates/agent: greenfield session-keyed SQLite (v1), snapshot-checkpoint bridge, no chat/mqtt/ worktrees. cargo check clean, 18 bridge tests green. Frontend (apps/desktop/src) not included yet — adapted in the next change.
Agent crate now speaks both OpenAI chat-completions and the Anthropic Messages API natively (Provider enum + ported anthropic.rs request/SSE), so the Go gateway is removed from the app path (services/gateway deleted; Go + Bazel toolchain left dormant, go.mod/go.sum trimmed). Desktop app: multi-provider Settings (built-in OpenAI/Anthropic + add OpenAI-compatible; curated/fetched model lists; API key verified via a "hi" probe on save), global compaction/title model selection, composer model picker grouped across providers, sessions record their provider + model, LLM auto-titling from the first message, and soft session delete.
Scale the message/input/diff side gap with column width (clamp, capped at 96px) so it shrinks when the diff panel is open and the chat column narrows.
Self-contained Go service (HTTP server + asynq worker) under services/context-engine that indexes a repo and serves semantic + dependency-graph queries. - Streaming-sync ingest: /index/diff, /index/stream, /index/sync-complete (gzip NDJSON, Merkle-diffed incremental uploads, transactional outbox). - Retrieval: /search, /graph/query, /context, /index/status. - Backends: Qdrant (vectors), FalkorDB (graph), Postgres, Redis/asynq; Merkle content-addressed store persisted to local disk (flock + sha256). - Vendors the required shared config/client wrappers under internal/pkg; drops the gateway, code-review, kafka, otel, and newrelic paths. - Wires the dormant Go + Bazel toolchain (go.mod/go.sum, gazelle BUILD files, MODULE.bazel deps).
- Env var prefix SUPERAGI_ -> SUPERCODER_ (koanf loader + logger reads). - /index/diff treats workspace_id 0 as valid (local single-user mode); only the string identity fields are genuinely required.
One-command local stack for the optional context engine. - Multi-stage Dockerfile builds the server + worker (CGO for tree-sitter). - Dockerfile.migrate bundles the Atlas migrations into a one-shot runner that applies the schema before the service starts (no host mount). - compose brings up postgres, redis, qdrant, falkordb, the migrate job, and the server (:8106) + worker; server and worker share a merkle volume so incremental /index/diff sees the worker's committed tree. - .env.example + README document the embedding key and bring-up.
Adds an opt-in "Context engine" toggle that enables semantic + graph code
search backed by the local stack.
- Settings gains a toggle + editable port (default 8106), persisted as
{enabled, port}; a stable machine_id UUID is generated and stored.
- When enabled, build_agent_config attaches a ContextEngineClient so the
agent registers codebase_search / codebase_graph; off means zero calls.
- index_sync.rs streams the open repo to the engine on session start
(gitignore walk, sha256, gzip NDJSON batches, deterministic batch IDs,
status polling), once per repo per run, emitting indexing progress.
- Fix the search/graph client URLs to /api/v1/* to match the service.
Model registry & context window: - Single source-of-truth registry (default_profiles) for context windows + vision, exposed via agent_list_models; Settings picker derives from it. Verified windows (Opus/Sonnet 4.6 + GPT-5.4/5.5/4.1 = 1M, Haiku 200k, GPT-5.x = 400k, 4o = 128k); listed newest-first. - Context limit is tri-state: known/discovered shows used/max + %, unknown shows a dashed-ring token count. auto_compact gates the token trigger so unknown-window models don't auto-compact. context_limit is Option end to end. Per-session model picker: - The picker controls the OPEN session (re-pins sessions.model via agent_set_session_model) and reflects that session's model; the global selection is only the default for new sessions. Image attachments: - Vision gating from resolved capability; file-picker infers MIME so images aren't dropped. Bytes persisted to disk, rebuilt into data-URLs on load. - User bubbles render attached images with a click-to-zoom lightbox. - Edit & resend shows removable image thumbnails; can resend images-only. UI: - Shared <Markdown> (refractor highlight + copy button, mermaid, shell links); fixed crowded spacing and added heading/table/hr styles. - Responsive composer (width-tier collapse) and light/dark/system theme.
Replaces the one-shot "sync on session start" with a notify-based file watcher that keeps the index fresh as the user edits. - New context_watcher module (watcher_manager + file_watcher + streamer + ignore_filter + db): per-repo watchers with debounce/cooldown, full sync on open then incremental re-sync on change, a watched_repos table, 7-day auto-start, graceful stop on quit. Retires agent_bridge/index_sync.rs. - Local single-user identity (user_id=local, workspace_id=0, shared machine_id); no auth token. Server: re-register DELETE /api/v1/index. - Settings: connection panel (URL + Connect + live status), single toggle, indexed-repos list backed by watched_repos with live status + file-count badges and per-repo delete. - Thinking chips: clean summaries for codebase_search / codebase_graph (query / "deps of <fn>" / file path) instead of the raw tool name. - examples/ce_smoke.rs: headless harness driving the new streamer.
Pre-OSS security review remediation: - open_in_terminal (Win/Linux): set working dir via current_dir instead of interpolating the path into a shell string (command injection). - fetch_url: allow only http(s) and block loopback/private/link-local hosts (SSRF). - git-ops checkpoint restore_to: add project_root bound (is_within_root) so a tampered manifest can't write/delete outside the project (path traversal). - context-engine CORS: drop the hardcoded .superagi.com allow-suffix (dead code).
- Session sidebar: SquareCode (solid) icon for coding sessions instead of the hollow <> glyph, which was hard to scan across a list. - Settings: plainer 'Semantic search' wording and a clearer empty-repos hint.
Root-anchored /server /worker /migrations so the cmd/server, cmd/worker, and migrations source dirs are unaffected.
Rewrite README around the v2 framing (local-first, BYO-key, optional graph-aware Context Engine) and add ARCHITECTURE.md, CONTRIBUTING.md, and SECURITY.md (GitHub private vulnerability reporting). Hoist the shared Code of Conduct and PR template out of v1/ to the repo root, fill the blank CoC enforcement contact, and drop v1-specific cruft (old IDE-image CI workflow, workbench bug-report template, duplicate LICENSE).
In app mode the desktop app owns the context-engine stack lifecycle: preflight Docker, run the bundled docker-compose.dist.yaml, stream pull progress, wait for health, and stop the stack on quit. User mode (connect to a self-run backend by URL) is unchanged. Mode is resolved from SUPERCODER_CE_MODE (dev defaults to user, release to app). Settings renders by mode: the app panel adds an embedding-key field, Save & Restart, Start/Stop, live status + progress + error logs, and a Remove indexed data action. Adds tauri-plugin-single-instance so only one process owns the stack, and renames the dev compose project to supercoder-context-engine-dev.
Adds a release workflow for the desktop app, a multi-arch GHCR publish for the context-engine and migrate images (the tags app-managed mode pulls), release-drafter for notes, and a version-stamping script. Sets the app version to 0.1.0.
engine_control: pin engine images to the app version (v{CARGO_PKG_VERSION},
env override still wins); guard against concurrent start(); tear the stack
down by project name so a missing/moved compose file can't leave containers
running; cancel the health-wait promptly; surface the compose-up stderr on
failure.
Settings: disable Start/Stop during Save & Restart, load the repo list only
on the transition into running, and disable Remove-data while starting.
compose: pin qdrant (v1.17.0) and falkordb (tested digest) in both the dist
and dev stacks. CI: only push context-engine images on a release or a
dispatch with a version. set-version: fail loudly if the Cargo version line
is missing. Document the desktop security model in SECURITY.md and redraw the
architecture diagram.
release-drafter reads its config from the default branch, so it errors on PRs where the config isn't on main yet. It only needs to run after merges to update the draft, so drop the pull_request trigger.
…for real tauri::generate_context! requires frontendDist to exist at compile time, so the rust job stubs apps/desktop/dist before cargo check. The frontend job now runs npm run build (tsc + vite build) instead of tsc alone, validating the bundle.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Ground-up reimagining of SuperCoder as a local-first, open-source desktop
coding agent.
The old autonomous-dev pipeline is frozen under
v1/.What's here
crates/agent— the agent harness (loop, tools, Ask/Plan/Coding modes,subagents, skills; native OpenAI + Anthropic, BYO key)
crates/git-ops— in-place checkpoints / diff / restoreapps/desktop— Tauri 2 + React app (the harness's reference adapter)services/context-engine— optional graph-aware code retrieval(PR checks + release/image-publish workflows)
Two ways to run
Ask/Plan/Coding, checkpoints/rewind. No services required.
so the agent navigates large codebases structurally (
codebase_search/codebase_graph), not just by embeddings.Context Engine — app-managed
The app owns the engine's lifecycle: on enable it pulls the published, versioned
images and runs the Docker stack (postgres + redis + qdrant + falkordb + server
stack down on quit. The app pins images to its own version, so an installed
vX.Y.Zapp pulls the matching engine. Ausermode (connect to a self-runbackend by URL) is also supported.
Notes
LLM provider you configure.
publish on Publish.