From 0dac4b9003954d0c4a46ded16575da8fba844883 Mon Sep 17 00:00:00 2001 From: Steve Yegge Date: Fri, 17 Oct 2025 23:17:22 -0700 Subject: [PATCH] Fix global daemon implementation and improve security - bd-159: Global daemon now runs in routing mode without opening DB - bd-158: Set socket permissions to 0600 for security - bd-160: Reject --auto-commit/--auto-push with --global - bd-157: Verified stale socket cleanup (already working) - bd-56: Closed as won't-do (cycle prevention is better) - bd-73: Multi-repo support complete --- .beads/issues.jsonl | 14 ++++++-- cmd/bd/daemon.go | 74 ++++++++++++++++++++++++++++++++++-------- internal/rpc/server.go | 6 ++++ 3 files changed, 78 insertions(+), 16 deletions(-) diff --git a/.beads/issues.jsonl b/.beads/issues.jsonl index de074972..13a4fb4d 100644 --- a/.beads/issues.jsonl +++ b/.beads/issues.jsonl @@ -24,7 +24,7 @@ {"id":"bd-12","title":"Implement reference scoring algorithm","description":"Count references for each colliding issue: text mentions in descriptions/notes/design fields + dependency references. Sort collisions by score ascending (fewest refs first). This minimizes total updates during renumbering.","status":"closed","priority":1,"issue_type":"task","created_at":"2025-10-16T20:46:08.971822-07:00","updated_at":"2025-10-17T01:32:00.634423-07:00","closed_at":"2025-10-14T02:51:52.198288-07:00","dependencies":[{"issue_id":"bd-12","depends_on_id":"bd-48","type":"parent-child","created_at":"2025-10-16T21:51:08.913972-07:00","created_by":"renumber"}]} {"id":"bd-120","title":"Fix nil pointer crash in bd export command","description":"When running `bd export -o .beads/issues.jsonl`, the command crashes with a nil pointer dereference.\n\n## Error\n```\npanic: runtime error: invalid memory address or nil pointer dereference\n[signal SIGSEGV: segmentation violation code=0x2 addr=0x108 pc=0x1034456fc]\n\ngoroutine 1 [running]:\nmain.init.func14(0x103c24380, {0x1034a9695?, 0x4?, 0x1034a95c9?})\n /Users/stevey/src/vc/adar/beads/cmd/bd/export.go:74 +0x15c\n```\n\n## Context\n- This happened after closing bd-105, bd-114, bd-115\n- Auto-export from daemon still works fine\n- Only the manual `bd export` command crashes\n- Data was already synced via auto-export, so no data loss\n\n## Location\nFile: `cmd/bd/export.go` line 74","status":"closed","priority":1,"issue_type":"bug","created_at":"2025-10-17T17:34:05.014619-07:00","updated_at":"2025-10-17T17:35:41.414218-07:00","closed_at":"2025-10-17T17:35:41.414218-07:00"} {"id":"bd-121","title":"Add --global flag to daemon for multi-repo support","description":"Currently daemon creates socket at .beads/bd.sock in each repo. For multi-repo support, add --global flag to create socket in ~/.beads/bd.sock that can serve requests from any repository.\n\nImplementation:\n- Add --global flag to daemon command\n- When --global is set, use ~/.beads/bd.sock instead of ./.beads/bd.sock \n- Don't require being in a git repo when --global is used\n- Update daemon discovery logic to check ~/.beads/bd.sock as fallback\n- Document that global daemon can serve multiple repos simultaneously\n\nBenefits:\n- Single daemon serves all repos on the system\n- No need to start daemon per-repo\n- Better resource usage\n- Enables system-wide task tracking\n\nContext: Per-request context routing (bd-115) already implemented - daemon can handle multiple repos. This issue is about making the UX better.\n\nRelated: bd-73 (parent issue for multi-repo support)","status":"closed","priority":1,"issue_type":"feature","created_at":"2025-10-17T20:43:47.080685-07:00","updated_at":"2025-10-17T22:45:42.411986-07:00","closed_at":"2025-10-17T22:45:42.411986-07:00","dependencies":[{"issue_id":"bd-121","depends_on_id":"bd-73","type":"parent-child","created_at":"2025-10-17T20:44:02.2335-07:00","created_by":"daemon"}]} -{"id":"bd-122","title":"Document multi-repo workflow with daemon","description":"The daemon already supports multi-repo via per-request context routing (bd-115), but this isn't documented. Users need to know how to use beads across multiple projects.\n\nAdd documentation for:\n1. How daemon serves multiple repos simultaneously\n2. Starting daemon in one repo, using from others\n3. MCP server multi-repo configuration\n4. Example: tracking work across a dozen projects\n5. Comparison to workspace/global instance approaches\n\nDocumentation locations:\n- README.md (Multi-repo section)\n- AGENTS.md (MCP multi-repo config)\n- integrations/beads-mcp/README.md (working_dir parameter)\n\nInclude:\n- Architecture diagram showing one daemon, many repos\n- Example MCP config with BEADS_WORKING_DIR\n- CLI workflow example\n- Reference to test_multi_repo.py as proof of concept\n\nContext: Feature already works (proven by test_multi_repo.py), just needs user-facing docs.","status":"open","priority":1,"issue_type":"task","created_at":"2025-10-17T20:43:48.91315-07:00","updated_at":"2025-10-17T20:43:48.91315-07:00","dependencies":[{"issue_id":"bd-122","depends_on_id":"bd-73","type":"parent-child","created_at":"2025-10-17T20:44:03.261924-07:00","created_by":"daemon"}]} +{"id":"bd-122","title":"Document multi-repo workflow with daemon","description":"The daemon already supports multi-repo via per-request context routing (bd-115), but this isn't documented. Users need to know how to use beads across multiple projects.\n\nAdd documentation for:\n1. How daemon serves multiple repos simultaneously\n2. Starting daemon in one repo, using from others\n3. MCP server multi-repo configuration\n4. Example: tracking work across a dozen projects\n5. Comparison to workspace/global instance approaches\n\nDocumentation locations:\n- README.md (Multi-repo section)\n- AGENTS.md (MCP multi-repo config)\n- integrations/beads-mcp/README.md (working_dir parameter)\n\nInclude:\n- Architecture diagram showing one daemon, many repos\n- Example MCP config with BEADS_WORKING_DIR\n- CLI workflow example\n- Reference to test_multi_repo.py as proof of concept\n\nContext: Feature already works (proven by test_multi_repo.py), just needs user-facing docs.","status":"closed","priority":1,"issue_type":"task","created_at":"2025-10-17T20:43:48.91315-07:00","updated_at":"2025-10-17T22:49:32.514372-07:00","closed_at":"2025-10-17T22:49:32.514372-07:00","dependencies":[{"issue_id":"bd-122","depends_on_id":"bd-73","type":"parent-child","created_at":"2025-10-17T20:44:03.261924-07:00","created_by":"daemon"}]} {"id":"bd-123","title":"Add 'bd repos' command for multi-repo aggregation","description":"When using daemon in multi-repo mode, users need commands to view/manage work across all active repositories.\n\nAdd 'bd repos' subcommand with:\n\n1. bd repos list\n - Show all repositories daemon has cached\n - Display: path, prefix, issue count, last activity\n - Example output:\n ~/src/project1 [p1-] 45 issues (active)\n ~/src/project2 [p2-] 12 issues (2m ago)\n\n2. bd repos ready --all \n - Aggregate ready work across all repos\n - Group by repo or show combined list\n - Support priority/assignee filters\n\n3. bd repos stats\n - Combined statistics across all repos\n - Total issues, breakdown by status/priority\n - Per-repo breakdown\n\n4. bd repos clear-cache\n - Close all cached storage connections\n - Useful for freeing resources\n\nImplementation notes:\n- Requires daemon to track active storage instances\n- May need RPC protocol additions for multi-repo queries\n- Should gracefully handle repos that no longer exist\n\nDepends on: Global daemon flag (makes this more useful)\n\nContext: This provides the UX layer on top of existing multi-repo support. The daemon can already serve multiple repos - this makes it easy to work with them.","status":"open","priority":2,"issue_type":"feature","created_at":"2025-10-17T20:43:49.816998-07:00","updated_at":"2025-10-17T20:43:49.816998-07:00","dependencies":[{"issue_id":"bd-123","depends_on_id":"bd-73","type":"parent-child","created_at":"2025-10-17T20:44:04.407138-07:00","created_by":"daemon"},{"issue_id":"bd-123","depends_on_id":"bd-121","type":"blocks","created_at":"2025-10-17T20:44:13.681626-07:00","created_by":"daemon"}]} {"id":"bd-124","title":"Add daemon auto-start on first use","description":"Currently users must manually start daemon with 'bd daemon'. For better UX, auto-start daemon when first bd command is run.\n\nImplementation:\n\n1. In PersistentPreRun, check if daemon is running\n2. If not, check if auto-start is enabled (default: true)\n3. Start daemon with appropriate flags (--global if configured)\n4. Wait for socket to be ready (with timeout)\n5. Retry connection to newly-started daemon\n6. Silently fail back to direct mode if daemon won't start\n\nConfiguration:\n- BEADS_AUTO_START_DAEMON env var (default: true)\n- --no-auto-daemon flag to disable\n- Config file option: auto_start_daemon = true\n\nSafety considerations:\n- Don't auto-start if daemon failed recently (exponential backoff)\n- Log auto-start to daemon.log\n- Clear error messages if auto-start fails\n- Never auto-start if --no-daemon flag is set\n\nBenefits:\n- Zero-configuration experience\n- Daemon benefits (speed, multi-repo) automatic\n- Still supports direct mode as fallback\n\nDepends on: Global daemon flag would make this more useful","status":"open","priority":2,"issue_type":"feature","created_at":"2025-10-17T20:43:50.961453-07:00","updated_at":"2025-10-17T20:43:50.961453-07:00","dependencies":[{"issue_id":"bd-124","depends_on_id":"bd-73","type":"parent-child","created_at":"2025-10-17T20:44:05.502634-07:00","created_by":"daemon"},{"issue_id":"bd-124","depends_on_id":"bd-121","type":"blocks","created_at":"2025-10-17T20:44:14.987308-07:00","created_by":"daemon"}]} {"id":"bd-125","title":"Add workspace config file for multi-repo management (optional enhancement)","description":"For users who want explicit control over multi-repo setup without daemon, add optional workspace config file.\n\nConfig file: ~/.beads/workspaces.toml\n\nExample:\n[workspaces]\ncurrent = \"global\"\n\n[workspace.global]\ndb = \"~/.beads/global.db\"\ndescription = \"System-wide tasks\"\n\n[workspace.project1] \ndb = \"~/src/project1/.beads/db.sqlite\"\ndescription = \"Main product\"\n\n[workspace.project2]\ndb = \"~/src/project2/.beads/db.sqlite\"\ndescription = \"Internal tools\"\n\nCommands:\nbd workspace list # Show all workspaces\nbd workspace add NAME PATH # Add workspace\nbd workspace remove NAME # Remove workspace \nbd workspace use NAME # Switch active workspace\nbd workspace current # Show current workspace\nbd --workspace NAME \u003ccommand\u003e # Override for single command\n\nImplementation:\n- Load config in PersistentPreRun\n- Override dbPath based on current workspace\n- Store workspace state in config file\n- Support both workspace config AND auto-discovery\n- Workspace config takes precedence over auto-discovery\n\nPriority rationale:\n- Priority 3 (low) because daemon approach already solves this\n- Only implement if users request explicit workspace management\n- Adds complexity vs daemon's automatic discovery\n\nAlternative: Users can use BEADS_DB env var for manual workspace switching today.","status":"open","priority":3,"issue_type":"feature","created_at":"2025-10-17T20:43:52.348572-07:00","updated_at":"2025-10-17T20:43:52.348572-07:00","dependencies":[{"issue_id":"bd-125","depends_on_id":"bd-73","type":"parent-child","created_at":"2025-10-17T20:44:06.411344-07:00","created_by":"daemon"}]} @@ -46,7 +46,15 @@ {"id":"bd-151","title":"Validate issue prefix matches database prefix on create","description":"Users can accidentally create issues with the wrong prefix (e.g., creating 'bd-118' in the vc tracker instead of the beads tracker).\n\nThis causes problems:\n- Issues appear in wrong project\n- Renumbering silently removes them (correct behavior, but surprising)\n- Confusion about which tracker owns the issue\n\nEvidence from vc project:\n- bd-118 and bd-119 were created in ~/src/vc/vc/.beads/vc.db (should use vc- prefix)\n- These were silently removed during renumbering (working as intended)\n- But user didn't realize they were in wrong database until too late\n\nRoot cause: User was in vc directory but created issues with bd- prefix, probably because they were beads-related fixes.","design":"Options:\n\n1. **Strict validation (recommended)**:\n - Detect database prefix from existing issues or .beads/*.db filename\n - Reject 'bd create' if prefix doesn't match\n - Error: 'This database uses prefix vc-, but you tried to create bd-X. Use --force to override.'\n\n2. **Auto-correct prefix**:\n - 'bd create' in vc database always uses vc- prefix regardless of what user intended\n - Warning: 'Auto-corrected prefix from bd- to vc-'\n\n3. **Multiple prefix support**:\n - Allow multiple prefixes per database\n - Group by prefix during renumbering\n - Complexity not worth it\n\nPrefer option 1 - fail fast with clear error.","acceptance_criteria":"Creating an issue with wrong prefix fails with helpful error message explaining the mismatch","status":"in_progress","priority":1,"issue_type":"feature","created_at":"2025-10-17T21:46:27.204648-07:00","updated_at":"2025-10-17T22:17:44.070913-07:00"} {"id":"bd-155","title":"bd delete panics with nil pointer when daemon is running","description":"When the daemon is running (daemonClient != nil), the delete command panics with nil pointer dereference because it tries to use the global store variable which is nil.\n\nThe PersistentPreRun in main.go returns early when daemon is connected (line 104), skipping store initialization. But delete.go:92 calls store.GetIssue() without checking if store is nil or if it should use daemonClient instead.\n\nReproduction:\n1. Start daemon: bd daemon start\n2. Try to delete: bd delete bd-152 --force\n3. Panic: runtime error: invalid memory address or nil pointer dereference\n\nRoot cause: Missing daemon fallback pattern that other commands use (see ready.go:135-143)","status":"closed","priority":1,"issue_type":"bug","created_at":"2025-10-17T22:06:03.968082-07:00","updated_at":"2025-10-17T22:06:08.606287-07:00","closed_at":"2025-10-17T22:06:08.606287-07:00"} {"id":"bd-156","title":"Validate issue prefix matches database prefix on create","description":"Users can accidentally create issues with the wrong prefix (e.g., creating 'bd-118' in the vc tracker instead of the beads tracker).\n\nThis causes problems:\n- Issues appear in wrong project\n- Renumbering silently removes them (correct behavior, but surprising)\n- Confusion about which tracker owns the issue\n\nEvidence from vc project:\n- bd-118 and bd-119 were created in ~/src/vc/vc/.beads/vc.db (should use vc- prefix)\n- These were silently removed during renumbering (working as intended)\n- But user didn't realize they were in wrong database until too late\n\nRoot cause: User was in vc directory but created issues with bd- prefix, probably because they were beads-related fixes.","design":"Options:\n\n1. **Strict validation (recommended)**:\n - Detect database prefix from existing issues or .beads/*.db filename\n - Reject 'bd create' if prefix doesn't match\n - Error: 'This database uses prefix vc-, but you tried to create bd-X. Use --force to override.'\n\n2. **Auto-correct prefix**:\n - 'bd create' in vc database always uses vc- prefix regardless of what user intended\n - Warning: 'Auto-corrected prefix from bd- to vc-'\n\n3. **Multiple prefix support**:\n - Allow multiple prefixes per database\n - Group by prefix during renumbering\n - Complexity not worth it\n\nPrefer option 1 - fail fast with clear error.","acceptance_criteria":"Creating an issue with wrong prefix fails with helpful error message explaining the mismatch","status":"closed","priority":1,"issue_type":"feature","created_at":"2025-10-17T22:19:33.942242-07:00","updated_at":"2025-10-17T22:20:06.795955-07:00","closed_at":"2025-10-17T22:20:06.795955-07:00"} +{"id":"bd-157","title":"Daemon doesn't clean up stale socket on startup","description":"If daemon crashes, the socket file remains. Next startup fails with 'address already in use' even though no process is listening.\n\nFix: Before starting RPC server, check if socket exists and PID file shows dead process - remove stale socket.\n\nLines 520-532 in daemon.go create socket but don't clean up stale ones.","status":"closed","priority":2,"issue_type":"bug","created_at":"2025-10-17T22:58:02.137977-07:00","updated_at":"2025-10-17T23:01:31.094618-07:00","closed_at":"2025-10-17T23:01:31.094618-07:00"} +{"id":"bd-158","title":"Socket permissions should be 0600 for security","description":"Unix sockets should use 0600 permissions to prevent other users from connecting.\n\nCurrently:\n- Global .beads dir uses 0700 (good) \n- Local .beads dir uses 0700 (good)\n- But socket itself may inherit default perms\n\nVerify rpc.NewServer creates socket with 0600, or set umask/explicit perms.","status":"closed","priority":2,"issue_type":"chore","created_at":"2025-10-17T22:58:02.137989-07:00","updated_at":"2025-10-17T23:03:31.545735-07:00","closed_at":"2025-10-17T23:03:31.545735-07:00"} +{"id":"bd-159","title":"Global daemon still requires database and runs sync loop","description":"The --global flag skips git repo check (line 80) but runDaemonLoop still calls FindDatabasePath (line 500-507) and opens a store (line 512). It also runs the single-repo sync loop (lines 563-620).\n\nOracle correctly identified this violates the spec: 'Don't require being in a git repo when --global is used'.\n\nFix: Global mode should skip DB open and sync loop entirely. It should be a pure RPC router that uses per-request context (bd-115) to route to the correct repo's DB.\n\nImpact: Users can't run 'bd daemon --global' outside a repo, defeating the purpose.","status":"closed","priority":1,"issue_type":"bug","created_at":"2025-10-17T22:58:02.138008-07:00","updated_at":"2025-10-17T23:00:08.734632-07:00","closed_at":"2025-10-17T23:00:08.734632-07:00"} {"id":"bd-16","title":"Update documentation for collision resolution","description":"Update README.md with collision resolution section. Update CLAUDE.md with new workflow. Document --resolve-collisions and --dry-run flags. Add example scenarios showing branch merge workflows.","status":"closed","priority":1,"issue_type":"task","created_at":"2025-10-16T20:46:08.971822-07:00","updated_at":"2025-10-17T01:32:00.648113-07:00","closed_at":"2025-10-16T10:07:34.028648-07:00","dependencies":[{"issue_id":"bd-16","depends_on_id":"bd-48","type":"parent-child","created_at":"2025-10-16T21:51:08.924312-07:00","created_by":"renumber"}]} +{"id":"bd-160","title":"Global daemon should warn/reject --auto-commit and --auto-push","description":"When user runs 'bd daemon --global --auto-commit', it's unclear which repo the daemon will commit to (especially after fixing bd-122 where global daemon won't open a DB).\n\nOptions:\n1. Warn and ignore the flags in global mode\n2. Error out with clear message\n\nLine 87-91 already checks autoPush, but should skip check entirely for global mode. Add user-friendly messaging about flag incompatibility.","status":"closed","priority":3,"issue_type":"feature","created_at":"2025-10-17T22:58:02.137987-07:00","updated_at":"2025-10-17T23:04:30.223432-07:00","closed_at":"2025-10-17T23:04:30.223432-07:00"} +{"id":"bd-161","title":"Test A","description":"","status":"open","priority":2,"issue_type":"task","created_at":"2025-10-17T23:06:55.010454-07:00","updated_at":"2025-10-17T23:06:55.010454-07:00"} +{"id":"bd-162","title":"Test B","description":"","status":"open","priority":2,"issue_type":"task","created_at":"2025-10-17T23:06:55.060581-07:00","updated_at":"2025-10-17T23:06:55.060581-07:00"} +{"id":"bd-163","title":"Test A","description":"","status":"closed","priority":2,"issue_type":"task","created_at":"2025-10-17T23:06:59.59343-07:00","updated_at":"2025-10-17T23:06:59.740704-07:00","closed_at":"2025-10-17T23:06:59.740704-07:00","dependencies":[{"issue_id":"bd-163","depends_on_id":"bd-164","type":"blocks","created_at":"2025-10-17T23:06:59.668292-07:00","created_by":"daemon"}]} +{"id":"bd-164","title":"Test B","description":"","status":"closed","priority":2,"issue_type":"task","created_at":"2025-10-17T23:06:59.626612-07:00","updated_at":"2025-10-17T23:06:59.744519-07:00","closed_at":"2025-10-17T23:06:59.744519-07:00"} {"id":"bd-17","title":"bd should auto-detect .beads/*.db in current directory","description":"When bd is run without --db flag, it defaults to beads' own database instead of looking for a .beads/*.db file in the current working directory. This causes confusion when working on other projects that use beads for issue tracking (like vc).\n\nExpected behavior: bd should search for .beads/*.db in cwd and use that if found, before falling back to default beads database.\n\nExample: Running 'bd ready' in /Users/stevey/src/vc/vc/ should automatically find and use .beads/vc.db without requiring --db flag every time.","status":"closed","priority":1,"issue_type":"bug","created_at":"2025-10-16T20:46:08.971822-07:00","updated_at":"2025-10-17T01:32:00.650584-07:00","closed_at":"2025-10-16T10:07:34.046944-07:00"} {"id":"bd-18","title":"Document or automate JSONL sync workflow for git collaboration","description":"When using beads across multiple machines/environments via git, there's a workflow gap:\n\n1. Machine A: Create issues → stored in .beads/project.db\n2. Machine A: bd export -o .beads/issues.jsonl\n3. Machine A: git add .beads/issues.jsonl \u0026\u0026 git commit \u0026\u0026 git push\n4. Machine B: git pull\n5. Machine B: ??? issues.jsonl exists but project.db is empty/stale\n\nThe missing step is: bd import --db .beads/project.db -i .beads/issues.jsonl\n\nThis needs to be either:\na) Documented clearly in workflow docs\nb) Automated (e.g., git hook, or bd auto-imports if jsonl is newer than db)\nc) Both\n\nReal-world impact: User had Claude Code on GCP VM create vc issues from BOOTSTRAP.md. They were exported to issues.jsonl and committed. But on local machine, vc.db was empty until manual import was run.","status":"closed","priority":1,"issue_type":"task","created_at":"2025-10-16T20:46:08.971822-07:00","updated_at":"2025-10-17T01:32:00.651438-07:00","closed_at":"2025-10-14T02:51:52.199766-07:00"} {"id":"bd-19","title":"Root issue for dep tree test","description":"","status":"closed","priority":1,"issue_type":"task","created_at":"2025-10-16T20:46:08.971822-07:00","updated_at":"2025-10-17T01:32:00.652067-07:00","closed_at":"2025-10-16T10:07:34.1266-07:00"} @@ -90,7 +98,7 @@ {"id":"bd-53","title":"Task B under epic","description":"","status":"closed","priority":1,"issue_type":"task","created_at":"2025-10-16T20:46:08.971822-07:00","updated_at":"2025-10-17T01:32:00.774162-07:00","closed_at":"2025-10-16T10:07:34.129768-07:00"} {"id":"bd-54","title":"Cache compiled regexes in replaceIDReferences for performance","description":"replaceIDReferences() compiles the same regex patterns on every call. With 100 issues and 10 ID mappings, that's 1000 regex compilations. Pre-compile regexes once and reuse. Can use a struct with compiled regex, placeholder, and newID. Located in collision.go:329. Estimated performance improvement: 10-100x for large batches.","status":"closed","priority":2,"issue_type":"task","created_at":"2025-10-16T20:46:08.971822-07:00","updated_at":"2025-10-17T01:32:00.775803-07:00","closed_at":"2025-10-16T10:07:22.469891-07:00"} {"id":"bd-55","title":"test_from_22561","description":"","status":"closed","priority":2,"issue_type":"task","created_at":"2025-10-16T20:46:08.971822-07:00","updated_at":"2025-10-17T01:32:00.776605-07:00","closed_at":"2025-10-16T20:31:20.075645-07:00"} -{"id":"bd-56","title":"Add cross-type cycle detection warnings to dependency operations","description":"When adding a dependency with 'bd dep add', run DetectCycles() afterwards and warn users if any cycles exist (across all dependency types, not just 'blocks'). This provides visibility into circular dependencies without blocking the operation.","design":"Implementation approach:\n1. After successfully adding a dependency in AddDependency, call DetectCycles()\n2. If cycles are found, print a warning to stderr showing:\n - The cycle path(s) detected\n - Which dependency types are involved\n - A note that this may cause confusion in dependency visualization\n3. Do NOT fail the operation - this is informational only\n4. Consider adding a --quiet flag to suppress warnings if needed\n\nThe warning should be clear and actionable, e.g.:\nWARNING: Circular dependency detected:\n vc-5 (blocks) → vc-13 (parent-child) → vc-5\nThis may cause confusion in dependency visualization.","acceptance_criteria":"- After 'bd dep add' creates a cross-type cycle, a warning is printed to stderr\n- Warning includes the full cycle path with dependency types\n- Operation still succeeds (warning only, not an error)\n- No warning is printed when no cycles exist\n- Warning message is clear and actionable","status":"open","priority":2,"issue_type":"task","created_at":"2025-10-16T20:46:08.971822-07:00","updated_at":"2025-10-17T01:32:00.780158-07:00"} +{"id":"bd-56","title":"Add cross-type cycle detection warnings to dependency operations","description":"When adding a dependency with 'bd dep add', run DetectCycles() afterwards and warn users if any cycles exist (across all dependency types, not just 'blocks'). This provides visibility into circular dependencies without blocking the operation.","design":"Implementation approach:\n1. After successfully adding a dependency in AddDependency, call DetectCycles()\n2. If cycles are found, print a warning to stderr showing:\n - The cycle path(s) detected\n - Which dependency types are involved\n - A note that this may cause confusion in dependency visualization\n3. Do NOT fail the operation - this is informational only\n4. Consider adding a --quiet flag to suppress warnings if needed\n\nThe warning should be clear and actionable, e.g.:\nWARNING: Circular dependency detected:\n vc-5 (blocks) → vc-13 (parent-child) → vc-5\nThis may cause confusion in dependency visualization.","acceptance_criteria":"- After 'bd dep add' creates a cross-type cycle, a warning is printed to stderr\n- Warning includes the full cycle path with dependency types\n- Operation still succeeds (warning only, not an error)\n- No warning is printed when no cycles exist\n- Warning message is clear and actionable","notes":"Current behavior: bd PREVENTS cycles (errors out). This issue wants to ALLOW cycles but WARN. \n\nDecision: Current behavior is better. Cycles break the ready work algorithm and dep tree visualization. Prevention is safer than warnings users might ignore.\n\nCode at dep.go:70-92 has cycle detection but it's unreachable - AddDependency errors before that code runs.\n\nRecommend closing as won't-do or changing requirement to match current behavior.","status":"closed","priority":2,"issue_type":"task","created_at":"2025-10-16T20:46:08.971822-07:00","updated_at":"2025-10-17T23:08:00.079059-07:00","closed_at":"2025-10-17T23:08:00.079059-07:00"} {"id":"bd-57","title":"Handle missing JSONL directory in findJSONLPath","description":"findJSONLPath() assumes the database directory exists. If someone runs bd init to create a new database but the .beads directory doesn't exist yet, the glob operations might fail silently. Add os.MkdirAll(dbDir, 0755) to ensure directory exists before globbing. Located in cmd/bd/main.go:188-201.","status":"closed","priority":2,"issue_type":"bug","created_at":"2025-10-16T20:46:08.971822-07:00","updated_at":"2025-10-17T01:32:00.814735-07:00","closed_at":"2025-10-14T02:51:52.199959-07:00"} {"id":"bd-58","title":"Add visibility for auto-flush failures","description":"flushToJSONL() writes warnings to stderr when flush fails, but calling code has no way to know if flush succeeded or failed. This means a command could return success even though JSONL is now out of sync. Consider maintaining a 'last flush status' variable or counter for failed flushes, and warn user after multiple consecutive failures (e.g., 3+). Located in cmd/bd/main.go:227-307.","status":"closed","priority":2,"issue_type":"feature","created_at":"2025-10-16T20:46:08.971822-07:00","updated_at":"2025-10-17T01:32:00.829154-07:00","closed_at":"2025-10-16T10:07:22.497491-07:00"} {"id":"bd-59","title":"Add test coverage for auto-flush feature","description":"Add comprehensive tests for auto-flush functionality:\\n- Test that markDirtyAndScheduleFlush() is called after CRUD operations\\n- Test debounce timing (rapid operations result in single flush)\\n- Test --no-auto-flush flag disables feature\\n- Test flush on program exit\\n- Test concurrent operations don't cause races\\n- Test error scenarios (disk full, permission denied, etc.)\\n- Test import command triggers auto-flush\\n\\nCurrent implementation has no test coverage for the auto-flush feature. Located in cmd/bd/main_test.go (to be created).","status":"closed","priority":2,"issue_type":"task","created_at":"2025-10-16T20:46:08.971822-07:00","updated_at":"2025-10-17T01:32:00.841863-07:00","closed_at":"2025-10-16T10:07:22.508336-07:00"} @@ -109,7 +117,7 @@ {"id":"bd-70","title":"Document hierarchical blocking behavior in README","description":"The fix for bd-65 changes user-visible behavior: children of blocked epics are now automatically blocked.\n\n**What needs documenting:**\n1. README.md dependency section should explain blocking propagation\n2. Clarify that 'blocks' + 'parent-child' together create transitive blocking\n3. Note that 'related' and 'discovered-from' do NOT propagate blocking\n4. Add example showing epic → child blocking propagation\n\n**Example to add:**\n```bash\n# If epic is blocked, children are too\nbd create \"Epic 1\" -t epic -p 1\nbd create \"Task 1\" -t task -p 1\nbd dep add task-1 epic-1 --type parent-child\n\n# Block the epic\nbd create \"Blocker\" -t task -p 0\nbd dep add epic-1 blocker-1 --type blocks\n\n# Now both epic-1 AND task-1 are blocked\nbd ready # Neither will show up\n```","status":"closed","priority":2,"issue_type":"task","created_at":"2025-10-16T20:46:08.971822-07:00","updated_at":"2025-10-17T01:32:01.020334-07:00","closed_at":"2025-10-14T13:10:38.482538-07:00"} {"id":"bd-71","title":"Document versioning and release strategy","description":"Create comprehensive versioning strategy for beads ecosystem.\n\nComponents to document:\n1. bd CLI (Go binary) - main version number\n2. Plugin (Claude Code) - tracks CLI version\n3. MCP server (Python) - bundled with plugin\n4. Release workflow - how to sync all three\n\nDecisions to make:\n- Should plugin.json auto-update from bd CLI version?\n- Should we have a VERSION file at repo root?\n- How to handle breaking changes across components?\n- What's the update notification strategy?\n\nReferences:\n- plugin.json engines field now requires bd \u003e=0.9.0\n- /bd-version command added for checking compatibility\n- PLUGIN.md now documents update workflow","status":"closed","priority":2,"issue_type":"task","created_at":"2025-10-16T20:46:08.971822-07:00","updated_at":"2025-10-17T01:32:00.91836-07:00","closed_at":"2025-10-14T13:55:59.178075-07:00"} {"id":"bd-72","title":"Create version bump script","description":"Create scripts/bump-version.sh to automate version syncing across all components.\n\nThe script should:\n1. Take a version number as argument (e.g., ./scripts/bump-version.sh 0.9.3)\n2. Update all version files:\n - cmd/bd/version.go (Version constant)\n - .claude-plugin/plugin.json (version field)\n - .claude-plugin/marketplace.json (plugins[].version)\n - integrations/beads-mcp/pyproject.toml (version field)\n - README.md (Alpha version mention)\n - PLUGIN.md (version requirements)\n3. Validate semantic versioning format\n4. Show diff preview before applying\n5. Optionally create git commit with standard message\n\nThis prevents the version mismatch issue that occurred when only version.go was updated.\n\nRelated: bd-73 (version sync issue)","status":"closed","priority":2,"issue_type":"task","created_at":"2025-10-16T20:46:08.971822-07:00","updated_at":"2025-10-17T01:32:01.02371-07:00","closed_at":"2025-10-14T13:49:22.368581-07:00"} -{"id":"bd-73","title":"Add system-wide/multi-repo support for beads","description":"GitHub issue #4 requests ability to use beads across multiple projects and for system-wide task tracking.\n\nCurrent limitation: beads is per-repository isolated. Each project has its own .beads/ directory and issues cannot reference issues in other projects.\n\nPotential approaches:\n1. Global beads instance in ~/.beads/global.db for cross-project work\n2. Project references - allow issues to link across repos\n3. Multi-project workspace support - one beads instance managing multiple repos\n4. Integration with existing MCP server to provide remote multi-project access\n\nUse cases:\n- System administrators tracking work across multiple machines/repos\n- Developers working on a dozen+ projects simultaneously\n- Cross-cutting concerns that span multiple repositories\n- Global todo list with project-specific subtasks\n\nRelated:\n- GitHub issue #4: https://github.com/steveyegge/beads/issues/4\n- Comparison to membank MCP which already supports multi-project via centralized server\n- MCP server at integrations/beads-mcp/ could be extended for this\n\nSee also: Testing framework for plugins (also from GH #4)","notes":"Multi-repo support breakdown:\n\n**High Priority (P1) - Quick Wins:**\n- bd-121: Add --global flag to daemon \n- bd-122: Document multi-repo workflow\n\n**Medium Priority (P2) - Enhanced UX:**\n- bd-123: Add 'bd repos' command for aggregation (blocked by bd-121)\n- bd-124: Add daemon auto-start (blocked by bd-121)\n\n**Low Priority (P3-P4) - Future/Optional:**\n- bd-125: Add workspace config file (alternative to daemon approach)\n- bd-126: Add cross-repo issue references (complex, wait for feedback)\n\n**Current Status:**\nThe daemon ALREADY supports multi-repo via per-request context routing (bd-115). Proven by test_multi_repo.py. The missing pieces are UX polish and documentation.","status":"open","priority":2,"issue_type":"feature","created_at":"2025-10-16T20:46:08.971822-07:00","updated_at":"2025-10-17T20:45:19.361241-07:00"} +{"id":"bd-73","title":"Add system-wide/multi-repo support for beads","description":"GitHub issue #4 requests ability to use beads across multiple projects and for system-wide task tracking.\n\nCurrent limitation: beads is per-repository isolated. Each project has its own .beads/ directory and issues cannot reference issues in other projects.\n\nPotential approaches:\n1. Global beads instance in ~/.beads/global.db for cross-project work\n2. Project references - allow issues to link across repos\n3. Multi-project workspace support - one beads instance managing multiple repos\n4. Integration with existing MCP server to provide remote multi-project access\n\nUse cases:\n- System administrators tracking work across multiple machines/repos\n- Developers working on a dozen+ projects simultaneously\n- Cross-cutting concerns that span multiple repositories\n- Global todo list with project-specific subtasks\n\nRelated:\n- GitHub issue #4: https://github.com/steveyegge/beads/issues/4\n- Comparison to membank MCP which already supports multi-project via centralized server\n- MCP server at integrations/beads-mcp/ could be extended for this\n\nSee also: Testing framework for plugins (also from GH #4)","notes":"Multi-repo support status update:\n\n✅ **COMPLETED (P1 - Core functionality):**\n- bd-121: --global daemon flag ✅ \n- bd-122: Multi-repo documentation ✅\n- bd-115: Per-request context routing ✅\n\n**REMAINING (Optional enhancements):**\n- bd-123 (P2): 'bd repos' command - nice-to-have for UX\n- bd-124 (P2): Daemon auto-start - convenience feature\n- bd-125 (P3): Workspace config - alternative approach\n- bd-126 (P4): Cross-repo references - future feature\n\n**Decision:** Core multi-repo support is COMPLETE and working. Remaining items are independent enhancements, not blockers. \n\nRecommend closing bd-73 as complete. Open new issues for specific enhancements if needed.","status":"closed","priority":2,"issue_type":"feature","created_at":"2025-10-16T20:46:08.971822-07:00","updated_at":"2025-10-17T23:15:17.705446-07:00","closed_at":"2025-10-17T23:15:17.705446-07:00"} {"id":"bd-74","title":"Implement storage driver interface for pluggable backends","description":"Create abstraction layer for storage to support multiple backends (SQLite, Postgres, Turso, in-memory testing, etc.).\n\n**Current state:** All storage logic hardcoded to SQLite in internal/storage/sqlite/sqlite.go\n\n**Proposed design:**\n\n```go\n// internal/storage/storage.go\ntype Store interface {\n // Issue CRUD\n CreateIssue(issue *Issue) error\n GetIssue(id string) (*Issue, error)\n UpdateIssue(id string, updates *Issue) error\n DeleteIssue(id string) error\n ListIssues(filter *Filter) ([]*Issue, error)\n \n // Dependencies\n AddDependency(from, to string, depType DependencyType) error\n RemoveDependency(from, to string, depType DependencyType) error\n GetDependencies(id string) ([]*Dependency, error)\n \n // Counters, stats\n GetNextID(prefix string) (string, error)\n GetStats() (*Stats, error)\n \n Close() error\n}\n```\n\n**Benefits:**\n- Better testing (mock/in-memory stores)\n- Future flexibility (Postgres, cloud APIs, etc.)\n- Clean architecture (business logic decoupled from storage)\n- Enable Turso or other backends without refactoring everything\n\n**Implementation steps:**\n1. Define Store interface in internal/storage/storage.go\n2. Refactor SQLiteStore to implement interface\n3. Update all commands to use interface, not concrete type\n4. Add MemoryStore for testing\n5. Add driver selection via config (storage.driver = sqlite|turso|postgres)\n6. Update tests to use interface\n\n**Note:** This is valuable even without adopting Turso. Good architecture practice.\n\n**Context:** From GH issue #2 RFC evaluation. Driver interface is low-cost, high-value regardless of whether we add alternative backends.","status":"open","priority":2,"issue_type":"feature","created_at":"2025-10-16T20:46:08.971822-07:00","updated_at":"2025-10-17T01:32:00.920278-07:00"} {"id":"bd-75","title":"Test issue with --deps flag","description":"","status":"closed","priority":2,"issue_type":"task","created_at":"2025-10-16T20:46:08.971822-07:00","updated_at":"2025-10-17T01:32:00.921065-07:00","closed_at":"2025-10-16T10:07:34.027923-07:00"} {"id":"bd-76","title":"Fix: bd init --prefix test -q flag not recognized","description":"The init command doesn't recognize the -q flag. When running 'bd init --prefix test -q', it fails silently or behaves unexpectedly. The flag should either be implemented for quiet mode or removed from documentation if not supported.","status":"closed","priority":2,"issue_type":"bug","created_at":"2025-10-16T20:46:08.971822-07:00","updated_at":"2025-10-17T01:32:00.921744-07:00","closed_at":"2025-10-17T00:09:18.921816-07:00"} diff --git a/cmd/bd/daemon.go b/cmd/bd/daemon.go index 205ddf3b..af5670b5 100644 --- a/cmd/bd/daemon.go +++ b/cmd/bd/daemon.go @@ -76,6 +76,14 @@ Use --status to check if daemon is running.`, os.Exit(1) } + // Global daemon doesn't support auto-commit/auto-push (no sync loop) + if global && (autoCommit || autoPush) { + fmt.Fprintf(os.Stderr, "Error: --auto-commit and --auto-push are not supported with --global\n") + fmt.Fprintf(os.Stderr, "Hint: global daemon runs in routing mode and doesn't perform background sync\n") + fmt.Fprintf(os.Stderr, " Use local daemon (without --global) for auto-commit/auto-push features\n") + os.Exit(1) + } + // Validate we're in a git repo (skip for global daemon) if !global && !isGitRepo() { fmt.Fprintf(os.Stderr, "Error: not in a git repository\n") @@ -492,8 +500,58 @@ func runDaemonLoop(interval time.Duration, autoCommit, autoPush bool, logPath, p log("Daemon started (interval: %v, auto-commit: %v, auto-push: %v)", interval, autoCommit, autoPush) - // Open SQLite database (daemon owns exclusive connection) - // Use the same dbPath resolution logic as other commands + // Global daemon runs in routing mode without opening a database + if global { + globalDir, err := getGlobalBeadsDir() + if err != nil { + log("Error: cannot get global beads directory: %v", err) + os.Exit(1) + } + socketPath := filepath.Join(globalDir, "bd.sock") + + // Create server with nil storage - uses per-request routing + server := rpc.NewServer(socketPath, nil) + + ctx, cancel := context.WithCancel(context.Background()) + defer cancel() + + // Start RPC server in background + serverErrChan := make(chan error, 1) + go func() { + log("Starting global RPC server: %s", socketPath) + if err := server.Start(ctx); err != nil { + log("RPC server error: %v", err) + serverErrChan <- err + } + }() + + // Wait for server to start or fail + select { + case err := <-serverErrChan: + log("RPC server failed to start: %v", err) + os.Exit(1) + case <-time.After(2 * time.Second): + log("Global RPC server started") + } + + // Wait for shutdown signal + sigChan := make(chan os.Signal, 1) + signal.Notify(sigChan, syscall.SIGTERM, syscall.SIGINT, syscall.SIGHUP) + + sig := <-sigChan + log("Received signal: %v", sig) + log("Shutting down global daemon...") + + cancel() + if err := server.Stop(); err != nil { + log("Error stopping server: %v", err) + } + + log("Global daemon stopped") + return + } + + // Local daemon mode - open database and run sync loop daemonDBPath := dbPath if daemonDBPath == "" { // Try to find database in current repo @@ -518,17 +576,7 @@ func runDaemonLoop(interval time.Duration, autoCommit, autoPush bool, logPath, p log("Database opened: %s", daemonDBPath) // Start RPC server - var socketPath string - if global { - globalDir, err := getGlobalBeadsDir() - if err != nil { - log("Error: cannot get global beads directory: %v", err) - os.Exit(1) - } - socketPath = filepath.Join(globalDir, "bd.sock") - } else { - socketPath = filepath.Join(filepath.Dir(daemonDBPath), "bd.sock") - } + socketPath := filepath.Join(filepath.Dir(daemonDBPath), "bd.sock") server := rpc.NewServer(socketPath, store) ctx, cancel := context.WithCancel(context.Background()) diff --git a/internal/rpc/server.go b/internal/rpc/server.go index cf28ea48..a8f61066 100644 --- a/internal/rpc/server.go +++ b/internal/rpc/server.go @@ -54,6 +54,12 @@ func (s *Server) Start(ctx context.Context) error { return fmt.Errorf("failed to listen on socket: %w", err) } + // Set socket permissions to 0600 for security (owner only) + if err := os.Chmod(s.socketPath, 0600); err != nil { + s.listener.Close() + return fmt.Errorf("failed to set socket permissions: %w", err) + } + go s.handleSignals() for {