[codex] centralize daemon data directory docs (#4222)

* docs: centralize daemon data directory contract

* fix(e2e): allow slower artifact consistency navigation

Generated-By: looper 0.9.5 (runner=fixer, agent=codex)

* docs: localize daemon data directory pointers

Generated-By: looper 0.9.5 (runner=fixer, agent=codex)

---------

Co-authored-by: Looper <looper@noreply.github.com>
This commit is contained in:
PerishFire
2026-06-15 10:52:05 +08:00
committed by GitHub
parent 076bf3316f
commit a0afc584bb
73 changed files with 363 additions and 482 deletions

View File

@@ -29,7 +29,7 @@ This file is the single source of truth for agents entering this repository. Rea
## Inactive or placeholder directories
- `apps/nextjs` and `packages/shared` have been removed; do not recreate or reference them.
- `.od/`, `.tmp/`, Playwright reports, and agent scratch directories are local runtime data and must stay out of git.
- Local runtime data, `.tmp/`, Playwright reports, and agent scratch directories must stay out of git. For daemon-managed data paths, read and follow **Daemon data directory contract** below; do not restate or improvise path conventions elsewhere.
# Development workflow
@@ -55,6 +55,81 @@ This file is the single source of truth for agents entering this repository. Rea
- Ports are governed by `tools-dev` flags: `--daemon-port` and `--web-port`.
- `tools-dev` exports `OD_PORT` for the web proxy target and `OD_WEB_PORT` for the web listener; do not use `NEXT_PORT`.
## Daemon data directory contract
This section is the only repository-wide source of truth for daemon-managed
data paths. Every README, guide, deployment note, and operational handoff that
mentions daemon data paths must point here instead of restating the rules.
This boundary is strict. Do not introduce concrete filesystem examples for the
daemon data directory, recommended data directory, shared data directory,
deployment mount, or example data directory. If existing code exposes a legacy
fallback, treat it as implementation detail or a known escape candidate, not as
a documentation pattern to copy. If a change needs a data-path rule that is not
covered here, request a core-maintainer decision in the PR instead of inventing
a new convention.
The daemon has one active data-root truth source:
- On daemon startup, `apps/daemon/src/server.ts` resolves `OD_DATA_DIR` into
`RUNTIME_DATA_DIR`.
- All daemon-owned data paths must derive from `RUNTIME_DATA_DIR` or from a
constant derived from it, such as `PROJECTS_DIR` or `ARTIFACTS_DIR`.
- `PROJECTS_DIR` is the managed-project root. Imported-folder projects are the
explicit exception: they use `metadata.baseDir` for the user-selected
external workspace.
- `ARTIFACTS_DIR`, SQLite, app config, memory, MCP config/tokens, automation
state, plugin state, connector credentials, generated files, logs owned by
sandbox mode, and agent runtime homes are daemon data and must remain under
the resolved daemon data root unless this file names a specific exception.
- Agent subprocesses receive the resolved daemon data root as `OD_DATA_DIR`.
They must inherit the daemon's truth source instead of guessing their own
data path.
Development propagation:
- `tools-dev` owns sidecar runtime/log/ipc namespacing.
- `tools-dev --namespace <name>` does not, by itself, define daemon data
isolation.
- A development run that needs an isolated daemon data root must pass
`OD_DATA_DIR` into the daemon process environment. After that, the daemon
resolves it once and all daemon data paths flow from `RUNTIME_DATA_DIR`.
Packaged propagation:
- `tools-pack` / `apps/packaged` own packaged channel and namespace layout.
- Packaged code resolves the final namespace-scoped daemon data root before
spawning the daemon.
- The packaged daemon receives that final data root as `OD_DATA_DIR`; daemon
code must not infer packaged data paths from app names, Electron `userData`,
ports, channel names, or namespace names.
Sanctioned exceptions:
- `OD_MEDIA_CONFIG_DIR` is a narrow override for `media-config.json` only. It
is not a second daemon data root.
- `OD_LEGACY_DATA_DIR` is a migration source for legacy data import only. It is
not an active daemon data root.
- External tool homes such as `CODEX_HOME` are integration inputs, not daemon
data roots. The daemon must not describe them as Open Design runtime data.
- Agent/project-cwd skill staging aliases are not daemon data roots.
- Manifest metadata keys and CSS identifiers are semantic namespaces, not
filesystem path conventions.
Known escape candidates that must not be reused:
- Module-level defaults that point at a cwd-relative legacy data directory.
- Helper defaults such as `defaultRegistryRoots()` that recompute a data root
from `process.env.OD_DATA_DIR` or a cwd fallback instead of receiving
`RUNTIME_DATA_DIR`.
- `openDatabase(projectRoot)` calls that rely on its fallback instead of
passing the resolved data root.
- Script help text or examples that suggest concrete legacy data directories.
Do not extend these escape patterns. When a fix is obvious, route the path
through `RUNTIME_DATA_DIR` or an explicit data-root argument. When it is not
obvious, block the PR and request core-maintainer guidance.
## Root command boundary
- Keep root scripts reserved for true repo-level checks and tools control-plane entrypoints: `pnpm guard`, `pnpm typecheck`, `pnpm tools-dev`, `pnpm tools-pack`, and `pnpm tools-serve`.
@@ -266,15 +341,6 @@ Desktop queries runtime status through sidecar IPC. The web URL comes from `tool
`@open-design/sidecar-proto` owns Open Design app/mode/source constants, namespace validation, stamp fields/flags, IPC message schema, status shapes, and error semantics. `@open-design/sidecar` provides only generic bootstrap, IPC transport, path/runtime resolution, launch env, and JSON runtime files. `@open-design/platform` provides only generic OS process stamp serialization, command parsing, and process matching/search primitives, consuming the proto descriptor.
## Where is data written?
The daemon writes `.od/` by default: SQLite at `.od/app.sqlite`, agent CWDs under `.od/projects/<id>/`, saved renders under `.od/artifacts/`, and credentials at `.od/media-config.json`. Two env vars override the storage root, in order:
1. `OD_DATA_DIR=<dir>` — relocates *all* daemon runtime data to `<dir>` (used by Playwright for test isolation, and by the packaged daemon and the Home Manager / NixOS modules to point the daemon at a writable directory when the install root is read-only). The path is resolved with `~/` expansion and relative paths anchored to `<projectRoot>`.
2. `OD_MEDIA_CONFIG_DIR=<dir>` — narrower override that relocates *only* `media-config.json`. Same resolution semantics. Most installs do not need this; it exists for setups that want to keep API credentials in a different location from the rest of the runtime data.
Default precedence is OD_MEDIA_CONFIG_DIR > OD_DATA_DIR > `<projectRoot>/.od`.
## When is `pnpm install` required?
Run `pnpm install` after changing package manifests, workspace layout, command entrypoints, bin/link-related content, or after adding/removing workspace packages.

View File

@@ -453,11 +453,11 @@ A memory-plus-UI release: **auto-memory store** carries agent context across run
- **`od plugin events snapshot/stats` + tail filters (Phase 4).** Extends §3.II1 with: `GET /api/plugins/events/snapshot` for non-SSE one-shot reads (dashboards that don't want a live connection); `GET /api/plugins/events/stats` returns a `summarisePluginEvents()` rollup (counts byKind, byPluginId — skipping empty ids — plus oldest/newest at + id range); `--kind <k>` and `--plugin-id <id>` filter flags work on both `od plugin events tail` (client-side post-render) and the new `od plugin events snapshot` subcommand. CLI pretty-prints the stats rollup with sorted-key counts for byte-determinism.
- **More plugin event producer hooks (Phase 4).** Extends §3.II1 with: `installPlugin` accepts `eventKind: 'installed' | 'upgraded'` so the upgrade route distinguishes the operation in the live tail; `POST /api/plugins/:id/trust` emits `plugin.trust-changed`; `POST /api/applied-plugins/prune` emits `plugin.snapshot-pruned` when anything was actually removed; `POST /api/marketplaces/:id/refresh` emits `plugin.marketplace-refreshed`. Each hook is best-effort and never blocks the underlying mutation if the ring buffer throws.
- **Plugin event ring buffer + SSE tail (Phase 4).** New `apps/daemon/src/plugins/events.ts` ships an in-memory FIFO ring buffer (capped at 1000 entries, monotonic ids, fan-out subscribers) for plugin lifecycle events: `plugin.installed` / `.upgraded` / `.uninstalled` / `.trust-changed` / `.applied` / `.snapshot-pruned` / `.marketplace-refreshed`. Producer hooks landed on the installer (install + uninstall). New `GET /api/plugins/events` SSE route emits the backlog on connect (with optional `?since=<id>` trim) then forwards live events. CLI: `od plugin events tail [-f] [--since <id>] [--json]` — non-follow mode drains backlog + exits; `-f` keeps the stream open for ops dashboards.
- **`od plugin doctor --strict` + verify strict propagation (Phase 4).** New `--strict` flag on `od plugin doctor` promotes warnings to failures (exit 4 distinguishes 'strict failed' from doctor errors at exit 1). The `verifyPlugin()` orchestrator gains a matching `strict: true` config knob that flows through `.od-verify.json` so plugins can lock 'no warnings allowed' as a one-line CI policy.
- **`od plugin doctor --strict` + verify strict propagation (Phase 4).** New `--strict` flag on `od plugin doctor` promotes warnings to failures (exit 4 distinguishes 'strict failed' from doctor errors at exit 1). The `verifyPlugin()` orchestrator gains a matching `strict: true` config knob that flows through the plugin verify config file so plugins can lock 'no warnings allowed' as a one-line CI policy.
- **`od daemon db verify` SQLite integrity check (Phase 5).** New `verifySqliteIntegrity()` pure helper wraps PRAGMA `integrity_check` (or `quick_check` with `--quick`) + PRAGMA `foreign_key_check`. Returns a structured `{ ok, mode, issues[], elapsedMs, generatedAt }` report with issues tagged `kind='integrity' | 'foreign_key'`. Loopback-only `POST /api/daemon/db/verify` route + `od daemon db verify [--quick]` CLI subcommand — exit 0 on ok=true, 4 on any issue, so CI can wire it into a pre-deploy check.
- **`od daemon db vacuum` (Phase 5).** New loopback-only `POST /api/daemon/db/vacuum` runs SQLite VACUUM and reports before/after sizes + reclaimed bytes + elapsed ms. Useful after large delete batches (snapshot prune, plugin uninstall) shrink rows but leave space allocated to the file. CLI: `od daemon db vacuum [--json]`.
- **`od daemon db status` SQLite inventory (Phase 5).** New `inspectSqliteDatabase()` pure helper + `GET /api/daemon/db` route returns a structured report: `kind` ('sqlite'), file location, size on disk (primary + WAL + SHM), schema version (`user_version` PRAGMA), and per-table row counts (system tables excluded, lexicographic order). CLI: `od daemon db status [--json]` lets ops sanity-check deployments at a glance + compare expected-vs-actual table rosters across daemon upgrades.
- **`od plugin verify <id>` CI meta-command (Phase 4).** New `verifyPlugin()` pure orchestrator aggregates `doctor` + `simulate` + `canon --check` into one pass/fail report. Reads `<plugin-folder>/.od-verify.json` (or `--config <path>`) so plugin authors commit their CI checks into their repo. Each check resolves to `passed | failed | skipped | unsupported`; aggregate passes iff every enabled check is passed or skipped (`unsupported` bubbles up as a fail to keep CI honest). One-liner CI workflow: `od plugin verify my-plugin` — exit 0 on pass, 4 on fail, 2 on CLI/config error.
- **`od plugin verify <id>` CI meta-command (Phase 4).** New `verifyPlugin()` pure orchestrator aggregates `doctor` + `simulate` + `canon --check` into one pass/fail report. Reads the plugin verify config file (or `--config <path>`) so plugin authors commit their CI checks into their repo. Each check resolves to `passed | failed | skipped | unsupported`; aggregate passes iff every enabled check is passed or skipped (`unsupported` bubbles up as a fail to keep CI honest). One-liner CI workflow: `od plugin verify my-plugin` — exit 0 on pass, 4 on fail, 2 on CLI/config error.
- **`od plugin simulate <id>` pipeline dry-run (Phase 4).** New `simulatePipeline({ pipeline, signals, iterationCap? })` pure helper walks every stage in a plugin's pipeline against caller-supplied signals (constant snapshot OR per-iteration generator function) and reports `outcome ∈ { single | converged | cap | unparsable }` per stage plus aggregate `outcome ∈ { all-converged | all-single | mixed | cap-hit | unparsable }`. Companion `parseSignalKv()` parses repeatable `-s key=value` CLI flags into the closed `UntilSignals` vocabulary with typo guards. CLI: `od plugin simulate <pluginId> [-s key=value ...] [--cap <n>] [--json]` — exit 4 on cap-hit/unparsable so CI can hook this into a pipeline check.
- **`od plugin stats` inventory health report (Phase 4).** New `pluginInventoryStats()` + `snapshotInventoryStats()` pure helpers aggregate installed-plugin counts (by `sourceKind` / `trust` / `taskKind`, bundled vs. third-party split, plugins with elevated capabilities — `fs:write` / `subprocess` / `bash` / `network` / `connector:*`) and snapshot health (status breakdown, project / run linkage, oldest / newest applied timestamps). New `GET /api/plugins/stats` route + `od plugin stats [--json]` CLI subcommand for at-a-glance fleet audit.
- **`od plugin canon --check <expected-file>` byte-equality fixtures (Phase 4).** New `--check` mode on `od plugin canon` compares the canon output against an on-disk fixture and exits 4 on mismatch with a per-line diff preview. Lets plugin authors commit `renderPluginBlock()` regression fixtures into their own `tests/` without writing a fresh test harness.
@@ -649,7 +649,7 @@ A connectivity-and-iteration release: Open Design becomes a fully bidirectional
#### MCP & connectors
- MCP install snippet survives daemon port changes. ([#846])
- Pin `OD_DATA_DIR` in `/api/mcp/install-info` env so the macOS-packaged MCP server stops EPERM'ing on `.od/projects`. ([#857])
- Pin the daemon data directory in `/api/mcp/install-info` env so the macOS-packaged MCP server stops failing on managed project storage. ([#857])
- Reserve clearance for the MCP server Copy button so it stops overlapping the snippet. ([#847])
- Give the MCP server Copy button a solid surface so it reads against the code block. ([#840])
- Stable curated tool count in the connector card badge. ([#767])
@@ -866,7 +866,7 @@ A minor release focused on iteration: live-data dashboards graduate to a first-c
### Documentation
- Documented `OD_DATA_DIR` and migration from `.od/` to the Desktop app. ([#570])
- Documented daemon data directory migration to the Desktop app. ([#570])
- Added Chinese (Simplified) QUICKSTART. ([#578])
- Backported missing zh-TW README sections from the English README. ([#586])
- Synced and improved the Korean README. ([#619])

View File

@@ -244,7 +244,7 @@ Beyond that:
## Commits & pull requests
- **One concern per PR.** Adding a skill + refactoring the parser + bumping a dep is three PRs.
- **Title is imperative + scope.** `add dating-web skill`, `fix daemon SSE backpressure when CLI hangs`, `docs: clarify .od layout`.
- **Title is imperative + scope.** `add dating-web skill`, `fix daemon SSE backpressure when CLI hangs`, `docs: clarify storage contract`.
- **Use the PR template.** Fill every section of [`.github/pull_request_template.md`](.github/pull_request_template.md) — Why, What users will see, Surface area, Screenshots (if UI), Bug fix verification (if bug fix), Validation. Empty sections earn a "please fill in" reply.
- **Body explains the why.** "What does this do" is usually obvious from the diff; "why does this need to exist" rarely is.
- **Reference an issue** if there is one. If there isn't and the PR is non-trivial, open one first so we can agree the change is wanted before you spend the time.

View File

@@ -153,25 +153,9 @@ OD_API_TOKEN=
## Persistent Storage
Open Design stores projects and SQLite data inside a Docker volume:
```text
open_design_data
```
The volume is mounted to:
```text
/app/.od
```
Data persists across container restarts and image updates.
Inspect the volume:
```bash
docker volume inspect open-design_open_design_data
```
Before documenting, changing, or choosing any persistent daemon storage path,
you MUST read the root `AGENTS.md` section **Daemon data directory contract**.
This Quickstart MUST NOT restate that contract or define storage paths.
---
@@ -198,7 +182,7 @@ For the desktop shell and all managed sidecars in the background:
pnpm tools-dev # starts daemon + web + desktop in the background
```
On first load, the app detects your installed code-agent CLI (Claude Code / Codex / Devin for Terminal / Gemini / OpenCode / Cursor Agent / Qwen / Qoder CLI), picks it automatically, and defaults to `web-prototype` skill + `Neutral Modern` design system. Type a prompt and hit **Send**. The agent streams into the left pane; the `<artifact>` tag is parsed out and the HTML renders live on the right. When it finishes, click **Save to disk** to persist the artifact under `./.od/artifacts/<timestamp>-<slug>/index.html`.
On first load, the app detects your installed code-agent CLI (Claude Code / Codex / Devin for Terminal / Gemini / OpenCode / Cursor Agent / Qwen / Qoder CLI), picks it automatically, and defaults to `web-prototype` skill + `Neutral Modern` design system. Type a prompt and hit **Send**. The agent streams into the left pane; the `<artifact>` tag is parsed out and the HTML renders live on the right. Before documenting or changing any artifact storage path, you MUST read `AGENTS.md` → **Daemon data directory contract**.
The **Design system** dropdown ships with 71 built-in systems — 2 hand-authored starters (Neutral Modern, Warm Editorial) and 69 product systems imported from [`awesome-design-md`](https://github.com/VoltAgent/awesome-design-md), grouped by category (AI & LLM, Developer Tools, Productivity, Backend, Design Tools, Fintech, E-Commerce, Media, Automotive). Pick one to skin every prototype in that brand's aesthetic, and another set of 57 design skills sourced from [`awesome-design-skills`](https://github.com/bergside/awesome-design-skills).
@@ -357,10 +341,6 @@ open-design/
│ └── …129 systems # 2 starters · 70 product systems · 57 design skills
├── scripts/sync-design-systems.ts # re-import from upstream getdesign tarball
├── docs/ # product vision + spec
├── .od/ # runtime data (gitignored, auto-created)
│ ├── app.sqlite # projects / conversations / messages / tabs
│ ├── artifacts/ # one-off "Save to disk" renders
│ └── projects/<id>/ # per-project working dir + agent cwd
├── pnpm-workspace.yaml # apps/* + packages/* + tools/* + e2e
└── package.json # root quality scripts + `od` bin
```

View File

@@ -264,7 +264,7 @@ Open Design (OD) is the open-source alternative. Same loop, same artifact-first
- 🤖 **Agent-native, model-agnostic.** We don't ship an agent. The `claude` / `codex` / `cursor-agent` / `copilot` / `hermes` / `kimi` already on your `PATH` are the design engine. Swap with one click.
- 🧠 **Brand-grade by default.** Every render reads the active `DESIGN.md` — a 9-section schema covering palette, type, spacing, motion, voice, anti-patterns. 150 systems ship with the repo (Linear, Stripe, Vercel, Airbnb, Apple, Tesla, Notion, Anthropic, Cursor, Supabase, Figma…). Drop a folder in, the picker finds it.
- 🖥️ **Local-first, BYOK at every layer.** Native desktop apps for macOS (Apple Silicon + Intel) and Windows (x64). Linux AppImage on the optional release lane. SQLite at `.od/app.sqlite`, files at `.od/projects/<id>/`, no telemetry, no cloud round-trip.
- 🖥️ **Local-first, BYOK at every layer.** Native desktop apps for macOS (Apple Silicon + Intel) and Windows (x64). Linux AppImage on the optional release lane. No telemetry, no cloud round-trip. Before describing daemon data paths, contributors and operators MUST read `AGENTS.md`**Daemon data directory contract**. This README MUST NOT restate it.
- 🌍 **Composable on three planes.** **Plugins** carry runnable workflows · **skills** carry the agent's design taste · **design systems** carry the brand. All three are plain files anyone can author, version, and publish.
- 🔁 **Refresh an existing codebase.** Hand a `git` repo + `DESIGN.md` to the agent and it refactors your real components to the brand spec. Dedicated plugins migrate Figma / Pencil workflows into React / Next.js / Vue code.
- 🔒 **Privacy by conviction.** Everything runs where your data lives — your laptop, your team's server, your Vercel project. When the network is needed, the BYOK proxy is SSRF-guarded.
@@ -538,7 +538,7 @@ Plugin registry endpoint: `GET /api/plugins`. Directory overview → [`plugins/R
│ /api/import/claude-design │
│ MCP stdio server │
└─────────┬───────────────────────┘
│ spawn(cli, [...], { cwd: .od/projects/<id> })
│ spawn(cli, [...], { cwd: managed project cwd })
┌──────────────────────────────────────────────────────────────────┐
│ claude · codex · cursor-agent · copilot · openclaw · antigravity ·│
@@ -552,7 +552,7 @@ Plugin registry endpoint: `GET /api/plugins`. Directory overview → [`plugins/R
|---|---|
| Frontend | Next.js 16 App Router + React 18 + TypeScript |
| Daemon | Node 24 · Express · SSE streaming · `better-sqlite3` |
| Storage | Files at `.od/projects/<id>/` + SQLite at `.od/app.sqlite` + `media-config.json` (gitignored, auto-created). `OD_DATA_DIR` relocates everything. |
| Storage | Before changing or documenting daemon storage paths, you MUST read `AGENTS.md`**Daemon data directory contract**. This README MUST NOT restate it. |
| Preview | Sandboxed `srcdoc` iframe + streaming `<artifact>` parser |
| Export | HTML (inlined) · PDF (browser print) · PPTX (agent-driven) · ZIP · Markdown · MP4 (HyperFrames) |
| Desktop | Electron shell + sandboxed renderer + sidecar IPC (STATUS · EVAL · SCREENSHOT · CONSOLE · CLICK · SHUTDOWN) |

View File

@@ -5,7 +5,7 @@ Follow the root `AGENTS.md` first. This file only records module-level boundarie
## Active apps
- `apps/web`: Next.js 16 App Router + React 18 web runtime. Entrypoints live in `apps/web/app/`; the main client shell is `apps/web/src/App.tsx`. During local `tools-dev` web runs, `apps/web/next.config.ts` rewrites `/api/*`, `/artifacts/*`, and `/frames/*` to `OD_PORT`.
- `apps/daemon`: Express + SQLite local daemon and `od` bin. It owns REST/SSE APIs, agent CLI spawning, skills, design systems, artifact persistence, static serving, and local data under `.od/`.
- `apps/daemon`: Express + SQLite local daemon and `od` bin. It owns REST/SSE APIs, agent CLI spawning, skills, design systems, artifact persistence, static serving, and daemon-managed data. Before describing or changing daemon data paths, read the root `AGENTS.md` section **Daemon data directory contract**; it is mandatory and must not be restated here.
- `apps/desktop`: Electron shell. Desktop does not guess the web port; it reads runtime status through sidecar IPC and opens the reported web URL.
- `apps/packaged`: Thin packaged Electron runtime entry. It starts packaged daemon/web sidecars, registers the `od://` entry protocol, and delegates desktop host behavior to `apps/desktop`.

View File

@@ -22,7 +22,11 @@ These commands deploy an Open Design application on the Kubernetes cluster in th
### Architecture and Configuration Notes
#### SQLite State & Concurrency Limitations
The current Open Design runtime stores state in local files and SQLite under `/app/.od`. Because SQLite does not support concurrent writes from multiple network replicas, **this chart is strictly limited to 1 replica**.
The current Open Design runtime stores state in local files and SQLite. Before
documenting or changing persistent daemon storage, you MUST read root
[`AGENTS.md`](../../AGENTS.md) → **Daemon data directory contract**. This chart
README MUST NOT restate it. Because SQLite does not support concurrent writes
from multiple network replicas, **this chart is strictly limited to 1 replica**.
Horizontal Pod Autoscaling (HPA) is disabled by default. Do not enable HPA or scale the deployment beyond `replicas: 1` unless you have modified the application to externalize the state to a standalone database.

View File

@@ -32,7 +32,9 @@ OPEN_DESIGN_IMAGE=docker.io/vanjayak/open-design:latest docker compose up -d --n
Defaults:
- Host port: `127.0.0.1:7456` (`OPEN_DESIGN_PORT=8080` to publish on `127.0.0.1:8080`)
- Runtime data volume: `open_design_data` mounted at `/app/.od`
- Runtime data: before documenting, changing, or choosing persistent daemon
storage, you MUST read root [`AGENTS.md`](../AGENTS.md) → **Daemon data
directory contract**. This README MUST NOT restate it.
- Node heap cap: `--max-old-space-size=192`
- Compose memory cap: `384m` (`OPEN_DESIGN_MEM_LIMIT=256m` to override)

View File

@@ -11,7 +11,7 @@ The template provisions a robust, fault-tolerant, and secure architecture for Op
* **Compute:** AWS ECS running on serverless Fargate instances in the private subnets. To protect the file-based SQLite database from concurrent network write corruption, the service hard-codes a single-instance baseline (DesiredCount: 1). However, it leverages the multi-AZ networking primitives for Active-Passive fault tolerance: if a task or zone fails, ECS automatically reschedules the container in the healthy AZ. The task definition includes:
* The **Open Design** app container.
* An **Nginx Auth Proxy** sidecar container that securely attaches the Open Design API Token to incoming `/api/` requests.
* **Storage:** Amazon Elastic File System (EFS) is mounted to the Fargate containers to durably store the Open Design `.od` SQLite database and file artifacts. It is configured with deletion protection (`Retain`) to prevent accidental data loss.
* **Storage:** Amazon Elastic File System (EFS) is mounted to the Fargate containers for persistent daemon storage. Before documenting or changing the mount, you MUST read root [`AGENTS.md`](../../AGENTS.md) → **Daemon data directory contract**. This README MUST NOT restate it. EFS is configured with deletion protection (`Retain`) to prevent accidental data loss.
* **Security:**
* **Secrets Manager:** Securely stores the Open Design API Token, preventing it from being exposed in plain text.
* **Security Groups:** Restrict traffic flow. The ALB requires an explicitly configured CIDR — ensure this is your VPN or corporate range to avoid unintended public exposure. Fargate only accepts traffic from the ALB; EFS only accepts traffic from Fargate.
@@ -42,7 +42,7 @@ When deploying the CloudFormation stack, you can customize the following paramet
| `CustomDomainName` | *(Optional)* Your custom domain name (e.g., `design.yourcompany.com`). If provided, you must manually create a DNS CNAME/Alias record pointing to the ALB after deployment. If blank, the default ALB DNS name is used over HTTP. | *None* |
| `AcmCertificateArn` | *(Optional)* The ARN of your AWS Certificate Manager (ACM) certificate. **Required** if `CustomDomainName` is provided. | *None* |
| `ProxyPort` | The dynamic port used by the Nginx proxy and exposed to the Load Balancer. Must be >= 1024 (unprivileged container). | `8080` |
| `AppStoragePath` | The container path where the `.od` SQLite directory is mounted via EFS. | `/app/.od` |
| `AppStoragePath` | Persistent daemon storage path. Before setting or documenting it, you MUST read root [`AGENTS.md`](../../AGENTS.md) → **Daemon data directory contract**. | See root contract |
## Deployment

View File

@@ -42,11 +42,11 @@ research/last30days/<safe-topic-slug>.md
Use the bundled engine when the environment can run it:
```bash
python3.12 ".od-skills/last30days/scripts/last30days.py" "<topic>" --emit=compact --save-dir "research/last30days" --save-suffix raw
python3.12 "<staged-skill-dir>/last30days/scripts/last30days.py" "<topic>" --emit=compact --save-dir "research/last30days" --save-suffix raw
```
If `python3.12` is unavailable, try `python3` only after confirming it is
Python 3.12 or newer. If the staged `.od-skills/last30days/` path is
Python 3.12 or newer. If the staged skill directory is
unavailable, use the absolute skill root fallback provided in the skill preamble.
The upstream engine may create a raw support file such as

View File

@@ -32,11 +32,11 @@ If the bundled engine ran successfully and Python 3.12+ is available, you may
ask it to render HTML from the same topic and synthesis:
```bash
python3.12 ".od-skills/last30days/scripts/last30days.py" "<topic>" --emit=html --synthesis-file "<temp-synthesis-file>" > "research/last30days/<safe-topic-slug>.html"
python3.12 "<staged-skill-dir>/last30days/scripts/last30days.py" "<topic>" --emit=html --synthesis-file "<temp-synthesis-file>" > "research/last30days/<safe-topic-slug>.html"
```
Use the absolute skill root fallback from the skill preamble if the staged
`.od-skills/last30days/` path is unavailable.
the staged skill directory is unavailable.
The temporary synthesis file should contain only the report synthesis you
already wrote: short summary, key findings, community signals, limitations, and

View File

@@ -108,7 +108,9 @@ same shape with provider-specific `endpoint` strings.
- else `<OD_DATA_DIR>/media-config.json` when `OD_DATA_DIR` is set
(relative paths are anchored to the active project root, `$HOME`
and `~` shorthands are expanded);
- else `<projectRoot>/.od/media-config.json` for the active project.
- else daemon-managed media configuration for the active project. Before
documenting daemon storage paths, read root `AGENTS.md` → **Daemon data
directory contract**.
The artifact never opens any of these paths itself — it always goes
through the daemon poll endpoint, and the daemon enforces the

View File

@@ -8,7 +8,7 @@ Accepted
The `od` CLI serves two different roles: it can start the local daemon, and it can act as a thin client for commands such as `od media generate`. Client commands should talk to an already-running daemon and should not evaluate daemon startup code.
Previously, `apps/daemon/src/cli.ts` statically imported `server.ts`. Because ES modules execute top-level code during import, client-only commands also evaluated daemon startup globals, including `OD_DATA_DIR` resolution. A bad runtime data directory could therefore fail media generation before the CLI even sent its HTTP request.
Previously, `apps/daemon/src/cli.ts` statically imported `server.ts`. Because ES modules execute top-level code during import, client-only commands also evaluated daemon startup globals, including daemon data directory resolution. A bad runtime data directory could therefore fail media generation before the CLI even sent its HTTP request. Current daemon data-path rules live only in root [`AGENTS.md`](../../AGENTS.md) → **Daemon data directory contract**; this ADR MUST NOT restate them.
The daemon sidecar also started the server directly, so startup behavior was split between the human CLI path and the sidecar path.

View File

@@ -72,7 +72,7 @@ type AgentEvent =
## 2. Detection strategy
Run all adapters' `detect()` in parallel on daemon start, then cache results in `~/.open-design/agents.json` with a 24h TTL. Re-detect on daemon `SIGHUP`.
Run all adapters' `detect()` in parallel on daemon start, then cache results through daemon-managed storage with a 24h TTL. This document MUST NOT define daemon data paths; read the root `AGENTS.md` section **Daemon data directory contract** before changing or documenting that storage.
Each adapter uses **two signals**:

View File

@@ -91,8 +91,8 @@ The three topologies share the same web bundle; the difference is which transpor
│ │
▼ ▼
┌─ agent CLIs ─┐ ┌─ filesystem ─┐
│ claude │ │ ./.od/
│ codex │ │ ~/.od/
│ claude │ │ daemon data
│ codex │ │ root
│ cursor-agent │ │ skills/ │
│ gemini │ │ DESIGN.md │
│ opencode │ └──────────────┘
@@ -152,24 +152,13 @@ Conflicts resolve by priority (higher wins). Each skill parsed once; watched for
### 3.6 Artifact store
Plain files on disk. Conventional layout per project:
```
./.od/
├── config.json # project-level daemon config
├── artifacts/
│ ├── 2026-04-24T10-03-12-landing/
│ │ ├── artifact.json # metadata (skill, mode, prompt, parent)
│ │ ├── index.html # primary output (or .jsx, .md, .pptx.json)
│ │ └── assets/ # skill-generated images, fonts, etc.
│ └── …
├── history.jsonl # append-only action log (generations, edits, comments)
└── sessions/
└── <session-id>.json # transient; garbage-collected after 24h
```
Plain files on disk under daemon-managed storage. This historical architecture
draft does not define current data paths. Current path rules live only in root
`AGENTS.md`**Daemon data directory contract**; read it before changing or
documenting any storage path.
Rationale:
- **Plain files** → users can `git add ./.od/artifacts/` and review designs in PRs.
- **Plain files** → artifacts can be inspected and exported without a proprietary binary format.
- **`artifact.json` metadata** → OD can reconstruct the artifact tree without a DB.
- **`history.jsonl` not SQLite** → append-only, git-friendly, greppable. [Open CoDesign][ocod] uses SQLite; we deliberately don't.
- **Sessions separate from artifacts** → sessions are ephemeral UI state; artifacts are durable.
@@ -195,7 +184,7 @@ Rationale:
3. Daemon:
a. picks active skill (prototype-skill)
b. loads design-system (DESIGN.md)
c. materializes a new artifact dir under ./.od/artifacts/<slug>/
c. materializes a new artifact through daemon-managed storage
d. invokes agent adapter with:
- system: skill's SKILL.md contents + DESIGN.md
- user: original prompt
@@ -242,13 +231,11 @@ Rationale:
| File | Purpose |
|---|---|
| `~/.open-design/config.toml` | daemon-global: default agent preference, keys (optional, BYOK), telemetry opt-in (default off) |
| `~/.open-design/agents.json` | cached agent detection results |
| `./.od/config.json` | project-local: active design system, preferred skills, preferred mode |
| `./skills/<skill>/SKILL.md` | skill manifest (standard Claude Code format) |
| `./DESIGN.md` | active design system ([awesome-claude-design][acd] format) |
All config is plain text / TOML / JSON — no binary formats, no sqlite. Reviewable in PRs.
Daemon data paths are governed only by root `AGENTS.md` → **Daemon data
directory contract**. Do not add config-path examples here.
## 7. Protocol between web and daemon
@@ -273,7 +260,7 @@ POST /api/artifacts/save
### Folder import
`POST /api/import/folder` creates a project rooted at an existing local
folder instead of the default `.od/projects/<id>/`. The submitted
folder instead of a daemon-managed project cwd. The submitted
`baseDir` is stored on `metadata.baseDir` and OD reads / writes directly
inside it — there is no copy or shadow tree. The user owns the workspace
and is responsible for their own version control (git, time machine,
@@ -285,11 +272,12 @@ Safety:
storage, so user-controlled symlinks cannot redirect later writes.
- Standard `resolveSafe` / `sanitizePath` checks apply on every write —
`metadata.baseDir` only changes the project root, not the bounds check.
- Imports inside `RUNTIME_DATA_DIR` (the daemon's own data directory) are
refused after symlink resolution.
- Imports inside daemon-owned storage are refused after symlink resolution.
Before documenting daemon storage paths, you MUST read root `AGENTS.md`
**Daemon data directory contract**.
- The file panel hides the conventional build / install dirs
(`node_modules .git dist build .next .nuxt .turbo .cache .output out
coverage __pycache__ .venv vendor target .od .tmp`) so the listing
coverage __pycache__ .venv vendor target .tmp`) so the listing
stays focused on design content.
Request / response types: `ImportFolderRequest`, `ImportFolderResponse`
@@ -408,7 +396,7 @@ When a reverse proxy sits in front of the daemon, `/api/*` includes SSE streams
services:
daemon:
image: openclaudedesign/daemon
volumes: [ "~/.open-design:/root/.open-design", "./:/workspace" ]
volumes: [ "./:/workspace" ]
ports: ["7456:7456"]
web:
image: openclaudedesign/web

View File

@@ -51,8 +51,9 @@ You have three ways to populate it without running Codex:
If `~/.codex/pets/` does not exist, the daemon does **not** auto-create
it — empty list is returned and the UI shows "no recently hatched pets
yet". Creating the directory is intentionally an explicit user step so
the daemon never writes outside `OD_DATA_DIR` / project-owned paths
without a user opting in.
the daemon does not write into external tool homes without a user opting in.
Before documenting daemon-owned write paths, you MUST read root `AGENTS.md`
**Daemon data directory contract**; this guide MUST NOT restate it.
## Manifest shape

View File

@@ -187,8 +187,8 @@ spec:
ports:
- containerPort: 7456
env:
- name: OD_DATA_DIR
value: /data
# Storage env vars are intentionally omitted here.
# Before setting them, you MUST read root AGENTS.md -> Daemon data directory contract.
- name: OD_BIND_HOST
value: "0.0.0.0" # required so the readinessProbe and Service can reach the daemon
- name: OD_API_TOKEN
@@ -198,9 +198,8 @@ spec:
key: api-token # required whenever OD_BIND_HOST is non-loopback
- name: OD_ALLOWED_ORIGINS
value: "https://design.example.cn" # set when fronting with an Ingress; daemon reads OD_*, not OPEN_DESIGN_*
volumeMounts:
- name: data
mountPath: /data
# Storage volume mounts are intentionally omitted here.
# Before adding them, you MUST read root AGENTS.md -> Daemon data directory contract.
readinessProbe:
httpGet: { path: /api/health, port: 7456 }
initialDelaySeconds: 10
@@ -226,7 +225,7 @@ spec:
Apply with `kubectl apply -f open-design.yaml`. Front the Service with an Ingress (NGINX Ingress Controller is preinstalled on ACK Pro) and an ACM-issued certificate. With `OD_API_TOKEN` set, every `/api/*` request from non-loopback origins must carry an `Authorization: Bearer <token>` header — wire that into your Ingress / proxy auth layer.
> **Note on `replicas: 1`:** the daemon writes SQLite at `.od/app.sqlite` (see [`AGENTS.md`](../../../AGENTS.md) FAQ "Where is data written?"). Running multiple replicas without shared storage will diverge state. A multi-replica ACK topology needs an external database; that is out of scope for this guide.
> **Note on `replicas: 1`:** before changing storage paths or shared persistent storage, you MUST read root [`AGENTS.md`](../../../AGENTS.md) → **Daemon data directory contract**. Running multiple replicas without shared persistent daemon storage will diverge state. A multi-replica ACK topology needs an external database; that is out of scope for this guide.
## Path C — ROS templates

View File

@@ -1,6 +1,6 @@
# Azure Container Instances
This guide deploys the Docker image to Azure Container Instances (ACI) with an Azure Files share mounted at `/app/.od` for persistent Open Design data.
This guide deploys the Docker image to Azure Container Instances (ACI) with persistent Open Design data. Before choosing or documenting any daemon data mount, read root `AGENTS.md`**Daemon data directory contract**. That section is mandatory and must not be restated here.
ACI is the daemon upstream in this topology. The browser-facing app URL must be served by an authenticated TLS reverse proxy that forwards traffic to ACI, injects the daemon bearer token on `/api/*` requests, and sends a browser origin listed in `OD_ALLOWED_ORIGINS`.
@@ -50,7 +50,7 @@ az deployment group create \
The template creates:
- Azure Storage account
- Azure Files share for `/app/.od`
- Azure Files share for persistent daemon storage. Before choosing or documenting its mount, you MUST read root `AGENTS.md`**Daemon data directory contract**.
- Linux Azure Container Instances container group
- Public upstream DNS name and TCP port `7456`
- Liveness probe against `/api/health`

View File

@@ -216,7 +216,7 @@ Außerdem:
## Commits & Pull Requests
- **Ein Anliegen pro PR.**
- **Titel ist imperativ + Scope.** `add dating-web skill`, `fix daemon SSE backpressure when CLI hangs`, `docs: clarify .od layout`.
- **Titel ist imperativ + Scope.** `add dating-web skill`, `fix daemon SSE backpressure when CLI hangs`, `docs: clarify storage contract`.
- **Nutzen Sie das PR-Template.** Füllen Sie jeden Abschnitt von [`.github/pull_request_template.md`](../../.github/pull_request_template.md) aus — Why, What users will see, Surface area, Screenshots (bei UI), Bug fix verification (bei Bugfix), Validation. Leere Abschnitte ergeben einen "please fill in"-Kommentar.
- **Body erklärt das Warum.** Der Diff zeigt oft das Was, aber selten den Grund.
- **Issue referenzieren**, falls vorhanden. Bei nicht-trivialen PRs ohne Issue bitte zuerst eines öffnen.

View File

@@ -356,7 +356,7 @@ Au-delà de ça :
- **Un seul sujet par PR.** Ajouter un Skill, refactorer le parser et bumper une
dépendance : ce sont trois PR.
- **Titre impératif + scope.** `add dating-web skill`,
`fix daemon SSE backpressure when CLI hangs`, `docs: clarify .od layout`.
`fix daemon SSE backpressure when CLI hangs`, `docs: clarify storage contract`.
- **Utilisez le template de PR.** Remplissez chaque section de
[`.github/pull_request_template.md`](../../.github/pull_request_template.md) — Why,
What users will see, Surface area, Screenshots (si UI), Bug fix verification

View File

@@ -212,7 +212,7 @@ design-systems/your-brand/
## コミットとプルリクエスト
- **PR 1 つにつき 1 つの関心事。** Skill の追加 + パーサーのリファクタリング + 依存関係のバンプは 3 つの PR です。
- **タイトルは命令形 + スコープ。** `add dating-web skill``fix daemon SSE backpressure when CLI hangs``docs: clarify .od layout`
- **タイトルは命令形 + スコープ。** `add dating-web skill``fix daemon SSE backpressure when CLI hangs``docs: clarify storage contract`
- **PR テンプレートを使用する。** [`.github/pull_request_template.md`](../../.github/pull_request_template.md) の各セクションWhy、What users will see、Surface area、ScreenshotsUI の場合、Bug fix verificationバグ修正の場合、Validationをすべて埋めてください。空欄のセクションには "please fill in" のコメントが付きます。
- **本文は「なぜ」を説明。** 「何をするか」は通常 diff から明らかです。「なぜこれが必要か」はほとんどの場合そうではありません。
- **issue がある場合は参照。** ない場合で、PR が自明でないなら、先に issue を作成して変更が求められていることを合意してから時間を費やしてください。

View File

@@ -244,7 +244,7 @@ node --experimental-strip-types scripts/sync-litellm-models.ts
## 커밋과 pull request
- **PR 하나에 관심사 하나.** skill 추가 + 파서 리팩터링 + 의존성 버전 업은 PR 세 개입니다.
- **제목은 명령형 + 범위.** `add dating-web skill`, `fix daemon SSE backpressure when CLI hangs`, `docs: clarify .od layout`처럼 씁니다.
- **제목은 명령형 + 범위.** `add dating-web skill`, `fix daemon SSE backpressure when CLI hangs`, `docs: clarify storage contract`처럼 씁니다.
- **PR 템플릿을 사용하세요.** [`.github/pull_request_template.md`](../../.github/pull_request_template.md)의 모든 섹션(Why, What users will see, Surface area, Screenshots(UI인 경우), Bug fix verification(버그 수정인 경우), Validation)을 채우세요. 빈 섹션에는 "채워주세요" 답변이 달립니다.
- **본문에는 이유를 적으세요.** "이게 뭘 하는지"는 보통 diff만 봐도 알 수 있습니다. 정작 드러나지 않는 것은 "이게 왜 있어야 하는지"입니다.
- **issue가 있다면 연결하세요.** issue가 없고 PR이 사소하지 않다면 먼저 issue를 열어주세요. 시간을 쏟기 전에 그 변경을 원하는지 합의할 수 있습니다.

View File

@@ -242,7 +242,7 @@ Além disso:
## Commits & pull requests
- **Uma preocupação por PR.** Adicionar uma skill + refatorar o parser + bumpar uma dep são três PRs.
- **Título é imperativo + escopo.** `add dating-web skill`, `fix daemon SSE backpressure when CLI hangs`, `docs: clarify .od layout`.
- **Título é imperativo + escopo.** `add dating-web skill`, `fix daemon SSE backpressure when CLI hangs`, `docs: clarify storage contract`.
- **Use o template de PR.** Preencha cada seção de [`.github/pull_request_template.md`](../../.github/pull_request_template.md) — Why, What users will see, Surface area, Screenshots (se UI), Bug fix verification (se correção de bug), Validation. Seções vazias ganham um comentário "please fill in".
- **Corpo explica o porquê.** "O que isso faz" geralmente é óbvio do diff; "por que isso precisa existir" raramente é.
- **Referencie uma issue** se houver. Se não houver e o PR for não-trivial, abra uma antes para combinarmos que a mudança é desejada antes de você gastar o tempo.

View File

@@ -233,7 +233,7 @@ node --experimental-strip-types scripts/sync-litellm-models.ts
## Commit 与 PR
- **一个 PR 只做一件事。** 加 skill + 重构 parser + 升依赖,是三个 PR。
- **标题用动词起头 + 范围。** `add dating-web skill``fix daemon SSE backpressure when CLI hangs``docs: clarify .od layout`
- **标题用动词起头 + 范围。** `add dating-web skill``fix daemon SSE backpressure when CLI hangs``docs: clarify storage contract`
- **使用 PR 模板。** 把 [`.github/pull_request_template.md`](../../.github/pull_request_template.md) 的每一节都填上 —— Why、What users will see、Surface area、Screenshots如果有 UI 改动、Bug fix verification如果是修 bug、Validation。留空的节会被 reviewer 回 "please fill in"。
- **正文解释 why。** 「这个 PR 改了什么」从 diff 一般能看出来;「为什么要改」很少能。
- **如果有 issue引用它。** 没有、且改动非平凡,请先开 issue 让我们先就「值不值得做」达成一致,再投入时间。

View File

@@ -45,7 +45,7 @@ Für die Desktop-Shell und alle verwalteten Sidecars im Hintergrund:
pnpm tools-dev # startet daemon + web + desktop im Hintergrund
```
Beim ersten Laden erkennt die App Ihre installierte Code-Agent-CLI (Claude Code / Codex / Gemini / OpenCode / Cursor Agent / Qwen), wählt sie automatisch und nutzt standardmäßig den `web-prototype` Skill sowie das `Neutral Modern` Design System. Geben Sie einen Prompt ein und klicken Sie auf **Senden**. Der Agent streamt in den linken Bereich; das `<artifact>` Tag wird herausgeparst und das HTML rechts live gerendert. Nach Abschluss können Sie das Artifact mit **Auf Datenträger speichern** unter `./.od/artifacts/<timestamp>-<slug>/index.html` speichern.
Beim ersten Laden erkennt die App Ihre installierte Code-Agent-CLI (Claude Code / Codex / Gemini / OpenCode / Cursor Agent / Qwen), wählt sie automatisch und nutzt standardmäßig den `web-prototype` Skill sowie das `Neutral Modern` Design System. Geben Sie einen Prompt ein und klicken Sie auf **Senden**. Der Agent streamt in den linken Bereich; das `<artifact>` Tag wird herausgeparst und das HTML rechts live gerendert. Nach Abschluss können Sie das Artifact mit **Auf Datenträger speichern** speichern. Bevor Sie einen Artifact-Speicherpfad dokumentieren oder ändern, MÜSSEN Sie `AGENTS.md` im Repository-Stamm lesen, Abschnitt **Daemon data directory contract**.
Das Dropdown **Designsystem** enthält 71 integrierte Systeme: 2 handgeschriebene Starter (Neutral Modern, Warm Editorial) und 69 Produktsysteme, importiert aus [`awesome-design-md`](https://github.com/VoltAgent/awesome-design-md), gruppiert nach Kategorie (AI & LLM, Developer Tools, Productivity, Backend, Design Tools, Fintech, E-Commerce, Media, Automotive). Wählen Sie eines aus, um jeden Prototyp in der Ästhetik dieser Marke zu gestalten.
@@ -196,25 +196,9 @@ OD_API_TOKEN=
## Dauerhafter Speicher
Open Design speichert Projekte und SQLite-Daten in einem Docker-Volume:
```text
open_design_data
```
Das Volume wird gemountet auf:
```text
/app/.od
```
Die Daten bleiben über Container-Neustarts und Image-Updates hinweg erhalten.
Volume inspizieren:
```bash
docker volume inspect open-design_open_design_data
```
Bevor Sie einen persistenten Daemon-Speicherpfad dokumentieren, ändern oder auswählen,
MÜSSEN Sie `AGENTS.md` im Repository-Stamm lesen, Abschnitt **Daemon data directory contract**.
Dieser Quickstart DARF diesen Vertrag NICHT wiederholen oder Speicherpfade definieren.
---
@@ -353,10 +337,6 @@ open-design/
│ └── …69 product systems # claude · cohere · linear-app · vercel · stripe · airbnb …
├── scripts/sync-design-systems.ts # re-import from upstream getdesign tarball
├── docs/ # product vision + spec
├── .od/ # runtime data (gitignored, auto-created)
│ ├── app.sqlite # projects / conversations / messages / tabs
│ ├── artifacts/ # one-off "Save to disk" renders
│ └── projects/<id>/ # per-project working dir + agent cwd
├── pnpm-workspace.yaml # apps/* + packages/* + tools/* + e2e
└── package.json # root quality scripts + `od` bin
```

View File

@@ -45,7 +45,7 @@ Pour le shell desktop et tous les sidecars gérés en arrière-plan :
pnpm tools-dev # démarre daemon + web + desktop en arrière-plan
```
Au premier chargement, lapp détecte votre CLI de coding agent installée (Claude Code / Codex / Devin for Terminal / Gemini / OpenCode / Cursor Agent / Qwen), la sélectionne automatiquement, puis utilise par défaut le Skill `web-prototype` et le Design System `Neutral Modern`. Tapez un prompt et cliquez sur **Send**. Les sorties de lagent saffichent en streaming dans le panneau gauche ; la balise `<artifact>` est extraite et le HTML saffiche en direct à droite. Une fois la génération terminée, cliquez sur **Save to disk** pour enregistrer lartifact sous `./.od/artifacts/<timestamp>-<slug>/index.html`.
Au premier chargement, lapp détecte votre CLI de coding agent installée (Claude Code / Codex / Devin for Terminal / Gemini / OpenCode / Cursor Agent / Qwen), la sélectionne automatiquement, puis utilise par défaut le Skill `web-prototype` et le Design System `Neutral Modern`. Tapez un prompt et cliquez sur **Send**. Les sorties de lagent saffichent en streaming dans le panneau gauche ; la balise `<artifact>` est extraite et le HTML saffiche en direct à droite. Une fois la génération terminée, cliquez sur **Save to disk** pour enregistrer lartifact. Avant de documenter ou de modifier un chemin de stockage dartifact, vous DEVEZ lire `AGENTS.md` à la racine, section **Daemon data directory contract**.
Le menu déroulant **Design System** charge les Design Systems depuis `design-systems/*/DESIGN.md` : starters écrits à la main, product systems intégrés et design skills normalisés. Choisissez-en un pour habiller chaque prototype dans lesthétique de cette marque.
@@ -197,25 +197,9 @@ OD_API_TOKEN=
## Stockage persistant
Open Design stocke les projets et les données SQLite dans un volume Docker :
```text
open_design_data
```
Le volume est monté sur :
```text
/app/.od
```
Les données persistent entre les redémarrages de conteneurs et les mises à jour d'image.
Inspectez le volume :
```bash
docker volume inspect open-design_open_design_data
```
Avant de documenter, modifier ou choisir un chemin de stockage persistant du daemon,
vous DEVEZ lire `AGENTS.md` à la racine, section **Daemon data directory contract**.
Ce Quickstart NE DOIT PAS répéter ce contrat ni définir de chemins de stockage.
---
@@ -354,10 +338,6 @@ open-design/
│ └── …systems # starters · product systems · design skills normalisés
├── scripts/sync-design-systems.ts # réimport depuis le tarball getdesign upstream
├── docs/ # vision produit + spec
├── .od/ # données runtime (gitignored, auto-créées)
│ ├── app.sqlite # projects / conversations / messages / tabs
│ ├── artifacts/ # rendus ponctuels "Save to disk"
│ └── projects/<id>/ # dossier de travail par projet + cwd de lagent
├── pnpm-workspace.yaml # apps/* + packages/* + tools/* + e2e
└── package.json # scripts qualité root + bin `od`
```

View File

@@ -45,7 +45,7 @@ pnpm tools-dev run web # daemon と web をフォアグラウンドで起動し
pnpm tools-dev # daemon + web + desktop をバックグラウンドで起動します
```
初回起動時、アプリはインストール済みのコードエージェント CLIClaude Code / Codex / Devin for Terminal / Gemini / OpenCode / Cursor Agent / Qwenを検出して自動選択し、デフォルトで `web-prototype` スキルと `Neutral Modern` デザインシステムを採用します。プロンプトを入力して **Send** を押してください。エージェントが左ペインにストリーミングし、`<artifact>` タグが解析されて HTML が右側にライブレンダリングされます。完了したら **Save to disk** をクリックして、アーティファクトを `./.od/artifacts/<timestamp>-<slug>/index.html` に永続化します
初回起動時、アプリはインストール済みのコードエージェント CLIClaude Code / Codex / Devin for Terminal / Gemini / OpenCode / Cursor Agent / Qwenを検出して自動選択し、デフォルトで `web-prototype` スキルと `Neutral Modern` デザインシステムを採用します。プロンプトを入力して **Send** を押してください。エージェントが左ペインにストリーミングし、`<artifact>` タグが解析されて HTML が右側にライブレンダリングされます。完了したら **Save to disk** をクリックして、アーティファクトを保存します。アーティファクトの保存パスを文書化または変更する前に、ルートの `AGENTS.md` にある **Daemon data directory contract** を必ず読んでください
**Design system** ドロップダウンには **129 のデザインシステム** が同梱されています — 手作りのスターター 2 種Neutral Modern、Warm Editorial、バンドルされた製品システム 70 種、[`awesome-design-skills`](https://github.com/bergside/awesome-design-skills) から取得した 57 のデザインスキルです。1 つを選ぶと、すべてのプロトタイプがそのブランドの美学でスキニングされます。
@@ -196,25 +196,9 @@ OD_API_TOKEN=
## 永続ストレージ
Open Design はプロジェクトと SQLite データを Docker ボリュームに保存します:
```text
open_design_data
```
ボリュームは以下にマウントされます:
```text
/app/.od
```
データはコンテナの再起動とイメージ更新後も保持されます。
ボリュームを確認:
```bash
docker volume inspect open-design_open_design_data
```
永続的なデーモン保存パスを文書化、変更、または選択する前に、
ルートの `AGENTS.md` にある **Daemon data directory contract** を必ず読んでください。
この Quickstart でその契約を繰り返したり、保存パスを定義したりしてはいけません。
---
@@ -353,10 +337,6 @@ open-design/
│ └── …129 systems # スターター 2 種 · 製品システム 70 種 · デザインスキル 57 種
├── scripts/sync-design-systems.ts # 上流の getdesign tarball から再インポート
├── docs/ # 製品ビジョン + 仕様
├── .od/ # ランタイムデータgitignore 済み、自動作成)
│ ├── app.sqlite # projects / conversations / messages / tabs
│ ├── artifacts/ # ワンショット "Save to disk" レンダリング
│ └── projects/<id>/ # プロジェクトごとの作業ディレクトリ + エージェント cwd
├── pnpm-workspace.yaml # apps/* + packages/* + tools/* + e2e
└── package.json # root quality スクリプト + `od` bin
```

View File

@@ -153,25 +153,9 @@ OD_API_TOKEN=
## 영구 저장소
Open Design은 프로젝트와 SQLite 데이터를 Docker 볼륨 안에 저장합니다.
```text
open_design_data
```
이 볼륨은 다음 경로에 마운트됩니다.
```text
/app/.od
```
데이터는 컨테이너를 재시작하거나 이미지를 업데이트해도 그대로 유지됩니다.
볼륨을 확인하려면:
```bash
docker volume inspect open-design_open_design_data
```
영구 daemon 저장 경로를 문서화하거나, 변경하거나, 선택하기 전에
반드시 루트 `AGENTS.md`의 **Daemon data directory contract**를 읽어야 합니다.
이 Quickstart는 그 계약을 다시 서술하거나 저장 경로를 정의해서는 안 됩니다.
---
@@ -198,7 +182,7 @@ pnpm tools-dev run web # daemon + web을 포그라운드로 시작합니다
pnpm tools-dev # daemon + web + desktop을 백그라운드로 시작합니다
```
처음 로드하면 앱은 설치된 코드 에이전트 CLI(Claude Code / Codex / Devin for Terminal / Gemini / OpenCode / Cursor Agent / Qwen / Qoder CLI)를 감지해 자동으로 선택하고, 기본값으로 `web-prototype` skill과 `Neutral Modern` 디자인 시스템을 씁니다. 프롬프트를 입력하고 **Send**를 누르세요. 에이전트 왼쪽 패널에 스트리밍되고, `<artifact>` 태그가 파싱되면서 HTML이 오른쪽에 실시간으로 렌더링됩니다. 작업이 끝나면 **Save to disk**를 눌러 artifact를 `./.od/artifacts/<timestamp>-<slug>/index.html`에 저장하세요.
처음 로드할 때 앱은 설치된 코드 에이전트 CLI(Claude Code / Codex / Gemini / OpenCode / Cursor Agent / Qwen)를 감지해 자동으로 선택하고, 기본값으로 `web-prototype` skill과 `Neutral Modern` design system을 사용합니다. 프롬프트를 입력하고 **Send**를 누르세요. 에이전트 출력은 왼쪽 패널에 스트리밍되고, `<artifact>` 태그가 파싱되 HTML이 오른쪽에 실시간으로 렌더링됩니다. 완료되면 **Save to disk** artifact를 저장할 수 있습니다. artifact 저장 경로를 문서화하거나 변경하기 전에 반드시 루트 `AGENTS.md`의 **Daemon data directory contract**를 읽어야 합니다.
**Design system** 드롭다운에는 71개의 내장 시스템이 들어 있습니다. 직접 작성한 스타터 2개(Neutral Modern, Warm Editorial)와 [`awesome-design-md`](https://github.com/VoltAgent/awesome-design-md)에서 가져온 69개의 제품 시스템으로, 카테고리별(AI & LLM, Developer Tools, Productivity, Backend, Design Tools, Fintech, E-Commerce, Media, Automotive)로 묶여 있습니다. 하나를 고르면 모든 프로토타입이 그 브랜드의 미감으로 입혀집니다. 여기에 [`awesome-design-skills`](https://github.com/bergside/awesome-design-skills)에서 가져온 57개의 디자인 skill도 함께 제공됩니다.
@@ -357,10 +341,6 @@ open-design/
│ └── …129개 시스템 # 스타터 2개 · 제품 시스템 70개 · 디자인 skill 57개
├── scripts/sync-design-systems.ts # 업스트림 getdesign tarball에서 다시 import
├── docs/ # 제품 비전 + 스펙
├── .od/ # 런타임 데이터 (gitignore 처리, 자동 생성)
│ ├── app.sqlite # 프로젝트 / 대화 / 메시지 / 탭
│ ├── artifacts/ # 일회성 "Save to disk" 렌더링
│ └── projects/<id>/ # 프로젝트별 작업 디렉터리 + 에이전트 cwd
├── pnpm-workspace.yaml # apps/* + packages/* + tools/* + e2e
└── package.json # 루트 품질 스크립트 + `od` bin
```

View File

@@ -45,7 +45,7 @@ Para a shell desktop e todos os sidecars gerenciados em background:
pnpm tools-dev # starts daemon + web + desktop in the background
```
No primeiro carregamento, o app detecta o CLI de agente instalado (Claude Code / Codex / Devin for Terminal / Gemini / OpenCode / Cursor Agent / Qwen), seleciona automaticamente e usa por padrão o skill `web-prototype` + design system `Neutral Modern`. Digite um prompt e clique em **Send**. O agente faz streaming no painel da esquerda; a tag `<artifact>` é parseada e o HTML é renderizado ao vivo na direita. Ao terminar, clique em **Save to disk** para persistir o artifact em `./.od/artifacts/<timestamp>-<slug>/index.html`.
No primeiro carregamento, o app detecta o CLI de agente instalado (Claude Code / Codex / Devin for Terminal / Gemini / OpenCode / Cursor Agent / Qwen), seleciona automaticamente e usa por padrão o skill `web-prototype` + design system `Neutral Modern`. Digite um prompt e clique em **Send**. O agente faz streaming no painel da esquerda; a tag `<artifact>` é parseada e o HTML é renderizado ao vivo na direita. Ao terminar, clique em **Save to disk** para persistir o artifact. Antes de documentar ou alterar qualquer caminho de armazenamento de artifact, você DEVE ler o `AGENTS.md` na raiz, seção **Daemon data directory contract**.
O dropdown **Design system** vem com **129 design systems** — 2 starters escritos à mão (Neutral Modern, Warm Editorial), 70 sistemas de produto bundled e 57 design skills vindos de [`awesome-design-skills`](https://github.com/bergside/awesome-design-skills). Escolha um para vestir cada protótipo na estética daquela marca.
@@ -196,25 +196,9 @@ OD_API_TOKEN=
## Armazenamento persistente
O Open Design armazena projetos e dados SQLite dentro de um volume Docker:
```text
open_design_data
```
O volume é montado em:
```text
/app/.od
```
Os dados persistem entre reinicializações de contêineres e atualizações de imagem.
Inspecione o volume:
```bash
docker volume inspect open-design_open_design_data
```
Antes de documentar, alterar ou escolher qualquer caminho persistente de armazenamento do daemon,
você DEVE ler o `AGENTS.md` na raiz, seção **Daemon data directory contract**.
Este Quickstart NÃO DEVE repetir esse contrato nem definir caminhos de armazenamento.
---
@@ -353,10 +337,6 @@ open-design/
│ └── …129 systems # 2 starters · 70 product systems · 57 design skills
├── scripts/sync-design-systems.ts # re-import from upstream getdesign tarball
├── docs/ # product vision + spec
├── .od/ # runtime data (gitignored, auto-created)
│ ├── app.sqlite # projects / conversations / messages / tabs
│ ├── artifacts/ # one-off "Save to disk" renders
│ └── projects/<id>/ # per-project working dir + agent cwd
├── pnpm-workspace.yaml # apps/* + packages/* + tools/* + e2e
└── package.json # root quality scripts + `od` bin
```

View File

@@ -45,7 +45,7 @@ pnpm tools-dev run web # 在前台启动 daemon + web
pnpm tools-dev # 在后台启动 daemon + web + desktop
```
首次加载时,应用会扫描已安装的 code-agent CLIClaude Code / Codex / Devin for Terminal / Gemini / OpenCode / Cursor Agent / Qwen / Qoder CLI并自动选择其中之一默认使用 `web-prototype` skill 与 `Neutral Modern` design system。输入 prompt点击 **Send**。Agent 将以流式方式输出至左侧面板;`<artifact>` 标签会被解析HTML 在右侧实时渲染。运行完成后,点击 **Save to disk**artifact 将被写入磁盘 `./.od/artifacts/<timestamp>-<slug>/index.html`
首次加载时,应用会扫描已安装的 code-agent CLIClaude Code / Codex / Devin for Terminal / Gemini / OpenCode / Cursor Agent / Qwen / Qoder CLI并自动选择其中之一默认使用 `web-prototype` skill 与 `Neutral Modern` design system。输入 prompt点击 **Send**。Agent 将以流式方式输出至左侧面板;`<artifact>` 标签会被解析HTML 在右侧实时渲染。运行完成后,点击 **Save to disk** 保存 artifact。在记录或修改任何 artifact 存储路径之前,必须阅读仓库根目录 `AGENTS.md` 中的 **Daemon data directory contract**
**Design system** 下拉框内置 **129 套 design system** —— 包含 2 套手工编写的 starterNeutral Modern、Warm Editorial、70 套打包的产品级系统,以及来自 [`awesome-design-skills`](https://github.com/bergside/awesome-design-skills) 的 57 个 design skill。选择任意一套所有原型都会应用该品牌的视觉风格。
@@ -196,25 +196,9 @@ OD_API_TOKEN=
## 持久化存储
Open Design 将项目和 SQLite 数据存储在 Docker 卷中:
```text
open_design_data
```
该卷挂载到:
```text
/app/.od
```
数据在容器重启和镜像更新后持续保留。
查看卷:
```bash
docker volume inspect open-design_open_design_data
```
在记录、修改或选择任何持久 daemon 存储路径之前,
必须阅读仓库根目录 `AGENTS.md` 中的 **Daemon data directory contract**。
本 Quickstart 不得重复该契约,也不得定义存储路径。
---
@@ -353,10 +337,6 @@ open-design/
│ └── …129 systems # 2 套 starter · 70 套产品系统 · 57 个 design skill
├── scripts/sync-design-systems.ts # 从上游 getdesign tarball 重新导入
├── docs/ # 产品愿景 + spec
├── .od/ # runtime 数据gitignore自动创建
│ ├── app.sqlite # projects / conversations / messages / tabs
│ ├── artifacts/ # 一次性 "Save to disk" 产物
│ └── projects/<id>/ # 按 project 划分的工作目录 + agent cwd
├── pnpm-workspace.yaml # apps/* + packages/* + tools/* + e2e
└── package.json # 根级质量脚本 + `od` bin
```

View File

@@ -45,7 +45,7 @@ pnpm tools-dev run web # 在前景啟動 daemon + web
pnpm tools-dev # 在背景啟動 daemon + web + desktop
```
首次載入時,應用程式會掃描已安裝的 code-agent CLIClaude Code / Codex / Devin for Terminal / Gemini / OpenCode / Cursor Agent / Qwen / Qoder CLI並自動選擇其中之一預設使用 `web-prototype` skill 與 `Neutral Modern` design system。輸入 prompt點擊 **Send**。Agent 將以串流方式輸出至左側面板;`<artifact>` 標籤會被解析HTML 在右側即時渲染。執行完成後,點擊 **Save to disk**artifact 將被寫入磁碟 `./.od/artifacts/<timestamp>-<slug>/index.html`
首次載入時,應用程式會掃描已安裝的 code-agent CLIClaude Code / Codex / Devin for Terminal / Gemini / OpenCode / Cursor Agent / Qwen / Qoder CLI並自動選擇其中之一預設使用 `web-prototype` skill 與 `Neutral Modern` design system。輸入 prompt點擊 **Send**。Agent 將以串流方式輸出至左側面板;`<artifact>` 標籤會被解析HTML 在右側即時渲染。執行完成後,點擊 **Save to disk** 儲存 artifact。在記錄或修改任何 artifact 儲存路徑之前,必須閱讀儲存庫根目錄 `AGENTS.md` 中的 **Daemon data directory contract**
**Design system** 下拉選單內建 **129 套 design system** —— 包含 2 套手工編寫的 starterNeutral Modern、Warm Editorial、70 套打包的產品級系統,以及來自 [`awesome-design-skills`](https://github.com/bergside/awesome-design-skills) 的 57 個 design skill。選擇任意一套所有原型都會應用該品牌的視覺風格。
@@ -196,25 +196,9 @@ OD_API_TOKEN=
## 持久化儲存
Open Design 將專案和 SQLite 資料儲存在 Docker 卷中:
```text
open_design_data
```
該卷掛載到:
```text
/app/.od
```
資料在容器重新啟動和映像檔更新後持續保留。
檢視卷:
```bash
docker volume inspect open-design_open_design_data
```
在記錄、修改或選擇任何持久 daemon 儲存路徑之前,
必須閱讀儲存庫根目錄 `AGENTS.md` 中的 **Daemon data directory contract**。
本 Quickstart 不得重述該契約,也不得定義儲存路徑。
---
@@ -353,10 +337,6 @@ open-design/
│ └── …129 systems # 2 套 starter · 70 套產品系統 · 57 個 design skill
├── scripts/sync-design-systems.ts # 從上游 getdesign tarball 重新匯入
├── docs/ # 產品願景 + spec
├── .od/ # runtime 資料gitignore自動建立
│ ├── app.sqlite # 專案 / 對話 / 訊息 / 分頁
│ ├── artifacts/ # 一次性 "Save to disk" 產物
│ └── projects/<id>/ # 按專案劃分的工作目錄 + agent cwd
├── pnpm-workspace.yaml # apps/* + packages/* + tools/* + e2e
└── package.json # 頂層品質腳本 + `od` bin
```

View File

@@ -266,7 +266,7 @@
- 🤖 **أصيل للوكلاء، محايد تجاه النموذج.** نحن لا نشحن وكيلًا. أدوات `claude` / `codex` / `cursor-agent` / `copilot` / `hermes` / `kimi` الموجودة أصلًا في `PATH` لديك هي محرك التصميم. بدّلها بنقرة واحدة.
- 🧠 **بجودة العلامة التجارية افتراضيًا.** كل عملية تصيير تقرأ ملف `DESIGN.md` النشِط — وهو مخطط من 9 أقسام يغطي لوحة الألوان والخطوط والمباعدة والحركة والنبرة والأنماط المضادة. يُشحَن مع المستودع 150 نظامًا (Linear وStripe وVercel وAirbnb وApple وTesla وNotion وAnthropic وCursor وSupabase وFigma…). أسقِط مجلدًا، فيعثر عليه المُنتقي.
- 🖥️ **محلي أولًا، BYOK في كل طبقة.** تطبيقات سطح مكتب أصلية لـ macOS (Apple Silicon + Intel) وWindows (x64). Linux AppImage على مسار الإصدار الاختياري. SQLite في `.od/app.sqlite`، والملفات في `.od/projects/<id>/`، بلا قياس عن بُعد، بلا ذهاب وإياب سحابي.
- 🖥️ **محلي أولًا، BYOK في كل طبقة.** تظل تطبيقات سطح المكتب الأصلية محلية أولًا بلا ذهاب وإياب إلى السحابة. قبل وصف مسارات بيانات الـ daemon، يجب قراءة `AGENTS.md` في جذر المستودع، قسم **Daemon data directory contract**.
- 🌍 **قابل للتركيب على ثلاثة مستويات.** **الإضافات** تحمل سير عمل قابلًا للتشغيل · **المهارات** تحمل ذوق الوكيل التصميمي · **أنظمة التصميم** تحمل العلامة التجارية. وكلها ملفات عادية يمكن لأي شخص تأليفها وإصدارها ونشرها.
- 🔁 **حدِّث قاعدة شفرة موجودة.** سلّم مستودع `git` + ملف `DESIGN.md` إلى الوكيل، فيعيد هيكلة مكوناتك الحقيقية وفق مواصفة العلامة التجارية. تنقل إضافات مخصّصة سير عمل Figma / Pencil إلى شفرة React / Next.js / Vue.
- 🔒 **الخصوصية عن قناعة.** كل شيء يعمل حيث تقيم بياناتك — حاسوبك المحمول، أو خادم فريقك، أو مشروع Vercel الخاص بك. وعند الحاجة إلى الشبكة، يكون وكيل BYOK محميًا ضد SSRF.
@@ -538,7 +538,7 @@ pnpm guard && pnpm --filter @open-design/plugin-runtime typecheck
│ /api/import/claude-design │
│ MCP stdio server │
└─────────┬───────────────────────┘
│ spawn(cli, [...], { cwd: .od/projects/<id> })
│ spawn(cli, [...], { cwd: managed project cwd })
┌──────────────────────────────────────────────────────────────────┐
│ claude · codex · cursor-agent · copilot · openclaw · antigravity ·│
@@ -552,7 +552,7 @@ pnpm guard && pnpm --filter @open-design/plugin-runtime typecheck
|---|---|
| الواجهة الأمامية | Next.js 16 App Router + React 18 + TypeScript |
| الـ Daemon | Node 24 · Express · بثّ SSE · `better-sqlite3` |
| التخزين | الملفات في `.od/projects/<id>/` + SQLite في `.od/app.sqlite` + `media-config.json` (مستبعَد من git، يُنشَأ تلقائيًا). يعيد `OD_DATA_DIR` تحديد موقع كل شيء. |
| التخزين | قبل تغيير أو توثيق مسارات تخزين الـ daemon، يجب قراءة `AGENTS.md` في جذر المستودع، قسم **Daemon data directory contract**. يجب ألا يعيد هذا README صياغته. |
| المعاينة | iframe معزول بـ `srcdoc` + محلّل `<artifact>` يعمل بالبثّ |
| التصدير | HTML (مضمَّن) · PDF (طباعة المتصفح) · PPTX (يقوده الوكيل) · ZIP · Markdown · MP4 (HyperFrames) |
| سطح المكتب | غلاف Electron + مُصيِّر معزول + IPC جانبي (STATUS · EVAL · SCREENSHOT · CONSOLE · CLICK · SHUTDOWN) |

View File

@@ -264,7 +264,7 @@ Open Design (OD) ist die quelloffene Alternative. Dieselbe Schleife, dasselbe ar
- 🤖 **Agent-native, modellunabhängig.** Wir liefern keinen Agent. Die `claude` / `codex` / `cursor-agent` / `copilot` / `hermes` / `kimi`, die bereits in deinem `PATH` liegen, sind die Design-Engine. Mit einem Klick wechseln.
- 🧠 **Markenreif von Haus aus.** Jedes Rendering liest die aktive `DESIGN.md` — ein 9-teiliges Schema, das Farbpalette, Typografie, Abstände, Bewegung, Stimme und Anti-Patterns abdeckt. 150 Systeme werden mit dem Repo ausgeliefert (Linear, Stripe, Vercel, Airbnb, Apple, Tesla, Notion, Anthropic, Cursor, Supabase, Figma…). Lege einen Ordner ab, der Picker findet ihn.
- 🖥️ **Local-first, BYOK auf jeder Ebene.** Native Desktop-Apps für macOS (Apple Silicon + Intel) und Windows (x64). Linux-AppImage auf der optionalen Release-Spur. SQLite unter `.od/app.sqlite`, Dateien unter `.od/projects/<id>/`, keine Telemetrie, kein Cloud-Roundtrip.
- 🖥️ **Local-first, BYOK auf jeder Ebene.** Native Desktop-Apps bleiben local-first, ohne Cloud-Roundtrip. Bevor Sie Daemon-Datenpfade beschreiben, MÜSSEN Sie `AGENTS.md` im Repository-Stamm lesen, Abschnitt **Daemon data directory contract**.
- 🌍 **Komponierbar auf drei Ebenen.** **Plugins** tragen lauffähige Workflows · **Skills** tragen den Design-Geschmack des Agents · **Designsysteme** tragen die Marke. Alle drei sind einfache Dateien, die jeder erstellen, versionieren und veröffentlichen kann.
- 🔁 **Eine bestehende Codebasis auffrischen.** Übergib dem Agent ein `git`-Repo + `DESIGN.md`, und er refaktoriert deine echten Komponenten auf die Markenvorgabe. Dedizierte Plugins migrieren Figma- / Pencil-Workflows in React- / Next.js- / Vue-Code.
- 🔒 **Datenschutz aus Überzeugung.** Alles läuft dort, wo deine Daten liegen — dein Laptop, der Server deines Teams, dein Vercel-Projekt. Wenn das Netzwerk gebraucht wird, ist der BYOK-Proxy SSRF-geschützt.
@@ -536,7 +536,7 @@ Plugin-Registry-Endpunkt: `GET /api/plugins`. Verzeichnisübersicht → [`plugin
│ /api/import/claude-design │
│ MCP stdio server │
└─────────┬───────────────────────┘
│ spawn(cli, [...], { cwd: .od/projects/<id> })
│ spawn(cli, [...], { cwd: managed project cwd })
┌──────────────────────────────────────────────────────────────────┐
│ claude · codex · cursor-agent · copilot · openclaw · antigravity ·│
@@ -550,7 +550,7 @@ Plugin-Registry-Endpunkt: `GET /api/plugins`. Verzeichnisübersicht → [`plugin
|---|---|
| Frontend | Next.js 16 App Router + React 18 + TypeScript |
| Daemon | Node 24 · Express · SSE-Streaming · `better-sqlite3` |
| Speicher | Dateien unter `.od/projects/<id>/` + SQLite unter `.od/app.sqlite` + `media-config.json` (gitignored, automatisch erstellt). `OD_DATA_DIR` verschiebt alles. |
| Speicher | Bevor Sie Daemon-Speicherpfade ändern oder dokumentieren, MÜSSEN Sie `AGENTS.md` im Repository-Stamm lesen, Abschnitt **Daemon data directory contract**. Dieses README DARF ihn NICHT wiederholen. |
| Vorschau | Sandboxed `srcdoc`-iframe + Streaming-`<artifact>`-Parser |
| Export | HTML (eingebettet) · PDF (Browser-Druck) · PPTX (agentengesteuert) · ZIP · Markdown · MP4 (HyperFrames) |
| Desktop | Electron-Shell + Sandboxed Renderer + Sidecar-IPC (STATUS · EVAL · SCREENSHOT · CONSOLE · CLICK · SHUTDOWN) |

View File

@@ -264,7 +264,7 @@ Open Design (OD) es la alternativa de código abierto. El mismo bucle, el mismo
- 🤖 **Agent-native, agnóstico al modelo.** No distribuimos un agente. Los `claude` / `codex` / `cursor-agent` / `copilot` / `hermes` / `kimi` que ya están en tu `PATH` son el motor de diseño. Cámbialos con un clic.
- 🧠 **Calidad de marca por defecto.** Cada render lee el `DESIGN.md` activo — un esquema de 9 secciones que cubre paleta, tipografía, espaciado, movimiento, voz y antipatrones. 150 sistemas se incluyen en el repo (Linear, Stripe, Vercel, Airbnb, Apple, Tesla, Notion, Anthropic, Cursor, Supabase, Figma…). Suelta una carpeta y el selector la encuentra.
- 🖥️ **Local-first, BYOK en cada capa.** Apps de escritorio nativas para macOS (Apple Silicon + Intel) y Windows (x64). AppImage de Linux en la vía de lanzamiento opcional. SQLite en `.od/app.sqlite`, archivos en `.od/projects/<id>/`, sin telemetría, sin viajes de ida y vuelta a la nube.
- 🖥️ **Local-first, BYOK en cada capa.** Las apps de escritorio nativas siguen siendo local-first, sin ida y vuelta a la nube. Antes de describir rutas de datos del daemon, DEBES leer `AGENTS.md` en la raíz, sección **Daemon data directory contract**.
- 🌍 **Componible en tres planos.** Los **plugins** llevan flujos de trabajo ejecutables · los **skills** llevan el gusto de diseño del agente · los **sistemas de diseño** llevan la marca. Los tres son archivos planos que cualquiera puede crear, versionar y publicar.
- 🔁 **Renueva una base de código existente.** Entrégale un repo `git` + `DESIGN.md` al agente y refactoriza tus componentes reales según la especificación de marca. Plugins dedicados migran flujos de Figma / Pencil a código React / Next.js / Vue.
- 🔒 **Privacidad por convicción.** Todo se ejecuta donde viven tus datos — tu laptop, el servidor de tu equipo, tu proyecto de Vercel. Cuando se necesita la red, el proxy BYOK está protegido contra SSRF.
@@ -536,7 +536,7 @@ Endpoint del registro de plugins: `GET /api/plugins`. Resumen del directorio →
│ /api/import/claude-design │
│ MCP stdio server │
└─────────┬───────────────────────┘
│ spawn(cli, [...], { cwd: .od/projects/<id> })
│ spawn(cli, [...], { cwd: managed project cwd })
┌──────────────────────────────────────────────────────────────────┐
│ claude · codex · cursor-agent · copilot · openclaw · antigravity ·│
@@ -550,7 +550,7 @@ Endpoint del registro de plugins: `GET /api/plugins`. Resumen del directorio →
|---|---|
| Frontend | Next.js 16 App Router + React 18 + TypeScript |
| Daemon | Node 24 · Express · streaming SSE · `better-sqlite3` |
| Almacenamiento | Archivos en `.od/projects/<id>/` + SQLite en `.od/app.sqlite` + `media-config.json` (gitignored, creado automáticamente). `OD_DATA_DIR` reubica todo. |
| Almacenamiento | Antes de cambiar o documentar rutas de almacenamiento del daemon, DEBES leer `AGENTS.md` en la raíz, sección **Daemon data directory contract**. Este README NO DEBE repetirlo. |
| Vista previa | Iframe `srcdoc` en entorno aislado + analizador de `<artifact>` por streaming |
| Exportación | HTML (incorporado) · PDF (impresión del navegador) · PPTX (impulsado por el agente) · ZIP · Markdown · MP4 (HyperFrames) |
| Escritorio | Electron shell + renderizador en entorno aislado + IPC de sidecar (STATUS · EVAL · SCREENSHOT · CONSOLE · CLICK · SHUTDOWN) |

View File

@@ -264,7 +264,7 @@ Open Design (OD) est l'alternative open source. La même boucle, le même modèl
- 🤖 **Agent-native, agnostique au modèle.** Nous ne livrons pas d'agent. Les `claude` / `codex` / `cursor-agent` / `copilot` / `hermes` / `kimi` déjà présents dans votre `PATH` sont le moteur de design. Changez-en d'un seul clic.
- 🧠 **Qualité professionnelle par défaut.** Chaque rendu lit le `DESIGN.md` actif — un schéma en 9 sections couvrant palette, typographie, espacement, mouvement, voix, anti-patterns. 150 systèmes sont fournis avec le dépôt (Linear, Stripe, Vercel, Airbnb, Apple, Tesla, Notion, Anthropic, Cursor, Supabase, Figma…). Déposez un dossier, le sélecteur le trouve.
- 🖥️ **Local-first, BYOK à chaque couche.** Applications de bureau natives pour macOS (Apple Silicon + Intel) et Windows (x64). AppImage Linux sur la voie de publication optionnelle. SQLite à `.od/app.sqlite`, fichiers à `.od/projects/<id>/`, aucune télémétrie, aucun aller-retour vers le cloud.
- 🖥️ **Local-first, BYOK à chaque couche.** Les applications de bureau natives restent local-first, sans aller-retour vers le cloud. Avant de décrire des chemins de données du daemon, vous DEVEZ lire `AGENTS.md` à la racine, section **Daemon data directory contract**.
- 🌍 **Composable sur trois plans.** Les **plugins** portent des workflows exécutables · les **skills** portent le goût du design de l'agent · les **systèmes de design** portent la marque. Tous trois sont de simples fichiers que n'importe qui peut écrire, versionner et publier.
- 🔁 **Rafraîchissez une base de code existante.** Confiez un dépôt `git` + un `DESIGN.md` à l'agent et il refactorise vos vrais composants selon les spécifications de la marque. Des plugins dédiés migrent les workflows Figma / Pencil vers du code React / Next.js / Vue.
- 🔒 **Confidentialité par conviction.** Tout s'exécute là où vivent vos données — votre ordinateur, le serveur de votre équipe, votre projet Vercel. Lorsque le réseau est nécessaire, le proxy BYOK est protégé contre la SSRF.
@@ -536,7 +536,7 @@ Point de terminaison du registre des plugins : `GET /api/plugins`. Vue d'ensembl
│ /api/import/claude-design │
│ MCP stdio server │
└─────────┬───────────────────────┘
│ spawn(cli, [...], { cwd: .od/projects/<id> })
│ spawn(cli, [...], { cwd: managed project cwd })
┌──────────────────────────────────────────────────────────────────┐
│ claude · codex · cursor-agent · copilot · openclaw · antigravity ·│
@@ -550,7 +550,7 @@ Point de terminaison du registre des plugins : `GET /api/plugins`. Vue d'ensembl
|---|---|
| Frontend | Next.js 16 App Router + React 18 + TypeScript |
| Daemon | Node 24 · Express · streaming SSE · `better-sqlite3` |
| Stockage | Fichiers à `.od/projects/<id>/` + SQLite à `.od/app.sqlite` + `media-config.json` (gitignored, créé automatiquement). `OD_DATA_DIR` relocalise l'ensemble. |
| Stockage | Avant de modifier ou de documenter des chemins de stockage du daemon, vous DEVEZ lire `AGENTS.md` à la racine, section **Daemon data directory contract**. Ce README NE DOIT PAS le répéter. |
| Aperçu | iframe `srcdoc` sandboxée + parseur `<artifact>` en flux |
| Export | HTML (intégré) · PDF (impression navigateur) · PPTX (piloté par l'agent) · ZIP · Markdown · MP4 (HyperFrames) |
| Bureau | Coque Electron + renderer sandboxé + IPC sidecar (STATUS · EVAL · SCREENSHOT · CONSOLE · CLICK · SHUTDOWN) |

View File

@@ -264,7 +264,7 @@ Open Design (OD) はそのオープンソースの代替ツールです。同じ
- 🤖 **エージェントネイティブ、モデル非依存。** 私たちはエージェントを同梱しません。すでにあなたの `PATH` にある `claude` / `codex` / `cursor-agent` / `copilot` / `hermes` / `kimi` がデザインエンジンです。ワンクリックで差し替えられます。
- 🧠 **デフォルトでブランドグレード。** すべてのレンダリングはアクティブな `DESIGN.md` を読み取ります——パレット、タイポグラフィ、スペーシング、モーション、ボイス、アンチパターンをカバーする 9 セクションのスキーマです。150 のシステムがリポジトリに同梱されていますLinear、Stripe、Vercel、Airbnb、Apple、Tesla、Notion、Anthropic、Cursor、Supabase、Figma…。フォルダをドロップすれば、ピッカーがそれを見つけます。
- 🖥️ **ローカルファースト、あらゆるレイヤーで BYOK。** macOSApple Silicon + Intelと Windowsx64向けのネイティブデスクトップアプリ。Linux AppImage はオプションのリリースレーンで提供。SQLite は `.od/app.sqlite`、ファイルは `.od/projects/<id>/` に置かれ、テレメトリもクラウドへの往復もありません
- 🖥️ **ローカルファースト、あらゆるレイヤーで BYOK。** ネイティブデスクトップアプリはクラウドへの往復なしにローカルファーストのままです。デーモンデータパスを説明する前に、ルートの `AGENTS.md` にある **Daemon data directory contract** を必ず読んでください
- 🌍 **3 つの平面で組み合わせ可能。** **プラグイン**は実行可能なワークフローを運び · **スキル**はエージェントのデザインの審美眼を運び · **デザインシステム**はブランドを運びます。これら 3 つはすべて、誰もが作成・バージョン管理・公開できるプレーンファイルです。
- 🔁 **既存のコードベースをリフレッシュ。** `git` リポジトリ + `DESIGN.md` をエージェントに渡せば、あなたの実際のコンポーネントをブランド仕様にリファクタリングします。専用のプラグインが Figma / Pencil のワークフローを React / Next.js / Vue のコードへと移行します。
- 🔒 **信念としてのプライバシー。** すべてがあなたのデータのある場所——あなたのラップトップ、チームのサーバー、Vercel プロジェクト——で動作します。ネットワークが必要なときも、BYOK プロキシは SSRF からガードされています。
@@ -536,7 +536,7 @@ pnpm guard && pnpm --filter @open-design/plugin-runtime typecheck
│ /api/import/claude-design │
│ MCP stdio server │
└─────────┬───────────────────────┘
│ spawn(cli, [...], { cwd: .od/projects/<id> })
│ spawn(cli, [...], { cwd: managed project cwd })
┌──────────────────────────────────────────────────────────────────┐
│ claude · codex · cursor-agent · copilot · openclaw · antigravity ·│
@@ -550,7 +550,7 @@ pnpm guard && pnpm --filter @open-design/plugin-runtime typecheck
|---|---|
| フロントエンド | Next.js 16 App Router + React 18 + TypeScript |
| デーモン | Node 24 · Express · SSE ストリーミング · `better-sqlite3` |
| ストレージ | ファイルは `.od/projects/<id>/` + SQLite は `.od/app.sqlite` + `media-config.json`gitignore 対象、自動作成)。`OD_DATA_DIR` ですべてを再配置できます。 |
| ストレージ | デーモンのストレージパスを変更または文書化する前に、ルートの `AGENTS.md` にある **Daemon data directory contract** を必ず読んでください。この README でそれを繰り返してはいけません。 |
| プレビュー | サンドボックス化された `srcdoc` iframe + ストリーミング `<artifact>` パーサー |
| エクスポート | HTMLインライン化 · PDFブラウザ印刷 · PPTXエージェント駆動 · ZIP · Markdown · MP4HyperFrames |
| デスクトップ | Electron シェル + サンドボックス化されたレンダラー + サイドカー IPCSTATUS · EVAL · SCREENSHOT · CONSOLE · CLICK · SHUTDOWN |

View File

@@ -264,7 +264,7 @@ Open Design(OD)는 그 오픈소스 대안입니다. 같은 루프, 같은 아
- 🤖 **에이전트 네이티브, 모델에 구애받지 않음.** 우리는 에이전트를 제공하지 않습니다. 이미 당신의 `PATH`에 있는 `claude` / `codex` / `cursor-agent` / `copilot` / `hermes` / `kimi`가 디자인 엔진입니다. 한 번의 클릭으로 교체하세요.
- 🧠 **기본부터 브랜드급.** 모든 렌더는 활성 `DESIGN.md`를 읽습니다 — 팔레트, 타이포그래피, 간격, 모션, 보이스, 안티패턴을 다루는 9개 섹션 스키마입니다. 150개 시스템이 저장소와 함께 제공됩니다(Linear, Stripe, Vercel, Airbnb, Apple, Tesla, Notion, Anthropic, Cursor, Supabase, Figma…). 폴더 하나만 넣으면 피커가 찾아냅니다.
- 🖥️ **로컬 우선, 모든 계층에서 BYOK.** macOS(Apple Silicon + Intel)와 Windows(x64)용 네이티브 데스크톱 앱. 선택적 릴리스 레인에는 Linux AppImage가 있습니다. SQLite는 `.od/app.sqlite`에, 파일은 `.od/projects/<id>/`에 저장되며, 텔레메트리도 클라우드 왕복도 없습니다.
- 🖥️ **로컬 우선, 모든 계층에서 BYOK.** 네이티브 데스크톱 앱은 클라우드 왕복 없이 로컬 우선을 유지합니다. daemon 데이터 경로를 설명하기 전에 반드시 루트 `AGENTS.md`의 **Daemon data directory contract**를 읽어야 합니다.
- 🌍 **세 가지 평면에서 조합 가능.** **플러그인**은 실행 가능한 워크플로를 담고 · **스킬**은 에이전트의 디자인 감각을 담으며 · **디자인 시스템**은 브랜드를 담습니다. 세 가지 모두 누구나 작성하고, 버전 관리하고, 게시할 수 있는 평범한 파일입니다.
- 🔁 **기존 코드베이스를 새롭게.** `git` 저장소 + `DESIGN.md`를 에이전트에 넘기면 당신의 실제 컴포넌트를 브랜드 사양에 맞게 리팩터링합니다. 전용 플러그인이 Figma / Pencil 워크플로를 React / Next.js / Vue 코드로 마이그레이션합니다.
- 🔒 **신념에 기반한 프라이버시.** 모든 것은 당신의 데이터가 있는 곳에서 실행됩니다 — 당신의 노트북, 당신 팀의 서버, 당신의 Vercel 프로젝트. 네트워크가 필요할 때 BYOK 프록시는 SSRF로부터 보호됩니다.
@@ -536,7 +536,7 @@ pnpm guard && pnpm --filter @open-design/plugin-runtime typecheck
│ /api/import/claude-design │
│ MCP stdio server │
└─────────┬───────────────────────┘
│ spawn(cli, [...], { cwd: .od/projects/<id> })
│ spawn(cli, [...], { cwd: managed project cwd })
┌──────────────────────────────────────────────────────────────────┐
│ claude · codex · cursor-agent · copilot · openclaw · antigravity ·│
@@ -550,7 +550,7 @@ pnpm guard && pnpm --filter @open-design/plugin-runtime typecheck
|---|---|
| 프론트엔드 | Next.js 16 App Router + React 18 + TypeScript |
| 데몬 | Node 24 · Express · SSE 스트리밍 · `better-sqlite3` |
| 스토리지 | 파일은 `.od/projects/<id>/`에 + SQLite는 `.od/app.sqlite`에 + `media-config.json`(gitignore됨, 자동 생성). `OD_DATA_DIR`로 모든 것을 재배치합니다. |
| 스토리지 | daemon 저장 경로를 변경하거나 문서화하기 전에 반드시 루트 `AGENTS.md`의 **Daemon data directory contract**를 읽어야 합니다. 이 README는 그 내용을 다시 서술해서는 안 됩니다. |
| 미리보기 | 샌드박스 `srcdoc` iframe + 스트리밍 `<artifact>` 파서 |
| 내보내기 | HTML(인라인) · PDF(브라우저 인쇄) · PPTX(에이전트 기반) · ZIP · Markdown · MP4(HyperFrames) |
| 데스크톱 | Electron 셸 + 샌드박스 렌더러 + 사이드카 IPC(STATUS · EVAL · SCREENSHOT · CONSOLE · CLICK · SHUTDOWN) |

View File

@@ -264,7 +264,7 @@ O Open Design (OD) é a alternativa open-source. Mesmo loop, mesmo modelo mental
- 🤖 **Agent-native, agnóstico de modelo.** Não entregamos um agente. O `claude` / `codex` / `cursor-agent` / `copilot` / `hermes` / `kimi` que já está no seu `PATH` é o motor de design. Troque com um clique.
- 🧠 **Nível profissional de marca por padrão.** Toda renderização lê o `DESIGN.md` ativo — um schema de 9 seções cobrindo paleta, tipografia, espaçamento, motion, voz e anti-padrões. 150 sistemas vêm com o repositório (Linear, Stripe, Vercel, Airbnb, Apple, Tesla, Notion, Anthropic, Cursor, Supabase, Figma…). Solte uma pasta e o seletor a encontra.
- 🖥️ **Local-first, BYOK em todas as camadas.** Apps de desktop nativos para macOS (Apple Silicon + Intel) e Windows (x64). AppImage de Linux na trilha de release opcional. SQLite em `.od/app.sqlite`, arquivos em `.od/projects/<id>/`, sem telemetria, sem ida e volta à nuvem.
- 🖥️ **Local-first, BYOK em todas as camadas.** Apps de desktop nativos continuam local-first, sem ida e volta à nuvem. Antes de descrever caminhos de dados do daemon, você DEVE ler o `AGENTS.md` na raiz, seção **Daemon data directory contract**.
- 🌍 **Componível em três planos.** **Plugins** carregam fluxos de trabalho executáveis · **skills** carregam o gosto de design do agente · **design systems** carregam a marca. Todos os três são arquivos simples que qualquer pessoa pode escrever, versionar e publicar.
- 🔁 **Renove uma base de código existente.** Entregue um repositório `git` + `DESIGN.md` ao agente e ele refatora seus componentes reais para a especificação de marca. Plugins dedicados migram fluxos do Figma / Pencil para código React / Next.js / Vue.
- 🔒 **Privacidade por convicção.** Tudo roda onde seus dados vivem — seu laptop, o servidor do seu time, seu projeto na Vercel. Quando a rede é necessária, o proxy BYOK é protegido contra SSRF.
@@ -536,7 +536,7 @@ Endpoint do registry de plugins: `GET /api/plugins`. Visão geral do diretório
│ /api/import/claude-design │
│ MCP stdio server │
└─────────┬───────────────────────┘
│ spawn(cli, [...], { cwd: .od/projects/<id> })
│ spawn(cli, [...], { cwd: managed project cwd })
┌──────────────────────────────────────────────────────────────────┐
│ claude · codex · cursor-agent · copilot · openclaw · antigravity ·│
@@ -550,7 +550,7 @@ Endpoint do registry de plugins: `GET /api/plugins`. Visão geral do diretório
|---|---|
| Frontend | Next.js 16 App Router + React 18 + TypeScript |
| Daemon | Node 24 · Express · streaming SSE · `better-sqlite3` |
| Armazenamento | Arquivos em `.od/projects/<id>/` + SQLite em `.od/app.sqlite` + `media-config.json` (no gitignore, criado automaticamente). `OD_DATA_DIR` realoca tudo. |
| Armazenamento | Antes de alterar ou documentar caminhos de armazenamento do daemon, você DEVE ler o `AGENTS.md` na raiz, seção **Daemon data directory contract**. Este README NÃO DEVE repeti-lo. |
| Preview | Iframe `srcdoc` em sandbox + parser de `<artifact>` em streaming |
| Exportação | HTML (embutido) · PDF (impressão do navegador) · PPTX (conduzido pelo agente) · ZIP · Markdown · MP4 (HyperFrames) |
| Desktop | Electron shell + renderer em sandbox + IPC sidecar (STATUS · EVAL · SCREENSHOT · CONSOLE · CLICK · SHUTDOWN) |

View File

@@ -264,7 +264,7 @@ Open Design (OD) — это открытая альтернатива. Тот ж
- 🤖 **Агентно-нативный, не зависящий от модели.** Мы не поставляем агента. `claude` / `codex` / `cursor-agent` / `copilot` / `hermes` / `kimi`, уже находящиеся в вашем `PATH`, — это дизайн-движок. Переключайтесь одним кликом.
- 🧠 **Брендовый уровень по умолчанию.** Каждый рендер читает активный `DESIGN.md` — схему из 9 разделов, охватывающую палитру, типографику, отступы, движение, голос, антипаттерны. 150 систем поставляются с репозиторием (Linear, Stripe, Vercel, Airbnb, Apple, Tesla, Notion, Anthropic, Cursor, Supabase, Figma…). Положите папку — и выбор её найдёт.
- 🖥️ **Локальный по умолчанию, BYOK на каждом уровне.** Нативные десктопные приложения для macOS (Apple Silicon + Intel) и Windows (x64). Linux AppImage на опциональной линии релизов. SQLite в `.od/app.sqlite`, файлы в `.od/projects/<id>/`, без телеметрии, без обращений в облако.
- 🖥️ **Локальный по умолчанию, BYOK на каждом уровне.** Нативные десктопные приложения остаются локальными, без обращений в облако. Перед описанием путей данных демона необходимо прочитать корневой `AGENTS.md`, раздел **Daemon data directory contract**.
- 🌍 **Компонуемый в трёх плоскостях.** **Плагины** несут запускаемые рабочие процессы · **навыки** несут дизайнерский вкус агента · **дизайн-системы** несут бренд. Все три — это обычные файлы, которые кто угодно может создавать, версионировать и публиковать.
- 🔁 **Обновляйте существующую кодовую базу.** Передайте `git`-репозиторий + `DESIGN.md` агенту, и он отрефакторит ваши реальные компоненты под спецификацию бренда. Специальные плагины мигрируют рабочие процессы Figma / Pencil в код React / Next.js / Vue.
- 🔒 **Конфиденциальность по убеждению.** Всё работает там, где живут ваши данные — ваш ноутбук, сервер вашей команды, ваш проект на Vercel. Когда нужна сеть, BYOK-прокси защищён от SSRF.
@@ -536,7 +536,7 @@ pnpm guard && pnpm --filter @open-design/plugin-runtime typecheck
│ /api/import/claude-design │
│ MCP stdio server │
└─────────┬───────────────────────┘
│ spawn(cli, [...], { cwd: .od/projects/<id> })
│ spawn(cli, [...], { cwd: managed project cwd })
┌──────────────────────────────────────────────────────────────────┐
│ claude · codex · cursor-agent · copilot · openclaw · antigravity ·│
@@ -550,7 +550,7 @@ pnpm guard && pnpm --filter @open-design/plugin-runtime typecheck
|---|---|
| Фронтенд | Next.js 16 App Router + React 18 + TypeScript |
| Демон | Node 24 · Express · SSE-стриминг · `better-sqlite3` |
| Хранилище | Файлы в `.od/projects/<id>/` + SQLite в `.od/app.sqlite` + `media-config.json` (gitignored, создаётся автоматически). `OD_DATA_DIR` перемещает всё. |
| Хранилище | Перед изменением или документированием путей хранения демона необходимо прочитать корневой `AGENTS.md`, раздел **Daemon data directory contract**. Этот README НЕ ДОЛЖЕН пересказывать его. |
| Предпросмотр | Изолированный iframe `srcdoc` + стриминговый парсер `<artifact>` |
| Экспорт | HTML (встроенный) · PDF (печать из браузера) · PPTX (управляемый агентом) · ZIP · Markdown · MP4 (HyperFrames) |
| Десктоп | Electron-оболочка + изолированный рендерер + sidecar IPC (STATUS · EVAL · SCREENSHOT · CONSOLE · CLICK · SHUTDOWN) |

View File

@@ -264,7 +264,7 @@ Open Design (OD) açık kaynaklı alternatiftir. Aynı döngü, aynı artifact
- 🤖 **Ajan-yerel, modelden bağımsız.** Bir ajan sunmuyoruz. `PATH`'inizde zaten bulunan `claude` / `codex` / `cursor-agent` / `copilot` / `hermes` / `kimi` tasarım motorudur. Tek tıkla değiştirin.
- 🧠 **Varsayılan olarak marka düzeyinde.** Her işleme etkin `DESIGN.md` dosyasını okur — palet, tipografi, boşluk, hareket, ses, anti-desenleri kapsayan 9 bölümlük bir şema. 150 sistem depoyla birlikte gelir (Linear, Stripe, Vercel, Airbnb, Apple, Tesla, Notion, Anthropic, Cursor, Supabase, Figma…). Bir klasör bırakın, seçici onu bulur.
- 🖥️ **Yerel öncelikli, her katmanda BYOK.** macOS (Apple Silicon + Intel) ve Windows (x64) için yerel masaüstü uygulamaları. İsteğe bağlı sürüm hattında Linux AppImage. `.od/app.sqlite` adresinde SQLite, `.od/projects/<id>/` adresinde dosyalar, telemetri yok, bulut gidiş-dönüşü yok.
- 🖥️ **Yerel öncelikli, her katmanda BYOK.** Yerel masaüstü uygulamaları buluta gidip gelmeden yerel öncelikli kalır. Daemon veri yollarınııklamadan önce kökteki `AGENTS.md` dosyasında **Daemon data directory contract** bölümünü MUTLAKA okuyun.
- 🌍 **Üç düzlemde birleştirilebilir.** **Eklentiler** çalıştırılabilir iş akışları taşır · **beceriler** ajanın tasarım zevkini taşır · **tasarım sistemleri** markayı taşır. Üçü de herkesin yazabileceği, sürümleyebileceği ve yayınlayabileceği düz dosyalardır.
- 🔁 **Mevcut bir kod tabanını yenileyin.** Ajana bir `git` deposu + `DESIGN.md` verin, gerçek bileşenlerinizi marka spesifikasyonuna göre yeniden düzenler. Özel eklentiler Figma / Pencil iş akışlarını React / Next.js / Vue koduna taşır.
- 🔒 **İlkesel gizlilik.** Her şey verilerinizin bulunduğu yerde çalışır — dizüstü bilgisayarınız, ekibinizin sunucusu, Vercel projeniz. Ağ gerektiğinde, BYOK proxy SSRF korumalıdır.
@@ -536,7 +536,7 @@ Eklenti kayıt uç noktası: `GET /api/plugins`. Dizin genel bakışı → [`plu
│ /api/import/claude-design │
│ MCP stdio server │
└─────────┬───────────────────────┘
│ spawn(cli, [...], { cwd: .od/projects/<id> })
│ spawn(cli, [...], { cwd: managed project cwd })
┌──────────────────────────────────────────────────────────────────┐
│ claude · codex · cursor-agent · copilot · openclaw · antigravity ·│
@@ -550,7 +550,7 @@ Eklenti kayıt uç noktası: `GET /api/plugins`. Dizin genel bakışı → [`plu
|---|---|
| Frontend | Next.js 16 App Router + React 18 + TypeScript |
| Daemon | Node 24 · Express · SSE streaming · `better-sqlite3` |
| Depolama | `.od/projects/<id>/` adresinde dosyalar + `.od/app.sqlite` adresinde SQLite + `media-config.json` (gitignore'lu, otomatik oluşturulur). `OD_DATA_DIR` her şeyi yeniden konumlandırır. |
| Depolama | Daemon depolama yollarını değiştirmeden veya belgelemeden önce kökteki `AGENTS.md` dosyasında **Daemon data directory contract** bölümünü MUTLAKA okuyun. Bu README onu TEKRAR ETMEMELİDİR. |
| Önizleme | Yalıtılmış `srcdoc` iframe + akış `<artifact>` ayrıştırıcı |
| Dışa aktarma | HTML (gömülü) · PDF (tarayıcı yazdırma) · PPTX (ajan güdümlü) · ZIP · Markdown · MP4 (HyperFrames) |
| Masaüstü | Electron shell + yalıtılmış renderer + sidecar IPC (STATUS · EVAL · SCREENSHOT · CONSOLE · CLICK · SHUTDOWN) |

View File

@@ -264,7 +264,7 @@ Open Design (OD) — це альтернатива з відкритим код
- 🤖 **Agent-native, незалежна від моделі.** Ми не постачаємо агента. `claude` / `codex` / `cursor-agent` / `copilot` / `hermes` / `kimi`, які вже є у вашому `PATH`, і є рушієм дизайну. Замінюйте одним кліком.
- 🧠 **Брендовий рівень за замовчуванням.** Кожен рендер зчитує активний `DESIGN.md` — схему з 9 розділів, що охоплює палітру, типографіку, відступи, рух, голос, антипатерни. 150 систем постачаються разом із репозиторієм (Linear, Stripe, Vercel, Airbnb, Apple, Tesla, Notion, Anthropic, Cursor, Supabase, Figma…). Покладіть теку всередину — селектор її знайде.
- 🖥️ **Локально-орієнтована, BYOK на кожному шарі.** Нативні десктопні застосунки для macOS (Apple Silicon + Intel) та Windows (x64). Linux AppImage на опціональній лінії випуску. SQLite у `.od/app.sqlite`, файли в `.od/projects/<id>/`, без телеметрії, без звернень у хмару.
- 🖥️ **Локально-орієнтована, BYOK на кожному шарі.** Нативні десктопні застосунки залишаються локальними, без звернень у хмару. Перш ніж описувати шляхи даних демона, необхідно прочитати кореневий `AGENTS.md`, розділ **Daemon data directory contract**.
- 🌍 **Композиційна на трьох площинах.** **Плагіни** несуть робочі процеси, що запускаються · **навички** несуть дизайнерський смак агента · **дизайн-системи** несуть бренд. Усі три — це звичайні файли, які будь-хто може створювати, версіонувати та публікувати.
- 🔁 **Оновлюйте наявну кодову базу.** Передайте агенту репозиторій `git` + `DESIGN.md`, і він рефакторить ваші реальні компоненти відповідно до специфікації бренду. Спеціальні плагіни мігрують робочі процеси Figma / Pencil у код React / Next.js / Vue.
- 🔒 **Приватність за переконанням.** Усе працює там, де живуть ваші дані — на вашому ноутбуці, на сервері вашої команди, у вашому проєкті Vercel. Коли потрібна мережа, проксі BYOK захищений від SSRF.
@@ -536,7 +536,7 @@ pnpm guard && pnpm --filter @open-design/plugin-runtime typecheck
│ /api/import/claude-design │
│ MCP stdio server │
└─────────┬───────────────────────┘
│ spawn(cli, [...], { cwd: .od/projects/<id> })
│ spawn(cli, [...], { cwd: managed project cwd })
┌──────────────────────────────────────────────────────────────────┐
│ claude · codex · cursor-agent · copilot · openclaw · antigravity ·│
@@ -550,7 +550,7 @@ pnpm guard && pnpm --filter @open-design/plugin-runtime typecheck
|---|---|
| Фронтенд | Next.js 16 App Router + React 18 + TypeScript |
| Демон | Node 24 · Express · потокова передача SSE · `better-sqlite3` |
| Сховище | Файли в `.od/projects/<id>/` + SQLite у `.od/app.sqlite` + `media-config.json` (gitignored, створюється автоматично). `OD_DATA_DIR` переміщує все. |
| Сховище | Перш ніж змінювати або документувати шляхи сховища демона, необхідно прочитати кореневий `AGENTS.md`, розділ **Daemon data directory contract**. Цей README НЕ ПОВИНЕН переказувати його. |
| Попередній перегляд | iframe-пісочниця `srcdoc` + парсер потокового `<artifact>` |
| Експорт | HTML (вбудований) · PDF (друк із браузера) · PPTX (під керуванням агента) · ZIP · Markdown · MP4 (HyperFrames) |
| Десктоп | Оболонка Electron + рендерер у пісочниці + sidecar IPC (STATUS · EVAL · SCREENSHOT · CONSOLE · CLICK · SHUTDOWN) |

View File

@@ -264,7 +264,7 @@ Open Design (OD) 是开源替代品。同样的循环,同样的工件优先心
- 🤖 **Agent 原生,不绑定模型。** 我们不发布 Agent。你 `PATH` 上已有的 `claude` / `codex` / `cursor-agent` / `copilot` / `hermes` / `kimi` 就是设计引擎。一键切换。
- 🧠 **默认品牌级。** 每次渲染都读取激活的 `DESIGN.md`——9 节 schema 涵盖色板、字体、间距、动效、语言风格、反模式。150 个系统随仓库发布Linear、Stripe、Vercel、Airbnb、Apple、Tesla、Notion、Anthropic、Cursor、Supabase、Figma……。放入文件夹选择器自动识别。
- 🖥️ **本地优先,每一层都可 BYOK。** macOSApple Silicon + Intel和 Windowsx64原生桌面应用。Linux AppImage 在可选发布通道。SQLite 存储在 `.od/app.sqlite`,文件在 `.od/projects/<id>/`,无遥测,无云端往返
- 🖥️ **本地优先,每一层都可 BYOK。** 原生桌面应用保持本地优先,不发生云端往返。在描述 daemon 数据路径之前,必须阅读仓库根目录 `AGENTS.md` 中的 **Daemon data directory contract**
- 🌍 **三个平面上可组合。** **插件**承载可运行的工作流 · **技能**承载 Agent 的设计品味 · **设计系统**承载品牌。三者都是普通文件,任何人都可以编写、版本控制和发布。
- 🔁 **刷新现有代码库。**`git` 仓库 + `DESIGN.md` 交给 Agent它就能将你的真实组件重构到品牌规范。专门的插件用于将 Figma / Pencil 工作流迁移到 React / Next.js / Vue 代码。
- 🔒 **隐私信条。** 一切都运行在持有你数据的环境中——你的笔记本、你团队的服务器、你的 Vercel 项目。需要网络时有 SSRF 防护的 BYOK 代理。
@@ -536,7 +536,7 @@ pnpm guard && pnpm --filter @open-design/plugin-runtime typecheck
│ /api/import/claude-design │
│ MCP stdio 服务器 │
└─────────┬───────────────────────┘
│ spawn(cli, [...], { cwd: .od/projects/<id> })
│ spawn(cli, [...], { cwd: managed project cwd })
┌──────────────────────────────────────────────────────────────────────┐
│ claude · codex · cursor-agent · copilot · openclaw · antigravity · │
@@ -550,7 +550,7 @@ pnpm guard && pnpm --filter @open-design/plugin-runtime typecheck
|---|---|
| 前端 | Next.js 16 App Router + React 18 + TypeScript |
| 守护进程 | Node 24 · Express · SSE 流式传输 · `better-sqlite3` |
| 存储 | 文件在 `.od/projects/<id>/` + SQLite 在 `.od/app.sqlite` + `media-config.json`gitignored自动创建`OD_DATA_DIR` 可重定位全部。 |
| 存储 | 在修改或记录 daemon 存储路径之前,必须阅读仓库根目录 `AGENTS.md` 中的 **Daemon data directory contract**。本 README 不得复述该契约。 |
| 预览 | 沙箱 `srcdoc` iframe + 流式 `<artifact>` 解析器 |
| 导出 | HTML内联· PDF浏览器打印· PPTXAgent 驱动)· ZIP · Markdown · MP4HyperFrames |
| 桌面 | Electron 外壳 + 沙箱渲染进程 + sidecar IPCSTATUS · EVAL · SCREENSHOT · CONSOLE · CLICK · SHUTDOWN |

View File

@@ -264,7 +264,7 @@ Open DesignOD就是那個開源的替代方案。同樣的迴圈、同樣
- 🤖 **agent 原生、模型無關。** 我們不附帶 agent。你 `PATH` 上既有的 `claude` / `codex` / `cursor-agent` / `copilot` / `hermes` / `kimi` 就是設計引擎。一鍵即可切換。
- 🧠 **預設即品牌級。** 每一次渲染都會讀取目前啟用的 `DESIGN.md`——這是一份涵蓋色票、字體、間距、動態、語氣、反模式的 9 段式 schema。儲存庫隨附 150 套系統Linear、Stripe、Vercel、Airbnb、Apple、Tesla、Notion、Anthropic、Cursor、Supabase、Figma…。放進一個資料夾選擇器就會找到它。
- 🖥️ **本地優先、每一層都可 BYOK。** 為 macOSApple Silicon + Intel與 Windowsx64提供原生桌面應用程式。Linux AppImage 則在選用的發行通道上。SQLite 位於 `.od/app.sqlite`、檔案位於 `.od/projects/<id>/`,無遙測、無雲端往返
- 🖥️ **本地優先、每一層都可 BYOK。** 原生桌面應用程式保持本地優先,不會雲端往返。在描述 daemon 資料路徑之前,必須閱讀儲存庫根目錄 `AGENTS.md` 中的 **Daemon data directory contract**
- 🌍 **在三個平面上可組合。** **外掛** 承載可執行的工作流程 · **skills** 承載 agent 的設計品味 · **設計系統** 承載品牌。三者都是任何人都能撰寫、版控與發布的純文字檔案。
- 🔁 **翻新既有的程式碼庫。** 把一個 `git` 儲存庫 + `DESIGN.md` 交給 agent它就會把你真實的元件重構至品牌規格。專屬外掛能把 Figma / Pencil 工作流程遷移成 React / Next.js / Vue 程式碼。
- 🔒 **出於信念的隱私。** 一切都在你資料所在之處執行——你的筆電、你團隊的伺服器、你的 Vercel 專案。當需要連網時BYOK 代理具備 SSRF 防護。
@@ -536,7 +536,7 @@ pnpm guard && pnpm --filter @open-design/plugin-runtime typecheck
│ /api/import/claude-design │
│ MCP stdio server │
└─────────┬───────────────────────┘
│ spawn(cli, [...], { cwd: .od/projects/<id> })
│ spawn(cli, [...], { cwd: managed project cwd })
┌──────────────────────────────────────────────────────────────────┐
│ claude · codex · cursor-agent · copilot · openclaw · antigravity ·│
@@ -550,7 +550,7 @@ pnpm guard && pnpm --filter @open-design/plugin-runtime typecheck
|---|---|
| 前端 | Next.js 16 App Router + React 18 + TypeScript |
| Daemon | Node 24 · Express · SSE 串流 · `better-sqlite3` |
| 儲存 | 檔案位於 `.od/projects/<id>/` + SQLite 位於 `.od/app.sqlite` + `media-config.json`(已 gitignore、自動建立`OD_DATA_DIR` 可重新指定全部位置。 |
| 儲存 | 在變更或記錄 daemon 儲存路徑之前,必須閱讀儲存庫根目錄 `AGENTS.md` 中的 **Daemon data directory contract**。本 README 不得重述該契約。 |
| 預覽 | 沙箱化 `srcdoc` iframe + 串流式 `<artifact>` parser |
| 匯出 | HTML內嵌· PDF瀏覽器列印· PPTXagent 驅動)· ZIP · Markdown · MP4HyperFrames |
| 桌面 | Electron shell + 沙箱化 renderer + sidecar IPCSTATUS · EVAL · SCREENSHOT · CONSOLE · CLICK · SHUTDOWN |

View File

@@ -153,19 +153,19 @@ The update script:
## Uninstall
```bash
# Remove containers and data
# Remove containers and persistent daemon storage
bash deploy/scripts/uninstall.sh
# Remove containers but keep data volume
# Remove containers but keep persistent daemon storage
bash deploy/scripts/uninstall.sh --keep-data
```
The uninstaller:
1. Stops and removes containers (`docker compose down`), then removes the data volume separately.
1. Stops and removes containers (`docker compose down`), then removes persistent daemon storage separately.
2. On Linux: disables and removes the systemd unit.
3. Removes `deploy/.env`.
> **Data:** By default, the `open_design_data` volume (projects, artifacts, config) is also deleted. Pass `--keep-data` to preserve it. Remove the volume manually later: `docker volume rm open_design_data`.
> **Data:** Before documenting, changing, deleting, or preserving persistent daemon storage, you MUST read root [`AGENTS.md`](../AGENTS.md) → **Daemon data directory contract**. This guide MUST NOT restate that contract or define storage paths.
## Configuration

View File

@@ -20,8 +20,10 @@ guards and smoke coverage.
The protected use case is:
1. An external orchestrator launches Open Design with `OD_SANDBOX_MODE=1` and an
isolated `OD_DATA_DIR`.
1. An external orchestrator launches Open Design with `OD_SANDBOX_MODE=1` and
isolated daemon storage. This plan MUST NOT define daemon data paths; read
root `AGENTS.md`**Daemon data directory contract** before documenting
storage isolation.
2. The orchestrator creates runs over HTTP/SSE and supplies only run-scoped
policy, tools, and project context.
3. Open Design contributes design context, skills, previews, artifacts, CLI/UI
@@ -45,9 +47,10 @@ Without `OD_SANDBOX_MODE=1`, Open Design is the normal local product runtime, no
the external-orchestrator containment runtime. Tests and docs must say which mode
they are proving.
Namespace and data isolation are separate axes. Namespace identifies sidecar
processes, IPC sockets, pointers, and launcher-managed runtime files. Daemon data
is isolated by `OD_DATA_DIR` plus sandbox mode, not by namespace alone.
Namespace and daemon storage isolation are separate axes. Namespace identifies
sidecar processes, IPC sockets, pointers, and launcher-managed runtime files.
Daemon storage isolation rules live only in root `AGENTS.md` → **Daemon data
directory contract**; this plan MUST NOT restate them.
## Safety Invariants
@@ -95,9 +98,10 @@ persisted registry/OAuth state should not bleed into the run.
Hardening:
- Keep the existing unit coverage for run-scoped bundle selection.
- Add one tools-dev/e2e variant that launches with `OD_SANDBOX_MODE=1` and a
unique `OD_DATA_DIR`, then asserts run-scoped tools and runtime homes are
contained.
- Add one tools-dev/e2e variant that launches with `OD_SANDBOX_MODE=1` and
isolated daemon storage, then asserts run-scoped tools and runtime homes are
contained. Before documenting the storage path, read root `AGENTS.md`
**Daemon data directory contract**.
- Pin `applySandboxRuntimeEnv` behavior with primitive tests that inspect the
child environment assembled for an agent.
@@ -154,7 +158,7 @@ being changed:
| Media policy parser and denial codes | `apps/daemon/tests/media-policy.test.ts` |
| In-run media route behavior, disabled policy, surface/model denial, token/no-token legacy behavior | `apps/daemon/tests/media-policy-routes.test.ts` |
| Run-scoped MCP bundle parsing and sandbox-mode bundle selection | `apps/daemon/tests/run-tool-bundle.test.ts` |
| Sandbox mode parsing and data-root requirements | `apps/daemon/tests/sandbox-mode.test.ts`, `apps/daemon/tests/resolve-data-dir.test.ts` |
| Sandbox mode parsing and storage isolation requirements. This plan MUST NOT define daemon data paths; read root `AGENTS.md`**Daemon data directory contract**. | `apps/daemon/tests/sandbox-mode.test.ts`, `apps/daemon/tests/resolve-data-dir.test.ts` |
| Sandbox runtime directory/bootstrap behavior | `apps/daemon/tests/sandbox-runtime-bootstrap.test.ts` |
| Tool-token issuance and route authorization | `apps/daemon/tests/tool-tokens.test.ts` |
| Export manifest shape and sandbox imported-folder denial | `apps/daemon/tests/export-manifest-route.test.ts` |
@@ -212,8 +216,9 @@ opening, so review catches conflicts within the stack instead of at merge time.
### Phase 2: Sandbox-Mode E2E Variant
- Plumb `OD_SANDBOX_MODE=1` and a unique `OD_DATA_DIR` through a
`createSmokeSuite(...).with.toolsDev(...)` variant.
- Plumb `OD_SANDBOX_MODE=1` and isolated daemon storage through a
`createSmokeSuite(...).with.toolsDev(...)` variant. This plan MUST NOT define
daemon data paths; read root `AGENTS.md`**Daemon data directory contract**.
- Assert sandbox mode through `/api/daemon/status`.
- Start one run with a run-scoped MCP tool and verify persisted MCP registry
state is not visible in the child.

View File

@@ -124,7 +124,7 @@ Packaged official plugins
Default community registry
community source -> Available by default -> user installs intentionally
-> ~/.open-design/plugins/<plugin-id> -> Installed -> agent
-> installed plugin record -> Installed -> agent
```
`Available` is not directly consumable by the agent. It is a supply pool. The
@@ -133,12 +133,13 @@ plugins, direct GitHub/URL/local installs, and marketplace-installed plugins. A
future "Use from Available" convenience action may auto-install first, but it
must still create an installed record before execution.
User-created and user-installed plugins are persisted under the user plugin
root (`~/.open-design/plugins/<plugin-id>` by default). Daemon startup reloads
installed records from SQLite and resolves those user-state plugin folders; a
packaged runtime upgrade should not overwrite them. Bundled official plugins
stay inside the runtime image and are re-registered on boot as official-source
preinstalls.
User-created and user-installed plugins are persisted through daemon-managed
storage. This plan MUST NOT define daemon data paths; read the root
`AGENTS.md` section **Daemon data directory contract** before changing or
documenting plugin storage. Daemon startup reloads installed records from
SQLite and resolves those user-state plugin folders; a packaged runtime upgrade
should not overwrite them. Bundled official plugins stay inside the runtime
image and are re-registered on boot as official-source preinstalls.
Authoring and publishing mirror the consumption loop:
@@ -289,10 +290,10 @@ the archive remains reachable and integrity matches.
od plugin install <name>[@<range>]
→ daemon iterates configured backends in trust order
→ first match: download tarball, verify SHA-256, extract to
.od/plugins/<name>/<version>/, write InstalledPluginRecord with
daemon-managed plugin storage, write InstalledPluginRecord with
full provenance (sourceMarketplaceId, marketplaceTrust, source URL,
sourceDigest, resolved ref)
→ record into .od/od-plugin-lock.json for reproducibility
→ record the lockfile through daemon-managed storage for reproducibility
```
`od plugin upgrade [--policy latest|pinned]` re-resolves against lockfile and
@@ -463,7 +464,7 @@ first, headless, JSON-emitting.
PR payloads; `od plugin publish --to marketplace-json --catalog <path>`
covers self-hosted static catalogs. The release-upload/fork/branch executor
remains an adapter on top of the tested mutation contract.
- [x] **P1.4 Lockfile.** `.od/od-plugin-lock.json` records resolved
- [x] **P1.4 Lockfile.** The daemon-managed plugin lockfile records resolved
`name@version` + integrity + `sourceMarketplaceId`. `od plugin install`
honors lock on second run; `od plugin upgrade` rewrites it.
- [x] **P1.5 Private GitHub catalog auth.** `od marketplace login <id>`

View File

@@ -549,7 +549,9 @@ These were originally spec §18 open questions; they are now resolved and propag
v1 ships when **all** of the following pass on a clean Linux CI container without electron. Each row links to the daemon / e2e test path that asserts it.
- [x] **e2e-1 cold install**`od plugin install ./fixtures/sample-plugin`
- `<OD_DATA_DIR>/plugins/sample-plugin/` exists.
- daemon-managed plugin storage contains the sample plugin. This plan MUST
NOT define daemon data paths; read root `AGENTS.md` → **Daemon data
directory contract** before documenting storage.
- `installed_plugins` has one row with `trust='restricted'`, `source_kind='local'`.
- Test path: `apps/daemon/tests/plugins-e2e-fixture.test.ts`
- [x] **e2e-2 pure apply** — two consecutive applies share `manifestSourceDigest`; the project cwd byte size is unchanged; `applied_plugin_snapshots` is not written by `applyPlugin()` itself (the resolver is the writer).

View File

@@ -457,8 +457,8 @@ Multiple marketplaces coexist — the user runs `od marketplace add <url>` to re
| -------- | ------------------------------------------------ | ------------------ | ---------------------------------------------------------------------- |
| 1 | `<projectCwd>/.open-design/plugins/<id>/` | plugin bundle | New; explicitly installed into the project and committed with user code |
| 2 | `<projectCwd>/.claude/skills/<id>/` | legacy `SKILL.md` | Keeps the project-private skill path from [`skills-protocol.md`](skills-protocol.md) compatible |
| 3 | `<daemonDataDir>/plugins/<id>/` | plugin bundle | New; written by `od plugin install` under the daemon data root |
| 4 | `~/.open-design/skills/<id>/` | legacy `SKILL.md` | OD canonical skill install path; may symlink into other agents |
| 3 | Daemon-managed plugin location | plugin bundle | This spec MUST NOT define daemon data paths; read root `AGENTS.md`**Daemon data directory contract** before documenting storage |
| 4 | User-global skill location | legacy `SKILL.md` | This spec MUST NOT define daemon data paths; read root `AGENTS.md`**Daemon data directory contract** before documenting storage |
| 5 | `~/.claude/skills/<id>/` | legacy `SKILL.md` | Compatibility scan for external Claude Code / skills tooling |
| 6 | repo root `skills/`, `design-systems/`, `craft/` | bundled resources | Existing first-party resources, unchanged |
@@ -1241,7 +1241,7 @@ In practice this means:
What this unlocks:
- A user with **only Claude Code** (or any code agent) plus `npm i -g @open-design/cli` plus a running headless daemon can do the entire user journey: install plugin → create project → run → consume artifacts. No OD desktop required.
- The OD desktop UI installs the same daemon and the same CLI; it just adds a window. Users who later install the desktop find the same projects, plugins, and history that the headless flow produced — there is no "headless project format" vs. "desktop project format". Same `.od/projects/<id>/`, same SQLite db.
- The OD desktop UI installs the same daemon and the same CLI; it just adds a window. Users who later install the desktop find the same projects, plugins, and history that the headless flow produced — there is no "headless project format" vs. "desktop project format". This spec MUST NOT define daemon data paths; read root `AGENTS.md` → **Daemon data directory contract** before changing or documenting shared storage.
- CI is a first-class citizen: a GitHub Action can `npm i -g @open-design/cli && od daemon start --headless && od plugin install … && od run start --project … --follow`. No display, no electron, no per-step UI scripting.
- External products can embed OD by spawning a headless daemon and shelling out — `od` is the public surface, internals are free to evolve.
@@ -1327,7 +1327,7 @@ od run logs <runId> # historical tail; --since for incremental
#### File system operations on a project (new)
The daemon already owns project filesystems under `.od/projects/<id>/` (or `metadata.baseDir` for imported folders). These commands are project-scoped — agents do not need to know where the project lives on disk.
The daemon already owns project filesystems (or `metadata.baseDir` for imported folders). These commands are project-scoped — agents do not need to know where the project lives on disk. This spec MUST NOT define daemon data paths; read root `AGENTS.md` → **Daemon data directory contract** before changing or documenting project storage.
```
od files list <projectId> [--path <subdir>] [--json]
@@ -1574,8 +1574,8 @@ od run start --project "$PID" --plugin make-a-deck \
CWD=$(od project info "$PID" --json | jq -r .cwd)
cd "$CWD"
# OD has already staged the merged SKILL.md / DESIGN.md / craft / atoms into
# .od-skills/ inside the cwd, exactly as the desktop run would.
claude code "Read .od-skills/ and produce the deliverables the active plugin describes."
# The skill staging directory is inside the cwd, exactly as the desktop run would prepare it.
claude code "Read the staged skill context and produce the deliverables the active plugin describes."
# Consume the produced artifacts.
od files list "$PID" --json
@@ -1587,7 +1587,7 @@ What this proves:
- The full marketplace -> plugin -> apply -> run -> artifact pipeline is reachable from a terminal in <10 lines.
- The OD daemon does not need to render anything; it acts as a project + plugin + artifact server.
- The same project, when later opened in the OD desktop UI, shows the full conversation history, files, and artifacts produced by the headless run — because there is exactly one storage layer (§4.6 in [`spec.md`](spec.md), `.od/projects/<id>/` + SQLite).
- The same project, when later opened in the OD desktop UI, shows the full conversation history, files, and artifacts produced by the headless run. This spec MUST NOT define daemon data paths; read root `AGENTS.md` → **Daemon data directory contract** before changing or documenting shared storage.
### 14.4 Analogy: Cursor vs `cursor-agent`, OD desktop vs `od` CLI
@@ -1596,7 +1596,7 @@ The mental model:
| Layer | Cursor | Open Design |
| --------------------- | -------------------------------------------- | ---------------------------------------------------- |
| Headless agent CLI | `cursor-agent` (drives the agent loop) | `od run start --agent claude --follow` + `od plugin run` |
| Local services / db | Cursor's background indexing / state | OD daemon, SQLite, `.od/projects/<id>/` |
| Local services / db | Cursor's background indexing / state | OD daemon-managed state. Storage paths are governed only by root `AGENTS.md` → **Daemon data directory contract**. |
| GUI productivity layer| Cursor IDE | OD desktop / web UI (`apps/web` + `apps/desktop`) |
| Plugin / skill format | `.cursor/rules/`, MCP servers | `SKILL.md` + `open-design.json` + atoms |
@@ -1622,15 +1622,10 @@ The base image is `node:24-bookworm-slim`. The user inside the container is non-
### 15.2 Persistence
Three paths the operator should mount as volumes; they map onto existing OD env vars from the root [`AGENTS.md`](../AGENTS.md), so no daemon code change is needed.
| Mount path | Env var | Purpose |
| ----------------- | ------------------------ | ------------------------------------------------------ |
| `/data/od` | `OD_DATA_DIR` | Projects, SQLite, artifacts, installed plugins (`<OD_DATA_DIR>/plugins`) |
| `/data/config` | `OD_MEDIA_CONFIG_DIR` | Provider credentials (`media-config.json`) |
| `/data/marketplaces` | (under `OD_DATA_DIR`) | Cached marketplace indexes |
Mounting `/data/od` alone is the minimal config. Splitting `/data/config` separately is the recommended hosted-mode pattern so secrets follow a different lifecycle than data.
This deployment draft MUST NOT define daemon data paths, mount paths, or
persistence examples. Before choosing, documenting, or changing persistence,
you MUST read root [`AGENTS.md`](../AGENTS.md) → **Daemon data directory
contract**. That section is mandatory and is the only truth source.
### 15.3 Configuration
@@ -1639,8 +1634,7 @@ All configuration flows through env vars and an optional pre-baked config file.
```env
OD_PORT=17456
OD_BIND_HOST=0.0.0.0 # the variable the daemon already reads ([`apps/daemon/src/server.ts`](../apps/daemon/src/server.ts))
OD_DATA_DIR=/data/od
OD_MEDIA_CONFIG_DIR=/data/config
# Set daemon storage env vars only after reading root AGENTS.md -> Daemon data directory contract.
OD_TRUST_DEFAULT=restricted # safe default for hosted (§9) — introduced in Phase 5
OD_AGENT_BACKEND=claude # default code agent backend
OD_API_TOKEN=<random> # required when OD_BIND_HOST != 127.0.0.1 — Phase 5 introduces the bearer middleware
@@ -1656,7 +1650,7 @@ TAVILY_API_KEY=...
> - `OD_BIND_HOST` already exists in the daemon ([`apps/daemon/src/server.ts`](../apps/daemon/src/server.ts), [`apps/daemon/src/origin-validation.ts`](../apps/daemon/src/origin-validation.ts)). Earlier draft text referred to the same variable as `OD_HOST`; the correct name is `OD_BIND_HOST`, and this spec uses it everywhere. **No `OD_HOST` alias is introduced** — that would invite double-name drift.
> - `OD_TRUST_DEFAULT`, `OD_API_TOKEN`, and the corresponding bearer-token middleware are **not yet implemented**; they are part of Phase 5 "Cloud deployment + pluggable storage" (§15.7, §16 Phase 5). Until landed, hosted deployments must rely on a reverse proxy / network ACL for access control; §15.7 explicitly calls out this prerequisite.
Anything settable via the desktop UI is also settable via `docker exec od od config set ...` or by mounting a pre-baked `media-config.json` into `/data/config`.
Anything settable via the desktop UI is also settable via `docker exec od od config set ...`. This document MUST NOT provide concrete storage paths.
### 15.4 One-command deploy
@@ -1667,20 +1661,9 @@ docker run --rm -p 17456:17456 ghcr.io/open-design/od:latest
open http://localhost:17456
```
Persistent server:
```bash
docker run -d --name od \
-p 17456:17456 \
-v od-data:/data/od \
-v od-config:/data/config \
-e OD_DATA_DIR=/data/od \
-e OD_MEDIA_CONFIG_DIR=/data/config \
-e OD_BIND_HOST=0.0.0.0 \
-e OD_API_TOKEN="$(openssl rand -hex 32)" \
-e ANTHROPIC_API_KEY="$ANTHROPIC_API_KEY" \
ghcr.io/open-design/od:latest
```
Persistent server storage examples are intentionally omitted here. Before
writing one, you MUST read root [`AGENTS.md`](../AGENTS.md) → **Daemon data
directory contract**.
Reach the same surfaces inside the container:
@@ -2170,7 +2153,7 @@ Until Phases 6, 7, and 8 land, the production-code experience for users follows
The contract has four locked points:
1. **OD stages the design substrate into a project cwd.** Per §14.3, the daemon writes SKILL.md / DESIGN.md / craft into `.od-skills/` and generated artifacts into the project cwd via `od files`. The cwd is discoverable via `od project info <id> --json | jq -r .cwd`.
1. **OD stages the design substrate into a project cwd.** Per §14.3, the daemon writes SKILL.md / DESIGN.md / craft into a staged skill-context directory and generated artifacts into the project cwd via `od files`. The cwd is discoverable via `od project info <id> --json | jq -r .cwd`.
2. **The user's code agent operates in that cwd or in their own repo cwd.** OD does not run inside the IDE; it runs as a daemon next to the IDE. Cursor / Claude Code / Codex / Gemini CLI are the patch-applying surface.
3. **Bookkeeping stays in OD.** `ArtifactManifest` (§11.5.1) records `sourcePluginSnapshotId`, `sourceTaskKind: 'tune-collab'` (or `'code-migration'` once Phase 7 lands), and `handoffKind: 'patch'`; `od files` tracks every artifact byte. Even when the code agent does the patch, OD remains the audit log.
4. **Re-entry into OD is single-step.** The user can reapply any plugin (or a different plugin) on top of the same project at any time via the inline rail (§8) or `od plugin apply ... --project <id>`. `parentArtifactId` chaining (§11.5.1) preserves the lineage across the OD ↔ code-agent boundary.

View File

@@ -456,8 +456,8 @@ Marketplace 顶层 `version` 是 catalog snapshot 版本;每个 `plugins[]` en
| --- | --- | --- | --- |
| 1 | `<projectCwd>/.open-design/plugins/<id>/` | plugin bundle | 新增,与用户代码一起提交;必须显式安装到 project |
| 2 | `<projectCwd>/.claude/skills/<id>/` | legacy `SKILL.md` | 沿用 [`skills-protocol.md`](skills-protocol.md) 的 project-private skill 兼容路径 |
| 3 | `<daemonDataDir>/plugins/<id>/` | plugin bundle | 新增,由 `od plugin install` 写入 daemon data root |
| 4 | `~/.open-design/skills/<id>/` | legacy `SKILL.md` | OD canonical skill install path可 symlink 到其它 agent |
| 3 | Daemon-managed plugin location | plugin bundle | 本 spec 绝不能定义 daemon 数据路径;修改或记录存储位置前必须阅读 root `AGENTS.md`**Daemon data directory contract** |
| 4 | 用户级 skill 位置 | legacy `SKILL.md` | 本 spec 绝不能定义 daemon 数据路径;修改或记录存储位置前必须阅读 root `AGENTS.md`**Daemon data directory contract** |
| 5 | `~/.claude/skills/<id>/` | legacy `SKILL.md` | 外部 Claude Code / skills 工具写入的兼容路径,只读扫描 |
| 6 | repo root `skills/`, `design-systems/`, `craft/` | bundled resources | 现有一方资源,不变 |
@@ -1236,7 +1236,7 @@ OD 运行在三种 operating modes它们共享**同一个** daemon、**同一
解锁的能力:
- 用户只有 **Claude Code**(或任意 code agent加 `npm i -g @open-design/cli`,再启动一个 headless daemon就能完成 install plugin → create project → run → consume artifacts 全流程。不需要 OD desktop。
- OD desktop UI 安装相同 daemon 与相同 CLI它只是加了一个窗口。用户之后安装 desktop 时,会看到 headless 流程创建的同一批 projects、plugins、history。不存在「headless project format」与「desktop project format」之分。都是同一个 `.od/projects/<id>/`、同一个 SQLite db
- OD desktop UI 安装相同 daemon 与相同 CLI它只是加了一个窗口。用户之后安装 desktop 时,会看到 headless 流程创建的同一批 projects、plugins、history。不存在「headless project format」与「desktop project format」之分。本 spec 绝不能定义 daemon 数据路径;修改或记录共享存储前必须阅读 root `AGENTS.md` → **Daemon data directory contract**
- CI 是一等公民GitHub Action 可以 `npm i -g @open-design/cli && od daemon start --headless && od plugin install … && od run start --project … --follow`。无 display、无 electron、无 UI scripting。
- 外部产品可以通过启动 headless daemon 并 shell out 嵌入 OD`od` 是 public surfaceinternals 可以自由演进。
@@ -1322,7 +1322,7 @@ od run logs <runId> # historical tail; --since for incremental
#### Project 文件系统操作(新增)
daemon 当前已经拥有 `.od/projects/<id>/` 下的 project filesystems或者 imported folder 的 `metadata.baseDir`)。这些命令以 project 为 scopeagent 不需要知道 project 在磁盘哪里。
daemon 当前已经拥有 project filesystems或者 imported folder 的 `metadata.baseDir`)。这些命令以 project 为 scopeagent 不需要知道 project 在磁盘哪里。本 spec 绝不能定义 daemon 数据路径;修改或记录 project storage 前必须阅读 root `AGENTS.md` → **Daemon data directory contract**。
```
od files list <projectId> [--path <subdir>] [--json]
@@ -1569,8 +1569,8 @@ od run start --project "$PID" --plugin make-a-deck \
CWD=$(od project info "$PID" --json | jq -r .cwd)
cd "$CWD"
# OD has already staged the merged SKILL.md / DESIGN.md / craft / atoms into
# .od-skills/ inside the cwd, exactly as the desktop run would.
claude code "Read .od-skills/ and produce the deliverables the active plugin describes."
# skill staging directory is inside the cwd, exactly as the desktop run would.
claude code "Read the staged skill context and produce the deliverables the active plugin describes."
# Consume the produced artifacts.
od files list "$PID" --json
@@ -1582,7 +1582,7 @@ open slides.html # or however the user wants to view the file
- 完整 marketplace → plugin → apply → run → artifact pipeline 可以在终端里用不到 10 行触达。
- OD daemon 不需要渲染任何东西;它作为 project + plugin + artifact server 工作。
- 同一个 project 之后在 OD desktop UI 中打开时,会显示 headless run 产生的完整 conversation history、files、artifacts,因为 storage layer 只有一套([`spec.md`](spec.md) §4.6`.od/projects/<id>/` + SQLite
- 同一个 project 之后在 OD desktop UI 中打开时,会显示 headless run 产生的完整 conversation history、files、artifacts。本 spec 绝不能定义 daemon 数据路径;修改或记录共享存储前必须阅读 root `AGENTS.md` → **Daemon data directory contract**
### 14.4 类比Cursor vs `cursor-agent`OD desktop vs `od` CLI
@@ -1591,7 +1591,7 @@ open slides.html # or however the user wants to view the file
| Layer | Cursor | Open Design |
| --- | --- | --- |
| Headless agent CLI | `cursor-agent`(驱动 agent loop | `od run start --agent claude --follow` + `od plugin run` |
| Local services / db | Cursor 的 background indexing / state | OD daemon、SQLite、`.od/projects/<id>/` |
| Local services / db | Cursor 的 background indexing / state | OD daemon-managed state。存储路径只受 root `AGENTS.md` → **Daemon data directory contract** 约束。 |
| GUI productivity layer | Cursor IDE | OD desktop / web UI`apps/web` + `apps/desktop` |
| Plugin / skill format | `.cursor/rules/`、MCP servers | `SKILL.md` + `open-design.json` + atoms |
@@ -1617,15 +1617,7 @@ base image 是 `node:24-bookworm-slim`。container 内用户是 non-root`uid
### 15.2 Persistence
operator 应挂载三个 volumes它们映射到根 [`AGENTS.md`](../AGENTS.md) 中已有的 OD env vars因此 daemon 不需要改代码
| Mount path | Env var | Purpose |
| --- | --- | --- |
| `/data/od` | `OD_DATA_DIR` | Projects、SQLite、artifacts、installed plugins`<OD_DATA_DIR>/plugins` |
| `/data/config` | `OD_MEDIA_CONFIG_DIR` | Provider credentials`media-config.json` |
| `/data/marketplaces` | (位于 `OD_DATA_DIR` 下) | Cached marketplace indexes |
只挂载 `/data/od` 是最小配置。推荐 hosted-mode 把 `/data/config` 拆开,使 secrets 与 data 的生命周期不同。
本部署草案绝不能定义 daemon 数据路径、挂载路径或 persistence 示例。选择、记录或修改 persistence 前必须阅读 root [`AGENTS.md`](../AGENTS.md) → **Daemon data directory contract**;该块是唯一真相源
### 15.3 Configuration
@@ -1634,8 +1626,7 @@ operator 应挂载三个 volumes它们映射到根 [`AGENTS.md`](../AGENTS.md
```env
OD_PORT=17456
OD_BIND_HOST=0.0.0.0 # 当前 daemon 已读取的变量名([`apps/daemon/src/server.ts`](../apps/daemon/src/server.ts)
OD_DATA_DIR=/data/od
OD_MEDIA_CONFIG_DIR=/data/config
# 只有阅读 root AGENTS.md -> Daemon data directory contract 后,才能设置 daemon storage env vars。
OD_TRUST_DEFAULT=restricted # safe default for hosted (§9) — Phase 5 引入
OD_AGENT_BACKEND=claude # default code agent backend
OD_API_TOKEN=<random> # required when OD_BIND_HOST != 127.0.0.1 — Phase 5 引入 bearer middleware
@@ -1648,7 +1639,7 @@ TAVILY_API_KEY=...
> - `OD_BIND_HOST` 已经存在于 daemon 代码([`apps/daemon/src/server.ts`](../apps/daemon/src/server.ts)、[`apps/daemon/src/origin-validation.ts`](../apps/daemon/src/origin-validation.ts))。早期 spec 草稿曾以 `OD_HOST` 引用同一变量;正确名称是 `OD_BIND_HOST`,本 spec 全部采用此名称。**不**新增 `OD_HOST` 别名,避免双名漂移。
> - `OD_TRUST_DEFAULT`、`OD_API_TOKEN` 与对应 bearer-token middleware 当前**尚未实现**;它们是 Phase 5「Cloud deployment + pluggable storage」的一部分§15.7、§16 Phase 5。在落地前 hosted deployments 仍依赖 reverse proxy / network ACL 做访问控制hosted-mode security defaults 章节§15.7)会显式调用此前置条件。
任何能通过 desktop UI 设置的内容,也都能通过 `docker exec od od config set ...` 设置,或通过把预置 `media-config.json` 挂载到 `/data/config`
任何能通过 desktop UI 设置的内容,也都能通过 `docker exec od od config set ...` 设置。本文件绝不能提供具体存储路径
### 15.4 一条命令部署
@@ -1659,20 +1650,7 @@ docker run --rm -p 17456:17456 ghcr.io/open-design/od:latest
open http://localhost:17456
```
持久服务器
```bash
docker run -d --name od \
-p 17456:17456 \
-v od-data:/data/od \
-v od-config:/data/config \
-e OD_DATA_DIR=/data/od \
-e OD_MEDIA_CONFIG_DIR=/data/config \
-e OD_BIND_HOST=0.0.0.0 \
-e OD_API_TOKEN="$(openssl rand -hex 32)" \
-e ANTHROPIC_API_KEY="$ANTHROPIC_API_KEY" \
ghcr.io/open-design/od:latest
```
持久服务器 storage 示例在此处有意省略。编写前必须阅读 root [`AGENTS.md`](../AGENTS.md) → **Daemon data directory contract**。
在 container 内触达相同 surfaces
@@ -2162,7 +2140,7 @@ Phase 6、7、8 故意排在 §16 既有 Phase 5云部署之后避免
契约锁定四点:
1. **OD 把 design substrate stage 进 project cwd。** 按 §14.3daemon 把 SKILL.md / DESIGN.md / craft 写入 `.od-skills/`,把生成 artifact 通过 `od files` 写入 project cwd。cwd 通过 `od project info <id> --json | jq -r .cwd` 可发现。
1. **OD 把 design substrate stage 进 project cwd。** 按 §14.3daemon 把 SKILL.md / DESIGN.md / craft 写入 staged skill-context directory,把生成 artifact 通过 `od files` 写入 project cwd。cwd 通过 `od project info <id> --json | jq -r .cwd` 可发现。
2. **用户的 code agent 在该 cwd 或自己的 repo cwd 内操作。** OD 不在 IDE 里跑;它作为 daemon 与 IDE 并列。Cursor / Claude Code / Codex / Gemini CLI 是 patch-application 的表面。
3. **簿记留在 OD。** `ArtifactManifest`§11.5.1)记录 `sourcePluginSnapshotId`、`sourceTaskKind: 'tune-collab'`Phase 7 落地后还有 `'code-migration'`)、`handoffKind: 'patch'``od files` 记录每一字节的 artifact。哪怕 patch 由 code agent 完成OD 仍是 audit log 的拥有者。
4. **重新进入 OD 是 single-step。** 用户随时可以通过 inline rail§8或 `od plugin apply ... --project <id>` 在同一个 project 上重新 apply 任意 plugin或不同 plugin。`parentArtifactId` 链§11.5.1)跨越 OD ↔ code-agent 边界保留 lineage。

View File

@@ -93,10 +93,12 @@ timeout) before resolving, so the UI can show a clear "starting…" /
5. **Subprocess output streaming** — should the daemon stream the dev
server's stdout/stderr to the UI (so users see Next/Vite errors
inline) or just spawn detached?
6. **Non-folder projects** — current OD generates HTML files in
`.od/projects/<id>/`. Should those projects also get a "launch dev
server" affordance if they happen to have a `package.json`? Or is
this strictly a folder-import feature?
6. **Non-folder projects** — current OD can generate project-owned files
outside imported folders. This RFC MUST NOT define daemon data paths;
read the root `AGENTS.md` section **Daemon data directory contract**
before changing or documenting project storage. Should those projects also
get a "launch dev server" affordance if they happen to have a
`package.json`? Or is this strictly a folder-import feature?
## Implementation notes (from working prototype)

View File

@@ -88,7 +88,7 @@ Phased plan from "spec-only today" to "usable MVP" to "published v1." All estima
3. Without Claude Code installed: API-fallback produces prototypes (not decks — guizang-ppt-skill needs native skill loading).
4. A user can drop a DESIGN.md into the project root and subsequent generations respect it.
5. A third party can publish a skill repo; `od skill add <url>` installs it and it works.
6. Artifacts are plain files; `git add ./.od/artifacts/` and `git log` tell a sensible story.
6. Artifacts are plain files. This roadmap MUST NOT define daemon data paths; read the root `AGENTS.md` section **Daemon data directory contract** before changing or documenting artifact storage.
7. No Electron, no Tauri, no desktop packaging anywhere in the repo.
---

View File

@@ -153,7 +153,9 @@ pnpm tools-dev run web
# Design system / Image / Video / Audio)
# - Find your skill in the picker
# - Click it, paste the example_prompt
# - Watch the artifact stream into .od/artifacts/<run-id>/
# - Watch the artifact stream in the UI. This guide MUST NOT define daemon
# data paths; read the root AGENTS.md section "Daemon data directory
# contract" before changing or documenting artifact storage.
# - Verify preview iframe renders correctly
# - Verify export (PPTX / PDF) works if the mode supports it
```

View File

@@ -151,16 +151,11 @@ Conflicts by `name` resolve to the higher-priority version. All locations are wa
### Symlink strategy (borrowed from [cc-switch](https://github.com/farion1231/cc-switch))
`cc-switch` maintains a central skill dir at `~/.cc-switch/skills/` and symlinks it into each agent's expected location (`~/.claude/skills/`, `~/.codex/skills/`, etc.). OD can opt into the same model:
```
~/.open-design/skills/
magazine-web-ppt/ (canonical location)
~/.claude/skills/
magazine-web-ppt → ~/.open-design/skills/magazine-web-ppt
~/.codex/skills/
magazine-web-ppt → ~/.open-design/skills/magazine-web-ppt
```
`cc-switch` maintains a central skill dir and symlinks it into each agent's
expected location (`~/.claude/skills/`, `~/.codex/skills/`, etc.). OD can opt
into the same model, but this protocol MUST NOT define Open Design daemon data
paths. Read the root `AGENTS.md` section **Daemon data directory contract**
before changing or documenting any Open Design-owned storage location.
One install → every agent sees the skill. This is optional; users who only use one agent don't need it.
@@ -261,7 +256,7 @@ The split keeps DESIGN.md authors free of universal-craft duplication and keeps
```sh
od skill add https://github.com/op7418/guizang-ppt-skill
# → clones into ~/.open-design/skills/magazine-web-ppt
# → installs into daemon-managed storage; read root AGENTS.md -> "Daemon data directory contract" before documenting paths
# → symlinks into ~/.claude/skills/ (and any other active agent dirs)
# → re-indexes registry
@@ -289,7 +284,9 @@ The skill is unchanged. Here's the full path:
4. User types "给我做一份杂志风 8 页投资人 PPT".
5. Daemon dispatches to active agent (Claude Code) with:
- system message: skill's `SKILL.md` body
- cwd: `./.od/artifacts/2026-04-24-pitch-deck/`
- cwd: daemon-managed artifact workspace. This protocol MUST NOT define
daemon data paths; read root `AGENTS.md` -> **Daemon data directory
contract** before changing or documenting artifact storage.
- files already placed in cwd: `template.html` (from skill's `assets/`)
6. Agent runs its 6-step workflow (clarify → copy template → populate → self-check → preview → refine).
7. OD streams the agent's tool calls as UI events; artifact dir grows.

View File

@@ -94,7 +94,7 @@ Module responsibilities:
- **Daemon** — long-running local process. Detects agents, registers skills, manages artifacts on disk, resolves the active design system, and brokers REST/SSE requests.
- **Agent adapters** — one adapter per supported CLI; see [`agent-adapters.md`](agent-adapters.md).
- **Skill registry** — scans `~/.claude/skills/`, `./skills/`, and `./.claude/skills/`; merges and exposes a typed catalog.
- **Artifact store** — project-scoped folder (default `./.od/`) holding generated files, version snapshots (git-friendly), and per-artifact metadata.
- **Artifact store** — daemon-managed storage for generated files, version snapshots, and per-artifact metadata. Current data-path rules are not specified in this draft; contributors must read root `AGENTS.md`**Daemon data directory contract** before documenting or changing storage paths.
- **Design-system resolver** — loads the active `DESIGN.md`, injects it as skill context.
- **Automations** — templates that orchestrate schedules, connectors, ingestion, memory updates, skill crystallization, design-system extraction, token compression, and review gates; source packets enter through the Automations page, `/api/automation-ingestions`, and `od automation source`, while evolution proposals are reviewable through `/api/automation-proposals` and `od automation proposal`.
- **Memory / evolution store** — editable Markdown-backed memory tree exposed through Settings, `/api/memory/tree`, and `od memory tree`; accepted tree nodes feed future daemon and BYOK/API-mode agent prompts, and accepted proposals can write reviewed memory, skill, and design-system drafts into user-owned runtime roots.
@@ -143,7 +143,7 @@ In short: Claude Design is a product; OD is a **substrate**.
## 10. Open questions (to resolve before coding)
- **Daemon ↔ Vercel bridge.** Do we ship a reverse-tunnel helper (like `cloudflared`), require the user to set one up, or punt to "run locally for now"? My current lean: punt for MVP, helper in v1.
- **Artifact versioning.** Git, or SQLite, or both? [Open CoDesign][ocod] uses SQLite; that's easier but less reviewable. Lean: write artifacts as plain files + a `.od/history.jsonl` log. Git is the user's business.
- **Artifact versioning.** Git, or SQLite, or both? [Open CoDesign][ocod] uses SQLite; that's easier but less reviewable. This draft does not define the current daemon data path; root `AGENTS.md`**Daemon data directory contract** is the mandatory source of truth.
- **Comment mode on non-Claude-Code agents.** Claude Code supports surgical edits via its tool loop. Codex and Gemini CLI are less graceful. Do we degrade to "regenerate whole file" for weaker agents? Lean: yes, document clearly in the adapter table.
- **Skill trust model.** Skills can shell out via the agent. We should at minimum warn on install, and probably sandbox the agent's cwd to the project directory. Claude Code's permission mode handles this for us if we use it; Codex is looser. Needs a per-adapter note.

View File

@@ -26,7 +26,7 @@ registry / distribution / website / multi-source 的细分用例。
| REG-012 | version range / dist-tag / yank resolution | `vendor/plugin@1.0.0``@latest``@^1.0.0` 可解析yanked beta 不参与新解析 | `apps/daemon/tests/plugins-marketplaces.test.ts` |
| REG-013 | archive integrity fail closed | HTTPS/GitHub tarball 下载会计算 `sha256:`entry integrity 不匹配时拒绝解包,匹配/缺省时写入 installed record | `apps/daemon/tests/plugins-installer-archive.test.ts` |
| REG-014 | registry backend parity | static/GitHub/DB backend 共享 list/search/resolve/publish contractGitHub publish 产出稳定 PR mutation paths | `apps/daemon/tests/registry-backends.test.ts` |
| REG-015 | install lockfile | installed plugin 可生成稳定 `.od/od-plugin-lock.json` entry包含 marketplace id、resolved ref、digest、integrity | `apps/daemon/tests/plugins-lockfile.test.ts`, `apps/daemon/tests/plugins-installer.test.ts` |
| REG-015 | install lockfile | installed plugin 可生成稳定 lockfile entry包含 marketplace id、resolved ref、digest、integrity;测试文档不得定义 daemon 数据路径,必须阅读 root `AGENTS.md`**Daemon data directory contract** | `apps/daemon/tests/plugins-lockfile.test.ts`, `apps/daemon/tests/plugins-installer.test.ts` |
| REG-016 | marketplace doctor | invalid name、missing source、missing capability/license、yank reason 等会被 doctor 报告,并支持 strict warning-as-error | `apps/daemon/tests/plugins-marketplace-doctor.test.ts` |
| REG-017 | static marketplace-json publish | `od plugin publish --to marketplace-json` 的纯 upsert 逻辑强制 `vendor/plugin-name`,从 GitHub URL 推导 reproducible source并稳定更新 catalog | `apps/daemon/tests/plugins-publish.test.ts` |
| REG-018 | public plugin SEO/search renderer | `/plugins/search.json` 和 per-plugin detail pages 可静态构建,包含 official/community registry entry | `apps/landing-page` `typecheck` + `build` |

View File

@@ -193,7 +193,7 @@ pnpm tools-dev run web --daemon-port 17456 --web-port 17573
| PS-E03 | Community seed | community registry 作为 `restricted` source 加载 | `apps/daemon/tests/plugins-marketplaces.test.ts` |
| PS-E04 | Version resolution | exact、dist-tag、semver range、yanked beta 解析正确 | `apps/daemon/tests/plugins-marketplaces.test.ts` |
| PS-E05 | Provenance | marketplace install 保留 sourceMarketplaceId、entry name/version、resolved ref、integrity | `apps/daemon/tests/plugins-installer.test.ts` |
| PS-E06 | Lockfile replay | `.od/od-plugin-lock.json` 可以重放 exact install | `apps/daemon/tests/plugins-lockfile.test.ts` |
| PS-E06 | Lockfile replay | daemon-managed plugin lockfile 可以重放 exact install;测试文档不得定义 daemon 数据路径,必须阅读 root `AGENTS.md`**Daemon data directory contract** | `apps/daemon/tests/plugins-lockfile.test.ts` |
| PS-E07 | Marketplace doctor | invalid name/source/capability/license/yank reason 被报告 | `apps/daemon/tests/plugins-marketplace-doctor.test.ts` |
| PS-E08 | Public site renderer | `/plugins`、detail route、`/plugins/search.json` build 通过 | `pnpm --filter @open-design/landing-page build` |

View File

@@ -7,6 +7,7 @@ import { chromium, expect as playwrightExpect, type Browser, type Page } from '@
import { afterEach, describe, expect, test } from 'vitest';
import { createFakeAgentRuntimes } from '@/fake-agents';
import { T } from '@/timeouts';
import type { ProjectFile } from '@/vitest/artifacts';
import { requestJson, requestText } from '@/vitest/http';
import { listMessages, type E2eChatMessage } from '@/vitest/messages';
@@ -93,6 +94,7 @@ describe('dialog artifact consistency', () => {
}, { key: STORAGE_KEY, codexEnv: fakeAgents.codex.env });
const page = await context.newPage();
page.setDefaultNavigationTimeout(T.xlong);
await page.goto('/', { waitUntil: 'domcontentloaded' });
await waitForLoadingToClear(page);
const target = `/projects/${encodeURIComponent(project.project.id)}/conversations/${encodeURIComponent(project.conversationId)}`;

View File

@@ -57,7 +57,9 @@ What this wires up:
`open-design-web.service`. `systemctl --user status open-design`.
- macOS: `launchd` agents `io.nexu.open-design` and (optionally)
`io.nexu.open-design-web`. `launchctl print gui/$UID/io.nexu.open-design`.
- Data lives in `$HOME/.od/` by default — override `dataDir` to relocate.
- Before documenting or changing daemon storage, you MUST read root
[`AGENTS.md`](../AGENTS.md) → **Daemon data directory contract**. This README
MUST NOT restate it.
## (2) NixOS — for shared/server installs

View File

@@ -18,7 +18,7 @@ mapping". This atom produces that mapping.
- `figma/tokens.json` from `figma-extract` (figma-migration), OR
- `code/tokens.json` from `design-extract` (code-migration).
- The active design system DESIGN.md (already injected into the
prompt; the atom reads from `.od-skills/design-system/DESIGN.md`).
prompt; the atom reads from the staged design-system context).
## Output

View File

@@ -42,11 +42,11 @@ research/last30days/<safe-topic-slug>.md
Use the bundled engine when the environment can run it:
```bash
python3.12 ".od-skills/last30days/scripts/last30days.py" "<topic>" --emit=compact --save-dir "research/last30days" --save-suffix raw
python3.12 "<staged-skill-dir>/last30days/scripts/last30days.py" "<topic>" --emit=compact --save-dir "research/last30days" --save-suffix raw
```
If `python3.12` is unavailable, try `python3` only after confirming it is
Python 3.12 or newer. If the staged `.od-skills/last30days/` path is
Python 3.12 or newer. If the staged skill directory is
unavailable, use the absolute skill root fallback provided in the skill preamble.
The upstream engine may create a raw support file such as

View File

@@ -32,11 +32,11 @@ If the bundled engine ran successfully and Python 3.12+ is available, you may
ask it to render HTML from the same topic and synthesis:
```bash
python3.12 ".od-skills/last30days/scripts/last30days.py" "<topic>" --emit=html --synthesis-file "<temp-synthesis-file>" > "research/last30days/<safe-topic-slug>.html"
python3.12 "<staged-skill-dir>/last30days/scripts/last30days.py" "<topic>" --emit=html --synthesis-file "<temp-synthesis-file>" > "research/last30days/<safe-topic-slug>.html"
```
Use the absolute skill root fallback from the skill preamble if the staged
`.od-skills/last30days/` path is unavailable.
the staged skill directory is unavailable.
The temporary synthesis file should contain only the report synthesis you
already wrote: short summary, key findings, community signals, limitations, and

View File

@@ -108,7 +108,9 @@ same shape with provider-specific `endpoint` strings.
- else `<OD_DATA_DIR>/media-config.json` when `OD_DATA_DIR` is set
(relative paths are anchored to the active project root, `$HOME`
and `~` shorthands are expanded);
- else `<projectRoot>/.od/media-config.json` for the active project.
- else daemon-managed media configuration for the active project. Before
documenting daemon storage paths, read root `AGENTS.md` → **Daemon data
directory contract**.
The artifact never opens any of these paths itself — it always goes
through the daemon poll endpoint, and the daemon enforces the

View File

@@ -356,13 +356,13 @@ Add live-artifact and connector-specific `ApiErrorCode` values such as `TOOL_TOK
### 7.1 Storage layout
Use project-scoped files under the daemon runtime data directory first. `OD_DATA_DIR` may override the default; otherwise `<RUNTIME_DATA_DIR>` is `<repo>/.od`:
Use project-scoped files under daemon-managed storage. This historical spec
MUST NOT define daemon data paths; read root [`AGENTS.md`](../../AGENTS.md) →
**Daemon data directory contract** before documenting storage.
```text
<RUNTIME_DATA_DIR>/projects/<projectId>/
└── .live-artifacts/
└── <artifactId>/
├── artifact.json
project artifact storage
└── live artifact metadata and payloads
├── template.html
├── index.html
├── data.json
@@ -638,9 +638,9 @@ Connector policy must be enforced at execution and refresh time, not only when t
Default decision:
- OAuth connection state and credentials live outside project artifacts, under a daemon-controlled global store such as `~/.open-design/connectors/` or an app database.
- OAuth connection state and credentials live outside project artifacts, under daemon-controlled storage or an app database. This spec MUST NOT define daemon data paths.
- Project artifacts only store stable references: `connectorId`, `accountLabel`, provider tool id/name, minimized input, and provenance.
- Access tokens, refresh tokens, headers, cookies, OAuth state, and raw provider responses are never written under `<RUNTIME_DATA_DIR>/projects/<projectId>/.live-artifacts` or any other project artifact directory.
- Access tokens, refresh tokens, headers, cookies, OAuth state, and raw provider responses are never written under project artifact storage.
- Refresh resolves credentials through the daemon connector service at execution time.
- UI must show the connector/account label so users understand which global connection backs a project artifact.

View File

@@ -16,7 +16,7 @@ Electron does not introduce a separate privileged application layer. The web lay
`apps/web` must not directly access local privileged capabilities:
- `.od` state
- daemon-managed state
- SQLite storage
- workspace filesystem reads or writes
- agent CLI processes
@@ -29,7 +29,7 @@ The web layer communicates with daemon-owned capabilities through API DTOs and s
`apps/daemon` is the sole local capability server. It owns privileged local runtime behavior:
- `.od` state
- daemon-managed state
- SQLite storage, schema, migrations, and storage layout
- workspace filesystem access
- agent CLI invocation

View File

@@ -390,25 +390,18 @@ integration boundaries.
| Option | Where raw events live | Implication |
|---|---|---|
| A. Engine package owns raw events | `<storage_root>/<userId>/raw_events.jsonl` alongside `preferences.json` | Engine boundary expands to include event log. Re-derivation runs inside the package. |
| B. Daemon owns raw events | `<OD_DATA_DIR>/memory/<userId>/raw_events.jsonl`, or a `raw_events` table inside `<OD_DATA_DIR>/app.sqlite` | Engine becomes a pure derivation function over an event slice handed in by the daemon. |
| C. Hybrid — daemon writes, engine reads | Daemon appends under the `OD_DATA_DIR` precedence; engine reads through a typed accessor | Decouples write path (event capture is a host concern) from derivation (engine concern). |
| A. Engine package owns raw events | Engine-owned storage alongside `preferences.json` | Engine boundary expands to include event log. Re-derivation runs inside the package. |
| B. Daemon owns raw events | Daemon-managed storage | Engine becomes a pure derivation function over an event slice handed in by the daemon. |
| C. Hybrid — daemon writes, engine reads | Daemon writes through its storage contract; engine reads through a typed accessor | Decouples write path (event capture is a host concern) from derivation (engine concern). |
`<OD_DATA_DIR>` here means the resolved daemon data root: `OD_DATA_DIR` if
set, otherwise `<projectRoot>/.od`. The path is resolved with `~/` expansion
and relative paths anchored to `<projectRoot>`. Packaged installs and Home
Manager / NixOS modules already point `OD_DATA_DIR` at a writable directory
because the install root may be read-only; raw events must ride that
contract rather than hard-code a repo-rooted `.od/` path.
This spec MUST NOT define daemon data paths. Before documenting or changing
daemon storage, read root [`AGENTS.md`](../../AGENTS.md) → **Daemon data
directory contract**.
`OD_MEDIA_CONFIG_DIR` is **not** part of this precedence. Per
[`AGENTS.md`](../../AGENTS.md) FAQ "Where is data written?",
`OD_MEDIA_CONFIG_DIR` is a narrower override that relocates *only*
`media-config.json` (API credentials). Raw events are general daemon
runtime data and follow the daemon data-root contract above; an
implementation that respected `OD_MEDIA_CONFIG_DIR` for raw events would
route preference event data into the credentials directory, which is the
wrong contract.
Media config storage is outside this spec. Read the same root contract before
documenting any storage exception. Raw events are general daemon runtime data
and must follow the daemon storage contract; an implementation that routes
preference event data into credentials storage would use the wrong contract.
Lean: **C**. Event capture is intrinsically a host concern — the daemon is
where the pipeline events fire from, where debounce/coalesce happens, and where

View File

@@ -258,11 +258,11 @@ ALTER TABLE artifacts DROP COLUMN critique_score;
| --- | --- | --- |
| `critique_score` | `REAL` | Final composite. `NULL` for legacy artifacts. |
| `critique_rounds_json` | `TEXT` | Compact summary per round: `[{n, composite, mustFix, decision}]`. Bounded; full transcript on disk. |
| `critique_transcript_path` | `TEXT` | Relative path under `.od/artifacts/<artifactId>/`. The stored value is the relative path; absolute resolution is daemon-side only. |
| `critique_transcript_path` | `TEXT` | Relative path under daemon-managed artifact storage. The stored value is the relative path; absolute resolution is daemon-side only. This spec MUST NOT define daemon data paths; read root [`AGENTS.md`](../../AGENTS.md) → **Daemon data directory contract**. |
| `critique_status` | `TEXT` | Constrained by `CHECK` clause. `legacy` marks artifacts produced before the feature shipped. |
| `critique_protocol_version` | `INTEGER` | Pin which `parsers/v{n}.ts` to use for replay. |
Transcripts are written to `.od/artifacts/<artifactId>/transcript.ndjson` (one `PanelEvent` per line). Files larger than 256 KiB are gzipped to `transcript.ndjson.gz`. The orchestrator chooses the format at write time; the replay path detects the format by extension.
Transcripts are written through daemon-managed artifact storage (one `PanelEvent` per line). Files larger than 256 KiB are gzipped. The orchestrator chooses the format at write time; the replay path detects the format by extension. This spec MUST NOT define daemon data paths.
## UI surface
@@ -490,7 +490,7 @@ A Grafana dashboard ships in `tools/dev/dashboards/critique.json` with three def
| Surface | Threat | Mitigation |
| --- | --- | --- |
| `<ARTIFACT>` body | XSS in shipped HTML | Existing sandboxed iframe pattern with `sandbox` and CSP headers. No new surface. |
| Transcript on disk | Path traversal via stored path | The SQLite column stores a relative path; the daemon resolves under `.od/artifacts/<artifactId>/`; no user-supplied component reaches the resolver. |
| Transcript on disk | Path traversal via stored path | The SQLite column stores a relative path; the daemon resolves under daemon-managed artifact storage; no user-supplied component reaches the resolver. |
| Brand `DESIGN.md` content in prompt | Prompt injection from a malicious system | DESIGN.md is wrapped in a `<BRAND_SOURCE>` block whose framing instructs the agent to treat it as data. Same defence as the existing skill loader. |
| Score and must-fix from agent stdout | Log injection (newlines, ANSI) | Parser strips ANSI; logs JSON-encode every value; UI renders as text only. |
| Pathological agent output | DoS via unbounded buffers | `parserMaxBlockBytes`, `perRoundTimeoutMs`, `totalTimeoutMs` are bounded and config-driven. Orchestrator enforces hard kill. |

View File

@@ -7,7 +7,7 @@ This document captures the maintainability risks in the current `apps/web` + `ap
The architectural boundary stays unchanged:
- `apps/web`: Next.js frontend and thin BFF/proxy layer.
- `apps/daemon`: local runtime/backend for SQLite, `.od` filesystem state, AI agent CLI processes, and SSE streaming.
- `apps/daemon`: local runtime/backend for SQLite, daemon-managed filesystem state, AI agent CLI processes, and SSE streaming. This roadmap MUST NOT define daemon data paths; read root [`AGENTS.md`](../../AGENTS.md) → **Daemon data directory contract** before documenting storage.
The first-principles maintainability goals are:
@@ -33,7 +33,7 @@ The first-principles maintainability goals are:
| R1 | P0 | Daemon TypeScript enforcement needs ongoing maintenance. | `apps/daemon` now typechecks across source and tests, and all `@ts-nocheck` suppressions have been removed. | New daemon payload, DB row, agent event, or task-state changes can reintroduce drift if they bypass shared contracts or typed boundaries. | Keep daemon source and tests under TypeScript enforcement; preserve zero `@ts-nocheck`; route shared API/SSE/error shapes through `packages/contracts`; add runtime validation for untrusted daemon inputs. |
| R2 | P0 | Web/daemon API contract is implicit. | `apps/web` calls daemon through `/api/*` rewrites; web has TypeScript types, daemon returns manually shaped JSON. | Field mismatches surface at runtime; API evolution is fragile. | Create `packages/api-contract` or an equivalent shared contract layer for request, response, error, and SSE event types. |
| R3 | P0 | Runtime validation is incomplete at the daemon boundary. | Daemon requests can trigger local filesystem access, SQLite writes, and `child_process.spawn()`. | Type correctness alone cannot protect against malformed runtime input, path traversal, invalid agent IDs, or unsafe args. | Add schema validation at HTTP boundaries with Zod/TypeBox; centralize validation for workspace paths, task IDs, agent IDs, models, reasoning options, uploaded files, and command arguments. |
| R4 | P0 | Local capability security boundary needs explicit rules. | Daemon owns high-permission capabilities: local files, `.od`, project workspaces, agent CLIs, and logs. | Unsafe path handling, broad command execution, token leakage, and unintended workspace access become possible failure modes. | Treat daemon as a capability server: bind to localhost, use workspace/path allowlists, normalize and jail paths, allowlist agent commands, and redact sensitive output. |
| R4 | P0 | Local capability security boundary needs explicit rules. | Daemon owns high-permission capabilities: local files, daemon-managed storage, project workspaces, agent CLIs, and logs. | Unsafe path handling, broad command execution, token leakage, and unintended workspace access become possible failure modes. | Treat daemon as a capability server: bind to localhost, use workspace/path allowlists, normalize and jail paths, allowlist agent commands, and redact sensitive output. |
| R5 | P0 | Agent process lifecycle needs a first-class manager. | `/api/chat` spawns multiple agent runtimes and streams output to the frontend. | Zombie processes, cancellation gaps, orphaned tasks, inconsistent exit handling, and concurrent process conflicts. | Introduce a process/task manager with task state machine, cancellation, timeout, cleanup, exit code capture, signal handling, and concurrency limits. |
| R6 | P1 | `server.ts` is too monolithic. | `apps/daemon/src/server.ts` contains many routes plus orchestration, filesystem logic, streaming, uploads, and artifact handling. | Harder to understand, test, and change; unrelated edits share the same file and increase regression risk. | Split into thin routes plus services/adapters: `routes/`, `services/`, `agents/`, `db/`, `fs/`, `streams/`, `artifacts/`. |
| R7 | P1 | Error handling is inconsistent. | Handlers commonly use local `try/catch` and return ad hoc JSON errors. | UI receives inconsistent failures; logs lose context; task state can stall after partial failures. | Define a unified error model with `code`, `message`, `details`, `retryable`, and `requestId/taskId`; add centralized Express error middleware and adapter-level error mapping. |
@@ -45,7 +45,7 @@ The first-principles maintainability goals are:
| R13 | P2 | Cross-platform behavior is a recurring risk. | Daemon uses filesystem paths, SQLite native bindings, shell/process behavior, and signals. | macOS, Linux, and Windows/WSL can differ in path normalization, quoting, permissions, and process termination. | Use Node path APIs consistently, avoid shell string composition, isolate platform-specific process logic, and add CI coverage for supported platforms. |
| R14 | P2 | Framework migration can distract from core maintainability issues. | Current complexity is concentrated in FS/spawn/SSE/SQLite and module boundaries. | A framework rewrite can consume time while preserving the risky domain logic. | Keep Express for now; revisit Fastify only after TS, contracts, validation, tests, and modularization are in place and Express becomes a clear limiter. |
| R15 | P2 | Web/daemon boundary can erode over time. | Next.js has BFF capability and daemon has backend capability; future edits may blur ownership. | High-permission local runtime logic may leak into `apps/web`; deployment and security assumptions become unclear. | Document and enforce ownership: web handles UI/BFF/proxy; daemon owns local runtime capabilities; shared code contains contracts and pure logic only. |
| R16 | P3 | Operational documentation is incomplete. | Local-first daemon behavior depends on ports, `.od`, agent CLIs, runtime logs, and recovery flows. | Onboarding and support costs rise; troubleshooting relies on oral knowledge. | Document daemon architecture, API/SSE contract, task lifecycle, `.od` data layout, agent dependency checks, and common recovery procedures. |
| R16 | P3 | Operational documentation is incomplete. | Local-first daemon behavior depends on ports, daemon-managed storage, agent CLIs, runtime logs, and recovery flows. | Onboarding and support costs rise; troubleshooting relies on oral knowledge. | Document daemon architecture, API/SSE contract, task lifecycle, storage contract index, agent dependency checks, and common recovery procedures. |
## Optimization Dependencies

View File

@@ -146,18 +146,20 @@ Default community registry
-> community source is configured by default
-> Available shows restricted community entries
-> user explicitly installs one
-> plugin is copied to ~/.open-design/plugins/<plugin-id>
-> plugin is installed into daemon-managed storage
-> Installed becomes part of agent context/runtime consumption
```
`Available` entries are supply candidates, not runnable capabilities. The agent should consume the installed set: bundled official plugins, user-created plugins, direct GitHub/URL/local installs, and marketplace-installed plugins. A future "Use from Available" shortcut can auto-install first, but it must still produce an installed record before the agent runs it.
User-created and user-installed plugins live in the user-state plugin root,
`~/.open-design/plugins/<plugin-id>` by default. The daemon reloads those
installed records and folders on later boots. Runtime-bundled official plugins
stay inside the app/repo image and are re-registered on boot as official-source
preinstalls; updating them can later happen by refreshing/installing from the
official registry source instead of waiting for an app release.
User-created and user-installed plugins live in daemon-managed storage. This
plan MUST NOT define daemon data paths; read root [`AGENTS.md`](../../AGENTS.md)
**Daemon data directory contract** before documenting storage. The daemon
reloads those installed records and folders on later boots. Runtime-bundled
official plugins stay inside the app/repo image and are re-registered on boot as
official-source preinstalls; updating them can later happen by
refreshing/installing from the official registry source instead of waiting for
an app release.
The production-side loop is the mirror image:
@@ -588,7 +590,7 @@ Goal: move from "catalog index" to "registry entry".
- [x] Add `od marketplace plugins <id>` with pagination/search/filter.
- [x] Add `od plugin install <name>@<version-or-tag>`.
- [x] Add resolver support for exact version, dist-tag, and conservative `^`/`~` ranges.
- [x] Add initial `.od/od-plugin-lock.json` shape with name, version, source, marketplace id, resolved ref, manifest digest, archive integrity.
- [x] Add initial daemon-managed plugin lockfile shape with name, version, source, marketplace id, resolved ref, manifest digest, archive integrity. This plan MUST NOT define daemon data paths.
- [ ] Add `od plugin lock verify`.
- [ ] Add `od plugin outdated`.
- [x] Add yanking metadata and resolver behavior: yanked versions are visible for audit and refused for new resolution. Exact locked replay warning remains a route-level follow-up once lock verify lands.
@@ -716,7 +718,7 @@ Additional validation by area:
- Should the official registry live in this monorepo or a separate `open-design/plugin-registry` repo? Separate is cleaner for community PR review and static-site generation.
- Should `official` marketplace trust be allowed for user-added URLs, or only for built-in source ids shipped by Open Design? Recommendation: only built-in sources can be `official`; user-added sources can be `trusted` or `restricted`.
- Should lockfile be project-local (`.od/plugins-lock.json`) or user-global? Recommendation: project-local for reproducible runs, with user-global cache as an implementation detail.
- Should lockfile be project-local or user-global? Recommendation: project-local for reproducible runs, with user-global cache as an implementation detail. This plan MUST NOT define daemon data paths; read root [`AGENTS.md`](../../AGENTS.md) → **Daemon data directory contract**.
- Should `od plugin publish --to marketplace-json` mutate a local catalog file directly or create a branch/PR when the catalog URL maps to GitHub? Recommendation: support both, but default to PR when a GitHub remote is detectable.
- How much popularity/ranking data should the official site show before telemetry policy is settled? Recommendation: show stars/downloads only when sourced from public GitHub or explicit registry events; keep install telemetry opt-in.

View File

@@ -94,7 +94,7 @@ in the linked issues and PRs.
| #1637/#1746: avoid more isolated engine churn when product/pipeline boundary is unresolved. | Do not start by refactoring providers. Start at the run boundary, media command boundary, and request event boundary. |
| #1637/#3021: use an integration-shape doc with concrete decision points. | This doc names the policy modes, API contracts, event/resource model, owner decisions, and phased implementation sequence. |
| #3021: keep the doc self-contained and grounded in live daemon contracts. | The background section names the live files and primitives this patch should change. It does not depend on a parked branch. |
| #3021: preserve the current data-root/runtime contract exactly. | New persistent state should follow daemon runtime data ownership under `OD_DATA_DIR` if set, else `<projectRoot>/.od`. `OD_MEDIA_CONFIG_DIR` remains media-config-only and should not own request state. |
| #3021: preserve the current daemon storage contract exactly. | New persistent state should follow daemon runtime data ownership. This spec MUST NOT define daemon data paths; read root [`AGENTS.md`](../../AGENTS.md) → **Daemon data directory contract**. Media config storage remains media-config-only and should not own request state. |
## Decision summary

View File

@@ -35,7 +35,9 @@ The recovery path follows the user-visible hierarchy: open a project, load a con
A project is the design workspace. It provides:
- project metadata, such as skill, design system, and fidelity;
- the daemon working directory, usually `.od/projects/<projectId>/`;
- the daemon-managed project working directory. This spec MUST NOT define
daemon data paths; read root [`AGENTS.md`](../../AGENTS.md) → **Daemon data
directory contract** before documenting storage;
- artifact ownership;
- the top-level scope for conversations and runs.

View File

@@ -67,7 +67,9 @@ Flow:
1. The frontend submits `agentId`, user message, system prompt, project ID, attachments, model, and reasoning options.
2. The daemon uses `getAgentDef(agentId)` to find the runtime definition.
3. The daemon creates or locates `.od/projects/<projectId>/` as the agent working directory.
3. The daemon creates or locates the daemon-managed project working directory.
This spec MUST NOT define daemon data paths; read root
[`AGENTS.md`](../../AGENTS.md) → **Daemon data directory contract**.
4. The daemon validates uploaded image paths and project attachment paths.
5. The daemon combines the system prompt, working directory hint, existing file list, attachment list, and user request into one prompt.
6. The daemon prepares additional readable directories: `skills/` and `design-systems/`.
@@ -270,7 +272,7 @@ Existing protections include:
- Reasoning options must exist in the runtime definition's `reasoningOptions`.
- Image paths must be located inside the daemon temporary upload directory.
- Attachment paths must be located inside the project working directory.
- Agent working directories are constrained to `.od/projects/<projectId>/`.
- Agent working directories are constrained to daemon-managed project storage.
- ACP runtimes have timeout protection for the initialize, session/new, session/set_model, and session/prompt stages.
- ACP runtimes listen for `stdin` errors and proactively clean up detection processes after model detection completes.
- When the SSE connection closes, the daemon sends `SIGTERM` to the subprocess.

View File

@@ -21,7 +21,10 @@ Release artifacts keep the canonical `Open Design.app` bundle shape; local `tool
Packaged runtime state is namespace-scoped under `.tmp/tools-pack/runtime/mac/namespaces/<namespace>/`:
- `data/` is the daemon-managed data root passed to the daemon through the packaged sidecar launch environment.
- Packaged daemon storage is governed only by the root `AGENTS.md` section
**Daemon data directory contract**. Before changing or documenting packaged
storage propagation, you MUST read that section; this README MUST NOT
restate it.
- `logs/` contains packaged process logs for `desktop`, `web`, and `daemon`.
- `runtime/` is the sidecar runtime base used by the packaged desktop/web/daemon process group.
- `cache/` is reserved for namespace-local packaged cache state.
@@ -45,10 +48,9 @@ Packaged desktop also writes main-process lifecycle logs to `logs/desktop/latest
diagnosable. This log is intentionally scoped to packaged desktop startup/shutdown/process errors and does not capture
web/renderer console output.
The packaged daemon path contract is explicit: `tools-pack` writes namespace/base config, `apps/packaged` resolves
namespace paths, and the packaged sidecar launcher passes daemon managed paths via launch env. The daemon may keep its
own default fallback for non-packaged launches, but packaged runtime must not rely on fallback inference from Electron
`userData`, app bundle names, or ports.
The packaged daemon path contract lives only in the root `AGENTS.md` section
**Daemon data directory contract**. Before changing or documenting packaged
path propagation, you MUST read that section; this README MUST NOT restate it.
Packaged desktop can check the release metadata feed, download a verified mac DMG or Windows installer, and expose
update actions through desktop IPC. This runtime updater phase still opens the downloaded installer for manual

View File

@@ -4,10 +4,12 @@
> Status: **values + templates shipped; per-cloud override files pending.**
The chart's `templates/` covers the canonical Kubernetes shape:
Deployment, Service, Secret, ConfigMap, two PVCs (`/data/od` +
`/data/config`), and an optional Ingress. Every parameter is
exposed in `values.yaml` so the per-cloud override files can stay
small (volume + secret backend differences only).
Deployment, Service, Secret, ConfigMap, persistent storage, and an optional
Ingress. Before documenting or changing daemon storage paths, you MUST read
root [`AGENTS.md`](../../../../AGENTS.md) → **Daemon data directory contract**.
This README MUST NOT restate it. Every parameter is exposed in `values.yaml` so
the per-cloud override files can stay small (volume + secret backend differences
only).
## Cloud overrides (planned values files)