Highlights

🖥️ Real PTY terminal

The in-app Terminal is now backed by node-pty with xterm.js over a WebSocket. Interactive tools (claude, node, python, vim, ssh, top) work the same as in a native terminal — color, ANSI, cursor movement, Ctrl+C, the works.

• Augmented PATH per command picks up newly installed binaries (npm globals, WinGet, pip user dirs) without a backend restart.
• Windows curl auto-fix: --ssl-no-revoke injected on the fly + persistent _curlrc so CRYPT_E_NO_REVOCATION_CHECK stops blocking installs.

🤖 AI Agent

• Chat tab is reachable again — was orphaned in the AI Agent module.
• Claude CLI status detection fixed — was using stale PATH and timing out; now PATH-scans the binary directly.
• VPC Bot auto-creates default user so chat is immediately usable on first launch.
• Todo update returns proper 404 (was returning 200 with {error}).

🌿 Prod → Beta forks

Forks now clone schema + data by default. The opt-in checkbox flipped to opt-out for schema-only forks.

♻️ Robust restart

The Restart button now actually restarts VPC under nodemon, PM2, or plain node — used to silently no-op outside PM2.

📊 Real upgrade progress

The upgrade bar shows real % from the backend across 6 named steps (git pull, backend deps, frontend deps, build, migrations, finalize). No more fake 60%.

Files added

• backend/services/ptyService.js
• backend/scripts/respawn.js
• backend/utils/shellEnv.js

Upgrade path

Existing instances: open VPC Store → Update, then Restart VPC when prompted. The upgrader pulls the new commit, runs npm install in both packages (picks up node-pty, ws, xterm), rebuilds the frontend, runs migrations, and surfaces the restart banner.

🤖 Generated with Claude Code

Highlights

🔐 DB Auth — Google & GitHub OAuth

Supabase-style social sign-in, configured per project. Each project DB now has an auth_providers table; client_secret is AES-GCM encrypted. End users hit /api/db/auth/v1/<slug>/authorize/<provider> and come back with a JWT identical to the existing email login. Auto-link by email, avatar + provider badges in the user list, collapsed-by-default provider cards.

🚀 Web Hosting — Staged Deploys + Instant Rollback

Every deploy now builds into <slug>__staging, healthchecks (HTTP probe for node apps, HTML check for static), then atomically swaps with the live folder. Previous build is archived to <slug>__versions/v_<ts>_<sha>/. Last 3 versions kept for one-click rollback — new "Version History" card in the Overview tab. The live version stays online if a deploy fails.

🤖 AI Fix — now safe and reliable

The old AI Fix mutated the live build and could take the site down. Now it operates on the preserved staging dir (kept on disk after a failed deploy), applies AI patches, runs the full staged pipeline, and only swaps to live if the new build healthchecks green.

📊 Integrations — usage stats & fixed UI

GET /admin/integrations now returns per-integration usage data (total uses, unique apps, last used, per-app breakdown). New summary tiles (Connected · Total Uses · Apps Using · Last Activity) and click-to-expand per-app usage on each card. The "Connect a Service" picker is now scrollable, searchable, and grouped by category.

🔀 PR Previews — Netlify/Vercel-style

Open a PR → automatic preview deploy at /<slug>-pr-<n>/ on its own PM2 port. Sticky GitHub PR comment with the preview URL, build status, and commit SHA. Auto-rebuilds on push, tears down on close/merge. Webhook with HMAC SHA-256 verification, manual rebuild/close from a new "Previews" tab. Forks supported via the saved GitHub integration token.

Migrations

All schema changes are self-healing on first request — no manual migration needed:

• auth_users extended with provider, provider_id, full_name, avatar_url
• New tables: auth_providers (per project), web_hosting_versions, web_hosting_previews
• web_hosting_projects adds previews_enabled, previews_webhook_secret

Files

• backend/services/dbAuthOAuthService.js (new)
• backend/routes/dbAuthOAuth.js (new)
• backend/services/webHostingPreviewService.js (new)
• backend/routes/webHostingWebhook.js (new)
• frontend/src/components/ui/switch.jsx (new)
• Plus updates to dbService, webHostingService, routes/db, routes/webHosting, routes/integrations, server.js, Auth.jsx, IntegrationMonitor.jsx, webhosting/ProjectDashboard.jsx

🤖 Generated with Claude Code

VPC Deploy Log

v10.0.0 — 2026年04月22日

A forward-compatible release. No data loss paths, every migration is idempotent
and every new column has a safe default. Existing integrations, backups, pipelines
and sessions continue to work without manual intervention.

🚀 Highlights

• Perfect 1-click Pipeline promotion — preflight plan, typed confirmation, auto-snapshot, staged execute, one-click rollback.
• Exact beta fork — full data copy (not just schema), auto-deploy, env-var remap from prod → beta DB.
• GitHub-style browser sign-in across VS Code (vpc-sync-10.0.0.vsix) and CLI (vpc-pull login) — no more pasting PATs.
• 33 integration platforms (up from 7) with one-click automations (Supabase→Backup, GitHub→Import, Slack→Alerts, Cloudflare→DNS+SSL).
• Supabase backup destination — off-site backups on a schedule + cloud-restore fallback.
• Lazy-loaded apps — main bundle 1.2 MB → 498 KB (−59%).
• System Health widget — central logger captures every error, Dashboard surfaces 24h counts.
• Versioned encryption with rekey.js script for key rotation.
• Baseline tests via node --test — 8/8 passing.

📦 Deploy checklist

Run in order. Each step is idempotent and safe to re-run.

# 1. Apply new migrations (all use CREATE TABLE IF NOT EXISTS / ADD COLUMN IF NOT EXISTS)
psql "$DATABASE_URL" < backend/migrations/041_vpc_device_codes.sql
psql "$DATABASE_URL" < backend/migrations/042_vpc_backup_destinations.sql
psql "$DATABASE_URL" < backend/migrations/043_vpc_pipeline_promotions.sql
psql "$DATABASE_URL" < backend/migrations/044_vpc_system_logs.sql
# 2. Restart backend — new schedulers + logger wire up on boot
pm2 restart vpc-backend # or `systemctl restart vpc`
# 3. Rebuild frontend (lazy-split chunks)
cd frontend && npm install && npx vite build && cd ..
# 4. (Optional) Install the new VS Code extension
code --install-extension vscode-extension/vpc-sync-10.0.0.vsix --force
# 5. Verify
cd backend && npm test # 8/8 should pass
curl http://localhost:8001/health

🔒 Backward-compatibility notes

📂 New files

Backend

• backend/migrations/041_vpc_device_codes.sql
• backend/migrations/042_vpc_backup_destinations.sql
• backend/migrations/043_vpc_pipeline_promotions.sql
• backend/migrations/044_vpc_system_logs.sql
• backend/routes/deviceAuth.js — VS Code / CLI sign-in flow
• backend/routes/realtime.js — SSE event stream
• backend/services/backupScheduler.js — polls supabase destinations every 60s
• backend/services/credentialResolver.js — shared integration creds for any app
• backend/services/integrationAutomations.js — one-click automators
• backend/services/pipelinePromoteService.js — staged promote + rollback
• backend/services/realtimeBus.js — in-process pub/sub for SSE
• backend/services/supabaseBackupService.js — upload & restore via Supabase Storage
• backend/scripts/rekey.js — re-encrypt all secrets with new key
• backend/utils/logger.js — central logger writing to vpc_system_logs
• backend/views/deviceApprove.html — browser approval page for device flow
• backend/tests/smoke.test.js — 8 zero-dep smoke tests

Frontend

• frontend/src/components/apps/BackupDestinations.jsx
• frontend/src/components/apps/Connections.jsx (rewritten — 33 platforms, categories, automations)
• frontend/src/components/apps/Dashboard.jsx
• frontend/src/components/desktop/CommandPalette.jsx
• frontend/src/components/desktop/ContextBreadcrumb.jsx
• frontend/src/components/desktop/JobQueue.jsx
• frontend/src/components/desktop/KeyboardShortcutsOverlay.jsx
• frontend/src/components/desktop/NotificationCenter.jsx
• frontend/src/components/desktop/StatusBar.jsx
• frontend/src/components/desktop/WorkspaceSwitcher.jsx
• frontend/src/components/integrations/*
• frontend/src/components/pipeline/PromoteDialog.jsx
• frontend/src/components/widgets/* (incl. SystemHealthWidget)
• frontend/src/hooks/useGlobalKeyboard.js
• frontend/src/lib/realtime.js
• frontend/src/lib/widgetRegistry.js
• frontend/src/stores/useCommandStore.js
• frontend/src/stores/useContextStore.js
• frontend/src/stores/useDashboardStore.js
• frontend/src/stores/useIntegrationsStore.js
• frontend/src/stores/useJobStore.js
• frontend/src/stores/useNotificationStore.js
• frontend/src/stores/useWorkspaceStore.js

VS Code Extension (packaged as vpc-sync-10.0.0.vsix)

• vscode-extension/src/auth/deviceFlow.ts — AuthenticationProvider + device-flow poller
• vscode-extension/src/vcs/merge.ts — 3-way merge port

CLI

• cli/src/commands/login.js — vpc-pull login browser sign-in

🩺 New endpoints

# Device auth (public + JWT mix)
POST /api/admin/auth/device/code
POST /api/admin/auth/device/token
GET /api/admin/auth/device/pending?code=XXXX
POST /api/admin/auth/device/confirm { user_code }
POST /api/admin/auth/device/deny { user_code }
# Backup destinations
GET /api/admin/backup/destinations
POST /api/admin/backup/destinations
PATCH /api/admin/backup/destinations/:id
DELETE /api/admin/backup/destinations/:id
POST /api/admin/backup/destinations/:id/test
POST /api/admin/backup/destinations/:id/run
GET /api/admin/backup/destinations/:id/runs
# Integration automations
GET /api/admin/integrations/automations
POST /api/admin/integrations/:id/automate { automation, options }
# Perfect pipeline promote
GET /api/admin/pipeline/pipelines/:id/promote/preflight
POST /api/admin/pipeline/pipelines/:id/promote { confirmations, skipBackup, dryRun }
POST /api/admin/pipeline/pipelines/:id/promote-legacy (old behavior preserved)
GET /api/admin/pipeline/pipelines/:id/promotions
POST /api/admin/pipeline/pipelines/:id/promotions/:runId/rollback
# Logs
GET /api/admin/logs/health
GET /api/admin/logs/system?level=error&limit=100
# Static page
GET /auth/device (approval UI for device codes)

⚠ Rollback plan

If something goes wrong after deploy:

1. Database: new tables are independent. Drop them if needed — nothing else depends on them:

   DROP TABLE IF EXISTS vpc_pipeline_promotions CASCADE;
   DROP TABLE IF EXISTS vpc_system_logs;
   DROP TABLE IF EXISTS vpc_backup_destination_runs;
   DROP TABLE IF EXISTS vpc_backup_destinations;
   DROP TABLE IF EXISTS vpc_device_codes;
   ALTER TABLE vpc_integrations DROP COLUMN IF EXISTS visibility;
   ALTER TABLE vpc_integrations DROP COLUMN IF EXISTS created_by;
   ALTER TABLE vpc_settings DROP COLUMN IF EXISTS enc_key_version;

2. Code: git revert HEAD and redeploy. Because migrations are additive,
   reverting code without reverting the schema is also safe — the extra tables
   simply sit unused.
3. Pipeline promotions in flight: any running promotion records its
   pre-promote backup in vpc_pipeline_promotions.backup_id. Use
   POST /promotions/:runId/rollback or restore the backup directly
   via the Backup Manager.

✅ Verification

cd backend && npm test
✔ encryption: round-trip preserves plaintext
✔ encryption: decrypt handles legacy (v-less) format
✔ encryption: decrypt returns null for garbage
✔ integrations: all types have name + fields
✔ integrations: every type has a tester case
✔ automations: registry is consistent
✔ pipeline promote service: exports expected API
✔ logger: forSource returns level methods
i 8 pass, 0 fail

Frontend build: ✓ built in 8.07s — main chunk 498 KB (was 1,204 KB).

v2.1.0 — AI Agent & Multi-Provider Intelligence

Highlights

The AI Agent is now the brain of your server. It thinks, diagnoses, and acts autonomously — with support for Anthropic Claude, OpenAI GPT, and Ollama (local models). Chat with your server from Telegram or the web dashboard, and it'll deploy, fix, alert, and track tasks without being told twice.

New Features

AI Agent (Jarvis)

• Multi-provider AI support — switch between Claude, GPT, and local Ollama models
• 30+ built-in tools: deploy, restart, SQL, git, file ops, diagnostics
• Autonomous TODO creation and task tracking
• Persistent memory across conversations
• Approval workflow for dangerous operations

Telegram Bot

• Proactive alerts for deploys, PRs, backups, upgrades, and resource warnings
• Full AI agent chat from your phone
• Team broadcast messaging

Terminal

• Newvpc aicommands:ask,sql,summarize logs,providers,use <provider>

Desktop

• Right-click copy, cut, paste