[1/5] feat(desktop): bootstrap @kanban/desktop workspace + bundle CLI runtime deps by johnwschoi · Pull Request #355 · cline/kanban

johnwschoi · 2026-04-17T04:26:13Z

Summary

First of a 5-PR stack that adds Electron desktop support. Pure bootstrap — no Electron code yet, just the workspace scaffolding and a build-infrastructure prerequisite.

Follow-up PRs (branches pushed, will open one at a time):

pr/desktop-4-runtime-child — runtime child process manager
pr/desktop-5-preflight — desktop preflight checks
pr/desktop-6-electron-main — Electron main process
pr/desktop-7-packaging — electron-builder packaging + CLI shims

Two commits, reviewable independently

1. `7e719213` — `build: bundle all non-native runtime deps into dist/cli.js`

The previous scripts/build.mjs externalized 11 packages at bundle time (zod, commander, @trpc/client, @trpc/server, @sentry/node, @modelcontextprotocol/sdk, ws, open, proper-lockfile, tree-kill, node-pty), so dist/cli.js contained literal import "zod" / require("ws") that Node resolved via an ancestor node_modules/ at runtime.

That worked for the two existing contexts:

npm i -g kanban — npm installs prod deps at lib/node_modules/kanban/node_modules/; resolver walks up from dist/cli.js and finds them.
Monorepo dev — root node_modules/ satisfies resolution.

But it fails for the packaged Electron app: Resources/cli/cli.js has no enclosing node_modules/ → ERR_MODULE_NOT_FOUND.

Fix: drop the externals list down to just node-pty (the one genuinely non-bundlable package — native addon with a compiled binding + spawn-helper binary on disk). esbuild inlines the other 10 directly into the bundle.

Result: dist/cli.js is a single self-contained 16 MB ESM bundle with one runtime-resolved external. In the packaging PR later in this stack, node-pty gets rebuilt for Electron's ABI by electron-builder install-app-deps and the CLI's ESM resolution walks up from its location in app.asar.unpacked/cli/ to find it in app.asar.unpacked/node_modules/.

Single source of truth: no dist/node_modules/ staging, no build-time npm install, no duplicate node-pty, no version drift between what esbuild saw and what the runtime resolves. scripts/build.mjs goes from ~190 lines (with an earlier --stage approach) to ~60 lines of pure esbuild config.

2. `5d6a0d8e` — `feat(desktop): bootstrap @kanban/desktop workspace`

packages/desktop/:

package.json — intentionally minimal: typecheck + test scripts, devDeps @types/node + typescript + vitest. No electron, no electron-builder, no runtime deps. Each downstream PR adds the specific deps its code actually uses (node-pty in PR5; electron / esbuild / shx in PR6; electron-builder / @electron/notarize / @electron/rebuild in PR7). Keeps each PR self-contained and the bootstrap diff tiny.
tsconfig.json / tsconfig.build.json — strict TS with NodeNext, extends root tsconfig.base.json.
vitest.config.ts — node env, test/**/*.test.ts pattern.
src/index.ts — placeholder export {}. Required: tsc errors TS18003: No inputs were found without it. Replaced with real main.ts in the Electron main-process PR.

Root changes:

vitest.config.ts — add packages/** to exclude. Root vitest's resolver aliases (@clinebot/agents → /node) shouldn't apply to desktop tests; that workspace has its own vitest invocation.
.gitignore — ignore packages/desktop/out (electron-builder output) and *.tgz.
.github/workflows/test.yml — add npm ci --prefix packages/desktop, then run the desktop workspace's typecheck and tests alongside the root + web-ui suites so the new workspace is actually covered by CI.

Verification

node scripts/build.mjs
# → esbuild: bundled dist/cli.js (16 MB) and dist/index.js (552 KB)

cd packages/desktop && npm test          # exits 0 (passWithNoTests on this PR; real tests land in PR4+)
cd packages/desktop && npm run typecheck # silent, exits 0

Root test suite unchanged: 536/536 passing.

greptile-apps · 2026-04-21T19:49:43Z

Greptile Summary

This PR bootstraps the @kanban/desktop workspace and refactors the CLI build to produce a fully self-contained ESM bundle by dropping all externals except node-pty. The change is a clean two-commit stack: the build change enables Electron packaging, and the workspace scaffold adds the minimal scaffolding needed for follow-up PRs to land incrementally.

Confidence Score: 5/5

Safe to merge — only finding is a P2 nit about vitest globals types that will need addressing before real tests land in PR4+.

All changes are well-reasoned and verified by the author. The single remaining finding (missing vitest/globals types in tsconfig) is a P2 style issue that causes no runtime or build failure at this stage since there are no test files yet.

packages/desktop/tsconfig.json — should add "vitest/globals" to types before first test file is added.

Important Files Changed

Filename	Overview
scripts/build.mjs	Drops externals list to just node-pty, enabling a fully self-contained 16 MB ESM bundle; CJS shim banner and sourcemaps are correctly configured.
.github/workflows/test.yml	Adds packages/desktop install, typecheck, and test steps in the correct order after the root and web-ui installs.
packages/desktop/package.json	Intentionally minimal bootstrap: only typecheck/test scripts and the three required devDeps; private and module-typed.
packages/desktop/tsconfig.json	Extends root base, noEmit, includes src + test — missing "vitest/globals" in types array which will break test type-checking once tests land.
vitest.config.ts	Adds packages/** to root vitest exclude list so desktop tests run only under their own vitest config; comment documents the convention for future workspaces.
packages/desktop/tsconfig.build.json	Build-specific tsconfig with correct rootDir/outDir, excludes tests and dist; ready for when esbuild build scripts are added in later PRs.
package.json	install:all updated to include packages/desktop; all other root scripts unchanged.
.gitignore	Ignores electron-builder output directory and tarball artifacts for the desktop package.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[npm run build] --> B[esbuild: src/cli.ts]
    A --> C[esbuild: src/index.ts]
    B --> D[dist/cli.js\n16 MB self-contained ESM]
    C --> E[dist/index.js\n552 KB]
    D --> F{Runtime context}
    F -->|npm i -g kanban| G[node_modules resolves node-pty]
    F -->|Monorepo dev| G
    F -->|Electron app.asar.unpacked| H[app.asar.unpacked/node_modules\nresolves node-pty via ESM walk]
    subgraph Externalized
        I[node-pty\nnative addon + spawn-helper]
    end
    D -.->|import| I

_{Reviews (1): Last reviewed commit: "chore: extend install:all to cover packa..." | Re-trigger Greptile}

Part 2 of the desktop split. Stacked on #355. Introduces `RuntimeChildManager` — spawns the Kanban CLI as a subprocess and manages its lifecycle: - Spawns the CLI out-of-process (no in-process runtime imports) - HTTP readiness polling against `/` (default 200ms, 30s total timeout) - Typed lifecycle events: `ready`, `error`, `crashed` - Clean contract: failures before `ready` reject `start()`; failures after `ready` flow through events. One failure never produces both - Graceful shutdown via SIGTERM, force-kill fallback after 5s (`taskkill /T /F` on Windows) - Rolling 8KB stderr tail surfaced to the `crashed` listener for diagnostics Env/PATH policy lives in its own file (`runtime-child-env.ts`): - Strict allowlist: exact keys (PATH, HOME, LANG, SHELL, XDG_*, Windows %APPDATA% family, etc.) + prefix allowlist (KANBAN_, ANTHROPIC_, OPENAI_, etc.) - GUI-launch PATH enrichment: Homebrew on macOS, `/snap/bin` on Linux, npm-global/Node/Git on Windows Tests: 38 unit tests covering spawn, ready-path, crash scenarios, shutdown races, env filtering, and PATH assembly.

…ipts Part 5 of the desktop split. Stacked on the PR for `pr/desktop-6-electron-main`. The packaging layer — turns the code in #370–#372 into a signed, notarized macOS DMG. - `electron-builder.yml`: macOS DMG config (arm64 + x64, hardened runtime, entitlements, Apple notarization). **Only macOS is configured in this stack — no `win:` / `linux:` target yet.** The Windows CMD shim (`build/bin/kanban.cmd`) and the cross-platform runtime code (win32/linux/darwin branches in the CLI subprocess spawner) are already in earlier PRs, but wiring them into electron-builder for a `.exe`/`.AppImage` output is deliberately out of scope here. - `build/bin/{kanban, kanban-dev, kanban.cmd}`: CLI shim scripts shipped inside the bundle so users can invoke the packaged CLI directly. - `scripts/stage-cli.mjs`: copies the root `dist/cli.js` + its runtime deps into `packages/desktop/cli/` as the electron-builder input. Fails loudly if the root `dist/` is incomplete (avoids silently shipping a broken CLI). - `scripts/patch-node-pty.mjs`: monkey-patches node-pty's spawn-helper resolution so asar-unpacked paths aren't double-suffixed. - `scripts/notarize.cjs`: afterSign hook wrapping Apple `notarytool` (no-op on non-macOS or when env vars missing). - `scripts/launch-electron.mjs`: dev-launch wrapper. - `build/entitlements.mac.plist` + `build/icon.icns`. Tests: 18 tests covering the CLI shim behavior and the notarize afterSign hook's env-var handling. After this, the full stack (#355 + #370–#373) produces a working macOS DMG (arm64 + x64). Windows/Linux packaging is a follow-up.

… runtime deps ## Summary First of a 5-PR stack that adds Electron desktop support. Pure bootstrap — no Electron code yet, just the workspace scaffolding and a build-infrastructure prerequisite. **Follow-up PRs** (branches pushed, will open one at a time): - `pr/desktop-4-runtime-child` — runtime child process manager - `pr/desktop-5-preflight` — desktop preflight checks - `pr/desktop-6-electron-main` — Electron main process - `pr/desktop-7-packaging` — electron-builder packaging + CLI shims ## Two commits, reviewable independently ### 1. [`7e719213`](7e719213) — `build: bundle all non-native runtime deps into dist/cli.js` The previous `scripts/build.mjs` externalized 11 packages at bundle time (`zod`, `commander`, `@trpc/client`, `@trpc/server`, `@sentry/node`, `@modelcontextprotocol/sdk`, `ws`, `open`, `proper-lockfile`, `tree-kill`, `node-pty`), so `dist/cli.js` contained literal `import "zod"` / `require("ws")` that Node resolved via an ancestor `node_modules/` at runtime. That worked for the two existing contexts: 1. **`npm i -g kanban`** — npm installs prod deps at `lib/node_modules/kanban/node_modules/`; resolver walks up from `dist/cli.js` and finds them. 2. **Monorepo dev** — root `node_modules/` satisfies resolution. But it fails for the packaged Electron app: `Resources/cli/cli.js` has no enclosing `node_modules/` → `ERR_MODULE_NOT_FOUND`. **Fix**: drop the externals list down to just `node-pty` (the one genuinely non-bundlable package — native addon with a compiled binding + spawn-helper binary on disk). esbuild inlines the other 10 directly into the bundle. **Result**: `dist/cli.js` is a single self-contained 16 MB ESM bundle with one runtime-resolved external. In the packaging PR later in this stack, `node-pty` gets rebuilt for Electron's ABI by `electron-builder install-app-deps` and the CLI's ESM resolution walks up from its location in `app.asar.unpacked/cli/` to find it in `app.asar.unpacked/node_modules/`. Single source of truth: no `dist/node_modules/` staging, no build-time `npm install`, no duplicate node-pty, no version drift between what esbuild saw and what the runtime resolves. `scripts/build.mjs` goes from ~190 lines (with an earlier `--stage` approach) to ~60 lines of pure esbuild config. ### 2. [`5d6a0d8e`](5d6a0d8e) — `feat(desktop): bootstrap @kanban/desktop workspace` `packages/desktop/`: - **`package.json`** — intentionally minimal: `typecheck` + `test` scripts, devDeps `@types/node` + `typescript` + `vitest`. No `electron`, no `electron-builder`, no runtime deps. Each downstream PR adds the specific deps its code actually uses (`node-pty` in PR5; `electron` / `esbuild` / `shx` in PR6; `electron-builder` / `@electron/notarize` / `@electron/rebuild` in PR7). Keeps each PR self-contained and the bootstrap diff tiny. - **`tsconfig.json`** / **`tsconfig.build.json`** — strict TS with NodeNext, extends root `tsconfig.base.json`. - **`vitest.config.ts`** — node env, `test/**/*.test.ts` pattern. - **`src/index.ts`** — placeholder `export {}`. Required: tsc errors `TS18003: No inputs were found` without it. Replaced with real `main.ts` in the Electron main-process PR. Root changes: - **`vitest.config.ts`** — add `packages/**` to exclude. Root vitest's resolver aliases (`@clinebot/agents` → `/node`) shouldn't apply to desktop tests; that workspace has its own vitest invocation. - **`.gitignore`** — ignore `packages/desktop/out` (electron-builder output) and `*.tgz`. - **`.github/workflows/test.yml`** — add `npm ci --prefix packages/desktop`, then run the desktop workspace's typecheck and tests alongside the root + web-ui suites so the new workspace is actually covered by CI. ## Verification ``` node scripts/build.mjs # → esbuild: bundled dist/cli.js (16 MB) and dist/index.js (552 KB) cd packages/desktop && npm test # exits 0 (passWithNoTests on this PR; real tests land in PR4+) cd packages/desktop && npm run typecheck # silent, exits 0 ``` Root test suite unchanged: 536/536 passing.

…se scripts Part 5 of the desktop split. Stacked on the PR for `pr/desktop-6-electron-main`. The packaging layer — turns the code in #370–#372 into a signed, notarized macOS DMG. - `electron-builder.yml`: macOS DMG config (arm64 + x64, hardened runtime, entitlements, Apple notarization). **Only macOS is configured in this stack — no `win:` / `linux:` target yet.** The Windows CMD shim (`build/bin/kanban.cmd`) and the cross-platform runtime code (win32/linux/darwin branches in the CLI subprocess spawner) are already in earlier PRs, but wiring them into electron-builder for a `.exe`/`.AppImage` output is deliberately out of scope here. - `build/bin/{kanban, kanban-dev, kanban.cmd}`: CLI shim scripts shipped inside the bundle so users can invoke the packaged CLI directly. - `scripts/stage-cli.mjs`: copies the root `dist/cli.js` + its runtime deps into `packages/desktop/cli/` as the electron-builder input. Fails loudly if the root `dist/` is incomplete (avoids silently shipping a broken CLI). - `scripts/patch-node-pty.mjs`: monkey-patches node-pty's spawn-helper resolution so asar-unpacked paths aren't double-suffixed. - `scripts/notarize.cjs`: afterSign hook wrapping Apple `notarytool` (no-op on non-macOS or when env vars missing). - `scripts/launch-electron.mjs`: dev-launch wrapper. - `build/entitlements.mac.plist` + `build/icon.icns`. Tests: 18 tests covering the CLI shim behavior and the notarize afterSign hook's env-var handling. After this, the full stack (#355 + #370–#373) produces a working macOS DMG (arm64 + x64). Windows/Linux packaging is a follow-up.

This comment was marked as spam.

Sign in to view

johnwschoi force-pushed the pr/desktop-3-bootstrap branch from 20d4948 to 9500c48 Compare April 17, 2026 04:48

johnwschoi changed the title ~~feat(desktop): bootstrap @kanban/desktop workspace + self-contained dist/~~ feat(desktop): bootstrap @kanban/desktop workspace + opt-in dist/ runtime-dep staging Apr 17, 2026

johnwschoi changed the base branch from main to pr/build-stage-opt-in April 17, 2026 04:51

johnwschoi changed the title ~~feat(desktop): bootstrap @kanban/desktop workspace + opt-in dist/ runtime-dep staging~~ feat(desktop): bootstrap @kanban/desktop workspace Apr 17, 2026

johnwschoi mentioned this pull request Apr 17, 2026

fix(build): opt-in runtime-dep staging into dist/node_modules/ #356

Closed

johnwschoi changed the base branch from pr/build-stage-opt-in to main April 17, 2026 04:58

johnwschoi changed the title ~~feat(desktop): bootstrap @kanban/desktop workspace~~ feat(desktop): bootstrap @kanban/desktop workspace + opt-in dist/ runtime-dep staging Apr 17, 2026

This comment was marked as spam.

Sign in to view

johnwschoi force-pushed the pr/desktop-3-bootstrap branch 5 times, most recently from 5af6c49 to d5ce87d Compare April 17, 2026 06:34

johnwschoi changed the title ~~feat(desktop): bootstrap @kanban/desktop workspace + opt-in dist/ runtime-dep staging~~ feat(desktop): bootstrap @kanban/desktop workspace + bundle CLI runtime deps Apr 17, 2026

johnwschoi force-pushed the pr/desktop-3-bootstrap branch from d5ce87d to 5d6a0d8 Compare April 18, 2026 00:26

This was referenced Apr 20, 2026

[2/5] feat(desktop): runtime child process manager #370

Merged

[5/5] feat(desktop): electron-builder packaging, CLI shims, and release scripts #373

Closed

johnwschoi marked this pull request as ready for review April 21, 2026 19:47

johnwschoi requested review from arafatkatze, maxpaulus43 and saoudrizwan as code owners April 21, 2026 19:47

greptile-apps Bot reviewed Apr 21, 2026

View reviewed changes

Comment thread packages/desktop/tsconfig.json

johnwschoi force-pushed the pr/desktop-3-bootstrap branch from 6341bc7 to 02b2196 Compare April 21, 2026 19:50

johnwschoi force-pushed the pr/desktop-3-bootstrap branch from 02b2196 to c53635f Compare April 21, 2026 20:54

johnwschoi changed the title ~~feat(desktop): bootstrap @kanban/desktop workspace + bundle CLI runtime deps~~ [1/5] feat(desktop): bootstrap @kanban/desktop workspace + bundle CLI runtime deps Apr 21, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[1/5] feat(desktop): bootstrap @kanban/desktop workspace + bundle CLI runtime deps#355

[1/5] feat(desktop): bootstrap @kanban/desktop workspace + bundle CLI runtime deps#355
arafatkatze merged 1 commit into
mainfrom
pr/desktop-3-bootstrap

johnwschoi commented Apr 17, 2026 •

edited

Loading

Uh oh!

This comment was marked as spam.

Uh oh!

This comment was marked as spam.

Uh oh!

greptile-apps Bot commented Apr 21, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Conversation

johnwschoi commented Apr 17, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Summary

Two commits, reviewable independently

1. 7e719213 — build: bundle all non-native runtime deps into dist/cli.js

2. 5d6a0d8e — feat(desktop): bootstrap @kanban/desktop workspace

Verification

Uh oh!

This comment was marked as spam.

Uh oh!

This comment was marked as spam.

Uh oh!

greptile-apps Bot commented Apr 21, 2026

Greptile Summary

Confidence Score: 5/5

Important Files Changed

Flowchart

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

johnwschoi commented Apr 17, 2026 •

edited

Loading

1. `7e719213` — `build: bundle all non-native runtime deps into dist/cli.js`

2. `5d6a0d8e` — `feat(desktop): bootstrap @kanban/desktop workspace`