Merge remote-tracking branch 'origin/main'

apps/ios/Sources/Bridge/BridgeDiscoveryModel.swift

@@ -50,7 +50,7 @@ final class BridgeDiscoveryModel: ObservableObject {
                 self.bridges = results.compactMap { result -> DiscoveredBridge? in
                     switch result.endpoint {
                     case let .service(name, _, _, _):
-                        let decodedName = BonjourEscapeDecoder.decode(name)
+                        let decodedName = BonjourEscapes.decode(name)
                         return DiscoveredBridge(
                             name: decodedName,
                             endpoint: result.endpoint,
@@ -75,6 +75,6 @@ final class BridgeDiscoveryModel: ObservableObject {
     }
 
     private static func prettyEndpointDebugID(_ endpoint: NWEndpoint) -> String {
-        BonjourEscapeDecoder.decode(String(describing: endpoint))
+        BonjourEscapes.decode(String(describing: endpoint))
     }
 }

apps/ios/Sources/Bridge/BridgeSession.swift

@@ -27,9 +27,9 @@ actor BridgeSession {
     private static func prettyRemoteEndpoint(_ endpoint: NWEndpoint) -> String? {
         switch endpoint {
         case let .hostPort(host, port):
-            return "\(host):\(port)".replacingOccurrences(of: "::ffff:", with: "")
+            "\(host):\(port)".replacingOccurrences(of: "::ffff:", with: "")
         default:
-            return String(describing: endpoint)
+            String(describing: endpoint)
         }
     }
 

apps/ios/Sources/Model/NodeAppModel.swift

@@ -58,7 +58,7 @@ final class NodeAppModel: ObservableObject {
         self.bridgeStatusText = "Connecting…"
         self.bridgeServerName = nil
         self.bridgeRemoteAddress = nil
-        self.connectedBridgeDebugID = BonjourEscapeDecoder.decode(String(describing: endpoint))
+        self.connectedBridgeDebugID = BonjourEscapes.decode(String(describing: endpoint))
 
         self.bridgeTask = Task {
             do {
@@ -71,13 +71,14 @@ final class NodeAppModel: ObservableObject {
                         platform: platform,
                         version: version),
                     onConnected: { [weak self] serverName in
+                        guard let self else { return }
                         await MainActor.run {
-                            self?.bridgeStatusText = "Connected"
+                            self.bridgeStatusText = "Connected"
-                            self?.bridgeServerName = serverName
+                            self.bridgeServerName = serverName
                         }
                         if let addr = await self.bridge.currentRemoteAddress() {
                             await MainActor.run {
-                                self?.bridgeRemoteAddress = addr
+                                self.bridgeRemoteAddress = addr
                             }
                         }
                     },

apps/ios/Sources/Voice/VoiceWakeManager.swift

@@ -28,8 +28,8 @@ private final class AudioBufferQueue: @unchecked Sendable {
     }
 }
 
-private extension AVAudioPCMBuffer {
+extension AVAudioPCMBuffer {
-    func deepCopy() -> AVAudioPCMBuffer? {
+    fileprivate func deepCopy() -> AVAudioPCMBuffer? {
         let format = self.format
         let frameLength = self.frameLength
         guard let copy = AVAudioPCMBuffer(pcmFormat: format, frameCapacity: frameLength) else {

apps/macos/Sources/Clawdis/GeneralSettings.swift

@@ -125,9 +125,6 @@ struct GeneralSettings: View {
                 TextField("user@host[:22]", text: self.$state.remoteTarget)
                     .textFieldStyle(.roundedBorder)
                     .frame(maxWidth: .infinity)
-                MasterDiscoveryMenu(discovery: self.masterDiscovery) { master in
-                    self.applyDiscoveredMaster(master)
-                }
                 Button {
                     Task { await self.testRemote() }
                 } label: {
@@ -142,6 +139,11 @@ struct GeneralSettings: View {
                     .trimmingCharacters(in: .whitespacesAndNewlines).isEmpty)
             }
 
+            MasterDiscoveryInlineList(discovery: self.masterDiscovery) { master in
+                self.applyDiscoveredMaster(master)
+            }
+            .padding(.leading, 58)
+
             self.remoteStatusView
                 .padding(.leading, 58)
 

apps/macos/Sources/Clawdis/MasterDiscoveryMenu.swift

@@ -1,5 +1,55 @@
 import SwiftUI
 
+struct MasterDiscoveryInlineList: View {
+    @ObservedObject var discovery: MasterDiscoveryModel
+    var onSelect: (MasterDiscoveryModel.DiscoveredMaster) -> Void
+
+    var body: some View {
+        VStack(alignment: .leading, spacing: 6) {
+            HStack(spacing: 6) {
+                Image(systemName: "dot.radiowaves.left.and.right")
+                    .foregroundStyle(.secondary)
+                Text(self.discovery.statusText)
+                    .font(.caption)
+                    .foregroundStyle(.secondary)
+                Spacer()
+            }
+
+            if self.discovery.masters.isEmpty {
+                Text("No masters found yet.")
+                    .font(.caption)
+                    .foregroundStyle(.secondary)
+            } else {
+                VStack(alignment: .leading, spacing: 6) {
+                    ForEach(self.discovery.masters.prefix(6)) { master in
+                        Button {
+                            self.onSelect(master)
+                        } label: {
+                            HStack(spacing: 8) {
+                                Text(master.displayName)
+                                    .lineLimit(1)
+                                Spacer()
+                                if let host = master.tailnetDns ?? master.lanHost {
+                                    Text(host)
+                                        .font(.caption2)
+                                        .foregroundStyle(.secondary)
+                                        .lineLimit(1)
+                                }
+                            }
+                        }
+                        .buttonStyle(.plain)
+                    }
+                }
+                .padding(10)
+                .background(
+                    RoundedRectangle(cornerRadius: 10, style: .continuous)
+                        .fill(Color(NSColor.controlBackgroundColor)))
+            }
+        }
+        .help("Discover Clawdis masters on your LAN")
+    }
+}
+
 struct MasterDiscoveryMenu: View {
     @ObservedObject var discovery: MasterDiscoveryModel
     var onSelect: (MasterDiscoveryModel.DiscoveredMaster) -> Void

apps/macos/Sources/Clawdis/Onboarding.swift

@@ -154,13 +154,14 @@ struct OnboardingView: View {
                 if self.state.connectionMode == .remote {
                     VStack(alignment: .leading, spacing: 8) {
                         LabeledContent("SSH target") {
-                            HStack(spacing: 8) {
+                            VStack(alignment: .leading, spacing: 8) {
                                 TextField("user@host[:22]", text: self.$state.remoteTarget)
                                     .textFieldStyle(.roundedBorder)
                                     .frame(width: 300)
-                                MasterDiscoveryMenu(discovery: self.masterDiscovery) { master in
+                                MasterDiscoveryInlineList(discovery: self.masterDiscovery) { master in
                                     self.applyDiscoveredMaster(master)
                                 }
+                                .frame(width: 360)
                             }
                         }
 
@@ -487,6 +488,7 @@ struct OnboardingView: View {
             .buttonStyle(.borderedProminent)
         }
         .padding(.horizontal, 20)
+        .padding(.bottom, 12)
         .frame(height: 60)
     }
 

apps/shared/ClawdisKit/Sources/ClawdisKit/BonjourEscapes.swift

@@ -1,9 +1,9 @@
 import Foundation
 
-enum BonjourEscapeDecoder {
+public enum BonjourEscapes {
-    static func decode(_ input: String) -> String {
+    /// mDNS / DNS-SD commonly escapes bytes in instance names as `\DDD` (decimal-encoded),
-        // mDNS / DNS-SD commonly escapes bytes in instance names as `\\DDD`
+    /// e.g. spaces are `\032`.
-        // (decimal-encoded), e.g. spaces are `\\032`.
+    public static func decode(_ input: String) -> String {
         var out = ""
         var i = input.startIndex
         while i < input.endIndex {
@@ -31,4 +31,3 @@ enum BonjourEscapeDecoder {
         return out
     }
 }
-

docs/clawdis-mac.md

@@ -42,7 +42,7 @@ enum Request {
 }
 struct Response { ok: Bool; message?: String; payload?: Data }
 ```
-- Listener validates caller `auditToken` == same UID, rejects oversize/unknown cases.
+- Listener rejects oversize/unknown cases and validates the caller by code signature TeamID (with a `DEBUG`-only same-UID escape hatch controlled by `CLAWDIS_ALLOW_UNSIGNED_SOCKET_CLIENTS=1`).
 
 ## App UX (Clawdis)
 - MenuBarExtra icon only (LSUIElement; no Dock).

docs/mac/peekaboo.md

@@ -30,8 +30,9 @@ Consume only:
 - `PeekabooVisualizer` (overlay visualizations).
 
 Important nuance:
-- `PeekabooVisualizer` currently ships as the `PeekabooVisualizer` product inside `PeekabooCore/Package.swift`. That package declares other dependencies (including a path dependency to Tachikoma). SwiftPM will still need those paths to exist during dependency resolution even if we don’t build those targets.
+- `PeekabooAutomationKit` is a standalone SwiftPM package and does **not** require Tachikoma/MCP/Commander.
-  - If this is too annoying for Clawdis, the follow-up is to extract `PeekabooVisualizer` into its own standalone Swift package that depends only on `PeekabooFoundation`/`PeekabooProtocols`/`PeekabooExternalDependencies`.
+- `PeekabooVisualizer` ships as a product inside `PeekabooCore/Package.swift`. That package declares other dependencies (including a path dependency to Tachikoma). SwiftPM will still need those paths to exist during dependency resolution even if we don’t build those targets.
+  - If this becomes annoying for Clawdis, the follow-up is to extract `PeekabooVisualizer` into its own standalone Swift package that depends only on `PeekabooFoundation`/`PeekabooProtocols`/`PeekabooExternalDependencies`.
 
 ## IPC / CLI surface
 ### Namespacing
@@ -46,6 +47,8 @@ Change `clawdis-mac` to default to human text output:
 
 This applies globally, not only `ui` commands.
 
+Note (current state as of 2025-12-13): `clawdis-mac` prints JSON by default. This is a planned behavior change.
+
 ### Timeouts
 Default timeout for UI actions: **10 seconds** end-to-end (CLI already defaults to 10s).
 - CLI: keep the fail-fast default at 10s (unless a command explicitly requests longer).
@@ -78,14 +81,18 @@ All “see/click/type/scroll/wait” requests should accept a target (default: f
 Peekaboo already has the core ingredients:
 - element detection yielding stable IDs (e.g., `B1`, `T3`)
 - bounds + labels/values
-- session IDs to allow follow-up actions without re-scanning
+- snapshot IDs to allow follow-up actions without re-scanning
 
 Clawdis’s `ui see` should:
 - capture (optionally targeted) window/screen
-- return a **session id**
+- return a **snapshot id**
 - return a list of elements with `{id, type, label/value?, bounds}`
 - optionally return screenshot path/bytes (pref: path)
 
+Snapshot lifecycle requirement:
+- Clawdis runs long-lived in memory, so “snapshot state” should be **in-memory by default** (no disk-backed JSON concept).
+- Peekaboo already supports this via an `InMemorySnapshotManager` (keep disk-backed snapshots as an optional debug mode later).
+
 ## Visualizer integration
 Visualizer must be user-toggleable via a Clawdis setting.
 
@@ -96,11 +103,7 @@ Implementation sketch:
 
 Current state:
 - `PeekabooVisualizer` already includes the visualization implementation (SwiftUI overlay views + coordinator).
-
+The visualizer is intentionally display-only (no clickable overlays needed).
-Open requirement:
-- “Any AX event should be clickable.” Today the visualizer is display-only; the likely follow-up is:
-  - make the annotated element overlays tappable (debug tool)
-  - surface tap → element id → send a `ui click --element <id> --session <sid>` request back through Clawdis’ control channel (or a local callback if the visualizer runs inside the app)
 
 ## Screenshots (legacy → Peekaboo takeover)
 Clawdis currently has a legacy `screenshot` request returning raw PNG bytes in `Response.payload`.

docs/mac/xpc.md

@@ -5,6 +5,8 @@ read_when:
 ---
 # Clawdis macOS XPC architecture (Dec 2025)
 
+Note: the current implementation primarily uses a local UNIX-domain control socket (`controlSocketPath`) between `clawdis-mac` and the app. This doc describes the intended long-term XPC/Mach-service architecture and the security constraints; update it as the implementation converges.
+
 ## Goals
 - Single GUI app instance that owns all TCC-facing work (notifications, screen recording, mic, speech, AppleScript).
 - A small surface for automation: the `clawdis-mac` CLI and the Node gateway talk to the app via a local XPC channel.
@@ -33,6 +35,6 @@ read_when:
 - RunAtLoad without KeepAlive means the app starts once; if it crashes it stays down (no unwanted respawn), but CLI calls will re-spawn via launchd.
 
 ## Hardening notes
-- Audit-token check currently allows same-UID fallback; to lock down further, remove that fallback and require the team ID match.
+- Prefer requiring a TeamID match for all privileged surfaces. The codebase currently has a `DEBUG`-only same-UID escape hatch gated behind `CLAWDIS_ALLOW_UNSIGNED_SOCKET_CLIENTS=1` for local development.
 - All communication remains local-only; no network sockets are exposed.
 - TCC prompts originate only from the GUI app bundle; run scripts/package-mac-app.sh so the signed bundle ID stays stable.