Add dev-port-manager extension

[agent-Y]

Description

Dev Port Manager helps developers manage their local development environment by providing a unified view of:

• Running development servers - See all processes listening on ports (Node.js, Python, Ruby, etc.)
• Docker containers - View containers with their port mappings
• Port conflicts - Easily identify when multiple processes are trying to use the same port

Features

• One-click process/container termination
• Support for multiple Docker runtimes (Colima, Docker Desktop, Podman, Rancher Desktop)
• Configurable ignored processes list
• Custom Docker socket path support

Screencast

Checklist

• I read the extension guidelines
• I read the documentation about publishing
• I ran npm run build and tested this distribution build in Raycast
• I checked that files in the assets folder are used by the extension itself
• I checked that assets used by the README are placed outside of the metadata folder

[raycastbot]

Congratulations on your new Raycast extension! 🚀

Due to our current reduced availability, the initial review may take up to 10-15 business days.

Once the PR is approved and merged, the extension will be available on our Store.

[greptile-apps]

Greptile Overview

Greptile Summary

This PR adds a new "Dev Port Manager" extension that helps developers manage local development processes and Docker containers through Raycast.

What Changed

The extension provides a unified view of:

• Running development servers (detected via lsof)
• Docker containers (with support for multiple runtimes: Colima, Docker Desktop, Podman, Rancher Desktop)
• Port conflict detection
• One-click process/container termination with bulk actions

Key Features

• Smart categorization: Automatically categorizes processes (Database, Node, Worker, Browser, Tunnel, Server, SSH)
• Project grouping: Groups processes by git repository root
• Port conflict detection: Identifies when multiple processes use the same port (with special handling for Docker+SSH combinations)
• Configurable: Supports custom ignored processes and Docker socket paths

Issues Found

Critical Issues

1. Manual Preferences interface - Violates Raycast guidelines by manually defining the Preferences interface instead of using auto-generated types
2. Command injection vulnerabilities - Multiple locations where user-controlled or external data is interpolated into shell commands without proper validation:
   • PIDs from lsof output
   • Docker container IDs
   • Custom Docker socket paths from user preferences

Other Issues

3. Incorrect CHANGELOG date - Shows "2026-01-10" (future date)
4. README inconsistencies - Installation instructions reference wrong GitHub repo and author
5. Logic issues:
   • killAllExcept uses display name for identification (not unique)
   • Port conflict detection edge case with 3+ processes
   • PID validation missing before shell command execution
6. Poor error handling - Error messages not exposed to users, making debugging difficult

The extension's core functionality is well-designed with good UX considerations (project grouping, smart categorization), but the security issues need to be addressed before merging.

Confidence Score: 2/5

• This PR has multiple command injection vulnerabilities and violates Raycast coding guidelines, requiring fixes before it can be safely merged
• Score of 2 reflects critical security concerns (command injection in kill operations and Docker commands) and violation of Raycast's auto-generated Preferences guideline. While the extension's core functionality is well-designed with good UX, the security vulnerabilities around shell command execution without proper input validation pose real risks. Additional issues include incorrect documentation, logic bugs in process identification, and poor error handling. These must be addressed before the extension can be published.
• Primary attention needed on extensions/dev-port-manager/src/list-ports.tsx for security fixes (lines 242-245, 284-288, 337-341, 341), logic fixes (lines 21-24, 361, 411-414), and error handling improvements (lines 348-354). Secondary attention on CHANGELOG.md (date correction) and README.md (documentation accuracy)

Important Files Changed

File Analysis

Filename	Score	Overview
extensions/dev-port-manager/src/list-ports.tsx	2/5	Main source file with manual Preferences interface (violates rules), potential command injection vulnerabilities, and poor error handling
extensions/dev-port-manager/package.json	5/5	Package configuration is properly structured with correct dependencies and metadata
extensions/dev-port-manager/README.md	3/5	Documentation with incorrect installation instructions and inconsistent author information
extensions/dev-port-manager/CHANGELOG.md	3/5	CHANGELOG exists but contains incorrect future date (2026)

[greptile-apps]

_{10 files reviewed, 10 comments}

_{Edit Code Review Agent Settings | Greptile}

[greptile-apps]

Manual Preferences interface should not be defined. Raycast auto-generates type definitions in raycast-env.d.ts when the extension runs. Manual definitions can become out of sync with your actual configuration in package.json, causing type mismatches.

Remove this interface and use the auto-generated type instead:

Suggested change

	interface Preferences {
	ignoredProcesses: string;
	customDockerSocket: string;
	}
	// Remove manual interface - use auto-generated Preferences from raycast-env.d.ts