Commit Graph

389 Commits

Author SHA1 Message Date
claude-code-best
5486d3c02c fix: 修复 Bun mock.module 跨文件污染导致 87 个测试失败
- 重写 setupAxiosMock 使其完全 per-file 独立,消除共享 handles 数组的竞态
- 将 launchSchedule/launchMemoryStores/launchAgentsPlatform 从直接 mock
  源 API 模块改为 mock axios 底层 HTTP 层,避免污染同目录 api.test.ts
- 删除两个 Ink waitUntilExit 超时测试文件
- 修复 hostGuard/keychain 跨文件 mock 污染
- 清理 api.test.ts 中的 require() workaround
- 在 CLAUDE.md 记录 mock 污染排查经验

Co-Authored-By: glm-5-turbo <zai-org@claude-code-best.win>
2026-05-11 08:50:03 +08:00
claude-code-best
aaabf0c168 Revert "feat: 添加 GBK 编码自动检测支持,文件读写工具透明处理非 UTF-8 文件"
This reverts commit 0ce8f7a1cb.
2026-05-10 22:57:30 +08:00
claude-code-best
43c20a43c2 Revert "fix: 修复非 UTF-8 编码文件读写 round-trip 字节损坏"
This reverts commit 17c06690d8.
2026-05-10 22:57:25 +08:00
claude-code-best
17c06690d8 fix: 修复非 UTF-8 编码文件读写 round-trip 字节损坏
GBK 文件编辑后被错误写入为 UTF-8(Buffer.from 不支持 gbk 编码,
encodeString 静默 fallback),latin1/ANSI 文件 0x80-0x9F 范围字节因
TextDecoder('latin1') 与 Buffer.from('latin1') 编解码不对称而被篡改。

修复:latin1 解码改用严格 ISO-8859-1 映射保证与 Buffer.from 对称;
GBK 编码通过 TextDecoder 反向构建查找表实现零依赖编码器。

Co-Authored-By: glm-5-turbo <zai-org@claude-code-best.win>
2026-05-10 22:08:52 +08:00
claude-code-best
89800137b6 fix: 修复 issue-template 测试误删 .github/workflows 目录
afterEach 清理时 rmSync 误删了整个 .github/ 目录(含 workflows),
改为只删测试创建的 ISSUE_TEMPLATE 子目录。

Co-Authored-By: glm-5-turbo <zai-org@claude-code-best.win>
2026-05-10 21:11:50 +08:00
claude-code-best
0ce8f7a1cb feat: 添加 GBK 编码自动检测支持,文件读写工具透明处理非 UTF-8 文件
新增 encoding.ts 核心模块实现三层编码检测(BOM → UTF-8 fatal → GBK 回退),
改造同步/异步读取路径和写入路径,使 FileReadTool/FileEditTool/FileWriteTool
能正确处理 GBK 编码文件。包含完整单元测试和 spec 文档。

Co-Authored-By: glm-5-turbo <zai-org@claude-code-best.win>
2026-05-10 20:50:12 +08:00
claude-code-best
6e1d3d8f47 fix: 修复 feature 的使用问题 2026-05-10 19:26:57 +08:00
claude-code-best
dc3d3e8839 fix: 移除 auto mode 的 provider 和模型白名单限制
移除 firstParty provider 限制和 claude-(opus|sonnet)-4-[67] 模型白名单,
使所有模型和 provider 在 TRANSCRIPT_CLASSIFIER feature 启用时均可使用 auto mode。

Co-Authored-By: glm-5-turbo <zai-org@claude-code-best.win>
2026-05-10 17:47:38 +08:00
claude-code-best
998890b469
Merge pull request #446 from claude-code-best/feature/prompt-cut-down
feat: 大量系统提示词优化
2026-05-10 15:30:34 +08:00
claude-code-best
82be5ff05b fix: 代码审查修复 — 安全、性能和正确性
- triggersApi: 添加 assertSubscriptionBaseUrl 防止 OAuth token 泄露
- claude.ts: 修复流式响应 O(n^2) 字符串拼接,改用数组累积
- claude.ts: 移除未使用的 import,动态 import 改为静态 import
- StatusLine: BuiltinStatusLine 仅在 statusLineEnabled 时显示,修复双行问题
- local-vault: 修复 --reveal 标志位置解析 bug
- share: 修复 sk-proj-* OpenAI 密钥未脱敏问题
- store.ts: 临时文件改用同目录创建,避免跨文件系统 rename 失败
- store.ts: 添加空字符串 key 校验
- permissionValidation: 端口正则限制为有效 TCP 范围 0-65535
- 测试 mock 补全: schedule/vault/skill-store 测试文件
- 移除过期的 biome-ignore 注释

Co-Authored-By: glm-5-turbo <zai-org@claude-code-best.win>
2026-05-10 09:39:34 +08:00
claude-code-best
4f493c83fc chore: 移除废弃的 ctx_viz 类型声明
Co-Authored-By: glm-5-turbo <zai-org@claude-code-best.win>
2026-05-09 23:04:44 +08:00
claude-code-best
6a182e45b3 feat: 注册所有新命令到命令系统和工具注册表
- commands.ts: 注册所有新命令(memory-stores、vault、schedule 等),
  移除 require() 动态加载,统一为 ESM import
- tools.ts: 注册 LocalMemoryRecallTool、VaultHttpFetchTool
- 补充命令测试(bridge-kick、commit、commit-push-pr、init-verifiers)
- 补充工具测试(AgentTool、RemoteTrigger、SkillTool、WebFetch、WebSearch)
- 集成测试:autonomy-lifecycle-user-flow 更新
- 探测脚本和功能文档

Co-Authored-By: glm-5-turbo <zai-org@claude-code-best.win>
2026-05-09 23:04:39 +08:00
claude-code-best
efaf4afd9c feat: 添加 Provider Registry、StatusLine、Cache Stats 和其他增强
- providerRegistry: OpenAI 兼容 provider 切换(Cerebras/Groq/DeepSeek/Qwen)
- StatusLine: 增强状态栏(缓存命中率、TTL 倒计时、自定义 shell 命令)
- cacheStats: 缓存命中率和 token 签名追踪
- ultrareviewPreflight: 代码审查预检服务
- SkillsMenu/filterSkills: 技能菜单过滤增强
- MagicDocs/langfuse prompts: 提示词更新
- claude.ts: API 客户端更新

Co-Authored-By: glm-5-turbo <zai-org@claude-code-best.win>
2026-05-09 23:04:35 +08:00
claude-code-best
fdddb6dbe8 feat: 添加工具类命令(teleport、recap、break-cache、env、tui 等)
- /teleport: 从 claude.ai 恢复会话
- /recap: 生成会话摘要
- /break-cache: 提示缓存管理(once/always/off/status)
- /env: 环境信息展示(含密钥脱敏)
- /tui: 无闪烁 TUI 模式管理
- /onboarding: 引导流程
- /perf-issue: 性能问题诊断
- /debug-tool-call: 工具调用调试
- /usage: 用量统计(合并 /cost 和 /stats 别名)

Co-Authored-By: glm-5-turbo <zai-org@claude-code-best.win>
2026-05-09 23:04:31 +08:00
claude-code-best
6766f08e47 feat: 添加 GitHub 集成命令(issue、share、autofix-pr)
- /issue: 通过 gh CLI 创建 GitHub issue,支持标签/指派
- /share: 会话日志分享到 GitHub Gist,支持密钥脱敏
- /autofix-pr: 自动修复 CI 失败的 PR,进度追踪
- launchCommand: 共享命令启动器

Co-Authored-By: glm-5-turbo <zai-org@claude-code-best.win>
2026-05-09 23:04:23 +08:00
claude-code-best
4f0aa8615a feat: 添加本地 Memory/Vault 管理命令
- /local-memory: 本地记忆管理(store/entry CRUD、搜索、归档)
- /local-vault: 本地密钥保险库管理(加解密、keychain 集成)
- permissionValidation: vault 权限校验增强

Co-Authored-By: glm-5-turbo <zai-org@claude-code-best.win>
2026-05-09 23:04:20 +08:00
claude-code-best
2437040b5b feat: 添加云端管理命令(memory-stores、vault、schedule、skill-store、agents-platform)
- /memory-stores: 远程记忆存储管理
- /vault: 密钥保险库管理
- /schedule: 云端定时触发器管理(cron)
- /skill-store: 技能商店浏览和安装
- /agents-platform: 远程 agent 调度管理

Co-Authored-By: glm-5-turbo <zai-org@claude-code-best.win>
2026-05-09 23:04:17 +08:00
claude-code-best
ee63c17697 feat: 添加登录认证增强(workspace key、host guard、auth status)
- hostGuard: workspace API key 仅限 api.anthropic.com,OAuth 限定 subscription plane
- saveWorkspaceKey: sk-ant-api03- 前缀校验,安全写入缓存
- AuthPlaneSummary/WorkspaceKeyInput: 登录 UI 组件
- getAuthStatus: 认证状态查询

Co-Authored-By: glm-5-turbo <zai-org@claude-code-best.win>
2026-05-09 23:04:15 +08:00
claude-code-best
5bb0306da6 feat: 添加 LocalMemoryRecallTool 和 VaultHttpFetchTool
- LocalMemoryRecallTool: 跨会话本地笔记召回,权限门控,大小限制
- VaultHttpFetchTool: 使用 vault 密钥的认证 HTTP 请求,ACL 规则
- agentToolFilter: 子 agent 工具继承过滤层
- ALL_AGENT_DISALLOWED_TOOLS 白名单更新

Co-Authored-By: glm-5-turbo <zai-org@claude-code-best.win>
2026-05-09 23:04:12 +08:00
claude-code-best
a2ea69c05e feat: 添加 Session Memory 多存储支持
Markdown 文件存储的本地记忆系统,支持多 store 管理、
entry 增删改查和归档,存储于 ~/.claude/local-memory/。

Co-Authored-By: glm-5-turbo <zai-org@claude-code-best.win>
2026-05-09 23:04:09 +08:00
claude-code-best
b8d86e5279 feat: 添加 Local Vault 加密存储服务
AES-256-GCM 加密 vault,支持 OS keychain 和加密文件回退,
scrypt KDF 密钥派生,64KB secret 上限。

Co-Authored-By: glm-5-turbo <zai-org@claude-code-best.win>
2026-05-09 23:04:07 +08:00
claude-code-best
2006ab25ff fix: 添加 React Error Boundary 防止生产环境渲染崩溃
增强 SentryErrorBoundary 组件,捕获渲染错误时输出诊断信息
(错误消息 + component stack)到 stderr 和终端,而非静默返回
null。在 replLauncher 根节点和 Messages 组件层级包裹 Error
Boundary,防止 Ink 内部的 Error Boundary 直接终止进程。

Co-Authored-By: glm-5-turbo <zai-org@claude-code-best.win>
2026-05-09 22:02:04 +08:00
claude-code-best
84f12f34bd fix: 提升 CLAUDE.md 指令权重 — 独立 project-instructions + deferred tools 位置调整
- prependUserContext: 将 claudeMd 从通用 <system-reminder> 提取为独立的
  <project-instructions> 用户消息,不带免责声明,置于消息列表最前面
- queryModel: deferred tools 消息从 prepend 改为 append,避免抢占
  project-instructions 的最高权重位置;标签规范化为 <system-reminder>

Co-Authored-By: glm-5-turbo <zai-org@claude-code-best.win>
2026-05-09 17:50:15 +08:00
claude-code-best
7e2b8e81ca
Merge pull request #442 from claude-code-best/feature/tool_search
feat: 支持 SearchExtraTools 能力以替代 Tool Search
2026-05-09 17:23:03 +08:00
claude-code-best
df8c4f4b3c
Merge pull request #438 from q1352013520/feature/codex-subscription
feat: /login支持codex订阅登录
2026-05-09 17:16:12 +08:00
claude-code-best
2f86485d9c refactor: 精简系统提示词 — 合并沟通风格段落、精简 memory/工具描述、截断 gitStatus
- 合并 getOutputEfficiencySection + getSimpleToneAndStyleSection 为精简的 Communication style
- 精简 auto memory 指令:删除 4 种类型的详细说明和示例,仅保留核心 description
- 精简 Agent 工具:删除 forkExamples 和 currentExamples 大段示例
- 精简 Bash 工具:合并 sleep 相关指导
- 精简 EnterPlanMode/ExitPlanMode:删除详细 GOOD/BAD 示例
- gitStatus MAX_STATUS_CHARS 从 2000 降到 1000
- 同步更新 prompt engineering audit 测试断言

Co-Authored-By: glm-5-turbo <zai-org@claude-code-best.win>
2026-05-09 17:14:41 +08:00
claude-code-best
547ce9e848 fix: 修复 prefetch 测试 — turn-zero 推荐已禁用,测试期望值同步更新
getTurnZeroSearchExtraToolsPrefetch 在 commit 2cf18c4c 中被禁用(始终返回 null),
但测试仍期望匹配时返回非 null attachment。更新三个用例全部期望 null。
2026-05-09 17:02:40 +08:00
claude-code-best
2cf18c4c49 docs: 添加 ToolSearch 设计指南 + 禁用 turn-zero 工具推荐弹窗
- 新增 docs/design/tool-search-design-guide.md,涵盖架构、搜索算法、执行管道、演进历史
- 禁用 getTurnZeroSearchExtraToolsPrefetch,消除用户输入时的频繁弹窗
- inter-turn 发现机制保持不变

Co-Authored-By: glm-5-turbo <zai-org@claude-code-best.win>
2026-05-09 16:45:56 +08:00
Bill
b52c10ddb9 fix: 修复CI格式检查失败 2026-05-09 16:21:07 +08:00
claude-code-best
af0d7dc851 feat: 将 Agents/Teams 工具纳入 Tool Search 按需发现
将 TeamCreate、TeamDelete、SendMessage 从 CORE_TOOLS 移除,
使其成为 deferred 工具,通过 ToolSearch 按需发现以减少 context token。
swarm 模式下 SendMessage 保持 always loaded,TeamCreate/TeamDelete
在 swarm 未启用时调用返回启用提示。

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-09 15:45:20 +08:00
claude-code-best
3ac866be98 fix: 修复缓存命中率警告消息不显示 — 改用 system 类型消息绕过 isMeta 过滤 2026-05-09 15:22:34 +08:00
claude-code-best
c14b7eadd2 fix: 修复 Tool Search 缓存失效 — deferred 工具不再动态注入 tools 数组
移除 deferred 工具的 "discover then include" 逻辑,让 tools 数组在整个会话中
保持稳定(只有 core tools + ToolSearch + ExecuteExtraTool),避免每次发现新
工具时 tools JSON 变化导致 prompt cache 失效。

同时强化工具优先级引导:core tools 优先直接调用,ToolSearch/ExecuteExtraTool
仅作为发现和调用 deferred 工具的最后手段。当模型搜索已加载的 core tool 时,
ToolSearch 返回明确的拒绝提示。

Co-Authored-By: glm-5.1[1m] <zai-org@claude-code-best.win>
2026-05-09 14:56:22 +08:00
claude-code-best
8c157f0767 refactor: 统一自建 Tool Search — 移除 tool_reference/defer_loading 依赖,全 provider 通用
- 重命名 ExecuteTool → ExecuteExtraTool,作为一等工具始终可用
- ToolSearchTool 输出改为纯文本(区分 core/deferred),移除 tool_reference blocks
- 移除 modelSupportsToolReference() 及相关 GrowthBook 配置
- 移除 API 侧 defer_loading 字段和 tool search beta header 注入
- 简化 system prompt(工具使用指南从 ~120 行压缩到 ~10 行)
- extractDiscoveredToolNames 支持文本格式解析(向后兼容旧 session 的 tool_reference)
- 更新 promptEngineeringAudit 测试以匹配简化后的 prompt 结构

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-09 14:19:31 +08:00
claude-code-best
4fc95bd5a7 feat: Remote Control 条件工具注入 — PushNotification/SendUserFile/Brief 仅 bridge 启用时可用
- PushNotificationTool、SendUserFileTool 添加 isEnabled() 使用 isBridgeEnabled()
- BriefTool 的 isEnabled() 从 isBriefEnabled() 改为 isBridgeEnabled()
- ExecuteTool 添加 isEnabled() 兜底检查,不可用时返回友好错误
- useReplBridge bridge 首次连接时插入 system 消息通知模型新工具可用
- 移除 toolSearch 中 firstParty base URL 白名单检测,默认启用 tool search

Co-Authored-By: glm-5.1[1m] <zai-org@claude-code-best.win>
2026-05-09 09:45:52 +08:00
claude-code-best
7be08f53bd feat: 实现 Tool Search 基础设施层(CORE_TOOLS 白名单 + TF-IDF 索引 + ExecuteTool + 搜索增强)
- 新增 CORE_TOOLS 白名单常量(31 个核心工具),重构 isDeferredTool 为白名单制判定
- 新建 TF-IDF 工具索引模块(toolIndex.ts),复用 localSearch.ts 算法函数
- 新建 ExecuteTool 跨 API provider 统一工具执行入口
- 增强 ToolSearchTool:TF-IDF 搜索路径、discover: 模式、并行搜索合并、文本模式回退
- 新增 27 个单元测试,precheck 零错误通过(4108 tests pass)

Co-Authored-By: glm-5.1[1m] <zai-org@claude-code-best.win>
2026-05-08 22:29:15 +08:00
Bill
c7cb3d8f93 feat: /login支持codex订阅登录 2026-05-08 20:35:34 +08:00
Bonerush
8ba51edec1 fix: 修复条件式 hook 调用导致的 "Rendered fewer hooks than expected" 错误
修复在 dev 模式下按下 Ctrl+O 切换 transcript 视图时 React 抛出
"Rendered fewer hooks than expected" 崩溃的问题。

## 根因分析

项目中有大量 hook(useState / useMemo / useRef / useSyncExternalStore 等)
被包裹在 `feature()` 三元表达式中条件调用,例如:

    const value = feature('X') ? useHook() : defaultValue;

在 build 模式下 `feature()` 是编译时常量,死代码消除会移除未使用的分支,
hooks 数量在编译后是确定的。但在 dev 模式下(scripts/dev.ts 注入
--feature 启用全部 31 个 feature),`feature()` 是运行时调用,
但始终返回 true,因此所有 hooks 都会被调用,原本不会出问题。

真正的触发器是 REPL.tsx 第 5381 行的提前返回:

    if (screen === 'transcript') { return transcriptReturn; }

当用户按下 Ctrl+O 进入 transcript 模式时,该提前返回之后的所有 hooks
(如 displayedAgentMessages 的 useMemo)都不会被调用,导致 React 在
下一次渲染时检测到 hooks 数量与上次不一致而崩溃。

此外,其他文件中也存在相同的条件式 hook 模式——虽然 dev 模式下
feature() 返回 true,所以这些路径实际上不会被触发,但它们是
潜在的隐患:若将来有人通过环境变量关闭某个 feature,
同样的崩溃会立即出现。

## 修复策略

采用统一模式:**始终无条件调用 hook,将 feature() gate 应用到值上**。

    // Before (unsafe — hook count varies by feature flag)
    const value = feature('X') ? useHook() : defaultValue;

    // After (safe — hook always called, gate on the value)
    const rawValue = useHook();
    const value = feature('X') ? rawValue : defaultValue;

## 修改清单

### 核心修复(REPL.tsx)
- 将 `displayedAgentMessages` useMemo 及依赖变量(viewedTask /
  viewedTeammateTask / viewedAgentTask / usesSyncMessages /
  rawAgentMessages / displayedMessages)从 transcript 提前返回
  之后移至之前,确保两模式下 hooks 调用顺序一致
- 修复 `disableMessageActions` / `useAssistantHistory` /
  `voiceIntegration` 的条件式 hook 调用

### 条件式 hook 修复(11 个文件)
- src/hooks/useGlobalKeybindings.tsx — isBriefOnly / toggleBrief
  keybinding 改为 isActive 门控
- src/hooks/useReplBridge.tsx — 5 个 BRIDGE_MODE 选值改为无条件调用
- src/hooks/useVoiceIntegration.tsx — 4 个 VOICE_MODE 选值修复
- src/components/PromptInput/Notifications.tsx — 4 个 feature 选值修复
- src/components/PromptInput/PromptInput.tsx — briefOwnsGap /
  companionSpeaking 修复
- src/components/PromptInput/PromptInputFooterLeftSide.tsx — 4 个
  VOICE_MODE 选值修复
- src/components/PromptInput/PromptInputQueuedCommands.tsx — isBriefOnly
- src/components/Spinner.tsx — briefEnvEnabled 修复
- src/components/TextInput.tsx — voiceState / audioLevels /
  animationFrame 修复
- src/components/messages/AttachmentMessage.tsx — isDemoEnv 修复
- src/components/messages/UserPromptMessage.tsx — isBriefOnly /
  viewingAgentTaskId / briefEnvEnabled 修复
- src/components/messages/UserToolResultMessage/UserToolSuccessMessage.tsx
  — isBriefOnly 修复

### 其他修复
- src/components/FeedbackSurvey/useFrustrationDetection.ts — 将 3 个
  提前返回合并为 shouldSkip 变量,handleTranscriptSelect 提前 return
- src/hooks/useIssueFlagBanner.ts — useRef 移到 USER_TYPE 检查之前
- src/hooks/useUpdateNotification.ts — useState 改为 useRef,
  避免版本号变化触发不必要重渲染

### 构建/开发配置
- build.ts — 添加 `sourcemap: 'linked'`
- scripts/dev.ts — NODE_ENV 从 'production' 改为 'development'

Closes #434
2026-05-08 13:17:25 +08:00
claude-code-best
7fe448d9e9 feat: 改为使用 ccb 的邮箱 2026-05-07 12:06:40 +08:00
claude-code-best
aa06cea904 fix: 修正 GLM 模型 GitHub 署名邮箱为 zai-org
Co-Authored-By: glm-5.1[1m] <zai-org@users.noreply.github.com>
2026-05-07 11:35:40 +08:00
claude-code-best
c43efecbab feat: 署名邮箱改为 GitHub noreply 格式并新增模型映射
Co-Authored-By: glm-5.1[1m] <zhipuai@users.noreply.github.com>
2026-05-07 11:32:48 +08:00
claude-code-best
cb4a6e76cf feat: 添加自动邮箱映射功能并完善署名系统
- 新增 attributionEmail.ts 实现模型名到邮箱的自动映射
- 重构署名逻辑,统一使用 getRealModelName() 和 getAttributionEmail()
- 将产品名从 Claude Code 更新为 Claude Code Best
- 更新 PRODUCT_URL 指向 claude-code-best fork 仓库

Co-Authored-By: glm-4.7 <noreply@zhipuai.cn>
2026-05-07 11:12:40 +08:00
claude-code-best
f7f69b759c fix: 修复模型别名未解析导致署名显示 "haiku" 而非真实模型名
去掉 getUserSpecifiedModelSetting() 分支,统一走 getMainLoopModel()(解析别名)
+ resolveProviderModel()(解析 provider 映射)的完整链路。

Co-Authored-By: opus[1m] <noreply@anthropic.com>
2026-05-07 11:10:01 +08:00
claude-code-best
771e3dbcf0 fix: 修复非 Anthropic provider 署名模型名获取错误
getRealModelName() 现在会检查 provider 特定环境变量(OPENAI_MODEL、GEMINI_MODEL、GROK_MODEL),
确保通过这些变量设置模型时署名显示真实名称而非 Anthropic 默认模型名。

Co-Authored-By: opus[1m] <noreply@anthropic.com>
2026-05-07 10:57:14 +08:00
claude-code-best
e3c0699f5b feat: 添加 prompt 缓存命中率检测与警告功能
每次 API 请求后自动计算缓存命中率,低于阈值(默认 80%)时在对话流中显示黄色警告消息。
同时更新 /context 命令输出中显示缓存命中率。

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-05-07 10:49:06 +08:00
claude-code-best
e8759f3402 fix: 禁用 opus[1m] 自动迁移,尊重用户手动删除 [1m] 后缀的选择
迁移逻辑过于激进,用户手动删除 [1m]] 后会被自动加回。
现在将 migrateOpusToOpus1m 改为 no-op,保留用户的手动模型选择。

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-05-07 09:33:56 +08:00
claude-code-best
12f5aedf99 fix: 恢复消息流中 diff 高亮渲染功能
还原 commit 51b8ad46 删除的 diff highlight 显示:FileEdit/FileWrite 工具
执行成功后重新展示 StructuredDiffList,拒绝时重新展示高亮代码预览或
带上下文的 diff 视图。

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-07 08:28:28 +08:00
zny
2f150d3ecd feat: 状态栏支持 refreshInterval 定时刷新
- Zod schema 补齐 refreshInterval 字段
- 通过 scheduleUpdate 复用 300ms debounce,event/settings/time 三路触发单飞
- 新增 docs/features/status-line.mdx 调研文档
2026-05-06 22:50:11 +08:00
Simple6K
941bcbd240 fix: third-party API user_id validation error (DeepSeek, etc.)
When ANTHROPIC_BASE_URL points to a non-Anthropic endpoint (e.g.
DeepSeek), the JSON-formatted user_id containing {, ", : characters
fails validation against ^[a-zA-Z0-9_-]+$. Send only the hex device_id
for third-party providers.
2026-05-06 17:47:31 +08:00
znygugeyx-ctrl
5c107e5f8c
Merge pull request #416 from znygugeyx-ctrl/feat/subagent-fork-render
feat: 参考 claude code 官方实现,改进 sub agent 以及 fork agent 的渲染方式
2026-05-06 09:57:52 +08:00
shaleloop
26ddbda849 fix: align mcp transform pipeline with Anthropic Claude Code 2.1.128
Add ImageLimits type and plumb optional limits through the chain:
callMCPTool/callMCPToolWithUrlElicitationRetry -> processMCPResult ->
transformMCPResult -> transformResultContent -> maybeResizeAndDownsampleImageBuffer.
When provided, limits override the module-level defaults
(IMAGE_TARGET_RAW_SIZE, IMAGE_MAX_WIDTH, IMAGE_MAX_HEIGHT,
API_IMAGE_MAX_BASE64_SIZE) inside maybeResizeAndDownsampleImageBuffer.
When undefined, behavior is unchanged for current callers.

Add _meta preservation in the text-block case of transformResultContent
(only when the caller opts in via includeMeta=true). transformMCPResult
passes includeMeta=true on the tool-result path; the prompt-handler call
site keeps the default false, preserving prior behavior.

Add skipLargeOutput early-return in processMCPResult after the IDE check:
when the caller passes skipLargeOutput=true and the content has no images,
the function returns content directly without large-output handling.

Add unwrap-to-text in processMCPResult for the persisted-content path:
when the large-string format gate is enabled
(MCP_TRUNCATION_PROMPT_OVERRIDE env var, or
tengu_mcp_subagent_prompt Statsig gate), and the content is a single
bare text block (no annotations, no _meta), unwrap to raw text and
switch the format description to 'Plain text'. Default-off; gate-off
behavior is unchanged.

Verified structurally against the 2.1.128 binary: function signatures,
the IDE check, gate logic, _meta-unwrap pattern, and imageLimits
plumbing match this implementation.
2026-05-05 14:53:57 -07:00
claude-code-best
3f1c8468bf fix: 调小 snapshots 的范围 2026-05-05 21:09:02 +08:00
claude-code-best
0ad6349434 chore: 清理 18 处未使用导入、变量和函数
移除未使用的导入(getSubscriptionType、isEnvDefinedFalsy、
getClaudeConfigHomeDir 等)、未使用的常量(ACCENT_COLOR、
NAME_MATCH_BONUS、CLIPBOARD_THRESHOLD)和死函数
(getOpus41Option、pasteViaClipboard),
为未使用参数添加 _ 前缀。

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-05 20:15:51 +08:00
claude-code-best
1ac18aec0d chore: 清理 4 处遗漏的未使用导入和参数
移除 autonomyStatus/betas/claudemd/executorCrossPlatform 中
未使用的导入和参数。

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-05 20:05:50 +08:00
claude-code-best
fcbc882232 chore: 清理 src 下 113 项未使用导入和死代码
删除未使用的文件(BuiltinStatusLine.tsx、4 个重复的 .ts stub)、
移除约 55 个文件中未使用的 React 导入、
清理约 50 处未使用的导入/变量/参数。
净减少 ~296 行代码,precheck 4077 测试全部通过。

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-05 20:05:15 +08:00
claude-code-best
87b96199f9 feat: ai 的随机修复 2026-05-05 19:36:38 +08:00
claude-code-best
18d6656a6a feat: 尝试改进 Error 处理以提升内存管理效率 2026-05-05 18:18:13 +08:00
claude-code-best
d0915fc880 chore: 清理 src 下 33 项死代码和类型断言
删除未使用的文件/目录(mcp/adapter、cli/update.ts 等)、
未使用的重导出文件(design-system/color.ts 等 12 个)、
7 个零引用的导出函数、修复 5 处 as any 为精确类型。
净减少 ~1194 行代码,precheck 4077 测试全部通过。

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-05 16:07:30 +08:00
claude-code-best
cf2bf29dcd feat: 尝试深度拷贝数据以分离引用 2026-05-05 12:41:01 +08:00
claude-code-best
75952bde9c fix: 尝试请求参数克隆以解除闭包引用 2026-05-05 09:29:09 +08:00
claude-code-best
e7220c530f fix: eliminate memory leak in promptCacheBreakDetection by replacing closures with pre-computed strings
The buildDiffableContent and buildPrevDiffableContent fields were closures
capturing full system prompt and tool schema arrays (~300KB each). With 10
map entries × 2 closures, this held ~6MB of GC-unreachable memory.

Since recordPromptState already serializes the same data for hashing,
pre-computing the diffable content string has negligible marginal cost.
2026-05-05 08:54:04 +08:00
claude-code-best
6ff839d625 fix: 优化压缩错误消息和自动压缩提示的可理解性
- "Not enough messages" 添加 "Send a few more messages first" 引导
- "Conversation too long" 提示从模糊的 "Press esc twice" 改为建议 /compact 或 /clear
- 自动压缩标题从 "Compact summary" 改为 "Conversation summarized to free up context"
- 快捷键提示从 "expand" 改为 "view summary"
- 新增 7 个测试覆盖压缩相关消息

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-05 07:19:19 +08:00
claude-code-best
88057b10d4 fix: 优化 ModelPicker 副标题和 resume 错误提示的可操作性
- ModelPicker 副标题从技术说明改为操作提示(effort 调整、1M 切换)
- /resume 错误提示添加 "Run /resume to browse" 操作引导
- 新增 6 个测试覆盖模型选择器、会话恢复和 cost 消息文案

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-05 02:14:07 +08:00
claude-code-best
4d0048a60a fix: 优化权限提示用词和 Help 页面新手引导
- Help General 页添加 3 步 Getting started 引导,替代单段描述
- 权限对话框底部 "Esc to cancel" → "Esc to reject","Tab to amend" → "Tab to add feedback"
- .claude/ 文件夹权限选项标签从 60 字符缩至 49 字符,避免窄终端截断
- 新增 10 个测试覆盖权限提示文案和帮助页引导内容

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-05 00:09:27 +08:00
claude-code-best
8a5ef8c9cb fix: 优化用户交互文案,为错误消息添加可操作提示
- 为 budget/turns/structured-output 三种错误消息添加 Tip 提示,指导用户如何继续
- Onboarding 安全步骤标题从 "Security notes" 改为更友好的 "Before you start, keep in mind"
- Trust Dialog 精简为两句核心信息,降低认知负荷
- 新增 7 个测试验证消息内容包含关键引导信息

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-05 00:05:35 +08:00
claude-code-best
f8a289b868 fix: 尝试修复 OTEL 的问题 2026-05-04 23:53:28 +08:00
claude-code-best
45c892fc18 revert: 恢复 HISTORY_SNIP 2026-05-04 23:51:36 +08:00
claude-code-best
b28de717dd perf: 优化内存与遥测管理,启用 Vite minify
- 禁用 HISTORY_SNIP feature flag 并新增 proactiveTruncate 防止无 compact_boundary 时内存无限增长
- 跳过未启用 telemetry 时的 OTel 初始化,防止长会话 PerformanceMeasure 堆积
- OTel 导出遇 401/403 自动关闭 reader,防止 handle 泄漏
- Vite 构建启用 minify

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-04 23:23:25 +08:00
claude-code-best
2545dcabfd fix: ccb update 使用 bun install -g @latest 替代 bun update -g
bun update -g 只更新到 package.json 版本范围内的最新版,无法跨版本升级。
改为 bun install -g @latest 与 npm 侧行为一致,强制拉取最新发布版。

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-03 19:28:16 +08:00
claude-code-best
d3eebfed15 build: Vite 单文件构建 + 修复 doubaoime-asr 打包后 WASM 加载失败
- vite.config.ts: codeSplitting: false 替代多 chunk 输出,产出单文件 dist/cli.js
- vite.config.ts: ssr.external 排除 doubaoime-asr/opus-encdec,避免 require.resolve 路径失效
- scripts/post-build.ts: 简化为直接处理单文件 dist/cli.js
- src/services/doubaoSTT.ts: 改进错误信息,输出具体异常内容便于排查

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-03 16:13:20 +08:00
claude-code-best
6becb8b2d4 fix: 修复 tasks.test.ts 类型错误与并发测试失败
- jsonStringify mock 参数类型改为 Parameters<typeof JSON.stringify>[1][] 消除 TS2769
- 并发测试改为顺序执行以适配 Bun 下 proper-lockfile 的 advisory lock 行为

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-03 10:24:01 +08:00
claude-code-best
3a2b6dde7c perf: 表格渲染效率升级 2026-05-03 10:10:47 +08:00
claude-code-best
4ca7a4895a test: 新增 tasks.ts CRUD 测试覆盖(37 个测试)及 code review 进度记录
审查任务管理 CRUD 模块:创建/读取/更新/删除、高水位标记、文件锁并发安全、
claimTask 竞态保护、resetTaskList、通知信号、并发创建唯一 ID 验证。

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-03 03:29:06 +08:00
claude-code-best
86df024e75 fix: 修复模型的问题 2026-05-02 22:39:57 +08:00
claude-code-best
198c09b263 fix: 内存优化 — 预测性 compact 阈值、增量 lookups orphaned 修复、deferred slice 引用优化
- P0: REPL.tsx 用 useMemo 包裹 deferred messages slice,避免每次渲染创建新数组引用导致不必要的后台重渲染
- P1: 预测性 compact 阈值改用 effectiveContextWindow - growth,消除与 autocompact buffer 的双重预留;TOOL_RESULT_GROWTH_ESTIMATE 从 20K 降至 15K
- P2: 增量 lookups 增加 lastAssistantMsgId 一致性检查和 orphaned server_tool_use/mcp_tool_use 扫描,防止 UI 永久 loading
- P3: reactiveCompact 类型断言改为直接使用 'compact' 字面量
- docs: CLAUDE.md 统一使用 precheck 替代分散的 typecheck/lint/test 命令

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-02 20:32:00 +08:00
claude-code-best
f724300079 fix: 内存优化 — FileReadTool 100KB 上限、lookups 缓存、microcompact 替换清理
- FileReadTool maxResultSizeChars 从 Infinity 改为 100KB,大文件持久化到磁盘
- Messages.tsx 新增 computeMessageStructureKey 缓存,流式 delta 时跳过 8 个 Map/Set 重建
- microcompact 返回 clearedToolUseIds,query.ts 消费后清理 replacements Map 释放原始字符串
- 更新内存分析报告 Round 5 和 file-operations 文档

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-02 11:21:22 +08:00
claude-code-best
0977b0520e docs: 合并性能分析报告并优化内存管理
将 performance-reporter.md 合入 memory-peak-analysis.md,统一分析文档。
代码优化包括:compact 峰值释放、GC 阈值触发、虚拟滚动参数调优、
HybridTransport 队列缩减、无界缓存加 LRU 淘汰、taskSummary 避免数组拷贝。

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-02 09:11:12 +08:00
claude-code-best
ef10ad2839 fix: 优化内存峰值与 CPU 性能,降低 100-300MB 内存占用
- claude.ts: 流式字符串拼接从 O(n²) += 改为数组累积 join,消除 4 处热点
- Messages.tsx: 合并 3 组独立遍历为单次 pass(thinking/bash 查找、3-filter 链、divider/selectedIdx)
- HighlightedCode.tsx: ColorFile 实例添加模块级 LRU 缓存(50 条),避免重复创建
- screen.ts: StylePool 衍生缓存添加 1000 条上限淘汰,防止无界增长
- CompanionSprite.tsx: TICK_MS 从 500ms 提升至 1000ms,减少 setState 频率
- connection.ts: MCP stderr 缓冲从 64MB 降至 8MB
- stringUtils.ts: MAX_STRING_LENGTH 从 32MB 降至 2MB
- sessionStorage.ts: Transcript 写入队列添加 1000 条上限
- query.ts: spread 改 concat 减少一次数组拷贝
- PromptInputFooterLeftSide.tsx: 显示进程 pid 便于调试

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-02 00:45:03 +08:00
claude-code-best
ab0bbbc4b5 fix: 修复内存溢出问题,compact 时清理持久增长数据结构
- compact 时清理 contentReplacementState(seenIds/replacements)
- logError() 使用 shortErrorStack 替代完整 err.stack,减少 GC 压力
- permissionDenials 每次 submitMessage 清空,防止无限增长
- SSE 缓冲区添加 1MB 上限,防止畸形数据无限累积

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-01 22:24:18 +08:00
claude-code-best
6182015005 style: 完成所有文件的lint 2026-05-01 21:39:30 +08:00
claude-code-best
d136872cc9 fix: 尝试修复第三方 api 不兼容部分参数问题 2026-05-01 09:21:34 +08:00
Bonerush
71c89e9de4 fix: theme switching always defaults to dark mode
Root causes:
1. ThemeProvider was imported but never used in App.tsx and showSetupDialog
2. setThemeConfigCallbacks was never called to inject persistence callbacks
3. Preview/save/cancel theme lifecycle had no provider to coordinate

Changes:
- Export setThemeConfigCallbacks from @anthropic/ink
- Wrap App.tsx children with ThemeProvider (initialState from config, onThemeSave persists)
- Wrap showSetupDialog with ThemeProvider for onboarding/trust dialogs
- Call setThemeConfigCallbacks in init.ts to register load/save callbacks
- Update SnapshotUpdateDialog test to account for new ThemeProvider wrapper

Fixes #theme-switching
2026-04-30 16:15:27 +08:00
claude-code-best
00da5d7d1a
Merge pull request #388 from yjjheizhu/fix/modelpicker-1m-toggle-hint
fix: 在模型选择器中 1M 上下文关闭状态也显示 Space to toggle 提示
2026-04-29 22:01:48 +08:00
claude-code-best
08cd02cd37 fix: highlight 缓存改用 LRUCache 降低内存开销
- Fallback.tsx: 手动 Map LRU 替换为 lru-cache 的 LRUCache
- Markdown.tsx: tokenCache 同样替换为 LRUCache
- color-diff-napi: 新增行级 hljs AST 缓存,避免终端 resize 时重复高亮

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-29 21:59:10 +08:00
Claude
7a6e65caf7
refactor: 简化/复用/防御 — 清理 PR #386 审计发现
简化 (S1, S2):
- src/cli/print.ts: 抽出 dispatchHeadlessCronCommand 本地 helper,把
  cron 三个入口(onFire / onFireTask agent / onFireTask 非-agent)共享的
  「dedup-claim → input-close-recheck → onSuccess」管线集中到一处,
  避免三个分支在「claim 与 dispatch 之间发生 inputClosed」的处理上漂移。
  enqueueAndRun 再抽出来,使两个非-agent 分支共用一个 onSuccess 回调。
  约 -55 行重复模板。
- src/utils/autonomyPersistence.ts: 新增 retainActiveFirst<T> 泛型
  helper —— active 记录无条件保留(不参与 cap),inactive 按 timestamp
  desc 填满剩余预算;统一 selectPersistedAutonomyRuns / Flows 的两阶段
  排序语义。
- src/utils/autonomyRuns.ts、autonomyFlows.ts: 改用 retainActiveFirst,
  删掉重复的内联两阶段排序逻辑。

复用 (R1, review #8):
- tests/mocks/file-system.ts: 新增 readTempFile / tempPathExists 两个
  Bun.file 包装,补齐 Node fs.readFileSync / existsSync 在测试里的
  Bun-only 等价物。
- src/utils/__tests__/autonomyRuns.test.ts: 把全部 Node fs/path 导入
  (existsSync, readFileSync, mkdir, writeFile, path.join/resolve)替换为
  tests/mocks/file-system 的共享 helper + node:path(带 node: 前缀)。
  不再有 6 处 mkdir + writeFile 模板,统一用 writeTempFile(自带 mkdir-p)。
  解决 review #8 (Major) 的 Bun-only 运行时契约违反。

防御 (D1, OOM 早期信号):
- src/services/compact/postCompactCleanup.ts: 在 void import().then() 末尾
  补 .catch(logError)。当前 attributionHooks 是 stub,但当真实现被恢复
  且 sweepFileContentCache 抛错时,这个 .catch 阻止它变成 unhandled
  rejection(函数返回值是 void,调用者无从观察异步失败)。
- src/utils/autonomyRuns.ts: 给 active runs 加 100 条软上限 + 一次性
  warn。selectPersistedAutonomyRuns 仍然永不淘汰 active 记录,但跨过
  阈值时 logError 一次,作为 finalize-leak 早期信号——避免 active 无限
  增长悄悄使 AUTONOMY_RUNS_MAX 失效。
2026-04-29 13:23:41 +00:00
Claude
6b7cfda9b1
fixup: 处理 PR #386 review 中尚未覆盖的 4 项
- src/cli/print.ts: cron onFire 改用 createAutonomyQueuedPromptIfNoActiveSource
  并以 prompt 文本作为 sourceId,避免同一定时提示在前一次 run 仍活跃时被重复
  入队叠加;顺手移除 4 个已没人引用的 dead import
  (commitAutonomyQueuedPrompt / prepareAutonomyTurnPrompt /
   markAutonomyRunCancelled / createAutonomyQueuedPrompt)
- src/services/compact/postCompactCleanup.ts: 在 void import().then() 处加
  注释,明确 sweepFileContentCache 是有意的 fire-and-forget,函数对外保持
  同步签名是设计而非疏忽
- src/utils/autonomyFlows.ts: 给 selectPersistedAutonomyFlows 的两阶段排序
  加文档注释(先按 active+updatedAt 选 top-N,再统一按 updatedAt 重排)
- tests/integration/autonomy-lifecycle-user-flow.test.ts: stderr 断言失败时
  把实际 stderr 内容写进 message,方便 CI 失败时定位
2026-04-29 12:45:02 +00:00
unraid
189766c5af fixup: address CodeRabbit second-round review on PR #386
Four inline + one outside-diff actionable comment from the second CodeRabbit
review on claude-code-best/claude-code#386:

- tests/mocks/auth.ts: align mock return contracts with src/utils/auth.ts.
  checkAndRefreshOAuthTokenIfNeeded resolves to a Promise<boolean> and
  getClaudeAIOAuthTokens returns the full token shape (refreshToken, expiresAt,
  scopes, subscriptionType, rateLimitTier) so tests that branch on these
  values can not silently drift away from production.
- src/utils/handlePromptSubmit.ts (461-468): clear the freshly-published
  abortController before the early return when every claimed autonomy command
  was skipped as non-consumable, so this turn's stale controller does not leak
  into the next turn.
- src/utils/handlePromptSubmit.ts (621-649): separate execution failure from
  finalizer failure. The turn body now writes to a `turnError` slot; a single
  pass after the inner try decides whether to finalize claimed commands as
  `completed` or `failed`, with each finalize call wrapped in its own
  try/catch so a failure inside finalize does not flip a successful turn into
  `failed` and double-finalize the same commands. The outer catch only
  rethrows the original turn error.
- src/utils/processUserInput/processSlashCommand.tsx (228-276): wrap the
  post-success `finalizeDeferredAutonomyRunCompleted()` call in its own
  try/catch so a finalize failure no longer falls into the worker-failure
  catch path and emits a contradictory `<scheduled-task-result status="failed">`
  for a slash command that actually succeeded.

Outside scope (not changed) — the CodeRabbit suggestion to add a `.ts`
extension to the shared `tests/mocks/auth` import contradicts the project's
existing convention: every other test imports the shared mocks without the
extension (e.g. `tests/mocks/log`, `tests/mocks/debug`,
`tests/mocks/file-system`), and the project's tsconfig does not enable
`allowImportingTsExtensions`, so adding the extension fails typecheck. The
import is kept extension-less to match the rest of the suite.

Validation:
- bun run typecheck (clean).
- bun test → 3996 pass / 0 fail across 305 test files.
2026-04-29 15:49:54 +08:00
unraid
452a7e6a15 fixup: address CodeRabbit review on PR #386
Twelve actionable items (7 Major + 5 Minor) from the CodeRabbit review on
claude-code-best/claude-code#386:

- docs/internals/autonomy-jira.md: typo "due input close" → "due to input close".
- src/utils/autonomyRuns.ts:
  - selectPersistedAutonomyRuns no longer evicts active (queued/running) runs
    when the combined list exceeds AUTONOMY_RUNS_MAX. Active runs are kept in
    full and the inactive history is capped to the remaining budget so
    persisted ownership for live work survives.
  - isValidOwnerProcessId now allows pid <= 4_194_304 so a live run owned by
    the maximum Linux PID is not treated as stale.
- src/utils/autonomyAuthority.ts: maskCodeFencedLines tracks the active fence
  length and only closes the fence when a same-character run of equal-or-
  greater length appears with no trailing content, so a nested ```yaml inside
  an outer ```` block no longer leaks fake `tasks:` entries into the parser.
- src/cli/print.ts: late-shutdown branches in the cron and scheduled-task
  paths now call cancelQueuedAutonomyCommands({ commands: [command] }) instead
  of markAutonomyRunCancelled(...). Updating run state alone left the
  queue-side record orphaned for resume/recovery.
- src/utils/processUserInput/processSlashCommand.tsx: scheduled-task-result
  notification is enqueued before finalizeAutonomyRunCompleted (which queues
  follow-up autonomy commands) so both at priority: 'later' land in order and
  the next autonomy step can not run before the worker's output is observed.
- src/screens/REPL.tsx + src/utils/handlePromptSubmit.ts:
  - onQuery now returns Promise<boolean>: false from the concurrent-guard
    skip path, true otherwise. Other call sites use `void onQuery(...)` and
    are unaffected. handlePromptSubmit's onQuery prop type matches.
  - The autonomy-prompt callsite captures the executed flag, finalizes
    claim.claimedCommands as { type: 'completed' } only when onQuery actually
    ran, and runs the completed-finalize in its own try/catch so a failure
    there does not propagate into the outer catch and trigger a second
    finalize as { type: 'failed' } for the same commands.
  - Removed the unsafe `command.value as string` cast; createUserMessage
    already accepts `string | ContentBlockParam[]`.
  - createUserMessage mock in src/__tests__/handlePromptSubmit.test.ts now
    matches the new Promise<boolean> shape.
- packages/builtin-tools/src/tools/RemoteTriggerTool/__tests__/
  RemoteTriggerTool.test.ts:
  - Inline auth mock replaced with the shared tests/mocks/auth (added).
  - The full mock of src/constants/oauth.js is replaced by a narrow
    side-effect-only mock that overrides the env-reading helpers
    (getOauthConfig, fileSuffixForOauthConfig, MCP_CLIENT_METADATA_URL) and
    delegates pure data exports to the real module.
- tests/integration/dependency-overrides.test.ts:
  - mermaid does not export `./package.json` in its exports map, so
    require.resolve('mermaid/package.json') throws
    ERR_PACKAGE_PATH_NOT_EXPORTED in runtimes that honor exports semantics.
    The test now resolves the package entry and walks up to the package
    root via a small findPackageJson helper.
  - readFileSync from node:fs is replaced with `await Bun.file(...).text()`
    to match the project's Bun-API requirement.

Validation:
- bun run typecheck (clean).
- bun test → 3996 pass / 0 fail across 305 test files.

Targets PRs:
- amDosion/claude-code-bast#8 (fork-internal review)
- claude-code-best/claude-code#386 (upstream review, same head branch)
2026-04-29 15:17:50 +08:00
hzchat
29a1edbf46 fix: 在模型选择器中 1M 上下文关闭状态也显示 "Space to toggle" 提示
之前在 ModelPicker 中,只有 1M 上下文开启时才显示 "Space to toggle" 操作提示,
  关闭状态时没有任何提示,导致用户不知道如何通过空格键来切换 1M 上下文开关。

  Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-29 15:05:58 +08:00
unraid
f2e9af4927 feat: harden autonomy lifecycle, OOM bounds, and provider-boundary finalization
This PR consolidates a coordinated batch of fixes around autonomy run/flow lifecycle, scheduled task deduplication, provider-boundary state finalization, and matching memory-bound treatments for adjacent long-running subsystems (REPL fullscreen scrollback, skill-search/skill-learning runtime activation). All changes were developed and reviewed together because they touched the same lifecycle invariants and were uncovered by the same long-running session reproductions.

## Lifecycle correctness

- Queued autonomy prompts are not injected unless the persisted run was successfully claimed; queued run claiming is now terminal-safe so a once-consumed/cancelled/failed run can not slip back into `queued`.
- Autonomy run/flow finalization happens on completion, provider error, generator close, and cancellation — not just the happy path. New `src/__tests__/queryAutonomyProviderBoundary.test.ts` covers these provider-boundary transitions.
- `requestManagedAutonomyFlowCancel` and `resumeManagedAutonomyFlowPrompt` carry `rootDir` and `currentDir` explicitly across detached async boundaries (proactive-tick, cron, daemon restart) instead of inferring from process state.
- Active runs/flows are protected from janitor pruning so a running step can not be garbage-collected mid-flight (`src/utils/autonomyAuthority.ts`).
- Heartbeat parser now ignores fenced code blocks; the two-phase commit window for autonomy state transitions is documented in `docs/internals/autonomy-jira.md`.

## Ownership and dedup

- `src/utils/autonomyRuns.ts`: ownership stamping (run id + rootDir carried end-to-end), source-based dedup against active runs.
- `src/hooks/useScheduledTasks.ts`: scheduled ticks deduplicate against runs already active on the same source label.
- `src/utils/processUserInput/processSlashCommand.tsx`: forked slash commands now thread the autonomy `runId` so completion finalizers can find the originating run for deferred completion.
- New `src/utils/autonomyQueueLifecycle.ts` and tests collect the queue-side lifecycle invariants in one place.

## Memory bounds (related, same review pass)

- `src/screens/REPL.tsx`: caps fullscreen scrollback after the compact boundary and updates trailing progress rows in place. Long-running fullscreen sessions could otherwise retain thousands of post-compaction messages and duplicate progress rows, keeping Ink trees alive long after their useful context had moved on.
- `src/services/skillSearch/*` and `src/services/skillLearning/*`: runtime activation is strictly opt-in via existing env toggles; session caches are capped so long-running processes can not grow them forever. Build presence is preserved so operators can still discover and opt into the slash commands.

## CI / test contract

- `tests/integration/dependency-overrides.test.ts`: smoke test no longer drives Mermaid's browser renderer; it validates the package-resolution contract directly so CI does not regress on unrelated browser timing.
- New `tests/integration/autonomy-lifecycle-user-flow.test.ts`: end-to-end CLI subprocess flow exercising `status --deep`, `flows`, `flow <id>`, `flow resume`, `flow cancel` against persisted state.
- `src/entrypoints/cli.tsx`: `claude autonomy …` routes through an entrypoint fast path that reuses the slash-command formatter without booting the full interactive CLI. Stdout is flushed before forced exit so coverage subprocesses do not terminate with empty stdout.
- `packages/builtin-tools/src/tools/RemoteTriggerTool/__tests__/RemoteTriggerTool.test.ts`: stabilized to prevent audit flake under coverage.

## Tests added

- `src/__tests__/queryAutonomyProviderBoundary.test.ts`
- `src/hooks/__tests__/useScheduledTasks.test.ts`
- `src/utils/__tests__/autonomyAuthority.test.ts`
- `src/utils/__tests__/autonomyFlows.test.ts` (extended)
- `src/utils/__tests__/autonomyPersistence.test.ts` (extended)
- `src/utils/__tests__/autonomyQueueLifecycle.test.ts`
- `src/utils/__tests__/autonomyRuns.test.ts` (extended)
- `src/utils/processUserInput/__tests__/processSlashCommand.test.ts`
- `tests/integration/autonomy-lifecycle-user-flow.test.ts`

## Docs

- `docs/agent/sur-loop-scheduled-oom.md`: System Understanding Report covering the scheduled/loop OOM problem, the call graphs investigated, and the lifecycle invariants this PR establishes.
- `docs/agent/sur-skill-overflow-bugs.md`: SUR for the related skill-overflow context.
- `docs/internals/autonomy-jira.md`: documents the two-phase commit window and ownership stamping invariants.
- `docs/memory-leak-audit.md`: audit notes covering the REPL/scrollback and skill-search bounds.

## Invariants this PR establishes

1. Queued autonomy prompts are not injected unless the persisted run was successfully claimed.
2. Terminal run/flow states are terminal — completion, failure, and cancellation all finalize state regardless of which provider/error path triggered them.
3. Autonomy run/flow `rootDir` is carried explicitly across detached async boundaries instead of inferred from a shared singleton.
4. State-only CLI subcommands (`autonomy status|runs|flows|flow …`) bypass full interactive bootstrap so they do not hold unrelated handles open.
5. REPL fullscreen scrollback and skill-search/skill-learning session caches are explicitly bounded.

## Validation

```bash
bun run typecheck
CI=true GITHUB_ACTIONS=true bun test            # 3996 pass / 0 fail across 305 files
bun test src/__tests__/queryAutonomyProviderBoundary.test.ts \
         src/hooks/__tests__/useScheduledTasks.test.ts \
         src/utils/__tests__/autonomy{Runs,Flows,Authority,QueueLifecycle,Persistence}.test.ts \
         src/utils/processUserInput/__tests__/processSlashCommand.test.ts \
         tests/integration/autonomy-lifecycle-user-flow.test.ts
```

## Origin

This PR is the consolidated, upstream-targeted version of two fork-side review PRs (fix/loop-scheduled-autonomy-oom and fix/autonomy-lifecycle). The fork-side review history is preserved at https://github.com/amDosion/claude-code-bast/pull/7 . The fork's own internal `chore: keep fork current with upstream` sync commits and the `docs: update contributors` automation are intentionally not included in this PR.

The autonomy CLI handler `rootDir` threading that the fork added (78f64d8a, 98d04ddb) is intentionally omitted here because upstream `a2cfaf91` (fix: 修复 RemoteTriggerTool 和 autonomy 测试的全量运行失败) already performed the equivalent change with an additional `currentDir` option. Keeping the upstream version avoids regressing that improvement.
2026-04-29 14:04:27 +08:00
claude-code-best
4f1649e249
feature: 20260429 代码巡检 (#383)
* fix: 实现 snipCompact/snipProjection 存根,修复 QueryEngine mutableMessages 不收缩的内存泄漏

将 snipCompact.ts 和 snipProjection.ts 从纯存根替换为完整实现:
- snipCompactIfNeeded: 检测 snip_boundary 消息,按 removedUuids 过滤消息,释放旧消息内存
- isSnipBoundaryMessage/projectSnippedView: 边界检测与视图投影
- isSnipMarkerMessage/isSnipRuntimeEnabled/shouldNudgeForSnips: 辅助函数
- 28 个测试覆盖边界检测、消息过滤、空输入、多边界等场景

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

* fix: 完善 StreamingToolExecutor.discard() 释放内部状态,修复 NO_FLICKER 模式内存泄漏

discard() 原先仅设置 flag,不释放 tools 数组、siblingAbortController 和 turnSpan。
NO_FLICKER 模式 API 重试时旧工具结果堆积无法被 GC 回收。

修复内容:
- 中止 siblingAbortController 以取消运行中的工具子进程
- 清空 tools 数组释放 TrackedTool 引用(block、assistantMessage、results、pendingProgress)
- 清理 progressAvailableResolve 和 turnSpan
- 添加 7 个测试覆盖 discard 后的各种状态验证

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

* fix: 清理 useReplBridge pendingPermissionHandlers,修复 RC 权限条目保留内存泄漏

pendingPermissionHandlers Map 原定义在 async IIFE 内部,组件卸载时
cleanup 函数无法访问。修复方案:
- 将 Map 提升至 useEffect 顶层作用域
- cleanup 时显式调用 pendingPermissionHandlers.clear() 释放闭包引用
- 添加 8 个测试覆盖 handler 注册/取消/响应/cleanup 模式

同时确认 #4 空闲渲染循环已完整实现(所有 10 个 useAnimationFrame
调用者均正确传递 null 暂停时钟)。

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

* fix: 确认 #11 LRU 缓存键已完整实现,添加 FileStateCache 测试 + 修复类型错误

审计确认 #11 FileStateCache 已完整实现(LRU 双重限制 max+maxSize +
sizeCalculation),归类从"未实现"修正为"已确认完整"。
- 添加 16 个 FileStateCache 测试覆盖 LRU 驱逐、大小计算、路径归一化
- 添加 6 个 coerceToolContentToString 测试覆盖类型强制转换
- 修复 replBridgePermissionHandlers 测试的类型断言错误

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

* docs: 完成内存泄漏审计,标记所有条目已处理

12 项审计条目全部处理完毕:
- 11 项已确认完整实现(含 4 项主动修复:#8 StreamingToolExecutor、#9 RC 权限、#12 snipCompact、#4 确认完整)
- 1 项已知限制(#7 Bun --compile 兼容性)
- 65 个测试覆盖所有修复项
- 验证报告确认所有修复代码正确实现

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

* fix: highlight.js 按需注册 26 个常用语言,减少 ~80% 语法内存占用

将 `import hljs from 'highlight.js'`(190+ 语言,~5-15MB)改为
`import hljs from 'highlight.js/lib/core'` + 静态导入并注册 26 个
常用语言(TypeScript、Python、Bash、Go、Rust 等)。静态 import
在 Bun --compile 模式下正常工作,避免了 createRequire 的路径问题。

内存从 ~5-15MB 降至 ~1-2MB。添加 7 个测试验证语言注册和
highlight 功能,现有 17 个 color-diff 测试全部通过。

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

* fix: 修复 inProcessRunner 权限响应后未 cleanup 的 interval 泄漏

权限请求得到响应后(批准/拒绝),pollInterval 和 abort listener
未被清理,导致 setInterval 永远运行。在长时间运行的 swarm 会话
中,每次权限请求都会泄漏一个 interval 和一个 listener。

修复:在成功/拒绝路径中调用 cleanup() 以清理 interval、
unregister callback 和移除 abort listener。添加 6 个测试
覆盖 permission callback 注册/处理/清理生命周期。

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

* fix: LSP openedFiles Map 在 compaction 后未清理,添加 closeAllFiles() 集成

LSPServerManager 的 openedFiles Map 持续增长(代码注释标注为 TODO),
长时间会话中每次文件操作都追加条目但从不清理。添加 closeAllFiles()
方法并在 postCompactCleanup 中调用,compaction 后释放所有 LSP 服务器端
文件状态。

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

* fix: 修复 language-registration 测试在全量运行时因 hljs 单例污染而失败

cliHighlight.ts 导入全量 highlight.js(192 语言),与 color-diff-napi
使用的 highlight.js/lib/core 共享同一单例。全量测试运行时全量包先加载,
导致断言"未注册语言"和"不超过 30 个语言"失败。

改为验证目标 26 个语言全部存在,而非检查总数。

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-29 09:14:26 +08:00
claude-code-best
a2cfaf9111 fix: 修复 RemoteTriggerTool 和 autonomy 测试的全量运行失败
RemoteTriggerTool 测试补充了缺失的 mock(log/debug/oauth/growthbook/policyLimits/bun:bundle),
用内存数组替代文件系统写入审计记录,避免路径冲突。autonomy handler 函数增加可选 rootDir 参数,
测试显式传递 rootDir 避免依赖全局 getProjectRoot() 导致并发测试状态污染。

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-28 22:29:36 +08:00
claude-code-best
51b8ad46bf refactor: 移除消息流中的 diff 渲染,仅保留权限审批页的 diff
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-28 21:23:38 +08:00
claude-code-best
2bad8df5d7 test: 添加 subagent 僵死场景相关测试用例
覆盖 subagent 生命周期关键模块的零覆盖函数:
- messageQueueManager: 扩展队列操作测试(enqueue/dequeue/优先级排序)
- queueProcessor: 测试 subagent 通知过滤和批量处理
- LocalAgentTask: 测试状态转换、通知防重、进度追踪
- task/framework: 测试 updateTaskState、registerTask、evictTerminalTask

共 66 个测试用例,135 个断言,全部通过。

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-28 15:36:54 +08:00
claude-code-best
b8b48bf7ed fix: 修复 truncate 函数接收到 undefined/null 时崩溃的问题
BackgroundTask 组件渲染时传入的 task 属性(description、title、command 等)
可能为 undefined,导致 str.indexOf('\n') 抛出 TypeError。

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-28 09:15:58 +08:00
claude-code-best
1a1d57057e fix: 限制 skill-learning evidence 无限增长导致全局 skill 文件膨胀
evidence 数组和追加块缺少大小限制,导致 skill 文件(如
sdd-brainstorming)在短时间内膨胀至 21K+ 行/78 个 evidence 块。

三处修复:
- instinctParser: evidence 数组 cap 10 条, observationIds cap 20 条
- skillGenerator: 追加块每次最多 20 行, 文件总大小上限 50KB,
  生成 skill 的 evidence 段限制 20 行
- agentGenerator: 生成 agent 的 evidence 段限制 20 行

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-28 08:47:37 +08:00
claude-code-best
c81dac8c3c fix: 修复 Node.js 环境下 UDS socket chmod ENOENT 导致进程无输出退出
macOS + Node.js v22 中,嵌套目录路径的 Unix Domain Socket 在
listen 回调触发时文件可能尚未落盘,chmod 随即抛出 ENOENT,
导致 startUdsMessaging → setup() 整条链路崩溃。将 chmod 改为
非致命操作,ENOENT 时安全跳过(父目录已为 0o700)。

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-27 20:48:23 +08:00
Dosion
4266149820
fix: keep UDS peer failures structured (#375)
* fix: keep UDS peer failures structured

CodeRabbit and Claude cross-review identified that timeout and raw peer connection failures should share one observable error contract. UDS peer failures now use UdsPeerConnectionError consistently, and connectToPeer hands the socket lifecycle back to the caller after a successful connection instead of retaining an internal timeout or error listener.

The tests cover the real socket paths with capability files, timeout behavior, connection failure structure, post-connect listener handoff, AgentSummary rescheduling observations, and platform-specific mailbox directory errno handling.

Constraint: Preserve the 5000ms production timeout default while allowing tests to exercise timeout paths quickly.

Rejected: Suppress CodeRabbit warnings in tests | would hide the real timeout/error contract gap.

Rejected: Keep connectToPeer post-connect error listener | it would silently swallow caller-owned socket errors.

Confidence: high

Scope-risk: narrow

Directive: Keep UDS send/connect timeout and socket-error paths on the same structured peer error contract.

Tested: bun test src/utils/__tests__/udsMessaging.test.ts src/services/AgentSummary/__tests__/agentSummary.test.ts src/utils/__tests__/teammateMailbox.test.ts

Tested: bunx tsc --noEmit --pretty false

Tested: bun run lint

Tested: bun run test:all

Tested: bun test --coverage --coverage-reporter lcov --coverage-dir coverage

Tested: bun run build

Tested: bun run build:vite

Tested: omx ask claude simplify review artifact .omx/artifacts/claude-review-only-cross-check-for-pr-374-on-branch-codex-codecov-r-2026-04-27T08-17-47-309Z.md

Tested: omx ask claude security review artifact .omx/artifacts/claude-security-review-cross-check-for-pr-374-current-working-tree--2026-04-27T08-26-54-079Z.md

Not-tested: GitHub-hosted CodeRabbit refresh until pushed.

* docs: clarify UDS peer socket ownership

CodeRabbit's #375 pass found that connectToPeer now correctly hands socket errors to the caller, but the JSDoc needed to spell out that contract. The lifecycle test also uses a less brittle post-connect timeout so slow CI does not turn the ownership check into a connection-speed race.

Constraint: The raw socket API intentionally detaches its internal listener after successful connect so caller-owned errors are not swallowed.

Rejected: Keep the test timeout at 50ms | it tests scheduler speed instead of socket lifecycle ownership.

Confidence: high

Scope-risk: narrow

Directive: connectToPeer callers must attach their own error listener immediately after awaiting the socket.

Tested: bun test src/utils/__tests__/udsMessaging.test.ts

Tested: bunx tsc --noEmit --pretty false

Tested: bun run lint

Tested: git diff --check

Tested: bun run test:all

Not-tested: GitHub-hosted CodeRabbit refresh until pushed.

* fix: close peer socket listener handoff window

CodeRabbit and Claude review found that documenting caller-owned raw socket errors still left a Promise handoff window and a stale timeout-listener risk. The peer connection API now requires a caller error handler and installs it before resolving, while cleanup removes internal error and timeout listeners on every path.

Constraint: Keep the fix precise to PR #375 review feedback and avoid warning suppression or fallback behavior.
Rejected: Leave the behavior documented only | still permits an unhandled socket error window between resolve and caller listener attachment.
Rejected: Keep a no-op internal error listener | would silently swallow caller-owned socket errors.
Confidence: high
Scope-risk: narrow
Directive: Do not add raw connectToPeer callers without providing a real onSocketError handler and capability handshake.
Tested: bun test src/utils/__tests__/udsMessaging.test.ts src/services/AgentSummary/__tests__/agentSummary.test.ts
Tested: bunx tsc --noEmit --pretty false
Tested: bun run lint
Tested: bun run test:all
Tested: bun test --coverage --coverage-reporter lcov --coverage-dir coverage
Tested: bun run build
Tested: bun run build:vite
Tested: bun audit
Not-tested: Manual external ACP peer runtime beyond repository tests.

* fix: use a deadline timer for peer connects

The raw socket handoff no longer needs Socket#setTimeout; an ordinary connection deadline keeps the timeout behavior while avoiding an internal socket timeout listener that has no reliable UDS integration path to exercise.

Constraint: Keep Codecov coverage honest without adding ignore pragmas, mocks, or fallback suppression.

Rejected: c8 ignore on the timeout listener | hides the uncovered branch instead of simplifying the lifecycle.

Rejected: keep Socket#setTimeout listener | leaves a socket listener lifecycle to manage for a connect-only deadline.

Confidence: high

Scope-risk: narrow

Directive: Keep connectToPeer errors caller-owned via onSocketError and reject pre-connect failures with UdsPeerConnectionError.

Tested: bun test src/utils/__tests__/udsMessaging.test.ts src/services/AgentSummary/__tests__/agentSummary.test.ts

Tested: bunx tsc --noEmit --pretty false

Tested: bun run lint

Tested: bun test src/utils/__tests__/udsMessaging.test.ts --coverage --coverage-reporter lcov --coverage-dir coverage-uds

Tested: bun run test:all

Tested: bun test --coverage --coverage-reporter lcov --coverage-dir coverage

Tested: bun run build

Tested: bun run build:vite

Tested: bun audit

Not-tested: Manual external ACP peer runtime beyond repository tests.

---------

Co-authored-by: unraid <local@unraid.local>
2026-04-27 20:16:09 +08:00
claude-code-best
c80e593212
feature: langfuse thinking 及 文本edit的问题修复( #371); 省略 diff 以减少内存峰值 (#376)
* feat: langfuse tracing 增加 thinking 参数记录

在 recordLLMObservation 中添加 thinking 配置(type/budgetTokens),
所有 provider(claude/gemini/openai)及 tokenEstimation、sideQuery
调用处同步传递 thinking 信息,便于 Langfuse 面板观察 thinking 使用情况。

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

* fix: langfuse tracing 兼容 budget_tokens snake_case 格式

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

* fix: 统一传递完整 thinking 配置而非仅 thinkingType

Langfuse 追踪直接传递整个 thinking 对象(含 type 和 budget_tokens),
Analytics 日志同步补充 thinkingBudgetTokens 字段,logAPIQuery 改为
接收 ThinkingConfig 类型参数。

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

* feat: 省略旧消息的代码 diff 展示,仅保留最新消息的完整 diff

* fix: Edit 工具增加 Tab/空格规范化匹配,修复中文和缩进文件编辑失败

Read 工具输出将 Tab 渲染为空格,用户复制后 Edit 工具无法匹配。
在 findActualString 中增加 Tab→空格规范化回退匹配,并精确映射回原始文件位置。

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

* docs: README 添加安装/更新失败的解决方案提示

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-27 17:06:33 +08:00
Dosion
b47731a3f3
test: keep Codecov coverage on real agent communication paths (#374)
* test: keep Codecov coverage on real agent communication paths

PR #369 was merged before the final Codecov coverage fix landed, so this follow-up carries only the incremental real-path tests needed on top of main. The tests exercise AgentSummary lifecycle branches, mailbox fail-closed behavior, UDS client connection failure through a real capability file, and UDS response-reader framing without mock.module, warning suppression, feature fallback, or production-code churn.

Constraint: PR #369 is already merged; this branch must contain only the incremental Codecov repair on top of latest main

Rejected: Reopen or keep pushing the merged PR branch | merged PR refs do not update and would leave Codecov stale

Rejected: Mock bun:bundle or hide warnings | would reintroduce cross-test pollution and pseudo coverage

Rejected: Keep unrelated SendMessageTool production diff | it created avoidable patch-coverage debt without improving the runtime path

Confidence: high

Scope-risk: narrow

Directive: Keep these coverage tests on real paths; do not replace them with output suppression or feature-flag mocks

Tested: bunx tsc --noEmit --pretty false

Tested: bun run lint

Tested: bun test src\utils\__tests__\teammateMailbox.test.ts

Tested: bun test src\services\AgentSummary\__tests__\agentSummary.test.ts src\services\AgentSummary\__tests__\summaryContext.test.ts src\utils\__tests__\teammateMailbox.test.ts src\utils\__tests__\udsMessaging.test.ts src\utils\__tests__\udsResponseReader.test.ts packages\builtin-tools\src\tools\SendMessageTool\__tests__\udsRecipientSanitization.test.ts

Tested: bun run test:all

Tested: bun test --coverage --coverage-reporter lcov --coverage-dir coverage

Tested: bun run build

Tested: bun run build:vite

Tested: bun audit

Tested: git diff --check

Tested: Claude simplify review GO (.omx/artifacts/claude-simplify-codecov-20260427-1521.md)

Tested: Claude security review GO (.omx/artifacts/claude-security-codecov-20260427-1522.md)

Not-tested: GitHub-hosted Codecov upload after this amended commit until PR checks rerun

* test: keep review assertions tied to real failure paths

CodeRabbit flagged three non-blocking but valid review gaps: platform-specific mailbox errno checks, brittle UDS connection-failure message assertions, and missing AgentSummary reschedule proof after fork errors. This keeps the fixes narrow by tightening the affected assertions and adding a structured UDS connection error for tests to assert behavior instead of prose.

Constraint: PR #374 is a review follow-up and must not hide warnings, skip tests, or merge the PR.

Rejected: Matching the UDS failure message literal | preserves the brittle coupling CodeRabbit flagged.

Rejected: Asserting only that mailbox writes throw | would allow unrelated pre-path failures to pass.

Confidence: high

Scope-risk: narrow

Directive: Keep UDS connection-failure tests on structured error data, not display wording.

Tested: bun test src/services/AgentSummary/__tests__/agentSummary.test.ts src/utils/__tests__/teammateMailbox.test.ts src/utils/__tests__/udsMessaging.test.ts

Tested: bunx tsc --noEmit --pretty false

Tested: bun run lint

Tested: bun run test:all

Tested: bun test --coverage --coverage-reporter lcov --coverage-dir coverage

Tested: bun run build

Tested: bun run build:vite

Not-tested: GitHub-hosted CodeRabbit refresh until pushed.

* test: remove brittle review follow-up assumptions

CodeRabbit's second pass found two valid brittleness issues and one suggested callback-reference assertion that would not match production behavior. This keeps the production behavior unchanged: timers still schedule the summarizer closure, tests now assert timer-handle identity, and UDS connection errors use native Error.cause instead of shadowing it.

Constraint: Do not manufacture behavior just to satisfy a review hint; assertions must match the real AgentSummary scheduling contract.

Rejected: Assert a fresh scheduled callback function | scheduleNext intentionally passes the same runSummary closure each time.

Rejected: Store a custom cause field on UdsPeerConnectionError | native Error.cause is available under ESNext/Bun.

Confidence: high

Scope-risk: narrow

Directive: Timer tests should assert returned handle identity for ownership, not incidental numeric values.

Tested: bun test src/services/AgentSummary/__tests__/agentSummary.test.ts src/utils/__tests__/udsMessaging.test.ts

Tested: bunx tsc --noEmit --pretty false

Tested: bun run lint

Tested: bun run test:all

Tested: bun test --coverage --coverage-reporter lcov --coverage-dir coverage

Tested: bun run build

Tested: bun run build:vite

Not-tested: GitHub-hosted CodeRabbit refresh until pushed.

* test: enforce structured UDS timeout failures

CodeRabbit's follow-up surfaced a real consistency gap: UDS send socket errors used UdsPeerConnectionError while response timeouts still rejected a generic Error. Timeouts now use the same structured peer failure contract, and the test exercises that path through a short explicit timeout instead of waiting for the production default.

The AgentSummary unchanged-fingerprint test now also asserts that the second unchanged tick does not log errors, preserving the existing behavior checks without changing production scheduling semantics.

Constraint: Keep the production timeout default at 5000ms while allowing tests to exercise the timeout path quickly.

Rejected: Leave timeout failures as generic Error | callers would need separate handling for the same peer connection failure class.

Confidence: high

Scope-risk: narrow

Directive: Keep UDS send timeout and socket-error branches on the same structured error contract.

Tested: bun test src/services/AgentSummary/__tests__/agentSummary.test.ts src/utils/__tests__/udsMessaging.test.ts

Tested: bunx tsc --noEmit --pretty false

Tested: bun run lint

Tested: bun run test:all

Tested: bun test --coverage --coverage-reporter lcov --coverage-dir coverage

Tested: bun run build

Tested: bun run build:vite

Not-tested: GitHub-hosted CodeRabbit refresh until pushed.

---------

Co-authored-by: unraid <local@unraid.local>
2026-04-27 16:22:13 +08:00
Dosion
52b61c2c06
fix: bound agent communication memory growth (#369)
* fix: bound agent communication memory growth

UDS messaging now uses private local capabilities instead of exposing auth tokens through SDK metadata, environment variables, session registry, peer listing, or tool output. The receive path bounds NDJSON frames, response buffers, active clients, and pending inbox bytes, and strips auth metadata before messages enter the prompt queue.

Teammate mailboxes now validate file and message sizes, fail closed on corrupt mutation inputs, compact by count and retained bytes, and use stable message identity for in-process acknowledgements. Agent summaries now fork only a bounded recent context using lazy size estimation and content fingerprints instead of retaining or serializing unbounded histories.

Constraint: PR #361 was already merged; this branch is based on upstream/main@c2ac9a74.
Rejected: Default-disabling COORDINATOR_MODE/TEAMMEM only | explicit feature enablement still hit unbounded paths.
Rejected: Persisting UDS auth in SDK/env/session registry | bridge/remote metadata can leak local capability secrets.
Rejected: Inline uds #token addresses | observable/tool/classifier paths can reflect raw addresses outside the UDS request frame.
Rejected: Positional mailbox marking after compaction | compaction can shift indices across the lock boundary.
Confidence: high
Scope-risk: moderate
Directive: Do not expose UDS capability tokens through SDK messages, environment variables, session registry, peer-list output, or SendMessage result/classifier surfaces.
Directive: Do not reintroduce positional mailbox acknowledgements unless compaction is removed or read+mark is atomic under one lock.
Tested: bun test src/utils/__tests__/ndjsonFramer.test.ts src/utils/__tests__/udsMessaging.test.ts packages/builtin-tools/src/tools/SendMessageTool/__tests__/udsRecipientSanitization.test.ts
Tested: bunx tsc --noEmit --pretty false
Tested: bun run lint
Tested: bunx biome lint modified src/package files
Tested: bun run test:all (3704 pass, 0 fail, 6734 expects)
Tested: bun audit (No vulnerabilities found)
Tested: bun run build
Tested: bun run build:vite
Tested: git diff --check
Not-tested: End-to-end external UDS client driving a full production headless model turn.

* fix: harden bounded agent communication review fixes

CodeRabbit and Codecov surfaced real gaps in UDS framing, peer discovery, mailbox retention, and summary context coverage. This tightens those paths without suppressing review or coverage signals.

Constraint: PR #369 must address CodeRabbit and Codecov findings without warning suppression or fake fallbacks

Rejected: Suppress Codecov or CodeRabbit warnings | leaves real receive-path and test-isolation gaps

Rejected: Add unreachable feature-gated tests | bun:bundle keeps those branches compile-time gated in local tests

Confidence: high

Scope-risk: moderate

Directive: Keep UDS auth-token rejection outside feature flags; do not reintroduce inline token fallbacks

Tested: bun test --coverage --coverage-reporter lcov --coverage-dir coverage; bun run test:all; bun run lint; bun run build; bun run build:vite; bun audit; git diff --cached --check

Not-tested: Remote Codecov/CodeRabbit refreshed reports until pushed

* fix: prevent agent communication bounds from hiding CI regressions

Tighten the UDS auth, framing, and response-reader boundaries while keeping the AgentSummary lifecycle covered so Codecov and CI fail on real regressions instead of missing coverage. The poorMode settings mock mirrors unrelated real settings defaults to avoid Bun mock retention changing later permission tests.

Constraint: PR #369 must fix Codecov/CI precisely without warning suppression, fallback masking, or mock pollution

Rejected: Delete AgentSummary lifecycle coverage | would hide Codecov loss and stale-summary behavior

Rejected: Store inline UDS rejection in a hidden input sentinel | cloned observable inputs can drop it and bypass rejection

Rejected: Ignore malformed UDS frames until timeout | leaves client slots and SendMessage calls open to exhaustion

Confidence: high

Scope-risk: moderate

Directive: Keep empty #token= markers rejected; do not require a non-empty token value in hasInlineUdsToken

Tested: bun test packages/builtin-tools/src/tools/SendMessageTool/__tests__/udsRecipientSanitization.test.ts src/utils/__tests__/udsMessaging.test.ts src/utils/__tests__/udsResponseReader.test.ts src/utils/__tests__/ndjsonFramer.test.ts

Tested: bunx tsc --noEmit --pretty false

Tested: bun run lint

Tested: bun test --coverage --coverage-reporter lcov --coverage-dir coverage

Tested: bun run test:all

Tested: bun audit

Tested: bun run build

Tested: bun run build:vite

Not-tested: GitHub-hosted Codecov upload until pushed PR checks rerun

---------

Co-authored-by: unraid <local@unraid.local>
2026-04-27 14:47:18 +08:00