openclacky 0.9.34 → 0.9.35

data/lib/clacky/skill_loader.rb

@@ -11,9 +11,7 @@ module Clacky
     # Skill discovery locations (in priority order: lower index = lower priority)
     LOCATIONS = [
       :default,            # gem's built-in default skills (lowest priority)
-      :global_claude,      # ~/.claude/skills/ (compatibility)
       :global_clacky,      # ~/.clacky/skills/
-      :project_claude,     # .claude/skills/ (project-level compatibility)
       :project_clacky,     # .clacky/skills/ (highest priority among plain skills)
       :brand               # ~/.clacky/brand_skills/ (encrypted, license-gated)
     ].freeze
@@ -25,7 +23,7 @@ module Clacky
 
     # Initialize the skill loader and automatically load all skills
     # @param working_dir [String, nil] Current working directory for project-level discovery.
-    #   When nil, project-level skills (.clacky/skills/, .claude/skills/) are not loaded,
+    #   When nil, project-level skills (.clacky/skills/) are not loaded,
     #   making the loader project-agnostic (used by WebUI server).
     # @param brand_config [Clacky::BrandConfig, nil] Optional brand config used to
     #   decrypt brand skills. When nil, brand skills are silently skipped.
@@ -52,14 +50,12 @@ module Clacky
       clear
 
       load_default_skills
-      load_global_claude_skills
       load_global_clacky_skills
       
       # Only load project-level skills when working_dir is explicitly provided.
       # When nil (e.g. WebUI server mode), skip project skills to keep the loader
       # project-agnostic and only expose global skills.
       if @working_dir
-        load_project_claude_skills
         load_project_clacky_skills
       end
       
@@ -101,7 +97,7 @@ module Clacky
 
         # Skip brand skill when a local plain skill with the same name is already
         # loaded (global_clacky or project_clacky). The local copy shadows it.
-        if @skills[skill_name] && %i[global_clacky project_clacky project_claude global_claude].include?(@loaded_from[skill_name])
+        if @skills[skill_name] && %i[global_clacky project_clacky].include?(@loaded_from[skill_name])
           @shadowed_by_local ||= {}
           @shadowed_by_local[skill_name] = @loaded_from[skill_name]
           next
@@ -125,13 +121,6 @@ module Clacky
       @shadowed_by_local || {}
     end
 
-    # Load skills from ~/.claude/skills/ (lowest priority, compatibility)
-    # @return [Array<Skill>]
-    def load_global_claude_skills
-      global_claude_dir = Pathname.new(ENV.fetch("HOME", "~")).join(".claude", "skills")
-      load_skills_from_directory(global_claude_dir, :global_claude)
-    end
-
     # Load skills from ~/.clacky/skills/ (user global)
     # @return [Array<Skill>]
     def load_global_clacky_skills
@@ -139,13 +128,6 @@ module Clacky
       load_skills_from_directory(global_clacky_dir, :global_clacky)
     end
 
-    # Load skills from .claude/skills/ (project-level compatibility)
-    # @return [Array<Skill>]
-    def load_project_claude_skills
-      project_claude_dir = Pathname.new(@working_dir).join(".claude", "skills")
-      load_skills_from_directory(project_claude_dir, :project_claude)
-    end
-
     # Load skills from .clacky/skills/ (project-level, highest priority)
     # @return [Array<Skill>]
     def load_project_clacky_skills
@@ -153,39 +135,6 @@ module Clacky
       load_skills_from_directory(project_clacky_dir, :project_clacky)
     end
 
-    # Load skills from nested .claude/skills/ directories (monorepo support)
-    # @return [Array<Skill>]
-    def load_nested_project_skills
-      working_path = Pathname.new(@working_dir)
-
-      # Find all nested .claude/skills/ directories
-      nested_dirs = []
-      begin
-        Dir.glob("**/.claude/skills/", base: @working_dir).each do |relative_path|
-          nested_dirs << working_path.join(relative_path)
-        end
-      rescue ArgumentError
-        # Skip if working_dir contains special characters
-      end
-
-      # Filter out the main project .claude/skills/ (already loaded)
-      main_project_skills = working_path.join(".claude", "skills").realpath
-
-      nested_dirs.each do |dir|
-        next if dir.realpath == main_project_skills
-
-        # Determine the source path for priority resolution
-        # Use the parent directory of .claude as the source
-        source_path = dir.parent
-
-        # Determine skill identifier based on relative path from working_dir
-        relative_to_working = dir.relative_path_from(working_path).to_s
-        skill_name = relative_to_working.gsub(".claude/skills/", "").gsub("/", "-")
-
-        load_single_skill(dir, source_path, skill_name)
-      end
-    end
-
     # Get all loaded skills
     # @return [Array<Skill>]
     def all_skills
@@ -340,11 +289,9 @@ module Clacky
       skills = []
       dir.children.select(&:directory?).each do |skill_dir|
         source_path = case source_type
-        when :global_claude
-          Pathname.new(ENV.fetch("HOME", "~")).join(".claude")
         when :global_clacky
           Pathname.new(ENV.fetch("HOME", "~")).join(".clacky")
-        when :project_claude, :project_clacky
+        when :project_clacky
           Pathname.new(@working_dir)
         else
           skill_dir
@@ -402,12 +349,11 @@ module Clacky
     #   to form a slash command from).
     # - Respects priority ordering for duplicates; enforces MAX_SKILLS cap.
     # @param skill [Skill]
-    # @param source [Symbol] one of :default, :global_claude, :global_clacky,
-    #   :project_claude, :project_clacky, :brand
+    # @param source [Symbol] one of :default, :global_clacky, :project_clacky, :brand
     # @return [Skill, nil] nil when the skill was rejected (duplicate/limit)
     private def register_skill(skill, source:)
       id             = skill.identifier
-      priority_order = %i[default global_claude global_clacky project_claude project_clacky brand]
+      priority_order = %i[default global_clacky project_clacky brand]
 
       # --- duplicate check ---
       if (existing = @skills[id])

data/lib/clacky/tools/browser.rb

@@ -29,35 +29,11 @@ module Clacky
     # When the selected page has been closed, mcp_call automatically retries once.
     class Browser < Base
       self.tool_name = "browser"
-      self.tool_description = <<~DESC
-        Control the browser for automation tasks (login, form submission, UI interaction, scraping).
-        For simple page fetch or search, prefer web_fetch or web_search instead.
-
-        Uses your real Chrome browser with existing logins & cookies. Requires Chrome 146+.
-
-        ACTIONS:
-        - snapshot   → get accessibility tree with element refs. ALWAYS run before interacting.
-        - act        → interact with page: click, dblclick, type, fill, press, hover, scroll, drag, select, wait, evaluate, click_at
-        - open       → open URL in a new tab
-        - navigate   → navigate current tab to URL
-        - tabs       → list open tabs
-        - focus      → switch to a tab by target_id
-        - close      → close a tab by target_id
-        - screenshot → EXPENSIVE. Only use when user explicitly asks to "see" the page. Use ref= to capture a single element instead.
-        - status     → check if browser is running
-
-        SNAPSHOT WORKFLOW — always snapshot first:
-        - action="snapshot", interactive=true          → interactive elements only (recommended)
-        - action="snapshot", interactive=true, compact=true → compact interactive
-
-        ACT EXAMPLES:
-        - click:    ref="e1"
-        - click_at: x=100, y=200  → coordinate click, use when ref-based click fails (React/virtual lists)
-        - fill:     ref="e1", text="value"
-        - press:    key="Enter"
-        - scroll:   direction="down", amount=300
-        - wait:     ms=2000 OR selector=".spinner"
-        - evaluate: js="document.title"
+      self.tool_description = <<~DESC.strip
+        Control user's real Chrome (146+) for web automation. Prefer web_fetch/web_search for read-only pages.
+        Actions: snapshot | act | open | navigate | tabs | focus | close | screenshot | status.
+        Always snapshot(interactive:true) before act. screenshot is EXPENSIVE — use ref= for a single element.
+        act kinds: click, dblclick, type, fill, press, hover, scroll, drag, select, wait, evaluate, click_at (coord fallback).
       DESC
       self.tool_category = "web"
       self.tool_parameters = {
@@ -65,55 +41,31 @@ module Clacky
         properties: {
           action: {
             type: "string",
-            enum: %w[snapshot act open navigate tabs focus close screenshot status],
-            description: "Action to perform."
-          },
-          interactive: {
-            type: "boolean",
-            description: "snapshot: only include interactive elements."
-          },
-          compact: {
-            type: "boolean",
-            description: "snapshot: remove empty structural elements."
-          },
-          depth: {
-            type: "integer",
-            description: "snapshot: max tree depth."
-          },
-          selector: {
-            type: "string",
-            description: "act wait: CSS selector to wait for."
+            enum: %w[snapshot act open navigate tabs focus close screenshot status]
           },
           kind: {
             type: "string",
             enum: %w[click dblclick type fill press hover drag select scroll wait evaluate click_at],
-            description: "act: interaction kind."
-          },
-          ref: {
-            type: "string",
-            description: "act: element ref from snapshot (e.g. 'e1'). screenshot: capture only this element (much cheaper)."
-          },
-          text:      { type: "string",  description: "act type/fill: text to enter." },
-          key:       { type: "string",  description: "act press: key (e.g. 'Enter')." },
-          direction: {
-            type: "string",
-            enum: %w[up down left right],
-            description: "act scroll: direction."
-          },
-          amount:     { type: "integer", description: "act scroll: pixels." },
-          ms:         { type: "integer", description: "act wait: milliseconds." },
-          js:         { type: "string",  description: "act evaluate: JS expression." },
-          target_ref: { type: "string",  description: "act drag: destination ref." },
-          values: {
-            type: "array",
-            items: { type: "string" },
-            description: "act select: option values."
+            description: "act: interaction kind"
           },
-          x:         { type: "number",  description: "act click_at: x coordinate in pixels." },
-          y:         { type: "number",  description: "act click_at: y coordinate in pixels." },
-          url:       { type: "string",  description: "open/navigate: URL." },
-          target_id: { type: "string",  description: "focus/close: tab id from tabs action." },
-          full_page: { type: "boolean", description: "screenshot: capture full scrollable page." }
+          ref:         { type: "string",  description: "element ref from snapshot (e.g. 'e1'); screenshot: single element" },
+          text:        { type: "string",  description: "act type/fill text" },
+          key:         { type: "string",  description: "act press key (e.g. 'Enter')" },
+          direction:   { type: "string",  enum: %w[up down left right], description: "act scroll" },
+          amount:      { type: "integer", description: "act scroll pixels" },
+          ms:          { type: "integer", description: "act wait ms" },
+          selector:    { type: "string",  description: "act wait CSS selector" },
+          js:          { type: "string",  description: "act evaluate JS" },
+          target_ref:  { type: "string",  description: "act drag destination ref" },
+          values:      { type: "array",   items: { type: "string" }, description: "act select options" },
+          x:           { type: "number",  description: "click_at x px" },
+          y:           { type: "number",  description: "click_at y px" },
+          url:         { type: "string",  description: "open/navigate URL" },
+          target_id:   { type: "string",  description: "focus/close tab id" },
+          interactive: { type: "boolean", description: "snapshot: interactive only" },
+          compact:     { type: "boolean", description: "snapshot: compact" },
+          depth:       { type: "integer", description: "snapshot: max depth" },
+          full_page:   { type: "boolean", description: "screenshot: full page" }
         },
         required: ["action"]
       }

data/lib/clacky/tools/security.rb

@@ -0,0 +1,326 @@
+# frozen_string_literal: true
+
+require "shellwords"
+require "json"
+require "fileutils"
+require_relative "../utils/trash_directory"
+require_relative "../utils/encoding"
+
+module Clacky
+  module Tools
+    # Pre-execution safety layer for shell-style commands.
+    #
+    # Responsibilities (applied to the `command` string BEFORE it is handed
+    # to a shell / PTY for execution):
+    #
+    #   1. Block hard-dangerous commands:       sudo, pkill clacky, eval, exec,
+    #                                           `...`, $(...), | sh, | bash,
+    #                                           redirect to /etc /usr /bin.
+    #   2. Rewrite `rm` → `mv <file> <trash>`   so the file is recoverable.
+    #   3. Rewrite `curl ... | bash` → save     script to a file for manual
+    #                                           review instead of exec.
+    #   4. Protect important files:             Gemfile, Gemfile.lock, .env,
+    #                                           package.json, yarn.lock,
+    #                                           .ssh/, .aws/, .gitignore,
+    #                                           README.md, LICENSE.
+    #   5. Confine writes to project_root.      `mv`, `cp`, `mkdir` targets
+    #                                           outside the project tree are
+    #                                           blocked.
+    #
+    # Raises SecurityError on block. Returns a (possibly rewritten) command
+    # string on success.
+    #
+    # This module was extracted from the former `SafeShell` tool. It is now
+    # shared by any tool that executes shell-style commands (currently:
+    # `terminal`).
+    module Security
+      # Raised when a command cannot be made safe.
+      class Blocked < StandardError; end
+
+      # Read-only commands that are considered safe for auto-execution
+      # (permission mode :confirm_safes).
+      SAFE_READONLY_COMMANDS = %w[
+        ls pwd cat less more head tail
+        grep find which whereis whoami
+        ps top htop df du
+        git echo printf wc
+        date file stat
+        env printenv
+        curl wget
+      ].freeze
+
+      class << self
+        # Process `command` and return a (possibly rewritten) safe version.
+        # Raises SecurityError when the command cannot be made safe.
+        #
+        # @param command [String] command to check
+        # @param project_root [String] path treated as the allowed root for writes
+        # @return [String] safe command to execute
+        def make_safe(command, project_root: Dir.pwd)
+          Replacer.new(project_root).make_command_safe(command)
+        end
+
+        # True iff the command is safe to auto-execute in :confirm_safes mode.
+        # (Either a known read-only command, or one that Security.make_safe
+        # returns unchanged.)
+        def command_safe_for_auto_execution?(command)
+          return false unless command
+
+          cmd_name = command.strip.split.first
+          return true if SAFE_READONLY_COMMANDS.include?(cmd_name)
+
+          begin
+            safe = make_safe(command, project_root: Dir.pwd)
+            command.strip == safe.strip
+          rescue SecurityError
+            false
+          end
+        end
+      end
+
+      # Internal class that owns per-project state (trash dir, log dir, ...).
+      # Extracted almost verbatim from the old SafeShell::CommandSafetyReplacer.
+      class Replacer
+        def initialize(project_root)
+          @project_root = File.expand_path(project_root)
+
+          trash_directory = Clacky::TrashDirectory.new(@project_root)
+          @trash_dir  = trash_directory.trash_dir
+          @backup_dir = trash_directory.backup_dir
+
+          @project_hash = trash_directory.generate_project_hash(@project_root)
+          @safety_log_dir = File.join(Dir.home, ".clacky", "safety_logs", @project_hash)
+          FileUtils.mkdir_p(@safety_log_dir) unless Dir.exist?(@safety_log_dir)
+          @safety_log_file = File.join(@safety_log_dir, "safety.log")
+        end
+
+        def make_command_safe(command)
+          command = command.strip
+
+          # Use a UTF-8-scrubbed copy ONLY for regex checks.  The original
+          # bytes are returned unchanged so the shell receives exact paths
+          # (e.g. GBK-encoded Chinese filenames in zip archives).
+          @safe_check_command = Clacky::Utils::Encoding.safe_check(command)
+
+          case @safe_check_command
+          when /pkill.*clacky|killall.*clacky|kill\s+.*\bclacky\b/i
+            raise SecurityError, "Killing the clacky server process is not allowed. To restart, use: kill -USR1 $CLACKY_MASTER_PID"
+          when /clacky\s+server/
+            raise SecurityError, "Managing the clacky server from within a session is not allowed. To restart, use: kill -USR1 $CLACKY_MASTER_PID"
+          when /^rm\s+/
+            replace_rm_command(command)
+          when /^chmod\s+x/
+            replace_chmod_command(command)
+          when /^curl.*\|\s*(sh|bash)/
+            replace_curl_pipe_command(command)
+          when /^sudo\s+/
+            block_sudo_command(command)
+          when />\s*\/dev\/null\s*$/
+            allow_dev_null_redirect(command)
+          when /^(mv|cp|mkdir|touch|echo)\s+/
+            validate_and_allow(command)
+          else
+            validate_general_command(@safe_check_command)
+            command
+          end
+        end
+
+        def replace_rm_command(command)
+          files = parse_rm_files(command)
+          raise SecurityError, "No files specified for deletion" if files.empty?
+
+          commands = files.map do |file|
+            validate_file_path(file)
+
+            timestamp = Time.now.strftime("%Y%m%d_%H%M%S_%N")
+            safe_name = "#{File.basename(file)}_deleted_#{timestamp}"
+            trash_path = File.join(@trash_dir, safe_name)
+
+            create_delete_metadata(file, trash_path) if File.exist?(file)
+
+            "mv #{Shellwords.escape(file)} #{Shellwords.escape(trash_path)}"
+          end
+
+          result = commands.join(' && ')
+          log_replacement("rm", result, "Files moved to trash instead of permanent deletion")
+          result
+        end
+
+        def replace_chmod_command(command)
+          begin
+            parts = Shellwords.split(command)
+          rescue ArgumentError
+            parts = command.split(/\s+/)
+          end
+
+          files = parts[2..-1] || []
+          files.each { |file| validate_file_path(file) unless file.start_with?('-') }
+
+          log_replacement("chmod", command, "chmod +x is allowed - file permissions will be modified")
+          command
+        end
+
+        def replace_curl_pipe_command(command)
+          if command.match(/curl\s+(.*?)\s*\|\s*(sh|bash)/)
+            url = $1
+            shell_type = $2
+            timestamp = Time.now.strftime("%Y%m%d_%H%M%S")
+            safe_file = File.join(@backup_dir, "downloaded_script_#{timestamp}.sh")
+
+            result = "curl #{url} -o #{Shellwords.escape(safe_file)} && echo '🔒 Script downloaded to #{safe_file} for manual review. Run: cat #{safe_file}'"
+            log_replacement("curl | #{shell_type}", result, "Script saved for manual review instead of automatic execution")
+            result
+          else
+            command
+          end
+        end
+
+        def block_sudo_command(_command)
+          raise SecurityError, "sudo commands are not allowed for security reasons"
+        end
+
+        def allow_dev_null_redirect(command)
+          command
+        end
+
+        def validate_and_allow(command)
+          begin
+            parts = Shellwords.split(command)
+          rescue ArgumentError
+            parts = command.split(/\s+/)
+          end
+
+          cmd  = parts.first
+          args = parts[1..-1] || []
+
+          case cmd
+          when 'mv', 'cp'
+            args.each { |path| validate_file_path(path) unless path.start_with?('-') }
+          when 'mkdir'
+            args.each { |path| validate_directory_creation(path) unless path.start_with?('-') }
+          end
+
+          command
+        end
+
+        def validate_general_command(command)
+          cmd_without_quotes = command.gsub(/'[^']*'|"[^"]*"/, '')
+
+          dangerous_patterns = [
+            /eval\s*\(/,
+            /exec\s*\(/,
+            /system\s*\(/,
+            /`[^`]+`/,
+            /\$\([^)]+\)/,
+            /\|\s*sh\s*$/,
+            /\|\s*bash\s*$/,
+            />\s*\/etc\//,
+            />\s*\/usr\//,
+            />\s*\/bin\//
+          ]
+
+          dangerous_patterns.each do |pattern|
+            if cmd_without_quotes.match?(pattern)
+              raise SecurityError, "Dangerous command pattern detected: #{pattern.source}"
+            end
+          end
+
+          command
+        end
+
+        def parse_rm_files(command)
+          begin
+            parts = Shellwords.split(command)
+          rescue ArgumentError
+            parts = command.split(/\s+/)
+          end
+
+          parts.drop(1).reject { |part| part.start_with?('-') }
+        end
+
+        def validate_file_path(path)
+          return if path.start_with?('-')
+
+          expanded_path = File.expand_path(path)
+
+          unless expanded_path.start_with?(@project_root)
+            raise SecurityError, "File access outside project directory blocked: #{path}"
+          end
+
+          protected_patterns = [
+            /Gemfile$/,
+            /Gemfile\.lock$/,
+            /README\.md$/,
+            /LICENSE/,
+            /\.gitignore$/,
+            /package\.json$/,
+            /yarn\.lock$/,
+            /\.env$/,
+            /\.ssh\//,
+            /\.aws\//
+          ]
+
+          protected_patterns.each do |pattern|
+            if expanded_path.match?(pattern)
+              raise SecurityError, "Access to protected file blocked: #{File.basename(path)}"
+            end
+          end
+        end
+
+        def validate_directory_creation(path)
+          expanded_path = File.expand_path(path)
+
+          unless expanded_path.start_with?(@project_root)
+            raise SecurityError, "Directory creation outside project blocked: #{path}"
+          end
+        end
+
+        def create_delete_metadata(original_path, trash_path)
+          metadata = {
+            original_path: File.expand_path(original_path),
+            project_root: @project_root,
+            trash_directory: File.dirname(trash_path),
+            deleted_at: Time.now.iso8601,
+            deleted_by: 'AI_Terminal',
+            file_size: File.size(original_path),
+            file_type: File.extname(original_path),
+            file_mode: File.stat(original_path).mode.to_s(8)
+          }
+
+          metadata_file = "#{trash_path}.metadata.json"
+          File.write(metadata_file, JSON.pretty_generate(metadata))
+        rescue StandardError => e
+          log_warning("Failed to create metadata for #{original_path}: #{e.message}")
+        end
+
+        def log_replacement(original, replacement, reason)
+          write_log(
+            action: 'command_replacement',
+            original_command: original,
+            safe_replacement: replacement,
+            reason: reason
+          )
+        end
+
+        def log_warning(message)
+          write_log(action: 'warning', message: message)
+        end
+
+        def write_log(**fields)
+          log_entry = { timestamp: Time.now.iso8601 }.merge(fields)
+          File.open(@safety_log_file, 'a') { |f| f.puts JSON.generate(log_entry) }
+        rescue StandardError
+          # Logging must never break main functionality.
+        end
+
+        private :replace_rm_command, :replace_chmod_command,
+                :replace_curl_pipe_command, :block_sudo_command,
+                :allow_dev_null_redirect, :validate_and_allow,
+                :validate_general_command, :parse_rm_files,
+                :validate_file_path, :validate_directory_creation,
+                :create_delete_metadata, :log_replacement,
+                :log_warning, :write_log
+      end
+    end
+  end
+end

data/lib/clacky/tools/terminal/output_cleaner.rb

@@ -0,0 +1,63 @@
+# frozen_string_literal: true
+
+module Clacky
+  module Tools
+    class Terminal < Base
+      # Output cleaning for raw PTY bytes.
+      #
+      # A PTY emits whatever the child writes plus terminal control codes.
+      # Since the Terminal tool is targeted at LINE-BASED interactive shells
+      # (not full-screen TUIs like vim/top), we aggressively strip visual
+      # control sequences rather than maintain a screen model.
+      #
+      # Cleaning steps (in order):
+      #   1. Strip CSI sequences       (ESC[...letter)   — colors, cursor, SGR
+      #   2. Strip OSC sequences       (ESC]...BEL/ST)   — window title, etc.
+      #   3. Strip simple 2-byte esc   (ESC= / ESC>)     — keypad modes
+      #   4. Collapse \r-overwrites    (spinner/progress)
+      #   5. Drop backspace erase      (char + \x08)
+      #   6. Normalize CRLF → LF
+      #
+      # This is lossy for full-screen apps (you'll see a pile of text without
+      # cursor positioning), but for line-based commands it yields clean,
+      # diff-friendly output.
+      module OutputCleaner
+        CSI_REGEX        = /\e\[[\d;?]*[a-zA-Z@]/.freeze
+        OSC_REGEX        = /\e\].*?(\a|\e\\)/m.freeze
+        SIMPLE_ESC_REGEX = /\e[=>\(\)].?/.freeze
+        BACKSPACE_REGEX  = /[^\x08]\x08/.freeze
+
+        module_function
+
+        # Clean raw PTY bytes for LLM consumption.
+        # @param raw [String] raw PTY bytes
+        # @return [String] cleaned, UTF-8-safe text
+        def clean(raw)
+          return "" if raw.nil? || raw.empty?
+
+          s = raw.dup
+          s.force_encoding(Encoding::UTF_8)
+          s = s.scrub("?") unless s.valid_encoding?
+
+          s = s.gsub(CSI_REGEX, "")
+          s = s.gsub(OSC_REGEX, "")
+          s = s.gsub(SIMPLE_ESC_REGEX, "")
+
+          # Handle \r overwrites within each line. "50%\r100%" → "100%".
+          # Split on \n KEEPING the terminators (-1 preserves trailing empty),
+          # then for each segment keep only the portion after the last \r
+          # (which is what would actually be visible).
+          s = s.split("\n", -1).map { |line| line.split("\r").last || "" }.join("\n")
+
+          # Erase "X\b" pairs repeatedly (readline rubout).
+          s = s.gsub(BACKSPACE_REGEX, "") while s =~ BACKSPACE_REGEX
+
+          # Normalize any leftover isolated \r.
+          s = s.gsub(/\r/, "")
+
+          s
+        end
+      end
+    end
+  end
+end