@co0ontty/wand 0.2.1 → 0.4.0

package/dist/message-queue.js

@@ -0,0 +1,127 @@
+/**
+ * Message Queue for managing user inputs
+ * Inspired by Happy's MessageQueue2 implementation
+ */
+export class MessageQueue {
+    queue = [];
+    processing = false;
+    onMessageCallback = null;
+    lastMessageId = 0;
+    /**
+     * Add a message to the queue
+     */
+    enqueue(content, options = {}) {
+        const message = {
+            id: `msg-${++this.lastMessageId}-${Date.now()}`,
+            content,
+            priority: 1,
+            timestamp: Date.now(),
+            metadata: {
+                autonomyPolicy: options.autonomyPolicy,
+                approvalPolicy: options.approvalPolicy,
+                allowedScopes: options.allowedScopes,
+            },
+        };
+        this.queue.push(message);
+        this.processNext();
+        return message;
+    }
+    /**
+     * Add a high-priority message (like /compact, /clear)
+     */
+    enqueuePriority(content, options = {}) {
+        const message = {
+            id: `msg-priority-${++this.lastMessageId}-${Date.now()}`,
+            content,
+            priority: 10,
+            timestamp: Date.now(),
+            isolate: true,
+            metadata: {
+                autonomyPolicy: options.autonomyPolicy,
+                approvalPolicy: options.approvalPolicy,
+                allowedScopes: options.allowedScopes,
+            },
+        };
+        // Insert at the beginning of the queue
+        this.queue.unshift(message);
+        this.processNext();
+        return message;
+    }
+    /**
+     * Clear the queue and add a new message
+     * Used for /compact and /clear commands
+     */
+    clearAndEnqueue(content, options = {}) {
+        const clearedCount = this.queue.length;
+        this.queue = [];
+        if (clearedCount > 0) {
+            console.error(`[MessageQueue] Cleared ${clearedCount} pending messages`);
+        }
+        return this.enqueuePriority(content, options);
+    }
+    /**
+     * Set the message handler
+     */
+    onMessage(handler) {
+        this.onMessageCallback = handler;
+        this.processNext();
+    }
+    /**
+     * Process the next message in the queue
+     */
+    async processNext() {
+        if (this.processing || this.queue.length === 0 || !this.onMessageCallback) {
+            return;
+        }
+        this.processing = true;
+        // Sort by priority (higher first), then by timestamp
+        this.queue.sort((a, b) => {
+            if (a.priority !== b.priority) {
+                return b.priority - a.priority;
+            }
+            return a.timestamp - b.timestamp;
+        });
+        const message = this.queue.shift();
+        try {
+            await this.onMessageCallback(message);
+        }
+        catch (error) {
+            console.error(`[MessageQueue] Error processing message ${message.id}:`, error);
+        }
+        finally {
+            this.processing = false;
+            // Process next message
+            this.processNext();
+        }
+    }
+    /**
+     * Get the current queue length
+     */
+    get length() {
+        return this.queue.length;
+    }
+    /**
+     * Check if the queue is empty
+     */
+    get isEmpty() {
+        return this.queue.length === 0;
+    }
+    /**
+     * Check if a message is being processed
+     */
+    get isProcessing() {
+        return this.processing;
+    }
+    /**
+     * Clear all pending messages
+     */
+    clear() {
+        this.queue = [];
+    }
+    /**
+     * Get all pending messages (for debugging)
+     */
+    getPending() {
+        return [...this.queue];
+    }
+}

package/dist/middleware/path-safety.d.ts

@@ -0,0 +1,6 @@
+/** Check that targetPath is within basePath (or equal to it). */
+export declare function isPathWithinBase(targetPath: string, basePath: string): boolean;
+/** Check if targetPath is inside any blocked system folder. */
+export declare function isBlockedFolderPath(targetPath: string): boolean;
+/** Normalize a folder path to its absolute form. */
+export declare function normalizeFolderPath(inputPath: string): string;

package/dist/middleware/path-safety.js

@@ -0,0 +1,19 @@
+import path from "node:path";
+/** Check that targetPath is within basePath (or equal to it). */
+export function isPathWithinBase(targetPath, basePath) {
+    const relativePath = path.relative(basePath, targetPath);
+    return relativePath === "" || (!relativePath.startsWith("..") && !path.isAbsolute(relativePath));
+}
+/** Blocked folder paths that should never be browsed. */
+const BLOCKED_FOLDER_PATHS = ["/etc", "/root", "/boot"];
+/** Check if targetPath is inside any blocked system folder. */
+export function isBlockedFolderPath(targetPath) {
+    return BLOCKED_FOLDER_PATHS.some((blockedPath) => {
+        const relativePath = path.relative(blockedPath, targetPath);
+        return relativePath === "" || (!relativePath.startsWith("..") && !path.isAbsolute(relativePath));
+    });
+}
+/** Normalize a folder path to its absolute form. */
+export function normalizeFolderPath(inputPath) {
+    return path.resolve(inputPath);
+}

package/dist/middleware/rate-limit.d.ts

@@ -0,0 +1,8 @@
+/**
+ * Login rate limiter — tracks failed attempts per IP.
+ * In-memory only; resets on process restart.
+ */
+export declare function checkRateLimit(ip: string): boolean;
+export declare function recordFailedLogin(ip: string): void;
+export declare function resetRateLimit(ip: string): void;
+export declare function cleanupRateLimiter(): void;

package/dist/middleware/rate-limit.js

@@ -0,0 +1,37 @@
+/**
+ * Login rate limiter — tracks failed attempts per IP.
+ * In-memory only; resets on process restart.
+ */
+const RATE_LIMIT_WINDOW = 15 * 60 * 1000; // 15 minutes
+const RATE_LIMIT_MAX = 10; // 10 attempts per window
+const loginAttempts = new Map();
+export function checkRateLimit(ip) {
+    const now = Date.now();
+    const record = loginAttempts.get(ip);
+    if (!record || now > record.resetAt) {
+        return true;
+    }
+    return record.count < RATE_LIMIT_MAX;
+}
+export function recordFailedLogin(ip) {
+    const now = Date.now();
+    const record = loginAttempts.get(ip);
+    if (!record || now > record.resetAt) {
+        loginAttempts.set(ip, { count: 1, resetAt: now + RATE_LIMIT_WINDOW });
+        return;
+    }
+    record.count++;
+}
+export function resetRateLimit(ip) {
+    loginAttempts.delete(ip);
+}
+export function cleanupRateLimiter() {
+    const now = Date.now();
+    for (const [ip, record] of loginAttempts.entries()) {
+        if (now > record.resetAt) {
+            loginAttempts.delete(ip);
+        }
+    }
+}
+// Cleanup expired entries every 5 minutes
+setInterval(cleanupRateLimiter, 5 * 60 * 1000);

package/dist/process-manager.d.ts

@@ -2,58 +2,113 @@ import { EventEmitter } from "node:events";
 import { WandStorage } from "./storage.js";
 import { ExecutionMode, SessionSnapshot, WandConfig } from "./types.js";
 export interface ProcessEvent {
-    type: "output" | "status" | "started" | "ended";
+    type: "output" | "status" | "started" | "ended" | "usage" | "task";
     sessionId: string;
     data?: unknown;
 }
+/** Human-readable task information for the UI */
+export interface TaskInfo {
+    title: string;
+    tool?: string;
+}
+export declare class SessionInputError extends Error {
+    readonly code: "SESSION_NOT_FOUND" | "SESSION_NOT_RUNNING" | "SESSION_NO_PTY";
+    readonly sessionId: string;
+    readonly sessionStatus?: SessionSnapshot["status"] | undefined;
+    constructor(message: string, code: "SESSION_NOT_FOUND" | "SESSION_NOT_RUNNING" | "SESSION_NO_PTY", sessionId: string, sessionStatus?: SessionSnapshot["status"] | undefined);
+}
 export type ProcessEventHandler = (event: ProcessEvent) => void;
+/** A Claude Code session discovered by scanning ~/.claude/projects/ directories. */
+export interface ClaudeHistorySession {
+    claudeSessionId: string;
+    projectDir: string;
+    cwd: string;
+    firstUserMessage: string;
+    timestamp: string;
+    mtimeMs: number;
+    hasConversation: boolean;
+    managedByWand: boolean;
+}
 export declare class ProcessManager extends EventEmitter {
     private readonly config;
     private readonly storage;
     private readonly sessions;
     private readonly logger;
+    private readonly lifecycleManager;
+    /** Per-session debounce timers for throttled persist calls */
+    private readonly persistDebounceTimers;
+    /** Last persisted message count per session — used to skip redundant file writes */
+    private readonly lastPersistedMessageCount;
     constructor(config: WandConfig, storage: WandStorage, configDir?: string);
     on(event: "process", listener: ProcessEventHandler): this;
     private emitEvent;
     private cleanupOldSessions;
-    start(command: string, cwd: string | undefined, mode: ExecutionMode, initialInput?: string): SessionSnapshot;
+    start(command: string, cwd: string | undefined, mode: ExecutionMode, initialInput?: string, opts?: {
+        resumedFromSessionId?: string;
+        autoRecovered?: boolean;
+    }): SessionSnapshot;
     list(): SessionSnapshot[];
+    hasClaudeSessionFile(cwd: string, claudeSessionId: string): boolean;
+    private claudeHistoryCache;
+    private static readonly HISTORY_CACHE_TTL_MS;
+    listClaudeHistorySessions(): ClaudeHistorySession[];
     get(id: string): SessionSnapshot | null;
     sendInput(id: string, input: string, view?: "chat" | "terminal"): SessionSnapshot;
-    private runJsonChatTurn;
-    /**
-     * Wrap user message with autonomous completion instructions for managed mode.
-     * The AI is told to complete the task in one shot without asking questions.
-     */
-    private wrapManagedPrompt;
-    private processJsonEvent;
-    private appendBlockToOutput;
-    private buildContentBlocks;
-    private buildAssistantTurn;
-    /** Determine if input looks like a real chat message (not control characters) */
-    private isRealChatInput;
-    /** Check if a command is a Claude CLI command */
-    private isClaudeCommand;
-    /** Strip ANSI escape sequences from raw PTY output */
-    private stripAnsiSequences;
-    /** Track and update assistant response from PTY output */
-    private trackPtyAssistantResponse;
-    /** Update the assistant placeholder message with cleaned PTY content */
-    private updatePtyAssistantContent;
-    /** Finalize the assistant message when ❯ prompt is detected */
-    private finalizePtyAssistantMessage;
-    /** Clean raw PTY output into readable chat content */
-    private cleanPtyOutputForChat;
+    /** Emit a task event for a session, debounced to avoid flooding */
+    private emitTask;
     resize(id: string, cols: number, rows: number): SessionSnapshot;
     stop(id: string): SessionSnapshot;
     delete(id: string): void;
-    runStartupCommands(): Promise<SessionSnapshot[]>;
+    private deleteClaudeCache;
+    runStartupCommands(): SessionSnapshot[];
     private snapshot;
+    private isPermissionBlocked;
+    private defaultAutonomyPolicy;
+    resolveEscalation(id: string, requestId: string, resolution?: "approve_once" | "approve_turn" | "deny"): SessionSnapshot;
+    approvePermission(id: string): SessionSnapshot;
+    denyPermission(id: string): SessionSnapshot;
+    /**
+     * Canonical permission resolution method.
+     * All other permission methods delegate to this.
+     * @param resolution - "approve_once", "approve_turn", or "deny"
+     * @param requestId - Optional escalation request ID for validation
+     */
+    resolvePermission(id: string, resolution: "approve_once" | "approve_turn" | "deny", requestId?: string): SessionSnapshot;
     private persist;
+    /**
+     * Schedule a debounced persist call for the given record.
+     * Multiple calls within the debounce window are coalesced into a single write.
+     * Use this in hot paths (e.g. onData) to reduce I/O pressure.
+     */
+    private schedulePersist;
+    /**
+     * Immediately persist any pending debounced write and clear the timer.
+     * Use this at critical points (exit, stop, delete) to ensure no data loss.
+     */
+    private flushPersist;
+    private backfillExitedClaudeSessionIds;
+    /**
+     * Auto-recover the most recent exited session that has a Claude session ID.
+     * Only resumes one session per server start, using the most recent eligible
+     * session. Sets `resumedToSessionId` on the original session and
+     * `autoRecovered: true` on the new session.
+     */
+    private autoRecoverExitedSessions;
     private archiveExpiredSessions;
     private assertCommandAllowed;
+    /**
+     * @deprecated Only retained for non-Claude-CLI sessions without ptyBridge.
+     * For Claude CLI sessions, auto-approval is handled by ClaudePtyBridge.detectPermission().
+     */
     private autoConfirmWithRecord;
+    /**
+     * Handle events from ClaudePtyBridge
+     */
+    private handleBridgeEvent;
+    /** Check if a command is a Claude CLI command */
+    private isClaudeCommand;
     private mustGet;
     private buildShellArgs;
+    private shouldAutoApprovePermissions;
     private processCommandForMode;
 }