@co0ontty/wand 1.0.1 → 1.1.1

package/README.md

@@ -10,7 +10,13 @@
 - 文件浏览器
 - HTTPS 安全连接（可选，配置 `https: true` 启用）
 
-## 快速开始
+## 一键安装
+
+```bash
+bash <(curl -Ls https://raw.githubusercontent.com/co0ontty/wand/master/install.sh)
+```
+
+## 手动安装
 
 ```bash
 npm install -g @co0ontty/wand

package/dist/avatar.d.ts

@@ -9,6 +9,7 @@
 export declare function ensureAvatarSeed(configDir: string): Promise<string>;
 /**
  * Generate an SVG identicon from a seed string.
- * Uses a 5x5 symmetric grid (mirrored to 9 columns), GitHub-style.
+ * Uses a 5x5 symmetric grid with white cells on a colored background.
+ * The pattern is mirrored horizontally for visual balance.
  */
 export declare function getAvatarSvg(seed: string, size: 192 | 512): string;

package/dist/avatar.js

@@ -37,68 +37,60 @@ function generateRandomSeed() {
 }
 /**
  * Generate an SVG identicon from a seed string.
- * Uses a 5x5 symmetric grid (mirrored to 9 columns), GitHub-style.
+ * Uses a 5x5 symmetric grid with white cells on a colored background.
+ * The pattern is mirrored horizontally for visual balance.
  */
 export function getAvatarSvg(seed, size) {
-    const cellSize = Math.round(size * 0.08);
-    const gap = Math.max(1, Math.round(size * 0.01));
-    const gridSize = 5;
-    const totalWidth = gridSize * cellSize + (gridSize - 1) * gap;
     const svgSize = size;
-    // Derive color from seed
+    const gridSize = 5;
+    const padding = Math.round(svgSize * 0.12);
+    const innerSize = svgSize - padding * 2;
+    const cellSize = Math.floor(innerSize / gridSize);
+    const gridWidth = cellSize * gridSize;
+    const gridOffset = (svgSize - gridWidth) / 2;
+    // Derive color from seed — warm tones that match the Wand theme
     const h = Math.abs(hashString(seed + "h")) % 360;
-    const s = 50 + (Math.abs(hashString(seed + "s")) % 40);
-    const l = 45 + (Math.abs(hashString(seed + "l")) % 20);
-    const color = `hsl(${h},${s}%,${l}%)`;
-    // Derive fill states from seed (5 chars for 25 cells, each char's LSB)
+    const s = 55 + (Math.abs(hashString(seed + "s")) % 30);
+    const l = 42 + (Math.abs(hashString(seed + "l")) % 16);
+    const bgColor = `hsl(${h},${s}%,${l}%)`;
+    // Derive fill states from seed
     const seedChars = seed.slice(0, 25);
     const cells = [];
     for (let i = 0; i < 25; i++) {
         const char = seedChars[i] || "0";
         cells.push(parseInt(char, 16) % 2 === 0);
     }
-    const rects = [];
-    const cx = svgSize / 2;
-    const cy = svgSize / 2;
-    const radius = svgSize * 0.22;
-    // Outer background circle
-    rects.push(`<circle cx="${cx}" cy="${cy}" r="${radius}" fill="${color}"/>`);
-    // Symmetric grid: columns 0-4, mirror to 8-4
+    const parts = [];
+    const cornerR = Math.round(svgSize * 0.14);
+    // Full SVG background with rounded corners
+    parts.push(`<rect width="${svgSize}" height="${svgSize}" rx="${cornerR}" fill="${bgColor}"/>`);
+    // White cells on colored background — high contrast
+    const cellR = Math.round(cellSize * 0.12);
+    const cellGap = Math.max(1, Math.round(cellSize * 0.08));
+    const actualCell = cellSize - cellGap;
     for (let row = 0; row < gridSize; row++) {
         for (let col = 0; col < gridSize; col++) {
             const mirrorCol = gridSize - 1 - col;
             const idx = row * gridSize + col;
-            // Only draw for left half + middle column (right half mirrors)
             if (col > mirrorCol)
                 continue;
             if (!cells[idx])
                 continue;
-            // Two mirrored rectangles
-            const x1 = col * (cellSize + gap);
-            const x2 = mirrorCol * (cellSize + gap);
-            const y = row * (cellSize + gap);
-            const offsetX = (svgSize - totalWidth) / 2;
-            const offsetY = (svgSize - totalWidth) / 2;
-            // Darken color for filled cells
-            const cellColor = `hsl(${h},${s}%,${l - 15}%)`;
-            const rx = Math.round(cellSize * 0.15);
+            const y = gridOffset + row * cellSize + cellGap / 2;
             if (col === mirrorCol) {
-                // Middle column — single centered rect
-                const mx = offsetX + col * (cellSize + gap);
-                const my = offsetY + y;
-                rects.push(`<rect x="${mx}" y="${my}" width="${cellSize}" height="${cellSize}" rx="${rx}" fill="${cellColor}"/>`);
+                const x = gridOffset + col * cellSize + cellGap / 2;
+                parts.push(`<rect x="${x}" y="${y}" width="${actualCell}" height="${actualCell}" rx="${cellR}" fill="rgba(255,255,255,0.9)"/>`);
             }
             else {
-                const mx1 = offsetX + x1;
-                const mx2 = offsetX + x2;
-                const my = offsetY + y;
-                rects.push(`<rect x="${mx1}" y="${my}" width="${cellSize}" height="${cellSize}" rx="${rx}" fill="${cellColor}"/>`);
-                rects.push(`<rect x="${mx2}" y="${my}" width="${cellSize}" height="${cellSize}" rx="${rx}" fill="${cellColor}"/>`);
+                const x1 = gridOffset + col * cellSize + cellGap / 2;
+                const x2 = gridOffset + mirrorCol * cellSize + cellGap / 2;
+                parts.push(`<rect x="${x1}" y="${y}" width="${actualCell}" height="${actualCell}" rx="${cellR}" fill="rgba(255,255,255,0.9)"/>`);
+                parts.push(`<rect x="${x2}" y="${y}" width="${actualCell}" height="${actualCell}" rx="${cellR}" fill="rgba(255,255,255,0.9)"/>`);
             }
         }
     }
     return `<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 ${svgSize} ${svgSize}" width="${svgSize}" height="${svgSize}">
-  ${rects.join("\n  ")}
+  ${parts.join("\n  ")}
 </svg>`;
 }
 function hashString(s) {

package/dist/process-manager.d.ts

@@ -53,7 +53,7 @@ export declare class ProcessManager extends EventEmitter {
     private static readonly HISTORY_CACHE_TTL_MS;
     listClaudeHistorySessions(): ClaudeHistorySession[];
     get(id: string): SessionSnapshot | null;
-    sendInput(id: string, input: string, view?: "chat" | "terminal"): SessionSnapshot;
+    sendInput(id: string, input: string, view?: "chat" | "terminal", shortcutKey?: string): SessionSnapshot;
     /** Emit a task event for a session, debounced to avoid flooding */
     private emitTask;
     resize(id: string, cols: number, rows: number): SessionSnapshot;

package/dist/process-manager.js

@@ -1147,7 +1147,7 @@ export class ProcessManager extends EventEmitter {
         }
         return this.snapshot(record);
     }
-    sendInput(id, input, view) {
+    sendInput(id, input, view, shortcutKey) {
         const record = this.mustGet(id);
         if (record.status !== "running") {
             console.error("[ProcessManager] Rejecting input for non-running session", {
@@ -1179,6 +1179,12 @@ export class ProcessManager extends EventEmitter {
             inputLength: input.length,
             view: view ?? "chat"
         });
+        // Log shortcut key interactions in managed/full-access modes for auto-confirm analysis
+        if (shortcutKey && record.autoApprovePermissions) {
+            const outputLines = record.output.split("\n");
+            const tailLines = outputLines.slice(-15).join("\n");
+            this.logger.appendShortcutLog(id, shortcutKey, tailLines);
+        }
         // Track user input via bridge for Chat mode
         if (record.ptyBridge) {
             record.ptyBridge.onUserInput(input);
@@ -1740,10 +1746,15 @@ export class ProcessManager extends EventEmitter {
         }
         return false;
     }
-    processCommandForMode(command, _mode) {
-        // Don't automatically add --enable-auto-mode as it may not be available
-        // for all plans and can cause issues with normal interactive mode.
-        // Let users specify it explicitly if they want auto mode.
+    processCommandForMode(command, mode) {
+        // In managed mode, append a system prompt instructing Claude to act autonomously
+        // without asking the user for confirmation, since the user may not be monitoring.
+        if (mode === "managed" && /^claude(?:\s|$)/.test(command)) {
+            const autonomousPrompt = "You are running in a fully managed, autonomous mode. The user may not be available to respond to questions or confirmations in a timely manner. You MUST make all decisions independently — choose the best approach yourself instead of asking the user for preferences, confirmations, or clarifications. If multiple approaches are viable, pick the one you judge most appropriate and proceed. Never block on user input unless the task is fundamentally ambiguous and cannot be reasonably inferred. Be decisive and self-directed.";
+            // Escape single quotes for shell safety
+            const escaped = autonomousPrompt.replace(/'/g, "'\\''");
+            return `${command} --append-system-prompt '${escaped}'`;
+        }
         return command;
     }
 }

package/dist/pwa.js

@@ -1,6 +1,8 @@
 /**
  * PWA manifest and Service Worker generation.
  */
+/** Cache version is fixed per server process to avoid mid-session cache busting */
+const CACHE_VERSION = Date.now().toString(36);
 export function generatePwaManifest() {
     return JSON.stringify({
         id: "/wand",
@@ -20,6 +22,8 @@ export function generatePwaManifest() {
         icons: [
             { src: "/icon.svg", sizes: "any", type: "image/svg+xml", purpose: "any" },
             { src: "/icon.svg", sizes: "any", type: "image/svg+xml", purpose: "maskable" },
+            { src: "/icon-192.png", sizes: "192x192", type: "image/svg+xml", purpose: "any" },
+            { src: "/icon-512.png", sizes: "512x512", type: "image/svg+xml", purpose: "any" },
         ],
         categories: ["developer tools", "productivity"],
         shortcuts: [
@@ -34,8 +38,8 @@ export function generatePwaManifest() {
 }
 export function generateServiceWorker() {
     return `
-const STATIC_CACHE = 'wand-static-v6';
-const RUNTIME_CACHE = 'wand-runtime-v6';
+const STATIC_CACHE = 'wand-static-${CACHE_VERSION}';
+const RUNTIME_CACHE = 'wand-runtime-${CACHE_VERSION}';
 const APP_SHELL = '/';
 const STATIC_ASSETS = [
   '/manifest.json',

package/dist/server.js

@@ -1,6 +1,6 @@
 import express from "express";
 import { readdir, readFile, stat } from "node:fs/promises";
-import { existsSync } from "node:fs";
+import { existsSync, readFileSync, writeFileSync } from "node:fs";
 import { createServer as createHttpServer } from "node:http";
 import { createServer as createHttpsServer } from "node:https";
 import { exec } from "node:child_process";
@@ -11,10 +11,49 @@ import { WebSocketServer } from "ws";
 const execAsync = promisify(exec);
 const SERVER_MODULE_DIR = path.dirname(new URL(import.meta.url).pathname);
 const RUNTIME_ROOT_DIR = path.resolve(SERVER_MODULE_DIR, "..");
+// ── Package info ──
+const PKG_JSON = JSON.parse(readFileSync(path.join(RUNTIME_ROOT_DIR, "package.json"), "utf8"));
+const PKG_NAME = PKG_JSON.name;
+const PKG_VERSION = PKG_JSON.version;
+const PKG_NODE_REQ = PKG_JSON.engines?.node ?? ">=22.5.0";
+const PKG_REPO_URL = "https://github.com/co0ontty/wand";
+// ── Update check cache ──
+let cachedLatestVersion = null;
+let cacheTimestamp = 0;
+const CACHE_TTL_MS = 10 * 60 * 1000; // 10 minutes
+async function checkNpmLatestVersion(forceRefresh = false) {
+    const now = Date.now();
+    if (forceRefresh || !cachedLatestVersion || (now - cacheTimestamp > CACHE_TTL_MS)) {
+        try {
+            const { stdout } = await execAsync(`npm view ${PKG_NAME} version`, { timeout: 15000 });
+            cachedLatestVersion = stdout.trim();
+            cacheTimestamp = now;
+        }
+        catch {
+            cachedLatestVersion = null;
+        }
+    }
+    const latest = cachedLatestVersion || PKG_VERSION;
+    return {
+        current: PKG_VERSION,
+        latest,
+        updateAvailable: latest !== PKG_VERSION && compareSemver(latest, PKG_VERSION) > 0,
+    };
+}
+function compareSemver(a, b) {
+    const pa = a.split(".").map(Number);
+    const pb = b.split(".").map(Number);
+    for (let i = 0; i < 3; i++) {
+        const diff = (pa[i] || 0) - (pb[i] || 0);
+        if (diff !== 0)
+            return diff;
+    }
+    return 0;
+}
 import { ensureAvatarSeed, getAvatarSvg } from "./avatar.js";
 import { createSession, revokeSession, setAuthStorage, validateSession } from "./auth.js";
 import { ensureCertificates } from "./cert.js";
-import { isExecutionMode, resolveConfigDir } from "./config.js";
+import { isExecutionMode, resolveConfigDir, saveConfig } from "./config.js";
 import { ProcessManager, SessionInputError } from "./process-manager.js";
 import { resolveDatabasePath, WandStorage } from "./storage.js";
 import { renderApp } from "./web-ui/index.js";
@@ -337,6 +376,116 @@ export async function startServer(config, configPath) {
             commandPresets: config.commandPresets,
         });
     });
+    // ── Settings endpoints ──
+    app.get("/api/settings", (_req, res) => {
+        const certPaths = {
+            keyPath: path.join(configDir, "server.key"),
+            certPath: path.join(configDir, "server.crt"),
+        };
+        const { password: _pw, ...safeConfig } = config;
+        res.json({
+            version: PKG_VERSION,
+            packageName: PKG_NAME,
+            nodeVersion: PKG_NODE_REQ,
+            repoUrl: PKG_REPO_URL,
+            config: safeConfig,
+            hasCert: existsSync(certPaths.keyPath) && existsSync(certPaths.certPath),
+        });
+    });
+    app.post("/api/settings/config", async (req, res) => {
+        const body = req.body;
+        const allowedFields = ["host", "port", "https", "defaultMode", "defaultCwd", "shell"];
+        let changed = false;
+        for (const field of allowedFields) {
+            if (field in body && body[field] !== undefined) {
+                if (field === "port") {
+                    const p = Number(body.port);
+                    if (!Number.isInteger(p) || p < 1 || p > 65535) {
+                        res.status(400).json({ error: `无效端口号: ${body.port}` });
+                        return;
+                    }
+                    config.port = p;
+                }
+                else if (field === "https") {
+                    config.https = body.https === true;
+                }
+                else if (field === "defaultMode") {
+                    if (!isExecutionMode(body.defaultMode)) {
+                        res.status(400).json({ error: `无效执行模式: ${body.defaultMode}` });
+                        return;
+                    }
+                    config.defaultMode = body.defaultMode;
+                }
+                else if (field === "host") {
+                    config.host = String(body.host);
+                }
+                else if (field === "defaultCwd") {
+                    config.defaultCwd = String(body.defaultCwd);
+                }
+                else if (field === "shell") {
+                    config.shell = String(body.shell);
+                }
+                changed = true;
+            }
+        }
+        if (!changed) {
+            res.status(400).json({ error: "没有可更新的配置字段。" });
+            return;
+        }
+        try {
+            await saveConfig(configPath, config);
+            const { password: _pw, ...safeConfig } = config;
+            res.json({ ok: true, config: safeConfig, restartRequired: true });
+        }
+        catch (error) {
+            res.status(500).json({ error: getErrorMessage(error, "保存配置失败。") });
+        }
+    });
+    app.post("/api/settings/upload-cert", async (req, res) => {
+        const { key, cert } = req.body;
+        if (!key || !cert) {
+            res.status(400).json({ error: "请提供 key 和 cert 内容。" });
+            return;
+        }
+        if (!key.includes("-----BEGIN") || !cert.includes("-----BEGIN")) {
+            res.status(400).json({ error: "证书内容格式无效，请上传 PEM 格式的文件。" });
+            return;
+        }
+        try {
+            const keyPath = path.join(configDir, "server.key");
+            const certPath = path.join(configDir, "server.crt");
+            writeFileSync(keyPath, key, { mode: 0o600 });
+            writeFileSync(certPath, cert, { mode: 0o644 });
+            res.json({ ok: true, restartRequired: true });
+        }
+        catch (error) {
+            res.status(500).json({ error: getErrorMessage(error, "保存证书失败。") });
+        }
+    });
+    app.get("/api/check-update", async (_req, res) => {
+        try {
+            const result = await checkNpmLatestVersion(true);
+            res.json(result);
+        }
+        catch (error) {
+            res.status(500).json({ error: getErrorMessage(error, "检查更新失败。") });
+        }
+    });
+    app.post("/api/update", async (_req, res) => {
+        try {
+            const { updateAvailable } = await checkNpmLatestVersion();
+            if (!updateAvailable) {
+                res.json({ ok: true, message: "已经是最新版本。" });
+                return;
+            }
+            res.json({ ok: true, message: "正在更新，请稍候..." });
+            // Run update in background — the server will restart
+            execAsync(`npm install -g ${PKG_NAME}@latest`, { timeout: 120000 }).catch(() => { });
+        }
+        catch (error) {
+            res.status(500).json({ error: getErrorMessage(error, "更新失败。") });
+        }
+    });
     app.get("/api/sessions", (_req, res) => {
         res.json(processes.list());
     });
@@ -870,9 +1019,10 @@ export async function startServer(config, configPath) {
         const sessionId = req.params.id;
         const input = body.input ?? "";
         const view = body.view;
+        const shortcutKey = body.shortcutKey;
         console.error("[wand] Input request received", { sessionId, inputLength: input.length, view: view ?? "chat" });
         try {
-            const snapshot = processes.sendInput(sessionId, input, view);
+            const snapshot = processes.sendInput(sessionId, input, view, shortcutKey);
             console.error("[wand] Input request succeeded", { sessionId, status: snapshot.status, inputLength: input.length, view: view ?? "chat" });
             res.json(snapshot);
         }
@@ -974,4 +1124,10 @@ export async function startServer(config, configPath) {
     }
     // Start configured background sessions after the server is already reachable.
     processes.runStartupCommands();
+    // Background update check on startup
+    checkNpmLatestVersion().then(({ current, latest, updateAvailable }) => {
+        if (updateAvailable) {
+            process.stdout.write(`[wand] 发现新版本 ${latest}（当前 ${current}）。运行 npm install -g ${PKG_NAME}@latest 进行更新。\n`);
+        }
+    }).catch(() => { });
 }

package/dist/session-logger.d.ts

@@ -30,4 +30,6 @@ export declare class SessionLogger {
     saveMetadata(sessionId: string, meta: Record<string, unknown>): void;
     /** Delete all log files for a session */
     deleteSession(sessionId: string): void;
+    /** Append a shortcut key interaction log entry (for analyzing auto-confirm gaps) */
+    appendShortcutLog(sessionId: string, shortcutKey: string, tailLines: string): void;
 }

package/dist/session-logger.js

@@ -126,4 +126,19 @@ export class SessionLogger {
         }
         this.dirs.delete(sessionId);
     }
+    /** Append a shortcut key interaction log entry (for analyzing auto-confirm gaps) */
+    appendShortcutLog(sessionId, shortcutKey, tailLines) {
+        try {
+            const dir = this.ensureDir(sessionId);
+            const entry = JSON.stringify({
+                ts: new Date().toISOString(),
+                key: shortcutKey,
+                tail: tailLines,
+            }) + "\n";
+            appendFileSync(path.join(dir, "shortcut-interactions.jsonl"), entry);
+        }
+        catch {
+            // Non-critical
+        }
+    }
 }

package/dist/types.d.ts

@@ -55,6 +55,8 @@ export interface InputRequest {
     approvalPolicy?: ApprovalPolicy;
     allowedScopes?: EscalationScope[];
     turn?: TurnRequest;
+    /** Shortcut key name that triggered this input (e.g. "enter", "yes", "ctrl_c"). Used for interaction logging in managed/full-access modes. */
+    shortcutKey?: string;
 }
 export interface ResizeRequest {
     cols?: number;