@co0ontty/wand 1.66.2 → 1.67.0-beta.gbdf490e

package/dist/build-info.json

@@ -1,6 +1,6 @@
 {
-  "commit": "df219332dc5451b5e9005191466a07b4ed26d82a",
-  "builtAt": "2026-06-15T12:23:10.782Z",
-  "version": "1.66.2",
-  "channel": "stable"
+  "commit": "bdf490ea0abbcd603f15e39745919fe6fb50f866",
+  "builtAt": "2026-06-15T22:11:38.527Z",
+  "version": "1.67.0-beta.gbdf490e",
+  "channel": "beta"
 }

package/dist/process-manager.d.ts

@@ -97,6 +97,14 @@ export declare class ProcessManager extends EventEmitter {
      * sends a chat-view message (see sendInput → applyThinkingEffortToPrompt).
      */
     setSessionThinkingEffort(id: string, effort: SessionSnapshot["thinkingEffort"]): SessionSnapshot;
+    /**
+     * Switch the execution mode of a PTY session mid-flight. The already-launched
+     * claude/codex process keeps its original CLI flags, but wand's own permission
+     * auto-approval (shouldAutoApprovePermissions / escalation handling) reads
+     * record.mode, so this changes the permission posture for subsequent prompts.
+     * Mirrors setSessionModel/setSessionThinkingEffort.
+     */
+    setSessionMode(id: string, mode: ExecutionMode): SessionSnapshot;
     sendInput(id: string, input: string, view?: "chat" | "terminal", shortcutKey?: string): SessionSnapshot;
     /** Emit a task event for a session, debounced to avoid flooding */
     private emitTask;

package/dist/process-manager.js

@@ -1232,6 +1232,25 @@ export class ProcessManager extends EventEmitter {
         this.emitEvent({ type: "status", sessionId: id, data: { thinkingEffort: normalized } });
         return this.snapshot(record);
     }
+    /**
+     * Switch the execution mode of a PTY session mid-flight. The already-launched
+     * claude/codex process keeps its original CLI flags, but wand's own permission
+     * auto-approval (shouldAutoApprovePermissions / escalation handling) reads
+     * record.mode, so this changes the permission posture for subsequent prompts.
+     * Mirrors setSessionModel/setSessionThinkingEffort.
+     */
+    setSessionMode(id, mode) {
+        const record = this.mustGet(id);
+        record.mode = mode;
+        record.autoApprovePermissions = this.shouldAutoApprovePermissions(record.command, mode, record.provider ?? "claude");
+        this.persist(record);
+        this.emitEvent({
+            type: "status",
+            sessionId: id,
+            data: { mode, autoApprovePermissions: record.autoApprovePermissions },
+        });
+        return this.snapshot(record);
+    }
     sendInput(id, input, view, shortcutKey) {
         const record = this.mustGet(id);
         if (record.status !== "running") {

package/dist/server-session-routes.js

@@ -224,6 +224,38 @@ export function registerSessionRoutes(app, processes, structured, storage, defau
             res.status(400).json({ error: getErrorMessage(error, "切换思考深度失败。") });
         }
     });
+    // 执行模式切换：与 /model、/thinking-effort 路由对称。结构化会话立即影响下一条
+    // prompt（权限策略 / 系统提示 / CLI flag 都按 session.mode 逐轮重新派生）；PTY 会话
+    // 仅更新 wand 自身的权限自动放行判定，已启动的 claude 进程命令行 flag 不变。codex 锁 full-access。
+    app.post("/api/sessions/:id/mode", express.json(), (req, res) => {
+        const body = req.body;
+        const raw = typeof body?.mode === "string" ? body.mode.trim() : "";
+        if (!raw) {
+            res.status(400).json({ error: "缺少 mode。" });
+            return;
+        }
+        const mode = normalizeMode(raw, "managed");
+        const id = req.params.id;
+        try {
+            const structuredSnapshot = structured.get(id);
+            if (structuredSnapshot) {
+                const provider = structuredSnapshot.provider ?? "claude";
+                const effective = provider === "codex" ? "full-access" : mode;
+                res.json(structured.setSessionMode(id, effective));
+                return;
+            }
+            const ptySnapshot = processes.get(id);
+            if (!ptySnapshot) {
+                res.status(404).json({ error: "未找到该会话。" });
+                return;
+            }
+            const effective = (ptySnapshot.provider ?? "claude") === "codex" ? "full-access" : mode;
+            res.json(processes.setSessionMode(id, effective));
+        }
+        catch (error) {
+            res.status(400).json({ error: getErrorMessage(error, "切换模式失败。") });
+        }
+    });
     app.get("/api/structured-sessions/:id/messages", (req, res) => {
         const snapshot = structured.get(req.params.id);
         if (!snapshot) {

package/dist/server.js

@@ -7,6 +7,7 @@ import { lstat, mkdir, readdir, readFile, rename, stat, unlink, writeFile } from
 import { createServer as createHttpServer } from "node:http";
 import { createServer as createHttpsServer } from "node:https";
 import { exec, spawn } from "node:child_process";
+import os from "node:os";
 import { promisify } from "node:util";
 import path from "node:path";
 import process from "node:process";
@@ -476,6 +477,56 @@ function normalizePublicOrigin(value) {
         return undefined;
     }
 }
+function isPrivateIpv4(address) {
+    if (address.startsWith("10.") || address.startsWith("192.168."))
+        return true;
+    const match = address.match(/^172\.(\d+)\./);
+    return match ? Number(match[1]) >= 16 && Number(match[1]) <= 31 : false;
+}
+function preferredLanIpv4() {
+    const candidates = [];
+    for (const [name, entries] of Object.entries(os.networkInterfaces())) {
+        for (const entry of entries ?? []) {
+            const family = entry.family;
+            if (entry.internal || (family !== "IPv4" && family !== 4))
+                continue;
+            let score = isPrivateIpv4(entry.address) ? 10 : 0;
+            if (/^(en|eth|wlan)\d+$/i.test(name))
+                score += 10;
+            candidates.push({ address: entry.address, score });
+        }
+    }
+    candidates.sort((a, b) => b.score - a.score || a.address.localeCompare(b.address));
+    return candidates[0]?.address;
+}
+/**
+ * App 连接码用于另一台设备。设置页若从 localhost 打开，直接编码浏览器 origin
+ * 会让客户端连接它自己；监听 0.0.0.0 时自动换成本机优先 LAN IPv4。
+ */
+function resolveAppConnectOrigin(origin, config) {
+    if (config.host !== "0.0.0.0")
+        return origin;
+    try {
+        const parsed = new URL(origin);
+        const hostname = parsed.hostname.toLowerCase();
+        const isLocalOnly = hostname === "localhost"
+            || hostname === "127.0.0.1"
+            || hostname === "[::1]"
+            || hostname === "::1"
+            || hostname === "0.0.0.0"
+            || hostname === "[::]";
+        if (!isLocalOnly)
+            return parsed.origin;
+        const lanIp = preferredLanIpv4();
+        if (!lanIp)
+            return parsed.origin;
+        parsed.hostname = lanIp;
+        return parsed.origin;
+    }
+    catch {
+        return origin;
+    }
+}
 function decodeConnectCode(code) {
     try {
         const decoded = Buffer.from(code, "base64").toString("utf8");
@@ -1372,11 +1423,11 @@ export async function startServer(config, configPath) {
         const protocol = getPublicRequestProtocol(req, useHttps ? "https" : "http");
         const host = getPublicRequestHost(req, config);
         const browserOrigin = normalizePublicOrigin(firstQueryStringValue(req.query.origin));
-        const serverUrl = browserOrigin ?? `${protocol}://${host}`;
+        const serverUrl = resolveAppConnectOrigin(browserOrigin ?? `${protocol}://${host}`, config);
         const appSecret = config.appSecret ?? "";
         const token = generateAppToken(effectivePassword, appSecret);
         const code = encodeConnectCode(serverUrl, token);
-        res.json({ code });
+        res.json({ code, url: serverUrl });
     });
     app.post("/api/settings/config", async (req, res) => {
         const body = req.body;

package/dist/structured-session-manager.d.ts

@@ -119,6 +119,13 @@ export declare class StructuredSessionManager {
      * prepends magic words, codex runner overrides `model_reasoning_effort`).
      */
     setSessionThinkingEffort(sessionId: string, effort: SessionSnapshot["thinkingEffort"]): SessionSnapshot;
+    /**
+     * Switch the execution mode of a structured session mid-flight. Takes effect on
+     * the next message/query — permission policy, append-system-prompt and CLI flags
+     * are all re-derived from session.mode per turn. Mirrors setSessionModel; also
+     * re-syncs autoApprovePermissions so the permission posture matches the new mode.
+     */
+    setSessionMode(sessionId: string, mode: ExecutionMode): SessionSnapshot;
     /** Toggle auto-approve for the session. */
     toggleAutoApprove(sessionId: string): SessionSnapshot;
     /** Resolve a specific escalation by requestId. */

package/dist/structured-session-manager.js

@@ -904,6 +904,29 @@ export class StructuredSessionManager {
         });
         return updated;
     }
+    /**
+     * Switch the execution mode of a structured session mid-flight. Takes effect on
+     * the next message/query — permission policy, append-system-prompt and CLI flags
+     * are all re-derived from session.mode per turn. Mirrors setSessionModel; also
+     * re-syncs autoApprovePermissions so the permission posture matches the new mode.
+     */
+    setSessionMode(sessionId, mode) {
+        const session = this.requireSession(sessionId);
+        const autoApprove = shouldAutoApproveForMode(mode);
+        const updated = {
+            ...session,
+            mode,
+            autoApprovePermissions: autoApprove,
+        };
+        this.sessions.set(sessionId, updated);
+        this.storage.saveSession(updated);
+        this.emit({
+            type: "status",
+            sessionId,
+            data: { sessionKind: "structured", mode, autoApprovePermissions: autoApprove },
+        });
+        return updated;
+    }
     /** Toggle auto-approve for the session. */
     toggleAutoApprove(sessionId) {
         const session = this.requireSession(sessionId);