@hasna/terminal 3.3.1 → 3.3.3

package/dist/mcp/server.js

@@ -21,9 +21,9 @@ import { shouldBeLazy, toLazy } from "../lazy-executor.js";
 import { getEconomyStats, recordSaving } from "../economy.js";
 import { captureSnapshot } from "../snapshots.js";
 // ── helpers ──────────────────────────────────────────────────────────────────
-function exec(command, cwd, timeout) {
-    // Auto-optimize command before execution
-    const rw = rewriteCommand(command);
+function exec(command, cwd, timeout, allowRewrite = false) {
+    // Only rewrite when explicitly allowed (execute_smart, not raw execute)
+    const rw = allowRewrite ? rewriteCommand(command) : { changed: false, rewritten: command };
     const actualCommand = rw.changed ? rw.rewritten : command;
     return new Promise((resolve) => {
         const start = Date.now();
@@ -60,7 +60,7 @@ export function createServer() {
         version: "0.2.0",
     });
     // ── execute: run a command, return structured result ──────────────────────
-    server.tool("execute", "Run a shell command and return the result. Supports structured output parsing (json), token compression (compressed), and AI summarization (summary).", {
+    server.tool("execute", "Run a shell command and return raw output. Prefer execute_smart for most tasks — it AI-summarizes output, saving 80% tokens. Use execute only when you need the full unprocessed output (e.g., to parse it yourself).", {
         command: z.string().describe("Shell command to execute"),
         cwd: z.string().optional().describe("Working directory (default: server cwd)"),
         timeout: z.number().optional().describe("Timeout in ms (default: 30000)"),
@@ -135,7 +135,7 @@ export function createServer() {
         cwd: z.string().optional().describe("Working directory"),
         timeout: z.number().optional().describe("Timeout in ms (default: 30000)"),
     }, async ({ command, cwd, timeout }) => {
-        const result = await exec(command, cwd, timeout ?? 30000);
+        const result = await exec(command, cwd, timeout ?? 30000, true); // allow rewrite for smart mode
         const output = (result.stdout + result.stderr).trim();
         const processed = await processOutput(command, output);
         // Progressive disclosure: store full output, return summary + expand key
@@ -447,12 +447,24 @@ export function createServer() {
         };
     });
     // ── read_file: cached file reading ─────────────────────────────────────────
-    server.tool("read_file", "Read a file with session caching. Second read of unchanged file returns instantly from cache. Supports offset/limit for pagination without re-reading.", {
+    server.tool("read_file", "Read a file with session caching. Use summarize=true to get an AI-generated outline (~90% fewer tokens) instead of full content — ideal when you just want to understand what a file does without reading every line.", {
         path: z.string().describe("File path"),
         offset: z.number().optional().describe("Start line (0-indexed)"),
         limit: z.number().optional().describe("Max lines to return"),
-    }, async ({ path, offset, limit }) => {
+        summarize: z.boolean().optional().describe("Return AI summary instead of full content (saves ~90% tokens)"),
+    }, async ({ path, offset, limit, summarize }) => {
         const result = cachedRead(path, { offset, limit });
+        if (summarize && result.content.length > 500) {
+            const processed = await processOutput(`cat ${path}`, result.content);
+            return {
+                content: [{ type: "text", text: JSON.stringify({
+                            summary: processed.summary,
+                            lines: result.content.split("\n").length,
+                            tokensSaved: processed.tokensSaved,
+                            cached: result.cached,
+                        }) }],
+            };
+        }
         return {
             content: [{ type: "text", text: JSON.stringify({
                         content: result.content,

package/dist/noise-filter.js

@@ -33,15 +33,23 @@ const NOISE_PATTERNS = [
     // Generic download/upload progress
     /^\s*\d+(\.\d+)?\s*[KMG]?B\s*\/\s*\d+(\.\d+)?\s*[KMG]?B\b/,
 ];
-// Sensitive env var patterns — redact values, keep names only if needed
+// Sensitive env var patterns — ONLY match actual env var assignments (export X=val, X=val at line start)
+// NOT code lines like `const API_KEY = process.env.API_KEY` or `this.token = config.token`
 const SENSITIVE_PATTERNS = [
-    /^(.*(?:KEY|TOKEN|SECRET|PASSWORD|CREDENTIAL|AUTH).*?)=(.+)$/i,
-    /^(.*(?:API_KEY|ACCESS_KEY|PRIVATE_KEY|CLIENT_SECRET).*?)=(.+)$/i,
+    // export KEY_NAME="value" or KEY_NAME=value (shell env vars only)
+    /^(export\s+[A-Z_]*(?:KEY|TOKEN|SECRET|PASSWORD|CREDENTIAL)[A-Z_]*)=(.+)$/,
+    // Plain env assignment at start of line (no leading whitespace = not code)
+    /^([A-Z_]*(?:API_KEY|ACCESS_KEY|PRIVATE_KEY|CLIENT_SECRET|AUTH_TOKEN)[A-Z_]*)=(.+)$/,
 ];
-/** Redact sensitive values in output (env vars, credentials) */
+/** Redact sensitive values in output (env vars only, not code) */
 function redactSensitive(line) {
+    const trimmed = line.trim();
+    // Skip lines that look like code (have leading whitespace, semicolons, const/let/var, etc.)
+    if (/^\s*(const|let|var|this\.|private|public|protected|import|export\s+(default|const|let|function|class)|\/\/|\/\*|\*)/.test(line)) {
+        return line; // Code — never redact
+    }
     for (const pattern of SENSITIVE_PATTERNS) {
-        const match = line.match(pattern);
+        const match = trimmed.match(pattern);
         if (match) {
             return `${match[1]}=[REDACTED]`;
         }

package/dist/output-processor.js

@@ -90,7 +90,10 @@ RULES:
 - Keep errors/failures verbatim
 - Be direct and concise — the user wants an ANSWER, not a data dump
 - For TEST OUTPUT: look for "X pass" and "X fail" lines. These are DEFINITIVE. If you see "42 pass, 0 fail" in the output, the answer is "42 tests pass, 0 fail." NEVER say "no tests found" or "incomplete" when pass/fail counts are visible.
-- For BUILD OUTPUT: if tsc/build exits 0 with no output, it SUCCEEDED. Empty output = success.`;
+- For BUILD OUTPUT: if tsc/build exits 0 with no output, it SUCCEEDED. Empty output = success.
+- For GREP/SEARCH OUTPUT (file:line:match format): List ALL matches grouped by file. NEVER summarize into one sentence. Format: "N matches in M files:" then list each match. The agent needs every match, not a prose interpretation.
+- For FILE LISTINGS (ls, find): show count + key entries. "23 files: src/ai.ts, src/cli.tsx, ..."
+- For GIT LOG/DIFF: preserve commit hashes, file names, and +/- line counts.`;
 /**
  * Process command output through AI summarization.
  * Cheap AI call (~100 tokens) saves 1000+ tokens downstream.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@hasna/terminal",
-  "version": "3.3.1",
+  "version": "3.3.3",
   "description": "Smart terminal wrapper for AI agents and humans — structured output, token compression, MCP server, natural language",
   "type": "module",
   "files": [

package/src/mcp/server.ts

@@ -24,9 +24,9 @@ import { captureSnapshot } from "../snapshots.js";
 
 // ── helpers ──────────────────────────────────────────────────────────────────
 
-function exec(command: string, cwd?: string, timeout?: number): Promise<{ exitCode: number; stdout: string; stderr: string; duration: number; rewritten?: string }> {
-  // Auto-optimize command before execution
-  const rw = rewriteCommand(command);
+function exec(command: string, cwd?: string, timeout?: number, allowRewrite: boolean = false): Promise<{ exitCode: number; stdout: string; stderr: string; duration: number; rewritten?: string }> {
+  // Only rewrite when explicitly allowed (execute_smart, not raw execute)
+  const rw = allowRewrite ? rewriteCommand(command) : { changed: false, rewritten: command };
   const actualCommand = rw.changed ? rw.rewritten : command;
   return new Promise((resolve) => {
     const start = Date.now();
@@ -69,7 +69,7 @@ export function createServer(): McpServer {
 
   server.tool(
     "execute",
-    "Run a shell command and return the result. Supports structured output parsing (json), token compression (compressed), and AI summarization (summary).",
+    "Run a shell command and return raw output. Prefer execute_smart for most tasks — it AI-summarizes output, saving 80% tokens. Use execute only when you need the full unprocessed output (e.g., to parse it yourself).",
     {
       command: z.string().describe("Shell command to execute"),
       cwd: z.string().optional().describe("Working directory (default: server cwd)"),
@@ -156,7 +156,7 @@ export function createServer(): McpServer {
       timeout: z.number().optional().describe("Timeout in ms (default: 30000)"),
     },
     async ({ command, cwd, timeout }) => {
-      const result = await exec(command, cwd, timeout ?? 30000);
+      const result = await exec(command, cwd, timeout ?? 30000, true); // allow rewrite for smart mode
       const output = (result.stdout + result.stderr).trim();
       const processed = await processOutput(command, output);
 
@@ -638,14 +638,28 @@ export function createServer(): McpServer {
 
   server.tool(
     "read_file",
-    "Read a file with session caching. Second read of unchanged file returns instantly from cache. Supports offset/limit for pagination without re-reading.",
+    "Read a file with session caching. Use summarize=true to get an AI-generated outline (~90% fewer tokens) instead of full content — ideal when you just want to understand what a file does without reading every line.",
     {
       path: z.string().describe("File path"),
       offset: z.number().optional().describe("Start line (0-indexed)"),
       limit: z.number().optional().describe("Max lines to return"),
+      summarize: z.boolean().optional().describe("Return AI summary instead of full content (saves ~90% tokens)"),
     },
-    async ({ path, offset, limit }) => {
+    async ({ path, offset, limit, summarize }) => {
       const result = cachedRead(path, { offset, limit });
+
+      if (summarize && result.content.length > 500) {
+        const processed = await processOutput(`cat ${path}`, result.content);
+        return {
+          content: [{ type: "text" as const, text: JSON.stringify({
+            summary: processed.summary,
+            lines: result.content.split("\n").length,
+            tokensSaved: processed.tokensSaved,
+            cached: result.cached,
+          }) }],
+        };
+      }
+
       return {
         content: [{ type: "text" as const, text: JSON.stringify({
           content: result.content,

package/src/noise-filter.ts

@@ -41,16 +41,24 @@ const NOISE_PATTERNS: RegExp[] = [
   /^\s*\d+(\.\d+)?\s*[KMG]?B\s*\/\s*\d+(\.\d+)?\s*[KMG]?B\b/,
 ];
 
-// Sensitive env var patterns — redact values, keep names only if needed
+// Sensitive env var patterns — ONLY match actual env var assignments (export X=val, X=val at line start)
+// NOT code lines like `const API_KEY = process.env.API_KEY` or `this.token = config.token`
 const SENSITIVE_PATTERNS = [
-  /^(.*(?:KEY|TOKEN|SECRET|PASSWORD|CREDENTIAL|AUTH).*?)=(.+)$/i,
-  /^(.*(?:API_KEY|ACCESS_KEY|PRIVATE_KEY|CLIENT_SECRET).*?)=(.+)$/i,
+  // export KEY_NAME="value" or KEY_NAME=value (shell env vars only)
+  /^(export\s+[A-Z_]*(?:KEY|TOKEN|SECRET|PASSWORD|CREDENTIAL)[A-Z_]*)=(.+)$/,
+  // Plain env assignment at start of line (no leading whitespace = not code)
+  /^([A-Z_]*(?:API_KEY|ACCESS_KEY|PRIVATE_KEY|CLIENT_SECRET|AUTH_TOKEN)[A-Z_]*)=(.+)$/,
 ];
 
-/** Redact sensitive values in output (env vars, credentials) */
+/** Redact sensitive values in output (env vars only, not code) */
 function redactSensitive(line: string): string {
+  const trimmed = line.trim();
+  // Skip lines that look like code (have leading whitespace, semicolons, const/let/var, etc.)
+  if (/^\s*(const|let|var|this\.|private|public|protected|import|export\s+(default|const|let|function|class)|\/\/|\/\*|\*)/.test(line)) {
+    return line; // Code — never redact
+  }
   for (const pattern of SENSITIVE_PATTERNS) {
-    const match = line.match(pattern);
+    const match = trimmed.match(pattern);
     if (match) {
       return `${match[1]}=[REDACTED]`;
     }

package/src/output-processor.ts

@@ -123,7 +123,10 @@ RULES:
 - Keep errors/failures verbatim
 - Be direct and concise — the user wants an ANSWER, not a data dump
 - For TEST OUTPUT: look for "X pass" and "X fail" lines. These are DEFINITIVE. If you see "42 pass, 0 fail" in the output, the answer is "42 tests pass, 0 fail." NEVER say "no tests found" or "incomplete" when pass/fail counts are visible.
-- For BUILD OUTPUT: if tsc/build exits 0 with no output, it SUCCEEDED. Empty output = success.`;
+- For BUILD OUTPUT: if tsc/build exits 0 with no output, it SUCCEEDED. Empty output = success.
+- For GREP/SEARCH OUTPUT (file:line:match format): List ALL matches grouped by file. NEVER summarize into one sentence. Format: "N matches in M files:" then list each match. The agent needs every match, not a prose interpretation.
+- For FILE LISTINGS (ls, find): show count + key entries. "23 files: src/ai.ts, src/cli.tsx, ..."
+- For GIT LOG/DIFF: preserve commit hashes, file names, and +/- line counts.`;
 
 /**
  * Process command output through AI summarization.