npm - @hellcoder/companion - Versions diffs - 0.96.0 - Mend

@hellcoder/companion 0.96.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (242) hide show

package/bin/cli.ts +168 -0
package/bin/ctl.ts +528 -0
package/bin/generate-token.ts +28 -0
package/dist/apple-touch-icon.png +0 -0
package/dist/assets/AgentsPage-DCFhrJ28.js +13 -0
package/dist/assets/CronManager-EGwLJONv.js +1 -0
package/dist/assets/IntegrationsPage-CTMRnbQS.js +1 -0
package/dist/assets/LinearOAuthSettingsPage-CgQFMIgr.js +1 -0
package/dist/assets/LinearSettingsPage-C9nok1qi.js +1 -0
package/dist/assets/Playground-BV3k0RbV.js +109 -0
package/dist/assets/PromptsPage-CFojqNKP.js +4 -0
package/dist/assets/RunsPage-DUJ1QUSa.js +1 -0
package/dist/assets/SandboxManager-CrVQ-VU_.js +8 -0
package/dist/assets/SettingsPage-D1fPCL19.js +1 -0
package/dist/assets/TailscalePage-D06cyvyC.js +1 -0
package/dist/assets/index-BhUa1e6X.css +1 -0
package/dist/assets/index-DkqeP-R9.js +134 -0
package/dist/assets/sw-register-BibwRdvC.js +1 -0
package/dist/assets/workbox-window.prod.es5-BIl4cyR9.js +2 -0
package/dist/favicon.svg +8 -0
package/dist/fonts/MesloLGSNerdFontMono-Bold.woff2 +0 -0
package/dist/fonts/MesloLGSNerdFontMono-Regular.woff2 +0 -0
package/dist/icon-192.png +0 -0
package/dist/icon-512.png +0 -0
package/dist/index.html +20 -0
package/dist/logo-codex.svg +14 -0
package/dist/logo-docker.svg +4 -0
package/dist/logo.svg +14 -0
package/dist/manifest.json +24 -0
package/dist/sw.js +2 -0
package/package.json +104 -0
package/server/agent-cron-migrator.test.ts +610 -0
package/server/agent-cron-migrator.ts +85 -0
package/server/agent-executor.test.ts +1108 -0
package/server/agent-executor.ts +346 -0
package/server/agent-store.test.ts +588 -0
package/server/agent-store.ts +185 -0
package/server/agent-types.ts +138 -0
package/server/ai-validation-settings.test.ts +128 -0
package/server/ai-validation-settings.ts +35 -0
package/server/ai-validator.test.ts +387 -0
package/server/ai-validator.ts +271 -0
package/server/auth-manager.test.ts +83 -0
package/server/auth-manager.ts +150 -0
package/server/auto-namer.test.ts +252 -0
package/server/auto-namer.ts +78 -0
package/server/backend-adapter.test.ts +38 -0
package/server/backend-adapter.ts +54 -0
package/server/cache-headers.test.ts +98 -0
package/server/cache-headers.ts +61 -0
package/server/claude-adapter.test.ts +1363 -0
package/server/claude-adapter.ts +889 -0
package/server/claude-container-auth.test.ts +44 -0
package/server/claude-container-auth.ts +30 -0
package/server/claude-protocol-contract.test.ts +71 -0
package/server/claude-protocol-drift.test.ts +78 -0
package/server/claude-session-discovery.test.ts +132 -0
package/server/claude-session-discovery.ts +157 -0
package/server/claude-session-history.test.ts +158 -0
package/server/claude-session-history.ts +410 -0
package/server/cli-launcher.test.ts +1343 -0
package/server/cli-launcher.ts +1298 -0
package/server/cli.test.ts +16 -0
package/server/codex-adapter.test.ts +5545 -0
package/server/codex-adapter.ts +3062 -0
package/server/codex-container-auth.test.ts +50 -0
package/server/codex-container-auth.ts +24 -0
package/server/codex-home.test.ts +61 -0
package/server/codex-home.ts +26 -0
package/server/codex-protocol-contract.test.ts +96 -0
package/server/codex-protocol-drift.test.ts +123 -0
package/server/codex-ws-proxy.cjs +226 -0
package/server/commands-discovery.test.ts +179 -0
package/server/commands-discovery.ts +81 -0
package/server/constants.ts +7 -0
package/server/container-manager.test.ts +1211 -0
package/server/container-manager.ts +1053 -0
package/server/cron-scheduler.test.ts +957 -0
package/server/cron-scheduler.ts +243 -0
package/server/cron-store.test.ts +422 -0
package/server/cron-store.ts +148 -0
package/server/cron-types.ts +63 -0
package/server/env-manager.test.ts +268 -0
package/server/env-manager.ts +161 -0
package/server/event-bus-types.ts +64 -0
package/server/event-bus.test.ts +244 -0
package/server/event-bus.ts +124 -0
package/server/execution-store.test.ts +307 -0
package/server/execution-store.ts +170 -0
package/server/fs-utils.ts +15 -0
package/server/git-utils.test.ts +938 -0
package/server/git-utils.ts +421 -0
package/server/github-pr.test.ts +498 -0
package/server/github-pr.ts +379 -0
package/server/image-pull-manager.test.ts +303 -0
package/server/image-pull-manager.ts +279 -0
package/server/index.ts +396 -0
package/server/linear-agent-bridge.test.ts +1157 -0
package/server/linear-agent-bridge.ts +629 -0
package/server/linear-agent.test.ts +473 -0
package/server/linear-agent.ts +479 -0
package/server/linear-cache.test.ts +136 -0
package/server/linear-cache.ts +113 -0
package/server/linear-connections.test.ts +350 -0
package/server/linear-connections.ts +231 -0
package/server/linear-credential-migration.test.ts +337 -0
package/server/linear-credential-migration.ts +63 -0
package/server/linear-oauth-connections-migration.test.ts +268 -0
package/server/linear-oauth-connections.test.ts +365 -0
package/server/linear-oauth-connections.ts +294 -0
package/server/linear-project-manager.test.ts +162 -0
package/server/linear-project-manager.ts +111 -0
package/server/linear-prompt-builder.test.ts +74 -0
package/server/linear-prompt-builder.ts +61 -0
package/server/linear-staging.test.ts +276 -0
package/server/linear-staging.ts +142 -0
package/server/logger.test.ts +393 -0
package/server/logger.ts +259 -0
package/server/metrics-collector.test.ts +413 -0
package/server/metrics-collector.ts +350 -0
package/server/metrics-types.ts +108 -0
package/server/middleware/managed-auth.test.ts +264 -0
package/server/middleware/managed-auth.ts +195 -0
package/server/novnc-proxy.test.ts +333 -0
package/server/novnc-proxy.ts +99 -0
package/server/path-resolver.test.ts +552 -0
package/server/path-resolver.ts +186 -0
package/server/paths.test.ts +31 -0
package/server/paths.ts +11 -0
package/server/pr-poller.test.ts +191 -0
package/server/pr-poller.ts +162 -0
package/server/prompt-manager.test.ts +211 -0
package/server/prompt-manager.ts +211 -0
package/server/protocol/claude-upstream/README.md +19 -0
package/server/protocol/claude-upstream/sdk.d.ts.txt +1943 -0
package/server/protocol/codex-upstream/ClientNotification.ts.txt +5 -0
package/server/protocol/codex-upstream/ClientRequest.ts.txt +60 -0
package/server/protocol/codex-upstream/README.md +18 -0
package/server/protocol/codex-upstream/ServerNotification.ts.txt +41 -0
package/server/protocol/codex-upstream/ServerRequest.ts.txt +16 -0
package/server/protocol/codex-upstream/v2/DynamicToolCallParams.ts.txt +6 -0
package/server/protocol/codex-upstream/v2/DynamicToolCallResponse.ts.txt +6 -0
package/server/protocol-monitor.ts +50 -0
package/server/recorder.test.ts +454 -0
package/server/recorder.ts +374 -0
package/server/recording-hub/compat-validator.test.ts +150 -0
package/server/recording-hub/compat-validator.ts +284 -0
package/server/recording-hub/diagnostics.test.ts +140 -0
package/server/recording-hub/diagnostics.ts +299 -0
package/server/recording-hub/hub-config.test.ts +44 -0
package/server/recording-hub/hub-config.ts +19 -0
package/server/recording-hub/hub-routes.test.ts +417 -0
package/server/recording-hub/hub-routes.ts +236 -0
package/server/recording-hub/hub-store.test.ts +262 -0
package/server/recording-hub/hub-store.ts +265 -0
package/server/recording-hub/replay-adapter.test.ts +294 -0
package/server/recording-hub/replay-adapter.ts +207 -0
package/server/relay-client.test.ts +337 -0
package/server/relay-client.ts +320 -0
package/server/replay.test.ts +200 -0
package/server/replay.ts +78 -0
package/server/routes/agent-routes.test.ts +1400 -0
package/server/routes/agent-routes.ts +409 -0
package/server/routes/cron-routes.test.ts +881 -0
package/server/routes/cron-routes.ts +103 -0
package/server/routes/env-routes.test.ts +383 -0
package/server/routes/env-routes.ts +95 -0
package/server/routes/fs-routes.test.ts +1198 -0
package/server/routes/fs-routes.ts +605 -0
package/server/routes/git-routes.test.ts +813 -0
package/server/routes/git-routes.ts +97 -0
package/server/routes/linear-agent-routes.test.ts +721 -0
package/server/routes/linear-agent-routes.ts +304 -0
package/server/routes/linear-connection-routes.test.ts +927 -0
package/server/routes/linear-connection-routes.ts +244 -0
package/server/routes/linear-oauth-connection-routes.test.ts +406 -0
package/server/routes/linear-oauth-connection-routes.ts +129 -0
package/server/routes/linear-routes.test.ts +1510 -0
package/server/routes/linear-routes.ts +953 -0
package/server/routes/metrics-routes.test.ts +103 -0
package/server/routes/metrics-routes.ts +13 -0
package/server/routes/prompt-routes.ts +67 -0
package/server/routes/sandbox-routes.test.ts +513 -0
package/server/routes/sandbox-routes.ts +127 -0
package/server/routes/settings-routes.ts +270 -0
package/server/routes/skills-routes.test.ts +690 -0
package/server/routes/skills-routes.ts +100 -0
package/server/routes/system-routes.test.ts +637 -0
package/server/routes/system-routes.ts +228 -0
package/server/routes/tailscale-routes.test.ts +176 -0
package/server/routes/tailscale-routes.ts +22 -0
package/server/routes.test.ts +4655 -0
package/server/routes.ts +1277 -0
package/server/sandbox-manager.test.ts +378 -0
package/server/sandbox-manager.ts +168 -0
package/server/service.test.ts +1419 -0
package/server/service.ts +718 -0
package/server/session-creation-service.test.ts +661 -0
package/server/session-creation-service.ts +473 -0
package/server/session-git-info.ts +104 -0
package/server/session-linear-issues.test.ts +118 -0
package/server/session-linear-issues.ts +88 -0
package/server/session-names.test.ts +94 -0
package/server/session-names.ts +67 -0
package/server/session-orchestrator.test.ts +1784 -0
package/server/session-orchestrator.ts +973 -0
package/server/session-state-machine.test.ts +606 -0
package/server/session-state-machine.ts +207 -0
package/server/session-store.test.ts +290 -0
package/server/session-store.ts +146 -0
package/server/session-types.ts +509 -0
package/server/settings-manager.test.ts +275 -0
package/server/settings-manager.ts +173 -0
package/server/tailscale-manager.test.ts +553 -0
package/server/tailscale-manager.ts +451 -0
package/server/terminal-manager.ts +240 -0
package/server/update-checker.test.ts +306 -0
package/server/update-checker.ts +197 -0
package/server/usage-limits.test.ts +536 -0
package/server/usage-limits.ts +225 -0
package/server/worktree-tracker.test.ts +243 -0
package/server/worktree-tracker.ts +84 -0
package/server/ws-auth.test.ts +59 -0
package/server/ws-auth.ts +41 -0
package/server/ws-bridge-browser-ingest.test.ts +272 -0
package/server/ws-bridge-browser-ingest.ts +72 -0
package/server/ws-bridge-browser.ts +112 -0
package/server/ws-bridge-cli-ingest.test.ts +302 -0
package/server/ws-bridge-cli-ingest.ts +81 -0
package/server/ws-bridge-codex.test.ts +1837 -0
package/server/ws-bridge-codex.ts +266 -0
package/server/ws-bridge-controls.test.ts +124 -0
package/server/ws-bridge-controls.ts +20 -0
package/server/ws-bridge-persist.test.ts +296 -0
package/server/ws-bridge-persist.ts +66 -0
package/server/ws-bridge-publish.test.ts +234 -0
package/server/ws-bridge-publish.ts +79 -0
package/server/ws-bridge-replay.test.ts +44 -0
package/server/ws-bridge-replay.ts +61 -0
package/server/ws-bridge-types.ts +106 -0
package/server/ws-bridge.test.ts +4777 -0
package/server/ws-bridge.ts +1279 -0

package/server/ws-bridge-codex.ts ADDED Viewed

@@ -0,0 +1,266 @@
+import type {
+  BrowserIncomingMessage,
+  BrowserOutgoingMessage,
+  PermissionRequest,
+} from "./session-types.js";
+import type { CodexAdapter } from "./codex-adapter.js";
+import type { Session } from "./ws-bridge-types.js";
+import { appendHistory } from "./ws-bridge-persist.js";
+import { validatePermission } from "./ai-validator.js";
+import { getEffectiveAiValidation } from "./ai-validation-settings.js";
+import { companionBus } from "./event-bus.js";
+/**
+ * @deprecated This file is no longer used in production. Codex adapters are now
+ * wired through the unified `attachBackendAdapter()` pipeline in `ws-bridge.ts`.
+ * This file is kept only for its test coverage which validates Codex-specific
+ * adapter handler logic patterns. It will be removed in a future cleanup pass.
+ */
+export interface CodexAttachDeps {
+  persistSession: (session: Session) => void;
+  refreshGitInfo: (
+    session: Session,
+    options?: { broadcastUpdate?: boolean; notifyPoller?: boolean },
+  ) => void;
+  broadcastToBrowsers: (session: Session, msg: BrowserIncomingMessage) => void;
+  autoNamingAttempted: Set<string>;
+}
+export function attachCodexAdapterHandlers(
+  sessionId: string,
+  session: Session,
+  adapter: CodexAdapter,
+  deps: CodexAttachDeps,
+): void {
+  adapter.onBrowserMessage((msg) => {
+    // Track activity for idle detection — mirrors routeCLIMessage logic for
+    // Claude Code NDJSON. Without this, Codex sessions get incorrectly
+    // idle-killed because lastCliActivityTs is never updated.
+    session.lastCliActivityTs = Date.now();
+    if (msg.type === "session_init") {
+      // Preserve pre-populated commands/skills when adapter sends empty arrays
+      // (Codex does not provide its own commands/skills)
+      // Exclude session_id: the adapter may report its own internal session ID
+      // which differs from the Companion's session ID.  Allowing it to overwrite
+      // session.state.session_id causes duplicate sidebar entries.
+      const { slash_commands, skills, session_id: _cliSessionId, ...rest } = msg.session;
+      session.state = {
+        ...session.state,
+        ...rest,
+        ...(slash_commands?.length ? { slash_commands } : {}),
+        ...(skills?.length ? { skills } : {}),
+        backend_type: "codex",
+      };
+      deps.refreshGitInfo(session, { notifyPoller: true });
+      deps.persistSession(session);
+      session.stateMachine.transition("ready", "codex_session_init");
+    } else if (msg.type === "session_update") {
+      // Exclude session_id — same rationale as session_init above.
+      const { slash_commands, skills, session_id: _cliSessionId, ...rest } = msg.session;
+      session.state = {
+        ...session.state,
+        ...rest,
+        ...(slash_commands?.length ? { slash_commands } : {}),
+        ...(skills?.length ? { skills } : {}),
+        backend_type: "codex",
+      };
+      deps.refreshGitInfo(session, { notifyPoller: true });
+      deps.persistSession(session);
+    } else if (msg.type === "status_change") {
+      session.state.is_compacting = msg.status === "compacting";
+      if (msg.status === "compacting") {
+        session.stateMachine.transition("compacting", "codex_compacting_started");
+      } else {
+        session.stateMachine.transition("ready", "codex_compacting_ended");
+      }
+      deps.persistSession(session);
+    }
+    if (msg.type === "assistant") {
+      const assistantMsg = { ...msg, timestamp: msg.timestamp || Date.now() };
+      appendHistory(session, assistantMsg);
+      deps.persistSession(session);
+      companionBus.emit("message:assistant", { sessionId, message: assistantMsg });
+    } else if (msg.type === "result") {
+      appendHistory(session, msg);
+      deps.persistSession(session);
+      companionBus.emit("message:result", { sessionId, message: msg });
+      session.stateMachine.transition("ready", "codex_turn_completed");
+    }
+    if (msg.type === "assistant") {
+      const content = (msg as { message?: { content?: Array<{ type: string }> } }).message?.content;
+      const hasToolUse = content?.some((b) => b.type === "tool_use");
+      if (hasToolUse) {
+        console.log(`[ws-bridge] Broadcasting tool_use assistant to ${session.browserSockets.size} browser(s) for session ${session.id}`);
+      }
+    }
+    if (msg.type === "permission_cancelled") {
+      const reqId = (msg as { request_id: string }).request_id;
+      session.pendingPermissions.delete(reqId);
+      // If no more pending permissions, transition back to streaming
+      if (session.pendingPermissions.size === 0 && session.stateMachine.phase === "awaiting_permission") {
+        session.stateMachine.transition("streaming", "permission_cancelled");
+      }
+      deps.persistSession(session);
+    }
+    if (msg.type === "permission_request") {
+      const perm = msg.request;
+      // AI Validation Mode for Codex sessions
+      const aiSettings = getEffectiveAiValidation(session.state);
+      if (
+        aiSettings.enabled
+        && aiSettings.anthropicApiKey
+        && perm.tool_name !== "AskUserQuestion"
+        && perm.tool_name !== "ExitPlanMode"
+      ) {
+        // Run AI validation async — don't broadcast yet
+        handleCodexAiValidation(session, adapter, perm, deps).catch((err) => {
+          console.warn(`[ws-bridge-codex] AI validation error for tool=${perm.tool_name} request_id=${perm.request_id} session=${session.id}, falling through to manual:`, err);
+          // On error, fall through to normal permission flow
+          session.pendingPermissions.set(perm.request_id, perm);
+          session.stateMachine.transition("awaiting_permission", "ai_validation_error_fallback");
+          deps.persistSession(session);
+          deps.broadcastToBrowsers(session, msg);
+        });
+        return;
+      }
+      session.pendingPermissions.set(perm.request_id, perm);
+      deps.persistSession(session);
+      session.stateMachine.transition("awaiting_permission", "codex_permission_requested");
+    }
+    deps.broadcastToBrowsers(session, msg);
+    if (
+      msg.type === "result" &&
+      !(msg.data as { is_error?: boolean }).is_error &&
+      !deps.autoNamingAttempted.has(session.id)
+    ) {
+      deps.autoNamingAttempted.add(session.id);
+      const firstUserMsg = session.messageHistory.find((m) => m.type === "user_message");
+      if (firstUserMsg && firstUserMsg.type === "user_message") {
+        companionBus.emit("session:first-turn-completed", { sessionId: session.id, firstUserMessage: firstUserMsg.content });
+      }
+    }
+  });
+  adapter.onSessionMeta((meta) => {
+    if (meta.cliSessionId) {
+      companionBus.emit("session:cli-id-received", { sessionId: session.id, cliSessionId: meta.cliSessionId });
+    }
+    if (meta.model) session.state.model = meta.model;
+    if (meta.cwd) session.state.cwd = meta.cwd;
+    session.state.backend_type = "codex";
+    deps.refreshGitInfo(session, { broadcastUpdate: true, notifyPoller: true });
+    deps.persistSession(session);
+  });
+  adapter.onDisconnect(() => {
+    // Guard: only clear the adapter reference if THIS adapter is still the active
+    // one.  During relaunch, a NEW adapter is attached before the OLD one fires
+    // its disconnect callback — without this check the new adapter gets nulled out.
+    if (session.backendAdapter !== adapter) {
+      console.log(`[ws-bridge] Ignoring stale disconnect for session ${sessionId} (adapter replaced)`);
+      return;
+    }
+    for (const [reqId] of session.pendingPermissions) {
+      deps.broadcastToBrowsers(session, { type: "permission_cancelled", request_id: reqId });
+    }
+    session.pendingPermissions.clear();
+    session.backendAdapter = null;
+    deps.persistSession(session);
+    console.log(`[ws-bridge] Codex adapter disconnected for session ${sessionId}`);
+    deps.broadcastToBrowsers(session, { type: "cli_disconnected" });
+    // Auto-relaunch if browsers are still connected (don't leave users staring
+    // at a dead session when the transport drops mid-conversation).
+    if (session.browserSockets.size > 0) {
+      console.log(`[ws-bridge] Auto-relaunching Codex for session ${sessionId} (${session.browserSockets.size} browser(s) connected)`);
+      companionBus.emit("session:relaunch-needed", { sessionId });
+    }
+  });
+  if (session.pendingMessages.length > 0) {
+    console.log(`[ws-bridge] Flushing ${session.pendingMessages.length} queued message(s) to Codex adapter for session ${sessionId}`);
+    const queued = session.pendingMessages.splice(0);
+    for (const raw of queued) {
+      try {
+        const msg = JSON.parse(raw) as BrowserOutgoingMessage;
+        adapter.sendBrowserMessage(msg);
+      } catch {
+        console.warn(`[ws-bridge] Failed to parse queued message for Codex: ${raw.substring(0, 100)}`);
+      }
+    }
+  }
+  deps.broadcastToBrowsers(session, { type: "cli_connected" });
+  console.log(`[ws-bridge] Codex adapter attached for session ${sessionId}`);
+}
+async function handleCodexAiValidation(
+  session: Session,
+  adapter: CodexAdapter,
+  perm: PermissionRequest,
+  deps: CodexAttachDeps,
+): Promise<void> {
+  const aiSettings = getEffectiveAiValidation(session.state);
+  const result = await validatePermission(
+    perm.tool_name,
+    perm.input,
+    perm.description,
+  );
+  perm.ai_validation = {
+    verdict: result.verdict,
+    reason: result.reason,
+    ruleBasedOnly: result.ruleBasedOnly,
+  };
+  // Auto-approve safe tools
+  if (result.verdict === "safe" && aiSettings.autoApprove) {
+    deps.broadcastToBrowsers(session, {
+      type: "permission_auto_resolved",
+      request: perm,
+      behavior: "allow",
+      reason: result.reason,
+    });
+    adapter.sendBrowserMessage({
+      type: "permission_response",
+      request_id: perm.request_id,
+      behavior: "allow",
+    });
+    return;
+  }
+  // Auto-deny dangerous tools
+  if (result.verdict === "dangerous" && aiSettings.autoDeny) {
+    deps.broadcastToBrowsers(session, {
+      type: "permission_auto_resolved",
+      request: perm,
+      behavior: "deny",
+      reason: result.reason,
+    });
+    adapter.sendBrowserMessage({
+      type: "permission_response",
+      request_id: perm.request_id,
+      behavior: "deny",
+    });
+    return;
+  }
+  // Uncertain or auto-action disabled: fall through to manual
+  session.pendingPermissions.set(perm.request_id, perm);
+  session.stateMachine.transition("awaiting_permission", "ai_validation_manual_fallback");
+  deps.persistSession(session);
+  deps.broadcastToBrowsers(session, {
+    type: "permission_request",
+    request: perm,
+  });
+}

package/server/ws-bridge-controls.test.ts ADDED Viewed

@@ -0,0 +1,124 @@
+import { describe, it, expect, vi } from "vitest";
+// Mock settings-manager to avoid reading real settings files during tests.
+vi.mock("./settings-manager.js", () => ({
+  getSettings: () => ({
+    aiValidationEnabled: false,
+    aiValidationAutoApprove: false,
+    aiValidationAutoDeny: false,
+    anthropicApiKey: "",
+  }),
+  DEFAULT_ANTHROPIC_MODEL: "claude-sonnet-4-6",
+}));
+import { handleSetAiValidation } from "./ws-bridge-controls.js";
+import type { Session } from "./ws-bridge-types.js";
+import { makeDefaultState } from "./ws-bridge-types.js";
+import { SessionStateMachine } from "./session-state-machine.js";
+/** Create a minimal Session object for testing handleSetAiValidation. */
+function makeMockSession(overrides: Partial<Session["state"]> = {}): Session {
+  const state = { ...makeDefaultState("test-session"), ...overrides };
+  return {
+    id: "test-session",
+    backendType: "claude",
+    backendAdapter: null,
+    browserSockets: new Set(),
+    state,
+    pendingPermissions: new Map(),
+    messageHistory: [],
+    pendingMessages: [],
+    nextEventSeq: 1,
+    eventBuffer: [],
+    lastAckSeq: 0,
+    processedClientMessageIds: [],
+    processedClientMessageIdSet: new Set(),
+    lastCliActivityTs: Date.now(),
+    stateMachine: new SessionStateMachine("test-session"),
+  };
+}
+describe("handleSetAiValidation", () => {
+  it("sets aiValidationEnabled on session state", () => {
+    // When aiValidationEnabled is provided, it should be written to state.
+    const session = makeMockSession({ aiValidationEnabled: false });
+    handleSetAiValidation(session, { aiValidationEnabled: true });
+    expect(session.state.aiValidationEnabled).toBe(true);
+  });
+  it("sets aiValidationAutoApprove on session state", () => {
+    // When aiValidationAutoApprove is provided, it should be written to state.
+    const session = makeMockSession({ aiValidationAutoApprove: false });
+    handleSetAiValidation(session, { aiValidationAutoApprove: true });
+    expect(session.state.aiValidationAutoApprove).toBe(true);
+  });
+  it("sets aiValidationAutoDeny on session state", () => {
+    // When aiValidationAutoDeny is provided, it should be written to state.
+    const session = makeMockSession({ aiValidationAutoDeny: false });
+    handleSetAiValidation(session, { aiValidationAutoDeny: true });
+    expect(session.state.aiValidationAutoDeny).toBe(true);
+  });
+  it("does not overwrite existing state when values are undefined", () => {
+    // When a field is undefined in the message, handleSetAiValidation should
+    // leave the existing value in session.state untouched. This is important
+    // because the browser may send only the fields that changed.
+    const session = makeMockSession({
+      aiValidationEnabled: true,
+      aiValidationAutoApprove: true,
+      aiValidationAutoDeny: true,
+    });
+    handleSetAiValidation(session, {});
+    expect(session.state.aiValidationEnabled).toBe(true);
+    expect(session.state.aiValidationAutoApprove).toBe(true);
+    expect(session.state.aiValidationAutoDeny).toBe(true);
+  });
+  it("sets values to null when explicitly provided", () => {
+    // null is a valid value (different from undefined) and should be written.
+    const session = makeMockSession({
+      aiValidationEnabled: true,
+      aiValidationAutoApprove: true,
+      aiValidationAutoDeny: true,
+    });
+    handleSetAiValidation(session, {
+      aiValidationEnabled: null,
+      aiValidationAutoApprove: null,
+      aiValidationAutoDeny: null,
+    });
+    expect(session.state.aiValidationEnabled).toBeNull();
+    expect(session.state.aiValidationAutoApprove).toBeNull();
+    expect(session.state.aiValidationAutoDeny).toBeNull();
+  });
+  it("sets values to false when explicitly provided", () => {
+    // false is a valid value and should overwrite true.
+    const session = makeMockSession({
+      aiValidationEnabled: true,
+      aiValidationAutoApprove: true,
+      aiValidationAutoDeny: true,
+    });
+    handleSetAiValidation(session, {
+      aiValidationEnabled: false,
+      aiValidationAutoApprove: false,
+      aiValidationAutoDeny: false,
+    });
+    expect(session.state.aiValidationEnabled).toBe(false);
+    expect(session.state.aiValidationAutoApprove).toBe(false);
+    expect(session.state.aiValidationAutoDeny).toBe(false);
+  });
+  it("handles partial updates (only some fields provided)", () => {
+    // When only one field is provided, only that field should change.
+    const session = makeMockSession({
+      aiValidationEnabled: false,
+      aiValidationAutoApprove: false,
+      aiValidationAutoDeny: false,
+    });
+    handleSetAiValidation(session, { aiValidationEnabled: true });
+    expect(session.state.aiValidationEnabled).toBe(true);
+    expect(session.state.aiValidationAutoApprove).toBe(false);
+    expect(session.state.aiValidationAutoDeny).toBe(false);
+  });
+});

package/server/ws-bridge-controls.ts ADDED Viewed

@@ -0,0 +1,20 @@
+import type { Session } from "./ws-bridge-types.js";
+export function handleSetAiValidation(
+  session: Session,
+  msg: {
+    aiValidationEnabled?: boolean | null;
+    aiValidationAutoApprove?: boolean | null;
+    aiValidationAutoDeny?: boolean | null;
+  },
+): void {
+  if (msg.aiValidationEnabled !== undefined) {
+    session.state.aiValidationEnabled = msg.aiValidationEnabled;
+  }
+  if (msg.aiValidationAutoApprove !== undefined) {
+    session.state.aiValidationAutoApprove = msg.aiValidationAutoApprove;
+  }
+  if (msg.aiValidationAutoDeny !== undefined) {
+    session.state.aiValidationAutoDeny = msg.aiValidationAutoDeny;
+  }
+}