@jackwener/opencli 1.7.22 → 1.8.1

package/clis/zhihu/text.test.js

@@ -0,0 +1,24 @@
+import { describe, expect, it } from 'vitest';
+import { stripHtml } from './text.js';
+
+describe('zhihu text helpers', () => {
+    it('strips tags and decodes named entities in flat mode', () => {
+        expect(stripHtml('<em>Codex</em>&nbsp;&amp;&nbsp;&lt;CLI&gt;')).toBe('Codex & <CLI>');
+    });
+
+    it('decodes decimal and hexadecimal numeric entities', () => {
+        expect(stripHtml('&#34;中文&#34; &#x26; &#39;test&#39;')).toBe('"中文" & \'test\'');
+    });
+
+    it('keeps invalid numeric entities unchanged', () => {
+        expect(stripHtml('bad &#9999999999; entity')).toBe('bad &#9999999999; entity');
+    });
+
+    it('keeps list excerpts flat by default', () => {
+        expect(stripHtml('<p>first</p><br><p>second</p>')).toBe('firstsecond');
+    });
+
+    it('preserves block breaks when requested', () => {
+        expect(stripHtml('<p>first</p><br><p>second</p>', { preserveBlocks: true })).toBe('first\n\nsecond');
+    });
+});

package/dist/src/browser/errors.js

@@ -49,8 +49,10 @@ export function classifyBrowserError(err) {
     if (TARGET_NAVIGATION_PATTERNS.some(p => msg.includes(p))) {
         return { kind: 'target-navigation', retryable: true, delayMs: 200 };
     }
-    // CDP protocol error with target context (e.g., -32000 "target closed")
-    if (msg.includes('-32000') && msg.toLowerCase().includes('target')) {
+    // CDP protocol error with target/context invalidation (e.g., -32000 "target closed" or
+    // -32000 "Cannot find default execution context" — both indicate the inspected target
+    // went away and a fresh attach should recover).
+    if (msg.includes('-32000') && /target|context/i.test(msg)) {
         return { kind: 'target-navigation', retryable: true, delayMs: 200 };
     }
     return { kind: 'non-retryable', retryable: false, delayMs: 0 };

package/dist/src/browser/errors.test.js

@@ -32,6 +32,12 @@ describe('classifyBrowserError', () => {
         expect(advice.retryable).toBe(true);
         expect(advice.delayMs).toBe(200);
     });
+    it('classifies CDP -32000 execution-context errors with 200ms delay', () => {
+        const advice = classifyBrowserError(new Error('{"code":-32000,"message":"Cannot find default execution context"}'));
+        expect(advice.kind).toBe('target-navigation');
+        expect(advice.retryable).toBe(true);
+        expect(advice.delayMs).toBe(200);
+    });
     it('returns non-retryable for unrelated errors', () => {
         for (const msg of ['Permission denied', 'malformed exec payload', 'SyntaxError']) {
             const advice = classifyBrowserError(new Error(msg));

package/dist/src/browser/network-cache.js

@@ -29,7 +29,19 @@ export function saveNetworkCache(session, entries, baseDir) {
         savedAt: new Date().toISOString(),
         entries,
     };
-    fs.writeFileSync(target, JSON.stringify(payload), 'utf-8');
+    // 0o600: entries can include auth tokens and PII from captured response
+    // bodies. fchmod before writing also tightens a pre-existing broad file.
+    let fd;
+    try {
+        fd = fs.openSync(target, fs.constants.O_WRONLY | fs.constants.O_CREAT | fs.constants.O_TRUNC, 0o600);
+        fs.fchmodSync(fd, 0o600);
+        fs.writeFileSync(fd, JSON.stringify(payload), 'utf8');
+    }
+    finally {
+        if (fd !== undefined) {
+            fs.closeSync(fd);
+        }
+    }
 }
 export function loadNetworkCache(session, opts = {}) {
     const target = getCachePath(session, opts.baseDir);

package/dist/src/browser/network-cache.test.js

@@ -55,4 +55,21 @@ describe('network-cache', () => {
         expect(findEntry(file, 'B')?.key).toBe('B');
         expect(findEntry(file, 'missing')).toBeNull();
     });
+    it.skipIf(process.platform === 'win32')('writes the cache file with 0o600 owner-only permissions', () => {
+        saveNetworkCache('ws', [makeEntry('UserTweets')], baseDir);
+        const target = getCachePath('ws', baseDir);
+        const mode = fs.statSync(target).mode & 0o777;
+        expect(mode).toBe(0o600);
+    });
+    it.skipIf(process.platform === 'win32')('tightens an existing cache file before rewriting it', () => {
+        const target = getCachePath('ws', baseDir);
+        fs.mkdirSync(path.dirname(target), { recursive: true });
+        fs.writeFileSync(target, '{"version":1,"session":"ws","savedAt":"old","entries":[]}', { mode: 0o644 });
+        saveNetworkCache('ws', [makeEntry('UserTweets')], baseDir);
+        const mode = fs.statSync(target).mode & 0o777;
+        expect(mode).toBe(0o600);
+        const reloaded = loadNetworkCache('ws', { baseDir });
+        expect(reloaded.status).toBe('ok');
+        expect(reloaded.file?.entries[0].key).toBe('UserTweets');
+    });
 });

package/dist/src/browser/page.js

@@ -22,6 +22,15 @@ function isUnsupportedNetworkCaptureError(err) {
     return (normalized.includes('unknown action') && normalized.includes('network-capture'))
         || (normalized.includes('network capture') && normalized.includes('not supported'));
 }
+// The extension throws "Page not found: <id> — stale page identity" when our cached
+// `_page` targetId no longer maps to a live tab — e.g. the user closed the automation
+// window, or a long-running script left the cache pointing at an evicted target.
+// Detect that signature so goto() can drop the stale id and let resolveTab fall back
+// to the session lease (or create a fresh tab).
+function isStalePageIdentityError(err) {
+    const message = err instanceof Error ? err.message : String(err);
+    return message.includes('stale page identity');
+}
 /**
  * Page — implements IPage by talking to the daemon via HTTP.
  */
@@ -69,10 +78,27 @@ export class Page extends BasePage {
         };
     }
     async goto(url, options) {
-        const result = await sendCommandFull('navigate', {
-            url,
-            ...this._cmdOpts(),
-        });
+        let result;
+        try {
+            result = await sendCommandFull('navigate', {
+                url,
+                ...this._cmdOpts(),
+            });
+        }
+        catch (err) {
+            // If our cached targetId went stale (tab closed externally, identity evicted),
+            // drop the dead id and retry without it — the extension will resolve through the
+            // session lease or open a fresh automation tab. Without this, subsequent
+            // navigations in the same Page instance keep re-sending the same dead targetId
+            // and cascade into "Page not found:" failures.
+            if (!isStalePageIdentityError(err) || this._page === undefined)
+                throw err;
+            this._page = undefined;
+            result = await sendCommandFull('navigate', {
+                url,
+                ...this._cmdOpts(),
+            });
+        }
         // Remember the page identity (targetId) for subsequent calls
         if (result.page) {
             this._page = result.page;

package/dist/src/browser/page.test.js

@@ -235,6 +235,48 @@ describe('Page active target tracking', () => {
             page: 'page-explicit',
         }));
     });
+    // Regression: a Page instance can keep re-sending a cached targetId after the tab
+    // has been closed externally, so the extension throws
+    // "Page not found: <id> — stale page identity" on follow-up navigation.
+    // goto() now drops the stale identity and retries once without it so the extension's
+    // session lease can resolve through to a live tab.
+    it('drops a stale page identity and retries navigate once', async () => {
+        sendCommandFullMock
+            .mockResolvedValueOnce({ data: { url: 'https://example.com/first' }, page: 'page-1' })
+            .mockRejectedValueOnce(new Error('Page not found: deadbeef — stale page identity'))
+            .mockResolvedValueOnce({ data: { url: 'https://example.com/second' }, page: 'page-2' });
+        const page = new Page('site:youtube', undefined, undefined, undefined, 'adapter', 'persistent');
+        await page.goto('https://example.com/first', { waitUntil: 'none' });
+        expect(page.getActivePage()).toBe('page-1');
+        await page.goto('https://example.com/second', { waitUntil: 'none' });
+        expect(page.getActivePage()).toBe('page-2');
+        expect(sendCommandFullMock).toHaveBeenCalledTimes(3);
+        // First retry attempt carried the stale page; the recovery call must drop it.
+        const retryCall = sendCommandFullMock.mock.calls[2];
+        expect(retryCall[0]).toBe('navigate');
+        expect(retryCall[1]).not.toHaveProperty('page');
+    });
+    it('does not retry stale page errors when no identity was cached', async () => {
+        // _page is undefined on a fresh Page — there's nothing to drop, so propagate the
+        // error instead of silently retrying with the same params.
+        sendCommandFullMock
+            .mockRejectedValueOnce(new Error('Page not found: deadbeef — stale page identity'));
+        const page = new Page('site:youtube', undefined, undefined, undefined, 'adapter', 'persistent');
+        await expect(page.goto('https://example.com', { waitUntil: 'none' }))
+            .rejects.toThrow('stale page identity');
+        expect(sendCommandFullMock).toHaveBeenCalledTimes(1);
+    });
+    it('propagates non-stale navigate errors unchanged', async () => {
+        sendCommandFullMock
+            .mockResolvedValueOnce({ data: { url: 'https://example.com/first' }, page: 'page-1' })
+            .mockRejectedValueOnce(new Error('Extension disconnected'));
+        const page = new Page('site:youtube', undefined, undefined, undefined, 'adapter', 'persistent');
+        await page.goto('https://example.com/first', { waitUntil: 'none' });
+        await expect(page.goto('https://example.com/second', { waitUntil: 'none' }))
+            .rejects.toThrow('Extension disconnected');
+        // No retry for unrelated errors — exactly two navigate calls total.
+        expect(sendCommandFullMock).toHaveBeenCalledTimes(2);
+    });
     it('creates a new tab without changing the current active page binding', async () => {
         sendCommandFullMock
             .mockResolvedValueOnce({ data: { url: 'https://first.example' }, page: 'page-1' })

package/dist/src/browser/utils.d.ts

@@ -1,7 +1,7 @@
 /**
  * Utility functions for browser operations
  */
-type EvaluateFunction = (...args: any[]) => unknown;
+type EvaluateFunction = (...args: never[]) => unknown;
 /**
  * Serialize a function-form page.evaluate call for CDP Runtime.evaluate.
  *

package/dist/src/cli-argv-preprocess.d.ts

@@ -35,3 +35,29 @@ export declare function rewriteBrowserArgv(argv: readonly string[]): string[];
 export declare class BrowserSessionArgvError extends Error {
     constructor(message: string);
 }
+/**
+ * Minimal manifest shape consumed by escapeLeadingDashPositional. Imported
+ * lazily by main.ts so this module stays dependency-free.
+ */
+export interface DashPositionalManifestEntry {
+    site: string;
+    name: string;
+    args?: Array<{
+        name: string;
+        positional?: boolean;
+        required?: boolean;
+        valueRequired?: boolean;
+        default?: unknown;
+    }>;
+    browser?: boolean;
+}
+/**
+ * `opencli boss detail -abc123def` fails because commander parses
+ * `-abc123def` as an unknown option rather than the required
+ * `<security-id>` positional. BOSS 直聘 securityId tokens are opaque
+ * strings that can legitimately start with `-` (issue #1160), and the
+ * same shape can show up in any adapter that takes an opaque-id
+ * positional. Insert a `--` separator so commander treats the next
+ * token as the positional value.
+ */
+export declare function escapeLeadingDashPositional(argv: readonly string[], manifest: readonly DashPositionalManifestEntry[]): string[];

package/dist/src/cli-argv-preprocess.js

@@ -129,3 +129,141 @@ export class BrowserSessionArgvError extends Error {
         this.name = 'BrowserSessionArgvError';
     }
 }
+function knownCommandOptions(cmd) {
+    const options = new Map([
+        ['-h', 'none'],
+        ['--help', 'none'],
+        ['-v', 'none'],
+        ['--verbose', 'none'],
+        ['-f', 'required'],
+        ['--format', 'required'],
+        ['--trace', 'required'],
+    ]);
+    if (cmd.browser) {
+        options.set('--window', 'required');
+        options.set('--site-session', 'required');
+        options.set('--keep-tab', 'required');
+    }
+    for (const arg of cmd.args ?? []) {
+        if (arg.positional)
+            continue;
+        // Keep in sync with commanderAdapter.ts:
+        // required/valueRequired -> `<value>`; otherwise -> `[value]`.
+        options.set(`--${arg.name}`, arg.required || arg.valueRequired ? 'required' : 'optional');
+    }
+    return options;
+}
+function consumeKnownOption(argv, index, options) {
+    const token = argv[index];
+    if (!token || token === '--')
+        return null;
+    const eq = token.indexOf('=');
+    const key = eq === -1 ? token : token.slice(0, eq);
+    const mode = options.get(key);
+    if (!mode && eq === -1 && token.startsWith('-') && !token.startsWith('--') && token.length > 2) {
+        const shortKey = token.slice(0, 2);
+        const shortMode = options.get(shortKey);
+        if (shortMode === 'required') {
+            return { values: [token], nextIndex: index + 1 };
+        }
+    }
+    if (!mode)
+        return null;
+    if (eq !== -1 || mode === 'none')
+        return { values: [token], nextIndex: index + 1 };
+    const next = argv[index + 1];
+    if (mode === 'required') {
+        return next === undefined
+            ? { values: [token], nextIndex: index + 1 }
+            : { values: [token, next], nextIndex: index + 2 };
+    }
+    if (next !== undefined && !next.startsWith('-')) {
+        return { values: [token, next], nextIndex: index + 2 };
+    }
+    return { values: [token], nextIndex: index + 1 };
+}
+/**
+ * `opencli boss detail -abc123def` fails because commander parses
+ * `-abc123def` as an unknown option rather than the required
+ * `<security-id>` positional. BOSS 直聘 securityId tokens are opaque
+ * strings that can legitimately start with `-` (issue #1160), and the
+ * same shape can show up in any adapter that takes an opaque-id
+ * positional. Insert a `--` separator so commander treats the next
+ * token as the positional value.
+ */
+export function escapeLeadingDashPositional(argv, manifest) {
+    const result = [...argv];
+    const requiredFirstPositional = new Map();
+    for (const cmd of manifest) {
+        const first = cmd.args?.find((a) => a.positional);
+        if (first?.required)
+            requiredFirstPositional.set(cmd.site + '/' + cmd.name, cmd);
+    }
+    let i = 0;
+    while (i < result.length) {
+        const tok = result[i];
+        if (!tok.startsWith('-'))
+            break;
+        if (tok.includes('=')) {
+            i += 1;
+            continue;
+        }
+        if (ROOT_VALUE_FLAGS.has(tok) && i + 1 < result.length) {
+            i += 2;
+        }
+        else {
+            i += 1;
+        }
+    }
+    const site = result[i];
+    const cmd = result[i + 1];
+    const positionalIdx = i + 2;
+    if (!site || !cmd || positionalIdx >= result.length)
+        return result;
+    const entry = requiredFirstPositional.get(site + '/' + cmd);
+    if (!entry)
+        return result;
+    const options = knownCommandOptions(entry);
+    const beforePositional = [];
+    let j = positionalIdx;
+    while (j < result.length) {
+        const token = result[j];
+        if (token === '--')
+            return result;
+        const consumed = consumeKnownOption(result, j, options);
+        if (consumed) {
+            beforePositional.push(...consumed.values);
+            j = consumed.nextIndex;
+            continue;
+        }
+        if (!token.startsWith('-'))
+            return result;
+        if (token.startsWith('--'))
+            return result;
+        break;
+    }
+    if (j >= result.length)
+        return result;
+    const positional = result[j];
+    const trailingOptions = [];
+    const trailingRest = [];
+    j += 1;
+    while (j < result.length) {
+        const consumed = consumeKnownOption(result, j, options);
+        if (consumed) {
+            trailingOptions.push(...consumed.values);
+            j = consumed.nextIndex;
+            continue;
+        }
+        trailingRest.push(result[j]);
+        j += 1;
+    }
+    return [
+        ...result.slice(0, positionalIdx),
+        ...beforePositional,
+        ...trailingOptions,
+        '--',
+        positional,
+        ...trailingRest,
+    ];
+}

package/dist/src/cli-argv-preprocess.test.js

@@ -128,3 +128,82 @@ describe('rewriteBrowserArgv', () => {
         }
     });
 });
+import { escapeLeadingDashPositional } from './cli-argv-preprocess.js';
+describe('escapeLeadingDashPositional', () => {
+    const manifest = [
+        { site: 'boss', name: 'detail', browser: true, args: [{ name: 'security-id', positional: true, required: true }, { name: 'retry', positional: false, valueRequired: true }] },
+        { site: 'boss', name: 'search', args: [{ name: 'query', positional: true, required: false }, { name: 'limit', positional: false }] },
+        { site: 'twitter', name: 'follow', args: [{ name: 'username', positional: true, required: true }] },
+        { site: 'twitter', name: 'lists', args: [{ name: 'limit', positional: false }] },
+    ];
+    it('inserts -- before a required positional starting with `-`', () => {
+        expect(escapeLeadingDashPositional(['boss', 'detail', '-abc123def'], manifest))
+            .toEqual(['boss', 'detail', '--', '-abc123def']);
+    });
+    it('preserves trailing flags after the dash-leading positional', () => {
+        expect(escapeLeadingDashPositional(['boss', 'detail', '-xyz', '-f', 'json'], manifest))
+            .toEqual(['boss', 'detail', '-f', 'json', '--', '-xyz']);
+    });
+    it('preserves attached short option values like commander does', () => {
+        expect(escapeLeadingDashPositional(['boss', 'detail', '-fjson', '-xyz'], manifest))
+            .toEqual(['boss', 'detail', '-fjson', '--', '-xyz']);
+        expect(escapeLeadingDashPositional(['boss', 'detail', '-xyz', '-fjson'], manifest))
+            .toEqual(['boss', 'detail', '-fjson', '--', '-xyz']);
+    });
+    it('handles known options before a dash-leading positional', () => {
+        expect(escapeLeadingDashPositional(['boss', 'detail', '--format', 'json', '--trace=on', '-xyz'], manifest))
+            .toEqual(['boss', 'detail', '--format', 'json', '--trace=on', '--', '-xyz']);
+    });
+    it('keeps adapter and browser options parseable when they follow the positional', () => {
+        expect(escapeLeadingDashPositional(['boss', 'detail', '-xyz', '--retry', '2', '--window', 'foreground'], manifest))
+            .toEqual(['boss', 'detail', '--retry', '2', '--window', 'foreground', '--', '-xyz']);
+    });
+    it('protects negative numeric positionals too', () => {
+        expect(escapeLeadingDashPositional(['boss', 'detail', '-42'], manifest))
+            .toEqual(['boss', 'detail', '--', '-42']);
+    });
+    it('leaves unknown dash options untouched instead of hiding them behind --', () => {
+        expect(escapeLeadingDashPositional(['boss', 'detail', '--unknown', 'value'], manifest))
+            .toEqual(['boss', 'detail', '--unknown', 'value']);
+    });
+    it('does not touch positional values that do not start with -', () => {
+        expect(escapeLeadingDashPositional(['boss', 'detail', 'normal-id'], manifest))
+            .toEqual(['boss', 'detail', 'normal-id']);
+    });
+    it('does not touch the recognised short flags -f / -v / -h', () => {
+        expect(escapeLeadingDashPositional(['boss', 'detail', '-f', 'json'], manifest))
+            .toEqual(['boss', 'detail', '-f', 'json']);
+        expect(escapeLeadingDashPositional(['boss', 'detail', '-v'], manifest))
+            .toEqual(['boss', 'detail', '-v']);
+    });
+    it('does not touch long flags (--*)', () => {
+        expect(escapeLeadingDashPositional(['boss', 'detail', '--format', 'json'], manifest))
+            .toEqual(['boss', 'detail', '--format', 'json']);
+    });
+    it('does not touch already-escaped --', () => {
+        expect(escapeLeadingDashPositional(['boss', 'detail', '--', '-already-escaped'], manifest))
+            .toEqual(['boss', 'detail', '--', '-already-escaped']);
+    });
+    it('does not touch commands without a required positional', () => {
+        expect(escapeLeadingDashPositional(['boss', 'search', '-something'], manifest))
+            .toEqual(['boss', 'search', '-something']);
+        expect(escapeLeadingDashPositional(['twitter', 'lists', '-something'], manifest))
+            .toEqual(['twitter', 'lists', '-something']);
+    });
+    it('works when --profile or another root flag precedes the site', () => {
+        expect(escapeLeadingDashPositional(['--profile', 'work', 'boss', 'detail', '-abc'], manifest))
+            .toEqual(['--profile', 'work', 'boss', 'detail', '--', '-abc']);
+    });
+    it('works for any adapter, not just boss', () => {
+        expect(escapeLeadingDashPositional(['twitter', 'follow', '-someuser'], manifest))
+            .toEqual(['twitter', 'follow', '--', '-someuser']);
+    });
+    it('returns argv unchanged when the command is unknown', () => {
+        expect(escapeLeadingDashPositional(['unknown', 'cmd', '-arg'], manifest))
+            .toEqual(['unknown', 'cmd', '-arg']);
+    });
+    it('returns argv unchanged when argv is too short', () => {
+        expect(escapeLeadingDashPositional(['boss'], manifest)).toEqual(['boss']);
+        expect(escapeLeadingDashPositional(['boss', 'detail'], manifest)).toEqual(['boss', 'detail']);
+    });
+});

package/dist/src/convention-audit.js

@@ -246,19 +246,26 @@ function auditTypedErrorPatterns(command, source, sourcePath, projectRoot) {
         }
         const sentinel = /(?:\?\?|\|\|)\s*(['"])(unknown|Unknown|UNKNOWN|N\/A|n\/a|NA|未知|-)\1/.exec(line);
         if (sentinel) {
-            violations.push({
-                rule: 'silent-sentinel',
-                ...command,
-                file: relative,
-                line: index + 1,
-                message: `sentinel fallback ${sentinel[0].trim()} can turn missing data into fake data; prefer dropping the field or throwing a typed error`,
-                details: { text: line.trim() },
-            });
+            if (!isThrowMessageLine(line)) {
+                violations.push({
+                    rule: 'silent-sentinel',
+                    ...command,
+                    file: relative,
+                    line: index + 1,
+                    message: `sentinel fallback ${sentinel[0].trim()} can turn missing data into fake data; prefer dropping the field or throwing a typed error`,
+                    details: { text: line.trim() },
+                });
+            }
         }
         offset += line.length + 1;
     });
     return dedupeViolations(violations);
 }
+function isThrowMessageLine(line) {
+    // Only single-line `throw new X(...)` diagnostics are ignored. Multi-line
+    // throw expressions with row-like sentinel fallbacks still stay visible.
+    return /\bthrow\s+new\b/.test(line);
+}
 function auditWriteDeletePair(entries) {
     const bySite = new Map();
     for (const entry of entries) {

package/dist/src/convention-audit.test.js

@@ -223,4 +223,25 @@ describe('convention audit', () => {
         const violations = report.categories.find((item) => item.rule === 'silent-empty-fallback').violations;
         expect(violations.map((violation) => violation.command)).toEqual(['demo/catch']);
     });
+    it('does not report sentinel fallbacks inside thrown error messages', () => {
+        const root = makeProject([
+            { site: 'demo', name: 'error', access: 'read', columns: ['id'], sourceFile: 'demo/error.js' },
+            { site: 'demo', name: 'row', access: 'read', columns: ['id', 'title'], sourceFile: 'demo/row.js' },
+        ], {
+            'demo/error.js': `
+        export async function run(data) {
+          if (!data.ok) throw new Error(\`demo failed: \${data.message ?? 'unknown'}\`);
+          return [{ id: 1 }];
+        }
+      `,
+            'demo/row.js': `
+        export async function run(item) {
+          return [{ id: item.id, title: item.title ?? 'unknown' }];
+        }
+      `,
+        });
+        const report = runConventionAudit({ projectRoot: root });
+        const violations = report.categories.find((item) => item.rule === 'silent-sentinel').violations;
+        expect(violations.map((violation) => violation.command)).toEqual(['demo/row']);
+    });
 });

package/dist/src/download/index.js

@@ -165,7 +165,19 @@ export function exportCookiesToNetscape(cookies, filePath) {
         lines.push(`${domain}\t${includeSubdomains}\t${cookiePath}\t${secure}\t${expiry}\t${safeName}\t${safeValue}`);
     }
     fs.mkdirSync(path.dirname(filePath), { recursive: true });
-    fs.writeFileSync(filePath, lines.join('\n'));
+    // 0o600: file holds live session cookies, must be owner-only. fchmod before
+    // writing also tightens a pre-existing broad file before new secrets land.
+    let fd;
+    try {
+        fd = fs.openSync(filePath, fs.constants.O_WRONLY | fs.constants.O_CREAT | fs.constants.O_TRUNC, 0o600);
+        fs.fchmodSync(fd, 0o600);
+        fs.writeFileSync(fd, lines.join('\n'), 'utf8');
+    }
+    finally {
+        if (fd !== undefined) {
+            fs.closeSync(fd);
+        }
+    }
 }
 export function formatCookieHeader(cookies) {
     return cookies.map((cookie) => `${cookie.name}=${cookie.value}`).join('; ');

package/dist/src/download/index.test.js

@@ -3,7 +3,7 @@ import * as http from 'node:http';
 import * as os from 'node:os';
 import * as path from 'node:path';
 import { afterEach, describe, expect, it, vi } from 'vitest';
-import { formatCookieHeader, httpDownload, resolveRedirectUrl } from './index.js';
+import { exportCookiesToNetscape, formatCookieHeader, httpDownload, resolveRedirectUrl } from './index.js';
 const servers = [];
 const tempDirs = [];
 afterEach(async () => {
@@ -115,4 +115,26 @@ describe('download helpers', { retry: process.platform === 'win32' ? 2 : 0 }, ()
         expect(result).toEqual({ success: true, size: 2 });
         expect(fs.readFileSync(destPath, 'utf8')).toBe('ok');
     });
+    it.skipIf(process.platform === 'win32')('writes the Netscape cookie file with 0o600 owner-only permissions', async () => {
+        const tempDir = await fs.promises.mkdtemp(path.join(os.tmpdir(), 'opencli-dl-'));
+        tempDirs.push(tempDir);
+        const cookiesPath = path.join(tempDir, 'cookies.txt');
+        exportCookiesToNetscape([
+            { name: 'sid', value: 'secret', domain: 'example.com' },
+        ], cookiesPath);
+        const mode = fs.statSync(cookiesPath).mode & 0o777;
+        expect(mode).toBe(0o600);
+    });
+    it.skipIf(process.platform === 'win32')('tightens an existing Netscape cookie file before rewriting it', async () => {
+        const tempDir = await fs.promises.mkdtemp(path.join(os.tmpdir(), 'opencli-dl-'));
+        tempDirs.push(tempDir);
+        const cookiesPath = path.join(tempDir, 'cookies.txt');
+        fs.writeFileSync(cookiesPath, 'stale-cookie', { mode: 0o644 });
+        exportCookiesToNetscape([
+            { name: 'sid', value: 'secret', domain: 'example.com' },
+        ], cookiesPath);
+        const mode = fs.statSync(cookiesPath).mode & 0o777;
+        expect(mode).toBe(0o600);
+        expect(fs.readFileSync(cookiesPath, 'utf8')).toContain('sid\tsecret');
+    });
 });

package/dist/src/download/media-download.js

@@ -9,7 +9,7 @@
 import * as fs from 'node:fs';
 import * as path from 'node:path';
 import { getErrorMessage } from '../errors.js';
-import { httpDownload, ytdlpDownload, checkYtdlp, getTempDir, exportCookiesToNetscape, } from './index.js';
+import { httpDownload, ytdlpDownload, checkYtdlp, getTempDir, exportCookiesToNetscape, sanitizeFilename, } from './index.js';
 import { DownloadProgressTracker, formatBytes } from './progress.js';
 // ============================================================
 // Main API
@@ -50,7 +50,7 @@ export async function downloadMedia(items, options) {
             const media = items[i];
             const isVideo = media.type !== 'image';
             const ext = isVideo ? 'mp4' : 'jpg';
-            const filename = media.filename || `${filenamePrefix}_${i + 1}.${ext}`;
+            const filename = resolveMediaFilename(media.filename, filenamePrefix, i + 1, ext);
             const destPath = path.join(outputDir, filename);
             const progressBar = tracker.onFileStart(filename, i);
             try {
@@ -112,3 +112,16 @@ export async function downloadMedia(items, options) {
     }
     return results;
 }
+function resolveMediaFilename(filename, prefix, index, ext) {
+    const safePrefix = sanitizePathSegment(path.basename(path.win32.basename(prefix))) || 'download';
+    const fallback = `${safePrefix}_${index}.${ext}`;
+    if (!filename)
+        return fallback;
+    const basename = path.basename(path.win32.basename(filename));
+    const safeName = sanitizePathSegment(basename);
+    return safeName || fallback;
+}
+function sanitizePathSegment(value) {
+    const sanitized = sanitizeFilename(value);
+    return sanitized && sanitized !== '.' && sanitized !== '..' ? sanitized : '';
+}

package/dist/src/download/media-download.test.d.ts

@@ -0,0 +1 @@
+export {};