@mkterswingman/5mghost-wonder 0.0.11 → 0.0.14

package/dist/commands/browser.js

@@ -0,0 +1,76 @@
+// src/commands/browser.ts
+// Experimental browser runtime commands.
+import { resolveWonderPaths } from "../platform/paths.js";
+import { parseWecomUrl } from "../wecom/url.js";
+import { runBrowserNoExportProbe } from "../wecom/browser-probe.js";
+export async function runBrowserCommand(argv, context) {
+    const [sub, ...rest] = argv;
+    switch (sub) {
+        case "probe":
+            return runBrowserProbe(rest, context);
+        default:
+            context.io.stderr(`Unknown subcommand: browser ${sub ?? "(none)"}\n` +
+                "Usage: wonder browser probe <url> [--headed] [--timeout-ms <ms>] [--save <dir>]");
+            return { exitCode: 1 };
+    }
+}
+async function runBrowserProbe(args, context) {
+    let url;
+    let saveDir;
+    let timeoutMs;
+    let headed = false;
+    for (let i = 0; i < args.length; i++) {
+        const arg = args[i];
+        if (arg === "--save" && args[i + 1]) {
+            saveDir = args[++i];
+        }
+        else if (arg === "--timeout-ms" && args[i + 1]) {
+            timeoutMs = Number(args[++i]);
+        }
+        else if (arg === "--headed") {
+            headed = true;
+        }
+        else if (!arg.startsWith("-")) {
+            url = arg;
+        }
+    }
+    if (!url) {
+        context.io.stderr(JSON.stringify({
+            error: "missing_url",
+            message: "用法：wonder browser probe <url> [--headed] [--timeout-ms <ms>] [--save <dir>]",
+        }));
+        return { exitCode: 1, telemetry: { outcome: "failure", errorKind: "missing_url" } };
+    }
+    const parsed = parseWecomUrl(url);
+    if (!parsed.ok) {
+        context.io.stderr(JSON.stringify({
+            error: "invalid_url",
+            message: "无法识别的 WeCom URL",
+        }));
+        return { exitCode: 1, telemetry: { outcome: "failure", errorKind: "invalid_url" } };
+    }
+    if (timeoutMs !== undefined && (!Number.isFinite(timeoutMs) || timeoutMs < 1000 || timeoutMs > 60_000)) {
+        context.io.stderr(JSON.stringify({
+            error: "invalid_timeout",
+            message: "--timeout-ms must be between 1000 and 60000",
+        }));
+        return { exitCode: 1, telemetry: { outcome: "failure", errorKind: "invalid_timeout" } };
+    }
+    const paths = resolveWonderPaths({ homeDir: context.homeDir });
+    const result = await runBrowserNoExportProbe({
+        url,
+        chromeProfilePath: paths.chromeProfilePath,
+        saveDir,
+        headed,
+        timeoutMs,
+        io: context.io,
+    });
+    context.io.stdout(JSON.stringify(result));
+    return {
+        exitCode: result.status === "fail" ? 1 : 0,
+        telemetry: {
+            outcome: result.status === "fail" ? "failure" : "success",
+            errorKind: result.status === "fail" ? "browser_probe_failed" : undefined,
+        },
+    };
+}

package/dist/commands/help.js

@@ -30,6 +30,11 @@ export function renderHelpText() {
         "                                doc/slide → download file + path JSON",
         "  read <url> --tab <name>       Read specific xlsx tab (cells + merges + images)",
         "  read <url> --save <dir>       Output directory (default: ~/Downloads/5mghost-wonder/)",
+        "",
+        "Experimental browser runtime:",
+        "  browser probe <url>           Open in Wonder browser profile and capture",
+        "                                no-export evidence summaries",
+        "  browser probe <url> --headed  Show the browser while probing",
     ].join("\n");
 }
 export async function runHelpCommand(io) {

package/dist/commands/index.js

@@ -11,6 +11,7 @@ import { runSetupCommand } from "./setup.js";
 import { runAuthCommand } from "./auth.js";
 import { runWecom } from "./wecom.js";
 import { runReadCommand } from "./read.js";
+import { runBrowserCommand } from "./browser.js";
 export async function dispatchWonderCommand(argv, context) {
     const [cmd, ...rest] = argv;
     switch (cmd) {
@@ -30,6 +31,8 @@ export async function dispatchWonderCommand(argv, context) {
             return runWecom(rest, context);
         case "read":
             return runRead(rest, context);
+        case "browser":
+            return runBrowserCommand(rest, context);
         case "--help":
         case "-h":
         case "help":

package/dist/telemetry/runtime.js

@@ -2,7 +2,7 @@
 // Factory for the wonder telemetry runtime.
 // Returns null on any construction error — telemetry must never crash the CLI.
 import { DEFAULT_AUTH_URL, TokenManager } from "@mkterswingman/5mghost-auth";
-import { TelemetryRuntime, TelemetrySender } from "@mkterswingman/5mghost-telemetry";
+import { TelemetryRuntime, TelemetrySender, } from "@mkterswingman/5mghost-telemetry";
 import packageJson from "../../package.json" with { type: "json" };
 export function createWonderTelemetryRuntime(options = {}) {
     try {
@@ -17,11 +17,12 @@ export function createWonderTelemetryRuntime(options = {}) {
             authUrl,
             homeDir: options.homeDir,
         });
+        const sender = new SafeTelemetrySender(new TelemetrySender(tokenManager, ingestUrl));
         return new TelemetryRuntime({
             product: "5mghost-wonder",
             productVersion: packageJson.version,
             homeDir: options.homeDir,
-            sender: new TelemetrySender(tokenManager, ingestUrl),
+            sender,
         });
     }
     catch {
@@ -29,3 +30,23 @@ export function createWonderTelemetryRuntime(options = {}) {
         return null;
     }
 }
+class SafeTelemetrySender {
+    delegate;
+    constructor(delegate) {
+        this.delegate = delegate;
+    }
+    async sendBatch(events) {
+        try {
+            return await this.delegate.sendBatch(events);
+        }
+        catch (err) {
+            const errorName = err instanceof Error ? err.name : typeof err;
+            return {
+                disposition: {
+                    retryable: true,
+                    reason: `transport:${errorName}`,
+                },
+            };
+        }
+    }
+}

package/dist/wecom/browser-probe.js

@@ -0,0 +1,402 @@
+// src/wecom/browser-probe.ts
+// Experimental browser runtime probe for no-export reads. This intentionally
+// records evidence summaries, not raw network bodies or cookies.
+import { spawn } from "node:child_process";
+import { existsSync, mkdirSync, writeFileSync } from "node:fs";
+import { createServer } from "node:net";
+import { join, resolve } from "node:path";
+import WebSocket from "ws";
+const CDP_CALL_TIMEOUT_MS = 5000;
+const BROWSER_START_TIMEOUT_MS = 20_000;
+const DEFAULT_CAPTURE_MS = 8_000;
+const MAX_NETWORK_CANDIDATES = 40;
+let cdpNextId = 1;
+export async function runBrowserNoExportProbe(options) {
+    const timeoutMs = options.timeoutMs ?? DEFAULT_CAPTURE_MS;
+    const browser = findInstalledBrowser(options.executablePath);
+    const port = await getFreePort();
+    const endpoint = `http://127.0.0.1:${port}`;
+    const child = spawnBrowser({
+        browser,
+        port,
+        profilePath: options.chromeProfilePath,
+        url: options.url,
+        headed: options.headed ?? false,
+    });
+    try {
+        await waitForDebugger(endpoint, BROWSER_START_TIMEOUT_MS);
+        const pageWsUrl = await waitForPageWebSocket(endpoint, options.url, BROWSER_START_TIMEOUT_MS);
+        const socket = await openDevToolsSocket(pageWsUrl);
+        const responses = [];
+        try {
+            socket.addEventListener("message", (event) => {
+                const payload = safeJsonParse(String(event.data));
+                if (payload?.method !== "Network.responseReceived")
+                    return;
+                const response = payload.params?.response;
+                const requestId = payload.params?.requestId;
+                if (!response?.url || !requestId)
+                    return;
+                if (!isInterestingNetworkUrl(response.url, response.mimeType ?? ""))
+                    return;
+                responses.push({
+                    requestId,
+                    url: response.url,
+                    status: response.status ?? 0,
+                    mimeType: response.mimeType ?? "",
+                });
+            });
+            await sendCdpCommand(socket, "Network.enable");
+            await sendCdpCommand(socket, "Page.enable");
+            await sendCdpCommand(socket, "Runtime.enable");
+            await sendCdpCommand(socket, "Page.navigate", { url: options.url });
+            await delay(timeoutMs);
+            const pageInfo = await evaluatePageInfo(socket);
+            const networkCandidates = await collectNetworkCandidates(socket, responses);
+            const evidence = ["browser-page"];
+            if (pageInfo.visibleTextSample)
+                evidence.push("visible-text");
+            if (pageInfo.runtimeGlobals.length > 0)
+                evidence.push("runtime-globals");
+            if (networkCandidates.length > 0)
+                evidence.push("network-response-summary");
+            const missing = [
+                "raw structured document model",
+                "merge ranges",
+                "image original resources",
+                "image anchors",
+            ];
+            const result = {
+                mode: "browser-no-export-probe",
+                status: "partial",
+                url: redactUrl(options.url),
+                finalUrl: pageInfo.finalUrl ? redactUrl(pageInfo.finalUrl) : undefined,
+                title: pageInfo.title,
+                loginLikely: pageInfo.loginLikely,
+                visibleTextSample: pageInfo.visibleTextSample,
+                runtimeGlobals: pageInfo.runtimeGlobals,
+                networkCandidates,
+                evidence,
+                missing,
+            };
+            if (options.saveDir) {
+                mkdirSync(options.saveDir, { recursive: true });
+                const savedPath = resolve(options.saveDir, `wonder-browser-probe-${Date.now()}.json`);
+                writeFileSync(savedPath, JSON.stringify(result, null, 2), { mode: 0o600 });
+                result.savedPath = savedPath;
+            }
+            return result;
+        }
+        finally {
+            socket.close();
+        }
+    }
+    catch (err) {
+        return {
+            mode: "browser-no-export-probe",
+            status: "fail",
+            url: redactUrl(options.url),
+            loginLikely: false,
+            runtimeGlobals: [],
+            networkCandidates: [],
+            evidence: [],
+            missing: [err instanceof Error ? err.message : String(err)],
+        };
+    }
+    finally {
+        await terminateBrowserProcess(child);
+    }
+}
+async function evaluatePageInfo(socket) {
+    const expression = `(() => {
+    const text = (document.body && document.body.innerText || "").replace(/\\s+/g, " ").trim();
+    const globals = Object.keys(window)
+      .filter((key) => /doc|sheet|wecom|weixin|store|redux|editor|canvas/i.test(key))
+      .slice(0, 80);
+    const loginLikely = /登录|扫码|二维码|login|sign in/i.test(text);
+    return {
+      finalUrl: location.href,
+      title: document.title,
+      loginLikely,
+      visibleTextSample: text.slice(0, 2000),
+      runtimeGlobals: globals
+    };
+  })()`;
+    const payload = await sendCdpCommand(socket, "Runtime.evaluate", {
+        expression,
+        returnByValue: true,
+        awaitPromise: false,
+    });
+    const value = payload.result?.value;
+    return {
+        finalUrl: value?.finalUrl,
+        title: value?.title,
+        loginLikely: value?.loginLikely ?? false,
+        visibleTextSample: value?.visibleTextSample,
+        runtimeGlobals: value?.runtimeGlobals ?? [],
+    };
+}
+async function collectNetworkCandidates(socket, responses) {
+    const unique = new Map();
+    for (const response of responses) {
+        if (unique.size >= MAX_NETWORK_CANDIDATES)
+            break;
+        unique.set(response.requestId, response);
+    }
+    const candidates = [];
+    for (const response of unique.values()) {
+        let body = "";
+        let base64Encoded = false;
+        try {
+            const payload = await sendCdpCommand(socket, "Network.getResponseBody", { requestId: response.requestId });
+            body = payload.body ?? "";
+            base64Encoded = payload.base64Encoded ?? false;
+        }
+        catch {
+            // Some responses are streamed, cached, too large, or not retained.
+        }
+        const signals = detectBodySignals(body, response.mimeType);
+        candidates.push({
+            url: redactUrl(response.url),
+            status: response.status,
+            mimeType: response.mimeType,
+            bodyLength: body ? body.length : undefined,
+            base64Encoded: body ? base64Encoded : undefined,
+            signals,
+        });
+    }
+    return candidates;
+}
+function detectBodySignals(body, mimeType) {
+    const haystack = `${mimeType}\n${body.slice(0, 200_000)}`;
+    const signals = [];
+    if (/merge|merged|rowspan|colspan|mergeCell|mergeCells/i.test(haystack))
+        signals.push("merge-like");
+    if (/image|img|pic|picture|media|download_url|url/i.test(haystack))
+        signals.push("image-like");
+    if (/cell|row|column|sheet|workbook|table/i.test(haystack))
+        signals.push("table-like");
+    if (/text|paragraph|content|doc|delta|operation|op/i.test(haystack))
+        signals.push("document-like");
+    if (/websocket|realtime|sync/i.test(haystack))
+        signals.push("realtime-like");
+    return signals;
+}
+function spawnBrowser(args) {
+    mkdirSync(args.profilePath, { recursive: true });
+    const browserArgs = [
+        `--remote-debugging-port=${args.port}`,
+        `--user-data-dir=${args.profilePath}`,
+        "--no-first-run",
+        "--no-default-browser-check",
+        "--disable-features=DialMediaRouteProvider",
+    ];
+    if (!args.headed) {
+        browserArgs.push("--headless=new");
+        browserArgs.push("--disable-gpu");
+    }
+    browserArgs.push(args.url);
+    return spawn(args.browser.executablePath, browserArgs, {
+        stdio: "ignore",
+        detached: process.platform !== "win32",
+    });
+}
+function getKnownBrowserPaths() {
+    if (process.platform === "darwin") {
+        return [
+            {
+                label: "Google Chrome",
+                executablePath: "/Applications/Google Chrome.app/Contents/MacOS/Google Chrome",
+            },
+            {
+                label: "Microsoft Edge",
+                executablePath: "/Applications/Microsoft Edge.app/Contents/MacOS/Microsoft Edge",
+            },
+        ];
+    }
+    if (process.platform === "win32") {
+        const lad = process.env["LOCALAPPDATA"] ?? "";
+        const pf = process.env["PROGRAMFILES"] ?? "C:\\Program Files";
+        const pf86 = process.env["PROGRAMFILES(X86)"] ?? "C:\\Program Files (x86)";
+        return [
+            { label: "Google Chrome", executablePath: join(lad, "Google", "Chrome", "Application", "chrome.exe") },
+            { label: "Google Chrome", executablePath: join(pf, "Google", "Chrome", "Application", "chrome.exe") },
+            { label: "Google Chrome", executablePath: join(pf86, "Google", "Chrome", "Application", "chrome.exe") },
+            { label: "Microsoft Edge", executablePath: join(pf, "Microsoft", "Edge", "Application", "msedge.exe") },
+            { label: "Microsoft Edge", executablePath: join(pf86, "Microsoft", "Edge", "Application", "msedge.exe") },
+            { label: "Microsoft Edge", executablePath: join(lad, "Microsoft", "Edge", "Application", "msedge.exe") },
+        ];
+    }
+    return [
+        { label: "Google Chrome", executablePath: "/usr/bin/google-chrome-stable" },
+        { label: "Google Chrome", executablePath: "/usr/bin/google-chrome" },
+        { label: "Chromium", executablePath: "/usr/bin/chromium" },
+        { label: "Chromium", executablePath: "/usr/bin/chromium-browser" },
+        { label: "Microsoft Edge", executablePath: "/usr/bin/microsoft-edge" },
+    ];
+}
+function findInstalledBrowser(executablePath) {
+    if (executablePath) {
+        if (!existsSync(executablePath)) {
+            throw new Error(`Configured browser not found: ${executablePath}`);
+        }
+        return { label: "Configured browser", executablePath };
+    }
+    for (const candidate of getKnownBrowserPaths()) {
+        if (existsSync(candidate.executablePath))
+            return candidate;
+    }
+    throw new Error("Could not find a supported Chrome/Edge installation");
+}
+async function getFreePort() {
+    return new Promise((resolve, reject) => {
+        const server = createServer();
+        server.listen(0, "127.0.0.1", () => {
+            const address = server.address();
+            if (!address || typeof address === "string") {
+                server.close();
+                reject(new Error("Failed to allocate a browser debugging port"));
+                return;
+            }
+            const port = address.port;
+            server.close((err) => {
+                if (err)
+                    reject(err);
+                else
+                    resolve(port);
+            });
+        });
+        server.on("error", reject);
+    });
+}
+async function waitForDebugger(endpoint, timeoutMs) {
+    const startedAt = Date.now();
+    while (Date.now() - startedAt < timeoutMs) {
+        try {
+            const res = await fetch(`${endpoint}/json/version`);
+            if (res.ok)
+                return;
+        }
+        catch {
+            // Startup race.
+        }
+        await delay(500);
+    }
+    throw new Error("Browser did not expose the remote debugging endpoint in time");
+}
+async function waitForPageWebSocket(endpoint, expectedUrl, timeoutMs) {
+    const startedAt = Date.now();
+    while (Date.now() - startedAt < timeoutMs) {
+        try {
+            const res = await fetch(`${endpoint}/json/list`);
+            if (res.ok) {
+                const targets = (await res.json());
+                const expectedHost = new URL(expectedUrl).host;
+                const target = targets.find((t) => t.type === "page" &&
+                    t.webSocketDebuggerUrl &&
+                    (t.url?.includes(expectedHost) || targets.length === 1));
+                if (target?.webSocketDebuggerUrl)
+                    return target.webSocketDebuggerUrl;
+            }
+        }
+        catch {
+            // Startup race.
+        }
+        await delay(500);
+    }
+    throw new Error("Browser did not expose a page DevTools websocket in time");
+}
+async function openDevToolsSocket(url) {
+    return new Promise((resolve, reject) => {
+        const socket = new WebSocket(url);
+        const timer = setTimeout(() => {
+            socket.close();
+            reject(new Error("Timed out connecting to browser DevTools websocket"));
+        }, CDP_CALL_TIMEOUT_MS);
+        socket.once("open", () => {
+            clearTimeout(timer);
+            resolve(socket);
+        });
+        socket.once("error", () => {
+            clearTimeout(timer);
+            reject(new Error("Failed to connect to browser DevTools websocket"));
+        });
+    });
+}
+async function sendCdpCommand(socket, method, params = {}) {
+    const id = cdpNextId++;
+    return new Promise((resolve, reject) => {
+        const timer = setTimeout(() => {
+            socket.removeEventListener("message", handleMessage);
+            reject(new Error(`CDP timeout: ${method}`));
+        }, CDP_CALL_TIMEOUT_MS);
+        const handleMessage = (event) => {
+            const payload = safeJsonParse(String(event.data));
+            if (payload?.id !== id)
+                return;
+            clearTimeout(timer);
+            socket.removeEventListener("message", handleMessage);
+            if (payload.error)
+                reject(new Error(payload.error.message ?? `CDP error: ${method}`));
+            else
+                resolve((payload.result ?? {}));
+        };
+        socket.addEventListener("message", handleMessage);
+        socket.send(JSON.stringify({ id, method, params }));
+    });
+}
+async function terminateBrowserProcess(child) {
+    if (child.exitCode !== null)
+        return;
+    if (process.platform !== "win32" && child.pid) {
+        try {
+            process.kill(-child.pid, "SIGTERM");
+        }
+        catch {
+            child.kill();
+        }
+    }
+    else {
+        child.kill();
+    }
+    await delay(500);
+    if (child.exitCode === null) {
+        try {
+            if (process.platform !== "win32" && child.pid)
+                process.kill(-child.pid, "SIGKILL");
+            else
+                child.kill("SIGKILL");
+        }
+        catch {
+            // Already exited.
+        }
+    }
+}
+function isInterestingNetworkUrl(url, mimeType) {
+    if (!/doc\.weixin\.qq\.com|weixin\.qq\.com|wecom/i.test(url))
+        return false;
+    return /json|text|javascript|octet-stream|protobuf|grpc|xml|html/i.test(mimeType) ||
+        /cgi|api|doc|sheet|media|image|file|sync|ws/i.test(url);
+}
+function redactUrl(rawUrl) {
+    try {
+        const u = new URL(rawUrl);
+        u.search = "";
+        u.hash = "";
+        return u.toString();
+    }
+    catch {
+        return rawUrl.split("?")[0] ?? rawUrl;
+    }
+}
+function safeJsonParse(value) {
+    try {
+        return JSON.parse(value);
+    }
+    catch {
+        return null;
+    }
+}
+function delay(ms) {
+    return new Promise((resolve) => setTimeout(resolve, ms));
+}

package/dist/wecom/browser.js

@@ -13,7 +13,9 @@ const LOGIN_URL = "https://doc.weixin.qq.com";
 const LOGIN_TIMEOUT_MS = 3 * 60 * 1000;
 const COOKIE_POLL_INTERVAL_MS = 2000;
 const CDP_CALL_TIMEOUT_MS = 5000;
-const MIN_KEY_COOKIES_REQUIRED = 3;
+const PROFILE_FLUSH_DELAY_MS = 1500;
+const GRACEFUL_BROWSER_CLOSE_TIMEOUT_MS = 5000;
+const SIGTERM_BROWSER_CLOSE_TIMEOUT_MS = 3000;
 const KEY_COOKIES = [
     "TOK",
     "wedrive_sid",
@@ -47,7 +49,7 @@ function assertLocalhostUrl(url) {
 }
 /**
  * Spawn Chrome → connect via CDP WebSocket → poll Storage.getCookies until
- * ≥ MIN_KEY_COOKIES_REQUIRED key cookies are present → return Record<string,string>.
+ * all key cookies are present → return Record<string,string>.
  */
 export async function collectWecomCookiesViaBrowser(options) {
     const timeoutMs = options.timeoutMs ?? LOGIN_TIMEOUT_MS;
@@ -83,14 +85,24 @@ export async function collectWecomCookiesViaBrowser(options) {
             const startedAt = Date.now();
             while (Date.now() - startedAt < timeoutMs) {
                 const cookies = await readWecomCookies(socket);
-                if (cookies !== null)
+                if (cookies !== null) {
+                    // Give Chrome a short window to flush cookie/profile state before
+                    // shutdown. Returning immediately made the exported cookies valid
+                    // while the dedicated browser profile could remain effectively
+                    // logged out on the next refresh.
+                    if (child)
+                        await delay(PROFILE_FLUSH_DELAY_MS);
                     return cookies;
+                }
                 await delay(COOKIE_POLL_INTERVAL_MS);
             }
             throw new Error(`Timed out waiting for WeCom login after ${Math.round(timeoutMs / 1000)}s. ` +
                 "Sign in to WeCom in the opened browser, then rerun `wonder wecom cookie`.");
         }
         finally {
+            if (child) {
+                await closeBrowserGracefully(socket, child);
+            }
             socket.close();
         }
     }
@@ -291,14 +303,14 @@ function isTrustedDomain(domain) {
 }
 /**
  * Poll CDP for WeCom cookies. Returns Record<string,string> when
- * MIN_KEY_COOKIES_REQUIRED are present, null otherwise.
+ * all key cookies are present, null otherwise.
  */
 async function readWecomCookies(socket) {
     const payload = await sendCdpCommand(socket, "Storage.getCookies");
     const trusted = (payload.cookies ?? []).filter((c) => isTrustedDomain(c.domain));
     const cookieNames = new Set(trusted.map((c) => c.name));
-    const presentKeys = KEY_COOKIES.filter((k) => cookieNames.has(k));
-    if (presentKeys.length < MIN_KEY_COOKIES_REQUIRED)
+    const missingKeys = KEY_COOKIES.filter((k) => !cookieNames.has(k));
+    if (missingKeys.length > 0)
         return null;
     // Build Record; later entries overwrite earlier ones for the same name.
     const result = {};
@@ -327,7 +339,9 @@ async function terminateBrowserProcess(child) {
     else {
         child.kill();
     }
-    await delay(500);
+    const exitedAfterSigterm = await waitForBrowserExit(child, SIGTERM_BROWSER_CLOSE_TIMEOUT_MS);
+    if (exitedAfterSigterm)
+        return;
     if (child.exitCode === null) {
         try {
             if (process.platform !== "win32" && child.pid) {
@@ -342,3 +356,31 @@ async function terminateBrowserProcess(child) {
         }
     }
 }
+async function closeBrowserGracefully(socket, child) {
+    if (child.exitCode !== null)
+        return;
+    try {
+        await sendCdpCommand(socket, "Browser.close");
+    }
+    catch {
+        // Browser.close can close the websocket before the response arrives. The
+        // process exit is the authoritative signal here.
+    }
+    await waitForBrowserExit(child, GRACEFUL_BROWSER_CLOSE_TIMEOUT_MS);
+}
+function waitForBrowserExit(child, timeoutMs) {
+    if (child.exitCode !== null || child.signalCode !== null) {
+        return Promise.resolve(true);
+    }
+    return new Promise((resolve) => {
+        const timer = setTimeout(() => {
+            child.removeListener("exit", onExit);
+            resolve(false);
+        }, timeoutMs);
+        const onExit = () => {
+            clearTimeout(timer);
+            resolve(true);
+        };
+        child.once("exit", onExit);
+    });
+}

package/dist/wecom/cookies.js

@@ -3,6 +3,14 @@
 // Storage: ~/.wonder/cookies.json  (atomic write via tmp+rename, chmod 600)
 import { chmodSync, existsSync, mkdirSync, readFileSync, renameSync, rmSync, writeFileSync, } from "node:fs";
 import { dirname } from "node:path";
+const REQUIRED_COOKIES_FOR_VALIDATION = [
+    "TOK",
+    "wedrive_sid",
+    "uid",
+    "uid_key",
+    "wedrive_ticket",
+    "wedrive_skey",
+];
 // ---------------------------------------------------------------------------
 // Atomic write helper
 // ---------------------------------------------------------------------------
@@ -68,6 +76,9 @@ export function removeCookies(cookiesPath) {
  * - Network error → conservatively return true (avoid false "expired" on offline)
  */
 export async function validateCookies(cookies) {
+    const missingRequired = REQUIRED_COOKIES_FOR_VALIDATION.some((name) => !cookies[name]);
+    if (missingRequired)
+        return false;
     // W-02: strip `;` and `\n` from cookie values to prevent header injection.
     const cookieHeader = Object.entries(cookies)
         .map(([k, v]) => `${k}=${String(v).replace(/[;\n]/g, "")}`)