@oyasmi/pipiclaw 0.5.7 → 0.5.8

package/README.md

@@ -129,6 +129,13 @@ Pipiclaw 当前已经内置一轮工具层安全增强：
   - 直接使用 Anthropic 默认模型
   - 或在 `models.json` 中配置自定义模型提供方（provider）
 
+Windows 补充说明：
+
+- Pipiclaw 的工具执行层默认按 POSIX shell 语义工作
+- 在 Windows host 模式下，建议安装 Git Bash，并确保 `bash` 可在 PATH 中找到
+- 如果 `bash` 不在 PATH 中，可以设置 `PIPICLAW_SHELL` 指向具体可执行文件，例如 `C:\Program Files\Git\bin\bash.exe`
+- 如果你不想依赖本机 shell 环境，推荐直接使用 Docker sandbox
+
 #### 2. 安装（Install）
 
 ```bash
@@ -169,6 +176,12 @@ export PIPICLAW_HOME=/your/custom/pipiclaw-home
 
 设置后，`channel.json`、`auth.json`、`models.json`、`settings.json` 和整个 `workspace/` 都会改为从这个目录读取和写入。
 
+如果你在 Windows host 模式下运行，并且 `bash` 不在 PATH 中，也可以一并设置：
+
+```powershell
+$env:PIPICLAW_SHELL = "C:\Program Files\Git\bin\bash.exe"
+```
+
 如果 `channel.json` 仍然是初始化模板，程序会提示你补全配置后再启动。这是正常行为。
 
 #### 4. 创建钉钉应用（Create a DingTalk App）

package/dist/sandbox.js

@@ -1,4 +1,4 @@
-import { spawn } from "child_process";
+import { spawn, spawnSync } from "child_process";
 import { shellEscape } from "./shared/shell-escape.js";
 export function parseSandboxArg(value) {
     if (value === "host") {
@@ -17,6 +17,15 @@ export function parseSandboxArg(value) {
 }
 export async function validateSandbox(config) {
     if (config.type === "host") {
+        if (process.platform === "win32") {
+            try {
+                resolveWindowsHostShell();
+            }
+            catch (error) {
+                console.error(`Error: ${error instanceof Error ? error.message : String(error)}`);
+                process.exit(1);
+            }
+        }
         return;
     }
     // Check if Docker is available
@@ -45,7 +54,10 @@ export async function validateSandbox(config) {
 }
 function execSimple(cmd, args) {
     return new Promise((resolve, reject) => {
-        const child = spawn(cmd, args, { stdio: ["ignore", "pipe", "pipe"] });
+        const child = spawn(cmd, args, {
+            stdio: ["ignore", "pipe", "pipe"],
+            windowsHide: true,
+        });
         let stdout = "";
         let stderr = "";
         child.stdout?.on("data", (d) => {
@@ -62,6 +74,51 @@ function execSimple(cmd, args) {
         });
     });
 }
+const WINDOWS_POSIX_SHELL_CANDIDATES = [
+    "bash",
+    "sh",
+    "C:\\Program Files\\Git\\bin\\bash.exe",
+    "C:\\Program Files\\Git\\usr\\bin\\bash.exe",
+    "C:\\Program Files (x86)\\Git\\bin\\bash.exe",
+    "C:\\Program Files (x86)\\Git\\usr\\bin\\bash.exe",
+];
+let cachedWindowsHostShell;
+function looksLikeUnixShellPath(shell) {
+    return shell.endsWith("/bash") || shell.endsWith("/sh");
+}
+function isUsablePosixShell(command) {
+    const result = spawnSync(command, ["-lc", "printf pipiclaw"], {
+        stdio: ["ignore", "pipe", "ignore"],
+        encoding: "utf-8",
+        windowsHide: true,
+    });
+    return !result.error && result.status === 0 && result.stdout === "pipiclaw";
+}
+function resolveWindowsHostShell() {
+    if (cachedWindowsHostShell) {
+        return cachedWindowsHostShell;
+    }
+    const configuredShell = process.env.PIPICLAW_SHELL?.trim();
+    const inheritedShell = process.env.SHELL?.trim();
+    const shellCandidates = [
+        configuredShell,
+        inheritedShell && looksLikeUnixShellPath(inheritedShell) ? inheritedShell.split("/").pop() : undefined,
+        ...WINDOWS_POSIX_SHELL_CANDIDATES,
+    ].filter((value) => Boolean(value));
+    for (const command of shellCandidates) {
+        if (isUsablePosixShell(command)) {
+            cachedWindowsHostShell = { command, args: ["-lc"] };
+            return cachedWindowsHostShell;
+        }
+    }
+    throw new Error("Windows host sandbox requires a POSIX shell. Install Git Bash and ensure `bash` is on PATH, set `PIPICLAW_SHELL`, or use the Docker sandbox.");
+}
+function resolveHostShell() {
+    if (process.platform === "win32") {
+        return resolveWindowsHostShell();
+    }
+    return { command: "sh", args: ["-c"] };
+}
 /**
  * Create an executor that runs commands either on host or in Docker container
  */
@@ -74,13 +131,13 @@ export function createExecutor(config) {
 class HostExecutor {
     async exec(command, options) {
         return new Promise((resolve, reject) => {
-            const shell = process.platform === "win32" ? "cmd" : "sh";
-            const shellArgs = process.platform === "win32" ? ["/c"] : ["-c"];
+            const shell = resolveHostShell();
             const child = (() => {
                 try {
-                    return spawn(shell, [...shellArgs, command], {
+                    return spawn(shell.command, [...shell.args, command], {
                         detached: true,
                         stdio: ["pipe", "pipe", "pipe"],
+                        windowsHide: true,
                     });
                 }
                 catch (err) {
@@ -199,6 +256,7 @@ function killProcessTree(pid) {
             spawn("taskkill", ["/F", "/T", "/PID", String(pid)], {
                 stdio: "ignore",
                 detached: true,
+                windowsHide: true,
             });
         }
         catch {

package/dist/shared/shell-escape.d.ts

@@ -3,3 +3,10 @@
  * Wraps in single quotes and escapes internal single quotes.
  */
 export declare function shellEscape(s: string): string;
+/**
+ * Normalize filesystem paths for POSIX-style shells.
+ * On Windows we convert backslashes to forward slashes so Git Bash/MSYS tools
+ * can consume the path consistently.
+ */
+export declare function toShellPath(path: string): string;
+export declare function shellEscapePath(path: string): string;

package/dist/shared/shell-escape.js

@@ -5,3 +5,14 @@
 export function shellEscape(s) {
     return `'${s.replace(/'/g, "'\\''")}'`;
 }
+/**
+ * Normalize filesystem paths for POSIX-style shells.
+ * On Windows we convert backslashes to forward slashes so Git Bash/MSYS tools
+ * can consume the path consistently.
+ */
+export function toShellPath(path) {
+    return process.platform === "win32" ? path.replace(/\\/g, "/") : path;
+}
+export function shellEscapePath(path) {
+    return shellEscape(toShellPath(path));
+}

package/dist/tools/edit.js

@@ -3,7 +3,7 @@ import * as Diff from "diff";
 import { DEFAULT_SECURITY_CONFIG } from "../security/config.js";
 import { logSecurityEvent } from "../security/logger.js";
 import { guardPath } from "../security/path-guard.js";
-import { shellEscape } from "../shared/shell-escape.js";
+import { shellEscapePath } from "../shared/shell-escape.js";
 import { writeContent } from "./write-content.js";
 /**
  * Generate a unified diff string with line numbers and context
@@ -123,7 +123,7 @@ export function createEditTool(executor, options = {}) {
                 }
             }
             // Read the file
-            const readResult = await executor.exec(`cat ${shellEscape(path)}`, { signal });
+            const readResult = await executor.exec(`cat ${shellEscapePath(path)}`, { signal });
             if (readResult.code !== 0) {
                 throw new Error(readResult.stderr || `File not found: ${path}`);
             }

package/dist/tools/read.js

@@ -3,7 +3,7 @@ import { extname } from "path";
 import { DEFAULT_SECURITY_CONFIG } from "../security/config.js";
 import { logSecurityEvent } from "../security/logger.js";
 import { guardPath } from "../security/path-guard.js";
-import { shellEscape } from "../shared/shell-escape.js";
+import { shellEscapePath, toShellPath } from "../shared/shell-escape.js";
 import { DEFAULT_MAX_BYTES, DEFAULT_MAX_LINES, formatSize, truncateHead } from "./truncate.js";
 /**
  * Map of file extensions to MIME types for common image formats
@@ -70,7 +70,7 @@ export function createReadTool(executor, options = {}) {
             const mimeType = isImageFile(path);
             if (mimeType) {
                 // Read as image (binary) - use base64
-                const result = await executor.exec(`base64 < ${shellEscape(path)}`, { signal });
+                const result = await executor.exec(`base64 < ${shellEscapePath(path)}`, { signal });
                 if (result.code !== 0) {
                     throw new Error(result.stderr || `Failed to read file: ${path}`);
                 }
@@ -84,7 +84,7 @@ export function createReadTool(executor, options = {}) {
                 };
             }
             // Get total line count first
-            const countResult = await executor.exec(`wc -l < ${shellEscape(path)}`, { signal });
+            const countResult = await executor.exec(`wc -l < ${shellEscapePath(path)}`, { signal });
             if (countResult.code !== 0) {
                 throw new Error(countResult.stderr || `Failed to read file: ${path}`);
             }
@@ -99,10 +99,10 @@ export function createReadTool(executor, options = {}) {
             // Read content with offset
             let cmd;
             if (startLine === 1) {
-                cmd = `cat ${shellEscape(path)}`;
+                cmd = `cat ${shellEscapePath(path)}`;
             }
             else {
-                cmd = `tail -n +${startLine} ${shellEscape(path)}`;
+                cmd = `tail -n +${startLine} ${shellEscapePath(path)}`;
             }
             const result = await executor.exec(cmd, { signal });
             if (result.code !== 0) {
@@ -124,7 +124,7 @@ export function createReadTool(executor, options = {}) {
             if (truncation.firstLineExceedsLimit) {
                 // First line at offset exceeds 50KB - tell model to use bash
                 const firstLineSize = formatSize(Buffer.byteLength(selectedContent.split("\n")[0], "utf-8"));
-                outputText = `[Line ${startLineDisplay} is ${firstLineSize}, exceeds ${formatSize(DEFAULT_MAX_BYTES)} limit. Use bash: sed -n '${startLineDisplay}p' ${path} | head -c ${DEFAULT_MAX_BYTES}]`;
+                outputText = `[Line ${startLineDisplay} is ${firstLineSize}, exceeds ${formatSize(DEFAULT_MAX_BYTES)} limit. Use bash: sed -n '${startLineDisplay}p' ${toShellPath(path)} | head -c ${DEFAULT_MAX_BYTES}]`;
                 details = { truncation };
             }
             else if (truncation.truncated) {

package/dist/tools/write-content.js

@@ -1,9 +1,10 @@
+import { dirname } from "node:path";
 import { DEFAULT_SECURITY_CONFIG } from "../security/config.js";
 import { logSecurityEvent } from "../security/logger.js";
 import { guardPath } from "../security/path-guard.js";
-import { shellEscape } from "../shared/shell-escape.js";
+import { shellEscapePath } from "../shared/shell-escape.js";
 function getDir(path) {
-    return path.includes("/") ? path.substring(0, path.lastIndexOf("/")) : ".";
+    return dirname(path);
 }
 function ensureSuccess(result, path) {
     if (result.code !== 0) {
@@ -41,8 +42,8 @@ export async function writeContent(executor, path, content, signal, options) {
             throw new Error(lines.join("\n"));
         }
     }
-    const dirPrefix = createParentDir ? `mkdir -p ${shellEscape(getDir(path))} && ` : "";
-    const result = await executor.exec(`${dirPrefix}cat > ${shellEscape(path)}`, {
+    const dirPrefix = createParentDir ? `mkdir -p ${shellEscapePath(getDir(path))} && ` : "";
+    const result = await executor.exec(`${dirPrefix}cat > ${shellEscapePath(path)}`, {
         signal,
         stdin: content,
     });

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "@oyasmi/pipiclaw",
-	"version": "0.5.7",
+	"version": "0.5.8",
 	"description": "An AI assistant runtime for coding and team workflows, with DingTalk AI Cards, sub-agents, memory, and scheduled events.",
 	"type": "module",
 	"bin": {