@shawnstack/quickforge 1.3.23 → 1.3.24

package/dist/index.html

@@ -11,13 +11,13 @@
     <meta name="apple-mobile-web-app-title" content="QuickForge" />
     <meta name="apple-mobile-web-app-status-bar-style" content="black-translucent" />
     <title>速构 QuickForge</title>
-    <script type="module" crossorigin src="/assets/index-CjTN0qaQ.js"></script>
+    <script type="module" crossorigin src="/assets/index-s72bxhrh.js"></script>
     <link rel="modulepreload" crossorigin href="/assets/rolldown-runtime-CkqCuyE9.js">
     <link rel="modulepreload" crossorigin href="/assets/lit-vendor-Dr3cpBGF.js">
     <link rel="modulepreload" crossorigin href="/assets/css-utils-rkE68RDy.js">
-    <link rel="modulepreload" crossorigin href="/assets/icons-WD3UkVNM.js">
-    <link rel="modulepreload" crossorigin href="/assets/react-vendor-BcQaTQ90.js">
-    <link rel="stylesheet" crossorigin href="/assets/index-eeLjaV06.css">
+    <link rel="modulepreload" crossorigin href="/assets/icons-DmRYmmql.js">
+    <link rel="modulepreload" crossorigin href="/assets/react-vendor-BsV2HYbc.js">
+    <link rel="stylesheet" crossorigin href="/assets/index-C4m48ndP.css">
   </head>
   <body>
     <div id="root"></div>

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@shawnstack/quickforge",
-  "version": "1.3.23",
+  "version": "1.3.24",
   "description": "AI chat application with YOLO-mode local workspace tools. React + Vite + Tailwind CSS frontend, local Node.js storage server.",
   "keywords": [
     "ai",
@@ -42,6 +42,9 @@
     "package.json"
   ],
   "dependencies": {
+    "@dnd-kit/core": "^6.3.1",
+    "@dnd-kit/sortable": "^10.0.0",
+    "@dnd-kit/utilities": "^3.2.2",
     "@mariozechner/pi-agent-core": "^0.73.1",
     "@mariozechner/pi-ai": "^0.73.1",
     "@modelcontextprotocol/sdk": "^1.29.0",

package/server/agent-manager.mjs

@@ -183,23 +183,28 @@ const agentSessions = new Map()
 const IDLE_TIMEOUT_MS = 30 * 60 * 1000 // 30 minutes
 const APPROVAL_TIMEOUT_MS = 5 * 60 * 1000 // 5 minutes for tool approval
 const SUBAGENT_DEFAULT_TIMEOUT_MS = 30 * 60 * 1000
-const commandRestrictedTools = new Set(['write_file', 'edit_file', 'run_command'])
+const commandRestrictedTools = new Set(['write_file', 'edit_file', 'run_command', 'run_subagent'])
 const safeReadTools = new Set(['read_file', 'grep_files'])
 const pendingApprovals = new Map() // toolCallId → { resolve, reject, sessionId, toolName, args, source, timeout }
 const pendingAutoCompactApprovals = new Map() // approvalId → { resolve, reject, sessionId, timeout }
 
-function createCommandToolPermissions(session) {
-  return (toolName) => {
-    const permissions = session.activeCommandPermissions
-    if (!permissions || !commandRestrictedTools.has(toolName)) return null
-    if (toolName === 'run_command' && permissions.allowCommands === false) {
-      return `Custom command /${session.activeCommandName} does not allow running shell commands.`
-    }
-    if ((toolName === 'write_file' || toolName === 'edit_file') && permissions.allowEdit === false) {
-      return `Custom command /${session.activeCommandName} does not allow editing files.`
-    }
-    return null
+function commandToolPermissionError(session, toolName) {
+  const permissions = session?.activeCommandPermissions
+  if (!permissions || !commandRestrictedTools.has(toolName)) return null
+  if (toolName === 'run_command' && permissions.allowCommands === false) {
+    return `Command /${session.activeCommandName} does not allow running shell commands.`
+  }
+  if (toolName === 'run_subagent' && permissions.allowCommands === false) {
+    return `Command /${session.activeCommandName} does not allow running subagents.`
+  }
+  if ((toolName === 'write_file' || toolName === 'edit_file') && permissions.allowEdit === false) {
+    return `Command /${session.activeCommandName} does not allow editing files.`
   }
+  return null
+}
+
+function createCommandToolPermissions(session) {
+  return (toolName) => commandToolPermissionError(session, toolName)
 }
 
 /**
@@ -606,6 +611,14 @@ async function resolveCommandState(session, userMessage) {
   if (typeof internalResponse === 'string') return { textResponse: internalResponse }
   if (internalResponse?.clear) return { clear: internalResponse }
   if (internalResponse?.compact) return { compact: internalResponse }
+  if (internalResponse?.plan) {
+    return {
+      userMessage,
+      commandPrompt: formatPlanCommandPrompt(internalResponse.args),
+      permissions: { allowEdit: false, allowCommands: false },
+      commandName: 'plan',
+    }
+  }
 
   if (!session.projectContext?.workspaceRoot) return { userMessage }
 
@@ -624,6 +637,34 @@ async function resolveCommandState(session, userMessage) {
   }
 }
 
+function formatPlanCommandPrompt(task) {
+  const taskText = String(task || '').trim()
+  return `<plan_command_invocation name="plan">
+This /plan command applies only to the current user request. Generate an implementation plan before execution.
+
+Rules for this turn:
+- Do not modify files.
+- Do not create files.
+- Do not run shell commands.
+- Do not use write_file, edit_file, run_command, or any other state-changing tool.
+- You may use read-only tools such as read_file and grep_files if needed to inspect the project.
+- Output the plan and then stop. Do not start implementation.
+
+Plan should include:
+1. Task understanding
+2. Relevant files or areas to inspect/change
+3. Step-by-step implementation plan
+4. Risks or assumptions
+5. Validation commands/checks to run after implementation
+6. Whether documentation/wiki updates are needed
+
+End by telling the user they can reply “允许”, “按计划执行”, or an equivalent approval phrase to continue in a normal follow-up turn.
+
+User task:
+${taskText}
+</plan_command_invocation>`
+}
+
 function omitDetailsForLlm(message) {
   if (!message || typeof message !== 'object' || message.details === undefined) return message
   const copy = { ...message }
@@ -1050,9 +1091,11 @@ export async function createAgent(sessionId, config = {}) {
     beforeToolCall: async (context) => {
       const toolName = context.toolCall?.name
       const toolCallId = context.toolCall?.id
+      const currentSession = agentSessions.get(sessionId)
+      const commandPermissionError = commandToolPermissionError(currentSession, toolName)
+      if (commandPermissionError) return { block: true, reason: commandPermissionError }
       const isSkillTool = toolName === 'activate_skill' || toolName === 'read_skill_resource'
       if (isSkillTool) return undefined
-      const currentSession = agentSessions.get(sessionId)
       if (profileToolNames && !profileToolNames.includes(toolName)) return { block: true, reason: `Agent profile ${agentProfile.name} is not allowed to use ${toolName}.` }
       if (toolName === 'run_subagent') return undefined
       if (isMcpToolName(toolName)) {
@@ -1454,6 +1497,50 @@ export async function runPrompt(sessionId, message) {
   return { sessionId, status: session.status }
 }
 
+/**
+ * Continue generation from the current last message (must be a user or
+ * tool-result message).  Used by the retry button to regenerate a response
+ * in-place without appending a new user message.
+ *
+ * Trims messages to keep up to and including the last user message,
+ * removing the assistant response that follows it.
+ */
+export async function continueSession(sessionId) {
+  const session = agentSessions.get(sessionId)
+  if (!session) {
+    throw Object.assign(new Error('Session not found'), { statusCode: 404 })
+  }
+  if (session.agent.state.isStreaming) {
+    throw Object.assign(new Error('Generation is still running. Stop it or wait until it finishes.'), { statusCode: 409 })
+  }
+
+  const messages = Array.isArray(session.agent.state.messages) ? session.agent.state.messages : []
+
+  // Find the last user message and trim everything after it (the assistant response)
+  let lastUserIndex = -1
+  for (let i = messages.length - 1; i >= 0; i--) {
+    if (messages[i].role === 'user' || messages[i].role === 'user-with-attachments') {
+      lastUserIndex = i
+      break
+    }
+  }
+  if (lastUserIndex < 0) {
+    throw Object.assign(new Error('Cannot continue: no user message found.'), { statusCode: 400 })
+  }
+
+  const trimmedMessages = messages.slice(0, lastUserIndex + 1)
+  updateSessionMessages(session, trimmedMessages)
+  resetSessionCompaction(session)
+
+  resetIdleTimer(session)
+  session.agent.continue().catch((err) => {
+    logger.error(`Agent continue error for session ${sessionId}:`, err, { sessionId })
+    emitSessionEvent(session, { type: 'error', error: err.message || 'Unknown error' })
+  })
+
+  return { sessionId, status: 'running' }
+}
+
 /**
  * Abort the current agent run.
  */

package/server/custom-commands.mjs

@@ -251,6 +251,9 @@ export function parseInternalCommandInvocation(message) {
   if (/^\/clear\s*$/i.test(text)) return { type: 'clear' }
   if (/^\/clear(?:\s+[\s\S]+)$/i.test(text)) return { type: 'invalid-clear-args' }
 
+  const planMatch = text.match(/^\/plan(?:\s+([\s\S]*))?$/i)
+  if (planMatch) return { type: 'plan', args: (planMatch[1] || '').trim() }
+
   const compactMatch = text.match(/^\/compact(?:\s+([\s\S]*))?$/i)
   if (compactMatch) return { type: 'compact', args: (compactMatch[1] || '').trim() }
 
@@ -270,6 +273,11 @@ export async function handleInternalCommand(invocation, workspaceRoot, commandDi
     return { compact: true, args: invocation.args || '' }
   }
 
+  if (invocation.type === 'plan') {
+    if (!invocation.args) return 'Usage: /plan <task>'
+    return { plan: true, args: invocation.args }
+  }
+
   if (invocation.type === 'clear') {
     return { clear: true }
   }

package/server/index.mjs

@@ -234,7 +234,7 @@ async function handleApi(req, res, url) {
   }
 
   // Project workspace inspector routes
-  if (pathname === '/api/workspace/tree' || pathname === '/api/workspace/file') {
+  if (pathname === '/api/workspace/tree' || pathname === '/api/workspace/file' || pathname === '/api/workspace/resolve-path') {
     await handleWorkspaceApi(req, res, url)
     return
   }

package/server/project-config.mjs

@@ -39,7 +39,6 @@ export async function readProjectConfig() {
 }
 
 const TERMINAL_SHELL_PROFILE_CANDIDATES = [
-  { id: 'auto', name: 'Auto', command: 'auto', platforms: ['win32', 'darwin', 'linux', 'freebsd', 'openbsd'] },
   { id: 'cmd', name: 'Command Prompt', command: 'cmd.exe', platforms: ['win32'] },
   { id: 'powershell', name: 'Windows PowerShell', command: 'powershell.exe', platforms: ['win32'] },
   { id: 'pwsh', name: 'PowerShell 7+', command: 'pwsh.exe', platforms: ['win32', 'darwin', 'linux', 'freebsd', 'openbsd'] },
@@ -56,7 +55,7 @@ function isWindows() {
 }
 
 function commandExists(command) {
-  if (!command || command === 'auto') return true
+  if (!command) return true
   if (command.includes('/') || command.includes('\\')) return existsSync(command)
   const probe = isWindows() ? 'where' : 'command'
   const args = isWindows() ? [command] : ['-v', command]
@@ -66,13 +65,11 @@ function commandExists(command) {
 
 function terminalShellProfileCandidatesForPlatform(platform = os.platform()) {
   const profiles = TERMINAL_SHELL_PROFILE_CANDIDATES
-    .filter((profile) => profile.platforms.includes(platform) || profile.id === 'auto')
-    .filter((profile) => profile.id === 'auto' || commandExists(profile.command))
+    .filter((profile) => profile.platforms.includes(platform))
+    .filter((profile) => commandExists(profile.command))
     .map(({ platforms, ...profile }) => ({ ...profile, builtin: true, detected: true }))
 
-  return profiles.length > 1
-    ? profiles
-    : [TERMINAL_SHELL_PROFILE_CANDIDATES[0]].map(({ platforms, ...profile }) => ({ ...profile, builtin: true, detected: true }))
+  return profiles
 }
 
 function nameFromTerminalShellCommand(command) {
@@ -232,10 +229,11 @@ export async function setActiveProjectPath(inputPath) {
         name: projectNameFromPath(resolved),
         path: resolved,
         lastOpenedAt: now,
+        sortOrder: config.projects.length,
         skills: [],
         commandDir: '',
       }
-      config.projects.unshift(project)
+      config.projects.push(project)
     } else {
       project.name = projectNameFromPath(resolved)
       project.path = resolved
@@ -243,7 +241,7 @@ export async function setActiveProjectPath(inputPath) {
     }
 
     config.activeProjectId = project.id
-    config.projects = [project, ...config.projects.filter((item) => item.id !== project.id)].slice(0, 20)
+    if (config.projects.length > 20) config.projects = config.projects.slice(-20)
     return config
   })
 

package/server/routes/agent.mjs

@@ -25,6 +25,7 @@ import {
   abortToolCall,
   replaceSessionMessages,
   rollbackSessionMessages,
+  continueSession,
   agentEvents,
 } from '../agent-manager.mjs'
 
@@ -96,7 +97,13 @@ export async function handleAgentApi(req, res, url) {
 
   // GET /api/agents/:sessionId/state — get session state
   if (req.method === 'GET' && subPath === 'state') {
-    const state = getSessionState(sessionId)
+    let state = getSessionState(sessionId)
+    if (!state) {
+      // Try to restore from persistent storage before giving up.
+      // This recovers sessions that were evicted by idle timeout.
+      await restoreAgent(sessionId)
+      state = getSessionState(sessionId)
+    }
     if (!state) {
       const error = new Error('Session not found')
       error.statusCode = 404
@@ -184,6 +191,13 @@ export async function handleAgentApi(req, res, url) {
     return
   }
 
+  // POST /api/agents/:sessionId/continue — continue generation from last message (retry)
+  if (req.method === 'POST' && subPath === 'continue') {
+    const result = await continueSession(sessionId)
+    sendJson(res, 200, result)
+    return
+  }
+
   // POST /api/agents/:sessionId/steer — queue steering message
   if (req.method === 'POST' && subPath === 'steer') {
     const body = await readJsonBody(req)

package/server/routes/project.mjs

@@ -10,7 +10,8 @@ export async function handleProjectApi(req, res, url) {
   const config = await readProjectConfig()
 
   if (req.method === 'GET' && url.pathname === '/api/project') {
-    sendJson(res, 200, { project: getActiveProject(config), projects: config.projects, workspaceRoot: getWorkspaceRoot() })
+    const sorted = [...config.projects].sort((a, b) => (a.sortOrder ?? 0) - (b.sortOrder ?? 0))
+    sendJson(res, 200, { project: getActiveProject(config), projects: sorted, workspaceRoot: getWorkspaceRoot() })
     return
   }
 
@@ -125,6 +126,37 @@ export async function handleProjectApi(req, res, url) {
     return
   }
 
+  if (req.method === 'PUT' && url.pathname === '/api/project/reorder') {
+    const body = await readJsonBody(req)
+    if (!Array.isArray(body?.orderedIds)) {
+      const error = new Error('orderedIds must be an array')
+      error.statusCode = 400
+      throw error
+    }
+    const orderedIds = body.orderedIds
+    const updated = await atomicProjectConfigUpdate((cfg) => {
+      const idToProject = new Map(cfg.projects.map((p) => [p.id, p]))
+      const reordered = []
+      for (const id of orderedIds) {
+        const p = idToProject.get(id)
+        if (p) {
+          p.sortOrder = reordered.length
+          reordered.push(p)
+          idToProject.delete(id)
+        }
+      }
+      // append any remaining projects not in orderedIds (shouldn't happen normally)
+      for (const p of idToProject.values()) {
+        p.sortOrder = reordered.length
+        reordered.push(p)
+      }
+      cfg.projects = reordered
+      return cfg
+    })
+    sendJson(res, 200, { projects: updated.projects, workspaceRoot: getWorkspaceRoot() })
+    return
+  }
+
   const error = new Error('Not found')
   error.statusCode = 404
   throw error

package/server/routes/terminal.mjs

@@ -10,6 +10,7 @@ import {
   listTerminalSessions,
   platformInfo,
   terminalCapabilities,
+  writeTerminalInput,
 } from '../terminal/terminal-manager.mjs'
 
 const wsServer = new WebSocketServer({ noServer: true })
@@ -49,6 +50,11 @@ function sessionIdFromPath(pathname) {
   return match ? decodeSegment(match[1]) : null
 }
 
+function inputSessionIdFromPath(pathname) {
+  const match = pathname.match(/^\/api\/terminal\/sessions\/([^/]+)\/input$/)
+  return match ? decodeSegment(match[1]) : null
+}
+
 export async function handleTerminalApi(req, res, url, options = {}) {
   await assertLocalTerminalRequest(req, options.isLocalRequest)
 
@@ -82,13 +88,32 @@ export async function handleTerminalApi(req, res, url, options = {}) {
     return
   }
 
-  const sessionId = sessionIdFromPath(url.pathname)
-  if (req.method === 'DELETE' && sessionId) {
-    destroyTerminalSession(sessionId)
+  const inputSessionId = inputSessionIdFromPath(url.pathname)
+  if ((req.method === 'POST' || req.method === 'PUT') && inputSessionId) {
+    const body = await readJsonBody(req, 256 * 1024) || {}
+    if (typeof body.data !== 'string') throw error('Terminal input data is required', 400)
+    writeTerminalInput(inputSessionId, body.data)
     sendJson(res, 200, { ok: true })
     return
   }
 
+  const sessionId = sessionIdFromPath(url.pathname)
+  if (sessionId) {
+    if (req.method === 'POST' || req.method === 'PUT') {
+      const body = await readJsonBody(req, 256 * 1024) || {}
+      if (typeof body.data !== 'string') throw error('Terminal input data is required', 400)
+      writeTerminalInput(sessionId, body.data)
+      sendJson(res, 200, { ok: true })
+      return
+    }
+
+    if (req.method === 'DELETE') {
+      destroyTerminalSession(sessionId)
+      sendJson(res, 200, { ok: true })
+      return
+    }
+  }
+
   throw error('Not found', 404)
 }
 

package/server/routes/workspace.mjs

@@ -1,7 +1,7 @@
 import { promises as fs } from 'node:fs'
 import path from 'node:path'
 import { spawn } from 'node:child_process'
-import { sendJson } from '../utils/response.mjs'
+import { sendJson, readJsonBody } from '../utils/response.mjs'
 import { projectContextFromId } from '../project-config.mjs'
 import {
   assertSafeWorkspacePath,
@@ -246,6 +246,44 @@ async function handleWorkspaceFile(req, res, url) {
   })
 }
 
+async function handleWorkspaceResolvePath(req, res) {
+  const body = await readJsonBody(req, 16 * 1024)
+  const projectId = typeof body?.projectId === 'string' ? body.projectId : ''
+  const inputPath = typeof body?.path === 'string' ? body.path.trim() : ''
+
+  if (!projectId) {
+    const error = new Error('projectId is required')
+    error.statusCode = 400
+    throw error
+  }
+  if (!inputPath) {
+    const error = new Error('path is required')
+    error.statusCode = 400
+    throw error
+  }
+  if (!path.isAbsolute(inputPath)) {
+    const error = new Error('Only absolute paths are supported')
+    error.statusCode = 400
+    throw error
+  }
+
+  const context = await projectContextFromId(projectId)
+  const file = resolveWorkspacePath(inputPath, context)
+  await assertSafeWorkspacePath(file, context)
+  const stat = await fs.stat(file)
+  if (!stat.isFile()) {
+    const error = new Error('Path is not a file')
+    error.statusCode = 400
+    throw error
+  }
+
+  sendJson(res, 200, {
+    relativePath: toWorkspaceRelative(file, context),
+    exists: true,
+    isDirectory: false,
+  })
+}
+
 async function handleGitStatus(req, res, url) {
   const context = await projectContextFromUrl(url)
   sendJson(res, 200, await listGitStatus(context))
@@ -306,6 +344,10 @@ export async function handleWorkspaceApi(req, res, url) {
     await handleWorkspaceFile(req, res, url)
     return
   }
+  if (req.method === 'POST' && url.pathname === '/api/workspace/resolve-path') {
+    await handleWorkspaceResolvePath(req, res)
+    return
+  }
 
   const error = new Error('Not found')
   error.statusCode = 404

package/server/terminal/terminal-manager.mjs

@@ -242,6 +242,18 @@ export function attachTerminalClient(sessionId, client) {
   }
 }
 
+export function writeTerminalInput(sessionId, data) {
+  const session = sessions.get(sessionId)
+  if (!session) throw createError('Terminal session not found', 404)
+  if (session.exited) throw createError('Terminal session has exited', 410)
+  if (typeof data !== 'string') throw createError('Terminal input must be a string', 400)
+
+  session.touchedAt = Date.now()
+  session.updatedAt = new Date().toISOString()
+  session.pty.write(data)
+  return serializeSession(session)
+}
+
 export function destroyTerminalSession(sessionId) {
   const session = sessions.get(sessionId)
   if (!session) return false