npm - @vibelet/cli - Versions diffs - 0.1.34 → 0.1.36 - Mend

@vibelet/cli 0.1.34 → 0.1.36

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (323) hide show

package/app.json +5 -0
package/dist/advertised-hosts.d.ts +34 -0
package/dist/advertised-hosts.d.ts.map +1 -0
package/dist/advertised-hosts.js +176 -0
package/dist/advertised-hosts.js.map +1 -0
package/dist/advertised-hosts.test.d.ts +2 -0
package/dist/advertised-hosts.test.d.ts.map +1 -0
package/dist/advertised-hosts.test.js +96 -0
package/dist/advertised-hosts.test.js.map +1 -0
package/dist/audit.d.ts +30 -0
package/dist/audit.d.ts.map +1 -0
package/dist/audit.js +73 -0
package/dist/audit.js.map +1 -0
package/dist/audit.test.d.ts +2 -0
package/dist/audit.test.d.ts.map +1 -0
package/dist/audit.test.js +33 -0
package/dist/audit.test.js.map +1 -0
package/dist/auth.d.ts +6 -0
package/dist/auth.d.ts.map +1 -0
package/dist/auth.js +27 -0
package/dist/auth.js.map +1 -0
package/dist/claude-hooks.d.ts +58 -0
package/dist/claude-hooks.d.ts.map +1 -0
package/dist/claude-hooks.js +129 -0
package/dist/claude-hooks.js.map +1 -0
package/dist/cli-version.d.ts +3 -0
package/dist/cli-version.d.ts.map +1 -0
package/dist/cli-version.js +35 -0
package/dist/cli-version.js.map +1 -0
package/dist/cli-version.test.d.ts +2 -0
package/dist/cli-version.test.d.ts.map +1 -0
package/dist/cli-version.test.js +38 -0
package/dist/cli-version.test.js.map +1 -0
package/dist/config.d.ts +30 -0
package/dist/config.d.ts.map +1 -0
package/dist/config.js +327 -0
package/dist/config.js.map +1 -0
package/dist/config.test.d.ts +2 -0
package/dist/config.test.d.ts.map +1 -0
package/dist/config.test.js +184 -0
package/dist/config.test.js.map +1 -0
package/dist/dev-auth.test.d.ts +2 -0
package/dist/dev-auth.test.d.ts.map +1 -0
package/dist/dev-auth.test.js +154 -0
package/dist/dev-auth.test.js.map +1 -0
package/dist/dev-script.test.d.ts +2 -0
package/dist/dev-script.test.d.ts.map +1 -0
package/dist/dev-script.test.js +412 -0
package/dist/dev-script.test.js.map +1 -0
package/dist/drivers/claude.d.ts +34 -0
package/dist/drivers/claude.d.ts.map +1 -0
package/dist/drivers/claude.js +413 -0
package/dist/drivers/claude.js.map +1 -0
package/dist/drivers/claude.test.d.ts +2 -0
package/dist/drivers/claude.test.d.ts.map +1 -0
package/dist/drivers/claude.test.js +951 -0
package/dist/drivers/claude.test.js.map +1 -0
package/dist/drivers/codex.d.ts +38 -0
package/dist/drivers/codex.d.ts.map +1 -0
package/dist/drivers/codex.js +771 -0
package/dist/drivers/codex.js.map +1 -0
package/dist/drivers/codex.test.d.ts +2 -0
package/dist/drivers/codex.test.d.ts.map +1 -0
package/dist/drivers/codex.test.js +939 -0
package/dist/drivers/codex.test.js.map +1 -0
package/dist/drivers/types.d.ts +14 -0
package/dist/drivers/types.d.ts.map +1 -0
package/dist/drivers/types.js +2 -0
package/dist/drivers/types.js.map +1 -0
package/dist/e2e.test.d.ts +2 -0
package/dist/e2e.test.d.ts.map +1 -0
package/dist/e2e.test.js +111 -0
package/dist/e2e.test.js.map +1 -0
package/dist/identity.d.ts +10 -0
package/dist/identity.d.ts.map +1 -0
package/dist/identity.js +66 -0
package/dist/identity.js.map +1 -0
package/dist/identity.test.d.ts +2 -0
package/dist/identity.test.d.ts.map +1 -0
package/dist/identity.test.js +25 -0
package/dist/identity.test.js.map +1 -0
package/dist/index-entry.test.d.ts +2 -0
package/dist/index-entry.test.d.ts.map +1 -0
package/dist/index-entry.test.js +272 -0
package/dist/index-entry.test.js.map +1 -0
package/dist/index.d.ts +2 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +707 -0
package/dist/index.js.map +1 -0
package/dist/logger.d.ts +31 -0
package/dist/logger.d.ts.map +1 -0
package/dist/logger.js +75 -0
package/dist/logger.js.map +1 -0
package/dist/metrics.d.ts +52 -0
package/dist/metrics.d.ts.map +1 -0
package/dist/metrics.js +89 -0
package/dist/metrics.js.map +1 -0
package/dist/pairing-store.d.ts +29 -0
package/dist/pairing-store.d.ts.map +1 -0
package/dist/pairing-store.js +131 -0
package/dist/pairing-store.js.map +1 -0
package/dist/pairing-store.test.d.ts +2 -0
package/dist/pairing-store.test.d.ts.map +1 -0
package/dist/pairing-store.test.js +47 -0
package/dist/pairing-store.test.js.map +1 -0
package/dist/paths.d.ts +16 -0
package/dist/paths.d.ts.map +1 -0
package/dist/paths.js +18 -0
package/dist/paths.js.map +1 -0
package/dist/perf-compare.d.ts +13 -0
package/dist/perf-compare.d.ts.map +1 -0
package/dist/perf-compare.js +125 -0
package/dist/perf-compare.js.map +1 -0
package/dist/port-conflict.d.ts +9 -0
package/dist/port-conflict.d.ts.map +1 -0
package/dist/port-conflict.js +33 -0
package/dist/port-conflict.js.map +1 -0
package/dist/port-conflict.test.d.ts +2 -0
package/dist/port-conflict.test.d.ts.map +1 -0
package/dist/port-conflict.test.js +38 -0
package/dist/port-conflict.test.js.map +1 -0
package/dist/process-scanner.d.ts +43 -0
package/dist/process-scanner.d.ts.map +1 -0
package/dist/process-scanner.js +453 -0
package/dist/process-scanner.js.map +1 -0
package/dist/process-scanner.perf.test.d.ts +2 -0
package/dist/process-scanner.perf.test.d.ts.map +1 -0
package/dist/process-scanner.perf.test.js +186 -0
package/dist/process-scanner.perf.test.js.map +1 -0
package/dist/process-scanner.test.d.ts +2 -0
package/dist/process-scanner.test.d.ts.map +1 -0
package/dist/process-scanner.test.js +399 -0
package/dist/process-scanner.test.js.map +1 -0
package/dist/push-protocol.d.ts +15 -0
package/dist/push-protocol.d.ts.map +1 -0
package/dist/push-protocol.js +23 -0
package/dist/push-protocol.js.map +1 -0
package/dist/push-protocol.test.d.ts +2 -0
package/dist/push-protocol.test.d.ts.map +1 -0
package/dist/push-protocol.test.js +57 -0
package/dist/push-protocol.test.js.map +1 -0
package/dist/push-store.d.ts +22 -0
package/dist/push-store.d.ts.map +1 -0
package/dist/push-store.js +103 -0
package/dist/push-store.js.map +1 -0
package/dist/push-store.test.d.ts +2 -0
package/dist/push-store.test.d.ts.map +1 -0
package/dist/push-store.test.js +79 -0
package/dist/push-store.test.js.map +1 -0
package/dist/push.d.ts +65 -0
package/dist/push.d.ts.map +1 -0
package/dist/push.js +202 -0
package/dist/push.js.map +1 -0
package/dist/push.test.d.ts +2 -0
package/dist/push.test.d.ts.map +1 -0
package/dist/push.test.js +199 -0
package/dist/push.test.js.map +1 -0
package/dist/safe-stdio.d.ts +3 -0
package/dist/safe-stdio.d.ts.map +1 -0
package/dist/safe-stdio.js +46 -0
package/dist/safe-stdio.js.map +1 -0
package/dist/scanner.d.ts +30 -0
package/dist/scanner.d.ts.map +1 -0
package/dist/scanner.js +859 -0
package/dist/scanner.js.map +1 -0
package/dist/scanner.perf.test.d.ts +2 -0
package/dist/scanner.perf.test.d.ts.map +1 -0
package/dist/scanner.perf.test.js +320 -0
package/dist/scanner.perf.test.js.map +1 -0
package/dist/scanner.test.d.ts +2 -0
package/dist/scanner.test.d.ts.map +1 -0
package/dist/scanner.test.js +948 -0
package/dist/scanner.test.js.map +1 -0
package/dist/session-inventory.d.ts +63 -0
package/dist/session-inventory.d.ts.map +1 -0
package/dist/session-inventory.js +525 -0
package/dist/session-inventory.js.map +1 -0
package/dist/session-inventory.perf.test.d.ts +2 -0
package/dist/session-inventory.perf.test.d.ts.map +1 -0
package/dist/session-inventory.perf.test.js +220 -0
package/dist/session-inventory.perf.test.js.map +1 -0
package/dist/session-inventory.test.d.ts +2 -0
package/dist/session-inventory.test.d.ts.map +1 -0
package/dist/session-inventory.test.js +712 -0
package/dist/session-inventory.test.js.map +1 -0
package/dist/session-manager.d.ts +75 -0
package/dist/session-manager.d.ts.map +1 -0
package/dist/session-manager.js +1515 -0
package/dist/session-manager.js.map +1 -0
package/dist/session-manager.test.d.ts +2 -0
package/dist/session-manager.test.d.ts.map +1 -0
package/dist/session-manager.test.js +2861 -0
package/dist/session-manager.test.js.map +1 -0
package/dist/session-store.d.ts +42 -0
package/dist/session-store.d.ts.map +1 -0
package/dist/session-store.js +163 -0
package/dist/session-store.js.map +1 -0
package/dist/session-store.test.d.ts +2 -0
package/dist/session-store.test.d.ts.map +1 -0
package/dist/session-store.test.js +236 -0
package/dist/session-store.test.js.map +1 -0
package/dist/session-title.d.ts +6 -0
package/dist/session-title.d.ts.map +1 -0
package/dist/session-title.js +105 -0
package/dist/session-title.js.map +1 -0
package/dist/session-title.perf.test.d.ts +2 -0
package/dist/session-title.perf.test.d.ts.map +1 -0
package/dist/session-title.perf.test.js +99 -0
package/dist/session-title.perf.test.js.map +1 -0
package/dist/session-title.test.d.ts +2 -0
package/dist/session-title.test.d.ts.map +1 -0
package/dist/session-title.test.js +199 -0
package/dist/session-title.test.js.map +1 -0
package/dist/shutdown-endpoint.test.d.ts +2 -0
package/dist/shutdown-endpoint.test.d.ts.map +1 -0
package/dist/shutdown-endpoint.test.js +93 -0
package/dist/shutdown-endpoint.test.js.map +1 -0
package/dist/storage-housekeeping.d.ts +28 -0
package/dist/storage-housekeeping.d.ts.map +1 -0
package/dist/storage-housekeeping.js +76 -0
package/dist/storage-housekeeping.js.map +1 -0
package/dist/storage-housekeeping.test.d.ts +2 -0
package/dist/storage-housekeeping.test.d.ts.map +1 -0
package/dist/storage-housekeeping.test.js +65 -0
package/dist/storage-housekeeping.test.js.map +1 -0
package/dist/test-daemon-harness.d.ts +31 -0
package/dist/test-daemon-harness.d.ts.map +1 -0
package/dist/test-daemon-harness.js +337 -0
package/dist/test-daemon-harness.js.map +1 -0
package/dist/token-auth.test.d.ts +2 -0
package/dist/token-auth.test.d.ts.map +1 -0
package/dist/token-auth.test.js +52 -0
package/dist/token-auth.test.js.map +1 -0
package/dist/utils.d.ts +4 -0
package/dist/utils.d.ts.map +1 -0
package/dist/utils.js +40 -0
package/dist/utils.js.map +1 -0
package/dist/utils.test.d.ts +2 -0
package/dist/utils.test.d.ts.map +1 -0
package/dist/utils.test.js +54 -0
package/dist/utils.test.js.map +1 -0
package/dist/ws-data.d.ts +4 -0
package/dist/ws-data.d.ts.map +1 -0
package/dist/ws-data.js +20 -0
package/dist/ws-data.js.map +1 -0
package/dist/ws-data.test.d.ts +2 -0
package/dist/ws-data.test.d.ts.map +1 -0
package/dist/ws-data.test.js +17 -0
package/dist/ws-data.test.js.map +1 -0
package/package.json +24 -27
package/perf-reporter.mjs +138 -0
package/scripts/build-release.mjs +41 -0
package/scripts/dev.mjs +537 -0
package/src/advertised-hosts.test.ts +125 -0
package/src/advertised-hosts.ts +225 -0
package/src/audit.test.ts +38 -0
package/src/audit.ts +117 -0
package/src/auth.ts +31 -0
package/src/claude-hooks.ts +195 -0
package/src/cli-version.test.ts +36 -0
package/src/cli-version.ts +46 -0
package/src/config.test.ts +254 -0
package/src/config.ts +324 -0
package/src/dev-auth.test.ts +183 -0
package/src/dev-script.test.ts +511 -0
package/src/drivers/claude.test.ts +1186 -0
package/src/drivers/claude.ts +443 -0
package/src/drivers/codex.test.ts +1096 -0
package/src/drivers/codex.ts +879 -0
package/src/drivers/types.ts +15 -0
package/src/e2e.test.ts +139 -0
package/src/identity.test.ts +26 -0
package/src/identity.ts +82 -0
package/src/index-entry.test.ts +336 -0
package/src/index.ts +781 -0
package/src/logger.ts +112 -0
package/src/metrics.ts +117 -0
package/src/pairing-store.test.ts +53 -0
package/src/pairing-store.ts +154 -0
package/src/paths.ts +19 -0
package/src/perf-compare.ts +164 -0
package/src/port-conflict.test.ts +45 -0
package/src/port-conflict.ts +44 -0
package/src/process-scanner.perf.test.ts +222 -0
package/src/process-scanner.test.ts +575 -0
package/src/process-scanner.ts +514 -0
package/src/push-protocol.test.ts +74 -0
package/src/push-protocol.ts +36 -0
package/src/push-store.test.ts +89 -0
package/src/push-store.ts +126 -0
package/src/push.test.ts +234 -0
package/src/push.ts +318 -0
package/src/safe-stdio.ts +51 -0
package/src/scanner.perf.test.ts +359 -0
package/src/scanner.test.ts +1045 -0
package/src/scanner.ts +924 -0
package/src/session-inventory.perf.test.ts +250 -0
package/src/session-inventory.test.ts +1002 -0
package/src/session-inventory.ts +721 -0
package/src/session-manager.test.ts +3430 -0
package/src/session-manager.ts +1775 -0
package/src/session-store.test.ts +276 -0
package/src/session-store.ts +202 -0
package/src/session-title.perf.test.ts +118 -0
package/src/session-title.test.ts +286 -0
package/src/session-title.ts +108 -0
package/src/shutdown-endpoint.test.ts +95 -0
package/src/storage-housekeeping.test.ts +78 -0
package/src/storage-housekeeping.ts +111 -0
package/src/test-daemon-harness.ts +410 -0
package/src/token-auth.test.ts +67 -0
package/src/utils.test.ts +65 -0
package/src/utils.ts +47 -0
package/src/ws-data.test.ts +20 -0
package/src/ws-data.ts +26 -0
package/tsconfig.json +12 -0
package/README.md +0 -80
package/bin/cloudflared-quick-tunnel.mjs +0 -11
package/bin/cloudflared-resolver.mjs +0 -68
package/bin/vibelet-runtime-policy.mjs +0 -36
package/bin/vibelet.cjs +0 -12
package/bin/vibelet.mjs +0 -1019
package/dist/index.cjs +0 -123

package/src/session-store.test.ts ADDED Viewed

@@ -0,0 +1,276 @@
+import test from 'node:test';
+import assert from 'node:assert/strict';
+import { mkdtemp, rm } from 'fs/promises';
+import { readFileSync, mkdirSync, writeFileSync } from 'fs';
+import { join, dirname } from 'path';
+import { tmpdir } from 'os';
+import type { SessionRecord } from './session-store.js';
+// We need to override SESSION_STORE_PATH before importing SessionStore.
+// Use a dynamic approach: create the store, then replace its internals.
+async function withTempStore(fn: (storePath: string) => Promise<void>): Promise<void> {
+  const dir = await mkdtemp(join(tmpdir(), 'ss-test-'));
+  const storePath = join(dir, 'sessions.json');
+  try {
+    await fn(storePath);
+  } finally {
+    await rm(dir, { recursive: true, force: true });
+  }
+}
+function makeRecord(overrides: Partial<SessionRecord> & { sessionId: string }): SessionRecord {
+  return {
+    agent: 'claude',
+    cwd: '/test',
+    title: 'Test',
+    createdAt: '2026-01-01T00:00:00.000Z',
+    lastActivityAt: '2026-01-01T00:00:00.000Z',
+    ...overrides,
+  };
+}
+// Import SessionStore and override its disk path for testing
+async function createTestStore(storePath: string, initialRecords?: SessionRecord[]) {
+  if (initialRecords) {
+    mkdirSync(dirname(storePath), { recursive: true });
+    writeFileSync(storePath, JSON.stringify({
+      records: initialRecords,
+      deletedSessionIds: [],
+    }));
+  }
+  const { SessionStore } = await import('./session-store.js');
+  const store = new SessionStore();
+  // Override path and records for isolated testing
+  (store as any).records = initialRecords ?? [];
+  (store as any).deletedSessionIds = new Set<string>();
+  // Make save synchronous and write to our temp path
+  (store as any).saveToDisk = () => {
+    mkdirSync(dirname(storePath), { recursive: true });
+    writeFileSync(storePath, JSON.stringify({
+      records: (store as any).records,
+      deletedSessionIds: [...(store as any).deletedSessionIds],
+    }, null, 2));
+  };
+  (store as any).scheduleSave = () => (store as any).saveToDisk();
+  return store;
+}
+test('getAll: returns empty array initially', async () => {
+  await withTempStore(async (storePath) => {
+    const store = await createTestStore(storePath);
+    assert.deepEqual(store.getAll(), []);
+  });
+});
+test('upsert: inserts new record at beginning', async () => {
+  await withTempStore(async (storePath) => {
+    const store = await createTestStore(storePath);
+    const r1 = makeRecord({ sessionId: 's1' });
+    const r2 = makeRecord({ sessionId: 's2' });
+    store.upsert(r1);
+    store.upsert(r2);
+    const all = store.getAll();
+    assert.equal(all.length, 2);
+    assert.equal(all[0].sessionId, 's2');
+    assert.equal(all[1].sessionId, 's1');
+  });
+});
+test('upsert: updates existing record in place', async () => {
+  await withTempStore(async (storePath) => {
+    const store = await createTestStore(storePath);
+    store.upsert(makeRecord({ sessionId: 's1', title: 'Original' }));
+    store.upsert(makeRecord({ sessionId: 's1', title: 'Updated' }));
+    const all = store.getAll();
+    assert.equal(all.length, 1);
+    assert.equal(all[0].title, 'Updated');
+  });
+});
+test('find: returns matching record', async () => {
+  await withTempStore(async (storePath) => {
+    const store = await createTestStore(storePath);
+    store.upsert(makeRecord({ sessionId: 's1', title: 'Found' }));
+    store.upsert(makeRecord({ sessionId: 's2', title: 'Other' }));
+    const found = store.find('s1');
+    assert.ok(found);
+    assert.equal(found.title, 'Found');
+  });
+});
+test('find: returns undefined for missing record', async () => {
+  await withTempStore(async (storePath) => {
+    const store = await createTestStore(storePath);
+    assert.equal(store.find('nonexistent'), undefined);
+  });
+});
+test('remove: removes matching record', async () => {
+  await withTempStore(async (storePath) => {
+    const store = await createTestStore(storePath);
+    store.upsert(makeRecord({ sessionId: 's1' }));
+    store.upsert(makeRecord({ sessionId: 's2' }));
+    store.remove('s1');
+    assert.equal(store.getAll().length, 1);
+    assert.equal(store.find('s1'), undefined);
+    assert.equal(store.isDeleted('s1'), true);
+    assert.ok(store.find('s2'));
+  });
+});
+test('remove: no-op for missing record', async () => {
+  await withTempStore(async (storePath) => {
+    const store = await createTestStore(storePath);
+    store.upsert(makeRecord({ sessionId: 's1' }));
+    store.remove('nonexistent');
+    assert.equal(store.getAll().length, 1);
+  });
+});
+test('flushSync: persists to disk', async () => {
+  await withTempStore(async (storePath) => {
+    const store = await createTestStore(storePath);
+    store.upsert(makeRecord({ sessionId: 's1', title: 'Persisted' }));
+    store.flushSync();
+    const data = JSON.parse(readFileSync(storePath, 'utf-8'));
+    assert.equal(data.records.length, 1);
+    assert.equal(data.records[0].sessionId, 's1');
+    assert.equal(data.records[0].title, 'Persisted');
+    assert.deepEqual(data.deletedSessionIds, []);
+  });
+});
+test('upsert: triggers save to disk', async () => {
+  await withTempStore(async (storePath) => {
+    const store = await createTestStore(storePath);
+    store.upsert(makeRecord({ sessionId: 's1' }));
+    // scheduleSave is synchronous in our test setup
+    const data = JSON.parse(readFileSync(storePath, 'utf-8'));
+    assert.equal(data.records.length, 1);
+    assert.deepEqual(data.deletedSessionIds, []);
+  });
+});
+test('remove: triggers save to disk', async () => {
+  await withTempStore(async (storePath) => {
+    const store = await createTestStore(storePath);
+    store.upsert(makeRecord({ sessionId: 's1' }));
+    store.upsert(makeRecord({ sessionId: 's2' }));
+    store.remove('s1');
+    const data = JSON.parse(readFileSync(storePath, 'utf-8'));
+    assert.equal(data.records.length, 1);
+    assert.equal(data.records[0].sessionId, 's2');
+    assert.deepEqual(data.deletedSessionIds, ['s1']);
+  });
+});
+test('upsert: clears tombstone for a recreated session', async () => {
+  await withTempStore(async (storePath) => {
+    const store = await createTestStore(storePath);
+    store.upsert(makeRecord({ sessionId: 's1' }));
+    store.remove('s1');
+    assert.equal(store.isDeleted('s1'), true);
+    store.upsert(makeRecord({ sessionId: 's1', title: 'Recreated' }));
+    assert.equal(store.isDeleted('s1'), false);
+    assert.equal(store.find('s1')?.title, 'Recreated');
+  });
+});
+test('loadFromDisk: preserves accepted client message ids and trims oversized arrays', async () => {
+  await withTempStore(async (storePath) => {
+    const initial = makeRecord({
+      sessionId: 's1',
+      acceptedClientMessageIds: Array.from({ length: 205 }, (_, index) => `cm_${index}`),
+    });
+    const { normalizeSessionRecord } = await import('./session-store.js');
+    const record = normalizeSessionRecord(initial);
+    assert.ok(record);
+    assert.equal(record.acceptedClientMessageIds?.length, 200);
+    assert.equal(record.acceptedClientMessageIds?.[0], 'cm_5');
+    assert.equal(record.acceptedClientMessageIds?.[199], 'cm_204');
+  });
+});
+test('loadFromDisk: backfills missing accepted client message ids for legacy records', async () => {
+  await withTempStore(async (storePath) => {
+    const legacyRecord = makeRecord({ sessionId: 'legacy' });
+    delete (legacyRecord as SessionRecord & { acceptedClientMessageIds?: string[] }).acceptedClientMessageIds;
+    const { normalizeSessionRecord } = await import('./session-store.js');
+    const record = normalizeSessionRecord(legacyRecord);
+    assert.ok(record);
+    assert.deepEqual(record.acceptedClientMessageIds, []);
+  });
+});
+test('normalizeSessionRecord preserves a valid pending approval payload', async () => {
+  await withTempStore(async () => {
+    const { normalizeSessionRecord } = await import('./session-store.js');
+    const record = normalizeSessionRecord(makeRecord({
+      sessionId: 'pending-approval',
+      pendingApproval: {
+        requestId: 'req-1',
+        toolName: 'Bash',
+        input: { command: 'pwd' },
+        description: 'Run pwd',
+        approvalContext: {
+          provider: 'codex',
+          kind: 'command-execution',
+          rpcId: 42,
+        },
+      },
+    }));
+    assert.deepEqual(record.pendingApproval, {
+      requestId: 'req-1',
+      toolName: 'Bash',
+      input: { command: 'pwd' },
+      description: 'Run pwd',
+      approvalContext: {
+        provider: 'codex',
+        kind: 'command-execution',
+        rpcId: 42,
+      },
+    });
+  });
+});
+test('normalizeSessionStoreDiskState: supports legacy array-only store files', async () => {
+  const { normalizeSessionStoreDiskState } = await import('./session-store.js');
+  const legacyRecord = makeRecord({ sessionId: 'legacy-array' });
+  delete (legacyRecord as SessionRecord & { acceptedClientMessageIds?: string[] }).acceptedClientMessageIds;
+  const state = normalizeSessionStoreDiskState([legacyRecord]);
+  assert.equal(state.records.length, 1);
+  assert.equal(state.records[0].sessionId, 'legacy-array');
+  assert.deepEqual(state.records[0].acceptedClientMessageIds, []);
+  assert.deepEqual(state.deletedSessionIds, []);
+});
+test('normalizeSessionStoreDiskState: sanitizes deletedSessionIds entries', async () => {
+  const { normalizeSessionStoreDiskState } = await import('./session-store.js');
+  const state = normalizeSessionStoreDiskState({
+    records: [makeRecord({ sessionId: 'kept' })],
+    deletedSessionIds: ['dup', '', 'dup', null, 123, 'ok'],
+  });
+  assert.deepEqual(state.deletedSessionIds, ['dup', 'ok']);
+});

package/src/session-store.ts ADDED Viewed

@@ -0,0 +1,202 @@
+import { readFileSync, writeFileSync, mkdirSync } from 'fs';
+import { dirname } from 'path';
+import type { AgentType, ApprovalMode, ApprovalRequestPayload } from '@vibelet/shared';
+import { SESSION_STORE_PATH } from './paths.js';
+export interface SessionRecord {
+  sessionId: string;
+  agent: AgentType;
+  cwd: string;
+  approvalMode?: ApprovalMode;
+  acceptedClientMessageIds?: string[];
+  pendingApproval?: ApprovalRequestPayload;
+  title: string;
+  createdAt: string;
+  lastActivityAt: string;
+  /** True for sessions created from the Vibelet app. */
+  managed?: boolean;
+  /** True if the session was responding when last persisted. */
+  isResponding?: boolean;
+}
+interface SessionStoreDiskState {
+  records: SessionRecord[];
+  deletedSessionIds: string[];
+}
+const DEBOUNCE_MS = 500;
+const MAX_ACCEPTED_CLIENT_MESSAGE_IDS = 200;
+function sanitizeAcceptedClientMessageIds(ids: unknown): string[] {
+  if (!Array.isArray(ids)) return [];
+  const sanitized = ids.filter((value): value is string => typeof value === 'string' && value.length > 0);
+  if (sanitized.length <= MAX_ACCEPTED_CLIENT_MESSAGE_IDS) {
+    return sanitized;
+  }
+  return sanitized.slice(-MAX_ACCEPTED_CLIENT_MESSAGE_IDS);
+}
+function sanitizeDeletedSessionIds(ids: unknown): string[] {
+  if (!Array.isArray(ids)) return [];
+  const result: string[] = [];
+  for (const value of ids) {
+    if (typeof value !== 'string' || value.length === 0 || result.includes(value)) continue;
+    result.push(value);
+  }
+  return result;
+}
+function sanitizeApprovalRequest(value: unknown): ApprovalRequestPayload | undefined {
+  if (!value || typeof value !== 'object' || Array.isArray(value)) {
+    return undefined;
+  }
+  const candidate = value as Partial<ApprovalRequestPayload>;
+  const requestId = typeof candidate.requestId === 'string' ? candidate.requestId : '';
+  const toolName = typeof candidate.toolName === 'string' ? candidate.toolName : '';
+  const description = typeof candidate.description === 'string' ? candidate.description : '';
+  const input = candidate.input && typeof candidate.input === 'object' && !Array.isArray(candidate.input)
+    ? candidate.input as Record<string, unknown>
+    : {};
+  if (!requestId || !toolName || !description) {
+    return undefined;
+  }
+  const approvalContext = candidate.approvalContext;
+  if (
+    approvalContext
+    && typeof approvalContext === 'object'
+    && !Array.isArray(approvalContext)
+    && approvalContext.provider === 'codex'
+    && typeof approvalContext.kind === 'string'
+    && typeof approvalContext.rpcId === 'number'
+  ) {
+    return {
+      requestId,
+      toolName,
+      input,
+      description,
+      approvalContext: {
+        provider: 'codex',
+        kind: approvalContext.kind,
+        rpcId: approvalContext.rpcId,
+        ...(typeof approvalContext.questionId === 'string' ? { questionId: approvalContext.questionId } : {}),
+        ...(typeof approvalContext.approveLabel === 'string' ? { approveLabel: approvalContext.approveLabel } : {}),
+        ...(typeof approvalContext.denyLabel === 'string' ? { denyLabel: approvalContext.denyLabel } : {}),
+      },
+    };
+  }
+  return {
+    requestId,
+    toolName,
+    input,
+    description,
+  };
+}
+export function normalizeSessionRecord(record: SessionRecord & { lastActivityAt?: string }): SessionRecord {
+  return {
+    ...record,
+    lastActivityAt: record.lastActivityAt ?? record.createdAt,
+    acceptedClientMessageIds: sanitizeAcceptedClientMessageIds(record.acceptedClientMessageIds),
+    pendingApproval: sanitizeApprovalRequest(record.pendingApproval),
+  };
+}
+export function normalizeSessionStoreDiskState(parsed: unknown): SessionStoreDiskState {
+  if (Array.isArray(parsed)) {
+    return {
+      records: parsed.map(normalizeSessionRecord),
+      deletedSessionIds: [],
+    };
+  }
+  if (parsed && typeof parsed === 'object') {
+    const state = parsed as Partial<SessionStoreDiskState>;
+    return {
+      records: Array.isArray(state.records) ? state.records.map(normalizeSessionRecord) : [],
+      deletedSessionIds: sanitizeDeletedSessionIds(state.deletedSessionIds),
+    };
+  }
+  return { records: [], deletedSessionIds: [] };
+}
+export class SessionStore {
+  private records: SessionRecord[];
+  private deletedSessionIds: Set<string>;
+  private debounceTimer: ReturnType<typeof setTimeout> | null = null;
+  constructor() {
+    const state = this.loadFromDisk();
+    this.records = state.records;
+    this.deletedSessionIds = new Set(state.deletedSessionIds);
+  }
+  getAll(): SessionRecord[] {
+    return this.records;
+  }
+  getDeletedSessionIds(): string[] {
+    return [...this.deletedSessionIds];
+  }
+  find(sessionId: string): SessionRecord | undefined {
+    return this.records.find(r => r.sessionId === sessionId);
+  }
+  isDeleted(sessionId: string): boolean {
+    return this.deletedSessionIds.has(sessionId);
+  }
+  upsert(record: SessionRecord): void {
+    this.deletedSessionIds.delete(record.sessionId);
+    const index = this.records.findIndex(r => r.sessionId === record.sessionId);
+    if (index >= 0) {
+      this.records[index] = record;
+    } else {
+      this.records.unshift(record);
+    }
+    this.scheduleSave();
+  }
+  remove(sessionId: string): void {
+    this.records = this.records.filter(r => r.sessionId !== sessionId);
+    this.deletedSessionIds.add(sessionId);
+    this.scheduleSave();
+  }
+  flushSync(): void {
+    if (this.debounceTimer) {
+      clearTimeout(this.debounceTimer);
+      this.debounceTimer = null;
+    }
+    this.saveToDisk();
+  }
+  private scheduleSave(): void {
+    if (this.debounceTimer) clearTimeout(this.debounceTimer);
+    this.debounceTimer = setTimeout(() => {
+      this.debounceTimer = null;
+      this.saveToDisk();
+    }, DEBOUNCE_MS);
+  }
+  private loadFromDisk(): SessionStoreDiskState {
+    try {
+      const data = readFileSync(SESSION_STORE_PATH, 'utf-8');
+      return normalizeSessionStoreDiskState(JSON.parse(data) as unknown);
+    } catch {
+      // Ignore invalid or missing store files and start from an empty state.
+    }
+    return { records: [], deletedSessionIds: [] };
+  }
+  private saveToDisk(): void {
+    mkdirSync(dirname(SESSION_STORE_PATH), { recursive: true });
+    writeFileSync(SESSION_STORE_PATH, JSON.stringify({
+      records: this.records,
+      deletedSessionIds: [...this.deletedSessionIds],
+    }, null, 2));
+  }
+}

package/src/session-title.perf.test.ts ADDED Viewed

@@ -0,0 +1,118 @@
+import { describe, it } from 'node:test';
+import assert from 'node:assert/strict';
+import {
+  sanitizeSessionTitle,
+  isIdLikeSessionTitle,
+  isFallbackSessionTitle,
+  titleFromFirstSentence,
+  preferSessionTitle,
+} from './session-title.js';
+function measure(fn: () => void, iterations: number): { totalMs: number; avgMs: number } {
+  const start = performance.now();
+  for (let i = 0; i < iterations; i++) fn();
+  const totalMs = performance.now() - start;
+  return { totalMs, avgMs: totalMs / iterations };
+}
+const ITERATIONS = 10_000;
+describe('session-title performance', () => {
+  const longText = 'a'.repeat(500);
+  const multiLine = Array.from({ length: 50 }, (_, i) => `Line ${i}: some content here`).join('\n');
+  const uuid = '019d03e3-2672-7011-9c6d-5ba083b71111';
+  const hexId = 'abcdef1234567890abcdef';
+  it(`sanitizeSessionTitle × ${ITERATIONS} short strings < 50ms`, () => {
+    const { totalMs } = measure(() => sanitizeSessionTitle('  hello   world  '), ITERATIONS);
+    console.log(`  sanitizeSessionTitle (short): ${totalMs.toFixed(2)}ms for ${ITERATIONS} calls`);
+    assert.ok(totalMs < 50, `took ${totalMs.toFixed(2)}ms, expected < 50ms`);
+  });
+  it(`sanitizeSessionTitle × ${ITERATIONS} long strings < 100ms`, () => {
+    const { totalMs } = measure(() => sanitizeSessionTitle(longText), ITERATIONS);
+    console.log(`  sanitizeSessionTitle (long): ${totalMs.toFixed(2)}ms for ${ITERATIONS} calls`);
+    assert.ok(totalMs < 100, `took ${totalMs.toFixed(2)}ms, expected < 100ms`);
+  });
+  it(`isIdLikeSessionTitle × ${ITERATIONS} UUID checks < 50ms`, () => {
+    const { totalMs } = measure(() => isIdLikeSessionTitle(uuid), ITERATIONS);
+    console.log(`  isIdLikeSessionTitle (uuid): ${totalMs.toFixed(2)}ms for ${ITERATIONS} calls`);
+    assert.ok(totalMs < 50, `took ${totalMs.toFixed(2)}ms, expected < 50ms`);
+  });
+  it(`isIdLikeSessionTitle × ${ITERATIONS} hex checks < 50ms`, () => {
+    const { totalMs } = measure(() => isIdLikeSessionTitle(hexId), ITERATIONS);
+    console.log(`  isIdLikeSessionTitle (hex): ${totalMs.toFixed(2)}ms for ${ITERATIONS} calls`);
+    assert.ok(totalMs < 50, `took ${totalMs.toFixed(2)}ms, expected < 50ms`);
+  });
+  it(`isIdLikeSessionTitle × ${ITERATIONS} normal title < 50ms`, () => {
+    const { totalMs } = measure(() => isIdLikeSessionTitle('Fix the login bug'), ITERATIONS);
+    console.log(`  isIdLikeSessionTitle (normal): ${totalMs.toFixed(2)}ms for ${ITERATIONS} calls`);
+    assert.ok(totalMs < 50, `took ${totalMs.toFixed(2)}ms, expected < 50ms`);
+  });
+  it(`isFallbackSessionTitle × ${ITERATIONS} mixed checks < 100ms`, () => {
+    const titles = ['New session', 'Resumed session', uuid, 'Fix bug', hexId, 'Untitled session'];
+    const { totalMs } = measure(() => {
+      for (const title of titles) isFallbackSessionTitle(title);
+    }, ITERATIONS);
+    console.log(`  isFallbackSessionTitle (mixed×6): ${totalMs.toFixed(2)}ms for ${ITERATIONS} calls`);
+    assert.ok(totalMs < 100, `took ${totalMs.toFixed(2)}ms, expected < 100ms`);
+  });
+  it(`titleFromFirstSentence × ${ITERATIONS} single line < 50ms`, () => {
+    const { totalMs } = measure(() => titleFromFirstSentence('Fix the login bug. Then deploy.'), ITERATIONS);
+    console.log(`  titleFromFirstSentence (single): ${totalMs.toFixed(2)}ms for ${ITERATIONS} calls`);
+    assert.ok(totalMs < 50, `took ${totalMs.toFixed(2)}ms, expected < 50ms`);
+  });
+  it(`titleFromFirstSentence × ${ITERATIONS} multi-line < 200ms`, () => {
+    const { totalMs } = measure(() => titleFromFirstSentence(multiLine), ITERATIONS);
+    console.log(`  titleFromFirstSentence (multi): ${totalMs.toFixed(2)}ms for ${ITERATIONS} calls`);
+    assert.ok(totalMs < 200, `took ${totalMs.toFixed(2)}ms, expected < 200ms`);
+  });
+  it(`titleFromFirstSentence × ${ITERATIONS} with meta prefix noise < 200ms`, () => {
+    const text = '<environment_context>setup\n# AGENTS.md instructions for project\nActual title here. More text.';
+    const { totalMs } = measure(() => titleFromFirstSentence(text), ITERATIONS);
+    console.log(`  titleFromFirstSentence (meta noise): ${totalMs.toFixed(2)}ms for ${ITERATIONS} calls`);
+    assert.ok(totalMs < 200, `took ${totalMs.toFixed(2)}ms, expected < 200ms`);
+  });
+  it(`titleFromFirstSentence × ${ITERATIONS} long truncation < 100ms`, () => {
+    const sentence = 'A'.repeat(200) + '. Done.';
+    const { totalMs } = measure(() => titleFromFirstSentence(sentence, 80), ITERATIONS);
+    console.log(`  titleFromFirstSentence (truncation): ${totalMs.toFixed(2)}ms for ${ITERATIONS} calls`);
+    assert.ok(totalMs < 100, `took ${totalMs.toFixed(2)}ms, expected < 100ms`);
+  });
+  it(`preferSessionTitle × ${ITERATIONS} candidate chain < 100ms`, () => {
+    const candidates: Array<string | null | undefined> = [
+      null,
+      undefined,
+      'New session',
+      uuid,
+      'Actual good title',
+    ];
+    const { totalMs } = measure(() => preferSessionTitle(candidates, 'fallback text here'), ITERATIONS);
+    console.log(`  preferSessionTitle (chain): ${totalMs.toFixed(2)}ms for ${ITERATIONS} calls`);
+    assert.ok(totalMs < 100, `took ${totalMs.toFixed(2)}ms, expected < 100ms`);
+  });
+  it(`preferSessionTitle × ${ITERATIONS} fallback to text < 200ms`, () => {
+    const candidates: Array<string | null | undefined> = [null, 'New session', uuid];
+    const { totalMs } = measure(() => preferSessionTitle(candidates, multiLine), ITERATIONS);
+    console.log(`  preferSessionTitle (fallback): ${totalMs.toFixed(2)}ms for ${ITERATIONS} calls`);
+    assert.ok(totalMs < 200, `took ${totalMs.toFixed(2)}ms, expected < 200ms`);
+  });
+  // CJK sentence boundary test
+  it(`titleFromFirstSentence × ${ITERATIONS} CJK text < 100ms`, () => {
+    const text = '修复登录页面的样式问题。然后部署到生产环境。';
+    const { totalMs } = measure(() => titleFromFirstSentence(text), ITERATIONS);
+    console.log(`  titleFromFirstSentence (CJK): ${totalMs.toFixed(2)}ms for ${ITERATIONS} calls`);
+    assert.ok(totalMs < 100, `took ${totalMs.toFixed(2)}ms, expected < 100ms`);
+  });
+});