@visorcraft/idlehands 1.1.17 → 1.2.1

package/dist/tools.js

@@ -279,8 +279,10 @@ export async function undo_path(ctx, args) {
     const p = directPath ? resolvePath(ctx, directPath) : ctx.lastEditedPath;
     if (!p)
         throw new Error('undo: missing path');
+    const absCwd = path.resolve(ctx.cwd);
+    const redactedPath = redactPath(p, absCwd);
     if (!ctx.noConfirm && ctx.confirm) {
-        const ok = await ctx.confirm(`Restore latest backup for:\n  ${p}\nThis will overwrite the current file. Proceed? (y/N) `);
+        const ok = await ctx.confirm(`Restore latest backup for:\n  ${redactedPath}\nThis will overwrite the current file. Proceed? (y/N) `);
         if (!ok)
             return 'undo: cancelled';
     }
@@ -288,11 +290,13 @@ export async function undo_path(ctx, args) {
         throw new Error('undo: confirmation required (run with --no-confirm/--yolo or in interactive mode)');
     }
     if (ctx.dryRun)
-        return `dry-run: would restore latest backup for ${p}`;
+        return `dry-run: would restore latest backup for ${redactedPath}`;
     return await restoreLatestBackup(p, ctx);
 }
 export async function read_file(ctx, args) {
     const p = resolvePath(ctx, args?.path);
+    const absCwd = path.resolve(ctx.cwd);
+    const redactedPath = redactPath(p, absCwd);
     const offset = args?.offset != null ? Number(args.offset) : undefined;
     const rawLimit = args?.limit != null ? Number(args.limit) : undefined;
     const limit = Number.isFinite(rawLimit) && rawLimit > 0
@@ -317,7 +321,7 @@ export async function read_file(ctx, args) {
     try {
         const stat = await fs.stat(p);
         if (stat.isDirectory()) {
-            return `read_file: "${p}" is a directory, not a file. Use list_dir to see its contents, or search_files to find specific code.`;
+            return `read_file: "${redactedPath}" is a directory, not a file. Use list_dir to see its contents, or search_files to find specific code.`;
         }
     }
     catch (e) {
@@ -419,6 +423,8 @@ export async function read_files(ctx, args) {
 }
 export async function write_file(ctx, args) {
     const p = resolvePath(ctx, args?.path);
+    const absCwd = path.resolve(ctx.cwd);
+    const redactedPath = redactPath(p, absCwd);
     // Content may arrive as a string (normal) or as a parsed JSON object
     // (when llama-server's XML parser auto-parses JSON content values).
     const raw = args?.content;
@@ -444,7 +450,7 @@ export async function write_file(ctx, args) {
     }
     if (pathVerdict.tier === 'cautious' && !ctx.noConfirm) {
         if (ctx.confirm) {
-            const ok = await ctx.confirm(pathVerdict.prompt || `Write to ${p}?`, { tool: 'write_file', args: { path: p } });
+            const ok = await ctx.confirm(pathVerdict.prompt || `Write to ${redactedPath}?`, { tool: 'write_file', args: { path: p } });
             if (!ok)
                 throw new Error(`write_file: cancelled by user (${pathVerdict.reason})`);
         }
@@ -454,7 +460,7 @@ export async function write_file(ctx, args) {
     }
     const existingStat = await fs.stat(p).catch(() => null);
     if (existingStat?.isFile() && existingStat.size > 0 && !overwrite) {
-        throw new Error(`write_file: refusing to overwrite existing non-empty file ${p} without explicit overwrite=true (or force=true). ` +
+        throw new Error(`write_file: refusing to overwrite existing non-empty file ${redactedPath} without explicit overwrite=true (or force=true). ` +
             `Use edit_range/apply_patch for surgical edits, or set overwrite=true for intentional full-file replacement.`);
     }
     if (ctx.dryRun) {
@@ -471,10 +477,12 @@ export async function write_file(ctx, args) {
     ctx.onMutation?.(p);
     const afterBuf = Buffer.from(content, 'utf8');
     const replayNote = await checkpointReplay(ctx, { op: 'write_file', filePath: p, before: beforeBuf, after: afterBuf });
-    return `wrote ${p} (${Buffer.byteLength(content, 'utf8')} bytes)${replayNote}${cwdWarning}`;
+    return `wrote ${redactedPath} (${Buffer.byteLength(content, 'utf8')} bytes)${replayNote}${cwdWarning}`;
 }
 export async function insert_file(ctx, args) {
     const p = resolvePath(ctx, args?.path);
+    const absCwd = path.resolve(ctx.cwd);
+    const redactedPath = redactPath(p, absCwd);
     const line = Number(args?.line);
     const rawText = args?.text;
     const text = typeof rawText === 'string' ? rawText
@@ -493,7 +501,7 @@ export async function insert_file(ctx, args) {
     }
     if (pathVerdict.tier === 'cautious' && !ctx.noConfirm) {
         if (ctx.confirm) {
-            const ok = await ctx.confirm(pathVerdict.prompt || `Insert into ${p}?`, { tool: 'insert_file', args: { path: p } });
+            const ok = await ctx.confirm(pathVerdict.prompt || `Insert into ${redactedPath}?`, { tool: 'insert_file', args: { path: p } });
             if (!ok)
                 throw new Error(`insert_file: cancelled by user (${pathVerdict.reason})`);
         }
@@ -502,7 +510,7 @@ export async function insert_file(ctx, args) {
         }
     }
     if (ctx.dryRun)
-        return `dry-run: would insert into ${p} at line=${line} (${Buffer.byteLength(text, 'utf8')} bytes)`;
+        return `dry-run: would insert into ${redactedPath} at line=${line} (${Buffer.byteLength(text, 'utf8')} bytes)`;
     // Phase 9d: snapshot /etc/ files before editing
     if (ctx.mode === 'sys' && ctx.vault) {
         await snapshotBeforeEdit(ctx.vault, p).catch(() => { });
@@ -523,7 +531,7 @@ export async function insert_file(ctx, args) {
             after: Buffer.from(out, 'utf8')
         });
         const cwdWarning = checkCwdWarning('insert_file', p, ctx);
-        return `inserted into ${p} at 0${replayNote}${cwdWarning}`;
+        return `inserted into ${redactedPath} at 0${replayNote}${cwdWarning}`;
     }
     const lines = beforeText.split(/\r?\n/);
     let idx;
@@ -552,10 +560,12 @@ export async function insert_file(ctx, args) {
         after: Buffer.from(out, 'utf8')
     });
     const cwdWarning = checkCwdWarning('insert_file', p, ctx);
-    return `inserted into ${p} at ${idx}${replayNote}${cwdWarning}`;
+    return `inserted into ${redactedPath} at ${idx}${replayNote}${cwdWarning}`;
 }
 export async function edit_file(ctx, args) {
     const p = resolvePath(ctx, args?.path);
+    const absCwd = path.resolve(ctx.cwd);
+    const redactedPath = redactPath(p, absCwd);
     const rawOld = args?.old_text;
     const oldText = typeof rawOld === 'string' ? rawOld
         : (rawOld != null && typeof rawOld === 'object' ? JSON.stringify(rawOld, null, 2) : undefined);
@@ -577,7 +587,7 @@ export async function edit_file(ctx, args) {
     }
     if (pathVerdict.tier === 'cautious' && !ctx.noConfirm) {
         if (ctx.confirm) {
-            const ok = await ctx.confirm(pathVerdict.prompt || `Edit ${p}?`, { tool: 'edit_file', args: { path: p, old_text: oldText, new_text: newText } });
+            const ok = await ctx.confirm(pathVerdict.prompt || `Edit ${redactedPath}?`, { tool: 'edit_file', args: { path: p, old_text: oldText, new_text: newText } });
             if (!ok)
                 throw new Error(`edit_file: cancelled by user (${pathVerdict.reason})`);
         }
@@ -590,7 +600,7 @@ export async function edit_file(ctx, args) {
         await snapshotBeforeEdit(ctx.vault, p).catch(() => { });
     }
     const cur = await fs.readFile(p, 'utf8').catch((e) => {
-        throw new Error(`edit_file: cannot read ${p}: ${e?.message ?? String(e)}`);
+        throw new Error(`edit_file: cannot read ${redactedPath}: ${e?.message ?? String(e)}`);
     });
     const idx = cur.indexOf(oldText);
     if (idx === -1) {
@@ -626,11 +636,11 @@ export async function edit_file(ctx, args) {
         else {
             hint = `\nFile head (first 400 chars):\n${cur.slice(0, 400)}`;
         }
-        throw new Error(`edit_file: old_text not found in ${p}. Re-read the file and retry with exact text.${hint}`);
+        throw new Error(`edit_file: old_text not found in ${redactedPath}. Re-read the file and retry with exact text.${hint}`);
     }
     const next = replaceAll ? cur.split(oldText).join(newText) : cur.slice(0, idx) + newText + cur.slice(idx + oldText.length);
     if (ctx.dryRun)
-        return `dry-run: would edit ${p} (replace_all=${replaceAll})`;
+        return `dry-run: would edit ${redactedPath} (replace_all=${replaceAll})`;
     await backupFile(p, ctx);
     await atomicWrite(p, next);
     ctx.onMutation?.(p);
@@ -641,7 +651,7 @@ export async function edit_file(ctx, args) {
         after: Buffer.from(next, 'utf8')
     });
     const cwdWarning = checkCwdWarning('edit_file', p, ctx);
-    return `edited ${p} (replace_all=${replaceAll})${replayNote}${cwdWarning}`;
+    return `edited ${redactedPath} (replace_all=${replaceAll})${replayNote}${cwdWarning}`;
 }
 function normalizePatchPath(p) {
     let s = String(p ?? '').trim();
@@ -891,7 +901,8 @@ export async function apply_patch(ctx, args) {
             if (chk.rc !== 0)
                 throw new Error(`apply_patch: patch --dry-run failed:\n${chk.err || chk.out}`);
         }
-        return `dry-run: patch would apply cleanly (${touched.paths.length} files): ${touched.paths.join(', ')}`;
+        const redactedPaths = touched.paths.map((rel) => redactPath(resolvePath(ctx, rel), path.resolve(ctx.cwd)));
+        return `dry-run: patch would apply cleanly (${touched.paths.length} files): ${redactedPaths.join(', ')}`;
     }
     // Snapshot + backup before applying
     const beforeMap = new Map();
@@ -937,7 +948,8 @@ export async function apply_patch(ctx, args) {
         replayNotes += replayNote;
         cwdWarnings += checkCwdWarning('apply_patch', abs, ctx);
     }
-    return `applied patch (${touched.paths.length} files): ${touched.paths.join(', ')}${replayNotes}${cwdWarnings}`;
+    const redactedPaths = touched.paths.map((rel) => redactPath(resolvePath(ctx, rel), path.resolve(ctx.cwd)));
+    return `applied patch (${touched.paths.length} files): ${redactedPaths.join(', ')}${replayNotes}${cwdWarnings}`;
 }
 export async function list_dir(ctx, args) {
     const p = resolvePath(ctx, args?.path ?? '.');
@@ -945,6 +957,7 @@ export async function list_dir(ctx, args) {
     const maxEntries = Math.min(args?.max_entries ? Number(args.max_entries) : 200, 500);
     if (!p)
         throw new Error('list_dir: missing path');
+    const absCwd = path.resolve(ctx.cwd);
     const lines = [];
     let count = 0;
     async function walk(dir, depth) {
@@ -959,7 +972,7 @@ export async function list_dir(ctx, args) {
             const full = path.join(dir, ent.name);
             const st = await fs.lstat(full).catch(() => null);
             const kind = ent.isDirectory() ? 'dir' : ent.isSymbolicLink() ? 'link' : 'file';
-            lines.push(`${kind}\t${st?.size ?? 0}\t${full}`);
+            lines.push(`${kind}\t${st?.size ?? 0}\t${redactPath(full, absCwd)}`);
             count++;
             if (recursive && ent.isDirectory() && depth < 3) {
                 await walk(full, depth + 1);
@@ -970,7 +983,7 @@ export async function list_dir(ctx, args) {
     if (count >= maxEntries)
         lines.push(`[truncated after ${maxEntries} entries]`);
     if (!lines.length)
-        return `[empty directory: ${p}]`;
+        return `[empty directory: ${redactPath(p, absCwd)}]`;
     return lines.join('\n');
 }
 export async function search_files(ctx, args) {
@@ -982,6 +995,7 @@ export async function search_files(ctx, args) {
         throw new Error('search_files: missing path');
     if (!pattern)
         throw new Error('search_files: missing pattern');
+    const absCwd = path.resolve(ctx.cwd);
     // Prefer rg if available (fast, bounded output)
     if (await hasRg()) {
         const cmd = ['rg', '-n', '--no-heading', '--color', 'never', pattern, root];
@@ -992,7 +1006,7 @@ export async function search_files(ctx, args) {
             const parsed = JSON.parse(rawJson);
             // rg exits 1 when no matches found (not an error), 2+ for real errors.
             if (parsed.rc === 1 && !parsed.out?.trim()) {
-                return `No matches for pattern "${pattern}" in ${root}. STOP — do NOT read files individually to search. Try a broader regex pattern, different keywords, or use exec: grep -rn "keyword" ${root}`;
+                return `No matches for pattern \"${pattern}\" in ${root}. STOP — do NOT read files individually to search. Try a broader regex pattern, different keywords, or use exec: grep -rn \"keyword\" ${root}`;
             }
             if (parsed.rc >= 2) {
                 // Real rg error — fall through to regex fallback below
@@ -1003,7 +1017,16 @@ export async function search_files(ctx, args) {
                     const lines = rgOutput.split(/\r?\n/).filter(Boolean).slice(0, maxResults);
                     if (lines.length >= maxResults)
                         lines.push(`[truncated after ${maxResults} results]`);
-                    return lines.join('\n');
+                    // Redact paths in rg output
+                    const redactedLines = lines.map(line => {
+                        const colonIdx = line.indexOf(':');
+                        if (colonIdx === -1)
+                            return line;
+                        const filePath = line.substring(0, colonIdx);
+                        const rest = line.substring(colonIdx + 1);
+                        return redactPath(filePath, absCwd) + ':' + rest;
+                    });
+                    return redactedLines.join('\n');
                 }
             }
         }
@@ -1017,7 +1040,7 @@ export async function search_files(ctx, args) {
         re = new RegExp(pattern);
     }
     catch (e) {
-        throw new ToolError('invalid_args', `search_files: invalid regex pattern: ${e?.message ?? String(e)}`, false, 'Escape regex metacharacters (\\, [, ], (, ), +, *, ?). If you intended literal text, use an escaped/literal pattern.');
+        throw new ToolError('invalid_args', `search_files: invalid regex pattern: ${e?.message ?? String(e)}`, false, 'Escape regex metacharacters (\\\\, [, ], (, ), +, *, ?). If you intended literal text, use an escaped/literal pattern.');
     }
     const out = [];
     async function walk(dir, depth) {
@@ -1056,7 +1079,7 @@ export async function search_files(ctx, args) {
             const lines = buf.split(/\r?\n/);
             for (let i = 0; i < lines.length; i++) {
                 if (re.test(lines[i])) {
-                    out.push(`${full}:${i + 1}:${lines[i]}`);
+                    out.push(`${redactPath(full, absCwd)}:${i + 1}:${lines[i]}`);
                     if (out.length >= maxResults)
                         return;
                 }
@@ -1066,10 +1089,9 @@ export async function search_files(ctx, args) {
     await walk(root, 0);
     if (out.length >= maxResults)
         out.push(`[truncated after ${maxResults} results]`);
-    const result = out.join('\n');
-    if (!result)
-        return `No matches for pattern "${pattern}" in ${root}. STOP — do NOT read files individually to search. Try a broader regex pattern, different keywords, or use exec: grep -rn "keyword" ${root}`;
-    return result;
+    if (!out.length)
+        return `No matches for pattern \"${pattern}\" in ${redactPath(root, absCwd)}.`;
+    return out.join('\n');
 }
 function stripSimpleQuotedSegments(s) {
     // Best-effort quote stripping for lightweight shell pattern checks.
@@ -1404,7 +1426,7 @@ export async function exec(ctx, args) {
 }
 async function execWithPty(args) {
     const { pty, command, cwd, timeout, maxBytes, captureLimit, signal, execCwdWarning } = args;
-    const proc = pty.spawn(BASH_PATH, ['-lc', command], {
+    const proc = pty.spawn(BASH_PATH, ['-c', command], {
         name: 'xterm-color',
         cwd,
         cols: 120,
@@ -1526,11 +1548,6 @@ export async function vault_search(ctx, args) {
 export async function sys_context(ctx, args) {
     return sysContextTool(ctx, args);
 }
-function resolvePath(ctx, p) {
-    if (typeof p !== 'string' || !p.trim())
-        throw new Error('missing path');
-    return path.resolve(ctx.cwd, p);
-}
 /**
  * Check if a target path is within a directory.
  * Handles the classic root directory edge case: when dir is `/`, every absolute path is valid.
@@ -1540,6 +1557,24 @@ function isWithinDir(target, dir) {
         return target.startsWith('/');
     return target === dir || target.startsWith(dir + path.sep);
 }
+function resolvePath(ctx, p) {
+    if (typeof p !== 'string' || !p.trim())
+        throw new Error('missing path');
+    return path.resolve(ctx.cwd, p);
+}
+/**
+ * Redact a path for safe output.
+ * - Paths within cwd are shown as relative paths
+ * - Paths outside cwd are redacted as [outside-cwd]/basename
+ */
+function redactPath(filePath, absCwd) {
+    const resolved = path.resolve(filePath);
+    if (isWithinDir(resolved, absCwd)) {
+        return path.relative(absCwd, resolved);
+    }
+    const basename = path.basename(resolved);
+    return `[outside-cwd]/${basename}`;
+}
 /**
  * Check if a resolved path is outside the working directory.
  * Returns a model-visible warning string if so, empty string otherwise.
@@ -1600,7 +1635,7 @@ async function hasRg() {
     catch {
         // try PATH
         return await new Promise((resolve) => {
-            const c = spawn(BASH_PATH, ['-lc', 'command -v rg >/dev/null 2>&1'], { stdio: 'ignore' });
+            const c = spawn(BASH_PATH, ['-c', 'command -v rg >/dev/null 2>&1'], { stdio: 'ignore' });
             c.on('error', () => resolve(false));
             c.on('close', (code) => resolve(code === 0));
         });