npm - @xcanwin/manyoyo - Versions diffs - 5.3.7 → 5.3.9 - Mend

@xcanwin/manyoyo 5.3.7 → 5.3.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/README.md CHANGED Viewed

@@ -125,6 +125,8 @@ manyoyo rm my-dev
 # Web 模式
 manyoyo serve 127.0.0.1:3000
 manyoyo serve 127.0.0.1:3000 -U admin -P 123456
+manyoyo serve 127.0.0.1:3000 -U admin -P 123456 -d
+manyoyo serve 127.0.0.1:3000 -d   # 未设置密码时会打印本次随机密码
 # 查看配置与命令拼装
 manyoyo config show

package/bin/manyoyo.js CHANGED Viewed

@@ -1,6 +1,6 @@
 #!/usr/bin/env node
-const { spawnSync } = require('child_process');
+const { spawn, spawnSync } = require('child_process');
 const fs = require('fs');
 const path = require('path');
 const os = require('os');
@@ -16,6 +16,12 @@ const { buildImage } = require('../lib/image-build');
 const { resolveAgentResumeArg, buildAgentResumeCommand } = require('../lib/agent-resume');
 const { runPluginCommand } = require('../lib/plugin');
 const { buildManyoyoLogPath } = require('../lib/log-path');
+const {
+    sanitizeSensitiveData,
+    sanitizeServeLogText,
+    formatServeLogValue,
+    getServeProcessSnapshot
+} = require('../lib/serve-log');
 const { version: BIN_VERSION, imageVersion: IMAGE_VERSION_DEFAULT } = require('../package.json');
 const IMAGE_VERSION_BASE = String(IMAGE_VERSION_DEFAULT || '1.0.0').split('-')[0];
 const IMAGE_VERSION_HELP_EXAMPLE = IMAGE_VERSION_DEFAULT || `${IMAGE_VERSION_BASE}-common`;
@@ -190,93 +196,6 @@ function ensureWebServerAuthCredentials() {
     }
 }
-/**
- * 敏感信息脱敏（用于 config show 输出）
- * @param {Object} obj - 配置对象
- * @returns {Object} 脱敏后的配置对象
- */
-function sanitizeSensitiveData(obj) {
-    const sensitiveKeys = ['KEY', 'TOKEN', 'SECRET', 'PASSWORD', 'PASS', 'AUTH', 'CREDENTIAL'];
-    function sanitizeValue(key, value) {
-        if (typeof value !== 'string') return value;
-        const upperKey = key.toUpperCase();
-        if (sensitiveKeys.some(k => upperKey.includes(k))) {
-            if (value.length <= 8) return '****';
-            return value.slice(0, 4) + '****' + value.slice(-4);
-        }
-        return value;
-    }
-    function sanitizeArray(arr) {
-        return arr.map(item => {
-            if (typeof item === 'string' && item.includes('=')) {
-                const idx = item.indexOf('=');
-                const key = item.slice(0, idx);
-                const value = item.slice(idx + 1);
-                return `${key}=${sanitizeValue(key, value)}`;
-            }
-            return item;
-        });
-    }
-    const result = {};
-    for (const [key, value] of Object.entries(obj)) {
-        if (Array.isArray(value)) {
-            result[key] = sanitizeArray(value);
-        } else if (typeof value === 'object' && value !== null) {
-            result[key] = sanitizeSensitiveData(value);
-        } else {
-            result[key] = sanitizeValue(key, value);
-        }
-    }
-    return result;
-}
-function stripAnsi(text) {
-    if (typeof text !== 'string') return '';
-    return text.replace(/\x1b\[[0-9;]*m/g, '');
-}
-function sanitizeServeLogText(input) {
-    let text = stripAnsi(String(input || ''));
-    if (!text) return text;
-    text = text.replace(/(--pass|-P)\s+\S+/gi, '$1 ****');
-    text = text.replace(
-        /\b(MANYOYO_SERVER_PASS|OPENAI_API_KEY|ANTHROPIC_AUTH_TOKEN|GEMINI_API_KEY|GOOGLE_API_KEY|OPENCODE_API_KEY)\s*=\s*([^\s'"]+)/gi,
-        '$1=****'
-    );
-    text = text.replace(
-        /("?(?:password|pass|token|api[_-]?key|authorization|cookie)"?\s*[:=]\s*)("[^"]*"|'[^']*'|[^,\s]+)/gi,
-        '$1"****"'
-    );
-    return text;
-}
-function formatServeLogValue(value) {
-    if (value instanceof Error) {
-        return sanitizeServeLogText(value.stack || value.message || String(value));
-    }
-    if (typeof value === 'object' && value !== null) {
-        try {
-            return sanitizeServeLogText(JSON.stringify(sanitizeSensitiveData(value)));
-        } catch (e) {
-            return sanitizeServeLogText(String(value));
-        }
-    }
-    return sanitizeServeLogText(String(value));
-}
-function getServeProcessSnapshot() {
-    return {
-        pid: process.pid,
-        ppid: process.ppid,
-        cwd: process.cwd(),
-        argv: Array.isArray(process.argv) ? process.argv.slice() : []
-    };
-}
 function createServeLogger() {
     function formatLocalTimestamp(date = new Date()) {
         const y = date.getFullYear();
@@ -1120,7 +1039,8 @@ async function setupCommander() {
   ${MANYOYO_NAME} run -n test -- -c                   恢复之前会话
   ${MANYOYO_NAME} run -x "echo 123"                   使用完整命令
   ${MANYOYO_NAME} serve 127.0.0.1:3000                启动本机网页服务
-  ${MANYOYO_NAME} serve 0.0.0.0:3000 -U admin -P 123 &>/dev/null &  后台启动并监听全部网卡
+  ${MANYOYO_NAME} serve 127.0.0.1:3000 -d             后台启动；未设密码时会打印本次随机密码
+  ${MANYOYO_NAME} serve 0.0.0.0:3000 -U admin -P 123 -d  后台启动并监听全部网卡
   ${MANYOYO_NAME} playwright up host-headless         启动 playwright 默认场景（推荐）
   ${MANYOYO_NAME} plugin playwright up host-headless  通过 plugin 命名空间启动
   ${MANYOYO_NAME} run -n test -q tip -q cmd           多次使用静默选项
@@ -1163,6 +1083,7 @@ Notes:
     const serveCommand = program.command('serve [listen]').description('启动网页交互服务 (默认 127.0.0.1:3000)');
     applyRunStyleOptions(serveCommand, { includeRmOnExit: false, includeWebAuthOptions: true });
+    serveCommand.option('-d, --detach', '后台启动网页服务并立即返回');
     serveCommand.action((listen, options) => {
         selectAction('serve', {
             ...options,
@@ -1498,6 +1419,7 @@ Notes:
         isRemoveMode,
         isShowCommandMode,
         isServerMode,
+        isServerDetach: Boolean(selectedAction === 'serve' && options.detach),
         isPluginMode: false
     };
 }
@@ -1524,6 +1446,7 @@ function createRuntimeContext(modeState = {}) {
         showCommand: Boolean(modeState.isShowCommandMode),
         rmOnExit: RM_ON_EXIT,
         serverMode: Boolean(modeState.isServerMode),
+        serverDetach: Boolean(modeState.isServerDetach),
         serverHost: SERVER_HOST,
         serverPort: SERVER_PORT,
         serverAuthUser: SERVER_AUTH_USER,
@@ -1558,6 +1481,62 @@ function validateHostPath(runtime) {
     }
 }
+function validateHostPathOrThrow(hostPath) {
+    if (!fs.existsSync(hostPath)) {
+        throw new Error(`宿主机路径不存在: ${hostPath}`);
+    }
+    const realHostPath = fs.realpathSync(hostPath);
+    const homeDir = process.env.HOME || '/home';
+    if (realHostPath === '/' || realHostPath === '/home' || realHostPath === homeDir) {
+        throw new Error('不允许挂载根目录或home目录。');
+    }
+}
+function buildDetachedServeArgv(argv) {
+    const result = [];
+    for (let i = 0; i < argv.length; i++) {
+        const arg = String(argv[i] || '');
+        if (arg === '-d' || arg === '--detach') {
+            continue;
+        }
+        result.push(arg);
+    }
+    return result;
+}
+function buildDetachedServeEnv(runtime) {
+    const env = { ...process.env };
+    if (runtime.serverAuthUser) {
+        env.MANYOYO_SERVER_USER = runtime.serverAuthUser;
+    }
+    if (runtime.serverAuthPass) {
+        env.MANYOYO_SERVER_PASS = runtime.serverAuthPass;
+    }
+    return env;
+}
+function relaunchServeDetached(runtime) {
+    const serveLog = buildManyoyoLogPath('serve');
+    fs.mkdirSync(serveLog.dir, { recursive: true });
+    const child = spawn(process.argv[0], buildDetachedServeArgv(process.argv.slice(1)), {
+        detached: true,
+        stdio: 'ignore',
+        env: buildDetachedServeEnv(runtime)
+    });
+    child.unref();
+    console.log(`${GREEN}✅ serve 已转入后台运行${NC}`);
+    console.log(`PID: ${child.pid}`);
+    console.log(`日志: ${serveLog.path}`);
+    console.log(`登录用户名: ${runtime.serverAuthUser}`);
+    if (runtime.serverAuthPassAuto) {
+        console.log(`登录密码(本次随机): ${runtime.serverAuthPass}`);
+    } else {
+        console.log('登录密码: 使用你配置的 serve -P / serverPass / MANYOYO_SERVER_PASS');
+    }
+}
 /**
  * 等待容器就绪（使用指数退避算法）
  * @param {string} containerName - 容器名称
@@ -1850,7 +1829,7 @@ async function runWebServerMode(runtime) {
         containerEnvs: runtime.containerEnvs,
         containerVolumes: runtime.containerVolumes,
         containerPorts: runtime.containerPorts,
-        validateHostPath: () => validateHostPath(runtime),
+        validateHostPath: value => validateHostPathOrThrow(value),
         formatDate,
         isValidContainerName,
         containerExists,
@@ -1892,6 +1871,10 @@ async function main() {
         // 2. Start web server mode
         if (runtime.serverMode) {
+            if (runtime.serverDetach) {
+                relaunchServeDetached(runtime);
+                return;
+            }
             const serveLogger = createServeLogger();
             runtime.logger = serveLogger;
             installServeProcessDiagnostics(serveLogger);

package/lib/serve-log.js ADDED Viewed

@@ -0,0 +1,116 @@
+function stripAnsi(text) {
+    if (typeof text !== 'string') return '';
+    return text.replace(/\x1b\[[0-9;]*m/g, '');
+}
+function sanitizeProcessArgv(argv) {
+    if (!Array.isArray(argv)) {
+        return [];
+    }
+    const result = [];
+    for (let i = 0; i < argv.length; i++) {
+        const arg = String(argv[i] || '');
+        if (arg === '--pass' || arg === '-P') {
+            result.push(arg);
+            if (i + 1 < argv.length) {
+                result.push('****');
+                i += 1;
+            }
+            continue;
+        }
+        if (arg.startsWith('--pass=')) {
+            result.push('--pass=****');
+            continue;
+        }
+        result.push(arg);
+    }
+    return result;
+}
+function sanitizeServeLogText(input) {
+    let text = stripAnsi(String(input || ''));
+    if (!text) return text;
+    text = text.replace(/(--pass|-P)\s+\S+/gi, '$1 ****');
+    text = text.replace(/("--pass"|"-P")\s*,\s*"[^"]*"/gi, '$1,"****"');
+    text = text.replace(/--pass=([^\s'"]+)/gi, '--pass=****');
+    text = text.replace(
+        /\b(MANYOYO_SERVER_PASS|OPENAI_API_KEY|ANTHROPIC_AUTH_TOKEN|GEMINI_API_KEY|GOOGLE_API_KEY|OPENCODE_API_KEY)\s*=\s*([^\s'"]+)/gi,
+        '$1=****'
+    );
+    text = text.replace(
+        /(?<![-\w])("?(?:password|pass|token|api[_-]?key|authorization|cookie)"?\s*[:=]\s*)("[^"]*"|'[^']*'|[^,\s]+)/gi,
+        '$1"****"'
+    );
+    return text;
+}
+function sanitizeSensitiveData(obj) {
+    const sensitiveKeys = ['KEY', 'TOKEN', 'SECRET', 'PASSWORD', 'PASS', 'AUTH', 'CREDENTIAL'];
+    function sanitizeValue(key, value) {
+        if (typeof value !== 'string') return value;
+        const upperKey = key.toUpperCase();
+        if (sensitiveKeys.some(k => upperKey.includes(k))) {
+            if (value.length <= 8) return '****';
+            return value.slice(0, 4) + '****' + value.slice(-4);
+        }
+        return value;
+    }
+    function sanitizeArray(arr) {
+        return arr.map(item => {
+            if (typeof item === 'string' && item.includes('=')) {
+                const idx = item.indexOf('=');
+                const key = item.slice(0, idx);
+                const value = item.slice(idx + 1);
+                return `${key}=${sanitizeValue(key, value)}`;
+            }
+            return item;
+        });
+    }
+    const result = {};
+    for (const [key, value] of Object.entries(obj || {})) {
+        if (Array.isArray(value)) {
+            result[key] = sanitizeArray(value);
+        } else if (typeof value === 'object' && value !== null) {
+            result[key] = sanitizeSensitiveData(value);
+        } else {
+            result[key] = sanitizeValue(key, value);
+        }
+    }
+    return result;
+}
+function formatServeLogValue(value) {
+    if (value instanceof Error) {
+        return sanitizeServeLogText(value.stack || value.message || String(value));
+    }
+    if (typeof value === 'object' && value !== null) {
+        try {
+            return sanitizeServeLogText(JSON.stringify(sanitizeSensitiveData(value)));
+        } catch (e) {
+            return sanitizeServeLogText(String(value));
+        }
+    }
+    return sanitizeServeLogText(String(value));
+}
+function getServeProcessSnapshot(processRef = process) {
+    return {
+        pid: processRef.pid,
+        ppid: processRef.ppid,
+        cwd: typeof processRef.cwd === 'function' ? processRef.cwd() : '',
+        argv: sanitizeProcessArgv(Array.isArray(processRef.argv) ? processRef.argv.slice() : [])
+    };
+}
+module.exports = {
+    sanitizeProcessArgv,
+    sanitizeServeLogText,
+    sanitizeSensitiveData,
+    formatServeLogValue,
+    getServeProcessSnapshot
+};

package/lib/web/server.js CHANGED Viewed

@@ -812,7 +812,11 @@ function buildCreateRuntime(ctx, state, payload) {
     validateContainerNameStrict(containerName);
     const hostPath = pickFirstString(requestOptions.hostPath, config.hostPath, ctx.hostPath);
-    validateWebHostPath(hostPath);
+    if (typeof ctx.validateHostPath === 'function') {
+        ctx.validateHostPath(hostPath);
+    } else {
+        validateWebHostPath(hostPath);
+    }
     const containerPath = pickFirstString(requestOptions.containerPath, config.containerPath, ctx.containerPath, hostPath) || hostPath;
     const imageName = pickFirstString(requestOptions.imageName, config.imageName, ctx.imageName);
@@ -1798,7 +1802,6 @@ async function startWebServer(options) {
         terminalSessions: new Map()
     };
-    ctx.validateHostPath();
     ensureWebHistoryDir(state.webHistoryDir);
     const wsServer = new WebSocket.Server({

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
     "name": "@xcanwin/manyoyo",
-    "version": "5.3.7",
+    "version": "5.3.9",
     "imageVersion": "1.8.4-common",
     "description": "AI Agent CLI Security Sandbox for Docker and Podman",
     "keywords": [