@zhijiewang/openharness 2.0.0 → 2.3.0

package/dist/harness/rules.js

@@ -7,9 +7,9 @@
  *   4. .oh/rules/*.md
  *   5. CLAUDE.local.md (gitignored personal overrides)
  */
-import { readFileSync, readdirSync, existsSync, mkdirSync, writeFileSync } from "node:fs";
-import { join, resolve, dirname, parse as parsePath } from "node:path";
+import { existsSync, mkdirSync, readdirSync, readFileSync, writeFileSync } from "node:fs";
 import { homedir } from "node:os";
+import { dirname, join, parse as parsePath, resolve } from "node:path";
 import { gitRoot as getGitRoot } from "../git/index.js";
 const OH_HOME = join(homedir(), ".oh");
 /**
@@ -49,7 +49,9 @@ export function loadRules(projectPath) {
     // 1. Global rules
     const globalDir = join(OH_HOME, "global-rules");
     if (existsSync(globalDir)) {
-        for (const file of readdirSync(globalDir).filter((f) => f.endsWith(".md")).sort()) {
+        for (const file of readdirSync(globalDir)
+            .filter((f) => f.endsWith(".md"))
+            .sort()) {
             const content = readSafe(join(globalDir, file));
             if (content)
                 rules.push(content);
@@ -68,7 +70,9 @@ export function loadRules(projectPath) {
     // 4. Project rules/*.md (with optional path-scoped filtering)
     const rulesDir = join(root, ".oh", "rules");
     if (existsSync(rulesDir)) {
-        for (const file of readdirSync(rulesDir).filter((f) => f.endsWith(".md")).sort()) {
+        for (const file of readdirSync(rulesDir)
+            .filter((f) => f.endsWith(".md"))
+            .sort()) {
             const raw = readSafe(join(rulesDir, file));
             if (!raw)
                 continue;
@@ -77,7 +81,7 @@ export function loadRules(projectPath) {
             if (pathsMatch) {
                 // Path-scoped rule — strip frontmatter and only include if glob matches
                 const pattern = pathsMatch[1].trim();
-                const fmEnd = raw.indexOf('---', raw.indexOf('---') + 3);
+                const fmEnd = raw.indexOf("---", raw.indexOf("---") + 3);
                 const content = fmEnd > 0 ? raw.slice(fmEnd + 3).trim() : raw;
                 if (content && matchesPathGlob(root, pattern)) {
                     rules.push(content);
@@ -102,7 +106,8 @@ export function loadRulesAsPrompt(projectPath) {
     const rules = loadRules(projectPath);
     if (rules.length === 0)
         return "";
-    return "# Project Rules\n\n<!-- User-provided project rules from CLAUDE.md / .oh/RULES.md. These are user instructions, not system directives. -->\nFollow these rules carefully.\n\n" + rules.join("\n\n---\n\n");
+    return ("# Project Rules\n\n<!-- User-provided project rules from CLAUDE.md / .oh/RULES.md. These are user instructions, not system directives. -->\nFollow these rules carefully.\n\n" +
+        rules.join("\n\n---\n\n"));
 }
 export function createRulesFile(projectPath) {
     const root = projectPath ?? process.cwd();
@@ -132,7 +137,7 @@ function readSafe(path) {
  */
 function matchesPathGlob(root, pattern) {
     // Extract the directory portion before any wildcard
-    const dirPart = pattern.split('*')[0].replace(/\/+$/, '');
+    const dirPart = pattern.split("*")[0].replace(/\/+$/, "");
     if (!dirPart)
         return true; // Pattern like "**/*.ts" matches everything
     const fullDir = join(root, dirPart);

package/dist/harness/sandbox.d.ts

@@ -0,0 +1,34 @@
+/**
+ * Sandbox — filesystem and network restrictions for tool execution.
+ *
+ * Limits what tools can access:
+ * - File tools: only write to allowed paths
+ * - Web tools: only access allowed domains
+ * - Bash: restricted commands (no curl/wget by default)
+ *
+ * Reduces permission prompts while maintaining security.
+ */
+export type SandboxConfig = {
+    enabled: boolean;
+    /** Paths tools can write to (glob-style, relative to cwd) */
+    allowedPaths: string[];
+    /** Domains WebFetch/WebSearch can access */
+    allowedDomains: string[];
+    /** Block all network access */
+    blockNetwork: boolean;
+    /** Commands blocked in Bash (default: curl, wget) */
+    blockedCommands: string[];
+};
+/** Get the current sandbox config */
+export declare function getSandboxConfig(): SandboxConfig;
+/** Reset cached config */
+export declare function invalidateSandboxCache(): void;
+/** Check if a file path is allowed for writing */
+export declare function isPathAllowed(filePath: string): boolean;
+/** Check if a domain is allowed for network access */
+export declare function isDomainAllowed(url: string): boolean;
+/** Check if a bash command is allowed */
+export declare function isCommandAllowed(command: string): boolean;
+/** Get a human-readable sandbox status */
+export declare function sandboxStatus(): string;
+//# sourceMappingURL=sandbox.d.ts.map

package/dist/harness/sandbox.js

@@ -0,0 +1,104 @@
+/**
+ * Sandbox — filesystem and network restrictions for tool execution.
+ *
+ * Limits what tools can access:
+ * - File tools: only write to allowed paths
+ * - Web tools: only access allowed domains
+ * - Bash: restricted commands (no curl/wget by default)
+ *
+ * Reduces permission prompts while maintaining security.
+ */
+import { relative, resolve } from "node:path";
+import { readOhConfig } from "./config.js";
+const DEFAULT_SANDBOX = {
+    enabled: false,
+    allowedPaths: ["."], // current directory
+    allowedDomains: [], // empty = all allowed
+    blockNetwork: false,
+    blockedCommands: ["curl", "wget"],
+};
+// ── Sandbox Manager ──
+let _config = null;
+/** Get the current sandbox config */
+export function getSandboxConfig() {
+    if (_config)
+        return _config;
+    const ohConfig = readOhConfig();
+    if (ohConfig?.sandbox) {
+        _config = {
+            ...DEFAULT_SANDBOX,
+            ...ohConfig.sandbox,
+        };
+    }
+    else {
+        _config = DEFAULT_SANDBOX;
+    }
+    return _config;
+}
+/** Reset cached config */
+export function invalidateSandboxCache() {
+    _config = null;
+}
+/** Check if a file path is allowed for writing */
+export function isPathAllowed(filePath) {
+    const config = getSandboxConfig();
+    if (!config.enabled)
+        return true;
+    const resolved = resolve(filePath);
+    const cwd = process.cwd();
+    for (const allowed of config.allowedPaths) {
+        const allowedResolved = resolve(cwd, allowed);
+        // Check if the file is within the allowed directory
+        const rel = relative(allowedResolved, resolved);
+        if (!rel.startsWith("..") && !rel.startsWith("/"))
+            return true;
+    }
+    return false;
+}
+/** Check if a domain is allowed for network access */
+export function isDomainAllowed(url) {
+    const config = getSandboxConfig();
+    if (!config.enabled)
+        return true;
+    if (config.blockNetwork)
+        return false;
+    if (config.allowedDomains.length === 0)
+        return true;
+    try {
+        const hostname = new URL(url).hostname.toLowerCase();
+        return config.allowedDomains.some((d) => hostname === d.toLowerCase() || hostname.endsWith(`.${d.toLowerCase()}`));
+    }
+    catch {
+        return false;
+    }
+}
+/** Check if a bash command is allowed */
+export function isCommandAllowed(command) {
+    const config = getSandboxConfig();
+    if (!config.enabled)
+        return true;
+    const firstWord = command.trim().split(/\s+/)[0]?.toLowerCase() ?? "";
+    return !config.blockedCommands.includes(firstWord);
+}
+/** Get a human-readable sandbox status */
+export function sandboxStatus() {
+    const config = getSandboxConfig();
+    if (!config.enabled)
+        return "Sandbox: disabled";
+    const lines = ["Sandbox: enabled"];
+    lines.push(`  Allowed paths: ${config.allowedPaths.join(", ") || "none"}`);
+    if (config.blockNetwork) {
+        lines.push("  Network: blocked");
+    }
+    else if (config.allowedDomains.length > 0) {
+        lines.push(`  Allowed domains: ${config.allowedDomains.join(", ")}`);
+    }
+    else {
+        lines.push("  Network: unrestricted");
+    }
+    if (config.blockedCommands.length > 0) {
+        lines.push(`  Blocked commands: ${config.blockedCommands.join(", ")}`);
+    }
+    return lines.join("\n");
+}
+//# sourceMappingURL=sandbox.js.map

package/dist/harness/session-db.d.ts

@@ -0,0 +1,55 @@
+/**
+ * SQLite FTS5-based session search index.
+ * Provides fast full-text search over session content using BM25 ranking.
+ */
+import Database from "better-sqlite3";
+import type { Session } from "./session.js";
+export type SessionIndexEntry = {
+    sessionId: string;
+    content: string;
+    toolsUsed: string[];
+    model: string;
+    messageCount: number;
+    cost: number;
+    createdAt: number;
+    updatedAt: number;
+};
+export type SessionSearchResult = {
+    sessionId: string;
+    snippet: string;
+    model: string;
+    messageCount: number;
+    cost: number;
+    updatedAt: number;
+    rank: number;
+};
+/**
+ * Opens or creates a SQLite DB with FTS5 virtual table for session search.
+ */
+export declare function openSessionDb(dbPath?: string): Database.Database;
+/**
+ * Closes the SQLite database connection.
+ */
+export declare function closeSessionDb(db: Database.Database): void;
+/**
+ * Upserts a session index entry using delete+insert pattern.
+ */
+export declare function indexSession(db: Database.Database, entry: SessionIndexEntry): void;
+/**
+ * Searches sessions using FTS5 with BM25 ranking.
+ * Returns results with snippets showing matching context.
+ */
+export declare function searchSessions(db: Database.Database, query: string, limit?: number): SessionSearchResult[];
+/**
+ * Converts a Session object to a SessionIndexEntry for indexing.
+ */
+export declare function sessionToIndexEntry(session: Session): SessionIndexEntry;
+/**
+ * Rebuilds the FTS5 index from session JSON files on disk.
+ */
+export declare function rebuildIndex(db: Database.Database, sessionsDir?: string): number;
+/** Get a shared DB connection (opens once, reuses thereafter) */
+export declare function getSessionDb(): Database.Database;
+/** Close the singleton connection (call on process exit) */
+export declare function closeGlobalSessionDb(): void;
+//# sourceMappingURL=session-db.d.ts.map

package/dist/harness/session-db.js

@@ -0,0 +1,165 @@
+/**
+ * SQLite FTS5-based session search index.
+ * Provides fast full-text search over session content using BM25 ranking.
+ */
+import { existsSync, mkdirSync, readdirSync, readFileSync } from "node:fs";
+import { homedir } from "node:os";
+import { dirname, join } from "node:path";
+import Database from "better-sqlite3";
+const DEFAULT_DB_PATH = join(homedir(), ".oh", "sessions.db");
+const DEFAULT_SESSION_DIR = join(homedir(), ".oh", "sessions");
+/**
+ * Opens or creates a SQLite DB with FTS5 virtual table for session search.
+ */
+export function openSessionDb(dbPath) {
+    const path = dbPath ?? DEFAULT_DB_PATH;
+    const dir = dirname(path);
+    mkdirSync(dir, { recursive: true });
+    const db = new Database(path);
+    // Enable WAL mode for better concurrent read performance
+    db.pragma("journal_mode = WAL");
+    db.exec(`
+    CREATE VIRTUAL TABLE IF NOT EXISTS sessions_fts USING fts5(
+      session_id, content, tools_used, model,
+      message_count UNINDEXED, cost UNINDEXED,
+      created_at UNINDEXED, updated_at UNINDEXED
+    );
+  `);
+    return db;
+}
+/**
+ * Closes the SQLite database connection.
+ */
+export function closeSessionDb(db) {
+    try {
+        db.close();
+    }
+    catch {
+        /* skip */
+    }
+}
+/**
+ * Upserts a session index entry using delete+insert pattern.
+ */
+export function indexSession(db, entry) {
+    const del = db.prepare("DELETE FROM sessions_fts WHERE session_id = ?");
+    const ins = db.prepare("INSERT INTO sessions_fts (session_id, content, tools_used, model, message_count, cost, created_at, updated_at) VALUES (?, ?, ?, ?, ?, ?, ?, ?)");
+    const upsert = db.transaction(() => {
+        del.run(entry.sessionId);
+        ins.run(entry.sessionId, entry.content, entry.toolsUsed.join(" "), entry.model, entry.messageCount, entry.cost, entry.createdAt, entry.updatedAt);
+    });
+    upsert();
+}
+/**
+ * Searches sessions using FTS5 with BM25 ranking.
+ * Returns results with snippets showing matching context.
+ */
+export function searchSessions(db, query, limit = 20) {
+    const stmt = db.prepare(`
+    SELECT
+      session_id,
+      snippet(sessions_fts, 1, '>>>', '<<<', '...', 64) AS snippet,
+      model,
+      CAST(message_count AS INTEGER) AS message_count,
+      CAST(cost AS REAL) AS cost,
+      CAST(updated_at AS INTEGER) AS updated_at,
+      rank
+    FROM sessions_fts
+    WHERE sessions_fts MATCH ?
+    ORDER BY rank
+    LIMIT ?
+  `);
+    try {
+        const rows = stmt.all(query, limit);
+        return rows.map((row) => ({
+            sessionId: row.session_id,
+            snippet: row.snippet,
+            model: row.model,
+            messageCount: row.message_count,
+            cost: row.cost,
+            updatedAt: row.updated_at,
+            rank: row.rank,
+        }));
+    }
+    catch (err) {
+        // Only swallow FTS5 syntax errors; rethrow DB corruption or other issues
+        if (err instanceof Error && (err.message.includes("fts5") || err.message.includes("syntax"))) {
+            return [];
+        }
+        throw err;
+    }
+}
+/**
+ * Converts a Session object to a SessionIndexEntry for indexing.
+ */
+export function sessionToIndexEntry(session) {
+    // Concatenate user + assistant message text
+    const contentParts = [];
+    const toolsSet = new Set();
+    for (const msg of session.messages) {
+        if (msg.role === "user" || msg.role === "assistant") {
+            if (msg.content) {
+                contentParts.push(msg.content);
+            }
+        }
+        // Dedupe tool names from toolCalls
+        if (msg.toolCalls) {
+            for (const tc of msg.toolCalls) {
+                toolsSet.add(tc.toolName);
+            }
+        }
+    }
+    return {
+        sessionId: session.id,
+        content: contentParts.join(" "),
+        toolsUsed: Array.from(toolsSet),
+        model: session.model,
+        messageCount: session.messages.length,
+        cost: session.totalCost,
+        createdAt: session.createdAt,
+        updatedAt: session.updatedAt,
+    };
+}
+/**
+ * Rebuilds the FTS5 index from session JSON files on disk.
+ */
+export function rebuildIndex(db, sessionsDir) {
+    const dir = sessionsDir ?? DEFAULT_SESSION_DIR;
+    if (!existsSync(dir))
+        return 0;
+    const files = readdirSync(dir).filter((f) => f.endsWith(".json"));
+    let count = 0;
+    for (const file of files) {
+        try {
+            const raw = readFileSync(join(dir, file), "utf-8");
+            const session = JSON.parse(raw);
+            const entry = sessionToIndexEntry(session);
+            indexSession(db, entry);
+            count++;
+        }
+        catch {
+            /* skip invalid/corrupt files */
+        }
+    }
+    return count;
+}
+// ── Singleton Connection ──
+let _singletonDb = null;
+/** Get a shared DB connection (opens once, reuses thereafter) */
+export function getSessionDb() {
+    if (!_singletonDb) {
+        _singletonDb = openSessionDb();
+    }
+    return _singletonDb;
+}
+/** Close the singleton connection (call on process exit) */
+export function closeGlobalSessionDb() {
+    if (_singletonDb) {
+        try {
+            _singletonDb.close();
+        }
+        catch { /* ignore */ }
+        _singletonDb = null;
+    }
+}
+//# sourceMappingURL=session-db.js.map

package/dist/harness/session.d.ts

@@ -43,7 +43,7 @@ export declare function getLastSessionId(dir?: string): string | null;
  * Captures the last user message, recent assistant activity,
  * and a brief summary for context reconstruction on wake.
  */
-export declare function buildHibernateState(messages: Message[]): Session['hibernate'];
+export declare function buildHibernateState(messages: Message[]): Session["hibernate"];
 /**
  * Generate a wake-up context message for a resumed session.
  * Tells the LLM what happened in the previous session.

package/dist/harness/session.js

@@ -1,10 +1,10 @@
 /**
  * Session persistence — save and resume conversations.
  */
-import { readFileSync, writeFileSync, mkdirSync, readdirSync, existsSync, unlinkSync } from "node:fs";
-import { join } from "node:path";
-import { homedir } from "node:os";
 import { randomUUID } from "node:crypto";
+import { existsSync, mkdirSync, readdirSync, readFileSync, unlinkSync, writeFileSync } from "node:fs";
+import { homedir } from "node:os";
+import { join } from "node:path";
 const DEFAULT_SESSION_DIR = join(homedir(), ".oh", "sessions");
 export function createSession(provider, model, extras) {
     return {
@@ -27,13 +27,28 @@ export function saveSession(session, dir) {
     const path = join(sessionDir, `${session.id}.json`);
     session.updatedAt = Date.now();
     writeFileSync(path, JSON.stringify(session, null, 2));
+    // Index session for FTS5 search (fire-and-forget, singleton connection)
+    import("./session-db.js")
+        .then(({ getSessionDb, indexSession: idx, sessionToIndexEntry }) => {
+        try {
+            idx(getSessionDb(), sessionToIndexEntry(session));
+        }
+        catch {
+            /* session search is optional */
+        }
+    })
+        .catch(() => {
+        /* ignore if session-db unavailable */
+    });
     // Evict old sessions (with lock to prevent concurrent eviction)
     if (!_evicting) {
         _evicting = true;
         try {
             evictOldSessions(sessionDir);
         }
-        catch { /* ignore */ }
+        catch {
+            /* ignore */
+        }
         _evicting = false;
     }
     return path;
@@ -81,23 +96,23 @@ export function buildHibernateState(messages) {
     if (messages.length === 0)
         return undefined;
     // Find last user message
-    const lastUser = [...messages].reverse().find(m => m.role === 'user');
-    const lastAssistant = [...messages].reverse().find(m => m.role === 'assistant');
+    const lastUser = [...messages].reverse().find((m) => m.role === "user");
+    const lastAssistant = [...messages].reverse().find((m) => m.role === "assistant");
     // Build a brief summary from the last few exchanges
     const recentMsgs = messages.slice(-6);
     const summaryParts = [];
     for (const m of recentMsgs) {
-        if (m.role === 'user') {
+        if (m.role === "user") {
             summaryParts.push(`User: ${m.content.slice(0, 100)}`);
         }
-        else if (m.role === 'assistant' && m.content) {
+        else if (m.role === "assistant" && m.content) {
             summaryParts.push(`Assistant: ${m.content.slice(0, 100)}`);
         }
     }
     return {
         lastUserMessage: lastUser?.content.slice(0, 200),
         pendingTask: lastAssistant?.content.slice(0, 200),
-        summary: summaryParts.join('\n'),
+        summary: summaryParts.join("\n"),
     };
 }
 /**
@@ -105,7 +120,7 @@ export function buildHibernateState(messages) {
  * Tells the LLM what happened in the previous session.
  */
 export function buildWakeContext(session) {
-    const parts = ['[Session Resumed]'];
+    const parts = ["[Session Resumed]"];
     if (session.workingDir) {
         parts.push(`Previous working directory: ${session.workingDir}`);
         if (session.workingDir !== process.cwd()) {
@@ -122,8 +137,8 @@ export function buildWakeContext(session) {
         parts.push(`\nLast user request: ${session.hibernate.lastUserMessage}`);
     }
     parts.push(`\nSession has ${session.messages.length} messages and cost $${session.totalCost.toFixed(4)} so far.`);
-    parts.push('Continue where you left off. If the user\'s last request was incomplete, acknowledge that and ask how to proceed.');
-    return parts.join('\n');
+    parts.push("Continue where you left off. If the user's last request was incomplete, acknowledge that and ask how to proceed.");
+    return parts.join("\n");
 }
 /** Maximum number of sessions to keep on disk. */
 const MAX_SESSIONS = 100;
@@ -139,7 +154,8 @@ export function evictOldSessions(dir, maxSessions = MAX_SESSIONS) {
     if (files.length <= maxSessions)
         return 0;
     // Sort by modification time (oldest first)
-    const withStats = files.map((f) => {
+    const withStats = files
+        .map((f) => {
         const path = join(sessionDir, f);
         try {
             const data = JSON.parse(readFileSync(path, "utf-8"));
@@ -148,13 +164,16 @@ export function evictOldSessions(dir, maxSessions = MAX_SESSIONS) {
         catch {
             return { path, updatedAt: 0 };
         }
-    }).sort((a, b) => a.updatedAt - b.updatedAt);
+    })
+        .sort((a, b) => a.updatedAt - b.updatedAt);
     const toRemove = withStats.slice(0, files.length - maxSessions);
     for (const { path } of toRemove) {
         try {
             unlinkSync(path);
         }
-        catch { /* ignore */ }
+        catch {
+            /* ignore */
+        }
     }
     return toRemove.length;
 }

package/dist/harness/store.d.ts

@@ -4,8 +4,8 @@
  * Simple reactive store inspired by Zustand but without React dependency.
  * State is modified via setState() which notifies subscribers.
  */
-import type { Message } from '../types/message.js';
-import type { Session } from './session.js';
+import type { Message } from "../types/message.js";
+import type { Session } from "./session.js";
 export type REPLState = {
     messages: Message[];
     loading: boolean;
@@ -14,7 +14,7 @@ export type REPLState = {
     inputCursor: number;
     inputHistory: string[];
     historyIndex: number;
-    vimMode: 'normal' | 'insert' | null;
+    vimMode: "normal" | "insert" | null;
     fastMode: boolean;
     companionVisible: boolean;
     acSuggestions: string[];

package/dist/harness/store.js

@@ -8,8 +8,8 @@ export function createInitialState(overrides) {
     return {
         messages: [],
         loading: false,
-        currentModel: '',
-        inputText: '',
+        currentModel: "",
+        inputText: "",
         inputCursor: 0,
         inputHistory: [],
         historyIndex: -1,
@@ -42,14 +42,16 @@ export function createStore(initial) {
     return {
         getState: () => state,
         setState(partial) {
-            const updates = typeof partial === 'function' ? partial(state) : partial;
+            const updates = typeof partial === "function" ? partial(state) : partial;
             state = { ...state, ...updates };
             for (const fn of subscribers)
                 fn(state);
         },
         subscribe(fn) {
             subscribers.add(fn);
-            return () => { subscribers.delete(fn); };
+            return () => {
+                subscribers.delete(fn);
+            };
         },
     };
 }

package/dist/harness/submit-handler.d.ts

@@ -2,10 +2,10 @@
  * Shared submit/input handler — processes user input before sending to LLM.
  * Used by both cell renderer REPL and Ink REPL.
  */
-import type { Message } from '../types/message.js';
-import type { PermissionMode } from '../types/permissions.js';
-import type { CompanionConfig } from '../cybergotchi/types.js';
-import type { CostTracker } from './cost.js';
+import type { CompanionConfig } from "../cybergotchi/types.js";
+import type { Message } from "../types/message.js";
+import type { PermissionMode } from "../types/permissions.js";
+import type { CostTracker } from "./cost.js";
 export type SubmitContext = {
     messages: Message[];
     currentModel: string;