@zhijiewang/openharness 2.1.0 → 2.3.1

package/dist/types/permissions.js

@@ -4,8 +4,14 @@
 import { analyzeBashCommand } from "../utils/bash-safety.js";
 /** Tools auto-approved in acceptEdits mode */
 const EDIT_SAFE_TOOLS = new Set([
-    "FileRead", "FileWrite", "FileEdit", "Glob", "Grep", "LS",
-    "ImageRead", "NotebookEdit",
+    "FileRead",
+    "FileWrite",
+    "FileEdit",
+    "Glob",
+    "Grep",
+    "LS",
+    "ImageRead",
+    "NotebookEdit",
 ]);
 /** Parse a tool specifier like "Bash(npm run *)" into tool name + pattern */
 function parseToolSpecifier(specifier) {
@@ -28,10 +34,10 @@ function matchToolPattern(pattern, toolName) {
 function matchArgGlob(pattern, value) {
     // Convert glob to regex: * → [^/]*, ** → .*, escape other regex chars
     const regexStr = pattern
-        .replace(/[.+^${}()|[\]\\]/g, '\\$&') // escape regex chars (except * and ?)
-        .replace(/\*\*/g, '{{DOUBLESTAR}}')
-        .replace(/\*/g, '[^/]*')
-        .replace(/\{\{DOUBLESTAR\}\}/g, '.*');
+        .replace(/[.+^${}()|[\]\\]/g, "\\$&") // escape regex chars (except * and ?)
+        .replace(/\*\*/g, "{{DOUBLESTAR}}")
+        .replace(/\*/g, "[^/]*")
+        .replace(/\{\{DOUBLESTAR\}\}/g, ".*");
     try {
         return new RegExp(`^${regexStr}$`).test(value);
     }
@@ -43,7 +49,7 @@ function matchArgGlob(pattern, value) {
 function findToolRule(rules, toolName, toolInput) {
     if (!rules || rules.length === 0)
         return undefined;
-    return rules.find(r => {
+    return rules.find((r) => {
         const { toolName: specToolName, argPattern } = parseToolSpecifier(r.tool);
         // Check tool name match (with prefix * support)
         if (!matchToolPattern(specToolName, toolName))
@@ -52,11 +58,11 @@ function findToolRule(rules, toolName, toolInput) {
         if (argPattern && toolInput) {
             const input = toolInput;
             // For Bash: match against command string
-            if (toolName === 'Bash' && typeof input.command === 'string') {
+            if (toolName === "Bash" && typeof input.command === "string") {
                 return matchArgGlob(argPattern, input.command);
             }
             // For file tools: match against file_path
-            if (['Edit', 'Write', 'Read'].includes(toolName) && typeof input.file_path === 'string') {
+            if (["Edit", "Write", "Read"].includes(toolName) && typeof input.file_path === "string") {
                 return matchArgGlob(argPattern, input.file_path);
             }
             return false; // Has pattern but no matching field

package/dist/utils/bash-safety.d.ts

@@ -6,7 +6,7 @@
  * Inspired by Claude Code's bash AST analysis for permission gating.
  */
 export type BashRisk = {
-    level: 'safe' | 'moderate' | 'dangerous';
+    level: "safe" | "moderate" | "dangerous";
     reasons: string[];
 };
 /**

package/dist/utils/bash-safety.js

@@ -6,30 +6,39 @@
  * Inspired by Claude Code's bash AST analysis for permission gating.
  */
 // Commands that destroy data or are hard to reverse
-const DESTRUCTIVE_COMMANDS = new Set([
-    'rm', 'rmdir', 'mkfs', 'dd', 'shred',
-    'truncate', 'wipefs',
-]);
+const DESTRUCTIVE_COMMANDS = new Set(["rm", "rmdir", "mkfs", "dd", "shred", "truncate", "wipefs"]);
 // Git commands that are destructive or affect shared state
 const DANGEROUS_GIT = new Set([
-    'push --force', 'push -f', 'reset --hard',
-    'clean -f', 'clean -fd', 'clean -fx',
-    'checkout .', 'checkout --', 'restore .',
-    'branch -D', 'branch -d',
+    "push --force",
+    "push -f",
+    "reset --hard",
+    "clean -f",
+    "clean -fd",
+    "clean -fx",
+    "checkout .",
+    "checkout --",
+    "restore .",
+    "branch -D",
+    "branch -d",
 ]);
 // Commands that change system/file permissions or ownership
-const PERMISSION_COMMANDS = new Set([
-    'chmod', 'chown', 'chgrp', 'setfacl',
-]);
+const PERMISSION_COMMANDS = new Set(["chmod", "chown", "chgrp", "setfacl"]);
 // Commands that install or modify system packages
 const INSTALL_COMMANDS = new Set([
-    'apt', 'apt-get', 'yum', 'dnf', 'brew',
-    'pacman', 'snap', 'pip', 'npm', 'yarn', 'pnpm',
+    "apt",
+    "apt-get",
+    "yum",
+    "dnf",
+    "brew",
+    "pacman",
+    "snap",
+    "pip",
+    "npm",
+    "yarn",
+    "pnpm",
 ]);
 // Commands that send data externally
-const NETWORK_EXFIL = new Set([
-    'curl', 'wget', 'nc', 'ncat', 'socat', 'ssh', 'scp', 'rsync',
-]);
+const NETWORK_EXFIL = new Set(["curl", "wget", "nc", "ncat", "socat", "ssh", "scp", "rsync"]);
 /**
  * Analyze a bash command string for safety risks.
  * Does lightweight structural parsing — splits on pipes, semicolons,
@@ -45,29 +54,29 @@ export function analyzeBashCommand(command) {
         if (tokens.length === 0)
             continue;
         const cmd = tokens[0];
-        const args = tokens.slice(1).join(' ');
-        const fullCmd = `${cmd} ${args}`.trim();
+        const args = tokens.slice(1).join(" ");
+        const _fullCmd = `${cmd} ${args}`.trim();
         // 1. Destructive commands (also check xargs + destructive)
-        const effectiveCmd = cmd === 'xargs' && tokens[1] ? tokens[1] : cmd;
+        const effectiveCmd = cmd === "xargs" && tokens[1] ? tokens[1] : cmd;
         if (DESTRUCTIVE_COMMANDS.has(effectiveCmd)) {
             reasons.push(`destructive command: ${effectiveCmd}`);
             // rm -rf / is especially dangerous
-            const fullArgs = tokens.slice(1).join(' ');
-            if (effectiveCmd === 'rm' && /\s-[a-zA-Z]*r[a-zA-Z]*f|\s-[a-zA-Z]*f[a-zA-Z]*r/.test(` ${fullArgs}`)) {
-                reasons.push('recursive force delete (rm -rf)');
+            const fullArgs = tokens.slice(1).join(" ");
+            if (effectiveCmd === "rm" && /\s-[a-zA-Z]*r[a-zA-Z]*f|\s-[a-zA-Z]*f[a-zA-Z]*r/.test(` ${fullArgs}`)) {
+                reasons.push("recursive force delete (rm -rf)");
             }
         }
         // 2. Dangerous git operations
-        if (cmd === 'git') {
+        if (cmd === "git") {
             for (const pattern of DANGEROUS_GIT) {
-                if (args.includes(pattern.replace('git ', ''))) {
+                if (args.includes(pattern.replace("git ", ""))) {
                     reasons.push(`dangerous git operation: git ${pattern}`);
                 }
             }
             // git push to main/master
-            if (args.includes('push') && (/\bmain\b/.test(args) || /\bmaster\b/.test(args))) {
-                if (args.includes('--force') || args.includes('-f')) {
-                    reasons.push('force push to main/master');
+            if (args.includes("push") && (/\bmain\b/.test(args) || /\bmaster\b/.test(args))) {
+                if (args.includes("--force") || args.includes("-f")) {
+                    reasons.push("force push to main/master");
                 }
             }
         }
@@ -77,7 +86,8 @@ export function analyzeBashCommand(command) {
             const pipeIdx = subCommands.indexOf(sub);
             if (pipeIdx < subCommands.length - 1) {
                 const nextCmd = tokenize(subCommands[pipeIdx + 1])[0];
-                if (nextCmd && ['bash', 'sh', 'zsh', 'eval', 'source', '.', 'python', 'node', 'perl', 'ruby'].includes(nextCmd)) {
+                if (nextCmd &&
+                    ["bash", "sh", "zsh", "eval", "source", ".", "python", "node", "perl", "ruby"].includes(nextCmd)) {
                     reasons.push(`pipe to execution: ${cmd} | ${nextCmd}`);
                 }
             }
@@ -96,42 +106,42 @@ export function analyzeBashCommand(command) {
         // 5. Permission/ownership changes
         if (PERMISSION_COMMANDS.has(cmd)) {
             reasons.push(`permission change: ${cmd}`);
-            if (args.includes('777') || args.includes('+s') || args.includes('u+s')) {
-                reasons.push('dangerous permission mode');
+            if (args.includes("777") || args.includes("+s") || args.includes("u+s")) {
+                reasons.push("dangerous permission mode");
             }
         }
         // 6. Package installation (moderate risk)
-        if (INSTALL_COMMANDS.has(cmd) && (args.includes('install') || args.includes('add') || args.includes('-S'))) {
+        if (INSTALL_COMMANDS.has(cmd) && (args.includes("install") || args.includes("add") || args.includes("-S"))) {
             reasons.push(`package installation: ${cmd}`);
         }
         // 7. Environment variable manipulation that could affect security
-        if (cmd === 'export' && /PATH|LD_PRELOAD|LD_LIBRARY_PATH/.test(args)) {
-            reasons.push(`modifying security-sensitive env var: ${args.split('=')[0]}`);
+        if (cmd === "export" && /PATH|LD_PRELOAD|LD_LIBRARY_PATH/.test(args)) {
+            reasons.push(`modifying security-sensitive env var: ${args.split("=")[0]}`);
         }
         // 8. Process killing
-        if ((cmd === 'kill' || cmd === 'killall' || cmd === 'pkill') && args.includes('-9')) {
+        if ((cmd === "kill" || cmd === "killall" || cmd === "pkill") && args.includes("-9")) {
             reasons.push(`force kill: ${cmd} -9`);
         }
         // 9. Disk operations
-        if (cmd === 'dd' || cmd === 'mkfs' || cmd === 'fdisk' || cmd === 'parted') {
+        if (cmd === "dd" || cmd === "mkfs" || cmd === "fdisk" || cmd === "parted") {
             reasons.push(`disk operation: ${cmd}`);
         }
         // 10. Redirect overwrite to important files
         if (/>\s*\/etc\/|>\s*~\/\.\w/.test(sub)) {
-            reasons.push('redirect to system/dotfile');
+            reasons.push("redirect to system/dotfile");
         }
     }
     if (reasons.length === 0) {
-        return { level: 'safe', reasons: [] };
+        return { level: "safe", reasons: [] };
     }
     // Classify: any pipe-to-exec, destructive, or force-push is 'dangerous'; rest is 'moderate'
-    const isDangerous = reasons.some(r => r.includes('pipe to execution') ||
-        r.includes('recursive force delete') ||
-        r.includes('force push to main') ||
-        r.includes('disk operation') ||
-        r.includes('dangerous permission mode'));
+    const isDangerous = reasons.some((r) => r.includes("pipe to execution") ||
+        r.includes("recursive force delete") ||
+        r.includes("force push to main") ||
+        r.includes("disk operation") ||
+        r.includes("dangerous permission mode"));
     return {
-        level: isDangerous ? 'dangerous' : 'moderate',
+        level: isDangerous ? "dangerous" : "moderate",
         reasons,
     };
 }
@@ -141,7 +151,7 @@ export function analyzeBashCommand(command) {
  */
 function splitCommands(cmd) {
     const parts = [];
-    let current = '';
+    let current = "";
     let inSingle = false;
     let inDouble = false;
     let depth = 0; // $() nesting
@@ -162,12 +172,12 @@ function splitCommands(cmd) {
             current += ch;
             continue;
         }
-        if (ch === '$' && next === '(') {
+        if (ch === "$" && next === "(") {
             depth++;
             current += ch;
             continue;
         }
-        if (ch === ')' && depth > 0) {
+        if (ch === ")" && depth > 0) {
             depth--;
             current += ch;
             continue;
@@ -177,15 +187,15 @@ function splitCommands(cmd) {
             continue;
         }
         // Split on pipe, semicolon, &&, ||
-        if (ch === '|' && next !== '|') {
+        if (ch === "|" && next !== "|") {
             parts.push(current.trim());
-            current = '';
+            current = "";
             continue;
         }
-        if (ch === ';' || (ch === '&' && next === '&') || (ch === '|' && next === '|')) {
+        if (ch === ";" || (ch === "&" && next === "&") || (ch === "|" && next === "|")) {
             parts.push(current.trim());
-            current = '';
-            if (next === '&' || next === '|')
+            current = "";
+            if (next === "&" || next === "|")
                 i++; // skip second char of && or ||
             continue;
         }
@@ -200,7 +210,7 @@ function splitCommands(cmd) {
  */
 function tokenize(cmd) {
     const tokens = [];
-    let current = '';
+    let current = "";
     let inSingle = false;
     let inDouble = false;
     for (const ch of cmd) {
@@ -212,10 +222,10 @@ function tokenize(cmd) {
             inDouble = !inDouble;
             continue;
         }
-        if (ch === ' ' && !inSingle && !inDouble) {
+        if (ch === " " && !inSingle && !inDouble) {
             if (current)
                 tokens.push(current);
-            current = '';
+            current = "";
             continue;
         }
         current += ch;

package/dist/utils/diff-algorithm.d.ts

@@ -8,17 +8,17 @@
  * Returns an array of { type, line } entries.
  */
 export declare function computeDiff(oldText: string, newText: string): Array<{
-    type: 'add' | 'remove' | 'context';
+    type: "add" | "remove" | "context";
     line: string;
 }>;
 /**
  * Filter diff to show only changed lines with N lines of context.
  */
 export declare function filterWithContext(diff: Array<{
-    type: 'add' | 'remove' | 'context';
+    type: "add" | "remove" | "context";
     line: string;
 }>, contextLines?: number): Array<{
-    type: 'add' | 'remove' | 'context' | 'separator';
+    type: "add" | "remove" | "context" | "separator";
     line: string;
 }>;
 //# sourceMappingURL=diff-algorithm.d.ts.map

package/dist/utils/diff-algorithm.js

@@ -8,23 +8,23 @@
  * Returns an array of { type, line } entries.
  */
 export function computeDiff(oldText, newText) {
-    const oldLines = oldText.split('\n');
-    const newLines = newText.split('\n');
+    const oldLines = oldText.split("\n");
+    const newLines = newText.split("\n");
     const result = [];
     let oi = 0;
     let ni = 0;
     while (oi < oldLines.length || ni < newLines.length) {
         if (oi < oldLines.length && ni < newLines.length && oldLines[oi] === newLines[ni]) {
-            result.push({ type: 'context', line: oldLines[oi] });
+            result.push({ type: "context", line: oldLines[oi] });
             oi++;
             ni++;
         }
         else if (ni < newLines.length && (oi >= oldLines.length || !oldLines.slice(oi).includes(newLines[ni]))) {
-            result.push({ type: 'add', line: newLines[ni] });
+            result.push({ type: "add", line: newLines[ni] });
             ni++;
         }
         else {
-            result.push({ type: 'remove', line: oldLines[oi] });
+            result.push({ type: "remove", line: oldLines[oi] });
             oi++;
         }
     }
@@ -36,7 +36,7 @@ export function computeDiff(oldText, newText) {
 export function filterWithContext(diff, contextLines = 3) {
     const changed = new Set();
     diff.forEach((d, i) => {
-        if (d.type !== 'context') {
+        if (d.type !== "context") {
             for (let j = Math.max(0, i - contextLines); j <= Math.min(diff.length - 1, i + contextLines); j++) {
                 changed.add(j);
             }
@@ -47,7 +47,7 @@ export function filterWithContext(diff, contextLines = 3) {
     diff.forEach((d, i) => {
         if (changed.has(i)) {
             if (i > lastShown + 1 && lastShown >= 0) {
-                result.push({ type: 'separator', line: '...' });
+                result.push({ type: "separator", line: "..." });
             }
             result.push(d);
             lastShown = i;

package/dist/utils/fs.js

@@ -2,8 +2,8 @@
  * Shared filesystem utilities — directory walking and glob matching.
  * Used by GrepTool, GlobTool, and other file-scanning tools.
  */
-import * as fs from "fs/promises";
-import * as path from "path";
+import * as fs from "node:fs/promises";
+import * as path from "node:path";
 /**
  * Recursively walk a directory, returning all file paths.
  * Skips dotfiles, node_modules, and unreadable directories.
@@ -55,7 +55,7 @@ export function matchGlob(filePath, pattern) {
         .join("")
         .replace(/GLOBSTAR/g, ".*");
     try {
-        return new RegExp("(^|/)" + escaped + "$").test(normalized);
+        return new RegExp(`(^|/)${escaped}$`).test(normalized);
     }
     catch {
         return normalized.includes(pattern.replace(/\*/g, ""));

package/dist/utils/safe-env.js

@@ -28,7 +28,7 @@ export function safeEnv(extra) {
     for (const [key, value] of Object.entries(process.env)) {
         if (value === undefined)
             continue;
-        if (BLOCKED_PATTERNS.some(p => p.test(key)))
+        if (BLOCKED_PATTERNS.some((p) => p.test(key)))
             continue;
         env[key] = value;
     }

package/dist/utils/theme-data.d.ts

@@ -27,5 +27,5 @@ export declare const darkTheme: Theme;
 export declare const lightTheme: Theme;
 export declare function getTheme(): Theme;
 /** Set the active theme. Must be called before renderer modules initialize. */
-export declare function setActiveTheme(name: 'dark' | 'light'): void;
+export declare function setActiveTheme(name: "dark" | "light"): void;
 //# sourceMappingURL=theme-data.d.ts.map

package/dist/utils/theme-data.js

@@ -50,6 +50,6 @@ export function getTheme() {
 }
 /** Set the active theme. Must be called before renderer modules initialize. */
 export function setActiveTheme(name) {
-    activeTheme = name === 'light' ? lightTheme : darkTheme;
+    activeTheme = name === "light" ? lightTheme : darkTheme;
 }
 //# sourceMappingURL=theme-data.js.map

package/dist/utils/theme.d.ts

@@ -3,7 +3,7 @@
  * Re-exports theme data from theme-data.ts (no React dependency).
  */
 import React from "react";
-export { type Theme, darkTheme, lightTheme, getTheme, setActiveTheme } from "./theme-data.js";
+export { darkTheme, getTheme, lightTheme, setActiveTheme, type Theme } from "./theme-data.js";
 import type { Theme } from "./theme-data.js";
 export declare const ThemeProvider: React.Provider<Theme>;
 export declare function useTheme(): Theme;

package/dist/utils/theme.js

@@ -3,7 +3,7 @@
  * Re-exports theme data from theme-data.ts (no React dependency).
  */
 import React from "react";
-export { darkTheme, lightTheme, getTheme, setActiveTheme } from "./theme-data.js";
+export { darkTheme, getTheme, lightTheme, setActiveTheme } from "./theme-data.js";
 import { darkTheme } from "./theme-data.js";
 const ThemeContext = React.createContext(darkTheme);
 export const ThemeProvider = ThemeContext.Provider;

package/dist/utils/tool-summary.d.ts

@@ -11,7 +11,7 @@ export declare function summarizeToolArgs(toolName: string, argsJson: string): s
  * Extract a readable summary of tool arguments for display.
  * Simpler version for inline display (tool call rows).
  */
-export declare function formatToolArgs(toolName: string, args: Record<string, unknown>): string;
+export declare function formatToolArgs(_toolName: string, args: Record<string, unknown>): string;
 /**
  * Summarize tool result output for compact display.
  * Returns a short string like "42 lines" or "1.2 KB".

package/dist/utils/tool-summary.js

@@ -8,7 +8,7 @@
  */
 export function summarizeToolArgs(toolName, argsJson) {
     const lower = toolName.toLowerCase();
-    if (lower === 'bash' || lower === 'shell' || lower === 'execute') {
+    if (lower === "bash" || lower === "shell" || lower === "execute") {
         const cmdMatch = argsJson.match(/command[:\s]+["`]?(.+?)["`]?(?:\n|$)/i);
         if (cmdMatch)
             return `$ ${cmdMatch[1]}`;
@@ -17,13 +17,25 @@ export function summarizeToolArgs(toolName, argsJson) {
             if (args.command)
                 return `$ ${args.command.slice(0, 60)}`;
         }
-        catch { /* ignore */ }
+        catch {
+            /* ignore */
+        }
     }
-    if (lower.includes('read') || lower.includes('write') || lower.includes('edit') || lower.includes('glob') || lower.includes('grep')) {
+    if (lower.includes("read") ||
+        lower.includes("write") ||
+        lower.includes("edit") ||
+        lower.includes("glob") ||
+        lower.includes("grep")) {
         try {
             const args = JSON.parse(argsJson);
             if (args.file_path) {
-                const action = lower.includes('read') ? 'reading' : lower.includes('write') ? 'writing' : lower.includes('edit') ? 'editing' : lower;
+                const action = lower.includes("read")
+                    ? "reading"
+                    : lower.includes("write")
+                        ? "writing"
+                        : lower.includes("edit")
+                            ? "editing"
+                            : lower;
                 return `${action} ${args.file_path}`;
             }
             if (args.pattern)
@@ -32,7 +44,13 @@ export function summarizeToolArgs(toolName, argsJson) {
         catch {
             const pathMatch = argsJson.match(/(?:path|file)[:\s]+["`]?([^\s"`]+)/i);
             if (pathMatch) {
-                const action = lower.includes('read') ? 'reading' : lower.includes('write') ? 'writing' : lower.includes('edit') ? 'editing' : lower;
+                const action = lower.includes("read")
+                    ? "reading"
+                    : lower.includes("write")
+                        ? "writing"
+                        : lower.includes("edit")
+                            ? "editing"
+                            : lower;
                 return `${action} ${pathMatch[1]}`;
             }
         }
@@ -43,7 +61,7 @@ export function summarizeToolArgs(toolName, argsJson) {
  * Extract a readable summary of tool arguments for display.
  * Simpler version for inline display (tool call rows).
  */
-export function formatToolArgs(toolName, args) {
+export function formatToolArgs(_toolName, args) {
     if (args.file_path)
         return args.file_path;
     if (args.command)
@@ -56,7 +74,7 @@ export function formatToolArgs(toolName, args) {
         return args.url;
     // Compact JSON for other args
     const json = JSON.stringify(args);
-    return json.length > 60 ? json.slice(0, 57) + '...' : json;
+    return json.length > 60 ? `${json.slice(0, 57)}...` : json;
 }
 /**
  * Summarize tool result output for compact display.
@@ -64,8 +82,8 @@ export function formatToolArgs(toolName, args) {
  */
 export function summarizeToolOutput(output) {
     if (!output)
-        return '';
-    const lines = output.split('\n').length;
+        return "";
+    const lines = output.split("\n").length;
     if (lines === 1 && output.length < 60)
         return output.trim();
     return `${lines} lines`;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@zhijiewang/openharness",
-  "version": "2.1.0",
+  "version": "2.3.1",
   "description": "Open-source terminal coding agent. Works with any LLM.",
   "type": "module",
   "bin": {
@@ -23,15 +23,18 @@
   "scripts": {
     "dev": "tsx src/main.tsx",
     "build": "tsc",
-    "prepare": "tsc",
+    "prepare": "husky",
     "prepublishOnly": "npm run build",
     "test": "node scripts/test.mjs",
     "test:coverage": "node scripts/coverage.mjs",
     "typecheck": "tsc --noEmit",
+    "lint": "biome check src/",
+    "lint:fix": "biome check --write src/",
+    "format": "biome format --write src/",
     "start": "node dist/main.js"
   },
   "dependencies": {
-    "@types/marked": "^5.0.2",
+    "better-sqlite3": "^12.9.0",
     "chalk": "^5.4.1",
     "commander": "^13.0.0",
     "ink": "^5.2.0",
@@ -43,9 +46,13 @@
     "zod": "^3.24.0"
   },
   "devDependencies": {
+    "@biomejs/biome": "^2.4.11",
+    "@types/better-sqlite3": "^7.6.13",
+    "@types/marked": "^5.0.2",
     "@types/node": "^22.0.0",
     "@types/react": "^18.3.0",
     "c8": "^11.0.0",
+    "husky": "^9.1.7",
     "sharp": "^0.34.5",
     "tsx": "^4.19.0",
     "typescript": "^5.8.0"