@zhijiewang/openharness 2.30.0 → 2.31.0

package/dist/utils/image-downscale.js

@@ -0,0 +1,89 @@
+/**
+ * Image auto-downscale — bound the longest dimension to a fixed maximum
+ * before encoding the image as base64 for the model.
+ *
+ * Why: most providers reject or downsample images above ~1568-2048px on
+ * the longest side. Shipping a 4000px screenshot wastes input tokens, can
+ * exceed the request size limit, and historically broke the session
+ * outright when an oversized image landed in the conversation history.
+ *
+ * The function is a no-op for images already within bounds, for formats
+ * sharp doesn't process (PDF, SVG), and when sharp itself isn't installed
+ * (it's an `optionalDependency` so unsupported platforms still install).
+ * Any sharp error returns the original buffer unchanged — we never break a
+ * tool call over a downscale failure.
+ */
+const DEFAULT_MAX_DIMENSION = 2000;
+const SHARP_SUPPORTED_TYPES = new Set([
+    "image/png",
+    "image/jpeg",
+    "image/jpg",
+    "image/gif",
+    "image/webp",
+    "image/avif",
+    "image/tiff",
+]);
+let _sharpModule;
+/** Lazy-load sharp; cache the result so we don't pay the import cost per image. */
+async function getSharp() {
+    if (_sharpModule !== undefined)
+        return _sharpModule;
+    try {
+        const mod = (await import("sharp"));
+        _sharpModule = (mod.default ?? mod);
+        return _sharpModule;
+    }
+    catch {
+        _sharpModule = null;
+        return null;
+    }
+}
+/** @internal Test-only reset of the lazy sharp cache. */
+export function _resetSharpCacheForTest() {
+    _sharpModule = undefined;
+}
+/**
+ * Downscale `buffer` so its longest dimension is ≤ `maxDimension` (default 2000).
+ * Aspect ratio preserved. Format preserved (PNG stays PNG, JPEG stays JPEG, etc.).
+ *
+ * Pure pass-through for: PDF, SVG, BMP (sharp doesn't handle reliably),
+ * already-small images, missing sharp, and any sharp error.
+ */
+export async function downscaleIfLarge(buffer, mediaType, maxDimension = DEFAULT_MAX_DIMENSION) {
+    if (!SHARP_SUPPORTED_TYPES.has(mediaType)) {
+        return { buffer, downscaled: false, reason: "unsupported-format" };
+    }
+    const sharp = await getSharp();
+    if (!sharp) {
+        return { buffer, downscaled: false, reason: "sharp-unavailable" };
+    }
+    try {
+        const pipeline = sharp(buffer);
+        const meta = await pipeline.metadata();
+        const w = meta.width ?? 0;
+        const h = meta.height ?? 0;
+        if (w === 0 || h === 0) {
+            // Animated GIFs can report 0 here; pass through rather than mangle.
+            return { buffer, downscaled: false, reason: "unsupported-format" };
+        }
+        if (Math.max(w, h) <= maxDimension) {
+            return { buffer, downscaled: false, reason: "within-bounds" };
+        }
+        // `fit: "inside"` + `withoutEnlargement: true` resizes proportionally
+        // so the longest side equals maxDimension, with no upscaling.
+        const out = await pipeline
+            .resize({
+            width: maxDimension,
+            height: maxDimension,
+            fit: "inside",
+            withoutEnlargement: true,
+        })
+            .toBuffer();
+        return { buffer: out, downscaled: true };
+    }
+    catch {
+        // Corrupt image, unsupported subformat, etc. — never fail the tool over this.
+        return { buffer, downscaled: false, reason: "sharp-error" };
+    }
+}
+//# sourceMappingURL=image-downscale.js.map

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@zhijiewang/openharness",
-  "version": "2.30.0",
+  "version": "2.31.0",
   "description": "Open-source terminal coding agent. Works with any LLM.",
   "type": "module",
   "bin": {
@@ -63,7 +63,6 @@
     "@types/react": "^18.3.0",
     "c8": "^11.0.0",
     "husky": "^9.1.7",
-    "sharp": "^0.34.5",
     "tsx": "^4.19.0",
     "typescript": "^5.8.0"
   },
@@ -92,6 +91,7 @@
   },
   "homepage": "https://github.com/zhijiewong/openharness#readme",
   "optionalDependencies": {
-    "@napi-rs/keyring": "^1.2.0"
+    "@napi-rs/keyring": "^1.2.0",
+    "sharp": "^0.34.5"
   }
 }

package/dist/harness/sandbox.d.ts

@@ -1,34 +0,0 @@
-/**
- * Sandbox — filesystem and network restrictions for tool execution.
- *
- * Limits what tools can access:
- * - File tools: only write to allowed paths
- * - Web tools: only access allowed domains
- * - Bash: restricted commands (no curl/wget by default)
- *
- * Reduces permission prompts while maintaining security.
- */
-export type SandboxConfig = {
-    enabled: boolean;
-    /** Paths tools can write to (glob-style, relative to cwd) */
-    allowedPaths: string[];
-    /** Domains WebFetch/WebSearch can access */
-    allowedDomains: string[];
-    /** Block all network access */
-    blockNetwork: boolean;
-    /** Commands blocked in Bash (default: curl, wget) */
-    blockedCommands: string[];
-};
-/** Get the current sandbox config */
-export declare function getSandboxConfig(): SandboxConfig;
-/** Reset cached config */
-export declare function invalidateSandboxCache(): void;
-/** Check if a file path is allowed for writing */
-export declare function isPathAllowed(filePath: string): boolean;
-/** Check if a domain is allowed for network access */
-export declare function isDomainAllowed(url: string): boolean;
-/** Check if a bash command is allowed */
-export declare function isCommandAllowed(command: string): boolean;
-/** Get a human-readable sandbox status */
-export declare function sandboxStatus(): string;
-//# sourceMappingURL=sandbox.d.ts.map

package/dist/harness/sandbox.js

@@ -1,104 +0,0 @@
-/**
- * Sandbox — filesystem and network restrictions for tool execution.
- *
- * Limits what tools can access:
- * - File tools: only write to allowed paths
- * - Web tools: only access allowed domains
- * - Bash: restricted commands (no curl/wget by default)
- *
- * Reduces permission prompts while maintaining security.
- */
-import { relative, resolve } from "node:path";
-import { readOhConfig } from "./config.js";
-const DEFAULT_SANDBOX = {
-    enabled: false,
-    allowedPaths: ["."], // current directory
-    allowedDomains: [], // empty = all allowed
-    blockNetwork: false,
-    blockedCommands: ["curl", "wget"],
-};
-// ── Sandbox Manager ──
-let _config = null;
-/** Get the current sandbox config */
-export function getSandboxConfig() {
-    if (_config)
-        return _config;
-    const ohConfig = readOhConfig();
-    if (ohConfig?.sandbox) {
-        _config = {
-            ...DEFAULT_SANDBOX,
-            ...ohConfig.sandbox,
-        };
-    }
-    else {
-        _config = DEFAULT_SANDBOX;
-    }
-    return _config;
-}
-/** Reset cached config */
-export function invalidateSandboxCache() {
-    _config = null;
-}
-/** Check if a file path is allowed for writing */
-export function isPathAllowed(filePath) {
-    const config = getSandboxConfig();
-    if (!config.enabled)
-        return true;
-    const resolved = resolve(filePath);
-    const cwd = process.cwd();
-    for (const allowed of config.allowedPaths) {
-        const allowedResolved = resolve(cwd, allowed);
-        // Check if the file is within the allowed directory
-        const rel = relative(allowedResolved, resolved);
-        if (!rel.startsWith("..") && !rel.startsWith("/"))
-            return true;
-    }
-    return false;
-}
-/** Check if a domain is allowed for network access */
-export function isDomainAllowed(url) {
-    const config = getSandboxConfig();
-    if (!config.enabled)
-        return true;
-    if (config.blockNetwork)
-        return false;
-    if (config.allowedDomains.length === 0)
-        return true;
-    try {
-        const hostname = new URL(url).hostname.toLowerCase();
-        return config.allowedDomains.some((d) => hostname === d.toLowerCase() || hostname.endsWith(`.${d.toLowerCase()}`));
-    }
-    catch {
-        return false;
-    }
-}
-/** Check if a bash command is allowed */
-export function isCommandAllowed(command) {
-    const config = getSandboxConfig();
-    if (!config.enabled)
-        return true;
-    const firstWord = command.trim().split(/\s+/)[0]?.toLowerCase() ?? "";
-    return !config.blockedCommands.includes(firstWord);
-}
-/** Get a human-readable sandbox status */
-export function sandboxStatus() {
-    const config = getSandboxConfig();
-    if (!config.enabled)
-        return "Sandbox: disabled";
-    const lines = ["Sandbox: enabled"];
-    lines.push(`  Allowed paths: ${config.allowedPaths.join(", ") || "none"}`);
-    if (config.blockNetwork) {
-        lines.push("  Network: blocked");
-    }
-    else if (config.allowedDomains.length > 0) {
-        lines.push(`  Allowed domains: ${config.allowedDomains.join(", ")}`);
-    }
-    else {
-        lines.push("  Network: unrestricted");
-    }
-    if (config.blockedCommands.length > 0) {
-        lines.push(`  Blocked commands: ${config.blockedCommands.join(", ")}`);
-    }
-    return lines.join("\n");
-}
-//# sourceMappingURL=sandbox.js.map