@zzusp/ccsm 1.0.0

package/server/lib/search-session.ts

@@ -0,0 +1,203 @@
+import fs from 'node:fs';
+import readline from 'node:readline';
+import type { SearchBlockKind, SearchSnippet } from '../types.ts';
+
+export interface SearchSessionResult {
+  snippets: SearchSnippet[];
+  hasMore: boolean;
+}
+
+export interface SearchSessionOpts {
+  include: ReadonlySet<SearchBlockKind>;
+  perSession: number;
+  windowChars?: number;
+}
+
+const DEFAULT_WINDOW = 60;
+const ADJACENT_GAP = 120;
+
+export async function searchSessionFile(
+  filePath: string,
+  pattern: string,
+  opts: SearchSessionOpts,
+): Promise<SearchSessionResult> {
+  const windowChars = opts.windowChars ?? DEFAULT_WINDOW;
+  const snippets: SearchSnippet[] = [];
+  let hasMore = false;
+
+  const stream = fs.createReadStream(filePath, { encoding: 'utf8' });
+  const rl = readline.createInterface({ input: stream, crlfDelay: Infinity });
+
+  try {
+    for await (const raw of rl) {
+      if (snippets.length >= opts.perSession) {
+        hasMore = true;
+        break;
+      }
+      const line = raw.trim();
+      if (!line) continue;
+
+      let obj: Record<string, unknown>;
+      try {
+        obj = JSON.parse(line) as Record<string, unknown>;
+      } catch {
+        continue;
+      }
+
+      if (obj.type !== 'user' && obj.type !== 'assistant') continue;
+      const role = obj.type;
+      const uuid = typeof obj.uuid === 'string' ? obj.uuid : '';
+      if (!uuid) continue;
+      const ts = typeof obj.timestamp === 'string' ? obj.timestamp : null;
+      const message = (obj.message ?? {}) as { content?: unknown };
+
+      const blocks = extractSearchableBlocks(message.content, opts.include);
+      for (const block of blocks) {
+        if (snippets.length >= opts.perSession) {
+          hasMore = true;
+          break;
+        }
+        const matches = findMatches(block.text, pattern);
+        for (const match of matches) {
+          if (snippets.length >= opts.perSession) {
+            hasMore = true;
+            break;
+          }
+          snippets.push({
+            uuid,
+            ts,
+            role,
+            blockKind: block.kind,
+            ...sliceWindow(block.text, match.start, match.end, windowChars),
+          });
+        }
+      }
+    }
+  } finally {
+    rl.close();
+    stream.destroy();
+  }
+
+  return { snippets, hasMore };
+}
+
+interface SearchableBlock {
+  kind: SearchBlockKind;
+  text: string;
+}
+
+function extractSearchableBlocks(
+  content: unknown,
+  include: ReadonlySet<SearchBlockKind>,
+): SearchableBlock[] {
+  if (typeof content === 'string') {
+    return include.has('text') && content ? [{ kind: 'text', text: content }] : [];
+  }
+  if (!Array.isArray(content)) return [];
+
+  const out: SearchableBlock[] = [];
+  for (const raw of content) {
+    if (!raw || typeof raw !== 'object') continue;
+    const b = raw as Record<string, unknown>;
+    switch (b.type) {
+      case 'text':
+        if (include.has('text') && typeof b.text === 'string' && b.text) {
+          out.push({ kind: 'text', text: b.text });
+        }
+        break;
+      case 'tool_use':
+        if (include.has('tool_use')) {
+          const name = typeof b.name === 'string' ? b.name : '';
+          let inputStr = '';
+          try {
+            inputStr = b.input == null ? '' : JSON.stringify(b.input);
+          } catch {
+            inputStr = '';
+          }
+          const text = inputStr ? `${name} ${inputStr}` : name;
+          if (text) out.push({ kind: 'tool_use', text });
+        }
+        break;
+      case 'tool_result':
+        if (include.has('tool_result')) {
+          const text = stringifyToolResult(b.content);
+          if (text) out.push({ kind: 'tool_result', text });
+        }
+        break;
+      case 'thinking':
+        if (include.has('thinking') && typeof b.thinking === 'string' && b.thinking) {
+          out.push({ kind: 'thinking', text: b.thinking });
+        }
+        break;
+    }
+  }
+  return out;
+}
+
+function stringifyToolResult(content: unknown): string {
+  if (typeof content === 'string') return content;
+  if (Array.isArray(content)) {
+    return content
+      .map((b) => {
+        if (b && typeof b === 'object' && (b as { type?: unknown }).type === 'text') {
+          const t = (b as { text?: unknown }).text;
+          return typeof t === 'string' ? t : '';
+        }
+        return '';
+      })
+      .filter(Boolean)
+      .join('\n');
+  }
+  return '';
+}
+
+interface MatchPos {
+  start: number;
+  end: number;
+}
+
+function findMatches(text: string, pattern: string): MatchPos[] {
+  const out: MatchPos[] = [];
+  if (!pattern) return out;
+  const lower = text.toLowerCase();
+  const needle = pattern.toLowerCase();
+  let from = 0;
+  let lastEnd = -ADJACENT_GAP - 1;
+  while (from <= lower.length) {
+    const idx = lower.indexOf(needle, from);
+    if (idx === -1) break;
+    const end = idx + needle.length;
+    if (idx - lastEnd >= ADJACENT_GAP) {
+      out.push({ start: idx, end });
+      lastEnd = end;
+    }
+    from = end > from ? end : from + 1;
+  }
+  return out;
+}
+
+function sliceWindow(
+  text: string,
+  start: number,
+  end: number,
+  windowChars: number,
+): { before: string; match: string; after: string } {
+  let beforeStart = Math.max(0, start - windowChars);
+  let afterEnd = Math.min(text.length, end + windowChars);
+
+  if (beforeStart > 0) {
+    const ws = text.lastIndexOf(' ', beforeStart);
+    if (ws !== -1 && start - ws < windowChars * 2) beforeStart = ws + 1;
+  }
+  if (afterEnd < text.length) {
+    const ws = text.indexOf(' ', afterEnd);
+    if (ws !== -1 && ws - end < windowChars * 2) afterEnd = ws;
+  }
+
+  let before = text.slice(beforeStart, start).replace(/\s+/g, ' ');
+  let after = text.slice(end, afterEnd).replace(/\s+/g, ' ');
+  if (beforeStart > 0) before = '… ' + before;
+  if (afterEnd < text.length) after = after + ' …';
+
+  return { before, match: text.slice(start, end), after };
+}

package/server/lib/system-tags.ts

@@ -0,0 +1,20 @@
+// Matches text that is purely system-injected wrapper content — local command
+// stdout/stderr replays, runtime system-reminder blocks, and caveat banners.
+// Slash-command invocations (`<command-name>` / `<command-message>` /
+// `<command-args>`) are user-driven and excluded — their `<command-args>` body
+// carries the user's actual prompt.
+export const SYSTEM_TAG_RE = /^\s*<(local-command|system-reminder|caveat)/i;
+
+// Slash-command records carry the user's actual prompt (if any) inside
+// <command-args>BODY</command-args>. Returns the trimmed args body when
+// meaningful; returns '' when the record is just a metadata invocation
+// (/clear, /model, /login with empty args, or legacy shapes that lack a
+// <command-args> tag entirely) so callers can skip the message. Returns the
+// input unchanged for non-slash-command text. `claude resume` applies the
+// same skip when picking its picker labels — without it, titles for older
+// sessions fall on raw XML wrapper text.
+export function pickTitleText(text: string): string {
+  if (!/^\s*<command-(?:name|message|args)>/.test(text)) return text;
+  const m = text.match(/<command-args>([\s\S]*?)<\/command-args>/);
+  return (m?.[1] ?? '').trim();
+}

package/server/routes/disk.ts

@@ -0,0 +1,9 @@
+import { Hono } from 'hono';
+import { computeDiskUsage } from '../lib/disk-usage.ts';
+
+export const diskRoute = new Hono();
+
+diskRoute.get('/', async (c) => {
+  const usage = await computeDiskUsage();
+  return c.json(usage);
+});

package/server/routes/import.ts

@@ -0,0 +1,87 @@
+import { Hono } from 'hono';
+import { commitImport, ImportError, previewImport } from '../lib/import-bundle.ts';
+import type { ImportCollisionPolicy } from '../types.ts';
+
+export const importRoute = new Hono();
+
+const POLICIES: ReadonlySet<ImportCollisionPolicy> = new Set([
+  'skip',
+  'overwrite-if-newer',
+  'keep-both',
+]);
+
+importRoute.post('/preview', async (c) => {
+  if (!isAcceptableOrigin(c.req.header('origin'))) {
+    return c.json({ error: 'origin not allowed' }, 403);
+  }
+  let body: { bundleDir?: unknown; targetCwd?: unknown; collisionPolicy?: unknown };
+  try {
+    body = await c.req.json();
+  } catch {
+    return c.json({ error: 'invalid JSON body' }, 400);
+  }
+  if (typeof body.bundleDir !== 'string' || body.bundleDir.trim() === '') {
+    return c.json({ error: 'bundleDir is required' }, 400);
+  }
+  const targetCwd =
+    typeof body.targetCwd === 'string' && body.targetCwd.trim() !== '' ? body.targetCwd : undefined;
+
+  try {
+    const result = await previewImport({
+      bundleDir: body.bundleDir,
+      targetCwd,
+      collisionPolicy: normalizePolicy(body.collisionPolicy),
+    });
+    return c.json(result);
+  } catch (err) {
+    if (err instanceof ImportError) return c.json({ error: err.message }, 400);
+    throw err;
+  }
+});
+
+importRoute.post('/', async (c) => {
+  if (!isAcceptableOrigin(c.req.header('origin'))) {
+    return c.json({ error: 'origin not allowed' }, 403);
+  }
+  let body: { bundleDir?: unknown; targetCwd?: unknown; collisionPolicy?: unknown };
+  try {
+    body = await c.req.json();
+  } catch {
+    return c.json({ error: 'invalid JSON body' }, 400);
+  }
+  if (typeof body.bundleDir !== 'string' || body.bundleDir.trim() === '') {
+    return c.json({ error: 'bundleDir is required' }, 400);
+  }
+  if (typeof body.targetCwd !== 'string' || body.targetCwd.trim() === '') {
+    return c.json({ error: 'targetCwd is required' }, 400);
+  }
+
+  try {
+    const result = await commitImport({
+      bundleDir: body.bundleDir,
+      targetCwd: body.targetCwd,
+      collisionPolicy: normalizePolicy(body.collisionPolicy),
+    });
+    return c.json(result);
+  } catch (err) {
+    if (err instanceof ImportError) return c.json({ error: err.message }, 400);
+    throw err;
+  }
+});
+
+function normalizePolicy(raw: unknown): ImportCollisionPolicy {
+  return typeof raw === 'string' && POLICIES.has(raw as ImportCollisionPolicy)
+    ? (raw as ImportCollisionPolicy)
+    : 'skip';
+}
+
+function isAcceptableOrigin(origin: string | undefined): boolean {
+  if (!origin) return false;
+  try {
+    const url = new URL(origin);
+    if (url.protocol !== 'http:' && url.protocol !== 'https:') return false;
+    return url.hostname === 'localhost' || url.hostname === '127.0.0.1';
+  } catch {
+    return false;
+  }
+}

package/server/routes/projects.ts

@@ -0,0 +1,104 @@
+import { Hono } from 'hono';
+import { deleteProject } from '../lib/delete-project.ts';
+import { ExportError, exportBundle } from '../lib/export-bundle.ts';
+import { loadProjectMemory } from '../lib/load-memory.ts';
+import { openFolder } from '../lib/open-folder.ts';
+import { isSafeId } from '../lib/safe-id.ts';
+import { listProjects, listSessionsForProject, resolveProjectCwd } from '../lib/scan.ts';
+
+export const projectsRoute = new Hono();
+
+projectsRoute.get('/', async (c) => {
+  const projects = await listProjects();
+  return c.json(projects);
+});
+
+projectsRoute.get('/:id/sessions', async (c) => {
+  const id = c.req.param('id');
+  if (!isSafeId(id)) return c.json({ error: 'invalid project id' }, 400);
+  const sessions = await listSessionsForProject(id);
+  return c.json(sessions);
+});
+
+projectsRoute.get('/:id/memory', async (c) => {
+  const id = c.req.param('id');
+  if (!isSafeId(id)) return c.json({ error: 'invalid project id' }, 400);
+  const memory = await loadProjectMemory(id);
+  return c.json(memory);
+});
+
+projectsRoute.post('/:id/reveal', async (c) => {
+  if (!isAcceptableOrigin(c.req.header('origin'))) {
+    return c.json({ error: 'origin not allowed' }, 403);
+  }
+  const id = c.req.param('id');
+  if (!isSafeId(id)) return c.json({ error: 'invalid project id' }, 400);
+
+  const cwd = await resolveProjectCwd(id);
+  if (!cwd) return c.json({ error: 'project not found' }, 404);
+  if (!cwd.resolved) return c.json({ error: 'directory missing on disk' }, 404);
+
+  const result = openFolder(cwd.decoded);
+  if (!result.ok) return c.json({ error: result.error ?? 'failed to open folder' }, 500);
+
+  return c.json({ ok: true, path: cwd.decoded });
+});
+
+projectsRoute.post('/:id/export', async (c) => {
+  if (!isAcceptableOrigin(c.req.header('origin'))) {
+    return c.json({ error: 'origin not allowed' }, 403);
+  }
+  const id = c.req.param('id');
+  if (!isSafeId(id)) return c.json({ error: 'invalid project id' }, 400);
+
+  let body: { sessionIds?: unknown; destDir?: unknown };
+  try {
+    body = await c.req.json();
+  } catch {
+    return c.json({ error: 'invalid JSON body' }, 400);
+  }
+  if (typeof body.destDir !== 'string' || body.destDir.trim() === '') {
+    return c.json({ error: 'destDir is required' }, 400);
+  }
+
+  let sessionIds: string[] | 'all';
+  if (body.sessionIds === undefined || body.sessionIds === 'all') {
+    sessionIds = 'all';
+  } else if (
+    Array.isArray(body.sessionIds) &&
+    body.sessionIds.every((s) => typeof s === 'string')
+  ) {
+    sessionIds = body.sessionIds as string[];
+  } else {
+    return c.json({ error: 'sessionIds must be an array of strings or "all"' }, 400);
+  }
+
+  try {
+    const result = await exportBundle(id, sessionIds, body.destDir);
+    return c.json(result);
+  } catch (err) {
+    if (err instanceof ExportError) return c.json({ error: err.message }, 400);
+    throw err;
+  }
+});
+
+projectsRoute.delete('/:id', async (c) => {
+  if (!isAcceptableOrigin(c.req.header('origin'))) {
+    return c.json({ error: 'origin not allowed' }, 403);
+  }
+  const id = c.req.param('id');
+  if (!isSafeId(id)) return c.json({ error: 'invalid project id' }, 400);
+  const result = await deleteProject(id);
+  return c.json(result);
+});
+
+function isAcceptableOrigin(origin: string | undefined): boolean {
+  if (!origin) return false;
+  try {
+    const url = new URL(origin);
+    if (url.protocol !== 'http:' && url.protocol !== 'https:') return false;
+    return url.hostname === 'localhost' || url.hostname === '127.0.0.1';
+  } catch {
+    return false;
+  }
+}

package/server/routes/search.ts

@@ -0,0 +1,79 @@
+import { Hono } from 'hono';
+import { stream } from 'hono/streaming';
+import { searchAll, type SearchAllOpts } from '../lib/search-all.ts';
+import type { SearchBlockKind } from '../types.ts';
+
+export const searchRoute = new Hono();
+
+const ALL_KINDS: ReadonlyArray<SearchBlockKind> = [
+  'text',
+  'tool_use',
+  'tool_result',
+  'thinking',
+];
+const DEFAULT_INCLUDE: ReadonlySet<SearchBlockKind> = new Set([
+  'text',
+  'tool_use',
+  'thinking',
+]);
+
+const Q_MIN = 2;
+const Q_MAX = 200;
+const PER_SESSION_MIN = 1;
+const PER_SESSION_MAX = 20;
+const PER_SESSION_DEFAULT = 5;
+const MAX_SESSIONS_MIN = 1;
+const MAX_SESSIONS_MAX = 200;
+const MAX_SESSIONS_DEFAULT = 50;
+
+searchRoute.get('/', async (c) => {
+  const q = c.req.query('q') ?? '';
+  if (q.length < Q_MIN) {
+    return c.json({ error: `q must be at least ${Q_MIN} characters` }, 400);
+  }
+  if (q.length > Q_MAX) {
+    return c.json({ error: `q exceeds max length ${Q_MAX}` }, 400);
+  }
+
+  const perSession = clampInt(c.req.query('perSession'), PER_SESSION_MIN, PER_SESSION_MAX, PER_SESSION_DEFAULT);
+  const maxSessions = clampInt(c.req.query('maxSessions'), MAX_SESSIONS_MIN, MAX_SESSIONS_MAX, MAX_SESSIONS_DEFAULT);
+  const include = parseInclude(c.req.query('include'));
+
+  const opts: SearchAllOpts = { query: q, include, perSession, maxSessions };
+
+  c.header('Content-Type', 'application/x-ndjson; charset=utf-8');
+  c.header('Cache-Control', 'no-store');
+  c.header('X-Accel-Buffering', 'no');
+
+  return stream(c, async (s) => {
+    let aborted = false;
+    s.onAbort(() => {
+      aborted = true;
+    });
+    for await (const event of searchAll(opts)) {
+      if (aborted) return;
+      await s.write(JSON.stringify(event) + '\n');
+    }
+  });
+});
+
+function clampInt(raw: string | undefined, min: number, max: number, fallback: number): number {
+  if (raw === undefined) return fallback;
+  const n = Number(raw);
+  if (!Number.isFinite(n) || !Number.isInteger(n)) return fallback;
+  if (n < min) return min;
+  if (n > max) return max;
+  return n;
+}
+
+function parseInclude(raw: string | undefined): ReadonlySet<SearchBlockKind> {
+  if (!raw) return DEFAULT_INCLUDE;
+  const parts = raw.split(',').map((s) => s.trim()).filter(Boolean);
+  const set = new Set<SearchBlockKind>();
+  for (const p of parts) {
+    if ((ALL_KINDS as readonly string[]).includes(p)) {
+      set.add(p as SearchBlockKind);
+    }
+  }
+  return set.size > 0 ? set : DEFAULT_INCLUDE;
+}

package/server/routes/sessions.ts

@@ -0,0 +1,81 @@
+import { Hono } from 'hono';
+import { deleteSessions, type DeleteRequestItem } from '../lib/delete.ts';
+import { loadSessionDetail } from '../lib/load-session.ts';
+import { renameSession } from '../lib/rename-session.ts';
+import { isSafeId } from '../lib/safe-id.ts';
+
+export const sessionsRoute = new Hono();
+
+sessionsRoute.get('/:projectId/:sessionId', async (c) => {
+  const projectId = c.req.param('projectId');
+  const sessionId = c.req.param('sessionId');
+  if (!isSafeId(projectId) || !isSafeId(sessionId)) {
+    return c.json({ error: 'invalid id' }, 400);
+  }
+  const detail = await loadSessionDetail(projectId, sessionId);
+  if (!detail) return c.json({ error: 'not found' }, 404);
+  return c.json(detail);
+});
+
+sessionsRoute.patch('/:projectId/:sessionId', async (c) => {
+  if (!isAcceptableOrigin(c.req.header('origin'))) {
+    return c.json({ error: 'origin not allowed' }, 403);
+  }
+  const projectId = c.req.param('projectId');
+  const sessionId = c.req.param('sessionId');
+  let body: { customTitle?: unknown };
+  try {
+    body = (await c.req.json()) as { customTitle?: unknown };
+  } catch {
+    return c.json({ error: 'invalid json body' }, 400);
+  }
+  if (typeof body.customTitle !== 'string') {
+    return c.json({ error: 'customTitle (string) required' }, 400);
+  }
+  const result = renameSession(projectId, sessionId, body.customTitle);
+  if (!result.ok) {
+    const status = result.reason.startsWith('live PID') ? 409 : 400;
+    return c.json({ error: result.reason }, status);
+  }
+  return c.json({ customTitle: result.customTitle });
+});
+
+sessionsRoute.delete('/', async (c) => {
+  if (!isAcceptableOrigin(c.req.header('origin'))) {
+    return c.json({ error: 'origin not allowed' }, 403);
+  }
+  let body: { items?: unknown };
+  try {
+    body = (await c.req.json()) as { items?: unknown };
+  } catch {
+    return c.json({ error: 'invalid json body' }, 400);
+  }
+  if (!Array.isArray(body.items) || body.items.length === 0) {
+    return c.json({ error: 'items[] required' }, 400);
+  }
+  const items: DeleteRequestItem[] = [];
+  for (const raw of body.items) {
+    if (
+      !raw ||
+      typeof raw !== 'object' ||
+      typeof (raw as { projectId?: unknown }).projectId !== 'string' ||
+      typeof (raw as { sessionId?: unknown }).sessionId !== 'string'
+    ) {
+      return c.json({ error: 'each item needs projectId and sessionId strings' }, 400);
+    }
+    items.push(raw as DeleteRequestItem);
+  }
+  const result = await deleteSessions(items);
+  return c.json(result);
+});
+
+function isAcceptableOrigin(origin: string | undefined): boolean {
+  if (!origin) return false;
+  try {
+    const url = new URL(origin);
+    if (url.protocol !== 'http:' && url.protocol !== 'https:') return false;
+    return url.hostname === 'localhost' || url.hostname === '127.0.0.1';
+  } catch {
+    return false;
+  }
+}

package/server/types.ts

@@ -0,0 +1 @@
+export * from '../shared/types.ts';

package/shared/constants.ts

@@ -0,0 +1,2 @@
+export const RECENT_ACTIVITY_WINDOW_MIN = 5;
+export const MAX_SESSION_MESSAGES = 5000;