npm - cc-viewer - Versions diffs - 1.6.293 → 1.6.295 - Mend

cc-viewer 1.6.293 → 1.6.295

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (110) hide show

package/server/lib/im-bridge-core.js CHANGED Viewed

@@ -23,13 +23,16 @@ import { existsSync, readFileSync, appendFileSync } from 'node:fs';
 import { join } from 'node:path';
 import { LOG_DIR } from '../../findcc.js';
 import { t } from '../i18n.js';
+import { upsertSender } from './im-senders.js';
 // ─── tunables (shared across platforms; per-platform rate caps come from adapter.rateLimit) ───
 const SEEN_MAX = 500;
 const RATE_WINDOW_MS = 60_000;
 const MAX_CHUNKS_PER_TURN = 5;
 const MAX_QUEUE = 50;                    // cap inbound backlog so an authorized sender can't grow it unbounded
-const PENDING_TIMEOUT_MS = 10 * 60_000;  // release a stuck injection so the queue can't wedge forever
+const PENDING_TIMEOUT_MS = process.env.CCV_IM_PLATFORM ? 2 * 60_000 : 10 * 60_000;
+const IDLE_POLL_INTERVAL_MS = 5_000;     // check every 5s if streaming stopped
+const IDLE_POLL_THRESHOLD = 3;           // 3 consecutive idle ticks (15s) → synthetic turn_end
 const CONNECT_TIMEOUT_MS = 15_000;       // bound adapter.connect() so a hung start can't block others
 const STOP_WORDS = new Set(['/stop', 'stop', '停止', 'esc', '/esc']);
@@ -37,6 +40,8 @@ const STOP_WORDS = new Set(['/stop', 'stop', '停止', 'esc', '/esc']);
 const instances = new Map();             // platformId → instance
 let activeInjection = null;              // { platformId, since, target } — the one in-flight turn
 let activeInjectionTimer = null;         // self-heal timer if a turn_end never arrives
+let idlePollTimer = null;               // secondary idle detection (IM worker only)
+let idlePollCount = 0;                  // consecutive ticks where isStreaming() is false
 let fetchImpl = null;                    // shared test seam
 // ─── test seams ───
@@ -58,6 +63,7 @@ function newInstance(adapter) {
     queue: [],
     sendTimes: [],
     store: {},                           // adapter scratch (token cache, send client)
+    ackCardPromise: null,                 // Promise<handle|null> for the in-flight ack card
   };
 }
@@ -93,26 +99,112 @@ function ctxFor(inst) {
   return { fetch: coreFetch, store: inst.store };
 }
+// 发送者身份解析的缓存有效期：同一 senderId 在此窗口内只解析一次（避免每条消息打 contact API）。
+const SENDER_RESOLVE_TTL_MS = 7 * 24 * 60 * 60 * 1000;
+// 负缓存有效期：解析「没拿到任何身份」（外部用户 / 无 scope / API 失败）也要短期记一笔，否则像飞书这种
+// 无免费字段、靠 contact API 的平台会对每条消息重复打 API（触发租户限流）。10min 后再重试，兼顾「拿到瞬时失败可恢复」。
+const SENDER_NEG_TTL_MS = 10 * 60 * 1000;
+/**
+ * 后台解析发送者 {name, avatar} 并持久化到 IM_<id>/im-senders.json（供 /senders 路由 + 对话记录展示）。
+ * 优先用 normalizeInbound 免费带出的 senderName/senderAvatar；缺失再调可选的 adapter.resolveSender
+ * （需打 contact API 的平台）。整段静默：任何失败都不得影响消息注入。**调用方必须 void（不 await）。**
+ */
+async function resolveAndPersistSender(inst, senderId, normalized) {
+  if (!senderId) return;
+  const store = inst.store || (inst.store = {});
+  const cache = store.senderCache || (store.senderCache = {});
+  const now = Date.now();
+  // 缓存项形如 { ts, ok }：解析成功用 7d TTL，负缓存（没拿到）用 10min TTL。
+  const c = cache[senderId];
+  if (c && (now - c.ts) < (c.ok ? SENDER_RESOLVE_TTL_MS : SENDER_NEG_TTL_MS)) return;
+  try {
+    let name = normalized.senderName != null ? String(normalized.senderName) : null;
+    let avatar = normalized.senderAvatar != null ? String(normalized.senderAvatar) : null;
+    // 免费字段不全且适配器支持 → 调一次 contact API 补齐（仅 feishu；dingtalk/wecom 无 resolveSender）。
+    let attemptedResolve = false;
+    if ((!name || !avatar) && typeof inst.adapter.resolveSender === 'function') {
+      attemptedResolve = true;
+      const r = await inst.adapter.resolveSender(inst.bridgeDeps.getConfig(), senderId, ctxFor(inst));
+      if (r) {
+        if (!name && r.name != null) name = String(r.name);
+        if (!avatar && r.avatar != null) avatar = String(r.avatar);
+      }
+    }
+    if (name || avatar) {
+      upsertSender(inst.adapter.id, senderId, { name, avatar });
+      cache[senderId] = { ts: now, ok: true };
+    } else if (attemptedResolve) {
+      // 调过 contact API 但什么都没拿到 → 负缓存，避免对该发送者每条消息反复打 API。
+      cache[senderId] = { ts: now, ok: false };
+    }
+  } catch (e) {
+    cache[senderId] = { ts: now, ok: false }; // 失败也负缓存（短 TTL，10min 后自动重试）
+    audit(inst, 'resolve-sender-error', { senderId, error: String(e?.message || e) });
+  }
+}
 function queueCap(inst) {
   return inst.maxQueueOverride ?? MAX_QUEUE;
 }
+/**
+ * Await the in-flight ack card promise, update it with terminal text/status, and null
+ * the promise on `inst`. Returns true if the card was successfully updated. Best-effort:
+ * never throws, never blocks the slot release.
+ */
+async function finalizeAckCard(inst, target, text, status) {
+  try {
+    const handle = await inst.ackCardPromise?.catch(() => null);
+    inst.ackCardPromise = null;
+    if (handle && typeof inst.adapter.updateAckCard === 'function') {
+      const cfg = inst.bridgeDeps?.getConfig();
+      if (cfg) return !!(await inst.adapter.updateAckCard(cfg, target, handle, text, status, ctxFor(inst)).catch(() => false));
+    }
+  } catch { /* best-effort */ }
+  inst.ackCardPromise = null;
+  return false;
+}
 // ─── activeInjection lifecycle ───
 function clearActiveInjection() {
   activeInjection = null;
   if (activeInjectionTimer) { clearTimeout(activeInjectionTimer); activeInjectionTimer = null; }
+  if (idlePollTimer) { clearInterval(idlePollTimer); idlePollTimer = null; }
+  idlePollCount = 0;
 }
 function armActiveInjection(inst, target, since) {
-  activeInjection = { platformId: inst.adapter.id, since, target };
+  activeInjection = { platformId: inst.adapter.id, since, target, transcriptPath: null };
   if (activeInjectionTimer) clearTimeout(activeInjectionTimer);
-  activeInjectionTimer = setTimeout(() => {
+  activeInjectionTimer = setTimeout(async () => {
     // Only fire if THIS injection still owns the slot (symmetry with the inject-failure guard).
     if (!activeInjection || activeInjection.since !== since) return;
     audit(inst, 'reply-timeout', { conversationId: target?.conversationId });
-    clearActiveInjection();              // turn_end never came → release the slot globally…
+    const cardUpdated = await finalizeAckCard(inst, target, tr(inst, 'ackTimeout'), 'error');
+    if (!activeInjection || activeInjection.since !== since) return;
+    clearActiveInjection();
+    if (!cardUpdated) void sendReply(inst, target, tr(inst, 'ackTimeout'));
     drainAll();                          // …and let any platform's queue proceed
   }, PENDING_TIMEOUT_MS);
   if (typeof activeInjectionTimer.unref === 'function') activeInjectionTimer.unref();
+  // Secondary idle detection: poll isStreaming() to catch missed Stop hook events.
+  if (idlePollTimer) clearInterval(idlePollTimer);
+  idlePollCount = 0;
+  let sawStreaming = false;
+  idlePollTimer = setInterval(() => {
+    if (!activeInjection || activeInjection.since !== since) { clearInterval(idlePollTimer); idlePollTimer = null; return; }
+    const d = inst.bridgeDeps;
+    if (!d) return;
+    if (d.isStreaming()) { sawStreaming = true; idlePollCount = 0; return; }
+    if (!sawStreaming) return; // haven't seen streaming start yet — don't count idle
+    idlePollCount++;
+    if (idlePollCount >= IDLE_POLL_THRESHOLD) {
+      clearInterval(idlePollTimer); idlePollTimer = null;
+      audit(inst, 'idle-turn-end', { conversationId: target?.conversationId, idleSeconds: idlePollCount * IDLE_POLL_INTERVAL_MS / 1000 });
+      notifyTurnEnd(null, since, activeInjection?.transcriptPath || null);
+    }
+  }, IDLE_POLL_INTERVAL_MS);
+  if (typeof idlePollTimer.unref === 'function') idlePollTimer.unref();
 }
 // ─── small helpers ───
@@ -129,12 +221,15 @@ function bracketPasteSubmit(text) {
   return ['\x1b[200~' + text + '\x1b[201~', '\r'];
 }
-/** Prepend the IM-origin marker `⟦im:<id>⟧`, EXCEPT for slash commands (a marker prefix would
- *  stop the CLI from recognizing `/clear` etc.). trim() guards leading whitespace / full-width
- *  spaces. KEEP IN SYNC with IM_ORIGIN_RE in src/utils/imOrigin.js. */
-function markOrigin(id, content) {
+/** Prepend the IM-origin marker `⟦im:<id>⟧` or `⟦im:<id>:<senderId>⟧`, EXCEPT for slash commands
+ *  (a marker prefix would stop the CLI from recognizing `/clear` etc.). trim() guards leading
+ *  whitespace / full-width spaces. senderId is embedded only when it's "safe" (no space / `:` / `⟧`)
+ *  so the marker stays unambiguous; otherwise it degrades to the platform-only form.
+ *  KEEP IN SYNC with IM_ORIGIN_RE in src/utils/imOrigin.js. */
+function markOrigin(id, senderId, content) {
   if (content.trim().startsWith('/')) return content;
-  return `⟦im:${id}⟧` + content;
+  const safe = (typeof senderId === 'string' && /^[^\s:⟧]+$/.test(senderId)) ? `:${senderId}` : '';
+  return `⟦im:${id}${safe}⟧` + content;
 }
 /**
@@ -163,8 +258,8 @@ function isStopCommand(text) {
   return STOP_WORDS.has(text.trim().toLowerCase());
 }
-function tr(inst, key) {
-  return t(`${inst.adapter.i18nNs}.${key}`);
+function tr(inst, key, params) {
+  return t(`${inst.adapter.i18nNs}.${key}`, params);
 }
 // ─── transcript extraction (the safe outbound text source) ───
@@ -312,11 +407,19 @@ function handleInboundInner(inst, normalized) {
   }
   audit(inst, 'in', { msgId, senderId, conversationId, len: text.length });
+  // 后台解析并持久化发送者身份（姓名/头像）供「对话记录」展示。fire-and-forget：
+  // 绝不 await（解析可能要打 contact API），不阻塞/不影响下面的消息注入。
+  void resolveAndPersistSender(inst, senderId, normalized);
   if (!text) return; // non-text messages (image/voice/file) are ignored in v1
   if (isStopCommand(text)) {
     inst.bridgeDeps.writeToPty('\x1b'); // ESC interrupts the current turn (NOT killPty)
     audit(inst, 'stop', { conversationId });
+    const stoppedInst = activeInjection ? instances.get(activeInjection.platformId) : null;
+    const stoppedTarget = activeInjection?.target;
+    if (stoppedInst && stoppedTarget) {
+      void finalizeAckCard(stoppedInst, stoppedTarget, tr(stoppedInst, 'interrupted'), 'interrupted');
+    }
     // ESC interrupts whatever turn is live on the shared PTY (possibly another platform's), which
     // may mean its turn_end never fires. Release the global slot and resume all queues so /stop
     // can never wedge the bridge.
@@ -328,12 +431,13 @@ function handleInboundInner(inst, normalized) {
   if (inst.queue.length >= queueCap(inst)) {
     audit(inst, 'queue-full', { conversationId, queued: inst.queue.length });
-    void sendReply(inst, target, tr(inst, 'queueFull'));
+    void sendReply(inst, target, tr(inst, 'queueFull', { max: String(queueCap(inst)) }));
     return;
   }
-  inst.queue.push({ ...target, content: text });
+  inst.queue.push({ ...target, senderId, content: text });
   if (activeInjection || inst.bridgeDeps.isStreaming()) {
-    void sendReply(inst, target, tr(inst, 'busyQueued'));
+    const ahead = inst.queue.length - 1;
+    void sendReply(inst, target, tr(inst, 'busyQueued', { ahead: String(ahead), max: String(queueCap(inst)) }));
   }
   drainQueue(inst);
 }
@@ -367,20 +471,36 @@ function drainQueue(inst) {
     }
     const since = Date.now();
     armActiveInjection(inst, item, since);
-    if (!isImWorker && skipPerm) {
+    // Instant ack: fire-and-forget so writeToPtySequential is never delayed.
+    if (cfg.ackCard !== false && typeof inst.adapter.sendAckCard === 'function') {
+      const ackTarget = item;
+      inst.ackCardPromise = inst.adapter.sendAckCard(cfg, item, tr(inst, 'ackProcessing'), ctxFor(inst))
+        .then((handle) => { if (!handle) void sendReply(inst, ackTarget, tr(inst, 'ackProcessing')); return handle; })
+        .catch((e) => { audit(inst, 'ack-card-error', { error: String(e?.message || e) }); void sendReply(inst, ackTarget, tr(inst, 'ackProcessing')); return null; });
+    } else if (cfg.ackCard !== false) {
+      void sendReply(inst, item, tr(inst, 'ackProcessing'));
+      inst.ackCardPromise = null;
+    } else {
+      inst.ackCardPromise = null;
+    }
+    if (!isImWorker && skipPerm && cfg.ackCard === false) {
       audit(inst, 'skip-perm-warning', { conversationId: item.conversationId });
       void sendReply(inst, item, tr(inst, 'skipPermWarning'));
     }
     // React to a failed injection (PTY gone/died mid-write → onComplete(false)). Without this the
     // prompt never submits, no turn_end ever comes, and the slot wedges until the timeout. Only
     // act if THIS injection still owns the slot (a /stop or timeout may have released it).
-    d.writeToPtySequential(bracketPasteSubmit(markOrigin(inst.adapter.id, item.content)), (ok) => {
+    d.writeToPtySequential(bracketPasteSubmit(markOrigin(inst.adapter.id, item.senderId, item.content)), (ok) => {
       if (ok) return;
       if (!activeInjection || activeInjection.platformId !== inst.adapter.id || activeInjection.since !== since) return;
       audit(inst, 'inject-failed', { conversationId: item.conversationId });
-      clearActiveInjection();
-      void sendReply(inst, item, tr(inst, 'injectFailed'));
-      drainAll();
+      void (async () => {
+        const cardUpdated = await finalizeAckCard(inst, item, tr(inst, 'injectFailed'), 'error');
+        if (!activeInjection || activeInjection.platformId !== inst.adapter.id || activeInjection.since !== since) return;
+        clearActiveInjection();
+        if (!cardUpdated) void sendReply(inst, item, tr(inst, 'injectFailed'));
+        drainAll();
+      })().catch(() => {});
     }, { settleMs: 250 });
     return; // one at a time; resume on the next turn_end
   }
@@ -395,6 +515,7 @@ function drainAll() {
 // ─── outbound trigger (called from server.js _emitTurnEnd) ───
 export async function notifyTurnEnd(sessionId, ts, transcriptPath) {
+  if (transcriptPath && activeInjection) activeInjection.transcriptPath = transcriptPath;
   if (!activeInjection) { drainAll(); return; } // only reply to turns a bridge initiated
   const inst = instances.get(activeInjection.platformId);
   if (!inst) { clearActiveInjection(); drainAll(); return; }
@@ -403,6 +524,9 @@ export async function notifyTurnEnd(sessionId, ts, transcriptPath) {
   // correlation is a v2 item.)
   if (ts && activeInjection.since && ts < activeInjection.since) { drainAll(); return; }
   const target = activeInjection.target;
+  // Grab the ack card promise before clearing state.
+  const ackP = inst.ackCardPromise;
+  inst.ackCardPromise = null;
   clearActiveInjection();
   // Idempotency for a doubled turn_end of the SAME turn (a re-broadcast carries the same ts).
   // Keyed on ts, NOT reply text.
@@ -414,8 +538,36 @@ export async function notifyTurnEnd(sessionId, ts, transcriptPath) {
   drainAll();
   let text = extractLastAssistantText(transcriptPath);
   if (!text) text = tr(inst, 'noTextReply');
-  try { await sendReply(inst, target, text); }
-  catch (e) { inst.lastError = String(e?.message || e); audit(inst, 'send-error', { error: inst.lastError }); }
+  // Try to update the ack card in-place with the reply. Fall back to sendReply on failure.
+  const handle = await ackP?.catch(() => null);
+  if (handle && typeof inst.adapter.updateAckCard === 'function') {
+    const cfg = inst.bridgeDeps.getConfig();
+    let chunks = chunkText(text, cfg.maxChunkChars);
+    if (chunks.length > MAX_CHUNKS_PER_TURN) {
+      chunks = chunks.slice(0, MAX_CHUNKS_PER_TURN);
+      chunks[MAX_CHUNKS_PER_TURN - 1] += '\n\n' + tr(inst, 'truncated');
+    }
+    try {
+      const updated = await inst.adapter.updateAckCard(cfg, target, handle, chunks[0] || text, 'done', ctxFor(inst));
+      if (updated && chunks.length > 1) {
+        for (let i = 1; i < chunks.length; i++) {
+          try { await rateLimitGate(inst); await inst.adapter.sendOne(cfg, target, chunks[i], ctxFor(inst)); }
+          catch (e) { inst.lastError = String(e?.message || e); audit(inst, 'send-error', { error: inst.lastError }); break; }
+        }
+      } else if (!updated) {
+        await sendReply(inst, target, text);
+      }
+      audit(inst, 'out', { conversationId: target.conversationId, chunks: chunks.length, cardUpdated: !!updated });
+    } catch (e) {
+      inst.lastError = String(e?.message || e);
+      audit(inst, 'card-update-error', { error: inst.lastError });
+      try { await sendReply(inst, target, text); } catch { /* already logged in sendReply */ }
+    }
+  } else {
+    try { await sendReply(inst, target, text); }
+    catch (e) { inst.lastError = String(e?.message || e); audit(inst, 'send-error', { error: inst.lastError }); }
+  }
 }
 // ─── per-platform lifecycle ───
@@ -452,6 +604,11 @@ export async function startBridge(id, deps) {
 export async function stopBridge(id) {
   const inst = instances.get(id);
   if (!inst) return;
+  if (inst.ackCardPromise && activeInjection?.platformId === id) {
+    await finalizeAckCard(inst, activeInjection.target, tr(inst, 'noSession'), 'error');
+  } else {
+    inst.ackCardPromise = null;
+  }
   try { await inst.adapter.disconnect?.(inst.client, ctxFor(inst)); } catch { /* best-effort */ }
   inst.client = null;
   inst.running = false;

package/server/lib/im-claude-md.js CHANGED Viewed

@@ -3,9 +3,14 @@
 // + 强制 allowlist（见 plan §安全）。但它仍是抑制交互式工具、控制回复风格的主要手段。
 //
 // 用 openSync(path,'wx') 原子创建：从不覆盖用户已编辑的文件（避免 existsSync→write 的 TOCTOU）。
-import { openSync, writeFileSync, closeSync, mkdirSync } from 'node:fs';
+import { openSync, writeFileSync, closeSync, mkdirSync, readFileSync, unlinkSync } from 'node:fs';
 import { join } from 'node:path';
+import { randomBytes } from 'node:crypto';
 import { imDir } from './im-lock.js';
+import { renameSyncWithRetry } from './file-api.js';
+// CLAUDE.md 写入上限（字符数，按 String.length / UTF-16 码元计）：远超任何合理人格定义，纯防失控大 body。
+export const MAX_CLAUDE_MD_CHARS = 256 * 1024;
 // id → 双语展示名（CLAUDE.md 为内联内容，不走 i18n.js）。
 const PLATFORM_LABELS = {
@@ -80,3 +85,34 @@ export function ensureImClaudeMd(id, dir = imDir(id)) {
   }
   return true;
 }
+/**
+ * 读取 IM_<id>/CLAUDE.md 当前内容（供「模型性格定义」编辑器加载）。
+ * 文件不存在 → 返回预置文本（尚未落盘），让编辑器展示默认人格供用户定制；保存时才写盘。
+ */
+export function readImClaudeMd(id) {
+  try {
+    return readFileSync(join(imDir(id), 'CLAUDE.md'), 'utf-8');
+  } catch (e) {
+    if (e && e.code === 'ENOENT') return buildImClaudeMdPreset(id);
+    throw e;
+  }
+}
+/**
+ * 覆盖写 IM_<id>/CLAUDE.md（原子：temp + rename，mode 0600）。下次该 IM worker 重启时生效
+ * （CLAUDE.md 仅在 worker 启动时读取一次）。
+ */
+export function writeImClaudeMd(id, content) {
+  const text = String(content ?? '');
+  const dir = imDir(id);
+  mkdirSync(dir, { recursive: true });
+  const tmp = join(dir, `CLAUDE.md.tmp-${process.pid}-${randomBytes(4).toString('hex')}`);
+  try {
+    writeFileSync(tmp, text, { mode: 0o600 });
+    renameSyncWithRetry(tmp, join(dir, 'CLAUDE.md'));
+  } catch (err) {
+    try { unlinkSync(tmp); } catch { /* best-effort */ }
+    throw err;
+  }
+}

package/server/lib/im-config.js CHANGED Viewed

@@ -34,7 +34,7 @@ const DESCRIPTORS = {
     allowListField: 'allowStaffIds',
     defaults: {
       enabled: false, appKey: '', appSecret: '', allowStaffIds: [],
-      maxChunkChars: 3800, blockOnSkipPermissions: false,
+      maxChunkChars: 3800, blockOnSkipPermissions: false, ackCard: true, cardTemplateId: '',
     },
     fields: [
       { key: 'enabled', type: 'bool' },
@@ -43,6 +43,8 @@ const DESCRIPTORS = {
       { key: 'allowStaffIds', type: 'idlist' },
       { key: 'maxChunkChars', type: 'chunk' },
       { key: 'blockOnSkipPermissions', type: 'bool' },
+      { key: 'ackCard', type: 'bool', default: true },
+      { key: 'cardTemplateId', type: 'string' },
     ],
   },
   feishu: {
@@ -50,7 +52,7 @@ const DESCRIPTORS = {
     allowListField: 'allowUserIds',
     defaults: {
       enabled: false, appId: '', appSecret: '', region: 'feishu', allowUserIds: [],
-      maxChunkChars: 3800, blockOnSkipPermissions: false,
+      maxChunkChars: 3800, blockOnSkipPermissions: false, ackCard: true,
     },
     fields: [
       { key: 'enabled', type: 'bool' },
@@ -60,6 +62,7 @@ const DESCRIPTORS = {
       { key: 'allowUserIds', type: 'idlist' },
       { key: 'maxChunkChars', type: 'chunk' },
       { key: 'blockOnSkipPermissions', type: 'bool' },
+      { key: 'ackCard', type: 'bool', default: true },
     ],
   },
   wecom: {
@@ -67,7 +70,7 @@ const DESCRIPTORS = {
     allowListField: 'allowUserIds',
     defaults: {
       enabled: false, botId: '', secret: '', allowUserIds: [],
-      maxChunkChars: 3800, blockOnSkipPermissions: false,
+      maxChunkChars: 3800, blockOnSkipPermissions: false, ackCard: true,
     },
     fields: [
       { key: 'enabled', type: 'bool' },
@@ -76,6 +79,7 @@ const DESCRIPTORS = {
       { key: 'allowUserIds', type: 'idlist' },
       { key: 'maxChunkChars', type: 'chunk' },
       { key: 'blockOnSkipPermissions', type: 'bool' },
+      { key: 'ackCard', type: 'bool', default: true },
     ],
   },
   discord: {
@@ -84,7 +88,7 @@ const DESCRIPTORS = {
     defaults: {
       // 1900 < Discord's hard 2000-char/message limit (the adapter also hard-splits as defense).
       enabled: false, botToken: '', allowUserIds: [],
-      maxChunkChars: 1900, blockOnSkipPermissions: false,
+      maxChunkChars: 1900, blockOnSkipPermissions: false, ackCard: true,
     },
     fields: [
       { key: 'enabled', type: 'bool' },
@@ -92,6 +96,7 @@ const DESCRIPTORS = {
       { key: 'allowUserIds', type: 'idlist' },
       { key: 'maxChunkChars', type: 'chunk', default: 1900 }, // < Discord's 2000-char limit
       { key: 'blockOnSkipPermissions', type: 'bool' },
+      { key: 'ackCard', type: 'bool', default: true },
     ],
   },
 };
@@ -155,7 +160,7 @@ function normalizeIdList(v) {
 function normField(type, v, dflt) {
   switch (type) {
-    case 'bool': return !!v;
+    case 'bool': return v !== undefined && v !== null ? !!v : (dflt !== undefined ? !!dflt : false);
     case 'cred':
     case 'secret': return typeof v === 'string' ? v.trim() : '';
     case 'idlist': return normalizeIdList(v);
@@ -169,7 +174,7 @@ function decodeField(type, v, dflt) {
   switch (type) {
     case 'cred':
     case 'secret': return decodeSecret(v);
-    case 'bool': return !!v;
+    case 'bool': return v !== undefined && v !== null ? !!v : (dflt !== undefined ? !!dflt : false);
     case 'idlist': return normalizeIdList(v);
     case 'chunk': return clampChunk(v, dflt);
     case 'region': return v === 'lark' ? 'lark' : 'feishu';

package/server/lib/im-process-manager.js CHANGED Viewed

@@ -22,7 +22,7 @@ const sleep = (ms) => new Promise((r) => setTimeout(r, ms));
 export function resolveNodeBinary() {
   if (!process.versions.electron) return process.execPath;
   try {
-    const out = execSync(process.platform === 'win32' ? 'where node' : 'which node', { encoding: 'utf-8' });
+    const out = execSync(process.platform === 'win32' ? 'where node' : 'which node', { encoding: 'utf-8', windowsHide: true });
     const p = process.platform === 'win32' ? out.split('\n')[0].trim() : out.trim();
     if (p) return p;
   } catch { /* fall through */ }

package/server/lib/im-senders.js ADDED Viewed

@@ -0,0 +1,73 @@
+// IM 发送者身份持久化 —— 每个 IM worker 把解析到的「发送者 senderId → {name, avatar}」写到
+// ~/.claude/cc-viewer/IM_<id>/im-senders.json，供主进程的 /api/im/:platform/senders 读取，
+// 让「对话记录」弹窗能按 senderId 显示真实姓名 + 头像。
+//
+// 设计（与 im-lock.js 同风格）：
+// - 原子写：temp + renameSyncWithRetry，读方永不见半写 JSON。
+// - 读容忍：坏 / 缺 / 非对象一律降级为 {}，绝不抛。
+// - 容量上限：按 ts 保留最近 MAX_SENDERS 个，避免无限增长（群聊发送者可能很多）。
+// - 这些是本地数据（不入 preferences、不外发），与现有本地日志同级。
+import { openSync, closeSync, readFileSync, writeFileSync, unlinkSync, mkdirSync } from 'node:fs';
+import { join } from 'node:path';
+import { randomBytes } from 'node:crypto';
+import { imDir } from './im-lock.js';
+import { renameSyncWithRetry } from './file-api.js';
+export const MAX_SENDERS = 500;
+function sendersPath(id) { return join(imDir(id), 'im-senders.json'); }
+/** 读发送者映射；不存在 / 坏 JSON / 非对象 → {}。 */
+export function readSenders(id) {
+  try {
+    const o = JSON.parse(readFileSync(sendersPath(id), 'utf-8'));
+    return (o && typeof o === 'object' && !Array.isArray(o)) ? o : {};
+  } catch { return {}; }
+}
+/** 原子写整张映射（temp + rename）。 */
+function writeSenders(id, map) {
+  const dir = imDir(id);
+  mkdirSync(dir, { recursive: true });
+  const tmp = join(dir, `im-senders.json.tmp-${process.pid}-${randomBytes(4).toString('hex')}`);
+  try {
+    writeFileSync(tmp, JSON.stringify(map), { mode: 0o600 });
+    renameSyncWithRetry(tmp, sendersPath(id));
+  } catch (err) {
+    try { unlinkSync(tmp); } catch { /* best-effort */ }
+    throw err;
+  }
+}
+/**
+ * upsert 一个发送者。merge 进现有映射，盖上 ts；超过 MAX_SENDERS 时丢弃最旧的。
+ * name/avatar 任一为空都接受（部分平台只有名字没头像）。整段失败静默（持久化失败非致命）。
+ * @returns {boolean} 是否实际写入
+ */
+export function upsertSender(id, senderId, profile = {}) {
+  if (typeof senderId !== 'string' || !senderId) return false;
+  const name = profile.name != null ? String(profile.name) : null;
+  const avatar = profile.avatar != null ? String(profile.avatar) : null;
+  try {
+    const map = readSenders(id);
+    const prev = map[senderId];
+    // 无新信息（name/avatar 都没变且都已存在）→ 跳过写盘，省 IO。
+    if (prev && prev.name === name && prev.avatar === avatar) return false;
+    map[senderId] = { name, avatar, ts: tsNow() };
+    const keys = Object.keys(map);
+    if (keys.length > MAX_SENDERS) {
+      keys
+        .sort((a, b) => (map[a].ts || 0) - (map[b].ts || 0))
+        .slice(0, keys.length - MAX_SENDERS)
+        .forEach((k) => { delete map[k]; });
+    }
+    writeSenders(id, map);
+    return true;
+  } catch {
+    return false; // 持久化失败不影响消息流
+  }
+}
+// 单独抽出便于测试注入（避免直接用 Date.now 影响可测性，但保持简单）。
+function tsNow() { return Date.now(); }

package/server/lib/jsonl-archive.js CHANGED Viewed

@@ -20,7 +20,6 @@ const CACHE_TTL_MS = 7 * 24 * 3600 * 1000;
 const ARCHIVE_MAX_BYTES = 400 * 1024 * 1024;
 function syncSleep(ms) {
-  // Atomics.wait 在主线程上真睡眠（不像 busy-wait 占满 CPU 或阻塞 event-loop heuristics）
   Atomics.wait(new Int32Array(new SharedArrayBuffer(4)), 0, 0, ms);
 }