chainlesschain 0.162.35 → 0.162.36

package/src/lib/hook-runner.cjs

@@ -0,0 +1,183 @@
+"use strict";
+
+/**
+ * hook-runner — execute a Claude-Code `command` hook with the JSON protocol.
+ *
+ * Protocol (Claude-Code parity):
+ *   - the hook event payload is written to the command's STDIN as JSON;
+ *   - exit code 2          → BLOCK (reason = stderr) — the canonical "deny" path;
+ *   - exit code 0 + JSON stdout → honored decision:
+ *       { "decision": "block"|"approve"|"ask", "reason": "..." }
+ *       { "hookSpecificOutput": { "permissionDecision": "deny"|"allow"|"ask",
+ *                                 "permissionDecisionReason": "..." } }
+ *       { "continue": false, "stopReason": "..." }                → block
+ *       { "additionalContext": "..." }                            → continue
+ *   - any other non-zero   → non-blocking error (surfaced, never blocks);
+ *   - spawn failure / timeout → non-blocking (a broken hook must not wedge the
+ *                               agent — only an explicit block decision blocks).
+ *
+ * Returns a normalized `{ decision, reason, exitCode, stdout, stderr, ... }`.
+ * `_deps.spawnSync` is injected for unit tests (no real process needed).
+ */
+
+const cpDefault = require("node:child_process");
+
+const _deps = { spawnSync: cpDefault.spawnSync };
+
+const HOOK_DECISIONS = Object.freeze({
+  BLOCK: "block",
+  ALLOW: "allow",
+  ASK: "ask",
+  CONTINUE: "continue",
+});
+
+/** Parse a hook's stdout JSON into a normalized decision, or null if not JSON. */
+function tryParseDecision(stdout) {
+  const text = String(stdout || "").trim();
+  if (!text || text[0] !== "{") return null;
+  let obj;
+  try {
+    obj = JSON.parse(text);
+  } catch {
+    return null;
+  }
+  // PreToolUse-specific permission decision
+  const hso = obj.hookSpecificOutput;
+  if (hso && hso.permissionDecision) {
+    const pd = String(hso.permissionDecision).toLowerCase();
+    const decision =
+      pd === "deny"
+        ? HOOK_DECISIONS.BLOCK
+        : pd === "ask"
+          ? HOOK_DECISIONS.ASK
+          : pd === "allow"
+            ? HOOK_DECISIONS.ALLOW
+            : HOOK_DECISIONS.CONTINUE;
+    return { decision, reason: hso.permissionDecisionReason || null };
+  }
+  // Generic decision field
+  if (obj.decision) {
+    const d = String(obj.decision).toLowerCase();
+    const decision =
+      d === "block" || d === "deny"
+        ? HOOK_DECISIONS.BLOCK
+        : d === "approve" || d === "allow"
+          ? HOOK_DECISIONS.ALLOW
+          : d === "ask"
+            ? HOOK_DECISIONS.ASK
+            : HOOK_DECISIONS.CONTINUE;
+    return { decision, reason: obj.reason || null };
+  }
+  // continue:false → stop/block
+  if (obj.continue === false) {
+    return {
+      decision: HOOK_DECISIONS.BLOCK,
+      reason: obj.stopReason || obj.reason || "hook requested stop",
+    };
+  }
+  return {
+    decision: HOOK_DECISIONS.CONTINUE,
+    reason: null,
+    additionalContext: obj.additionalContext || null,
+  };
+}
+
+/**
+ * Run one command hook. `input` is JSON-serialized to the hook's stdin.
+ *
+ * @param {string} command
+ * @param {object} [input]   the hook event payload (tool_name, tool_input, …)
+ * @param {object} [opts]    { timeout=60000, cwd, event }
+ * @returns {{ decision:string, reason:string|null, exitCode:number|null,
+ *            stdout?:string, stderr?:string, additionalContext?:string,
+ *            nonBlockingError?:boolean, error?:string }}
+ */
+function runCommandHook(command, input = {}, opts = {}) {
+  const { timeout = 60000, cwd, event } = opts;
+  if (!command) {
+    return { decision: HOOK_DECISIONS.CONTINUE, reason: null, exitCode: 0 };
+  }
+  let res;
+  try {
+    res = _deps.spawnSync(command, {
+      input: JSON.stringify(input),
+      cwd: cwd || process.cwd(),
+      encoding: "utf-8",
+      timeout,
+      shell: true,
+      maxBuffer: 8 * 1024 * 1024,
+      env: {
+        ...process.env,
+        CLAUDE_HOOK_EVENT: event || input.hook_event_name || "",
+      },
+    });
+  } catch (err) {
+    return {
+      decision: HOOK_DECISIONS.CONTINUE,
+      reason: `hook spawn failed: ${err.message}`,
+      exitCode: null,
+      error: err.message,
+      nonBlockingError: true,
+    };
+  }
+  // spawnSync surfaces timeout/ENOENT on res.error (status null) — non-blocking.
+  if (res.error) {
+    return {
+      decision: HOOK_DECISIONS.CONTINUE,
+      reason: `hook error: ${res.error.message}`,
+      exitCode: null,
+      stdout: String(res.stdout || ""),
+      stderr: String(res.stderr || ""),
+      error: res.error.message,
+      nonBlockingError: true,
+    };
+  }
+  const exitCode = res.status;
+  const stdout = String(res.stdout || "");
+  const stderr = String(res.stderr || "");
+
+  if (exitCode === 2) {
+    return {
+      decision: HOOK_DECISIONS.BLOCK,
+      reason: stderr.trim() || "hook exited 2 (blocked)",
+      exitCode,
+      stdout,
+      stderr,
+    };
+  }
+  if (exitCode === 0) {
+    const parsed = tryParseDecision(stdout);
+    if (parsed) return { ...parsed, exitCode, stdout, stderr };
+    return { decision: HOOK_DECISIONS.CONTINUE, reason: null, exitCode, stdout, stderr };
+  }
+  // Other non-zero → non-blocking error.
+  return {
+    decision: HOOK_DECISIONS.CONTINUE,
+    reason: stderr.trim() || `hook exited ${exitCode}`,
+    exitCode,
+    stdout,
+    stderr,
+    nonBlockingError: true,
+  };
+}
+
+/**
+ * Run a list of command hooks in order; first BLOCK (or ASK) short-circuits.
+ * @returns {{ decision, reason, hook?, results }}
+ */
+function runHooks(commandHooks, input = {}, opts = {}) {
+  const results = [];
+  for (const h of commandHooks || []) {
+    const r = runCommandHook(h.command, input, {
+      ...opts,
+      timeout: h.timeout != null ? h.timeout * 1000 : opts.timeout,
+    });
+    results.push({ command: h.command, ...r });
+    if (r.decision === HOOK_DECISIONS.BLOCK || r.decision === HOOK_DECISIONS.ASK) {
+      return { decision: r.decision, reason: r.reason, hook: h.command, results };
+    }
+  }
+  return { decision: HOOK_DECISIONS.CONTINUE, reason: null, results };
+}
+
+module.exports = { runCommandHook, runHooks, tryParseDecision, HOOK_DECISIONS, _deps };

package/src/lib/ide-bridge.js

@@ -0,0 +1,310 @@
+/**
+ * IDE bridge discovery (Phase 0) — find a first-party IDE MCP server that an
+ * editor extension advertises via a lockfile, and turn it into an MCP server
+ * config the agent loop can connect to.
+ *
+ * Protocol (design: docs/design/modules/98_IDE桥接对标方案.md): each running
+ * IDE instance writes
+ *     ~/.chainlesschain/ide/<port>.json     (file 0600, dir 0700)
+ * describing a localhost SSE/HTTP MCP server + a per-instance bearer token.
+ * The extension that owns the integrated terminal ALSO injects
+ *     CHAINLESSCHAIN_IDE_PORT   (+ optional CHAINLESSCHAIN_IDE_TOKEN)
+ * so the CLI can lock onto the exact instance without scanning/guessing
+ * (the deterministic "path A" below). Plain terminals fall back to a lockfile
+ * scan + workspace match ("path B").
+ *
+ * Phase 0 is pure CLI: no extension code, no VS Code dependency, fully
+ * unit-testable through `_deps`. The connect path itself reuses the existing
+ * MCP client (SSE/HTTP) via mcp-config.js `loadIdeMcp`.
+ */
+import fs from "fs";
+import path from "path";
+import os from "os";
+
+/** A lock whose pid is dead and whose file is older than this = stale. */
+const STALE_TTL_MS = 30_000;
+
+/** Transports the CLI's MCP client can actually talk (see mcp-client.js). */
+const SUPPORTED_TRANSPORTS = new Set(["sse", "http", "https"]);
+
+/** Liveness probe via signal 0 — cross-platform (works on Windows too). */
+function defaultProcessAlive(pid) {
+  if (!pid || typeof pid !== "number") return false;
+  try {
+    process.kill(pid, 0);
+    return true;
+  } catch (err) {
+    // EPERM: the process exists but we may not signal it → still alive.
+    return !!(err && err.code === "EPERM");
+  }
+}
+
+export const _deps = {
+  readDir: (d) => fs.readdirSync(d),
+  readFile: (p) => fs.readFileSync(p, "utf-8"),
+  statMtimeMs: (p) => fs.statSync(p).mtimeMs,
+  homedir: () => os.homedir(),
+  now: () => Date.now(),
+  processAlive: defaultProcessAlive,
+};
+
+/** `~/.chainlesschain/ide/`. */
+export function ideLockDir(deps = _deps) {
+  return path.join(deps.homedir(), ".chainlesschain", "ide");
+}
+
+function isLocalhostUrl(url) {
+  try {
+    const u = new URL(url);
+    return u.hostname === "127.0.0.1" || u.hostname === "::1";
+  } catch {
+    return false;
+  }
+}
+
+function inferTransportFromUrl(url) {
+  if (/\/sse(\b|\/|$)/i.test(url)) return "sse";
+  if (/^https:/i.test(url)) return "https";
+  if (/^http:/i.test(url)) return "http";
+  return null;
+}
+
+/** Parse + validate one lock JSON. Returns a normalized lock or null. */
+function parseLock(raw, filePath) {
+  let lock;
+  try {
+    lock = JSON.parse(raw);
+  } catch {
+    return null;
+  }
+  if (!lock || typeof lock !== "object") return null;
+  if (!lock.url || !isLocalhostUrl(lock.url)) return null;
+
+  const transport = String(
+    lock.transport || inferTransportFromUrl(lock.url) || "",
+  ).toLowerCase();
+  if (!SUPPORTED_TRANSPORTS.has(transport)) return null; // e.g. ws — not yet
+
+  let folders = lock.workspaceFolders;
+  if (typeof folders === "string") folders = [folders];
+  if (!Array.isArray(folders)) folders = [];
+  folders = folders.filter((f) => typeof f === "string" && f.length > 0);
+
+  return {
+    ide: typeof lock.ide === "string" ? lock.ide : "unknown",
+    transport,
+    url: lock.url,
+    port: lock.port,
+    token: typeof lock.token === "string" ? lock.token : null,
+    workspaceFolders: folders,
+    pid: typeof lock.pid === "number" ? lock.pid : null,
+    startedAt: typeof lock.started_at === "number" ? lock.started_at : 0,
+    _file: filePath,
+  };
+}
+
+/** True when a lock is dead: pid gone AND file older than the TTL. */
+function isStale(lock, deps) {
+  if (lock.pid && deps.processAlive(lock.pid)) return false;
+  let mtime;
+  try {
+    mtime = deps.statMtimeMs(lock._file);
+  } catch {
+    return true;
+  }
+  return deps.now() - mtime > STALE_TTL_MS;
+}
+
+/**
+ * Scan the lock dir → normalized, live, localhost, supported-transport locks.
+ * Missing dir / unreadable files are silently skipped (best-effort).
+ */
+export function readIdeLocks(deps = _deps) {
+  const dir = ideLockDir(deps);
+  let names;
+  try {
+    names = deps.readDir(dir);
+  } catch {
+    return [];
+  }
+  const out = [];
+  for (const name of names || []) {
+    if (!String(name).endsWith(".json")) continue;
+    const fp = path.join(dir, name);
+    let raw;
+    try {
+      raw = deps.readFile(fp);
+    } catch {
+      continue;
+    }
+    const lock = parseLock(raw, fp);
+    if (!lock) continue;
+    if (isStale(lock, deps)) continue;
+    out.push(lock);
+  }
+  return out;
+}
+
+/** Are we running inside an editor's integrated terminal? */
+export function isInIdeTerminal(env = process.env) {
+  if (!env) return false;
+  if (env.CHAINLESSCHAIN_IDE_PORT) return true;
+  if (env.TERM_PROGRAM === "vscode") return true;
+  if (env.CHAINLESSCHAIN_IDE) return true;
+  if (env.TERMINAL_EMULATOR && /jetbrains/i.test(env.TERMINAL_EMULATOR)) {
+    return true;
+  }
+  return false;
+}
+
+/** Normalize a path for prefix comparison (sep + trailing slash + win case). */
+function normPath(p) {
+  const s = String(p)
+    .replace(/\\/g, "/")
+    .replace(/\/+$/, "");
+  return process.platform === "win32" ? s.toLowerCase() : s;
+}
+
+/**
+ * Longest matching workspace-folder length for `cwd`, or -1 if none of the
+ * lock's folders contains (or equals) cwd. Longer = more specific.
+ */
+function workspaceMatchScore(lock, cwd) {
+  const c = normPath(cwd);
+  let best = -1;
+  for (const f of lock.workspaceFolders) {
+    const nf = normPath(f);
+    if (c === nf || c.startsWith(nf + "/")) {
+      if (nf.length > best) best = nf.length;
+    }
+  }
+  return best;
+}
+
+/**
+ * Pick the IDE server to connect to, or null.
+ *
+ * Path A (deterministic): if `CHAINLESSCHAIN_IDE_PORT` is set and a live lock
+ *   has that port, use it (token may come from the lock or the env).
+ * Path B (scan): otherwise rank live locks by (longest workspace-prefix match,
+ *   then newest started_at). With `force`, fall back to the newest lock even
+ *   when no folder matches (used by `--ide`).
+ *
+ * @param {object} opts { cwd?, env?, force? }
+ * @param {object} [deps]
+ */
+export function discoverIdeServer(
+  { cwd = process.cwd(), env = process.env, force = false } = {},
+  deps = _deps,
+) {
+  const locks = readIdeLocks(deps);
+  if (!locks.length) return null;
+
+  // Path A — env fast-path.
+  const envPort = env && env.CHAINLESSCHAIN_IDE_PORT;
+  if (envPort) {
+    const hit = locks.find((l) => String(l.port) === String(envPort));
+    if (hit) {
+      if (!hit.token && env.CHAINLESSCHAIN_IDE_TOKEN) {
+        hit.token = env.CHAINLESSCHAIN_IDE_TOKEN;
+      }
+      return hit;
+    }
+    // env named a port with no live lock — fall through to scan.
+  }
+
+  // Path B — workspace match.
+  let best = null;
+  let bestScore = -1;
+  let bestStarted = -1;
+  for (const l of locks) {
+    const score = workspaceMatchScore(l, cwd);
+    if (score < 0) continue;
+    if (
+      score > bestScore ||
+      (score === bestScore && l.startedAt > bestStarted)
+    ) {
+      best = l;
+      bestScore = score;
+      bestStarted = l.startedAt;
+    }
+  }
+  if (best) return best;
+
+  // --ide forced but no workspace match → newest live lock.
+  if (force) {
+    return locks
+      .slice()
+      .sort((a, b) => b.startedAt - a.startedAt)[0];
+  }
+  return null;
+}
+
+/**
+ * A discovered lock → an MCP server config row for `setupMcpFromConfig`.
+ * `longRunning` is forward-compat metadata: IDE tools like `ide_openDiff` may
+ * block on the user for minutes, so the agent loop should exempt them from a
+ * per-call timeout (consumed in Phase 1).
+ */
+export function ideServerToMcpConfig(lock) {
+  if (!lock || !lock.url) return null;
+  const headers = {};
+  if (lock.token) headers.Authorization = `Bearer ${lock.token}`;
+  return {
+    url: lock.url,
+    transport: lock.transport,
+    headers,
+    longRunning: true,
+  };
+}
+
+/**
+ * Human-readable explanation of why discovery did/didn't find a server — backs
+ * `cc ide doctor`. Returns { inIdeTerminal, locks:[{...,reasons?}], chosen,
+ * reason }.
+ */
+export function diagnoseIde(
+  { cwd = process.cwd(), env = process.env, force = false } = {},
+  deps = _deps,
+) {
+  const inIdeTerminal = isInIdeTerminal(env);
+  const locks = readIdeLocks(deps);
+  const chosen = discoverIdeServer({ cwd, env, force }, deps);
+
+  let reason;
+  if (chosen) {
+    reason = env && env.CHAINLESSCHAIN_IDE_PORT &&
+      String(chosen.port) === String(env.CHAINLESSCHAIN_IDE_PORT)
+      ? "matched CHAINLESSCHAIN_IDE_PORT (env fast-path)"
+      : force
+        ? "forced (--ide); newest live lock"
+        : "workspace match";
+  } else if (!locks.length) {
+    reason =
+      "no live IDE lockfiles in " +
+      ideLockDir(deps) +
+      " (is an IDE extension running? are locks stale?)";
+  } else {
+    reason =
+      "lockfiles present but none match cwd's workspace " +
+      "(run with --ide to force the newest, or cd into the IDE workspace)";
+  }
+  return {
+    inIdeTerminal,
+    lockDir: ideLockDir(deps),
+    locks: locks.map((l) => ({
+      ide: l.ide,
+      port: l.port,
+      transport: l.transport,
+      url: l.url,
+      hasToken: !!l.token,
+      workspaceFolders: l.workspaceFolders,
+      pid: l.pid,
+      matchScore: workspaceMatchScore(l, cwd),
+    })),
+    chosen: chosen
+      ? { ide: chosen.ide, port: chosen.port, url: chosen.url }
+      : null,
+    reason,
+  };
+}

package/src/lib/image-input.js

@@ -0,0 +1,156 @@
+/**
+ * image-input — multimodal (vision) input for `cc agent`.
+ *
+ * cc's internal message format is OpenAI-shaped, so the internal multimodal
+ * representation is OpenAI's: a user message whose `content` is an array of
+ * `{type:"text"}` / `{type:"image_url", image_url:{url:"data:<media>;base64,..."}}`
+ * parts. The OpenAI-compatible providers (openai/volcengine/deepseek/…) accept
+ * that verbatim, so their branch needs no conversion. ollama and anthropic use
+ * different shapes — `toOllamaMessages` and `imageUrlBlockToAnthropic` convert.
+ *
+ * All functions are pure (except `resolveImages`, which reads files via the
+ * injectable `_deps.fs`).
+ */
+
+import fs from "fs";
+import path from "path";
+
+const EXT_MEDIA = {
+  ".png": "image/png",
+  ".jpg": "image/jpeg",
+  ".jpeg": "image/jpeg",
+  ".gif": "image/gif",
+  ".webp": "image/webp",
+};
+
+/**
+ * Read `--image <path>` values into `[{ mediaType, data(base64) }]`.
+ * Throws on an unsupported extension so a typo fails loudly instead of sending
+ * a broken request.
+ */
+export function resolveImages(paths, deps = {}) {
+  const _fs = deps.fs || fs;
+  if (!Array.isArray(paths) || paths.length === 0) return [];
+  return paths.map((p) => {
+    const ext = path.extname(String(p)).toLowerCase();
+    const mediaType = EXT_MEDIA[ext];
+    if (!mediaType) {
+      throw new Error(
+        `Unsupported image type "${ext || p}" — use png/jpg/jpeg/gif/webp.`,
+      );
+    }
+    const data = _fs.readFileSync(p).toString("base64");
+    return { mediaType, data };
+  });
+}
+
+/**
+ * Build a user-message `content`: the plain string when there are no images,
+ * else an OpenAI-style multimodal array (the internal representation).
+ */
+export function buildUserContent(text, images) {
+  if (!Array.isArray(images) || images.length === 0) return text;
+  const parts = [];
+  if (text) parts.push({ type: "text", text });
+  for (const img of images) {
+    parts.push({
+      type: "image_url",
+      image_url: { url: `data:${img.mediaType};base64,${img.data}` },
+    });
+  }
+  return parts;
+}
+
+/** Parse a `data:<media>;base64,<data>` URL into `{ mediaType, data }` or null. */
+export function parseDataUrl(url) {
+  const m = /^data:([^;,]+);base64,(.*)$/s.exec(String(url || ""));
+  return m ? { mediaType: m[1], data: m[2] } : null;
+}
+
+/** True when a message carries any image_url part (i.e. needs provider conversion). */
+export function hasImageContent(messages) {
+  return (messages || []).some(
+    (m) =>
+      Array.isArray(m?.content) &&
+      m.content.some((p) => p?.type === "image_url"),
+  );
+}
+
+/**
+ * Convert OpenAI-shaped multimodal messages for the ollama `/api/chat` body:
+ * ollama wants `{ content: "<text>", images: ["<base64>", …] }` (bare base64,
+ * no `data:` prefix). Non-multimodal messages pass through untouched.
+ */
+export function toOllamaMessages(messages) {
+  return (messages || []).map((m) => {
+    if (!m || !Array.isArray(m.content)) return m;
+    let text = "";
+    const images = [];
+    for (const part of m.content) {
+      if (part?.type === "text") {
+        text += (text ? "\n" : "") + (part.text || "");
+      } else if (part?.type === "image_url") {
+        const parsed = parseDataUrl(part.image_url?.url);
+        if (parsed) images.push(parsed.data);
+        else if (part.image_url?.url) images.push(part.image_url.url);
+      }
+    }
+    const out = { ...m, content: text };
+    if (images.length) out.images = images;
+    return out;
+  });
+}
+
+/**
+ * Convert one OpenAI `image_url` content block into an Anthropic `image` block,
+ * or null when it isn't an image_url block / has no usable data URL.
+ */
+export function imageUrlBlockToAnthropic(block) {
+  if (!block || block.type !== "image_url") return null;
+  const parsed = parseDataUrl(block.image_url?.url);
+  if (!parsed) return null;
+  return {
+    type: "image",
+    source: { type: "base64", media_type: parsed.mediaType, data: parsed.data },
+  };
+}
+
+/** Default vision model (Volcengine Ark Doubao-Seed-1.6 Vision) when none configured. */
+export const DEFAULT_VISION_MODEL = "doubao-seed-1-6-vision-250815";
+
+/**
+ * Resolve the effective LLM config for a run. When an image is attached, default
+ * the provider/model/baseUrl/apiKey to the configured vision LLM so
+ * `cc agent --image foo.png` works without extra flags — using `llm.visionModel`
+ * (a separate, configurable vision model) and falling back to DEFAULT_VISION_MODEL.
+ * Explicit flags always win; with no image, behaviour is unchanged (vision config
+ * is ignored). `--vision-model` overrides the configured/default vision model.
+ *
+ * @param {object} p
+ * @param {boolean} p.hasImage  true when the run carries an attached image
+ * @param {object}  p.flags     { provider, model, baseUrl, apiKey, visionModel }
+ * @param {object}  p.llm       config.llm ({ provider, model, baseUrl, apiKey, visionModel })
+ * @returns {{provider, model, baseUrl, apiKey}}
+ */
+export function resolveVisionLlm({ hasImage, flags = {}, llm = {} } = {}) {
+  // No image → no vision override; the caller falls back to its normal LLM
+  // config (`visionLlm.x || options.x`).
+  if (!hasImage) {
+    return {
+      provider: undefined,
+      model: undefined,
+      baseUrl: undefined,
+      apiKey: undefined,
+    };
+  }
+  const visionModel =
+    flags.visionModel || llm.visionModel || DEFAULT_VISION_MODEL;
+  // `flags.model` must be the EXPLICIT `--model` (not a settings/default), so an
+  // attached image uses the vision model unless the user deliberately picked one.
+  return {
+    provider: flags.provider || llm.provider,
+    model: flags.model || visionModel,
+    baseUrl: flags.baseUrl || llm.baseUrl,
+    apiKey: flags.apiKey || llm.apiKey,
+  };
+}