claude-opencode-viewer 2.6.51 → 2.6.53
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/bin/cov.js +1 -0
- package/index-pc.html +10 -2
- package/package.json +9 -1
- package/server.js +43 -6
- package/.agents/skills/code-review-expert/README.md +0 -74
- package/.agents/skills/code-review-expert/SKILL.md +0 -156
- package/.agents/skills/code-review-expert/agents/agent.yaml +0 -7
- package/.agents/skills/code-review-expert/references/code-quality-checklist.md +0 -130
- package/.agents/skills/code-review-expert/references/removal-plan.md +0 -52
- package/.agents/skills/code-review-expert/references/security-checklist.md +0 -118
- package/.agents/skills/code-review-expert/references/solid-checklist.md +0 -65
- package/.claude/settings.local.json +0 -18
- package/.idea/claude_opencode_viewer.iml +0 -9
- package/.idea/inspectionProfiles/Project_Default.xml +0 -5
- package/.idea/modules.xml +0 -8
- package/.idea/smartfox/common_info.xml +0 -9
- package/.idea/tdkConfig.xml +0 -6
- package/.idea/vcs.xml +0 -6
- package/skills-lock.json +0 -10
- package/test-doc.md +0 -86
package/bin/cov.js
CHANGED
|
@@ -88,6 +88,7 @@ const serverArgs = [SERVER_PATH, String(port)];
|
|
|
88
88
|
if (args.includes('--pc')) serverArgs.push('--pc');
|
|
89
89
|
if (args.includes('--https')) serverArgs.push('--https');
|
|
90
90
|
if (args.includes('--json')) serverArgs.push('--json');
|
|
91
|
+
if (args.includes('--shell')) serverArgs.push('--shell');
|
|
91
92
|
const server = spawn(process.execPath, serverArgs, {
|
|
92
93
|
stdio: 'inherit',
|
|
93
94
|
cwd: process.cwd(),
|
package/index-pc.html
CHANGED
|
@@ -956,8 +956,10 @@
|
|
|
956
956
|
<div id="mode-switcher">
|
|
957
957
|
<span id="mode-label"></span>
|
|
958
958
|
<select id="mode-select">
|
|
959
|
+
<option value="" disabled selected hidden>--</option>
|
|
959
960
|
<option value="opencode">OpenCode</option>
|
|
960
961
|
<option value="claude">Claude</option>
|
|
962
|
+
<option value="shell">Shell</option>
|
|
961
963
|
</select>
|
|
962
964
|
</div>
|
|
963
965
|
</div>
|
|
@@ -1131,6 +1133,8 @@
|
|
|
1131
1133
|
cursorBlink: !isMobile,
|
|
1132
1134
|
fontSize: fontSize,
|
|
1133
1135
|
fontFamily: 'Menlo, Monaco, "Courier New", monospace',
|
|
1136
|
+
lineHeight: 1.15,
|
|
1137
|
+
letterSpacing: 0,
|
|
1134
1138
|
theme: {
|
|
1135
1139
|
background: '#0a0a0a',
|
|
1136
1140
|
foreground: '#d4d4d4',
|
|
@@ -1675,7 +1679,7 @@
|
|
|
1675
1679
|
currentMode = mode;
|
|
1676
1680
|
modeSelect.value = mode;
|
|
1677
1681
|
document.getElementById('mode-label').textContent = '';
|
|
1678
|
-
var label = mode === 'claude' ? 'Claude' : 'OpenCode';
|
|
1682
|
+
var label = mode === 'claude' ? 'Claude' : mode === 'shell' ? 'Shell' : 'OpenCode';
|
|
1679
1683
|
var initOv = document.getElementById('init-overlay');
|
|
1680
1684
|
initOv.textContent = '正在启动 ' + label + (sessionId ? '(恢复会话)' : '');
|
|
1681
1685
|
initOv.classList.add('visible');
|
|
@@ -1745,7 +1749,11 @@
|
|
|
1745
1749
|
else if (msg.type === 'exit') {
|
|
1746
1750
|
if (!isCreatingNewSession && !isTransitioning) {
|
|
1747
1751
|
throttledWrite('\r\n[进程已退出: ' + msg.exitCode + ']\r\n');
|
|
1748
|
-
|
|
1752
|
+
if (currentMode === 'shell') {
|
|
1753
|
+
throttledWrite('shell 已结束,切换上方下拉框可启动 Claude / OpenCode / Shell\r\n');
|
|
1754
|
+
} else {
|
|
1755
|
+
throttledWrite('按 Enter 键重新启动 ' + currentMode + '...\r\n');
|
|
1756
|
+
}
|
|
1749
1757
|
}
|
|
1750
1758
|
}
|
|
1751
1759
|
else if (msg.type === 'mode') {
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "claude-opencode-viewer",
|
|
3
|
-
"version": "2.6.
|
|
3
|
+
"version": "2.6.53",
|
|
4
4
|
"description": "A unified terminal viewer for Claude Code and OpenCode with seamless switching",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"main": "server.js",
|
|
@@ -8,6 +8,14 @@
|
|
|
8
8
|
"cov": "bin/cov.js",
|
|
9
9
|
"claude-opencode-viewer": "bin/cov.js"
|
|
10
10
|
},
|
|
11
|
+
"files": [
|
|
12
|
+
"bin/",
|
|
13
|
+
"server.js",
|
|
14
|
+
"index.html",
|
|
15
|
+
"index-pc.html",
|
|
16
|
+
"install.sh",
|
|
17
|
+
"README.md"
|
|
18
|
+
],
|
|
11
19
|
"scripts": {
|
|
12
20
|
"start": "node server.js",
|
|
13
21
|
"postinstall": "node -e \"console.log('\\n✅ claude-opencode-viewer 安装成功!\\n\\n使用方法:\\n - 全局启动:cov\\n - 或通过 npm 启动:npx cov\\n')\""
|
package/server.js
CHANGED
|
@@ -19,6 +19,7 @@ const IS_PC = process.argv.includes('--pc');
|
|
|
19
19
|
const PORT = parseInt(process.argv[2]) || 7008;
|
|
20
20
|
const USE_HTTPS = process.argv.includes('--https');
|
|
21
21
|
const JSON_OUTPUT = process.argv.includes('--json');
|
|
22
|
+
const INIT_SHELL = process.argv.includes('--shell');
|
|
22
23
|
const LOG = JSON_OUTPUT ? console.log.bind(console) : () => {};
|
|
23
24
|
|
|
24
25
|
// 自签名证书生成(使用 selfsigned 库,不依赖 openssl)
|
|
@@ -89,6 +90,7 @@ const execFileAsync = promisify(execFile);
|
|
|
89
90
|
let ptyModule = null;
|
|
90
91
|
let claudeProcess = null;
|
|
91
92
|
let opencodeProcess = null;
|
|
93
|
+
let shellProcess = null;
|
|
92
94
|
let currentProcess = null;
|
|
93
95
|
let outputBuffer = '';
|
|
94
96
|
const dataListeners = [];
|
|
@@ -241,6 +243,11 @@ async function spawnProcess(mode, sessionId = null) {
|
|
|
241
243
|
args.push('--resume', sessionId);
|
|
242
244
|
LOG(`[claude] 恢复会话: ${sessionId}`);
|
|
243
245
|
}
|
|
246
|
+
} else if (mode === 'shell') {
|
|
247
|
+
// 普通 shell 终端: 优先使用 $SHELL,回退到 zsh/bash
|
|
248
|
+
command = process.env.SHELL || (existsSync('/bin/zsh') ? '/bin/zsh' : '/bin/bash');
|
|
249
|
+
args = ['-l']; // 登录 shell,加载 PATH/alias
|
|
250
|
+
LOG(`[shell] 启动 shell: ${command} ${args.join(' ')}`);
|
|
244
251
|
} else {
|
|
245
252
|
const t2 = Date.now();
|
|
246
253
|
command = findCommand('opencode');
|
|
@@ -335,6 +342,9 @@ async function spawnProcess(mode, sessionId = null) {
|
|
|
335
342
|
if (opencodeProcess === proc) {
|
|
336
343
|
opencodeProcess = null;
|
|
337
344
|
}
|
|
345
|
+
if (shellProcess === proc) {
|
|
346
|
+
shellProcess = null;
|
|
347
|
+
}
|
|
338
348
|
// 已被替换的旧进程或切换中的进程,不通知前端
|
|
339
349
|
if (isSwitching || currentProcess !== null) return;
|
|
340
350
|
exitListeners.forEach(cb => cb(exitCode || 0));
|
|
@@ -349,6 +359,14 @@ async function spawnProcess(mode, sessionId = null) {
|
|
|
349
359
|
} catch {}
|
|
350
360
|
}
|
|
351
361
|
claudeProcess = proc;
|
|
362
|
+
} else if (mode === 'shell') {
|
|
363
|
+
if (shellProcess && shellProcess !== proc && shellProcess.pid) {
|
|
364
|
+
try {
|
|
365
|
+
LOG(`[spawnProcess] 清理旧 shell 进程 PID: ${shellProcess.pid}`);
|
|
366
|
+
killProcessTree(shellProcess);
|
|
367
|
+
} catch {}
|
|
368
|
+
}
|
|
369
|
+
shellProcess = proc;
|
|
352
370
|
} else {
|
|
353
371
|
if (opencodeProcess && opencodeProcess !== proc && opencodeProcess.pid) {
|
|
354
372
|
try {
|
|
@@ -369,7 +387,8 @@ async function spawnProcess(mode, sessionId = null) {
|
|
|
369
387
|
}
|
|
370
388
|
|
|
371
389
|
currentProcess = proc;
|
|
372
|
-
|
|
390
|
+
const modeLabel = mode === 'claude' ? 'Claude Code' : mode === 'shell' ? 'Shell' : 'OpenCode';
|
|
391
|
+
LOG(`[claude-opencode-viewer] ${modeLabel} 已启动 (PID: ${proc.pid})`);
|
|
373
392
|
return proc;
|
|
374
393
|
}
|
|
375
394
|
|
|
@@ -400,6 +419,14 @@ async function switchMode(newMode) {
|
|
|
400
419
|
LOG('[switchMode] 杀死 opencode 进程失败:', e.message);
|
|
401
420
|
}
|
|
402
421
|
opencodeProcess = null;
|
|
422
|
+
} else if (currentMode === 'shell' && shellProcess) {
|
|
423
|
+
try {
|
|
424
|
+
LOG(`[switchMode] 杀死 shell 进程 PID: ${shellProcess.pid}`);
|
|
425
|
+
killProcessTree(shellProcess);
|
|
426
|
+
} catch (e) {
|
|
427
|
+
LOG('[switchMode] 杀死 shell 进程失败:', e.message);
|
|
428
|
+
}
|
|
429
|
+
shellProcess = null;
|
|
403
430
|
}
|
|
404
431
|
currentProcess = null;
|
|
405
432
|
|
|
@@ -1232,7 +1259,8 @@ wssInst.on('connection', (ws, req) => {
|
|
|
1232
1259
|
if (msg.type === 'input') {
|
|
1233
1260
|
// 进程已退出时,自动重新启动(参考 cc-viewer 逻辑)
|
|
1234
1261
|
// 模式切换/新建会话期间不触发 respawn
|
|
1235
|
-
|
|
1262
|
+
// shell 模式不自动 respawn,避免用户输入 exit 后又被重新拉起
|
|
1263
|
+
if (!currentProcess && !isSwitching && currentMode !== 'shell') {
|
|
1236
1264
|
try {
|
|
1237
1265
|
LOG(`[respawn] 进程已退出,自动重新启动 ${currentMode}`);
|
|
1238
1266
|
outputBuffer = '';
|
|
@@ -1494,10 +1522,19 @@ function startServer() {
|
|
|
1494
1522
|
// 清理上次 cov 崩溃残留的孤儿进程
|
|
1495
1523
|
cleanupOrphanProcesses();
|
|
1496
1524
|
|
|
1497
|
-
|
|
1498
|
-
|
|
1499
|
-
|
|
1500
|
-
|
|
1525
|
+
if (INIT_SHELL) {
|
|
1526
|
+
// --shell 模式:启动时直接进入 shell,跳过启动对话框
|
|
1527
|
+
currentMode = 'shell';
|
|
1528
|
+
try {
|
|
1529
|
+
await spawnProcess('shell');
|
|
1530
|
+
LOG('[startup] Shell 已启动');
|
|
1531
|
+
} catch (e) {
|
|
1532
|
+
LOG('[startup] Shell 启动失败:', e.message);
|
|
1533
|
+
}
|
|
1534
|
+
} else {
|
|
1535
|
+
// 延迟启动:等待 PC 客户端发送 init 消息后再 spawn 进程
|
|
1536
|
+
LOG('[startup] 等待客户端连接并选择会话...');
|
|
1537
|
+
}
|
|
1501
1538
|
|
|
1502
1539
|
});
|
|
1503
1540
|
|
|
@@ -1,74 +0,0 @@
|
|
|
1
|
-
# Code Review Expert
|
|
2
|
-
|
|
3
|
-
A comprehensive code review skill for AI agents. Performs structured reviews with a senior engineer lens, covering architecture, security, performance, and code quality.
|
|
4
|
-
|
|
5
|
-
## Installation
|
|
6
|
-
|
|
7
|
-
```bash
|
|
8
|
-
npx skills add sanyuan0704/sanyuan-skills --path skills/code-review-expert
|
|
9
|
-
```
|
|
10
|
-
|
|
11
|
-
## Features
|
|
12
|
-
|
|
13
|
-
- **SOLID Principles** - Detect SRP, OCP, LSP, ISP, DIP violations
|
|
14
|
-
- **Security Scan** - XSS, injection, SSRF, race conditions, auth gaps, secrets leakage
|
|
15
|
-
- **Performance** - N+1 queries, CPU hotspots, missing cache, memory issues
|
|
16
|
-
- **Error Handling** - Swallowed exceptions, async errors, missing boundaries
|
|
17
|
-
- **Boundary Conditions** - Null handling, empty collections, off-by-one, numeric limits
|
|
18
|
-
- **Removal Planning** - Identify dead code with safe deletion plans
|
|
19
|
-
|
|
20
|
-
## Usage
|
|
21
|
-
|
|
22
|
-
After installation, simply run:
|
|
23
|
-
|
|
24
|
-
```
|
|
25
|
-
/code-review-expert
|
|
26
|
-
```
|
|
27
|
-
|
|
28
|
-
The skill will automatically review your current git changes.
|
|
29
|
-
|
|
30
|
-
## Workflow
|
|
31
|
-
|
|
32
|
-
1. **Preflight** - Scope changes via `git diff`
|
|
33
|
-
2. **SOLID + Architecture** - Check design principles
|
|
34
|
-
3. **Removal Candidates** - Find dead/unused code
|
|
35
|
-
4. **Security Scan** - Vulnerability detection
|
|
36
|
-
5. **Code Quality** - Error handling, performance, boundaries
|
|
37
|
-
6. **Output** - Findings by severity (P0-P3)
|
|
38
|
-
7. **Confirmation** - Ask user before implementing fixes
|
|
39
|
-
|
|
40
|
-
## Severity Levels
|
|
41
|
-
|
|
42
|
-
| Level | Name | Action |
|
|
43
|
-
|-------|------|--------|
|
|
44
|
-
| P0 | Critical | Must block merge |
|
|
45
|
-
| P1 | High | Should fix before merge |
|
|
46
|
-
| P2 | Medium | Fix or create follow-up |
|
|
47
|
-
| P3 | Low | Optional improvement |
|
|
48
|
-
|
|
49
|
-
## Structure
|
|
50
|
-
|
|
51
|
-
```
|
|
52
|
-
code-review-expert/
|
|
53
|
-
├── SKILL.md # Main skill definition
|
|
54
|
-
├── agents/
|
|
55
|
-
│ └── agent.yaml # Agent interface config
|
|
56
|
-
└── references/
|
|
57
|
-
├── solid-checklist.md # SOLID smell prompts
|
|
58
|
-
├── security-checklist.md # Security & reliability
|
|
59
|
-
├── code-quality-checklist.md # Error, perf, boundaries
|
|
60
|
-
└── removal-plan.md # Deletion planning template
|
|
61
|
-
```
|
|
62
|
-
|
|
63
|
-
## References
|
|
64
|
-
|
|
65
|
-
Each checklist provides detailed prompts and anti-patterns:
|
|
66
|
-
|
|
67
|
-
- **solid-checklist.md** - SOLID violations + common code smells
|
|
68
|
-
- **security-checklist.md** - OWASP risks, race conditions, crypto, supply chain
|
|
69
|
-
- **code-quality-checklist.md** - Error handling, caching, N+1, null safety
|
|
70
|
-
- **removal-plan.md** - Safe vs deferred deletion with rollback plans
|
|
71
|
-
|
|
72
|
-
## License
|
|
73
|
-
|
|
74
|
-
MIT
|
|
@@ -1,156 +0,0 @@
|
|
|
1
|
-
---
|
|
2
|
-
name: code-review-expert
|
|
3
|
-
description: "Expert code review of current git changes with a senior engineer lens. Detects SOLID violations, security risks, and proposes actionable improvements."
|
|
4
|
-
---
|
|
5
|
-
|
|
6
|
-
# Code Review Expert
|
|
7
|
-
|
|
8
|
-
## Overview
|
|
9
|
-
|
|
10
|
-
Perform a structured review of the current git changes with focus on SOLID, architecture, removal candidates, and security risks. Default to review-only output unless the user asks to implement changes.
|
|
11
|
-
|
|
12
|
-
## Severity Levels
|
|
13
|
-
|
|
14
|
-
| Level | Name | Description | Action |
|
|
15
|
-
|-------|------|-------------|--------|
|
|
16
|
-
| **P0** | Critical | Security vulnerability, data loss risk, correctness bug | Must block merge |
|
|
17
|
-
| **P1** | High | Logic error, significant SOLID violation, performance regression | Should fix before merge |
|
|
18
|
-
| **P2** | Medium | Code smell, maintainability concern, minor SOLID violation | Fix in this PR or create follow-up |
|
|
19
|
-
| **P3** | Low | Style, naming, minor suggestion | Optional improvement |
|
|
20
|
-
|
|
21
|
-
## Workflow
|
|
22
|
-
|
|
23
|
-
### 1) Preflight context
|
|
24
|
-
|
|
25
|
-
- Use `git status -sb`, `git diff --stat`, and `git diff` to scope changes.
|
|
26
|
-
- If needed, use `rg` or `grep` to find related modules, usages, and contracts.
|
|
27
|
-
- Identify entry points, ownership boundaries, and critical paths (auth, payments, data writes, network).
|
|
28
|
-
|
|
29
|
-
**Edge cases:**
|
|
30
|
-
- **No changes**: If `git diff` is empty, inform user and ask if they want to review staged changes or a specific commit range.
|
|
31
|
-
- **Large diff (>500 lines)**: Summarize by file first, then review in batches by module/feature area.
|
|
32
|
-
- **Mixed concerns**: Group findings by logical feature, not just file order.
|
|
33
|
-
|
|
34
|
-
### 2) SOLID + architecture smells
|
|
35
|
-
|
|
36
|
-
- Load `references/solid-checklist.md` for specific prompts.
|
|
37
|
-
- Look for:
|
|
38
|
-
- **SRP**: Overloaded modules with unrelated responsibilities.
|
|
39
|
-
- **OCP**: Frequent edits to add behavior instead of extension points.
|
|
40
|
-
- **LSP**: Subclasses that break expectations or require type checks.
|
|
41
|
-
- **ISP**: Wide interfaces with unused methods.
|
|
42
|
-
- **DIP**: High-level logic tied to low-level implementations.
|
|
43
|
-
- When you propose a refactor, explain *why* it improves cohesion/coupling and outline a minimal, safe split.
|
|
44
|
-
- If refactor is non-trivial, propose an incremental plan instead of a large rewrite.
|
|
45
|
-
|
|
46
|
-
### 3) Removal candidates + iteration plan
|
|
47
|
-
|
|
48
|
-
- Load `references/removal-plan.md` for template.
|
|
49
|
-
- Identify code that is unused, redundant, or feature-flagged off.
|
|
50
|
-
- Distinguish **safe delete now** vs **defer with plan**.
|
|
51
|
-
- Provide a follow-up plan with concrete steps and checkpoints (tests/metrics).
|
|
52
|
-
|
|
53
|
-
### 4) Security and reliability scan
|
|
54
|
-
|
|
55
|
-
- Load `references/security-checklist.md` for coverage.
|
|
56
|
-
- Check for:
|
|
57
|
-
- XSS, injection (SQL/NoSQL/command), SSRF, path traversal
|
|
58
|
-
- AuthZ/AuthN gaps, missing tenancy checks
|
|
59
|
-
- Secret leakage or API keys in logs/env/files
|
|
60
|
-
- Rate limits, unbounded loops, CPU/memory hotspots
|
|
61
|
-
- Unsafe deserialization, weak crypto, insecure defaults
|
|
62
|
-
- **Race conditions**: concurrent access, check-then-act, TOCTOU, missing locks
|
|
63
|
-
- Call out both **exploitability** and **impact**.
|
|
64
|
-
|
|
65
|
-
### 5) Code quality scan
|
|
66
|
-
|
|
67
|
-
- Load `references/code-quality-checklist.md` for coverage.
|
|
68
|
-
- Check for:
|
|
69
|
-
- **Error handling**: swallowed exceptions, overly broad catch, missing error handling, async errors
|
|
70
|
-
- **Performance**: N+1 queries, CPU-intensive ops in hot paths, missing cache, unbounded memory
|
|
71
|
-
- **Boundary conditions**: null/undefined handling, empty collections, numeric boundaries, off-by-one
|
|
72
|
-
- Flag issues that may cause silent failures or production incidents.
|
|
73
|
-
|
|
74
|
-
### 6) Output format
|
|
75
|
-
|
|
76
|
-
Structure your review as follows:
|
|
77
|
-
|
|
78
|
-
```markdown
|
|
79
|
-
## Code Review Summary
|
|
80
|
-
|
|
81
|
-
**Files reviewed**: X files, Y lines changed
|
|
82
|
-
**Overall assessment**: [APPROVE / REQUEST_CHANGES / COMMENT]
|
|
83
|
-
|
|
84
|
-
---
|
|
85
|
-
|
|
86
|
-
## Findings
|
|
87
|
-
|
|
88
|
-
### P0 - Critical
|
|
89
|
-
(none or list)
|
|
90
|
-
|
|
91
|
-
### P1 - High
|
|
92
|
-
1. **[file:line]** Brief title
|
|
93
|
-
- Description of issue
|
|
94
|
-
- Suggested fix
|
|
95
|
-
|
|
96
|
-
### P2 - Medium
|
|
97
|
-
2. (continue numbering across sections)
|
|
98
|
-
- ...
|
|
99
|
-
|
|
100
|
-
### P3 - Low
|
|
101
|
-
...
|
|
102
|
-
|
|
103
|
-
---
|
|
104
|
-
|
|
105
|
-
## Removal/Iteration Plan
|
|
106
|
-
(if applicable)
|
|
107
|
-
|
|
108
|
-
## Additional Suggestions
|
|
109
|
-
(optional improvements, not blocking)
|
|
110
|
-
```
|
|
111
|
-
|
|
112
|
-
**Inline comments**: Use this format for file-specific findings:
|
|
113
|
-
```
|
|
114
|
-
::code-comment{file="path/to/file.ts" line="42" severity="P1"}
|
|
115
|
-
Description of the issue and suggested fix.
|
|
116
|
-
::
|
|
117
|
-
```
|
|
118
|
-
|
|
119
|
-
**Clean review**: If no issues found, explicitly state:
|
|
120
|
-
- What was checked
|
|
121
|
-
- Any areas not covered (e.g., "Did not verify database migrations")
|
|
122
|
-
- Residual risks or recommended follow-up tests
|
|
123
|
-
|
|
124
|
-
### 7) Next steps confirmation
|
|
125
|
-
|
|
126
|
-
After presenting findings, ask user how to proceed:
|
|
127
|
-
|
|
128
|
-
```markdown
|
|
129
|
-
---
|
|
130
|
-
|
|
131
|
-
## Next Steps
|
|
132
|
-
|
|
133
|
-
I found X issues (P0: _, P1: _, P2: _, P3: _).
|
|
134
|
-
|
|
135
|
-
**How would you like to proceed?**
|
|
136
|
-
|
|
137
|
-
1. **Fix all** - I'll implement all suggested fixes
|
|
138
|
-
2. **Fix P0/P1 only** - Address critical and high priority issues
|
|
139
|
-
3. **Fix specific items** - Tell me which issues to fix
|
|
140
|
-
4. **No changes** - Review complete, no implementation needed
|
|
141
|
-
|
|
142
|
-
Please choose an option or provide specific instructions.
|
|
143
|
-
```
|
|
144
|
-
|
|
145
|
-
**Important**: Do NOT implement any changes until user explicitly confirms. This is a review-first workflow.
|
|
146
|
-
|
|
147
|
-
## Resources
|
|
148
|
-
|
|
149
|
-
### references/
|
|
150
|
-
|
|
151
|
-
| File | Purpose |
|
|
152
|
-
|------|---------|
|
|
153
|
-
| `solid-checklist.md` | SOLID smell prompts and refactor heuristics |
|
|
154
|
-
| `security-checklist.md` | Web/app security and runtime risk checklist |
|
|
155
|
-
| `code-quality-checklist.md` | Error handling, performance, boundary conditions |
|
|
156
|
-
| `removal-plan.md` | Template for deletion candidates and follow-up plan |
|
|
@@ -1,7 +0,0 @@
|
|
|
1
|
-
interface:
|
|
2
|
-
display_name: "Code Review Expert"
|
|
3
|
-
short_description: "Senior engineer code review: SOLID, security, performance, error handling"
|
|
4
|
-
default_prompt: "Review current git changes for SOLID violations, security risks, race conditions, error handling issues, performance problems, and boundary condition bugs."
|
|
5
|
-
|
|
6
|
-
# Agent-agnostic skill - works with any LLM provider.
|
|
7
|
-
# No provider-specific configuration required.
|
|
@@ -1,130 +0,0 @@
|
|
|
1
|
-
# Code Quality Checklist
|
|
2
|
-
|
|
3
|
-
## Error Handling
|
|
4
|
-
|
|
5
|
-
### Anti-patterns to Flag
|
|
6
|
-
|
|
7
|
-
- **Swallowed exceptions**: Empty catch blocks or catch with only logging
|
|
8
|
-
```javascript
|
|
9
|
-
try { ... } catch (e) { } // Silent failure
|
|
10
|
-
try { ... } catch (e) { console.log(e) } // Log and forget
|
|
11
|
-
```
|
|
12
|
-
- **Overly broad catch**: Catching `Exception`/`Error` base class instead of specific types
|
|
13
|
-
- **Error information leakage**: Stack traces or internal details exposed to users
|
|
14
|
-
- **Missing error handling**: No try-catch around fallible operations (I/O, network, parsing)
|
|
15
|
-
- **Async error handling**: Unhandled promise rejections, missing `.catch()`, no error boundary
|
|
16
|
-
|
|
17
|
-
### Best Practices to Check
|
|
18
|
-
|
|
19
|
-
- [ ] Errors are caught at appropriate boundaries
|
|
20
|
-
- [ ] Error messages are user-friendly (no internal details exposed)
|
|
21
|
-
- [ ] Errors are logged with sufficient context for debugging
|
|
22
|
-
- [ ] Async errors are properly propagated or handled
|
|
23
|
-
- [ ] Fallback behavior is defined for recoverable errors
|
|
24
|
-
- [ ] Critical errors trigger alerts/monitoring
|
|
25
|
-
|
|
26
|
-
### Questions to Ask
|
|
27
|
-
- "What happens when this operation fails?"
|
|
28
|
-
- "Will the caller know something went wrong?"
|
|
29
|
-
- "Is there enough context to debug this error?"
|
|
30
|
-
|
|
31
|
-
---
|
|
32
|
-
|
|
33
|
-
## Performance & Caching
|
|
34
|
-
|
|
35
|
-
### CPU-Intensive Operations
|
|
36
|
-
|
|
37
|
-
- **Expensive operations in hot paths**: Regex compilation, JSON parsing, crypto in loops
|
|
38
|
-
- **Blocking main thread**: Sync I/O, heavy computation without worker/async
|
|
39
|
-
- **Unnecessary recomputation**: Same calculation done multiple times
|
|
40
|
-
- **Missing memoization**: Pure functions called repeatedly with same inputs
|
|
41
|
-
|
|
42
|
-
### Database & I/O
|
|
43
|
-
|
|
44
|
-
- **N+1 queries**: Loop that makes a query per item instead of batch
|
|
45
|
-
```javascript
|
|
46
|
-
// Bad: N+1
|
|
47
|
-
for (const id of ids) {
|
|
48
|
-
const user = await db.query(`SELECT * FROM users WHERE id = ?`, id)
|
|
49
|
-
}
|
|
50
|
-
// Good: Batch
|
|
51
|
-
const users = await db.query(`SELECT * FROM users WHERE id IN (?)`, ids)
|
|
52
|
-
```
|
|
53
|
-
- **Missing indexes**: Queries on unindexed columns
|
|
54
|
-
- **Over-fetching**: SELECT * when only few columns needed
|
|
55
|
-
- **No pagination**: Loading entire dataset into memory
|
|
56
|
-
|
|
57
|
-
### Caching Issues
|
|
58
|
-
|
|
59
|
-
- **Missing cache for expensive operations**: Repeated API calls, DB queries, computations
|
|
60
|
-
- **Cache without TTL**: Stale data served indefinitely
|
|
61
|
-
- **Cache without invalidation strategy**: Data updated but cache not cleared
|
|
62
|
-
- **Cache key collisions**: Insufficient key uniqueness
|
|
63
|
-
- **Caching user-specific data globally**: Security/privacy issue
|
|
64
|
-
|
|
65
|
-
### Memory
|
|
66
|
-
|
|
67
|
-
- **Unbounded collections**: Arrays/maps that grow without limit
|
|
68
|
-
- **Large object retention**: Holding references preventing GC
|
|
69
|
-
- **String concatenation in loops**: Use StringBuilder/join instead
|
|
70
|
-
- **Loading large files entirely**: Use streaming instead
|
|
71
|
-
|
|
72
|
-
### Questions to Ask
|
|
73
|
-
- "What's the time complexity of this operation?"
|
|
74
|
-
- "How does this behave with 10x/100x data?"
|
|
75
|
-
- "Is this result cacheable? Should it be?"
|
|
76
|
-
- "Can this be batched instead of one-by-one?"
|
|
77
|
-
|
|
78
|
-
---
|
|
79
|
-
|
|
80
|
-
## Boundary Conditions
|
|
81
|
-
|
|
82
|
-
### Null/Undefined Handling
|
|
83
|
-
|
|
84
|
-
- **Missing null checks**: Accessing properties on potentially null objects
|
|
85
|
-
- **Truthy/falsy confusion**: `if (value)` when `0` or `""` are valid
|
|
86
|
-
- **Optional chaining overuse**: `a?.b?.c?.d` hiding structural issues
|
|
87
|
-
- **Null vs undefined inconsistency**: Mixed usage without clear convention
|
|
88
|
-
|
|
89
|
-
### Empty Collections
|
|
90
|
-
|
|
91
|
-
- **Empty array not handled**: Code assumes array has items
|
|
92
|
-
- **Empty object edge case**: `for...in` or `Object.keys` on empty object
|
|
93
|
-
- **First/last element access**: `arr[0]` or `arr[arr.length-1]` without length check
|
|
94
|
-
|
|
95
|
-
### Numeric Boundaries
|
|
96
|
-
|
|
97
|
-
- **Division by zero**: Missing check before division
|
|
98
|
-
- **Integer overflow**: Large numbers exceeding safe integer range
|
|
99
|
-
- **Floating point comparison**: Using `===` instead of epsilon comparison
|
|
100
|
-
- **Negative values**: Index or count that shouldn't be negative
|
|
101
|
-
- **Off-by-one errors**: Loop bounds, array slicing, pagination
|
|
102
|
-
|
|
103
|
-
### String Boundaries
|
|
104
|
-
|
|
105
|
-
- **Empty string**: Not handled as edge case
|
|
106
|
-
- **Whitespace-only string**: Passes truthy check but is effectively empty
|
|
107
|
-
- **Very long strings**: No length limits causing memory/display issues
|
|
108
|
-
- **Unicode edge cases**: Emoji, RTL text, combining characters
|
|
109
|
-
|
|
110
|
-
### Common Patterns to Flag
|
|
111
|
-
|
|
112
|
-
```javascript
|
|
113
|
-
// Dangerous: no null check
|
|
114
|
-
const name = user.profile.name
|
|
115
|
-
|
|
116
|
-
// Dangerous: array access without check
|
|
117
|
-
const first = items[0]
|
|
118
|
-
|
|
119
|
-
// Dangerous: division without check
|
|
120
|
-
const avg = total / count
|
|
121
|
-
|
|
122
|
-
// Dangerous: truthy check excludes valid values
|
|
123
|
-
if (value) { ... } // fails for 0, "", false
|
|
124
|
-
```
|
|
125
|
-
|
|
126
|
-
### Questions to Ask
|
|
127
|
-
- "What if this is null/undefined?"
|
|
128
|
-
- "What if this collection is empty?"
|
|
129
|
-
- "What's the valid range for this number?"
|
|
130
|
-
- "What happens at the boundaries (0, -1, MAX_INT)?"
|
|
@@ -1,52 +0,0 @@
|
|
|
1
|
-
# Removal and Iteration Plan Template
|
|
2
|
-
|
|
3
|
-
## Priority Levels
|
|
4
|
-
|
|
5
|
-
- [ ] **P0**: Immediate removal needed (security risk, significant cost, blocking other work)
|
|
6
|
-
- [ ] **P1**: Remove in current sprint
|
|
7
|
-
- [ ] **P2**: Backlog / next iteration
|
|
8
|
-
|
|
9
|
-
---
|
|
10
|
-
|
|
11
|
-
## Safe to Remove Now
|
|
12
|
-
|
|
13
|
-
### Item: [Name/Description]
|
|
14
|
-
|
|
15
|
-
| Field | Details |
|
|
16
|
-
|-------|---------|
|
|
17
|
-
| **Location** | `path/to/file.ts:line` |
|
|
18
|
-
| **Rationale** | Why this should be removed |
|
|
19
|
-
| **Evidence** | Unused (no references), dead feature flag, deprecated API |
|
|
20
|
-
| **Impact** | None / Low - no active consumers |
|
|
21
|
-
| **Deletion steps** | 1. Remove code 2. Remove tests 3. Remove config |
|
|
22
|
-
| **Verification** | Run tests, check no runtime errors, monitor logs |
|
|
23
|
-
|
|
24
|
-
---
|
|
25
|
-
|
|
26
|
-
## Defer Removal (Plan Required)
|
|
27
|
-
|
|
28
|
-
### Item: [Name/Description]
|
|
29
|
-
|
|
30
|
-
| Field | Details |
|
|
31
|
-
|-------|---------|
|
|
32
|
-
| **Location** | `path/to/file.ts:line` |
|
|
33
|
-
| **Why defer** | Active consumers, needs migration, stakeholder sign-off |
|
|
34
|
-
| **Preconditions** | Feature flag off for 2 weeks, telemetry shows 0 usage |
|
|
35
|
-
| **Breaking changes** | List any API/contract changes |
|
|
36
|
-
| **Migration plan** | Steps for consumers to migrate |
|
|
37
|
-
| **Timeline** | Target date or sprint |
|
|
38
|
-
| **Owner** | Person/team responsible |
|
|
39
|
-
| **Validation** | Metrics to confirm safe removal (error rates, usage counts) |
|
|
40
|
-
| **Rollback plan** | How to restore if issues found |
|
|
41
|
-
|
|
42
|
-
---
|
|
43
|
-
|
|
44
|
-
## Checklist Before Removal
|
|
45
|
-
|
|
46
|
-
- [ ] Searched codebase for all references (`rg`, `grep`)
|
|
47
|
-
- [ ] Checked for dynamic/reflection-based usage
|
|
48
|
-
- [ ] Verified no external consumers (APIs, SDKs, docs)
|
|
49
|
-
- [ ] Feature flag telemetry reviewed (if applicable)
|
|
50
|
-
- [ ] Tests updated/removed
|
|
51
|
-
- [ ] Documentation updated
|
|
52
|
-
- [ ] Team notified (if shared code)
|
|
@@ -1,118 +0,0 @@
|
|
|
1
|
-
# Security and Reliability Checklist
|
|
2
|
-
|
|
3
|
-
## Input/Output Safety
|
|
4
|
-
|
|
5
|
-
- **XSS**: Unsafe HTML injection, `dangerouslySetInnerHTML`, unescaped templates, innerHTML assignments
|
|
6
|
-
- **Injection**: SQL/NoSQL/command/GraphQL injection via string concatenation or template literals
|
|
7
|
-
- **SSRF**: User-controlled URLs reaching internal services without allowlist validation
|
|
8
|
-
- **Path traversal**: User input in file paths without sanitization (`../` attacks)
|
|
9
|
-
- **Prototype pollution**: Unsafe object merging in JavaScript (`Object.assign`, spread with user input)
|
|
10
|
-
|
|
11
|
-
## AuthN/AuthZ
|
|
12
|
-
|
|
13
|
-
- Missing tenant or ownership checks for read/write operations
|
|
14
|
-
- New endpoints without auth guards or RBAC enforcement
|
|
15
|
-
- Trusting client-provided roles/flags/IDs
|
|
16
|
-
- Broken access control (IDOR - Insecure Direct Object Reference)
|
|
17
|
-
- Session fixation or weak session management
|
|
18
|
-
|
|
19
|
-
## JWT & Token Security
|
|
20
|
-
|
|
21
|
-
- Algorithm confusion attacks (accepting `none` or `HS256` when expecting `RS256`)
|
|
22
|
-
- Weak or hardcoded secrets
|
|
23
|
-
- Missing expiration (`exp`) or not validating it
|
|
24
|
-
- Sensitive data in JWT payload (tokens are base64, not encrypted)
|
|
25
|
-
- Not validating `iss` (issuer) or `aud` (audience)
|
|
26
|
-
|
|
27
|
-
## Secrets and PII
|
|
28
|
-
|
|
29
|
-
- API keys, tokens, or credentials in code/config/logs
|
|
30
|
-
- Secrets in git history or environment variables exposed to client
|
|
31
|
-
- Excessive logging of PII or sensitive payloads
|
|
32
|
-
- Missing data masking in error messages
|
|
33
|
-
|
|
34
|
-
## Supply Chain & Dependencies
|
|
35
|
-
|
|
36
|
-
- Unpinned dependencies allowing malicious updates
|
|
37
|
-
- Dependency confusion (private package name collision)
|
|
38
|
-
- Importing from untrusted sources or CDNs without integrity checks
|
|
39
|
-
- Outdated dependencies with known CVEs
|
|
40
|
-
|
|
41
|
-
## CORS & Headers
|
|
42
|
-
|
|
43
|
-
- Overly permissive CORS (`Access-Control-Allow-Origin: *` with credentials)
|
|
44
|
-
- Missing security headers (CSP, X-Frame-Options, X-Content-Type-Options)
|
|
45
|
-
- Exposed internal headers or stack traces
|
|
46
|
-
|
|
47
|
-
## Runtime Risks
|
|
48
|
-
|
|
49
|
-
- Unbounded loops, recursive calls, or large in-memory buffers
|
|
50
|
-
- Missing timeouts, retries, or rate limiting on external calls
|
|
51
|
-
- Blocking operations on request path (sync I/O in async context)
|
|
52
|
-
- Resource exhaustion (file handles, connections, memory)
|
|
53
|
-
- ReDoS (Regular Expression Denial of Service)
|
|
54
|
-
|
|
55
|
-
## Cryptography
|
|
56
|
-
|
|
57
|
-
- Weak algorithms (MD5, SHA1 for security purposes)
|
|
58
|
-
- Hardcoded IVs or salts
|
|
59
|
-
- Using encryption without authentication (ECB mode, no HMAC)
|
|
60
|
-
- Insufficient key length
|
|
61
|
-
|
|
62
|
-
## Race Conditions
|
|
63
|
-
|
|
64
|
-
Race conditions are subtle bugs that cause intermittent failures and security vulnerabilities. Pay special attention to:
|
|
65
|
-
|
|
66
|
-
### Shared State Access
|
|
67
|
-
- Multiple threads/goroutines/async tasks accessing shared variables without synchronization
|
|
68
|
-
- Global state or singletons modified concurrently
|
|
69
|
-
- Lazy initialization without proper locking (double-checked locking issues)
|
|
70
|
-
- Non-thread-safe collections used in concurrent context
|
|
71
|
-
|
|
72
|
-
### Check-Then-Act (TOCTOU)
|
|
73
|
-
- `if (exists) then use` patterns without atomic operations
|
|
74
|
-
- `if (authorized) then perform` where authorization can change
|
|
75
|
-
- File existence check followed by file operation
|
|
76
|
-
- Balance check followed by deduction (financial operations)
|
|
77
|
-
- Inventory check followed by order placement
|
|
78
|
-
|
|
79
|
-
### Database Concurrency
|
|
80
|
-
- Missing optimistic locking (`version` column, `updated_at` checks)
|
|
81
|
-
- Missing pessimistic locking (`SELECT FOR UPDATE`)
|
|
82
|
-
- Read-modify-write without transaction isolation
|
|
83
|
-
- Counter increments without atomic operations (`UPDATE SET count = count + 1`)
|
|
84
|
-
- Unique constraint violations in concurrent inserts
|
|
85
|
-
|
|
86
|
-
### Distributed Systems
|
|
87
|
-
- Missing distributed locks for shared resources
|
|
88
|
-
- Leader election race conditions
|
|
89
|
-
- Cache invalidation races (stale reads after writes)
|
|
90
|
-
- Event ordering dependencies without proper sequencing
|
|
91
|
-
- Split-brain scenarios in cluster operations
|
|
92
|
-
|
|
93
|
-
### Common Patterns to Flag
|
|
94
|
-
```
|
|
95
|
-
# Dangerous patterns:
|
|
96
|
-
if not exists(key): # TOCTOU
|
|
97
|
-
create(key)
|
|
98
|
-
|
|
99
|
-
value = get(key) # Read-modify-write
|
|
100
|
-
value += 1
|
|
101
|
-
set(key, value)
|
|
102
|
-
|
|
103
|
-
if user.balance >= amount: # Check-then-act
|
|
104
|
-
user.balance -= amount
|
|
105
|
-
```
|
|
106
|
-
|
|
107
|
-
### Questions to Ask
|
|
108
|
-
- "What happens if two requests hit this code simultaneously?"
|
|
109
|
-
- "Is this operation atomic or can it be interrupted?"
|
|
110
|
-
- "What shared state does this code access?"
|
|
111
|
-
- "How does this behave under high concurrency?"
|
|
112
|
-
|
|
113
|
-
## Data Integrity
|
|
114
|
-
|
|
115
|
-
- Missing transactions, partial writes, or inconsistent state updates
|
|
116
|
-
- Weak validation before persistence (type coercion issues)
|
|
117
|
-
- Missing idempotency for retryable operations
|
|
118
|
-
- Lost updates due to concurrent modifications
|
|
@@ -1,65 +0,0 @@
|
|
|
1
|
-
# SOLID Smell Prompts
|
|
2
|
-
|
|
3
|
-
## SRP (Single Responsibility)
|
|
4
|
-
|
|
5
|
-
- File owns unrelated concerns (e.g., HTTP + DB + domain rules in one file)
|
|
6
|
-
- Large class/module with low cohesion or multiple reasons to change
|
|
7
|
-
- Functions that orchestrate many unrelated steps
|
|
8
|
-
- God objects that know too much about the system
|
|
9
|
-
- **Ask**: "What is the single reason this module would change?"
|
|
10
|
-
|
|
11
|
-
## OCP (Open/Closed)
|
|
12
|
-
|
|
13
|
-
- Adding a new behavior requires editing many switch/if blocks
|
|
14
|
-
- Feature growth requires modifying core logic rather than extending
|
|
15
|
-
- No plugin/strategy/hook points for variation
|
|
16
|
-
- **Ask**: "Can I add a new variant without touching existing code?"
|
|
17
|
-
|
|
18
|
-
## LSP (Liskov Substitution)
|
|
19
|
-
|
|
20
|
-
- Subclass checks for concrete type or throws for base method
|
|
21
|
-
- Overridden methods weaken preconditions or strengthen postconditions
|
|
22
|
-
- Subclass ignores or no-ops parent behavior
|
|
23
|
-
- **Ask**: "Can I substitute any subclass without the caller knowing?"
|
|
24
|
-
|
|
25
|
-
## ISP (Interface Segregation)
|
|
26
|
-
|
|
27
|
-
- Interfaces with many methods, most unused by implementers
|
|
28
|
-
- Callers depend on broad interfaces for narrow needs
|
|
29
|
-
- Empty/stub implementations of interface methods
|
|
30
|
-
- **Ask**: "Do all implementers use all methods?"
|
|
31
|
-
|
|
32
|
-
## DIP (Dependency Inversion)
|
|
33
|
-
|
|
34
|
-
- High-level logic depends on concrete IO, storage, or network types
|
|
35
|
-
- Hard-coded implementations instead of abstractions or injection
|
|
36
|
-
- Import chains that couple business logic to infrastructure
|
|
37
|
-
- **Ask**: "Can I swap the implementation without changing business logic?"
|
|
38
|
-
|
|
39
|
-
---
|
|
40
|
-
|
|
41
|
-
## Common Code Smells (Beyond SOLID)
|
|
42
|
-
|
|
43
|
-
| Smell | Signs |
|
|
44
|
-
|-------|-------|
|
|
45
|
-
| **Long method** | Function > 30 lines, multiple levels of nesting |
|
|
46
|
-
| **Feature envy** | Method uses more data from another class than its own |
|
|
47
|
-
| **Data clumps** | Same group of parameters passed together repeatedly |
|
|
48
|
-
| **Primitive obsession** | Using strings/numbers instead of domain types |
|
|
49
|
-
| **Shotgun surgery** | One change requires edits across many files |
|
|
50
|
-
| **Divergent change** | One file changes for many unrelated reasons |
|
|
51
|
-
| **Dead code** | Unreachable or never-called code |
|
|
52
|
-
| **Speculative generality** | Abstractions for hypothetical future needs |
|
|
53
|
-
| **Magic numbers/strings** | Hardcoded values without named constants |
|
|
54
|
-
|
|
55
|
-
---
|
|
56
|
-
|
|
57
|
-
## Refactor Heuristics
|
|
58
|
-
|
|
59
|
-
1. **Split by responsibility, not by size** - A small file can still violate SRP
|
|
60
|
-
2. **Introduce abstraction only when needed** - Wait for the second use case
|
|
61
|
-
3. **Keep refactors incremental** - Isolate behavior before moving
|
|
62
|
-
4. **Preserve behavior first** - Add tests before restructuring
|
|
63
|
-
5. **Name things by intent** - If naming is hard, the abstraction might be wrong
|
|
64
|
-
6. **Prefer composition over inheritance** - Inheritance creates tight coupling
|
|
65
|
-
7. **Make illegal states unrepresentable** - Use types to enforce invariants
|
|
@@ -1,18 +0,0 @@
|
|
|
1
|
-
{
|
|
2
|
-
"permissions": {
|
|
3
|
-
"allow": [
|
|
4
|
-
"Bash(npm start:*)",
|
|
5
|
-
"Bash(kill:*)",
|
|
6
|
-
"Bash(pkill:*)",
|
|
7
|
-
"Bash(node:*)",
|
|
8
|
-
"Bash(lsof -ti:7008)",
|
|
9
|
-
"Bash(sqlite3:*)",
|
|
10
|
-
"Bash(ps:*)",
|
|
11
|
-
"Bash(git add:*)",
|
|
12
|
-
"Bash(git commit -m ':*)",
|
|
13
|
-
"Bash(git push:*)",
|
|
14
|
-
"Bash(npm publish:*)",
|
|
15
|
-
"Bash(git commit:*)"
|
|
16
|
-
]
|
|
17
|
-
}
|
|
18
|
-
}
|
|
@@ -1,9 +0,0 @@
|
|
|
1
|
-
<?xml version="1.0" encoding="UTF-8"?>
|
|
2
|
-
<module type="JAVA_MODULE" version="4">
|
|
3
|
-
<component name="NewModuleRootManager" inherit-compiler-output="true">
|
|
4
|
-
<exclude-output />
|
|
5
|
-
<content url="file://$MODULE_DIR$" />
|
|
6
|
-
<orderEntry type="inheritedJdk" />
|
|
7
|
-
<orderEntry type="sourceFolder" forTests="false" />
|
|
8
|
-
</component>
|
|
9
|
-
</module>
|
package/.idea/modules.xml
DELETED
|
@@ -1,8 +0,0 @@
|
|
|
1
|
-
<?xml version="1.0" encoding="UTF-8"?>
|
|
2
|
-
<project version="4">
|
|
3
|
-
<component name="ProjectModuleManager">
|
|
4
|
-
<modules>
|
|
5
|
-
<module fileurl="file://$PROJECT_DIR$/.idea/claude_opencode_viewer.iml" filepath="$PROJECT_DIR$/.idea/claude_opencode_viewer.iml" />
|
|
6
|
-
</modules>
|
|
7
|
-
</component>
|
|
8
|
-
</project>
|
|
@@ -1,9 +0,0 @@
|
|
|
1
|
-
<?xml version="1.0" encoding="UTF-8"?>
|
|
2
|
-
<project version="4">
|
|
3
|
-
<component name="SmartFoxWorkToolsProjectState">
|
|
4
|
-
<option name="branch" value="fix/v2.1.0-keyboard" />
|
|
5
|
-
<option name="gitUrl" value="https://github.com/ChrisJason121238/claude-opencode-viewer.git" />
|
|
6
|
-
<option name="localBranch" value="fix/v2.1.0-keyboard" />
|
|
7
|
-
<option name="revision" value="e81a3afd4423f60c1d4f185dd4b16cf7ad1848cc" />
|
|
8
|
-
</component>
|
|
9
|
-
</project>
|
package/.idea/tdkConfig.xml
DELETED
package/.idea/vcs.xml
DELETED
package/skills-lock.json
DELETED
package/test-doc.md
DELETED
|
@@ -1,86 +0,0 @@
|
|
|
1
|
-
# Claude OpenCode Viewer 使用指南
|
|
2
|
-
|
|
3
|
-
## 简介
|
|
4
|
-
|
|
5
|
-
Claude OpenCode Viewer(COV)是一个统一的终端查看器,支持在浏览器中远程查看和操作 Claude Code 与 OpenCode 的终端会话。适用于需要在手机或其他设备上查看 AI 编程助手工作进度的场景。
|
|
6
|
-
|
|
7
|
-
## 安装
|
|
8
|
-
|
|
9
|
-
```bash
|
|
10
|
-
npm install -g claude-opencode-viewer
|
|
11
|
-
```
|
|
12
|
-
|
|
13
|
-
安装完成后,可以通过以下命令启动:
|
|
14
|
-
|
|
15
|
-
```bash
|
|
16
|
-
cov
|
|
17
|
-
```
|
|
18
|
-
|
|
19
|
-
默认监听端口 7008,PC 模式使用 `--pc` 参数启动。
|
|
20
|
-
|
|
21
|
-
## 功能特性
|
|
22
|
-
|
|
23
|
-
### 终端查看
|
|
24
|
-
|
|
25
|
-
支持实时查看终端输出,基于 xterm.js 实现完整的终端模拟,包括:
|
|
26
|
-
|
|
27
|
-
- 颜色渲染
|
|
28
|
-
- Unicode 字符支持
|
|
29
|
-
- WebGL 加速渲染
|
|
30
|
-
- 移动端触摸滚动
|
|
31
|
-
|
|
32
|
-
### 会话管理
|
|
33
|
-
|
|
34
|
-
可以管理多个会话,支持以下操作:
|
|
35
|
-
|
|
36
|
-
1. 查看历史会话列表
|
|
37
|
-
2. 恢复已有会话
|
|
38
|
-
3. 创建新会话
|
|
39
|
-
4. 在 Claude 和 OpenCode 之间切换
|
|
40
|
-
|
|
41
|
-
### Git 变更查看
|
|
42
|
-
|
|
43
|
-
集成了 Git 状态查看功能,可以直接在页面上查看:
|
|
44
|
-
|
|
45
|
-
| 状态 | 含义 | 颜色 |
|
|
46
|
-
|------|------|------|
|
|
47
|
-
| M | 已修改 | 橙色 |
|
|
48
|
-
| A | 新增 | 绿色 |
|
|
49
|
-
| D | 已删除 | 红色 |
|
|
50
|
-
| ?? | 未跟踪 | 灰色 |
|
|
51
|
-
|
|
52
|
-
### 文档浏览
|
|
53
|
-
|
|
54
|
-
支持浏览项目中的 Markdown 文档,自动扫描项目目录下的 `.md` 文件并以富文本格式展示。
|
|
55
|
-
|
|
56
|
-
## 配置说明
|
|
57
|
-
|
|
58
|
-
> 注意:以下配置需要在项目根目录下操作,确保 `PROJECT_DIR` 环境变量指向正确的项目路径。
|
|
59
|
-
|
|
60
|
-
常用环境变量:
|
|
61
|
-
|
|
62
|
-
- `PROJECT_DIR` — 指定项目工作目录
|
|
63
|
-
- `PORT` — 自定义端口号
|
|
64
|
-
- `COV_MODE` — 默认启动模式(claude / opencode)
|
|
65
|
-
|
|
66
|
-
## 常见问题
|
|
67
|
-
|
|
68
|
-
### 连接断开怎么办?
|
|
69
|
-
|
|
70
|
-
页面会自动显示重连提示并尝试重新连接。如果持续无法连接,请检查:
|
|
71
|
-
|
|
72
|
-
1. 服务进程是否仍在运行
|
|
73
|
-
2. 网络是否可达
|
|
74
|
-
3. 端口是否被占用
|
|
75
|
-
|
|
76
|
-
### 移动端键盘遮挡问题
|
|
77
|
-
|
|
78
|
-
在 iOS 设备上,系统会自动调整终端高度以适应键盘弹出。如果遇到显示异常,可以尝试旋转屏幕后再旋转回来。
|
|
79
|
-
|
|
80
|
-
## 更新日志
|
|
81
|
-
|
|
82
|
-
**v2.6.48** — 修复重连内容重复、模式切换黑屏问题
|
|
83
|
-
|
|
84
|
-
**v2.6.47** — 添加 PC 端重连覆盖层
|
|
85
|
-
|
|
86
|
-
**v2.6.46** — 移动端键盘交互优化
|