claude-remote-cli 3.6.0 → 3.7.0

package/dist/server/hooks.js

@@ -0,0 +1,196 @@
+import crypto from 'node:crypto';
+import { execFile } from 'node:child_process';
+import { promisify } from 'node:util';
+import { Router } from 'express';
+import express from 'express';
+import { stripAnsi, cleanEnv } from './utils.js';
+import { branchToDisplayName } from './git.js';
+import { writeMeta } from './config.js';
+const execFileAsync = promisify(execFile);
+// ---------------------------------------------------------------------------
+// Constants
+// ---------------------------------------------------------------------------
+const LOCALHOST_ADDRS = new Set(['127.0.0.1', '::1', '::ffff:127.0.0.1']);
+const DEFAULT_RENAME_PROMPT = 'Output ONLY a short kebab-case git branch name (no explanation, no backticks, no prefix, just the name) that describes this task:';
+const RENAME_RETRY_DELAY_MS = 5000;
+// ---------------------------------------------------------------------------
+// Helpers
+// ---------------------------------------------------------------------------
+function setAgentState(session, state, deps) {
+    session.agentState = state;
+    deps.fireStateChange(session.id, state);
+    session._lastHookTime = Date.now();
+}
+function extractToolDetail(_toolName, toolInput) {
+    if (toolInput && typeof toolInput === 'object') {
+        const input = toolInput;
+        if (typeof input.file_path === 'string')
+            return input.file_path;
+        if (typeof input.path === 'string')
+            return input.path;
+        if (typeof input.command === 'string')
+            return input.command.slice(0, 80);
+    }
+    return undefined;
+}
+async function spawnBranchRename(session, promptText, deps) {
+    const cleanedPrompt = stripAnsi(promptText).slice(0, 500);
+    const renamePrompt = session.branchRenamePrompt ?? DEFAULT_RENAME_PROMPT;
+    const fullPrompt = renamePrompt + '\n\n' + cleanedPrompt;
+    const env = cleanEnv();
+    for (let attempt = 0; attempt < 2; attempt++) {
+        // Check session still exists before attempting
+        if (!deps.getSession(session.id))
+            return;
+        if (attempt > 0) {
+            await new Promise((resolve) => setTimeout(resolve, RENAME_RETRY_DELAY_MS));
+            // Re-check after delay
+            if (!deps.getSession(session.id))
+                return;
+        }
+        try {
+            const { stdout } = await execFileAsync('claude', ['-p', '--model', 'haiku', fullPrompt], { cwd: session.cwd, timeout: 30000, env });
+            // Sanitize output
+            let branchName = stdout
+                .replace(/`/g, '')
+                .replace(/[^a-zA-Z0-9-]/g, '-')
+                .replace(/-+/g, '-')
+                .replace(/^-+|-+$/g, '')
+                .toLowerCase()
+                .slice(0, 60);
+            if (!branchName)
+                continue;
+            // Check session still exists before renaming
+            if (!deps.getSession(session.id))
+                return;
+            await execFileAsync('git', ['branch', '-m', branchName], { cwd: session.cwd });
+            session.branchName = branchName;
+            session.displayName = branchToDisplayName(branchName);
+            deps.broadcastEvent('session-renamed', {
+                sessionId: session.id,
+                branchName: session.branchName,
+                displayName: session.displayName,
+            });
+            if (deps.configPath) {
+                writeMeta(deps.configPath, {
+                    worktreePath: session.repoPath,
+                    displayName: session.displayName,
+                    lastActivity: session.lastActivity,
+                    branchName: session.branchName,
+                });
+            }
+            return; // success
+        }
+        catch (err) {
+            if (attempt === 1) {
+                console.error('[hooks] branch rename failed after 2 attempts:', err);
+                session.needsBranchRename = true;
+            }
+        }
+    }
+}
+// ---------------------------------------------------------------------------
+// Factory
+// ---------------------------------------------------------------------------
+export function createHooksRouter(deps) {
+    const router = Router();
+    // Middleware: IP allowlist — only localhost, do NOT trust X-Forwarded-For
+    router.use((req, res, next) => {
+        const remoteAddr = req.socket.remoteAddress;
+        if (!remoteAddr || !LOCALHOST_ADDRS.has(remoteAddr)) {
+            res.status(403).json({ error: 'Forbidden' });
+            return;
+        }
+        next();
+    });
+    // Middleware: parse JSON with generous limit for PostToolUse payloads
+    router.use(express.json({ limit: '5mb' }));
+    // Middleware: token verification
+    router.use((req, res, next) => {
+        const sessionId = req.query.sessionId;
+        const token = req.query.token;
+        if (typeof sessionId !== 'string' || !sessionId) {
+            res.status(400).json({ error: 'Missing sessionId' });
+            return;
+        }
+        if (typeof token !== 'string' || !token) {
+            res.status(400).json({ error: 'Missing token' });
+            return;
+        }
+        const session = deps.getSession(sessionId);
+        if (!session) {
+            res.status(404).json({ error: 'Session not found' });
+            return;
+        }
+        const tokenBuf = Buffer.from(token);
+        const hookTokenBuf = Buffer.from(session.hookToken);
+        if (tokenBuf.length !== hookTokenBuf.length || !crypto.timingSafeEqual(tokenBuf, hookTokenBuf)) {
+            res.status(403).json({ error: 'Invalid token' });
+            return;
+        }
+        req._hookSession = session;
+        next();
+    });
+    // ---------------------------------------------------------------------------
+    // Route handlers
+    // ---------------------------------------------------------------------------
+    // POST /stop → idle
+    router.post('/stop', (req, res) => {
+        const session = req._hookSession;
+        setAgentState(session, 'idle', deps);
+        res.json({ ok: true });
+    });
+    // POST /notification → permission-prompt | waiting-for-input
+    router.post('/notification', (req, res) => {
+        const session = req._hookSession;
+        const type = req.query.type;
+        if (type === 'permission_prompt') {
+            setAgentState(session, 'permission-prompt', deps);
+            session.lastAttentionNotifiedAt = Date.now();
+            deps.notifySessionAttention(session.id, { displayName: session.displayName, type: session.type });
+        }
+        else if (type === 'idle_prompt') {
+            setAgentState(session, 'waiting-for-input', deps);
+            session.lastAttentionNotifiedAt = Date.now();
+            deps.notifySessionAttention(session.id, { displayName: session.displayName, type: session.type });
+        }
+        res.json({ ok: true });
+    });
+    // POST /prompt-submit → processing (+ optional branch rename on first message)
+    router.post('/prompt-submit', (req, res) => {
+        const session = req._hookSession;
+        setAgentState(session, 'processing', deps);
+        if (session.needsBranchRename === true) {
+            session.needsBranchRename = false;
+            const promptText = typeof req.body?.prompt === 'string' ? req.body.prompt : '';
+            spawnBranchRename(session, promptText, deps).catch((err) => {
+                console.error('[hooks] spawnBranchRename error:', err);
+            });
+        }
+        res.json({ ok: true });
+    });
+    // POST /session-end → acknowledge hook (PTY onExit owns actual cleanup and cleanedUp flag)
+    router.post('/session-end', (_req, res) => {
+        // Acknowledge hook — PTY onExit owns actual cleanup and cleanedUp flag
+        res.json({ ok: true });
+    });
+    // POST /tool-use → set currentActivity
+    router.post('/tool-use', (req, res) => {
+        const session = req._hookSession;
+        const body = req.body;
+        const toolName = typeof body?.tool_name === 'string' ? body.tool_name : '';
+        const toolInput = body?.tool_input;
+        const detail = extractToolDetail(toolName, toolInput);
+        session.currentActivity = detail !== undefined ? { tool: toolName, detail } : { tool: toolName };
+        deps.broadcastEvent('session-activity-changed', { sessionId: session.id });
+        res.json({ ok: true });
+    });
+    // POST /tool-result → clear currentActivity
+    router.post('/tool-result', (req, res) => {
+        const session = req._hookSession;
+        session.currentActivity = undefined;
+        deps.broadcastEvent('session-activity-changed', { sessionId: session.id });
+        res.json({ ok: true });
+    });
+    return router;
+}

package/dist/server/index.js

@@ -20,7 +20,9 @@ import { listBranches, isBranchStale } from './git.js';
 import * as push from './push.js';
 import { initAnalytics, closeAnalytics, createAnalyticsRouter } from './analytics.js';
 import { createWorkspaceRouter } from './workspaces.js';
+import { createHooksRouter } from './hooks.js';
 import { MOUNTAIN_NAMES } from './types.js';
+import { semverLessThan } from './utils.js';
 const __filename = fileURLToPath(import.meta.url);
 const __dirname = path.dirname(__filename);
 const execFileAsync = promisify(execFile);
@@ -46,16 +48,6 @@ function getCurrentVersion() {
     const pkg = JSON.parse(fs.readFileSync(pkgPath, 'utf-8'));
     return pkg.version;
 }
-function semverLessThan(a, b) {
-    const parse = (v) => v.split('.').map(Number);
-    const [aMaj = 0, aMin = 0, aPat = 0] = parse(a);
-    const [bMaj = 0, bMin = 0, bPat = 0] = parse(b);
-    if (aMaj !== bMaj)
-        return aMaj < bMaj;
-    if (aMin !== bMin)
-        return aMin < bMin;
-    return aPat < bPat;
-}
 async function getLatestVersion() {
     const now = Date.now();
     if (versionCache && now - versionCache.fetchedAt < VERSION_CACHE_TTL) {
@@ -241,6 +233,17 @@ async function main() {
     watcher.rebuild(config.workspaces || []);
     const server = http.createServer(app);
     const { broadcastEvent } = setupWebSocket(server, authenticatedTokens, watcher, CONFIG_PATH);
+    // Configure session defaults for hooks injection
+    sessions.configure({ port: config.port, forceOutputParser: config.forceOutputParser ?? false });
+    // Mount hooks router BEFORE auth middleware — hook callbacks come from localhost Claude Code
+    const hooksRouter = createHooksRouter({
+        getSession: sessions.get,
+        broadcastEvent,
+        fireStateChange: sessions.fireStateChange,
+        notifySessionAttention: push.notifySessionIdle,
+        configPath: CONFIG_PATH,
+    });
+    app.use('/hooks', hooksRouter);
     // Mount workspace router
     const workspaceRouter = createWorkspaceRouter({ configPath: CONFIG_PATH });
     app.use('/workspaces', requireAuth, workspaceRouter);
@@ -253,11 +256,15 @@ async function main() {
     }
     // Populate session metadata cache in background (non-blocking)
     populateMetaCache().catch(() => { });
-    // Push notifications on session idle
+    // Push notifications on session idle (skip when hooks already sent attention notification)
     sessions.onIdleChange((sessionId, idle) => {
         if (idle) {
             const session = sessions.get(sessionId);
             if (session && session.type !== 'terminal') {
+                // Dedup: if hooks fired an attention notification within last 10s, skip
+                if (session.hooksActive && session.lastAttentionNotifiedAt && Date.now() - session.lastAttentionNotifiedAt < 10000) {
+                    return;
+                }
                 push.notifySessionIdle(sessionId, session);
             }
         }

package/dist/server/output-parsers/claude-parser.js

@@ -1,4 +1,4 @@
-// Strip ANSI escape sequences (CSI, OSC, charset, mode sequences)
+// Duplicated from utils.ts to preserve output-parsers/ module boundary
 const ANSI_RE = /\x1b\[[0-9;]*[a-zA-Z]|\x1b\][^\x07]*\x07|\x1b[()][AB012]|\x1b\[\?[0-9;]*[hlm]|\x1b\[[0-9]*[ABCDJKH]/g;
 /**
  * Claude Code output parser.

package/dist/server/pty-handler.js

@@ -1,4 +1,5 @@
 import pty from 'node-pty';
+import crypto from 'node:crypto';
 import fs from 'node:fs';
 import os from 'node:os';
 import path from 'node:path';
@@ -23,13 +24,54 @@ export function resolveTmuxSpawn(command, args, tmuxSessionName) {
         ],
     };
 }
+export function generateHooksSettings(sessionId, port, token) {
+    const dir = path.join(os.tmpdir(), 'claude-remote-cli', sessionId);
+    fs.mkdirSync(dir, { recursive: true, mode: 0o700 });
+    const filePath = path.join(dir, 'hooks-settings.json');
+    const base = `http://127.0.0.1:${port}`;
+    const q = `sessionId=${sessionId}&token=${token}`;
+    const settings = {
+        hooks: {
+            Stop: [{ hooks: [{ type: 'http', url: `${base}/hooks/stop?${q}`, timeout: 5 }] }],
+            Notification: [
+                { matcher: 'permission_prompt', hooks: [{ type: 'http', url: `${base}/hooks/notification?${q}&type=permission_prompt`, timeout: 5 }] },
+                { matcher: 'idle_prompt', hooks: [{ type: 'http', url: `${base}/hooks/notification?${q}&type=idle_prompt`, timeout: 5 }] },
+            ],
+            UserPromptSubmit: [{ hooks: [{ type: 'http', url: `${base}/hooks/prompt-submit?${q}`, timeout: 5 }] }],
+            SessionEnd: [{ hooks: [{ type: 'http', url: `${base}/hooks/session-end?${q}`, timeout: 5 }] }],
+            PreToolUse: [{ hooks: [{ type: 'http', url: `${base}/hooks/tool-use?${q}`, timeout: 5 }] }],
+            PostToolUse: [{ hooks: [{ type: 'http', url: `${base}/hooks/tool-result?${q}`, timeout: 5 }] }],
+        },
+    };
+    fs.writeFileSync(filePath, JSON.stringify(settings, null, 2), 'utf-8');
+    fs.chmodSync(filePath, 0o600);
+    return filePath;
+}
 export function createPtySession(params, sessionsMap, idleChangeCallbacks, stateChangeCallbacks = []) {
-    const { id, type, agent = 'claude', repoName, repoPath, cwd, root, worktreeName, branchName, displayName, command, args = [], cols = 80, rows = 24, configPath, useTmux: paramUseTmux, tmuxSessionName: paramTmuxSessionName, initialScrollback, restored: paramRestored, } = params;
+    const { id, type, agent = 'claude', repoName, repoPath, cwd, root, worktreeName, branchName, displayName, command, args: rawArgs = [], cols = 80, rows = 24, configPath, useTmux: paramUseTmux, tmuxSessionName: paramTmuxSessionName, initialScrollback, restored: paramRestored, port, forceOutputParser, } = params;
+    let args = rawArgs;
     const createdAt = new Date().toISOString();
     const resolvedCommand = command || AGENT_COMMANDS[agent];
     // Strip CLAUDECODE env var to allow spawning claude inside a claude-managed server
     const env = Object.assign({}, process.env);
     delete env.CLAUDECODE;
+    // Inject hooks settings when spawning a real claude agent (not custom command, not forceOutputParser)
+    let hookToken = '';
+    let hooksActive = false;
+    let settingsPath = '';
+    const shouldInjectHooks = agent === 'claude' && !command && !forceOutputParser && port !== undefined;
+    if (shouldInjectHooks) {
+        hookToken = crypto.randomBytes(32).toString('hex');
+        try {
+            settingsPath = generateHooksSettings(id, port, hookToken);
+            args = ['--settings', settingsPath, ...args];
+            hooksActive = true;
+        }
+        catch (err) {
+            console.warn(`[pty-handler] Failed to generate hooks settings for session ${id}:`, err);
+            hooksActive = false;
+        }
+    }
     const useTmux = !command && !!paramUseTmux;
     let spawnCommand = resolvedCommand;
     let spawnArgs = args;
@@ -78,6 +120,10 @@ export function createPtySession(params, sessionsMap, idleChangeCallbacks, state
         needsBranchRename: false,
         agentState: 'initializing',
         outputParser: parser,
+        hookToken,
+        hooksActive,
+        cleanedUp: false,
+        _lastHookTime: undefined,
     };
     sessionsMap.set(id, session);
     // Load existing metadata to preserve a previously-set displayName
@@ -129,14 +175,39 @@ export function createPtySession(params, sessionsMap, idleChangeCallbacks, state
             // Vendor-specific output parsing for semantic state detection
             const parseResult = session.outputParser.onData(data, scrollback.slice(-20));
             if (parseResult && parseResult.state !== session.agentState) {
-                session.agentState = parseResult.state;
-                for (const cb of stateChangeCallbacks)
-                    cb(session.id, parseResult.state);
+                if (session.hooksActive) {
+                    // Hooks are authoritative — check 30s reconciliation timeout
+                    const lastHook = session._lastHookTime;
+                    const sessionAge = Date.now() - new Date(session.createdAt).getTime();
+                    if (lastHook && Date.now() - lastHook > 30000) {
+                        // No hook for 30s and parser disagrees — parser overrides
+                        session.agentState = parseResult.state;
+                        for (const cb of stateChangeCallbacks)
+                            cb(session.id, parseResult.state);
+                    }
+                    else if (!lastHook && sessionAge > 30000) {
+                        // Hooks active but never fired in 30s — allow parser to override to prevent permanent suppression
+                        session.agentState = parseResult.state;
+                        for (const cb of stateChangeCallbacks)
+                            cb(session.id, parseResult.state);
+                    }
+                    // else: suppress parser — hooks are still fresh
+                }
+                else {
+                    // No hooks — parser is primary (current behavior)
+                    session.agentState = parseResult.state;
+                    for (const cb of stateChangeCallbacks)
+                        cb(session.id, parseResult.state);
+                }
             }
         });
         proc.onExit(() => {
             if (canRetry && (Date.now() - spawnTime) < 3000) {
-                const retryArgs = args.filter(a => !continueArgs.includes(a));
+                let retryArgs = rawArgs.filter(a => !continueArgs.includes(a));
+                // Re-inject hooks settings if active (settingsPath captured from outer scope)
+                if (session.hooksActive && settingsPath) {
+                    retryArgs = ['--settings', settingsPath, ...retryArgs];
+                }
                 const retryNotice = '\r\n[claude-remote-cli] --continue not available; starting new session...\r\n';
                 scrollback.length = 0;
                 scrollbackBytes = 0;
@@ -178,6 +249,9 @@ export function createPtySession(params, sessionsMap, idleChangeCallbacks, state
                 attachHandlers(retryPty, false);
                 return;
             }
+            if (session.cleanedUp)
+                return; // Dedup: SessionEnd hook already cleaned up
+            session.cleanedUp = true;
             if (restoredClearTimer)
                 clearTimeout(restoredClearTimer);
             // If PTY exited and this is a restored session, mark disconnected rather than delete

package/dist/server/sessions.js

@@ -13,6 +13,13 @@ const STALE_THRESHOLD_MS = 5 * 60 * 1000; // 5 minutes
 const sessions = new Map();
 // Session metadata cache: session ID or worktree path -> SessionMeta
 const metaCache = new Map();
+// Module-level defaults for hooks injection (set via configure())
+let defaultPort;
+let defaultForceOutputParser;
+function configure(opts) {
+    defaultPort = opts.port;
+    defaultForceOutputParser = opts.forceOutputParser;
+}
 let terminalCounter = 0;
 const idleChangeCallbacks = [];
 function onIdleChange(cb) {
@@ -30,7 +37,11 @@ function fireSessionEnd(sessionId, repoPath, branchName) {
     for (const cb of sessionEndCallbacks)
         cb(sessionId, repoPath, branchName);
 }
-function create({ id: providedId, type, agent = 'claude', repoName, repoPath, cwd, root, worktreeName, branchName, displayName, command, args = [], cols = 80, rows = 24, configPath, useTmux: paramUseTmux, tmuxSessionName: paramTmuxSessionName, initialScrollback, restored: paramRestored, needsBranchRename: paramNeedsBranchRename, branchRenamePrompt: paramBranchRenamePrompt }) {
+export function fireStateChange(sessionId, state) {
+    for (const cb of stateChangeCallbacks)
+        cb(sessionId, state);
+}
+function create({ id: providedId, type, agent = 'claude', repoName, repoPath, cwd, root, worktreeName, branchName, displayName, command, args = [], cols = 80, rows = 24, configPath, useTmux: paramUseTmux, tmuxSessionName: paramTmuxSessionName, initialScrollback, restored: paramRestored, needsBranchRename: paramNeedsBranchRename, branchRenamePrompt: paramBranchRenamePrompt, port, forceOutputParser }) {
     const id = providedId || crypto.randomBytes(8).toString('hex');
     // PTY path
     const ptyParams = {
@@ -53,6 +64,8 @@ function create({ id: providedId, type, agent = 'claude', repoName, repoPath, cw
         tmuxSessionName: paramTmuxSessionName,
         initialScrollback,
         restored: paramRestored,
+        port: port ?? defaultPort,
+        forceOutputParser: forceOutputParser ?? defaultForceOutputParser,
     };
     const { session: ptySession, result } = createPtySession(ptyParams, sessions, idleChangeCallbacks, stateChangeCallbacks);
     trackEvent({
@@ -101,6 +114,7 @@ function list() {
         status: s.status,
         needsBranchRename: !!s.needsBranchRename,
         agentState: s.agentState,
+        currentActivity: s.currentActivity,
     }))
         .sort((a, b) => b.lastActivity.localeCompare(a.lastActivity));
 }
@@ -374,4 +388,4 @@ async function populateMetaCache() {
 }
 // Re-export pty-handler utilities for backward compatibility
 export { generateTmuxSessionName, resolveTmuxSpawn } from './pty-handler.js';
-export { create, get, list, kill, killAllTmuxSessions, resize, updateDisplayName, write, onIdleChange, onStateChange, onSessionEnd, fireSessionEnd, findRepoSession, nextTerminalName, serializeAll, restoreFromDisk, activeTmuxSessionNames, getSessionMeta, getAllSessionMeta, populateMetaCache, AGENT_COMMANDS, AGENT_CONTINUE_ARGS, AGENT_YOLO_ARGS };
+export { configure, create, get, list, kill, killAllTmuxSessions, resize, updateDisplayName, write, onIdleChange, onStateChange, onSessionEnd, fireSessionEnd, findRepoSession, nextTerminalName, serializeAll, restoreFromDisk, activeTmuxSessionNames, getSessionMeta, getAllSessionMeta, populateMetaCache, AGENT_COMMANDS, AGENT_CONTINUE_ARGS, AGENT_YOLO_ARGS };

package/dist/server/utils.js

@@ -0,0 +1,22 @@
+// Strip ANSI escape sequences (CSI, OSC, charset, mode sequences)
+export const ANSI_RE = /\x1b\[[0-9;]*[a-zA-Z]|\x1b\][^\x07]*\x07|\x1b[()][AB012]|\x1b\[\?[0-9;]*[hlm]|\x1b\[[0-9]*[ABCDJKH]/g;
+export function stripAnsi(text) {
+    return text.replace(ANSI_RE, '');
+}
+export function semverLessThan(a, b) {
+    const parse = (v) => (v.split('-').at(0) ?? v).split('.').map(Number);
+    const pa = parse(a);
+    const pb = parse(b);
+    const aMaj = pa[0] ?? 0, aMin = pa[1] ?? 0, aPat = pa[2] ?? 0;
+    const bMaj = pb[0] ?? 0, bMin = pb[1] ?? 0, bPat = pb[2] ?? 0;
+    if (aMaj !== bMaj)
+        return aMaj < bMaj;
+    if (aMin !== bMin)
+        return aMin < bMin;
+    return aPat < bPat;
+}
+export function cleanEnv() {
+    const env = Object.assign({}, process.env);
+    delete env.CLAUDECODE;
+    return env;
+}

package/dist/server/ws.js

@@ -1,85 +1,6 @@
 import { WebSocketServer } from 'ws';
-import { execFile } from 'node:child_process';
-import { promisify } from 'node:util';
 import * as sessions from './sessions.js';
-import { writeMeta } from './config.js';
-import { branchToDisplayName } from './git.js';
 import { trackEvent } from './analytics.js';
-const execFileAsync = promisify(execFile);
-const BRANCH_POLL_INTERVAL_MS = 3000;
-const BRANCH_POLL_MAX_ATTEMPTS = 10;
-function startBranchWatcher(session, broadcastEvent, cfgPath) {
-    const originalBranch = session.branchName;
-    let attempts = 0;
-    const timer = setInterval(async () => {
-        attempts++;
-        if (attempts > BRANCH_POLL_MAX_ATTEMPTS) {
-            clearInterval(timer);
-            return;
-        }
-        try {
-            const { stdout } = await execFileAsync('git', ['rev-parse', '--abbrev-ref', 'HEAD'], { cwd: session.cwd });
-            const currentBranch = stdout.trim();
-            if (currentBranch && currentBranch !== originalBranch) {
-                clearInterval(timer);
-                const displayName = branchToDisplayName(currentBranch);
-                session.branchName = currentBranch;
-                session.displayName = displayName;
-                broadcastEvent('session-renamed', { sessionId: session.id, branchName: currentBranch, displayName });
-                writeMeta(cfgPath, {
-                    worktreePath: session.repoPath,
-                    displayName,
-                    lastActivity: new Date().toISOString(),
-                    branchName: currentBranch,
-                });
-            }
-        }
-        catch {
-            // git command failed — session cwd may not exist yet, retry
-        }
-    }, BRANCH_POLL_INTERVAL_MS);
-}
-/** Sideband branch rename: uses headless claude to generate a branch name from the first message */
-async function spawnBranchRename(session, firstMessage, cfgPath, broadcastEvent) {
-    try {
-        const cleanMessage = firstMessage.replace(/\x1b\[[0-9;]*[a-zA-Z]/g, '').replace(/[\x00-\x1f]/g, ' ').trim();
-        if (!cleanMessage)
-            return;
-        const basePrompt = session.branchRenamePrompt
-            ?? `Output ONLY a short kebab-case git branch name (no explanation, no backticks, no prefix, just the name) that describes this task:`;
-        const prompt = `${basePrompt}\n\n${cleanMessage.slice(0, 500)}`;
-        const { stdout } = await execFileAsync('claude', ['-p', '--model', 'haiku', prompt], {
-            cwd: session.cwd,
-            timeout: 30000,
-        });
-        const branchName = stdout.trim().replace(/`/g, '').replace(/[^a-z0-9-]/gi, '-').replace(/-+/g, '-').replace(/^-|-$/g, '').toLowerCase().slice(0, 60);
-        if (!branchName)
-            return;
-        await execFileAsync('git', ['branch', '-m', branchName], { cwd: session.cwd });
-        // Update session state
-        const displayName = branchToDisplayName(branchName);
-        session.branchName = branchName;
-        session.displayName = displayName;
-        broadcastEvent('session-renamed', {
-            sessionId: session.id,
-            branchName,
-            displayName,
-        });
-        if (cfgPath) {
-            writeMeta(cfgPath, {
-                worktreePath: session.repoPath,
-                displayName,
-                lastActivity: new Date().toISOString(),
-                branchName,
-            });
-        }
-    }
-    catch {
-        // Sideband rename is best-effort — fall back to branch watcher if claude CLI isn't available
-        if (cfgPath)
-            startBranchWatcher(session, broadcastEvent, cfgPath);
-    }
-}
 function parseCookies(cookieHeader) {
     const cookies = {};
     if (!cookieHeader)
@@ -94,7 +15,7 @@ function parseCookies(cookieHeader) {
     });
     return cookies;
 }
-function setupWebSocket(server, authenticatedTokens, watcher, configPath) {
+function setupWebSocket(server, authenticatedTokens, watcher, _configPath) {
     const wss = new WebSocketServer({ noServer: true });
     const eventClients = new Set();
     function broadcastEvent(type, data) {
@@ -185,30 +106,6 @@ function setupWebSocket(server, authenticatedTokens, watcher, configPath) {
                 }
             }
             catch (_) { }
-            // Sideband branch rename: capture first message, pass through unmodified, rename out-of-band
-            if (ptySession.needsBranchRename && ptySession.agentState !== 'waiting-for-input') {
-                ptySession.pty.write(str);
-                return;
-            }
-            if (ptySession.needsBranchRename) {
-                if (!ptySession._renameBuffer)
-                    ptySession._renameBuffer = '';
-                const enterIndex = str.indexOf('\r');
-                if (enterIndex === -1) {
-                    ptySession._renameBuffer += str;
-                    ptySession.pty.write(str); // pass through to PTY normally — user sees their typing
-                    return;
-                }
-                // Enter detected — pass everything through unmodified
-                const buffered = ptySession._renameBuffer;
-                const firstMessage = buffered + str.slice(0, enterIndex);
-                ptySession.pty.write(str); // pass through the Enter key
-                ptySession.needsBranchRename = false;
-                delete ptySession._renameBuffer;
-                // Sideband: spawn headless claude to generate branch name (async, non-blocking)
-                spawnBranchRename(ptySession, firstMessage, configPath, broadcastEvent);
-                return;
-            }
             // Use ptySession.pty dynamically so writes go to current PTY
             ptySession.pty.write(str);
         });

package/dist/test/hooks.test.js

@@ -0,0 +1,139 @@
+import { describe, it } from 'node:test';
+import assert from 'node:assert/strict';
+import { stripAnsi, semverLessThan, cleanEnv } from '../server/utils.js';
+import { onStateChange, fireStateChange } from '../server/sessions.js';
+describe('stripAnsi', () => {
+    it('strips CSI color sequences', () => {
+        assert.equal(stripAnsi('\x1b[32mhello\x1b[0m'), 'hello');
+    });
+    it('strips CSI bold/reset sequences', () => {
+        assert.equal(stripAnsi('\x1b[1mbold\x1b[0m'), 'bold');
+    });
+    it('strips OSC sequences', () => {
+        assert.equal(stripAnsi('\x1b]0;window title\x07plain'), 'plain');
+    });
+    it('strips cursor movement sequences', () => {
+        assert.equal(stripAnsi('\x1b[2Jhello'), 'hello');
+    });
+    it('preserves plain text', () => {
+        assert.equal(stripAnsi('hello world'), 'hello world');
+    });
+    it('handles empty string', () => {
+        assert.equal(stripAnsi(''), '');
+    });
+    it('strips multiple sequences in one string', () => {
+        assert.equal(stripAnsi('\x1b[32mfoo\x1b[0m and \x1b[1mbar\x1b[0m'), 'foo and bar');
+    });
+});
+describe('semverLessThan', () => {
+    it('returns true when major is lower', () => {
+        assert.equal(semverLessThan('1.0.0', '2.0.0'), true);
+    });
+    it('returns false when major is higher', () => {
+        assert.equal(semverLessThan('2.0.0', '1.0.0'), false);
+    });
+    it('returns true when patch is lower', () => {
+        assert.equal(semverLessThan('1.2.3', '1.2.4'), true);
+    });
+    it('returns false when patch is higher', () => {
+        assert.equal(semverLessThan('1.2.4', '1.2.3'), false);
+    });
+    it('returns false for equal versions', () => {
+        assert.equal(semverLessThan('1.0.0', '1.0.0'), false);
+    });
+    it('strips pre-release tag before comparing — 1.2.3-beta.1 vs 1.2.3 treated as equal', () => {
+        assert.equal(semverLessThan('1.2.3-beta.1', '1.2.3'), false);
+    });
+    it('strips pre-release tag before comparing — 1.2.3-beta.1 vs 1.3.0 treated as less than', () => {
+        assert.equal(semverLessThan('1.2.3-beta.1', '1.3.0'), true);
+    });
+    it('returns true when minor is lower', () => {
+        assert.equal(semverLessThan('1.1.0', '1.2.0'), true);
+    });
+    it('handles major version jumps', () => {
+        assert.equal(semverLessThan('1.9.9', '2.0.0'), true);
+    });
+});
+describe('cleanEnv', () => {
+    it('returns an object that does not contain CLAUDECODE', () => {
+        const originalValue = process.env.CLAUDECODE;
+        process.env.CLAUDECODE = 'some-value';
+        try {
+            const env = cleanEnv();
+            assert.equal(Object.prototype.hasOwnProperty.call(env, 'CLAUDECODE'), false);
+        }
+        finally {
+            if (originalValue === undefined) {
+                delete process.env.CLAUDECODE;
+            }
+            else {
+                process.env.CLAUDECODE = originalValue;
+            }
+        }
+    });
+    it('does not modify original process.env', () => {
+        const originalValue = process.env.CLAUDECODE;
+        process.env.CLAUDECODE = 'test-token';
+        try {
+            cleanEnv();
+            assert.equal(process.env.CLAUDECODE, 'test-token');
+        }
+        finally {
+            if (originalValue === undefined) {
+                delete process.env.CLAUDECODE;
+            }
+            else {
+                process.env.CLAUDECODE = originalValue;
+            }
+        }
+    });
+    it('returns a copy — mutations do not affect process.env', () => {
+        const env = cleanEnv();
+        const testKey = '__CRC_TEST_KEY__';
+        env[testKey] = 'injected';
+        assert.equal(process.env[testKey], undefined);
+    });
+    it('preserves other environment variables', () => {
+        const env = cleanEnv();
+        // PATH is virtually always set; verify it round-trips
+        if (process.env.PATH !== undefined) {
+            assert.equal(env.PATH, process.env.PATH);
+        }
+    });
+});
+describe('fireStateChange callbacks', () => {
+    it('calls a registered onStateChange callback with correct args', () => {
+        const received = [];
+        onStateChange((sessionId, state) => {
+            received.push({ sessionId, state });
+        });
+        fireStateChange('test-session-id', 'processing');
+        const match = received.find(e => e.sessionId === 'test-session-id' && e.state === 'processing');
+        assert.ok(match, 'callback should have been called with the expected sessionId and state');
+    });
+    it('fires multiple registered callbacks', () => {
+        let count = 0;
+        onStateChange(() => { count++; });
+        onStateChange(() => { count++; });
+        fireStateChange('multi-cb-session', 'idle');
+        assert.ok(count >= 2, 'both callbacks should have been invoked');
+    });
+    it('passes idle state to callback', () => {
+        let received;
+        onStateChange((_, state) => { received = state; });
+        fireStateChange('some-session', 'idle');
+        assert.equal(received, 'idle');
+    });
+    it('passes permission-prompt state to callback', () => {
+        let received;
+        onStateChange((_, state) => { received = state; });
+        fireStateChange('some-session', 'permission-prompt');
+        assert.equal(received, 'permission-prompt');
+    });
+    it('passes waiting-for-input state to callback', () => {
+        let received;
+        onStateChange((_, state) => { received = state; });
+        fireStateChange('some-session', 'waiting-for-input');
+        assert.equal(received, 'waiting-for-input');
+    });
+});

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "claude-remote-cli",
-  "version": "3.6.0",
+  "version": "3.7.0",
   "description": "Remote web interface for Claude Code CLI sessions",
   "type": "module",
   "main": "dist/server/index.js",