clay-server 2.40.0-beta.2 → 2.40.0-beta.4

package/lib/sdk-bridge.js

@@ -6,6 +6,7 @@ var execFileSync = require("child_process").execFileSync;
 var usersModule = require("./users");
 var { getCodexConfig } = require("./codex-defaults");
 var { splitShellSegments, attachSkillDiscovery } = require("./sdk-skill-discovery");
+var { isSafeBashSegment } = require("./safe-bash-commands");
 var { createMessageQueue } = require("./sdk-message-queue");
 var { attachMessageProcessor } = require("./sdk-message-processor");
 
@@ -516,61 +517,15 @@ function createSDKBridge(opts) {
     // Read/Glob/Grep built-in tools which are already auto-approved.
     if (toolName === "Bash" && input && input.command) {
       var cmd = input.command.trim();
-      var safeBashCommands = {
-        // Navigation (harmless on its own, checked in compound commands below)
-        cd: true, pushd: true, popd: true,
-        // File/dir inspection
-        ls: true, cat: true, head: true, tail: true, wc: true, file: true,
-        stat: true, find: true, tree: true, du: true, df: true,
-        readlink: true, realpath: true, basename: true, dirname: true,
-        // Search
-        grep: true, rg: true, ag: true, ack: true, fgrep: true, egrep: true,
-        // Lookup
-        which: true, type: true, whereis: true, command: true, hash: true,
-        // Environment/system info
-        echo: true, printf: true, env: true, printenv: true, pwd: true,
-        whoami: true, id: true, groups: true,
-        date: true, uname: true, hostname: true, uptime: true, arch: true,
-        nproc: true, free: true, lsb_release: true, sw_vers: true,
-        locale: true, timedatectl: true,
-        // Version checks (--version only, but first-word check is sufficient
-        // since these never take destructive subcommands as first arg)
-        git: true, node: true, npm: true, npx: true, python: true, python3: true, pip: true,
-        dotnet: true, ruby: true, java: true, javac: true,
-        rustc: true, cargo: true, gcc: true, clang: true, cmake: true,
-        go: true, deno: true, bun: true,
-        // Text processing (pure stdin/stdout, no side effects)
-        jq: true, yq: true, sort: true, uniq: true, cut: true, tr: true,
-        awk: true, sed: true, paste: true, column: true, fold: true,
-        rev: true, tac: true, nl: true, expand: true, unexpand: true,
-        fmt: true, pr: true, csplit: true, comm: true, join: true,
-        // Comparison/hashing
-        diff: true, cmp: true, md5sum: true, sha256sum: true, sha1sum: true,
-        shasum: true, cksum: true, sum: true, b2sum: true, base64: true,
-        xxd: true, od: true, hexdump: true,
-        // Misc read-only
-        test: true, true: true, false: true, seq: true, yes: true,
-        sleep: true, tee: true, xargs: true, time: true,
-        man: true, help: true, info: true, apropos: true,
-        cal: true, bc: true, expr: true, factor: true,
-        lsof: true, ps: true, top: true, htop: true, pgrep: true,
-        netstat: true, ss: true, ifconfig: true, ip: true, dig: true,
-        nslookup: true, host: true, ping: true, traceroute: true,
-        curl: true, wget: true, http: true,
-      };
       // Split compound commands on operators (&&, ||, ;, |) while respecting
-      // quoted strings and subshells so that e.g. grep -E "(a|b)" is not split
+      // quoted strings and subshells (so grep -E "(a|b)" is not split), then
+      // require every segment to pass the shared safe-command policy. The
+      // policy lives in safe-bash-commands.js so the TUI allow-list
+      // (claude-hook-installer.js) stays in lockstep with this path.
       var segments = splitShellSegments(cmd);
       var allSafe = true;
       for (var si = 0; si < segments.length; si++) {
-        var seg = segments[si].trim();
-        if (!seg) continue;
-        // Strip leading env assignments (FOO=bar cmd) and sudo
-        var firstWord = seg.replace(/^(?:\w+=\S*\s+)*/, "").split(/\s/)[0];
-        if (firstWord === "sudo") {
-          firstWord = seg.replace(/^(?:\w+=\S*\s+)*sudo\s+(?:-\S+\s+)*/, "").split(/\s/)[0];
-        }
-        if (!safeBashCommands[firstWord]) { allSafe = false; break; }
+        if (!isSafeBashSegment(segments[si])) { allSafe = false; break; }
       }
       if (allSafe) {
         return { behavior: "allow", updatedInput: input };

package/lib/sessions.js

@@ -581,7 +581,7 @@ function createSessionManager(opts) {
     var _capsByVendor = capabilitiesByVendor || {};
     var _sessionVendor = session.vendor || defaultVendor || "claude";
     var _vendorCaps = _capsByVendor[_sessionVendor] || {};
-    _send({ type: "session_switched", id: localId, cliSessionId: session.cliSessionId || null, loop: session.loop || null, vendor: session.vendor || null, hasHistory: (session.history && session.history.length > 0), capabilities: _vendorCaps, isProcessing: !!session.isProcessing, mode: session.mode || "gui", terminalId: typeof session.terminalId === "number" ? session.terminalId : null, runtimeMode: session.runtimeMode || null, runtimeTerminalId: typeof session.runtimeTerminalId === "number" ? session.runtimeTerminalId : null });
+    _send({ type: "session_switched", id: localId, cliSessionId: session.cliSessionId || null, loop: session.loop || null, vendor: session.vendor || null, hasHistory: (session.history && session.history.length > 0), capabilities: _vendorCaps, isProcessing: !!session.isProcessing, mode: session.mode || "gui", terminalId: typeof session.terminalId === "number" ? session.terminalId : null, runtimeMode: session.runtimeMode || null, runtimeTerminalId: typeof session.runtimeTerminalId === "number" ? session.runtimeTerminalId : null, tuiSuspended: !!session.tuiSuspended });
     // Send vendor-specific slash commands
     var _vendorCmds = slashCommandsByVendor[_sessionVendor] || slashCommands || [];
     _send({ type: "slash_commands", commands: _vendorCmds, vendor: _sessionVendor });

package/lib/terminal-manager.js

@@ -3,6 +3,13 @@ var { createTerminal } = require("./terminal");
 var MAX_TERMINALS = 10;
 var SCROLLBACK_MAX = 50 * 1024; // 50 KB per terminal
 
+// Idle reclaim: background `claude` TUI PTYs that nobody is viewing and that
+// have produced no output / received no input for this long are killed to
+// free system resources. Safe because TUI sessions resume on demand from
+// their on-disk transcript (lazy resume), so the conversation isn't lost.
+var TUI_IDLE_REAP_MS = 3 * 60 * 1000;   // 3 minutes
+var TUI_REAP_INTERVAL_MS = 60 * 1000;   // sweep cadence
+
 /**
  * Create a terminal manager for a project.
  * Manages persistent PTY sessions with scrollback buffering.
@@ -49,6 +56,7 @@ function createTerminalManager(opts) {
       rows: rows || 24,
       title: (opts && opts.title) || ("Terminal " + id),
       kind: (opts && opts.kind) || "shell",
+      lastActivityAt: Date.now(),
       exited: false,
       exitCode: null,
       subscribers: new Set(),
@@ -60,6 +68,7 @@ function createTerminalManager(opts) {
     pty.onData(function (data) {
       // Buffer scrollback with timestamps
       var ts = Date.now();
+      session.lastActivityAt = ts; // output counts as activity (don't reap a working claude)
       session.scrollback.push({ ts: ts, data: data });
       session.scrollbackSize += data.length;
       session.totalBytesWritten += data.length;
@@ -149,6 +158,7 @@ function createTerminalManager(opts) {
   function write(id, data) {
     var session = terminals.get(id);
     if (session && session.pty) {
+      session.lastActivityAt = Date.now(); // user input counts as activity
       session.pty.write(data);
     }
   }
@@ -225,7 +235,40 @@ function createTerminalManager(opts) {
     };
   }
 
+  // Periodic sweep: reclaim idle background TUI PTYs. A terminal is reaped
+  // only when it's a `tui-session`, has no live subscribers (nobody's viewing
+  // it), and has seen no input/output for TUI_IDLE_REAP_MS. The session is
+  // flagged reclaimed so its onExitHook keeps the Clay session record
+  // (lazy-resume re-spawns claude on demand) instead of deleting it.
+  function reapIdleTuiTerminals() {
+    var now = Date.now();
+    var toReap = [];
+    for (var session of terminals.values()) {
+      if (session.kind !== "tui-session" || session.exited || !session.pty) continue;
+      if (session.subscribers.size > 0) continue;
+      if (now - (session.lastActivityAt || 0) < TUI_IDLE_REAP_MS) continue;
+      toReap.push(session);
+    }
+    for (var i = 0; i < toReap.length; i++) {
+      toReap[i].reclaimed = true;
+      close(toReap[i].id); // pty.kill -> onExit -> onExitHook(session)
+    }
+  }
+
+  // Flag a terminal as reclaimed (PTY closed but the owning Clay session
+  // should be kept, not deleted). Used by idle reap and by an explicit
+  // user "Close" before close() so the onExitHook can tell the difference
+  // from a real /exit.
+  function markReclaimed(id) {
+    var session = terminals.get(id);
+    if (session) session.reclaimed = true;
+  }
+
+  var reapTimer = setInterval(reapIdleTuiTerminals, TUI_REAP_INTERVAL_MS);
+  if (reapTimer && typeof reapTimer.unref === "function") reapTimer.unref();
+
   function destroyAll() {
+    if (reapTimer) { clearInterval(reapTimer); reapTimer = null; }
     for (var session of terminals.values()) {
       // Shutdown teardown: pty.kill triggers pty.onExit asynchronously, and
       // that handler would normally invoke onExitHook (which for TUI
@@ -260,6 +303,7 @@ function createTerminalManager(opts) {
     getScrollback: getScrollback,
     destroyAll: destroyAll,
     has: has,
+    markReclaimed: markReclaimed,
   };
 }
 

package/lib/ws-schema.js

@@ -17,6 +17,8 @@ var schema = {
   // Session management
   // -----------------------------------------------------------------------
   "switch_session":           { direction: "c2s", handler: "lib/project-sessions.js", description: "Switch the active session by local ID" },
+  "resume_tui_session":       { direction: "c2s", handler: "lib/project-sessions.js", description: "Spawn the claude --resume PTY for a TUI session shown read-only (lazy resume)" },
+  "suspend_tui_session":      { direction: "c2s", handler: "lib/project-sessions.js", description: "Close a live TUI session's PTY now but keep it resumable (explicit Close)" },
   "new_session":              { direction: "c2s", handler: "lib/project-sessions.js", description: "Create a new blank session" },
   "delete_session":           { direction: "c2s", handler: "lib/project-sessions.js", description: "Delete a session by ID" },
   "rename_session":           { direction: "c2s", handler: "lib/project-sessions.js", description: "Rename a session" },

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "clay-server",
-  "version": "2.40.0-beta.2",
+  "version": "2.40.0-beta.4",
   "description": "Self-hosted team workspace for Claude Code and Codex. Multi-user, browser-based, with persistent AI mates.",
   "bin": {
     "clay-server": "./bin/cli.js",