code-abyss 1.6.15 → 1.6.16

package/bin/install.js

@@ -4,8 +4,16 @@ const fs = require('fs');
 const path = require('path');
 const os = require('os');
 
-const VERSION = require(path.join(__dirname, '..', 'package.json')).version;
+const pkg = require(path.join(__dirname, '..', 'package.json'));
+const VERSION = pkg.version;
 const HOME = os.homedir();
+
+// ── Node.js 版本检查 ──
+const MIN_NODE = pkg.engines?.node?.match(/(\d+)/)?.[1] || '18';
+if (parseInt(process.versions.node) < parseInt(MIN_NODE)) {
+  console.error(`\x1b[31m✘ 需要 Node.js >= ${MIN_NODE}，当前: ${process.versions.node}\x1b[0m`);
+  process.exit(1);
+}
 const SKIP = ['__pycache__', '.pyc', '.pyo', '.egg-info', '.DS_Store', 'Thumbs.db', '.git'];
 const PKG_ROOT = fs.realpathSync(path.join(__dirname, '..'));
 
@@ -209,6 +217,10 @@ function runUninstall(tgt) {
   if (!fs.existsSync(manifestPath)) { fail(`未找到安装记录: ${manifestPath}`); process.exit(1); }
 
   const manifest = JSON.parse(fs.readFileSync(manifestPath, 'utf8'));
+  if (manifest.manifest_version && manifest.manifest_version > 1) {
+    fail(`manifest 版本 ${manifest.manifest_version} 不兼容，请升级 code-abyss 后再卸载`);
+    process.exit(1);
+  }
   divider(`卸载 Code Abyss v${manifest.version}`);
 
   (manifest.installed || []).forEach(f => {
@@ -245,7 +257,7 @@ function installCore(tgt) {
     { src: 'skills', dest: 'skills' }
   ].filter(f => f.dest !== null);
 
-  const manifest = { version: VERSION, target: tgt, timestamp: new Date().toISOString(), installed: [], backups: [] };
+  const manifest = { manifest_version: 1, version: VERSION, target: tgt, timestamp: new Date().toISOString(), installed: [], backups: [] };
 
   filesToInstall.forEach(({ src, dest }) => {
     const srcPath = path.join(PKG_ROOT, src);
@@ -349,6 +361,7 @@ async function installCcline(ctx) {
   const { execSync } = require('child_process');
   const cclineDir = path.join(HOME, '.claude', 'ccline');
   const cclineBin = path.join(cclineDir, process.platform === 'win32' ? 'ccline.exe' : 'ccline');
+  const errors = [];
 
   // 1. 检测是否已有二进制
   let hasBin = fs.existsSync(cclineBin);
@@ -366,8 +379,9 @@ async function installCcline(ctx) {
       else {
         try { execSync('ccline --version', { stdio: 'pipe' }); hasBin = true; ok('ccline 安装成功 (全局)'); } catch (e) {}
       }
+      if (!hasBin) errors.push('ccline 二进制安装后仍未检测到');
     } catch (e) {
-      warn('npm install -g @cometix/ccline 失败');
+      errors.push(`npm install -g @cometix/ccline 失败: ${e.message}`);
       info(`手动安装: ${c.cyn('npm install -g @cometix/ccline')}`);
       info(`或下载: ${c.cyn('https://github.com/Haleclipse/CCometixLine/releases')}`);
     }
@@ -392,7 +406,7 @@ async function installCcline(ctx) {
     // 无打包配置，回退到 ccline --init
     if (hasBin && !fs.existsSync(targetConfig)) {
       try { execSync('ccline --init', { stdio: 'inherit' }); ok('ccline 默认配置已生成'); }
-      catch (e) { warn('ccline --init 失败，可手动运行'); }
+      catch (e) { errors.push(`ccline --init 失败: ${e.message}`); }
     }
   }
 
@@ -401,6 +415,13 @@ async function installCcline(ctx) {
   ok(`statusLine → ${c.cyn(CCLINE_STATUS_LINE.statusLine.command)}`);
   fs.writeFileSync(ctx.settingsPath, JSON.stringify(ctx.settings, null, 2) + '\n');
 
+  // 5. 汇总报告
+  if (errors.length > 0) {
+    console.log('');
+    warn(c.b(`ccline 安装有 ${errors.length} 个问题:`));
+    errors.forEach(e => fail(`  ${e}`));
+  }
+
   console.log('');
   warn(`需要 ${c.b('Nerd Font')} 字体才能正确显示图标`);
   info(`推荐: FiraCode Nerd Font / JetBrainsMono Nerd Font`);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "code-abyss",
-  "version": "1.6.15",
+  "version": "1.6.16",
   "description": "邪修红尘仙·宿命深渊 - 一键为 Claude Code / Codex CLI 注入邪修人格与安全工程知识体系",
   "keywords": [
     "claude",

package/skills/run_skill.py

@@ -16,9 +16,17 @@ Skills 运行入口
 
 import sys
 import subprocess
+import hashlib
+import tempfile
 from pathlib import Path
 import os
 
+IS_WIN = sys.platform == 'win32'
+if IS_WIN:
+    import msvcrt
+else:
+    import fcntl
+
 
 def get_skills_dir() -> Path:
     """获取 skills 目录路径（跨平台）"""
@@ -28,32 +36,84 @@ def get_skills_dir() -> Path:
     return Path(__file__).resolve().parent
 
 
+def discover_skills(skills_dir: Path) -> dict:
+    """自动发现 tools/ 下所有 skill（按目录结构扫描）"""
+    found = {}
+    tools_dir = skills_dir / "tools"
+    if not tools_dir.is_dir():
+        return found
+    for skill_dir in sorted(tools_dir.iterdir()):
+        if not skill_dir.is_dir():
+            continue
+        scripts_dir = skill_dir / "scripts"
+        if not scripts_dir.is_dir():
+            continue
+        py_files = list(scripts_dir.glob("*.py"))
+        if py_files:
+            found[skill_dir.name] = py_files[0]
+    return found
+
+
 def get_script_path(skill_name: str) -> Path:
     """获取 skill 脚本路径"""
     skills_dir = get_skills_dir()
+    available = discover_skills(skills_dir)
 
-    script_map = {
-        "verify-module": ("tools", "module_scanner.py"),
-        "verify-security": ("tools", "security_scanner.py"),
-        "verify-change": ("tools", "change_analyzer.py"),
-        "verify-quality": ("tools", "quality_checker.py"),
-        "gen-docs": ("tools", "doc_generator.py"),
-    }
-
-    if skill_name not in script_map:
-        available = ", ".join(script_map.keys())
+    if skill_name not in available:
+        names = ", ".join(available.keys()) if available else "(无)"
         print(f"错误: 未知的 skill '{skill_name}'")
-        print(f"可用的 skills: {available}")
+        print(f"可用的 skills: {names}")
         sys.exit(1)
 
-    category, script_name = script_map[skill_name]
-    script_path = skills_dir / category / skill_name / "scripts" / script_name
-
-    if not script_path.exists():
-        print(f"错误: 脚本不存在 {script_path}")
-        sys.exit(1)
-
-    return script_path
+    return available[skill_name]
+
+
+def acquire_target_lock(args: list):
+    """按目标路径获取文件锁，同路径串行，不同路径并行。返回 (lock_fd, lock_path) 或 (None, None)"""
+    # 从参数中提取目标路径（第一个非 flag 参数）
+    target = None
+    for a in args:
+        if not a.startswith('-'):
+            target = a
+            break
+    if not target:
+        target = os.getcwd()
+
+    target = str(Path(target).resolve())
+    lock_name = "sage_skill_" + hashlib.md5(target.encode()).hexdigest()[:12] + ".lock"
+    lock_path = Path(tempfile.gettempdir()) / lock_name
+
+    fd = open(lock_path, 'w')
+    if IS_WIN:
+        import time
+        for _ in range(300):  # 最多等 30s
+            try:
+                msvcrt.locking(fd.fileno(), msvcrt.LK_NBLCK, 1)
+                return fd, lock_path
+            except OSError:
+                time.sleep(0.1)
+        print(f"⏳ 等待锁超时: {target}")
+        msvcrt.locking(fd.fileno(), msvcrt.LK_LOCK, 1)
+    else:
+        try:
+            fcntl.flock(fd, fcntl.LOCK_EX | fcntl.LOCK_NB)
+        except OSError:
+            print(f"⏳ 等待锁释放: {target}")
+            fcntl.flock(fd, fcntl.LOCK_EX)  # 阻塞等待
+    return fd, lock_path
+
+
+def release_lock(fd):
+    """释放文件锁"""
+    if not fd:
+        return
+    try:
+        if IS_WIN:
+            msvcrt.locking(fd.fileno(), msvcrt.LK_UNLCK, 1)
+        else:
+            fcntl.flock(fd, fcntl.LOCK_UN)
+    finally:
+        fd.close()
 
 
 def main():
@@ -70,6 +130,9 @@ def main():
     script_path = get_script_path(skill_name)
     args = sys.argv[2:]
 
+    # 按目标路径加锁，防止多 Agent 同时操作同一目录
+    lock_fd, lock_path = acquire_target_lock(args)
+
     # 使用 sys.executable 确保使用当前 Python 解释器
     cmd = [sys.executable, str(script_path)] + args
 
@@ -82,6 +145,8 @@ def main():
     except Exception as e:
         print(f"执行错误: {e}")
         sys.exit(1)
+    finally:
+        release_lock(lock_fd)
 
 
 if __name__ == "__main__":

package/skills/tools/gen-docs/scripts/doc_generator.py

@@ -5,6 +5,7 @@
 """
 
 import os
+import re
 import sys
 import json
 import ast
@@ -125,13 +126,41 @@ def analyze_module(path: Path) -> ModuleInfo:
     if language == 'Python':
         return analyze_python_module(path)
 
-    # 通用分析
+    # 通用分析（regex fallback 提取函数/类）
     info = ModuleInfo(name=path.name, path=str(path), language=language)
 
+    lang_patterns = {
+        'Go':         (r'^\s*func\s+(\w+)', r'^\s*type\s+(\w+)\s+struct\b'),
+        'Rust':       (r'^\s*(?:pub\s+)?fn\s+(\w+)', r'^\s*(?:pub\s+)?struct\s+(\w+)'),
+        'TypeScript': (r'^\s*(?:export\s+)?(?:async\s+)?function\s+(\w+)', r'^\s*(?:export\s+)?class\s+(\w+)'),
+        'JavaScript': (r'^\s*(?:export\s+)?(?:async\s+)?function\s+(\w+)', r'^\s*(?:export\s+)?class\s+(\w+)'),
+        'Java':       (r'^\s*(?:public|private|protected)?\s*(?:static\s+)?\w+\s+(\w+)\s*\(', r'^\s*(?:public\s+)?class\s+(\w+)'),
+        'C++':        (r'^\s*(?:\w+\s+)+(\w+)\s*\([^;]*$', r'^\s*class\s+(\w+)'),
+        'C':          (r'^\s*(?:\w+\s+)+(\w+)\s*\([^;]*$', None),
+    }
+
     code_extensions = {'.py', '.go', '.rs', '.ts', '.js', '.java', '.c', '.cpp'}
+    func_pat, cls_pat = lang_patterns.get(language, (None, None))
+
     for f in path.rglob('*'):
         if f.is_file() and f.suffix.lower() in code_extensions:
-            info.files.append(str(f.relative_to(path)))
+            rel = str(f.relative_to(path))
+            info.files.append(rel)
+
+            if func_pat or cls_pat:
+                try:
+                    content = f.read_text(encoding='utf-8', errors='ignore')
+                    for line in content.split('\n'):
+                        if func_pat:
+                            m = re.match(func_pat, line)
+                            if m and not m.group(1).startswith('_'):
+                                info.functions.append({"name": m.group(1), "file": rel, "doc": ""})
+                        if cls_pat:
+                            m = re.match(cls_pat, line)
+                            if m and not m.group(1).startswith('_'):
+                                info.classes.append({"name": m.group(1), "file": rel, "doc": ""})
+                except Exception:
+                    continue
 
     return info
 

package/skills/tools/verify-security/scripts/security_scanner.py

@@ -95,7 +95,8 @@ SECURITY_RULES = [
         "id": "HARDCODED_SECRET",
         "category": "敏感信息",
         "severity": Severity.HIGH,
-        "pattern": r'(password|passwd|pwd|secret|api_key|apikey|token|auth)\s*=\s*["\'][^"\']{8,}["\']',
+        "pattern": r'(?<!\w)(password|passwd|pwd|secret|api_key|apikey|token|auth_token)\s*=\s*["\'][^"\']{8,}["\']',
+        "exclude_pattern": r'(example|placeholder|changeme|xxx|your[_-]|TODO|FIXME|<.*>|\*{3,})',
         "extensions": [".py", ".js", ".ts", ".go", ".java", ".php", ".rb", ".yaml", ".yml", ".json", ".env"],
         "message": "可能存在硬编码密钥/密码",
         "recommendation": "使用环境变量或密钥管理服务"
@@ -245,6 +246,11 @@ def scan_file(file_path: Path, rules: List[Dict]) -> List[Finding]:
                 continue
 
             if pattern.search(line):
+                # 排除已知安全模式（如 placeholder、example）
+                exclude = rule.get("exclude_pattern")
+                if exclude and re.search(exclude, line, re.IGNORECASE):
+                    continue
+
                 findings.append(Finding(
                     severity=rule["severity"],
                     category=rule["category"],