npm - coding-tool-x - Versions diffs - 3.3.8 → 3.4.0 - Mend

coding-tool-x 3.3.8 → 3.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (79) hide show

package/CHANGELOG.md +17 -2
package/README.md +253 -326
package/dist/web/assets/{Analytics-DLpoDZ2M.js → Analytics-DEjfL5Jx.js} +4 -4
package/dist/web/assets/Analytics-RNn1BUbG.css +1 -0
package/dist/web/assets/{ConfigTemplates-D_hRb55W.js → ConfigTemplates-DkRL_-tf.js} +1 -1
package/dist/web/assets/Home-BQxQ1LhR.css +1 -0
package/dist/web/assets/Home-CF-L640I.js +1 -0
package/dist/web/assets/{PluginManager-JXsyym1s.js → PluginManager-BzNYTdNB.js} +1 -1
package/dist/web/assets/{ProjectList-DZWSeb-q.js → ProjectList-C0-JgHMM.js} +1 -1
package/dist/web/assets/{SessionList-Cs624DR3.js → SessionList-CkZUdX5N.js} +1 -1
package/dist/web/assets/{SkillManager-bEliz7qz.js → SkillManager-Cak0-4d4.js} +1 -1
package/dist/web/assets/{WorkspaceManager-J3RecFGn.js → WorkspaceManager-CGDJzwEr.js} +1 -1
package/dist/web/assets/{icons-Cuc23WS7.js → icons-B5Pl4lrD.js} +1 -1
package/dist/web/assets/index-D_WItvHE.js +2 -0
package/dist/web/assets/index-Dz7v9OM0.css +1 -0
package/dist/web/assets/{markdown-C9MYpaSi.js → markdown-DyTJGI4N.js} +1 -1
package/dist/web/assets/{naive-ui-CxpuzdjU.js → naive-ui-Bdxp09n2.js} +1 -1
package/dist/web/assets/{vendors-DMjSfzlv.js → vendors-CKPV1OAU.js} +2 -2
package/dist/web/assets/{vue-vendor-DET08QYg.js → vue-vendor-3bf-fPGP.js} +1 -1
package/dist/web/index.html +7 -7
package/docs/home.png +0 -0
package/package.json +13 -5
package/src/commands/daemon.js +3 -2
package/src/commands/security.js +1 -2
package/src/config/paths.js +638 -93
package/src/server/api/agents.js +1 -1
package/src/server/api/claude-hooks.js +13 -8
package/src/server/api/codex-proxy.js +5 -4
package/src/server/api/hooks.js +45 -0
package/src/server/api/plugins.js +0 -1
package/src/server/api/statistics.js +4 -4
package/src/server/api/ui-config.js +5 -0
package/src/server/api/workspaces.js +1 -3
package/src/server/codex-proxy-server.js +89 -59
package/src/server/gemini-proxy-server.js +107 -88
package/src/server/index.js +1 -0
package/src/server/opencode-proxy-server.js +381 -225
package/src/server/proxy-server.js +86 -60
package/src/server/services/alias.js +3 -3
package/src/server/services/channels.js +3 -2
package/src/server/services/codex-channels.js +38 -87
package/src/server/services/codex-env-manager.js +426 -0
package/src/server/services/codex-settings-manager.js +15 -15
package/src/server/services/codex-statistics-service.js +3 -27
package/src/server/services/config-export-service.js +20 -7
package/src/server/services/config-registry-service.js +3 -2
package/src/server/services/config-sync-manager.js +1 -1
package/src/server/services/favorites.js +4 -3
package/src/server/services/gemini-channels.js +3 -3
package/src/server/services/gemini-statistics-service.js +3 -25
package/src/server/services/mcp-service.js +2 -3
package/src/server/services/model-detector.js +4 -3
package/src/server/services/native-oauth-adapters.js +2 -1
package/src/server/services/network-access.js +39 -1
package/src/server/services/notification-hooks.js +951 -0
package/src/server/services/opencode-channels.js +6 -6
package/src/server/services/opencode-sessions.js +2 -2
package/src/server/services/opencode-statistics-service.js +3 -27
package/src/server/services/plugins-service.js +110 -31
package/src/server/services/prompts-service.js +2 -3
package/src/server/services/proxy-log-helper.js +242 -0
package/src/server/services/proxy-runtime.js +6 -4
package/src/server/services/repo-scanner-base.js +12 -4
package/src/server/services/request-logger.js +7 -7
package/src/server/services/security-config.js +4 -4
package/src/server/services/session-cache.js +2 -2
package/src/server/services/sessions.js +2 -2
package/src/server/services/skill-service.js +174 -55
package/src/server/services/statistics-service.js +10 -6
package/src/server/services/ui-config.js +4 -3
package/src/server/services/workspace-service.js +101 -156
package/src/server/websocket-server.js +5 -4
package/dist/web/assets/Analytics-DuYvId7u.css +0 -1
package/dist/web/assets/Home-BMoFdAwy.css +0 -1
package/dist/web/assets/Home-DNwp-0J-.js +0 -1
package/dist/web/assets/index-BXeSvAwU.js +0 -2
package/dist/web/assets/index-DWAC3Tdv.css +0 -1
package/docs/bannel.png +0 -0
package/docs/model-redirection.md +0 -251

package/src/server/services/gemini-statistics-service.js CHANGED Viewed

@@ -4,34 +4,12 @@ const {
   getDailyStatistics: getSharedDailyStatistics,
   getTodayStatistics: getSharedTodayStatistics
 } = require('./statistics-service');
+const { normalizeUsageTokens, toNumber } = require('./proxy-log-helper');
 const TOOL_TYPE = 'gemini';
-function toNumber(value) {
-  const num = Number(value);
-  return Number.isFinite(num) ? num : 0;
-}
-function normalizeToolTokens(tokens = {}) {
-  const input = toNumber(tokens.input);
-  const output = toNumber(tokens.output);
-  const cached = toNumber(tokens.cached);
-  const cacheCreation = toNumber(tokens.cacheCreation);
-  const cacheRead = toNumber(tokens.cacheRead || cached);
-  const total = toNumber(tokens.total) || (input + output);
-  return {
-    input,
-    output,
-    cached,
-    cacheCreation,
-    cacheRead,
-    total
-  };
-}
 function toLegacyEntryShape(entry = {}, includeName = false) {
-  const normalized = normalizeToolTokens(entry.tokens || {});
+  const normalized = normalizeUsageTokens(TOOL_TYPE, entry.tokens || {});
   const result = {
     requests: toNumber(entry.requests),
     tokens: {
@@ -123,7 +101,7 @@ function buildDailyStatistics(sharedDaily = {}, fallbackDate) {
 }
 function recordRequest(requestData = {}) {
-  const normalizedTokens = normalizeToolTokens(requestData.tokens || {});
+  const normalizedTokens = normalizeUsageTokens(TOOL_TYPE, requestData.tokens || {});
   return recordSharedRequest({
     ...requestData,
     toolType: TOOL_TYPE,

package/src/server/services/mcp-service.js CHANGED Viewed

@@ -12,14 +12,13 @@ const { spawn } = require('child_process');
 const http = require('http');
 const https = require('https');
 const { McpClient, buildMissingCommandMessage, createMissingCommandHint } = require('./mcp-client');
-const { NATIVE_PATHS } = require('../../config/paths');
+const { NATIVE_PATHS, PATHS } = require('../../config/paths');
 const { resolvePreferredHomeDir } = require('../../utils/home-dir');
 const HOME_DIR = resolvePreferredHomeDir(process.platform, process.env, os.homedir());
 // MCP 配置文件路径
-const CC_TOOL_DIR = path.join(HOME_DIR, '.cc-tool');
-const MCP_SERVERS_FILE = path.join(CC_TOOL_DIR, 'mcp-servers.json');
+const MCP_SERVERS_FILE = PATHS.mcpServers;
 // 各平台配置文件路径
 const CLAUDE_CONFIG_PATH = path.join(HOME_DIR, '.claude.json');

package/src/server/services/model-detector.js CHANGED Viewed

@@ -11,7 +11,7 @@ const { URL } = require('url');
 const crypto = require('crypto');
 const zlib = require('zlib');
 const { loadConfig } = require('../../config/loader');
-const { HOME_DIR } = require('../../config/paths');
+const { PATHS } = require('../../config/paths');
 // 内置模型优先级（当配置缺失时兜底）
 const MODEL_PRIORITY = {
@@ -669,11 +669,12 @@ function collectResponseBody(res) {
  * Get cache file path
  */
 function getCacheFilePath() {
-  const dir = path.join(HOME_DIR, '.cc-tool');
+  const filePath = PATHS.channelModels;
+  const dir = path.dirname(filePath);
   if (!fs.existsSync(dir)) {
     fs.mkdirSync(dir, { recursive: true });
   }
-  return path.join(dir, 'channel-models.json');
+  return filePath;
 }
 /**

package/src/server/services/native-oauth-adapters.js CHANGED Viewed

@@ -9,6 +9,7 @@ const claudeSettingsManager = require('./settings-manager');
 const codexSettingsManager = require('./codex-settings-manager');
 const geminiSettingsManager = require('./gemini-settings-manager');
 const opencodeSettingsManager = require('./opencode-settings-manager');
+const { syncCodexUserEnvironment } = require('./codex-env-manager');
 const nativeKeychain = require('./native-keychain');
 const { maskToken, decodeJwtPayload, removeFileIfExists, sha256 } = require('./oauth-utils');
@@ -312,7 +313,7 @@ function clearCodexOAuth() {
 }
 function removeCodexChannelEnvVars() {
-  // auth.json 由 clearCodexChannelConfig 负责清理，Codex 优先读取 auth.json，无需操作 shell 配置文件
+  syncCodexUserEnvironment({}, { replace: true });
 }
 function clearCodexChannelConfig() {

package/src/server/services/network-access.js CHANGED Viewed

@@ -30,6 +30,26 @@ function isLoopbackRequest(req) {
   return true;
 }
+function isSameOriginRequest(req) {
+  if (!req) return false;
+  const origin = req.headers && req.headers.origin;
+  if (!origin) {
+    return true;
+  }
+  const host = req.headers && req.headers.host;
+  if (!host) {
+    return false;
+  }
+  try {
+    const originUrl = new URL(origin);
+    return originUrl.host === host;
+  } catch (error) {
+    return false;
+  }
+}
 function createRemoteMutationGuard(options = {}) {
   const enabled = options.enabled === true;
   const allowRemoteMutation = options.allowRemoteMutation === true;
@@ -71,10 +91,28 @@ function createRemoteRouteGuard(options = {}) {
   };
 }
+function createSameOriginGuard(options = {}) {
+  const enabled = options.enabled !== false;
+  const message = options.message || '禁止跨站访问该接口';
+  return (req, res, next) => {
+    if (!enabled || isSameOriginRequest(req)) {
+      return next();
+    }
+    return res.status(403).json({
+      error: message,
+      code: 'CROSS_ORIGIN_REQUEST_BLOCKED'
+    });
+  };
+}
 module.exports = {
   normalizeAddress,
   isLoopbackAddress,
   isLoopbackRequest,
+  isSameOriginRequest,
   createRemoteMutationGuard,
-  createRemoteRouteGuard
+  createRemoteRouteGuard,
+  createSameOriginGuard
 };