coding-tool-x 3.4.3 → 3.4.5

package/src/server/api/plugins.js

@@ -6,6 +6,7 @@
 
 const express = require('express');
 const { PluginsService } = require('../services/plugins-service');
+const { maskToken } = require('../services/oauth-utils');
 
 const router = express.Router();
 const SUPPORTED_PLATFORMS = ['claude', 'opencode'];
@@ -27,6 +28,41 @@ function getPluginsService(req) {
   return { platform, service: pluginServices.get(platform) };
 }
 
+function extractRepoPayload(source = {}) {
+  const repo = source.repo && typeof source.repo === 'object' ? source.repo : source;
+  return {
+    id: repo.id || source.repoId || '',
+    provider: repo.provider || source.provider || '',
+    host: repo.host || source.host || '',
+    owner: repo.owner || source.owner || '',
+    name: repo.name || source.name || '',
+    branch: repo.branch || source.branch || 'main',
+    directory: repo.directory || source.directory || '',
+    projectPath: repo.projectPath || source.projectPath || '',
+    localPath: repo.localPath || source.localPath || '',
+    repoUrl: repo.repoUrl || repo.url || source.repoUrl || source.url || '',
+    token: repo.token || source.token || ''
+  };
+}
+
+function sanitizeRepo(repo = {}) {
+  const token = String(repo.token || '').trim();
+  const sanitized = {
+    ...repo,
+    hasToken: Boolean(token),
+    tokenPreview: token ? maskToken(token) : ''
+  };
+  delete sanitized.token;
+  return sanitized;
+}
+
+function sanitizeRepos(service, repos = []) {
+  if (typeof service.getReposForClient === 'function') {
+    return service.getReposForClient(repos);
+  }
+  return (Array.isArray(repos) ? repos : []).map(sanitizeRepo);
+}
+
 /**
  * 获取插件列表
  * GET /api/plugins
@@ -58,7 +94,11 @@ router.get('/market', async (req, res) => {
   try {
     const { platform, service } = getPluginsService(req);
     const forceRefresh = req.query.refresh === '1';
+    if (forceRefresh) {
+      console.log(`[Plugins API] Refreshing market plugins for ${platform}...`);
+    }
     const plugins = await service.getMarketPlugins(forceRefresh);
+    console.log(`[Plugins API] ${platform}: ${plugins.length} market plugins loaded (refresh=${forceRefresh})`);
 
     res.json({
       success: true,
@@ -89,7 +129,7 @@ router.post('/install', async (req, res) => {
     if (source) {
       installUrl = source;
     } else if (directory && repo) {
-      installUrl = `https://github.com/${repo.owner}/${repo.name}/tree/${repo.branch || 'main'}/${directory}`;
+      installUrl = '';
     } else if (gitUrl) {
       installUrl = gitUrl;
     } else {
@@ -99,7 +139,15 @@ router.post('/install', async (req, res) => {
       });
     }
 
-    const result = await service.installPlugin(installUrl);
+    const result = await service.installPlugin(
+      installUrl,
+      directory && repo
+        ? {
+            ...extractRepoPayload({ repo }),
+            directory
+          }
+        : null
+    );
 
     if (!result.success) {
       return res.status(400).json({
@@ -136,7 +184,7 @@ router.get('/repos', (req, res) => {
     res.json({
       success: true,
       platform,
-      repos
+      repos: sanitizeRepos(service, repos)
     });
   } catch (err) {
     console.error('[Plugins API] Get repos error:', err);
@@ -155,12 +203,13 @@ router.get('/repos', (req, res) => {
 router.post('/repos', (req, res) => {
   try {
     const { platform, service } = getPluginsService(req);
-    const repo = req.body;
+    const repo = extractRepoPayload(req.body);
+    repo.enabled = req.body.enabled !== false;
 
-    if (!repo || !repo.url) {
+    if (!repo.localPath && !repo.projectPath && (!repo.owner || !repo.name) && !repo.repoUrl) {
       return res.status(400).json({
         success: false,
-        message: 'Repository URL is required'
+        message: 'Missing repo info'
       });
     }
 
@@ -169,7 +218,7 @@ router.post('/repos', (req, res) => {
     res.json({
       success: true,
       platform,
-      repos,
+      repos: sanitizeRepos(service, repos),
       message: 'Repository added successfully'
     });
   } catch (err) {
@@ -181,6 +230,54 @@ router.post('/repos', (req, res) => {
   }
 });
 
+router.delete('/repos', (req, res) => {
+  try {
+    const { platform, service } = getPluginsService(req);
+    const { id = '', owner = '', name = '' } = req.query;
+    const repos = service.removeRepo(owner, name, id);
+
+    res.json({
+      success: true,
+      platform,
+      repos: sanitizeRepos(service, repos)
+    });
+  } catch (err) {
+    console.error('[Plugins API] Remove repo error:', err);
+    res.status(500).json({
+      success: false,
+      message: err.message
+    });
+  }
+});
+
+router.put('/repos/toggle', (req, res) => {
+  try {
+    const { platform, service } = getPluginsService(req);
+    const { id = '', owner = '', name = '', enabled } = req.body;
+
+    if (typeof enabled !== 'boolean') {
+      return res.status(400).json({
+        success: false,
+        message: 'enabled must be a boolean'
+      });
+    }
+
+    const repos = service.toggleRepo(owner, name, enabled, id);
+
+    res.json({
+      success: true,
+      platform,
+      repos: sanitizeRepos(service, repos)
+    });
+  } catch (err) {
+    console.error('[Plugins API] Toggle repo error:', err);
+    res.status(500).json({
+      success: false,
+      message: err.message
+    });
+  }
+});
+
 /**
  * 删除插件仓库
  * DELETE /api/plugins/repos/:owner/:name
@@ -189,13 +286,14 @@ router.delete('/repos/:owner/:name', (req, res) => {
   try {
     const { platform, service } = getPluginsService(req);
     const { owner, name } = req.params;
+    const { id = '' } = req.query;
 
-    const repos = service.removeRepo(owner, name);
+    const repos = service.removeRepo(owner, name, id);
 
     res.json({
       success: true,
       platform,
-      repos,
+      repos: sanitizeRepos(service, repos),
       message: 'Repository removed successfully'
     });
   } catch (err) {
@@ -216,7 +314,7 @@ router.put('/repos/:owner/:name/toggle', (req, res) => {
   try {
     const { platform, service } = getPluginsService(req);
     const { owner, name } = req.params;
-    const { enabled } = req.body;
+    const { enabled, id = '' } = req.body;
 
     if (typeof enabled !== 'boolean') {
       return res.status(400).json({
@@ -225,12 +323,12 @@ router.put('/repos/:owner/:name/toggle', (req, res) => {
       });
     }
 
-    const repos = service.toggleRepo(owner, name, enabled);
+    const repos = service.toggleRepo(owner, name, enabled, id);
 
     res.json({
       success: true,
       platform,
-      repos,
+      repos: sanitizeRepos(service, repos),
       message: `Repository ${enabled ? 'enabled' : 'disabled'} successfully`
     });
   } catch (err) {
@@ -242,6 +340,40 @@ router.put('/repos/:owner/:name/toggle', (req, res) => {
   }
 });
 
+router.put('/repos/auth', (req, res) => {
+  try {
+    const { platform, service } = getPluginsService(req);
+    const {
+      id = '',
+      owner = '',
+      name = '',
+      token = '',
+      clearToken = false
+    } = req.body;
+
+    if (!clearToken && !String(token || '').trim()) {
+      return res.status(400).json({
+        success: false,
+        message: 'Missing token'
+      });
+    }
+
+    const repos = service.updateRepoAuth(owner, name, token, clearToken, id);
+
+    res.json({
+      success: true,
+      platform,
+      repos: sanitizeRepos(service, repos)
+    });
+  } catch (err) {
+    console.error('[Plugins API] Update repo auth error:', err);
+    res.status(500).json({
+      success: false,
+      message: err.message
+    });
+  }
+});
+
 /**
  * 同步仓库到 Claude Code marketplace
  * POST /api/plugins/repos/sync
@@ -299,16 +431,35 @@ router.get('/:name/readme', async (req, res) => {
   try {
     const { platform, service } = getPluginsService(req);
     const { name } = req.params;
-    const { repoOwner, repoName, repoBranch, directory, source, repoUrl } = req.query;
+    const {
+      repoId,
+      repoProvider,
+      repoHost,
+      repoOwner,
+      repoName,
+      repoBranch,
+      directory,
+      source,
+      repoUrl,
+      repoProjectPath,
+      repoLocalPath,
+      installPath
+    } = req.query;
 
     const pluginInfo = {
       name,
+      repoId,
+      repoProvider,
+      repoHost,
       repoOwner,
       repoName,
       repoBranch,
       directory,
       source,
-      repoUrl
+      repoUrl,
+      repoProjectPath,
+      repoLocalPath,
+      installPath
     };
 
     const readme = await service.getPluginReadme(pluginInfo);

package/src/server/api/pm2-autostart.js

@@ -10,9 +10,9 @@ const execAsync = promisify(exec);
 
 function getExecOptions(timeout = 30000, runtimePlatform = process.platform) {
   if (runtimePlatform === 'win32') {
-    return { timeout };
+    return { timeout, windowsHide: true };
   }
-  return { shell: '/bin/bash', timeout };
+  return { shell: '/bin/bash', timeout, windowsHide: true };
 }
 
 /**

package/src/server/api/proxy.js

@@ -208,7 +208,7 @@ router.post('/start', async (req, res) => {
 
     // 3. 保存当前激活渠道ID（用于代理模式）
     saveActiveChannelId(currentChannel.id);
-    console.log(`✅ Saved active channel: ${currentChannel.name} (${currentChannel.id})`);
+    console.log(`[OK] Saved active channel: ${currentChannel.name} (${currentChannel.id})`);
 
     // 4. 启动代理服务器
     const proxyResult = await startProxyServer();
@@ -256,11 +256,11 @@ router.post('/stop', async (req, res) => {
     if (restoredChannel) {
       if (hadBackup) {
         deleteBackup();
-        console.log('✅ Discarded backup snapshot');
+        console.log('[OK] Discarded backup snapshot');
       }
     } else if (hadBackup) {
       restoreSettings();
-      console.log('✅ Restored settings from backup');
+      console.log('[OK] Restored settings from backup');
       const channels = getAllChannels();
       const currentSettings = require('../services/channels').getCurrentSettings();
       if (currentSettings) {
@@ -274,7 +274,7 @@ router.post('/stop', async (req, res) => {
     if (restoredChannel) {
       const { applyChannelToSettings } = require('../services/channels');
       applyChannelToSettings(restoredChannel.id);
-      console.log(`✅ Single-channel mode restored: ${restoredChannel.name}`);
+      console.log(`[OK] Single-channel mode restored: ${restoredChannel.name}`);
     }
 
     // 3. 删除备份文件和active-channel.json
@@ -282,14 +282,14 @@ router.post('/stop', async (req, res) => {
       const backupPath = NATIVE_PATHS.claude.settingsBackup;
       if (fs.existsSync(backupPath)) {
         fs.unlinkSync(backupPath);
-        console.log('✅ Removed backup file');
+        console.log('[OK] Removed backup file');
       }
     }
 
     const activeChannelPath = PATHS.activeChannel.claude;
     if (fs.existsSync(activeChannelPath)) {
       fs.unlinkSync(activeChannelPath);
-      console.log('✅ Removed active-channel.json');
+      console.log('[OK] Removed active-channel.json');
     }
 
     // 4. 通过 WebSocket 推送代理状态更新

package/src/server/api/skills.js

@@ -4,6 +4,7 @@
 
 const express = require('express');
 const { SkillService } = require('../services/skill-service');
+const { maskToken } = require('../services/oauth-utils');
 
 const router = express.Router();
 const SUPPORTED_PLATFORMS = ['claude', 'codex', 'gemini', 'opencode'];
@@ -37,10 +38,29 @@ function extractRepoPayload(source = {}) {
     directory: repo.directory || source.directory || '',
     projectPath: repo.projectPath || source.projectPath || '',
     localPath: repo.localPath || source.localPath || '',
-    repoUrl: repo.repoUrl || source.repoUrl || ''
+    repoUrl: repo.repoUrl || source.repoUrl || '',
+    token: repo.token || source.token || ''
   };
 }
 
+function sanitizeRepo(repo = {}) {
+  const token = String(repo.token || '').trim();
+  const sanitized = {
+    ...repo,
+    hasToken: Boolean(token),
+    tokenPreview: token ? maskToken(token) : ''
+  };
+  delete sanitized.token;
+  return sanitized;
+}
+
+function sanitizeRepos(service, repos = []) {
+  if (typeof service.getReposForClient === 'function') {
+    return service.getReposForClient(repos);
+  }
+  return (Array.isArray(repos) ? repos : []).map(sanitizeRepo);
+}
+
 /**
  * 获取技能列表
  * GET /api/skills
@@ -50,7 +70,11 @@ router.get('/', async (req, res) => {
   try {
     const { platform, service } = getSkillService(req);
     const forceRefresh = req.query.refresh === '1';
+    if (forceRefresh) {
+      console.log(`[Skills API] Refreshing skills for ${platform}...`);
+    }
     const skills = await service.listSkills(forceRefresh);
+    console.log(`[Skills API] ${platform}: ${skills.length} skills loaded (refresh=${forceRefresh})`);
     res.json({
       success: true,
       platform,
@@ -286,7 +310,7 @@ router.get('/repos', (req, res) => {
     res.json({
       success: true,
       platform,
-      repos
+      repos: sanitizeRepos(service, repos)
     });
   } catch (err) {
     console.error('[Skills API] Get repos error:', err);
@@ -321,7 +345,7 @@ router.post('/repos', (req, res) => {
     res.json({
       success: true,
       platform,
-      repos
+      repos: sanitizeRepos(service, repos)
     });
   } catch (err) {
     console.error('[Skills API] Add repo error:', err);
@@ -341,7 +365,7 @@ router.delete('/repos', (req, res) => {
     res.json({
       success: true,
       platform,
-      repos
+      repos: sanitizeRepos(service, repos)
     });
   } catch (err) {
     console.error('[Skills API] Remove repo error:', err);
@@ -362,7 +386,7 @@ router.put('/repos/toggle', (req, res) => {
     res.json({
       success: true,
       platform,
-      repos
+      repos: sanitizeRepos(service, repos)
     });
   } catch (err) {
     console.error('[Skills API] Toggle repo error:', err);
@@ -373,6 +397,41 @@ router.put('/repos/toggle', (req, res) => {
   }
 });
 
+router.put('/repos/auth', (req, res) => {
+  try {
+    const { platform, service } = getSkillService(req);
+    const {
+      id = '',
+      owner = '',
+      name = '',
+      directory = '',
+      token = '',
+      clearToken = false
+    } = req.body;
+
+    if (!clearToken && !String(token || '').trim()) {
+      return res.status(400).json({
+        success: false,
+        message: 'Missing token'
+      });
+    }
+
+    const repos = service.updateRepoAuth(owner, name, directory, token, clearToken, id);
+
+    res.json({
+      success: true,
+      platform,
+      repos: sanitizeRepos(service, repos)
+    });
+  } catch (err) {
+    console.error('[Skills API] Update repo auth error:', err);
+    res.status(500).json({
+      success: false,
+      message: err.message
+    });
+  }
+});
+
 /**
  * 删除仓库
  * DELETE /api/skills/repos/:owner/:name
@@ -388,7 +447,7 @@ router.delete('/repos/:owner/:name', (req, res) => {
     res.json({
       success: true,
       platform,
-      repos
+      repos: sanitizeRepos(service, repos)
     });
   } catch (err) {
     console.error('[Skills API] Remove repo error:', err);
@@ -416,7 +475,7 @@ router.put('/repos/:owner/:name/toggle', (req, res) => {
     res.json({
       success: true,
       platform,
-      repos
+      repos: sanitizeRepos(service, repos)
     });
   } catch (err) {
     console.error('[Skills API] Toggle repo error:', err);

package/src/server/codex-proxy-server.js

@@ -15,6 +15,7 @@ const { getEffectiveApiKey } = require('./services/codex-channels');
 const { persistProxyRequestSnapshot } = require('./services/request-logger');
 const { publishUsageLog, publishFailureLog } = require('./services/proxy-log-helper');
 const { redirectModel, resolveTargetUrl } = require('./services/base/proxy-utils');
+const { attachServerShutdownHandling, expediteServerShutdown } = require('./services/server-shutdown');
 
 let proxyServer = null;
 let proxyApp = null;
@@ -519,6 +520,7 @@ async function startCodexProxyServer(options = {}) {
 
     // 启动服务器
     proxyServer = http.createServer(proxyApp);
+    attachServerShutdownHandling(proxyServer);
 
     return new Promise((resolve, reject) => {
       proxyServer.listen(port, '127.0.0.1', () => {
@@ -559,8 +561,13 @@ async function stopCodexProxyServer(options = {}) {
 
   requestMetadata.clear();
 
+  const shutdownTimer = expediteServerShutdown(proxyServer);
+
   return new Promise((resolve) => {
     proxyServer.close(() => {
+      if (shutdownTimer) {
+        clearTimeout(shutdownTimer);
+      }
       console.log('Codex proxy server stopped');
 
       // 清除代理启动时间（仅当明确要求时）
@@ -580,8 +587,9 @@ async function stopCodexProxyServer(options = {}) {
 // 获取代理服务器状态
 function getCodexProxyStatus() {
   const config = loadConfig();
-  const startTime = getProxyStartTime('codex');
-  const runtime = getProxyRuntime('codex');
+  const allowRecovery = !!proxyServer;
+  const startTime = getProxyStartTime('codex', { allowRecovery });
+  const runtime = getProxyRuntime('codex', { allowRecovery });
 
   return {
     running: !!proxyServer,

package/src/server/dev-server.js

@@ -13,12 +13,12 @@ const chalk = require('chalk');
 const config = loadConfig();
 const port = config.ports?.webUI || 19999;
 
-console.log(chalk.cyan('\n🔧 开发模式：启动后端 API 服务器...\n'));
+console.log(chalk.cyan('\n[FIX] 开发模式：启动后端 API 服务器...\n'));
 
 (async () => {
   await startServer(port);
 
-  console.log(chalk.yellow('💡 开发提示：'));
+  console.log(chalk.yellow('[TIP] 开发提示：'));
   console.log(chalk.gray(`   - 后端 API: http://localhost:${port}/api`));
   console.log(chalk.gray('   - 前端开发服务器: http://localhost:5000'));
   console.log(chalk.gray('   - 修改后端代码会自动重启 (nodemon)'));

package/src/server/gemini-proxy-server.js

@@ -15,6 +15,7 @@ const { getEffectiveApiKey } = require('./services/gemini-channels');
 const { persistProxyRequestSnapshot } = require('./services/request-logger');
 const { publishUsageLog, publishFailureLog } = require('./services/proxy-log-helper');
 const { redirectModel: redirectModelBase, resolveTargetUrl } = require('./services/base/proxy-utils');
+const { attachServerShutdownHandling, expediteServerShutdown } = require('./services/server-shutdown');
 
 let proxyServer = null;
 let proxyApp = null;
@@ -512,6 +513,7 @@ async function startGeminiProxyServer(options = {}) {
 
     // 启动服务器
     proxyServer = http.createServer(proxyApp);
+    attachServerShutdownHandling(proxyServer);
 
     return new Promise((resolve, reject) => {
       proxyServer.listen(port, '127.0.0.1', () => {
@@ -552,8 +554,13 @@ async function stopGeminiProxyServer(options = {}) {
 
   requestMetadata.clear();
 
+  const shutdownTimer = expediteServerShutdown(proxyServer);
+
   return new Promise((resolve) => {
     proxyServer.close(() => {
+      if (shutdownTimer) {
+        clearTimeout(shutdownTimer);
+      }
       console.log('Gemini proxy server stopped');
 
       // 清除代理启动时间（仅当明确要求时）
@@ -573,8 +580,9 @@ async function stopGeminiProxyServer(options = {}) {
 // 获取代理服务器状态
 function getGeminiProxyStatus() {
   const config = loadConfig();
-  const startTime = getProxyStartTime('gemini');
-  const runtime = getProxyRuntime('gemini');
+  const allowRecovery = !!proxyServer;
+  const startTime = getProxyStartTime('gemini', { allowRecovery });
+  const runtime = getProxyRuntime('gemini', { allowRecovery });
 
   return {
     running: !!proxyServer,