npm - coding-tool-x - Versions diffs - 3.4.4 → 3.4.6 - Mend

coding-tool-x 3.4.4 → 3.4.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (32) hide show

package/dist/web/index.html CHANGED Viewed

@@ -5,14 +5,14 @@
     <link rel="icon" href="/favicon.ico">
     <meta name="viewport" content="width=device-width, initial-scale=1.0">
     <title>CC-TOOL - ClaudeCode增强工作助手</title>
-    <script type="module" crossorigin src="/assets/index-DGjGCo37.js"></script>
+    <script type="module" crossorigin src="/assets/index-B4Wl3JfR.js"></script>
     <link rel="modulepreload" crossorigin href="/assets/markdown-DyTJGI4N.js">
     <link rel="modulepreload" crossorigin href="/assets/vue-vendor-3bf-fPGP.js">
     <link rel="modulepreload" crossorigin href="/assets/vendors-CKPV1OAU.js">
     <link rel="modulepreload" crossorigin href="/assets/naive-ui-Bdxp09n2.js">
     <link rel="modulepreload" crossorigin href="/assets/icons-B5Pl4lrD.js">
     <link rel="stylesheet" crossorigin href="/assets/markdown-BfC0goYb.css">
-    <link rel="stylesheet" crossorigin href="/assets/index-pMqqe9ei.css">
+    <link rel="stylesheet" crossorigin href="/assets/index-Bgt_oqoE.css">
   </head>
   <body>
     <div id="app"></div>

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "coding-tool-x",
-  "version": "3.4.4",
+  "version": "3.4.6",
   "description": "Vibe Coding 增强工作助手 - 智能会话管理、动态渠道切换、全局搜索、实时监控",
   "main": "src/index.js",
   "bin": {
@@ -9,7 +9,7 @@
   "scripts": {
     "start": "node bin/ctx.js",
     "test": "npm run test:basic && npm run test:api && npm run test:codex-agents && npm run test:skills && npm run test:plugins-market",
-    "test:basic": "node scripts/test-basic.js",
+    "test:basic": "node scripts/test-basic.js && npm run test:unit",
     "test:api": "node scripts/test-api-consistency.js",
     "test:codex-agents": "node scripts/test-codex-agents.js",
     "test:skills": "node scripts/test-skill-providers.js",

package/src/server/api/claude-hooks.js CHANGED Viewed

@@ -543,6 +543,7 @@ router.post('/test', (req, res) => {
       const command = generateSystemNotificationCommand(type || 'notification');
       const { execSync } = require('child_process');
       execSync(command, { stdio: 'ignore', windowsHide: true });
+      res.json({ success: true, message: '系统测试通知已发送' });
     }
   } catch (error) {
     console.error('Error testing notification:', error);

package/src/server/api/codex-channels.js CHANGED Viewed

@@ -25,11 +25,26 @@ const { deleteBackup } = require('../services/codex-settings-manager');
 const { PATHS } = require('../../config/paths');
 const { getDefaultSpeedTestModelByToolType } = require('../../config/model-metadata');
 const CODEX_GATEWAY_SOURCE_TYPE = 'codex';
+const CODEX_PROVIDER_KEY_PATTERN = /^[a-z0-9_-]+$/i;
 function getDefaultCodexModel() {
   return getDefaultSpeedTestModelByToolType('codex');
 }
+function validateCodexProviderKey(value) {
+  const normalized = String(value || '').trim();
+  if (!normalized) {
+    return 'Missing required fields: providerKey';
+  }
+  if (!CODEX_PROVIDER_KEY_PATTERN.test(normalized)) {
+    return 'Invalid providerKey: only letters, numbers, underscores, and hyphens are allowed';
+  }
+  if (normalized.toLowerCase() === 'openai') {
+    return 'Invalid providerKey: "openai" is reserved for the built-in OpenAI provider';
+  }
+  return '';
+}
 module.exports = (config) => {
   /**
    * GET /api/codex/channels
@@ -137,6 +152,11 @@ module.exports = (config) => {
         return res.status(400).json({ error: 'Missing required fields: apiKey' });
       }
+      const providerKeyError = validateCodexProviderKey(providerKey);
+      if (providerKeyError) {
+        return res.status(400).json({ error: providerKeyError });
+      }
       // wireApi 固定为 'responses' (OpenAI Responses API 格式)
       const channel = createChannel(name, providerKey, baseUrl, apiKey, 'responses', {
         websiteUrl,
@@ -168,6 +188,12 @@ module.exports = (config) => {
       const { channelId } = req.params;
       const updates = req.body;
+      if (Object.prototype.hasOwnProperty.call(updates, 'providerKey')) {
+        const providerKeyError = validateCodexProviderKey(updates.providerKey);
+        if (providerKeyError) {
+          return res.status(400).json({ error: providerKeyError });
+        }
+      }
       const channel = updateChannel(channelId, updates);
       // 清除该渠道的模型重定向日志缓存，使下次请求时重新打印

package/src/server/api/oauth-credentials.js CHANGED Viewed

@@ -9,6 +9,7 @@ const {
   setDefaultCredential,
   deleteCredential,
   applyStoredCredential,
+  disableStoredCredential,
   clearNativeOAuthState,
   fetchCredentialUsage
 } = require('../services/oauth-credentials-service');
@@ -117,10 +118,31 @@ router.post('/:tool/:credentialId/apply', async (req, res) => {
     assertTool(tool);
     const result = await applyStoredCredential(tool, credentialId);
     broadcastToolProxyState(tool);
+    const message = tool === 'opencode'
+      ? 'opencode 已应用 OAuth 凭证，并保留现有 API providers'
+      : `${tool} 已切换到 OAuth 凭证控制`;
     res.json({
       tool,
       ...result,
-      message: `${tool} 已切换到 OAuth 凭证控制`
+      message
+    });
+  } catch (error) {
+    res.status(error.statusCode || 500).json({ error: error.message });
+  }
+});
+router.post('/:tool/:credentialId/disable-native', (req, res) => {
+  try {
+    const { tool, credentialId } = req.params;
+    assertTool(tool);
+    const result = disableStoredCredential(tool, credentialId);
+    broadcastToolProxyState(tool);
+    res.json({
+      tool,
+      ...result,
+      message: tool === 'opencode'
+        ? 'opencode OAuth provider 已关闭'
+        : `${tool} 本机 OAuth 已关闭`
     });
   } catch (error) {
     res.status(error.statusCode || 500).json({ error: error.message });

package/src/server/api/opencode-proxy.js CHANGED Viewed

@@ -16,7 +16,6 @@ const {
   getCurrentProxyPort
 } = require('../services/opencode-settings-manager');
 const { getChannels, getEnabledChannels, applyChannelToSettings } = require('../services/opencode-channels');
-const { clearNativeOAuth } = require('../services/native-oauth-adapters');
 const { getSchedulerState } = require('../services/channel-scheduler');
 const { PATHS, ensureStorageDirMigrated } = require('../../config/paths');
 const fs = require('fs');
@@ -195,7 +194,6 @@ router.post('/start', async (req, res) => {
     });
     const activeModel = currentChannel.model || currentChannel.speedTestModel || null;
-    clearNativeOAuth('opencode');
     setProxyConfig(proxyResult.port, { channels: channelPayloads, model: activeModel });
     // 5. 广播状态更新

package/src/server/api/plugins.js CHANGED Viewed

@@ -6,6 +6,7 @@
 const express = require('express');
 const { PluginsService } = require('../services/plugins-service');
+const { maskToken } = require('../services/oauth-utils');
 const router = express.Router();
 const SUPPORTED_PLATFORMS = ['claude', 'opencode'];
@@ -27,6 +28,41 @@ function getPluginsService(req) {
   return { platform, service: pluginServices.get(platform) };
 }
+function extractRepoPayload(source = {}) {
+  const repo = source.repo && typeof source.repo === 'object' ? source.repo : source;
+  return {
+    id: repo.id || source.repoId || '',
+    provider: repo.provider || source.provider || '',
+    host: repo.host || source.host || '',
+    owner: repo.owner || source.owner || '',
+    name: repo.name || source.name || '',
+    branch: repo.branch || source.branch || 'main',
+    directory: repo.directory || source.directory || '',
+    projectPath: repo.projectPath || source.projectPath || '',
+    localPath: repo.localPath || source.localPath || '',
+    repoUrl: repo.repoUrl || repo.url || source.repoUrl || source.url || '',
+    token: repo.token || source.token || ''
+  };
+}
+function sanitizeRepo(repo = {}) {
+  const token = String(repo.token || '').trim();
+  const sanitized = {
+    ...repo,
+    hasToken: Boolean(token),
+    tokenPreview: token ? maskToken(token) : ''
+  };
+  delete sanitized.token;
+  return sanitized;
+}
+function sanitizeRepos(service, repos = []) {
+  if (typeof service.getReposForClient === 'function') {
+    return service.getReposForClient(repos);
+  }
+  return (Array.isArray(repos) ? repos : []).map(sanitizeRepo);
+}
 /**
  * 获取插件列表
  * GET /api/plugins
@@ -93,7 +129,7 @@ router.post('/install', async (req, res) => {
     if (source) {
       installUrl = source;
     } else if (directory && repo) {
-      installUrl = `https://github.com/${repo.owner}/${repo.name}/tree/${repo.branch || 'main'}/${directory}`;
+      installUrl = '';
     } else if (gitUrl) {
       installUrl = gitUrl;
     } else {
@@ -103,7 +139,15 @@ router.post('/install', async (req, res) => {
       });
     }
-    const result = await service.installPlugin(installUrl);
+    const result = await service.installPlugin(
+      installUrl,
+      directory && repo
+        ? {
+            ...extractRepoPayload({ repo }),
+            directory
+          }
+        : null
+    );
     if (!result.success) {
       return res.status(400).json({
@@ -140,7 +184,7 @@ router.get('/repos', (req, res) => {
     res.json({
       success: true,
       platform,
-      repos
+      repos: sanitizeRepos(service, repos)
     });
   } catch (err) {
     console.error('[Plugins API] Get repos error:', err);
@@ -159,12 +203,13 @@ router.get('/repos', (req, res) => {
 router.post('/repos', (req, res) => {
   try {
     const { platform, service } = getPluginsService(req);
-    const repo = req.body;
+    const repo = extractRepoPayload(req.body);
+    repo.enabled = req.body.enabled !== false;
-    if (!repo || !repo.url) {
+    if (!repo.localPath && !repo.projectPath && (!repo.owner || !repo.name) && !repo.repoUrl) {
       return res.status(400).json({
         success: false,
-        message: 'Repository URL is required'
+        message: 'Missing repo info'
       });
     }
@@ -173,7 +218,7 @@ router.post('/repos', (req, res) => {
     res.json({
       success: true,
       platform,
-      repos,
+      repos: sanitizeRepos(service, repos),
       message: 'Repository added successfully'
     });
   } catch (err) {
@@ -185,6 +230,54 @@ router.post('/repos', (req, res) => {
   }
 });
+router.delete('/repos', (req, res) => {
+  try {
+    const { platform, service } = getPluginsService(req);
+    const { id = '', owner = '', name = '' } = req.query;
+    const repos = service.removeRepo(owner, name, id);
+    res.json({
+      success: true,
+      platform,
+      repos: sanitizeRepos(service, repos)
+    });
+  } catch (err) {
+    console.error('[Plugins API] Remove repo error:', err);
+    res.status(500).json({
+      success: false,
+      message: err.message
+    });
+  }
+});
+router.put('/repos/toggle', (req, res) => {
+  try {
+    const { platform, service } = getPluginsService(req);
+    const { id = '', owner = '', name = '', enabled } = req.body;
+    if (typeof enabled !== 'boolean') {
+      return res.status(400).json({
+        success: false,
+        message: 'enabled must be a boolean'
+      });
+    }
+    const repos = service.toggleRepo(owner, name, enabled, id);
+    res.json({
+      success: true,
+      platform,
+      repos: sanitizeRepos(service, repos)
+    });
+  } catch (err) {
+    console.error('[Plugins API] Toggle repo error:', err);
+    res.status(500).json({
+      success: false,
+      message: err.message
+    });
+  }
+});
 /**
  * 删除插件仓库
  * DELETE /api/plugins/repos/:owner/:name
@@ -193,13 +286,14 @@ router.delete('/repos/:owner/:name', (req, res) => {
   try {
     const { platform, service } = getPluginsService(req);
     const { owner, name } = req.params;
+    const { id = '' } = req.query;
-    const repos = service.removeRepo(owner, name);
+    const repos = service.removeRepo(owner, name, id);
     res.json({
       success: true,
       platform,
-      repos,
+      repos: sanitizeRepos(service, repos),
       message: 'Repository removed successfully'
     });
   } catch (err) {
@@ -220,7 +314,7 @@ router.put('/repos/:owner/:name/toggle', (req, res) => {
   try {
     const { platform, service } = getPluginsService(req);
     const { owner, name } = req.params;
-    const { enabled } = req.body;
+    const { enabled, id = '' } = req.body;
     if (typeof enabled !== 'boolean') {
       return res.status(400).json({
@@ -229,12 +323,12 @@ router.put('/repos/:owner/:name/toggle', (req, res) => {
       });
     }
-    const repos = service.toggleRepo(owner, name, enabled);
+    const repos = service.toggleRepo(owner, name, enabled, id);
     res.json({
       success: true,
       platform,
-      repos,
+      repos: sanitizeRepos(service, repos),
       message: `Repository ${enabled ? 'enabled' : 'disabled'} successfully`
     });
   } catch (err) {
@@ -246,6 +340,40 @@ router.put('/repos/:owner/:name/toggle', (req, res) => {
   }
 });
+router.put('/repos/auth', (req, res) => {
+  try {
+    const { platform, service } = getPluginsService(req);
+    const {
+      id = '',
+      owner = '',
+      name = '',
+      token = '',
+      clearToken = false
+    } = req.body;
+    if (!clearToken && !String(token || '').trim()) {
+      return res.status(400).json({
+        success: false,
+        message: 'Missing token'
+      });
+    }
+    const repos = service.updateRepoAuth(owner, name, token, clearToken, id);
+    res.json({
+      success: true,
+      platform,
+      repos: sanitizeRepos(service, repos)
+    });
+  } catch (err) {
+    console.error('[Plugins API] Update repo auth error:', err);
+    res.status(500).json({
+      success: false,
+      message: err.message
+    });
+  }
+});
 /**
  * 同步仓库到 Claude Code marketplace
  * POST /api/plugins/repos/sync
@@ -303,16 +431,35 @@ router.get('/:name/readme', async (req, res) => {
   try {
     const { platform, service } = getPluginsService(req);
     const { name } = req.params;
-    const { repoOwner, repoName, repoBranch, directory, source, repoUrl } = req.query;
+    const {
+      repoId,
+      repoProvider,
+      repoHost,
+      repoOwner,
+      repoName,
+      repoBranch,
+      directory,
+      source,
+      repoUrl,
+      repoProjectPath,
+      repoLocalPath,
+      installPath
+    } = req.query;
     const pluginInfo = {
       name,
+      repoId,
+      repoProvider,
+      repoHost,
       repoOwner,
       repoName,
       repoBranch,
       directory,
       source,
-      repoUrl
+      repoUrl,
+      repoProjectPath,
+      repoLocalPath,
+      installPath
     };
     const readme = await service.getPluginReadme(pluginInfo);

package/src/server/api/skills.js CHANGED Viewed

@@ -4,6 +4,7 @@
 const express = require('express');
 const { SkillService } = require('../services/skill-service');
+const { maskToken } = require('../services/oauth-utils');
 const router = express.Router();
 const SUPPORTED_PLATFORMS = ['claude', 'codex', 'gemini', 'opencode'];
@@ -37,10 +38,29 @@ function extractRepoPayload(source = {}) {
     directory: repo.directory || source.directory || '',
     projectPath: repo.projectPath || source.projectPath || '',
     localPath: repo.localPath || source.localPath || '',
-    repoUrl: repo.repoUrl || source.repoUrl || ''
+    repoUrl: repo.repoUrl || source.repoUrl || '',
+    token: repo.token || source.token || ''
   };
 }
+function sanitizeRepo(repo = {}) {
+  const token = String(repo.token || '').trim();
+  const sanitized = {
+    ...repo,
+    hasToken: Boolean(token),
+    tokenPreview: token ? maskToken(token) : ''
+  };
+  delete sanitized.token;
+  return sanitized;
+}
+function sanitizeRepos(service, repos = []) {
+  if (typeof service.getReposForClient === 'function') {
+    return service.getReposForClient(repos);
+  }
+  return (Array.isArray(repos) ? repos : []).map(sanitizeRepo);
+}
 /**
  * 获取技能列表
  * GET /api/skills
@@ -290,7 +310,7 @@ router.get('/repos', (req, res) => {
     res.json({
       success: true,
       platform,
-      repos
+      repos: sanitizeRepos(service, repos)
     });
   } catch (err) {
     console.error('[Skills API] Get repos error:', err);
@@ -325,7 +345,7 @@ router.post('/repos', (req, res) => {
     res.json({
       success: true,
       platform,
-      repos
+      repos: sanitizeRepos(service, repos)
     });
   } catch (err) {
     console.error('[Skills API] Add repo error:', err);
@@ -345,7 +365,7 @@ router.delete('/repos', (req, res) => {
     res.json({
       success: true,
       platform,
-      repos
+      repos: sanitizeRepos(service, repos)
     });
   } catch (err) {
     console.error('[Skills API] Remove repo error:', err);
@@ -366,7 +386,7 @@ router.put('/repos/toggle', (req, res) => {
     res.json({
       success: true,
       platform,
-      repos
+      repos: sanitizeRepos(service, repos)
     });
   } catch (err) {
     console.error('[Skills API] Toggle repo error:', err);
@@ -377,6 +397,41 @@ router.put('/repos/toggle', (req, res) => {
   }
 });
+router.put('/repos/auth', (req, res) => {
+  try {
+    const { platform, service } = getSkillService(req);
+    const {
+      id = '',
+      owner = '',
+      name = '',
+      directory = '',
+      token = '',
+      clearToken = false
+    } = req.body;
+    if (!clearToken && !String(token || '').trim()) {
+      return res.status(400).json({
+        success: false,
+        message: 'Missing token'
+      });
+    }
+    const repos = service.updateRepoAuth(owner, name, directory, token, clearToken, id);
+    res.json({
+      success: true,
+      platform,
+      repos: sanitizeRepos(service, repos)
+    });
+  } catch (err) {
+    console.error('[Skills API] Update repo auth error:', err);
+    res.status(500).json({
+      success: false,
+      message: err.message
+    });
+  }
+});
 /**
  * 删除仓库
  * DELETE /api/skills/repos/:owner/:name
@@ -392,7 +447,7 @@ router.delete('/repos/:owner/:name', (req, res) => {
     res.json({
       success: true,
       platform,
-      repos
+      repos: sanitizeRepos(service, repos)
     });
   } catch (err) {
     console.error('[Skills API] Remove repo error:', err);
@@ -420,7 +475,7 @@ router.put('/repos/:owner/:name/toggle', (req, res) => {
     res.json({
       success: true,
       platform,
-      repos
+      repos: sanitizeRepos(service, repos)
     });
   } catch (err) {
     console.error('[Skills API] Toggle repo error:', err);

package/src/server/codex-proxy-server.js CHANGED Viewed

@@ -15,6 +15,7 @@ const { getEffectiveApiKey } = require('./services/codex-channels');
 const { persistProxyRequestSnapshot } = require('./services/request-logger');
 const { publishUsageLog, publishFailureLog } = require('./services/proxy-log-helper');
 const { redirectModel, resolveTargetUrl } = require('./services/base/proxy-utils');
+const { attachServerShutdownHandling, expediteServerShutdown } = require('./services/server-shutdown');
 let proxyServer = null;
 let proxyApp = null;
@@ -519,6 +520,7 @@ async function startCodexProxyServer(options = {}) {
     // 启动服务器
     proxyServer = http.createServer(proxyApp);
+    attachServerShutdownHandling(proxyServer);
     return new Promise((resolve, reject) => {
       proxyServer.listen(port, '127.0.0.1', () => {
@@ -559,8 +561,13 @@ async function stopCodexProxyServer(options = {}) {
   requestMetadata.clear();
+  const shutdownTimer = expediteServerShutdown(proxyServer);
   return new Promise((resolve) => {
     proxyServer.close(() => {
+      if (shutdownTimer) {
+        clearTimeout(shutdownTimer);
+      }
       console.log('Codex proxy server stopped');
       // 清除代理启动时间（仅当明确要求时）
@@ -580,8 +587,9 @@ async function stopCodexProxyServer(options = {}) {
 // 获取代理服务器状态
 function getCodexProxyStatus() {
   const config = loadConfig();
-  const startTime = getProxyStartTime('codex');
-  const runtime = getProxyRuntime('codex');
+  const allowRecovery = !!proxyServer;
+  const startTime = getProxyStartTime('codex', { allowRecovery });
+  const runtime = getProxyRuntime('codex', { allowRecovery });
   return {
     running: !!proxyServer,

package/src/server/gemini-proxy-server.js CHANGED Viewed

@@ -15,6 +15,7 @@ const { getEffectiveApiKey } = require('./services/gemini-channels');
 const { persistProxyRequestSnapshot } = require('./services/request-logger');
 const { publishUsageLog, publishFailureLog } = require('./services/proxy-log-helper');
 const { redirectModel: redirectModelBase, resolveTargetUrl } = require('./services/base/proxy-utils');
+const { attachServerShutdownHandling, expediteServerShutdown } = require('./services/server-shutdown');
 let proxyServer = null;
 let proxyApp = null;
@@ -512,6 +513,7 @@ async function startGeminiProxyServer(options = {}) {
     // 启动服务器
     proxyServer = http.createServer(proxyApp);
+    attachServerShutdownHandling(proxyServer);
     return new Promise((resolve, reject) => {
       proxyServer.listen(port, '127.0.0.1', () => {
@@ -552,8 +554,13 @@ async function stopGeminiProxyServer(options = {}) {
   requestMetadata.clear();
+  const shutdownTimer = expediteServerShutdown(proxyServer);
   return new Promise((resolve) => {
     proxyServer.close(() => {
+      if (shutdownTimer) {
+        clearTimeout(shutdownTimer);
+      }
       console.log('Gemini proxy server stopped');
       // 清除代理启动时间（仅当明确要求时）
@@ -573,8 +580,9 @@ async function stopGeminiProxyServer(options = {}) {
 // 获取代理服务器状态
 function getGeminiProxyStatus() {
   const config = loadConfig();
-  const startTime = getProxyStartTime('gemini');
-  const runtime = getProxyRuntime('gemini');
+  const allowRecovery = !!proxyServer;
+  const startTime = getProxyStartTime('gemini', { allowRecovery });
+  const runtime = getProxyRuntime('gemini', { allowRecovery });
   return {
     running: !!proxyServer,