ghostterm 2.1.1 → 2.2.0

package/README.md

@@ -1,17 +1,50 @@
 # GhostTerm — Control Claude Code from Your Phone
 
-> **v2.0: Complete P2P Rewrite** — No more relay servers. Your terminal data never leaves your devices.
+> **v2.0: Complete P2P Rewrite** — Your terminal data never touches any server. Direct encrypted connection between your phone and PC.
 
-GhostTerm lets you control your PC terminal from your phone over a **direct peer-to-peer WebRTC connection**. Built for Claude Code users who need to approve prompts, monitor output, and manage sessions on the go.
+GhostTerm is a mobile companion for [Claude Code](https://docs.anthropic.com/en/docs/claude-code) that gives you **full terminal access from your phone** over a direct peer-to-peer connection.
 
 ## Why GhostTerm?
 
-**Zero Trust Architecture** — Unlike traditional remote terminal tools that route your data through a server, GhostTerm establishes a direct encrypted tunnel between your phone and PC. The signaling server only helps with the initial handshake — it never sees your terminal data.
+### Run Claude Code in Dangerous Mode — From Your Phone
 
-- **End-to-end encrypted** (WebRTC DTLS) — not even we can read your data
-- **Direct P2P** — sub-millisecond latency, no relay bottleneck
-- **Google Sign-In auto-pair** — same account on phone + PC, connects instantly
-- **No API keys, no SSH, no Tailscale** — just `npx ghostterm` and go
+```bash
+claude --dangerously-skip-permissions
+```
+
+The official Claude Code mobile app doesn't support `--dangerously-skip-permissions`. GhostTerm gives you **full terminal access**, so you can launch Claude in fully autonomous mode and let it work while you're away from your desk. One tap to start, one tap to stop.
+
+### Not Just Claude — Full Terminal Access
+
+GhostTerm isn't limited to Claude Code. It's a complete remote terminal. Run **any command** — `git`, `npm`, `python`, `vim`, `docker`, anything your terminal can do. The official app only gives you Claude.
+
+### 4 Terminals at Once
+
+Run up to **4 concurrent terminal sessions** with ghost cell tabs. Have Claude Code running in one, a dev server in another, git in the third. Switch between them instantly. The official app gives you one.
+
+### See Everything at a Glance — Pixel Office
+
+A unique animated workspace shows all your terminal sessions as pixel ghosts. See which ones are busy, idle, or waiting for input — **without switching tabs**. Know exactly what's happening on your PC from a single screen.
+
+### True End-to-End Encryption
+
+Your terminal data travels directly between your phone and PC over **WebRTC with DTLS encryption**. The signaling server only handles the initial pairing handshake — it never sees your terminal data. Not even GhostTerm's servers can read what you type.
+
+Compare:
+- **Official app**: Your data → Anthropic's servers → Your PC
+- **GhostTerm**: Your phone ↔ Your PC (direct, encrypted, no middleman)
+
+### Send Files from Phone to PC
+
+Take a photo, pick a file, and send it straight to your PC terminal. Then tap paste to insert the file path. Perfect for sharing screenshots of bugs, uploading configs, or sending reference images to Claude.
+
+### One-Tap Controls
+
+Purpose-built buttons for Claude Code workflows:
+- **y / n** — approve or deny permission prompts instantly
+- **claude** — launch Claude Code with one tap
+- **Stop** — send Ctrl+C immediately
+- **Arrow keys, Tab, Escape** — all one tap, no keyboard fumbling
 
 ## Quick Start
 
@@ -22,58 +55,24 @@ npx ghostterm
 1. Run the command above on your PC (requires [Node.js 18+](https://nodejs.org))
 2. First time: browser opens for Google sign-in (one-time, remembered after)
 3. Open **[ghostterm.pages.dev](https://ghostterm.pages.dev)** on your phone
-4. Sign in with the same Google account → **auto-connects, no codes needed**
-
-## Features
-
-| Feature | Description |
-|---------|------------|
-| **4 Concurrent Terminals** | Manage multiple Claude Code sessions with ghost cell tabs |
-| **One-Tap y/n** | Approve or deny Claude Code permission prompts instantly |
-| **Pixel Office** | Animated ghost workspace — see all terminals at a glance |
-| **File Upload** | Send screenshots and files from phone to PC |
-| **Dangerous Mode** | Launch Claude Code with `--dangerously-skip-permissions` |
-| **Auto-Reconnect** | Seamless recovery when connection drops |
-| **PWA Support** | Add to home screen for native app experience |
-
-## What's New in v2.0
-
-GhostTerm v2.0 is a **ground-up rewrite** replacing the relay architecture with peer-to-peer WebRTC:
+4. Sign in with the same Google account → **auto-connects, no pairing codes**
 
-- **Before (v1):** Phone → Relay Server → PC (server sees all terminal data)
-- **After (v2):** Phone ↔ PC directly (server only helps with pairing)
-
-This means:
-- Your terminal data is **never stored or transmitted through any server**
-- Latency drops from ~100ms (relay round-trip) to **<5ms** (direct P2P)
-- Server costs are near-zero (signaling only, no data relay)
-- Works even if the signaling server goes down (existing connections persist)
-
-## Security Model
+## Security
 
 ```
-Phone ──── WebRTC DataChannel (DTLS 1.3 encrypted) ────── PC
+Phone ──── WebRTC DataChannel (DTLS encrypted) ────── PC
                         │
                   (pairing only)
                         │
                Signaling Server
-          (exchanges SDP/ICE, never sees terminal data)
+        (exchanges connection info, never sees terminal data)
 ```
 
-- **DTLS encryption**: All terminal data encrypted end-to-end
-- **No data at rest**: Signaling server stores nothing
-- **One-time pair codes**: 6-digit codes expire in 5 minutes
-- **Brute force protection**: 3 wrong codes = 60s lockout
-- **Google OAuth**: Verified identity for auto-pairing
-
-## How It Works
-
-1. Your PC connects to a lightweight signaling server and registers with your Google account
-2. Your phone opens the web app and signs in with the same Google account
-3. The signaling server matches the accounts and facilitates a WebRTC handshake
-4. A direct peer-to-peer connection is established between your phone and PC
-5. All terminal I/O flows directly over the encrypted P2P channel
-6. The signaling server is no longer involved
+- **DTLS encryption** on all terminal data — end-to-end, no exceptions
+- **No data at rest** — the signaling server stores nothing
+- **Google OAuth** — verified identity for secure auto-pairing
+- **Brute force protection** — 3 wrong codes = 60s lockout
+- **Private beta** — access controlled by email whitelist
 
 ## Options
 
@@ -87,17 +86,11 @@ npx ghostterm [options]
 
 ## Requirements
 
-- **Node.js 18+** (for the PC companion)
-- **Modern browser** (for the phone — Safari, Chrome, Firefox)
-- **Google account** (for auto-pairing; or use 6-digit code without login)
-
-## Privacy
-
-- No analytics or tracking on the terminal data path
-- Google Sign-In is used solely for pairing — we don't access your Google data
-- The signaling server is open-source and can be self-hosted
-- All WebRTC connections use DTLS encryption by default
+- **Node.js 18+** on your PC
+- **Modern browser** on your phone (Safari, Chrome, Firefox)
+- **Google account** for auto-pairing
 
-## License
+## Links
 
-MIT
+- **Mobile App**: [ghostterm.pages.dev](https://ghostterm.pages.dev)
+- **npm**: [npmjs.com/package/ghostterm](https://www.npmjs.com/package/ghostterm)

package/lib/pty-manager.js

@@ -284,8 +284,15 @@ class PtyManager extends EventEmitter {
   _handleFileUpload(msg, responses) {
     const fs = require('fs');
     const tmpDir = os.tmpdir();
-    const filename = msg.filename || `upload_${Date.now()}${msg.ext || ''}`;
+    // Sanitize filename: strip path traversal, only allow safe chars
+    const rawName = msg.filename || `upload_${Date.now()}${msg.ext || ''}`;
+    const filename = path.basename(rawName).replace(/[^a-zA-Z0-9._\-]/g, '_');
     const filepath = path.join(tmpDir, filename);
+    // Verify resolved path is still inside tmpDir
+    if (!path.resolve(filepath).startsWith(path.resolve(tmpDir))) {
+      responses.push({ type: 'error', message: 'Invalid filename' });
+      return;
+    }
 
     try {
       const data = Buffer.from(msg.data, 'base64');

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "ghostterm",
-  "version": "2.1.1",
+  "version": "2.2.0",
   "description": "Control your PC terminal from your phone — direct P2P, no server in between",
   "bin": {
     "ghostterm": "bin/ghostterm-p2p.js"
@@ -20,11 +20,8 @@
   "engines": {
     "node": ">=18.0.0"
   },
-  "license": "MIT",
-  "repository": {
-    "type": "git",
-    "url": "git+https://github.com/anthropic/ghostterm-p2p.git"
-  },
+  "license": "UNLICENSED",
+  "homepage": "https://ghostterm.pages.dev",
   "keywords": [
     "terminal",
     "remote",