haltija 1.2.4 → 1.2.7

package/apps/desktop/main.js

@@ -36,6 +36,10 @@ const HALTIJA_SERVER = `http://localhost:${HALTIJA_PORT}`
 // Combined with webContents.id to create globally unique tab identifiers
 const APP_INSTANCE_ID = `${Date.now().toString(36)}-${Math.random().toString(36).slice(2, 6)}`
 
+// Pending session: when an agent opens a tab with a session, store it here
+// so injectWidget can include it in the widget config for the next new tab
+let pendingTabSession = null
+
 // ============================================
 // Preferences
 // ============================================
@@ -741,8 +745,16 @@ async function injectWidget(webContents) {
     // This is stable across navigations (even cross-origin) enabling cross-page recording
     const wsUrl = HALTIJA_SERVER.replace('http:', 'ws:') + '/ws/browser'
     const windowId = `hj-${APP_INSTANCE_ID}-${webContents.id}`
+    const configObj = { serverUrl: wsUrl, windowId }
+    // Session priority: pending session from agent's tabs/open > env var
+    if (pendingTabSession) {
+      configObj.session = pendingTabSession
+      pendingTabSession = null // Consume — only applies to the next tab
+    } else if (process.env.HALTIJA_SESSION) {
+      configObj.session = process.env.HALTIJA_SESSION
+    }
     await webContents.executeJavaScript(
-      `window.__haltija_config__ = { serverUrl: '${wsUrl}', windowId: '${windowId}' };`,
+      `window.__haltija_config__ = ${JSON.stringify(configObj)};`,
     )
     await webContents.executeJavaScript(componentCode)
 
@@ -882,9 +894,10 @@ function setupScreenCapture() {
   })
 
   // Tab management — forwarded to renderer
-  ipcMain.handle('open-tab', async (event, url) => {
+  ipcMain.handle('open-tab', async (event, url, session) => {
     if (!mainWindow) return false
-    mainWindow.webContents.send('open-tab', { url })
+    if (session) pendingTabSession = session
+    mainWindow.webContents.send('open-tab', { url, session })
     return true
   })
 

package/apps/desktop/package.json

@@ -1,6 +1,6 @@
 {
   "name": "haltija-desktop",
-  "version": "1.2.4",
+  "version": "1.2.7",
   "description": "Haltija Desktop - God Mode Browser for AI Agents",
   "homepage": "https://github.com/tonioloewald/haltija",
   "author": {

package/apps/desktop/renderer.js

@@ -130,7 +130,7 @@ document.addEventListener('keydown', (e) => {
 // ============================================
 
 // Tab management from widget (via main process IPC)
-window.haltija?.onOpenTab?.((data) => createTab(data.url))
+window.haltija?.onOpenTab?.((data) => createTab(data.url, { session: data.session }))
 window.haltija?.onCloseTab?.((data) => {
   const tab = findTabByWindowId(data.windowId)
   if (tab) closeTab(tab.id)

package/apps/desktop/resources/component.js

@@ -46,7 +46,7 @@
   });
 
   // src/version.ts
-  var VERSION = "1.2.4";
+  var VERSION = "1.2.7";
 
   // src/text-selector.ts
   var TEXT_PSEUDO_RE = /:(?:text-is|has-text|text)\(/;
@@ -1310,9 +1310,22 @@
     }
     return summary;
   }
+  function pruneNonInteractive(node) {
+    const isInteractive = node.flags?.interactive || node.flags?.hasEvents;
+    const children = node.children?.map((c) => pruneNonInteractive(c)).filter((c) => c !== null);
+    const shadowChildren = node.shadowChildren?.map((c) => pruneNonInteractive(c)).filter((c) => c !== null);
+    const hasInteractiveDescendant = children && children.length > 0 || shadowChildren && shadowChildren.length > 0;
+    if (!isInteractive && !hasInteractiveDescendant)
+      return null;
+    return {
+      ...node,
+      children: children?.length ? children : undefined,
+      shadowChildren: shadowChildren?.length ? shadowChildren : undefined
+    };
+  }
   function buildDomTree(el, options, currentDepth = 0) {
     const {
-      depth = 3,
+      depth = -1,
       includeText = true,
       allAttributes = false,
       includeStyles = false,
@@ -1703,6 +1716,7 @@
     windowId;
     isElectron = false;
     browserId = uid();
+    sessionToken = "";
     killed = false;
     isActive = true;
     homeLeft = 0;
@@ -1775,7 +1789,7 @@
     selectionBox = null;
     highlightedElements = [];
     static get observedAttributes() {
-      return ["server", "hidden"];
+      return ["server", "hidden", "session"];
     }
     static async runTests() {
       const el = document.querySelector(TAG_NAME);
@@ -1871,10 +1885,16 @@
         }
         this.windowId = storedWindowId;
       }
+      if (config?.session) {
+        this.sessionToken = config.session;
+      } else {
+        this.sessionToken = uid();
+      }
     }
     connectedCallback() {
       this.killed = false;
       this.serverUrl = this.getAttribute("server") || this.serverUrl;
+      this.sessionToken = this.getAttribute("session") || this.sessionToken;
       this.render();
       const rect = this.getBoundingClientRect();
       this.homeLeft = window.innerWidth - rect.width - 16;
@@ -1902,6 +1922,11 @@
           this.connect();
         }
       }
+      if (name === "session") {
+        this.sessionToken = value;
+        this.disconnect();
+        this.connect();
+      }
     }
     render() {
       if (this.shadowRoot.querySelector(".widget")) {
@@ -2087,6 +2112,25 @@
         .btn.info-btn:hover {
           background: #2563eb;
         }
+        .session-badge {
+          display: flex;
+          align-items: center;
+          gap: 2px;
+          font-size: 9px;
+          color: #666;
+          background: rgba(255,255,255,0.05);
+          padding: 2px 4px;
+          border-radius: 3px;
+          cursor: pointer;
+          user-select: none;
+        }
+        .session-badge:hover {
+          background: rgba(255,255,255,0.1);
+          color: #aaa;
+        }
+        .session-badge.copied {
+          color: #22c55e;
+        }
         @keyframes pulse {
           0%, 100% { opacity: 1; }
           50% { opacity: 0.5; }
@@ -2449,6 +2493,8 @@
             <span class="logo">\uD83E\uDDDD</span>
           </div>
           <div class="title">${PRODUCT_NAME}</div>
+          <span class="session-badge" data-action="copy-session" title="Session: ${this.sessionToken}
+Click to copy session command">${this.sessionToken.slice(0, 8)}</span>
           <div class="controls">
             <button class="btn" data-action="select" title="Select elements (drag to select area)" aria-label="Select elements">\uD83D\uDC46</button>
             <button class="btn" data-action="record" title="Record test (click to start/stop)" aria-label="Record test">REC</button>
@@ -2535,6 +2581,8 @@
             this.startSelection();
           if (action2 === "stats")
             this.copyStatsToClipboard();
+          if (action2 === "copy-session")
+            this.copySessionToken(e.currentTarget);
           if (action2 === "close-modal")
             this.closeTestModal();
           if (action2 === "copy-test")
@@ -3160,6 +3208,28 @@
         });
       }
     }
+    async copySessionToken(badge) {
+      const cmd = `export HALTIJA_SESSION=${this.sessionToken}`;
+      try {
+        await navigator.clipboard.writeText(cmd);
+        badge.textContent = "copied!";
+        badge.classList.add("copied");
+        setTimeout(() => {
+          badge.textContent = this.sessionToken.slice(0, 8);
+          badge.classList.remove("copied");
+        }, 1500);
+      } catch {
+        try {
+          await navigator.clipboard.writeText(this.sessionToken);
+          badge.textContent = "copied!";
+          badge.classList.add("copied");
+          setTimeout(() => {
+            badge.textContent = this.sessionToken.slice(0, 8);
+            badge.classList.remove("copied");
+          }, 1500);
+        } catch {}
+      }
+    }
     async copyStatsToClipboard() {
       const refStats = refRegistry.getStats();
       stats.refsStale = refStats.stale;
@@ -4926,6 +4996,7 @@ ${elementSummary}${moreText}`;
           this.send("system", "connected", {
             windowId: this.windowId,
             browserId: this.browserId,
+            session: this.sessionToken,
             version: VERSION2,
             serverSessionId: SERVER_SESSION_ID,
             url: location.href,
@@ -5351,7 +5422,7 @@ ${elementSummary}${moreText}`;
       const haltija = window.haltija;
       if (action2 === "open") {
         if (haltija?.openTab) {
-          haltija.openTab(payload2.url).then((opened) => {
+          haltija.openTab(payload2.url, payload2.session).then((opened) => {
             this.respond(msg2.id, true, { opened });
           }).catch((err) => {
             this.respond(msg2.id, false, null, err.message);
@@ -5471,7 +5542,10 @@ ${elementSummary}${moreText}`;
             const summary = buildActionableSummary(el);
             this.respond(msg2.id, true, summary);
           } else {
-            const tree = buildDomTree(el, request);
+            let tree = buildDomTree(el, request);
+            if (request.interactiveOnly && tree) {
+              tree = pruneNonInteractive(tree);
+            }
             if (request.ancestors && tree) {
               const ancestors = [];
               let parent = el.parentElement;
@@ -7207,7 +7281,7 @@ ${elementSummary}${moreText}`;
   }
   registerDevChannel();
   var WIDGET_ID = "haltija-widget";
-  function inject(serverUrl2 = "wss://localhost:8700/ws/browser") {
+  function inject(serverUrl2 = "wss://localhost:8700/ws/browser", options) {
     const existing = document.getElementById(WIDGET_ID);
     if (existing) {
       console.log(`${LOG_PREFIX} Already injected`);
@@ -7222,6 +7296,8 @@ ${elementSummary}${moreText}`;
     const el = DevChannel.elementCreator()();
     el.id = WIDGET_ID;
     el.setAttribute("server", serverUrl2);
+    if (options?.session)
+      el.setAttribute("session", options.session);
     el.setAttribute("data-version", VERSION2);
     document.body.appendChild(el);
     console.log(`${LOG_PREFIX} Injected`);
@@ -7233,7 +7309,7 @@ ${elementSummary}${moreText}`;
     const config = window.__haltija_config__;
     if (config?.autoInject !== false) {
       if (config) {
-        inject(config.serverUrl || config.wsUrl);
+        inject(config.serverUrl || config.wsUrl, { session: config.session });
         return;
       }
     }

package/apps/desktop/webview-preload.js

@@ -25,7 +25,7 @@ contextBridge.exposeInMainWorld('haltija', {
     return ipcRenderer.invoke('navigate-url', url)
   },
   // Tab management — routed through main process to renderer
-  openTab: (url) => ipcRenderer.invoke('open-tab', url),
+  openTab: (url, session) => ipcRenderer.invoke('open-tab', url, session),
   closeTab: (windowId) => ipcRenderer.invoke('close-tab', windowId),
   focusTab: (windowId) => ipcRenderer.invoke('focus-tab', windowId),
   openAgentTab: () => {

package/bin/cli-subcommand.mjs

@@ -204,7 +204,8 @@ export function parseTreeArgs(args) {
     if (a === '--depth' || a === '-d') { body.depth = num(args[++i]); continue }
     if (a === '--selector' || a === '-s') { body.selector = args[++i]; continue }
     if (a === '--compact' || a === '-c') { body.compact = true; continue }
-    if (a === '--visible') { body.visibleOnly = true; continue }
+    if (a === '--interactive' || a === '-i') { body.interactiveOnly = true; continue }
+    if (a === '--visible' || a === '-v') { body.visibleOnly = true; continue }
     if (a === '--text') { body.includeText = true; continue }
     if (a === '--no-text') { body.includeText = false; continue }
     if (a === '--shadow') { body.pierceShadow = true; continue }
@@ -432,6 +433,18 @@ export function clean(obj) {
   return Object.keys(result).length ? result : undefined
 }
 
+// ============================================
+// Session ID for multi-agent isolation
+// ============================================
+
+export function getSessionId() {
+  if (process.env.HALTIJA_SESSION) return process.env.HALTIJA_SESSION
+  // Auto-generate a session ID for this shell — persisted in env for subsequent calls
+  const id = `hj_${Date.now().toString(36)}_${Math.random().toString(36).slice(2, 8)}`
+  process.env.HALTIJA_SESSION = id
+  return id
+}
+
 // ============================================
 // Server auto-start
 // ============================================
@@ -509,14 +522,92 @@ async function startServerInBackground(port) {
   return false
 }
 
+// ============================================
+// Auto-launch Electron app when no browser windows connected
+// ============================================
+
+async function launchElectronApp() {
+  const { execSync, spawn: spawnChild } = await import('child_process')
+  
+  if (process.platform === 'darwin') {
+    // Check common locations for Haltija.app
+    const appPaths = [
+      '/Applications/Haltija.app',
+      `${process.env.HOME}/Applications/Haltija.app`,
+    ]
+    for (const p of appPaths) {
+      if (existsSync(p)) {
+        spawnChild('open', ['-a', p], { stdio: 'ignore', detached: true }).unref()
+        return true
+      }
+    }
+    // Try spotlight search as fallback
+    try {
+      const result = execSync('mdfind "kMDItemCFBundleIdentifier == com.electron.haltija" | head -1', { encoding: 'utf-8', stdio: ['pipe', 'pipe', 'ignore'] }).trim()
+      if (result) {
+        spawnChild('open', ['-a', result], { stdio: 'ignore', detached: true }).unref()
+        return true
+      }
+    } catch {}
+    return false
+  }
+  
+  // Linux/Windows: not yet supported
+  return false
+}
+
+async function ensureBrowserConnected(port) {
+  try {
+    const resp = await fetch(`http://localhost:${port}/status`, {
+      signal: AbortSignal.timeout(2000)
+    })
+    const status = await resp.json()
+    // Use status.ok (global, not session-filtered) to check if any browser is connected
+    if (status.ok) return true
+  } catch { return false }
+  
+  // No windows connected — try to launch Electron app (macOS only)
+  if (process.platform !== 'darwin') return false
+  
+  process.stderr.write('\x1b[2mLaunching Haltija browser...\x1b[0m')
+  const launched = await launchElectronApp()
+  if (!launched) {
+    process.stderr.write('\x1b[2m not found\x1b[0m\n')
+    return false
+  }
+  
+  // Wait for a window to connect (up to 10s)
+  const maxWait = 10000
+  const start = Date.now()
+  while (Date.now() - start < maxWait) {
+    try {
+      const resp = await fetch(`http://localhost:${port}/status`, {
+        signal: AbortSignal.timeout(1000)
+      })
+      const status = await resp.json()
+      if (status.ok) {
+        process.stderr.write('\x1b[2m ready\x1b[0m\n')
+        return true
+      }
+    } catch {}
+    await new Promise(r => setTimeout(r, 500))
+  }
+  process.stderr.write('\x1b[2m timeout\x1b[0m\n')
+  return false
+}
+
+// Commands that don't need a browser window to be connected
+const INFO_COMMANDS = new Set(['status', 'windows', 'version', 'help'])
+
 // ============================================
 // Main subcommand execution
 // ============================================
 
-export async function runSubcommand(subcommand, subArgs, port = '8700') {
+export async function runSubcommand(subcommand, subArgs, port = '8700', options = {}) {
   const baseUrl = `http://localhost:${port}`
   const jsonOutput = subArgs.includes('--json')
-  // Remove --json and extract --window before processing
+  const noLaunch = options.noLaunch || false
+  // Remove --json and extract --window/--session before processing
   let filteredArgs = subArgs.filter(a => a !== '--json')
   let targetWindowId = undefined
   const windowIdx = filteredArgs.indexOf('--window')
@@ -524,6 +615,11 @@ export async function runSubcommand(subcommand, subArgs, port = '8700') {
     targetWindowId = filteredArgs[windowIdx + 1]
     filteredArgs = [...filteredArgs.slice(0, windowIdx), ...filteredArgs.slice(windowIdx + 2)]
   }
+  const sessionIdx = filteredArgs.indexOf('--session')
+  if (sessionIdx !== -1) {
+    process.env.HALTIJA_SESSION = filteredArgs[sessionIdx + 1]
+    filteredArgs = [...filteredArgs.slice(0, sessionIdx), ...filteredArgs.slice(sessionIdx + 2)]
+  }
 
   // Check if server is running, auto-start if not
   if (!(await isServerRunning(port))) {
@@ -538,6 +634,11 @@ export async function runSubcommand(subcommand, subArgs, port = '8700') {
     }
   }
 
+  // Auto-launch browser if no windows connected (skip for info commands and --no-launch)
+  if (!noLaunch && !INFO_COMMANDS.has(subcommand)) {
+    await ensureBrowserConnected(port)
+  }
+
   // Special handling for 'send' command - route to appropriate endpoint
   // hj send selection [agent]      → /send/selection
   // hj send recording [agent]      → /send/recording  
@@ -596,9 +697,10 @@ export async function runSubcommand(subcommand, subArgs, port = '8700') {
 async function doRequest(url, method, body, context = {}) {
   const { subcommand, jsonOutput } = context
   try {
-    const opts = { method }
+    const sessionId = getSessionId()
+    const opts = { method, headers: { 'X-Haltija-Session': sessionId } }
     if (body) {
-      opts.headers = { 'Content-Type': 'application/json' }
+      opts.headers['Content-Type'] = 'application/json'
       opts.body = JSON.stringify(body)
     }
 
@@ -610,7 +712,7 @@ async function doRequest(url, method, body, context = {}) {
 
       // Text format for supported subcommands (unless --json)
       if (!jsonOutput && subcommand === 'tree' && json.success && json.data) {
-        console.log(formatTree(json.data))
+        console.log(formatTree(json.data, 0, { depth: body?.depth }))
       } else if (!jsonOutput && subcommand === 'events' && (json.events || Array.isArray(json))) {
         console.log(formatEvents(json))
       } else if (!jsonOutput && subcommand === 'test-run' && json.test) {
@@ -730,7 +832,7 @@ export function listSubcommands() {
   return `
 Subcommands (replace curl with simple commands):
   ${bold('Inspect')}
-    tree [selector] [-d depth]     DOM tree with ref IDs
+    tree [selector] [-d N] [-i] [-v] DOM tree (full depth, -i=interactive, -v=visible)
     query <selector>               Find elements matching selector
     inspect <@ref|selector>        Detailed element info
     inspectAll <selector>          Deep inspect all matches

package/bin/format-tree.mjs

@@ -27,15 +27,17 @@ const MAX_TEXT_LEN = 80
  * @param {number} indent - current indentation level (internal)
  * @returns {string} formatted text output with footer
  */
-export function formatTree(node, indent = 0) {
+export function formatTree(node, indent = 0, { depth } = {}) {
   if (!node) return ''
 
   const lines = []
   formatNode(node, indent, lines)
 
-  // Footer: JSON escape hatch
+  // Footer: options hint
+  const d = depth ?? -1
+  const depthLabel = d === -1 ? 'unlimited' : String(d)
   lines.push('---')
-  lines.push('hj tree --json')
+  lines.push(`depth=${depthLabel} | -d N | -i (interactive) | --visible | --json`)
 
   return lines.join('\n')
 }

package/bin/hints.json

@@ -1,5 +1,5 @@
 {
-  "tree": "-d 5 (deeper), --compact, \"#selector\" | see: inspect, query, click",
+  "tree": "-d 3 (shallow), -i (interactive only), --visible, --compact | see: inspect, query, click",
   "query": "@ref or \"selector\", --all | see: tree, inspect",
   "inspect": "@ref or \"selector\", --styles, --rules, --ancestors | see: tree, query",
   "click": "@ref or \"selector\", :text(Button), --diff | see: tree, wait, type",

package/bin/hj.mjs

@@ -36,6 +36,21 @@ if (portIdx !== -1 && args[portIdx + 1]) {
   args.splice(portIdx, 2)
 }
 
+// Parse --session option (set session token)
+const sessionIdx = args.indexOf('--session')
+if (sessionIdx !== -1 && args[sessionIdx + 1]) {
+  process.env.HALTIJA_SESSION = args[sessionIdx + 1]
+  args.splice(sessionIdx, 2)
+}
+
+// Parse --no-launch option (skip auto-launching Electron app)
+let noLaunch = false
+const noLaunchIdx = args.indexOf('--no-launch')
+if (noLaunchIdx !== -1) {
+  noLaunch = true
+  args.splice(noLaunchIdx, 1)
+}
+
 const subcommand = args[0]
 const subArgs = args.slice(1).filter(a => a !== '--window' || true) // keep all args
 
@@ -61,7 +76,7 @@ if (!isSubcommand(subcommand)) {
   console.error(`Run 'hj' for docs.`)
   process.exit(1)
 } else {
-  runSubcommand(subcommand, subArgs, port)
+  runSubcommand(subcommand, subArgs, port, { noLaunch })
 }
 
 function filterHelp(topic) {

package/bin/tosijs-dev.mjs

@@ -362,6 +362,8 @@ if (docsDirIdx !== -1 && args[docsDirIdx + 1]) {
 // ============================================
 
 const ciMode = args.includes('--ci')
+const secureMode = args.includes('--secure')
+if (secureMode) process.env.HALTIJA_SECURE = '1'
 const headlessMode = args.includes('--headless')  // Playwright headless (separate from CI)
 const headlessUrlIdx = args.indexOf('--headless-url')
 const headlessUrl = headlessUrlIdx !== -1 ? args[headlessUrlIdx + 1] : null