handsoff 0.1.2-beta.0 → 0.1.2-beta.2

package/config.example.toml

@@ -2,20 +2,9 @@
 # Copy to ~/.handsoff/config.toml and fill in your credentials
 
 [general]
-default_agent = "claude"
 log_level = "info"
 hook_server_port = 9876
 
-[channel.telegram]
-enabled = true
-bot_token = "YOUR_BOT_TOKEN"
-allowed_users = [123456789]
-
-[channel.feishu]
-enabled = false
-app_id = ""
-app_secret = ""
-
 [agent.claude]
 adapter = "hooks"
 binary = "claude"
@@ -23,22 +12,26 @@ work_dir = ""
 model = ""
 permission_mode = ""
 
-# Agent-specific permission settings
-[agent.claude.permission]
-# Low-risk tools that won't trigger permission prompts
-lowRiskTools = ["Read", "Glob", "Grep", "List", "WebSearch", "codesearch"]
+[agent.codex]
+enabled = false
+command = ["codex", "app-server", "--listen", "stdio://"]
+work_dir = ""
+model = ""
+approval_policy = ""
 
-[channels.app]
+[channel.app]
 enabled = false
 channel_id = "app:desktop-001"
 auth_token = "change-me"
 notify_types = ["*"]
 heartbeat_interval_ms = 30000
 
-[agent.codex]
+[channel.telegram]
+enabled = true
+bot_token = "YOUR_BOT_TOKEN"
+allowed_users = [123456789]
+
+[channel.feishu]
 enabled = false
-command = ["codex", "app-server", "--listen", "stdio://"]
-work_dir = ""
-model = ""
-approval_policy = ""
-sandbox_mode = ""
+app_id = ""
+app_secret = ""

package/dist/cli/index.js

@@ -8,7 +8,13 @@ import { Command } from "commander";
 
 // src/shared/settings-merge.ts
 function isHandsoffHook(hook) {
-  return hook.type === "http" && hook.url.includes("/hook/");
+  if (hook.type === "http" && hook.url) {
+    return hook.url.includes("/hook/");
+  }
+  if (hook.type === "command" && hook.command) {
+    return hook.command.includes("/hook/") && hook.command.includes("curl");
+  }
+  return false;
 }
 function isHandsoffEntry(entry) {
   return entry.hooks.some((hook) => isHandsoffHook(hook));
@@ -35,10 +41,15 @@ function mergeHooks(existing, newHooks) {
     const existingEntries = cleaned.hooks?.[eventName] || [];
     const newEntries = newHooks[eventName] || [];
     const existingUrls = new Set(
-      existingEntries.flatMap((e) => e.hooks.map((h) => h.url))
+      existingEntries.flatMap((e) => e.hooks.map((h) => h.url).filter(Boolean))
+    );
+    const existingCommands = new Set(
+      existingEntries.flatMap((e) => e.hooks.map((h) => h.command).filter(Boolean))
     );
     const uniqueNewEntries = newEntries.filter(
-      (entry) => !entry.hooks.some((h) => existingUrls.has(h.url))
+      (entry) => !entry.hooks.some(
+        (h) => h.url && existingUrls.has(h.url) || h.command && existingCommands.has(h.command)
+      )
     );
     const merged = [...uniqueNewEntries, ...existingEntries];
     if (merged.length > 0) {
@@ -124,7 +135,6 @@ import dotenv from "dotenv";
 dotenv.config();
 var DEFAULT_CONFIG = {
   general: {
-    default_agent: "claude",
     log_level: "info",
     hook_server_port: 9876
   },
@@ -148,6 +158,11 @@ var DEFAULT_CONFIG = {
       timeout_ms: 3e5,
       // 5 minutes
       default_on_timeout: "deny"
+    },
+    app: {
+      enabled: false,
+      channel_id: "",
+      auth_token: ""
     }
   },
   agent: {
@@ -156,21 +171,16 @@ var DEFAULT_CONFIG = {
       binary: "claude",
       work_dir: "",
       model: "",
-      permission_mode: "",
-      permission: {
-        lowRiskTools: ["Read", "Glob", "Grep", "List", "WebSearch", "codesearch"]
-      }
+      permission_mode: ""
     },
     codex: {
       enabled: false,
       command: ["codex", "app-server", "--listen", "stdio://"],
       work_dir: "",
       model: "",
-      approval_policy: "",
-      sandbox_mode: ""
+      approval_policy: ""
     }
   },
-  channels: {},
   bindings: {}
 };
 function getConfigPath() {
@@ -218,16 +228,21 @@ function mergeWithDefaults(raw) {
           10
         ),
         default_on_timeout: process.env.HANDSOFF_PERMISSION_DEFAULT || raw.channel?.permission?.default_on_timeout || DEFAULT_CONFIG.channel.permission.default_on_timeout
+      },
+      app: {
+        ...DEFAULT_CONFIG.channel.app,
+        ...raw.channel?.app || {},
+        enabled: raw.channel?.app?.enabled === true,
+        channel_id: String(raw.channel?.app?.channel_id || ""),
+        auth_token: String(raw.channel?.app?.auth_token || ""),
+        heartbeat_interval_ms: raw.channel?.app?.heartbeat_interval_ms ? parseInt(String(raw.channel?.app?.heartbeat_interval_ms), 10) : void 0,
+        notify_types: Array.isArray(raw.channel?.app?.notify_types) ? raw.channel.app.notify_types.map(String) : void 0
       }
     },
     agent: {
       claude: {
         ...DEFAULT_CONFIG.agent.claude,
-        ...raw.agent?.claude || {},
-        permission: {
-          ...DEFAULT_CONFIG.agent.claude.permission,
-          ...raw.agent?.claude?.permission || {}
-        }
+        ...raw.agent?.claude || {}
       },
       codex: {
         ...DEFAULT_CONFIG.agent.codex,
@@ -235,21 +250,9 @@ function mergeWithDefaults(raw) {
         command: raw.agent?.codex?.command ? raw.agent.codex.command : DEFAULT_CONFIG.agent.codex.command,
         work_dir: raw.agent?.codex?.work_dir || DEFAULT_CONFIG.agent.codex.work_dir,
         model: raw.agent?.codex?.model || DEFAULT_CONFIG.agent.codex.model,
-        approval_policy: raw.agent?.codex?.approval_policy || DEFAULT_CONFIG.agent.codex.approval_policy,
-        sandbox_mode: raw.agent?.codex?.sandbox_mode || DEFAULT_CONFIG.agent.codex.sandbox_mode
+        approval_policy: raw.agent?.codex?.approval_policy || DEFAULT_CONFIG.agent.codex.approval_policy
       }
     },
-    channels: {
-      ...DEFAULT_CONFIG.channels,
-      ...raw.channels || {},
-      app: raw.channels?.app ? {
-        enabled: raw.channels.app.enabled === true,
-        channel_id: String(raw.channels.app.channel_id || ""),
-        auth_token: String(raw.channels.app.auth_token || ""),
-        heartbeat_interval_ms: raw.channels.app.heartbeat_interval_ms ? parseInt(String(raw.channels.app.heartbeat_interval_ms), 10) : void 0,
-        notify_types: Array.isArray(raw.channels.app.notify_types) ? raw.channels.app.notify_types.map(String) : void 0
-      } : DEFAULT_CONFIG.channels?.app
-    },
     bindings: {
       ...DEFAULT_CONFIG.bindings,
       ...raw.bindings || {}
@@ -297,7 +300,10 @@ var en_default = {
       injecting: "Injecting hooks...",
       injected: "Hooks injected",
       failed: "Failed: {{error}}",
-      remoteModeSkipHooks: "Remote mode does not require hooks; skipping injection."
+      remoteModeSkipHooks: "Remote mode does not require hooks; skipping injection.",
+      cleaningHooks: "Cleaning up hooks from previous mode...",
+      hooksCleaned: "Hooks cleaned",
+      cleanupWarning: "Hook cleanup warning: {{error}}"
     },
     channel: {
       configuring: "Configuring {{channel}}",
@@ -516,6 +522,22 @@ var en_default = {
     unauthorized: "You are not authorized to use this bot.",
     received: "Message received.",
     processingError: "Error processing message."
+  },
+  eventTitles: {
+    sessionStart: "\u{1F680} Session Started",
+    sessionEnd: "\u{1F44B} Session Ended",
+    turnFinished: "\u2705 Task Completed",
+    turnThinking: "\u{1F4AD} Thinking...",
+    toolPost: "\u{1F527} Tool Call",
+    toolExecuted: "\u2705 Tool Executed",
+    toolFailure: "\u274C Tool Failed",
+    permissionRequest: "\u{1F510} Permission Request",
+    permissionResponse: "\u{1F4CB} Permission Response",
+    questionRequest: "\u2753 Question",
+    questionResponse: "\u{1F4CB} Question Response",
+    agentMessage: "\u{1F916} Agent Message",
+    error: "\u26A0\uFE0F Error",
+    fallback: "\u{1F4CB} Notification"
   }
 };
 
@@ -783,6 +805,16 @@ function extractHandsoffHookInfo(entry) {
   }
   return { isHandsoff: false };
 }
+function detectPermissionMode() {
+  const settingsPath = join5(homedir5(), ".claude", "settings.json");
+  if (!existsSync4(settingsPath)) return null;
+  try {
+    const settings = JSON.parse(readFileSync4(settingsPath, "utf-8"));
+    return settings.permissionMode ?? null;
+  } catch {
+    return null;
+  }
+}
 
 // src/cli/wizard/detectors/codex.ts
 import { execSync as execSync2 } from "child_process";
@@ -864,6 +896,18 @@ var prompts = {
       { name: "Remote mode (managed two-way)", value: "remote" }
     ]
   }),
+  permissionModeSelect: (defaultValue) => select({
+    message: "Permission Mode",
+    choices: [
+      { name: "acceptEdits \u2014 Auto-approve safe edits (Recommended)", value: "acceptEdits" },
+      { name: "default \u2014 Ask via TTY or hook", value: "default" },
+      { name: "bypassPermissions \u2014 Approve all, no prompts", value: "bypassPermissions" },
+      { name: "dontAsk \u2014 Deny all tool execution", value: "dontAsk" },
+      { name: "plan \u2014 Plan only, no tool execution", value: "plan" },
+      { name: "auto \u2014 Auto-handle based on risk level", value: "auto" }
+    ],
+    default: defaultValue ?? "acceptEdits"
+  }),
   cliHookSelect: (selected) => checkbox({
     message: t("wizard.cli.hookCheckbox"),
     choices: [
@@ -900,10 +944,10 @@ var prompts = {
   notifyTypes: (selected) => checkbox({
     message: t("wizard.notify.checkbox"),
     choices: [
-      { name: "permission_request", value: "permission_request", checked: selected?.includes("permission_request") },
-      { name: "question_request", value: "question_request", checked: selected?.includes("question_request") },
-      { name: "finished", value: "finished", checked: selected?.includes("finished") },
-      { name: "session_start", value: "session_start", checked: selected?.includes("session_start") },
+      { name: "permission:request", value: "permission:request", checked: selected?.includes("permission:request") },
+      { name: "question:request", value: "question:request", checked: selected?.includes("question:request") },
+      { name: "turn:finished", value: "turn:finished", checked: selected?.includes("turn:finished") },
+      { name: "session:start", value: "session:start", checked: selected?.includes("session:start") },
       { name: "error", value: "error", checked: selected?.includes("error") }
     ]
   }),
@@ -933,8 +977,8 @@ var prompts = {
   pairContinue: () => select({
     message: "Add another pair?",
     choices: [
-      { name: "Add another pair", value: "continue" },
-      { name: "Finish setup", value: "finish" }
+      { name: "Finish setup", value: "finish" },
+      { name: "Add another pair", value: "continue" }
     ]
   }),
   agentSelect: (agents) => select({
@@ -1006,6 +1050,13 @@ ${STEP} \u2014 Configure Agent
         return { action: "next", next: "cli-menu" };
       }
     } else {
+      const spinner = ora(t("wizard.cli.cleaningHooks")).start();
+      try {
+        cleanupClaudeHooks(detection.settingsPath);
+        spinner.succeed(t("wizard.cli.hooksCleaned"));
+      } catch (err) {
+        spinner.warn(t("wizard.cli.cleanupWarning", { error: String(err) }));
+      }
       console.log(pc.yellow(`! ${t("wizard.cli.remoteModeSkipHooks")}`));
       try {
         execSync3("claude --version", { stdio: "ignore" });
@@ -1023,6 +1074,9 @@ ${STEP} \u2014 Configure Agent
       }
     };
     state.validationResults.set("claude", { ok: true });
+    if (mode === "remote") {
+      return { action: "next", next: "permission-mode" };
+    }
     return { action: "next", next: "channel-select" };
   }
   if (cliName === "codex") {
@@ -1087,8 +1141,7 @@ function parseCommandInput(input2) {
 function injectClaudeHooks(settingsPath, events) {
   const port = loadConfig().general.hook_server_port;
   const token = getOrCreateHookToken();
-  const baseUrl = `http://localhost:${port}/hook/${token}`;
-  const hooksConfig = generateHooksConfig2(baseUrl, events);
+  const hooksConfig = generateHooksConfig2(port, token, events);
   let currentSettings = {};
   if (existsSync5(settingsPath)) {
     try {
@@ -1103,17 +1156,40 @@ function injectClaudeHooks(settingsPath, events) {
   mkdirSync4(dirname3(settingsPath), { recursive: true });
   writeFileSync4(settingsPath, JSON.stringify(mergedSettings, null, 2));
 }
-function generateHooksConfig2(baseUrl, events) {
-  const createEntry = (event) => ({
-    matcher: "",
-    hooks: [{ type: "http", url: `${baseUrl}/${event}` }]
-  });
+var COMMAND_ONLY_HOOKS = ["SessionStart", "Setup"];
+function generateHooksConfig2(port, token, events) {
+  const unifiedUrl = `http://localhost:${port}/hook/${token}/event`;
+  const curlCommand = `curl -s -X POST -H 'Content-Type: application/json' -d @- ${unifiedUrl}`;
+  const createEntry = (event) => {
+    const isCommandOnly = COMMAND_ONLY_HOOKS.includes(event);
+    return {
+      matcher: "",
+      hooks: [{
+        type: isCommandOnly ? "command" : "http",
+        ...isCommandOnly ? { command: curlCommand } : { url: unifiedUrl }
+      }]
+    };
+  };
   const config = {};
   for (const event of events) {
     config[event] = [createEntry(event)];
   }
   return config;
 }
+function cleanupClaudeHooks(settingsPath) {
+  if (!existsSync5(settingsPath)) return;
+  let currentSettings = {};
+  try {
+    currentSettings = JSON.parse(readFileSync5(settingsPath, "utf-8"));
+  } catch {
+  }
+  const cleanedSettings = removeHandsoffHooks(currentSettings);
+  if (!cleanedSettings.hooks || Object.keys(cleanedSettings.hooks).length === 0) {
+    delete cleanedSettings.hooks;
+  }
+  mkdirSync4(dirname3(settingsPath), { recursive: true });
+  writeFileSync4(settingsPath, JSON.stringify(cleanedSettings, null, 2));
+}
 
 // src/cli/wizard/detectors/channel.ts
 async function detectChannel(name) {
@@ -1343,7 +1419,7 @@ ${STEP3} \u2014 Select Agent
   if (result.next === "cli-menu") {
     return { action: "next", next: "agent-select" };
   }
-  return { action: "next", next: "channel-select" };
+  return { action: "next", next: result.next };
 }
 
 // src/shared/channelInstance.ts
@@ -1373,7 +1449,6 @@ ${STEP4} \u2014 Select Channel
   const loggerInstanceId = "logger:default";
   const loggerBoundAgent = Object.entries(currentBindings).find(([, v]) => v === loggerInstanceId)?.[0];
   const loggerStatus = loggerBoundAgent ? pc6.green(`[bound to ${loggerBoundAgent}]`) : loggerEnabled ? pc6.green("[configured]") : pc6.gray("[not configured]");
-  channels.push({ name: "logger", value: "logger", status: loggerStatus });
   if (mergedTelegram?.enabled && mergedTelegram.bot_token) {
     const instanceId = getChannelInstanceId("telegram", mergedTelegram.bot_token);
     const boundAgent = Object.entries(currentBindings).find(([, v]) => v === instanceId)?.[0];
@@ -1390,6 +1465,7 @@ ${STEP4} \u2014 Select Channel
   } else {
     channels.push({ name: "feishu", value: "feishu", status: pc6.gray("[not configured]") });
   }
+  channels.push({ name: "logger", value: "logger", status: loggerStatus });
   const choice = await prompts.channelSelect(channels);
   state.currentChannelName = choice;
   const result = await stepChannelConfig(state);
@@ -1719,6 +1795,33 @@ ${t("wizard.final.done")}
   return { action: "next", next: "done" };
 }
 
+// src/cli/wizard/steps/permission-mode.ts
+import pc10 from "picocolors";
+var STEP7 = "STEP 3";
+async function stepPermissionMode(state) {
+  console.log(pc10.bold(`
+${STEP7} \u2014 Permission Mode
+`));
+  console.log(pc10.gray(`${"\u2500".repeat(50)}
+`));
+  const config = loadConfig();
+  const current = state.pendingChanges?.agent?.claude;
+  const saved = current?.permission_mode ?? config.agent.claude?.permission_mode ?? null;
+  const detected = detectPermissionMode();
+  const initial = saved ?? detected ?? "acceptEdits";
+  console.log(pc10.gray("Controls how Claude Code handles permission requests.\n"));
+  if (detected && !saved) {
+    console.log(pc10.gray(`Detected from ~/.claude/settings.json: ${detected}
+`));
+  }
+  const selected = await prompts.permissionModeSelect(initial);
+  state.pendingChanges ??= {};
+  state.pendingChanges.agent ??= {};
+  state.pendingChanges.agent.claude ??= {};
+  state.pendingChanges.agent.claude.permission_mode = selected;
+  return { action: "next", next: "channel-select" };
+}
+
 // src/cli/wizard/engine.ts
 var WizardEngine = class {
   state;
@@ -1779,6 +1882,8 @@ var WizardEngine = class {
         return await stepPairContinue(this.state);
       case "cli":
         return await stepCli(this.state);
+      case "permission-mode":
+        return await stepPermissionMode(this.state);
       case "cli-menu":
         return await stepCliMenu(this.state);
       case "channel-config":
@@ -2255,22 +2360,29 @@ function writeSettings2(settingsPath, settings) {
 }
 function generateHooksConfig3(port, token) {
   const unifiedUrl = `http://localhost:${port}/hook/${token}/event`;
-  const createHookEntry = () => ({
+  const createHttpHookEntry = () => ({
     matcher: "",
     hooks: [{ type: "http", url: unifiedUrl }]
   });
+  const curlCommand = `curl -s -X POST -H 'Content-Type: application/json' -d @- ${unifiedUrl}`;
+  const createCommandHookEntry = () => ({
+    matcher: "",
+    hooks: [{ type: "command", command: curlCommand }]
+  });
   return {
-    Stop: [createHookEntry()],
-    PostToolUse: [createHookEntry()],
-    PostToolUseFailure: [createHookEntry()],
-    Notification: [createHookEntry()],
-    PreToolUse: [createHookEntry()],
-    SubagentStart: [createHookEntry()],
-    SubagentStop: [createHookEntry()],
-    SessionStart: [createHookEntry()],
-    SessionEnd: [createHookEntry()],
-    UserPromptSubmit: [createHookEntry()],
-    PermissionRequest: [createHookEntry()]
+    // HTTP type hooks
+    Stop: [createHttpHookEntry()],
+    PostToolUse: [createHttpHookEntry()],
+    PostToolUseFailure: [createHttpHookEntry()],
+    Notification: [createHttpHookEntry()],
+    PreToolUse: [createHttpHookEntry()],
+    SubagentStart: [createHttpHookEntry()],
+    SubagentStop: [createHttpHookEntry()],
+    SessionEnd: [createHttpHookEntry()],
+    UserPromptSubmit: [createHttpHookEntry()],
+    PermissionRequest: [createHttpHookEntry()],
+    // Command type hooks (HTTP not supported by Claude)
+    SessionStart: [createCommandHookEntry()]
   };
 }
 function registerClaudeCommand(program2) {