jinzd-ai-cli 0.4.85 → 0.4.87

package/dist/{batch-YBWWF5BJ.js → batch-FNHSLCMV.js}

@@ -1,13 +1,13 @@
 #!/usr/bin/env node
 import {
   ConfigManager
-} from "./chunk-APU36NHI.js";
+} from "./chunk-Y75YPB5F.js";
 import "./chunk-2ZD3YTVM.js";
-import "./chunk-XEXVG3CQ.js";
+import "./chunk-BAOIXQHD.js";
 
 // src/cli/batch.ts
 import Anthropic from "@anthropic-ai/sdk";
-import { readFileSync, writeFileSync, existsSync, mkdirSync } from "fs";
+import { readFileSync, writeFileSync, existsSync, mkdirSync, renameSync, unlinkSync } from "fs";
 import { join } from "path";
 function parseBatchInput(jsonl) {
   const lines = jsonl.split("\n").map((l) => l.trim()).filter(Boolean);
@@ -72,7 +72,18 @@ function loadTrackedBatches(config) {
 }
 function saveTrackedBatches(config, batches) {
   mkdirSync(config.getConfigDir(), { recursive: true });
-  writeFileSync(getBatchesPath(config), JSON.stringify({ batches }, null, 2), "utf-8");
+  const finalPath = getBatchesPath(config);
+  const tmpPath = `${finalPath}.tmp.${process.pid}.${Date.now()}`;
+  try {
+    writeFileSync(tmpPath, JSON.stringify({ batches }, null, 2), "utf-8");
+    renameSync(tmpPath, finalPath);
+  } catch (err) {
+    try {
+      unlinkSync(tmpPath);
+    } catch {
+    }
+    throw err;
+  }
 }
 function getClaudeClient(config) {
   const apiKey = config.getApiKey("claude");

package/dist/{chunk-6IOQPMMT.js → chunk-3DGNN4RM.js}

@@ -2,7 +2,7 @@
 import {
   schemaToJsonSchema,
   truncateForPersist
-} from "./chunk-YBL4QDLD.js";
+} from "./chunk-SP6RFAKW.js";
 import {
   AuthError,
   ProviderError,
@@ -18,7 +18,7 @@ import {
   MCP_PROTOCOL_VERSION,
   MCP_TOOL_PREFIX,
   VERSION
-} from "./chunk-XEXVG3CQ.js";
+} from "./chunk-BAOIXQHD.js";
 
 // src/providers/claude.ts
 import Anthropic from "@anthropic-ai/sdk";
@@ -1291,17 +1291,41 @@ var DeepSeekProvider = class extends OpenAICompatibleProvider {
 // src/providers/zhipu.ts
 var ZhipuProvider = class extends OpenAICompatibleProvider {
   defaultBaseUrl = "https://open.bigmodel.cn/api/paas/v4";
-  // GLM-5 等深度思考模型生成长内容需要较长时间，默认 5 分钟
+  // GLM-5 / GLM-5.1 等深度思考模型生成长内容需要较长时间，默认 5 分钟
   defaultTimeout = 3e5;
   info = {
     id: "zhipu",
     displayName: "Zhipu (GLM)",
-    defaultModel: "glm-5",
+    // 默认选 GLM-4.6：中文写作口碑最稳 + 200K 上下文 + 价格只有 5.1 的 ~1/2。
+    // 需要 Agent 长跑 / 代码工程时再手动 /model glm-5.1。
+    defaultModel: "glm-4.6",
     apiKeyEnvVar: "AICLI_API_KEY_ZHIPU",
     requiresApiKey: true,
     baseUrl: this.defaultBaseUrl,
     models: [
-      // GLM-5 旗舰系列（最新，支持深度思考）
+      // ── GLM-5.1 系列（2026-04 旗舰，主打长程 Agent + 代码工程） ──
+      {
+        id: "glm-5.1",
+        displayName: "GLM-5.1 (2026 Flagship, 200K, Agent+Code)",
+        contextWindow: 204800,
+        supportsStreaming: true,
+        supportsThinking: true
+      },
+      {
+        id: "glm-5.1-reasoning",
+        displayName: "GLM-5.1 Reasoning (Deep Thinking)",
+        contextWindow: 204800,
+        supportsStreaming: true,
+        supportsThinking: true
+      },
+      {
+        id: "glm-5.1-air",
+        displayName: "GLM-5.1 Air (Lightweight 5.1)",
+        contextWindow: 204800,
+        supportsStreaming: true,
+        supportsThinking: true
+      },
+      // ── GLM-5 系列（2026-02） ──
       {
         id: "glm-5",
         displayName: "GLM-5 (Flagship, Deep Thinking)",
@@ -1309,7 +1333,13 @@ var ZhipuProvider = class extends OpenAICompatibleProvider {
         supportsStreaming: true,
         supportsThinking: true
       },
-      // GLM-4.6 系列（视觉 + 思考）
+      // ── GLM-4.6 系列（2025-09，中文写作口碑最佳） ──
+      {
+        id: "glm-4.6",
+        displayName: "GLM-4.6 (200K, \u4E2D\u6587\u5199\u4F5C\u63A8\u8350)",
+        contextWindow: 204800,
+        supportsStreaming: true
+      },
       {
         id: "glm-4.6v",
         displayName: "GLM-4.6V (Vision + Thinking)",
@@ -1317,7 +1347,7 @@ var ZhipuProvider = class extends OpenAICompatibleProvider {
         supportsStreaming: true,
         supportsThinking: true
       },
-      // GLM-Z1 推理系列（支持深度思考）
+      // ── GLM-Z1 推理系列 ──
       {
         id: "glm-z1",
         displayName: "GLM-Z1 (Reasoning Flagship)",
@@ -1339,7 +1369,7 @@ var ZhipuProvider = class extends OpenAICompatibleProvider {
         supportsStreaming: true,
         supportsThinking: true
       },
-      // GLM-4 系列（稳定）
+      // ── GLM-4 系列（稳定，价格低） ──
       {
         id: "glm-4-plus",
         displayName: "GLM-4 Plus",
@@ -3653,7 +3683,15 @@ var PRICING_TABLE = {
   "glm-4": { input: 0.14, output: 0.14 },
   "glm-4-flash": { input: 0, output: 0 },
   "glm-4.5": { input: 0.29, output: 1.14 },
-  "glm-4.6": { input: 0.6, output: 2.2 }
+  "glm-4.6": { input: 0.6, output: 2.2 },
+  "glm-4.6v": { input: 0.6, output: 2.2 },
+  "glm-5": { input: 0.85, output: 2.85 },
+  "glm-5.1": { input: 0.95, output: 3.15 },
+  "glm-5.1-reasoning": { input: 1.4, output: 4.4 },
+  "glm-5.1-air": { input: 0.4, output: 1.2 },
+  "glm-z1": { input: 0.5, output: 1.5 },
+  "glm-z1-air": { input: 0.2, output: 0.6 },
+  "glm-z1-flash": { input: 0, output: 0 }
   // ── OpenRouter (pass-through — actual cost depends on underlying model) ──
   // Left empty; callers should resolve via underlying model ID.
   // ── Ollama (local, zero cost) ─────────────────────────────────

package/dist/{chunk-4GMAVGPX.js → chunk-AQX3GYRD.js}

@@ -6,7 +6,7 @@ import { platform } from "os";
 import chalk from "chalk";
 
 // src/core/constants.ts
-var VERSION = "0.4.85";
+var VERSION = "0.4.87";
 var APP_NAME = "ai-cli";
 var CONFIG_DIR_NAME = ".aicli";
 var CONFIG_FILE_NAME = "config.json";

package/dist/{chunk-XEXVG3CQ.js → chunk-BAOIXQHD.js}

@@ -1,7 +1,7 @@
 #!/usr/bin/env node
 
 // src/core/constants.ts
-var VERSION = "0.4.85";
+var VERSION = "0.4.87";
 var APP_NAME = "ai-cli";
 var CONFIG_DIR_NAME = ".aicli";
 var CONFIG_FILE_NAME = "config.json";

package/dist/{chunk-YBL4QDLD.js → chunk-SP6RFAKW.js}

@@ -19,7 +19,7 @@ import {
 } from "./chunk-6VRJGH25.js";
 import {
   runTestsTool
-} from "./chunk-AX7T3J7G.js";
+} from "./chunk-TFLBQRQM.js";
 import {
   CONFIG_DIR_NAME,
   DEFAULT_MAX_TOOL_OUTPUT_CHARS_CAP,
@@ -27,7 +27,7 @@ import {
   SUBAGENT_ALLOWED_TOOLS,
   SUBAGENT_DEFAULT_MAX_ROUNDS,
   SUBAGENT_MAX_ROUNDS_LIMIT
-} from "./chunk-XEXVG3CQ.js";
+} from "./chunk-BAOIXQHD.js";
 
 // src/tools/types.ts
 function isFileWriteTool(name) {

package/dist/{chunk-AX7T3J7G.js → chunk-TFLBQRQM.js}

@@ -1,7 +1,7 @@
 #!/usr/bin/env node
 import {
   TEST_TIMEOUT
-} from "./chunk-XEXVG3CQ.js";
+} from "./chunk-BAOIXQHD.js";
 
 // src/tools/builtin/run-tests.ts
 import { execSync } from "child_process";

package/dist/{chunk-APU36NHI.js → chunk-Y75YPB5F.js}

@@ -8,7 +8,7 @@ import {
   CONFIG_FILE_NAME,
   HISTORY_DIR_NAME,
   PLUGINS_DIR_NAME
-} from "./chunk-XEXVG3CQ.js";
+} from "./chunk-BAOIXQHD.js";
 
 // src/config/config-manager.ts
 import { readFileSync, writeFileSync, existsSync, mkdirSync } from "fs";

package/dist/electron-server.js

@@ -36,7 +36,7 @@ import {
   VERSION,
   buildUserIdentityPrompt,
   runTestsTool
-} from "./chunk-4GMAVGPX.js";
+} from "./chunk-AQX3GYRD.js";
 import {
   hasSemanticIndex,
   semanticSearch
@@ -1779,17 +1779,41 @@ var DeepSeekProvider = class extends OpenAICompatibleProvider {
 // src/providers/zhipu.ts
 var ZhipuProvider = class extends OpenAICompatibleProvider {
   defaultBaseUrl = "https://open.bigmodel.cn/api/paas/v4";
-  // GLM-5 等深度思考模型生成长内容需要较长时间，默认 5 分钟
+  // GLM-5 / GLM-5.1 等深度思考模型生成长内容需要较长时间，默认 5 分钟
   defaultTimeout = 3e5;
   info = {
     id: "zhipu",
     displayName: "Zhipu (GLM)",
-    defaultModel: "glm-5",
+    // 默认选 GLM-4.6：中文写作口碑最稳 + 200K 上下文 + 价格只有 5.1 的 ~1/2。
+    // 需要 Agent 长跑 / 代码工程时再手动 /model glm-5.1。
+    defaultModel: "glm-4.6",
     apiKeyEnvVar: "AICLI_API_KEY_ZHIPU",
     requiresApiKey: true,
     baseUrl: this.defaultBaseUrl,
     models: [
-      // GLM-5 旗舰系列（最新，支持深度思考）
+      // ── GLM-5.1 系列（2026-04 旗舰，主打长程 Agent + 代码工程） ──
+      {
+        id: "glm-5.1",
+        displayName: "GLM-5.1 (2026 Flagship, 200K, Agent+Code)",
+        contextWindow: 204800,
+        supportsStreaming: true,
+        supportsThinking: true
+      },
+      {
+        id: "glm-5.1-reasoning",
+        displayName: "GLM-5.1 Reasoning (Deep Thinking)",
+        contextWindow: 204800,
+        supportsStreaming: true,
+        supportsThinking: true
+      },
+      {
+        id: "glm-5.1-air",
+        displayName: "GLM-5.1 Air (Lightweight 5.1)",
+        contextWindow: 204800,
+        supportsStreaming: true,
+        supportsThinking: true
+      },
+      // ── GLM-5 系列（2026-02） ──
       {
         id: "glm-5",
         displayName: "GLM-5 (Flagship, Deep Thinking)",
@@ -1797,7 +1821,13 @@ var ZhipuProvider = class extends OpenAICompatibleProvider {
         supportsStreaming: true,
         supportsThinking: true
       },
-      // GLM-4.6 系列（视觉 + 思考）
+      // ── GLM-4.6 系列（2025-09，中文写作口碑最佳） ──
+      {
+        id: "glm-4.6",
+        displayName: "GLM-4.6 (200K, \u4E2D\u6587\u5199\u4F5C\u63A8\u8350)",
+        contextWindow: 204800,
+        supportsStreaming: true
+      },
       {
         id: "glm-4.6v",
         displayName: "GLM-4.6V (Vision + Thinking)",
@@ -1805,7 +1835,7 @@ var ZhipuProvider = class extends OpenAICompatibleProvider {
         supportsStreaming: true,
         supportsThinking: true
       },
-      // GLM-Z1 推理系列（支持深度思考）
+      // ── GLM-Z1 推理系列 ──
       {
         id: "glm-z1",
         displayName: "GLM-Z1 (Reasoning Flagship)",
@@ -1827,7 +1857,7 @@ var ZhipuProvider = class extends OpenAICompatibleProvider {
         supportsStreaming: true,
         supportsThinking: true
       },
-      // GLM-4 系列（稳定）
+      // ── GLM-4 系列（稳定，价格低） ──
       {
         id: "glm-4-plus",
         displayName: "GLM-4 Plus",
@@ -9035,7 +9065,15 @@ var PRICING_TABLE = {
   "glm-4": { input: 0.14, output: 0.14 },
   "glm-4-flash": { input: 0, output: 0 },
   "glm-4.5": { input: 0.29, output: 1.14 },
-  "glm-4.6": { input: 0.6, output: 2.2 }
+  "glm-4.6": { input: 0.6, output: 2.2 },
+  "glm-4.6v": { input: 0.6, output: 2.2 },
+  "glm-5": { input: 0.85, output: 2.85 },
+  "glm-5.1": { input: 0.95, output: 3.15 },
+  "glm-5.1-reasoning": { input: 1.4, output: 4.4 },
+  "glm-5.1-air": { input: 0.4, output: 1.2 },
+  "glm-z1": { input: 0.5, output: 1.5 },
+  "glm-z1-air": { input: 0.2, output: 0.6 },
+  "glm-z1-flash": { input: 0, output: 0 }
   // ── OpenRouter (pass-through — actual cost depends on underlying model) ──
   // Left empty; callers should resolve via underlying model ID.
   // ── Ollama (local, zero cost) ─────────────────────────────────
@@ -11070,7 +11108,7 @@ ${undoResults.map((r) => `  \u2022 ${r}`).join("\n")}` });
       case "test": {
         this.send({ type: "info", message: "\u{1F9EA} Running tests..." });
         try {
-          const { executeTests } = await import("./run-tests-PIISCS6B.js");
+          const { executeTests } = await import("./run-tests-P7GIZ6UH.js");
           const argStr = args.join(" ").trim();
           let testArgs = {};
           if (argStr) {
@@ -12238,7 +12276,11 @@ async function startWebServer(options = {}) {
   };
   const app = express();
   const server = createServer(app);
-  const wss = new WebSocketServer({ server });
+  const WS_MAX_PAYLOAD = 1 * 1024 * 1024;
+  const WS_MSG_RATE_PER_SEC = 30;
+  const WS_MSG_BURST = 60;
+  const WS_PREAUTH_TIMEOUT_MS = 3e4;
+  const wss = new WebSocketServer({ server, maxPayload: WS_MAX_PAYLOAD });
   const authManager = new AuthManager(config.getConfigDir());
   if (authManager.isEnabled()) {
     console.log(`   Auth: ${authManager.listUsers().length} user(s) registered`);
@@ -12337,9 +12379,11 @@ async function startWebServer(options = {}) {
       res.json({ files: [] });
     }
   });
-  app.get("/api/sessions", requireAuth, (_req, res) => {
+  app.get("/api/sessions", requireAuth, (req, res) => {
     try {
-      const list = sessions.listSessions();
+      const authUser = req._authUser;
+      const sm = authUser ? getUserShared(authUser).sessions : sessions;
+      const list = sm.listSessions();
       res.json({
         sessions: list.slice(0, 50).map((s) => ({
           id: s.id,
@@ -12368,6 +12412,17 @@ async function startWebServer(options = {}) {
         res.status(404).json({ error: "Session not found" });
         return;
       }
+      try {
+        const canonicalFile = realpathSync(filePath);
+        const canonicalDir = realpathSync(histDir);
+        if (!canonicalFile.startsWith(canonicalDir + sep2)) {
+          res.status(404).json({ error: "Session not found" });
+          return;
+        }
+      } catch {
+        res.status(404).json({ error: "Session not found" });
+        return;
+      }
       const data = JSON.parse(readFileSync15(filePath, "utf-8"));
       res.json({ session: data });
     } catch (err) {
@@ -12444,8 +12499,35 @@ async function startWebServer(options = {}) {
       existing.onDisconnect();
       handlers.delete(tabId);
     }
+    let tokens = WS_MSG_BURST;
+    let lastRefill = Date.now();
+    const takeToken = () => {
+      const now = Date.now();
+      const refill = (now - lastRefill) / 1e3 * WS_MSG_RATE_PER_SEC;
+      if (refill > 0) {
+        tokens = Math.min(WS_MSG_BURST, tokens + refill);
+        lastRefill = now;
+      }
+      if (tokens < 1) return false;
+      tokens -= 1;
+      return true;
+    };
     let authenticatedUser = null;
     let handler = null;
+    let preAuthTimer = setTimeout(() => {
+      if (!handler && ws.readyState === ws.OPEN) {
+        try {
+          ws.close(1008, "auth timeout");
+        } catch {
+        }
+      }
+    }, WS_PREAUTH_TIMEOUT_MS);
+    const clearPreAuthTimer = () => {
+      if (preAuthTimer) {
+        clearTimeout(preAuthTimer);
+        preAuthTimer = null;
+      }
+    };
     if (token) {
       authenticatedUser = authManager.verifyToken(token);
     }
@@ -12454,11 +12536,13 @@ async function startWebServer(options = {}) {
       console.log(`   \u2713 Tab connected: ${tabId.slice(0, 12)} (no auth) (total: ${handlers.size + 1})`);
       handler = new SessionHandler(ws, shared);
       handlers.set(tabId, handler);
+      clearPreAuthTimer();
     } else if (authenticatedUser) {
       console.log(`   \u2713 Tab connected: ${tabId.slice(0, 12)} (user: ${authenticatedUser}) (total: ${handlers.size + 1})`);
       const userShared = getUserShared(authenticatedUser);
       handler = new SessionHandler(ws, userShared);
       handlers.set(tabId, handler);
+      clearPreAuthTimer();
     } else {
       console.log(`   \u23F3 Tab waiting auth: ${tabId.slice(0, 12)}`);
       if (ws.readyState === ws.OPEN) {
@@ -12469,6 +12553,15 @@ async function startWebServer(options = {}) {
       }
     }
     ws.on("message", async (data) => {
+      if (!takeToken()) {
+        if (ws.readyState === ws.OPEN) {
+          try {
+            ws.close(1008, "rate limit exceeded");
+          } catch {
+          }
+        }
+        return;
+      }
       try {
         const raw = data.toString();
         const parsed = JSON.parse(raw);
@@ -12491,6 +12584,7 @@ async function startWebServer(options = {}) {
             const userShared = getUserShared(username);
             handler = new SessionHandler(ws, userShared);
             handlers.set(tabId, handler);
+            clearPreAuthTimer();
             console.log(`   \u2713 User registered & connected: ${username} (tab: ${tabId.slice(0, 12)})`);
             ws.send(JSON.stringify({ type: "auth_result", success: true, token: newToken, username, setCookie: true }));
             return;
@@ -12506,6 +12600,7 @@ async function startWebServer(options = {}) {
             const userShared = getUserShared(verifiedUser);
             handler = new SessionHandler(ws, userShared);
             handlers.set(tabId, handler);
+            clearPreAuthTimer();
             console.log(`   \u2713 Token auth: ${verifiedUser} (tab: ${tabId.slice(0, 12)})`);
             ws.send(JSON.stringify({ type: "auth_result", success: true, token: clientToken, username: verifiedUser }));
             return;
@@ -12520,6 +12615,7 @@ async function startWebServer(options = {}) {
             const userShared = getUserShared(username);
             handler = new SessionHandler(ws, userShared);
             handlers.set(tabId, handler);
+            clearPreAuthTimer();
             console.log(`   \u2713 User logged in: ${username} (tab: ${tabId.slice(0, 12)})`);
             ws.send(JSON.stringify({ type: "auth_result", success: true, token: loginToken, username, setCookie: true }));
             return;
@@ -12546,6 +12642,7 @@ async function startWebServer(options = {}) {
       }
     });
     ws.on("close", () => {
+      clearPreAuthTimer();
       console.log(`   \u2717 Tab disconnected: ${tabId.slice(0, 12)} (total: ${handlers.size - 1})`);
       if (handler) handler.onDisconnect();
       handlers.delete(tabId);

package/dist/{hub-RCX7G5T6.js → hub-HEC4GYKR.js}

@@ -385,7 +385,7 @@ ${content}`);
   }
 }
 async function runTaskMode(config, providers, configManager, topic) {
-  const { TaskOrchestrator } = await import("./task-orchestrator-H73NIC6T.js");
+  const { TaskOrchestrator } = await import("./task-orchestrator-36SFPCP7.js");
   const orchestrator = new TaskOrchestrator(config, providers, configManager);
   let interrupted = false;
   const onSigint = () => {

package/dist/index.js

@@ -30,10 +30,10 @@ import {
   saveDevState,
   sessionHasMeaningfulContent,
   setupProxy
-} from "./chunk-6IOQPMMT.js";
+} from "./chunk-3DGNN4RM.js";
 import {
   ConfigManager
-} from "./chunk-APU36NHI.js";
+} from "./chunk-Y75YPB5F.js";
 import {
   ToolExecutor,
   ToolRegistry,
@@ -49,7 +49,7 @@ import {
   spawnAgentContext,
   theme,
   undoStack
-} from "./chunk-YBL4QDLD.js";
+} from "./chunk-SP6RFAKW.js";
 import "./chunk-2ZD3YTVM.js";
 import {
   fileCheckpoints
@@ -58,7 +58,7 @@ import "./chunk-NHNWUBXB.js";
 import "./chunk-CQQQFNND.js";
 import "./chunk-6VRJGH25.js";
 import "./chunk-PFYAAX2S.js";
-import "./chunk-AX7T3J7G.js";
+import "./chunk-TFLBQRQM.js";
 import {
   AGENTIC_BEHAVIOR_GUIDELINE,
   AUTHOR,
@@ -80,7 +80,7 @@ import {
   SKILLS_DIR_NAME,
   VERSION,
   buildUserIdentityPrompt
-} from "./chunk-XEXVG3CQ.js";
+} from "./chunk-BAOIXQHD.js";
 
 // src/index.ts
 import { program } from "commander";
@@ -2592,7 +2592,7 @@ ${hint}` : "")
       usage: "/test [command|filter]",
       async execute(args, ctx) {
         try {
-          const { executeTests } = await import("./run-tests-KWVQL2PO.js");
+          const { executeTests } = await import("./run-tests-7PTRRO4D.js");
           const argStr = args.join(" ").trim();
           let testArgs = {};
           if (argStr) {
@@ -6485,7 +6485,7 @@ program.command("web").description("Start Web UI server with browser-based chat
     console.error("Error: Invalid port number. Must be between 1 and 65535.");
     process.exit(1);
   }
-  const { startWebServer } = await import("./server-WNL7UU5Q.js");
+  const { startWebServer } = await import("./server-TRTN3RVO.js");
   await startWebServer({ port, host: options.host });
 });
 program.command("user [action] [username]").description("Manage Web UI users (list | create <name> | delete <name> | reset-password <name> | migrate <name>)").action(async (action, username) => {
@@ -6608,7 +6608,7 @@ program.command("sessions").description("List recent conversation sessions").act
 });
 program.command("batch <action> [arg] [arg2]").description("Anthropic Message Batches: submit | list | status <id> | results <id> [out] | cancel <id>").option("--dry-run", "Parse and validate input without submitting (submit only)").action(async (action, arg, arg2, options) => {
   try {
-    const batch = await import("./batch-YBWWF5BJ.js");
+    const batch = await import("./batch-FNHSLCMV.js");
     switch (action) {
       case "submit":
         if (!arg) {
@@ -6651,7 +6651,7 @@ program.command("batch <action> [arg] [arg2]").description("Anthropic Message Ba
   }
 });
 program.command("mcp-serve").description("Start an MCP server over STDIO, exposing aicli's built-in tools to Claude Desktop / Cursor / other MCP clients").option("--allow-destructive", "Allow bash / run_interactive / task_create (always destructive in MCP mode)").option("--allow-outside-cwd", "Allow tool path arguments to escape the sandbox root \u2014 disabled by default").option("--tools <list>", "Comma-separated whitelist of tools to expose (default: all eligible tools)").option("--cwd <path>", "Working directory AND sandbox root (default: current directory)").action(async (options) => {
-  const { startMcpServer } = await import("./server-GAKP7VZ7.js");
+  const { startMcpServer } = await import("./server-GJRBVTTQ.js");
   await startMcpServer({
     allowDestructive: !!options.allowDestructive,
     allowOutsideCwd: !!options.allowOutsideCwd,
@@ -6778,7 +6778,7 @@ program.command("hub [topic]").description("Start multi-agent hub (discuss / bra
     }),
     config.get("customProviders")
   );
-  const { startHub } = await import("./hub-RCX7G5T6.js");
+  const { startHub } = await import("./hub-HEC4GYKR.js");
   await startHub(
     {
       topic: topic ?? "",

package/dist/{run-tests-KWVQL2PO.js → run-tests-7PTRRO4D.js}

@@ -2,8 +2,8 @@
 import {
   executeTests,
   runTestsTool
-} from "./chunk-AX7T3J7G.js";
-import "./chunk-XEXVG3CQ.js";
+} from "./chunk-TFLBQRQM.js";
+import "./chunk-BAOIXQHD.js";
 export {
   executeTests,
   runTestsTool

package/dist/{run-tests-PIISCS6B.js → run-tests-P7GIZ6UH.js}

@@ -1,7 +1,7 @@
 import {
   executeTests,
   runTestsTool
-} from "./chunk-4GMAVGPX.js";
+} from "./chunk-AQX3GYRD.js";
 export {
   executeTests,
   runTestsTool

package/dist/{server-GAKP7VZ7.js → server-GJRBVTTQ.js}

@@ -3,17 +3,17 @@ import {
   ToolRegistry,
   getDangerLevel,
   schemaToJsonSchema
-} from "./chunk-YBL4QDLD.js";
+} from "./chunk-SP6RFAKW.js";
 import "./chunk-2ZD3YTVM.js";
 import "./chunk-4BKXL7SM.js";
 import "./chunk-NHNWUBXB.js";
 import "./chunk-CQQQFNND.js";
 import "./chunk-6VRJGH25.js";
 import "./chunk-PFYAAX2S.js";
-import "./chunk-AX7T3J7G.js";
+import "./chunk-TFLBQRQM.js";
 import {
   VERSION
-} from "./chunk-XEXVG3CQ.js";
+} from "./chunk-BAOIXQHD.js";
 
 // src/mcp/server.ts
 import { createInterface } from "readline";

package/dist/{server-WNL7UU5Q.js → server-TRTN3RVO.js}

@@ -20,10 +20,10 @@ import {
   persistToolRound,
   rebuildExtraMessages,
   setupProxy
-} from "./chunk-6IOQPMMT.js";
+} from "./chunk-3DGNN4RM.js";
 import {
   ConfigManager
-} from "./chunk-APU36NHI.js";
+} from "./chunk-Y75YPB5F.js";
 import {
   ToolExecutor,
   ToolRegistry,
@@ -41,14 +41,14 @@ import {
   spawnAgentContext,
   truncateOutput,
   undoStack
-} from "./chunk-YBL4QDLD.js";
+} from "./chunk-SP6RFAKW.js";
 import "./chunk-2ZD3YTVM.js";
 import "./chunk-4BKXL7SM.js";
 import "./chunk-NHNWUBXB.js";
 import "./chunk-CQQQFNND.js";
 import "./chunk-6VRJGH25.js";
 import "./chunk-PFYAAX2S.js";
-import "./chunk-AX7T3J7G.js";
+import "./chunk-TFLBQRQM.js";
 import {
   AGENTIC_BEHAVIOR_GUIDELINE,
   AUTHOR,
@@ -67,7 +67,7 @@ import {
   SKILLS_DIR_NAME,
   VERSION,
   buildUserIdentityPrompt
-} from "./chunk-XEXVG3CQ.js";
+} from "./chunk-BAOIXQHD.js";
 import {
   AuthManager
 } from "./chunk-BYNY5JPB.js";
@@ -2229,7 +2229,7 @@ ${undoResults.map((r) => `  \u2022 ${r}`).join("\n")}` });
       case "test": {
         this.send({ type: "info", message: "\u{1F9EA} Running tests..." });
         try {
-          const { executeTests } = await import("./run-tests-KWVQL2PO.js");
+          const { executeTests } = await import("./run-tests-7PTRRO4D.js");
           const argStr = args.join(" ").trim();
           let testArgs = {};
           if (argStr) {
@@ -3175,7 +3175,11 @@ async function startWebServer(options = {}) {
   };
   const app = express();
   const server = createServer(app);
-  const wss = new WebSocketServer({ server });
+  const WS_MAX_PAYLOAD = 1 * 1024 * 1024;
+  const WS_MSG_RATE_PER_SEC = 30;
+  const WS_MSG_BURST = 60;
+  const WS_PREAUTH_TIMEOUT_MS = 3e4;
+  const wss = new WebSocketServer({ server, maxPayload: WS_MAX_PAYLOAD });
   const authManager = new AuthManager(config.getConfigDir());
   if (authManager.isEnabled()) {
     console.log(`   Auth: ${authManager.listUsers().length} user(s) registered`);
@@ -3274,9 +3278,11 @@ async function startWebServer(options = {}) {
       res.json({ files: [] });
     }
   });
-  app.get("/api/sessions", requireAuth, (_req, res) => {
+  app.get("/api/sessions", requireAuth, (req, res) => {
     try {
-      const list = sessions.listSessions();
+      const authUser = req._authUser;
+      const sm = authUser ? getUserShared(authUser).sessions : sessions;
+      const list = sm.listSessions();
       res.json({
         sessions: list.slice(0, 50).map((s) => ({
           id: s.id,
@@ -3305,6 +3311,17 @@ async function startWebServer(options = {}) {
         res.status(404).json({ error: "Session not found" });
         return;
       }
+      try {
+        const canonicalFile = realpathSync(filePath);
+        const canonicalDir = realpathSync(histDir);
+        if (!canonicalFile.startsWith(canonicalDir + sep)) {
+          res.status(404).json({ error: "Session not found" });
+          return;
+        }
+      } catch {
+        res.status(404).json({ error: "Session not found" });
+        return;
+      }
       const data = JSON.parse(readFileSync4(filePath, "utf-8"));
       res.json({ session: data });
     } catch (err) {
@@ -3381,8 +3398,35 @@ async function startWebServer(options = {}) {
       existing.onDisconnect();
       handlers.delete(tabId);
     }
+    let tokens = WS_MSG_BURST;
+    let lastRefill = Date.now();
+    const takeToken = () => {
+      const now = Date.now();
+      const refill = (now - lastRefill) / 1e3 * WS_MSG_RATE_PER_SEC;
+      if (refill > 0) {
+        tokens = Math.min(WS_MSG_BURST, tokens + refill);
+        lastRefill = now;
+      }
+      if (tokens < 1) return false;
+      tokens -= 1;
+      return true;
+    };
     let authenticatedUser = null;
     let handler = null;
+    let preAuthTimer = setTimeout(() => {
+      if (!handler && ws.readyState === ws.OPEN) {
+        try {
+          ws.close(1008, "auth timeout");
+        } catch {
+        }
+      }
+    }, WS_PREAUTH_TIMEOUT_MS);
+    const clearPreAuthTimer = () => {
+      if (preAuthTimer) {
+        clearTimeout(preAuthTimer);
+        preAuthTimer = null;
+      }
+    };
     if (token) {
       authenticatedUser = authManager.verifyToken(token);
     }
@@ -3391,11 +3435,13 @@ async function startWebServer(options = {}) {
       console.log(`   \u2713 Tab connected: ${tabId.slice(0, 12)} (no auth) (total: ${handlers.size + 1})`);
       handler = new SessionHandler(ws, shared);
       handlers.set(tabId, handler);
+      clearPreAuthTimer();
     } else if (authenticatedUser) {
       console.log(`   \u2713 Tab connected: ${tabId.slice(0, 12)} (user: ${authenticatedUser}) (total: ${handlers.size + 1})`);
       const userShared = getUserShared(authenticatedUser);
       handler = new SessionHandler(ws, userShared);
       handlers.set(tabId, handler);
+      clearPreAuthTimer();
     } else {
       console.log(`   \u23F3 Tab waiting auth: ${tabId.slice(0, 12)}`);
       if (ws.readyState === ws.OPEN) {
@@ -3406,6 +3452,15 @@ async function startWebServer(options = {}) {
       }
     }
     ws.on("message", async (data) => {
+      if (!takeToken()) {
+        if (ws.readyState === ws.OPEN) {
+          try {
+            ws.close(1008, "rate limit exceeded");
+          } catch {
+          }
+        }
+        return;
+      }
       try {
         const raw = data.toString();
         const parsed = JSON.parse(raw);
@@ -3428,6 +3483,7 @@ async function startWebServer(options = {}) {
             const userShared = getUserShared(username);
             handler = new SessionHandler(ws, userShared);
             handlers.set(tabId, handler);
+            clearPreAuthTimer();
             console.log(`   \u2713 User registered & connected: ${username} (tab: ${tabId.slice(0, 12)})`);
             ws.send(JSON.stringify({ type: "auth_result", success: true, token: newToken, username, setCookie: true }));
             return;
@@ -3443,6 +3499,7 @@ async function startWebServer(options = {}) {
             const userShared = getUserShared(verifiedUser);
             handler = new SessionHandler(ws, userShared);
             handlers.set(tabId, handler);
+            clearPreAuthTimer();
             console.log(`   \u2713 Token auth: ${verifiedUser} (tab: ${tabId.slice(0, 12)})`);
             ws.send(JSON.stringify({ type: "auth_result", success: true, token: clientToken, username: verifiedUser }));
             return;
@@ -3457,6 +3514,7 @@ async function startWebServer(options = {}) {
             const userShared = getUserShared(username);
             handler = new SessionHandler(ws, userShared);
             handlers.set(tabId, handler);
+            clearPreAuthTimer();
             console.log(`   \u2713 User logged in: ${username} (tab: ${tabId.slice(0, 12)})`);
             ws.send(JSON.stringify({ type: "auth_result", success: true, token: loginToken, username, setCookie: true }));
             return;
@@ -3483,6 +3541,7 @@ async function startWebServer(options = {}) {
       }
     });
     ws.on("close", () => {
+      clearPreAuthTimer();
       console.log(`   \u2717 Tab disconnected: ${tabId.slice(0, 12)} (total: ${handlers.size - 1})`);
       if (handler) handler.onDisconnect();
       handlers.delete(tabId);

package/dist/{task-orchestrator-H73NIC6T.js → task-orchestrator-36SFPCP7.js}

@@ -4,17 +4,17 @@ import {
   getDangerLevel,
   googleSearchContext,
   truncateOutput
-} from "./chunk-YBL4QDLD.js";
+} from "./chunk-SP6RFAKW.js";
 import "./chunk-2ZD3YTVM.js";
 import "./chunk-4BKXL7SM.js";
 import "./chunk-NHNWUBXB.js";
 import "./chunk-CQQQFNND.js";
 import "./chunk-6VRJGH25.js";
 import "./chunk-PFYAAX2S.js";
-import "./chunk-AX7T3J7G.js";
+import "./chunk-TFLBQRQM.js";
 import {
   SUBAGENT_ALLOWED_TOOLS
-} from "./chunk-XEXVG3CQ.js";
+} from "./chunk-BAOIXQHD.js";
 
 // src/hub/task-orchestrator.ts
 import { createInterface } from "readline";

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "jinzd-ai-cli",
-  "version": "0.4.85",
+  "version": "0.4.87",
   "description": "Cross-platform REPL-style AI CLI with multi-provider support",
   "type": "module",
   "main": "./dist/index.js",