npm - linco-connect - Versions diffs - 1.0.8 → 1.0.9 - Mend

linco-connect 1.0.8 → 1.0.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/README.md CHANGED Viewed

@@ -32,11 +32,11 @@ Codex:       wss://chat.ddjf.info/socket/ai/codex
 - 会话隔离：每个 Agent 和远端 session 都创建独立 session、workspace、attachments、outbox。
 - Markdown 展示：支持 GFM Markdown、代码块、表格、引用和安全链接。
 - 工具调用展示：Agent 工具输入、输出和错误以可折叠卡片展示。
-- 权限确认：Agent 请求工具权限时可在前端批准或拒绝。
+- 权限确认：工具/命令权限请求和危险操作确认默认自动允许；可用 `/approve off` 为当前会话恢复手动确认。
 - 附件上传：支持普通文件和图片；图片作为多模态内容发送，普通文件保存为本地路径引用。
 - 图片粘贴：支持从剪贴板粘贴图片。
 - 文件下发：Agent 生成文件放入 outbox 后，前端自动展示下载/预览卡片。
-- 斜杠命令：内置 `/help`、`/pwd`、`/cd`、`/new`、`/stop`、`/base`、`/status`、`/list`。
+- 斜杠命令：内置 `/help`、`/pwd`、`/cd`、`/new`、`/stop`、`/base`、`/status`、`/list`、`/approve`。
 - Windows Git Bash 检测：Windows 下自动查找 Git Bash，也可手动指定。
 ## 前置条件
@@ -377,6 +377,9 @@ outbox 目录: .../outbox
 | `/base` | 显示 Linco 运行目录、附件目录和 outbox 目录 |
 | `/list` | 列出当前 IM 会话最近 10 条 Agent Session 历史 |
 | `/list <条数>` | 按指定条数列出最近的 Agent Session 历史 |
+| `/approve` | 显示当前自动审批状态 |
+| `/approve on` | 开启当前会话自动审批，后续工具/命令权限请求和危险操作确认自动允许（默认） |
+| `/approve off` | 关闭当前会话自动审批，恢复手动确认 |
 除上述本地命令外，其他 `/xxx` 会透传给当前 Agent CLI。

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "linco-connect",
-  "version": "1.0.8",
+  "version": "1.0.9",
   "description": "自研 IM 桥接多 Agent 服务",
   "main": "server.js",
   "bin": {

package/src/agents/codex.js CHANGED Viewed

@@ -15,14 +15,18 @@ const {
 function execute(input, ws, session, config) {
   const textForCheck = stringifyInput(input);
   if (isDangerousCommand(textForCheck)) {
-    const preview = textForCheck.slice(0, 200);
-    session.pendingDanger = { input };
-    send(ws, 'danger_warning', {
-      text: `⚠️ 检测到可能的危险操作，请确认是否继续执行：
+    if (session.autoApprove === true) {
+      sendSystem(ws, '✅ 已自动批准危险操作确认。');
+    } else {
+      const preview = textForCheck.slice(0, 200);
+      session.pendingDanger = { input };
+      send(ws, 'danger_warning', {
+        text: `⚠️ 检测到可能的危险操作，请确认是否继续执行：
 "${preview}${textForCheck.length > 200 ? '...' : ''}"`,
-    });
-    return;
+      });
+      return;
+    }
   }
   if (session.isTurnActive) {
@@ -386,13 +390,25 @@ function handleServerRequest(message, session) {
     return;
   }
-  // Command execution approval — send to frontend for user approval
+  // Command execution approval — auto-approve by default, or ask the user when disabled.
   if (method === 'item/commandExecution/requestApproval' || method === 'execCommandApproval') {
     const cmd = params.command || params.tool || '';
-    session._log?.info('codex command execution approval requested', { method, command: cmd });
+    session._log?.info('codex command execution approval requested', { method, command: cmd, autoApprove: session.autoApprove === true });
     if (getPendingPermission(session, String(message.id), 'codex')) return;
+    if (session.autoApprove === true) {
+      sendJsonRpc(session.codexAppServer, {
+        jsonrpc: '2.0',
+        id: message.id,
+        result: { decision: 'accept' },
+      });
+      if (ws) {
+        sendSystem(ws, `✅ 已自动批准命令执行：${cmd}`);
+      }
+      return;
+    }
     setPendingPermission(session, {
       provider: 'codex',
       requestId: String(message.id),
@@ -858,6 +874,7 @@ function buildExecArgs(session, agentConfig) {
   args.push('--json');
   if (!session.agentSessionId) args.push('--cd', session.workspace);
   if (agentConfig.model) args.push('--model', agentConfig.model);
+  if (session.autoApprove === true) args.push('--dangerously-bypass-approvals-and-sandbox');
   if (session.agentSessionId) args.push(session.agentSessionId);
   args.push('-');
   return args;

package/src/agents/hermes.js CHANGED Viewed

@@ -23,12 +23,16 @@ function extractText(input) {
 function execute(input, ws, session, config) {
   const textForCheck = stringifyInput(input);
   if (isDangerousCommand(textForCheck)) {
-    const preview = textForCheck.slice(0, 200);
-    session.pendingDanger = { input };
-    send(ws, 'danger_warning', {
-      text: `⚠️ 检测到可能的危险操作，请确认是否继续执行：\n\n"${preview}${textForCheck.length > 200 ? '...' : ''}"`,
-    });
-    return;
+    if (session.autoApprove === true) {
+      sendSystem(ws, '✅ 已自动批准危险操作确认。');
+    } else {
+      const preview = textForCheck.slice(0, 200);
+      session.pendingDanger = { input };
+      send(ws, 'danger_warning', {
+        text: `⚠️ 检测到可能的危险操作，请确认是否继续执行：\n\n"${preview}${textForCheck.length > 200 ? '...' : ''}"`,
+      });
+      return;
+    }
   }
   if (session.isTurnActive) {
@@ -163,7 +167,7 @@ function handleHermesEvent(event, ws, session, config) {
       send(ws, 'thinking', { text: event.text || '' });
       return;
     case 'approval.request':
-      handleApprovalRequest(event, ws, session);
+      handleApprovalRequest(event, ws, session, config);
       return;
     case 'approval.responded':
       sendSystem(ws, event.choice === 'deny' ? '🚫 已拒绝 Hermes 操作。' : '✅ 已批准 Hermes 操作。');
@@ -184,7 +188,7 @@ function handleHermesEvent(event, ws, session, config) {
   }
 }
-function handleApprovalRequest(event, ws, session) {
+function handleApprovalRequest(event, ws, session, config) {
   const requestId = String(
     event.requestId ||
     event.request_id ||
@@ -205,6 +209,18 @@ function handleApprovalRequest(event, ws, session) {
     input,
     choices: event.choices || [],
   });
+  if (session.autoApprove === true) {
+    config.logger?.info('hermes permission auto-approved', {
+      sessionId: session.id,
+      requestId,
+    });
+    resolvePendingPermission(true, ws, session, config, requestId).catch(err => {
+      sendError(ws, `Hermes 自动审批失败: ${err.message}`);
+    });
+    return;
+  }
   send(ws, 'permission_request', {
     requestId,
     toolName: 'exec',

package/src/claudeRunner.js CHANGED Viewed

@@ -18,7 +18,17 @@ function executeClaudeQuery(input, ws, session, config) {
   const textForCheck = typeof input === 'string' ? input : extractText(input);
   if (isDangerousCommand(textForCheck)) {
-    config.logger?.warn('dangerous command detected', { sessionId: session.id, chars: textForCheck.length });
+    config.logger?.warn('dangerous command detected', {
+      sessionId: session.id,
+      chars: textForCheck.length,
+      autoApprove: session.autoApprove === true,
+    });
+    if (session.autoApprove === true) {
+      sendSystem(ws, '✅ 已自动批准危险操作确认。');
+      enqueueClaudeQuery(input, ws, session, config);
+      return;
+    }
     const preview = textForCheck.slice(0, 200);
     send(ws, 'danger_warning', {
       text: `⚠️ 检测到可能的危险操作，请确认是否继续执行：\n\n"${preview}${textForCheck.length > 200 ? '...' : ''}"`
@@ -449,8 +459,24 @@ function handleControlRequest(parsed, ws, session, config) {
     sessionId: session.id,
     requestId: requestID,
     toolName,
+    autoApprove: session.autoApprove === true,
   });
+  if (session.autoApprove === true) {
+    try {
+      respondPermission(session, true, requestID);
+      config.logger?.info('permission auto-approved', {
+        sessionId: session.id,
+        requestId: requestID,
+        toolName,
+      });
+      sendSystem(ws, `✅ 已自动批准工具使用：${toolName}`);
+    } catch (err) {
+      sendError(ws, `❌ 自动批准工具权限失败: ${err.message}`);
+    }
+    return;
+  }
   send(ws, 'permission_request', {
     requestId: requestID,
     toolName,

package/src/session.js CHANGED Viewed

@@ -33,6 +33,7 @@ function createSession(config, { externalSessionId, agentType = 'claude' } = {})
   const workspace = resolveSavedWorkspace(metadata.workspace || legacyMetadata.workspace, defaultWorkspace);
   const agentSessionId = metadata.agentSessionId || metadata.claudeSessionId || legacyMetadata.agentSessionId || legacyMetadata.claudeSessionId || null;
   const agentSessionHistory = metadata.agentSessionHistory || [];
+  const autoApprove = metadata.autoApprove !== false;
   const activeEntry = agentSessionHistory.find(e => e.id === agentSessionId);
   const messageCount = activeEntry?.messageCount ?? 0;
@@ -60,6 +61,7 @@ function createSession(config, { externalSessionId, agentType = 'claude' } = {})
     currentInputForNoOutput: null,
     messageQueue: [],
     pendingDanger: null,
+    autoApprove,
     pendingPermission: null,
     pendingPermissions: new Map(),
     streamState: createStreamState(),
@@ -170,6 +172,7 @@ function saveSessionMetadata(session) {
     agentSessionId: session.agentSessionId || session.claudeSessionId || null,
     claudeSessionId: session.agentType === 'claude' ? (session.agentSessionId || session.claudeSessionId || null) : null,
     agentSessionHistory: session.agentSessionHistory || [],
+    autoApprove: session.autoApprove === true,
     updatedAt: new Date().toISOString(),
   };
   fs.writeFileSync(sessionMetadataPath(session), `${JSON.stringify(metadata, null, 2)}\n`);

package/src/slashCommands.js CHANGED Viewed

@@ -3,8 +3,8 @@ const path = require('path');
 const { resetOutgoingAttachments, startOutboxWatcher, stopOutboxWatcher } = require('./outgoingAttachmentHandler');
 const { sendError, sendSystem } = require('./protocol');
 const { removeAgentSessionFromHistory, saveSessionMetadata } = require('./session');
-const { stopAgentProcess } = require('./agentRunner');
-const { clearPendingPermissions } = require('./permissionState');
+const { resolvePendingDanger, resolvePendingPermission, stopAgentProcess } = require('./agentRunner');
+const { clearPendingPermissions, pendingPermissionIds } = require('./permissionState');
 function localCommandsHelp() {
   return `📋 Linco 本地命令：
@@ -20,6 +20,7 @@ function localCommandsHelp() {
 /list [条数]   - 列出当前 IM 会话下最近的 Agent Session 历史（默认 10 条）
 /switch <序号> - 切换到指定 Agent Session（恢复上下文）
 /delete <序号> - 从历史记录中删除指定 Agent Session
+/approve on/off - 开启或关闭自动审批（默认开启）
 /usage         - 显示 Token 用量统计`;
 }
@@ -97,6 +98,10 @@ outbox 目录: ${session.outboxDir}`);
       handleDelete(parts[1], ws, session);
       return true;
+    case '/approve':
+      handleApprove(parts[1], ws, session, config);
+      return true;
     case '/usage':
       handleUsage(ws, session);
       return true;
@@ -127,6 +132,7 @@ Agent session: ${session.agentSessionId || session.claudeSessionId || '(尚未
 Agent 进程: ${processRunning ? '运行中' : '未运行'}
 当前 turn: ${session.isTurnActive ? '进行中' : '空闲'}
 排队消息: ${session.messageQueue.length}
+自动审批: ${session.autoApprove ? '开启' : '关闭'}
 待确认: ${session.pendingPermission ? '工具权限' : session.pendingDanger ? '危险操作' : '无'}`);
 }
@@ -362,6 +368,40 @@ function handleUsage(ws, session) {
   sendSystem(ws, text);
 }
+function handleApprove(mode, ws, session, config) {
+  const value = String(mode || '').trim().toLowerCase();
+  if (!value || value === 'status') {
+    sendSystem(ws, `自动审批当前为：${session.autoApprove ? '开启' : '关闭'}。\n使用 /approve on 开启，/approve off 关闭。默认开启。`);
+    return;
+  }
+  if (!['on', 'off'].includes(value)) {
+    sendError(ws, '❌ /approve 参数只能是 on 或 off，例如 /approve on。');
+    return;
+  }
+  session.autoApprove = value === 'on';
+  saveSessionMetadata(session);
+  let approvedPending = 0;
+  let approvedDanger = false;
+  if (session.autoApprove) {
+    const provider = session.agentType || 'claude';
+    for (const requestId of pendingPermissionIds(session, provider)) {
+      const resolved = resolvePendingPermission(true, ws, session, config, requestId);
+      if (resolved) approvedPending += 1;
+    }
+    if (session.pendingDanger) {
+      approvedDanger = !!resolvePendingDanger(true, ws, session, config);
+    }
+  }
+  sendSystem(ws, session.autoApprove
+    ? `✅ 自动审批已开启：后续工具/命令权限请求和危险操作确认会自动允许。${approvedPending ? `\n已自动批准当前等待中的 ${approvedPending} 个权限请求。` : ''}${approvedDanger ? '\n已自动批准当前等待中的危险操作确认。' : ''}`
+    : '✅ 自动审批已关闭：后续工具/命令权限请求和危险操作确认会回到手动确认。');
+}
 module.exports = {
   handleSlashCommand,
 };