nolo-cli 0.1.10 → 0.1.12

package/ai/tools/execBashTool.ts

@@ -1,379 +0,0 @@
-import { DEFAULT_LOCAL_API_ORIGIN } from "core/localOrigins";
-import { callToolApi } from "./toolApiClient";
-
-type ExecShellKind = "auto" | "bash" | "powershell";
-
-type ExecBashRequestArgs = {
-  command?: string;
-  cwd?: string;
-  interactive?: boolean;
-  pty?: boolean;
-  shell?: ExecShellKind;
-  sessionId?: string;
-  input?: string;
-  close?: boolean;
-};
-
-export const execBashFunctionSchema = {
-  name: "execBash",
-  description:
-    "兼容旧 agent 的 shell 执行工具。底层会调用后端 shell 执行接口；在 Windows 上可能自动回退到 PowerShell。环境不明确时，先调用 checkEnv({check:'context'}) 判断当前平台与可用 shell。支持交互式 session：先用 interactive=true 启动，再通过 sessionId + input 继续写入 stdin，或用 sessionId 单独轮询输出。仅用于本地开发环境。对 rm 等危险命令默认拦截，需显式传 unsafe: true 才会执行。不要用它执行 rg/grep 代码搜索；代码搜索请改用 codeSearch。",
-  parameters: {
-    type: "object",
-    properties: {
-      command: {
-        type: "string",
-        description:
-          "要执行的 shell 命令，例如: 'git status --short', 'bun test --watch=false'。",
-      },
-      cwd: {
-        type: "string",
-        description:
-          "可选：命令执行的工作目录（相对于 diff-server 所在机器），默认使用后端的 process.cwd()。",
-      },
-      unsafe: {
-        type: "boolean",
-        description:
-          "可选：是否允许执行被判定为危险的命令（例如 rm -rf）。默认 false；当为 false 且命令被识别为危险时，会直接拦截而不真正执行。",
-      },
-      interactive: {
-        type: "boolean",
-        description:
-          "可选：是否以交互式 session 启动命令。为 true 时接口会立即返回 sessionId，后续可继续写 stdin 或轮询输出。",
-      },
-      pty: {
-        type: "boolean",
-        description:
-          "可选：是否为交互式 session 分配伪终端（PTY）。适合 python -i、bash、node 等真正依赖终端语义的 REPL。",
-      },
-      sessionId: {
-        type: "string",
-        description:
-          "可选：已存在的交互式 sessionId。传入后可继续写入 input、查询最新输出或关闭该 session。",
-      },
-      input: {
-        type: "string",
-        description:
-          "可选：要写入 session stdin 的文本。通常需要自己补换行，例如 'y\\n' 或 'exit\\n'。",
-      },
-      close: {
-        type: "boolean",
-        description:
-          "可选：是否关闭指定 session。通常与 sessionId 搭配使用。",
-      },
-    },
-  },
-};
-
-export const execShellFunctionSchema = {
-  name: "execShell",
-  description:
-    "跨平台 shell 执行工具。会在 Windows 上优先使用 PowerShell，在 Linux/macOS 上使用 bash。环境不明确时，先调用 checkEnv({check:'context'}) 判断当前平台与可用 shell。支持交互式 session：先用 interactive=true 启动，再通过 sessionId + input 继续写入 stdin，或用 sessionId 单独轮询输出。仅用于本地开发环境。对 rm 等危险命令默认拦截，需显式传 unsafe: true 才会执行。不要用它执行 rg/grep 代码搜索；代码搜索请改用 codeSearch。",
-  parameters: {
-    type: "object",
-    properties: {
-      command: {
-        type: "string",
-        description:
-          "要执行的 shell 命令，例如: 'git status --short', 'Get-Location', 'bun test --watch=false'。",
-      },
-      cwd: {
-        type: "string",
-        description:
-          "可选：命令执行的工作目录（相对于 diff-server 所在机器），默认使用后端的 process.cwd()。",
-      },
-      shell: {
-        type: "string",
-        enum: ["auto", "bash", "powershell"],
-        description:
-          "可选：显式指定 shell。默认 auto：Windows 优先 PowerShell，其他系统使用 bash。",
-      },
-      unsafe: {
-        type: "boolean",
-        description:
-          "可选：是否允许执行被判定为危险的命令（例如 rm -rf）。默认 false；当为 false 且命令被识别为危险时，会直接拦截而不真正执行。",
-      },
-      interactive: {
-        type: "boolean",
-        description:
-          "可选：是否以交互式 session 启动命令。为 true 时接口会立即返回 sessionId，后续可继续写 stdin 或轮询输出。",
-      },
-      pty: {
-        type: "boolean",
-        description:
-          "可选：是否为交互式 session 分配伪终端（PTY）。当前仅 bash 路径支持；Windows PowerShell 会自动降级为非 PTY 交互。",
-      },
-      sessionId: {
-        type: "string",
-        description:
-          "可选：已存在的交互式 sessionId。传入后可继续写入 input、查询最新输出或关闭该 session。",
-      },
-      input: {
-        type: "string",
-        description:
-          "可选：要写入 session stdin 的文本。通常需要自己补换行，例如 'y\\n' 或 'exit\\n'。",
-      },
-      close: {
-        type: "boolean",
-        description:
-          "可选：是否关闭指定 session。通常与 sessionId 搭配使用。",
-      },
-    },
-  },
-};
-
-function isDangerousCommand(rawCommand: string): boolean {
-  const command = rawCommand.trim();
-  const normalized = command.replace(/\s+/g, " ");
-
-  if (
-    /^rm\b/i.test(normalized) ||
-    /\bsudo\s+rm\b/i.test(normalized) ||
-    /\brm\s+-[rf]+\b/i.test(normalized) ||
-    /\brm\s+-[^\s]*r[^\s]*f[^\s]*/i.test(normalized)
-  ) {
-    return true;
-  }
-
-  if (/\brm\s+-[^\s]*f[^\s]*/i.test(normalized)) {
-    return true;
-  }
-
-  return false;
-}
-
-async function requestExec(
-  args: ExecBashRequestArgs,
-  thunkApi?: any,
-  endpoint = "/api/exec-bash",
-): Promise<any> {
-  const payload = Object.fromEntries(
-    Object.entries(args).filter(([, value]) => value !== undefined)
-  );
-
-  if (thunkApi?.getState) {
-    return callToolApi(thunkApi, endpoint, payload);
-  }
-
-  const baseUrl =
-    (typeof process !== "undefined" &&
-      (process as any).env?.DIFF_SERVER_ORIGIN) ||
-    (typeof window !== "undefined" ? window.location.origin : DEFAULT_LOCAL_API_ORIGIN);
-  const url = `${baseUrl}${endpoint}`;
-  const res = await fetch(url, {
-    method: "POST",
-    headers: { "Content-Type": "application/json" },
-    body: JSON.stringify(payload),
-  });
-
-  const text = await res.text();
-  try {
-    return text ? JSON.parse(text) : {};
-  } catch {
-    return { raw: text, ok: res.ok, status: res.status };
-  }
-}
-
-function formatExecResult(prefixLabel: string, args: any, json: any, trimmedCommand: string, sessionId?: string) {
-  const prefix = json?.ok === false || json?.error ? `[${prefixLabel} 失败]` : `[${prefixLabel} 成功]`;
-  const stdout = json.stdout ?? "";
-  const stderr = json.stderr ?? "";
-  const exitCode = json.exitCode ?? json.code ?? null;
-  const responseSessionId = json.sessionId ?? sessionId ?? null;
-  const responseInteractive = json.interactive === true;
-  const responseRunning = json.running;
-
-  const displayParts: string[] = [];
-  displayParts.push(`${prefix} command: ${json.command ?? trimmedCommand ?? "(session follow-up)"}`);
-  if (json.shell ?? args.shell) {
-    displayParts.push(`shell: ${json.shell ?? args.shell}`);
-  }
-  if (args.cwd) {
-    displayParts.push(`cwd: ${args.cwd}`);
-  }
-  if (responseSessionId) {
-    displayParts.push(`sessionId: ${responseSessionId}`);
-  }
-  if (responseInteractive) {
-    displayParts.push(`running: ${responseRunning === false ? "false" : "true"}`);
-  }
-  if (exitCode !== null && exitCode !== undefined) {
-    displayParts.push(`exitCode: ${exitCode}`);
-  }
-  if (stdout) {
-    displayParts.push("\n[stdout]\n" + stdout.trim());
-  }
-  if (stderr) {
-    displayParts.push("\n[stderr]\n" + stderr.trim());
-  }
-
-  return {
-    rawData: {
-      command: trimmedCommand || null,
-      cwd: args.cwd ?? null,
-      shell: args.shell ?? "auto",
-      ...json,
-    },
-    displayData: displayParts.join("\n"),
-  };
-}
-
-function buildBlockedResponse(toolName: "execBash" | "execShell", trimmedCommand: string, cwd?: string, shell?: ExecShellKind) {
-  const lines: string[] = [];
-  lines.push(`[${toolName} 拦截] 检测到潜在危险命令，默认不执行。`);
-  lines.push(`command: ${trimmedCommand}`);
-  if (cwd) {
-    lines.push(`cwd: ${cwd}`);
-  }
-  lines.push(
-    "如果你确实确认需要执行，请在界面中手动确认或在工具参数中显式传入 unsafe: true（仍建议先检查命令是否有误）。"
-  );
-
-  return {
-    rawData: {
-      applied: false,
-      blocked: true,
-      reason: "dangerous_command",
-      requireUnsafe: true,
-      command: trimmedCommand,
-      cwd: cwd ?? null,
-      shell: shell ?? "auto",
-    },
-    displayData: lines.join("\n"),
-  };
-}
-
-export const startExecBashSession = (
-  thunkApi: any,
-  args: { command: string; cwd?: string; pty?: boolean }
-) =>
-  requestExec(
-    {
-      command: args.command,
-      cwd: args.cwd,
-      interactive: true,
-      pty: args.pty,
-    },
-    thunkApi,
-  );
-
-export const writeExecBashSession = (
-  thunkApi: any,
-  args: { sessionId: string; input: string }
-) =>
-  requestExec(
-    {
-      sessionId: args.sessionId,
-      input: args.input,
-    },
-    thunkApi,
-  );
-
-export const readExecBashSession = (
-  thunkApi: any,
-  args: { sessionId: string }
-) =>
-  requestExec(
-    {
-      sessionId: args.sessionId,
-    },
-    thunkApi,
-  );
-
-export const closeExecBashSession = (
-  thunkApi: any,
-  args: { sessionId: string; input?: string }
-) =>
-  requestExec(
-    {
-      sessionId: args.sessionId,
-      input: args.input,
-      close: true,
-    },
-    thunkApi,
-  );
-
-export const startExecShellSession = (
-  thunkApi: any,
-  args: { command: string; cwd?: string; pty?: boolean; shell?: ExecShellKind }
-) =>
-  requestExec(
-    {
-      command: args.command,
-      cwd: args.cwd,
-      interactive: true,
-      pty: args.pty,
-      shell: args.shell,
-    },
-    thunkApi,
-    "/api/exec-shell",
-  );
-
-export async function execBashFunc(args: any): Promise<{
-  rawData: any;
-  displayData: string;
-}> {
-  const { command, cwd, unsafe, interactive, pty, sessionId, input, close } = args || {};
-  const isSessionFollowup = typeof sessionId === "string" && sessionId.trim().length > 0;
-
-  if (!isSessionFollowup && (!command || typeof command !== "string")) {
-    const msg = "execBash 需要提供 command，或提供有效的 sessionId 来继续已有交互式 session。";
-    return { rawData: { error: msg }, displayData: msg };
-  }
-
-  const trimmedCommand = typeof command === "string" ? command.trim() : "";
-  if (!isSessionFollowup && !unsafe && isDangerousCommand(trimmedCommand)) {
-    return buildBlockedResponse("execBash", trimmedCommand, cwd);
-  }
-
-  try {
-    const json = await requestExec({
-      ...(trimmedCommand ? { command: trimmedCommand } : {}),
-      ...(cwd ? { cwd } : {}),
-      ...(interactive ? { interactive: true } : {}),
-      ...(pty ? { pty: true } : {}),
-      ...(isSessionFollowup ? { sessionId } : {}),
-      ...(typeof input === "string" ? { input } : {}),
-      ...(close ? { close: true } : {}),
-    });
-    return formatExecResult("execBash", { cwd }, json, trimmedCommand, sessionId);
-  } catch (error: any) {
-    const msg = `execBash 调用失败：${error?.message || String(error)}`;
-    return { rawData: { error: msg }, displayData: msg };
-  }
-}
-
-export async function execShellFunc(args: any): Promise<{
-  rawData: any;
-  displayData: string;
-}> {
-  const { command, cwd, shell, unsafe, interactive, pty, sessionId, input, close } = args || {};
-  const isSessionFollowup = typeof sessionId === "string" && sessionId.trim().length > 0;
-
-  if (!isSessionFollowup && (!command || typeof command !== "string")) {
-    const msg = "execShell 需要提供 command，或提供有效的 sessionId 来继续已有交互式 session。";
-    return { rawData: { error: msg }, displayData: msg };
-  }
-
-  const trimmedCommand = typeof command === "string" ? command.trim() : "";
-  if (!isSessionFollowup && !unsafe && isDangerousCommand(trimmedCommand)) {
-    return buildBlockedResponse("execShell", trimmedCommand, cwd, shell);
-  }
-
-  try {
-    const json = await requestExec({
-      ...(trimmedCommand ? { command: trimmedCommand } : {}),
-      ...(cwd ? { cwd } : {}),
-      ...(shell ? { shell } : {}),
-      ...(interactive ? { interactive: true } : {}),
-      ...(pty ? { pty: true } : {}),
-      ...(isSessionFollowup ? { sessionId } : {}),
-      ...(typeof input === "string" ? { input } : {}),
-      ...(close ? { close: true } : {}),
-    }, undefined, "/api/exec-shell");
-    return formatExecResult("execShell", { cwd, shell }, json, trimmedCommand, sessionId);
-  } catch (error: any) {
-    const msg = `execShell 调用失败：${error?.message || String(error)}`;
-    return { rawData: { error: msg }, displayData: msg };
-  }
-}

package/ai/tools/executeSqlTool.ts

@@ -1,192 +0,0 @@
-// /ai/tools/executeSqlTool.ts
-
-import { getToolRequestContext, callToolApi } from "./toolApiClient";
-import { API_ENDPOINTS } from "database/config";
-
-/**
- * [Schema] 定义了 'executeSql' 工具的结构，供 LLM 调用。
- * [修改] Schema 增加对参数化查询的描述，但对 LLM 保持简单，不暴露 params 字段。
- * LLM 应该总是生成完整的、人类可读的 SQL。参数化是由内部工具（如 importData）调用的。
- */
-export const executeSqlFunctionSchema = {
-  name: "executeSql",
-  description:
-    "直接在 SQLite 数据库中执行任意 SQL 语句，包括查询、插入、更新、删除和表结构操作。内部支持参数化查询以防止SQL注入。",
-  parameters: {
-    type: "object",
-    properties: {
-      sqlQuery: {
-        type: "string",
-        description:
-          "要执行的完整 SQL 语句。例如：SELECT * FROM users; INSERT INTO products (name, price) VALUES ('Milk', 2.5);",
-      },
-      // 注意：params 字段不向 LLM 暴露，这是内部实现细节
-    },
-    required: ["sqlQuery"],
-  },
-};
-
-// buildRequestHeaders 和 postRequest / handleApiResponse 已统一至 toolApiClient
-
-const buildRequestHeaders = (token: string | null): Record<string, string> => {
-  const headers: Record<string, string> = { "Content-Type": "application/json" };
-  if (token) headers["Authorization"] = `Bearer ${token}`;
-  return headers;
-};
-
-const handleApiResponse = async (response: Response): Promise<any> => {
-  if (!response.ok) {
-    let errorMessage = `API 错误！状态码: ${response.status}`;
-    try {
-      const errorData = await response.json() as Record<string, any>;
-      if (errorData?.error) {
-        errorMessage += `: ${errorData.error.message || JSON.stringify(errorData.error)}`;
-      }
-    } catch (e) {
-      /* 忽略json解析错误 */
-    }
-    throw new Error(errorMessage);
-  }
-  return response.json();
-};
-
-const formatSqlResultText = (
-  data: any,
-  sqlQuery: string,
-  params?: any[]
-): string => {
-  // ... (此函数大部分逻辑保持不变)
-  if (!data.success) return `SQL 执行失败：${data.error || "未知错误"}`;
-  const result = data.result;
-
-  // [新增] 如果是参数化 INSERT，提供更精确的反馈
-  if (
-    params &&
-    params.length > 0 &&
-    sqlQuery.trim().toLowerCase().startsWith("insert")
-  ) {
-    const changes = result?.changes ?? 0;
-    const match = sqlQuery.match(/insert\s+into\s+['"]?(\w+)['"]?/i);
-    const tableName = match ? ` "${match[1]}"` : "";
-    if (changes > 0) {
-      return `✅ 成功向表${tableName}中批量插入了 ${changes} 条记录。`;
-    }
-  }
-
-  // ... (其余格式化逻辑与之前相同)
-  const lowerCaseQuery = sqlQuery.trim().toLowerCase();
-
-  if (lowerCaseQuery.startsWith("create table")) {
-    const match = sqlQuery.match(
-      /create\s+table\s+(?:if\s+not\s+exists\s+)?['"]?(\w+)['"]?/i
-    );
-    const tableName = match ? match[1] : "新";
-    return `✅ 表 "${tableName}" 已成功创建。`;
-  }
-
-  if (Array.isArray(result)) {
-    const isListTablesQuery =
-      lowerCaseQuery.includes("select") &&
-      lowerCaseQuery.includes("name") &&
-      lowerCaseQuery.includes("sqlite_master") &&
-      lowerCaseQuery.includes("type") &&
-      lowerCaseQuery.includes("'table'");
-    if (
-      isListTablesQuery &&
-      result.length > 0 &&
-      result[0].name !== undefined
-    ) {
-      const tableNames = result
-        .map((row: any) => `- \`${row.name}\``)
-        .join("\n");
-      return `查询成功，数据库中共有 ${result.length} 个表：\n\n${tableNames}`;
-    }
-    if (lowerCaseQuery.startsWith("pragma table_info(")) {
-      const match = sqlQuery.match(/\(\s*['"]?(\w+)['"]?\s*\)/);
-      const tableName = match ? ` "${match[1]}"` : "";
-      if (result.length > 0 && result[0].cid !== undefined) {
-        let resultText = `表${tableName} 的结构信息 (${result.length} 列):\n\n\`\`\`\n| 列名        | 类型      | 非空 | 主键 |\n|-------------|-----------|------|------|\n`;
-        result.forEach((col: any) => {
-          resultText += `| ${String(col.name).padEnd(11)} | ${String(col.type).padEnd(9)} | ${(col.notnull ? "是" : "否").padEnd(4)} | ${(col.pk ? "是" : "否").padEnd(4)} |\n`;
-        });
-        resultText += "```";
-        return resultText;
-      } else {
-        return `表${tableName} 不存在或没有列信息。`;
-      }
-    }
-    if (
-      lowerCaseQuery.includes("sqlite_master") &&
-      lowerCaseQuery.includes("select sql") &&
-      result.length > 0 &&
-      result[0].sql !== undefined
-    ) {
-      return `表创建 SQL 语句:\n\n\`\`\`sql\n${result[0].sql}\n\`\`\``;
-    }
-    let resultText = `SQL 查询成功，返回 ${result.length} 条记录。\n\n`;
-    if (result.length > 0) {
-      resultText +=
-        "```json\n" + JSON.stringify(result.slice(0, 5), null, 2) + "\n```";
-      if (result.length > 5)
-        resultText += `\n... 更多 ${result.length - 5} 条记录未显示。`;
-    } else {
-      resultText += "没有找到匹配的记录。";
-    }
-    return resultText;
-  } else if (typeof result === "object" && result !== null) {
-    if (result.message) return `SQL 命令执行成功：${result.message}`;
-    if (result.changes !== undefined || result.lastInsertRowid !== undefined) {
-      let resultText = `SQL 命令执行成功。`;
-      if (result.changes > 0) resultText += ` 影响行数：${result.changes}。`;
-      if (result.lastInsertRowid)
-        resultText += ` 最后插入ID：${result.lastInsertRowid}。`;
-      return resultText;
-    }
-    return `SQL 命令执行成功，原始响应：${JSON.stringify(result)}`;
-  }
-  return `SQL 命令执行成功，原始响应：${JSON.stringify(result)}`;
-};
-
-/**
- * [Executor] 'executeSql' 工具的执行函数。
- * [修改] 函数签名和请求体以支持可选的参数化查询。
- * @param args - LLM 或内部工具提供的参数: { sqlQuery: string, params?: any[] }
- * @param thunkApi - Redux Thunk API
- * @returns {Promise<{rawData: any, displayData: string}>} - 返回标准化的结果对象
- */
-export async function executeSqlFunc(
-  args: { sqlQuery: string; params?: any[] }, // <--- [修改] 签名接受可选的 params
-  thunkApi: any
-): Promise<{ rawData: any; displayData: string }> {
-  const { sqlQuery, params } = args;
-
-  if (!sqlQuery || typeof sqlQuery !== "string" || sqlQuery.trim() === "") {
-    throw new Error("SQL 执行失败：'sqlQuery' 必须为非空字符串。");
-  }
-
-  try {
-    const { baseUrl, token } = getToolRequestContext(thunkApi);
-    const apiUrl = `${baseUrl}${API_ENDPOINTS.EXECUTE_SQL}`;
-    const requestHeaders = buildRequestHeaders(token);
-
-    const requestBody: { sql_query: string; params?: any[] } = {
-      sql_query: sqlQuery,
-    };
-    if (params && Array.isArray(params)) {
-      requestBody.params = params;
-    }
-
-    const response = await fetch(apiUrl, { method: "POST", headers: requestHeaders, body: JSON.stringify(requestBody) });
-    const responseData = await handleApiResponse(response);
-
-    // 生成用于UI展示的文本和用于后续步骤的原始数据
-    const displayData = formatSqlResultText(responseData, sqlQuery, params);
-    const rawData = responseData; // 完整的后端响应作为原始数据
-
-    return { rawData, displayData };
-  } catch (error: any) {
-    console.error("Execute SQL tool error:", error);
-    // 重新抛出格式化的错误，以便上层捕获并显示
-    throw new Error(`SQL 执行失败：${error.message}`);
-  }
-}