openai-inbox 0.1.1

package/README.md

@@ -0,0 +1,168 @@
+# 📬 open-inbox
+
+基于 [opencli](https://github.com/jackwener/OpenCLI) 的多源消息收件箱。Node 后端 spawn `opencli` 子进程拉取数据,前端左源右消息布局,手动刷新获取最新。
+
+当前接入:
+- **Hacker News** (top / new / best / ask / show / jobs) — 免登录,公开 API
+- **Reddit** (hot / popular / frontpage) — 免登录,首次会启动 Chromium
+- **知乎** (热榜 / 推荐) — ⚠️ 当前返回空,见下文「已知问题」
+
+---
+
+## 一、首次准备(只做一次)
+
+### 1. 装 opencli
+
+```bash
+npm install -g opencli
+opencli --version   # 应输出 1.8.3 或更高
+```
+
+### 2. 装项目依赖
+
+```bash
+cd ~\Desktop\opencli-inbox
+npm install
+```
+
+> Reddit 走浏览器自动化,**首次**调用会拉起 Chromium,后续会复用 session。HN 直接走公开 API,不需要浏览器。
+
+---
+
+## 二、启动 / 停止
+
+### 前台启动(开发常用,关终端即停)
+
+```bash
+cd ~\Desktop\opencli-inbox
+npm start
+```
+
+看到 `📬 Inbox running at http://localhost:3000` 就说明起来了,浏览器打开该地址。**停止**:终端按 `Ctrl + C`。
+
+### 后台启动(关终端不退,日志写文件)
+
+```cmd
+:: 启动(默认端口 3000)
+npm run start:bg
+
+:: 查看日志
+npm run logs
+:: 或:type logs\server.log
+
+:: 停止
+npm run stop:bg
+```
+
+也可以直接调脚本:`scripts\start-bg.cmd` / `scripts\stop-bg.cmd`(推荐 cmd / PowerShell 调用,Git Bash 可用 `cmd //c scripts/start-bg.cmd`)。
+
+工作机制:
+- `start-bg.cmd` 用 `start /b` 把 `node server.js` detach 到后台,日志输出到 `logs\server.log`,PID 写进 `.server.pid`
+- `stop-bg.cmd` 优先用 `.server.pid` 杀;找不到再回退到「占用 PORT 的进程」
+
+### 自定义端口
+
+```cmd
+:: 前台
+set PORT=4000 && npm start
+
+:: 后台
+set PORT=4000 && npm run start:bg
+set PORT=4000 && npm run stop:bg    :: 停止时端口要保持一致
+```
+
+---
+
+## 三、知乎需要登录
+
+知乎热榜/推荐都要求登录,首次进入「知乎」tab 通常会看到 `0 条 · 该源暂无数据`。
+
+操作步骤:
+1. 点空数据态下的 **「打开 知乎 登录页」** 按钮
+2. opencli 会唤起浏览器(前台可见)并跳到知乎登录页 — **这是 opencli 自身的登录机制**,不是另起一个浏览器
+3. 在浏览器完成登录(扫码 / 密码均可)
+4. 登录成功后**关闭那个浏览器标签**,回到 inbox 点 **↻ 刷新**
+
+opencli 用 `--site-session persistent` 保留 cookies,后续 `npm start` 不需要重新登录,除非 cookies 过期。
+
+如果一直拿不到数据,排查:
+```bash
+opencli zhihu hot -f json --window foreground   # 直接跑一次,看浏览器里发生了什么
+opencli profile list                             # 看 session 状态
+```
+
+## 四、使用
+
+- 左侧点 **Hacker News** 或 **Reddit** 切换源
+- 顶部下拉切换 feed (top / hot / …)
+- 点 **↻ 刷新** 重新拉数据(每次刷新都会重新 spawn opencli)
+- 状态栏显示「条数 · 时间 · 耗时」
+
+---
+
+## 五、常见问题
+
+### 启动报 `EADDRINUSE: address already in use :::3000`
+端口被占,可能上一个服务没关。两种解法:
+```bash
+# A. 换端口
+PORT=4000 npm start
+
+# B. 杀掉占用端口的进程 (Windows)
+netstat -ano | findstr :3000
+taskkill /PID <上一步看到的PID> /F
+```
+
+### 刷新时弹出 `Connect Timeout Error`
+opencli 调用外部 API 偶发网络抖动,**再点一次刷新**通常就好。HN 的源在 `hacker-news.firebaseio.com`,Reddit 走的是真实浏览器,都需要能访问外网。
+
+### Reddit 第一次特别慢 / 卡住
+首次会自动下载并启动 Chromium,可能要 30 秒以上。后续会快很多。如果一直卡:
+```bash
+opencli reddit hot -f json     # 单独跑一次,看真实报错
+opencli doctor                 # 检查浏览器桥连接
+```
+
+### 想加新数据源
+1. 在 `sources/` 下新建 `xxx.js`,实现:
+   ```js
+   export default {
+     id: 'xxx',
+     label: '显示名',
+     icon: 'X',
+     feeds: [{ value: 'hot', label: 'Hot' }],
+     defaultFeed: 'hot',
+     async fetch(feed) {
+       const out = await runOpencli(['xxx', feed, '-f', 'json']);
+       return extractJson(out).map(it => ({
+         id: String(it.id), title: it.title, url: it.url,
+         score: it.score, comments: it.comments, author: it.author,
+       }));
+     },
+   };
+   ```
+2. 在 `sources/index.js` import 并放进 `sources` 数组,完工。
+
+先用 `opencli <name> --help` 确认该 adapter 的命令名和是否支持 `-f json`。
+
+---
+
+## 六、目录结构
+
+```
+open-inbox/
+├── server.js                # Express 路由
+├── package.json
+├── sources/
+│   ├── _runner.js           # spawn opencli + 容错 JSON 解析
+│   ├── index.js             # 源注册表
+│   ├── hackernews.js        # HN adapter
+│   └── reddit.js            # Reddit adapter
+└── public/
+    └── index.html           # 前端单页
+```
+
+API:
+- `GET /api/sources` — 列出所有源(含 `supportsLogin` 标记)
+- `GET /api/sources/:id/messages?feed=<feed>` — 拉某源某 feed 的消息
+- `POST /api/sources/:id/login` — 触发该源的登录流程(目前只有知乎实现)

package/bin/cli.js

@@ -0,0 +1,2 @@
+#!/usr/bin/env node
+import('../server.js');

package/package.json

@@ -0,0 +1,36 @@
+{
+  "name": "openai-inbox",
+  "version": "0.1.1",
+  "description": "Multi-source message inbox powered by opencli (Hacker News / Reddit / 知乎).",
+  "type": "module",
+  "bin": {
+    "open-inbox": "./bin/cli.js"
+  },
+  "files": [
+    "bin/",
+    "server.js",
+    "sources/",
+    "public/",
+    "README.md"
+  ],
+  "engines": {
+    "node": ">=18"
+  },
+  "keywords": [
+    "opencli",
+    "inbox",
+    "hackernews",
+    "reddit",
+    "zhihu"
+  ],
+  "license": "MIT",
+  "scripts": {
+    "start": "node server.js",
+    "start:bg": "scripts\\start-bg.cmd",
+    "stop:bg": "scripts\\stop-bg.cmd",
+    "logs": "type logs\\server.log"
+  },
+  "dependencies": {
+    "express": "^4.19.2"
+  }
+}

package/public/index.html

@@ -0,0 +1,240 @@
+<!doctype html>
+<html lang="zh-CN">
+<head>
+<meta charset="utf-8">
+<meta name="viewport" content="width=device-width,initial-scale=1">
+<title>Inbox · powered by opencli</title>
+<style>
+  :root {
+    color-scheme: light dark;
+    --border: rgba(127,127,127,.25);
+    --muted: #888;
+    --bg-active: rgba(99, 102, 241, .12);
+    --accent: #6366f1;
+  }
+  * { box-sizing: border-box; }
+  html, body { height: 100%; margin: 0; }
+  body {
+    font-family: system-ui, -apple-system, "Segoe UI", "PingFang SC", sans-serif;
+    display: grid;
+    grid-template-columns: 220px 1fr;
+    grid-template-rows: 100vh;
+  }
+  /* ---------- sidebar ---------- */
+  aside {
+    border-right: 1px solid var(--border);
+    padding: 1rem .8rem;
+    overflow-y: auto;
+  }
+  aside h2 {
+    font-size: .75rem; text-transform: uppercase; letter-spacing: .08em;
+    color: var(--muted); margin: 0 0 .6rem .4rem;
+  }
+  .src {
+    display: flex; align-items: center; gap: .6rem;
+    padding: .55rem .6rem; border-radius: 8px; cursor: pointer;
+    user-select: none;
+  }
+  .src:hover { background: rgba(127,127,127,.08); }
+  .src.active { background: var(--bg-active); color: var(--accent); font-weight: 600; }
+  .src .icon {
+    width: 26px; height: 26px; border-radius: 6px;
+    display: grid; place-items: center;
+    background: rgba(127,127,127,.15); font-weight: 700; font-size: .8rem;
+  }
+  .src.active .icon { background: var(--accent); color: white; }
+
+  /* ---------- main ---------- */
+  main { display: flex; flex-direction: column; overflow: hidden; }
+  header {
+    display: flex; align-items: center; gap: .8rem; flex-wrap: wrap;
+    padding: .9rem 1.2rem; border-bottom: 1px solid var(--border);
+  }
+  header h1 { margin: 0; font-size: 1.1rem; }
+  select, button {
+    padding: .35rem .7rem; font-size: .9rem;
+    border-radius: 6px; border: 1px solid var(--border);
+    background: transparent; color: inherit; cursor: pointer;
+  }
+  button:hover { background: rgba(127,127,127,.1); }
+  button.primary { background: var(--accent); color: white; border-color: var(--accent); }
+  button.primary:hover { filter: brightness(1.1); }
+  #status { color: var(--muted); font-size: .8rem; margin-left: auto; }
+  #status.err { color: #d33; }
+
+  #list { flex: 1; overflow-y: auto; padding: 0 1.2rem 2rem; }
+  .msg {
+    display: grid; grid-template-columns: 2.4rem 1fr; gap: .7rem;
+    padding: .8rem 0; border-bottom: 1px solid var(--border);
+  }
+  .rank { color: var(--muted); font-variant-numeric: tabular-nums; padding-top: .15rem; font-size: .9rem; }
+  .title { font-weight: 600; line-height: 1.35; }
+  .title a { color: inherit; text-decoration: none; }
+  .title a:hover { text-decoration: underline; color: var(--accent); }
+  .meta { color: var(--muted); font-size: .8rem; margin-top: .25rem; }
+  .meta a { color: inherit; }
+  .empty { color: var(--muted); padding: 2rem 0; text-align: center; }
+  .spinner { display: inline-block; width: 14px; height: 14px; border: 2px solid var(--muted); border-top-color: transparent; border-radius: 50%; animation: spin 1s linear infinite; vertical-align: middle; }
+  @keyframes spin { to { transform: rotate(360deg); } }
+
+  @media (max-width: 640px) {
+    body { grid-template-columns: 1fr; grid-template-rows: auto 1fr; }
+    aside { border-right: none; border-bottom: 1px solid var(--border); padding: .6rem; }
+    aside h2 { display: none; }
+    aside ul { display: flex; gap: .4rem; overflow-x: auto; padding: 0; margin: 0; list-style: none; }
+    .src { white-space: nowrap; }
+  }
+</style>
+</head>
+<body>
+  <aside>
+    <h2>Sources</h2>
+    <ul id="sources" style="list-style:none;padding:0;margin:0"></ul>
+  </aside>
+  <main>
+    <header>
+      <h1 id="title">📬 Inbox</h1>
+      <select id="feed"></select>
+      <button id="refresh" class="primary">↻ 刷新</button>
+      <span id="status">初始化…</span>
+    </header>
+    <div id="list"><div class="empty">选择左侧数据源</div></div>
+  </main>
+
+<script>
+const $ = (id) => document.getElementById(id);
+const esc = (s) => String(s ?? '').replace(/[&<>"']/g, c => ({'&':'&amp;','<':'&lt;','>':'&gt;','"':'&quot;',"'":'&#39;'}[c]));
+
+let sources = [];
+let currentSource = null;
+
+async function init() {
+  const r = await fetch('/api/sources');
+  const data = await r.json();
+  sources = data.sources;
+  renderSources();
+  if (sources.length) selectSource(sources[0].id);
+}
+
+function renderSources() {
+  $('sources').innerHTML = sources.map(s => `
+    <li class="src ${currentSource?.id === s.id ? 'active' : ''}" data-id="${esc(s.id)}">
+      <span class="icon">${esc(s.icon || s.label[0])}</span>
+      <span>${esc(s.label)}</span>
+    </li>`).join('');
+  $('sources').querySelectorAll('.src').forEach(el => {
+    el.onclick = () => selectSource(el.dataset.id);
+  });
+}
+
+function selectSource(id) {
+  currentSource = sources.find(s => s.id === id);
+  if (!currentSource) return;
+  $('title').textContent = `📬 ${currentSource.label}`;
+  $('feed').innerHTML = currentSource.feeds
+    .map(f => `<option value="${esc(f.value)}">${esc(f.label)}</option>`).join('');
+  $('feed').value = currentSource.defaultFeed;
+  renderSources();
+  load();
+}
+
+async function load() {
+  if (!currentSource) return;
+  const feed = $('feed').value;
+  $('status').classList.remove('err');
+  $('status').innerHTML = `<span class="spinner"></span> 加载中…`;
+  $('list').innerHTML = `<div class="empty"><span class="spinner"></span> 拉取 ${esc(currentSource.label)} ${esc(feed)}…</div>`;
+  try {
+    const r = await fetch(`/api/sources/${encodeURIComponent(currentSource.id)}/messages?feed=${encodeURIComponent(feed)}`);
+    const data = await r.json();
+    if (!data.ok) throw new Error(data.error);
+    $('status').textContent = `${data.messages.length} 条 · ${new Date(data.fetchedAt).toLocaleTimeString()} · ${data.tookMs}ms`;
+    if (!data.messages.length) {
+      const loginBtn = currentSource.supportsLogin
+        ? `<button id="loginBtn" class="primary" style="margin-top:1rem">打开 ${esc(currentSource.label)} 登录页</button>`
+        : '';
+      $('list').innerHTML = `<div class="empty">
+        该源暂无数据(可能需要登录或被反爬拦截)<br>${loginBtn}
+      </div>`;
+      const btn = document.getElementById('loginBtn');
+      if (btn) btn.onclick = doLogin;
+      return;
+    }
+    const ext = !!currentSource.externalOpen;
+    const renderLink = (url, text) => {
+      if (!url) return esc(text);
+      if (ext) {
+        return `<a href="#" class="ext-link" data-url="${esc(url)}" title="在 opencli 浏览器打开">${esc(text)} ↗</a>`;
+      }
+      return `<a href="${esc(url)}" target="_blank" rel="noopener">${esc(text)}</a>`;
+    };
+    $('list').innerHTML = data.messages.map((m, i) => {
+      const metaParts = (m.meta || [])
+        .map(x => `${esc(x.icon)} ${esc(x.value)}`)
+        .concat(m.author ? [`by ${esc(m.author)}`] : [])
+        .concat(m.discussUrl ? [renderLink(m.discussUrl, 'discuss')] : []);
+      return `
+      <div class="msg">
+        <div class="rank">${esc(m.extra?.rank ?? i + 1)}</div>
+        <div>
+          <div class="title">${renderLink(m.url, m.title)}</div>
+          <div class="meta">${metaParts.join(' · ')}</div>
+        </div>
+      </div>`;
+    }).join('');
+    if (ext) bindExtLinks();
+  } catch (e) {
+    $('status').textContent = '错误: ' + e.message;
+    $('status').classList.add('err');
+    $('list').innerHTML = `<div class="empty" style="color:#d33">⚠ ${esc(e.message)}</div>`;
+  }
+}
+
+async function doLogin() {
+  if (!currentSource) return;
+  const btn = document.getElementById('loginBtn');
+  if (btn) { btn.disabled = true; btn.textContent = '正在唤起浏览器…'; }
+  try {
+    const r = await fetch(`/api/sources/${encodeURIComponent(currentSource.id)}/login`, { method: 'POST' });
+    const data = await r.json();
+    if (!data.ok) throw new Error(data.error);
+    $('status').textContent = data.message || '已唤起浏览器,登录后点刷新';
+    if (btn) { btn.textContent = '已唤起,请在浏览器登录'; }
+  } catch (e) {
+    $('status').textContent = '登录失败: ' + e.message;
+    $('status').classList.add('err');
+    if (btn) { btn.disabled = false; btn.textContent = '重试登录'; }
+  }
+}
+
+function bindExtLinks() {
+  document.querySelectorAll('.ext-link').forEach(a => {
+    a.onclick = async (e) => {
+      e.preventDefault();
+      if (!currentSource) return;
+      const url = a.dataset.url;
+      const original = a.textContent;
+      a.textContent = '打开中…';
+      try {
+        const r = await fetch(
+          `/api/sources/${encodeURIComponent(currentSource.id)}/open?url=${encodeURIComponent(url)}`,
+          { method: 'POST' },
+        );
+        const data = await r.json();
+        if (!data.ok) throw new Error(data.error);
+        a.textContent = original;
+      } catch (err) {
+        a.textContent = original;
+        $('status').textContent = '打开失败: ' + err.message;
+        $('status').classList.add('err');
+      }
+    };
+  });
+}
+
+$('refresh').onclick = load;
+$('feed').onchange = load;
+init();
+</script>
+</body>
+</html>

package/server.js

@@ -0,0 +1,68 @@
+import express from 'express';
+import path from 'node:path';
+import { fileURLToPath } from 'node:url';
+import { listSources, getSource } from './sources/index.js';
+
+const __dirname = path.dirname(fileURLToPath(import.meta.url));
+const app = express();
+
+app.get('/api/sources', (_req, res) => {
+  res.json({ ok: true, sources: listSources() });
+});
+
+app.post('/api/sources/:id/open', async (req, res) => {
+  const source = getSource(req.params.id);
+  if (!source) return res.status(404).json({ ok: false, error: `unknown source ${req.params.id}` });
+  if (typeof source.openUrl !== 'function') {
+    return res.status(400).json({ ok: false, error: `${source.id} does not support external open` });
+  }
+  const url = String(req.query.url || '');
+  if (!url) return res.status(400).json({ ok: false, error: 'url required' });
+  try {
+    await source.openUrl(url);
+    res.json({ ok: true });
+  } catch (e) {
+    res.status(500).json({ ok: false, error: String(e.message || e) });
+  }
+});
+
+app.post('/api/sources/:id/login', async (req, res) => {
+  const source = getSource(req.params.id);
+  if (!source) return res.status(404).json({ ok: false, error: `unknown source ${req.params.id}` });
+  if (typeof source.login !== 'function') {
+    return res.status(400).json({ ok: false, error: `${source.id} does not support login` });
+  }
+  // Fire-and-forget: opencli will block waiting for the user to finish logging
+  // in. We don't want the HTTP request to hang for 5 minutes — kick it off and
+  // return immediately. Errors are logged server-side.
+  source.login().catch((e) => console.error(`[${source.id}] login flow:`, e.message));
+  res.json({ ok: true, message: '已唤起浏览器,请在弹出的页面完成登录,然后回到本页点刷新' });
+});
+
+app.get('/api/sources/:id/messages', async (req, res) => {
+  const source = getSource(req.params.id);
+  if (!source) return res.status(404).json({ ok: false, error: `unknown source ${req.params.id}` });
+  const feed = (req.query.feed || source.defaultFeed).toString();
+  if (!source.feeds.find((f) => f.value === feed)) {
+    return res.status(400).json({ ok: false, error: `unknown feed ${feed} for ${source.id}` });
+  }
+  const t0 = Date.now();
+  try {
+    const messages = await source.fetch(feed);
+    res.json({
+      ok: true,
+      sourceId: source.id,
+      feed,
+      fetchedAt: new Date().toISOString(),
+      tookMs: Date.now() - t0,
+      messages,
+    });
+  } catch (e) {
+    res.status(500).json({ ok: false, sourceId: source.id, feed, error: String(e.message || e) });
+  }
+});
+
+app.use(express.static(path.join(__dirname, 'public')));
+
+const PORT = process.env.PORT || 3000;
+app.listen(PORT, () => console.log(`📬 Inbox running at http://localhost:${PORT}`));

package/sources/_runner.js

@@ -0,0 +1,73 @@
+import { spawn } from 'node:child_process';
+
+// Force a Chrome window to the foreground on Windows. opencli's --window
+// foreground only marks the tab as active inside Chrome — Win10/11 block
+// SetForegroundWindow when the calling process isn't the focus owner, so the
+// window stays buried behind whatever the user is doing. We use
+// AttachThreadInput to share input state with the foreground thread, which
+// lifts that restriction. No-op on non-Windows.
+export function bringChromeToFront() {
+  if (process.platform !== 'win32') return Promise.resolve();
+  const ps = `
+$sig = @"
+using System;
+using System.Diagnostics;
+using System.Runtime.InteropServices;
+public class W {
+  [DllImport("user32.dll")] public static extern bool SetForegroundWindow(IntPtr h);
+  [DllImport("user32.dll")] public static extern bool ShowWindow(IntPtr h, int n);
+  [DllImport("user32.dll")] public static extern bool BringWindowToTop(IntPtr h);
+  [DllImport("user32.dll")] public static extern bool AttachThreadInput(uint a, uint b, bool c);
+  [DllImport("user32.dll")] public static extern uint GetWindowThreadProcessId(IntPtr h, out uint p);
+  [DllImport("user32.dll")] public static extern IntPtr GetForegroundWindow();
+  [DllImport("kernel32.dll")] public static extern uint GetCurrentThreadId();
+}
+"@
+Add-Type -TypeDefinition $sig -ErrorAction SilentlyContinue
+$proc = Get-Process chrome -ErrorAction SilentlyContinue | Where-Object { $_.MainWindowHandle -ne 0 } | Select-Object -First 1
+if ($proc) {
+  $h = $proc.MainWindowHandle
+  $fg = [W]::GetForegroundWindow()
+  $cur = [W]::GetCurrentThreadId()
+  $fgTid = [W]::GetWindowThreadProcessId($fg, [ref]([uint32]0))
+  [W]::AttachThreadInput($fgTid, $cur, $true) | Out-Null
+  [W]::ShowWindow($h, 9) | Out-Null
+  [W]::BringWindowToTop($h) | Out-Null
+  [W]::SetForegroundWindow($h) | Out-Null
+  [W]::AttachThreadInput($fgTid, $cur, $false) | Out-Null
+}
+`;
+  return new Promise((resolve) => {
+    const child = spawn('powershell.exe', ['-NoProfile', '-NonInteractive', '-Command', ps], { windowsHide: true });
+    child.on('close', () => resolve());
+    child.on('error', () => resolve());
+  });
+}
+
+export function runOpencli(args, { timeoutMs = 60_000 } = {}) {
+  return new Promise((resolve, reject) => {
+    const child = spawn('opencli', args, { shell: process.platform === 'win32' });
+    let stdout = '';
+    let stderr = '';
+    const timer = setTimeout(() => {
+      child.kill();
+      reject(new Error(`opencli ${args.join(' ')} timed out after ${timeoutMs}ms`));
+    }, timeoutMs);
+    child.stdout.on('data', (d) => (stdout += d));
+    child.stderr.on('data', (d) => (stderr += d));
+    child.on('error', (e) => { clearTimeout(timer); reject(e); });
+    child.on('close', (code) => {
+      clearTimeout(timer);
+      if (code !== 0) return reject(new Error(stderr.trim() || `opencli exit ${code}`));
+      resolve(stdout);
+    });
+  });
+}
+
+// opencli sometimes prints "⚠ Batch fetch failed..." warnings before the JSON
+// payload. Find the first '[' or '{' and parse from there.
+export function extractJson(raw) {
+  const start = raw.search(/[\[{]/);
+  if (start < 0) throw new Error('no JSON in opencli output: ' + raw.slice(0, 200));
+  return JSON.parse(raw.slice(start));
+}

package/sources/hackernews.js

@@ -0,0 +1,33 @@
+import { runOpencli, extractJson } from './_runner.js';
+
+export default {
+  id: 'hackernews',
+  label: 'Hacker News',
+  icon: 'Y',
+  feeds: [
+    { value: 'top',  label: 'Top' },
+    { value: 'new',  label: 'New' },
+    { value: 'best', label: 'Best' },
+    { value: 'ask',  label: 'Ask HN' },
+    { value: 'show', label: 'Show HN' },
+    { value: 'jobs', label: 'Jobs' },
+  ],
+  defaultFeed: 'top',
+
+  async fetch(feed = 'top') {
+    const out = await runOpencli(['hackernews', feed, '-f', 'json']);
+    const items = extractJson(out);
+    return items.map((it) => ({
+      id: String(it.id),
+      title: it.title,
+      url: it.url || `https://news.ycombinator.com/item?id=${it.id}`,
+      author: it.author ?? '',
+      discussUrl: `https://news.ycombinator.com/item?id=${it.id}`,
+      meta: [
+        { icon: '▲', value: it.score ?? 0 },
+        { icon: '💬', value: it.comments ?? 0 },
+      ],
+      extra: { rank: it.rank },
+    }));
+  },
+};

package/sources/index.js

@@ -0,0 +1,18 @@
+import hackernews from './hackernews.js';
+import reddit from './reddit.js';
+import zhihu from './zhihu.js';
+
+const sources = [hackernews, reddit, zhihu];
+const byId = new Map(sources.map((s) => [s.id, s]));
+
+export function listSources() {
+  return sources.map(({ id, label, icon, feeds, defaultFeed, supportsLogin, externalOpen }) => ({
+    id, label, icon, feeds, defaultFeed,
+    supportsLogin: !!supportsLogin,
+    externalOpen: !!externalOpen,
+  }));
+}
+
+export function getSource(id) {
+  return byId.get(id);
+}

package/sources/reddit.js

@@ -0,0 +1,31 @@
+import { runOpencli, extractJson } from './_runner.js';
+
+export default {
+  id: 'reddit',
+  label: 'Reddit',
+  icon: 'R',
+  feeds: [
+    { value: 'hot',       label: 'Hot' },
+    { value: 'popular',   label: 'Popular' },
+    { value: 'frontpage', label: 'Frontpage' },
+  ],
+  defaultFeed: 'hot',
+
+  async fetch(feed = 'hot') {
+    const out = await runOpencli(['reddit', feed, '-f', 'json'], { timeoutMs: 120_000 });
+    const items = extractJson(out);
+    return items.map((it) => ({
+      id: String(it.postId ?? it.id ?? it.rank),
+      title: it.title,
+      url: it.url_overridden_by_dest || it.url,
+      author: it.author ?? '',
+      discussUrl: it.url,
+      meta: [
+        { icon: '▲', value: it.score ?? 0 },
+        { icon: '💬', value: it.comments ?? 0 },
+        it.subreddit ? { icon: '#', value: it.subreddit } : null,
+      ].filter(Boolean),
+      extra: { rank: it.rank, subreddit: it.subreddit },
+    }));
+  },
+};

package/sources/zhihu.js

@@ -0,0 +1,69 @@
+import { runOpencli, extractJson, bringChromeToFront } from './_runner.js';
+
+export default {
+  id: 'zhihu',
+  label: '知乎',
+  icon: '知',
+  feeds: [
+    { value: 'hot',       label: '热榜' },
+    { value: 'recommend', label: '推荐' },
+  ],
+  defaultFeed: 'hot',
+  // marker for the frontend: this source supports the login flow below
+  supportsLogin: true,
+  // marker for the frontend: clicking a message link should be routed through
+  // /api/sources/:id/open instead of <a href>, so the URL is opened in
+  // opencli's logged-in Chrome rather than the user's regular browser.
+  externalOpen: true,
+
+  async fetch(feed = 'hot') {
+    const out = await runOpencli(
+      ['zhihu', feed, '-f', 'json', '--site-session', 'persistent', '--keep-tab', 'true'],
+      { timeoutMs: 120_000 },
+    );
+    const items = extractJson(out);
+    return items.map((it, i) => ({
+      id: String(it.id ?? it.questionId ?? `${feed}-${i}`),
+      title: it.title,
+      url: it.url || (it.questionId ? `https://www.zhihu.com/question/${it.questionId}` : undefined),
+      author: it.author ?? '',
+      meta: [
+        it.heat    != null ? { icon: '🔥', value: it.heat }    : null,
+        it.answers != null ? { icon: '💬', value: it.answers } : null,
+      ].filter(Boolean),
+      extra: { rank: it.rank },
+    }));
+  },
+
+  // Opening a zhihu question URL cold triggers their 40362 risk-control
+  // ("您当前请求存在异常"). The same URL clicked from the homepage is fine.
+  // So we warm up the tab on https://www.zhihu.com first (which establishes
+  // a normal browsing session), wait briefly for cookies/JS to settle, then
+  // navigate the same tab to the target. Same session name keeps the tab
+  // shared so this is one continuous browsing context, not two cold loads.
+  async openUrl(url) {
+    if (!/^https?:\/\//.test(url)) throw new Error('invalid url');
+    await runOpencli(
+      ['browser', 'inbox-zhihu', '--window', 'foreground', 'open', 'https://www.zhihu.com'],
+      { timeoutMs: 60_000 },
+    );
+    await new Promise((r) => setTimeout(r, 1500));
+    const out = await runOpencli(
+      ['browser', 'inbox-zhihu', '--window', 'foreground', 'open', url],
+      { timeoutMs: 60_000 },
+    );
+    // opencli's --window foreground hits SetForegroundWindow restrictions on
+    // Win10/11 when the inbox isn't the focused app, so Chrome ends up active
+    // but buried. AttachThreadInput-based promotion lifts it visibly.
+    await bringChromeToFront();
+    return out;
+  },
+
+  async login() {
+    await runOpencli(
+      ['browser', 'inbox-zhihu', '--window', 'foreground', 'open', 'https://www.zhihu.com/signin'],
+      { timeoutMs: 60_000 },
+    );
+    await bringChromeToFront();
+  },
+};