npm - openyida - Versions diffs - 2026.5.21 → 2026.5.25-beta.0 - Mend

openyida 2026.5.21 → 2026.5.25-beta.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (19) hide show

package/README.md +3 -0
package/bin/yida.js +7 -1
package/lib/app/app-list.js +20 -1
package/lib/app/externalize-form.js +642 -0
package/lib/core/command-manifest.js +3 -0
package/lib/core/copy.js +50 -8
package/lib/core/locales/ar.js +1 -0
package/lib/core/locales/de.js +1 -0
package/lib/core/locales/en.js +1 -0
package/lib/core/locales/es.js +1 -0
package/lib/core/locales/fr.js +1 -0
package/lib/core/locales/hi.js +1 -0
package/lib/core/locales/ja.js +1 -0
package/lib/core/locales/ko.js +1 -0
package/lib/core/locales/pt.js +1 -0
package/lib/core/locales/vi.js +1 -0
package/lib/core/locales/zh-HK.js +1 -0
package/lib/core/locales/zh.js +1 -0
package/package.json +1 -1

package/README.md CHANGED Viewed

@@ -340,6 +340,9 @@ For overseas apps, pass `--locale en_US` or `--locale ja_JP` on creation command
 | `openyida verify-short-url <appType> <formUuid> <url>` | Verify a short URL |
 | `openyida save-share-config <appType> <formUuid> <url> <isOpen> [openAuth]` | Save public access or sharing configuration |
 | `openyida get-page-config <appType> <formUuid>` | Query public access or sharing configuration |
+| `openyida externalize-form <appType> <formUuid> [--schema-file file]` | Assess public-access blockers and generate external-safe mirror fields |
+`openyida externalize-form` is useful when a form contains fields such as `AssociationFormField`, `EmployeeField`, or `DepartmentSelectField` that depend on internal organization permissions. It produces a report plus optional `--mirror-fields-output` JSON that can be used with `openyida create-form create` to build a separate public intake form while keeping the internal form and its association fields private.
 ### Workflow, Reports, and Integrations

package/bin/yida.js CHANGED Viewed

@@ -426,7 +426,7 @@ async function main() {
     case 'copy': {
       const { run } = require('../lib/core/copy');
-      run();
+      run(args);
       break;
     }
@@ -717,6 +717,12 @@ async function main() {
       break;
     }
+    case 'externalize-form': {
+      const { run } = require('../lib/app/externalize-form');
+      await run(args);
+      break;
+    }
     case 'update-form-config': {
       if (args.length < 4) {
         warn(t('cli.form_config_usage'));

package/lib/app/app-list.js CHANGED Viewed

@@ -19,7 +19,6 @@ const {
   httpGet,
   requestWithAutoLogin,
 } = require('../core/utils');
-const { t } = require('../core/i18n');
 const API_PATH = '/query/app/getAppList.json';
@@ -90,11 +89,31 @@ function formatApp(app) {
   };
 }
+function hasHelpFlag(args) {
+  return (args || []).includes('--help') || (args || []).includes('-h');
+}
+function printUsage() {
+  process.stderr.write([
+    'Usage: openyida app-list [--size N]',
+    '',
+    'Options:',
+    '  --size N     Page size used when fetching apps, default: 20',
+    '  --help, -h   Show this help',
+    '',
+  ].join('\n'));
+}
 /**
  * app-list 命令主入口
  * @param {string[]} args
  */
 async function run(args) {
+  if (hasHelpFlag(args)) {
+    printUsage();
+    return;
+  }
   const pageSizeIndex = args.indexOf('--size');
   const pageSize = pageSizeIndex !== -1 && args[pageSizeIndex + 1]
     ? parseInt(args[pageSizeIndex + 1], 10)

package/lib/app/externalize-form.js ADDED Viewed

@@ -0,0 +1,642 @@
+'use strict';
+const fs = require('fs');
+const path = require('path');
+const {
+  loadCookieData,
+  triggerLogin,
+  resolveBaseUrl,
+  httpGet,
+  requestWithAutoLogin,
+} = require('../core/utils');
+const FIELD_COMPONENT_NAMES = new Set([
+  'TextField',
+  'TextareaField',
+  'SelectField',
+  'DateField',
+  'NumberField',
+  'RadioField',
+  'CheckboxField',
+  'EmployeeField',
+  'PhoneField',
+  'EmailField',
+  'CascadeSelectField',
+  'ImageField',
+  'AttachmentField',
+  'TableField',
+  'MultiSelectField',
+  'DepartmentSelectField',
+  'AssociationFormField',
+  'CountrySelectField',
+  'CitySelectField',
+  'RateField',
+  'SignatureField',
+  'SerialNumberField',
+  'AddressField',
+]);
+const PUBLIC_BLOCKED_TYPES = new Set([
+  'AssociationFormField',
+  'EmployeeField',
+  'DepartmentSelectField',
+]);
+const REVIEW_TYPES = new Set([
+  'AttachmentField',
+  'ImageField',
+  'SignatureField',
+  'TableField',
+  'CascadeSelectField',
+  'CountrySelectField',
+  'CitySelectField',
+  'AddressField',
+]);
+const SAFE_CREATE_FORM_TYPES = new Set([
+  'TextField',
+  'TextareaField',
+  'SelectField',
+  'DateField',
+  'NumberField',
+  'RadioField',
+  'CheckboxField',
+  'PhoneField',
+  'EmailField',
+  'MultiSelectField',
+  'RateField',
+  'AttachmentField',
+  'ImageField',
+]);
+function readOption(args, names, fallback = '') {
+  const optionNames = Array.isArray(names) ? names : [names];
+  for (const name of optionNames) {
+    const index = args.indexOf(name);
+    if (index !== -1 && args[index + 1] && !args[index + 1].startsWith('--')) {
+      return args[index + 1];
+    }
+  }
+  return fallback;
+}
+function parseArgs(args) {
+  const parsed = {
+    appType: '',
+    formUuid: '',
+    schemaFile: '',
+    output: '',
+    mirrorFieldsOutput: '',
+    format: 'json',
+    target: 'open',
+    mirrorTitle: '',
+    help: false,
+  };
+  const positional = [];
+  for (let index = 0; index < args.length; index++) {
+    const arg = args[index];
+    if (arg === '--help' || arg === '-h') {
+      parsed.help = true;
+    } else if (arg === '--schema-file' || arg === '--schema') {
+      parsed.schemaFile = readOption(args, arg);
+      index++;
+    } else if (arg === '--output' || arg === '-o') {
+      parsed.output = readOption(args, arg);
+      index++;
+    } else if (arg === '--mirror-fields-output' || arg === '--fields-output') {
+      parsed.mirrorFieldsOutput = readOption(args, arg);
+      index++;
+    } else if (arg === '--format') {
+      parsed.format = readOption(args, arg, 'json');
+      index++;
+    } else if (arg === '--target') {
+      parsed.target = readOption(args, arg, 'open');
+      index++;
+    } else if (arg === '--mirror-title') {
+      parsed.mirrorTitle = readOption(args, arg);
+      index++;
+    } else if (arg.startsWith('--')) {
+      throw new Error(`Unknown option: ${arg}`);
+    } else {
+      positional.push(arg);
+    }
+  }
+  parsed.appType = positional[0] || '';
+  parsed.formUuid = positional[1] || '';
+  if (!['json', 'markdown'].includes(parsed.format)) {
+    throw new Error(`Unsupported format: ${parsed.format}`);
+  }
+  if (!['open', 'share'].includes(parsed.target)) {
+    throw new Error(`Unsupported target: ${parsed.target}`);
+  }
+  return parsed;
+}
+function printUsage() {
+  const lines = [
+    'Usage: openyida externalize-form <appType> <formUuid> [options]',
+    '',
+    'Options:',
+    '  --schema-file <file>          Read a saved get-schema JSON file instead of fetching remotely',
+    '  --output, -o <file>           Write the report to a file',
+    '  --mirror-fields-output <file> Write external-safe create-form fields JSON',
+    '  --format json|markdown        Output format, default: json',
+    '  --target open|share           Access target, default: open',
+    '  --mirror-title <title>        Title used in suggested create-form command',
+    '',
+    'Examples:',
+    '  openyida externalize-form APP_XXX FORM-XXX --schema-file .cache/schema.json',
+    '  openyida externalize-form APP_XXX FORM-XXX --mirror-fields-output .cache/external-fields.json',
+  ];
+  process.stderr.write(`${lines.join('\n')}\n`);
+}
+function extractText(value) {
+  if (value === null || value === undefined) {
+    return '';
+  }
+  if (typeof value === 'string') {
+    return value;
+  }
+  if (typeof value === 'number' || typeof value === 'boolean') {
+    return String(value);
+  }
+  if (Array.isArray(value)) {
+    return value.map(extractText).filter(Boolean).join(', ');
+  }
+  if (typeof value === 'object') {
+    return extractText(
+      value.zh_CN ||
+      value.en_US ||
+      value.ja_JP ||
+      value.value ||
+      value.text ||
+      value.label ||
+      value.name ||
+      value.title ||
+      ''
+    );
+  }
+  return '';
+}
+function isRequired(props) {
+  if (!props) {
+    return false;
+  }
+  if (props.required === true) {
+    return true;
+  }
+  const validation = Array.isArray(props.validation) ? props.validation : [];
+  return validation.some(rule => rule && rule.type === 'required');
+}
+function getPages(schemaResult) {
+  if (schemaResult && schemaResult.content && Array.isArray(schemaResult.content.pages)) {
+    return schemaResult.content.pages;
+  }
+  if (schemaResult && Array.isArray(schemaResult.pages)) {
+    return schemaResult.pages;
+  }
+  return [];
+}
+function collectFieldNodes(schemaResult) {
+  const fields = [];
+  const pages = getPages(schemaResult);
+  function traverse(node, parents) {
+    if (!node) {
+      return;
+    }
+    const props = node.props || {};
+    const label = extractText(props.label);
+    const nextParents = FIELD_COMPONENT_NAMES.has(node.componentName) && label
+      ? parents.concat(label)
+      : parents;
+    if (FIELD_COMPONENT_NAMES.has(node.componentName)) {
+      fields.push({
+        componentName: node.componentName,
+        props,
+        label,
+        fieldId: props.fieldId || '',
+        required: isRequired(props),
+        behavior: props.behavior || '',
+        path: nextParents.join(' > '),
+      });
+    }
+    const children = Array.isArray(node.children) ? node.children : [];
+    children.forEach(child => traverse(child, nextParents));
+  }
+  pages.forEach((page) => {
+    const roots = page && page.componentsTree ? page.componentsTree : [];
+    roots.forEach(root => traverse(root, []));
+  });
+  return fields;
+}
+function getRisk(field, target) {
+  if (target === 'share') {
+    if (field.componentName === 'AssociationFormField') {
+      return {
+        level: 'review',
+        reason: 'Association fields require internal form data permission and should be verified for org-share scenarios.',
+      };
+    }
+    return { level: 'safe', reason: 'Internal share keeps the visitor inside the organization permission boundary.' };
+  }
+  if (PUBLIC_BLOCKED_TYPES.has(field.componentName)) {
+    return {
+      level: 'blocked',
+      reason: `${field.componentName} depends on authenticated organization data and is not reliable for anonymous public access.`,
+    };
+  }
+  if (REVIEW_TYPES.has(field.componentName)) {
+    return {
+      level: 'review',
+      reason: `${field.componentName} may need a browser verification or a simpler external intake field.`,
+    };
+  }
+  return { level: 'safe', reason: 'Primitive input field, suitable for external intake.' };
+}
+function associationTarget(props) {
+  const associationForm = props && props.associationForm ? props.associationForm : {};
+  return {
+    appType: associationForm.appType || '',
+    formUuid: associationForm.formUuid || '',
+    formTitle: associationForm.formTitle || '',
+    mainFieldId: associationForm.mainFieldId || '',
+    mainFieldLabel: extractText(associationForm.mainFieldLabel),
+  };
+}
+function planField(field, target) {
+  const risk = getRisk(field, target);
+  const plan = {
+    label: field.label || field.fieldId || field.componentName,
+    fieldId: field.fieldId,
+    componentName: field.componentName,
+    required: field.required,
+    behavior: field.behavior,
+    path: field.path,
+    riskLevel: risk.level,
+    reason: risk.reason,
+    externalStrategy: 'keep',
+  };
+  if (field.componentName === 'AssociationFormField') {
+    plan.associationTarget = associationTarget(field.props);
+    plan.externalStrategy = 'snapshot-and-resolve-internal';
+  } else if (field.componentName === 'EmployeeField') {
+    plan.externalStrategy = 'collect-name-or-contact';
+  } else if (field.componentName === 'DepartmentSelectField') {
+    plan.externalStrategy = 'collect-department-text';
+  } else if (risk.level === 'review') {
+    plan.externalStrategy = 'verify-or-simplify';
+  }
+  return plan;
+}
+function mirrorLabel(label, suffix) {
+  if (!label) {
+    return suffix;
+  }
+  return `${label}${suffix}`;
+}
+function associationSnapshotLabel(plan) {
+  const target = plan.associationTarget || {};
+  const targetMainLabel = target.mainFieldLabel || '';
+  if (targetMainLabel) {
+    return targetMainLabel;
+  }
+  if (plan.label && plan.label.endsWith('名称')) {
+    return plan.label;
+  }
+  return mirrorLabel(plan.label, '名称');
+}
+function mirrorFieldForPlan(plan) {
+  const base = {
+    label: plan.label,
+    required: plan.required,
+    sourceFieldId: plan.fieldId,
+    sourceComponentName: plan.componentName,
+    sourceStrategy: plan.externalStrategy,
+  };
+  if (plan.componentName === 'AssociationFormField') {
+    const target = plan.associationTarget || {};
+    return [
+      {
+        type: 'TextField',
+        label: associationSnapshotLabel(plan),
+        required: plan.required,
+        sourceFieldId: plan.fieldId,
+        sourceComponentName: plan.componentName,
+        sourceStrategy: 'association-main-field-snapshot',
+        targetFormUuid: target.formUuid,
+        targetMainFieldId: target.mainFieldId,
+      },
+      {
+        type: 'TextField',
+        label: mirrorLabel(plan.label, '业务标识'),
+        required: false,
+        sourceFieldId: plan.fieldId,
+        sourceComponentName: plan.componentName,
+        sourceStrategy: 'association-business-key-for-internal-resolution',
+        targetFormUuid: target.formUuid,
+      },
+    ];
+  }
+  if (plan.componentName === 'EmployeeField') {
+    return [
+      { ...base, type: 'TextField', label: mirrorLabel(plan.label, '姓名') },
+      { ...base, type: 'TextField', label: mirrorLabel(plan.label, '联系方式'), required: false },
+    ];
+  }
+  if (plan.componentName === 'DepartmentSelectField') {
+    return [{ ...base, type: 'TextField', label: mirrorLabel(plan.label, '名称') }];
+  }
+  if (SAFE_CREATE_FORM_TYPES.has(plan.componentName)) {
+    return [{ ...base, type: plan.componentName }];
+  }
+  if (plan.componentName === 'SerialNumberField') {
+    return [];
+  }
+  return [{ ...base, type: 'TextareaField', label: mirrorLabel(plan.label, '说明'), required: false }];
+}
+function buildMirrorFields(fields) {
+  const mirrorFields = [];
+  fields.forEach((field) => {
+    mirrorFields.push(...mirrorFieldForPlan(field));
+  });
+  return mirrorFields;
+}
+function summarize(fields) {
+  const summary = {
+    totalFields: fields.length,
+    safeFields: 0,
+    reviewFields: 0,
+    blockedFields: 0,
+    associationFields: 0,
+    authBoundFields: 0,
+  };
+  fields.forEach((field) => {
+    if (field.riskLevel === 'safe') {
+      summary.safeFields++;
+    } else if (field.riskLevel === 'review') {
+      summary.reviewFields++;
+    } else if (field.riskLevel === 'blocked') {
+      summary.blockedFields++;
+    }
+    if (field.componentName === 'AssociationFormField') {
+      summary.associationFields++;
+    }
+    if (PUBLIC_BLOCKED_TYPES.has(field.componentName)) {
+      summary.authBoundFields++;
+    }
+  });
+  return summary;
+}
+function buildRecommendedActions(parsed, report) {
+  const actions = [
+    'Create a separate external intake form from mirrorFields instead of exposing the internal form directly.',
+    'Keep association fields in the internal form and resolve them after submission by business key or manual review.',
+    'Copy human-readable snapshots into the external form so public visitors never need target-form permissions.',
+  ];
+  if (parsed.mirrorFieldsOutput) {
+    const title = parsed.mirrorTitle || `${report.formTitle || 'External Intake'} External`;
+    actions.unshift(
+      `Create mirror form: openyida create-form create ${parsed.appType} "${title}" ${parsed.mirrorFieldsOutput}`
+    );
+  }
+  if (report.summary.blockedFields === 0 && report.summary.reviewFields === 0) {
+    actions.unshift('No blocked fields were found; public access can still be verified with save-share-config and Chrome.');
+  }
+  return actions;
+}
+function inferFormTitle(schemaResult, formUuid) {
+  const content = schemaResult && schemaResult.content ? schemaResult.content : schemaResult;
+  return extractText(
+    content && (
+      content.formName ||
+      content.formTitle ||
+      content.title ||
+      content.name
+    )
+  ) || formUuid;
+}
+function analyzeSchema(schemaResult, options = {}) {
+  const target = options.target || 'open';
+  const fields = collectFieldNodes(schemaResult).map(field => planField(field, target));
+  const report = {
+    success: true,
+    appType: options.appType || '',
+    formUuid: options.formUuid || '',
+    formTitle: inferFormTitle(schemaResult, options.formUuid || ''),
+    target,
+    source: options.source || 'schema',
+    summary: summarize(fields),
+    fields,
+    mirrorFields: buildMirrorFields(fields),
+    recommendedActions: [],
+    notes: [
+      'OpenYida cannot relax Yida platform permission boundaries for anonymous visitors.',
+      'This plan keeps internal association fields private and generates external-safe snapshot fields.',
+      'For fully automated sync, add an internal automation or API worker that resolves submitted business keys.',
+    ],
+  };
+  report.recommendedActions = buildRecommendedActions(options, report);
+  return report;
+}
+function renderMarkdown(report) {
+  const lines = [
+    `# External Access Plan: ${report.formTitle || report.formUuid}`,
+    '',
+    `- App: ${report.appType || '-'}`,
+    `- Form: ${report.formUuid || '-'}`,
+    `- Target: ${report.target}`,
+    `- Total fields: ${report.summary.totalFields}`,
+    `- Blocked fields: ${report.summary.blockedFields}`,
+    `- Review fields: ${report.summary.reviewFields}`,
+    '',
+    '## Fields',
+    '',
+    '| Label | Type | Risk | Strategy | Reason |',
+    '| --- | --- | --- | --- | --- |',
+  ];
+  report.fields.forEach((field) => {
+    lines.push(
+      `| ${field.label || '-'} | ${field.componentName} | ${field.riskLevel} | ${field.externalStrategy} | ${field.reason} |`
+    );
+  });
+  lines.push('', '## Recommended Actions', '');
+  report.recommendedActions.forEach(action => lines.push(`- ${action}`));
+  lines.push('', '## Mirror Fields', '', '```json');
+  lines.push(JSON.stringify(report.mirrorFields, null, 2));
+  lines.push('```', '');
+  return lines.join('\n');
+}
+function writeJson(filePath, data) {
+  const resolved = path.resolve(filePath);
+  fs.mkdirSync(path.dirname(resolved), { recursive: true });
+  fs.writeFileSync(resolved, JSON.stringify(data, null, 2), 'utf-8');
+  return resolved;
+}
+function writeText(filePath, text) {
+  const resolved = path.resolve(filePath);
+  fs.mkdirSync(path.dirname(resolved), { recursive: true });
+  fs.writeFileSync(resolved, text, 'utf-8');
+  return resolved;
+}
+function resolveOutputPath(filePath) {
+  const resolved = path.resolve(filePath);
+  fs.mkdirSync(path.dirname(resolved), { recursive: true });
+  return resolved;
+}
+function loadSchemaFile(filePath) {
+  const raw = fs.readFileSync(path.resolve(filePath), 'utf-8');
+  return JSON.parse(raw);
+}
+function createAuthRef() {
+  let cookieData = loadCookieData();
+  if (!cookieData) {
+    cookieData = triggerLogin();
+  }
+  return {
+    csrfToken: cookieData.csrf_token,
+    cookies: cookieData.cookies,
+    baseUrl: resolveBaseUrl(cookieData),
+    cookieData,
+  };
+}
+async function fetchSchema(appType, formUuid, authRef) {
+  return requestWithAutoLogin((auth) => {
+    return httpGet(
+      auth.baseUrl,
+      `/alibaba/web/${appType}/_view/query/formdesign/getFormSchema.json`,
+      { formUuid, schemaVersion: 'V5' },
+      auth.cookies
+    );
+  }, authRef);
+}
+function ensureSuccessfulSchema(result) {
+  if (!result || result.success === false || result.__needLogin || result.__csrfExpired) {
+    const message = result && (result.errorMsg || result.message)
+      ? result.errorMsg || result.message
+      : 'Failed to fetch form schema';
+    throw new Error(message);
+  }
+}
+async function loadSchema(parsed) {
+  if (parsed.schemaFile) {
+    return {
+      schema: loadSchemaFile(parsed.schemaFile),
+      source: path.resolve(parsed.schemaFile),
+    };
+  }
+  const authRef = createAuthRef();
+  const schema = await fetchSchema(parsed.appType, parsed.formUuid, authRef);
+  ensureSuccessfulSchema(schema);
+  return { schema, source: 'remote' };
+}
+async function run(args) {
+  let parsed;
+  try {
+    parsed = parseArgs(args || []);
+  } catch (error) {
+    console.error(error.message);
+    printUsage();
+    process.exit(1);
+  }
+  if (parsed.help) {
+    printUsage();
+    return;
+  }
+  if (!parsed.appType || !parsed.formUuid) {
+    printUsage();
+    process.exit(1);
+  }
+  try {
+    const loaded = await loadSchema(parsed);
+    const report = analyzeSchema(loaded.schema, {
+      ...parsed,
+      source: loaded.source,
+    });
+    const files = {};
+    if (parsed.mirrorFieldsOutput) {
+      files.mirrorFields = writeJson(parsed.mirrorFieldsOutput, report.mirrorFields);
+    }
+    if (parsed.output) {
+      files.report = resolveOutputPath(parsed.output);
+    }
+    report.files = files;
+    if (parsed.output) {
+      if (parsed.format === 'markdown') {
+        writeText(files.report, renderMarkdown(report));
+      } else {
+        writeJson(files.report, report);
+      }
+    }
+    const finalOutput = parsed.format === 'markdown'
+      ? renderMarkdown(report)
+      : JSON.stringify(report, null, 2);
+    console.log(finalOutput);
+  } catch (error) {
+    console.error(`externalize-form failed: ${error.message}`);
+    process.exit(1);
+  }
+}
+module.exports = {
+  parseArgs,
+  collectFieldNodes,
+  analyzeSchema,
+  renderMarkdown,
+  run,
+  _private: {
+    extractText,
+    isRequired,
+    planField,
+    buildMirrorFields,
+    summarize,
+  },
+};

package/lib/core/command-manifest.js CHANGED Viewed

@@ -110,6 +110,9 @@ const COMMAND_GROUPS = [
       command('verify-short-url', ['verify-short-url'], 'verify-short-url <appType> ...', 'help.cmd_verify_url'),
       command('save-share-config', ['save-share-config'], 'save-share-config <appType> ...', 'help.cmd_save_share'),
       command('get-page-config', ['get-page-config'], 'get-page-config <appType> <formUuid>', 'help.cmd_get_page_config'),
+      command('externalize-form', ['externalize-form'], 'externalize-form <appType> <formUuid> [--schema-file file]', 'help.cmd_externalize_form', {
+        output: 'json|markdown',
+      }),
     ],
   },
   {

package/lib/core/copy.js CHANGED Viewed

@@ -81,6 +81,30 @@ function mergeCopyDir(sourceDir, destDir) {
   return copiedCount;
 }
+function resolveExistingPath(targetPath) {
+  try {
+    return fs.realpathSync(targetPath);
+  } catch {
+    return path.resolve(targetPath);
+  }
+}
+function isSameDirectory(a, b) {
+  const pathA = resolveExistingPath(a);
+  const pathB = resolveExistingPath(b);
+  if (process.platform === 'win32') {
+    return pathA.toLowerCase() === pathB.toLowerCase();
+  }
+  return pathA === pathB;
+}
+function clearDirectoryContents(dir) {
+  const entries = fs.readdirSync(dir, { withFileTypes: true });
+  for (const entry of entries) {
+    fs.rmSync(path.join(dir, entry.name), { recursive: true, force: true });
+  }
+}
 /**
  * 强制复制目录：先清空目标目录，再完整复制。
  * @returns {number} 复制的文件数量
@@ -89,7 +113,11 @@ function forceCopyDir(sourceDir, destDir) {
   if (!fs.existsSync(sourceDir)) {return 0;}
   if (fs.existsSync(destDir)) {
-    fs.rmSync(destDir, { recursive: true, force: true });
+    if (isSameDirectory(destDir, process.cwd())) {
+      clearDirectoryContents(destDir);
+    } else {
+      fs.rmSync(destDir, { recursive: true, force: true });
+    }
     console.log(t('copy.cleared', destDir));
   }
@@ -182,9 +210,11 @@ function createSymlink(sourceDir, destLink) {
  * @param {string|null} activeToolName
  * @param {string|null} activeProjectRoot
  * @param {Array} envResults
+ * @param {object} [options]
+ * @param {boolean} [options.allowCurrentDir=false] - 未检测到活跃 AI 工具时，是否允许使用当前目录
  * @returns {string} 目标根目录路径
  */
-function resolveDestBaseFromEnv(activeToolName, activeProjectRoot, envResults) {
+function resolveDestBaseFromEnv(activeToolName, activeProjectRoot, envResults, options = {}) {
   const activeResult = envResults.find((r) => r.displayName === activeToolName);
   const isWukong = activeResult && activeResult.dirName === '.real';
@@ -201,6 +231,10 @@ function resolveDestBaseFromEnv(activeToolName, activeProjectRoot, envResults) {
     return process.cwd();
   }
+  if (options.allowCurrentDir) {
+    return process.cwd();
+  }
   // 未检测到活跃工具
   warn(t('copy.no_ai_tool'));
   envResults.forEach((r) => {
@@ -223,13 +257,13 @@ function copyItem(label, sourceDir, destDir, isForce) {
 /**
  * 执行 copy 命令主逻辑。
+ * @param {string[]} [args=process.argv.slice(3)] 命令参数
  */
-function run() {
+function run(args = process.argv.slice(3)) {
   const { c, sep, banner, info, success, hint, label, fail: chalkFail, listItem } = require('./chalk');
   banner(t('copy.title'), { stderr: false });
-  const args = process.argv.slice(3);
   const isForce = args.includes('--force');
   const wantsSkills = args.includes('-skills');
   const wantsProject = args.includes('-project');
@@ -250,7 +284,9 @@ function run() {
   const { activeToolName, activeProjectRoot, results: envResults } = detectEnvironment();
   const activeEnvResult = envResults.find((r) => r.isActive);
   const isWukong = activeEnvResult && activeEnvResult.dirName === '.real';
-  const destBase = resolveDestBaseFromEnv(activeToolName, activeProjectRoot, envResults);
+  const destBase = resolveDestBaseFromEnv(activeToolName, activeProjectRoot, envResults, {
+    allowCurrentDir: isForce,
+  });
   label('Target', destBase, { stderr: false });
   if (isForce) {
     warn(t('copy.force_mode'), false);
@@ -345,8 +381,8 @@ function run() {
   }
   // 4. 打印汇总
-  const copyCount = results.filter(r => r.type === 'copy').reduce((sum, r) => sum + r.count, 0);
-  const linkCount = results.filter(r => r.type === 'symlink').length;
+  const copyCount = results.filter((r) => r.type === 'copy').reduce((sum, r) => sum + r.count, 0);
+  const linkCount = results.filter((r) => r.type === 'symlink').length;
   console.log('');
   console.log(`  ${sep()}`);
   success(t('copy.done'), false);
@@ -369,4 +405,10 @@ function run() {
   console.log(`  ${sep()}\n`);
 }
-module.exports = { run };
+module.exports = {
+  run,
+  _internal: {
+    forceCopyDir,
+    resolveDestBaseFromEnv,
+  },
+};

package/lib/core/locales/ar.js CHANGED Viewed

@@ -53,6 +53,7 @@ module.exports = {
     cmd_verify_url: 'التحقق من الرابط المختصر',
     cmd_save_share: 'حفظ إعدادات الوصول العام / المشاركة',
     cmd_get_page_config: 'استعلام إعدادات الوصول العام للصفحة',
+    cmd_externalize_form: 'Plan external access-safe mirror fields',
     group_report: 'التقارير',
     cmd_create_report: 'إنشاء تقرير Yida',
     cmd_append_chart: 'إضافة رسم بياني إلى تقرير موجود',

package/lib/core/locales/de.js CHANGED Viewed

@@ -53,6 +53,7 @@ module.exports = {
     cmd_verify_url: 'Kurz-URL überprüfen',
     cmd_save_share: 'Öffentlichen Zugang / Freigabe speichern',
     cmd_get_page_config: 'Öffentliche Zugangskonfiguration abfragen',
+    cmd_externalize_form: 'Plan external access-safe mirror fields',
     group_report: 'Berichte',
     cmd_create_report: 'Yida-Bericht erstellen',
     cmd_append_chart: 'Diagramm zu bestehendem Bericht hinzufügen',

package/lib/core/locales/en.js CHANGED Viewed

@@ -56,6 +56,7 @@ module.exports = {
     cmd_verify_url: 'Verify short URL',
     cmd_save_share: 'Save public access / share config',
     cmd_get_page_config: 'Query page public access config',
+    cmd_externalize_form: 'Plan external access-safe mirror fields',
     group_report: 'Reports',
     cmd_create_report: 'Create a Yida report',
     cmd_append_chart: 'Append chart to existing report',

package/lib/core/locales/es.js CHANGED Viewed

@@ -53,6 +53,7 @@ module.exports = {
     cmd_verify_url: 'Verificar URL corta',
     cmd_save_share: 'Guardar configuración de acceso público / compartir',
     cmd_get_page_config: 'Consultar configuración de acceso público',
+    cmd_externalize_form: 'Plan external access-safe mirror fields',
     group_report: 'Informes',
     cmd_create_report: 'Crear informe Yida',
     cmd_append_chart: 'Agregar gráfico a informe existente',

package/lib/core/locales/fr.js CHANGED Viewed

@@ -53,6 +53,7 @@ module.exports = {
     cmd_verify_url: 'Vérifier l\'URL courte',
     cmd_save_share: 'Enregistrer la configuration d\'accès public / partage',
     cmd_get_page_config: 'Consulter la configuration d\'accès public',
+    cmd_externalize_form: 'Plan external access-safe mirror fields',
     group_report: 'Rapports',
     cmd_create_report: 'Créer un rapport Yida',
     cmd_append_chart: 'Ajouter un graphique à un rapport existant',

package/lib/core/locales/hi.js CHANGED Viewed

@@ -53,6 +53,7 @@ module.exports = {
     cmd_verify_url: 'शॉर्ट URL सत्यापित करें',
     cmd_save_share: 'सार्वजनिक पहुंच / शेयर कॉन्फ़िगरेशन सहेजें',
     cmd_get_page_config: 'पेज सार्वजनिक पहुंच कॉन्फ़िगरेशन पूछें',
+    cmd_externalize_form: 'Plan external access-safe mirror fields',
     group_report: 'रिपोर्ट',
     cmd_create_report: 'Yida रिपोर्ट बनाएं',
     cmd_append_chart: 'मौजूदा रिपोर्ट में चार्ट जोड़ें',

package/lib/core/locales/ja.js CHANGED Viewed

@@ -55,6 +55,7 @@ module.exports = {
     cmd_verify_url: '短縮 URL を検証',
     cmd_save_share: '公開アクセス / 共有設定を保存',
     cmd_get_page_config: 'ページ公開アクセス設定を照会',
+    cmd_externalize_form: 'Plan external access-safe mirror fields',
     group_report: 'レポート',
     cmd_create_report: '宜搭レポートを作成',
     cmd_append_chart: '既存レポートにチャートを追加',

package/lib/core/locales/ko.js CHANGED Viewed

@@ -53,6 +53,7 @@ module.exports = {
     cmd_verify_url: '단축 URL 확인',
     cmd_save_share: '공개 접근 / 공유 설정 저장',
     cmd_get_page_config: '페이지 공개 접근 설정 조회',
+    cmd_externalize_form: 'Plan external access-safe mirror fields',
     group_report: '보고서',
     cmd_create_report: 'Yida 보고서 생성',
     cmd_append_chart: '기존 보고서에 차트 추가',

package/lib/core/locales/pt.js CHANGED Viewed

@@ -53,6 +53,7 @@ module.exports = {
     cmd_verify_url: 'Verificar URL curta',
     cmd_save_share: 'Salvar configuração de acesso público / compartilhamento',
     cmd_get_page_config: 'Consultar configuração de acesso público',
+    cmd_externalize_form: 'Plan external access-safe mirror fields',
     group_report: 'Relatórios',
     cmd_create_report: 'Criar relatório Yida',
     cmd_append_chart: 'Adicionar gráfico a relatório existente',

package/lib/core/locales/vi.js CHANGED Viewed

@@ -53,6 +53,7 @@ module.exports = {
     cmd_verify_url: 'Xác minh URL ngắn',
     cmd_save_share: 'Lưu cấu hình truy cập công khai / chia sẻ',
     cmd_get_page_config: 'Truy vấn cấu hình truy cập công khai',
+    cmd_externalize_form: 'Plan external access-safe mirror fields',
     group_report: 'Báo cáo',
     cmd_create_report: 'Tạo báo cáo Yida',
     cmd_append_chart: 'Thêm biểu đồ vào báo cáo hiện có',

package/lib/core/locales/zh-HK.js CHANGED Viewed

@@ -55,6 +55,7 @@ module.exports = {
     cmd_verify_url: '驗證短連結 URL',
     cmd_save_share: '儲存公開訪問 / 分享設定',
     cmd_get_page_config: '查詢頁面公開訪問設定',
+    cmd_externalize_form: '生成外部開放安全評估和鏡像欄位方案',
     group_report: '報表',
     cmd_create_report: '建立宜搭報表',
     cmd_append_chart: '向已有報表追加圖表',

package/lib/core/locales/zh.js CHANGED Viewed

@@ -56,6 +56,7 @@ module.exports = {
     cmd_verify_url: '验证短链接 URL',
     cmd_save_share: '保存公开访问 / 分享配置',
     cmd_get_page_config: '查询页面公开访问配置',
+    cmd_externalize_form: '生成外部开放安全评估和镜像字段方案',
     group_report: '报表',
     cmd_create_report: '创建宜搭报表',
     cmd_append_chart: '向已有报表追加图表',

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "openyida",
-  "version": "2026.5.21",
+  "version": "2026.5.25-beta.0",
   "description": "OpenYida CLI - 宜搭低代码 AI 开发工具（安装即用，零配置）",
   "bin": {
     "openyida": "bin/yida.js",