npm - sanook-cli - Versions diffs - 0.5.0 → 0.5.2 - Mend

sanook-cli 0.5.0 → 0.5.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (146) hide show

package/.env.example +161 -3
package/CHANGELOG.md +83 -5
package/README.md +240 -23
package/README.th.md +87 -6
package/dist/approval.js +6 -0
package/dist/bin.js +3045 -210
package/dist/brain-context.js +223 -0
package/dist/brain-doctor.js +318 -0
package/dist/brain-eval.js +186 -0
package/dist/brain-final.js +371 -0
package/dist/brain-review.js +382 -0
package/dist/brain.js +12 -1
package/dist/brand.js +1 -1
package/dist/cli-args.js +152 -0
package/dist/cli-option-values.js +16 -0
package/dist/commands.js +172 -13
package/dist/compaction.js +96 -11
package/dist/config.js +118 -28
package/dist/context-compression.js +191 -0
package/dist/cost.js +49 -15
package/dist/first-run.js +21 -0
package/dist/gateway/auth.js +37 -8
package/dist/gateway/bluebubbles.js +205 -0
package/dist/gateway/config.js +929 -0
package/dist/gateway/deliver.js +357 -0
package/dist/gateway/discord.js +124 -0
package/dist/gateway/email.js +472 -0
package/dist/gateway/googlechat.js +207 -0
package/dist/gateway/homeassistant.js +256 -0
package/dist/gateway/ledger.js +18 -0
package/dist/gateway/line.js +171 -0
package/dist/gateway/lock.js +3 -1
package/dist/gateway/matrix.js +366 -0
package/dist/gateway/mattermost.js +322 -0
package/dist/gateway/ntfy.js +218 -0
package/dist/gateway/schedule.js +31 -4
package/dist/gateway/serve.js +267 -7
package/dist/gateway/server.js +253 -19
package/dist/gateway/service.js +224 -0
package/dist/gateway/session.js +343 -0
package/dist/gateway/signal.js +351 -0
package/dist/gateway/slack.js +124 -0
package/dist/gateway/sms.js +169 -0
package/dist/gateway/targets.js +576 -0
package/dist/gateway/teams.js +106 -0
package/dist/gateway/telegram.js +38 -15
package/dist/gateway/webhooks.js +220 -0
package/dist/gateway/whatsapp.js +230 -0
package/dist/hooks.js +13 -2
package/dist/insights-args.js +35 -0
package/dist/insights.js +86 -0
package/dist/loop.js +123 -24
package/dist/lsp/index.js +23 -5
package/dist/mcp-registry.js +350 -0
package/dist/mcp-server.js +1 -1
package/dist/mcp.js +44 -6
package/dist/memory.js +100 -33
package/dist/orchestrate.js +49 -19
package/dist/personality.js +58 -0
package/dist/providers/codex.js +86 -38
package/dist/providers/keys.js +1 -1
package/dist/providers/models.js +22 -6
package/dist/providers/registry.js +38 -49
package/dist/search/chunk.js +7 -8
package/dist/search/cli.js +75 -0
package/dist/search/embed-store.js +3 -0
package/dist/search/indexer.js +44 -1
package/dist/search/store.js +23 -1
package/dist/session.js +93 -7
package/dist/skill-install.js +29 -12
package/dist/support-dump.js +175 -0
package/dist/tools/edit.js +45 -15
package/dist/tools/git.js +10 -5
package/dist/tools/homeassistant.js +106 -0
package/dist/tools/index.js +5 -0
package/dist/tools/list.js +19 -6
package/dist/tools/permission.js +923 -9
package/dist/tools/read.js +16 -4
package/dist/tools/schedule.js +19 -3
package/dist/tools/search.js +217 -13
package/dist/tools/task.js +18 -7
package/dist/tools/timeout.js +21 -3
package/dist/trust.js +11 -1
package/dist/ui/app.js +57 -11
package/dist/ui/brain-wizard.js +2 -2
package/dist/ui/history.js +37 -5
package/dist/ui/mentions.js +3 -2
package/dist/ui/render.js +55 -15
package/dist/ui/setup.js +107 -10
package/dist/update.js +24 -11
package/dist/worktree.js +175 -4
package/package.json +4 -4
package/second-brain/AGENTS.md +6 -4
package/second-brain/CLAUDE.md +7 -1
package/second-brain/Evals/_Index.md +10 -2
package/second-brain/Evals/quality-ledger.md +9 -1
package/second-brain/Evals/second-brain-benchmarks.md +62 -0
package/second-brain/GEMINI.md +5 -4
package/second-brain/Home.md +1 -1
package/second-brain/Projects/_Index.md +3 -1
package/second-brain/Projects/sanook-cli/_Index.md +26 -0
package/second-brain/Projects/sanook-cli/second-brain-feature-roadmap.md +156 -0
package/second-brain/README.md +1 -1
package/second-brain/Research/2026-06-17-ai-second-brain-method-experiment.md +108 -0
package/second-brain/Research/2026-06-18-ai-token-reduction-frameworks.md +55 -0
package/second-brain/Research/2026-06-18-hermes-cli-second-brain-expansion-research.md +160 -0
package/second-brain/Research/2026-06-18-sanook-mcp-ecosystem-and-ux-roadmap.md +181 -0
package/second-brain/Research/_Index.md +6 -1
package/second-brain/Reviews/2026-06-18-auto-improve-maintenance.md +54 -0
package/second-brain/Reviews/_Index.md +1 -1
package/second-brain/Runbooks/_Index.md +6 -1
package/second-brain/Runbooks/ai-second-brain-operating-sequence.md +108 -0
package/second-brain/SANOOK.md +45 -0
package/second-brain/Sessions/2026-06-17-ai-framework-additional-zones.md +68 -0
package/second-brain/Sessions/2026-06-17-ai-second-brain-sequence-experiment.md +63 -0
package/second-brain/Sessions/2026-06-18-cli-args-release-readiness.md +59 -0
package/second-brain/Sessions/2026-06-18-final-gate-template-final.md +192 -0
package/second-brain/Sessions/2026-06-18-final-gate-template.md +71 -0
package/second-brain/Sessions/2026-06-18-framework-dogfood-permission-and-memory.md +58 -0
package/second-brain/Sessions/2026-06-18-hermes-second-brain-expansion-research.md +52 -0
package/second-brain/Sessions/2026-06-18-mcp-ecosystem-and-sanook-ux-scan.md +81 -0
package/second-brain/Sessions/2026-06-18-sanook-brain-cli-p0-implementation.md +86 -0
package/second-brain/Sessions/2026-06-18-sanook-brain-final-cli-final.md +246 -0
package/second-brain/Sessions/2026-06-18-sanook-brain-final-cli.md +78 -0
package/second-brain/Sessions/2026-06-18-sanook-cli-second-brain-roadmap-correction.md +54 -0
package/second-brain/Sessions/2026-06-18-token-reduction-framework-integration.md +69 -0
package/second-brain/Sessions/_Index.md +15 -1
package/second-brain/Shared/AI-Context-Index.md +22 -0
package/second-brain/Shared/Context-Packs/_Index.md +9 -1
package/second-brain/Shared/Context-Packs/coding-release.md +51 -0
package/second-brain/Shared/Context-Packs/research-to-framework.md +51 -0
package/second-brain/Shared/Context-Packs/second-brain-maintenance.md +41 -0
package/second-brain/Shared/Operating-State/current-state.md +22 -3
package/second-brain/Shared/Scripts/_Index.md +3 -1
package/second-brain/Shared/Scripts/ai-second-brain-method-eval.mjs +198 -0
package/second-brain/Shared/Tech-Standards/_Index.md +4 -1
package/second-brain/Shared/Tech-Standards/mcp-integration-roadmap.md +86 -0
package/second-brain/Shared/Tech-Standards/verification-standard.md +24 -0
package/second-brain/Shared/User-Memory/_Index.md +4 -1
package/second-brain/Shared/User-Memory/response-examples.md +98 -0
package/second-brain/Shared/User-Memory/user-preferences.md +1 -0
package/second-brain/Templates/_Index.md +9 -0
package/second-brain/Templates/final-lite.md +111 -0
package/second-brain/Templates/final.md +231 -0
package/second-brain/Vault Structure Map.md +2 -1
package/skills/structured-output-llm/SKILL.md +1 -1

package/dist/commands.js CHANGED Viewed

@@ -1,29 +1,42 @@
 import { readdir, readFile } from 'node:fs/promises';
 import { join } from 'node:path';
-import { PROVIDERS, parseSpec } from './providers/registry.js';
+import { canonicalSpec, consoleUrl, hasUsableEnvKey, PROVIDERS, parseSpec } from './providers/registry.js';
 import { appHomePath, BRAND } from './brand.js';
 import { parseFrontmatter } from './skills.js';
 import { projectConfigPathIfTrusted } from './trust.js';
+import { normalizePersonalityName, personalityListText } from './personality.js';
+import { parseInsightsArgs } from './insights-args.js';
 const HELP_TEXT = `คำสั่ง:
   /help            แสดงคำสั่งทั้งหมด
+  /new, /reset      เริ่มบทสนทนาใหม่
+  /status          ดูสถานะ session ปัจจุบัน
   /model [spec]    ดู/เปลี่ยน model (เช่น /model opus, /model openai:gpt-5)
+  /personality [name]
+                   ดู/ตั้ง personality overlay
+  /platforms       ดู providers + messaging platforms ที่รองรับ
   /tools           ดู tools ที่ agent ใช้ได้
   /skills          ดูจำนวน skills (จัดการ: ${BRAND.cliName} skill list)
   /diff            ดู git diff (สิ่งที่ agent แก้ในรอบนี้)
+  /retry           รัน prompt ล่าสุดอีกครั้ง
+  /stop            หยุด turn ที่กำลังรัน
   /undo            stash การแก้ไฟล์ล่าสุด (กู้คืนด้วย git stash pop)
   /rewind          ย้อนกลับ 1 turn (คืนไฟล์ git + ตัดบทสนทนา, recoverable)
-  /cost            ดู token + cost รอบล่าสุด
+  /cost, /usage     ดู token + cost รอบล่าสุด
+  /insights [--days N] [--all]
+                   ดู usage/session insights ในเครื่อง
   ↑/↓ ประวัติ · @ไฟล์ แนบ context/รูป · \\ ลงท้าย = บรรทัดใหม่
   /clear           ล้าง conversation (เริ่มใหม่)
-  /compact         บีบ context (truncate · หรือ summarize ถ้าตั้ง compaction)
+  /compact, /compress
+                   บีบ context (truncate · หรือ summarize ถ้าตั้ง compaction)
   /quit            ออก
 นอก REPL (พิมพ์ใน shell):
-  ${BRAND.cliName} search "<q>" · index · brain init · serve · mcp serve · config set <k> <v>
+  ${BRAND.cliName} search "<q>" · index · brain init · brain context · brain eval · brain review · brain final · serve · mcp serve · config set <k> <v>
   ดูทั้งหมด: ${BRAND.cliName} --help
 custom commands:
-  ~/.sanook/commands/<name>.md และ .sanook/commands/<name>.md (project ต้อง trust ก่อน)`;
+  ~/.sanook/commands/<name>.md และ .sanook/commands/<name>.md (project ต้อง trust ก่อน)
+  args: ใช้ $ARGUMENTS หรือ {{ args }}; ถ้าไม่มี placeholder จะ append args ต่อท้าย`;
 const TOOLS_LIST = [
     'read_file (offset/limit) write_file edit_file (replace_all) list_dir glob grep run_bash',
     'git_status git_diff git_log git_commit',
@@ -32,6 +45,24 @@ const TOOLS_LIST = [
     'task task_parallel task_spawn task_collect task_cancel task_status   ← sub-agent (ขนาน/background)',
     'diagnostics   ← type error/lint จาก language server (LSP)',
 ].join('\n  ');
+const MESSAGING_PLATFORMS = [
+    'telegram',
+    'discord',
+    'slack',
+    'mattermost',
+    'homeassistant',
+    'email',
+    'line',
+    'sms',
+    'ntfy',
+    'signal',
+    'whatsapp',
+    'matrix',
+    'googlechat',
+    'bluebubbles',
+    'teams',
+    'webhooks',
+];
 export function parseSlashInvocation(input) {
     const trimmed = input.trim();
     if (!trimmed.startsWith('/'))
@@ -39,7 +70,10 @@ export function parseSlashInvocation(input) {
     const match = /^\/(\S+)(?:\s+([\s\S]*))?$/.exec(trimmed);
     if (!match)
         return null;
-    return { name: match[1].toLowerCase(), args: match[2] ?? '' };
+    const name = match[1].toLowerCase();
+    if (name !== '?' && !isValidCommandName(name))
+        return null;
+    return { name, args: match[2] ?? '' };
 }
 /** /model (ไม่มี arg) — โชว์ model ปัจจุบัน + ตัวเลือกของ provider นั้น (alias จาก registry) */
 function modelMenu(current) {
@@ -60,19 +94,81 @@ function modelMenu(current) {
         .filter(Boolean)
         .join('\n');
 }
+function missingKeyHint(provider) {
+    const cfg = PROVIDERS[provider];
+    if (!cfg?.requiresKey || hasUsableEnvKey(provider))
+        return undefined;
+    const url = consoleUrl(provider);
+    const lines = [
+        `⚠ ยังไม่มี API key ของ ${cfg.label} (${cfg.envVar}) — model นี้จะยังรันไม่ได้จนกว่าจะตั้ง key`,
+        url ? `  • เอา key ที่: ${url}` : undefined,
+        `  • ตั้ง: export ${cfg.envVar}="..." หรือรัน ${BRAND.cliName} เพื่อเข้า setup wizard`,
+    ].filter(Boolean);
+    if (provider === 'openai') {
+        lines.push('  • ถ้าต้องการใช้ ChatGPT plan ไม่ใช้ API key: /model codex แล้วรัน codex login');
+    }
+    return lines.join('\n');
+}
+function platformMenu() {
+    return [
+        `providers: ${Object.keys(PROVIDERS).join(' · ')}`,
+        `messaging: ${MESSAGING_PLATFORMS.join(' · ')}`,
+        `setup: ${BRAND.cliName} setup หรือ ${BRAND.cliName} gateway setup <platform>`,
+    ].join('\n');
+}
+function statusMenu(ctx) {
+    const { provider } = parseSpec(ctx.model);
+    const cfg = PROVIDERS[provider];
+    return [
+        `session: REPL`,
+        `model: ${ctx.model}`,
+        `provider: ${cfg?.label ?? provider}`,
+        `usage: ${ctx.costSummary ?? '(ยังไม่มี usage รอบนี้)'}`,
+        `platforms: พิมพ์ /platforms`,
+        `system status: ${BRAND.cliName} status`,
+    ].join('\n');
+}
+function modelChange(spec) {
+    const canonical = canonicalSpec(spec);
+    const { provider, model } = parseSpec(canonical);
+    if (!PROVIDERS[provider]) {
+        return {
+            handled: true,
+            message: `provider ไม่รองรับ: "${provider}" — รองรับ: ${Object.keys(PROVIDERS).join(' · ')}`,
+        };
+    }
+    if (!model) {
+        return {
+            handled: true,
+            message: `model spec ไม่ครบ: "${spec}" — ใช้ /model <alias> หรือ /model <provider:model>`,
+        };
+    }
+    const hint = missingKeyHint(provider);
+    return {
+        handled: true,
+        modelChange: canonical,
+        message: [`เปลี่ยน model → ${canonical}`, hint].filter(Boolean).join('\n'),
+    };
+}
 /** parse input — ถ้าขึ้นต้น / = slash command, ไม่งั้น handled=false (ส่งเข้า agent) */
 export function parseCommand(input, ctx) {
     const trimmed = input.trim();
     if (!trimmed.startsWith('/'))
         return { handled: false };
-    const [cmd, ...args] = trimmed.slice(1).split(/\s+/);
+    const [rawCmd, ...args] = trimmed.slice(1).split(/\s+/);
+    const cmd = rawCmd.toLowerCase();
     switch (cmd) {
         case 'help':
         case '?':
             return { handled: true, action: 'help', message: HELP_TEXT };
         case 'clear':
+        case 'new':
+        case 'reset':
             return { handled: true, action: 'clear', message: 'ล้าง conversation แล้ว' };
+        case 'status':
+            return { handled: true, message: statusMenu(ctx) };
         case 'compact':
+        case 'compress':
             return { handled: true, action: 'compact', message: 'บีบ context แล้ว' };
         case 'quit':
         case 'exit':
@@ -80,17 +176,46 @@ export function parseCommand(input, ctx) {
         case 'model':
             if (!args[0])
                 return { handled: true, message: modelMenu(ctx.model) };
-            return { handled: true, modelChange: args[0], message: `เปลี่ยน model → ${args[0]}` };
+            return modelChange(args[0]);
+        case 'personality': {
+            const raw = args.join(' ').trim();
+            if (!raw)
+                return { handled: true, message: personalityListText() };
+            const name = normalizePersonalityName(raw);
+            if (!name)
+                return { handled: true, message: `ไม่รู้จัก personality: ${raw}\n\n${personalityListText()}` };
+            return {
+                handled: true,
+                action: 'personality',
+                personalityChange: name === 'none' ? '' : name,
+                message: name === 'none' ? 'ปิด personality overlay แล้ว' : `ตั้ง personality → ${name}`,
+            };
+        }
         case 'tools':
             return { handled: true, message: `tools ที่ agent ใช้ได้ (+ MCP ที่ตั้งไว้):\n  ${TOOLS_LIST}` };
+        case 'platforms':
+            return { handled: true, message: platformMenu() };
         case 'skills':
             return { handled: true, message: `skills โหลดจาก built-in + ${appHomePath('skills')} — จัดการด้วย "${BRAND.cliName} skill list/add/remove"` };
         case 'diff':
             return { handled: true, action: 'diff' };
+        case 'retry':
+            return { handled: true, action: 'retry' };
+        case 'stop':
+            return { handled: true, action: 'stop', message: 'ไม่มี turn ที่กำลังทำงาน' };
         case 'undo':
             return { handled: true, action: 'undo' };
+        case 'rewind':
+            return { handled: true, action: 'rewind' };
         case 'cost':
+        case 'usage':
             return { handled: true, message: ctx.costSummary ?? '(ยังไม่มี usage รอบนี้)' };
+        case 'insights': {
+            const parsed = parseInsightsArgs(args);
+            if (parsed === null)
+                return { handled: true, message: 'ใช้: /insights [--days N] [--all] (N ต้องเป็นจำนวนวันบวก)' };
+            return { handled: true, action: 'insights', insightsDays: parsed.days, insightsAll: parsed.all };
+        }
         default:
             return { handled: true, message: `ไม่รู้จักคำสั่ง /${cmd} — พิมพ์ /help` };
     }
@@ -99,11 +224,44 @@ export function parseCommand(input, ctx) {
 // ไฟล์ markdown (frontmatter optional) = prompt template ที่ส่งเข้า agent. $ARGUMENTS = ส่วนหลังชื่อคำสั่ง
 // (เลียน Claude Code .claude/commands) — global ~/.sanook/commands + project .sanook/commands (project ทับ)
 export const BUILTIN_COMMANDS = new Set([
-    'help', '?', 'clear', 'compact', 'quit', 'exit', 'model', 'tools', 'skills', 'diff', 'undo', 'rewind', 'cost',
+    'help',
+    '?',
+    'clear',
+    'new',
+    'reset',
+    'status',
+    'compact',
+    'compress',
+    'quit',
+    'exit',
+    'model',
+    'personality',
+    'platforms',
+    'tools',
+    'skills',
+    'diff',
+    'retry',
+    'stop',
+    'undo',
+    'rewind',
+    'cost',
+    'usage',
+    'insights',
 ]);
 function isValidCommandName(name) {
     return /^[a-z0-9][a-z0-9-]{0,40}$/.test(name);
 }
+function compareCommandFiles(a, b) {
+    const an = a.toLowerCase();
+    const bn = b.toLowerCase();
+    if (an !== bn)
+        return an.localeCompare(bn);
+    if (a === an && b !== bn)
+        return 1;
+    if (a !== an && b === bn)
+        return -1;
+    return a.localeCompare(b);
+}
 /** scan custom commands จาก global + project (project override). ข้าม built-in ชื่อซ้ำ */
 export async function loadCustomCommands(cwd = process.cwd()) {
     const out = new Map();
@@ -119,10 +277,11 @@ export async function loadCustomCommands(cwd = process.cwd()) {
         catch {
             continue; // ไม่มีโฟลเดอร์ = ข้าม
         }
-        for (const f of files) {
-            if (!f.endsWith('.md'))
+        for (const f of files.sort(compareCommandFiles)) {
+            const normalizedFile = f.toLowerCase();
+            if (!normalizedFile.endsWith('.md'))
                 continue;
-            const name = f.slice(0, -3).toLowerCase();
+            const name = normalizedFile.slice(0, -3);
             if (!isValidCommandName(name) || BUILTIN_COMMANDS.has(name))
                 continue;
             try {
@@ -140,7 +299,7 @@ export async function loadCustomCommands(cwd = process.cwd()) {
 export function expandCustomCommand(cmd, args) {
     const a = args.trim();
     if (/\$ARGUMENTS|\{\{\s*args\s*\}\}/.test(cmd.body)) {
-        return cmd.body.replace(/\$ARGUMENTS|\{\{\s*args\s*\}\}/g, a);
+        return cmd.body.replace(/\$ARGUMENTS|\{\{\s*args\s*\}\}/g, () => a);
     }
     return a ? `${cmd.body}\n\n${a}` : cmd.body;
 }

package/dist/compaction.js CHANGED Viewed

@@ -1,6 +1,42 @@
+import { selectiveCompressText } from './context-compression.js';
 const TRUNC_HEAD = 400;
 const TRUNC_TAIL = 600;
 const CHARS_PER_TOKEN = 4; // ประมาณคร่าวๆ (จริง ~3.5-4 ต่อ token)
+const SELECTIVE_TOOL_TARGET_CHARS = 6_000;
+const SELECTIVE_TOOL_MIN_CHARS = 8_000;
+function textFromMessageContent(content) {
+    if (typeof content === 'string')
+        return content;
+    if (!Array.isArray(content))
+        return '';
+    return content
+        .map((part) => {
+        if (typeof part === 'object' && part && 'type' in part && part.type === 'text' && 'text' in part && typeof part.text === 'string')
+            return part.text;
+        return '';
+    })
+        .filter(Boolean)
+        .join('\n');
+}
+function latestUserText(messages) {
+    for (let i = messages.length - 1; i >= 0; i--) {
+        if (messages[i].role !== 'user')
+            continue;
+        const text = textFromMessageContent(messages[i].content).trim();
+        if (text)
+            return text;
+    }
+    return undefined;
+}
+function adaptiveStaleTarget(baseTarget, rank, count) {
+    if (count <= 1)
+        return baseTarget;
+    const recency = rank / Math.max(1, count - 1); // 0 = oldest, 1 = newest stale
+    return Math.max(1_500, Math.floor(baseTarget * (0.35 + 0.65 * recency)));
+}
+function adaptiveMinChars(targetChars, baseMinChars) {
+    return Math.min(baseMinChars, Math.max(targetChars + 1_000, Math.floor(targetChars * 1.45)));
+}
 /** ตัดข้อความยาว เก็บหัว (intent) + ท้าย (error/result) */
 export function truncateText(s) {
     if (s.length <= TRUNC_HEAD + TRUNC_TAIL + 40)
@@ -16,23 +52,72 @@ export function truncateText(s) {
  */
 export function pruneToolResults(messages, keepTail = 4) {
     const cut = Math.max(0, messages.length - keepTail);
-    return messages.map((m, i) => {
+    let changed = false;
+    const out = messages.map((m, i) => {
         if (i >= cut)
             return m;
         if (m.role !== 'tool' || !Array.isArray(m.content))
             return m;
-        return {
-            ...m,
-            content: m.content.map((part) => {
-                if (part.type === 'tool-result' &&
-                    part.output?.type === 'text' &&
-                    typeof part.output.value === 'string') {
-                    return { ...part, output: { ...part.output, value: truncateText(part.output.value) } };
+        const content = m.content.map((part) => {
+            if (part.type === 'tool-result' &&
+                part.output?.type === 'text' &&
+                typeof part.output.value === 'string') {
+                const compressed = selectiveCompressText(part.output.value, {
+                    targetChars: SELECTIVE_TOOL_TARGET_CHARS,
+                    minChars: SELECTIVE_TOOL_MIN_CHARS,
+                });
+                if (compressed.changed) {
+                    changed = true;
+                    return { ...part, output: { ...part.output, value: compressed.text } };
+                }
+                const truncated = truncateText(part.output.value);
+                if (truncated !== part.output.value) {
+                    changed = true;
+                    return { ...part, output: { ...part.output, value: truncated } };
+                }
+            }
+            return part;
+        });
+        return content === m.content ? m : { ...m, content };
+    });
+    return changed ? out : messages;
+}
+/**
+ * Per-step token optimizer (zero LLM cost).
+ * Compresses stale, very large tool results before each model request while keeping the latest tail full.
+ */
+export function selectivelyCompressStaleToolResults(messages, keepTail = 6, targetChars = SELECTIVE_TOOL_TARGET_CHARS, minChars = SELECTIVE_TOOL_MIN_CHARS, query = latestUserText(messages)) {
+    const cut = Math.max(0, messages.length - keepTail);
+    const staleToolIndexes = messages
+        .map((m, i) => ({ m, i }))
+        .filter(({ m, i }) => i < cut && m.role === 'tool' && Array.isArray(m.content))
+        .map(({ i }) => i);
+    const rankByIndex = new Map(staleToolIndexes.map((index, rank) => [index, rank]));
+    let changed = false;
+    const out = messages.map((m, i) => {
+        if (i >= cut)
+            return m;
+        if (m.role !== 'tool' || !Array.isArray(m.content))
+            return m;
+        let messageChanged = false;
+        const adaptiveTarget = adaptiveStaleTarget(targetChars, rankByIndex.get(i) ?? 0, staleToolIndexes.length);
+        const adaptiveMin = adaptiveMinChars(adaptiveTarget, minChars);
+        const content = m.content.map((part) => {
+            if (part.type === 'tool-result' &&
+                part.output?.type === 'text' &&
+                typeof part.output.value === 'string') {
+                const compressed = selectiveCompressText(part.output.value, { targetChars: adaptiveTarget, minChars: adaptiveMin, query });
+                if (compressed.changed) {
+                    changed = true;
+                    messageChanged = true;
+                    return { ...part, output: { ...part.output, value: compressed.text } };
                 }
-                return part;
-            }),
-        };
+            }
+            return part;
+        });
+        return messageChanged ? { ...m, content } : m;
     });
+    return changed ? out : messages;
 }
 /** ประมาณ token ของ conversation (chars/4) — ไม่เป๊ะแต่พอใช้ตัดสิน compact */
 export function estimateTokens(messages) {

package/dist/config.js CHANGED Viewed

@@ -7,7 +7,10 @@ import { registerPricing } from './cost.js';
 export const CONFIG_DIR = appHomePath();
 const CONFIG_PATH = join(CONFIG_DIR, 'config.json');
 const AUTH_PATH = join(CONFIG_DIR, 'auth.json'); // API keys (chmod 0600)
-export const PricingOverrideSchema = z.record(z.string(), z
+const AUTH_ENV_VAR_RE = /^[A-Za-z_][A-Za-z0-9_]*$/;
+const RESERVED_AUTH_KEYS = new Set(['__proto__', 'constructor', 'prototype']);
+const PricingKeySchema = z.string().regex(/^[^:\s]+:\S+$/, 'key ต้องเป็น provider:model');
+export const PricingOverrideSchema = z.record(PricingKeySchema, z
     .object({
     input: z.number().finite().nonnegative().optional(),
     output: z.number().finite().nonnegative().optional(),
@@ -33,39 +36,68 @@ export const ConfigSchema = z.object({
     cacheTtl: z.enum(['5m', '1h']).catch('5m').default('5m'),
     // วิธีบีบ context ตอนยาว: 'truncate' (default, zero-LLM) · 'summarize' (ใช้ model ถูกย่อ — จำ context ได้ดีกว่า)
     compaction: z.enum(['truncate', 'summarize']).catch('truncate').default('truncate'),
+    // token reducer: off, local zero-LLM selective compressor, or optional Headroom proxy adapter.
+    contextCompression: z.enum(['off', 'selective', 'headroom']).catch('selective').default('selective'),
     // extended thinking (Anthropic): false/ไม่ตั้ง = ปิด · true = budget default · number = budget tokens
     thinking: z.union([z.boolean(), z.number().int().positive()]).optional().catch(undefined),
     // model สำหรับย่อ (compaction=summarize) — ไม่ตั้ง = ใช้ fast-sibling ของ model หลัก (ค่ายเดียวกัน ถูกกว่า)
     summaryModel: z.string().optional().catch(undefined),
+    // model สำหรับ semantic search embeddings (เช่น openai:text-embedding-3-small)
+    embeddingModel: z.string().optional().catch(undefined),
+    // Hermes-style /personality overlay (stored as a small named prompt)
+    personality: z.string().optional().catch(undefined),
 });
 const DEFAULT_THINKING_BUDGET = 4096;
+function normalizeThinkingBudget(value) {
+    const budget = Math.floor(value);
+    return Number.isSafeInteger(budget) && budget > 0 ? budget : undefined;
+}
 /** parse thinking config (config field หรือ env) → budget tokens (undefined = ปิด) */
 function parseThinking(v) {
-    if (typeof v === 'number' && v > 0)
-        return Math.floor(v);
+    if (typeof v === 'number' && Number.isFinite(v))
+        return normalizeThinkingBudget(v);
     if (v === true)
         return DEFAULT_THINKING_BUDGET;
     if (typeof v === 'string') {
-        if (/^\d+$/.test(v))
-            return Number.parseInt(v, 10);
-        if (['on', 'true', '1', 'yes'].includes(v.toLowerCase()))
+        const clean = v.trim();
+        if (/^\d+$/.test(clean))
+            return normalizeThinkingBudget(Number(clean));
+        if (['on', 'true', '1', 'yes'].includes(clean.toLowerCase()))
             return DEFAULT_THINKING_BUDGET;
     }
     return undefined;
 }
+function trimmedString(v) {
+    if (typeof v !== 'string')
+        return undefined;
+    const clean = v.trim();
+    return clean ? clean : undefined;
+}
+function parseCacheTtl(v) {
+    const clean = trimmedString(v);
+    return clean === '5m' || clean === '1h' ? clean : undefined;
+}
+function parseCompaction(v) {
+    const clean = trimmedString(v);
+    return clean === 'truncate' || clean === 'summarize' ? clean : undefined;
+}
+function parseContextCompression(v) {
+    const clean = trimmedString(v);
+    return clean === 'off' || clean === 'selective' || clean === 'headroom' ? clean : undefined;
+}
 /**
  * อ่าน tuning knobs (cache TTL / thinking / compaction / summary model) จาก global config.json
- * + env override (SANOOK_CACHE_TTL / SANOOK_THINKING / SANOOK_COMPACTION / SANOOK_SUMMARY_MODEL).
+ * + env override (SANOOK_CACHE_TTL / SANOOK_THINKING / SANOOK_COMPACTION / SANOOK_CONTEXT_COMPRESSION / SANOOK_SUMMARY_MODEL).
  * อ่านตรงจาก config.json (เลี่ยง thread ผ่าน call stack ลึก) — เบา, เรียกครั้งเดียวต่อ turn.
  */
 export async function agentTuning() {
     const raw = await readGlobalConfigRaw();
-    const envTtl = process.env.SANOOK_CACHE_TTL;
-    const cacheTtl = envTtl === '1h' || (envTtl !== '5m' && raw.cacheTtl === '1h') ? '1h' : '5m';
-    const thinkingBudget = parseThinking(process.env.SANOOK_THINKING ?? raw.thinking);
-    const compaction = (process.env.SANOOK_COMPACTION ?? raw.compaction) === 'summarize' ? 'summarize' : 'truncate';
-    const summaryModel = process.env.SANOOK_SUMMARY_MODEL ?? (typeof raw.summaryModel === 'string' ? raw.summaryModel : undefined);
-    return { cacheTtl, thinkingBudget, compaction, summaryModel };
+    const cacheTtl = parseCacheTtl(process.env.SANOOK_CACHE_TTL) ?? parseCacheTtl(raw.cacheTtl) ?? '5m';
+    const thinkingBudget = parseThinking(trimmedString(process.env.SANOOK_THINKING) ?? raw.thinking);
+    const compaction = parseCompaction(process.env.SANOOK_COMPACTION) ?? parseCompaction(raw.compaction) ?? 'truncate';
+    const contextCompression = parseContextCompression(process.env.SANOOK_CONTEXT_COMPRESSION) ?? parseContextCompression(raw.contextCompression) ?? 'selective';
+    const summaryModel = trimmedString(process.env.SANOOK_SUMMARY_MODEL) ?? trimmedString(raw.summaryModel);
+    return { cacheTtl, thinkingBudget, compaction, contextCompression, summaryModel };
 }
 async function readJson(path) {
     try {
@@ -76,9 +108,18 @@ async function readJson(path) {
         return {}; // ไม่มีไฟล์ / parse ไม่ได้ = ใช้ default
     }
 }
+// key ที่ untrusted project ตั้งไม่ได้ (ต้อง `sanook trust` ก่อน):
+//  - permissionMode: auto = auto-approve mutation (รัน bash/แก้ไฟล์ไม่ถาม) — อันตรายสุด
+//  - budgetUsd: repo อันตรายตั้งสูงๆ = ปิด spend cap ของ user (เปลืองเงินจริง)
+//  - pricing: ตั้งราคาปลอม = ทำให้ budget cap ไม่ trigger (ซ่อน cost / bypass cap)
+// (model/maxSteps/embeddingModel ฯลฯ ปล่อยได้ — เป็น preference ที่ user เห็น/override ได้ และตอนนี้ถูกคุมด้วย budget จริงของ user)
+const UNTRUSTED_PROJECT_DENY = new Set(['permissionMode', 'budgetUsd', 'pricing']);
 function sanitizeUntrustedProjectConfig(cfg) {
-    const out = { ...cfg };
-    delete out.permissionMode;
+    const out = {};
+    for (const [k, v] of Object.entries(cfg)) {
+        if (!UNTRUSTED_PROJECT_DENY.has(k))
+            out[k] = v;
+    }
     return out;
 }
 /**
@@ -113,16 +154,29 @@ function parseEnvPricing() {
     if (!raw)
         return undefined;
     try {
-        const parsed = JSON.parse(raw);
-        const res = PricingOverrideSchema.safeParse(parsed);
-        return res.success ? res.data : undefined;
+        return parsePricingOverride(raw);
     }
     catch {
         return undefined; // JSON ไม่ถูก = ข้าม (ไม่ทำให้ boot ล้ม)
     }
 }
 export function parsePricingOverride(raw) {
-    return PricingOverrideSchema.parse(JSON.parse(raw));
+    let parsed;
+    try {
+        parsed = JSON.parse(raw);
+    }
+    catch {
+        throw new Error('pricing JSON parse ไม่สำเร็จ');
+    }
+    const res = PricingOverrideSchema.safeParse(parsed);
+    if (!res.success) {
+        const details = res.error.issues
+            .slice(0, 3)
+            .map((issue) => `${issue.path.length ? issue.path.join('.') : 'pricing'}: ${issue.message}`)
+            .join('; ');
+        throw new Error(`pricing schema ไม่ถูกต้อง${details ? ` — ${details}` : ''}`);
+    }
+    return res.data;
 }
 /** ครั้งแรกที่รัน (ยังไม่มี global config) → ต้องทำ setup wizard */
 export async function isFirstRun() {
@@ -152,6 +206,23 @@ export async function saveBrainPath(path) {
 export async function readGlobalConfigRaw() {
     return readJson(CONFIG_PATH);
 }
+/** path ของ auth.json (ใช้โชว์ใน CLI เท่านั้น; ห้าม print raw secret) */
+export function authConfigPath() {
+    return AUTH_PATH;
+}
+function isSafeAuthEnvVarName(name) {
+    return AUTH_ENV_VAR_RE.test(name) && !RESERVED_AUTH_KEYS.has(name);
+}
+/** อ่าน auth.json ดิบแบบกรองเฉพาะ string values — caller ต้อง redact ก่อนโชว์ */
+export async function readStoredAuthRaw() {
+    const raw = await readJson(AUTH_PATH);
+    const auth = {};
+    for (const [k, v] of Object.entries(raw)) {
+        if (isSafeAuthEnvVarName(k) && typeof v === 'string')
+            auth[k] = v;
+    }
+    return auth;
+}
 /** merge patch ลง config.json (สำหรับ `sanook config set`) */
 export async function patchGlobalConfig(patch) {
     await mkdir(CONFIG_DIR, { recursive: true });
@@ -161,25 +232,44 @@ export async function patchGlobalConfig(patch) {
 }
 /** บันทึก API key ลง ~/.sanook/auth.json (chmod 0600) + set env ทันทีสำหรับ session นี้ */
 export async function saveKey(envVar, key) {
+    if (!isSafeAuthEnvVarName(envVar))
+        throw new Error(`env var ไม่ถูกต้อง: ${envVar}`);
     await mkdir(CONFIG_DIR, { recursive: true });
-    let auth = {};
-    try {
-        auth = JSON.parse(await readFile(AUTH_PATH, 'utf8'));
-    }
-    catch {
-        /* ยังไม่มีไฟล์ */
-    }
+    const auth = await readStoredAuthRaw();
     auth[envVar] = key;
     await writeFile(AUTH_PATH, `${JSON.stringify(auth, null, 2)}\n`, { mode: 0o600 });
     await chmod(AUTH_PATH, 0o600); // เจ้าของอ่าน/เขียนเท่านั้น
     process.env[envVar] = key;
 }
+/** ลบ key ที่ Sanook เก็บไว้ใน auth.json (ไม่แตะ env จริงของ shell ภายนอก) */
+export async function removeStoredKey(envVar) {
+    if (!isSafeAuthEnvVarName(envVar))
+        return false;
+    await mkdir(CONFIG_DIR, { recursive: true });
+    const auth = await readStoredAuthRaw();
+    if (!Object.prototype.hasOwnProperty.call(auth, envVar))
+        return false;
+    delete auth[envVar];
+    await writeFile(AUTH_PATH, `${JSON.stringify(auth, null, 2)}\n`, { mode: 0o600 });
+    await chmod(AUTH_PATH, 0o600).catch(() => { });
+    delete process.env[envVar];
+    return true;
+}
+/** ล้าง auth.json ที่ Sanook เก็บไว้ทั้งหมด */
+export async function clearStoredAuth() {
+    await mkdir(CONFIG_DIR, { recursive: true });
+    const auth = await readStoredAuthRaw();
+    for (const envVar of Object.keys(auth))
+        delete process.env[envVar];
+    await writeFile(AUTH_PATH, '{}\n', { mode: 0o600 });
+    await chmod(AUTH_PATH, 0o600).catch(() => { });
+}
 /** โหลด key จาก auth.json เข้า env ตอน boot (ไม่ override env ที่ตั้งไว้แล้ว) */
 export async function loadKeysIntoEnv() {
     try {
-        const auth = JSON.parse(await readFile(AUTH_PATH, 'utf8'));
+        const auth = await readStoredAuthRaw();
         for (const [k, v] of Object.entries(auth)) {
-            if (!process.env[k] && typeof v === 'string')
+            if (!process.env[k])
                 process.env[k] = v;
         }
     }