shellwise 0.2.9 → 0.3.0

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "shellwise",
-  "version": "0.2.9",
+  "version": "0.3.0",
   "description": "Smart command history with inline auto-suggest and fuzzy search for your terminal",
   "type": "module",
   "bin": {

package/src/cli/init.ts

@@ -25,48 +25,80 @@ typeset -ga __sw_suggestions=()
 typeset -g __sw_selected=0
 typeset -g __sw_fd=""
 typeset -g __sw_ready=0
+# ─── Daemon connection (self-healing, Unix socket) ─────────
+# Unix-domain socket: protected by filesystem permissions (0600), unlike a
+# guessable localhost TCP port with no auth. The daemon idle-exits after
+# inactivity, so the shell must reconnect on demand — otherwise a long-idle
+# pane loses suggest forever.
+
+typeset -g __sw_sock="/tmp/shellwise-\${UID}.sock"
+
+# Is the daemon process alive? No fork (kill -0 + \$(<file) are builtins).
+__sw_daemon_alive() {
+  local pf="/tmp/shellwise-\${UID}.pid"
+  [[ -f "\$pf" ]] || return 1
+  local lines=("\${(@f)\$(<\$pf)}")
+  kill -0 \${lines[1]:-0} 2>/dev/null
+}
+
+# (Re)establish the persistent connection. No fork while typing.
+__sw_connect() {
+  __sw_ready=0
+  [[ -n "\$__sw_fd" ]] && { zsocket -c \$__sw_fd 2>/dev/null; __sw_fd="" }
+  [[ -S "\$__sw_sock" ]] || return 1
+  zsocket "\$__sw_sock" 2>/dev/null || return 1
+  __sw_fd=\$REPLY
+  __sw_ready=1
+}
 
-# Load TCP module + connect at shell startup
-zmodload zsh/net/tcp 2>/dev/null && {
-  # Read daemon port from PID file
-  local __sw_pidfile="/tmp/shellwise-\${UID}.pid"
-  if [[ ! -f "\$__sw_pidfile" ]]; then
+# Load socket module + connect at shell startup
+zmodload zsh/net/socket 2>/dev/null && {
+  if [[ ! -S "\$__sw_sock" ]]; then
     # Start daemon in background (non-blocking)
     command ${bin} daemon start &>/dev/null &!
     sleep 0.3
   fi
-  if [[ -f "\$__sw_pidfile" ]]; then
-    local __sw_port=\${"\$(sed -n 2p "\$__sw_pidfile")":-0}
-    if [[ \$__sw_port -gt 0 ]]; then
-      ztcp 127.0.0.1 \$__sw_port 2>/dev/null && {
-        __sw_fd=\$REPLY
-        __sw_ready=1
-      }
-    fi
-  fi
+  __sw_connect
 }
 
-# ─── Persistent TCP query (no connect/disconnect overhead) ─
+# ─── Persistent query (no connect/disconnect overhead) ─────
 
 typeset -ga __sw_tcp_result=()
 
-__sw_tcp_query() {
+# Args: TYPE field1 field2 ...  Fields are joined with REAL tabs and sent raw
+# (print -r) so a literal backslash-t/-n the user typed is preserved; any REAL
+# tab/newline (e.g. from a paste) is stripped to a space so it cannot break
+# the protocol framing.
+__sw_query() {
   __sw_tcp_result=()
-  [[ \$__sw_ready -ne 1 ]] && return 1
 
-  # Send request
-  print -u \$__sw_fd "\$1" 2>/dev/null || {
-    # Connection broken — mark unavailable
-    __sw_ready=0
-    return 1
-  }
+  # Neutralize SIGPIPE: writing to a daemon that has idle-exited must return
+  # a recoverable error, never raise a signal that freezes the line editor.
+  setopt local_options local_traps
+  trap '' PIPE
 
-  # Read response lines until empty line
-  local line
-  while IFS= read -r -t 0.1 -u \$__sw_fd line 2>/dev/null; do
-    [[ -z "\$line" ]] && break
-    __sw_tcp_result+=("\$line")
+  local -a __sw_fields=()
+  local __sw_f
+  for __sw_f in "\$@"; do __sw_fields+=("\${__sw_f//[\$'\\t\\n']/ }"); done
+  local __sw_req="\${(pj:\\t:)__sw_fields}"
+
+  # (Re)connect if needed — daemon may have idle-exited or restarted
+  [[ \$__sw_ready -ne 1 ]] && { __sw_connect || return 1 }
+
+  # Send raw; one transparent reconnect+retry on a stale connection
+  if ! print -ru \$__sw_fd -- "\$__sw_req" 2>/dev/null; then
+    __sw_connect && print -ru \$__sw_fd -- "\$__sw_req" 2>/dev/null || { __sw_ready=0; return 1 }
+  fi
+
+  # Read until the blank-line terminator. A timeout means an incomplete
+  # response (slow/dead daemon) — reconnect to drain leftover bytes so the
+  # next query cannot read a stale response (protocol desync).
+  local __sw_line __sw_got=0
+  while IFS= read -r -t 0.2 -u \$__sw_fd __sw_line 2>/dev/null; do
+    [[ -z "\$__sw_line" ]] && { __sw_got=1; break }
+    __sw_tcp_result+=("\$__sw_line")
   done
+  [[ \$__sw_got -eq 1 ]] || { __sw_connect; return 1 }
 
   [[ \${#__sw_tcp_result} -gt 0 ]]
 }
@@ -87,8 +119,11 @@ __sw_precmd() {
       duration=\${duration%%.*}
     fi
 
-    # Save via persistent TCP (instant) or fallback to background process
-    __sw_tcp_query "ADD\\t\$__SW_COMMAND\\t\$PWD\\t\$exit_code\\t\$duration\\t\$SW_SESSION_ID\\tzsh" || \\
+    # Save via persistent TCP (instant). On failure, restart a dead daemon
+    # (a fork between commands is fine) so the next keystroke can reconnect,
+    # and fall back to a direct write for this command.
+    if ! __sw_query ADD "\$__SW_COMMAND" "\$PWD" "\$exit_code" "\$duration" "\$SW_SESSION_ID" zsh; then
+      __sw_daemon_alive || command ${bin} daemon start &>/dev/null &!
       command ${bin} add \\
         --command "\$__SW_COMMAND" \\
         --cwd "\$PWD" \\
@@ -96,6 +131,7 @@ __sw_precmd() {
         --duration "\$duration" \\
         --session "\$SW_SESSION_ID" \\
         --shell "zsh" &!
+    fi
 
     # Show update notice if available
     local __sw_line
@@ -145,15 +181,17 @@ __sw_render() {
 __sw_suggest() {
   [[ "\$BUFFER" == "\$__sw_prev_buffer" ]] && return
   __sw_prev_buffer="\$BUFFER"
-  __sw_selected=0
+  # -1 = cursor on the typed line, no item selected yet (Enter runs BUFFER).
+  # Tab moves into the list (0 = first item).
+  __sw_selected=-1
   __sw_suggestions=()
   POSTDISPLAY=""
   region_highlight=()
 
   [[ \${#BUFFER} -lt 2 ]] && return
 
-  # TCP query only — no fallback, never spawn process during typing
-  __sw_tcp_query "SUGGEST\\t\$BUFFER\\t5" || return
+  # Socket query only — no fallback, never spawn process during typing
+  __sw_query SUGGEST "\$BUFFER" 5 || return
 
   __sw_suggestions=("\${__sw_tcp_result[@]}")
   __sw_render
@@ -191,7 +229,12 @@ __sw_next() {
 
 __sw_prev() {
   if [[ \${#__sw_suggestions} -gt 0 ]]; then
-    __sw_selected=\$(( (__sw_selected - 1 + \${#__sw_suggestions}) % \${#__sw_suggestions} ))
+    if [[ \$__sw_selected -lt 0 ]]; then
+      # From the typed line, Shift+Tab wraps to the last item
+      __sw_selected=\$(( \${#__sw_suggestions} - 1 ))
+    else
+      __sw_selected=\$(( (__sw_selected - 1 + \${#__sw_suggestions}) % \${#__sw_suggestions} ))
+    fi
     __sw_render
   else
     zle .reverse-menu-complete
@@ -201,16 +244,18 @@ __sw_prev() {
 # ─── Enter: accept selected or execute ─────────────────────
 
 __sw_accept_line() {
-  if [[ \${#__sw_suggestions} -gt 0 ]]; then
+  # Only replace BUFFER when the user has actually moved into the list
+  # (Tab/Shift+Tab → __sw_selected >= 0). With nothing selected, Enter runs
+  # exactly what was typed.
+  if [[ \${#__sw_suggestions} -gt 0 && \$__sw_selected -ge 0 ]]; then
     BUFFER="\${__sw_suggestions[\$(( __sw_selected + 1 ))]}"
     CURSOR=\${#BUFFER}
-    POSTDISPLAY=""
-    region_highlight=()
-    __sw_suggestions=()
-    __sw_prev_buffer="\$BUFFER"
-  else
-    zle .accept-line
   fi
+  POSTDISPLAY=""
+  region_highlight=()
+  __sw_suggestions=()
+  __sw_prev_buffer="\$BUFFER"
+  zle .accept-line
 }
 
 # ─── Escape: clear suggestions ─────────────────────────────
@@ -230,7 +275,9 @@ __sw_dismiss() {
 
 __sw_forward_char() {
   if [[ \${#__sw_suggestions} -gt 0 && \$CURSOR -eq \${#BUFFER} ]]; then
-    BUFFER="\${__sw_suggestions[\$(( __sw_selected + 1 ))]}"
+    # Accept inline: nothing selected yet → take the top item (index 1)
+    local idx=\$(( __sw_selected < 0 ? 1 : __sw_selected + 1 ))
+    BUFFER="\${__sw_suggestions[\$idx]}"
     CURSOR=\${#BUFFER}
     POSTDISPLAY=""
     region_highlight=()

package/src/cli/suggest.ts

@@ -1,4 +1,5 @@
 import { getDb } from "../db/connection";
+import { FRECENCY_EXPR } from "../db/frecency";
 import { getCommonSuggestions } from "../data/common-commands";
 
 /**
@@ -18,7 +19,7 @@ export function runSuggest(query: string, limit: number = 5): void {
     .query<{ command: string }, [string, number]>(
       `SELECT command FROM command_stats
        WHERE command LIKE ? || '%' ESCAPE '\\'
-       ORDER BY frecency_score DESC
+       ORDER BY ${FRECENCY_EXPR} DESC
        LIMIT ?`
     )
     .all(escapedQuery, limit);
@@ -36,7 +37,7 @@ export function runSuggest(query: string, limit: number = 5): void {
       .query<{ command: string }, [string, string, number]>(
         `SELECT command FROM command_stats
          WHERE command LIKE '%' || ? || '%' ESCAPE '\\' AND command != ?
-         ORDER BY frecency_score DESC
+         ORDER BY ${FRECENCY_EXPR} DESC
          LIMIT ?`
       )
       .all(escapedQuery, query, remaining + historyResults.length);

package/src/daemon/protocol.ts

@@ -53,16 +53,21 @@ export function parseRequest(raw: string): Request | null {
   switch (type) {
     case "SUGGEST":
       return { type: "SUGGEST", query: parts[1] || "", limit: parseInt(parts[2]) || 5 };
-    case "ADD":
+    case "ADD": {
+      // Distinguish a real 0 from an unparseable/missing field (a desynced
+      // line must not masquerade as a successful exit code 0).
+      const exit = parseInt(parts[3]);
+      const dur = parseInt(parts[4]);
       return {
         type: "ADD",
         command: parts[1] || "",
         cwd: parts[2] || "",
-        exitCode: parseInt(parts[3]) || 0,
-        duration: parseInt(parts[4]) || 0,
+        exitCode: Number.isNaN(exit) ? -1 : exit,
+        duration: Number.isNaN(dur) ? 0 : dur,
         session: parts[5] || "",
         shell: parts[6] || "",
       };
+    }
     case "STOP":
       return { type: "STOP" };
     case "PING":
@@ -77,12 +82,6 @@ export function getSocketPath(): string {
   return `/tmp/shellwise-${uid}.sock`;
 }
 
-/** TCP port = 19850 + (uid % 100) to avoid collisions */
-export function getDaemonPort(): number {
-  const uid = process.getuid?.() ?? 501;
-  return 19850 + (uid % 100);
-}
-
 export function getPidPath(): string {
   const uid = process.getuid?.() ?? process.pid;
   return `/tmp/shellwise-${uid}.pid`;

package/src/daemon/server.ts

@@ -3,14 +3,17 @@ import { insertCommand } from "../db/queries";
 import { getHostname } from "../utils/platform";
 import { getCommonSuggestions } from "../data/common-commands";
 import { checkForUpdate, getUpdateNotice } from "../utils/update-check";
-import { parseRequest, getSocketPath, getPidPath, getDaemonPort } from "./protocol";
-import { unlinkSync, writeFileSync, existsSync } from "fs";
+import { parseRequest, getSocketPath, getPidPath } from "./protocol";
+import { FRECENCY_EXPR } from "../db/frecency";
+import { unlinkSync, writeFileSync, existsSync, chmodSync } from "fs";
 import type { Socket } from "bun";
+
+// Reject a connection that floods us without ever sending a newline.
+const MAX_LINE_BYTES = 64 * 1024;
 const IDLE_TIMEOUT = 30 * 60_000; // 30 min
 
 let idleTimer: ReturnType<typeof setTimeout> | null = null;
 let server: ReturnType<typeof Bun.listen> | null = null;
-let tcpServer: ReturnType<typeof Bun.listen> | null = null;
 let updateNotified = false;
 
 // Pre-warm DB + prepared statements on start
@@ -22,13 +25,13 @@ function initPreparedStatements() {
   suggestPrefix = db.prepare(
     `SELECT command FROM command_stats
      WHERE command LIKE ?1 || '%' ESCAPE '\\'
-     ORDER BY last_used_at DESC
+     ORDER BY ${FRECENCY_EXPR} DESC
      LIMIT ?2`
   );
   suggestContains = db.prepare(
     `SELECT command FROM command_stats
      WHERE command LIKE '%' || ?1 || '%' ESCAPE '\\' AND command != ?1
-     ORDER BY last_used_at DESC
+     ORDER BY ${FRECENCY_EXPR} DESC
      LIMIT ?2`
   );
 }
@@ -151,37 +154,42 @@ export function startServer(): void {
   initPreparedStatements();
 
   const socketHandlers = {
+    open(socket: Socket) {
+      // Per-connection accumulator: TCP/stream sockets don't preserve message
+      // boundaries, so buffer partial reads and only act on complete lines.
+      (socket as unknown as { buf: string }).buf = "";
+    },
     data(socket: Socket, data: Buffer) {
-      const lines = data.toString().split("\n");
-      for (const line of lines) {
-        if (line.trim()) {
-          const response = handleRequest(line);
-          socket.write(response);
-        }
+      const state = socket as unknown as { buf: string };
+      let buf = state.buf + data.toString();
+      let nl: number;
+      while ((nl = buf.indexOf("\n")) >= 0) {
+        const line = buf.slice(0, nl);
+        buf = buf.slice(nl + 1);
+        if (line.trim()) socket.write(handleRequest(line));
       }
+      // Drop a pathologically long line with no terminator (flood guard)
+      state.buf = buf.length > MAX_LINE_BYTES ? "" : buf;
     },
-    open() {},
     close() {},
     error(_socket: Socket, error: Error) {
       console.error("[shellwise daemon] socket error:", error.message);
     },
   };
 
-  // Listen on both Unix socket and TCP (for ztcp from zsh)
+  // Unix-domain socket only — protected by filesystem permissions (0600).
+  // No TCP: a guessable localhost port with no auth would let any local
+  // process poison history or read it.
   server = Bun.listen({
     unix: socketPath,
     socket: socketHandlers,
   });
+  try {
+    chmodSync(socketPath, 0o600);
+  } catch {}
 
-  const port = getDaemonPort();
-  tcpServer = Bun.listen({
-    hostname: "127.0.0.1",
-    port,
-    socket: socketHandlers,
-  });
-
-  // Save PID + port
-  writeFileSync(pidPath, `${process.pid}\n${port}`);
+  // Save PID (owner-only)
+  writeFileSync(pidPath, `${process.pid}`, { mode: 0o600 });
 
   resetIdleTimer();
 
@@ -200,10 +208,6 @@ export function stopServer(): void {
     server.stop(true);
     server = null;
   }
-  if (tcpServer) {
-    tcpServer.stop(true);
-    tcpServer = null;
-  }
   closeDb();
 
   const socketPath = getSocketPath();
@@ -236,13 +240,13 @@ export function isDaemonRunning(): boolean {
   }
 }
 
-export function getDaemonInfo(): { pid: number; port: number } | null {
+export function getDaemonInfo(): { pid: number } | null {
   const pidPath = getPidPath();
   if (!existsSync(pidPath)) return null;
   try {
     const content = require("fs").readFileSync(pidPath, "utf-8").trim();
-    const lines = content.split("\n");
-    return { pid: parseInt(lines[0]), port: parseInt(lines[1]) };
+    const pid = parseInt(content.split("\n")[0]);
+    return Number.isNaN(pid) ? null : { pid };
   } catch {
     return null;
   }

package/src/db/frecency.ts

@@ -0,0 +1,23 @@
+/**
+ * Frecency = frequency × recency-weight, computed AT QUERY TIME.
+ *
+ * Recency must decay as time passes, so the weight is derived from the age
+ * of `last_used_at` on every read instead of being frozen into a stored
+ * column at write time. This single SQL expression is the source of truth
+ * shared by the daemon (inline suggest), the daemon-less fallback, and the
+ * Ctrl+R full search, so all three rank results identically.
+ *
+ * Requires `frequency` and `last_used_at` (epoch ms) columns in scope.
+ */
+export const FRECENCY_EXPR = `
+  frequency * (
+    CASE
+      WHEN (strftime('%s','now') * 1000 - last_used_at) < 3600000    THEN 4.0
+      WHEN (strftime('%s','now') * 1000 - last_used_at) < 86400000   THEN 2.0
+      WHEN (strftime('%s','now') * 1000 - last_used_at) < 604800000  THEN 1.5
+      WHEN (strftime('%s','now') * 1000 - last_used_at) < 2592000000 THEN 1.0
+      WHEN (strftime('%s','now') * 1000 - last_used_at) < 7776000000 THEN 0.5
+      ELSE 0.25
+    END
+  )
+`;

package/src/db/queries.ts

@@ -1,4 +1,5 @@
 import { getDb } from "./connection";
+import { FRECENCY_EXPR } from "./frecency";
 import { createHash } from "crypto";
 
 export interface CommandRecord {
@@ -37,8 +38,14 @@ export function hashCommand(command: string): string {
 }
 
 export function insertCommand(input: InsertCommandInput): void {
+  // Defense in depth: strip control chars (incl. NUL/tab/newline) and cap
+  // length before persisting, so a garbage/poisoned ADD can't store binary
+  // blobs or megabyte lines that later corrupt TUI rendering.
+  const command = input.command.replace(/[\x00-\x1f\x7f]/g, " ").trim();
+  if (command.length < 2 || command.length > 8192) return;
+
   const db = getDb();
-  const hash = hashCommand(input.command);
+  const hash = hashCommand(command);
   const now = Date.now();
 
   db.transaction(() => {
@@ -46,7 +53,7 @@ export function insertCommand(input: InsertCommandInput): void {
       `INSERT INTO commands (command, command_hash, cwd, exit_code, duration_ms, hostname, session_id, shell, created_at)
        VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)`,
       [
-        input.command,
+        command,
         hash,
         input.cwd ?? null,
         input.exit_code ?? null,
@@ -58,30 +65,21 @@ export function insertCommand(input: InsertCommandInput): void {
       ]
     );
 
-    // Upsert command_stats
+    // Upsert command_stats. frecency_score is no longer used for ranking
+    // (recency is computed at query time via FRECENCY_EXPR); we keep the
+    // column populated with the raw frequency for debugging/back-compat.
     db.run(
       `INSERT INTO command_stats (command_hash, command, frequency, last_used_at, frecency_score)
-       VALUES (?, ?, 1, ?, 4.0)
+       VALUES (?, ?, 1, ?, 1)
        ON CONFLICT(command_hash) DO UPDATE SET
          frequency = frequency + 1,
          last_used_at = ?,
-         frecency_score = (frequency + 1) * ?`,
-      [hash, input.command.trim(), now, now, calculateRecencyWeight(now)]
+         frecency_score = frequency + 1`,
+      [hash, command, now, now]
     );
   })();
 }
 
-function calculateRecencyWeight(lastUsedAt: number): number {
-  const age = Date.now() - lastUsedAt;
-  const hour = 3600_000;
-  if (age < hour) return 4.0;
-  if (age < 24 * hour) return 2.0;
-  if (age < 7 * 24 * hour) return 1.5;
-  if (age < 30 * 24 * hour) return 1.0;
-  if (age < 90 * 24 * hour) return 0.5;
-  return 0.25;
-}
-
 export interface SearchOptions {
   query?: string;
   cwd?: string;
@@ -120,7 +118,7 @@ export function searchCommands(opts: SearchOptions): CommandStats[] {
 
   const rows = db
     .query<CommandStats, (string | number)[]>(
-      `SELECT command_hash, command, frequency, last_used_at, frecency_score
+      `SELECT command_hash, command, frequency, last_used_at, ${FRECENCY_EXPR} AS frecency_score
        FROM command_stats cs
        ${where}
        ORDER BY frecency_score DESC
@@ -185,24 +183,3 @@ export function getExistingHashes(): Set<string> {
     .all();
   return new Set(rows.map((r) => r.command_hash));
 }
-
-export function refreshAllFrecency(): void {
-  const db = getDb();
-  const now = Date.now();
-  const stats = db
-    .query<{ command_hash: string; frequency: number; last_used_at: number }, []>(
-      "SELECT command_hash, frequency, last_used_at FROM command_stats"
-    )
-    .all();
-
-  const update = db.prepare(
-    "UPDATE command_stats SET frecency_score = ? WHERE command_hash = ?"
-  );
-
-  db.transaction(() => {
-    for (const s of stats) {
-      const weight = calculateRecencyWeight(s.last_used_at);
-      update.run(s.frequency * weight, s.command_hash);
-    }
-  })();
-}

package/src/index.ts

@@ -154,7 +154,7 @@ async function main(): Promise<void> {
             await new Promise((r) => setTimeout(r, 200));
             if (isDaemonRunning()) {
               const info = getDaemonInfo();
-              console.log(`Daemon started (pid: ${info?.pid}, port: ${info?.port})`);
+              console.log(`Daemon started (pid: ${info?.pid})`);
             } else {
               console.error("Failed to start daemon.");
               process.exit(1);
@@ -177,7 +177,7 @@ async function main(): Promise<void> {
           case "status": {
             if (isDaemonRunning()) {
               const info = getDaemonInfo();
-              console.log(`Daemon running (pid: ${info?.pid}, port: ${info?.port})`);
+              console.log(`Daemon running (pid: ${info?.pid})`);
             } else {
               console.log("Daemon not running.");
             }

package/src/tui/input.ts

@@ -72,7 +72,9 @@ function getTtyReadFd(): number {
 }
 
 export function readKeypress(): Buffer {
-  const buf = Buffer.alloc(16);
+  // Large enough to hold a pasted chunk in one read; a 16-byte buffer split
+  // multi-byte UTF-8 (emoji, accented chars) across reads and corrupted them.
+  const buf = Buffer.alloc(4096);
   const bytesRead = readSync(getTtyReadFd(), buf);
   return buf.subarray(0, bytesRead);
 }

package/src/utils/update-check.ts

@@ -31,8 +31,15 @@ function writeCache(data: CachedCheck): void {
 }
 
 function compareVersions(current: string, latest: string): number {
-  const a = current.split(".").map(Number);
-  const b = latest.split(".").map(Number);
+  // Strip a pre-release/build suffix (e.g. "1.2.3-beta") and parse each part
+  // safely; an unparseable segment must not become NaN and skew the compare.
+  const parse = (v: string) =>
+    v.split("-")[0].split(".").map((p) => {
+      const n = parseInt(p, 10);
+      return Number.isNaN(n) ? 0 : n;
+    });
+  const a = parse(current);
+  const b = parse(latest);
   for (let i = 0; i < 3; i++) {
     if ((a[i] ?? 0) < (b[i] ?? 0)) return -1;
     if ((a[i] ?? 0) > (b[i] ?? 0)) return 1;