shortcutxl 0.2.12 → 0.2.13

package/agent-docs/examples/extensions/tool-override.ts

@@ -1,146 +1,146 @@
-/**
- * Tool Override Example - Demonstrates overriding built-in tools
- *
- * Extensions can register tools with the same name as built-in tools to replace them.
- * This is useful for:
- * - Adding logging or auditing to tool calls
- * - Implementing access control or sandboxing
- * - Routing tool calls to remote systems (e.g., shortcut-ssh-remote)
- * - Modifying tool behavior for specific workflows
- *
- * This example overrides the `read` tool to:
- * 1. Log all file access to a log file
- * 2. Block access to sensitive paths (e.g., .env files)
- * 3. Delegate to the original read implementation for allowed files
- *
- * Since no custom renderCall/renderResult are provided, the built-in renderer
- * is used automatically (syntax highlighting, line numbers, truncation warnings).
- *
- * Usage:
- *   shortcut -e ./tool-override.ts
- */
-
-import { Type } from '@sinclair/typebox';
-import { appendFileSync, constants, readFileSync } from 'fs';
-import { access, readFile } from 'fs/promises';
-import { homedir } from 'os';
-import { join, resolve } from 'path';
-import type { ExtensionAPI, TextContent } from 'shortcutxl';
-
-const LOG_FILE = join(homedir(), '.shortcut', 'agent', 'read-access.log');
-
-// Paths that are blocked from reading
-const BLOCKED_PATTERNS = [
-  /\.env$/,
-  /\.env\..+$/,
-  /secrets?\.(json|yaml|yml|toml)$/i,
-  /credentials?\.(json|yaml|yml|toml)$/i,
-  /\/\.ssh\//,
-  /\/\.aws\//,
-  /\/\.gnupg\//
-];
-
-function isBlockedPath(path: string): boolean {
-  return BLOCKED_PATTERNS.some((pattern) => pattern.test(path));
-}
-
-function logAccess(path: string, allowed: boolean, reason?: string) {
-  const timestamp = new Date().toISOString();
-  const status = allowed ? 'ALLOWED' : 'BLOCKED';
-  const msg = reason ? ` (${reason})` : '';
-  const line = `[${timestamp}] ${status}: ${path}${msg}\n`;
-
-  try {
-    appendFileSync(LOG_FILE, line);
-  } catch {
-    // Ignore logging errors
-  }
-}
-
-const readSchema = Type.Object({
-  path: Type.String({ description: 'Path to the file to read (relative or absolute)' }),
-  offset: Type.Optional(
-    Type.Number({ description: 'Line number to start reading from (1-indexed)' })
-  ),
-  limit: Type.Optional(Type.Number({ description: 'Maximum number of lines to read' }))
-});
-
-export default function (shortcut: ExtensionAPI) {
-  shortcut.registerTool({
-    name: 'read', // Same name as built-in - this will override it
-    label: 'read (audited)',
-    description:
-      'Read the contents of a file with access logging. Some sensitive paths (.env, secrets, credentials) are blocked.',
-    parameters: readSchema,
-
-    async execute(_toolCallId, params, _signal, _onUpdate, ctx) {
-      const { path, offset, limit } = params;
-      const absolutePath = resolve(ctx.cwd, path);
-
-      // Check if path is blocked
-      if (isBlockedPath(absolutePath)) {
-        logAccess(absolutePath, false, 'matches blocked pattern');
-        return {
-          content: [
-            {
-              type: 'text',
-              text: `Access denied: "${path}" matches a blocked pattern (sensitive file). This tool blocks access to .env files, secrets, credentials, and SSH/AWS/GPG directories.`
-            }
-          ],
-          details: { blocked: true }
-        };
-      }
-
-      // Log allowed access
-      logAccess(absolutePath, true);
-
-      // Perform the actual read (simplified implementation)
-      try {
-        await access(absolutePath, constants.R_OK);
-        const content = await readFile(absolutePath, 'utf-8');
-        const lines = content.split('\n');
-
-        // Apply offset and limit
-        const startLine = offset ? Math.max(0, offset - 1) : 0;
-        const endLine = limit ? startLine + limit : lines.length;
-        const selectedLines = lines.slice(startLine, endLine);
-
-        // Basic truncation (50KB limit)
-        let text = selectedLines.join('\n');
-        const maxBytes = 50 * 1024;
-        if (Buffer.byteLength(text, 'utf-8') > maxBytes) {
-          text = `${text.slice(0, maxBytes)}\n\n[Output truncated at 50KB]`;
-        }
-
-        return {
-          content: [{ type: 'text', text }] as TextContent[],
-          details: { lines: lines.length }
-        };
-      } catch (error: any) {
-        return {
-          content: [
-            { type: 'text', text: `Error reading file: ${error.message}` }
-          ] as TextContent[],
-          details: { error: true }
-        };
-      }
-    }
-
-    // No renderCall/renderResult - uses built-in renderer automatically
-    // (syntax highlighting, line numbers, truncation warnings, etc.)
-  });
-
-  // Also register a command to view the access log
-  shortcut.registerCommand('read-log', {
-    description: 'View the file access log',
-    handler: async (_args, ctx) => {
-      try {
-        const log = readFileSync(LOG_FILE, 'utf-8');
-        const lines = log.trim().split('\n').slice(-20); // Last 20 entries
-        ctx.ui.notify(`Recent file access:\n${lines.join('\n')}`, 'info');
-      } catch {
-        ctx.ui.notify('No access log found', 'info');
-      }
-    }
-  });
-}
+/**
+ * Tool Override Example - Demonstrates overriding built-in tools
+ *
+ * Extensions can register tools with the same name as built-in tools to replace them.
+ * This is useful for:
+ * - Adding logging or auditing to tool calls
+ * - Implementing access control or sandboxing
+ * - Routing tool calls to remote systems (e.g., shortcut-ssh-remote)
+ * - Modifying tool behavior for specific workflows
+ *
+ * This example overrides the `read` tool to:
+ * 1. Log all file access to a log file
+ * 2. Block access to sensitive paths (e.g., .env files)
+ * 3. Delegate to the original read implementation for allowed files
+ *
+ * Since no custom renderCall/renderResult are provided, the built-in renderer
+ * is used automatically (syntax highlighting, line numbers, truncation warnings).
+ *
+ * Usage:
+ *   shortcut -e ./tool-override.ts
+ */
+
+import { Type } from '@sinclair/typebox';
+import { appendFileSync, constants, readFileSync } from 'fs';
+import { access, readFile } from 'fs/promises';
+import { homedir } from 'os';
+import { join, resolve } from 'path';
+import type { ExtensionAPI, TextContent } from 'shortcutxl';
+
+const LOG_FILE = join(homedir(), '.shortcut', 'agent', 'read-access.log');
+
+// Paths that are blocked from reading
+const BLOCKED_PATTERNS = [
+  /\.env$/,
+  /\.env\..+$/,
+  /secrets?\.(json|yaml|yml|toml)$/i,
+  /credentials?\.(json|yaml|yml|toml)$/i,
+  /\/\.ssh\//,
+  /\/\.aws\//,
+  /\/\.gnupg\//
+];
+
+function isBlockedPath(path: string): boolean {
+  return BLOCKED_PATTERNS.some((pattern) => pattern.test(path));
+}
+
+function logAccess(path: string, allowed: boolean, reason?: string) {
+  const timestamp = new Date().toISOString();
+  const status = allowed ? 'ALLOWED' : 'BLOCKED';
+  const msg = reason ? ` (${reason})` : '';
+  const line = `[${timestamp}] ${status}: ${path}${msg}\n`;
+
+  try {
+    appendFileSync(LOG_FILE, line);
+  } catch {
+    // Ignore logging errors
+  }
+}
+
+const readSchema = Type.Object({
+  path: Type.String({ description: 'Path to the file to read (relative or absolute)' }),
+  offset: Type.Optional(
+    Type.Number({ description: 'Line number to start reading from (1-indexed)' })
+  ),
+  limit: Type.Optional(Type.Number({ description: 'Maximum number of lines to read' }))
+});
+
+export default function (shortcut: ExtensionAPI) {
+  shortcut.registerTool({
+    name: 'read', // Same name as built-in - this will override it
+    label: 'read (audited)',
+    description:
+      'Read the contents of a file with access logging. Some sensitive paths (.env, secrets, credentials) are blocked.',
+    parameters: readSchema,
+
+    async execute(_toolCallId, params, _signal, _onUpdate, ctx) {
+      const { path, offset, limit } = params;
+      const absolutePath = resolve(ctx.cwd, path);
+
+      // Check if path is blocked
+      if (isBlockedPath(absolutePath)) {
+        logAccess(absolutePath, false, 'matches blocked pattern');
+        return {
+          content: [
+            {
+              type: 'text',
+              text: `Access denied: "${path}" matches a blocked pattern (sensitive file). This tool blocks access to .env files, secrets, credentials, and SSH/AWS/GPG directories.`
+            }
+          ],
+          details: { blocked: true }
+        };
+      }
+
+      // Log allowed access
+      logAccess(absolutePath, true);
+
+      // Perform the actual read (simplified implementation)
+      try {
+        await access(absolutePath, constants.R_OK);
+        const content = await readFile(absolutePath, 'utf-8');
+        const lines = content.split('\n');
+
+        // Apply offset and limit
+        const startLine = offset ? Math.max(0, offset - 1) : 0;
+        const endLine = limit ? startLine + limit : lines.length;
+        const selectedLines = lines.slice(startLine, endLine);
+
+        // Basic truncation (50KB limit)
+        let text = selectedLines.join('\n');
+        const maxBytes = 50 * 1024;
+        if (Buffer.byteLength(text, 'utf-8') > maxBytes) {
+          text = `${text.slice(0, maxBytes)}\n\n[Output truncated at 50KB]`;
+        }
+
+        return {
+          content: [{ type: 'text', text }] as TextContent[],
+          details: { lines: lines.length }
+        };
+      } catch (error: any) {
+        return {
+          content: [
+            { type: 'text', text: `Error reading file: ${error.message}` }
+          ] as TextContent[],
+          details: { error: true }
+        };
+      }
+    }
+
+    // No renderCall/renderResult - uses built-in renderer automatically
+    // (syntax highlighting, line numbers, truncation warnings, etc.)
+  });
+
+  // Also register a command to view the access log
+  shortcut.registerCommand('read-log', {
+    description: 'View the file access log',
+    handler: async (_args, ctx) => {
+      try {
+        const log = readFileSync(LOG_FILE, 'utf-8');
+        const lines = log.trim().split('\n').slice(-20); // Last 20 entries
+        ctx.ui.notify(`Recent file access:\n${lines.join('\n')}`, 'info');
+      } catch {
+        ctx.ui.notify('No access log found', 'info');
+      }
+    }
+  });
+}

package/agent-docs/examples/extensions/tools.ts

@@ -1,145 +1,145 @@
-/**
- * Tools Extension
- *
- * Provides a /tools command to enable/disable tools interactively.
- * Tool selection persists across session reloads and respects branch navigation.
- *
- * Usage:
- * 1. Copy this file to ~/.shortcut/agent/extensions/ or your project's .shortcut/extensions/
- * 2. Use /tools to open the tool selector
- */
-
-import type { ExtensionAPI, ExtensionContext, ToolInfo } from 'shortcutxl';
-import { Container, getSettingsListTheme, type SettingItem, SettingsList } from 'shortcutxl';
-
-// State persisted to session
-interface ToolsState {
-  enabledTools: string[];
-}
-
-export default function toolsExtension(shortcut: ExtensionAPI) {
-  // Track enabled tools
-  let enabledTools: Set<string> = new Set();
-  let allTools: ToolInfo[] = [];
-
-  // Persist current state
-  function persistState() {
-    shortcut.appendEntry<ToolsState>('tools-config', {
-      enabledTools: Array.from(enabledTools)
-    });
-  }
-
-  // Apply current tool selection
-  function applyTools() {
-    shortcut.setActiveTools(Array.from(enabledTools));
-  }
-
-  // Find the last tools-config entry in the current branch
-  function restoreFromBranch(ctx: ExtensionContext) {
-    allTools = shortcut.getAllTools();
-
-    // Get entries in current branch only
-    const branchEntries = ctx.sessionManager.getBranch();
-    let savedTools: string[] | undefined;
-
-    for (const entry of branchEntries) {
-      if (entry.type === 'custom' && entry.customType === 'tools-config') {
-        const data = entry.data as ToolsState | undefined;
-        if (data?.enabledTools) {
-          savedTools = data.enabledTools;
-        }
-      }
-    }
-
-    if (savedTools) {
-      // Restore saved tool selection (filter to only tools that still exist)
-      const allToolNames = allTools.map((t) => t.name);
-      enabledTools = new Set(savedTools.filter((t: string) => allToolNames.includes(t)));
-      applyTools();
-    } else {
-      // No saved state - sync with currently active tools
-      enabledTools = new Set(shortcut.getActiveTools());
-    }
-  }
-
-  // Register /tools command
-  shortcut.registerCommand('tools', {
-    description: 'Enable/disable tools',
-    handler: async (_args, ctx) => {
-      // Refresh tool list
-      allTools = shortcut.getAllTools();
-
-      await ctx.ui.custom((tui, theme, _kb, done) => {
-        // Build settings items for each tool
-        const items: SettingItem[] = allTools.map((tool) => ({
-          id: tool.name,
-          label: tool.name,
-          currentValue: enabledTools.has(tool.name) ? 'enabled' : 'disabled',
-          values: ['enabled', 'disabled']
-        }));
-
-        const container = new Container();
-        container.addChild(
-          new (class {
-            render(_width: number) {
-              return [theme.fg('accent', theme.bold('Tool Configuration')), ''];
-            }
-            invalidate() {}
-          })()
-        );
-
-        const settingsList = new SettingsList(
-          items,
-          Math.min(items.length + 2, 15),
-          getSettingsListTheme(),
-          (id, newValue) => {
-            // Update enabled state and apply immediately
-            if (newValue === 'enabled') {
-              enabledTools.add(id);
-            } else {
-              enabledTools.delete(id);
-            }
-            applyTools();
-            persistState();
-          },
-          () => {
-            // Close dialog
-            done(undefined);
-          }
-        );
-
-        container.addChild(settingsList);
-
-        const component = {
-          render(width: number) {
-            return container.render(width);
-          },
-          invalidate() {
-            container.invalidate();
-          },
-          handleInput(data: string) {
-            settingsList.handleInput?.(data);
-            tui.requestRender();
-          }
-        };
-
-        return component;
-      });
-    }
-  });
-
-  // Restore state on session start
-  shortcut.on('session_start', async (_event, ctx) => {
-    restoreFromBranch(ctx);
-  });
-
-  // Restore state when navigating the session tree
-  shortcut.on('session_tree', async (_event, ctx) => {
-    restoreFromBranch(ctx);
-  });
-
-  // Restore state after forking
-  shortcut.on('session_fork', async (_event, ctx) => {
-    restoreFromBranch(ctx);
-  });
-}
+/**
+ * Tools Extension
+ *
+ * Provides a /tools command to enable/disable tools interactively.
+ * Tool selection persists across session reloads and respects branch navigation.
+ *
+ * Usage:
+ * 1. Copy this file to ~/.shortcut/agent/extensions/ or your project's .shortcut/extensions/
+ * 2. Use /tools to open the tool selector
+ */
+
+import type { ExtensionAPI, ExtensionContext, ToolInfo } from 'shortcutxl';
+import { Container, getSettingsListTheme, type SettingItem, SettingsList } from 'shortcutxl';
+
+// State persisted to session
+interface ToolsState {
+  enabledTools: string[];
+}
+
+export default function toolsExtension(shortcut: ExtensionAPI) {
+  // Track enabled tools
+  let enabledTools: Set<string> = new Set();
+  let allTools: ToolInfo[] = [];
+
+  // Persist current state
+  function persistState() {
+    shortcut.appendEntry<ToolsState>('tools-config', {
+      enabledTools: Array.from(enabledTools)
+    });
+  }
+
+  // Apply current tool selection
+  function applyTools() {
+    shortcut.setActiveTools(Array.from(enabledTools));
+  }
+
+  // Find the last tools-config entry in the current branch
+  function restoreFromBranch(ctx: ExtensionContext) {
+    allTools = shortcut.getAllTools();
+
+    // Get entries in current branch only
+    const branchEntries = ctx.sessionManager.getBranch();
+    let savedTools: string[] | undefined;
+
+    for (const entry of branchEntries) {
+      if (entry.type === 'custom' && entry.customType === 'tools-config') {
+        const data = entry.data as ToolsState | undefined;
+        if (data?.enabledTools) {
+          savedTools = data.enabledTools;
+        }
+      }
+    }
+
+    if (savedTools) {
+      // Restore saved tool selection (filter to only tools that still exist)
+      const allToolNames = allTools.map((t) => t.name);
+      enabledTools = new Set(savedTools.filter((t: string) => allToolNames.includes(t)));
+      applyTools();
+    } else {
+      // No saved state - sync with currently active tools
+      enabledTools = new Set(shortcut.getActiveTools());
+    }
+  }
+
+  // Register /tools command
+  shortcut.registerCommand('tools', {
+    description: 'Enable/disable tools',
+    handler: async (_args, ctx) => {
+      // Refresh tool list
+      allTools = shortcut.getAllTools();
+
+      await ctx.ui.custom((tui, theme, _kb, done) => {
+        // Build settings items for each tool
+        const items: SettingItem[] = allTools.map((tool) => ({
+          id: tool.name,
+          label: tool.name,
+          currentValue: enabledTools.has(tool.name) ? 'enabled' : 'disabled',
+          values: ['enabled', 'disabled']
+        }));
+
+        const container = new Container();
+        container.addChild(
+          new (class {
+            render(_width: number) {
+              return [theme.fg('accent', theme.bold('Tool Configuration')), ''];
+            }
+            invalidate() {}
+          })()
+        );
+
+        const settingsList = new SettingsList(
+          items,
+          Math.min(items.length + 2, 15),
+          getSettingsListTheme(),
+          (id, newValue) => {
+            // Update enabled state and apply immediately
+            if (newValue === 'enabled') {
+              enabledTools.add(id);
+            } else {
+              enabledTools.delete(id);
+            }
+            applyTools();
+            persistState();
+          },
+          () => {
+            // Close dialog
+            done(undefined);
+          }
+        );
+
+        container.addChild(settingsList);
+
+        const component = {
+          render(width: number) {
+            return container.render(width);
+          },
+          invalidate() {
+            container.invalidate();
+          },
+          handleInput(data: string) {
+            settingsList.handleInput?.(data);
+            tui.requestRender();
+          }
+        };
+
+        return component;
+      });
+    }
+  });
+
+  // Restore state on session start
+  shortcut.on('session_start', async (_event, ctx) => {
+    restoreFromBranch(ctx);
+  });
+
+  // Restore state when navigating the session tree
+  shortcut.on('session_tree', async (_event, ctx) => {
+    restoreFromBranch(ctx);
+  });
+
+  // Restore state after forking
+  shortcut.on('session_fork', async (_event, ctx) => {
+    restoreFromBranch(ctx);
+  });
+}

package/agent-docs/examples/extensions/trigger-compact.ts

@@ -1,40 +1,40 @@
-import type { ExtensionAPI, ExtensionContext } from 'shortcutxl';
-
-const COMPACT_THRESHOLD_TOKENS = 100_000;
-
-export default function (shortcut: ExtensionAPI) {
-  const triggerCompaction = (ctx: ExtensionContext, customInstructions?: string) => {
-    if (ctx.hasUI) {
-      ctx.ui.notify('Compaction started', 'info');
-    }
-    ctx.compact({
-      customInstructions,
-      onComplete: () => {
-        if (ctx.hasUI) {
-          ctx.ui.notify('Compaction completed', 'info');
-        }
-      },
-      onError: (error) => {
-        if (ctx.hasUI) {
-          ctx.ui.notify(`Compaction failed: ${error.message}`, 'error');
-        }
-      }
-    });
-  };
-
-  shortcut.on('turn_end', (_event, ctx) => {
-    const usage = ctx.getContextUsage();
-    if (!usage || usage.tokens === null || usage.tokens <= COMPACT_THRESHOLD_TOKENS) {
-      return;
-    }
-    triggerCompaction(ctx);
-  });
-
-  shortcut.registerCommand('trigger-compact', {
-    description: 'Trigger compaction immediately',
-    handler: async (args, ctx) => {
-      const instructions = args.trim() || undefined;
-      triggerCompaction(ctx, instructions);
-    }
-  });
-}
+import type { ExtensionAPI, ExtensionContext } from 'shortcutxl';
+
+const COMPACT_THRESHOLD_TOKENS = 100_000;
+
+export default function (shortcut: ExtensionAPI) {
+  const triggerCompaction = (ctx: ExtensionContext, customInstructions?: string) => {
+    if (ctx.hasUI) {
+      ctx.ui.notify('Compaction started', 'info');
+    }
+    ctx.compact({
+      customInstructions,
+      onComplete: () => {
+        if (ctx.hasUI) {
+          ctx.ui.notify('Compaction completed', 'info');
+        }
+      },
+      onError: (error) => {
+        if (ctx.hasUI) {
+          ctx.ui.notify(`Compaction failed: ${error.message}`, 'error');
+        }
+      }
+    });
+  };
+
+  shortcut.on('turn_end', (_event, ctx) => {
+    const usage = ctx.getContextUsage();
+    if (!usage || usage.tokens === null || usage.tokens <= COMPACT_THRESHOLD_TOKENS) {
+      return;
+    }
+    triggerCompaction(ctx);
+  });
+
+  shortcut.registerCommand('trigger-compact', {
+    description: 'Trigger compaction immediately',
+    handler: async (args, ctx) => {
+      const instructions = args.trim() || undefined;
+      triggerCompaction(ctx, instructions);
+    }
+  });
+}