Commit Graph

17 Commits

Author SHA1 Message Date
a224537618 docs: add precise reading guideline 2026-05-31 17:28:51 +08:00
fc70179b02 feat(web): 统一前端设计风格并重写回顾/版本管理弹窗
- 将 8 条前端设计风格原则写入 CLAUDE.md 与 AGENTS.md
- 重写对话回顾弹窗:扁平化去圆角套娃、移除彩色光晕、固定高度、
  自定义关闭按钮、滚动条隐藏、颜色全走三模式变量
- 回顾弹窗改用独立列表 state,加载更多改为追加不刷新、不复位滚动,
  按钮样式对齐侧边栏(全宽/文字靠左/固定高度)
- 后端 get_conversation_list 新增 non_empty 参数,回顾弹窗仅显示
  有内容的对话且分页数量一致(侧边栏不受影响)
- 重写版本管理弹窗:原生 select/checkbox 换自定义下拉与开关、
  拆圆角套娃、固定高度、颜色走变量(diff 红绿语义色保留)
- 版本管理开关旁文字随状态显示开启/关闭
- icons 注册 refreshCw 键

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-05-31 11:30:08 +08:00
3fd2214da0 feat(compression): 深压缩改为 in-place 标记前缀,不再切换新对话
深压缩从"建新对话+切过去"重构为标记当前对话历史前缀(deep_compacted):
原文保留并照常显示,仅在 build_messages 构建请求时排除。conversation_id
不变,避免任务状态/目标模式/前端对话切换的大量适配带来的 bug。

- deep_compression.py: _mark_history_compacted 打标 + 重置 current_context_tokens
  防自动续接死循环;总结请求传入正常 tools 以 100% 命中前缀缓存
- context.py build_messages: 跳过 deep_compacted 消息
- conversation.py /compress: 去掉切对话,按 compress_behavior 决定续接/等待
- 新增个性化设置 deep_compress_form(file/inject) 与
  deep_compress_behavior(continue/wait,仅手动压缩生效)
- 前端去掉强制切换对话,改为重载当前对话刷新展示
- AGENTS.md/CLAUDE.md: 补充默认中文交流约定等说明

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-05-30 20:56:15 +08:00
672110c213 docs: adjust agent reporting rules 2026-05-29 14:10:34 +08:00
bed194386a fix(mobile): align conversation overlay in app 2026-05-28 20:50:44 +08:00
f61a8df6fa feat: add blocking user question tool 2026-05-28 16:30:55 +08:00
92ca6e460e docs(agents): allow direct main development 2026-05-28 14:30:44 +08:00
cc9df7959a feat(cli): 新增 React/Ink CLI 端,修复全屏布局与光标定位
## 新增:基于 React/Ink 的 CLI 终端(cli/)

使用 Ink 框架构建完整的终端 UI,取代原有的纯 print 交互方式:

- App.tsx:主应用组件,管理对话状态、任务轮询、键盘输入、slash 命令
- components.tsx:Timeline、Composer、StatusLine、Picker、SlashMenu 等全部 UI 组件
- eventMapper.ts:将后端 SSE 事件流映射为 Timeline 条目,支持 thinking/tool/assistant/sub_agent 等类型
- api.ts:封装所有后端 REST 接口(任务、对话、模型、权限、工作区等)
- commands.ts:slash 命令定义(/new /resume /model /permission /execution /workspace /compact /tools 等)
- workspaces.ts:本地工作区目录的持久化管理
- types.ts:所有共享类型定义
- format.ts:context 格式化、路径缩写等工具函数

## 重大修复:去除固定高度全屏模式,恢复滚轮滚动

**问题根因**:根 Box 设置了 `height={stdout.rows}` 使 Ink 进入原地重绘模式
(类似 vim/htop),所有内容在同一块屏幕区域反复擦写,永远不会真正
"滚出"屏幕顶部,导致 terminal 的 scrollback buffer 始终为空,鼠标
滚轮无任何响应。

**修复方案**:
- 移除根 Box 的 `height` 约束和 `overflow="hidden"`
- 移除内层 Box 的 `flexGrow`/`justifyContent="flex-end"` 全屏布局
- Timeline 不再做行数截断,直接渲染全部条目
- 内容自然流入 terminal scrollback buffer,鼠标滚轮恢复正常

**同步清理**:删除 `getTimelineMaxRows`、`estimateTimelineRows`、
`scrollOffset` 状态及方向键滚动逻辑(这些都是全屏模式下的补丁,
去除固定高度后不再需要)

## 修复:Composer 光标位置偏移一行

`setCursorPosition` 中 y 轴使用 `lines.length` 导致单行时偏移 +1。
改为 `lines.length - 1`,与实际最后一行渲染位置对齐。

## 其他

- AGENTS.md / README.md:补充 CLI 启动方式与架构说明
- server/chat.py:补充任务轮询接口所需字段
- package.json:新增 cli 相关脚本入口
- docs/cli_slash_commands_spec.md、docs/cli_ui_display_spec.md:CLI 设计文档

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-16 01:06:51 +08:00
8d665ad6de feat(permission): add auto-approval mode with approval agent, UI flow, and docs sync
Implemented a new permission mode  between  and , including backend policy, runtime behavior, frontend display, and documentation updates.

Backend & policy changes:

- Added  to permission mode validation and persistence paths.

- Updated tool permission evaluation: workspace-local  direct pass, out-of-workspace requires approval.

- Kept  readonly-first flow and added auto-approval decision path when permission denial occurs.

- Added approval reason/decider support in tool approval manager.

- Improved rejection tool-content format to natural language: '工具调用被拒绝\n原因:...'

- Fixed permission-mode sync edge cases on conversation create/load and restart-first-switch behavior.

Approval agent subsystem:

- Added  and .

- Added lightweight auto-approval config at  (name/url/key/model/extra_params + timeouts).

- Added optional transcript debug switch in code and transcript output under logs/approval_agent.

- Aligned transcript saving toward cumulative messages format and captured reasoning/content/tool_calls/tool sequence.

Frontend changes:

- Added  option to personalization and permission menus.

- Reworked approval panel auto-review display into a dedicated block with simplified lines: start, command, final approve/reject + reason.

- Added delayed sidebar auto-close (10s) after approval resolved.

- Added stricter permission-switch verification and rollback on mismatch/error.

Docs updated:

- Synced AGENTS.md, README.md, and docs/host_sandbox_and_permission_model.md with new permission mode, approval-agent behavior, config, and current constraints (including docker caveat).
2026-05-11 17:55:27 +08:00
a93f17010c feat(security): unify host sandbox controls across command/python/terminal/sub-agent and add path authorization UI
This commit lands a broad host-security architecture update focused on enforceable sandbox execution, clearer permission semantics, and operator usability.

Core execution/security changes
- Introduce and wire a unified host sandbox runner for multi-OS execution:
  - macOS: sandbox-exec
  - Linux: bubblewrap + seccomp
  - Windows: WSL2 path
- Remove silent fallback behavior in failure paths; sandbox-unavailable cases now fail closed instead of dropping to unsafe host execution.
- Ensure host execution mode (sandbox/direct) is propagated consistently into runtime components, including sub-agent startup.

Permission mode model upgrade
- Rework readonly/approval behavior for run_command from brittle command-text gating to execution-layer enforcement:
  - readonly: run_command executes in read-only sandbox profile.
  - approval: run_command first executes read-only; when permission-denied is detected, request approval and retry once with writable sandbox for that single call.
- Tool loop now returns final post-approval execution result, not intermediate permission-denied payloads.
- Update permission-mode system messaging to describe user-visible behavior without exposing internal implementation details.

Path authorization system
- Add dynamic host policy module and persisted policy file.
- Support dual path classes:
  - writable_paths (read+write)
  - readable_extra_paths (read-only)
- Enforce file access in file_manager by access type (read vs write) under host mode.
- Add host-only frontend 路径授权 management dialog (settings三级菜单入口), including mode switch between 可读可写 and 仅可读 with separate drafts and save flow.

Sub-agent and terminal alignment
- Sub-agent process launch now respects host execution mode and sandbox controls in host mode.
- Keep terminal session model compatible with sandbox-first behavior and execution-mode propagation.

Tool surface updates
- Remove legacy file-management tools from active tool definitions (create_file/create_folder/rename_file/delete_file) while preserving historical conversation compatibility.

Docs updates
- Add dedicated architecture doc: docs/host_sandbox_and_permission_model.md
- Refresh README and AGENTS sections to reflect updated permission/execution model and path-authorization semantics.

Validation performed
- python unittest smoke suite passes: test.test_server_refactor_smoke
- frontend build passes: npm run build
- syntax checks for touched Python modules completed
2026-05-11 13:41:30 +08:00
cfffc8e4ef docs(agents): simplify git workflow — remove PR and review 2026-04-27 23:58:59 +08:00
54e8c8c0fb docs(agents): add CLI troubleshooting and fix cleanup commands (#2) 2026-04-27 23:48:50 +08:00
2799608051 docs(agents): add comprehensive git workflow and review spec 2026-04-27 23:31:14 +08:00
1bda147a6f fix: 完善工具约束与项目文档说明 2026-04-10 14:33:41 +08:00
7e03e3cd5f feat: stabilize context compression and deep-compact flow 2026-04-06 15:12:25 +08:00
7f7a7e9f94 docs: refresh README and guidelines 2025-12-16 18:35:15 +08:00
fea932425a chore: initial import 2025-11-14 16:44:12 +08:00