mirror of
https://github.com/catlog22/Claude-Code-Workflow.git
synced 2026-02-13 02:41:50 +08:00
09d99abee6
* feat(security): Secure dashboard server by default ## Solution Summary - Solution-ID: SOL-DSC-002-1 - Issue-ID: DSC-002 ## Tasks Completed - [T1] JWT token manager (24h expiry, persisted secret/token) - [T2] API auth middleware + localhost token endpoint - [T3] Default bind 127.0.0.1, add --host with warning - [T4] Localhost-only CORS with credentials + Vary - [T5] SECURITY.md documentation + README link ## Verification - npm run build - npm test -- ccw/tests/token-manager.test.ts ccw/tests/middleware.test.ts ccw/tests/server-auth.integration.test.ts ccw/tests/server.test.ts ccw/tests/cors.test.ts * fix(security): Prevent command injection in Windows spawn() ## Solution Summary - **Solution-ID**: SOL-DSC-001-1 - **Issue-ID**: DSC-001 - **Risk/Impact/Complexity**: high/high/medium ## Tasks Completed - [T1] Create Windows shell escape utility - [T2] Escape cli-executor spawn() args on Windows - [T3] Add command injection regression tests ## Files Modified - ccw/src/utils/shell-escape.ts - ccw/src/tools/cli-executor.ts - ccw/tests/shell-escape.test.ts - ccw/tests/security/command-injection.test.ts ## Verification - npm run build - npm test -- ccw/tests/shell-escape.test.ts ccw/tests/security/command-injection.test.ts * fix(security): Harden path validation (DSC-005) ## Solution Summary - Solution-ID: SOL-DSC-005-1 - Issue-ID: DSC-005 ## Tasks Completed - T1: Refactor path validation to pre-resolution checking - T2: Implement allowlist-based path validation - T3: Add path validation to API routes - T4: Add path security regression tests ## Files Modified - ccw/src/utils/path-resolver.ts - ccw/src/utils/path-validator.ts - ccw/src/core/routes/graph-routes.ts - ccw/src/core/routes/files-routes.ts - ccw/src/core/routes/skills-routes.ts - ccw/tests/path-resolver.test.ts - ccw/tests/graph-routes.test.ts - ccw/tests/files-routes.test.ts - ccw/tests/skills-routes.test.ts - ccw/tests/security/path-traversal.test.ts ## Verification - npm run build - npm test -- path-resolver.test.ts - npm test -- path-validator.test.ts - npm test -- graph-routes.test.ts - npm test -- files-routes.test.ts - npm test -- skills-routes.test.ts - npm test -- ccw/tests/security/path-traversal.test.ts * fix(security): Prevent credential leakage (DSC-004) ## Solution Summary - Solution-ID: SOL-DSC-004-1 - Issue-ID: DSC-004 ## Tasks Completed - T1: Create credential handling security tests - T2: Add log sanitization tests - T3: Add env var leakage prevention tests - T4: Add secure storage tests ## Files Modified - ccw/src/config/litellm-api-config-manager.ts - ccw/src/core/routes/litellm-api-routes.ts - ccw/tests/security/credential-handling.test.ts ## Verification - npm run build - node --experimental-strip-types --test ccw/tests/security/credential-handling.test.ts * test(ranking): expand normalize_weights edge case coverage (ISS-1766920108814-0) ## Solution Summary - Solution-ID: SOL-20251228113607 - Issue-ID: ISS-1766920108814-0 ## Tasks Completed - T1: Fix NaN and invalid total handling in normalize_weights - T2: Add unit tests for NaN edge cases in normalize_weights ## Files Modified - codex-lens/tests/test_rrf_fusion.py ## Verification - python -m pytest codex-lens/tests/test_rrf_fusion.py::TestNormalizeBM25Score -v - python -m pytest codex-lens/tests/test_rrf_fusion.py -v -k normalize - python -m pytest codex-lens/tests/test_rrf_fusion.py::TestReciprocalRankFusion::test_weight_normalization codex-lens/tests/test_cli_hybrid_search.py::TestCLIHybridSearch::test_weights_normalization -v * feat(security): Add CSRF protection and tighten CORS (DSC-006) ## Solution Summary - Solution-ID: SOL-DSC-006-1 - Issue-ID: DSC-006 - Risk/Impact/Complexity: high/high/medium ## Tasks Completed - T1: Create CSRF token generation system - T2: Add CSRF token endpoints - T3: Implement CSRF validation middleware - T4: Restrict CORS to trusted origins - T5: Add CSRF security tests ## Files Modified - ccw/src/core/auth/csrf-manager.ts - ccw/src/core/auth/csrf-middleware.ts - ccw/src/core/routes/auth-routes.ts - ccw/src/core/server.ts - ccw/tests/csrf-manager.test.ts - ccw/tests/auth-routes.test.ts - ccw/tests/csrf-middleware.test.ts - ccw/tests/security/csrf.test.ts ## Verification - npm run build - node --experimental-strip-types --test ccw/tests/csrf-manager.test.ts - node --experimental-strip-types --test ccw/tests/auth-routes.test.ts - node --experimental-strip-types --test ccw/tests/csrf-middleware.test.ts - node --experimental-strip-types --test ccw/tests/cors.test.ts - node --experimental-strip-types --test ccw/tests/security/csrf.test.ts * fix(cli-executor): prevent stale SIGKILL timeouts ## Solution Summary - Solution-ID: SOL-DSC-007-1 - Issue-ID: DSC-007 - Risk/Impact/Complexity: low/low/low ## Tasks Completed - [T1] Store timeout handle in killCurrentCliProcess ## Files Modified - ccw/src/tools/cli-executor.ts - ccw/tests/cli-executor-kill.test.ts ## Verification - node --experimental-strip-types --test ccw/tests/cli-executor-kill.test.ts * fix(cli-executor): enhance merge validation guards ## Solution Summary - Solution-ID: SOL-DSC-008-1 - Issue-ID: DSC-008 - Risk/Impact/Complexity: low/low/low ## Tasks Completed - [T1] Enhance sourceConversations array validation ## Files Modified - ccw/src/tools/cli-executor.ts - ccw/tests/cli-executor-merge-validation.test.ts ## Verification - node --experimental-strip-types --test ccw/tests/cli-executor-merge-validation.test.ts * refactor(core): remove @ts-nocheck from core routes ## Solution Summary - Solution-ID: SOL-DSC-003-1 - Issue-ID: DSC-003 - Queue-ID: QUE-20260106-164500 - Item-ID: S-9 ## Tasks Completed - T1: Create shared RouteContext type definition - T2: Remove @ts-nocheck from small route files - T3: Remove @ts-nocheck from medium route files - T4: Remove @ts-nocheck from large route files - T5: Remove @ts-nocheck from remaining core files ## Files Modified - ccw/src/core/dashboard-generator-patch.ts - ccw/src/core/dashboard-generator.ts - ccw/src/core/routes/ccw-routes.ts - ccw/src/core/routes/claude-routes.ts - ccw/src/core/routes/cli-routes.ts - ccw/src/core/routes/codexlens-routes.ts - ccw/src/core/routes/discovery-routes.ts - ccw/src/core/routes/files-routes.ts - ccw/src/core/routes/graph-routes.ts - ccw/src/core/routes/help-routes.ts - ccw/src/core/routes/hooks-routes.ts - ccw/src/core/routes/issue-routes.ts - ccw/src/core/routes/litellm-api-routes.ts - ccw/src/core/routes/litellm-routes.ts - ccw/src/core/routes/mcp-routes.ts - ccw/src/core/routes/mcp-routes.ts.backup - ccw/src/core/routes/mcp-templates-db.ts - ccw/src/core/routes/nav-status-routes.ts - ccw/src/core/routes/rules-routes.ts - ccw/src/core/routes/session-routes.ts - ccw/src/core/routes/skills-routes.ts - ccw/src/core/routes/status-routes.ts - ccw/src/core/routes/system-routes.ts - ccw/src/core/routes/types.ts - ccw/src/core/server.ts - ccw/src/core/websocket.ts ## Verification - npm run build - npm test * refactor: split cli-executor and codexlens routes into modules ## Solution Summary - Solution-ID: SOL-DSC-012-1 - Issue-ID: DSC-012 - Risk/Impact/Complexity: medium/medium/high ## Tasks Completed - [T1] Extract execution orchestration from cli-executor.ts (Refactor ccw/src/tools) - [T2] Extract route handlers from codexlens-routes.ts (Refactor ccw/src/core/routes) - [T3] Extract prompt concatenation logic from cli-executor (Refactor ccw/src/tools) - [T4] Document refactored module architecture (Docs) ## Files Modified - ccw/src/tools/cli-executor.ts - ccw/src/tools/cli-executor-core.ts - ccw/src/tools/cli-executor-utils.ts - ccw/src/tools/cli-executor-state.ts - ccw/src/tools/cli-prompt-builder.ts - ccw/src/tools/README.md - ccw/src/core/routes/codexlens-routes.ts - ccw/src/core/routes/codexlens/config-handlers.ts - ccw/src/core/routes/codexlens/index-handlers.ts - ccw/src/core/routes/codexlens/semantic-handlers.ts - ccw/src/core/routes/codexlens/watcher-handlers.ts - ccw/src/core/routes/codexlens/utils.ts - ccw/src/core/routes/codexlens/README.md ## Verification - npm run build - npm test * test(issue): Add comprehensive issue command tests ## Solution Summary - **Solution-ID**: SOL-DSC-009-1 - **Issue-ID**: DSC-009 - **Risk/Impact/Complexity**: low/high/medium ## Tasks Completed - [T1] Create issue command test file structure: Create isolated test harness - [T2] Add JSONL read/write operation tests: Verify JSONL correctness and errors - [T3] Add issue lifecycle tests: Verify status transitions and timestamps - [T4] Add solution binding tests: Verify binding flows and error cases - [T5] Add queue formation tests: Verify queue creation, IDs, and DAG behavior - [T6] Add queue execution tests: Verify next/done/retry and status sync ## Files Modified - ccw/src/commands/issue.ts - ccw/tests/issue-command.test.ts ## Verification - node --experimental-strip-types --test ccw/tests/issue-command.test.ts * test(routes): Add integration tests for route modules ## Solution Summary - Solution-ID: SOL-DSC-010-1 - Issue-ID: DSC-010 - Queue-ID: QUE-20260106-164500 ## Tasks Completed - [T1] Add tests for ccw-routes.ts - [T2] Add tests for files-routes.ts - [T3] Add tests for claude-routes.ts (includes Windows path fix for create) - [T4] Add tests for issue-routes.ts - [T5] Add tests for help-routes.ts (avoid hanging watchers) - [T6] Add tests for nav-status-routes.ts - [T7] Add tests for hooks/graph/rules/skills/litellm-api routes ## Files Modified - ccw/src/core/routes/claude-routes.ts - ccw/src/core/routes/help-routes.ts - ccw/tests/integration/ccw-routes.test.ts - ccw/tests/integration/claude-routes.test.ts - ccw/tests/integration/files-routes.test.ts - ccw/tests/integration/issue-routes.test.ts - ccw/tests/integration/help-routes.test.ts - ccw/tests/integration/nav-status-routes.test.ts - ccw/tests/integration/hooks-routes.test.ts - ccw/tests/integration/graph-routes.test.ts - ccw/tests/integration/rules-routes.test.ts - ccw/tests/integration/skills-routes.test.ts - ccw/tests/integration/litellm-api-routes.test.ts ## Verification - node --experimental-strip-types --test ccw/tests/integration/ccw-routes.test.ts - node --experimental-strip-types --test ccw/tests/integration/files-routes.test.ts - node --experimental-strip-types --test ccw/tests/integration/claude-routes.test.ts - node --experimental-strip-types --test ccw/tests/integration/issue-routes.test.ts - node --experimental-strip-types --test ccw/tests/integration/help-routes.test.ts - node --experimental-strip-types --test ccw/tests/integration/nav-status-routes.test.ts - node --experimental-strip-types --test ccw/tests/integration/hooks-routes.test.ts - node --experimental-strip-types --test ccw/tests/integration/graph-routes.test.ts - node --experimental-strip-types --test ccw/tests/integration/rules-routes.test.ts - node --experimental-strip-types --test ccw/tests/integration/skills-routes.test.ts - node --experimental-strip-types --test ccw/tests/integration/litellm-api-routes.test.ts * refactor(core): Switch cache and lite scanning to async fs ## Solution Summary - Solution-ID: SOL-DSC-013-1 - Issue-ID: DSC-013 - Queue-ID: QUE-20260106-164500 ## Tasks Completed - [T1] Convert cache-manager.ts to async file operations - [T2] Convert lite-scanner.ts to async file operations - [T3] Update cache-manager call sites to await async API - [T4] Update lite-scanner call sites to await async API ## Files Modified - ccw/src/core/cache-manager.ts - ccw/src/core/lite-scanner.ts - ccw/src/core/data-aggregator.ts ## Verification - npm run build - npm test * fix(exec): Add timeout protection for execSync ## Solution Summary - Solution-ID: SOL-DSC-014-1 - Issue-ID: DSC-014 - Queue-ID: QUE-20260106-164500 ## Tasks Completed - [T1] Add timeout to execSync calls in python-utils.ts - [T2] Add timeout to execSync calls in detect-changed-modules.ts - [T3] Add timeout to execSync calls in claude-freshness.ts - [T4] Add timeout to execSync calls in issue.ts - [T5] Consolidate execSync timeout constants and audit coverage ## Files Modified - ccw/src/utils/exec-constants.ts - ccw/src/utils/python-utils.ts - ccw/src/tools/detect-changed-modules.ts - ccw/src/core/claude-freshness.ts - ccw/src/commands/issue.ts - ccw/src/tools/smart-search.ts - ccw/src/tools/codex-lens.ts - ccw/src/core/routes/codexlens/config-handlers.ts ## Verification - npm run build - npm test - node --experimental-strip-types --test ccw/tests/issue-command.test.ts * feat(cli): Add progress spinner with elapsed time for long-running operations ## Solution Summary - Solution-ID: SOL-DSC-015-1 - Issue-ID: DSC-015 - Queue-Item: S-15 - Risk/Impact/Complexity: low/medium/low ## Tasks Completed - [T1] Add progress spinner to CLI execution: Update ccw/src/commands/cli.ts ## Files Modified - ccw/src/commands/cli.ts - ccw/tests/cli-command.test.ts ## Verification - node --experimental-strip-types --test ccw/tests/cli-command.test.ts - node --experimental-strip-types --test ccw/tests/cli-executor-kill.test.ts - node --experimental-strip-types --test ccw/tests/cli-executor-merge-validation.test.ts * fix(cli): Move full output hint immediately after truncation notice ## Solution Summary - Solution-ID: SOL-DSC-016-1 - Issue-ID: DSC-016 - Queue-Item: S-16 - Risk/Impact/Complexity: low/high/low ## Tasks Completed - [T1] Relocate output hint after truncation: Update ccw/src/commands/cli.ts ## Files Modified - ccw/src/commands/cli.ts - ccw/tests/cli-command.test.ts ## Verification - npm run build - node --experimental-strip-types --test ccw/tests/cli-command.test.ts * feat(cli): Add confirmation prompts for destructive operations ## Solution Summary - Solution-ID: SOL-DSC-017-1 - Issue-ID: DSC-017 - Queue-Item: S-17 - Risk/Impact/Complexity: low/high/low ## Tasks Completed - [T1] Add confirmation to storage clean operations: Update ccw/src/commands/cli.ts - [T2] Add confirmation to issue queue delete: Update ccw/src/commands/issue.ts ## Files Modified - ccw/src/commands/cli.ts - ccw/src/commands/issue.ts - ccw/tests/cli-command.test.ts - ccw/tests/issue-command.test.ts ## Verification - npm run build - node --experimental-strip-types --test ccw/tests/cli-command.test.ts - node --experimental-strip-types --test ccw/tests/issue-command.test.ts * feat(cli): Improve multi-line prompt guidance ## Solution Summary - Solution-ID: SOL-DSC-018-1 - Issue-ID: DSC-018 - Queue-Item: S-18 - Risk/Impact/Complexity: low/medium/low ## Tasks Completed - [T1] Update CLI help to emphasize --file option: Update ccw/src/commands/cli.ts - [T2] Add inline hint for multi-line detection: Update ccw/src/commands/cli.ts ## Files Modified - ccw/src/commands/cli.ts - ccw/tests/cli-command.test.ts ## Verification - npm run build - node --experimental-strip-types --test ccw/tests/cli-command.test.ts --------- Co-authored-by: catlog22 <catlog22@github.com>
439 lines
15 KiB
TypeScript
439 lines
15 KiB
TypeScript
/**
|
|
* Hooks Routes Module
|
|
* Handles all hooks-related API endpoints
|
|
*/
|
|
import { readFileSync, writeFileSync, existsSync, mkdirSync } from 'fs';
|
|
import { join, dirname } from 'path';
|
|
import { homedir } from 'os';
|
|
|
|
import type { RouteContext } from './types.js';
|
|
|
|
interface HooksRouteContext extends RouteContext {
|
|
extractSessionIdFromPath: (filePath: string) => string | null;
|
|
}
|
|
|
|
// ========================================
|
|
// Helper Functions
|
|
// ========================================
|
|
|
|
const GLOBAL_SETTINGS_PATH = join(homedir(), '.claude', 'settings.json');
|
|
|
|
/**
|
|
* Get project settings path
|
|
* @param {string} projectPath
|
|
* @returns {string}
|
|
*/
|
|
function getProjectSettingsPath(projectPath: string): string {
|
|
// path.join automatically handles cross-platform path separators
|
|
return join(projectPath, '.claude', 'settings.json');
|
|
}
|
|
|
|
/**
|
|
* Read settings file safely
|
|
* @param {string} filePath
|
|
* @returns {Object}
|
|
*/
|
|
function readSettingsFile(filePath: string): Record<string, unknown> {
|
|
try {
|
|
if (!existsSync(filePath)) {
|
|
return {};
|
|
}
|
|
const content = readFileSync(filePath, 'utf8');
|
|
return JSON.parse(content);
|
|
} catch (error: unknown) {
|
|
console.error(`Error reading settings file ${filePath}:`, error);
|
|
return {};
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Get hooks configuration from global and project settings
|
|
* @param {string} projectPath
|
|
* @returns {Object}
|
|
*/
|
|
function getHooksConfig(projectPath: string): { global: { path: string; hooks: unknown }; project: { path: string | null; hooks: unknown } } {
|
|
const globalSettings = readSettingsFile(GLOBAL_SETTINGS_PATH);
|
|
const projectSettingsPath = projectPath ? getProjectSettingsPath(projectPath) : null;
|
|
const projectSettings = projectSettingsPath ? readSettingsFile(projectSettingsPath) : {};
|
|
|
|
return {
|
|
global: {
|
|
path: GLOBAL_SETTINGS_PATH,
|
|
hooks: (globalSettings as { hooks?: unknown }).hooks || {}
|
|
},
|
|
project: {
|
|
path: projectSettingsPath,
|
|
hooks: (projectSettings as { hooks?: unknown }).hooks || {}
|
|
}
|
|
};
|
|
}
|
|
|
|
/**
|
|
* Save a hook to settings file
|
|
* @param {string} projectPath
|
|
* @param {string} scope - 'global' or 'project'
|
|
* @param {string} event - Hook event type
|
|
* @param {Object} hookData - Hook configuration
|
|
* @returns {Object}
|
|
*/
|
|
function saveHookToSettings(
|
|
projectPath: string,
|
|
scope: 'global' | 'project',
|
|
event: string,
|
|
hookData: Record<string, unknown> & { replaceIndex?: unknown }
|
|
): Record<string, unknown> {
|
|
try {
|
|
const filePath = scope === 'global' ? GLOBAL_SETTINGS_PATH : getProjectSettingsPath(projectPath);
|
|
const settings = readSettingsFile(filePath) as Record<string, unknown> & { hooks?: Record<string, unknown> };
|
|
|
|
// Ensure hooks object exists
|
|
settings.hooks = settings.hooks || {};
|
|
|
|
// Ensure the event array exists
|
|
if (!settings.hooks[event]) {
|
|
settings.hooks[event] = [];
|
|
}
|
|
|
|
// Ensure it's an array
|
|
if (!Array.isArray(settings.hooks[event])) {
|
|
settings.hooks[event] = [settings.hooks[event]];
|
|
}
|
|
|
|
// Check if we're replacing an existing hook
|
|
if (typeof hookData.replaceIndex === 'number') {
|
|
const index = hookData.replaceIndex;
|
|
delete hookData.replaceIndex;
|
|
const hooksForEvent = settings.hooks[event] as unknown[];
|
|
if (index >= 0 && index < hooksForEvent.length) {
|
|
hooksForEvent[index] = hookData;
|
|
}
|
|
} else {
|
|
// Add new hook
|
|
(settings.hooks[event] as unknown[]).push(hookData);
|
|
}
|
|
|
|
// Ensure directory exists and write file
|
|
const dirPath = dirname(filePath);
|
|
if (!existsSync(dirPath)) {
|
|
mkdirSync(dirPath, { recursive: true });
|
|
}
|
|
writeFileSync(filePath, JSON.stringify(settings, null, 2), 'utf8');
|
|
|
|
return {
|
|
success: true,
|
|
event,
|
|
hookData
|
|
};
|
|
} catch (error: unknown) {
|
|
console.error('Error saving hook:', error);
|
|
return { error: (error as Error).message };
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Delete a hook from settings file
|
|
* @param {string} projectPath
|
|
* @param {string} scope - 'global' or 'project'
|
|
* @param {string} event - Hook event type
|
|
* @param {number} hookIndex - Index of hook to delete
|
|
* @returns {Object}
|
|
*/
|
|
function deleteHookFromSettings(
|
|
projectPath: string,
|
|
scope: 'global' | 'project',
|
|
event: string,
|
|
hookIndex: number
|
|
): Record<string, unknown> {
|
|
try {
|
|
const filePath = scope === 'global' ? GLOBAL_SETTINGS_PATH : getProjectSettingsPath(projectPath);
|
|
const settings = readSettingsFile(filePath) as Record<string, unknown> & { hooks?: Record<string, unknown> };
|
|
|
|
if (!settings.hooks || !settings.hooks[event]) {
|
|
return { error: 'Hook not found' };
|
|
}
|
|
|
|
// Ensure it's an array
|
|
if (!Array.isArray(settings.hooks[event])) {
|
|
settings.hooks[event] = [settings.hooks[event]];
|
|
}
|
|
|
|
const hooksForEvent = settings.hooks[event] as unknown[];
|
|
|
|
if (hookIndex < 0 || hookIndex >= hooksForEvent.length) {
|
|
return { error: 'Invalid hook index' };
|
|
}
|
|
|
|
// Remove the hook
|
|
hooksForEvent.splice(hookIndex, 1);
|
|
|
|
// Remove empty event arrays
|
|
if (hooksForEvent.length === 0) {
|
|
delete settings.hooks[event];
|
|
}
|
|
|
|
writeFileSync(filePath, JSON.stringify(settings, null, 2), 'utf8');
|
|
|
|
return {
|
|
success: true,
|
|
event,
|
|
hookIndex
|
|
};
|
|
} catch (error: unknown) {
|
|
console.error('Error deleting hook:', error);
|
|
return { error: (error as Error).message };
|
|
}
|
|
}
|
|
|
|
// ========================================
|
|
// Session State Tracking
|
|
// ========================================
|
|
// NOTE: Session state is managed by the CLI command (src/commands/hook.ts)
|
|
// using file-based persistence (~/.claude/.ccw-sessions/).
|
|
// This ensures consistent state tracking across all invocation methods.
|
|
// The /api/hook endpoint delegates to SessionClusteringService without
|
|
// managing its own state, as the authoritative state lives in the CLI layer.
|
|
|
|
// ========================================
|
|
// Route Handler
|
|
// ========================================
|
|
|
|
/**
|
|
* Handle hooks routes
|
|
* @returns true if route was handled, false otherwise
|
|
*/
|
|
export async function handleHooksRoutes(ctx: HooksRouteContext): Promise<boolean> {
|
|
const { pathname, url, req, res, initialPath, handlePostRequest, broadcastToClients, extractSessionIdFromPath } = ctx;
|
|
|
|
// API: Hook endpoint for Claude Code notifications
|
|
if (pathname === '/api/hook' && req.method === 'POST') {
|
|
handlePostRequest(req, res, async (body) => {
|
|
if (typeof body !== 'object' || body === null) {
|
|
return { error: 'Invalid request body', status: 400 };
|
|
}
|
|
|
|
const payload = body as Record<string, unknown>;
|
|
const type = payload.type;
|
|
const filePath = payload.filePath;
|
|
const sessionId = payload.sessionId;
|
|
const extraData: Record<string, unknown> = { ...payload };
|
|
delete extraData.type;
|
|
delete extraData.filePath;
|
|
delete extraData.sessionId;
|
|
|
|
// Determine session ID from file path if not provided
|
|
let resolvedSessionId = typeof sessionId === 'string' ? sessionId : undefined;
|
|
if (!resolvedSessionId && typeof filePath === 'string') {
|
|
resolvedSessionId = extractSessionIdFromPath(filePath) ?? undefined;
|
|
}
|
|
|
|
// Handle context hooks (session-start, context)
|
|
if (type === 'session-start' || type === 'context') {
|
|
try {
|
|
const projectPath = url.searchParams.get('path') || initialPath;
|
|
const { SessionClusteringService } = await import('../session-clustering-service.js');
|
|
const clusteringService = new SessionClusteringService(projectPath);
|
|
|
|
const format = url.searchParams.get('format') || 'markdown';
|
|
|
|
// Pass type and prompt to getProgressiveIndex
|
|
// session-start: returns recent sessions by time
|
|
// context: returns intent-matched sessions based on prompt
|
|
const index = await clusteringService.getProgressiveIndex({
|
|
type: type as 'session-start' | 'context',
|
|
sessionId: resolvedSessionId,
|
|
prompt: typeof extraData.prompt === 'string' ? extraData.prompt : undefined // Pass user prompt for intent matching
|
|
});
|
|
|
|
// Return context directly
|
|
return {
|
|
success: true,
|
|
type: 'context',
|
|
format,
|
|
content: index,
|
|
sessionId: resolvedSessionId
|
|
};
|
|
} catch (error) {
|
|
console.error('[Hooks] Failed to generate context:', error);
|
|
// Return empty content on failure (fail silently)
|
|
return {
|
|
success: true,
|
|
type: 'context',
|
|
format: 'markdown',
|
|
content: '',
|
|
sessionId: resolvedSessionId,
|
|
error: (error as Error).message
|
|
};
|
|
}
|
|
}
|
|
|
|
// Broadcast to all connected WebSocket clients
|
|
const notification = {
|
|
type: typeof type === 'string' && type.trim().length > 0 ? type : 'session_updated',
|
|
payload: {
|
|
sessionId: resolvedSessionId,
|
|
filePath: typeof filePath === 'string' ? filePath : undefined,
|
|
timestamp: new Date().toISOString(),
|
|
...extraData // Pass through toolName, status, result, params, error, etc.
|
|
}
|
|
};
|
|
|
|
broadcastToClients(notification);
|
|
|
|
return { success: true, notification };
|
|
});
|
|
return true;
|
|
}
|
|
|
|
// API: Unified Session Context endpoint (Progressive Disclosure)
|
|
// DEPRECATED: Use CLI command `ccw hook session-context --stdin` instead.
|
|
// This endpoint now uses file-based state (shared with CLI) for consistency.
|
|
// - First prompt: returns cluster-based session overview
|
|
// - Subsequent prompts: returns intent-matched sessions based on prompt
|
|
if (pathname === '/api/hook/session-context' && req.method === 'POST') {
|
|
handlePostRequest(req, res, async (body) => {
|
|
const { sessionId, prompt } = body as { sessionId?: string; prompt?: string };
|
|
|
|
if (!sessionId) {
|
|
return {
|
|
success: true,
|
|
content: '',
|
|
error: 'sessionId is required'
|
|
};
|
|
}
|
|
|
|
try {
|
|
const projectPath = url.searchParams.get('path') || initialPath;
|
|
const { SessionClusteringService } = await import('../session-clustering-service.js');
|
|
const clusteringService = new SessionClusteringService(projectPath);
|
|
|
|
// Use file-based session state (shared with CLI hook.ts)
|
|
const sessionStateDir = join(homedir(), '.claude', '.ccw-sessions');
|
|
const sessionStateFile = join(sessionStateDir, `session-${sessionId}.json`);
|
|
|
|
let existingState: { firstLoad: string; loadCount: number; lastPrompt?: string } | null = null;
|
|
if (existsSync(sessionStateFile)) {
|
|
try {
|
|
existingState = JSON.parse(readFileSync(sessionStateFile, 'utf-8'));
|
|
} catch {
|
|
existingState = null;
|
|
}
|
|
}
|
|
|
|
const isFirstPrompt = !existingState;
|
|
|
|
// Update session state (file-based)
|
|
const newState = isFirstPrompt
|
|
? { firstLoad: new Date().toISOString(), loadCount: 1, lastPrompt: prompt }
|
|
: { ...existingState!, loadCount: existingState!.loadCount + 1, lastPrompt: prompt };
|
|
|
|
if (!existsSync(sessionStateDir)) {
|
|
mkdirSync(sessionStateDir, { recursive: true });
|
|
}
|
|
writeFileSync(sessionStateFile, JSON.stringify(newState, null, 2));
|
|
|
|
// Determine which type of context to return
|
|
let contextType: 'session-start' | 'context';
|
|
let content: string;
|
|
|
|
if (isFirstPrompt) {
|
|
// First prompt: return session overview with clusters
|
|
contextType = 'session-start';
|
|
content = await clusteringService.getProgressiveIndex({
|
|
type: 'session-start',
|
|
sessionId
|
|
});
|
|
} else if (prompt && prompt.trim().length > 0) {
|
|
// Subsequent prompts with content: return intent-matched sessions
|
|
contextType = 'context';
|
|
content = await clusteringService.getProgressiveIndex({
|
|
type: 'context',
|
|
sessionId,
|
|
prompt
|
|
});
|
|
} else {
|
|
// Subsequent prompts without content: return minimal context
|
|
contextType = 'context';
|
|
content = ''; // No context needed for empty prompts
|
|
}
|
|
|
|
return {
|
|
success: true,
|
|
type: contextType,
|
|
isFirstPrompt,
|
|
loadCount: newState.loadCount,
|
|
content,
|
|
sessionId
|
|
};
|
|
} catch (error) {
|
|
console.error('[Hooks] Failed to generate session context:', error);
|
|
return {
|
|
success: true,
|
|
content: '',
|
|
sessionId,
|
|
error: (error as Error).message
|
|
};
|
|
}
|
|
});
|
|
return true;
|
|
}
|
|
|
|
// API: Get hooks configuration
|
|
if (pathname === '/api/hooks' && req.method === 'GET') {
|
|
const projectPathParam = url.searchParams.get('path');
|
|
const hooksData = getHooksConfig(projectPathParam || initialPath);
|
|
res.writeHead(200, { 'Content-Type': 'application/json' });
|
|
res.end(JSON.stringify(hooksData));
|
|
return true;
|
|
}
|
|
|
|
// API: Save hook
|
|
if (pathname === '/api/hooks' && req.method === 'POST') {
|
|
handlePostRequest(req, res, async (body) => {
|
|
if (typeof body !== 'object' || body === null) {
|
|
return { error: 'Invalid request body', status: 400 };
|
|
}
|
|
|
|
const { projectPath, scope, event, hookData } = body as {
|
|
projectPath?: unknown;
|
|
scope?: unknown;
|
|
event?: unknown;
|
|
hookData?: unknown;
|
|
};
|
|
|
|
if ((scope !== 'global' && scope !== 'project') || typeof event !== 'string' || typeof hookData !== 'object' || hookData === null) {
|
|
return { error: 'scope, event, and hookData are required', status: 400 };
|
|
}
|
|
|
|
const resolvedProjectPath = typeof projectPath === 'string' && projectPath.trim().length > 0 ? projectPath : initialPath;
|
|
return saveHookToSettings(resolvedProjectPath, scope, event, hookData as Record<string, unknown>);
|
|
});
|
|
return true;
|
|
}
|
|
|
|
// API: Delete hook
|
|
if (pathname === '/api/hooks' && req.method === 'DELETE') {
|
|
handlePostRequest(req, res, async (body) => {
|
|
if (typeof body !== 'object' || body === null) {
|
|
return { error: 'Invalid request body', status: 400 };
|
|
}
|
|
|
|
const { projectPath, scope, event, hookIndex } = body as {
|
|
projectPath?: unknown;
|
|
scope?: unknown;
|
|
event?: unknown;
|
|
hookIndex?: unknown;
|
|
};
|
|
|
|
if ((scope !== 'global' && scope !== 'project') || typeof event !== 'string' || typeof hookIndex !== 'number') {
|
|
return { error: 'scope, event, and hookIndex are required', status: 400 };
|
|
}
|
|
|
|
const resolvedProjectPath = typeof projectPath === 'string' && projectPath.trim().length > 0 ? projectPath : initialPath;
|
|
return deleteHookFromSettings(resolvedProjectPath, scope, event, hookIndex);
|
|
});
|
|
return true;
|
|
}
|
|
|
|
return false;
|
|
}
|