424 Commits

Author SHA1 Message Date
程序员阿江(Relakkes)
d1219b9682 Broaden live agent baseline beyond toy edits
The first quality gate proved the execution path, but two tiny fixtures were not enough to reveal regressions in real agent behavior. This expands the maintained baseline with deeper failure recovery, workspace search, artifact creation, and cross-module refactor cases, and records per-case diffs so reviewers can see exactly what each model changed.

Constraint: Baseline runs must remain explicit maintainer-controlled live checks, not default PR checks.

Rejected: Require models to edit tests in every contract-change case | correct fixes can satisfy prewritten acceptance tests without modifying tests.

Rejected: Trust only command exit codes | passing tests alone does not show whether the agent edited forbidden or unrelated files.

Confidence: high

Scope-risk: moderate

Directive: Keep live baseline cases product-shaped and inspect both verification output and diff.patch before accepting future fixture changes.

Tested: bun test scripts/quality-gate/*.test.ts scripts/quality-gate/baseline/*.test.ts

Tested: bun run quality:gate --mode baseline --dry-run --provider-model volc-kimi-k2.6 --provider-model minimax-m2.7

Tested: bun run quality:gate --mode baseline --allow-live --provider-model volc-kimi-k2.6 --provider-model minimax-m2.7 (14 passed, 0 failed)

Not-tested: Desktop UI browser smoke and native Tauri release packaging remain outside this baseline expansion.
2026-05-02 13:22:55 +08:00
程序员阿江(Relakkes)
f6511ab278 Protect release confidence with live agent baselines
The desktop product needs a repeatable local gate that can prove the core Coding Agent loop still works after changes, not only that unit tests pass. This adds a quality-gate runner with PR, baseline, and release modes, structured reports, explicit quarantine metadata, and fixture-based live baseline cases that can run across provider/model targets.

Constraint: Existing check:pr and CI policy behavior must remain usable while the stronger baseline grows around it
Constraint: Default PR gates must not require real model credentials or provider quota
Rejected: Build a standalone QA platform first | too heavy before the baseline task shape is proven
Rejected: Keep unstable server exclusions hardcoded in run-server-tests | hides quarantine policy from reports and future review
Confidence: medium
Scope-risk: moderate
Directive: Expand baseline cases by adding focused fixtures and verifiers; do not make normal PR checks depend on live providers
Tested: bun test scripts/quality-gate/*.test.ts scripts/quality-gate/baseline/*.test.ts
Tested: bun run check:server
Tested: bun run quality:gate --mode baseline --allow-live --provider-model 2944f963-ce75-45b7-bac1-6e4f57df0970:kimi-k2.6:volc-kimi-k2.6 --provider-model 9c78d3df-7fb5-44c7-8436-3a41c3a59231:MiniMax-M2.7-highspeed:minimax-m2.7
Not-tested: desktop UI browser smoke and native release mode in this commit
2026-05-02 13:00:55 +08:00
程序员阿江(Relakkes)
b86c7f1ea2 Merge verified DeepSeek provider fix into main
The fix was developed and UI-verified in a detached Codex worktree, then merged locally so main carries the same tested request-shape behavior.

Constraint: User requested local main integration without pushing

Confidence: high

Scope-risk: narrow

Tested: git status before merge was clean

Tested: merged commit verification retained in history

Not-tested: Post-merge full suite
2026-05-02 12:00:35 +08:00
程序员阿江(Relakkes)
a5986eca7e Prevent DeepSeek disabled-thinking effort conflicts
DeepSeek-compatible Anthropic endpoints reject requests that combine an explicit disabled-thinking block with an effort value. The desktop UI can create that shape when users disable thinking and keep medium effort selected, so the request builder now omits effort whenever it will send explicit disabled thinking.

Constraint: DeepSeek-compatible Anthropic endpoints reject disabled thinking with effort

Rejected: Only patch Desktop provider settings | hidden title and side request paths still share the request builder

Confidence: high

Scope-risk: narrow

Directive: Keep explicit disabled-thinking providers from sending effort unless the upstream contract changes

Tested: UI repro on pre-fix DeepSeek provider path reproduced the 400

Tested: desktop/scripts/e2e-deepseek-thinking-ui-agent-browser.sh

Tested: bun test src/utils/__tests__/thinking.test.ts src/server/__tests__/provider-presets.test.ts src/server/__tests__/title-service.test.ts

Tested: git diff --check

Not-tested: Real DeepSeek API key live call
2026-05-02 12:00:22 +08:00
程序员阿江(Relakkes)
48e37be013 Merge branch 'fix/dark-inspector-theme' 2026-05-02 11:46:50 +08:00
程序员阿江(Relakkes)
1d4d87a55e fix: Prevent light inspector panels in dark theme
The session inspector reused a one-off light palette, so /status, /cost,
and /context could render bright panels inside the dark desktop shell.
This moves the inspector and MCP switch control onto theme-scoped tokens
while preserving the existing light-theme look.

Constraint: Desktop dark mode must keep the existing surface hierarchy and avoid changing global brand colors.
Rejected: Recolor the shared Material palette | too broad for a component-specific regression.
Confidence: high
Scope-risk: narrow
Directive: Keep slash inspector surfaces on semantic theme tokens; do not reintroduce fixed light hex classes.
Tested: cd desktop && bun run lint
Tested: cd desktop && bun run test src/__tests__/pages.test.tsx src/__tests__/mcpSettings.test.tsx
Tested: cd desktop && bun run build
Tested: agent-browser screenshots for /status, /usage, /context, and MCP settings on http://127.0.0.1:5184/
2026-05-02 11:46:42 +08:00
程序员阿江-Relakkes
8224efd018
Merge pull request #249 from NanmiCoder/feat/pr-quality-gates
Add scoped PR quality gates
2026-05-02 11:39:37 +08:00
程序员阿江(Relakkes)
fdf5fe2653 Protect PR merges with scoped quality gates
Pull requests need a deterministic way to show changed areas, required checks, missing-test signals, and CLI-core risk before review. This adds a path-based policy gate, local impact reporting, PR triage labels/comments, and reusable check scripts so reviewers can evaluate blast radius without trusting contributor claims.

Constraint: CLI core should remain effectively frozen unless a maintainer explicitly overrides it.
Constraint: Default PR checks must be safe for external forks and avoid live model/provider calls.
Rejected: Run live provider tests on every PR | secrets, cost, network, and vendor instability would make the gate noisy and unsafe.
Rejected: Use Dosu as the merge gate | AI review is useful for risk explanation, but deterministic Actions must own blocking checks.
Confidence: high
Scope-risk: moderate
Directive: Keep real model/provider smoke tests in maintainer-controlled workflows; do not make them required for untrusted PRs.
Tested: bun run check:impact
Tested: bun run check:policy
Tested: ruby YAML parse for PR workflows
Tested: git diff --check
Tested: bun run check:native
Tested: npm run docs:build
Tested: bun run scripts/pr/run-server-tests.ts
Tested: bun run check:adapters
Tested: bun run check:desktop
Not-tested: GitHub-hosted pull_request_target label/comment execution before opening this PR
2026-05-02 11:01:07 +08:00
程序员阿江(Relakkes)
c13fa75c3b Keep v0.1.9 release builds on a compatible Tauri stack
The release script regenerated Cargo.lock after Tauri 2.11 became available, while the desktop Bun lock still resolves @tauri-apps/api and CLI to 2.10.1. Tauri's build preflight rejects that major/minor mismatch on every platform, so the Rust Tauri release stack is now pinned to the 2.10 combination already used by the previous successful release.

Constraint: v0.1.9 must keep the existing desktop Bun lock and JS Tauri packages at 2.10.1
Constraint: scripts/release.ts runs cargo generate-lockfile during release preparation
Rejected: Upgrade JS @tauri-apps packages during the release fix | larger dependency surface and unnecessary for the failed workflow
Rejected: Pin only the tauri crate | cargo still selected tauri-runtime 2.11.0, causing Rust API type mismatches
Confidence: high
Scope-risk: narrow
Directive: Keep Rust and JS Tauri major/minor versions aligned before moving release tags
Tested: gh run view 25217609687 --log-failed
Tested: cd desktop/src-tauri && cargo generate-lockfile
Tested: cd desktop && bunx tauri build --target aarch64-apple-darwin --config src-tauri/tauri.release-ci.json --no-bundle
Tested: cd desktop/src-tauri && cargo check
Not-tested: Full GitHub Actions matrix after retag
v0.1.9
2026-05-01 22:26:18 +08:00
程序员阿江(Relakkes)
388c80a962 Prepare v0.1.9 for desktop release
The release collects the post-v0.1.8 desktop workspace manager work, provider compatibility fixes, WebSearch fallback support, and desktop lifecycle hardening into a tagged GitHub Actions release.

Constraint: GitHub Release body is sourced from release-notes/v0.1.9.md in the tagged commit
Constraint: The release script owns version bumps for desktop/package.json, Tauri config, Cargo.toml, and Cargo.lock
Rejected: Push the script-generated generic release commit | it would violate the repository Lore commit protocol
Confidence: high
Scope-risk: narrow
Directive: Do not move v0.1.9 without rerunning the release preflight and verifying the tag commit contains release-notes/v0.1.9.md
Tested: bun run scripts/release.ts 0.1.9 --dry
Tested: bun run scripts/release.ts 0.1.9
Tested: cd desktop/src-tauri && cargo check
Not-tested: GitHub Actions release workflow before tag push
2026-05-01 22:13:49 +08:00
Relakkes Yang
465e043563 fix: hide blank assistant message bubbles 2026-05-01 22:09:55 +08:00
Relakkes Yang
74766d8880 chore: ignore .codex-logs directory 2026-05-01 22:01:34 +08:00
程序员阿江(Relakkes)
103a6cc42b fix: restore per-turn changed file cards
The chat timeline lost per-turn changed file cards when the visible user message ids did not match persisted transcript ids, and sessions without SDK file-history snapshots had no fallback source for turn changes. Match live cards by stable user-message index when needed and derive checkpoint previews from transcript tool calls when snapshots are absent.

Constraint: Right-side workspace changes already derive from transcript tool calls, so chat checkpoint data must remain consistent with that source.
Rejected: Force a history reload after every turn | would hide the id mismatch but add churn and still not cover transcript-only sessions.
Confidence: high
Scope-risk: moderate
Directive: Keep snapshot checkpoints as the preferred source, and use transcript extraction only as the compatibility fallback.
Tested: bun test src/server/__tests__/sessions.test.ts
Tested: bun test src/server/__tests__/workspace-service.test.ts
Tested: cd desktop && bun run test src/components/chat/MessageList.test.tsx
Tested: cd desktop && bun run lint
Tested: cd desktop && bun run test
Tested: git diff --check
Not-tested: Browser E2E against a live model session.
2026-05-01 21:43:17 +08:00
程序员阿江(Relakkes)
f5cf5932b4 fix: keep workspace changes and session checkpoints reliable
The desktop workspace panel and chat transcript were mixing project-level file state with per-turn session history, which made rewind, file attachment, and changed-file previews brittle across multi-turn and historical sessions. This keeps turn checkpoints durable in the transcript, makes workspace refreshes happen at the right lifecycle points, and hardens long file previews without blocking the UI.

Constraint: Right-side workspace changes are project working-tree state, while chat turn cards are session checkpoint state.
Rejected: Treat every changed-file panel entry as session-local | new sessions must still reveal existing dirty project files.
Confidence: high
Scope-risk: moderate
Directive: Do not couple global workspace status to session checkpoint cards without preserving both product meanings.
Tested: cd desktop && bun run test src/components/workspace/WorkspacePanel.test.tsx
Tested: cd desktop && bun run lint
Tested: git diff --check
Tested: cd desktop && bun run test
Not-tested: Packaged Tauri runtime smoke test
2026-05-01 20:53:04 +08:00
程序员阿江(Relakkes)
e6378af234 fix: prevent WebSearch save button wrapping
The WebSearch settings footer placed explanatory copy and the save action in one flex row. On narrower dark-mode layouts, the long localized hint could squeeze the button enough for Chinese text to wrap vertically.

Move the action onto its own right-aligned row and give the button a stable minimum width so the layout remains readable across localized settings screens.

Constraint: Settings screen must support Chinese dark-mode copy without vertical button text.
Rejected: Only widening the button in the same flex row | the hint text can still consume the row and compress the action.
Confidence: high
Scope-risk: narrow
Directive: Keep localized action buttons out of compressible text rows unless the container has explicit width guarantees.
Tested: cd desktop && bun run lint
Tested: agent-browser visual check in light and dark settings pages
2026-05-01 20:42:44 +08:00
程序员阿江(Relakkes)
3e62c15406 fix: expose desktop workspace tools from the start screen
The desktop start screen can already collect a project directory before the first chat turn, but workspace management is intentionally session-scoped. Creating a draft session immediately after project selection keeps the file manager, changed-file view, runtime selection, and terminal toolbar on the same path users see after sending the first message.

Constraint: Workspace file management state is keyed by session id.
Rejected: Add a separate non-session workspace mode | it would duplicate panel state and create a second lifecycle to maintain.
Confidence: high
Scope-risk: narrow
Directive: Keep workspace management session-scoped; create or reuse a session before exposing the workspace panel.
Tested: cd desktop && bun run test -- TabBar.test.tsx EmptySession.test.tsx
Tested: cd desktop && bun run lint
Tested: cd desktop && bun run build
Not-tested: Native Tauri folder dialog manual smoke test.
2026-05-01 17:30:28 +08:00
程序员阿江(Relakkes)
10b974dac3 Merge commit 'df52bea0d0cb5889f9c5e324c54f2bdce9e30378' 2026-05-01 17:19:31 +08:00
程序员阿江(Relakkes)
3a6bad0e03 fix: keep WebSearch usable across third-party models
Native Anthropic web search is only reliable for Claude-family model names,
while many configured providers either do not implement the server tool schema
or reject it through proxy layers. This routes WebSearch through a single
resolver, adds Tavily and Brave fallbacks, and exposes provider key setup in
the desktop settings page.

Constraint: Third-party Anthropic-compatible endpoints may reject web_search_20250305 even when the model name is Claude-like
Constraint: Non-Claude models still need a usable WebSearch path when users configure an external search provider
Rejected: Gate native WebSearch by base URL | third-party Claude proxies can support it and official-looking URLs are not the real capability boundary
Rejected: Always expose Anthropic native WebSearch | unsupported providers loop on schema or tool errors
Confidence: high
Scope-risk: moderate
Directive: Keep WebSearch capability resolution centralized in WebSearchTool/backend.ts before adding more search providers
Tested: bun test src/tools/WebSearchTool/backend.test.ts
Tested: cd desktop && bun run test -- generalSettings.test.tsx
Tested: cd desktop && bun run lint
Tested: cd desktop && bun run build
Tested: agent-browser Settings E2E for Tavily/Brave links and settings persistence
Tested: live Tavily and Brave fallback searches returned results using transient keys
Not-tested: automatic LLM decision to invoke WebSearch end-to-end against a paid model session
2026-05-01 10:14:02 +08:00
程序员阿江(Relakkes)
9ecc178c7a fix: prevent third-party thinking mode mismatches
Desktop users can now disable thinking for new sessions, and Anthropic-compatible providers that opt in receive explicit disabled-thinking requests across main turns, side queries, and AI title generation.

Constraint: DeepSeek/Kimi/GLM Anthropic-compatible endpoints need a non-thinking path without scattering provider-specific logic through the CLI.
Rejected: Per-model if/else branches | centralized provider preset env keeps the native CLI surface smaller and easier to audit.
Confidence: high
Scope-risk: moderate
Tested: bun test src/utils/__tests__/thinking.test.ts src/server/__tests__/title-service.test.ts src/server/__tests__/provider-presets.test.ts src/server/__tests__/conversations.test.ts
Tested: cd desktop && bun run test -- generalSettings.test.tsx
Tested: cd desktop && bun run lint
Tested: cd desktop && bun run build
Tested: agent-browser DeepSeek desktop E2E with transparent proxy captured main and title requests with thinking.type=disabled
2026-05-01 10:13:10 +08:00
程序员阿江(Relakkes)
df52bea0d0 Merge branch 'main' into HEAD 2026-05-01 00:23:36 +08:00
程序员阿江(Relakkes)
dcf844b7e7 fix: keep old desktop sessions usable after provider changes
Desktop sessions can carry persisted runtime provider selections long after the provider index changes. The server now validates those session-level and active provider ids before launching the CLI, falls back to a valid default path, and includes non-secret launch diagnostics in startup failure messages so future issue reports expose the server-side context.

Constraint: Desktop users often report only the visible chat error, not sidecar console logs
Rejected: Frontend-only cleanup of stale localStorage selections | does not protect API or reconnect paths and loses server-side evidence
Confidence: high
Scope-risk: narrow
Directive: Do not pass session-scoped provider ids into CLI startup without validating they still exist in providers.json
Tested: bun test src/server/__tests__/conversations.test.ts
Tested: bun test src/server/__tests__/providers.test.ts
Tested: bun test src/server/__tests__/conversation-service.test.ts
2026-05-01 00:10:00 +08:00
程序员阿江(Relakkes)
8ef169d693 fix: increase desktop macOS icon footprint
The macOS icon rendered smaller than neighboring Dock icons because the
source artwork left a 120px margin on the 1024px canvas. Scale the macOS
source to the expected 96px margin and regenerate the Tauri icon set so
bundled app assets stay in sync.

Constraint: macOS source artwork should fit a 1024px canvas with 96px icon spacing
Rejected: Adjust only the Dock screenshot or public preview asset | packaged icon.icns would remain undersized
Confidence: high
Scope-risk: narrow
Directive: Regenerate desktop/src-tauri/icons when changing app-icon-macos.svg
Tested: cd desktop && bun run lint
Tested: icon.icns expanded 1024px image reports 96px margins on all sides
Not-tested: Full macOS app rebuild
2026-05-01 00:09:53 +08:00
程序员阿江(Relakkes)
41a1a30de8 fix: preserve desktop window placement across restarts
Windows users reported that the desktop window lost its size and position after restarting, and hidden windows could behave inconsistently when restored from taskbar/tray interactions. The Tauri shell now records the main window bounds in the app config directory, restores them on startup, and skips stale off-screen states when monitor layouts change.

Constraint: Avoid new dependencies for window state persistence
Constraint: Preserve existing hide-to-tray behavior for the main window
Rejected: Add tauri-plugin-window-state | larger dependency surface for one small main-window state file
Confidence: medium
Scope-risk: moderate
Directive: Keep monitor visibility checks when changing restore behavior so external-display removal does not strand the window off-screen
Tested: cargo test
Tested: cd desktop && bun run lint
Tested: cd desktop && bun run build
Not-tested: Windows taskbar manual reproduction; current machine is macOS
Not-tested: cd desktop && bun run test fails in existing frontend locale assertions unrelated to this Tauri change
2026-05-01 00:07:35 +08:00
程序员阿江(Relakkes)
80aca8c176 feat: 让工作区文件引用成为可回滚的聊天上下文
桌面端的工作区文件面板现在可以把文件或局部评论加入聊天,发送给 CLI 的内容保持为原生 @文件路径引用,聊天界面则保留用户可读的文件 chip。为了让本轮变更卡片和 checkpoint 回滚继续可靠,UI 消息会同时保存用于展示的内容和实际发给模型的 modelContent;历史转录里的 @文件路径也会在重载时还原成附件 chip。

Constraint: CLI 侧最稳定的文件上下文入口仍是原生 @文件路径
Constraint: 聊天 UI 不能把绝对路径裸露成用户消息正文
Rejected: 只发送隐藏提示文本 | CLI 对 @文件路径已有稳定读取行为
Rejected: 只依赖前端展示内容做回滚校验 | 会和真实转录内容不一致
Confidence: high
Scope-risk: moderate
Directive: 修改附件展示或回滚校验时必须同时验证 modelContent 与 UI content 的分离
Tested: cd desktop && bun run test -- src/stores/chatStore.test.ts src/components/chat/MessageList.test.tsx src/stores/workspaceChatContextStore.test.ts src/components/workspace/WorkspacePanel.test.tsx
Tested: cd desktop && bun run lint
Tested: cd desktop && bun run build
Tested: SKIP_INSTALL=1 ./desktop/scripts/build-macos-arm64.sh
Tested: codesign --verify --deep --strict --verbose=2 desktop/build-artifacts/macos-arm64/Claude\ Code\ Haha.app
Tested: hdiutil verify desktop/build-artifacts/macos-arm64/Claude\ Code\ Haha_0.1.8_aarch64.dmg
Tested: Computer Use macOS run with /private/tmp/cc-haha-computer-use-e2e verified file chip, @path model input, model sentinel response, workspace preview interactions
Not-tested: Deep unloaded-folder fuzzy search in all-files view
2026-05-01 00:00:32 +08:00
程序员阿江(Relakkes)
ba8c6b8828 fix: default empty workspace changes to file tree
The workspace panel now treats an empty changed-files status as a browsing case, so opening the panel shows the project tree instead of an empty changed-files view. The panel header controls were also reduced to keep the right workspace rail visually proportional in compact layouts.

Constraint: Users still need to manually inspect the empty changed-files view when they explicitly choose it.
Rejected: Always render the empty changed-files state | it makes the opened workspace feel broken when no files changed.
Confidence: high
Scope-risk: narrow
Directive: Do not auto-switch the workspace view after a user has explicitly selected a workspace view.
Tested: cd desktop && bun run test -- src/components/workspace/WorkspacePanel.test.tsx src/stores/workspacePanelStore.test.ts
Tested: cd desktop && bun run lint
Tested: cd desktop && bun run build
Not-tested: Browser E2E visual screenshot pass was not rerun for this small header sizing change.
2026-04-30 19:27:22 +08:00
程序员阿江(Relakkes)
6d56f3c21d fix: remove legacy message rewind entry
The chat surface now relies on the current-turn changes card for file rollback, so the older per-message hover rewind affordance was removed to avoid two competing rollback models.

Constraint: Current-turn undo still depends on the existing checkpoint rewind API.
Rejected: Keep both rewind entry points | duplicate rollback affordances make the product harder to explain and test.
Confidence: high
Scope-risk: moderate
Directive: Prefer adding rollback behavior through the current-turn change card instead of restoring per-message hover rewind.
Tested: bun test src/server/__tests__/sessions.test.ts
Tested: cd desktop && bun run test
Tested: cd desktop && bun run lint
Tested: cd desktop && bun run build
Not-tested: Browser E2E scripts were updated but not executed in this commit.
2026-04-30 18:28:08 +08:00
程序员阿江(Relakkes)
bcfe042fc8 test: cover multi-turn workspace rollback behavior
The session workspace and current-turn undo surfaces now have regression coverage for multi-turn rollback semantics, stale current-turn cards, and dark theme workspace token usage.

Constraint: Workspace rollback must behave consistently for git and non-git session review flows.
Rejected: Rely on manual browser-only checks | they do not guard future regressions.
Confidence: high
Scope-risk: narrow
Directive: Keep rollback tests focused on target user message identity, not only visible index position.
Tested: bun test src/server/__tests__/sessions.test.ts
Tested: cd desktop && bun run test -- src/components/chat/MessageList.test.tsx src/components/workspace/WorkspacePanel.test.tsx src/stores/workspacePanelStore.test.ts
Tested: cd desktop && bun run lint
Tested: cd desktop && bun run build
Not-tested: Full live multi-turn assistant generation E2E across a fresh temporary project.
2026-04-30 17:54:13 +08:00
程序员阿江(Relakkes)
aaf25159af fix: keep workspace review surfaces usable across sessions
Workspace inspection now shares the same diff renderer between chat change cards and panel previews, supports scoped preview-tab closing, confirms checkpoint undo, resolves rewind checkpoints from the prompt cwd, and removes light-only workspace chrome so dark theme remains coherent.

Constraint: Workspace review must keep working for existing transcript sessions and non-git session-derived changes.
Rejected: Keep a separate chat diff preview | it drifted from panel rendering and dark theme behavior.
Confidence: high
Scope-risk: moderate
Directive: Keep chat and workspace diff rendering shared so theme and truncation behavior do not diverge again.
Tested: cd desktop && bun run test -- src/components/workspace/WorkspacePanel.test.tsx src/components/chat/MessageList.test.tsx src/stores/workspacePanelStore.test.ts
Tested: cd desktop && bun run lint
Tested: cd desktop && bun run build
Tested: bun test src/server/__tests__/sessions.test.ts
Tested: Browser dark workspace preview at http://127.0.0.1:59468/ with src/App.jsx diff
Not-tested: macOS packaged app build
2026-04-30 14:30:20 +08:00
程序员阿江(Relakkes)
339a06b281 fix: keep local workspace previews available
Workspace file preview is a local desktop surface, so image files should not be blocked by the text preview byte cap. Large text files now return a bounded preview instead of an unusable too-large state, while binary files remain explicitly unsupported.

Constraint: Avoid unbounded text payloads that can freeze the desktop renderer
Rejected: Remove all read limits | large generated files can still overload JSON transport and syntax rendering
Confidence: high
Scope-risk: moderate
Directive: Keep image preview detection before text-size limiting so local images remain renderable
Tested: bun test src/server/__tests__/workspace-service.test.ts
Tested: bun test src/server/__tests__/sessions.test.ts
Tested: cd desktop && bun run lint
Tested: cd desktop && bun run test -- src/components/workspace/WorkspacePanel.test.tsx
Tested: cd desktop && bun run build
Not-tested: Full packaged macOS smoke after this commit
2026-04-30 00:35:26 +08:00
程序员阿江(Relakkes)
3a6f45d173 feat: make current turn changes reviewable and undoable
Workspace inspection was visible only as a side panel, while file restore still lived behind the older per-message rewind affordance. This adds a chat-flow change card for the completed turn, keeps undo routed through checkpoint rewind, and tightens the workspace split layout so narrow and fullscreen windows keep both chat and file preview usable.

Constraint: Current session file changes must work for non-Git directories when transcript tool edits are available
Constraint: Workspace preview must remain right-docked without horizontal overflow across narrow and wide desktop viewports
Rejected: Keep only hover rewind | users could not clearly see what the current turn changed before undoing it
Rejected: Use Git as the only changed-file source | many desktop sessions run in temporary or non-Git directories
Confidence: high
Scope-risk: moderate
Directive: Keep checkpoint rewind as the source of truth for undo semantics; workspace diffs are a preview surface, not the restore authority
Tested: bun test src/server/__tests__/sessions.test.ts src/server/__tests__/workspace-service.test.ts
Tested: cd desktop && bun run test -- src/components/chat/MessageList.test.tsx src/components/workspace/WorkspacePanel.test.tsx src/stores/workspacePanelStore.test.ts src/pages/ActiveSession.test.tsx
Tested: cd desktop && bun run lint
Tested: cd desktop && bun run build
Tested: bun /tmp/cc-haha-layout-e2e/run-layout-e2e.mjs
Not-tested: Native Tauri packaged app window chrome behavior
2026-04-29 19:29:54 +08:00
程序员阿江(Relakkes)
b811ffb8f1 feat: make session workspace changes inspectable
Expose a workspace inspector for desktop sessions so users can browse the active project, preview files, inspect session-derived changes, and review diffs even when the work directory is not a git repository.

Constraint: The workspace view must work for temporary and non-git project directories.
Rejected: Rely only on git status | non-git sessions would lose the changed-files surface.
Confidence: medium
Scope-risk: moderate
Directive: Keep undo semantics separate from workspace browsing; checkpoint-backed rewind should remain the source of truth for rollback.
Tested: bun test src/server/__tests__/sessions.test.ts src/server/__tests__/workspace-service.test.ts
Tested: cd desktop && bun run test -- src/components/workspace/WorkspacePanel.test.tsx src/stores/workspacePanelStore.test.ts
Tested: cd desktop && bun run lint
Tested: git diff --check
Not-tested: Full desktop packaged app build after this commit
2026-04-29 17:28:53 +08:00
程序员阿江(Relakkes)
777c596505 docs: add README star history section
Add a bottom README callout that makes the GitHub star ask visible while embedding the live Star History chart in both Chinese and English docs.

Constraint: Keep bilingual README footer sections aligned.
Confidence: high
Scope-risk: narrow
Tested: Verified Star History SVG endpoint returns 200 image/svg+xml.
Not-tested: Full docs site build; README-only content change.
2026-04-29 10:28:47 +08:00
程序员阿江(Relakkes)
48ae305cbd docs: make issue reports actionable for desktop triage
Most reports now come from desktop users, so the templates need to collect the operating system, desktop version, reproduction path, configuration screenshots, and logs before maintainers can diagnose failures.

Constraint: Desktop releases are the dominant support surface for external users
Rejected: Keep CLI-first fields at the top | it delays collecting the information needed for Windows and macOS desktop failures
Confidence: high
Scope-risk: narrow
Directive: Keep desktop OS and app version fields near the top of future issue template edits
Tested: git diff --check -- .github/ISSUE_TEMPLATE/bug_report.md .github/ISSUE_TEMPLATE/question.md
Not-tested: GitHub issue form rendering in browser
2026-04-29 09:23:59 +08:00
程序员阿江(Relakkes)
670281b07c fix: keep desktop app running from tray after close
Closing the desktop window should not tear down the local server when users expect the app to keep serving background work. The Tauri layer now owns that lifecycle: close hides the main window, tray actions restore or quit, and true quit paths still stop sidecars.

Constraint: Issue #213 asks for Windows close-to-background behavior, and macOS should follow the same desktop lifecycle.
Rejected: Frontend-only close handling | native window close events and OS menu actions need one Tauri-owned path.
Confidence: high
Scope-risk: moderate
Directive: Do not remove the explicit quit marker unless all updater, tray, and app-exit paths are rechecked.
Tested: cargo fmt --manifest-path desktop/src-tauri/Cargo.toml --check
Tested: cargo check --manifest-path desktop/src-tauri/Cargo.toml
Tested: cargo test --manifest-path desktop/src-tauri/Cargo.toml
Tested: cd desktop && bun run lint
Tested: cd desktop && bun run build
Not-tested: Windows cargo check on this macOS machine; x86_64-pc-windows-msvc cross-check stopped in ring because the host lacks Windows C/MSVC headers.
Related: https://github.com/NanmiCoder/cc-haha/issues/213
2026-04-29 09:23:12 +08:00
程序员阿江(Relakkes)
a68a244285 Prepare 0.1.8 for remote desktop release
The release note is now the GitHub Release source of truth, and the desktop version files have been moved together so the tag-triggered workflow can package the same version consistently.

Constraint: release-desktop.yml reads release-notes/v0.1.8.md from the tagged commit

Rejected: Push tag without a release commit | workflow requires version files and notes in the tag

Confidence: high

Scope-risk: narrow

Reversibility: clean

Directive: Keep the release notes filename aligned with the tag before pushing future releases

Tested: bun run scripts/release.ts 0.1.8 --dry

Tested: bun run scripts/release.ts 0.1.8

Not-tested: Remote GitHub Actions build before pushing the tag
v0.1.8
2026-04-28 23:27:20 +08:00
程序员阿江(Relakkes)
0508277998 fix: keep inspector context responsive
The session inspector now asks the resumed CLI for a fast structural context estimate instead of forcing the full token-counting API path. This preserves live CLI state for system prompt, tools, MCP tools, skills, and messages while avoiding the 20s timeout that made historical sessions appear stuck or fall back to transcript-only estimates.

Constraint: Inspector requests must return quickly for third-party providers and historical resumed sessions.

Rejected: Increase the server timeout | the slow path can still block on provider token counting and keeps the UI feeling broken.

Confidence: high

Scope-risk: narrow

Directive: Keep interactive inspector context on the estimateOnly control path unless the UI explicitly supports a slow precise refresh.

Tested: bun test src/server/__tests__/conversations.test.ts -t 'structured session inspection|Sonnet 4.6 transcript usage'

Tested: cd desktop && bun run test -- --run src/i18n/index.test.tsx

Tested: cd desktop && bun run build

Tested: direct /api/sessions/:id/inspection?includeContext=1 returned live context in 0.046867s with System prompt, System tools, MCP tools, Messages

Tested: agent-browser automation verified no loading/error and visible System prompt/System tools/MCP tools/Messages

Not-tested: bare root tsc --noEmit, because current tsconfig scans existing desktop/src-tauri/target generated binary assets unrelated to this change
2026-04-28 23:05:52 +08:00
程序员阿江(Relakkes)
f57f163604 fix: prevent session inspector context stalls
Session inspection was coupling quick status and usage rendering to live context control requests, so a slow get_context_usage path could leave the desktop inspector stuck on a loading state. The desktop panel now loads basic inspection data first, renders a transcript-based context estimate immediately, and only asks for live context details as a background refinement.

The translation hook now returns a stable function per locale so effects that depend on translation do not reset and re-fetch after every render.

Constraint: Third-party provider sessions may not expose reliable live context capabilities through the control request path.
Rejected: Keep waiting on live get_context_usage for the context tab | it recreates the user-visible loading stall.
Rejected: Hardcode provider-specific context windows | provider capabilities are not always known from the desktop session record.
Confidence: high
Scope-risk: moderate
Directive: Do not make the inspector first render depend on live CLI control requests without a transcript or cached fallback.
Tested: bun test src/server/__tests__/conversations.test.ts -t "structured session inspection|Sonnet 4.6 transcript usage"
Tested: cd desktop && bun run test -- --run src/i18n/index.test.tsx
Tested: cd desktop && bun run build
Tested: git diff --check
Tested: agent-browser verified /context renders transcript estimate without Loading context data
Not-tested: Provider-specific true context-window discovery for every third-party vendor
2026-04-28 22:52:18 +08:00
程序员阿江(Relakkes)
15c0982159 fix: keep desktop sessions on active provider runtime
Default desktop sessions with an active third-party provider were only passing the selected model into the CLI startup path. That allowed the child CLI to fall back to stale cc-haha settings env instead of the provider index, so the UI-selected provider could diverge from the key and endpoint used by the subprocess.

Route default sessions through the active provider id and make third-party Sonnet capability overrides explicit with a non-empty sentinel. This keeps provider runtime env sourced from providers.json and avoids treating third-party Sonnet models as first-party thinking-capable models.

Constraint: Third-party provider behavior is the product baseline for desktop users.

Rejected: Rely on synced cc-haha/settings.json env | it can be stale and caused provider/key routing mismatches.

Confidence: high

Scope-risk: narrow

Directive: Third-party desktop sessions must carry providerId into ConversationService; do not depend on global settings env for active providers.

Tested: bun test src/server/__tests__/conversations.test.ts src/server/__tests__/conversation-service.test.ts src/server/__tests__/provider-presets.test.ts src/utils/__tests__/thinking.test.ts

Tested: git diff --check
2026-04-28 18:45:41 +08:00
程序员阿江(Relakkes)
165cb1777a fix: keep provider sessions on compatible model capabilities
Third-party Anthropic-compatible providers can expose Claude model names without supporting every first-party runtime capability. Desktop sessions now preserve provider-specific capability overrides, keep selected provider runtime state across reconnects and restarts, and keep the provider dialog behavior aligned with the updated presets.

Constraint: Custom ANTHROPIC_BASE_URL endpoints must not be treated as first-party Anthropic for adaptive thinking support.
Rejected: Rename provider default Sonnet models | that would hide the compatibility issue instead of fixing runtime capability detection.
Confidence: high
Scope-risk: moderate
Directive: Do not enable Claude first-party capability defaults for custom Anthropic-compatible base URLs without provider verification.
Tested: bun test src/utils/__tests__/thinking.test.ts src/server/__tests__/conversation-service.test.ts src/server/__tests__/provider-presets.test.ts src/server/__tests__/conversations.test.ts
Tested: cd desktop && bun run lint
Tested: cd desktop && bun run test src/components/shared/Modal.test.tsx --run
Tested: git diff --check
2026-04-28 17:35:56 +08:00
程序员阿江(Relakkes)
5e9303fe44 feat: tighten provider settings and support links
Provider setup now keeps API keys hidden by default while still allowing an explicit reveal, and the About page links users directly to release notes and issue feedback. Provider preset copy was also adjusted so promotional text stays intentional and current.

Constraint: Reuse the existing settings page structure and provider preset schema
Confidence: high
Scope-risk: moderate
Reversibility: clean
Tested: cd desktop && bun run test -- generalSettings.test.tsx
Not-tested: Full desktop lint and production build
2026-04-28 16:38:16 +08:00
程序员阿江(Relakkes)
8e94010bbc docs: acknowledge reference projects in README
The README footer now separates community references from sponsors and donation content, so readers can see which upstream projects informed the UI stack and provider configuration approach.

Constraint: Keep acknowledgement placement near the footer without mixing references into sponsorship copy
Confidence: high
Scope-risk: narrow
Reversibility: clean
Tested: Reviewed README.md and README.en.md diff
Not-tested: Markdown site build
2026-04-28 16:38:16 +08:00
程序员阿江(Relakkes)
3fc7200eb2 feat: help users configure sponsored and local providers without guesswork
Provider setup now carries the metadata needed for sponsored and local Anthropic-compatible providers, while keeping provider URLs and API keys editable in the desktop form. The desktop UI also exposes API-key links, optional sponsor copy, full key visibility, and local no-key presets that can be activated into runtime settings.

Constraint: Local LM Studio and Ollama integrations require Anthropic-compatible root URLs rather than OpenAI /v1 URLs
Rejected: Keep local providers at the top of the preset list | user requested them immediately before Custom
Confidence: high
Scope-risk: moderate
Directive: Do not change local provider base URLs to /v1 without rechecking Anthropic compatibility docs
Tested: bun test src/server/__tests__/provider-presets.test.ts src/server/__tests__/providers.test.ts
Tested: cd desktop && bun run lint
Tested: cd desktop && bun run test src/__tests__/generalSettings.test.tsx --run
Tested: git diff --cached --check
Tested: Web UI provider creation plus real sessions for LM Studio, Ollama, JiekouAI, and Shengsuanyun
Not-tested: Production packaged Tauri build
2026-04-28 16:38:16 +08:00
程序员阿江(Relakkes)
908b206f07 docs: refresh README sponsor partners
The sponsor section now reflects the active partners only, with
clickable referral copy and local logo assets so GitHub renders the
same layout in both Chinese and English READMEs.

Constraint: Chinese and English README sponsor sections must stay synchronized
Rejected: Keep LegionProxy as a lower-priority sponsor | user requested removing it
Confidence: high
Scope-risk: narrow
Tested: git diff --cached --check
Not-tested: GitHub rendered README preview
2026-04-28 16:38:16 +08:00
程序员阿江(Relakkes)
736bce8ac1 fix: Update Kimi preset to coding endpoint
Kimi Code documents a separate Anthropic-compatible coding endpoint from the Moonshot open platform, so the built-in Kimi preset should point Claude-compatible traffic at the coding endpoint instead of the retired Moonshot anthropic path.

Constraint: Kimi Code Anthropic-compatible base URL is https://api.kimi.com/coding/ and this app appends /v1/messages at runtime.
Rejected: Use https://api.moonshot.cn/coding | official Kimi docs distinguish Kimi Code from the Moonshot open platform URLs.
Confidence: high
Scope-risk: narrow
Directive: Do not switch Kimi back to api.moonshot.cn/anthropic without rechecking current Kimi Code docs.
Tested: bun test src/server/__tests__/provider-presets.test.ts
Not-tested: Live Kimi API call with a real user key
2026-04-28 16:38:16 +08:00
程序员阿江(Relakkes)
3d3dfdad76 feat: Keep terminal workflows inside desktop tabs
The desktop terminal already supported independent PTY sessions, but it only lived inside settings. This change promotes it to a first-class tab workflow so users can open multiple host terminals without leaving the chat-oriented desktop layout.

Constraint: Tauri terminal sessions are process-backed and must stay mounted while switching tabs.
Rejected: Reuse the settings terminal as a navigated page only | it cannot support multiple independent terminal tabs.
Rejected: Hide inactive xterm panes with display none | xterm lost visible output after tab switches during E2E.
Confidence: high
Scope-risk: moderate
Directive: Keep inactive terminal panes mounted and avoid display none unless xterm repaint behavior is reverified.
Tested: bun run test src/components/layout/ContentRouter.test.tsx src/components/layout/Sidebar.test.tsx src/components/layout/TabBar.test.tsx src/pages/TerminalSettings.test.tsx
Tested: bun run lint
Tested: bun run build
Tested: ./scripts/build-macos-arm64.sh
Tested: Computer Use E2E against build-artifacts/macos-arm64 app for multiple terminals, command output retention, tab switching, and terminal cleanup
Not-tested: Intel macOS package
2026-04-28 16:38:16 +08:00
程序员阿江(Relakkes)
e0abea6c46 fix: Keep subagent tool activity nested in desktop transcripts
Subagent transcripts are stored in sidecar JSONL files, so the desktop history loader now links completed Agent results back to their sidecar tool activity and namespaces child tool ids before rendering. The chat renderer then keeps parented tool calls and orphaned child results out of the root session stream, while the Agent result preview strips runtime metadata from the user-facing answer.

Constraint: Subagent tool activity may live under ~/.claude/projects/{project}/{session}/subagents instead of the main session JSONL
Rejected: Rely only on adjacent message ordering | interleaved messages can split parent and child tool activity
Rejected: Show final Agent output inside the expanded card | expanded cards should show process activity while the modal shows the final answer
Confidence: high
Scope-risk: moderate
Directive: Do not remove child tool id namespacing without proving multiple subagents cannot emit colliding tool ids
Tested: bun test src/server/__tests__/sessions.test.ts
Tested: cd desktop && bun run test -- MessageList.test.tsx chatStore.test.ts
Tested: cd desktop && bun run lint
Tested: agent-browser E2E with two dispatched subagents in /tmp/cc-haha-agent-e2e-q4Xm2s
Not-tested: Live streaming of sidecar subagent tool activity before the sidecar file is persisted
2026-04-28 16:38:16 +08:00
程序员阿江(Relakkes)
628c4e16f9 feat: support ESC key to close slash command panels 2026-04-28 16:38:16 +08:00
程序员阿江(Relakkes)
e1474b5c30 Improve dark model selection contrast
The model selector reused the light-theme primary fixed surface for selected rows, which made dark mode render a pale block with poor text contrast. This gives the selector its own selected-row tokens so dark mode can keep a low-luminance surface while light mode preserves the existing look.

Constraint: Keep the fix scoped to desktop theme tokens and the existing selector component
Rejected: Change primary-fixed globally | too broad because other components rely on that token semantics
Confidence: high
Scope-risk: narrow
Directive: Do not point selected model rows back to primary-fixed without checking dark-mode contrast
Tested: cd desktop && bun run lint
Tested: cd desktop && bun run build
Tested: git diff --check
Not-tested: Browser screenshot capture blocked by an existing Chrome DevTools profile instance
2026-04-28 16:38:16 +08:00
程序员阿江(Relakkes)
91a28d949f Restore context percentages in the desktop inspector
The context tab needs both absolute token counts and percent-of-window values to stay scannable. Category rows now show the percent next to each token count, and the free-space summary card also reports remaining percent.

Constraint: Keep the compact terminal-inspired layout while restoring the numeric detail users rely on.

Confidence: high

Scope-risk: narrow

Tested: cd desktop && bun run lint

Tested: git diff --check

Tested: agent-browser smoke test on http://127.0.0.1:2024/ for /context percentages

Not-tested: Packaged Tauri build.
2026-04-28 16:38:16 +08:00
程序员阿江(Relakkes)
b4142c8221 Make desktop slash commands useful outside the terminal
Desktop slash commands now separate local UI panels from CLI turn execution. The session inspector exposes status, usage, and context data from the active session, including transcript and context fallbacks, so /status, /cost, and /context can render structured desktop UI instead of raw terminal text. The inspector and help surfaces now use the existing desktop i18n catalogs for English and Chinese labels.

Constraint: Desktop read-only slash commands must not spawn duplicate CLI processes or depend on submitting a normal user turn.

Rejected: Render raw CLI command text in chat | it keeps terminal-specific layout constraints and does not fit the desktop panel UX.

Confidence: high

Scope-risk: moderate

Directive: Keep /status, /cost, and /context routed through the local inspector unless the CLI exposes a structured interactive command protocol.

Tested: cd desktop && bun run lint

Tested: cd desktop && bun test src/components/chat/composerUtils.test.ts

Tested: bun test src/server/__tests__/conversations.test.ts

Tested: cd desktop && bun run build

Tested: agent-browser smoke test on http://127.0.0.1:2024/ for /context localized inspector

Tested: git diff --check

Not-tested: Full packaged Tauri desktop build.
2026-04-28 16:38:16 +08:00