Compare commits

..

17 Commits

Author SHA1 Message Date
Haileyesus
c1d370d48b fix(chat): make message queuing reliable across sessions and turn boundaries
Queued messages had four related defects:

- A queued message flashed and then vanished at flush time: concurrent
  transcript refreshes (the `complete` handler racing the watcher-triggered
  update) could resolve out of order, letting a stale response overwrite
  newer server messages after the optimistic row was pruned. Session slots
  now carry a monotonic fetch ticket and discard stale fetch/refresh/
  fetchMore responses.

- Switching sessions flushed the previous session's queued draft into the
  newly viewed one (sending it with the wrong provider's settings, e.g. a
  Claude model into a Codex session). The composer flush is now scoped to
  its session, and a draft restored into an idle session sends after a
  short grace period so a live-run ack can cancel it.

- The thinking banner never appeared for a queued turn: the chat handler's
  session-keyed completeRun safety net could fire after a queued message
  had already started the session's next run, emitting a spurious
  `complete` that killed it. The safety net is now scoped to its own run
  via completeRunIfCurrent (with a regression test).

- Queued messages only sent while their session was being viewed. Drafts
  now persist their send options (model, effort, permissions) at queue
  time, and a new app-level useQueuedMessageAutoSend hook dispatches a
  non-viewed session's queued message as soon as its run completes, using
  the storage key as the claim ticket to prevent double sends.
2026-07-07 20:01:29 +03:00
Haileyesus
472c7a8055 fix(sessions): title app-created sessions from the first user message
App-created sessions (started by sending a message from cloudcli) were
titled with placeholder names — "Untitled Codex Session" from the disk
indexer and, briefly, "New session" from the empty canonical upsert —
before a later sync finally settled on the right text, causing the
sidebar title to flicker.

- Codex/OpenCode synchronizers now title app-created sessions (distinct
  app id mapped to a provider id) from the first user message, while
  sessions found purely by indexing keep their existing setup. Claude
  keeps its AI-generated titles; Cursor already used the first message.
- Decode OpenCode's JSON-string-literal prompts so titles no longer
  surface wrapped in quotes; hoist unwrapJsonStringLiteral into
  shared/utils since it's now used by both the reader and synchronizer.
- Guard the sidebar upsert merge so an empty summary can never blank out
  a title that is already set.
- Add codex/opencode synchronizer tests for the app-created vs indexed
  naming paths.
2026-07-07 15:07:50 +03:00
Haileyesus
6336d94fd6 fix: show agent subtask 2026-07-07 15:06:06 +03:00
Haileyesus
baf45b7282 fix(security): canonicalize Claude image attachment reads
Resolve image attachment paths with realpath before reading so symlinks
inside allowed roots cannot escape to arbitrary files. Preserve support for
symlinked project/upload roots and add focused coverage for both cases.
2026-07-06 23:03:52 +03:00
Haileyesus
98e6cf2ba9 fix: use CodeQL-recognized containment check for image reads
Replace the path.relative guard in isPathInsideDirectory with the
resolve + startsWith(root + sep) idiom so the path-injection barrier
is visible to code scanning; behavior is unchanged.
2026-07-06 21:37:15 +03:00
Haileyesus
417fe11718 fix: address code scanning findings
- enforce a second image trust boundary in the provider builders:
  buildClaudeUserContent/buildCodexInputItems only accept files inside
  the upload store or the run's working directory (CodeQL path
  injection)
- drop an always-true selectedProject check in handleSubmit
- remove the unused resume option from spawnCursor
2026-07-06 21:22:30 +03:00
Haileyesus
138371525a fix: address code review findings
- validate chat image attachments server-side: only files inside the
  ~/.cloudcli/assets upload store may reach provider file reads
- harden asset serving with nosniff and attachment disposition for
  SVGs to prevent stored XSS
- show the timestamp on image-only user messages
- serialize git stage/unstage calls and defer the status re-sync so
  rapid toggles can't interleave or flicker
- use a literal hex fallback for commit ref badges (alpha suffix on a
  var() string produced invalid CSS)
- stop binding a URL session to a guening
  project instead
- add the missing attentionRequiredIndicator key to all sidebar locales
- clean up dangling conjunctions left the
  de/ru/tr/ja/zh-CN/zh-TW READMEs
2026-07-06 21:08:22 +03:00
Haileyesus
4e423f5fa2 fix: remove gemini support since google discontinued it 2026-07-06 17:01:29 +03:00
Haileyesus
6daae87443 feat(git): commit graph in history view and cross-spawn everywhere
- render a VSCode-style commit graph in the source control history:
  lane-assignment algorithm, SVG strip with colored rails, merge and
  branch curves, commit dots, and branch/tag badges per commit
- /commits returns parents and ref decorations across all branches
  (--branches --remotes --tags --topo-order) using unit-separator
  fields so pipes in commit subjects can't break parsing
- collect stats via a single --shortstat pass instead of one
  `git show --stat` call per commit; raise the history limit to 50
- replace child_process spawn with cross-spawn in all runtimes,
  routes, and services: it resolves .cmd shims and PATHEXT on
  Windows (fixing taskmaster's npx invocations) and delegates to
  native spawn elsewhere, removing the per-file win32 ternaries
- unit tests for the log parser and lane assignment
2026-07-06 16:09:39 +03:00
Haileyesus
09a21b3754 fix: resolve source control and chat UX bugs
- make staging real in the git panel: new /stage and /unstage endpoints,
  /status now reports the actual index via porcelain -z (handles renames,
  conflicts, and paths with spaces), and Stage/Unstage All run real git
  commands instead of toggling client-side state
- add branch search to the header dropdown and Branches tab
- persist the chosen permission mode per provider so a brand-new chat
  keeps it once the session id arrives, instead of reverting to default
- replace cmdk's fuzzy model search with strict token matching so
  "chatgpt" no longer surfaces unrelated models
- unit tests for the git status parser
2026-07-06 15:33:57 +03:00
Haileyesus
5dedf873e6 feat(opencode): support permission options 2026-07-06 15:04:17 +03:00
Haileyesus
a253a2bda4 feat: support attached images for all providers 2026-07-06 13:32:06 +03:00
Haileyesus
3ade1a1105 fix: select project when loading session from direct URL 2026-07-06 13:29:18 +03:00
Haileyesus
9713fff12b fix: strip timestamp tags from cursor 2026-07-06 13:29:18 +03:00
Haileyesus
84fe5758fc fix(shell): use c to copy for claude 2026-07-06 13:29:17 +03:00
Haileyesus
cc2811126b feat: support message queue and add attention indicator 2026-07-06 13:29:16 +03:00
Haileyesus
348427ce95 fix: don't overlap thinking banner over conversation 2026-07-06 13:28:19 +03:00
8 changed files with 12 additions and 52 deletions

View File

@@ -14,22 +14,18 @@ jobs:
strategy: strategy:
fail-fast: false fail-fast: false
matrix: matrix:
template: [claude-code, codex] template: [claude-code, codex, gemini]
steps: steps:
- uses: actions/checkout@v6 - uses: actions/checkout@v6
- name: Set up QEMU - name: Set up QEMU
uses: docker/setup-qemu-action@v4 uses: docker/setup-qemu-action@v3
with:
platforms: arm64
- name: Set up Docker Buildx - name: Set up Docker Buildx
uses: docker/setup-buildx-action@v4 uses: docker/setup-buildx-action@v3
with:
version: latest
- name: Log in to Docker Hub - name: Log in to Docker Hub
uses: docker/login-action@v4 uses: docker/login-action@v3
with: with:
username: ${{ secrets.DOCKERHUB_USERNAME }} username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }} password: ${{ secrets.DOCKERHUB_TOKEN }}
@@ -44,7 +40,7 @@ jobs:
echo "tags=$TAGS" >> "$GITHUB_OUTPUT" echo "tags=$TAGS" >> "$GITHUB_OUTPUT"
- name: Build and push - name: Build and push
uses: docker/build-push-action@v7 uses: docker/build-push-action@v6
with: with:
context: ./docker context: ./docker
file: ./docker/${{ matrix.template }}/Dockerfile file: ./docker/${{ matrix.template }}/Dockerfile

View File

@@ -3,12 +3,6 @@
All notable changes to CloudCLI UI will be documented in this file. All notable changes to CloudCLI UI will be documented in this file.
## [1.36.1](https://github.com/siteboon/claudecodeui/compare/v1.36.0...v1.36.1) (2026-07-08)
### New Features
* **redesign:** skills and MCP action controls in settings ([#942](https://github.com/siteboon/claudecodeui/issues/942)) ([41e0d30](https://github.com/siteboon/claudecodeui/commit/41e0d309e06edda14abc6912ade5c2f9d4a90984))
## [](https://github.com/siteboon/claudecodeui/compare/v1.35.1...vnull) (2026-07-03) ## [](https://github.com/siteboon/claudecodeui/compare/v1.35.1...vnull) (2026-07-03)
### New Features ### New Features

View File

@@ -5,16 +5,7 @@ COPY shared/install-cloudcli.sh /tmp/install-cloudcli.sh
RUN chmod +x /tmp/install-cloudcli.sh && /tmp/install-cloudcli.sh RUN chmod +x /tmp/install-cloudcli.sh && /tmp/install-cloudcli.sh
USER agent USER agent
RUN --mount=type=cache,target=/tmp/npm-cache,sharing=locked,mode=0777 \ RUN npm install -g @cloudcli-ai/cloudcli && cloudcli --version
npm install -g @cloudcli-ai/cloudcli \
--cache=/tmp/npm-cache \
--fetch-retries=5 \
--fetch-retry-mintimeout=20000 \
--fetch-retry-maxtimeout=120000 \
--fetch-timeout=600000 \
--no-audit \
--no-fund && \
cloudcli --version
COPY --chown=agent:agent shared/start-cloudcli.sh /home/agent/.cloudcli-start.sh COPY --chown=agent:agent shared/start-cloudcli.sh /home/agent/.cloudcli-start.sh
RUN echo '. ~/.cloudcli-start.sh' >> /home/agent/.bashrc RUN echo '. ~/.cloudcli-start.sh' >> /home/agent/.bashrc

View File

@@ -5,16 +5,7 @@ COPY shared/install-cloudcli.sh /tmp/install-cloudcli.sh
RUN chmod +x /tmp/install-cloudcli.sh && /tmp/install-cloudcli.sh RUN chmod +x /tmp/install-cloudcli.sh && /tmp/install-cloudcli.sh
USER agent USER agent
RUN --mount=type=cache,target=/tmp/npm-cache,sharing=locked,mode=0777 \ RUN npm install -g @cloudcli-ai/cloudcli && cloudcli --version
npm install -g @cloudcli-ai/cloudcli \
--cache=/tmp/npm-cache \
--fetch-retries=5 \
--fetch-retry-mintimeout=20000 \
--fetch-retry-maxtimeout=120000 \
--fetch-timeout=600000 \
--no-audit \
--no-fund && \
cloudcli --version
COPY --chown=agent:agent shared/start-cloudcli.sh /home/agent/.cloudcli-start.sh COPY --chown=agent:agent shared/start-cloudcli.sh /home/agent/.cloudcli-start.sh
RUN echo '. ~/.cloudcli-start.sh' >> /home/agent/.bashrc RUN echo '. ~/.cloudcli-start.sh' >> /home/agent/.bashrc

4
package-lock.json generated
View File

@@ -1,12 +1,12 @@
{ {
"name": "@cloudcli-ai/cloudcli", "name": "@cloudcli-ai/cloudcli",
"version": "1.36.1", "version": "1.36.0",
"lockfileVersion": 3, "lockfileVersion": 3,
"requires": true, "requires": true,
"packages": { "packages": {
"": { "": {
"name": "@cloudcli-ai/cloudcli", "name": "@cloudcli-ai/cloudcli",
"version": "1.36.1", "version": "1.36.0",
"hasInstallScript": true, "hasInstallScript": true,
"license": "AGPL-3.0-or-later", "license": "AGPL-3.0-or-later",
"dependencies": { "dependencies": {

View File

@@ -1,6 +1,6 @@
{ {
"name": "@cloudcli-ai/cloudcli", "name": "@cloudcli-ai/cloudcli",
"version": "1.36.1", "version": "1.36.0",
"productName": "CloudCLI", "productName": "CloudCLI",
"description": "A web-based UI for Claude Code CLI", "description": "A web-based UI for Claude Code CLI",
"type": "module", "type": "module",

View File

@@ -3,7 +3,6 @@ import type { DragEvent } from 'react';
import { IS_PLATFORM } from '../../../constants/config'; import { IS_PLATFORM } from '../../../constants/config';
import type { Project } from '../../../types/app'; import type { Project } from '../../../types/app';
import { isValidRefreshedToken } from '../../../utils/api';
import { import {
MAX_FILE_UPLOAD_COUNT, MAX_FILE_UPLOAD_COUNT,
MAX_FILE_UPLOAD_SIZE_BYTES, MAX_FILE_UPLOAD_SIZE_BYTES,
@@ -132,7 +131,7 @@ const uploadFormDataWithProgress = (
xhr.onload = () => { xhr.onload = () => {
const refreshedToken = xhr.getResponseHeader('X-Refreshed-Token'); const refreshedToken = xhr.getResponseHeader('X-Refreshed-Token');
if (isValidRefreshedToken(refreshedToken)) { if (refreshedToken) {
localStorage.setItem('auth-token', refreshedToken); localStorage.setItem('auth-token', refreshedToken);
} }

View File

@@ -1,16 +1,5 @@
import { IS_PLATFORM } from "../constants/config"; import { IS_PLATFORM } from "../constants/config";
// Only accept a refreshed token that has this app's issued JWT shape
// (three base64url segments). An attacker-injected/malformed header value
// must never overwrite the stored auth token.
/**
* @param {unknown} token
* @returns {token is string}
*/
export const isValidRefreshedToken = (token) =>
typeof token === 'string' &&
/^[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+$/.test(token);
// Utility function for authenticated API calls // Utility function for authenticated API calls
export const authenticatedFetch = (url, options = {}) => { export const authenticatedFetch = (url, options = {}) => {
const token = localStorage.getItem('auth-token'); const token = localStorage.getItem('auth-token');
@@ -34,7 +23,7 @@ export const authenticatedFetch = (url, options = {}) => {
}, },
}).then((response) => { }).then((response) => {
const refreshedToken = response.headers.get('X-Refreshed-Token'); const refreshedToken = response.headers.get('X-Refreshed-Token');
if (isValidRefreshedToken(refreshedToken)) { if (refreshedToken) {
localStorage.setItem('auth-token', refreshedToken); localStorage.setItem('auth-token', refreshedToken);
} }
return response; return response;