mirror of
https://github.com/claude-code-best/claude-code.git
synced 2026-06-26 01:55:50 +00:00
084e487943
* feat: 新增 cloud-artifacts 包(Cloudflare Worker HTML artifact 托管)
POST /upload 鉴权上传 HTML 到 R2 返回 hash URL,GET /<7d|30d>/<id>.html
由 Worker 代理读取并直出 text/html。R2 lifecycle rule 自动 7/30 天删除。
独立服务,不被主 CLI 引用(类似 packages/remote-control-server/ 定位)。
Co-Authored-By: glm-5.2 <zai-org@claude-code-best.win>
* docs: 完善 cloud-artifacts 文档并统一出口域名
- CLAUDE.md 加 cloud-artifacts 到 Workspace Packages 表和新增 HTML Artifact Hosting 段落
- docs.json 注册 cloud-artifacts 到运行模式 group
- README 加 Quickstart、架构图(含 Deno Deploy 代理层)、Security Considerations、Troubleshooting
- 统一出口域名为 https://cloud-artifacts.claude-code-best.win(wrangler.toml PUBLIC_URL、test.sh 默认 WORKER_URL、所有文档示例)
- test.sh expect() 加 [via body] fallback:经 Deno Deploy 代理(status 抹平为 200)时按 body 的 error 字段断言
Co-Authored-By: glm-5.2 <zai-org@claude-code-best.win>
* docs: 修正 CLAUDE.md cloud-artifacts 引用死链
之前指向不存在的 docs/features/cloud-artifacts.md(用户未注册到 docs.json),
改为指向已存在的 packages/cloud-artifacts/README.md,并补充生产出口域名
与 Deno Deploy status 抹平副作用的说明。
Co-Authored-By: glm-5.2 <zai-org@claude-code-best.win>
* chore: 同步 cloud-artifacts 测试默认 TOKEN 到新值
用户已通过 wrangler secret put 把生产 TOKEN 改为 claude-code-best,
test.sh 的默认值(之前用旧 token 作 fallback)和注释示例同步更新。
现在直接 bash scripts/test.sh 即可跑通(无需显式传 TOKEN)。
src/index.ts 不依赖具体 token 值(只读 env.TOKEN 做比较),
wrangler.toml 不含 secret,README/.dev.vars.example 用 <your-token>
占位符故无需改。
Co-Authored-By: glm-5.2 <zai-org@claude-code-best.win>
* docs: add artifacts feature implementation plan
* feat(artifact): add cloud-artifacts config with token/URL defaults
Co-Authored-By: glm-5.2 <zai-org@claude-code-best.win>
* feat(artifact): add HTTP client with body-error parsing
Co-Authored-By: glm-5.2 <zai-org@claude-code-best.win>
* feat(artifact): add tool name, description, and prompt
Co-Authored-By: glm-5.2 <zai-org@claude-code-best.win>
* feat(artifact): add buildTool definition with file validation
Co-Authored-By: glm-5.2 <zai-org@claude-code-best.win>
* test(artifact): add end-to-end tool tests for upload/error paths
Co-Authored-By: glm-5.2 <zai-org@claude-code-best.win>
* feat(artifact): export ArtifactTool from builtin-tools barrel
Co-Authored-By: glm-5.2 <zai-org@claude-code-best.win>
* feat(artifact): register ArtifactTool in tools list
Co-Authored-By: glm-5.2 <zai-org@claude-code-best.win>
* feat(artifact): add /use-artifacts bundled skill
Co-Authored-By: glm-5.2 <zai-org@claude-code-best.win>
* feat(artifact): add extractArtifacts message scanner
Scans Message[] for artifact tool_use/tool_result pairs, parses URL/id/expires
from the upload response string, and returns ArtifactInfo[] newest-first.
Co-Authored-By: glm-5.2 <zai-org@claude-code-best.win>
* fix(artifact): scanner type narrowing and url regex
- Use double assertion (`as unknown as Record<string, unknown>`) at lines 30
and 90 to fix TS2352 per project convention
- Tighten URL_REGEX to avoid capturing trailing punctuation (parens,
quotes, commas) when URL is embedded in text
- Add test case for array-form tool_result content path
Co-Authored-By: glm-5.2 <zai-org@claude-code-best.win>
* feat(artifact): add ArtifactsMenu Ink component
Co-Authored-By: glm-5.2 <zai-org@claude-code-best.win>
* feat(artifact): add /artifacts slash command entry
Co-Authored-By: glm-5.2 <zai-org@claude-code-best.win>
* feat(artifact): register /artifacts command
Co-Authored-By: glm-5.2 <zai-org@claude-code-best.win>
* fix(artifact): use setClipboard instead of pbcopy for cross-platform support
* fix(artifact): drop userFacingName override so display matches /artifacts
* fix(rcs): add resJson helper to resolve strict mode type errors in tests
Hono Response.json() returns Promise<unknown> under strict TypeScript,
causing 121 TS errors across middleware and routes test files.
Co-Authored-By: glm-5-turbo <zai-org@claude-code-best.win>
* fix(cloud-artifacts): add type stubs so tsc passes without worker-configuration.d.ts
The wrangler-generated worker-configuration.d.ts is gitignored, causing CI to
fail with missing ExportedHandler/Env/R2Bucket types. This file provides minimal
stubs for all Cloudflare Workers types used by the artifact upload Worker.
Co-Authored-By: glm-5-turbo <zai-org@claude-code-best.win>
* fix(query): shallow-copy messages before stripping toolUseResult
Previously the per-query cleanup mutated messagesForQuery entries in
place via `delete msg.toolUseResult`. Those entries are references
shared with mutableMessages (UI state), so the delete stripped the
field from the live message object. The next query can start within
milliseconds of tool_result creation — before the React UI commit
lands — so UserToolSuccessMessage's `!message.toolUseResult` check
returned null and tool.renderToolResultMessage was never called,
leaving tool-result rows blank.
Map to a stripped copy instead so mutableMessages keeps the original
for the UI. Downstream API transformations (applyToolResultBudget,
snip, microcompact) already build new arrays via .map(), so they
compose cleanly with this copy.
Co-Authored-By: glm-5.2 <zai-org@claude-code-best.win>
* feat(artifact): show uploaded URL inline below ExecuteExtraTool
Deferred tools (shouldDefer: true) are invoked via SearchExtraTools →
ExecuteExtraTool, so their tool_result rows used to render blank —
the UI looked up ExecuteExtraTool, which had no renderToolResultMessage,
and returned null. Add a generic delegation in ExecuteTool that forwards
renderToolResultMessage to the inner tool when it defines one, unwrapping
the { result, tool_name } envelope and the params from the input shape.
All 28 deferred tools can now render their own UI by defining
renderToolResultMessage.
For ArtifactTool specifically, render the uploaded URL as an OSC 8
hyperlink (Link component) in warning color so it's visually prominent,
with the expiry timestamp on a second line and a separate error branch.
Also add `error: z.string().optional()` to outputSchema — zod's default
strip mode was dropping the field, so error states never reached the UI.
Co-Authored-By: glm-5.2 <zai-org@claude-code-best.win>
* fix(cloud-artifacts): make Env stubs actually take effect in CI
The previous stub file (2e29e362) wrapped `interface Env` in
`declare global { ... }`, but the file has no top-level import/export so
it's a script, not a module. TS2669 forbids `declare global` in scripts,
and in .d.ts files that error is silently swallowed — so the Env stubs
were never merged into the global scope. Locally typecheck passed only
because worker-configuration.d.ts (gitignored) provided Env separately;
in CI / fresh clones, `BUCKET`, `MAX_BYTES`, `DEFAULT_TTL_DAYS`,
`PUBLIC_URL` were all missing on Env.
Drop the wrapper. Top-level `interface Env` in a script .d.ts is already
global ambient and merges with worker-configuration.d.ts via interface
declaration merging, so both environments typecheck cleanly.
Co-Authored-By: glm-5.2 <zai-org@claude-code-best.win>
---------
Co-authored-by: glm-5.2 <zai-org@claude-code-best.win>
265 lines
8.4 KiB
TypeScript
265 lines
8.4 KiB
TypeScript
import { z } from 'zod/v4'
|
||
import {
|
||
buildTool,
|
||
findToolByName,
|
||
type Tool,
|
||
type ToolDef,
|
||
type ToolUseContext,
|
||
type ToolResult,
|
||
type Tools,
|
||
} from 'src/Tool.js'
|
||
import { lazySchema } from 'src/utils/lazySchema.js'
|
||
import { createUserMessage } from 'src/utils/messages.js'
|
||
import { formatZodValidationError } from 'src/utils/toolErrors.js'
|
||
import {
|
||
extractDiscoveredToolNames,
|
||
isSearchExtraToolsEnabledOptimistic,
|
||
isSearchExtraToolsToolAvailable,
|
||
} from 'src/utils/searchExtraTools.js'
|
||
import { DESCRIPTION, getPrompt } from './prompt.js'
|
||
import { EXECUTE_TOOL_NAME } from './constants.js'
|
||
import { isDeferredTool } from '../SearchExtraToolsTool/prompt.js'
|
||
|
||
export const inputSchema = lazySchema(() =>
|
||
z.object({
|
||
tool_name: z
|
||
.string()
|
||
.describe(
|
||
'The exact name of the target tool to execute (e.g., "CronCreate", "mcp__server__action")',
|
||
),
|
||
params: z
|
||
.record(z.string(), z.unknown())
|
||
.describe('The parameters to pass to the target tool'),
|
||
}),
|
||
)
|
||
type InputSchema = ReturnType<typeof inputSchema>
|
||
|
||
export const outputSchema = lazySchema(() =>
|
||
z.object({
|
||
result: z.unknown(),
|
||
tool_name: z.string(),
|
||
}),
|
||
)
|
||
type OutputSchema = ReturnType<typeof outputSchema>
|
||
|
||
export type Output = z.infer<OutputSchema>
|
||
|
||
export const ExecuteTool = buildTool({
|
||
name: EXECUTE_TOOL_NAME,
|
||
searchHint: 'execute run invoke call a deferred tool by name with parameters',
|
||
maxResultSizeChars: 100_000,
|
||
isConcurrencySafe() {
|
||
return false
|
||
},
|
||
get inputSchema(): InputSchema {
|
||
return inputSchema()
|
||
},
|
||
get outputSchema(): OutputSchema {
|
||
return outputSchema()
|
||
},
|
||
async description() {
|
||
return DESCRIPTION
|
||
},
|
||
async prompt() {
|
||
return getPrompt()
|
||
},
|
||
async call(input, context, canUseTool, parentMessage, onProgress) {
|
||
const tools: Tools = context.options.tools ?? []
|
||
|
||
const targetTool = findToolByName(tools, input.tool_name)
|
||
if (!targetTool) {
|
||
return {
|
||
data: {
|
||
result: null,
|
||
tool_name: input.tool_name,
|
||
},
|
||
newMessages: [
|
||
createUserMessage({
|
||
content: `Tool "${input.tool_name}" not found. Use SearchExtraTools to discover available tools.`,
|
||
}),
|
||
],
|
||
}
|
||
}
|
||
|
||
// Guard: block execution of undiscovered deferred tools.
|
||
// When tool search is active, deferred tools must be discovered via
|
||
// SearchExtraTools first so the model has seen their schemas and knows
|
||
// the correct parameters. Executing an undiscovered tool almost always
|
||
// fails with parameter validation errors.
|
||
if (
|
||
isSearchExtraToolsEnabledOptimistic() &&
|
||
isSearchExtraToolsToolAvailable(tools) &&
|
||
isDeferredTool(targetTool)
|
||
) {
|
||
const discovered = extractDiscoveredToolNames(context.messages)
|
||
if (!discovered.has(input.tool_name)) {
|
||
return {
|
||
data: {
|
||
result: null,
|
||
tool_name: input.tool_name,
|
||
},
|
||
newMessages: [
|
||
createUserMessage({
|
||
content: `Tool "${input.tool_name}" has not been discovered yet. You must first use SearchExtraTools to discover this tool before executing it.\n\nUsage: SearchExtraTools("select:${input.tool_name}")`,
|
||
}),
|
||
],
|
||
}
|
||
}
|
||
}
|
||
|
||
// Check if the target tool is currently enabled
|
||
if (!targetTool.isEnabled()) {
|
||
return {
|
||
data: {
|
||
result: null,
|
||
tool_name: input.tool_name,
|
||
},
|
||
newMessages: [
|
||
createUserMessage({
|
||
content: `工具 "${input.tool_name}" 当前不可用:Remote Control 未连接。`,
|
||
}),
|
||
],
|
||
}
|
||
}
|
||
|
||
// Schema-validate params against the target tool BEFORE delegating.
|
||
// ExecuteExtraTool passes raw params straight from the model to
|
||
// validateInput/call without re-running the target's zod schema, so a
|
||
// wrong field name (e.g. 'schedule' instead of 'cron') or a missing
|
||
// required field reaches the tool as undefined and the first
|
||
// .trim()/.length/.split() crashes with "undefined is not an object".
|
||
// CronCreateTool's .trim() crash was the reported symptom; centralizing
|
||
// the check here covers every deferred tool without relying on each one
|
||
// to defensively guard its own validateInput. Duck-typed so MCP tools
|
||
// (whose schema is inputJSONSchema, not zod) skip this branch.
|
||
const targetSchema = targetTool.inputSchema as
|
||
| { safeParse?: (data: unknown) => unknown }
|
||
| undefined
|
||
if (targetSchema?.safeParse) {
|
||
const parsed = targetSchema.safeParse(input.params) as
|
||
| { success: true; data: Record<string, unknown> }
|
||
| { success: false; error: z.ZodError }
|
||
if (!parsed.success) {
|
||
return {
|
||
data: {
|
||
result: null,
|
||
tool_name: input.tool_name,
|
||
},
|
||
newMessages: [
|
||
createUserMessage({
|
||
content: formatZodValidationError(input.tool_name, parsed.error),
|
||
}),
|
||
],
|
||
}
|
||
}
|
||
// Use parsed params going forward — picks up .default() values and
|
||
// strips unknown keys for strictObject schemas so validateInput/call
|
||
// never see fields they don't expect.
|
||
input.params = parsed.data
|
||
}
|
||
|
||
// Validate input before delegating — prevents crashes when the model
|
||
// omits required params (e.g. TeamCreate without team_name →
|
||
// sanitizeName(undefined).replace() TypeError).
|
||
if (targetTool.validateInput) {
|
||
const validation = await targetTool.validateInput(
|
||
input.params as Record<string, unknown>,
|
||
context,
|
||
)
|
||
if (!validation.result) {
|
||
return {
|
||
data: {
|
||
result: null,
|
||
tool_name: input.tool_name,
|
||
},
|
||
newMessages: [
|
||
createUserMessage({
|
||
content: `Invalid parameters for tool "${input.tool_name}": ${validation.message}`,
|
||
}),
|
||
],
|
||
}
|
||
}
|
||
}
|
||
|
||
// Check permissions on the target tool
|
||
const permResult = await targetTool.checkPermissions?.(
|
||
input.params as Record<string, unknown>,
|
||
context,
|
||
)
|
||
if (permResult && permResult.behavior === 'deny') {
|
||
return {
|
||
data: {
|
||
result: null,
|
||
tool_name: input.tool_name,
|
||
},
|
||
newMessages: [
|
||
createUserMessage({
|
||
content: `Permission denied for tool "${input.tool_name}": ${permResult.message ?? 'Permission denied'}`,
|
||
}),
|
||
],
|
||
}
|
||
}
|
||
|
||
// Delegate execution to the target tool
|
||
const targetResult: ToolResult<unknown> = await targetTool.call(
|
||
input.params as Record<string, unknown>,
|
||
context,
|
||
canUseTool,
|
||
parentMessage,
|
||
onProgress,
|
||
)
|
||
|
||
return {
|
||
...targetResult,
|
||
data: {
|
||
result: targetResult.data,
|
||
tool_name: input.tool_name,
|
||
},
|
||
}
|
||
},
|
||
async checkPermissions() {
|
||
return {
|
||
behavior: 'passthrough',
|
||
message: 'ExecuteExtraTool delegates permission to the target tool.',
|
||
}
|
||
},
|
||
renderToolUseMessage(input) {
|
||
return `${input.tool_name}`
|
||
},
|
||
userFacingName() {
|
||
return 'ExecuteExtraTool'
|
||
},
|
||
mapToolResultToToolResultBlockParam(content, toolUseID) {
|
||
return {
|
||
tool_use_id: toolUseID,
|
||
type: 'tool_result',
|
||
content: JSON.stringify(content),
|
||
}
|
||
},
|
||
// Output shape: { result: <inner tool output>, tool_name: string }.
|
||
// Delegate rendering to the inner tool when it defines its own
|
||
// renderToolResultMessage so deferred tools can show their own UI
|
||
// (e.g. ArtifactTool displays its uploaded URL). Without this, the
|
||
// ExecuteExtraTool tool_result row renders nothing below the tool_use
|
||
// line. The inner tool expects its own input shape, so unwrap params.
|
||
//
|
||
// Inline the lookup rather than calling findToolByName — deferred tools
|
||
// are matched by exact name (no aliases needed), and avoiding the
|
||
// shared helper keeps this method resilient to src/Tool.js mocks in
|
||
// co-located test files (process-global mock.module pollution).
|
||
renderToolResultMessage(content, progressMessages, options) {
|
||
const innerTool = options.tools.find(t => t.name === content.tool_name)
|
||
if (!innerTool?.renderToolResultMessage) return null
|
||
const innerInput = (options.input as { params?: unknown } | undefined)
|
||
?.params
|
||
return innerTool.renderToolResultMessage(
|
||
content.result as never,
|
||
progressMessages,
|
||
{
|
||
...options,
|
||
input: innerInput,
|
||
},
|
||
)
|
||
},
|
||
} satisfies ToolDef<InputSchema, Output>)
|