the PR spiraled and ended up being much larger than anticipated.
it is a refactor of wshrouter to have it track "links" as opposed to
just routes. this lets us simplify a lot of things when it comes to
multi-level routing.
* now the router can handle unauthenticated links directly, instead of a
weird limbo in wshproxy
* no more wshmultiproxy
* no more "authtoken" weirdness
* more straightforward handling in connserver (when using router option)
also adds more debugging, more logging, some windows fixes, other wsl
fixes
We were too conservative by defaulting ignorebrackedpastemode in
xterm.js to true. it should have been set to false. this solves issues
with pasting multi-line strings into zsh, claude code, etc.
add a new context menu option to more easily disable if you're in a
weird ssh session or a REPL that doesn't support bracketedpaste.
* load manifest metadata into the FE
* builder only edits draft/ apps (convert local => draft)
* gofmt app.go after saving (AI tools and manual user save)
* dont open duplicate builder windows
* remix app context menu in waveapp
* add icon/iconcolor in appmeta and implement in the wave block frame
* build manifest
* working on secrets injection (secretstore + secret-bindings.json)
* tool progress indicators
* build output and errors injected as the result of the edit calls so AI
gets instant feedback on edits
* change edits to not be atomic (allows AI to make better progress)
* updated binary location for waveapps
* publish button
* new partial json parser (for sending incremental tool progress
indication)
* updated tsunami view to use new embedded scaffold + config vars
* lots of work on cleaning up the output so it is more useful to users +
AI agents
* fix builder init flow
Got preview hooked up, log output hooked up, environment tab hooked
up... the controller, restarting the apps. it is actually working! still
lots to do and lots of hard coding to fix, but it is coming together...
- mark last command / prompts in xterm.js
- split out term model into its own file
- try to detect repl/shells/ssh/tmux etc commands that stop wave ai
integration
- show icons in term headers for whether wave ai integration is
available
- keep integration status / last command client side (sync with server
on reload)
* add automatic OSC 7 support to bash and zsh
* add new wave OSC 16162 (planck length) to get up-to-date shell
information into blockrtinfo. currently implemented only for zsh. bash
will not support as rich of data as zsh, but we'll be able to do some.
* new rtinfo will be used to provide better context for AI in the
future, and to make sure AI is running safe commands.
* added a small local machine description to tab context (so AI knows
we're running on MacOS, Linux, or Windows)
Massive PR, over 13k LOC updated, 128 commits to implement the first pass at the new Wave AI panel. Two backend adapters (OpenAI and Anthropic), layout changes to support the panel, keyboard shortcuts, and a huge focus/layout change to integrate the panel seamlessly into the UI.
Also fixes some small issues found during the Wave AI journey (zoom fixes, documentation, more scss removal, circular dependency issues, settings, etc)
checkpoint. good to merge. we have a working tsunami view inside of wave (with lots of caveats). but enough for some dev testing. merge so we dont drift too far from main and while we're at a stable point.
This makes it possible to disable wsh for WSL connections. While this is
not recommended, it brings the code closer to the SSH connection
implementation and will make it easier to consolidate the two in the
future.
lots of misc connection refactoring / fixes:
* adds blocklogger as a way to writing logging information from the backend directly to the a terminal block
* use blocklogger in conncontroller
* use blocklogger in sshclient
* fix remote name in password prompt
* use sh -c to get around shell weirdness
* remove cmd.exe special cases
* use GetWatcher().GetFullConfig() rather than re-reading the config file
* change order of things we do when establishing a connection. ask for wsh up front. then do domain socket, then connserver
* reduce number of sessions required in the common case when wsh is already installed. running the connserver is now a "multi-command" which checks if it is installed, then asks for the version
* send jwt token over stdin instead of in initial command string
* fix focus bug for frontend conn modal
* track more information in connstatus
* simplify wshinstall function
* add nowshreason
* other misc cleanup
* use pwsh over powershell if installed (on windows) for default shell
* refactor blockcontroller.DoRunShellCommand into a "setup" and "manage" phase
* fix wshcmd-conn to also disconnect wsl connections
* new genconn interfaces to make a standardized environment to run SSH/WSL commands via `sh -c`. also create better quoting functions that are composable
* replace html/template with text/template for shell command templating (avoids special chars getting turned into HTML entities, breaking the commands)
* do not reinstall wsh if the installed version has a higher version (prevents flip-flopping on shared systems)
* simplify clientOs/clientArch detection. use `uname -sm`. also validate the os/arch combo as compatible with our builds.
* replace CpHostToRemote with CpWshToRemote. hard codes wsh paths inside of the function instead of having them passed in (quoting restrictions)
* new SyncBuffer class to use with commands that properly synchronizes Writes/String output
* fix setTermSize to actually update DB with terminal size
implements `wsh run` command. lots of fixes (and new options) for command blocks. cleans up the UX/UI for command blocks. lots of bug fixes for blockcontrollers. other minor bug fixes.
also makes editor:* vars into settings override atoms.
Fixes
[https://github.com/wavetermdev/waveterm/security/code-scanning/50](https://github.com/wavetermdev/waveterm/security/code-scanning/50)
To fix the problem, we need to ensure that the size computation for the
allocation does not overflow. This can be achieved by validating the
length of `barr` before performing the arithmetic operation. We will set
a maximum allowable size for `barr` to ensure that the sum of
`oscPrefixLen(oscNum)` and `len(barr)` does not exceed the maximum value
for an `int`.
1. Define a maximum allowable size for `barr` (e.g., 64 MB).
2. Check the length of `barr` against this maximum size before
performing the allocation.
3. If `barr` exceeds the maximum size, return an error.
_Suggested fixes powered by Copilot Autofix. Review carefully before
merging._
---------
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
This migrates all remaining eventbus events sent over the websocket to
use the wps interface. WPS is more flexible for registering events and
callbacks and provides support for more reliable unsubscribes and
resubscribes.
This keeps the TermSize in RuntimeOpts which allows the terminally to be
correctly sized when reloading a block. Also, it seems to correctly size
the terminal on an app reboot (or at least immediately fixes it).
