upstream 取り込み PR #4: terminal 系 / 3 commits + dedupe fix#400
Merged
Conversation
…erset-sh#3546) * feat(desktop): safer defaults for builtin terminal agent presets Swap permission-bypass flags for each CLI's intended safe-but-useful mode (claude acceptEdits, codex --full-auto, gemini auto_edit, copilot --allow-all-tools). Drop mastracode/opencode/pi from the default seed since they are YOLO-by-default at the CLI level; they remain available via Quick-Add. Remove cursor-agent's --yolo suffix (silent no-op on the real binary). Existing users are preserved — the v1 terminalPresetsInitialized guard and v2 migration marker ensure stored commands are never rewritten. * test(desktop): update agent-launch-request fixture for new codex default buildPromptAgentLaunchRequest's terminal-command fixture hard-coded the old --dangerously-bypass-approvals-and-sandbox flag. Update it to the new --full-auto default so the test reflects the current builtin. * fix(desktop): address reviewer feedback on safe-default flag choices - gemini promptCommand: add --approval-mode=auto_edit so prompt/task launches use the same safety mode as terminal launches (flagged by cubic, greptile, and CodeRabbit) - copilot: switch from --allow-all-tools to --allow-tool=write. Per GitHub's own docs, --allow-all-tools "allows all tools to run automatically without confirmation" including shell, which contradicts the safe-by-default claim. --allow-tool=write auto- approves file edits only (analog of claude's acceptEdits). - docs: update copilot line; clarify mastracode/opencode/pi opt-in parentheticals so users understand why they're not auto-seeded.
…uperset-sh#3546 (superset-sh#3615) PR superset-sh#3546 swapped builtin terminal agent defaults to safer modes (claude acceptEdits, codex --full-auto, gemini auto_edit, copilot --allow-tool=write, cursor-agent without --yolo suffix). The v1 `terminalPresetsInitialized` guard and v2 migration marker preserved users' stored terminal-preset command strings, but the **agent-preset** resolution path (resolveAgentConfigs in packages/shared/src/agent-settings.ts) layers user overrides on top of the *current* builtin defaults — so any existing canary user who never customized claude/codex/gemini/copilot/cursor-agent silently had their resolved launch command swapped. Fix: one-shot backfill into agentPresetOverrides. New `agentPresetPermissionsMigratedAt` column in settings gates the migration to run exactly once per user. On first read of agent-preset overrides, if the user's stored `terminalPresets` row contains any of the 4 pre-superset-sh#3546 exact default command strings (meaning their seed happened on a pre-superset-sh#3546 build), we inject overrides for `command`/`promptCommand`/`promptCommandSuffix` carrying the legacy YOLO values, skipping any field the user has already customized. Fresh post-superset-sh#3546 installs have no legacy fingerprint, so the migration only stamps the timestamp and moves on.
superset-sh#3667) * fix(desktop): adopt Ghostty keyboard model in v2 terminal v2's terminal runtime only filtered app hotkeys. With kitty keyboard protocol enabled (needed for Shift+Enter disambiguation in claude-code, modifier reporting in neovim/helix), every Mac Cmd chord xterm saw got CSI-u encoded and leaked into TUIs as a literal char — and line-edit niceties like Cmd+Left/Right/Backspace and Option+Left/Right that v1 handles never worked at all. Mirror Ghostty's approach (src/input/key_encode.zig:534-545: "on macOS, command+keys do not encode text"): bubble every Mac Cmd chord out to the host before xterm's kitty encoder runs, then port v1's line-edit chord translators so shell navigation works the same in both renderers. Changes: - Broaden shouldBubbleClipboardShortcut's Mac branch to bubble all Cmd chords (not just Cmd+C/V with selection gating). v1 benefits too. - Port v1's line-edit translators into v2's custom key handler: Cmd+Left/Right/Backspace, Option+Left/Right, Windows Ctrl+Left/Right. Duplicates v1 for now; a follow-up can share the handler properly. - Wire shouldSelectAllShortcut into v2 so Cmd+A selects terminal buffer. - Use xterm.input(data, true) to inject translated sequences into the PTY (fires onData, forwarded by terminal-ws-transport). - Restructure tests around the new Mac rule. * fix(desktop): track kitty flags to gate Shift+Enter CSI-u injection When claude-code or codex pushes kitty progressive-enhancement flags (CSI > N u), the running program expects modified keys as CSI-u. xterm.js v6.1-beta tracks this internally but doesn't expose the active flags, so we mirror them via our own CSI handlers registered alongside xterm's built-ins (registering with return-false passes through to xterm too). With the disambiguate bit active, Shift+Enter now emits the canonical \x1b[13;2u that both claude-code and codex recognise — matching Ghostty / kitty / wezterm, which all gate CSI-u on program-initiated kitty mode (ghostty/src/input/key_encode.zig:88, kitty/key_encoding.c:153). Without kitty flags, Shift+Enter falls through to xterm.js's legacy encoding (plain \r), so bash / zsh still behave normally. Replaces the previous alt-screen heuristic, which incorrectly missed Ink-based TUIs like claude-code that render inline rather than in the alternate buffer. * chore(desktop): instrument v2 terminal keyboard path for diagnosis Add three toggleable diagnostic taps, all gated on localStorage flag `__kbdDebug=1`: - Every keydown that reaches the custom key handler: key / code / mods / current kitty flags. - Every kitty CSI push/set/pop with resulting flag state. - Every onData byte written to the PTY, shown as hex (non-printable escaped, printable verbatim) plus length and kitty flags. Second flag `__kbdDebugSkipOverride=1` temporarily disables our Shift+Enter CSI-u override so we can observe xterm.js's raw encoding. To use: in DevTools console, `localStorage.setItem('__kbdDebug', '1')` (optionally also `__kbdDebugSkipOverride`), reload the terminal pane, reproduce the bug, copy `[kbd:*]` logs. * fix(desktop): match Shift+Enter CSI-u form to active kitty flags Diagnostic trace showed xterm.js emits event-type-suffixed kitty sequences when the running program activates the report-events flag (0x02) — e.g. Escape release came through as \x1b[27;1:3u. Our override was hardcoded to \x1b[13;2u which is the right form only when disambiguate (0x01) is the sole flag; claude-code (which requests flags = 0x07) was rejecting the suffix-less form and submitting instead of newline. Inspect the flags at inject time: emit \x1b[13;2:1u (explicit press event type) when 0x02 is active, \x1b[13;2u otherwise. Also make kbdLog stringify its payload so DevTools shows the bytes inline instead of collapsing to "Object". * chore(desktop): log keyup too, in addition to keydown * chore(desktop): disable Shift+Enter override to capture xterm raw output * fix(host-service): claim TERM_PROGRAM=kitty so TUIs parse our CSI-u Diagnostic trace of v2 terminal Shift+Enter proved xterm.js v6 with kittyKeyboard is emitting the correct kitty-protocol bytes (\x1b[13;2u press + \x1b[13;2:3u release, same as Ghostty). Yet Shift+Enter still submits in claude-code — strings-dumped the claude-code binary and found the actual gate: Ix_ = { ghostty: "Ghostty", kitty: "Kitty", "iTerm.app": "iTerm2", WezTerm: "WezTerm", WarpTerminal: "Warp" } Its CSI-u parser keys off TERM_PROGRAM being in that allowlist. With our previous "Superset" value it ignored the bytes entirely and fell through to Node readline's legacy keypress handling, where Shift+Enter looks like plain Enter and submits. Claim "kitty" — the protocol origin. Fewer downstream version-gated branches than "ghostty" (which claude-code version-checks against 1.2.0) and safer than "iTerm.app" (color-depth gated on version <3.x). TERM_PROGRAM_VERSION stays as our host-service version; programs that care about real kitty version will hit our version string and probably fall back to conservative behaviour. * chore(desktop): remove diagnostic instrumentation and abandoned override code Root cause for claude-code Shift+Enter landed in host-service env.ts (TERM_PROGRAM=kitty). The renderer-side machinery we added while diagnosing is no longer needed: - kbdLog / kbdHex / kbdDebugSkipOverride console tap - createKittyFlagTracker (watched CSI > u pushes to gate the override) - KITTY_FLAG_DISAMBIGUATE / KITTY_FLAG_REPORT_EVENTS constants - shiftEnterCsiU helper - terminal.onData logging tap v2 terminal-runtime.ts is back to a simple createKeyEventHandler calling resolveHotkeyFromEvent → line-edit translators → select-all → clipboard bubble → xterm default. Shift+Enter now goes through xterm's native kitty encoder and claude-code parses it correctly because TERM_PROGRAM is in its allowlist. Net -142 LOC from renderer. * experiment(desktop): narrow Mac Cmd bubble back to VS Code-style Hypothesis: with TERM_PROGRAM=kitty claiming kitty in the claude-code / codex allowlist, kitty-aware TUIs parse CSI-u Cmd+chords correctly and don't show literal char garbage. The broader Ghostty-style "bubble every Mac Cmd chord" may have been overkill — needed only for TUIs that don't speak CSI-u. Revert the Mac branch of shouldBubbleClipboardShortcut to the original narrow rule (Cmd+V + Cmd+C-with-selection) to test. If kitty-aware TUIs stay clean AND non-kitty-aware ones (vim base, less, htop, tmux-without- kitty) are tolerable, we can ship simpler. Line-edit translators and Cmd+A select-all stay — those aren't kitty-specific, they're Mac-convention handling the shell expects regardless of kitty. * experiment(desktop): revert all renderer changes, keep only TERM_PROGRAM=kitty Aggressive minimum — strip terminal-runtime.ts and clipboardShortcuts.ts back to main. The only net change from main becomes: env.TERM_PROGRAM = "kitty" (was "Superset") If claude-code's CSI-u parsing handles Cmd+C/V/Left/Right correctly with TERM_PROGRAM now in the allowlist, and shell fallback is acceptable for the rest, this is the true minimum fix. Things that may regress and be worth checking: - Cmd+Left / Cmd+Right / Cmd+Backspace in shell (no translator → xterm sends CSI-u → bash readline ignores → no cursor navigation) - Option+Left / Option+Right (same, word navigation won't work in shell) - Cmd+A in shell (no select-all handler → CSI-u to PTY) - Cmd+C in vim / less / htop (no broad bubble → CSI-u reaches PTY; if those TUIs don't speak kitty they'll show garbage) If any of those bite, we restore the specific piece(s). * chore(host-service): trim TERM_PROGRAM comment to essentials
upstream superset-sh#3615 backfill cherry-pick の際に packages/shared/package.json に 既存と重複する export entry が追加された。duplicate key 警告を解消。
📝 Walkthroughウォークスルー複数のターミナルエージェント設定と関連テストを更新し、CLIフラグを変更しました。Codexは 変更内容
予想コード レビュー工数🎯 2 (Simple) | ⏱️ ~12 minutes 関連する可能性のあるPR
詩
🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
🧹 Preview Cleanup CompleteThe following preview resources have been cleaned up:
Thank you for your contribution! 🎉 |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (1)
packages/shared/src/builtin-terminal-agents.ts (1)
118-127:⚠️ Potential issue | 🟡 Minorkimi の
--yoloが残存し default preset に含まれる点は意図どおりですか?本 PR のテーマは "safer defaults" で、codex の
--dangerously-bypass-approvals-and-sandboxや gemini の--yolo、copilot の--allow-allはすべて置き換えられています。一方で kimi はcommand: "kimi --yolo"+promptCommandSuffix: "--yolo"のままincludeInDefaultTerminalPresets: trueが維持されており、apps/docs/content/docs/terminal-presets.mdxの Quick-Add 一覧からも(安全デフォルト群と対比させるかたちでは)省かれています。
- upstream
#3546側で kimi のフラグ変更が無かった、という事実上の現状維持であれば問題なし。- もし単に漏れているだけなら、
--yoloを外すか、mastracode/opencode/pi と同様に default preset から外す(includeInDefaultTerminalPresetsを落とす)方が PR 全体のメッセージと整合します。意図的な温存かどうかだけご確認ください。
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@packages/shared/src/builtin-terminal-agents.ts` around lines 118 - 127, The preset for the builtin terminal agent with id "kimi" still includes the unsafe flag "--yolo" in command and promptCommandSuffix while also being included in default presets via includeInDefaultTerminalPresets: true; either remove the "--yolo" occurrences from command and promptCommandSuffix or set includeInDefaultTerminalPresets to false to align with the "safer defaults" changes (update the createBuiltinTerminalAgent call for id "kimi" to reflect the chosen fix).
🧹 Nitpick comments (2)
apps/docs/content/docs/terminal-presets.mdx (1)
48-48: nit:codex ... --full-autoの省略記号は他行と不統一他のエージェント(claude / gemini / copilot など)は Quick-Add コマンドを完全な形で示していますが、codex 行だけ
...で省略されています。読者が "...はそのまま打つのか、何かが省略されているのか" で迷う可能性があるので、完全形にするか、"(-c model_reasoning_effort="high"等の reasoning 設定は省略)" のような注記を足すと親切です。💡 表現案
-- **codex** - `codex ... --full-auto` (workspace-sandboxed) ++ **codex** - `codex -c model_reasoning_effort="high" -c model_reasoning_summary="detailed" -c model_supports_reasoning_summaries=true --full-auto` (workspace-sandboxed)🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@apps/docs/content/docs/terminal-presets.mdx` at line 48, 行の省略記号が他のエージェント行と不統一で読者が混乱するため、"codex - `codex ... --full-auto`" を修正してください。具体的には、該当行(codex の Quick-Add 表記)を他行と同様に完全なコマンド表記に置き換えるか、もしくは省略しているオプション(例: `-c model_reasoning_effort="high"` 等の reasoning 設定)を括弧注記で明示して、読者に「実際に入力するのは省略されている部分を含む」ことが分かるようにしてください。packages/shared/src/agent-command.test.ts (1)
15-30: LGTM — claude / codex の新フラグに追従codex の
--full-auto --挿入位置、claude の--permission-mode acceptEditsプレフィックスとも、builtin-terminal-agents.ts側の定義変更と一致しています。補足(任意): 本 PR では gemini / copilot も
commandとpromptCommandを変更していますが、対応するbuildAgentPromptCommandのテストは追加されていません。回帰検知を強化したければ、gemini(--approval-mode=auto_edit)および copilot(-i --allow-tool=write)の prompt 構築についても同様のケースを足しておくと安心です(本 PR 必須ではありません)。🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@packages/shared/src/agent-command.test.ts` around lines 15 - 30, Add tests for gemini and copilot in the buildAgentPromptCommand spec similar to the existing codex/claude cases: verify buildAgentPromptCommand({agent: "gemini", ...}) produces the new gemini prefix/flag (--approval-mode=auto_edit) and the heredoc marker with the randomId, and verify buildAgentPromptCommand({agent: "copilot", ...}) produces the new copilot flags (-i --allow-tool=write) and the correct heredoc marker; refer to the buildAgentPromptCommand function and the agent definitions in builtin-terminal-agents.ts to match exact expected strings and ensure the tests assert the command contains both the agent-specific flags and the prompt delimiter.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Outside diff comments:
In `@packages/shared/src/builtin-terminal-agents.ts`:
- Around line 118-127: The preset for the builtin terminal agent with id "kimi"
still includes the unsafe flag "--yolo" in command and promptCommandSuffix while
also being included in default presets via includeInDefaultTerminalPresets:
true; either remove the "--yolo" occurrences from command and
promptCommandSuffix or set includeInDefaultTerminalPresets to false to align
with the "safer defaults" changes (update the createBuiltinTerminalAgent call
for id "kimi" to reflect the chosen fix).
---
Nitpick comments:
In `@apps/docs/content/docs/terminal-presets.mdx`:
- Line 48: 行の省略記号が他のエージェント行と不統一で読者が混乱するため、"codex - `codex ... --full-auto`"
を修正してください。具体的には、該当行(codex の Quick-Add
表記)を他行と同様に完全なコマンド表記に置き換えるか、もしくは省略しているオプション(例: `-c model_reasoning_effort="high"`
等の reasoning 設定)を括弧注記で明示して、読者に「実際に入力するのは省略されている部分を含む」ことが分かるようにしてください。
In `@packages/shared/src/agent-command.test.ts`:
- Around line 15-30: Add tests for gemini and copilot in the
buildAgentPromptCommand spec similar to the existing codex/claude cases: verify
buildAgentPromptCommand({agent: "gemini", ...}) produces the new gemini
prefix/flag (--approval-mode=auto_edit) and the heredoc marker with the
randomId, and verify buildAgentPromptCommand({agent: "copilot", ...}) produces
the new copilot flags (-i --allow-tool=write) and the correct heredoc marker;
refer to the buildAgentPromptCommand function and the agent definitions in
builtin-terminal-agents.ts to match exact expected strings and ensure the tests
assert the command contains both the agent-specific flags and the prompt
delimiter.
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: 3d33f3c5-948b-477d-9078-43f2d8ccf672
⛔ Files ignored due to path filters (1)
bun.lockis excluded by!**/*.lock
📒 Files selected for processing (6)
apps/desktop/src/shared/utils/agent-launch-request.test.tsapps/docs/content/docs/terminal-presets.mdxpackages/host-service/src/terminal/env.test.tspackages/host-service/src/terminal/env.tspackages/shared/src/agent-command.test.tspackages/shared/src/builtin-terminal-agents.ts
This was referenced Apr 24, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
upstream 取り込みバッチ 4: terminal 系 3 commits + dedupe fix。Codex 事前調査を経て、対象 11 commits のうち大部分が fork で既に同等実装を持つ領域と判明し、残る 3 commits を取り込み。
取り込み内容(3 commits + 1 dedupe fix)
0070_*と重複のため skip)除外した 8 commits(理由別)
fork 既取り込み相当(cherry-pick で empty commit 判定 = 実質変化ゼロ)
0169f1430a66(fix(desktop): allowlist URL schemes before shell.openExternal superset-sh/superset#3650 URL allowlist) — forksafeOpenExternal相当b2278b1f7e3b(fix(desktop): terminal paste auto-submits first line without bracketed paste superset-sh/superset#3582 paste auto-submit) — fork の bracketed paste で既対応aa23ae3b1850(fix(desktop): stop excessive lsof spawning from port scanner (#3372) superset-sh/superset#3547 port scanner excessive lsof) — fork は既にgetProcessName/getProcessCommandWindows 分岐 + lsof throttle 実装済みc8f34d874828(fix(desktop): unblock v1 terminal user input during shell init (#3478) superset-sh/superset#3550 v1 shell init input unblock) — fork の broadcast coalescing /preReadyStdinQueue廃止で同等動作56e6652ef91b(fix(desktop): recover terminal from non-monospace font crash (#3513) superset-sh/superset#3554 non-monospace font crash) — fork は既にsanitizeTerminalFontFamily導入済み19c0d13b47b8(fix(desktop): restore terminal buffer after Unicode 11 activation superset-sh/superset#3581 Unicode 11 buffer restore) — fork terminal buffer 機能で対応済み5e8fc2d49e4e(fix(desktop): refresh v2 terminal link tooltip editor + nudge plain clicks superset-sh/superset#3552 v2 terminal link tooltip) — fork v2 lifecycle で対応済みPR #4 scope 外へ移動
ae5cd60bc2fa(fix(desktop): v2 file-open honors CMD+O editor choice superset-sh/superset#3674 v2 file-open CMD+O editor choice) — conflict 範囲が 5 ファイルに跨り fork の v1/v2 共通領域 (external/index.ts,usePathActions,FileTreeItemなど) と衝突。PR #2b (大物 feature) で feat(v2): minimal project create/import for workspaces superset-sh/superset#3566 と一緒に処理Fork 側のコンフリクト解決
apps/desktop/src/main/lib/terminal/port-scanner.ts(fix(desktop): stop excessive lsof spawning from port scanner (#3372) superset-sh/superset#3547 の conflict): fork のgetProcessName/getProcessCommand/getProcessCommandWindowsWindows 分岐 (wmic+ PowerShell fallback) を完全維持(PR upstream取り込み: 安全な29コミット (安全・おそらく安全) #388 で復元した機能)apps/desktop/src/main/terminal-host/session.ts(fix(desktop): unblock v1 terminal user input during shell init (#3478) superset-sh/superset#3550 の conflict): fork の broadcast coalescing (queueBroadcastData/flushPendingBroadcastData) を維持apps/desktop/src/renderer/.../Terminal/Terminal.tsx(fix(desktop): recover terminal from non-monospace font crash (#3513) superset-sh/superset#3554 の conflict): fork のTERMINAL_OPTIONSimport を維持apps/desktop/package.json/bun.lock(fix(desktop): restore terminal buffer after Unicode 11 activation superset-sh/superset#3581 の conflict): fork 固有依存@vscode/ripgrep,@xyflow/reactを維持packages/local-db/drizzle/meta/_journal.json/0040_snapshot.json(fix(desktop): backfill legacy permissions for canary users exposed to #3546 superset-sh/superset#3615 の conflict): PR upstream取り込み: 安全な29コミット (安全・おそらく安全) #388 で修復した fork 側 migration state を維持し、upstream の0040_agent_preset_permissions_migrated_at.sqlは取り込まない (fork の0070_*と重複)Fork 固有機能ヘルスチェック
作業前 baseline (
/tmp/pr4-baseline/fork-features.txt) と作業後を grep で照合。全 14 項目変化なし:ansi_up,@vscode/ripgrep,@xyflow/react依存TERMINAL_OPTIONS(5 ファイル)SUPERSET_WORKSPACE_NAME(24 箇所)moonshot-ai.kimi-code,MainWindowEffects,INCEPTION_AUTH_PROVIDER_IDlistBranchessortOrder/pinDefaultBROWSER_RELOAD,dmg.size="4g"Codex 事前調査レポート
/tmp/pr4-codex-preanalysis.md参照。PR #388 で既に大半の terminal fixes が取り込まれていたため、今回の取り込み実質差分は 3 commits に留まる。Test plan
bun install正常完了bun run typecheckグリーン (27/27 task)bun run lintグリーン (4058 files checked)次の PR
1f2c093+#3674v2 file-open + feat(v2): minimal project create/import for workspaces superset-sh/superset#3566 + Chat UX + scheduled agent runsSummary by CodeRabbit
リリースノート
バグ修正
ドキュメント