* fix(system): increase process list limit and improve Docker detection for openEuler
Root cause analysis for issue #1453:
1. Process list limit too low: The `head -n 200` pipeline capped the process
list at 200 entries, causing the displayed count to mismatch `ps aux | wc -l`
on systems with many processes (common on openEuler servers with Docker,
databases, etc.). Increased limit from 200 to 2000 for both Linux/SSH
(ps) and Windows (PowerShell) backends.
2. Docker detection failure on openEuler 24.03: The capability probe only
relied on `docker info >/dev/null 2>&1`, which can fail even when Docker
is running due to:
- SSH exec channel environment differences vs interactive shell
- Docker socket permission variations in non-interactive sessions
- Different socket path configurations on openEuler
Added a fallback: if `docker info` fails but the Docker socket exists at
`/var/run/docker.sock`, Docker is still detected as available. This
matches the behavior of other SSH terminal clients.
* fix(system): also add Docker socket fallback to fallback probe script for consistency
* fix(system): remove hardcoded process list limit, add capability probe TTL, auto-reprobe on tab switch
Three remaining issues from PR #1455:
1. Remove hardcoded `head -n 2000` / `Select-Object -First 2000`
process list limits — virtual list handles rendering efficiently.
2. Add 60-second TTL to sessionCapabilitiesStore cache. `get()` returns
undefined for expired entries, forcing re-probe on next access.
`set()` always refreshes `probedAt`. Export CAPABILITIES_TTL_MS
constant for future tuning.
3. Auto-trigger capability re-probe when switching to Docker/Tmux tab
whose tool was previously reported unavailable — handles the case
where Docker/Tmux was installed after the last probe.
* fix: replace Docker socket -S check with -r for permission accuracy; sync capabilities TTL with process refresh interval
- Change [ -S /var/run/docker.sock ] to [ -r /var/run/docker.sock ] in
both the main capability probe script and the POSIX fallback (electron bridge).
-r verifies the socket exists AND the current user has read permission,
preventing false-positive Docker detection that leads to failed Docker ops.
- Remove hardcoded CAPABILITIES_TTL_MS (60s) from sessionCapabilitiesStore.
Store now computes expiresAt internally in set(ttlMs) and checks it in get()
without requiring a parameter at call sites.
- useSessionCapabilities and useSystemCapabilitiesWarmup accept a
capabilitiesTtlMs parameter derived from
terminalSettings.systemManagerProcessRefreshInterval (default 3s → 3 000ms).
- SystemManagerSidePanel passes the TTL from terminalSettings to the hook.
- TerminalLayerTabBridge passes TTL from stableRef settings to warmup hook.
- Fix missing refreshCapabilities destructuring in SystemManagerSidePanel.
* fix: restore process list safety cap (head -n 2000 / -First 2000)
Codex review flagged that removing the process list cap entirely could cause
timeout/maxBuffer issues on process-dense hosts. Restore head -n 2000 (POSIX)
and -First 2000 (Windows) as a safety guard with comments clarifying this is
NOT a functional limit — monitored processes still show accurate metrics.
* fix: hoist useRef/useEffect before early returns to fix React hook order violation
The useRef and useEffect for tab-switch re-probe were placed after early returns
for missing/disconnected sessions. When a session later connects, React discovers
new hooks that weren't registered before, causing hook order violation crashes.
Moved both hooks immediately after the resolvedTab computation, before any early
return path, satisfying React's Rules of Hooks.
* fix: change Docker detection from OR to AND (CLI + socket)
Both capability detection and fallback probe now require:
- docker CLI is on PATH (command -v docker)
- docker.sock is readable ([ -r /var/run/docker.sock ])
Previously used OR logic (docker info || socket readable),
which could report hasDocker=true even when docker CLI
was unavailable (e.g., non-login SSH shell).
Fixes#1453
* fix(system-monitor): prefer docker info, fallback to CLI+socket
Co-authored-by: Codex <codex@anthropic.com>
Changes:
- Line 12: Replace strict CLI+socket check with docker info first,
falling back to CLI+socket check only if docker info fails.
- Line 139: Same fix in the fallback probe script.
This handles DOCKER_HOST, Docker contexts, and rootless Docker.
* fix: notify subscribers when TTL expires in sessionCapabilitiesStore.get()
When capabilitiesBySessionId.get() finds an expired entry, it deletes the
entry but did not notify session subscribers. This caused components to
stale capabilities until the next successful set() call.
Now get() calls notifySession() on expiry, matching the notification
behavior already present in delete().
- Remove outdated SFTP upload message and replace it with ZMODEM-specific messages in English, Russian, and Chinese locales.
- Add a new function to handle ZMODEM drag-and-drop uploads in the terminal backend.
- Update terminal components to support ZMODEM drag-and-drop functionality.
- Enhance error handling for file uploads and provide user feedback for no files to upload.
- Introduce tests to verify ZMODEM upload behavior and fallback to SFTP for network devices.
Introduce workspace-aware System side panel with remote process/tmux/Docker management, terminal popup for interactive attach, capability warmup, review-hardened IPC, performance optimizations, toast action errors, and SSH channel recovery on reconnect.
* feat(terminal): add remote command history side panel
Read remote shell history over SSH/ET/Mosh exec channels, browse it in a virtualized side panel with search, paste, and save-as-snippet actions. Closes#1381.
Co-authored-by: Cursor <cursoragent@cursor.com>
* fix(history): expand command detail inline below selected row
Move the detail strip from a fixed slot above the list into the row
immediately below the clicked entry so expansion reads top-to-bottom.
Co-authored-by: Cursor <cursoragent@cursor.com>
* fix(history): filter Netcatty AI PTY commands from remote history
Drop shell history lines containing the __NCMCP_ marker so AI exec noise
does not clutter the command history panel.
Co-authored-by: Cursor <cursoragent@cursor.com>
* fix(history): tighten detail strip and add run action
Size the expanded row to its content, add a run-in-terminal button, and
use clearer snippet icon/tooltip for save-as-snippet.
Co-authored-by: Cursor <cursoragent@cursor.com>
* fix(history): address review findings before merge
Key cache by host+session, retry Mosh pending reads, and clamp virtual
list scroll position when filtered items shrink.
Co-authored-by: Cursor <cursoragent@cursor.com>
---------
Co-authored-by: Cursor <cursoragent@cursor.com>
* feat(et): support server stats for EternalTerminal sessions
- Generalize the Mosh stats companion into reusable connection helpers
- Open a companion SSH connection so the host-info bar works for ET sessions
- Fall back to execOnEtSession for jumped ET sessions without a direct connection
- Forward host-key and algorithm options to the ET backend for companion parity
- Close the ET stats companion on session close, cleanup, and PTY exit
* fix(et): harden stats exec host-key trust and cleanup
Enforce StrictHostKeyChecking=yes for background ET stats/distro probes
instead of accept-new, merge vault known_hosts for parity with ssh2
companions, and wrap companion connection teardown in try/catch.
Co-authored-by: Cursor <cursoragent@cursor.com>
---------
Co-authored-by: bincxz <16399091+binaricat@users.noreply.github.com>
Co-authored-by: Cursor <cursoragent@cursor.com>
Windows + Node >= 24: spawning .cmd files with shell=false causes EINVAL.
Claude Code v2.1.169 ships as native binary (no cli.js), npm global install
creates only claude.cmd. Netcatty detected claude.cmd but spawned it with
shell:false -> EINVAL.
Changes:
- resolveWindowsShimToNativeExe: new function that reads .cmd/.bat shims
and resolves to the real .exe using "%~dp0\...\*.exe" pattern matching
- prepareCommandForSpawn: tries native exe resolution first, falls back
to shell:true wrapping
- resolveClaudeCodeExecutableForSdk: when cli.js not found, looks for
bin/claude.exe native binary
- 3 new tests for shim resolution and spawn spec
- Codex CLI unaffected (already handles native exe resolution)
Test: 38/38 shellUtils tests pass, npx tsc --noEmit clean
Fix terminal drag-and-drop uploads so they target the active terminal cwd and avoid fallback home/login-shell cwd when the active cwd cannot be confirmed.
Add issue #1293 screenshot-exact cases for sudo/telnet autofill and
include English password in the handleOutput fast-path bypass.
Co-authored-by: Cursor <cursoragent@cursor.com>
Kylin Professional's sudo prompt doesn't include the [sudo] tag and
doesn't end with a colon. The existing regex patterns required either
[sudo] or a trailing colon, causing the autofill hint to never fire.
Changes:
- Make trailing colon optional in SUDO_PROMPT_PATTERN and
EXPLICIT_SUDO_PROMPT_PATTERN (terminalSudoAutofill.ts)
- Update fast path to not skip output containing Chinese password
keywords (密码/口令) that lack a colon
- Make trailing colon/angle-bracket optional in telnet username and
password prompt patterns (telnetAutoLogin.cjs)
- Also relax LAST_LOGIN_PATTERN for consistency
- Add Kylin-style test cases for both sudo and telnet auto-login
Expose whole-window transparency via setOpacity with settings and a top-bar quick control, persisting across restarts and syncing across windows.
Co-authored-by: Cursor <cursoragent@cursor.com>
* fix(telnet, sudo): support Chinese-localized prompts with full-width colons (#1286)
Two bugs in prompt detection for Chinese-locale users:
1. telnetAutoLogin: USERNAME_PROMPT_PATTERN, PASSWORD_PROMPT_PATTERN,
and LAST_LOGIN_PATTERN only matched half-width colon ':' or '>'.
Chinese-locale telnet prompts use full-width colon ':' (U+FF1A),
e.g. '登录:', '密码:'. Changed [:'>] to [::'|] in all three
patterns to accept both colon variants.
2. terminalSudoAutofill: EXPLICIT_SUDO_PROMPT_PATTERN required
'[sudo]' (closing bracket immediately after 'sudo'), but Chinese
sudo prompts use '[sudo: authenticate] 密码:' format where sudo
is followed by colon. Changed \[sudo\] to \[sudo[^\]]*\] to
match any '[sudo...]' variant, making the explicit (no-arm-needed)
hint detection work for Chinese locale.
Fixes#1286
* fix: restore OSC stripping pattern broken in previous commit
The regex negated character class [^\x07]* was truncated to just \x07,
breaking OSC sequence stripping (e.g. window title changes embedded in
terminal output). Restore the original negated class so stripTerminalControl-
Sequences continues to remove OSC title sequences before prompt detection.
This was caught by Codex review of PR #1288.
The dedupe in startSession.cjs runs under `with(ctx)`, where ctx is wired
with sshBridge.cjs's own local findDefaultPrivateKey /
findAllDefaultPrivateKeys — not the sshAuthHelper.cjs copies. The
characterization test targeted the helper's exports, which the connect
path never calls (sshAuthHelper.findDefaultPrivateKey has no production
consumers at all), so it gave false confidence and the in-code comment
pointed at the wrong test.
Expose the local pair as _findDefaultPrivateKey / _findAllDefaultPrivateKeys
(matching the existing _-prefixed test-export convention) and retarget the
test at them, so it actually guards the path the optimization depends on.
Behavior is unchanged; the two local functions are verified equivalent.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Every SSH connect ran two separate ~/.ssh scans back-to-back:
findDefaultPrivateKey() then findAllDefaultPrivateKeys(). They share
identical filter/sort/encrypted-skip logic, so the first scan's result
is exactly findAllDefaultPrivateKeys()[0]. Derive the preferred default
key from the full list (scanned once) instead, and kick that single scan
off before the identity-file / inline-key preparation so the filesystem
work overlaps the key prep instead of running serially after it.
Behavior is unchanged: auth order and fallback keys are identical. The
equivalence the dedupe relies on is pinned by a new characterization
test against a faked ~/.ssh.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Adds a tab context menu action to duplicate a terminal into an independent peer window, with per-window active-tab titles and multi-window lifecycle safeguards.