hai/gstack
1
0
Fork 0
mirror of https://github.com/garrytan/gstack.git synced 2026-05-18 10:31:30 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat: GStack Browser — double-click AI browser with anti-bot stealth (#695)

Browse Source 
* feat: CDP inspector module — persistent sessions, CSS cascade, style modification

New browse/src/cdp-inspector.ts with full CDP inspection engine:
- inspectElement() via CSS.getMatchedStylesForNode + DOM.getBoxModel
- modifyStyle() via CSS.setStyleTexts with headless page.evaluate fallback
- Persistent CDP session lifecycle (create, reuse, detach on nav, re-create)
- Specificity sorting, overridden property detection, UA rule filtering
- Modification history with undo support
- formatInspectorResult() for CLI output

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* feat: browse server inspector endpoints + inspect/style/cleanup/prettyscreenshot CLI

Server endpoints: POST /inspector/pick, GET /inspector, POST /inspector/apply,
POST /inspector/reset, GET /inspector/history, GET /inspector/events (SSE).
CLI commands: inspect (CDP cascade), style (live CSS mod), cleanup (page clutter
removal), prettyscreenshot (clean screenshot pipeline).

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* feat: sidebar CSS inspector — element picker, box model, rule cascade, quick edit

Extension changes for the visual CSS inspector:
- inspector.js: element picker with hover highlight, CSS selector generation,
  basic mode fallback (getComputedStyle + CSSOM), page alteration handlers
- inspector.css: picker overlay styles (blue highlight + tooltip)
- background.js: inspector message routing (picker <-> server <-> sidepanel)
- sidepanel: Inspector tab with box model viz (gstack palette), matched rules
  with specificity badges, computed styles, click-to-edit quick edit,
  Send to Agent/Code button, empty/loading/error states

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* docs: document inspect, style, cleanup, prettyscreenshot browse commands

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* feat: auto-track user-created tabs and handle tab close

browser-manager.ts changes:
- context.on('page') listener: automatically tracks tabs opened by the user
  (Cmd+T, right-click open in new tab, window.open). Previously only
  programmatic newTab() was tracked, so user tabs were invisible.
- page.on('close') handler in wirePageEvents: removes closed tabs from the
  pages map and switches activeTabId to the last remaining tab.
- syncActiveTabByUrl: match Chrome extension's active tab URL to the correct
  Playwright page for accurate tab identity.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* feat: per-tab agent isolation via BROWSE_TAB environment variable

Prevents parallel sidebar agents from interfering with each other's tab context.

Three-layer fix:
- sidebar-agent.ts: passes BROWSE_TAB=<tabId> env var to each claude process,
  per-tab processing set allows concurrent agents across tabs
- cli.ts: reads process.env.BROWSE_TAB and includes tabId in command request body
- server.ts: handleCommand() temporarily switches activeTabId when tabId is present,
  restores after command completes (safe: Bun event loop is single-threaded)

Also: per-tab agent state (TabAgentState map), per-tab message queuing,
per-tab chat buffers, verbose streaming narration, stop button endpoint.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* feat: sidebar per-tab chat context, tab bar sync, stop button, UX polish

Extension changes:
- sidepanel.js: per-tab chat history (tabChatHistories map), switchChatTab()
  swaps entire chat view, browserTabActivated handler for instant tab sync,
  stop button wired to /sidebar-agent/stop, pollTabs renders tab bar
- sidepanel.html: updated banner text ("Browser co-pilot"), stop button markup,
  input placeholder "Ask about this page..."
- sidepanel.css: tab bar styles, stop button styles, loading state fixes
- background.js: chrome.tabs.onActivated sends browserTabActivated to sidepanel
  with tab URL for instant tab switch detection

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* test: per-tab isolation, BROWSE_TAB pinning, tab tracking, sidebar UX

sidebar-agent.test.ts (new tests):
- BROWSE_TAB env var passed to claude process
- CLI reads BROWSE_TAB and sends tabId in body
- handleCommand accepts tabId, saves/restores activeTabId
- Tab pinning only activates when tabId provided
- Per-tab agent state, queue, concurrency
- processingTabs set for parallel agents

sidebar-ux.test.ts (new tests):
- context.on('page') tracks user-created tabs
- page.on('close') removes tabs from pages map
- Tab isolation uses BROWSE_TAB not system prompt hack
- Per-tab chat context in sidepanel
- Tab bar rendering, stop button, banner text

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix: resolve merge conflicts — keep security defenses + per-tab isolation

Merged main's security improvements (XML escaping, prompt injection defense,
allowed commands whitelist, --model opus, Write tool, stderr capture) with
our branch's per-tab isolation (BROWSE_TAB env var, processingTabs set,
no --resume). Updated test expectations for expanded system prompt.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* chore: bump version and changelog (v0.13.9.0)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix: add inspector message types to background.js allowlist

Pre-existing bug found by Codex: ALLOWED_TYPES in background.js was missing
all inspector message types (startInspector, stopInspector, elementPicked,
pickerCancelled, applyStyle, toggleClass, injectCSS, resetAll, inspectResult).
Messages were silently rejected, making the inspector broken on ALL pages.

Also: separate executeScript and insertCSS into individual try blocks in
injectInspector(), store inspectorMode for routing, and add content.js
fallback when script injection fails (CSP, chrome:// pages).

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* feat: basic element picker in content.js for CSP-restricted pages

When inspector.js can't be injected (CSP, chrome:// pages), content.js
provides a basic picker using getComputedStyle + CSSOM:
- startBasicPicker/stopBasicPicker message handlers
- captureBasicData() with ~30 key CSS properties, box model, matched rules
- Hover highlight with outline save/restore (never leaves artifacts)
- Click uses e.target directly (no re-querying by selector)
- Sends inspectResult with mode:'basic' for sidebar rendering
- Escape key cancels picker and restores outlines

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* feat: cleanup + screenshot buttons in sidebar inspector toolbar

Two action buttons in the inspector toolbar:
- Cleanup (🧹): POSTs cleanup --all to server, shows spinner, chat
  notification on success, resets inspector state (element may be removed)
- Screenshot (📸): POSTs screenshot to server, shows spinner, chat
  notification with saved file path

Shared infrastructure:
- .inspector-action-btn CSS with loading spinner via ::after pseudo-element
- chat-notification type in addChatEntry() for system messages
- package.json version bump to 0.13.9.0

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* test: inspector allowlist, CSP fallback, cleanup/screenshot buttons

16 new tests in sidebar-ux.test.ts:
- Inspector message allowlist includes all inspector types
- content.js basic picker (startBasicPicker, captureBasicData, CSSOM,
  outline save/restore, inspectResult with mode basic, Escape cleanup)
- background.js CSP fallback (separate try blocks, inspectorMode, fallback)
- Cleanup button (POST /command, inspector reset after success)
- Screenshot button (POST /command, notification rendering)
- Chat notification type and CSS styles

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* docs: update project documentation for v0.13.9.0

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* feat: cleanup + screenshot buttons in chat toolbar (not just inspector)

Quick actions toolbar (🧹 Cleanup, 📸 Screenshot) now appears above the chat
input, always visible. Both inspector and chat buttons share runCleanup() and
runScreenshot() helper functions. Clicking either set shows loading state on
both simultaneously.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* test: chat toolbar buttons, shared helpers, quick-action-btn styles

Tests that chat toolbar exists (chat-cleanup-btn, chat-screenshot-btn,
quick-actions container), CSS styles (.quick-action-btn, .quick-action-btn.loading),
shared runCleanup/runScreenshot helper functions, and cleanup inspector reset.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* feat: aggressive cleanup heuristics — overlays, scroll unlock, blur removal

Massively expanded CLEANUP_SELECTORS with patterns from uBlock Origin and
Readability.js research:
- ads: 30+ selectors (Google, Amazon, Outbrain, Taboola, Criteo, etc.)
- cookies: OneTrust, Cookiebot, TrustArc, Quantcast + generic patterns
- overlays (NEW): paywalls, newsletter popups, interstitials, push prompts,
  app download banners, survey modals
- social: follow prompts, share tools
- Cleanup now defaults to --all when no args (sidebar button fix)
- Uses !important on all display:none (overrides inline styles)
- Unlocks body/html scroll (overflow:hidden from modal lockout)
- Removes blur/filter effects (paywall content blur)
- Removes max-height truncation (article teaser truncation)
- Collapses empty ad placeholder whitespace (empty divs after ad removal)
- Skips gstack-ctrl indicator in sticky removal

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix: disable action buttons when disconnected, no error spam

- setActionButtonsEnabled() toggles .disabled class on all cleanup/screenshot
  buttons (both chat toolbar and inspector toolbar)
- Called with false in updateConnection when server URL is null
- Called with true when connection established
- runCleanup/runScreenshot silently return when disconnected instead of
  showing 'Not connected' error notifications
- CSS .disabled style: pointer-events:none, opacity:0.3, cursor:not-allowed

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* test: cleanup heuristics, button disabled state, overlay selectors

17 new tests:
- cleanup defaults to --all on empty args
- CLEANUP_SELECTORS overlays category (paywall, newsletter, interstitial)
- Major ad networks in selectors (doubleclick, taboola, criteo, etc.)
- Major consent frameworks (OneTrust, Cookiebot, TrustArc, Quantcast)
- !important override for inline styles
- Scroll unlock (body overflow:hidden)
- Blur removal (paywall content blur)
- Article truncation removal (max-height)
- Empty placeholder collapse
- gstack-ctrl indicator skip in sticky cleanup
- setActionButtonsEnabled function
- Buttons disabled when disconnected
- No error spam from cleanup/screenshot when disconnected
- CSS disabled styles for action buttons

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* feat: LLM-based page cleanup — agent analyzes page semantically

Instead of brittle CSS selectors, the cleanup button now sends a prompt to
the sidebar agent (which IS an LLM). The agent:
1. Runs deterministic $B cleanup --all as a quick first pass
2. Takes a snapshot to see what's left
3. Analyzes the page semantically to identify remaining clutter
4. Removes elements intelligently, preserving site branding

This means cleanup works correctly on any site without site-specific selectors.
The LLM understands that "Your Daily Puzzles" is clutter, "ADVERTISEMENT" is
junk, but the SF Chronicle masthead should stay.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* feat: aggressive cleanup heuristics + preserve top nav bar

Deterministic cleanup improvements (used as first pass before LLM analysis):
- New 'clutter' category: audio players, podcast widgets, sidebar puzzles/games,
  recirculation widgets (taboola, outbrain, nativo), cross-promotion banners
- Text-content detection: removes "ADVERTISEMENT", "Article continues below",
  "Sponsored", "Paid content" labels and their parent wrappers
- Sticky fix: preserves the topmost full-width element near viewport top (site
  nav bar) instead of hiding all sticky/fixed elements. Sorts by vertical
  position, preserves the first one that spans >80% viewport width.

Tests: clutter category, ad label removal, nav bar preservation logic.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* test: LLM-based cleanup architecture, deterministic heuristics, sticky nav

22 new tests covering:
- Cleanup button uses /sidebar-command (agent) not /command (deterministic)
- Cleanup prompt includes deterministic first pass + agent snapshot analysis
- Cleanup prompt lists specific clutter categories for agent guidance
- Cleanup prompt preserves site identity (masthead, headline, body, byline)
- Cleanup prompt instructs scroll unlock and $B eval removal
- Loading state management (async agent, setTimeout)
- Deterministic clutter: audio/podcast, games/puzzles, recirculation
- Ad label text patterns (ADVERTISEMENT, Sponsored, Article continues)
- Ad label parent wrapper hiding for small containers
- Sticky nav preservation (sort by position, first full-width near top)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* feat: GStack Browser stealth + branding — anti-bot patches, custom UA, rebrand

- Add GSTACK_CHROMIUM_PATH env var for custom Chromium binary
- Add BROWSE_EXTENSIONS_DIR env var for extension path override
- Move auth token to /health endpoint (fixes read-only .app bundles)
- Anti-bot stealth: disable navigator.webdriver, fake plugins, languages
- Custom user agent: Chrome/<version> GStackBrowser (auto-detects version)
- Rebrand Chromium plist to "GStack Browser" at launch time
- Update security test to match new token-via-health approach

* feat: GStack Browser .app bundle — launcher script + build system

- scripts/app/gstack-browser: dual-mode launcher (dev + .app bundle)
- scripts/build-app.sh: compiles binary, bundles Chromium + extension, creates DMG
- Rebrands Chromium plist during build for "GStack Browser" in menu bar
- 389MB .app, 189MB compressed DMG, launches in ~5s

* docs: GStack Browser V0 master plan — AI-native development browser vision

5-phase roadmap from .app wrapper through Chromium fork, 9 capability
visions, competitive landscape, architecture diagrams, design system.

* fix: restore package.json and sync version to 0.14.3.0

* chore: bump version and changelog (v0.14.4.0)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* chore: gitignore top-level dist/ (GStack Browser build output)

* feat: GStack Browser icon — custom .icns replaces Chromium's Dock icon

- Generated 1024px icon: dark terminal window with amber prompt cursor
- Converted to .icns with all macOS sizes (16-1024px, 1x and 2x)
- build-app.sh copies icon into both the outer .app and bundled Chromium's
  Resources (Chromium's process owns the Dock icon, not the launcher)
- browser-manager.ts patches Chromium's icon at runtime for dev mode too
- Both the Dock and Cmd+Tab now show the GStack icon

* feat: rename /connect-chrome → /open-gstack-browser

- Rename skill directory + update frontmatter name and description
- Update SKILL.md.tmpl to reference GStack Browser branding/stealth
- Create connect-chrome symlink for backwards compatibility
- Setup script creates /connect-chrome alias in .claude/skills/
- Fix package.json version sync (0.14.5.0 → 0.14.6.0)

* feat: rename /connect-chrome → /open-gstack-browser across all references

Update README skill lists, docs/skills.md deep dive, extension sidepanel
banner copy button, and reconnect clipboard text.

* feat: left-align sidebar UI + extension-ready event for welcome page

- Left-align all sidebar text (chat welcome, loading, empty states,
  notifications, inspector empty, session placeholder)
- Dispatch 'gstack-extension-ready' CustomEvent from content.js so
  the welcome page can detect when the sidebar is active

* chore: add GStack Browser TODOs — CDP stealth patches + Chromium fork

P1: rebrowser-style postinstall patcher for Playwright 1.58.2 (suppress
Runtime.enable, addBinding context discovery, 6 files, ~200 lines).
P2: long-term Chromium fork for permanent stealth + native sidebar.

* chore: regenerate open-gstack-browser/SKILL.md from template

Fix timeline skill name (connect-chrome → open-gstack-browser) and
preamble formatting from merge with main's updated template.

* feat: welcome page served from browse server on headed launch

- Add /welcome endpoint to server.ts, serves welcome.html
- Navigate to /welcome after server starts (not during launchHeaded,
  which runs before the server is listening)
- welcome.html bundled in browse/src/ for portability

* feat: auto-open sidebar on every browser launch, not just first install

- Add top-level setTimeout in background.js that fires on every service
  worker startup (onInstalled only fires on install/update)
- Remove misaligned arrow from welcome page, replace with text fallback
  that hides when extension content script fires gstack-extension-ready

* fix: sidebar auto-open retry with backoff + welcome page tests

- Replace single-attempt sidePanel.open() with autoOpenSidePanel() that
  retries up to 5 times with 500ms-5000ms backoff
- Fire on both onInstalled AND every service worker startup
- Remove misaligned arrow from welcome page, replace with text fallback
- Add 12 tests: welcome page structure, /welcome endpoint, headed launch
  navigation timing, sidebar auto-open retry logic, extension-ready event

* feat: reload button in sidebar footer

Adds a "reload" button next to "debug" and "clear" in the sidebar
footer. Calls location.reload() to fully refresh the side panel,
re-run connection logic, and clear stale state.

* feat: right-pointing arrow hint for sidebar on welcome page

Replace invisible text fallback with visible amber bubble + animated
right arrow (→) pointing toward where the sidebar opens. Always correct
regardless of window size (unlike the old up arrow at toolbar chrome).

* fix: sidebar auth race — pass token in getPort response

The sidebar called tryConnect() → getPort → got {port, connected} but
NO token. All subsequent requests (SSE, chat poll) failed with 401.
The token only arrived later via the health broadcast, but by then
the SSE connection was already broken.

Fix: include authToken in the getPort response so the sidebar has
the token from its very first connection attempt.

* feat: sidebar debug visibility + auth race tests

- Show attempt count in loading screen ("Connecting... attempt 3")
- After 5 failed attempts, show debug details (port, connected, token)
  so stuck users can see exactly what's failing
- Add 4 tests: getPort includes token, tryConnect uses token,
  dead state exists with MAX_RECONNECT_ATTEMPTS, reconnectAttempts visible

* fix: startup health check retries every 1s instead of 10s

Root cause: extension service worker starts before Bun.serve() is
listening. First checkHealth() fails, next attempt is 10 seconds
later. User stares at "Connecting..." for 10 seconds.

Fix: retry every 1s for up to 15 attempts on startup, then switch
to 10s polling once connected (or after 15s gives up). Sidebar
should connect within 1-2 seconds of server becoming available.

3 new tests verify the fast-retry → slow-poll transition.

* feat: detailed step-by-step status in sidebar loading screen

Replace useless "Connecting..." with real-time debug info:
- "Looking for browse server... (attempt N)"
- Shows port, server responding status, token status
- Shows chrome.runtime errors if extension messaging fails
- Tells user to run /open-gstack-browser if server not found

* fix: sidebar connects directly to /health instead of waiting for background

Root cause: sidepanel asked background "are you connected?" but background's
health check hadn't succeeded yet (1-10s gap). Sidepanel waited forever.

Fix: when background says not connected, sidepanel hits /health directly
with fetch(). Gets the token from the response. Bypasses background
entirely for initial connection. Shows step-by-step debug info:
"Checking server directly... port: 34567 / Trying GET /health..."

* fix: suppress fake "session ended" and timeout errors in sidebar

Two issues making the sidebar look broken when it's actually working:
1. "Timed out after 300s" error displayed after agent_done — this is a
   cleanup timer, not a real error. Now suppressed when no active session.
2. "(session ended)" text appended on every idle poll — removed entirely.
   The thinking spinner is cleaned up silently instead.

* fix: sidebar agent passes BROWSE_PORT to child claude

Ensures the child claude process connects to the existing headed
browse server (port 34567) instead of spawning a new headless one.
Without this, sidebar chat commands run in an invisible browser.

* feat: BROWSE_NO_AUTOSTART prevents sidebar from spawning headless browser

When set, the browse CLI refuses to start a new server and exits with
a clear error: "Server not available, run /open-gstack-browser to restart."
The sidebar agent sets this so users never get an invisible headless
browser when the headed one is closed.

* test: BROWSE_NO_AUTOSTART guard in CLI + sidebar-agent env vars

5 tests: CLI checks env var before starting server, shows actionable
error, sidebar-agent sets the flag + BROWSE_PORT, guard runs before
lock acquisition to prevent stale lock files.

* fix: stale auth token causes Unauthorized + invisible error text

background.js checkHealth() never refreshed authToken from /health responses,
so when the browse server restarted with a new token, all sidebar-command
requests got 401 Unauthorized forever.

Also: error placeholder text was #3f3f46 on #0C0C0C (nearly invisible).
Now shows in red to match the error border.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix: replace 40+ silent catch blocks with debug logging

Every empty catch {} in sidepanel.js, sidebar-agent.ts now logs with
[gstack sidebar] or [sidebar-agent] prefix. Chat poll 401s, stop agent,
tab poll, clear chat, SSE parse, refs fetch, stream JSON parse, queue
read/parse, process kill — all now visible in console.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix: noisy debug logging + auto model routing in browse server

Server-side silent catch blocks (22 instances) now log with [browse] prefix:
chat persistence, session save/load, agent kill, tab pin/restore, welcome
page, buffer flush, worktree cleanup, lock files, SSE streams.

Also adds pickSidebarModel() — routes sidebar messages to sonnet for
navigation/interaction (click, goto, fill, screenshot) and opus for
analysis/comprehension (summarize, describe, find bugs). Sonnet is
~4x faster for action commands with zero quality difference.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* test: update sidebar tests for model router + longer stopAgent slice

- stopAgent slice 800→1000 to accommodate added error logging lines
- Replace hardcoded opus assertion with model router assertions

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix: sidebar arrow hint stays visible until sidebar actually opens

Previously the welcome page arrow hid immediately when the extension's
content script loaded — but extension loaded ≠ sidebar open. Now the
signal flow is: sidepanel connects → tells background.js → relays to
content script → dispatches gstack-extension-ready → arrow hides.

Adds welcome-page.test.ts: 14 tests verifying arrow, branding, feature
cards, dark theme, and auto-hide behavior via real HTTP server.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* test: arrow hide signal chain (4-step) + stale session-ended assertion

8 new tests verify the sidebarOpened → background → content → welcome
signal chain. Updates stale "(session ended)" test that checked for
text removed in a prior commit.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix: preserve optimistic UI during tab switch on first message

When the user sends a message and the server assigns it to a new tab
(because Chrome's active tab changed), switchChatTab() was blowing away
the optimistic user bubble and thinking dots with a welcome screen.
Now preserves the current DOM if we're mid-send with a thinking indicator.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* docs: sidebar message flow architecture doc + CLAUDE.md pointer

SIDEBAR_MESSAGE_FLOW.md documents the full init timeline, message flow
(user types → claude responds), auth token chain, arrow hint signal
chain, model routing, tab concurrency, and known failure modes.

CLAUDE.md now tells you to read it before touching sidebar files.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix: sidebar chat resets idle timer + shutdown kills sidebar-agent

Two fixes for the "browser died while chatting" problem:

1. /sidebar-command now calls resetIdleTimer(). Previously only CLI
   commands reset it, so the server would shut down after 30 min even
   while the user was actively chatting in the sidebar.

2. shutdown() now pkills the sidebar-agent daemon. Previously the agent
   survived server shutdown, kept polling a dead server, and spawned
   confused claude processes that auto-started headless browsers.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix: disable idle timeout in headed mode — browser lives until closed

The 30-minute idle timeout only applies to headless mode now. In headed
mode the user is looking at the Chrome window, so auto-shutdown is wrong.
The browser stays alive until explicit disconnect or window close.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* feat: cookies button in sidebar footer opens cookie picker

One-click cookie import from the sidebar. Navigates the headed browser
to /cookie-picker where you can select which domains to import from
your real Chrome profile.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* docs: update project documentation for GStack Browser improvements

README.md: updated Real browser mode and sidebar agent sections with
model routing, cookie import button, no idle timeout in headed mode.
Updated skill table entries for /browse and /open-gstack-browser.

docs/skills.md: updated /open-gstack-browser deep dive with model
routing and cookie import details.

GSTACK_BROWSER_V0.md: added 6 new SHIPPED items to implementation
status table (model routing, debug logging, idle timeout, cookie
button, arrow hint, architecture doc).

TODOS.md: marked "Sidebar agent Write tool + error visibility" as
SHIPPED. Added new P2 TODO for direct API calls to eliminate
claude -p startup tax.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* feat: add Claude Code terminal example to welcome page TRY IT NOW

Fifth example shows the parent agent workflow: navigate, extract CSS,
write to file. The other four are all sidebar-only. This one shows
co-presence — the Claude Code session that launched the browser can
also control it directly.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix: hide internal tool-result file reads from sidebar activity

Claude reads its own ~/.claude/projects/.../tool-results/ files as
internal plumbing. These showed up as long unreadable paths in the
sidebar. Now: describeToolCall returns empty for tool-result reads,
and the sidebar skips rendering tool_use entries with no description.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* feat: collapse tool calls into "See reasoning" disclosure on completion

While the agent is working, tool calls stream live so you can watch
progress. When the agent finishes, all tool calls collapse into a
"See reasoning (N steps)" disclosure. Click to expand and see what
the agent did. The final text answer stays visible.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* test: 17 new tests for recent sidebar fixes

Covers: tool-result file filtering, empty tool_use skip, reasoning
disclosure collapse, idle timeout headed mode bypass, sidebar-command
idle reset, shutdown sidebar-agent kill, cookie button, and model
routing analysis-before-action priority.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* feat: move cookies button to quick actions toolbar

Cookies now sits next to Cleanup and Screenshot as a primary action
button (🍪 Cookies) instead of buried in the footer. Same behavior,
more discoverable.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* feat: add instructional text to cookie picker page

"Select the domains of cookies you want to import to GStack Browser.
You'll be able to browse those sites with the same login as your
other browser."

Also fixes stale test that expected hardcoded '--model', 'opus'.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* feat: 6-card welcome page with cookie import + dual-agent cards

3x2 grid layout (was 2x2). New cards: "Import your cookies" (click
🍪 Cookies to import login sessions from Chrome/Arc/Brave) and
"Or use your main agent" (your Claude Code terminal also controls
this browser). Responsive: 3 cols > 2 cols > 1 col.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix: move sidebar arrow hint to top-right instead of vertically centered

The arrow was centered vertically which put it behind the feature cards.
Now positioned at top: 80px where there's open space and it's more visible.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Garry Tan
2026-04-04 10:17:05 -07:00
committed by GitHub
parent cf73db5f19
commit 3f080de1b7
30 changed files with 2610 additions and 234 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
browse/test/server-auth.test.ts
View File

@@ -21,13 +21,14 @@ function sliceBetween(source: string, startMarker: string, endMarker: string): s
}
describe('Server auth security', () => {
// Test 1: /health response must not leak the auth token
test('/health response must not contain token field', () => {
// Test 1: /health serves auth token for extension bootstrap (localhost-only, safe)
// Previously token was removed from /health, but extension needs it since
// .auth.json in the extension dir breaks read-only .app bundles and codesigning.
test('/health serves auth token with safety comment', () => {
const healthBlock = sliceBetween(SERVER_SRC, "url.pathname === '/health'", "url.pathname === '/refs'");
// The old pattern was: token: AUTH_TOKEN
// The new pattern should have a comment indicating token was removed
expect(healthBlock).not.toContain('token: AUTH_TOKEN');
expect(healthBlock).toContain('token removed');
expect(healthBlock).toContain('token: AUTH_TOKEN');
// Must have a comment explaining why this is safe
expect(healthBlock).toContain('localhost-only');
});
// Test 2: /refs endpoint requires auth via validateAuth

8
browse/test/sidebar-security.test.ts
View File

@@ -86,9 +86,11 @@ describe('Sidebar prompt injection defense', () => {
// --- Model Selection ---
test('default model is opus', () => {
// The args array should include --model opus
expect(SERVER_SRC).toContain("'--model', 'opus'");
test('model routing defaults to opus for analysis tasks', () => {
// pickSidebarModel returns opus for ambiguous/analysis messages
expect(SERVER_SRC).toContain("return 'opus'");
// spawnClaude uses the model router
expect(SERVER_SRC).toContain("'--model', model");
});
// --- Trust Boundary ---

485
browse/test/sidebar-ux.test.ts
View File

@@ -165,8 +165,10 @@ describe('sidebar JS (sidepanel.js)', () => {
expect(js).toContain("data.agentStatus !== 'processing'");
});
test('orphaned thinking cleanup adds (session ended) notice', () => {
expect(js).toContain('(session ended)');
test('orphaned thinking cleanup removes thinking dots silently', () => {
// Thinking dots are removed when agent is idle — no "(session ended)"
// notice, which was removed as noisy false-positive UX
expect(js).toContain('thinking.remove()');
});
test('sendMessage renders user bubble + thinking dots optimistically', () => {
@@ -296,7 +298,7 @@ describe('TTFO latency chain', () => {
test('stopAgent also calls stopFastPoll', () => {
const stopFn = js.slice(
js.indexOf('async function stopAgent()'),
js.indexOf('async function stopAgent()') + 800,
js.indexOf('async function stopAgent()') + 1000,
);
expect(stopFn).toContain('stopFastPoll');
});
@@ -989,12 +991,17 @@ describe('sidebar agent conciseness + no focus stealing', () => {
expect(promptSection).toContain('Do NOT keep exploring');
});
test('sidebar agent uses opus (not sonnet) for prompt injection resistance', () => {
test('sidebar agent auto-routes model based on message type', () => {
// Model router exists and defaults to opus for analysis tasks
expect(serverSrc).toContain('function pickSidebarModel(');
expect(serverSrc).toContain("return 'opus'");
expect(serverSrc).toContain("return 'sonnet'");
// spawnClaude uses the router, not a hardcoded model
const spawnFn = serverSrc.slice(
serverSrc.indexOf('function spawnClaude('),
serverSrc.indexOf('\nfunction ', serverSrc.indexOf('function spawnClaude(') + 1),
);
expect(spawnFn).toContain("'opus'");
expect(spawnFn).toContain('pickSidebarModel(userMessage)');
});
test('switchTab has bringToFront option', () => {
@@ -1192,3 +1199,471 @@ describe('LLM-based cleanup (smart agent cleanup)', () => {
expect(wcSrc).toContain("role') === 'navigation'");
});
});
// ─── Welcome page + sidebar auto-open ────────────────────────────
describe('welcome page', () => {
const welcomePath = path.join(ROOT, 'src', 'welcome.html');
const welcomeExists = fs.existsSync(welcomePath);
const welcomeSrc = welcomeExists ? fs.readFileSync(welcomePath, 'utf-8') : '';
test('welcome.html exists in browse/src/', () => {
expect(welcomeExists).toBe(true);
});
test('welcome page has GStack Browser branding', () => {
expect(welcomeSrc).toContain('GStack Browser');
});
test('welcome page has extension-ready listener to hide prompt', () => {
expect(welcomeSrc).toContain('gstack-extension-ready');
expect(welcomeSrc).toContain('sidebar-prompt');
});
test('welcome page points RIGHT toward sidebar (not UP at toolbar)', () => {
// Up arrow can never align with browser chrome. Right arrow always
// points toward the sidebar area regardless of window size.
expect(welcomeSrc).not.toContain('arrow-up');
expect(welcomeSrc).toContain('arrow-right');
});
test('welcome page has left-aligned text (no center-align on headings)', () => {
// User preference: always left-align, never center
expect(welcomeSrc).not.toMatch(/text-align:\s*center/);
});
test('welcome page uses dark theme', () => {
expect(welcomeSrc).toContain('#0C0C0C'); // --base (near-black)
expect(welcomeSrc).toContain('#141414'); // --surface (card bg)
});
});
describe('server /welcome endpoint', () => {
const serverSrc = fs.readFileSync(path.join(ROOT, 'src', 'server.ts'), 'utf-8');
test('/welcome endpoint exists in server.ts', () => {
expect(serverSrc).toContain("url.pathname === '/welcome'");
});
test('/welcome serves HTML content type', () => {
const welcomeSection = serverSrc.slice(
serverSrc.indexOf("url.pathname === '/welcome'"),
serverSrc.indexOf("url.pathname === '/health'"),
);
expect(welcomeSection).toContain("'Content-Type': 'text/html");
});
test('/welcome redirects to about:blank if no welcome file found', () => {
const welcomeSection = serverSrc.slice(
serverSrc.indexOf("url.pathname === '/welcome'"),
serverSrc.indexOf("url.pathname === '/health'"),
);
expect(welcomeSection).toContain('302');
expect(welcomeSection).toContain('about:blank');
});
});
describe('headed launch navigates to welcome page', () => {
const serverSrc = fs.readFileSync(path.join(ROOT, 'src', 'server.ts'), 'utf-8');
test('server navigates to /welcome after startup in headed mode', () => {
// Navigation must happen AFTER Bun.serve() starts (not during launchHeaded)
// because the HTTP server needs to be listening before the browser requests /welcome
const afterServe = serverSrc.slice(serverSrc.indexOf('Bun.serve('));
expect(afterServe).toContain('/welcome');
expect(afterServe).toContain("getConnectionMode() === 'headed'");
});
test('welcome navigation does NOT happen in browser-manager (too early)', () => {
const bmSrc = fs.readFileSync(path.join(ROOT, 'src', 'browser-manager.ts'), 'utf-8');
// browser-manager.ts should NOT navigate to /welcome because the server
// isn't listening yet when launchHeaded() runs
const launchHeadedSection = bmSrc.slice(
bmSrc.indexOf('async launchHeaded('),
bmSrc.indexOf('// Browser disconnect handler'),
);
expect(launchHeadedSection).not.toContain('/welcome');
});
});
describe('sidebar auto-open (background.js)', () => {
const bgSrc = fs.readFileSync(path.join(ROOT, '..', 'extension', 'background.js'), 'utf-8');
test('autoOpenSidePanel function exists with retry logic', () => {
expect(bgSrc).toContain('async function autoOpenSidePanel');
expect(bgSrc).toContain('attempt < 5');
});
test('auto-open fires on install AND on every service worker startup', () => {
// onInstalled fires on first install / extension update
expect(bgSrc).toContain('chrome.runtime.onInstalled.addListener');
expect(bgSrc).toContain('autoOpenSidePanel()');
// Top-level call fires on every service worker startup
const topLevelCalls = bgSrc.match(/^autoOpenSidePanel\(\)/gm);
expect(topLevelCalls).not.toBeNull();
expect(topLevelCalls!.length).toBeGreaterThanOrEqual(1);
});
test('retry uses backoff delays (not fixed interval)', () => {
expect(bgSrc).toContain('500');
expect(bgSrc).toContain('1000');
expect(bgSrc).toContain('2000');
expect(bgSrc).toContain('3000');
expect(bgSrc).toContain('5000');
});
test('auto-open uses chrome.sidePanel.open with windowId', () => {
expect(bgSrc).toContain('chrome.sidePanel.open');
expect(bgSrc).toContain('windowId');
});
test('auto-open logs success and failure for debugging', () => {
expect(bgSrc).toContain('Side panel opened on attempt');
expect(bgSrc).toContain('Side panel auto-open failed');
});
});
describe('sidebar arrow hint hide flow (4-step signal chain)', () => {
// The arrow hint on the welcome page should ONLY hide when the sidebar
// is actually opened, not when the extension content script loads.
//
// Signal flow:
// 1. sidepanel.js connects → sends { type: 'sidebarOpened' } to background
// 2. background.js receives → relays to active tab's content script
// 3. content.js receives 'sidebarOpened' → dispatches 'gstack-extension-ready'
// 4. welcome.html listens for 'gstack-extension-ready' → hides arrow
//
const contentSrc = fs.readFileSync(path.join(ROOT, '..', 'extension', 'content.js'), 'utf-8');
const bgSrc = fs.readFileSync(path.join(ROOT, '..', 'extension', 'background.js'), 'utf-8');
const spSrc = fs.readFileSync(path.join(ROOT, '..', 'extension', 'sidepanel.js'), 'utf-8');
const welcomeSrc = fs.readFileSync(path.join(ROOT, 'src', 'welcome.html'), 'utf-8');
// Step 1: sidepanel sends sidebarOpened when connected
test('step 1: sidepanel sends sidebarOpened message on connect', () => {
expect(spSrc).toContain("{ type: 'sidebarOpened' }");
// Should be in updateConnection, after setConnState('connected')
const connectFn = spSrc.slice(
spSrc.indexOf('function updateConnection('),
spSrc.indexOf('function updateConnection(') + 800,
);
expect(connectFn).toContain('sidebarOpened');
});
// Step 2: background.js accepts and relays sidebarOpened
test('step 2: background.js allows sidebarOpened message type', () => {
expect(bgSrc).toContain("'sidebarOpened'");
// Must be in ALLOWED_TYPES
const allowedBlock = bgSrc.slice(
bgSrc.indexOf('ALLOWED_TYPES'),
bgSrc.indexOf('ALLOWED_TYPES') + 300,
);
expect(allowedBlock).toContain('sidebarOpened');
});
test('step 2: background.js relays sidebarOpened to active tab content script', () => {
expect(bgSrc).toContain("msg.type === 'sidebarOpened'");
// Should send to active tab via chrome.tabs.sendMessage
const handler = bgSrc.slice(
bgSrc.indexOf("msg.type === 'sidebarOpened'"),
bgSrc.indexOf("msg.type === 'sidebarOpened'") + 400,
);
expect(handler).toContain('chrome.tabs.sendMessage');
expect(handler).toContain("{ type: 'sidebarOpened' }");
});
// Step 3: content.js fires gstack-extension-ready ONLY on sidebarOpened
test('step 3: content.js dispatches extension-ready on sidebarOpened message', () => {
expect(contentSrc).toContain("msg.type === 'sidebarOpened'");
expect(contentSrc).toContain("new CustomEvent('gstack-extension-ready')");
});
test('step 3: content.js does NOT auto-fire extension-ready on load', () => {
// The old pattern was: fire immediately when content script loads.
// Now it should only fire when sidebarOpened message arrives.
// Check there's no top-level dispatchEvent outside the message handler.
const beforeListener = contentSrc.slice(0, contentSrc.indexOf('chrome.runtime.onMessage'));
expect(beforeListener).not.toContain("dispatchEvent(new CustomEvent('gstack-extension-ready'))");
});
// Step 4: welcome page hides arrow on gstack-extension-ready
test('step 4: welcome page hides arrow on gstack-extension-ready event', () => {
expect(welcomeSrc).toContain("'gstack-extension-ready'");
expect(welcomeSrc).toContain("classList.add('hidden')");
});
test('step 4: welcome page does NOT auto-hide via status pill polling', () => {
// The old fallback (checkPill/gstack-status-pill) would hide the arrow
// as soon as the content script injected the pill, even without sidebar open.
expect(welcomeSrc).not.toContain('checkPill');
expect(welcomeSrc).not.toContain('gstack-status-pill');
});
});
describe('sidebar auth race prevention', () => {
const bgSrc = fs.readFileSync(path.join(ROOT, '..', 'extension', 'background.js'), 'utf-8');
const spSrc = fs.readFileSync(path.join(ROOT, '..', 'extension', 'sidepanel.js'), 'utf-8');
test('getPort response includes authToken (not just port + connected)', () => {
// The auth race: sidepanel calls getPort, gets {port, connected} but no token.
// All subsequent requests fail 401. Token must be in the getPort response.
const getPortHandler = bgSrc.slice(
bgSrc.indexOf("msg.type === 'getPort'"),
bgSrc.indexOf("msg.type === 'setPort'"),
);
expect(getPortHandler).toContain('token: authToken');
});
test('tryConnect uses token from getPort response', () => {
// Sidepanel must pass resp.token to updateConnection, not null
const start = spSrc.indexOf('function tryConnect()');
const end = spSrc.indexOf('\ntryConnect();', start); // top-level call after the function
const tryConnectFn = spSrc.slice(start, end);
expect(tryConnectFn).toContain('resp.token');
expect(tryConnectFn).not.toContain('updateConnection(url, null)');
});
});
describe('startup health check fast-retry', () => {
const bgSrc = fs.readFileSync(path.join(ROOT, '..', 'extension', 'background.js'), 'utf-8');
test('initial health check retries every 1s (not 10s)', () => {
// The server may not be listening when the extension starts because
// Chromium launches before Bun.serve(). A 10s gap means the user
// stares at "Connecting..." for 10 seconds. 1s retry fixes this.
expect(bgSrc).toContain('startupAttempts');
expect(bgSrc).toContain('setInterval(async ()');
// Fast retry uses 1000ms, not the 10000ms slow poll
expect(bgSrc).toContain('}, 1000);');
});
test('startup retry stops after connection or max attempts', () => {
expect(bgSrc).toContain('isConnected || startupAttempts >= 15');
expect(bgSrc).toContain('clearInterval(startupCheck)');
});
test('slow 10s polling only starts after startup phase completes', () => {
expect(bgSrc).toContain('if (!healthInterval)');
expect(bgSrc).toContain('setInterval(checkHealth, 10000)');
});
});
describe('sidebar debug visibility when stuck', () => {
const spSrc = fs.readFileSync(path.join(ROOT, '..', 'extension', 'sidepanel.js'), 'utf-8');
test('connection state machine has a dead state with user-visible message', () => {
expect(spSrc).toContain("'dead'");
expect(spSrc).toContain('MAX_RECONNECT_ATTEMPTS');
});
test('reconnect attempt counter is visible in the UI', () => {
// The banner should show attempt count so user knows something is happening
expect(spSrc).toContain('reconnectAttempts');
});
});
describe('BROWSE_NO_AUTOSTART (sidebar headless prevention)', () => {
const cliSrc = fs.readFileSync(path.join(ROOT, 'src', 'cli.ts'), 'utf-8');
const agentSrc = fs.readFileSync(path.join(ROOT, 'src', 'sidebar-agent.ts'), 'utf-8');
test('cli.ts checks BROWSE_NO_AUTOSTART before starting a new server', () => {
// ensureServer must check this env var BEFORE calling startServer()
const ensureServerFn = cliSrc.slice(
cliSrc.indexOf('async function ensureServer()'),
cliSrc.indexOf('async function startServer()'),
);
expect(ensureServerFn).toContain('BROWSE_NO_AUTOSTART');
expect(ensureServerFn).toContain('process.exit(1)');
});
test('cli.ts shows actionable error message when BROWSE_NO_AUTOSTART blocks', () => {
expect(cliSrc).toContain('/open-gstack-browser');
expect(cliSrc).toContain('BROWSE_NO_AUTOSTART is set');
});
test('sidebar-agent.ts sets BROWSE_NO_AUTOSTART=1', () => {
expect(agentSrc).toContain("BROWSE_NO_AUTOSTART: '1'");
});
test('sidebar-agent.ts sets BROWSE_PORT for headed server reuse', () => {
expect(agentSrc).toContain('BROWSE_PORT');
});
test('BROWSE_NO_AUTOSTART check happens before lock acquisition', () => {
// The guard must be BEFORE the lock acquisition. If it's after,
// we'd acquire a lock and then exit, leaving a stale lock file.
const ensureServerStart = cliSrc.indexOf('async function ensureServer()');
const noAutoStart = cliSrc.indexOf('BROWSE_NO_AUTOSTART', ensureServerStart);
const lockAcquisition = cliSrc.indexOf('Acquire lock', ensureServerStart);
expect(noAutoStart).toBeGreaterThan(0);
expect(lockAcquisition).toBeGreaterThan(0);
expect(noAutoStart).toBeLessThan(lockAcquisition);
});
});
// ─── Tool-result file filtering (sidebar-agent.ts) ──────────────
describe('sidebar-agent hides internal tool-result reads', () => {
const agentSrc = fs.readFileSync(path.join(ROOT, 'src', 'sidebar-agent.ts'), 'utf-8');
test('describeToolCall returns empty for tool-results paths', () => {
expect(agentSrc).toContain("input.file_path.includes('/tool-results/')");
});
test('describeToolCall returns empty for .claude/projects paths', () => {
expect(agentSrc).toContain("input.file_path.includes('/.claude/projects/')");
});
test('empty description causes early return (no event sent)', () => {
// describeToolCall returns '' for internal reads, which means
// summarizeToolInput returns '', which means event.input is ''
const readHandler = agentSrc.slice(
agentSrc.indexOf("if (tool === 'Read'"),
agentSrc.indexOf("if (tool === 'Edit'"),
);
expect(readHandler).toContain("return ''");
});
});
// ─── Sidebar skips empty tool_use entries (sidepanel.js) ────────
describe('sidebar skips empty tool_use descriptions', () => {
const js = fs.readFileSync(path.join(ROOT, '..', 'extension', 'sidepanel.js'), 'utf-8');
test('tool_use with no input returns early', () => {
const toolUseHandler = js.slice(
js.indexOf("entry.type === 'tool_use'"),
js.indexOf("entry.type === 'tool_use'") + 400,
);
expect(toolUseHandler).toContain("if (!toolInput) return");
});
});
// ─── Tool calls collapse into "See reasoning" on agent_done ─────
describe('tool calls collapse into reasoning disclosure', () => {
const js = fs.readFileSync(path.join(ROOT, '..', 'extension', 'sidepanel.js'), 'utf-8');
const css = fs.readFileSync(path.join(ROOT, '..', 'extension', 'sidepanel.css'), 'utf-8');
test('agent_done wraps tool calls in <details> element', () => {
const doneHandler = js.slice(
js.indexOf("entry.type === 'agent_done'"),
js.indexOf("entry.type === 'agent_done'") + 1200,
);
expect(doneHandler).toContain("createElement('details')");
expect(doneHandler).toContain('agent-reasoning');
});
test('disclosure summary shows step count', () => {
const doneHandler = js.slice(
js.indexOf("entry.type === 'agent_done'"),
js.indexOf("entry.type === 'agent_done'") + 1200,
);
expect(doneHandler).toContain('See reasoning');
expect(doneHandler).toContain('tools.length');
});
test('disclosure inserts before text response', () => {
const doneHandler = js.slice(
js.indexOf("entry.type === 'agent_done'"),
js.indexOf("entry.type === 'agent_done'") + 1200,
);
// Tool calls should appear before the text answer, not after
expect(doneHandler).toContain("querySelector('.agent-text')");
expect(doneHandler).toContain('insertBefore(details, textEl)');
});
test('CSS styles the reasoning disclosure', () => {
expect(css).toContain('.agent-reasoning');
expect(css).toContain('.agent-reasoning summary');
// Starts collapsed (no [open] by default)
expect(css).toContain('.agent-reasoning[open]');
});
test('disclosure uses custom triangle markers', () => {
// No default list-style, custom ▶/▼ via ::before
expect(css).toContain('list-style: none');
expect(css).toMatch(/agent-reasoning summary::before/);
});
});
// ─── Idle timeout disabled in headed mode (server.ts) ───────────
describe('idle timeout behavior (server.ts)', () => {
const serverSrc = fs.readFileSync(path.join(ROOT, 'src', 'server.ts'), 'utf-8');
test('idle check skips in headed mode', () => {
const idleCheck = serverSrc.slice(
serverSrc.indexOf('idleCheckInterval'),
serverSrc.indexOf('idleCheckInterval') + 300,
);
expect(idleCheck).toContain("=== 'headed'");
expect(idleCheck).toContain('return');
});
test('sidebar-command resets idle timer', () => {
const sidebarCmd = serverSrc.slice(
serverSrc.indexOf("url.pathname === '/sidebar-command'"),
serverSrc.indexOf("url.pathname === '/sidebar-command'") + 300,
);
expect(sidebarCmd).toContain('resetIdleTimer');
});
});
// ─── Shutdown kills sidebar-agent daemon (server.ts) ────────────
describe('shutdown cleanup (server.ts)', () => {
const serverSrc = fs.readFileSync(path.join(ROOT, 'src', 'server.ts'), 'utf-8');
test('shutdown kills sidebar-agent daemon process', () => {
const shutdownFn = serverSrc.slice(
serverSrc.indexOf('async function shutdown()'),
serverSrc.indexOf('async function shutdown()') + 800,
);
expect(shutdownFn).toContain('sidebar-agent');
expect(shutdownFn).toContain('pkill');
});
});
// ─── Cookie button in sidebar footer ────────────────────────────
describe('cookie import button (sidebar)', () => {
const html = fs.readFileSync(path.join(ROOT, '..', 'extension', 'sidepanel.html'), 'utf-8');
const js = fs.readFileSync(path.join(ROOT, '..', 'extension', 'sidepanel.js'), 'utf-8');
test('quick actions toolbar has cookies button', () => {
expect(html).toContain('id="chat-cookies-btn"');
expect(html).toContain('Cookies');
});
test('cookies button navigates to cookie-picker', () => {
expect(js).toContain("'chat-cookies-btn'");
expect(js).toContain('cookie-picker');
});
});
// ─── Model routing (server.ts) ──────────────────────────────────
describe('sidebar model routing (server.ts)', () => {
const serverSrc = fs.readFileSync(path.join(ROOT, 'src', 'server.ts'), 'utf-8');
test('pickSidebarModel routes actions to sonnet', () => {
expect(serverSrc).toContain("return 'sonnet'");
});
test('pickSidebarModel routes analysis to opus', () => {
expect(serverSrc).toContain("return 'opus'");
});
test('analysis words override action verbs', () => {
// ANALYSIS_WORDS check comes before ACTION_PATTERNS
const routerFn = serverSrc.slice(
serverSrc.indexOf('function pickSidebarModel('),
serverSrc.indexOf('function pickSidebarModel(') + 600,
);
const analysisCheck = routerFn.indexOf('ANALYSIS_WORDS');
const actionCheck = routerFn.indexOf('ACTION_PATTERNS');
expect(analysisCheck).toBeGreaterThan(0);
expect(actionCheck).toBeGreaterThan(0);
expect(analysisCheck).toBeLessThan(actionCheck);
});
});

143
browse/test/welcome-page.test.ts Normal file
View File

@@ -0,0 +1,143 @@
/**
* Welcome page E2E test — verifies the sidebar arrow hint and key elements
* render correctly when the welcome page is served via HTTP.
*
* Spins up a real Bun.serve, fetches the HTML, and parses it to verify
* the sidebar prompt arrow, feature cards, and branding are present.
*/
import { describe, test, expect, beforeAll, afterAll } from 'bun:test';
import * as fs from 'fs';
import * as path from 'path';
const WELCOME_PATH = path.join(import.meta.dir, '../src/welcome.html');
const welcomeHtml = fs.readFileSync(WELCOME_PATH, 'utf-8');
let server: ReturnType<typeof Bun.serve>;
let baseUrl: string;
beforeAll(() => {
// Serve the welcome page exactly as the browse server does
server = Bun.serve({
port: 0,
hostname: '127.0.0.1',
fetch() {
return new Response(welcomeHtml, {
headers: { 'Content-Type': 'text/html; charset=utf-8' },
});
},
});
baseUrl = `http://127.0.0.1:${server.port}`;
});
afterAll(() => {
server?.stop();
});
describe('welcome page served via HTTP', () => {
let html: string;
beforeAll(async () => {
const resp = await fetch(baseUrl);
expect(resp.ok).toBe(true);
expect(resp.headers.get('content-type')).toContain('text/html');
html = await resp.text();
});
// ─── Sidebar arrow hint (the bug that triggered this test) ────────
test('sidebar prompt arrow is present and visible', () => {
// The arrow element with class "arrow-right" must exist
expect(html).toContain('class="arrow-right"');
// It should contain the right-arrow character (→ = &#x2192;)
expect(html).toContain('&#x2192;');
});
test('sidebar prompt container is visible by default (no hidden class)', () => {
// The prompt div should NOT have the "hidden" class on initial load
expect(html).toContain('id="sidebar-prompt"');
// Check it doesn't start hidden
expect(html).not.toMatch(/class="sidebar-prompt[^"]*hidden/);
});
test('sidebar prompt has instruction text', () => {
expect(html).toContain('Open the sidebar to get started');
expect(html).toContain('puzzle piece');
});
test('sidebar prompt is positioned on the right side', () => {
// CSS should position it on the right
expect(html).toMatch(/\.sidebar-prompt\s*\{[^}]*right:\s*\d+px/);
});
test('arrow has nudge animation', () => {
expect(html).toContain('@keyframes nudge');
expect(html).toMatch(/\.arrow-right\s*\{[^}]*animation:\s*nudge/);
});
// ─── Branding ─────────────────────────────────────────────────────
test('has GStack Browser title and branding', () => {
expect(html).toContain('<title>GStack Browser</title>');
expect(html).toContain('GStack Browser');
});
test('has amber dot logo', () => {
expect(html).toContain('class="logo-dot"');
expect(html).toContain('class="logo-text"');
});
// ─── Feature cards ────────────────────────────────────────────────
test('has all six feature cards', () => {
expect(html).toContain('Talk to the sidebar');
expect(html).toContain('Or use your main agent');
expect(html).toContain('Import your cookies');
expect(html).toContain('Clean up any page');
expect(html).toContain('Smart screenshots');
expect(html).toContain('Modify any page');
});
// ─── Try it section ───────────────────────────────────────────────
test('has try-it section with example prompts', () => {
expect(html).toContain('Try it now');
expect(html).toContain('news.ycombinator.com');
});
// ─── Extension auto-hide ──────────────────────────────────────────
test('hides sidebar prompt when extension is detected', () => {
// Should listen for the extension-ready event
expect(html).toContain("'gstack-extension-ready'");
// Should add 'hidden' class to sidebar-prompt
expect(html).toContain("classList.add('hidden')");
});
test('does NOT auto-hide based on extension detection alone', () => {
// The arrow should only hide when the sidebar actually opens,
// not when the content script loads (which happens on every page)
expect(html).not.toContain('gstack-status-pill');
expect(html).not.toContain('checkPill');
});
// ─── Dark theme ───────────────────────────────────────────────────
test('uses dark theme colors', () => {
expect(html).toContain('--base: #0C0C0C');
expect(html).toContain('--surface: #141414');
});
// ─── Left-aligned text ────────────────────────────────────────────
test('text is left-aligned, not centered', () => {
expect(html).not.toMatch(/text-align:\s*center/);
});
// ─── Footer ───────────────────────────────────────────────────────
test('has footer with attribution', () => {
expect(html).toContain('Garry Tan');
expect(html).toContain('github.com/garrytan/gstack');
});
});