Documentation
¶
Index ¶
- Constants
- func BodiesPresentation(captureBodies, captureBodiesUnmasked, captureTelemetry bool) (value, detail, state string)
- func CredentialDenyList() []string
- func Divider(ch string, n int) string
- func HumanAuth(mode model.AuthMode, source model.AuthSource) string
- func HumanAuthBootstrap(b model.AuthBootstrap, _ model.AuthBootstrapKind) string
- func HumanAuthPolicy(p model.AuthPolicy) string
- func HumanConfigSource(src string) string
- func HumanEgress(mode, source, summary string) string
- func HumanProfileSwitch(detail string) string
- func HumanRoute(src model.RouteSource, configSource string) string
- func HumanRouteClass(rc model.RouteClass) string
- func HumanRouteSource(src model.RouteSource) string
- func IsTerminal(f *os.File) bool
- func LatestClaudeSessionID(records []model.RequestRecord) string
- func MaskCredentialHeaders(h http.Header) http.Header
- func NativeTLSPresentation(nativeTLS string, blocks int, loaded bool) (value, detail, state string)
- func SessionPosture(sess *model.Session, lastErr *model.ErrorRecord) string
- func ShortID(id string) string
- func ShortMethodLabel(rec model.RequestRecord) string
- func StatusGlyph(p Palette, status string) string
- type AnatomySegment
- type BodyView
- type HeaderClass
- type HeaderGroup
- type HeaderRow
- type MessageBlock
- type MessageTurn
- type Palette
- func (p Palette) Blue(s string) string
- func (p Palette) Bold(s string) string
- func (p Palette) Cyan(s string) string
- func (p Palette) Dim(s string) string
- func (p Palette) Green(s string) string
- func (p Palette) LabelValue(label, value string) string
- func (p Palette) Magenta(s string) string
- func (p Palette) Red(s string) string
- func (p Palette) Status(state string) string
- func (p Palette) Yellow(s string) string
- type SystemBlock
- type ToolEntry
Constants ¶
const ClaudeSessionHeader = "X-Claude-Code-Session-Id"
ClaudeSessionHeader is the request header Claude Code stamps on every /v1/messages call with the conversation's session UUID (the value that names the transcript under ~/.claude/projects; what --continue/--resume operate on). Single-sourced HERE for every surface — the web bootstrap, the supervisor scan, and the TUI header — so the spelling/casing can never drift between them.
Variables ¶
This section is empty.
Functions ¶
func BodiesPresentation ¶
func BodiesPresentation(captureBodies, captureBodiesUnmasked, captureTelemetry bool) (value, detail, state string)
BodiesPresentation maps the capture toggles to a (value, detail, state) tuple; state is bodies-off / bodies-on / bodies-unmasked. Single wording source for the web Bodies cell (and its JS twin) and the TUI capture line. The unmasked state applies only when request capture is also on.
func CredentialDenyList ¶
func CredentialDenyList() []string
CredentialDenyList returns the deny-list header names, sorted. It is the single source of truth shared with the JS live-patch via the page bootstrap so Go and JS cannot drift.
func HumanAuthBootstrap ¶
func HumanAuthBootstrap(b model.AuthBootstrap, _ model.AuthBootstrapKind) string
HumanAuthBootstrap renders the auth bootstrap state as a human-readable label. "placeholder injected" deliberately drops the kind suffix — the hero sentence and auth label already carry bearer/x-api-key.
func HumanAuthPolicy ¶
func HumanAuthPolicy(p model.AuthPolicy) string
HumanAuthPolicy renders an auth_policy enum as a human-readable label.
func HumanConfigSource ¶
func HumanEgress ¶
func HumanProfileSwitch ¶
HumanProfileSwitch renders a profile_switch trace Detail (the JSON the switch path records) as the one human sentence shared by every surface:
switched [a] → [b] · live refused [a] → [b] · needs relaunch rejected [a] ✗ requested (reason)
Returns "" when detail does not parse or carries neither a target nor a request — callers fall back to their raw rendering. Wording is the single source for the web first paint (unifiedActivityRows) and the TUI trace rows; the web live decorator (renderSwitchMarker, JS) repeats the same words — keep all three in lockstep.
func HumanRoute ¶
func HumanRoute(src model.RouteSource, configSource string) string
HumanRoute renders a route-source label, appending the config source as a detail suffix when it adds informative content. Used by status / web summary renderers; the launch summary keeps its own inline format because it carries the route_class instead.
func HumanRouteClass ¶
func HumanRouteClass(rc model.RouteClass) string
HumanRouteClass renders a route_class enum as a human-readable label. Wire format (manifests, --json) keeps the raw enum; this is human-only.
func HumanRouteSource ¶
func HumanRouteSource(src model.RouteSource) string
func IsTerminal ¶
func LatestClaudeSessionID ¶
func LatestClaudeSessionID(records []model.RequestRecord) string
LatestClaudeSessionID returns the ClaudeSessionHeader value carried by the most recent record that has it. Records are appended oldest-first, so the scan runs from the end. Empty when no record carries the header (before the first /v1/messages, or telemetry/CONNECT-only traffic).
func MaskCredentialHeaders ¶
MaskCredentialHeaders returns a COPY of h with every credential-class header value (per the shared deny-list — see ClassifyHeader) masked structure-preservingly: the auth scheme and a short leading prefix are kept, the rest of the secret is replaced with a length marker (e.g. "Bearer sk-ant-‹redacted 26 chars›"). Non-credential headers pass through verbatim; the input is never mutated.
This is the WIRE masker. The supervisor applies it to a RequestRecord's headers BEFORE the record enters the activity ring, so the raw credential never reaches /recent, the page bootstrap, the SSE stream, a HAR export, or a spill file — masking is correct-by-construction at the single store-side convergence point, not a property each emit site must remember. Render-time redaction (RenderHeaderGroupsWithRedaction and the web.go JS twin) is now defense in depth on top of it. The only bypass is the launch-time CCWRAP_UNMASK_CREDENTIALS=1 opt-in, gated by the caller (the supervisor stores raw under that flag, and the ribbon shows a persistent UNMASKED marker while it is set).
The masked form is deterministic across runs, so it does not pollute `ccwrap capture` version diffs. Shares ClassifyHeader's deny-list as the single source of truth — there is no second copy to drift.
func NativeTLSPresentation ¶
NativeTLSPresentation maps the session native_tls field (+ block-episode count + loaded flag) to a (value, detail, state) tuple. state is one of native-off / native-active / native-blocked. Single wording source for the web ribbon cell (and its JS live-patch twin) and the TUI summary line. See the supervisor wrapper for the per-state rationale.
func SessionPosture ¶
func SessionPosture(sess *model.Session, lastErr *model.ErrorRecord) string
SessionPosture returns the one-line plain-English hero summary rendered identically by every session-bearing surface. Wire/enum strings never appear here. lastErr may be nil; when nil the "Last: …" tail is omitted (faithful degradation for surfaces that do not carry the error list, e.g. ccwrap status).
func ShortID ¶
ShortID truncates a session ID to the 8-char form used by every surface's default rendering. The full ID surfaces only in --verbose / JSON / the web details drawer.
func ShortMethodLabel ¶
func ShortMethodLabel(rec model.RequestRecord) string
ShortMethodLabel is the CLI/TUI synthetic label form: a dim "SYNTH" + the real method, distinct from Web's full "SYNTHETIC" (which keeps using model.RequestRecord.MethodLabel). The model package stays presentation-free; this lives in ui.
func StatusGlyph ¶
StatusGlyph maps a doctor check status to its glyph, colored via the palette. pass→green ✓, warn→yellow ⚠, fail→red ✗.
Types ¶
type AnatomySegment ¶
type BodyView ¶
type BodyView struct {
TotalBytes int
Anatomy []AnatomySegment // top-level keys, wire order, byte share
System []SystemBlock
Tools []ToolEntry
Messages []MessageTurn
// Raw is the original bytes, re-emitted unchanged for the Raw JSON
// escape hatch. Never mutated.
Raw []byte
}
BodyView is the pure, render-ready projection of a captured request body. Storage is full-fidelity bytes on disk; this type only drives display. No I/O happens here.
func ParseRequestBody ¶
ParseRequestBody projects raw body bytes into a BodyView. On malformed JSON it returns a BodyView with only TotalBytes+Raw set and a non-nil error, so callers can still offer the Raw escape hatch.
type HeaderClass ¶
type HeaderClass int
HeaderClass is the render-time classification of an HTTP request header. Storage is always full-fidelity; this only drives display.
const ( HeaderShown HeaderClass = iota HeaderCredential )
func ClassifyHeader ¶
func ClassifyHeader(name string) HeaderClass
ClassifyHeader classifies a header name. Everything not in the deny-list is HeaderShown, including unknown/future headers (the accepted enumerated-deny-list residual).
type HeaderGroup ¶
HeaderGroup is a titled, ordered set of header rows.
func RenderHeaderGroups ¶
func RenderHeaderGroups(h http.Header) []HeaderGroup
RenderHeaderGroups turns a captured header map into ordered, grouped display rows. Credential-class values become the sentinel; the name is still shown. Multi-value headers join with ", ". Wire order is not preserved (http.Header is a map; accepted limitation, not to be "fixed").
This is the always-redact entry — used by CLI surfaces (ccwrap doctor, status banners, etc.) that have no per-session context and must stay conservative. The inspect web path uses RenderHeaderGroupsWithRedaction so the per-session unmask flag can route to the raw branch.
func RenderHeaderGroupsWithRedaction ¶
func RenderHeaderGroupsWithRedaction(h http.Header, redact bool) []HeaderGroup
RenderHeaderGroupsWithRedaction is the variant the inspect-web path uses to honor CCWRAP_UNMASK_CREDENTIALS=1. When redact is true the output is byte-identical to RenderHeaderGroups (credential values become the sentinel); when redact is false credential values are rendered raw — the user explicitly opted into seeing them via the env flag, and the ribbon Auth/Bodies cell already shows a persistent "⚠ UNMASKED" state to keep the choice visible (see web.go bodiesCellPresentation).
Crucially this stays a render-time policy: the underlying RequestRecord always carries the raw value. ccwrap's /recent + SSE wire is therefore stable across mask/unmask modes, and curl /recent remains a useful self-debug surface regardless of unmask state. The mask decision lives at exactly two render points (this function for first paint + the inline-JS classifyHdr branch in web.go for SSE-driven re-render) and both consult the same `redact` boolean (web.go: from sess.CaptureBodiesUnmasked).
type HeaderRow ¶
HeaderRow is one rendered header line. Value is the literal display string — for credential headers it is the sentinel, never the secret.
type MessageBlock ¶
type MessageTurn ¶
type MessageTurn struct {
Role string
Blocks []MessageBlock
}