feat: 统一跨平台重启工作流

[ymkiux]

变更说明

• 新增 cmd/workflows/build-restart.cmd（Windows）
• 新增 cmd/workflows/build-restart.sh（macOS/Linux）
• 新增 cmd/workflows/README.md 说明使用方式

目标

• 统一 pnpm build -> 关闭 9880/9881 -> wails dev 的开发工作流
• 脚本通过向上查找 go.mod + web/package.json 自动定位仓库根目录，适配路径变化

影响范围

• 仅新增工作流脚本与文档，不修改业务逻辑

Summary by CodeRabbit

发布说明

• 文档

  • 在 README 与 README_CN 中添加仪表板“预览”节并居中展示示意图
  • 新增 cmd/workflows 的使用说明（构建与重启开发环境工作流）

• 新功能

  • 添加跨平台的构建并重启开发环境脚本（Windows 与 Unix），简化本地开发流程

• 杂项

  • 添加 .gitattributes 以规范 Windows 脚本换行处理
  • 微小文本/编码调整（不影响可见内容）

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 58368fa and 1e14e53.

📒 Files selected for processing (2)

• .gitattributes
• cmd/workflows/build-restart.cmd

✅ Files skipped from review due to trivial changes (1)

• .gitattributes

📜 Recent review details

🧰 Additional context used

🪛 Blinter (1.0.112)

cmd/workflows/build-restart.cmd

[error] 55-55: Missing colon in CALL statement. Explanation: CALL statements to labels require a colon (unlike GOTO where colon is optional). Recommendation: Use CALL :label_name with colon when calling internal subroutines. Context: CALL to label 'wails' should use colon: CALL :wails

(E014)

---

[error] 106-106: Command injection via variable substitution. Explanation: Variables containing user input used in commands may allow code injection. Recommendation: Validate and sanitize variables before use in command execution. Context: Variable used with shell operators may allow injection

(SEC013)

---

[error] 106-106: Process killing without authentication. Explanation: TASKKILL commands can terminate system processes without proper checks. Recommendation: Add process ownership and permission checks before killing processes. Context: TASKKILL /F should include filters to avoid system processes

(SEC015)

🔇 Additional comments (5)

cmd/workflows/build-restart.cmd (5)

1-24: 根目录查找逻辑实现完善

脚本通过向上遍历查找 go.mod 和 web\package.json 来定位仓库根目录，逻辑清晰且健壮。第 14 行通过比较父目录与当前目录是否相同来检测文件系统根目录，能正确处理边界情况。

---

26-47: 构建与端口清理流程合理

构建步骤包含完善的错误处理，失败时会中止脚本。SEEN_PIDS=; 的初始化方式配合 ;PID; 模式匹配能有效避免 PID 子串误匹配（如 PID 12 不会匹配到 123）。

---

55-58: 静态分析 E014 为误报

静态分析工具报告 call wails dev 缺少冒号，这是误报。wails 是外部可执行程序而非内部标签，调用外部命令时不需要冒号前缀。冒号仅在调用内部子程序（如 :killByPort）时必需。

退出码的捕获和传递逻辑正确。

---

60-77: 端口检测子程序实现正确

netstat -ano 输出格式为 Proto LocalAddr ForeignAddr State PID，tokens=2,5 正确提取本地地址和 PID。使用 :%PORT%$ 后缀匹配确保精确匹配目标端口，避免 9880 匹配到 19880 等情况。

---

79-113: PID 验证和保护措施到位

子程序包含多层防护：

1. 空值检查（83-86 行）
2. 数字格式验证（88-92 行）— 有效缓解静态分析 SEC013 报告的注入风险
3. 系统关键 PID 保护（94-97 行，PID ≤ 4）— 覆盖 System Idle (0)、System (4) 等核心进程
4. 去重机制（99-102 行）避免重复 kill

对于仅针对 9880/9881 端口的开发工作流脚本，当前保护级别合理。

---

📝 Walkthrough

Walkthrough

新增 README 的预览段落及图片引用；新增 cmd/workflows 下的两个启动脚本（Windows 批处理与 Bash）及其说明文档；添加 .gitattributes 指定 .cmd 文件的 CRLF 行结束设置。

Changes

Cohort / File(s)	Summary
Docs: README 更新 README.md, README_CN.md	新增“预览/預覽”小节并居中展示 web/public/preview.png，文件开头包含微小隐藏字符（BOM/零宽字符）变更。
Workflows 文档 cmd/workflows/README.md	新增工作流说明：Build + Restart Dev，描述脚本行为与运行步骤（在 web 目录运行 pnpm build、停止端口 9880/9881、启动 wails dev）。
Windows 工作流脚本 cmd/workflows/build-restart.cmd	新增 Windows 批处理脚本：向上查找仓库根（检测 go.mod 与 web\package.json）、执行前端构建、检测并终止监听端口 9880/9881 的进程（带去重与验证）、启动 wails dev；包含错误处理与日志。
Unix 工作流脚本 cmd/workflows/build-restart.sh	新增 Bash 脚本：同样向上查找仓库根、在 web 运行 pnpm build、用 lsof/fuser/ss 等工具查找并终止端口进程、去重并记录结果，最终从仓库根启动 wails dev。
Repo 属性 .gitattributes	新增一行：*.cmd text eol=crlf，确保 .cmd 文件使用 CRLF 行尾。

Sequence Diagram(s)

sequenceDiagram
    participant Dev as 开发者
    participant Script as build-restart.sh/cmd
    participant Frontend as web/pnpm
    participant OS as 操作系统 (端口/进程)
    participant Wails as wails dev

    Dev->>Script: 运行脚本（可带参数）
    Script->>Script: 向上遍历查找 go.mod + web/package.json
    Script->>Frontend: cd web && pnpm build
    Frontend-->>Script: 构建结果（成功/失败）
    Script->>OS: 检查端口 9880, 9881 的 PID 列表
    OS-->>Script: 返回 PID(s)
    Script->>OS: 终止 PID（去重、验证、记录）
    OS-->>Script: 终止结果
    Script->>Wails: 从仓库根启动 `wails dev`（传递参数）
    Wails-->>Dev: wails dev 输出 / 退出码

Loading

Estimated code review effort

🎯 3 (中等) | ⏱️ ~25 分钟

Possibly related PRs

• docs: 补充项目界面预览 #271：对 README/README_CN 和 web/public/preview.png 的相同“预览”部分及居中图片更改（含相同 BOM/隐字符变化）。

Suggested reviewers

• SurviveM

Poem

🐰 新预览闪亮登场，图居中笑开怀，
脚本轻踩构建舞步，端口悄然清扫开，
Wails 启动又欢跃，开发路上更从容。

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	PR标题清晰准确地描述了主要变更内容：统一跨平台的开发重启工作流，这与PR的核心目标完全吻合。

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

cmd/workflows/build-restart.cmd (1)

79-98: 建议增加对系统关键进程的防护

当前逻辑仅过滤了 PID 0，但未防护其他系统关键进程（如 PID 4 为 System 进程）。虽然在开发工作流中风险较低，但增加防护可提高脚本健壮性。

♻️ 建议的改进

 :tryKillPid
 set "PID=%~1"
 set "PORT=%~2"

 if "%PID%"=="0" goto :eof
+if "%PID%"=="4" goto :eof

 echo !SEEN_PIDS! | findstr /C:";%PID%;" >nul

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@cmd/workflows/build-restart.cmd` around lines 79 - 98, The :tryKillPid block
currently only skips PID 0; add protection to avoid killing system-critical PIDs
by checking PID against a small protected set (e.g., 0 and 4) or refusing to
kill any PID <= 4, and log a warning and goto :eof when matched; update the
checks around the PID variable (used in the labels and taskkill call) so
SEEN_PIDS, KILLED_ANY and the taskkill invocation are only reached for
non-protected, valid numeric PIDs.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@cmd/workflows/build-restart.cmd`:
- Around line 1-2: The file uses LF line endings which can break Windows batch
parsing; convert this batch (lines containing "@echo off" and "setlocal
EnableExtensions EnableDelayedExpansion") to use CRLF line endings and add a
.gitattributes entry to enforce CRLF for .cmd (e.g. set *.cmd text eol=crlf) so
future commits are normalized; after updating .gitattributes, refresh the
repository's working tree (normalize) and recommit the converted
build-restart.cmd file.

---

Nitpick comments:
In `@cmd/workflows/build-restart.cmd`:
- Around line 79-98: The :tryKillPid block currently only skips PID 0; add
protection to avoid killing system-critical PIDs by checking PID against a small
protected set (e.g., 0 and 4) or refusing to kill any PID <= 4, and log a
warning and goto :eof when matched; update the checks around the PID variable
(used in the labels and taskkill call) so SEEN_PIDS, KILLED_ANY and the taskkill
invocation are only reached for non-protected, valid numeric PIDs.

---

ℹ️ Review info

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 8235829 and 58368fa.

⛔ Files ignored due to path filters (1)

• web/public/preview.png is excluded by !**/*.png

📒 Files selected for processing (5)

• README.md
• README_CN.md
• cmd/workflows/README.md
• cmd/workflows/build-restart.cmd
• cmd/workflows/build-restart.sh

📜 Review details

🧰 Additional context used

🪛 Blinter (1.0.112)

cmd/workflows/build-restart.cmd

[error] 55-55: Missing colon in CALL statement. Explanation: CALL statements to labels require a colon (unlike GOTO where colon is optional). Recommendation: Use CALL :label_name with colon when calling internal subroutines. Context: CALL to label 'wails' should use colon: CALL :wails

(E014)

---

[error] 1-1: Unix line endings detected. Explanation: Batch file uses Unix line endings (LF-only) which can cause GOTO/CALL label parsing failures and script malfunction due to Windows batch parser 512-byte boundary bugs. Recommendation: Convert file to Windows line endings (CRLF). Use tools like dos2unix, notepad++, or configure git with 'git config core.autocrlf true'. Context: File uses Unix line endings (LF-only) - 98 LF sequences found

(E018)

---

[error] 92-92: Command injection via variable substitution. Explanation: Variables containing user input used in commands may allow code injection. Recommendation: Validate and sanitize variables before use in command execution. Context: Variable used with shell operators may allow injection

(SEC013)

---

[error] 92-92: Process killing without authentication. Explanation: TASKKILL commands can terminate system processes without proper checks. Recommendation: Add process ownership and permission checks before killing processes. Context: TASKKILL /F should include filters to avoid system processes

(SEC015)

🔇 Additional comments (6)

README_CN.md (1)

11-15: LGTM!

预览部分添加得很好，图片居中显示且与英文 README 保持一致。

README.md (1)

11-15: LGTM!

Preview 部分结构清晰，图片路径正确。

cmd/workflows/build-restart.sh (1)

1-99: LGTM!

脚本结构良好：

• 使用 set -euo pipefail 确保严格模式
• 仓库根目录检测逻辑健壮
• 支持多种端口扫描工具（lsof/fuser/ss）的降级策略
• 使用 exec 替换当前进程启动 wails dev，避免僵尸进程

cmd/workflows/README.md (1)

1-21: LGTM!

文档简洁明了，清楚说明了两个脚本的用途和工作流程。

cmd/workflows/build-restart.cmd (2)

55-58: LGTM!

call wails dev %* 正确调用外部 wails 命令并传递参数。静态分析工具关于"缺少冒号"的提示是误报——wails 是外部可执行文件而非脚本内部标签。

---

7-24: LGTM!

仓库根目录检测逻辑实现正确，通过向上遍历目录查找 go.mod 和 web\package.json，能够适应脚本目录位置的变化。