apireno/DOMShell

Bug-sweep patch built on top of 2.0.0 / 1.3.0. Real-world stress-testing against LinkedIn surfaced a stack of issues — all addressed in one tight cycle.

Headline

• navigate no longer leaves the AX tree stuck on the previous page (#36) — cdpSwitchToTab's fast path was returning the pre-navigation cached tree because nothing invalidated it. Same fix covers back and forward.
• Clicks now dispatch trusted browser events by default (#37) — React-driven SPAs (LinkedIn, Twitter/X, Notion, …) and any code checking event.isTrusted no longer silently ignore DOMShell clicks.
• New key command (#40) — dispatch keyboard events (Enter, Escape, arrows, F-keys, single chars with modifiers) to the focused element. Three-round fix: special keys go through rawKeyDown (else Chrome drops them); auto-selects between trusted CDP and JS synthetic based on whether the target tab is the active tab in its window; --activate opt-in flag for explicit trusted dispatch with focus restore.
• Per-action terminal confirmation is OFF by default in the MCP server (#39) — the architecture is now "server tags tier in metadata, host owns the prompt." --no-confirm is preserved as a no-op for backward compatibility; new --confirm flag re-enables prompts for users running the server in their own terminal. Underlying TTY deadlock fixed.
• MCP tool annotations (#39 follow-up — credit @m13v) — all 38 tools now carry readOnlyHint / destructiveHint / openWorldHint so hosts (Claude Desktop, Cursor) can render context-aware approval UIs with the surrounding conversation context.

Also fixed

• js / eval timeout (#38) — 30-second cap with best-effort Runtime.terminateExecution cleanup; non-resolving Promises no longer hang the MCP call.
• scroll down / scroll up advance virtualized lists (#35) — walks up from the cursor to find the nearest scrollable ancestor; --window flag forces document scroll.
• ls <path> (#41) — actually respects the path argument now (was silently ignored).
• cd diagnostic (#42) — failure messages list available subdirectories and point at tree for deeper paths.

Versions in this release

• @apireno/domshell (MCP server) — 2.0.1 (this tag, shipping to npm)
• DOMShell Chrome extension — 1.3.1 (tag extension-v1.3.1)

Known follow-ups

• #42 — cd/ls/tree view parity (open for clean repro; the diagnostic message is the interim improvement).
• #45 — AX-tree collapsing hides React-handler-bearing inner divs (the structural reason LinkedIn's <li> rows still don't activate via DOMShell even with trusted keys; out of scope for this patch).

Web Store

Chrome extension 1.3.1 ships when 1.3.0 clears its in-flight Web Store review (1.3.0 carries the new tabGroups permission — a code-only 1.3.1 should sail through). The packaged ZIP is built from this tag (sha256 7cfc05ea76e58099a66305bbbf16959047a17f39a5a81acf1768fb746fc9add9).

See CHANGELOG.md for the full per-bullet detail.