npm - @0dai-dev/cli - Versions diffs - 3.3.0 → 3.3.2 - Mend

@0dai-dev/cli 3.3.0 → 3.3.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/bin/0dai.js +66 -26
package/package.json +1 -1

package/bin/0dai.js CHANGED Viewed

@@ -8,7 +8,26 @@ const path = require("path");
 const os = require("os");
 const VERSION = require("../package.json").version;
-const API_URL = process.env.ODAI_API_URL || "https://api.0dai.dev";
+// CRITICAL: validate API_URL to prevent credential exfiltration to attacker hosts
+function _validateApiUrl(url) {
+  const DEFAULT = "https://api.0dai.dev";
+  if (!url) return DEFAULT;
+  try {
+    const u = new URL(url);
+    // Only allow https (or http for localhost during dev)
+    if (u.protocol === "https:") return url;
+    if (u.protocol === "http:" && (u.hostname === "localhost" || u.hostname === "127.0.0.1" || u.hostname === "::1")) {
+      return url;
+    }
+    console.error(`[0dai] warning: ODAI_API_URL must use https (or http://localhost). Got: ${u.protocol}//${u.hostname}. Ignoring.`);
+    return DEFAULT;
+  } catch {
+    console.error(`[0dai] warning: ODAI_API_URL is not a valid URL, ignoring`);
+    return DEFAULT;
+  }
+}
+const API_URL = _validateApiUrl(process.env.ODAI_API_URL);
 const T = process.stdout.isTTY ? "\x1b[38;2;45;212;168m" : ""; // teal
 const R = process.stdout.isTTY ? "\x1b[0m" : ""; // reset
 const D = process.stdout.isTTY ? "\x1b[2m" : ""; // dim
@@ -321,17 +340,20 @@ function mergeSettingsJson(existing, incoming) {
   } catch { return incoming; }
 }
-function mergeAgentsMd(existing, incoming) {
-  // If user marked as unmanaged, don't touch
-  if (existing.includes("managed: false")) return existing;
-  // If managed, update with new content but preserve user additions after managed block
-  return incoming;
-}
 function writeFiles(target, files) {
-  let created = 0, updated = 0, unchanged = 0, merged = 0;
+  let created = 0, updated = 0, unchanged = 0, merged = 0, skipped = 0;
+  const targetResolved = path.resolve(target);
   for (const [rel, content] of Object.entries(files)) {
-    const p = path.join(target, rel);
+    // HIGH: path traversal protection — reject absolute paths and `..` escapes
+    if (typeof rel !== "string" || !rel || path.isAbsolute(rel) || rel.split(/[/\\]/).includes("..")) {
+      skipped++;
+      continue;
+    }
+    const p = path.resolve(targetResolved, rel);
+    if (!p.startsWith(targetResolved + path.sep) && p !== targetResolved) {
+      skipped++;
+      continue;
+    }
     fs.mkdirSync(path.dirname(p), { recursive: true });
     let finalContent = content;
@@ -365,6 +387,7 @@ function writeFiles(target, files) {
   }
   const parts = [`${created} created`, `${updated} updated`, `${unchanged} unchanged`];
   if (merged) parts.push(`${merged} merged`);
+  if (skipped) parts.push(`${skipped} skipped (unsafe path)`);
   log(parts.join(", "));
   return created + updated;
 }
@@ -1446,9 +1469,10 @@ async function cmdAuthLogin() {
       const url = `${API_URL}/v1/auth/${method}?cli=true`;
       p.log.info(`Opening browser: ${url}`);
       try {
-        const { execSync } = require("child_process");
+        const { execFileSync } = require("child_process");
         const cmd = os.platform() === "darwin" ? "open" : os.platform() === "win32" ? "start" : "xdg-open";
-        execSync(`${cmd} "${url}"`, { stdio: "ignore" });
+        // MED: use execFileSync to avoid shell injection via URL metacharacters
+        execFileSync(cmd, [url], { stdio: "ignore" });
       } catch {
         p.log.warn(`Could not open browser. Visit manually:\n  ${url}`);
       }
@@ -1655,25 +1679,24 @@ async function cmdFeedbackPush(target) {
 // --- Models ---
 function cmdModels(filter) {
+  // Scores from benchmark_models.py (3-task: read/count/review, 2026-04-06)
   const MODELS = [
     { name: "Claude Opus 4.6",   tier: "deep",     score: 95, cli: "claude",   flag: "--model opus" },
+    { name: "GPT-5.4-mini",      tier: "fast",     score: 93, cli: "codex",    flag: "-m gpt-5.4-mini",      tested: true },
+    { name: "MiniMax M2.7",      tier: "balanced", score: 93, cli: "opencode", flag: "-m opencode-go/minimax-m2.7",   tested: true },
     { name: "Claude Sonnet 4.6", tier: "balanced", score: 90, cli: "claude",   flag: "--model sonnet" },
-    { name: "Claude Haiku 4.5",  tier: "fast",     score: 78, cli: "claude",   flag: "--model haiku" },
-    { name: "GPT-5.3 Codex",     tier: "deep",     score: 91, cli: "codex",    flag: "-m gpt-5.3-codex",      tested: true },
-    { name: "GPT-5.3 Spark",     tier: "fast",     score: 82, cli: "codex",    flag: "-m gpt-5.3-codex-spark",tested: true },
-    { name: "GPT-5.4",           tier: "balanced", score: 89, cli: "codex",    flag: "-m gpt-5.4",           tested: true },
-    { name: "GPT-5.4-mini",      tier: "fast",     score: 76, cli: "codex",    flag: "-m gpt-5.4-mini",      tested: true },
-    { name: "GPT-5.2",           tier: "balanced", score: 87, cli: "codex",    flag: "-m gpt-5.2",           tested: true },
-    { name: "GPT-5.1",           tier: "fast",     score: 75, cli: "codex",    flag: "-m gpt-5.1",           tested: true },
+    { name: "GPT-5.4",           tier: "balanced", score: 90, cli: "codex",    flag: "-m gpt-5.4",           tested: true },
+    { name: "Kimi K2.5",         tier: "balanced", score: 88, cli: "opencode", flag: "-m opencode-go/kimi-k2.5",      tested: true },
+    { name: "Qwen 3.6+ Free",    tier: "free",     score: 88, cli: "opencode", flag: "-m opencode/qwen3.6-plus-free", tested: true },
     { name: "Gemini 3.1 Pro",    tier: "balanced", score: 85, cli: "gemini",   flag: "-m gemini-3.1-pro" },
+    { name: "GPT-5.3 Codex",     tier: "deep",     score: 83, cli: "codex",    flag: "-m gpt-5.3-codex",      tested: true },
+    { name: "GPT-5.3 Spark",     tier: "fast",     score: 82, cli: "codex",    flag: "-m gpt-5.3-codex-spark" },
+    { name: "Claude Haiku 4.5",  tier: "fast",     score: 78, cli: "claude",   flag: "--model haiku" },
     { name: "Gemini 3 Flash",    tier: "fast",     score: 77, cli: "gemini",   flag: "-m gemini-3-flash" },
-    { name: "Mimo v2 Pro",        tier: "balanced", score: 80, cli: "opencode", flag: "-m opencode-go/mimo-v2-pro",    tested: true },
-    { name: "Mimo v2 Omni",      tier: "fast",     score: 78, cli: "opencode", flag: "-m opencode-go/mimo-v2-omni",   tested: true },
-    { name: "Kimi K2.5",         tier: "balanced", score: 72, cli: "opencode", flag: "-m opencode-go/kimi-k2.5",      tested: true },
-    { name: "MiniMax M2.5",      tier: "fast",     score: 70, cli: "opencode", flag: "-m opencode-go/minimax-m2.5",   tested: true },
-    { name: "MiniMax M2.7",      tier: "balanced", score: 68, cli: "opencode", flag: "-m opencode-go/minimax-m2.7",   tested: true },
-    { name: "Qwen 3.6+ Free",    tier: "fast",     score: 64, cli: "opencode", flag: "-m opencode/qwen3.6-plus-free", tested: true },
-    { name: "GLM-5",             tier: "fast",     score: 62, cli: "opencode", flag: "-m opencode-go/glm-5",          tested: true },
+    { name: "Mimo v2 Pro",       tier: "fast",     score: 74, cli: "opencode", flag: "-m opencode-go/mimo-v2-pro",    tested: true },
+    { name: "GPT-5.4 (opencode)",tier: "fast",     score: 74, cli: "opencode", flag: "-m openai/gpt-5.4",            tested: true },
+    { name: "GPT-5.2",           tier: "balanced", score: 87, cli: "codex",    flag: "-m gpt-5.2",           tested: true },
+    { name: "MiniMax M2.5",      tier: "slow",     score: 57, cli: "opencode", flag: "-m opencode-go/minimax-m2.5",   tested: true },
   ];
   const { execFileSync } = require("child_process");
@@ -1792,6 +1815,23 @@ function cmdSwarm(target, sub, args) {
       const event = args.find((_, i) => args[i-1] === "--event") || "all";
       const secret = args.find((_, i) => args[i-1] === "--secret") || "";
       if (!url || !url.startsWith("http")) { log("Usage: 0dai swarm webhook add <url> [--event task_done|task_failed|all] [--secret TOKEN]"); return; }
+      // MED: SSRF protection — block internal/metadata endpoints
+      try {
+        const u = new URL(url);
+        const host = u.hostname;
+        const BLOCKED = /^(127\.|10\.|192\.168\.|172\.(1[6-9]|2[0-9]|3[01])\.|169\.254\.|::1$|fc00:|fe80:|localhost$|0\.0\.0\.0$)/i;
+        if (BLOCKED.test(host) || host === "metadata.google.internal") {
+          log(`rejected: ${host} is a private/internal address (SSRF protection)`);
+          return;
+        }
+        if (u.protocol !== "https:" && u.protocol !== "http:") {
+          log(`rejected: only http/https allowed, got ${u.protocol}`);
+          return;
+        }
+      } catch {
+        log(`invalid URL: ${url}`);
+        return;
+      }
       const hooks = loadHooks();
       if (hooks.find(h => h.url === url)) { log(`already registered: ${url}`); return; }
       hooks.push({ url, event, secret: secret || undefined, added_at: new Date().toISOString() });

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@0dai-dev/cli",
-  "version": "3.3.0",
+  "version": "3.3.2",
   "description": "One config layer for 5 AI agent CLIs — Claude Code, Codex, OpenCode, Gemini, Aider",
   "bin": {
     "0dai": "./bin/0dai.js"