@agent-e/server 1.8.1 → 1.8.2

package/dist/cli.js

@@ -32,7 +32,8 @@ var import_node_crypto = require("crypto");
 var import_core = require("@agent-e/core");
 
 // src/dashboard.ts
-function getDashboardHtml() {
+function getDashboardHtml(nonce) {
+  const nonceAttr = nonce ? ` nonce="${nonce}"` : "";
   return `<!DOCTYPE html>
 <html lang="en">
 <head>
@@ -42,7 +43,7 @@ function getDashboardHtml() {
 <link rel="preconnect" href="https://fonts.googleapis.com">
 <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
 <link href="https://fonts.googleapis.com/css2?family=Inter:opsz,wght@14..32,400;14..32,500;14..32,600;14..32,700&family=JetBrains+Mono:wght@400;500&display=swap" rel="stylesheet">
-<script src="https://cdn.jsdelivr.net/npm/chart.js@4.5.1/dist/chart.umd.min.js"></script>
+<script src="https://cdn.jsdelivr.net/npm/chart.js@4.5.1/dist/chart.umd.min.js" integrity="sha384-jb8JQMbMoBUzgWatfe6COACi2ljcDdZQ2OxczGA3bGNeWe+6DChMTBJemed7ZnvJ" crossorigin="anonymous"` + nonceAttr + `></script>
 <style>
   *, *::before, *::after { margin: 0; padding: 0; box-sizing: border-box; }
 
@@ -863,7 +864,7 @@ function getDashboardHtml() {
 
 </main>
 
-<script>
+<script` + nonceAttr + `>
 (function() {
   'use strict';
 
@@ -910,6 +911,9 @@ function getDashboardHtml() {
   var $dashboardRoot = document.getElementById('dashboard-root');
 
   // -- Helpers --
+  // SECURITY-CRITICAL: esc() prevents XSS by escaping all HTML-significant characters.
+  // Every user-derived or WebSocket-derived value rendered via innerHTML MUST pass through esc().
+  // If adding new terminal renderers or DOM builders, always use esc() on dynamic data.
   function esc(s) { return String(s).replace(/&/g,'&amp;').replace(/</g,'&lt;').replace(/>/g,'&gt;').replace(/"/g,'&quot;').replace(/'/g,'&#39;').replace(/\\\\/g,'&#92;'); }
   function pad(n, w) { return String(n).padStart(w || 4, ' '); }
   function fmt(n) { return typeof n === 'number' ? n.toFixed(3) : '\\u2014'; }
@@ -1314,14 +1318,25 @@ function getDashboardHtml() {
   }
 
   // -- API calls --
+  // Read token from URL query param \u2014 never embed the API key in the HTML body.
+  var _authKey = new URLSearchParams(location.search).get('token');
+
+  function authHeaders() {
+    var h = {};
+    if (_authKey) h['Authorization'] = 'Bearer ' + _authKey;
+    return h;
+  }
+
   function fetchJSON(path) {
-    return fetch(path).then(function(r) { return r.json(); });
+    return fetch(path, { headers: authHeaders() }).then(function(r) { return r.json(); });
   }
 
   function postJSON(path, body) {
+    var h = authHeaders();
+    h['Content-Type'] = 'application/json';
     return fetch(path, {
       method: 'POST',
-      headers: { 'Content-Type': 'application/json' },
+      headers: h,
       body: JSON.stringify(body),
     }).then(function(r) { return r.json(); });
   }
@@ -1383,7 +1398,9 @@ function getDashboardHtml() {
   // -- WebSocket --
   function connectWS() {
     var proto = location.protocol === 'https:' ? 'wss:' : 'ws:';
-    ws = new WebSocket(proto + '//' + location.host);
+    var wsUrl = proto + '//' + location.host;
+    if (_authKey) wsUrl += '?token=' + encodeURIComponent(_authKey);
+    ws = new WebSocket(wsUrl);
 
     ws.onopen = function() {
       reconnectDelay = 1000;
@@ -1533,11 +1550,30 @@ function getDashboardHtml() {
 </html>`;
 }
 
+// src/validation.ts
+var VALID_EVENT_TYPES = /* @__PURE__ */ new Set([
+  "trade",
+  "mint",
+  "burn",
+  "transfer",
+  "produce",
+  "consume",
+  "role_change",
+  "enter",
+  "churn"
+]);
+function validateEvent(e) {
+  if (!e || typeof e !== "object") return false;
+  const ev = e;
+  return typeof ev["type"] === "string" && VALID_EVENT_TYPES.has(ev["type"]) && typeof ev["timestamp"] === "number" && typeof ev["actor"] === "string";
+}
+
 // src/routes.ts
 function setSecurityHeaders(res) {
   res.setHeader("X-Content-Type-Options", "nosniff");
   res.setHeader("X-Frame-Options", "DENY");
   res.setHeader("Referrer-Policy", "strict-origin-when-cross-origin");
+  res.setHeader("Strict-Transport-Security", "max-age=31536000; includeSubDomains");
 }
 function setCorsHeaders(res, allowedOrigin, requestOrigin) {
   setSecurityHeaders(res);
@@ -1579,21 +1615,34 @@ function json(res, status, data, origin, reqOrigin) {
   res.end(JSON.stringify(data));
 }
 var MAX_BODY_BYTES = 1048576;
+var READ_BODY_TIMEOUT_MS = 3e4;
+var MAX_CONFIG_ARRAY = 1e3;
 function readBody(req) {
   return new Promise((resolve, reject) => {
     const chunks = [];
     let totalBytes = 0;
+    const timeout = setTimeout(() => {
+      req.destroy();
+      reject(new Error("Request body read timeout"));
+    }, READ_BODY_TIMEOUT_MS);
     req.on("data", (chunk) => {
       totalBytes += chunk.length;
       if (totalBytes > MAX_BODY_BYTES) {
+        clearTimeout(timeout);
         req.destroy();
         reject(new Error("Request body too large"));
         return;
       }
       chunks.push(chunk);
     });
-    req.on("end", () => resolve(Buffer.concat(chunks).toString("utf-8")));
-    req.on("error", reject);
+    req.on("end", () => {
+      clearTimeout(timeout);
+      resolve(Buffer.concat(chunks).toString("utf-8"));
+    });
+    req.on("error", (err) => {
+      clearTimeout(timeout);
+      reject(err);
+    });
   });
 }
 function createRouteHandler(server2) {
@@ -1640,9 +1689,10 @@ function createRouteHandler(server2) {
           });
           return;
         }
+        const validEvents = Array.isArray(events) ? events.filter(validateEvent) : void 0;
         const result = await server2.processTick(
           state,
-          Array.isArray(events) ? events : void 0
+          validEvents
         );
         const warnings = validation?.warnings ?? [];
         respond(200, {
@@ -1672,6 +1722,10 @@ function createRouteHandler(server2) {
         return;
       }
       if (path === "/decisions" && method === "GET") {
+        if (!checkAuth(req, apiKey)) {
+          respond(401, { error: "Unauthorized" });
+          return;
+        }
         const rawLimit = parseInt(url.searchParams.get("limit") ?? "100", 10);
         const limit = Math.min(Math.max(Number.isNaN(rawLimit) ? 100 : rawLimit, 1), 1e3);
         const sinceParam = url.searchParams.get("since");
@@ -1687,7 +1741,11 @@ function createRouteHandler(server2) {
         } else {
           decisions = agentE.log.latest(limit);
         }
-        respond(200, { decisions });
+        const sanitized = decisions.map((d) => {
+          const { metricsSnapshot: _, ...rest } = d;
+          return rest;
+        });
+        respond(200, { decisions: sanitized });
         return;
       }
       if (path === "/config" && method === "POST") {
@@ -1705,18 +1763,18 @@ function createRouteHandler(server2) {
         }
         const config = parsed;
         if (Array.isArray(config["lock"])) {
-          for (const param of config["lock"]) {
+          for (const param of config["lock"].slice(0, MAX_CONFIG_ARRAY)) {
             if (typeof param === "string") server2.lock(param);
           }
         }
         if (Array.isArray(config["unlock"])) {
-          for (const param of config["unlock"]) {
+          for (const param of config["unlock"].slice(0, MAX_CONFIG_ARRAY)) {
             if (typeof param === "string") server2.unlock(param);
           }
         }
         if (Array.isArray(config["constrain"])) {
           const validated = [];
-          for (const c of config["constrain"]) {
+          for (const c of config["constrain"].slice(0, MAX_CONFIG_ARRAY)) {
             if (c && typeof c === "object" && typeof c["param"] === "string" && typeof c["min"] === "number" && typeof c["max"] === "number") {
               const constraint = c;
               if (!Number.isFinite(constraint.min) || !Number.isFinite(constraint.max)) {
@@ -1789,14 +1847,28 @@ function createRouteHandler(server2) {
         return;
       }
       if (path === "/" && method === "GET" && server2.serveDashboard) {
+        if (apiKey) {
+          const dashToken = url.searchParams.get("token") ?? "";
+          const hasBearer = checkAuth(req, apiKey);
+          const hasQueryToken = dashToken.length === apiKey.length && (0, import_node_crypto.timingSafeEqual)(Buffer.from(dashToken), Buffer.from(apiKey));
+          if (!hasBearer && !hasQueryToken) {
+            respond(401, { error: "Unauthorized \u2014 use ?token=<apiKey> or Authorization header" });
+            return;
+          }
+        }
         setCorsHeaders(res, cors, reqOrigin);
-        res.setHeader("Content-Security-Policy", "default-src 'self'; script-src 'unsafe-inline' https://cdn.jsdelivr.net; style-src 'unsafe-inline' https://fonts.googleapis.com; font-src https://fonts.gstatic.com; connect-src 'self' ws: wss:; img-src 'self' data:");
-        res.setHeader("Cache-Control", "public, max-age=60");
+        const nonce = (0, import_node_crypto.randomBytes)(16).toString("base64");
+        res.setHeader("Content-Security-Policy", `default-src 'self'; script-src 'nonce-${nonce}' https://cdn.jsdelivr.net; style-src 'unsafe-inline' https://fonts.googleapis.com; font-src https://fonts.gstatic.com; connect-src 'self' ws: wss:; img-src 'self' data:`);
+        res.setHeader("Cache-Control", "no-cache, private");
         res.writeHead(200, { "Content-Type": "text/html; charset=utf-8" });
-        res.end(getDashboardHtml());
+        res.end(getDashboardHtml(nonce));
         return;
       }
       if (path === "/metrics" && method === "GET") {
+        if (!checkAuth(req, apiKey)) {
+          respond(401, { error: "Unauthorized" });
+          return;
+        }
         const agentE = server2.getAgentE();
         const latest = agentE.store.latest();
         const history = agentE.store.recentHistory(100);
@@ -1804,6 +1876,10 @@ function createRouteHandler(server2) {
         return;
       }
       if (path === "/metrics/personas" && method === "GET") {
+        if (!checkAuth(req, apiKey)) {
+          respond(401, { error: "Unauthorized" });
+          return;
+        }
         const agentE = server2.getAgentE();
         const latest = agentE.store.latest();
         const dist = latest.personaDistribution || {};
@@ -1894,6 +1970,10 @@ function createRouteHandler(server2) {
         return;
       }
       if (path === "/pending" && method === "GET") {
+        if (!checkAuth(req, apiKey)) {
+          respond(401, { error: "Unauthorized" });
+          return;
+        }
         const agentE = server2.getAgentE();
         const pending = agentE.log.query({ result: "skipped_override" });
         respond(200, {
@@ -1923,6 +2003,7 @@ function send(ws, data) {
 var MAX_WS_PAYLOAD = 1048576;
 var MAX_WS_CONNECTIONS = 100;
 var MIN_TICK_INTERVAL_MS = 100;
+var GLOBAL_MIN_TICK_INTERVAL_MS = 50;
 function sanitizeJson2(obj) {
   if (obj === null || typeof obj !== "object") return obj;
   if (Array.isArray(obj)) return obj.map(sanitizeJson2);
@@ -1935,6 +2016,7 @@ function sanitizeJson2(obj) {
 }
 function createWebSocketHandler(httpServer, server2) {
   const wss = new import_ws.WebSocketServer({ server: httpServer, maxPayload: MAX_WS_PAYLOAD });
+  let globalLastTickTime = 0;
   const aliveMap = /* @__PURE__ */ new WeakMap();
   const heartbeatInterval = setInterval(() => {
     for (const ws of wss.clients) {
@@ -1962,7 +2044,8 @@ function createWebSocketHandler(httpServer, server2) {
     }
     if (server2.apiKey) {
       const url = new URL(req.url ?? "/", `http://${req.headers.host ?? "localhost"}`);
-      const token = url.searchParams.get("token") ?? req.headers["authorization"]?.replace("Bearer ", "");
+      const authHeader = req.headers["authorization"];
+      const token = (authHeader?.startsWith("Bearer ") ? authHeader.slice(7) : void 0) ?? url.searchParams.get("token");
       if (!token || token.length !== server2.apiKey.length || !(0, import_node_crypto2.timingSafeEqual)(Buffer.from(token), Buffer.from(server2.apiKey))) {
         ws.close(1008, "Unauthorized");
         return;
@@ -1996,7 +2079,12 @@ function createWebSocketHandler(httpServer, server2) {
             send(ws, { type: "error", message: "Rate limited \u2014 min 100ms between ticks" });
             break;
           }
+          if (now - globalLastTickTime < GLOBAL_MIN_TICK_INTERVAL_MS) {
+            send(ws, { type: "error", message: "Rate limited \u2014 server tick capacity exceeded" });
+            break;
+          }
           lastTickTime = now;
+          globalLastTickTime = now;
           const state = msg["state"];
           const events = msg["events"];
           if (server2.validateState) {
@@ -2010,9 +2098,10 @@ function createWebSocketHandler(httpServer, server2) {
             }
           }
           try {
+            const validEvents = Array.isArray(events) ? events.filter(validateEvent) : void 0;
             const result = await server2.processTick(
               state,
-              Array.isArray(events) ? events : void 0
+              validEvents
             );
             send(ws, {
               type: "tick_result",
@@ -2032,13 +2121,17 @@ function createWebSocketHandler(httpServer, server2) {
           break;
         }
         case "event": {
-          const event = msg["event"];
-          if (event) {
-            server2.getAgentE().ingest(event);
-            send(ws, { type: "event_ack" });
-          } else {
+          const rawEvent = msg["event"];
+          if (!rawEvent) {
             send(ws, { type: "error", message: 'Missing "event" field' });
+            break;
           }
+          if (!validateEvent(rawEvent)) {
+            send(ws, { type: "error", message: "Invalid event \u2014 requires type (valid event type), timestamp (number), and actor (string)" });
+            break;
+          }
+          server2.getAgentE().ingest(rawEvent);
+          send(ws, { type: "event_ack" });
           break;
         }
         case "health": {
@@ -2103,6 +2196,8 @@ var AgentEServer = class {
     this.lastState = null;
     this.adjustmentQueue = [];
     this.alerts = [];
+    /** Serialization lock for processTick — prevents concurrent ticks from corrupting shared state. */
+    this.tickLock = Promise.resolve();
     this.startedAt = Date.now();
     this.wsHandle = null;
     this.port = config.port ?? 3100;
@@ -2239,36 +2334,46 @@ var AgentEServer = class {
    * 6. Return response
    */
   async processTick(state, events) {
-    this.adjustmentQueue = [];
-    this.alerts = [];
-    this.lastState = state;
-    if (events) {
-      for (const event of events) {
-        this.agentE.ingest(event);
+    const prev = this.tickLock;
+    let unlock;
+    this.tickLock = new Promise((resolve) => {
+      unlock = resolve;
+    });
+    await prev;
+    try {
+      this.adjustmentQueue = [];
+      this.alerts = [];
+      this.lastState = state;
+      if (events) {
+        for (const event of events) {
+          this.agentE.ingest(event);
+        }
       }
-    }
-    await this.agentE.tick(state);
-    const rawAdj = [...this.adjustmentQueue];
-    this.adjustmentQueue = [];
-    const decisions = this.agentE.getDecisions({ since: state.tick, until: state.tick });
-    const adjustments = rawAdj.map((adj) => {
-      const decision = decisions.find(
-        (d) => d.plan.parameter === adj.key && d.result === "applied"
-      );
+      await this.agentE.tick(state);
+      const rawAdj = [...this.adjustmentQueue];
+      this.adjustmentQueue = [];
+      const decisions = this.agentE.getDecisions({ since: state.tick, until: state.tick });
+      const adjustments = rawAdj.map((adj) => {
+        const decision = decisions.find(
+          (d) => d.plan.parameter === adj.key && d.result === "applied"
+        );
+        return {
+          parameter: adj.key,
+          value: adj.value,
+          ...adj.scope ? { scope: adj.scope } : {},
+          reasoning: decision?.diagnosis.violation.suggestedAction.reasoning ?? ""
+        };
+      });
       return {
-        parameter: adj.key,
-        value: adj.value,
-        ...adj.scope ? { scope: adj.scope } : {},
-        reasoning: decision?.diagnosis.violation.suggestedAction.reasoning ?? ""
+        adjustments,
+        alerts: [...this.alerts],
+        health: this.agentE.getHealth(),
+        tick: state.tick,
+        decisions
       };
-    });
-    return {
-      adjustments,
-      alerts: [...this.alerts],
-      health: this.agentE.getHealth(),
-      tick: state.tick,
-      decisions
-    };
+    } finally {
+      unlock();
+    }
   }
   /**
    * Run Observer + Diagnoser on the given state without side effects (no execution).