@antodevs/groundtruth 0.1.1 → 0.1.5

package/README.md

@@ -1,4 +1,4 @@
-![GroundTruth Banner](assets/banner.png)
+![GroundTruth Banner](assets/banner.svg)
 
 # GroundTruth
 
@@ -25,7 +25,7 @@ npx @antodevs/groundtruth --antigravity
 Intercepts outbound API calls and injects fresh documentation directly into the message payload.
 
 ```bash
-npx @antodevs/groundtruth --port 8080
+npx @antodevs/groundtruth --claude-code
 ```
 
 ## Installation
@@ -97,12 +97,10 @@ flowchart TD
 
 ---
 
-## Installation & Usage
-
 ### Usage with Claude Code
 ```bash
 # Initialize GroundTruth in proxy mode (auto-exports ANTHROPIC_BASE_URL)
-npx groundtruth --claude-code
+npx @antodevs/groundtruth --claude-code
 
 # Execute your agent in a separate TTY
 claude
@@ -114,7 +112,7 @@ claude
 cd /workspace/your-project
 
 # Initialize the daemon in file watcher mode
-npx groundtruth --antigravity
+npx @antodevs/groundtruth --antigravity
 ```
 > **Note:** GroundTruth will continuously poll and sync documentation based on your `package.json` manifest.
 

package/assets/banner.svg

@@ -0,0 +1,106 @@
+<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 1200 300" width="100%">
+  <defs>
+    <!-- Background Gradient -->
+    <linearGradient id="bg" x1="0%" y1="0%" x2="100%" y2="100%">
+      <stop offset="0%" stop-color="#090a0f" />
+      <stop offset="50%" stop-color="#121521" />
+      <stop offset="100%" stop-color="#040508" />
+    </linearGradient>
+
+    <!-- Glowing Text Gradient -->
+    <linearGradient id="textGlow" x1="0%" y1="0%" x2="100%" y2="0%">
+      <stop offset="0%" stop-color="#4F46E5" />
+      <stop offset="50%" stop-color="#0ea5e9" />
+      <stop offset="100%" stop-color="#8b5cf6" />
+    </linearGradient>
+
+    <!-- Node Gradient -->
+    <linearGradient id="nodeGrad" x1="0%" y1="0%" x2="100%" y2="100%">
+      <stop offset="0%" stop-color="#38bdf8" />
+      <stop offset="100%" stop-color="#818cf8" />
+    </linearGradient>
+
+    <!-- Grid Pattern -->
+    <pattern id="grid" width="40" height="40" patternUnits="userSpaceOnUse">
+      <path d="M 40 0 L 0 0 0 40" fill="none" stroke="rgba(255, 255, 255, 0.03)" stroke-width="1"/>
+    </pattern>
+
+    <filter id="glow" x="-20%" y="-20%" width="140%" height="140%">
+      <feGaussianBlur stdDeviation="6" result="blur" />
+      <feMerge>
+        <feMergeNode in="blur" />
+        <feMergeNode in="SourceGraphic" />
+      </feMerge>
+    </filter>
+  </defs>
+
+  <!-- Deep Dark Solid Background -->
+  <rect width="100%" height="100%" fill="url(#bg)" />
+  
+  <!-- Overlay Subtle Grid -->
+  <rect width="100%" height="100%" fill="url(#grid)" />
+
+  <!-- Connecting Lines representing Context Injection (Left) -->
+  <g opacity="0.6" stroke-width="2" fill="none" filter="url(#glow)">
+    <!-- Primary flow -->
+    <path d="M0 150 C 200 150, 300 100, 450 150" stroke="#0ea5e9" opacity="0.8"/>
+    <path d="M0 80 C 150 80, 250 150, 400 130" stroke="#4F46E5" opacity="0.5"/>
+    <path d="M0 220 C 180 220, 280 150, 420 170" stroke="#8b5cf6" opacity="0.5"/>
+    
+    <!-- Minor branches -->
+    <path d="M100 80 L 150 110" stroke="#0ea5e9"/>
+    <path d="M200 220 L 250 185" stroke="#8b5cf6"/>
+    <path d="M300 100 L 320 130" stroke="#4F46E5"/>
+  </g>
+
+  <!-- Connecting Lines representing Context Injection (Right) -->
+  <g opacity="0.6" stroke-width="2" fill="none" filter="url(#glow)">
+    <!-- Primary flow -->
+    <path d="M1200 150 C 1000 150, 900 200, 750 150" stroke="#0ea5e9" opacity="0.8"/>
+    <path d="M1200 80 C 1050 80, 950 150, 800 130" stroke="#8b5cf6" opacity="0.5"/>
+    <path d="M1200 220 C 1020 220, 920 150, 780 170" stroke="#4F46E5" opacity="0.5"/>
+    
+    <!-- Minor branches -->
+    <path d="M1100 80 L 1050 110" stroke="#0ea5e9"/>
+    <path d="M1000 220 L 950 185" stroke="#4F46E5"/>
+    <path d="M900 200 L 880 170" stroke="#8b5cf6"/>
+  </g>
+
+  <!-- Data Nodes (Left) -->
+  <g fill="url(#nodeGrad)" filter="url(#glow)">
+    <circle cx="100" cy="80" r="5" />
+    <circle cx="150" cy="110" r="4" />
+    <circle cx="200" cy="220" r="6" />
+    <circle cx="250" cy="185" r="4" />
+    <circle cx="300" cy="100" r="7" />
+    <circle cx="320" cy="130" r="3" />
+    <circle cx="450" cy="150" r="8" fill="#ffffff"/>
+  </g>
+
+  <!-- Data Nodes (Right) -->
+  <g fill="url(#nodeGrad)" filter="url(#glow)">
+    <circle cx="1100" cy="80" r="5" />
+    <circle cx="1050" cy="110" r="4" />
+    <circle cx="1000" cy="220" r="6" />
+    <circle cx="950" cy="185" r="4" />
+    <circle cx="900" cy="200" r="7" />
+    <circle cx="880" cy="170" r="3" />
+    <circle cx="750" cy="150" r="8" fill="#ffffff"/>
+  </g>
+
+  <!-- Typography -->
+  <text x="50%" y="48%" text-anchor="middle" font-family="-apple-system, system-ui, BlinkMacSystemFont, Segoe UI, Roboto, sans-serif" font-size="94" font-weight="900" fill="url(#textGlow)" filter="url(#glow)" letter-spacing="2">
+    GROUNDTRUTH
+  </text>
+  
+  <text x="50%" y="48%" text-anchor="middle" font-family="-apple-system, system-ui, BlinkMacSystemFont, Segoe UI, Roboto, sans-serif" font-size="94" font-weight="900" fill="#ffffff" letter-spacing="2">
+    GROUNDTRUTH
+  </text>
+
+  <text x="50%" y="68%" text-anchor="middle" font-family="-apple-system, system-ui, BlinkMacSystemFont, Segoe UI, Roboto, sans-serif" font-size="28" font-weight="500" fill="#94a3b8" letter-spacing="4">
+    ZERO ZERO-CONFIGURATION CONTEXT INJECTION
+  </text>
+  
+  <rect x="350" y="72%" width="500" height="2" fill="rgba(255,255,255,0.1)" />
+  <rect x="450" y="72%" width="300" height="2" fill="#0ea5e9" filter="url(#glow)" />
+</svg>

package/index.js

@@ -4,14 +4,18 @@
  * @description Entry point runtime groundtruth delegazione CLI o proxy flow logic.
  */
 import { chalk, label } from './src/logger.js';
-import { usePackageJson, antigravityMode, claudeCodeMode, port, intervalMinutes, batchSize, version } from './src/cli.js';
+import { usePackageJson, antigravityMode, claudeCodeMode, uninstallMode, port, intervalMinutes, batchSize, version } from './src/cli.js';
 import { createServer } from './src/proxy.js';
-import { autoSetEnv } from './src/env.js';
+import { autoSetEnv, removeEnv } from './src/env.js';
 import { startWatcher } from './src/watcher.js';
 
 // ─── Dispatcher start app logic ──────────────────────
 
-if (antigravityMode) {
+if (uninstallMode) {
+  console.log(`\n  ${chalk.white.bold('GroundTruth')}  ${chalk.gray(`v${version}`)}  ${chalk.gray('[uninstall]')}\n`);
+  await removeEnv();
+  process.exit(0);
+} else if (antigravityMode) {
   startWatcher({ intervalMinutes, usePackageJson, batchSize });
 } else if (claudeCodeMode) {
   const server = await createServer(usePackageJson);
@@ -22,7 +26,6 @@ if (antigravityMode) {
       console.log(`\n  ${chalk.white.bold('GroundTruth')}  ${chalk.gray(`v${version}`)}  ${chalk.gray('[claude-code mode]')}\n`);
       console.log(label('◆', 'proxy', `localhost:${p}`));
       console.log(label('◆', 'anthropic', '/v1/messages'));
-      console.log(label('◆', 'gemini', '/v1beta/…'));
       console.log(label('◆', 'context', 'DuckDuckGo → live'));
       console.log(`\n  ${chalk.cyan('✻')} Listening. Set ANTHROPIC_BASE_URL=http://localhost:${p}\n`);
       await autoSetEnv(p);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@antodevs/groundtruth",
-  "version": "0.1.1",
+  "version": "0.1.5",
   "description": "Lightweight Node.js proxy to intercept API requests from coding agents and inject fresh web context",
   "type": "module",
   "license": "MIT",
@@ -36,7 +36,9 @@
   },
   "scripts": {
     "start": "node index.js",
-    "dev": "node --watch index.js"
+    "dev": "node --watch index.js",
+    "release": "git add . && git commit -m \"chore: auto-commit before release\" || true && npm version patch && git push origin main --tags && npm publish",
+    "release:minor": "git add . && git commit -m \"chore: auto-commit before release\" || true && npm version minor && git push origin main --tags && npm publish"
   },
   "dependencies": {
     "@mozilla/readability": "^0.5.0",

package/specification.yaml

@@ -1,5 +1,5 @@
 name: GroundTruth
-version: 0.1.0
+version: 0.1.4
 description: |
   GroundTruth is a zero-configuration, transparent middleware context injection layer.
   It is designed to bridge the deterministic knowledge cutoff gap of LLM-based coding agents 

package/src/circuit-breaker.js

@@ -35,7 +35,7 @@ export class CircuitBreaker {
             this.onSuccess();
             return result;
         } catch (err) {
-            this.onFailure();
+            this.onFailure(err);
             throw err;
         }
     }
@@ -53,8 +53,13 @@ export class CircuitBreaker {
         }
     }
 
-    onFailure() {
-        this.failures++;
+    onFailure(err) {
+        // 429 rate limit apre il circuito immediatamente
+        if (err?.message?.includes('429')) {
+            this.failures = this.failureThreshold;
+        } else {
+            this.failures++;
+        }
         this.lastFailureTime = Date.now();
         if (this.failures >= this.failureThreshold) {
             this.state = 'OPEN';

package/src/cli.js

@@ -13,15 +13,17 @@ const args = process.argv.slice(2);
 const usePackageJson = args.includes('--use-package-json');
 const antigravityMode = args.includes('--antigravity');
 const claudeCodeMode = args.includes('--claude-code');
+const uninstallMode = args.includes('--uninstall');
 
 // Stop immediato se nessun mode definito
-if (!antigravityMode && !claudeCodeMode) {
+if (!antigravityMode && !claudeCodeMode && !uninstallMode) {
     console.log();
     console.log(`  ${chalk.white.bold('GroundTruth')}  ${chalk.gray(`v${version}`)}`);
     console.log();
     console.log(`  Usage:`);
     console.log(`    groundtruth --claude-code       proxy mode (Claude Code)`);
     console.log(`    groundtruth --antigravity       rules mode (Antigravity/Gemini)`);
+    console.log(`    groundtruth --uninstall         remove shell env config`);
     console.log();
     console.log(`  Options:`);
     console.log(`    --use-package-json   use package.json as search query`);
@@ -55,4 +57,4 @@ const batchSize = batchSizeIndex !== -1
     ? Math.max(2, Math.min(parseInt(args[batchSizeIndex + 1]) || 3, 5))
     : 3;
 
-export { args, usePackageJson, antigravityMode, claudeCodeMode, port, intervalMinutes, batchSize, version };
+export { args, usePackageJson, antigravityMode, claudeCodeMode, uninstallMode, port, intervalMinutes, batchSize, version };

package/src/env.js

@@ -118,3 +118,43 @@ export async function autoSetEnv(p) {
         log(LOG_WARN, chalk.yellow, chalk.white('env setup error') + `  →  ${chalk.yellow(err.message)}`);
     }
 }
+
+/**
+ * @description Rimuove ANTHROPIC_BASE_URL da tutti i file di configurazione shell.
+ * @returns {Promise<void>}
+ */
+export async function removeEnv() {
+    const homeDir = os.homedir();
+    const targets = [
+        { file: path.join(homeDir, '.zshrc'), pattern: /^export ANTHROPIC_BASE_URL=.*\n?/gm },
+        { file: path.join(homeDir, '.bashrc'), pattern: /^export ANTHROPIC_BASE_URL=.*\n?/gm },
+        { file: path.join(homeDir, '.bash_profile'), pattern: /^export ANTHROPIC_BASE_URL=.*\n?/gm },
+        { file: path.join(homeDir, '.profile'), pattern: /^export ANTHROPIC_BASE_URL=.*\n?/gm },
+        { file: path.join(homeDir, '.config', 'fish', 'config.fish'), pattern: /^set -gx ANTHROPIC_BASE_URL .*\n?/gm },
+    ];
+
+    let cleaned = 0;
+    for (const t of targets) {
+        if (!existsSync(t.file)) continue;
+        try {
+            const content = await fs.readFile(t.file, 'utf8');
+            const result = content.replace(t.pattern, '').replace(/\n{3,}/g, '\n\n');
+            if (result !== content) {
+                await atomicWrite(t.file, result);
+                const rel = t.file.replace(homeDir, '~');
+                log(LOG_OK, chalk.green, chalk.white('removed ANTHROPIC_BASE_URL from') + ' ' + chalk.white(rel));
+                cleaned++;
+            }
+        } catch (e) {
+            log(LOG_WARN, chalk.yellow, chalk.white(`cannot clean ${path.basename(t.file)}`) + `  →  ${chalk.yellow(e.message)}`);
+        }
+    }
+
+    if (cleaned === 0) {
+        log(LOG_WARN, chalk.yellow, chalk.white('nothing to clean') + `  →  ${chalk.yellow('no ANTHROPIC_BASE_URL found in shell configs')}`);
+    } else {
+        log(LOG_OK, chalk.green, chalk.white(`cleaned ${cleaned} file(s)`));
+    }
+
+    delete process.env.ANTHROPIC_BASE_URL;
+}

package/src/inject.js

@@ -33,6 +33,7 @@ export async function injectBlock(filePath, content, blockId) {
     if (startIndex !== -1 && endIndex !== -1 && endIndex > startIndex) {
         fileContent = fileContent.slice(0, startIndex) + block + fileContent.slice(endIndex + endTag.length);
     } else {
+        fileContent = fileContent.trimEnd() + '\n\n' + block + '\n';
     }
 
     await atomicWrite(filePath, fileContent);

package/src/packages.js

@@ -5,6 +5,7 @@
 import fs from 'fs/promises';
 import path from 'path';
 import { createHash } from 'crypto';
+import { chalk, log, LOG_WARN } from './logger.js';
 
 // ─── Logica Dipendenze ───────────────────────────────
 
@@ -41,7 +42,8 @@ export async function readPackageDeps() {
         selected = selected.concat(filterAndFormat(pkg.devDependencies));
 
         return selected.length > 0 ? selected : null;
-    } catch (_) {
+    } catch (err) {
+        log(LOG_WARN, chalk.yellow, chalk.white('package.json parse error') + `  →  ${chalk.yellow(err.message)}`);
         return null;
     }
 }

package/src/proxy.js

@@ -8,6 +8,7 @@ import { webSearch } from './search.js';
 import { readPackageDeps, buildQuery } from './packages.js';
 import { chalk, log, LOG_WARN, LOG_BOLT } from './logger.js';
 import { httpsAgent } from './http-agent.js';
+import { sanitizeWebContent } from './sanitize.js';
 
 // ─── HTTP Node server daemon ─────────────────────────
 
@@ -98,9 +99,9 @@ export async function createServer(usePackageJson) {
 
                 contextBlock = `\n\n--- WEB CONTEXT (live, ${new Date().toISOString()}) ---\n`;
                 results.forEach((r, i) => {
-                    contextBlock += `${i + 1}. ${r.title}: ${r.snippet} (${r.url})\n`;
+                    contextBlock += `${i + 1}. ${r.title}: ${sanitizeWebContent(r.snippet, 500)} (${r.url})\n`;
                 });
-                if (pageText) contextBlock += `\nFULL TEXT:\n${pageText}\n`;
+                if (pageText) contextBlock += `\nFULL TEXT:\n${sanitizeWebContent(pageText)}\n`;
                 contextBlock += `--- END WEB CONTEXT ---\n`;
                 didInject = true;
             } catch (_) {

package/src/sanitize.js

@@ -0,0 +1,35 @@
+/**
+ * @module sanitize
+ * @description Sanitizzazione contenuto web contro prompt injection attacks.
+ */
+
+// Pattern noti di prompt injection che devono essere filtrati
+const DANGEROUS_PATTERNS = [
+    /ignore\s+(all\s+)?previous\s+instructions?/gi,
+    /disregard\s+(all\s+)?previous/gi,
+    /you\s+are\s+now\s+/gi,
+    /forget\s+(all\s+)?(your\s+)?instructions?/gi,
+    /new\s+instructions?\s*:/gi,
+    /system\s*prompt\s*:/gi,
+    /\[INST\]/gi,
+    /<\|im_start\|>/gi,
+    /<\|im_end\|>/gi,
+    /```system/gi,
+    /ASSISTANT:\s/gi,
+    /HUMAN:\s/gi,
+];
+
+/**
+ * @description Filtra pattern pericolosi di prompt injection dal testo web scrappato.
+ * @param   {string} text - Testo raw proveniente da web scraping
+ * @param   {number} maxLen - Lunghezza massima output (default 8000)
+ * @returns {string} Testo sanitizzato
+ */
+export function sanitizeWebContent(text, maxLen = 8000) {
+    if (!text || typeof text !== 'string') return '';
+    let cleaned = text;
+    for (const p of DANGEROUS_PATTERNS) {
+        cleaned = cleaned.replace(p, '[FILTERED]');
+    }
+    return cleaned.slice(0, maxLen);
+}

package/src/search.js

@@ -9,6 +9,7 @@ import { DOMParser } from 'linkedom';
 import { searchCache } from './cache.js';
 import { CircuitBreaker } from './circuit-breaker.js';
 import { httpAgent, httpsAgent } from './http-agent.js';
+import { sanitizeWebContent } from './sanitize.js';
 
 // ─── Config & Cache ──────────────────────────────────
 
@@ -118,7 +119,7 @@ export async function webSearch(query, parallel = false) {
                     } catch (_) {
                         text = document.body?.textContent || '';
                     }
-                    if (text) return text.replace(/\s+/g, ' ').slice(0, 4000);
+                    if (text) return sanitizeWebContent(text.replace(/\s+/g, ' '), 4000);
                 }
             } catch (_) { // fail silenzioso parallelo tollerato per timeout link third-party
             }
@@ -143,7 +144,7 @@ export async function webSearch(query, parallel = false) {
                         text = document.body?.textContent || '';
                     }
                     if (text) {
-                        pageText = text.replace(/\s+/g, ' ').slice(0, 4000);
+                        pageText = sanitizeWebContent(text.replace(/\s+/g, ' '), 4000);
                     }
                 }
             }

package/src/state.js

@@ -2,7 +2,8 @@
  * @module state
  * @description Persiste la memoria di antigravity prev-hash per fault tolleranza riavvii.
  */
-import { readFile, writeFile, mkdir } from 'fs/promises';
+import { readFile, mkdir } from 'fs/promises';
+import { atomicWrite } from './utils/atomic-write.js';
 import { existsSync } from 'fs';
 import path from 'path';
 import os from 'os';
@@ -33,5 +34,5 @@ export async function loadBatchState() {
 export async function saveBatchState(map) {
     await mkdir(STATE_DIR, { recursive: true });
     const obj = Object.fromEntries(map);
-    await writeFile(STATE_FILE, JSON.stringify(obj, null, 2), 'utf8');
+    await atomicWrite(STATE_FILE, JSON.stringify(obj, null, 2), { backup: false });
 }

package/src/watcher.js

@@ -6,6 +6,7 @@ import os from 'os';
 import path from 'path';
 import { webSearch } from './search.js';
 import { readPackageDeps, buildQuery, groupIntoBatches, batchHash } from './packages.js';
+import { sanitizeWebContent } from './sanitize.js';
 import { updateGeminiFiles, removeStaleBlocks } from './inject.js';
 import { chalk, label, log, LOG_WARN, LOG_REFRESH } from './logger.js';
 import { version } from './cli.js';
@@ -84,16 +85,16 @@ export function startWatcher({ intervalMinutes, usePackageJson, batchSize }) {
                     globalMd += `**Query:** ${query}\n\n`;
                     if (results.length > 0) {
                         globalMd += `### ${results[0].title}\n`;
-                        globalMd += `${results[0].snippet.slice(0, 300)} — ${results[0].url}\n`;
+                        globalMd += `${sanitizeWebContent(results[0].snippet, 300)} — ${results[0].url}\n`;
                     }
 
                     let md = `## Live Context — ${batchTitle} (${nowStr})\n`;
                     md += `**Query:** ${query}\n\n`;
                     for (const r of results) {
-                        md += `### ${r.title}\n${r.snippet} — ${r.url}\n\n`;
+                        md += `### ${r.title}\n${sanitizeWebContent(r.snippet, 500)} — ${r.url}\n\n`;
                     }
                     if (pageText) {
-                        md += `FULL TEXT: ${pageText}\n`;
+                        md += `FULL TEXT: ${sanitizeWebContent(pageText)}\n`;
                     }
 
                     await updateGeminiFiles([{