@azumag/opencode-rate-limit-fallback 1.49.0 → 1.50.0

package/dist/src/main/ConfigReloader.d.ts

@@ -29,7 +29,10 @@ export declare class ConfigReloader {
     private worktree?;
     private notifyOnReload;
     private reloadMetrics;
-    constructor(config: PluginConfig, configPath: string | null, logger: Logger, validator: ConfigValidator, client: OpenCodeClient, components: ComponentRefs, directory: string, worktree?: string, notifyOnReload?: boolean);
+    private minReloadIntervalMs;
+    private recentReloadAttempts;
+    private maxReloadAttemptsPerMinute;
+    constructor(config: PluginConfig, configPath: string | null, logger: Logger, validator: ConfigValidator, client: OpenCodeClient, components: ComponentRefs, directory: string, worktree?: string, notifyOnReload?: boolean, minReloadIntervalMs?: number, maxReloadAttemptsPerMinute?: number);
     /**
      * Reload configuration from file
      */
@@ -50,6 +53,10 @@ export declare class ConfigReloader {
      * Get reload metrics
      */
     getReloadMetrics(): ReloadMetrics;
+    /**
+     * Check if reload is allowed based on rate limiting
+     */
+    private checkRateLimit;
     /**
      * Show success toast notification
      */

package/dist/src/main/ConfigReloader.js

@@ -17,7 +17,11 @@ export class ConfigReloader {
     worktree;
     notifyOnReload;
     reloadMetrics;
-    constructor(config, configPath, logger, validator, client, components, directory, worktree, notifyOnReload = true) {
+    // Rate limiting for reload operations
+    minReloadIntervalMs;
+    recentReloadAttempts;
+    maxReloadAttemptsPerMinute;
+    constructor(config, configPath, logger, validator, client, components, directory, worktree, notifyOnReload = true, minReloadIntervalMs = 1000, maxReloadAttemptsPerMinute = 10) {
         this.config = config;
         this.configPath = configPath;
         this.logger = logger;
@@ -32,6 +36,10 @@ export class ConfigReloader {
             successfulReloads: 0,
             failedReloads: 0,
         };
+        // Rate limiting settings
+        this.minReloadIntervalMs = minReloadIntervalMs;
+        this.maxReloadAttemptsPerMinute = maxReloadAttemptsPerMinute;
+        this.recentReloadAttempts = [];
     }
     /**
      * Reload configuration from file
@@ -41,9 +49,17 @@ export class ConfigReloader {
             success: false,
             timestamp: Date.now(),
         };
+        // Rate limiting check
+        const rateLimitCheck = this.checkRateLimit();
+        if (!rateLimitCheck.allowed) {
+            result.error = rateLimitCheck.reason || 'Rate limit exceeded';
+            this.logger.warn(`Config reload blocked: ${result.error}`);
+            return result;
+        }
         // Track reload metrics
         this.reloadMetrics.totalReloads++;
         this.reloadMetrics.lastReloadTime = result.timestamp;
+        this.recentReloadAttempts.push(result.timestamp);
         if (!this.configPath) {
             result.error = 'No config file path available';
             this.reloadMetrics.failedReloads++;
@@ -173,6 +189,34 @@ export class ConfigReloader {
     getReloadMetrics() {
         return { ...this.reloadMetrics };
     }
+    /**
+     * Check if reload is allowed based on rate limiting
+     */
+    checkRateLimit() {
+        const now = Date.now();
+        const oneMinuteAgo = now - 60000;
+        // Clean up old reload attempts
+        this.recentReloadAttempts = this.recentReloadAttempts.filter(timestamp => timestamp > oneMinuteAgo);
+        // Check minimum interval between reloads
+        if (this.reloadMetrics.lastReloadTime) {
+            const timeSinceLastReload = now - this.reloadMetrics.lastReloadTime;
+            if (timeSinceLastReload < this.minReloadIntervalMs) {
+                const waitTime = this.minReloadIntervalMs - timeSinceLastReload;
+                return {
+                    allowed: false,
+                    reason: `Too soon. Wait ${waitTime}ms before reloading`,
+                };
+            }
+        }
+        // Check maximum attempts per minute
+        if (this.recentReloadAttempts.length >= this.maxReloadAttemptsPerMinute) {
+            return {
+                allowed: false,
+                reason: `Rate limit exceeded. Maximum ${this.maxReloadAttemptsPerMinute} reloads per minute`,
+            };
+        }
+        return { allowed: true };
+    }
     /**
      * Show success toast notification
      */

package/dist/src/utils/config.js

@@ -2,7 +2,7 @@
  * Configuration loading and validation
  */
 import { existsSync, readFileSync } from "fs";
-import { join } from "path";
+import { join, resolve, normalize, relative } from "path";
 import { DEFAULT_FALLBACK_MODELS, VALID_FALLBACK_MODES, VALID_RESET_INTERVALS, DEFAULT_RETRY_POLICY, VALID_RETRY_STRATEGIES, DEFAULT_CIRCUIT_BREAKER_CONFIG, } from '../types/index.js';
 import { DEFAULT_HEALTH_TRACKER_CONFIG, DEFAULT_COOLDOWN_MS, DEFAULT_FALLBACK_MODE, DEFAULT_LOG_CONFIG, DEFAULT_METRICS_CONFIG, DEFAULT_CONFIG_RELOAD_CONFIG, } from '../config/defaults.js';
 /**
@@ -20,6 +20,32 @@ export const DEFAULT_CONFIG = {
     metrics: DEFAULT_METRICS_CONFIG,
     configReload: DEFAULT_CONFIG_RELOAD_CONFIG,
 };
+/**
+ * Validate that a path does not contain directory traversal attempts
+ */
+function validatePathSafety(path, allowedDirs) {
+    try {
+        const resolvedPath = resolve(path);
+        const normalizedPath = normalize(path);
+        // Check for obvious path traversal patterns
+        if (normalizedPath.includes('..')) {
+            return false;
+        }
+        // Check that resolved path is within allowed directories
+        for (const allowedDir of allowedDirs) {
+            const resolvedAllowedDir = resolve(allowedDir);
+            const relativePath = relative(resolvedAllowedDir, resolvedPath);
+            // If relative path does not start with '..', the path is within the allowed directory
+            if (!relativePath.startsWith('..')) {
+                return true;
+            }
+        }
+        return false;
+    }
+    catch {
+        return false;
+    }
+}
 /**
  * Validate configuration values
  */
@@ -70,18 +96,18 @@ export function loadConfig(directory, worktree, logger) {
     // Build search paths: worktree first, then directory, then home locations
     const searchDirs = [];
     if (worktree) {
-        searchDirs.push(worktree);
+        searchDirs.push(resolve(worktree));
     }
     if (!worktree || worktree !== directory) {
-        searchDirs.push(directory);
+        searchDirs.push(resolve(directory));
     }
+    searchDirs.push(resolve(homedir));
+    searchDirs.push(resolve(xdgConfigHome));
     const configPaths = [];
     for (const dir of searchDirs) {
         configPaths.push(join(dir, ".opencode", "rate-limit-fallback.json"));
         configPaths.push(join(dir, "rate-limit-fallback.json"));
     }
-    configPaths.push(join(homedir, ".opencode", "rate-limit-fallback.json"));
-    configPaths.push(join(xdgConfigHome, "opencode", "rate-limit-fallback.json"));
     // Log search paths for debugging
     if (logger) {
         logger.debug(`Searching for config file in ${configPaths.length} locations`);
@@ -92,6 +118,13 @@ export function loadConfig(directory, worktree, logger) {
     }
     for (const configPath of configPaths) {
         if (existsSync(configPath)) {
+            // Validate path safety before reading
+            if (!validatePathSafety(configPath, searchDirs)) {
+                if (logger) {
+                    logger.warn(`Config file rejected due to path validation: ${configPath}`);
+                }
+                continue;
+            }
             try {
                 const content = readFileSync(configPath, "utf-8");
                 const userConfig = JSON.parse(content);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@azumag/opencode-rate-limit-fallback",
-  "version": "1.49.0",
+  "version": "1.50.0",
   "description": "OpenCode plugin that automatically switches to fallback models when rate limited",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",