@bike4mind/cli 0.2.64-worktree-refactor-extract-search-query-builders.21815 → 0.2.64

package/dist/bashExecute-BTkdqlSs-5foM20Lb.mjs

@@ -0,0 +1,466 @@
+#!/usr/bin/env node
+import { spawn } from "child_process";
+import path from "path";
+//#region ../../b4m-core/packages/services/dist/bashExecute-BTkdqlSs.mjs
+const DEFAULT_TIMEOUT_MS = 6e4;
+const MAX_OUTPUT_SIZE = 100 * 1024;
+/**
+* Dangerous command patterns that should be blocked or warned about.
+* These patterns are checked against the full command string.
+*/
+const DANGEROUS_PATTERNS = [
+	{
+		pattern: /\brm\s+(-[a-zA-Z]*r[a-zA-Z]*\s+|.*\s+-[a-zA-Z]*r).*\//i,
+		reason: "Recursive delete with path",
+		block: true
+	},
+	{
+		pattern: /\brm\s+(-[a-zA-Z]*f[a-zA-Z]*\s+|.*\s+-[a-zA-Z]*f).*--no-preserve-root/i,
+		reason: "Force delete without preserve root",
+		block: true
+	},
+	{
+		pattern: /\brm\s+-[a-zA-Z]*r[a-zA-Z]*f[a-zA-Z]*\s+\//i,
+		reason: "Recursive force delete on root paths",
+		block: true
+	},
+	{
+		pattern: /\brm\s+-[a-zA-Z]*f[a-zA-Z]*r[a-zA-Z]*\s+\//i,
+		reason: "Force recursive delete on root paths",
+		block: true
+	},
+	{
+		pattern: /\bsudo\b/i,
+		reason: "Elevated privileges (sudo)",
+		block: true
+	},
+	{
+		pattern: /\bsu\s+(-|root)/i,
+		reason: "Switch to root user",
+		block: true
+	},
+	{
+		pattern: /\bchmod\s+777\b/i,
+		reason: "Overly permissive chmod",
+		block: false
+	},
+	{
+		pattern: /\bchown\s+-R\s+root/i,
+		reason: "Recursive chown to root",
+		block: true
+	},
+	{
+		pattern: /\bmkfs\b/i,
+		reason: "Filesystem creation",
+		block: true
+	},
+	{
+		pattern: /\bfdisk\b/i,
+		reason: "Disk partitioning",
+		block: true
+	},
+	{
+		pattern: /\bdd\s+.*of=\/dev\//i,
+		reason: "Direct disk write",
+		block: true
+	},
+	{
+		pattern: /\b(nc|netcat)\s+.*-e\s+\/bin\/(ba)?sh/i,
+		reason: "Reverse shell attempt",
+		block: true
+	},
+	{
+		pattern: /\bcurl\s+.*\|\s*(ba)?sh/i,
+		reason: "Piping remote script to shell",
+		block: true
+	},
+	{
+		pattern: /\bwget\s+.*\|\s*(ba)?sh/i,
+		reason: "Piping remote script to shell",
+		block: true
+	},
+	{
+		pattern: /:\(\)\s*\{\s*:\|:&\s*\}\s*;/i,
+		reason: "Fork bomb",
+		block: true
+	},
+	{
+		pattern: /\bwhile\s+true.*do.*done.*&/i,
+		reason: "Infinite loop in background",
+		block: false
+	},
+	{
+		pattern: /\/etc\/shadow/i,
+		reason: "Access to shadow file",
+		block: true
+	},
+	{
+		pattern: /\/etc\/passwd.*>/i,
+		reason: "Modifying passwd file",
+		block: true
+	},
+	{
+		pattern: /\baws\s+.*--profile\s+/i,
+		reason: "AWS profile access",
+		block: false
+	},
+	{
+		pattern: /\bhistory\s+-c\b/i,
+		reason: "Clearing shell history",
+		block: false
+	},
+	{
+		pattern: />\s*\/var\/log\//i,
+		reason: "Overwriting system logs",
+		block: true
+	},
+	{
+		pattern: />\s*\/dev\/sda/i,
+		reason: "Writing to block device",
+		block: true
+	},
+	{
+		pattern: />\s*\/dev\/null.*2>&1.*</i,
+		reason: "Potentially hiding output",
+		block: false
+	},
+	{
+		pattern: /\bexport\s+PATH\s*=\s*[^$]/i,
+		reason: "Overwriting PATH",
+		block: false
+	},
+	{
+		pattern: /\bexport\s+LD_PRELOAD/i,
+		reason: "LD_PRELOAD manipulation",
+		block: true
+	},
+	{
+		pattern: /\bkill\s+-9\s+(-1|1)\b/i,
+		reason: "Killing all processes",
+		block: true
+	},
+	{
+		pattern: /\bkillall\s+-9\b/i,
+		reason: "Force killing processes",
+		block: false
+	},
+	{
+		pattern: /\bshutdown\b/i,
+		reason: "System shutdown",
+		block: true
+	},
+	{
+		pattern: /\breboot\b/i,
+		reason: "System reboot",
+		block: true
+	},
+	{
+		pattern: /\binit\s+[06]\b/i,
+		reason: "System runlevel change",
+		block: true
+	}
+];
+/**
+* Commands that are generally safe and commonly used in development
+*/
+const SAFE_COMMAND_PREFIXES = [
+	"ls",
+	"cat",
+	"head",
+	"tail",
+	"grep",
+	"find",
+	"echo",
+	"pwd",
+	"whoami",
+	"date",
+	"cal",
+	"wc",
+	"sort",
+	"uniq",
+	"cut",
+	"tr",
+	"sed",
+	"awk",
+	"git",
+	"npm",
+	"pnpm",
+	"yarn",
+	"node",
+	"npx",
+	"tsx",
+	"ts-node",
+	"python",
+	"python3",
+	"pip",
+	"pip3",
+	"docker",
+	"docker-compose",
+	"curl",
+	"wget",
+	"mkdir",
+	"touch",
+	"cp",
+	"mv",
+	"which",
+	"whereis",
+	"type",
+	"file",
+	"stat",
+	"env",
+	"printenv",
+	"set",
+	"man",
+	"help",
+	"info",
+	"diff",
+	"comm",
+	"cmp",
+	"tar",
+	"zip",
+	"unzip",
+	"gzip",
+	"gunzip",
+	"ssh",
+	"scp",
+	"rsync",
+	"make",
+	"cmake",
+	"cargo",
+	"go",
+	"rustc",
+	"gcc",
+	"g++",
+	"jest",
+	"vitest",
+	"mocha",
+	"pytest",
+	"eslint",
+	"prettier",
+	"tsc"
+];
+/**
+* Check if a command matches any dangerous patterns
+*/
+function checkDangerousPatterns(command) {
+	for (const { pattern, reason, block } of DANGEROUS_PATTERNS) if (pattern.test(command)) return {
+		blocked: block,
+		reason
+	};
+	return { blocked: false };
+}
+/**
+* Get the base command from a command string
+*/
+function getBaseCommand(command) {
+	const match = command.trim().match(/^(\S+)/);
+	return match ? match[1] : "";
+}
+/**
+* Check if command starts with a safe prefix
+*/
+function isSafeCommandPrefix(command) {
+	const baseCommand = getBaseCommand(command);
+	return SAFE_COMMAND_PREFIXES.some((safe) => baseCommand === safe || baseCommand.endsWith(`/${safe}`));
+}
+/**
+* Execute a bash command with safety checks
+*/
+async function executeBashCommand(params) {
+	const { command, cwd: relativeCwd, timeout = DEFAULT_TIMEOUT_MS } = params;
+	if (!command || command.trim().length === 0) return {
+		stdout: "",
+		stderr: "Error: Command cannot be empty",
+		exitCode: 1,
+		timedOut: false,
+		blocked: true,
+		blockedReason: "Empty command"
+	};
+	const dangerCheck = checkDangerousPatterns(command);
+	if (dangerCheck.blocked) return {
+		stdout: "",
+		stderr: `Command blocked for safety: ${dangerCheck.reason}`,
+		exitCode: 1,
+		timedOut: false,
+		blocked: true,
+		blockedReason: dangerCheck.reason
+	};
+	const baseCwd = process.cwd();
+	const targetCwd = relativeCwd ? path.resolve(baseCwd, relativeCwd) : baseCwd;
+	const effectiveTimeout = Math.min(timeout, 300 * 1e3);
+	return new Promise((resolve) => {
+		let stdout = "";
+		let stderr = "";
+		let timedOut = false;
+		const proc = spawn("bash", ["-c", command], {
+			cwd: targetCwd,
+			env: {
+				...process.env,
+				NO_COLOR: "1",
+				FORCE_COLOR: "0"
+			},
+			stdio: [
+				"ignore",
+				"pipe",
+				"pipe"
+			]
+		});
+		const timeoutId = setTimeout(() => {
+			timedOut = true;
+			proc.kill("SIGTERM");
+			setTimeout(() => {
+				if (!proc.killed) proc.kill("SIGKILL");
+			}, 5e3);
+		}, effectiveTimeout);
+		proc.stdout.on("data", (data) => {
+			if (stdout.length < MAX_OUTPUT_SIZE) {
+				stdout += data.toString();
+				if (stdout.length > MAX_OUTPUT_SIZE) stdout = stdout.slice(0, MAX_OUTPUT_SIZE) + "\n... [output truncated]";
+			}
+		});
+		proc.stderr.on("data", (data) => {
+			if (stderr.length < MAX_OUTPUT_SIZE) {
+				stderr += data.toString();
+				if (stderr.length > MAX_OUTPUT_SIZE) stderr = stderr.slice(0, MAX_OUTPUT_SIZE) + "\n... [output truncated]";
+			}
+		});
+		proc.on("close", (exitCode) => {
+			clearTimeout(timeoutId);
+			resolve({
+				stdout: stdout.trim(),
+				stderr: stderr.trim(),
+				exitCode,
+				timedOut,
+				blocked: false
+			});
+		});
+		proc.on("error", (error) => {
+			clearTimeout(timeoutId);
+			resolve({
+				stdout: "",
+				stderr: `Failed to execute command: ${error.message}`,
+				exitCode: 1,
+				timedOut: false,
+				blocked: false
+			});
+		});
+	});
+}
+/**
+* Format the result for display
+*/
+function formatResult(result, command) {
+	const parts = [];
+	parts.push(`$ ${command}`);
+	parts.push("");
+	if (result.blocked) {
+		parts.push(`BLOCKED: ${result.blockedReason}`);
+		parts.push("");
+		parts.push("This command was blocked for safety reasons.");
+		parts.push("If you believe this is a false positive, please run the command manually.");
+		return parts.join("\n");
+	}
+	if (result.timedOut) {
+		parts.push("WARNING: Command timed out and was terminated.");
+		parts.push("");
+	}
+	if (result.stdout) parts.push(result.stdout);
+	if (result.stderr) {
+		if (result.stdout) parts.push("");
+		parts.push("STDERR:");
+		parts.push(result.stderr);
+	}
+	if (result.exitCode !== 0 && result.exitCode !== null) {
+		parts.push("");
+		parts.push(`Exit code: ${result.exitCode}`);
+	}
+	if (!result.stdout && !result.stderr && !result.timedOut) parts.push("(command completed with no output)");
+	return parts.join("\n");
+}
+const bashExecuteTool = {
+	name: "bash_execute",
+	implementation: (context) => ({
+		toolFn: async (value) => {
+			const params = value;
+			const isSafe = isSafeCommandPrefix(params.command);
+			context.logger.info("Bash: Executing command", {
+				command: params.command,
+				cwd: params.cwd || ".",
+				timeout: params.timeout || DEFAULT_TIMEOUT_MS,
+				isSafeCommand: isSafe
+			});
+			if (context.onStart) await context.onStart("bash_execute", {
+				command: params.command,
+				cwd: params.cwd
+			});
+			try {
+				const result = await executeBashCommand(params);
+				const formattedResult = formatResult(result, params.command);
+				context.logger.info("Bash: Command completed", {
+					exitCode: result.exitCode,
+					timedOut: result.timedOut,
+					blocked: result.blocked
+				});
+				if (context.onFinish) await context.onFinish("bash_execute", {
+					command: params.command,
+					exitCode: result.exitCode,
+					blocked: result.blocked
+				});
+				return formattedResult;
+			} catch (error) {
+				context.logger.error("Bash: Command failed", error);
+				if (context.onFinish) await context.onFinish("bash_execute", {
+					command: params.command,
+					error: error instanceof Error ? error.message : "Unknown error"
+				});
+				throw error;
+			}
+		},
+		toolSchema: {
+			name: "bash_execute",
+			description: `Execute a bash command in the terminal. Use this for running shell commands, scripts, build tools, git operations, and other CLI tasks.
+
+SAFETY NOTES:
+- Commands are executed in the current working directory (or specified cwd)
+- Dangerous commands (sudo, rm -rf /, etc.) are automatically blocked
+- Commands have a default timeout of 60 seconds (max 5 minutes)
+- Output is limited to prevent overwhelming responses
+- This tool ALWAYS requires user permission before execution
+
+COMMON USE CASES:
+- Running build commands: npm run build, make, cargo build
+- Git operations: git status, git log, git diff
+- Viewing system info: ls, pwd, cat, head, tail
+- Running tests: npm test, pytest, cargo test
+- Package management: npm install, pip install
+- File operations: mkdir, cp, mv (with permission)
+
+BLOCKED OPERATIONS:
+- sudo and privilege escalation
+- Recursive deletes on system paths
+- Direct disk operations
+- Fork bombs and resource exhaustion
+- Piping remote scripts to shell`,
+			parameters: {
+				type: "object",
+				properties: {
+					command: {
+						type: "string",
+						description: "The bash command to execute. Can include pipes, redirects, and chained commands."
+					},
+					cwd: {
+						type: "string",
+						description: "Working directory for the command (optional). Can be relative or absolute path. Defaults to current directory."
+					},
+					timeout: {
+						type: "number",
+						description: "Timeout in milliseconds (optional, default: 60000, max: 300000). Command will be terminated if it exceeds this time."
+					}
+				},
+				required: ["command"]
+			}
+		}
+	})
+};
+//#endregion
+export { bashExecuteTool };

package/dist/commands/doctorCommand.mjs

@@ -0,0 +1,101 @@
+#!/usr/bin/env node
+import { i as version, n as fetchLatestVersion, r as forceCheckForUpdate } from "../updateChecker-Cu9dkHxV.mjs";
+import { execSync } from "child_process";
+import { constants, existsSync, promises } from "fs";
+import { homedir } from "os";
+import path from "path";
+//#region src/commands/doctorCommand.ts
+/**
+* External doctor command (b4m doctor)
+* Runs diagnostic checks on the CLI installation.
+* Runs outside the interactive CLI session.
+*/
+async function handleDoctorCommand() {
+	console.log("B4M CLI Doctor\n");
+	console.log("Running diagnostics...\n");
+	const results = [];
+	const nodeVersion = process.version;
+	if (parseInt(nodeVersion.slice(1).split(".")[0], 10) >= 18) results.push({
+		name: "Node.js version",
+		status: "pass",
+		message: `${nodeVersion} (>= 18 required)`
+	});
+	else results.push({
+		name: "Node.js version",
+		status: "fail",
+		message: `${nodeVersion} (>= 18 required, please upgrade)`
+	});
+	const latestVersion = await fetchLatestVersion();
+	if (latestVersion) results.push({
+		name: "NPM registry",
+		status: "pass",
+		message: `Accessible (latest: v${latestVersion})`
+	});
+	else results.push({
+		name: "NPM registry",
+		status: "fail",
+		message: "Not accessible — check your internet connection"
+	});
+	const currentVersion = version;
+	const updateResult = await forceCheckForUpdate(currentVersion);
+	if (updateResult) if (updateResult.updateAvailable) results.push({
+		name: "Version",
+		status: "warn",
+		message: `v${currentVersion} installed, v${updateResult.latestVersion} available. Run: b4m update`
+	});
+	else results.push({
+		name: "Version",
+		status: "pass",
+		message: `v${currentVersion} (latest)`
+	});
+	try {
+		const npmPrefix = execSync("npm config get prefix", {
+			encoding: "utf-8",
+			timeout: 1e4
+		}).trim();
+		try {
+			await promises.access(npmPrefix, constants.W_OK);
+			results.push({
+				name: "Global npm path",
+				status: "pass",
+				message: `${npmPrefix} (writable)`
+			});
+		} catch {
+			results.push({
+				name: "Global npm path",
+				status: "warn",
+				message: `${npmPrefix} (not writable — may need sudo for updates)`
+			});
+		}
+	} catch {
+		results.push({
+			name: "Global npm path",
+			status: "warn",
+			message: "Could not determine npm prefix"
+		});
+	}
+	const configFile = path.join(homedir(), ".bike4mind", "config.json");
+	if (existsSync(configFile)) results.push({
+		name: "Config file",
+		status: "pass",
+		message: configFile
+	});
+	else results.push({
+		name: "Config file",
+		status: "warn",
+		message: `Not found at ${configFile}`
+	});
+	console.log("Results:\n");
+	for (const result of results) {
+		const icon = result.status === "pass" ? "\x1B[32m✓\x1B[0m" : result.status === "warn" ? "\x1B[33m!\x1B[0m" : "\x1B[31m✗\x1B[0m";
+		console.log(`  ${icon} ${result.name}: ${result.message}`);
+	}
+	const failures = results.filter((r) => r.status === "fail");
+	const warnings = results.filter((r) => r.status === "warn");
+	console.log("");
+	if (failures.length > 0) console.log(`${failures.length} issue(s) found.`);
+	else if (warnings.length > 0) console.log(`All checks passed with ${warnings.length} warning(s).`);
+	else console.log("All checks passed.");
+}
+//#endregion
+export { handleDoctorCommand };