@claudetools/tools 0.1.0

package/dist/helpers/config.js

@@ -0,0 +1,174 @@
+// =============================================================================
+// Configuration and Project ID Resolution
+// =============================================================================
+import { mcpLogger } from '../logger.js';
+import * as fs from 'fs';
+import { getConfig, getConfigDir, getProjectsPath, } from './config-manager.js';
+import { getOrRegisterProject } from './project-registration.js';
+// Configuration - now loaded from config manager
+const config = getConfig();
+export const API_BASE_URL = config.apiUrl;
+export const CLAUDETOOLS_DIR = getConfigDir();
+export const PROJECTS_FILE = getProjectsPath();
+// Cache for resolved project ID
+let resolvedProjectId = null;
+/**
+ * Validates that a project ID is a proper UUID format
+ */
+export function isValidProjectId(id) {
+    return /^proj_[a-f0-9]{20}$/.test(id);
+}
+/**
+ * Finds a project binding in the cache by directory path
+ */
+export function findProjectBinding(dirPath) {
+    try {
+        if (!fs.existsSync(PROJECTS_FILE)) {
+            return null;
+        }
+        const content = fs.readFileSync(PROJECTS_FILE, 'utf-8');
+        const cache = JSON.parse(content);
+        if (!cache?.bindings?.length) {
+            return null;
+        }
+        // Try exact match first
+        const exactMatch = cache.bindings.find(b => b.local_path === dirPath);
+        if (exactMatch) {
+            mcpLogger.debug('MEMORY', `UUID lookup exact match: ${exactMatch.project_id} for ${dirPath}`);
+            return exactMatch;
+        }
+        // Try prefix match (for subdirectories)
+        const prefixMatches = cache.bindings
+            .filter(b => dirPath.startsWith(b.local_path + '/') || dirPath === b.local_path)
+            .sort((a, b) => b.local_path.length - a.local_path.length);
+        if (prefixMatches.length > 0) {
+            mcpLogger.debug('MEMORY', `UUID lookup prefix match: ${prefixMatches[0].project_id} for ${dirPath}`);
+            return prefixMatches[0];
+        }
+        return null;
+    }
+    catch (error) {
+        mcpLogger.debug('MEMORY', `Error reading projects cache: ${error}`);
+        return null;
+    }
+}
+/**
+ * Look up project ID from local cache based on current working directory
+ * Synchronous version - throws if not already resolved
+ */
+export function resolveProjectId() {
+    // Return cached result if available
+    if (resolvedProjectId) {
+        return resolvedProjectId;
+    }
+    throw new Error('Project ID not yet resolved. Server must call resolveProjectIdAsync() during startup.');
+}
+/**
+ * Async version that auto-registers if needed
+ * Should be called during server startup
+ */
+export async function resolveProjectIdAsync() {
+    // Return cached result if available
+    if (resolvedProjectId) {
+        return resolvedProjectId;
+    }
+    // Check environment variable first
+    if (process.env.CLAUDETOOLS_PROJECT_ID) {
+        const envProjectId = process.env.CLAUDETOOLS_PROJECT_ID;
+        // Validate UUID format
+        if (!isValidProjectId(envProjectId)) {
+            throw new Error(`Invalid project ID format in CLAUDETOOLS_PROJECT_ID: ${envProjectId}. ` +
+                `Expected format: proj_xxxxxxxxxxxxxxxxxxxx (20 hex chars)`);
+        }
+        resolvedProjectId = envProjectId;
+        mcpLogger.debug('MEMORY', `Using project ID from env: ${resolvedProjectId}`);
+        return resolvedProjectId;
+    }
+    const cwd = process.cwd();
+    // Check projects.json cache
+    const binding = findProjectBinding(cwd);
+    if (binding) {
+        // Validate UUID format
+        if (!isValidProjectId(binding.project_id)) {
+            throw new Error(`Invalid project ID format in cache: ${binding.project_id}. ` +
+                `Cache may be corrupted. Delete ${PROJECTS_FILE} and restart.`);
+        }
+        resolvedProjectId = binding.project_id;
+        mcpLogger.info('MEMORY', `Project resolved from cache: ${resolvedProjectId}`);
+        return resolvedProjectId;
+    }
+    // No binding found - auto-register if enabled
+    if (config.autoRegister) {
+        mcpLogger.info('MEMORY', `No project binding found for ${cwd}, auto-registering...`);
+        try {
+            resolvedProjectId = await getOrRegisterProject(cwd);
+            mcpLogger.info('MEMORY', `Project auto-registered: ${resolvedProjectId}`);
+            return resolvedProjectId;
+        }
+        catch (error) {
+            mcpLogger.error('MEMORY', `Auto-registration failed: ${error}`);
+            throw new Error(`Failed to auto-register project for ${cwd}: ${error}\n\n` +
+                'Please check:\n' +
+                '1. CLAUDETOOLS_API_KEY or MEMORY_API_KEY is set\n' +
+                '2. API URL is correct in ~/.claudetools/config.json\n' +
+                '3. Network connectivity to ClaudeTools API');
+        }
+    }
+    // Auto-register disabled - throw error
+    throw new Error(`No project binding found for ${cwd} and auto-registration is disabled.\n` +
+        `To register this project:\n` +
+        `  1. Set CLAUDETOOLS_PROJECT_ID environment variable with a valid proj_* UUID\n` +
+        `  2. Enable autoRegister in ~/.claudetools/config.json\n` +
+        `  3. Or manually register via API`);
+}
+// Lazy-loaded DEFAULT_PROJECT_ID to avoid startup errors
+let _defaultProjectId = null;
+/**
+ * Gets the default project ID (synchronous version)
+ * Throws if not already resolved - call resolveProjectIdAsync() first
+ */
+export function getDefaultProjectId() {
+    if (_defaultProjectId) {
+        return _defaultProjectId;
+    }
+    // Try config first
+    if (config.defaultProjectId) {
+        if (!isValidProjectId(config.defaultProjectId)) {
+            throw new Error(`Invalid defaultProjectId in config: ${config.defaultProjectId}. ` +
+                `Expected format: proj_xxxxxxxxxxxxxxxxxxxx (20 hex chars)`);
+        }
+        _defaultProjectId = config.defaultProjectId;
+        return _defaultProjectId;
+    }
+    // Fall back to resolveProjectId (throws if not resolved)
+    _defaultProjectId = resolveProjectId();
+    return _defaultProjectId;
+}
+/**
+ * Async version for server startup
+ */
+export async function getDefaultProjectIdAsync() {
+    if (_defaultProjectId) {
+        return _defaultProjectId;
+    }
+    // Try config first
+    if (config.defaultProjectId) {
+        if (!isValidProjectId(config.defaultProjectId)) {
+            throw new Error(`Invalid defaultProjectId in config: ${config.defaultProjectId}. ` +
+                `Expected format: proj_xxxxxxxxxxxxxxxxxxxx (20 hex chars)`);
+        }
+        _defaultProjectId = config.defaultProjectId;
+        return _defaultProjectId;
+    }
+    // Fall back to async resolve (may auto-register)
+    _defaultProjectId = await resolveProjectIdAsync();
+    return _defaultProjectId;
+}
+// Keep backward compatibility - but this will throw on access if no project bound
+export const DEFAULT_USER_ID = config.defaultUserId || 'default-user';
+export const AUTO_INJECT_CONTEXT = config.autoInjectContext;
+// Store last context for explain_memory tool
+export let lastContextUsed = null;
+export function setLastContextUsed(context) {
+    lastContextUsed = context;
+}

package/dist/helpers/dependencies.d.ts

@@ -0,0 +1,30 @@
+export interface ImpactResult {
+    function: string;
+    analysisType: string;
+    directCallers: {
+        function: string;
+        risk: string;
+    }[];
+    indirectCallers: {
+        function: string;
+        depth: number;
+        path: string[];
+    }[];
+    totalAffected: number;
+    riskLevel: 'LOW' | 'MEDIUM' | 'HIGH' | 'CRITICAL';
+    recommendations: string[];
+}
+export declare function queryDependencies(projectId: string, functionName: string, direction: 'forward' | 'reverse' | 'both', depth?: number): Promise<{
+    function: string;
+    forward: {
+        function: string;
+        context: string;
+        fileName?: string;
+    }[];
+    reverse: {
+        function: string;
+        context: string;
+        fileName?: string;
+    }[];
+}>;
+export declare function analyzeImpact(projectId: string, functionName: string, analysisType?: 'change' | 'delete' | 'signature', maxDepth?: number): Promise<ImpactResult>;

package/dist/helpers/dependencies.js

@@ -0,0 +1,87 @@
+// =============================================================================
+// Dependency Analysis and Impact Assessment
+// =============================================================================
+import { searchMemory } from './api-client.js';
+export async function queryDependencies(projectId, functionName, direction, depth = 1) {
+    const searchQuery = `${functionName} CALLS`;
+    const context = await searchMemory(projectId, searchQuery, 100);
+    const forward = [];
+    const reverse = [];
+    for (const fact of context.relevant_facts) {
+        if (fact.relation_type === 'CALLS') {
+            const caller = fact.source_name || '';
+            const called = fact.target_name || '';
+            if (caller === functionName && (direction === 'forward' || direction === 'both')) {
+                forward.push({ function: called, context: fact.fact });
+            }
+            if (called === functionName && (direction === 'reverse' || direction === 'both')) {
+                reverse.push({ function: caller, context: fact.fact });
+            }
+        }
+    }
+    return { function: functionName, forward, reverse };
+}
+export async function analyzeImpact(projectId, functionName, analysisType = 'change', maxDepth = 3) {
+    const visited = new Set();
+    const directCallers = [];
+    const indirectCallers = [];
+    const directResult = await queryDependencies(projectId, functionName, 'reverse', 1);
+    for (const caller of directResult.reverse) {
+        visited.add(caller.function);
+        let risk = 'MEDIUM';
+        if (caller.function.includes('main') || caller.function.includes('init') || caller.function.includes('core')) {
+            risk = 'HIGH';
+        }
+        else if (caller.function.includes('test') || caller.function.includes('mock')) {
+            risk = 'LOW';
+        }
+        directCallers.push({ function: caller.function, risk });
+    }
+    if (maxDepth > 1) {
+        const queue = directCallers.map(c => ({ func: c.function, depth: 1, path: [functionName, c.function] }));
+        while (queue.length > 0) {
+            const current = queue.shift();
+            if (current.depth >= maxDepth)
+                continue;
+            const indirectResult = await queryDependencies(projectId, current.func, 'reverse', 1);
+            for (const caller of indirectResult.reverse) {
+                if (!visited.has(caller.function)) {
+                    visited.add(caller.function);
+                    const newPath = [...current.path, caller.function];
+                    indirectCallers.push({
+                        function: caller.function,
+                        depth: current.depth + 1,
+                        path: newPath,
+                    });
+                    queue.push({ func: caller.function, depth: current.depth + 1, path: newPath });
+                }
+            }
+        }
+    }
+    const totalAffected = directCallers.length + indirectCallers.length;
+    let riskLevel = 'LOW';
+    if (totalAffected > 20 || directCallers.some(c => c.risk === 'HIGH'))
+        riskLevel = 'CRITICAL';
+    else if (totalAffected > 10)
+        riskLevel = 'HIGH';
+    else if (totalAffected > 5)
+        riskLevel = 'MEDIUM';
+    const recommendations = [];
+    if (riskLevel === 'CRITICAL') {
+        recommendations.push('Create comprehensive test coverage before making changes');
+        recommendations.push('Consider deprecation strategy instead of immediate changes');
+    }
+    if (analysisType === 'signature') {
+        recommendations.push('Update all call sites simultaneously');
+        recommendations.push('Use TypeScript compiler to catch signature mismatches');
+    }
+    return {
+        function: functionName,
+        analysisType,
+        directCallers,
+        indirectCallers,
+        totalAffected,
+        riskLevel,
+        recommendations,
+    };
+}

package/dist/helpers/formatter.d.ts

@@ -0,0 +1,2 @@
+import type { MemoryContext } from './api-client.js';
+export declare function formatContextForClaude(context: MemoryContext): string;

package/dist/helpers/formatter.js

@@ -0,0 +1,24 @@
+// =============================================================================
+// Context Formatting for Claude
+// =============================================================================
+export function formatContextForClaude(context) {
+    if (!context.relevant_facts.length && !context.relevant_entities.length) {
+        return '';
+    }
+    const parts = [];
+    if (context.relevant_entities.length > 0) {
+        parts.push('# Known Entities\n');
+        for (const entity of context.relevant_entities) {
+            const labels = entity.labels.join(', ');
+            parts.push(`- ${entity.name} (${labels})${entity.summary ? ': ' + entity.summary : ''}`);
+        }
+        parts.push('');
+    }
+    if (context.relevant_facts.length > 0) {
+        parts.push('# Relevant Facts\n');
+        for (const fact of context.relevant_facts) {
+            parts.push(`- ${fact.fact}`);
+        }
+    }
+    return parts.join('\n');
+}

package/dist/helpers/patterns.d.ts

@@ -0,0 +1,15 @@
+export interface PatternWarning {
+    type: 'security' | 'performance';
+    severity: 'LOW' | 'MEDIUM' | 'HIGH' | 'CRITICAL';
+    pattern: string;
+    description: string;
+    line?: number;
+    recommendation: string;
+}
+export interface PatternResult {
+    warnings: PatternWarning[];
+    securityScore: number;
+    performanceScore: number;
+    overallRisk: 'LOW' | 'MEDIUM' | 'HIGH' | 'CRITICAL';
+}
+export declare function checkPatterns(code: string, checkTypes?: ('security' | 'performance' | 'all')[]): PatternResult;

package/dist/helpers/patterns.js

@@ -0,0 +1,118 @@
+// =============================================================================
+// Pattern Detection (Security and Performance)
+// =============================================================================
+// Security patterns to detect
+const SECURITY_PATTERNS = [
+    {
+        pattern: /\beval\s*\(/i,
+        name: 'eval() usage',
+        description: 'eval() can execute arbitrary code and is a security risk',
+        severity: 'CRITICAL',
+        recommendation: 'Avoid eval(). Use JSON.parse() for JSON, or Function constructor for dynamic code',
+    },
+    {
+        pattern: /innerHTML\s*=/i,
+        name: 'innerHTML assignment',
+        description: 'Direct innerHTML assignment can lead to XSS vulnerabilities',
+        severity: 'HIGH',
+        recommendation: 'Use textContent for text, or sanitize HTML with DOMPurify',
+    },
+    {
+        pattern: /document\.write\s*\(/i,
+        name: 'document.write()',
+        description: 'document.write() can overwrite the entire document and enable XSS',
+        severity: 'HIGH',
+        recommendation: 'Use DOM methods like createElement() and appendChild()',
+    },
+    {
+        pattern: /\bexec\s*\(/i,
+        name: 'exec() or shell command execution',
+        description: 'Executing shell commands can lead to command injection vulnerabilities',
+        severity: 'CRITICAL',
+        recommendation: 'Use safer alternatives, validate and sanitize all inputs',
+    },
+    {
+        pattern: /process\.env\[/i,
+        name: 'Dynamic environment variable access',
+        description: 'Dynamic access to environment variables can expose sensitive data',
+        severity: 'MEDIUM',
+        recommendation: 'Use static environment variable names, validate values',
+    },
+];
+const PERFORMANCE_PATTERNS = [
+    {
+        pattern: /for\s*\([^;]*;[^;]*;[^)]*\)\s*{[^}]*for\s*\(/i,
+        name: 'Nested loops',
+        description: 'Nested loops can cause O(n²) or worse performance',
+        severity: 'MEDIUM',
+        recommendation: 'Consider using maps, sets, or other data structures to reduce complexity',
+    },
+    {
+        pattern: /\.push\(.*\)/g,
+        name: 'Array.push in loop',
+        description: 'Repeatedly pushing to arrays can cause memory reallocation',
+        severity: 'LOW',
+        recommendation: 'Pre-allocate arrays when size is known',
+    },
+];
+export function checkPatterns(code, checkTypes = ['all']) {
+    const warnings = [];
+    const lines = code.split('\n');
+    const shouldCheckSecurity = checkTypes.includes('all') || checkTypes.includes('security');
+    const shouldCheckPerformance = checkTypes.includes('all') || checkTypes.includes('performance');
+    if (shouldCheckSecurity) {
+        for (const pattern of SECURITY_PATTERNS) {
+            lines.forEach((line, index) => {
+                if (pattern.pattern.test(line)) {
+                    warnings.push({
+                        type: 'security',
+                        severity: pattern.severity,
+                        pattern: pattern.name,
+                        description: pattern.description,
+                        line: index + 1,
+                        recommendation: pattern.recommendation,
+                    });
+                }
+            });
+        }
+    }
+    if (shouldCheckPerformance) {
+        for (const pattern of PERFORMANCE_PATTERNS) {
+            lines.forEach((line, index) => {
+                if (pattern.pattern.test(line)) {
+                    warnings.push({
+                        type: 'performance',
+                        severity: pattern.severity,
+                        pattern: pattern.name,
+                        description: pattern.description,
+                        line: index + 1,
+                        recommendation: pattern.recommendation,
+                    });
+                }
+            });
+        }
+    }
+    const securityWarnings = warnings.filter(w => w.type === 'security');
+    const performanceWarnings = warnings.filter(w => w.type === 'performance');
+    const securityScore = Math.max(0, 100 - (securityWarnings.length * 20));
+    const performanceScore = Math.max(0, 100 - (performanceWarnings.length * 10));
+    let overallRisk = 'LOW';
+    if (warnings.some(w => w.severity === 'CRITICAL')) {
+        overallRisk = 'CRITICAL';
+    }
+    else if (warnings.some(w => w.severity === 'HIGH')) {
+        overallRisk = 'HIGH';
+    }
+    else if (warnings.length > 5) {
+        overallRisk = 'HIGH';
+    }
+    else if (warnings.length > 2) {
+        overallRisk = 'MEDIUM';
+    }
+    return {
+        warnings,
+        securityScore,
+        performanceScore,
+        overallRisk,
+    };
+}

package/dist/helpers/project-registration.d.ts

@@ -0,0 +1,27 @@
+export interface ProjectBinding {
+    binding_id: string;
+    project_id: string;
+    system_id: string;
+    local_path: string;
+    git_remote?: string;
+    project_name: string;
+    org_id: string;
+    cached_at: string;
+}
+export interface ProjectsCache {
+    bindings: ProjectBinding[];
+    last_sync: string;
+    system_id?: string;
+}
+/**
+ * Get or register project for a local path
+ * This is the main function called by config.ts
+ *
+ * Returns the project_id (UUID) for the given path
+ */
+export declare function getOrRegisterProject(localPath: string): Promise<string>;
+/**
+ * Sync projects from API (for future use)
+ * This would fetch all bindings from the API and update local cache
+ */
+export declare function syncProjectsFromAPI(): Promise<void>;