@co0ontty/wand 0.3.0 → 0.4.0

package/README.md

@@ -8,7 +8,7 @@
 - 会话持久化与恢复
 - Claude Code 集成
 - 文件浏览器
-- HTTPS 安全连接
+- HTTPS 安全连接（可选，配置 `https: true` 启用）
 
 ## 快速开始
 

package/dist/avatar.d.ts

@@ -0,0 +1,14 @@
+/**
+ * Random avatar (identicon) generation for PWA icons.
+ * Each installation gets a unique GitHub-style symmetric pattern.
+ */
+/**
+ * Ensure a random seed exists for this installation.
+ * Reads existing seed from config dir, or generates and saves a new one.
+ */
+export declare function ensureAvatarSeed(configDir: string): Promise<string>;
+/**
+ * Generate an SVG identicon from a seed string.
+ * Uses a 5x5 symmetric grid (mirrored to 9 columns), GitHub-style.
+ */
+export declare function getAvatarSvg(seed: string, size: 192 | 512): string;

package/dist/avatar.js

@@ -0,0 +1,110 @@
+/**
+ * Random avatar (identicon) generation for PWA icons.
+ * Each installation gets a unique GitHub-style symmetric pattern.
+ */
+import { existsSync } from "node:fs";
+import { mkdir as mkdirAsync, readFile as readFileAsync, writeFile as writeFileAsync } from "node:fs/promises";
+import path from "node:path";
+const SEED_FILE = "avatar-seed.txt";
+/**
+ * Ensure a random seed exists for this installation.
+ * Reads existing seed from config dir, or generates and saves a new one.
+ */
+export async function ensureAvatarSeed(configDir) {
+    const seedPath = path.join(configDir, SEED_FILE);
+    try {
+        if (existsSync(seedPath)) {
+            const seed = (await readFileAsync(seedPath, "utf8")).trim();
+            if (seed.length > 0)
+                return seed;
+        }
+    }
+    catch {
+        // Fall through to generate
+    }
+    const seed = generateRandomSeed();
+    await mkdirAsync(configDir, { recursive: true });
+    await writeFileAsync(seedPath, seed, "utf8");
+    return seed;
+}
+function generateRandomSeed() {
+    const chars = "0123456789abcdef";
+    let seed = "";
+    for (let i = 0; i < 32; i++) {
+        seed += chars[Math.floor(Math.random() * chars.length)];
+    }
+    return seed;
+}
+/**
+ * Generate an SVG identicon from a seed string.
+ * Uses a 5x5 symmetric grid (mirrored to 9 columns), GitHub-style.
+ */
+export function getAvatarSvg(seed, size) {
+    const cellSize = Math.round(size * 0.08);
+    const gap = Math.max(1, Math.round(size * 0.01));
+    const gridSize = 5;
+    const totalWidth = gridSize * cellSize + (gridSize - 1) * gap;
+    const svgSize = size;
+    // Derive color from seed
+    const h = Math.abs(hashString(seed + "h")) % 360;
+    const s = 50 + (Math.abs(hashString(seed + "s")) % 40);
+    const l = 45 + (Math.abs(hashString(seed + "l")) % 20);
+    const color = `hsl(${h},${s}%,${l}%)`;
+    // Derive fill states from seed (5 chars for 25 cells, each char's LSB)
+    const seedChars = seed.slice(0, 25);
+    const cells = [];
+    for (let i = 0; i < 25; i++) {
+        const char = seedChars[i] || "0";
+        cells.push(parseInt(char, 16) % 2 === 0);
+    }
+    const rects = [];
+    const cx = svgSize / 2;
+    const cy = svgSize / 2;
+    const radius = svgSize * 0.22;
+    // Outer background circle
+    rects.push(`<circle cx="${cx}" cy="${cy}" r="${radius}" fill="${color}"/>`);
+    // Symmetric grid: columns 0-4, mirror to 8-4
+    for (let row = 0; row < gridSize; row++) {
+        for (let col = 0; col < gridSize; col++) {
+            const mirrorCol = gridSize - 1 - col;
+            const idx = row * gridSize + col;
+            // Only draw for left half + middle column (right half mirrors)
+            if (col > mirrorCol)
+                continue;
+            if (!cells[idx])
+                continue;
+            // Two mirrored rectangles
+            const x1 = col * (cellSize + gap);
+            const x2 = mirrorCol * (cellSize + gap);
+            const y = row * (cellSize + gap);
+            const offsetX = (svgSize - totalWidth) / 2;
+            const offsetY = (svgSize - totalWidth) / 2;
+            // Darken color for filled cells
+            const cellColor = `hsl(${h},${s}%,${l - 15}%)`;
+            const rx = Math.round(cellSize * 0.15);
+            if (col === mirrorCol) {
+                // Middle column — single centered rect
+                const mx = offsetX + col * (cellSize + gap);
+                const my = offsetY + y;
+                rects.push(`<rect x="${mx}" y="${my}" width="${cellSize}" height="${cellSize}" rx="${rx}" fill="${cellColor}"/>`);
+            }
+            else {
+                const mx1 = offsetX + x1;
+                const mx2 = offsetX + x2;
+                const my = offsetY + y;
+                rects.push(`<rect x="${mx1}" y="${my}" width="${cellSize}" height="${cellSize}" rx="${rx}" fill="${cellColor}"/>`);
+                rects.push(`<rect x="${mx2}" y="${my}" width="${cellSize}" height="${cellSize}" rx="${rx}" fill="${cellColor}"/>`);
+            }
+        }
+    }
+    return `<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 ${svgSize} ${svgSize}" width="${svgSize}" height="${svgSize}">
+  ${rects.join("\n  ")}
+</svg>`;
+}
+function hashString(s) {
+    let h = 5381;
+    for (let i = 0; i < s.length; i++) {
+        h = ((h << 5) + h) ^ s.charCodeAt(i);
+    }
+    return h;
+}

package/dist/claude-pty-bridge.d.ts

@@ -126,14 +126,12 @@ export declare class ClaudePtyBridge extends EventEmitter {
     private detectCompletion;
     private updateAssistantContent;
     private finalizeResponse;
-    private stripAnsi;
     /**
      * Find the end index of the echoed user input in the PTY buffer.
      * The echo may contain ANSI codes between characters.
      * Returns the index after the last character of the echo.
      */
     private findEchoEndIndex;
-    private isStatusLine;
     private cleanForChat;
 }
 export {};

package/dist/claude-pty-bridge.js

@@ -7,46 +7,18 @@
  * 2. Structured messages for chat view (parsed)
  */
 import { EventEmitter } from "node:events";
+import { stripAnsi, isNoiseLine, appendWindow, normalizePromptText } from "./pty-text-utils.js";
 // ── Constants ──
 const OUTPUT_MAX_SIZE = 120000;
-const SESSION_ID_WINDOW_SIZE = 4096;
+const SESSION_ID_WINDOW_SIZE = 16384;
 const PERMISSION_WINDOW_SIZE = 800;
-const CLAUDE_SESSION_ID_PATTERN = /"session_id"\s*:\s*"([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})"/i;
-// Patterns for permission detection
-const PERMISSION_PATTERNS = [
-    /(?:^|\b)(?:press\s+)?(?:y|yes)\s*(?:\/|\bor\b)\s*(?:n|no)(?:\b|$)/i,
-    /\[(?:y|yes)\s*\/\s*(?:n|no)\]/i,
-    /\((?:y|yes)\s*\/\s*(?:n|no)\)/i,
-    /\((?:y|yes)\s*\/\s*(?:n|no)\s*\/\s*always\)/i,
-    /\bcontinue\?\s*(?:\((?:y|yes)\s*\/\s*(?:n|no)\))?/i,
-    /\bare you sure\??/i,
-    /\bdo you want to continue\??/i,
-    /\bdo you want to (?:create|write|delete|modify|execute)/i,
-    /\bconfirm(?:\s+execution|\s+changes|\s+action)?\??/i,
-    /\bproceed\??/i,
-    /\benter to confirm\b/i,
-    /\bwould you like to\b/i,
-    /\bshall i\b/i,
-    /\bcan i\b/i,
-    /\bpermission\b/i,
-    /\bgrant\b.*\bpermission\b/i
+const UUID_PATTERN = "([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})";
+const CLAUDE_SESSION_ID_PATTERNS = [
+    new RegExp(`"session_id"\\s*:\\s*"${UUID_PATTERN}"`, "i"),
+    new RegExp(`(?:^|\\s)--resume\\s+${UUID_PATTERN}(?:\\s|$)`, "i"),
+    new RegExp(`(?:claude\\s+session\\s+id|session\\s+id)\\s*[:#]?\\s*${UUID_PATTERN}`, "i")
 ];
 // ── Helper Functions ──
-/** Append text to a windowed buffer, trimming from start if over max size. */
-function appendWindow(buffer, chunk, maxSize) {
-    const next = buffer + chunk;
-    return next.length > maxSize ? next.slice(-maxSize) : next;
-}
-/** Normalize prompt text for permission detection */
-function normalizePromptText(value) {
-    return value
-        .replace(/\u001b\[(\d+)C/g, (_match, count) => " ".repeat(Number(count) || 1))
-        .replace(/\u001b\[[0-9;?]*[ -/]*[@-~]/g, "")
-        .replace(/\r/g, "\n")
-        .replace(/[ \t]+/g, " ")
-        .replace(/\n+/g, "\n")
-        .trim();
-}
 /** Normalize PTY output (fix line endings) */
 function normalizePtyOutput(value) {
     return value.replace(/\r\r\n/g, "\r\n");
@@ -273,6 +245,7 @@ export class ClaudePtyBridge extends EventEmitter {
         }
         // Clear state
         this.permissionState.isBlocked = false;
+        this.permissionState.window = "";
         this.permissionState.lastPrompt = null;
         this.permissionState.lastScope = null;
         this.permissionState.lastTarget = null;
@@ -305,6 +278,7 @@ export class ClaudePtyBridge extends EventEmitter {
      */
     clearPermissionBlocked() {
         this.permissionState.isBlocked = false;
+        this.permissionState.window = "";
         this.permissionState.lastPrompt = null;
         this.permissionState.lastScope = null;
         this.permissionState.lastTarget = null;
@@ -324,8 +298,8 @@ export class ClaudePtyBridge extends EventEmitter {
         // ANSI escape sequences (arrow keys, etc.)
         if (trimmed.startsWith("\x1b"))
             return false;
-        // Single "y" or "n" — likely auto-confirm response
-        if (/^[yn]$/i.test(trimmed))
+        // Single "y" or "n" — likely auto-confirm response (Claude only)
+        if (this.isClaudeCommand && /^[yn]$/i.test(trimmed))
             return false;
         // Just Enter/CR
         if (trimmed === "\r" || trimmed === "\n")
@@ -336,7 +310,9 @@ export class ClaudePtyBridge extends EventEmitter {
         if (this.claudeSessionId)
             return;
         this.sessionIdWindow = appendWindow(this.sessionIdWindow, chunk, SESSION_ID_WINDOW_SIZE);
-        const match = CLAUDE_SESSION_ID_PATTERN.exec(this.sessionIdWindow);
+        const match = CLAUDE_SESSION_ID_PATTERNS
+            .map((pattern) => pattern.exec(this.sessionIdWindow))
+            .find((result) => Boolean(result?.[1]));
         if (match?.[1]) {
             this.claudeSessionId = match[1];
             this.emitEvent({
@@ -353,8 +329,51 @@ export class ClaudePtyBridge extends EventEmitter {
         this.permissionState.window = appendWindow(this.permissionState.window, chunk, PERMISSION_WINDOW_SIZE);
         const normalized = normalizePromptText(this.permissionState.window);
         const blocked = this.isPermissionPromptDetected(normalized);
-        if (this.permissionState.isBlocked === blocked)
+        // If state hasn't changed, check if a new distinct prompt appeared while already blocked
+        if (this.permissionState.isBlocked === blocked) {
+            if (blocked) {
+                const prompt = this.extractPromptText(normalized);
+                if (prompt !== this.permissionState.lastPrompt) {
+                    // New permission prompt while already blocked — update and re-process
+                    const target = this.extractPermissionTarget(normalized);
+                    const scope = this.inferScope(normalized, target);
+                    this.permissionState.lastPrompt = prompt;
+                    this.permissionState.lastScope = scope;
+                    this.permissionState.lastTarget = target ?? null;
+                    const shouldAutoApprove = this.autoApprove || this.shouldAutoApprove(scope, target);
+                    if (shouldAutoApprove) {
+                        const now = Date.now();
+                        if (now - this.permissionState.lastAutoConfirmAt < 500)
+                            return;
+                        this.permissionState.lastAutoConfirmAt = now;
+                        process.stderr.write(`[wand] Auto-confirming permission for ${scope}${target ? `: ${target}` : ""}\n`);
+                        if (this.ptyWrite) {
+                            this.ptyWrite("\r");
+                        }
+                        this.permissionState.isBlocked = false;
+                        this.permissionState.window = "";
+                        this.permissionState.lastPrompt = null;
+                        this.permissionState.lastScope = null;
+                        this.permissionState.lastTarget = null;
+                        this.emitEvent({
+                            type: "permission.resolved",
+                            sessionId: this.sessionId,
+                            timestamp: Date.now(),
+                            data: { resolution: "approve_once", autoApproved: true },
+                        });
+                    }
+                    else {
+                        this.emitEvent({
+                            type: "permission.prompt",
+                            sessionId: this.sessionId,
+                            timestamp: Date.now(),
+                            data: { prompt, scope, target },
+                        });
+                    }
+                }
+            }
             return;
+        }
         this.permissionState.isBlocked = blocked;
         if (blocked) {
             const prompt = this.extractPromptText(normalized);
@@ -378,6 +397,7 @@ export class ClaudePtyBridge extends EventEmitter {
                 }
                 // Clear blocked state immediately
                 this.permissionState.isBlocked = false;
+                this.permissionState.window = "";
                 this.permissionState.lastPrompt = null;
                 this.permissionState.lastScope = null;
                 this.permissionState.lastTarget = null;
@@ -414,7 +434,6 @@ export class ClaudePtyBridge extends EventEmitter {
         return (/\bdo you want to\b/i.test(normalized) ||
             /\bgrant\b.*\bpermission\b/i.test(normalized) ||
             /\bhaven't granted\b/i.test(normalized) ||
-            /\bpermission\b/i.test(normalized) ||
             /\benter to confirm\b/i.test(normalized));
     }
     extractPromptText(normalized) {
@@ -443,7 +462,7 @@ export class ClaudePtyBridge extends EventEmitter {
         return "unknown";
     }
     parseChatResponse() {
-        const clean = this.stripAnsi(this.chatState.buffer);
+        const clean = stripAnsi(this.chatState.buffer);
         if (!this.chatState.echoSkipped) {
             const echoEndIndex = this.findEchoEndIndex(clean, this.chatState.lastUserInput);
             if (echoEndIndex <= 0) {
@@ -467,7 +486,7 @@ export class ClaudePtyBridge extends EventEmitter {
             if (!trimmed) {
                 continue;
             }
-            if (this.isStatusLine(trimmed)) {
+            if (isNoiseLine(trimmed)) {
                 continue;
             }
             if (trimmed.startsWith("❯")) {
@@ -535,16 +554,6 @@ export class ClaudePtyBridge extends EventEmitter {
         });
     }
     // ── Text Processing Utilities ──
-    stripAnsi(text) {
-        // eslint-disable-next-line no-control-regex
-        return text
-            .replace(/\x1b\[[0-9;?]*[a-zA-Z]/g, "") // CSI sequences
-            .replace(/\x1b\][^\x07]*(\x07|\x1b\\)/g, "") // OSC sequences
-            .replace(/\x1b[><=ePX^_]/g, "") // Single-char escapes
-            // eslint-disable-next-line no-control-regex
-            .replace(/[\x00-\x08\x0b\x0c\x0e-\x1f]/g, "") // Control chars (keep \t \n \r)
-            .replace(/\r\n?/g, "\n");
-    }
     /**
      * Find the end index of the echoed user input in the PTY buffer.
      * The echo may contain ANSI codes between characters.
@@ -575,47 +584,8 @@ export class ClaudePtyBridge extends EventEmitter {
         }
         return matchedChars === inputChars.length ? endIndex : 0;
     }
-    isStatusLine(line) {
-        if (!line)
-            return false;
-        if (line.startsWith("────"))
-            return true;
-        if (line === "❯")
-            return true;
-        if (line.includes("esc to interrupt"))
-            return true;
-        if (line.includes("Claude Code v"))
-            return true;
-        if (line.includes("Failed to install Anthropic"))
-            return true;
-        if (line.includes("Claude Code has switched"))
-            return true;
-        if (line.includes("[wand]"))
-            return true;
-        if (line.includes("Captured Claude session ID"))
-            return true;
-        if (line.includes("ctrl+g"))
-            return true;
-        if (line.includes("/effort"))
-            return true;
-        if (line.includes("? for shortcuts"))
-            return true;
-        if (line.includes("auto mode is unavailable"))
-            return true;
-        if (/MCP server.*failed/i.test(line))
-            return true;
-        if (line.includes("Germinating") || line.includes("Doodling") || line.includes("Brewing"))
-            return true;
-        if (line.includes("Permissions") && line.includes("mode"))
-            return true;
-        if (line.startsWith("●") && line.includes("·"))
-            return true;
-        if (line.startsWith("[>") || line.startsWith("[<"))
-            return true;
-        return false;
-    }
     cleanForChat(raw) {
-        const text = this.stripAnsi(raw);
+        const text = stripAnsi(raw);
         const lines = text.split("\n");
         const cleanLines = [];
         for (const rawLine of lines) {
@@ -629,7 +599,7 @@ export class ClaudePtyBridge extends EventEmitter {
             if (trimmed === this.chatState.lastUserInput.trim()) {
                 continue;
             }
-            if (this.isStatusLine(trimmed)) {
+            if (isNoiseLine(trimmed)) {
                 continue;
             }
             if (trimmed.startsWith("❯")) {

package/dist/cli.d.ts

@@ -1,2 +1,2 @@
-#!/usr/bin/env node
+#!/usr/bin/env -S node --disable-warning=ExperimentalWarning
 export {};

package/dist/cli.js

@@ -1,4 +1,4 @@
-#!/usr/bin/env node
+#!/usr/bin/env -S node --disable-warning=ExperimentalWarning
 import process from "node:process";
 import { ensureConfig, hasConfigFile, isExecutionMode, resolveConfigPath, saveConfig } from "./config.js";
 import { startServer } from "./server.js";
@@ -105,12 +105,20 @@ function setConfigValue(config, key, value) {
             };
         case "defaultMode":
             if (!isExecutionMode(value)) {
-                throw new Error("defaultMode must be auto-edit, default, or full-access");
+                throw new Error(`defaultMode must be one of: assist, agent, agent-max, auto-edit, default, full-access, managed, native`);
             }
             return {
                 ...config,
                 defaultMode: value
             };
+        case "https":
+            if (value !== "true" && value !== "false") {
+                throw new Error("https must be 'true' or 'false'");
+            }
+            return {
+                ...config,
+                https: value === "true"
+            };
         default:
             throw new Error(`Unsupported config key: ${key}`);
     }

package/dist/config.js

@@ -7,7 +7,7 @@ const DEFAULT_CONFIG_FILE = "config.json";
 export const defaultConfig = () => ({
     host: "127.0.0.1",
     port: 8443,
-    https: true,
+    https: false,
     password: "change-me",
     defaultMode: "default",
     shell: process.env.SHELL || "/bin/bash",
@@ -60,7 +60,11 @@ export async function ensureConfig(configPath) {
     try {
         const raw = await readFile(configPath, "utf8");
         const merged = mergeWithDefaults(JSON.parse(raw));
-        await writeFile(configPath, `${JSON.stringify(merged, null, 2)}\n`, "utf8");
+        const normalized = `${JSON.stringify(merged, null, 2)}\n`;
+        // Only write if the file content actually changed
+        if (raw.trimEnd() !== normalized.trimEnd()) {
+            await writeFile(configPath, normalized, "utf8");
+        }
         return merged;
     }
     catch {

package/dist/message-parser.js

@@ -1,90 +1,4 @@
-/** Strip ANSI escape sequences from raw PTY output */
-function stripAnsi(text) {
-    let stripped = "";
-    for (let i = 0; i < text.length; i++) {
-        const ch = text.charCodeAt(i);
-        if (ch === 27) {
-            i++;
-            if (i >= text.length)
-                break;
-            const next = text.charCodeAt(i);
-            if (next === 91) {
-                // CSI sequence: skip until final byte (64-126)
-                i++;
-                while (i < text.length) {
-                    const c = text.charCodeAt(i);
-                    if (c >= 64 && c <= 126)
-                        break;
-                    i++;
-                }
-            }
-            else if (next === 93) {
-                // OSC sequence: skip until BEL (7) or ESC\ (27 92)
-                i++;
-                while (i < text.length) {
-                    if (text.charCodeAt(i) === 7)
-                        break;
-                    if (text.charCodeAt(i) === 27 && i + 1 < text.length && text.charCodeAt(i + 1) === 92) {
-                        i++;
-                        break;
-                    }
-                    i++;
-                }
-            }
-            continue;
-        }
-        // Skip control characters except \n, \r, \t
-        if (ch < 32 && ch !== 10 && ch !== 13 && ch !== 9)
-            continue;
-        stripped += text.charAt(i);
-    }
-    return stripped;
-}
-/** Lines considered as UI noise (pass in trimmed) */
-function isNoiseLine(line) {
-    if (line.length === 0)
-        return false;
-    if (line.startsWith("────"))
-        return true;
-    if (line === "❯")
-        return true;
-    if (line.includes("esc to interrupt"))
-        return true;
-    if (line.includes("Claude Code v"))
-        return true;
-    if (/^Sonnet\b/.test(line))
-        return true;
-    if (line.includes("Failed to install Anthropic"))
-        return true;
-    if (line.includes("Claude Code has switched"))
-        return true;
-    if (line.includes("? for shortcuts"))
-        return true;
-    if (line.includes("Claude is waiting"))
-        return true;
-    if (line.includes("[wand]"))
-        return true;
-    if (line.startsWith("0;") || line.startsWith("9;"))
-        return true;
-    if (line.includes("ctrl+g"))
-        return true;
-    if (line.includes("/effort"))
-        return true;
-    if (/^Using .* for .* session/.test(line))
-        return true;
-    if (line.startsWith("Press ") && line.includes(" for"))
-        return true;
-    if (line.startsWith("type ") && line.includes(" to "))
-        return true;
-    return false;
-}
-function isAssistantContent(line) {
-    if (line.startsWith("❯"))
-        return false;
-    if (line.includes("esctointerrupt"))
-        return false;
-    return true;
-}
+import { stripAnsi, isNoiseLine } from "./pty-text-utils.js";
 export function parseMessages(output) {
     const messages = [];
     if (!output)
@@ -118,7 +32,7 @@ export function parseMessages(output) {
                 currentUserText = null;
             }
         }
-        else if (currentUserText !== null && isAssistantContent(line)) {
+        else if (currentUserText !== null) {
             const contentLine = rawLine.startsWith("⏺") ? rawLine.slice(1) : rawLine;
             currentAssistantLines.push(contentLine);
         }
@@ -126,10 +40,16 @@ export function parseMessages(output) {
     if (currentUserText !== null && currentAssistantLines.length > 0) {
         turns.push({ user: currentUserText, assistantLines: currentAssistantLines });
     }
+    else if (currentUserText !== null) {
+        // User input exists but no assistant response yet — still record the turn
+        turns.push({ user: currentUserText, assistantLines: currentAssistantLines });
+    }
     for (const turn of turns) {
         messages.push({ role: "user", content: turn.user });
         const content = turn.assistantLines.join("\n").replace(/[ \t]+\n/g, "\n").replace(/[\n\s]+$/, "");
-        messages.push({ role: "assistant", content });
+        if (content) {
+            messages.push({ role: "assistant", content });
+        }
     }
     return messages;
 }

package/dist/middleware/path-safety.d.ts

@@ -0,0 +1,6 @@
+/** Check that targetPath is within basePath (or equal to it). */
+export declare function isPathWithinBase(targetPath: string, basePath: string): boolean;
+/** Check if targetPath is inside any blocked system folder. */
+export declare function isBlockedFolderPath(targetPath: string): boolean;
+/** Normalize a folder path to its absolute form. */
+export declare function normalizeFolderPath(inputPath: string): string;

package/dist/middleware/path-safety.js

@@ -0,0 +1,19 @@
+import path from "node:path";
+/** Check that targetPath is within basePath (or equal to it). */
+export function isPathWithinBase(targetPath, basePath) {
+    const relativePath = path.relative(basePath, targetPath);
+    return relativePath === "" || (!relativePath.startsWith("..") && !path.isAbsolute(relativePath));
+}
+/** Blocked folder paths that should never be browsed. */
+const BLOCKED_FOLDER_PATHS = ["/etc", "/root", "/boot"];
+/** Check if targetPath is inside any blocked system folder. */
+export function isBlockedFolderPath(targetPath) {
+    return BLOCKED_FOLDER_PATHS.some((blockedPath) => {
+        const relativePath = path.relative(blockedPath, targetPath);
+        return relativePath === "" || (!relativePath.startsWith("..") && !path.isAbsolute(relativePath));
+    });
+}
+/** Normalize a folder path to its absolute form. */
+export function normalizeFolderPath(inputPath) {
+    return path.resolve(inputPath);
+}

package/dist/middleware/rate-limit.d.ts

@@ -0,0 +1,8 @@
+/**
+ * Login rate limiter — tracks failed attempts per IP.
+ * In-memory only; resets on process restart.
+ */
+export declare function checkRateLimit(ip: string): boolean;
+export declare function recordFailedLogin(ip: string): void;
+export declare function resetRateLimit(ip: string): void;
+export declare function cleanupRateLimiter(): void;

package/dist/middleware/rate-limit.js

@@ -0,0 +1,37 @@
+/**
+ * Login rate limiter — tracks failed attempts per IP.
+ * In-memory only; resets on process restart.
+ */
+const RATE_LIMIT_WINDOW = 15 * 60 * 1000; // 15 minutes
+const RATE_LIMIT_MAX = 10; // 10 attempts per window
+const loginAttempts = new Map();
+export function checkRateLimit(ip) {
+    const now = Date.now();
+    const record = loginAttempts.get(ip);
+    if (!record || now > record.resetAt) {
+        return true;
+    }
+    return record.count < RATE_LIMIT_MAX;
+}
+export function recordFailedLogin(ip) {
+    const now = Date.now();
+    const record = loginAttempts.get(ip);
+    if (!record || now > record.resetAt) {
+        loginAttempts.set(ip, { count: 1, resetAt: now + RATE_LIMIT_WINDOW });
+        return;
+    }
+    record.count++;
+}
+export function resetRateLimit(ip) {
+    loginAttempts.delete(ip);
+}
+export function cleanupRateLimiter() {
+    const now = Date.now();
+    for (const [ip, record] of loginAttempts.entries()) {
+        if (now > record.resetAt) {
+            loginAttempts.delete(ip);
+        }
+    }
+}
+// Cleanup expired entries every 5 minutes
+setInterval(cleanupRateLimiter, 5 * 60 * 1000);