npm - @defai.digital/ax-cli - Versions diffs - 3.5.2 → 3.6.0 - Mend

@defai.digital/ax-cli 3.5.2 → 3.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (125) hide show

package/.ax-cli/memory.json +8 -8
package/README.md +27 -1
package/dist/agent/chat-history-manager.d.ts +56 -0
package/dist/agent/chat-history-manager.js +150 -0
package/dist/agent/chat-history-manager.js.map +1 -0
package/dist/agent/llm-agent.js +1 -1
package/dist/agent/llm-agent.js.map +1 -1
package/dist/agent/tool-manager.d.ts +39 -0
package/dist/agent/tool-manager.js +76 -0
package/dist/agent/tool-manager.js.map +1 -0
package/dist/analyzers/ast/index.d.ts +9 -0
package/dist/analyzers/ast/index.js +10 -0
package/dist/analyzers/ast/index.js.map +1 -0
package/dist/analyzers/ast/node-helpers.d.ts +81 -0
package/dist/analyzers/ast/node-helpers.js +128 -0
package/dist/analyzers/ast/node-helpers.js.map +1 -0
package/dist/analyzers/ast/traverser.d.ts +67 -0
package/dist/analyzers/ast/traverser.js +156 -0
package/dist/analyzers/ast/traverser.js.map +1 -0
package/dist/analyzers/best-practices/index.d.ts +10 -0
package/dist/analyzers/best-practices/index.js +11 -0
package/dist/analyzers/best-practices/index.js.map +1 -0
package/dist/commands/setup.js +13 -5
package/dist/commands/setup.js.map +1 -1
package/dist/index.js +7 -0
package/dist/index.js.map +1 -1
package/dist/llm/client.d.ts +1 -0
package/dist/llm/client.js +44 -0
package/dist/llm/client.js.map +1 -1
package/dist/mcp/ssrf-protection.d.ts +86 -0
package/dist/mcp/ssrf-protection.js +313 -0
package/dist/mcp/ssrf-protection.js.map +1 -0
package/dist/mcp/validation.d.ts +4 -0
package/dist/mcp/validation.js +122 -11
package/dist/mcp/validation.js.map +1 -1
package/dist/schemas/settings-schemas.d.ts +30 -0
package/dist/schemas/settings-schemas.js +30 -0
package/dist/schemas/settings-schemas.js.map +1 -1
package/dist/tools/bash.d.ts +3 -2
package/dist/tools/bash.js +31 -2
package/dist/tools/bash.js.map +1 -1
package/dist/tools/search.d.ts +1 -1
package/dist/tools/search.js +121 -128
package/dist/tools/search.js.map +1 -1
package/dist/tools/text-editor.js +52 -15
package/dist/tools/text-editor.js.map +1 -1
package/dist/ui/components/status-bar.js +2 -2
package/dist/ui/components/status-bar.js.map +1 -1
package/dist/ui/components/toast-notification.js +0 -1
package/dist/ui/components/toast-notification.js.map +1 -1
package/dist/utils/audit-logger.d.ts +247 -0
package/dist/utils/audit-logger.js +374 -0
package/dist/utils/audit-logger.js.map +1 -0
package/dist/utils/command-security.d.ts +85 -0
package/dist/utils/command-security.js +200 -0
package/dist/utils/command-security.js.map +1 -0
package/dist/utils/encryption.d.ts +78 -0
package/dist/utils/encryption.js +216 -0
package/dist/utils/encryption.js.map +1 -0
package/dist/utils/error-sanitizer.d.ts +119 -0
package/dist/utils/error-sanitizer.js +253 -0
package/dist/utils/error-sanitizer.js.map +1 -0
package/dist/utils/input-sanitizer.d.ts +210 -0
package/dist/utils/input-sanitizer.js +362 -0
package/dist/utils/input-sanitizer.js.map +1 -0
package/dist/utils/json-utils.d.ts +13 -0
package/dist/utils/json-utils.js +55 -1
package/dist/utils/json-utils.js.map +1 -1
package/dist/utils/parallel-analyzer.js +29 -12
package/dist/utils/parallel-analyzer.js.map +1 -1
package/dist/utils/path-security.d.ts +90 -0
package/dist/utils/path-security.js +328 -0
package/dist/utils/path-security.js.map +1 -0
package/dist/utils/process-pool.d.ts +105 -0
package/dist/utils/process-pool.js +326 -0
package/dist/utils/process-pool.js.map +1 -0
package/dist/utils/rate-limiter.d.ts +207 -0
package/dist/utils/rate-limiter.js +303 -0
package/dist/utils/rate-limiter.js.map +1 -0
package/dist/utils/settings-manager.js +83 -4
package/dist/utils/settings-manager.js.map +1 -1
package/eslint.config.js +3 -0
package/package.json +1 -1
package/.ax-cli/checkpoints/2025-11-20/checkpoint-11e9e0ba-c39d-4fd2-aa77-bc818811c921.json +0 -69
package/.ax-cli/checkpoints/2025-11-20/checkpoint-2b260b98-b418-4c7c-9694-e2b94967e662.json +0 -24
package/.ax-cli/checkpoints/2025-11-20/checkpoint-7e03601e-e8ab-4cd7-9841-a74b66adf78f.json +0 -69
package/.ax-cli/checkpoints/2025-11-20/checkpoint-7f9c6562-771f-4fd0-adcf-9e7e9ac34ae8.json +0 -44
package/.ax-cli/checkpoints/2025-11-20/checkpoint-e1ebe666-4c3a-4367-ba5c-27fe512a9c70.json +0 -24
package/.ax-cli/checkpoints/2025-11-21/checkpoint-15743e7d-430c-4d76-b6fc-955d7a5c250c.json +0 -44
package/.ax-cli/checkpoints/2025-11-21/checkpoint-25cf7679-0b3f-4988-83d7-704548fbba91.json +0 -69
package/.ax-cli/checkpoints/2025-11-21/checkpoint-54aedbac-6db0-464e-8ebb-dbb3979e6dca.json +0 -24
package/.ax-cli/checkpoints/2025-11-21/checkpoint-7658aed8-fe5d-4222-903f-1a7c63717ea7.json +0 -24
package/.ax-cli/checkpoints/2025-11-21/checkpoint-c9c13497-40dc-4294-a327-6a5fc854eaa1.json +0 -69
package/ax.config.json +0 -333
package/dist/hooks/use-chat-reducer.d.ts +0 -61
package/dist/hooks/use-chat-reducer.js +0 -118
package/dist/hooks/use-chat-reducer.js.map +0 -1
package/dist/hooks/use-enhanced-input.d.ts +0 -40
package/dist/hooks/use-enhanced-input.js +0 -249
package/dist/hooks/use-enhanced-input.js.map +0 -1
package/dist/hooks/use-input-handler.d.ts +0 -46
package/dist/hooks/use-input-handler.js +0 -1430
package/dist/hooks/use-input-handler.js.map +0 -1
package/dist/hooks/use-input-history.d.ts +0 -9
package/dist/hooks/use-input-history.js +0 -112
package/dist/hooks/use-input-history.js.map +0 -1
package/dist/utils/paste-collapse.d.ts +0 -46
package/dist/utils/paste-collapse.js +0 -77
package/dist/utils/paste-collapse.js.map +0 -1
package/packages/schemas/dist/index.d.ts +0 -14
package/packages/schemas/dist/index.d.ts.map +0 -1
package/packages/schemas/dist/index.js +0 -19
package/packages/schemas/dist/index.js.map +0 -1
package/packages/schemas/dist/public/core/brand-types.d.ts +0 -308
package/packages/schemas/dist/public/core/brand-types.d.ts.map +0 -1
package/packages/schemas/dist/public/core/brand-types.js +0 -243
package/packages/schemas/dist/public/core/brand-types.js.map +0 -1
package/packages/schemas/dist/public/core/enums.d.ts +0 -227
package/packages/schemas/dist/public/core/enums.d.ts.map +0 -1
package/packages/schemas/dist/public/core/enums.js +0 -222
package/packages/schemas/dist/public/core/enums.js.map +0 -1
package/packages/schemas/dist/public/core/id-types.d.ts +0 -286
package/packages/schemas/dist/public/core/id-types.d.ts.map +0 -1
package/packages/schemas/dist/public/core/id-types.js +0 -136
package/packages/schemas/dist/public/core/id-types.js.map +0 -1

package/dist/utils/process-pool.js ADDED Viewed

@@ -0,0 +1,326 @@
+/**
+ * Process Pool Manager
+ *
+ * Manages a pool of reusable child processes to prevent memory leaks
+ * and resource exhaustion (REQ-ARCH-002).
+ *
+ * Key features:
+ * - Limits concurrent processes to prevent resource exhaustion
+ * - Queues requests when pool is full
+ * - Automatic cleanup of idle processes
+ * - Graceful shutdown with proper cleanup
+ * - Memory leak prevention through proper event listener management
+ *
+ * @module process-pool
+ */
+import { spawn } from 'child_process';
+import { EventEmitter } from 'events';
+/**
+ * Process pool manager for efficient process reuse
+ */
+export class ProcessPool extends EventEmitter {
+    maxProcesses;
+    processTimeout;
+    maxQueueSize;
+    activeProcesses = new Set();
+    taskQueue = [];
+    shuttingDown = false;
+    idleTimers = new Map();
+    constructor(config = {}) {
+        super();
+        this.maxProcesses = config.maxProcesses ?? 5;
+        this.processTimeout = config.processTimeout ?? 30000;
+        this.maxQueueSize = config.maxQueueSize ?? 100;
+    }
+    /**
+     * Execute a command using the process pool
+     */
+    async execute(options) {
+        if (this.shuttingDown) {
+            throw new Error('Process pool is shutting down');
+        }
+        // Check queue size limit
+        if (this.taskQueue.length >= this.maxQueueSize) {
+            throw new Error(`Process pool queue is full (max: ${this.maxQueueSize})`);
+        }
+        return new Promise((resolve, reject) => {
+            const task = {
+                options,
+                resolve,
+                reject,
+                timestamp: Date.now(),
+            };
+            this.taskQueue.push(task);
+            this.processQueue();
+        });
+    }
+    /**
+     * Process the task queue
+     */
+    processQueue() {
+        // Don't process if shutting down
+        if (this.shuttingDown) {
+            return;
+        }
+        // Process tasks while we have capacity
+        while (this.taskQueue.length > 0 &&
+            this.activeProcesses.size < this.maxProcesses) {
+            const task = this.taskQueue.shift();
+            if (!task)
+                break;
+            this.executeTask(task);
+        }
+    }
+    /**
+     * Execute a single task
+     */
+    async executeTask(task) {
+        const { options, resolve, reject } = task;
+        try {
+            const result = await this.spawnProcess(options);
+            resolve(result);
+        }
+        catch (error) {
+            reject(error instanceof Error ? error : new Error(String(error)));
+        }
+        finally {
+            // Process next task in queue
+            this.processQueue();
+        }
+    }
+    /**
+     * Spawn a process and manage its lifecycle
+     */
+    async spawnProcess(options) {
+        return new Promise((resolve, reject) => {
+            const proc = spawn(options.command, options.args, {
+                cwd: options.cwd,
+            });
+            this.activeProcesses.add(proc);
+            let stdout = '';
+            let stderr = '';
+            let isResolved = false;
+            let timeoutHandle = null;
+            // Set timeout
+            const timeout = options.timeout ?? this.processTimeout;
+            if (timeout > 0) {
+                timeoutHandle = setTimeout(() => {
+                    if (!isResolved) {
+                        isResolved = true;
+                        this.cleanupProcess(proc, timeoutHandle);
+                        reject(new Error(`Process timeout after ${timeout}ms`));
+                    }
+                }, timeout);
+            }
+            // Collect stdout
+            if (proc.stdout) {
+                proc.stdout.on('data', (data) => {
+                    stdout += data.toString();
+                });
+            }
+            // Collect stderr
+            if (proc.stderr) {
+                proc.stderr.on('data', (data) => {
+                    stderr += data.toString();
+                });
+            }
+            // Handle process exit
+            proc.on('close', (code, signal) => {
+                if (isResolved) {
+                    return;
+                }
+                isResolved = true;
+                this.cleanupProcess(proc, timeoutHandle);
+                resolve({
+                    stdout,
+                    stderr,
+                    exitCode: code,
+                    signal: signal,
+                });
+            });
+            // Handle process errors
+            proc.on('error', (error) => {
+                if (isResolved) {
+                    return;
+                }
+                isResolved = true;
+                this.cleanupProcess(proc, timeoutHandle);
+                reject(error);
+            });
+        });
+    }
+    /**
+     * Cleanup process and associated resources
+     */
+    cleanupProcess(proc, timeoutHandle) {
+        // Clear timeout
+        if (timeoutHandle) {
+            clearTimeout(timeoutHandle);
+        }
+        // Clear idle timer if exists
+        const idleTimer = this.idleTimers.get(proc);
+        if (idleTimer) {
+            clearTimeout(idleTimer);
+            this.idleTimers.delete(proc);
+        }
+        // Remove all event listeners to prevent memory leaks
+        if (proc.stdout) {
+            proc.stdout.removeAllListeners();
+        }
+        if (proc.stderr) {
+            proc.stderr.removeAllListeners();
+        }
+        proc.removeAllListeners();
+        // Kill process if still running
+        if (proc.exitCode === null && proc.signalCode === null) {
+            try {
+                proc.kill('SIGTERM');
+                // Force kill after 3 seconds if SIGTERM doesn't work
+                const forceKillTimeout = setTimeout(() => {
+                    try {
+                        if (proc.exitCode === null && !proc.killed) {
+                            proc.kill('SIGKILL');
+                        }
+                    }
+                    catch {
+                        // Process already terminated
+                    }
+                    // Always clear timeout to prevent leak
+                    clearTimeout(forceKillTimeout);
+                }, 3000);
+                // Clear force kill timeout when process exits
+                // NOTE: Use setImmediate to ensure listener fires even if already exited
+                setImmediate(() => {
+                    if (proc.exitCode !== null || proc.signalCode !== null) {
+                        clearTimeout(forceKillTimeout);
+                    }
+                    else {
+                        proc.once('exit', () => clearTimeout(forceKillTimeout));
+                    }
+                });
+            }
+            catch {
+                // Process already terminated or can't be killed
+            }
+        }
+        // Remove from active set
+        this.activeProcesses.delete(proc);
+        // Emit metrics event
+        this.emit('processCompleted', {
+            activeProcesses: this.activeProcesses.size,
+            queuedTasks: this.taskQueue.length,
+        });
+    }
+    /**
+     * Get pool statistics
+     */
+    getStats() {
+        return {
+            activeProcesses: this.activeProcesses.size,
+            queuedTasks: this.taskQueue.length,
+            maxProcesses: this.maxProcesses,
+            maxQueueSize: this.maxQueueSize,
+        };
+    }
+    /**
+     * Shutdown the pool gracefully
+     */
+    async shutdown(force = false) {
+        this.shuttingDown = true;
+        // Reject all queued tasks
+        while (this.taskQueue.length > 0) {
+            const task = this.taskQueue.shift();
+            if (task) {
+                task.reject(new Error('Process pool shutting down'));
+            }
+        }
+        // Wait for active processes to complete or force kill
+        if (force) {
+            // Force kill all active processes
+            for (const proc of this.activeProcesses) {
+                try {
+                    proc.kill('SIGKILL');
+                }
+                catch {
+                    // Ignore errors
+                }
+            }
+            this.activeProcesses.clear();
+        }
+        else {
+            // Wait for active processes to complete (with timeout)
+            const shutdownTimeout = 10000; // 10 seconds
+            const startTime = Date.now();
+            while (this.activeProcesses.size > 0) {
+                if (Date.now() - startTime > shutdownTimeout) {
+                    // Force kill remaining processes
+                    for (const proc of this.activeProcesses) {
+                        try {
+                            proc.kill('SIGKILL');
+                        }
+                        catch {
+                            // Ignore errors
+                        }
+                    }
+                    this.activeProcesses.clear();
+                    break;
+                }
+                // Wait 100ms before checking again
+                await new Promise((resolve) => setTimeout(resolve, 100));
+            }
+        }
+        // Clear all idle timers
+        for (const timer of this.idleTimers.values()) {
+            clearTimeout(timer);
+        }
+        this.idleTimers.clear();
+        this.emit('shutdown');
+    }
+    /**
+     * Check if pool is idle (no active processes or queued tasks)
+     */
+    isIdle() {
+        return this.activeProcesses.size === 0 && this.taskQueue.length === 0;
+    }
+    /**
+     * Check if pool is at capacity
+     */
+    isAtCapacity() {
+        return this.activeProcesses.size >= this.maxProcesses;
+    }
+}
+/**
+ * Singleton process pool instance for ripgrep
+ */
+let ripgrepPool = null;
+/**
+ * Get or create the ripgrep process pool
+ */
+export function getRipgrepPool() {
+    if (!ripgrepPool) {
+        ripgrepPool = new ProcessPool({
+            maxProcesses: 5,
+            processTimeout: 30000,
+            maxQueueSize: 100,
+        });
+        // Cleanup on process exit
+        process.on('beforeExit', () => {
+            if (ripgrepPool) {
+                ripgrepPool.shutdown(true).catch(() => {
+                    // Ignore errors during shutdown
+                });
+            }
+        });
+    }
+    return ripgrepPool;
+}
+/**
+ * Shutdown the ripgrep pool (for testing)
+ */
+export async function shutdownRipgrepPool() {
+    if (ripgrepPool) {
+        await ripgrepPool.shutdown();
+        ripgrepPool = null;
+    }
+}
+//# sourceMappingURL=process-pool.js.map

package/dist/utils/process-pool.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"process-pool.js","sourceRoot":"","sources":["../../src/utils/process-pool.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAEH,OAAO,EAAE,KAAK,EAAgB,MAAM,eAAe,CAAC;AACpD,OAAO,EAAE,YAAY,EAAE,MAAM,QAAQ,CAAC;AA0CtC;;GAEG;AACH,MAAM,OAAO,WAAY,SAAQ,YAAY;IAC1B,YAAY,CAAS;IACrB,cAAc,CAAS;IACvB,YAAY,CAAS;IAE9B,eAAe,GAAsB,IAAI,GAAG,EAAE,CAAC;IAC/C,SAAS,GAAiB,EAAE,CAAC;IAC7B,YAAY,GAAY,KAAK,CAAC;IAC9B,UAAU,GAAsC,IAAI,GAAG,EAAE,CAAC;IAElE,YAAY,SAA4B,EAAE;QACxC,KAAK,EAAE,CAAC;QACR,IAAI,CAAC,YAAY,GAAG,MAAM,CAAC,YAAY,IAAI,CAAC,CAAC;QAC7C,IAAI,CAAC,cAAc,GAAG,MAAM,CAAC,cAAc,IAAI,KAAK,CAAC;QACrD,IAAI,CAAC,YAAY,GAAG,MAAM,CAAC,YAAY,IAAI,GAAG,CAAC;IACjD,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,OAAO,CAAC,OAAgC;QAC5C,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;YACtB,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;QACnD,CAAC;QAED,yBAAyB;QACzB,IAAI,IAAI,CAAC,SAAS,CAAC,MAAM,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;YAC/C,MAAM,IAAI,KAAK,CAAC,oCAAoC,IAAI,CAAC,YAAY,GAAG,CAAC,CAAC;QAC5E,CAAC;QAED,OAAO,IAAI,OAAO,CAAyB,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YAC7D,MAAM,IAAI,GAAe;gBACvB,OAAO;gBACP,OAAO;gBACP,MAAM;gBACN,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;aACtB,CAAC;YAEF,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC1B,IAAI,CAAC,YAAY,EAAE,CAAC;QACtB,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACK,YAAY;QAClB,iCAAiC;QACjC,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;YACtB,OAAO;QACT,CAAC;QAED,uCAAuC;QACvC,OACE,IAAI,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC;YACzB,IAAI,CAAC,eAAe,CAAC,IAAI,GAAG,IAAI,CAAC,YAAY,EAC7C,CAAC;YACD,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,CAAC;YACpC,IAAI,CAAC,IAAI;gBAAE,MAAM;YAEjB,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;QACzB,CAAC;IACH,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,WAAW,CAAC,IAAgB;QACxC,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC;QAE1C,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;YAChD,OAAO,CAAC,MAAM,CAAC,CAAC;QAClB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,CAAC,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QACpE,CAAC;gBAAS,CAAC;YACT,6BAA6B;YAC7B,IAAI,CAAC,YAAY,EAAE,CAAC;QACtB,CAAC;IACH,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,YAAY,CACxB,OAAgC;QAEhC,OAAO,IAAI,OAAO,CAAyB,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YAC7D,MAAM,IAAI,GAAG,KAAK,CAAC,OAAO,CAAC,OAAO,EAAE,OAAO,CAAC,IAAI,EAAE;gBAChD,GAAG,EAAE,OAAO,CAAC,GAAG;aACjB,CAAC,CAAC;YAEH,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;YAE/B,IAAI,MAAM,GAAG,EAAE,CAAC;YAChB,IAAI,MAAM,GAAG,EAAE,CAAC;YAChB,IAAI,UAAU,GAAG,KAAK,CAAC;YACvB,IAAI,aAAa,GAA0B,IAAI,CAAC;YAEhD,cAAc;YACd,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,IAAI,IAAI,CAAC,cAAc,CAAC;YACvD,IAAI,OAAO,GAAG,CAAC,EAAE,CAAC;gBAChB,aAAa,GAAG,UAAU,CAAC,GAAG,EAAE;oBAC9B,IAAI,CAAC,UAAU,EAAE,CAAC;wBAChB,UAAU,GAAG,IAAI,CAAC;wBAClB,IAAI,CAAC,cAAc,CAAC,IAAI,EAAE,aAAa,CAAC,CAAC;wBACzC,MAAM,CAAC,IAAI,KAAK,CAAC,yBAAyB,OAAO,IAAI,CAAC,CAAC,CAAC;oBAC1D,CAAC;gBACH,CAAC,EAAE,OAAO,CAAC,CAAC;YACd,CAAC;YAED,iBAAiB;YACjB,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;gBAChB,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;oBAC9B,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;gBAC5B,CAAC,CAAC,CAAC;YACL,CAAC;YAED,iBAAiB;YACjB,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;gBAChB,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;oBAC9B,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;gBAC5B,CAAC,CAAC,CAAC;YACL,CAAC;YAED,sBAAsB;YACtB,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,IAAI,EAAE,MAAM,EAAE,EAAE;gBAChC,IAAI,UAAU,EAAE,CAAC;oBACf,OAAO;gBACT,CAAC;gBACD,UAAU,GAAG,IAAI,CAAC;gBAElB,IAAI,CAAC,cAAc,CAAC,IAAI,EAAE,aAAa,CAAC,CAAC;gBAEzC,OAAO,CAAC;oBACN,MAAM;oBACN,MAAM;oBACN,QAAQ,EAAE,IAAI;oBACd,MAAM,EAAE,MAAM;iBACf,CAAC,CAAC;YACL,CAAC,CAAC,CAAC;YAEH,wBAAwB;YACxB,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,KAAK,EAAE,EAAE;gBACzB,IAAI,UAAU,EAAE,CAAC;oBACf,OAAO;gBACT,CAAC;gBACD,UAAU,GAAG,IAAI,CAAC;gBAElB,IAAI,CAAC,cAAc,CAAC,IAAI,EAAE,aAAa,CAAC,CAAC;gBACzC,MAAM,CAAC,KAAK,CAAC,CAAC;YAChB,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACK,cAAc,CACpB,IAAkB,EAClB,aAAoC;QAEpC,gBAAgB;QAChB,IAAI,aAAa,EAAE,CAAC;YAClB,YAAY,CAAC,aAAa,CAAC,CAAC;QAC9B,CAAC;QAED,6BAA6B;QAC7B,MAAM,SAAS,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QAC5C,IAAI,SAAS,EAAE,CAAC;YACd,YAAY,CAAC,SAAS,CAAC,CAAC;YACxB,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAC/B,CAAC;QAED,qDAAqD;QACrD,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YAChB,IAAI,CAAC,MAAM,CAAC,kBAAkB,EAAE,CAAC;QACnC,CAAC;QACD,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YAChB,IAAI,CAAC,MAAM,CAAC,kBAAkB,EAAE,CAAC;QACnC,CAAC;QACD,IAAI,CAAC,kBAAkB,EAAE,CAAC;QAE1B,gCAAgC;QAChC,IAAI,IAAI,CAAC,QAAQ,KAAK,IAAI,IAAI,IAAI,CAAC,UAAU,KAAK,IAAI,EAAE,CAAC;YACvD,IAAI,CAAC;gBACH,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;gBAErB,qDAAqD;gBACrD,MAAM,gBAAgB,GAAG,UAAU,CAAC,GAAG,EAAE;oBACvC,IAAI,CAAC;wBACH,IAAI,IAAI,CAAC,QAAQ,KAAK,IAAI,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;4BAC3C,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;wBACvB,CAAC;oBACH,CAAC;oBAAC,MAAM,CAAC;wBACP,6BAA6B;oBAC/B,CAAC;oBACD,uCAAuC;oBACvC,YAAY,CAAC,gBAAgB,CAAC,CAAC;gBACjC,CAAC,EAAE,IAAI,CAAC,CAAC;gBAET,8CAA8C;gBAC9C,yEAAyE;gBACzE,YAAY,CAAC,GAAG,EAAE;oBAChB,IAAI,IAAI,CAAC,QAAQ,KAAK,IAAI,IAAI,IAAI,CAAC,UAAU,KAAK,IAAI,EAAE,CAAC;wBACvD,YAAY,CAAC,gBAAgB,CAAC,CAAC;oBACjC,CAAC;yBAAM,CAAC;wBACN,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,CAAC,YAAY,CAAC,gBAAgB,CAAC,CAAC,CAAC;oBAC1D,CAAC;gBACH,CAAC,CAAC,CAAC;YACL,CAAC;YAAC,MAAM,CAAC;gBACP,gDAAgD;YAClD,CAAC;QACH,CAAC;QAED,yBAAyB;QACzB,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAElC,qBAAqB;QACrB,IAAI,CAAC,IAAI,CAAC,kBAAkB,EAAE;YAC5B,eAAe,EAAE,IAAI,CAAC,eAAe,CAAC,IAAI;YAC1C,WAAW,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM;SACnC,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACH,QAAQ;QAMN,OAAO;YACL,eAAe,EAAE,IAAI,CAAC,eAAe,CAAC,IAAI;YAC1C,WAAW,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM;YAClC,YAAY,EAAE,IAAI,CAAC,YAAY;YAC/B,YAAY,EAAE,IAAI,CAAC,YAAY;SAChC,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,QAAQ,CAAC,QAAiB,KAAK;QACnC,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC;QAEzB,0BAA0B;QAC1B,OAAO,IAAI,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACjC,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,CAAC;YACpC,IAAI,IAAI,EAAE,CAAC;gBACT,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC,CAAC;YACvD,CAAC;QACH,CAAC;QAED,sDAAsD;QACtD,IAAI,KAAK,EAAE,CAAC;YACV,kCAAkC;YAClC,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,eAAe,EAAE,CAAC;gBACxC,IAAI,CAAC;oBACH,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;gBACvB,CAAC;gBAAC,MAAM,CAAC;oBACP,gBAAgB;gBAClB,CAAC;YACH,CAAC;YACD,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE,CAAC;QAC/B,CAAC;aAAM,CAAC;YACN,uDAAuD;YACvD,MAAM,eAAe,GAAG,KAAK,CAAC,CAAC,aAAa;YAC5C,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YAE7B,OAAO,IAAI,CAAC,eAAe,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;gBACrC,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,GAAG,eAAe,EAAE,CAAC;oBAC7C,iCAAiC;oBACjC,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,eAAe,EAAE,CAAC;wBACxC,IAAI,CAAC;4BACH,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;wBACvB,CAAC;wBAAC,MAAM,CAAC;4BACP,gBAAgB;wBAClB,CAAC;oBACH,CAAC;oBACD,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE,CAAC;oBAC7B,MAAM;gBACR,CAAC;gBAED,mCAAmC;gBACnC,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,CAAC;YAC3D,CAAC;QACH,CAAC;QAED,wBAAwB;QACxB,KAAK,MAAM,KAAK,IAAI,IAAI,CAAC,UAAU,CAAC,MAAM,EAAE,EAAE,CAAC;YAC7C,YAAY,CAAC,KAAK,CAAC,CAAC;QACtB,CAAC;QACD,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,CAAC;QAExB,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IACxB,CAAC;IAED;;OAEG;IACH,MAAM;QACJ,OAAO,IAAI,CAAC,eAAe,CAAC,IAAI,KAAK,CAAC,IAAI,IAAI,CAAC,SAAS,CAAC,MAAM,KAAK,CAAC,CAAC;IACxE,CAAC;IAED;;OAEG;IACH,YAAY;QACV,OAAO,IAAI,CAAC,eAAe,CAAC,IAAI,IAAI,IAAI,CAAC,YAAY,CAAC;IACxD,CAAC;CACF;AAED;;GAEG;AACH,IAAI,WAAW,GAAuB,IAAI,CAAC;AAE3C;;GAEG;AACH,MAAM,UAAU,cAAc;IAC5B,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,WAAW,GAAG,IAAI,WAAW,CAAC;YAC5B,YAAY,EAAE,CAAC;YACf,cAAc,EAAE,KAAK;YACrB,YAAY,EAAE,GAAG;SAClB,CAAC,CAAC;QAEH,0BAA0B;QAC1B,OAAO,CAAC,EAAE,CAAC,YAAY,EAAE,GAAG,EAAE;YAC5B,IAAI,WAAW,EAAE,CAAC;gBAChB,WAAW,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE;oBACpC,gCAAgC;gBAClC,CAAC,CAAC,CAAC;YACL,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC;IAED,OAAO,WAAW,CAAC;AACrB,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB;IACvC,IAAI,WAAW,EAAE,CAAC;QAChB,MAAM,WAAW,CAAC,QAAQ,EAAE,CAAC;QAC7B,WAAW,GAAG,IAAI,CAAC;IACrB,CAAC;AACH,CAAC"}

package/dist/utils/rate-limiter.d.ts ADDED Viewed

@@ -0,0 +1,207 @@
+/**
+ * Rate Limiting Utilities (REQ-SEC-006)
+ *
+ * Implements token bucket algorithm for rate limiting API calls and user actions
+ * Prevents API abuse and ensures fair resource usage
+ *
+ * Security: Protects against:
+ * - API abuse (excessive requests)
+ * - Resource exhaustion
+ * - Denial of service (unintentional)
+ */
+export interface RateLimitConfig {
+    /**
+     * Maximum number of requests allowed in the window
+     */
+    maxRequests: number;
+    /**
+     * Time window in milliseconds
+     */
+    windowMs: number;
+    /**
+     * Optional: burst allowance (can exceed limit briefly)
+     */
+    burstAllowance?: number;
+}
+export interface RateLimitResult {
+    /**
+     * Whether the request is allowed
+     */
+    allowed: boolean;
+    /**
+     * Tokens remaining in the current window
+     */
+    remaining: number;
+    /**
+     * Time until the rate limit resets (in milliseconds)
+     */
+    resetIn: number;
+    /**
+     * Total limit for this rate limiter
+     */
+    limit: number;
+}
+/**
+ * Token Bucket Rate Limiter
+ *
+ * Uses the token bucket algorithm which allows bursts while maintaining
+ * a steady average rate. Tokens are added at a constant rate, and requests
+ * consume tokens.
+ *
+ * @example
+ * ```typescript
+ * const limiter = new RateLimiter({
+ *   maxRequests: 60,
+ *   windowMs: 60000, // 60 requests per minute
+ * });
+ *
+ * const result = limiter.tryAcquire();
+ * if (result.allowed) {
+ *   // Make API call
+ * } else {
+ *   console.log(`Rate limit exceeded. Try again in ${result.resetIn}ms`);
+ * }
+ * ```
+ */
+export declare class RateLimiter {
+    private tokens;
+    private readonly maxTokens;
+    private readonly refillRate;
+    private lastRefill;
+    private readonly config;
+    constructor(config: RateLimitConfig);
+    /**
+     * Refill tokens based on elapsed time
+     */
+    private refill;
+    /**
+     * Try to acquire a token (allow a request)
+     *
+     * @param cost - Number of tokens to consume (default: 1)
+     * @returns Rate limit result indicating if request is allowed
+     */
+    tryAcquire(cost?: number): RateLimitResult;
+    /**
+     * Get current state without consuming a token
+     */
+    getState(): RateLimitResult;
+    /**
+     * Reset the rate limiter (clear all tokens)
+     */
+    reset(): void;
+}
+/**
+ * Multi-tier Rate Limiter
+ *
+ * Enforces multiple rate limits simultaneously (e.g., per-second, per-minute, per-hour)
+ * Request is only allowed if ALL tiers allow it
+ *
+ * @example
+ * ```typescript
+ * const limiter = new MultiTierRateLimiter([
+ *   { maxRequests: 10, windowMs: 1000 },   // 10/second
+ *   { maxRequests: 100, windowMs: 60000 }, // 100/minute
+ * ]);
+ * ```
+ */
+export declare class MultiTierRateLimiter {
+    private limiters;
+    constructor(configs: RateLimitConfig[]);
+    /**
+     * Try to acquire across all tiers
+     * Request is only allowed if ALL tiers allow it
+     */
+    tryAcquire(cost?: number): RateLimitResult;
+    /**
+     * Get current state (most restrictive tier)
+     */
+    getState(): RateLimitResult;
+    /**
+     * Reset all tiers
+     */
+    reset(): void;
+}
+/**
+ * Keyed Rate Limiter
+ *
+ * Maintains separate rate limits for different keys (e.g., per-user, per-IP)
+ * Automatically cleans up old entries to prevent memory leaks
+ *
+ * @example
+ * ```typescript
+ * const limiter = new KeyedRateLimiter({
+ *   maxRequests: 100,
+ *   windowMs: 60000,
+ * });
+ *
+ * // Different limits for different users
+ * const result = limiter.tryAcquire('user-123');
+ * ```
+ */
+export declare class KeyedRateLimiter {
+    private limiters;
+    private readonly config;
+    private cleanupTimer;
+    private readonly maxKeys;
+    constructor(config: RateLimitConfig, maxKeys?: number);
+    /**
+     * Get or create a rate limiter for the given key
+     */
+    private getLimiter;
+    /**
+     * Try to acquire for a specific key
+     */
+    tryAcquire(key: string, cost?: number): RateLimitResult;
+    /**
+     * Get state for a specific key
+     */
+    getState(key: string): RateLimitResult;
+    /**
+     * Reset a specific key
+     */
+    reset(key: string): void;
+    /**
+     * Clean up inactive limiters
+     */
+    private cleanup;
+    /**
+     * Dispose of resources
+     */
+    dispose(): void;
+}
+/**
+ * Default rate limit configurations for common use cases
+ */
+export declare const DEFAULT_RATE_LIMITS: {
+    /**
+     * API calls - 60 requests per minute
+     */
+    readonly API: {
+        readonly maxRequests: 60;
+        readonly windowMs: number;
+        readonly burstAllowance: 10;
+    };
+    /**
+     * LLM API calls - 20 requests per minute (more expensive)
+     */
+    readonly LLM_API: {
+        readonly maxRequests: 20;
+        readonly windowMs: number;
+        readonly burstAllowance: 5;
+    };
+    /**
+     * User actions - 100 requests per minute
+     */
+    readonly USER_ACTIONS: {
+        readonly maxRequests: 100;
+        readonly windowMs: number;
+        readonly burstAllowance: 20;
+    };
+    /**
+     * File operations - 50 per minute
+     */
+    readonly FILE_OPS: {
+        readonly maxRequests: 50;
+        readonly windowMs: number;
+    };
+};