@git.zone/tsagent 1.1.0

package/ts/tools.project.ts

@@ -0,0 +1,143 @@
+import * as plugins from './plugins.js';
+
+const defaultDeniedSegments = new Set([
+  '.cache',
+  '.git',
+  '.next',
+  '.nogit',
+  '.rpt2_cache',
+  'build',
+  'coverage',
+  'dist',
+  'node_modules',
+  'out',
+]);
+
+const defaultDeniedBasenames = new Set([
+  '.npmrc',
+  'bun.lockb',
+  'credentials.json',
+  'deno.lock',
+  'npm-shrinkwrap.json',
+  'package-lock.json',
+  'pnpm-lock.yaml',
+  'yarn.lock',
+]);
+
+const assertAllowedRelativePath = (relativePath: string): void => {
+  const normalized = relativePath.split(plugins.path.sep).join('/');
+  const parts = normalized.split('/').filter(Boolean);
+  const basename = parts.at(-1) ?? normalized;
+
+  if (basename === '.env' || basename.startsWith('.env.')) {
+    throw new Error(`Access denied: ${relativePath} may contain environment secrets.`);
+  }
+  if (basename.endsWith('.pem') || basename.endsWith('.key') || basename.endsWith('.p12')) {
+    throw new Error(`Access denied: ${relativePath} may contain private key material.`);
+  }
+  if (defaultDeniedBasenames.has(basename)) {
+    throw new Error(`Access denied: ${relativePath} is excluded from AI file access.`);
+  }
+  for (const segment of parts) {
+    if (defaultDeniedSegments.has(segment) || segment.startsWith('dist_')) {
+      throw new Error(`Access denied: ${relativePath} is excluded from AI file access.`);
+    }
+  }
+};
+
+const realpathIfExists = async (pathArg: string): Promise<string> => {
+  try {
+    return await plugins.fs.realpath(pathArg);
+  } catch {
+    return plugins.path.resolve(pathArg);
+  }
+};
+
+const resolveAllowedPath = async (rootDirArg: string, inputPathArg: string): Promise<{
+  resolvedPath: string;
+  relativePath: string;
+}> => {
+  const rootReal = await plugins.fs.realpath(plugins.path.resolve(rootDirArg));
+  const resolvedCandidate = plugins.path.resolve(
+    plugins.path.isAbsolute(inputPathArg)
+      ? inputPathArg
+      : plugins.path.join(rootReal, inputPathArg),
+  );
+  const resolvedReal = await realpathIfExists(resolvedCandidate);
+
+  if (resolvedReal !== rootReal && !resolvedReal.startsWith(`${rootReal}${plugins.path.sep}`)) {
+    throw new Error(`Access denied: "${inputPathArg}" is outside allowed root "${rootDirArg}"`);
+  }
+
+  const relativePath = plugins.path.relative(rootReal, resolvedReal) || '.';
+  assertAllowedRelativePath(relativePath);
+  return { resolvedPath: resolvedReal, relativePath };
+};
+
+const listDirectory = async (rootDirArg: string, dirPathArg: string, recursive = false): Promise<string[]> => {
+  const { resolvedPath } = await resolveAllowedPath(rootDirArg, dirPathArg);
+  const entries = await plugins.fs.readdir(resolvedPath, { withFileTypes: true });
+  const result: string[] = [];
+  for (const entry of entries) {
+    const childPath = plugins.path.join(resolvedPath, entry.name);
+    const childRelativeInput = plugins.path.relative(rootDirArg, childPath) || entry.name;
+    try {
+      const allowed = await resolveAllowedPath(rootDirArg, childRelativeInput);
+      const stat = await plugins.fs.stat(allowed.resolvedPath);
+      result.push(`${allowed.relativePath}${stat.isDirectory() ? '/' : ''}`);
+      if (recursive && stat.isDirectory()) {
+        result.push(...await listDirectory(rootDirArg, allowed.relativePath, true));
+      }
+    } catch {
+      continue;
+    }
+  }
+  return result.sort();
+};
+
+export const createReadOnlyProjectTools = async (rootDirArg: string): Promise<plugins.smartai.ToolSet> => {
+  const rootDir = await plugins.fs.realpath(plugins.path.resolve(rootDirArg));
+
+  return {
+    read_file: plugins.smartagent.tool({
+      description: 'Read file contents within the project. Secret and generated paths are blocked.',
+      inputSchema: plugins.smartagent.z.object({
+        path: plugins.smartagent.z.string().describe('Absolute or project-relative path to the file'),
+        startLine: plugins.smartagent.z.number().optional().describe('First line, 1-indexed and inclusive'),
+        endLine: plugins.smartagent.z.number().optional().describe('Last line, 1-indexed and inclusive'),
+      }),
+      execute: async ({ path: filePath, startLine, endLine }: {
+        path: string;
+        startLine?: number;
+        endLine?: number;
+      }) => {
+        const { resolvedPath } = await resolveAllowedPath(rootDir, filePath);
+        const stat = await plugins.fs.stat(resolvedPath);
+        if (!stat.isFile()) {
+          throw new Error(`Cannot read non-file path: ${filePath}`);
+        }
+        const content = await plugins.fs.readFile(resolvedPath, 'utf8');
+        const selectedContent = startLine !== undefined || endLine !== undefined
+          ? content.split('\n').slice((startLine ?? 1) - 1, endLine).join('\n')
+          : content;
+        return plugins.smartagent.truncateOutput(selectedContent).content;
+      },
+    }),
+    list_directory: plugins.smartagent.tool({
+      description: 'List project files and directories. Secret and generated paths are omitted.',
+      inputSchema: plugins.smartagent.z.object({
+        path: plugins.smartagent.z.string().describe('Absolute or project-relative directory path to list'),
+        recursive: plugins.smartagent.z.boolean().optional().describe('List recursively'),
+      }),
+      execute: async ({ path: dirPath, recursive }: { path: string; recursive?: boolean }) => {
+        const { resolvedPath } = await resolveAllowedPath(rootDir, dirPath);
+        const stat = await plugins.fs.stat(resolvedPath);
+        if (!stat.isDirectory()) {
+          throw new Error(`Cannot list non-directory path: ${dirPath}`);
+        }
+        const entries = await listDirectory(rootDir, dirPath, recursive === true);
+        return plugins.smartagent.truncateOutput(entries.join('\n')).content;
+      },
+    }),
+  };
+};