@gonzih/cc-tg 0.9.24 → 0.9.25
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/bot.d.ts +0 -1
- package/dist/bot.js +0 -19
- package/package.json +1 -1
package/dist/bot.d.ts
CHANGED
|
@@ -58,7 +58,6 @@ export declare class CcTgBot {
|
|
|
58
58
|
private stopTyping;
|
|
59
59
|
private flushPending;
|
|
60
60
|
private trackWrittenFiles;
|
|
61
|
-
private isSensitiveFile;
|
|
62
61
|
private uploadMentionedFiles;
|
|
63
62
|
private extractToolName;
|
|
64
63
|
/** Find cc-agent PIDs via pgrep. Returns array of numeric PIDs. */
|
package/dist/bot.js
CHANGED
|
@@ -918,16 +918,6 @@ export class CcTgBot {
|
|
|
918
918
|
}
|
|
919
919
|
}
|
|
920
920
|
}
|
|
921
|
-
isSensitiveFile(filePath) {
|
|
922
|
-
const name = basename(filePath).toLowerCase();
|
|
923
|
-
const sensitivePatterns = [
|
|
924
|
-
/credential/i, /secret/i, /password/i, /passwd/i, /\.env/i,
|
|
925
|
-
/api[_-]?key/i, /token/i, /private[_-]?key/i, /id_rsa/i,
|
|
926
|
-
/\.pem$/i, /\.key$/i, /\.pfx$/i, /\.p12$/i,
|
|
927
|
-
/gmail/i, /oauth/i, /\bauth\b/i,
|
|
928
|
-
];
|
|
929
|
-
return sensitivePatterns.some((p) => p.test(name));
|
|
930
|
-
}
|
|
931
921
|
uploadMentionedFiles(chatId, resultText, session) {
|
|
932
922
|
// Extract file path candidates from result text
|
|
933
923
|
// Match: /absolute/path/file.ext or relative like ./foo/bar.csv or just foo.pdf
|
|
@@ -974,13 +964,8 @@ export class CcTgBot {
|
|
|
974
964
|
toUpload.push(resolved);
|
|
975
965
|
}
|
|
976
966
|
}
|
|
977
|
-
// Deduplicate and filter sensitive files
|
|
978
967
|
const unique = [...new Set(toUpload)];
|
|
979
968
|
for (const filePath of unique) {
|
|
980
|
-
if (this.isSensitiveFile(filePath)) {
|
|
981
|
-
console.log(`[claude:files] skipping sensitive file: ${filePath}`);
|
|
982
|
-
continue;
|
|
983
|
-
}
|
|
984
969
|
let fileSize;
|
|
985
970
|
try {
|
|
986
971
|
fileSize = statSync(filePath).size;
|
|
@@ -1202,10 +1187,6 @@ export class CcTgBot {
|
|
|
1202
1187
|
await this.replyToChat(chatId, `Not a file: ${filePath}`, threadId);
|
|
1203
1188
|
return;
|
|
1204
1189
|
}
|
|
1205
|
-
if (this.isSensitiveFile(filePath)) {
|
|
1206
|
-
await this.replyToChat(chatId, "Access denied: sensitive file", threadId);
|
|
1207
|
-
return;
|
|
1208
|
-
}
|
|
1209
1190
|
const MAX_TG_FILE_BYTES = 50 * 1024 * 1024;
|
|
1210
1191
|
const fileSize = statSync(filePath).size;
|
|
1211
1192
|
if (fileSize > MAX_TG_FILE_BYTES) {
|