@grackle-ai/server 0.0.5 → 0.0.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +16 -4
- package/dist/index.js.map +1 -1
- package/package.json +3 -2
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAqBA,OAAO,SAAS,CAAC"}
|
package/dist/index.js
CHANGED
|
@@ -13,7 +13,8 @@ import { closeAllTunnels } from "./adapters/remote-adapter-utils.js";
|
|
|
13
13
|
import { createWsBridge } from "./ws-bridge.js";
|
|
14
14
|
import { DEFAULT_SERVER_PORT, DEFAULT_WEB_PORT } from "@grackle-ai/common";
|
|
15
15
|
import { readFileSync, existsSync } from "node:fs";
|
|
16
|
-
import { join, extname } from "node:path";
|
|
16
|
+
import { join, dirname, extname, normalize, resolve, relative } from "node:path";
|
|
17
|
+
import { createRequire } from "node:module";
|
|
17
18
|
import { loadOrCreateApiKey, verifyApiKey } from "./api-key.js";
|
|
18
19
|
import { logger } from "./logger.js";
|
|
19
20
|
// Import db to ensure tables are created
|
|
@@ -27,13 +28,24 @@ const MIME_TYPES = {
|
|
|
27
28
|
".png": "image/png",
|
|
28
29
|
".ico": "image/x-icon",
|
|
29
30
|
};
|
|
31
|
+
/** Resolve the web UI dist directory once at module load time. */
|
|
32
|
+
const esmRequire = createRequire(import.meta.url);
|
|
33
|
+
const WEB_DIST_DIR = resolve(process.env.GRACKLE_WEB_DIR
|
|
34
|
+
|| join(dirname(esmRequire.resolve("@grackle-ai/web/package.json")), "dist"));
|
|
30
35
|
function createWebHandler(apiKey) {
|
|
31
36
|
return (req, res) => {
|
|
32
|
-
const
|
|
33
|
-
let filePath =
|
|
37
|
+
const urlPath = normalize(decodeURIComponent((req.url || "/").split("?")[0]));
|
|
38
|
+
let filePath = resolve(WEB_DIST_DIR, urlPath === "/" ? "index.html" : `.${urlPath}`);
|
|
39
|
+
// Prevent path traversal — resolved path must stay within the dist directory
|
|
40
|
+
const rel = relative(WEB_DIST_DIR, filePath);
|
|
41
|
+
if (rel.startsWith("..") || resolve(WEB_DIST_DIR, rel) !== filePath) {
|
|
42
|
+
res.writeHead(403);
|
|
43
|
+
res.end("Forbidden");
|
|
44
|
+
return;
|
|
45
|
+
}
|
|
34
46
|
if (!existsSync(filePath)) {
|
|
35
47
|
// SPA fallback
|
|
36
|
-
filePath = join(
|
|
48
|
+
filePath = join(WEB_DIST_DIR, "index.html");
|
|
37
49
|
}
|
|
38
50
|
if (!existsSync(filePath)) {
|
|
39
51
|
res.writeHead(404);
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,kBAAkB,EAAE,MAAM,0BAA0B,CAAC;AAC9D,OAAO,EAAE,YAAY,EAAE,IAAI,EAAE,MAAM,qBAAqB,CAAC;AACzD,OAAO,KAAK,MAAM,YAAY,CAAC;AAC/B,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,qBAAqB,EAAE,MAAM,mBAAmB,CAAC;AAC1D,OAAO,EAAE,eAAe,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AACvE,OAAO,EAAE,uBAAuB,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AAC9E,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAC/C,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAC3D,OAAO,EAAE,eAAe,EAAE,MAAM,oCAAoC,CAAC;AACrE,OAAO,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAC;AAChD,OAAO,EAAE,mBAAmB,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AAC3E,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AACnD,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,kBAAkB,EAAE,MAAM,0BAA0B,CAAC;AAC9D,OAAO,EAAE,YAAY,EAAE,IAAI,EAAE,MAAM,qBAAqB,CAAC;AACzD,OAAO,KAAK,MAAM,YAAY,CAAC;AAC/B,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,qBAAqB,EAAE,MAAM,mBAAmB,CAAC;AAC1D,OAAO,EAAE,eAAe,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AACvE,OAAO,EAAE,uBAAuB,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AAC9E,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAC/C,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAC3D,OAAO,EAAE,eAAe,EAAE,MAAM,oCAAoC,CAAC;AACrE,OAAO,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAC;AAChD,OAAO,EAAE,mBAAmB,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AAC3E,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AACnD,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,WAAW,CAAC;AACjF,OAAO,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAC5C,OAAO,EAAE,kBAAkB,EAAE,YAAY,EAAE,MAAM,cAAc,CAAC;AAChE,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AAErC,yCAAyC;AACzC,OAAO,SAAS,CAAC;AAEjB,MAAM,UAAU,GAA2B;IACzC,OAAO,EAAE,WAAW;IACpB,KAAK,EAAE,wBAAwB;IAC/B,MAAM,EAAE,UAAU;IAClB,OAAO,EAAE,kBAAkB;IAC3B,MAAM,EAAE,eAAe;IACvB,MAAM,EAAE,WAAW;IACnB,MAAM,EAAE,cAAc;CACvB,CAAC;AAEF,kEAAkE;AAClE,MAAM,UAAU,GAAgB,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC/D,MAAM,YAAY,GAAW,OAAO,CAClC,OAAO,CAAC,GAAG,CAAC,eAAe;OACtB,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,OAAO,CAAC,8BAA8B,CAAC,CAAC,EAAE,MAAM,CAAC,CAC/E,CAAC;AAEF,SAAS,gBAAgB,CAAC,MAAc;IACtC,OAAO,CAAC,GAAyB,EAAE,GAAwB,EAAE,EAAE;QAC7D,MAAM,OAAO,GAAG,SAAS,CAAC,kBAAkB,CAAC,CAAC,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAC9E,IAAI,QAAQ,GAAG,OAAO,CAAC,YAAY,EAAE,OAAO,KAAK,GAAG,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,IAAI,OAAO,EAAE,CAAC,CAAC;QAErF,6EAA6E;QAC7E,MAAM,GAAG,GAAG,QAAQ,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAC;QAC7C,IAAI,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,OAAO,CAAC,YAAY,EAAE,GAAG,CAAC,KAAK,QAAQ,EAAE,CAAC;YACpE,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;YACnB,GAAG,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;YACrB,OAAO;QACT,CAAC;QAED,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC1B,eAAe;YACf,QAAQ,GAAG,IAAI,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC;QAC9C,CAAC;QAED,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC1B,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;YACnB,GAAG,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;YACrB,OAAO;QACT,CAAC;QAED,MAAM,GAAG,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;QAC9B,MAAM,WAAW,GAAG,UAAU,CAAC,GAAG,CAAC,IAAI,0BAA0B,CAAC;QAElE,IAAI,CAAC;YACH,IAAI,OAAO,GAAG,YAAY,CAAC,QAAQ,CAAC,CAAC;YAErC,0EAA0E;YAC1E,IAAI,GAAG,KAAK,OAAO,EAAE,CAAC;gBACpB,MAAM,IAAI,GAAG,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;gBACtC,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAC3B,SAAS,EACT,uCAAuC,MAAM,sBAAsB,CACpE,CAAC;gBACF,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;YAC1C,CAAC;YAED,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,WAAW,EAAE,CAAC,CAAC;YACpD,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QACnB,CAAC;QAAC,MAAM,CAAC;YACP,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;YACnB,GAAG,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;QAC1B,CAAC;IACH,CAAC,CAAC;AACJ,CAAC;AAED,SAAS,IAAI;IACX,6EAA6E;IAC7E,gBAAgB,EAAE,CAAC;IAEnB,4CAA4C;IAC5C,MAAM,MAAM,GAAG,kBAAkB,EAAE,CAAC;IAEpC,oBAAoB;IACpB,eAAe,CAAC,IAAI,aAAa,EAAE,CAAC,CAAC;IACrC,eAAe,CAAC,IAAI,YAAY,EAAE,CAAC,CAAC;IACpC,eAAe,CAAC,IAAI,UAAU,EAAE,CAAC,CAAC;IAClC,eAAe,CAAC,IAAI,gBAAgB,EAAE,CAAC,CAAC;IAExC,kBAAkB;IAClB,cAAc,CAAC,CAAC,aAAa,EAAE,EAAE;QAC/B,uBAAuB,CAAC,aAAa,EAAE,cAAc,CAAC,CAAC;IACzD,CAAC,CAAC,CAAC;IAEH,+BAA+B;IAC/B,MAAM,QAAQ,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,YAAY,IAAI,MAAM,CAAC,mBAAmB,CAAC,EAAE,EAAE,CAAC,CAAC;IACvF,MAAM,WAAW,GAAG,kBAAkB,CAAC;QACrC,MAAM,EAAE,qBAAqB;QAC7B,YAAY,EAAE;YACZ,CAAC,IAAI,EAAE,EAAE,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE;gBACtB,MAAM,UAAU,GAAG,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,eAAe,CAAC,IAAI,EAAE,CAAC;gBACzD,MAAM,KAAK,GAAG,UAAU,CAAC,OAAO,CAAC,aAAa,EAAE,EAAE,CAAC,CAAC;gBACpD,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,EAAE,CAAC;oBACzB,MAAM,IAAI,YAAY,CAAC,cAAc,EAAE,IAAI,CAAC,eAAe,CAAC,CAAC;gBAC/D,CAAC;gBACD,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC;YACnB,CAAC;SACF;KACF,CAAC,CAAC;IACH,MAAM,UAAU,GAAG,KAAK,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC;IAEnD,UAAU,CAAC,MAAM,CAAC,QAAQ,EAAE,WAAW,EAAE,GAAG,EAAE;QAC5C,MAAM,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,8CAA8C,EAAE,QAAQ,CAAC,CAAC;IAC5F,CAAC,CAAC,CAAC;IAEH,4CAA4C;IAC5C,MAAM,OAAO,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,gBAAgB,IAAI,MAAM,CAAC,gBAAgB,CAAC,EAAE,EAAE,CAAC,CAAC;IACvF,MAAM,SAAS,GAAG,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC,CAAC;IAE9D,cAAc,CAAC,SAAS,EAAE,YAAY,CAAC,CAAC;IAExC,SAAS,CAAC,MAAM,CAAC,OAAO,EAAE,WAAW,EAAE,GAAG,EAAE;QAC1C,MAAM,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,2CAA2C,EAAE,OAAO,CAAC,CAAC;IACvF,CAAC,CAAC,CAAC;IAEH,oBAAoB;IACpB,KAAK,UAAU,QAAQ;QACrB,MAAM,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;QAChC,MAAM,eAAe,EAAE,CAAC;QACxB,UAAU,CAAC,KAAK,EAAE,CAAC;QACnB,SAAS,CAAC,KAAK,EAAE,CAAC;QAClB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,OAAO,CAAC,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAC/B,OAAO,CAAC,EAAE,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;AAClC,CAAC;AAED,IAAI,EAAE,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@grackle-ai/server",
|
|
3
|
-
"version": "0.0.
|
|
3
|
+
"version": "0.0.6",
|
|
4
4
|
"description": "Central gRPC server with SQLite storage and WebSocket bridge for Grackle",
|
|
5
5
|
"license": "MIT",
|
|
6
6
|
"repository": {
|
|
@@ -28,7 +28,8 @@
|
|
|
28
28
|
"@bufbuild/protobuf": "^2.5.0",
|
|
29
29
|
"@connectrpc/connect": "^2.0.0",
|
|
30
30
|
"@connectrpc/connect-node": "^2.0.0",
|
|
31
|
-
"@grackle-ai/common": "0.0.
|
|
31
|
+
"@grackle-ai/common": "0.0.6",
|
|
32
|
+
"@grackle-ai/web": "0.0.6",
|
|
32
33
|
"better-sqlite3": "^11.0.0",
|
|
33
34
|
"drizzle-orm": "^0.38.0",
|
|
34
35
|
"pino": "^10.3.1",
|