@hasna/terminal 3.3.1 → 3.3.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/dist/mcp/server.js +4 -4
  2. package/dist/noise-filter.js +13 -5
  3. package/package.json +1 -1
  4. package/src/mcp/server.ts +4 -4
  5. package/src/noise-filter.ts +13 -5
package/dist/mcp/server.js CHANGED
@@ -21,9 +21,9 @@ import { shouldBeLazy, toLazy } from "../lazy-executor.js";
21
21
  import { getEconomyStats, recordSaving } from "../economy.js";
22
22
  import { captureSnapshot } from "../snapshots.js";
23
23
  // ── helpers ──────────────────────────────────────────────────────────────────
24
- function exec(command, cwd, timeout) {
25
- // Auto-optimize command before execution
26
- const rw = rewriteCommand(command);
24
+ function exec(command, cwd, timeout, allowRewrite = false) {
25
+ // Only rewrite when explicitly allowed (execute_smart, not raw execute)
26
+ const rw = allowRewrite ? rewriteCommand(command) : { changed: false, rewritten: command };
27
27
  const actualCommand = rw.changed ? rw.rewritten : command;
28
28
  return new Promise((resolve) => {
29
29
  const start = Date.now();
@@ -135,7 +135,7 @@ export function createServer() {
135
135
  cwd: z.string().optional().describe("Working directory"),
136
136
  timeout: z.number().optional().describe("Timeout in ms (default: 30000)"),
137
137
  }, async ({ command, cwd, timeout }) => {
138
- const result = await exec(command, cwd, timeout ?? 30000);
138
+ const result = await exec(command, cwd, timeout ?? 30000, true); // allow rewrite for smart mode
139
139
  const output = (result.stdout + result.stderr).trim();
140
140
  const processed = await processOutput(command, output);
141
141
  // Progressive disclosure: store full output, return summary + expand key
package/dist/noise-filter.js CHANGED
@@ -33,15 +33,23 @@ const NOISE_PATTERNS = [
33
33
  // Generic download/upload progress
34
34
  /^\s*\d+(\.\d+)?\s*[KMG]?B\s*\/\s*\d+(\.\d+)?\s*[KMG]?B\b/,
35
35
  ];
36
- // Sensitive env var patterns — redact values, keep names only if needed
36
+ // Sensitive env var patterns — ONLY match actual env var assignments (export X=val, X=val at line start)
37
+ // NOT code lines like `const API_KEY = process.env.API_KEY` or `this.token = config.token`
37
38
  const SENSITIVE_PATTERNS = [
38
- /^(.*(?:KEY|TOKEN|SECRET|PASSWORD|CREDENTIAL|AUTH).*?)=(.+)$/i,
39
- /^(.*(?:API_KEY|ACCESS_KEY|PRIVATE_KEY|CLIENT_SECRET).*?)=(.+)$/i,
39
+ // export KEY_NAME="value" or KEY_NAME=value (shell env vars only)
40
+ /^(export\s+[A-Z_]*(?:KEY|TOKEN|SECRET|PASSWORD|CREDENTIAL)[A-Z_]*)=(.+)$/,
41
+ // Plain env assignment at start of line (no leading whitespace = not code)
42
+ /^([A-Z_]*(?:API_KEY|ACCESS_KEY|PRIVATE_KEY|CLIENT_SECRET|AUTH_TOKEN)[A-Z_]*)=(.+)$/,
40
43
  ];
41
- /** Redact sensitive values in output (env vars, credentials) */
44
+ /** Redact sensitive values in output (env vars only, not code) */
42
45
  function redactSensitive(line) {
46
+ const trimmed = line.trim();
47
+ // Skip lines that look like code (have leading whitespace, semicolons, const/let/var, etc.)
48
+ if (/^\s*(const|let|var|this\.|private|public|protected|import|export\s+(default|const|let|function|class)|\/\/|\/\*|\*)/.test(line)) {
49
+ return line; // Code — never redact
50
+ }
43
51
  for (const pattern of SENSITIVE_PATTERNS) {
44
- const match = line.match(pattern);
52
+ const match = trimmed.match(pattern);
45
53
  if (match) {
46
54
  return `${match[1]}=[REDACTED]`;
47
55
  }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@hasna/terminal",
3
- "version": "3.3.1",
3
+ "version": "3.3.2",
4
4
  "description": "Smart terminal wrapper for AI agents and humans — structured output, token compression, MCP server, natural language",
5
5
  "type": "module",
6
6
  "files": [
package/src/mcp/server.ts CHANGED
@@ -24,9 +24,9 @@ import { captureSnapshot } from "../snapshots.js";
24
24
 
25
25
  // ── helpers ──────────────────────────────────────────────────────────────────
26
26
 
27
- function exec(command: string, cwd?: string, timeout?: number): Promise<{ exitCode: number; stdout: string; stderr: string; duration: number; rewritten?: string }> {
28
- // Auto-optimize command before execution
29
- const rw = rewriteCommand(command);
27
+ function exec(command: string, cwd?: string, timeout?: number, allowRewrite: boolean = false): Promise<{ exitCode: number; stdout: string; stderr: string; duration: number; rewritten?: string }> {
28
+ // Only rewrite when explicitly allowed (execute_smart, not raw execute)
29
+ const rw = allowRewrite ? rewriteCommand(command) : { changed: false, rewritten: command };
30
30
  const actualCommand = rw.changed ? rw.rewritten : command;
31
31
  return new Promise((resolve) => {
32
32
  const start = Date.now();
@@ -156,7 +156,7 @@ export function createServer(): McpServer {
156
156
  timeout: z.number().optional().describe("Timeout in ms (default: 30000)"),
157
157
  },
158
158
  async ({ command, cwd, timeout }) => {
159
- const result = await exec(command, cwd, timeout ?? 30000);
159
+ const result = await exec(command, cwd, timeout ?? 30000, true); // allow rewrite for smart mode
160
160
  const output = (result.stdout + result.stderr).trim();
161
161
  const processed = await processOutput(command, output);
162
162
 
package/src/noise-filter.ts CHANGED
@@ -41,16 +41,24 @@ const NOISE_PATTERNS: RegExp[] = [
41
41
  /^\s*\d+(\.\d+)?\s*[KMG]?B\s*\/\s*\d+(\.\d+)?\s*[KMG]?B\b/,
42
42
  ];
43
43
 
44
- // Sensitive env var patterns — redact values, keep names only if needed
44
+ // Sensitive env var patterns — ONLY match actual env var assignments (export X=val, X=val at line start)
45
+ // NOT code lines like `const API_KEY = process.env.API_KEY` or `this.token = config.token`
45
46
  const SENSITIVE_PATTERNS = [
46
- /^(.*(?:KEY|TOKEN|SECRET|PASSWORD|CREDENTIAL|AUTH).*?)=(.+)$/i,
47
- /^(.*(?:API_KEY|ACCESS_KEY|PRIVATE_KEY|CLIENT_SECRET).*?)=(.+)$/i,
47
+ // export KEY_NAME="value" or KEY_NAME=value (shell env vars only)
48
+ /^(export\s+[A-Z_]*(?:KEY|TOKEN|SECRET|PASSWORD|CREDENTIAL)[A-Z_]*)=(.+)$/,
49
+ // Plain env assignment at start of line (no leading whitespace = not code)
50
+ /^([A-Z_]*(?:API_KEY|ACCESS_KEY|PRIVATE_KEY|CLIENT_SECRET|AUTH_TOKEN)[A-Z_]*)=(.+)$/,
48
51
  ];
49
52
 
50
- /** Redact sensitive values in output (env vars, credentials) */
53
+ /** Redact sensitive values in output (env vars only, not code) */
51
54
  function redactSensitive(line: string): string {
55
+ const trimmed = line.trim();
56
+ // Skip lines that look like code (have leading whitespace, semicolons, const/let/var, etc.)
57
+ if (/^\s*(const|let|var|this\.|private|public|protected|import|export\s+(default|const|let|function|class)|\/\/|\/\*|\*)/.test(line)) {
58
+ return line; // Code — never redact
59
+ }
52
60
  for (const pattern of SENSITIVE_PATTERNS) {
53
- const match = line.match(pattern);
61
+ const match = trimmed.match(pattern);
54
62
  if (match) {
55
63
  return `${match[1]}=[REDACTED]`;
56
64
  }