@howlil/ez-agents 2.0.0 → 2.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (106) hide show
  1. package/LICENSE +21 -21
  2. package/README.md +93 -93
  3. package/agents/ez-plan-checker.md +2 -2
  4. package/agents/ez-research-synthesizer.md +1 -1
  5. package/agents/ez-ui-researcher.md +1 -1
  6. package/agents/ez-verifier.md +1 -1
  7. package/bin/install.js +132 -132
  8. package/get-shit-done/bin/lib/assistant-adapter.cjs +205 -205
  9. package/get-shit-done/bin/lib/audit-exec.cjs +150 -150
  10. package/get-shit-done/bin/lib/auth.cjs +175 -175
  11. package/get-shit-done/bin/lib/circuit-breaker.cjs +118 -118
  12. package/get-shit-done/bin/lib/commands.cjs +666 -666
  13. package/get-shit-done/bin/lib/config.cjs +183 -183
  14. package/get-shit-done/bin/lib/core.cjs +495 -495
  15. package/get-shit-done/bin/lib/file-lock.cjs +236 -236
  16. package/get-shit-done/bin/lib/frontmatter.cjs +299 -299
  17. package/get-shit-done/bin/lib/fs-utils.cjs +153 -153
  18. package/get-shit-done/bin/lib/git-utils.cjs +203 -203
  19. package/get-shit-done/bin/lib/health-check.cjs +163 -163
  20. package/get-shit-done/bin/lib/index.cjs +113 -113
  21. package/get-shit-done/bin/lib/init.cjs +710 -710
  22. package/get-shit-done/bin/lib/logger.cjs +117 -117
  23. package/get-shit-done/bin/lib/milestone.cjs +241 -241
  24. package/get-shit-done/bin/lib/model-provider.cjs +146 -146
  25. package/get-shit-done/bin/lib/phase.cjs +908 -908
  26. package/get-shit-done/bin/lib/retry.cjs +119 -119
  27. package/get-shit-done/bin/lib/roadmap.cjs +305 -305
  28. package/get-shit-done/bin/lib/safe-exec.cjs +128 -128
  29. package/get-shit-done/bin/lib/safe-path.cjs +130 -130
  30. package/get-shit-done/bin/lib/state.cjs +721 -721
  31. package/get-shit-done/bin/lib/temp-file.cjs +239 -239
  32. package/get-shit-done/bin/lib/template.cjs +222 -222
  33. package/get-shit-done/bin/lib/test-file-lock.cjs +112 -112
  34. package/get-shit-done/bin/lib/test-graceful.cjs +93 -93
  35. package/get-shit-done/bin/lib/test-logger.cjs +60 -60
  36. package/get-shit-done/bin/lib/test-safe-exec.cjs +38 -38
  37. package/get-shit-done/bin/lib/test-safe-path.cjs +33 -33
  38. package/get-shit-done/bin/lib/test-temp-file.cjs +125 -125
  39. package/get-shit-done/bin/lib/timeout-exec.cjs +62 -62
  40. package/get-shit-done/bin/lib/verify.cjs +820 -820
  41. package/get-shit-done/references/checkpoints.md +776 -776
  42. package/get-shit-done/references/questioning.md +162 -162
  43. package/get-shit-done/references/tdd.md +263 -263
  44. package/get-shit-done/templates/codebase/concerns.md +310 -310
  45. package/get-shit-done/templates/codebase/conventions.md +307 -307
  46. package/get-shit-done/templates/codebase/integrations.md +280 -280
  47. package/get-shit-done/templates/codebase/stack.md +186 -186
  48. package/get-shit-done/templates/codebase/testing.md +480 -480
  49. package/get-shit-done/templates/config.json +37 -37
  50. package/get-shit-done/templates/continue-here.md +78 -78
  51. package/get-shit-done/templates/milestone-archive.md +123 -123
  52. package/get-shit-done/templates/milestone.md +115 -115
  53. package/get-shit-done/templates/requirements.md +231 -231
  54. package/get-shit-done/templates/research-project/ARCHITECTURE.md +204 -204
  55. package/get-shit-done/templates/research-project/FEATURES.md +147 -147
  56. package/get-shit-done/templates/research-project/PITFALLS.md +200 -200
  57. package/get-shit-done/templates/research-project/STACK.md +120 -120
  58. package/get-shit-done/templates/research-project/SUMMARY.md +170 -170
  59. package/get-shit-done/templates/retrospective.md +54 -54
  60. package/get-shit-done/templates/roadmap.md +202 -202
  61. package/get-shit-done/templates/summary-minimal.md +41 -41
  62. package/get-shit-done/templates/summary-standard.md +48 -48
  63. package/get-shit-done/templates/summary.md +248 -248
  64. package/get-shit-done/templates/user-setup.md +311 -311
  65. package/get-shit-done/templates/verification-report.md +322 -322
  66. package/get-shit-done/workflows/add-phase.md +112 -112
  67. package/get-shit-done/workflows/add-tests.md +351 -351
  68. package/get-shit-done/workflows/add-todo.md +158 -158
  69. package/get-shit-done/workflows/audit-milestone.md +332 -332
  70. package/get-shit-done/workflows/autonomous.md +743 -743
  71. package/get-shit-done/workflows/check-todos.md +177 -177
  72. package/get-shit-done/workflows/cleanup.md +152 -152
  73. package/get-shit-done/workflows/complete-milestone.md +766 -766
  74. package/get-shit-done/workflows/diagnose-issues.md +219 -219
  75. package/get-shit-done/workflows/discovery-phase.md +289 -289
  76. package/get-shit-done/workflows/discuss-phase.md +762 -762
  77. package/get-shit-done/workflows/execute-phase.md +468 -468
  78. package/get-shit-done/workflows/execute-plan.md +483 -483
  79. package/get-shit-done/workflows/health.md +159 -159
  80. package/get-shit-done/workflows/help.md +492 -492
  81. package/get-shit-done/workflows/insert-phase.md +130 -130
  82. package/get-shit-done/workflows/list-phase-assumptions.md +178 -178
  83. package/get-shit-done/workflows/map-codebase.md +316 -316
  84. package/get-shit-done/workflows/new-milestone.md +384 -384
  85. package/get-shit-done/workflows/new-project.md +1111 -1111
  86. package/get-shit-done/workflows/node-repair.md +92 -92
  87. package/get-shit-done/workflows/pause-work.md +122 -122
  88. package/get-shit-done/workflows/plan-milestone-gaps.md +274 -274
  89. package/get-shit-done/workflows/plan-phase.md +651 -651
  90. package/get-shit-done/workflows/progress.md +382 -382
  91. package/get-shit-done/workflows/quick.md +610 -610
  92. package/get-shit-done/workflows/remove-phase.md +155 -155
  93. package/get-shit-done/workflows/research-phase.md +74 -74
  94. package/get-shit-done/workflows/resume-project.md +307 -307
  95. package/get-shit-done/workflows/set-profile.md +81 -81
  96. package/get-shit-done/workflows/settings.md +242 -242
  97. package/get-shit-done/workflows/stats.md +57 -57
  98. package/get-shit-done/workflows/transition.md +544 -544
  99. package/get-shit-done/workflows/ui-phase.md +290 -290
  100. package/get-shit-done/workflows/ui-review.md +157 -157
  101. package/get-shit-done/workflows/update.md +320 -320
  102. package/get-shit-done/workflows/validate-phase.md +167 -167
  103. package/get-shit-done/workflows/verify-phase.md +243 -243
  104. package/package.json +1 -1
  105. package/scripts/build-hooks.js +43 -43
  106. package/scripts/run-tests.cjs +29 -29
@@ -1,128 +1,128 @@
1
- #!/usr/bin/env node
2
-
3
- /**
4
- * GSD Safe Exec — Secure command execution with allowlist and validation
5
- *
6
- * Prevents command injection by:
7
- * - Using execFile instead of execSync with string concatenation
8
- * - Validating commands against allowlist
9
- * - Blocking dangerous shell metacharacters in arguments
10
- * - Logging all commands for audit
11
- *
12
- * Usage:
13
- * const { safeExec, safeExecJSON } = require('./safe-exec.cjs');
14
- * const result = await safeExec('git', ['status']);
15
- */
16
-
17
- const { execFile } = require('child_process');
18
- const { promisify } = require('util');
19
- const execFileAsync = promisify(execFile);
20
- const Logger = require('./logger.cjs');
21
- const logger = new Logger();
22
-
23
- // Allowlist of safe commands
24
- const ALLOWED_COMMANDS = new Set([
25
- 'git', 'node', 'npm', 'npx', 'find', 'grep', 'head', 'tail', 'wc',
26
- 'mkdir', 'cp', 'mv', 'rm', 'cat', 'echo', 'test', 'ls', 'dir',
27
- 'pwd', 'cd', 'type', 'where', 'which', 'chmod', 'touch'
28
- ]);
29
-
30
- // Dangerous shell metacharacters that could enable injection
31
- const DANGEROUS_PATTERN = /[;&|`$(){}\\<>]/;
32
-
33
- /**
34
- * Validate command is in allowlist
35
- * @param {string} cmd - Command to validate
36
- * @throws {Error} If command not allowed
37
- */
38
- function validateCommand(cmd) {
39
- const baseCmd = cmd.split(' ')[0].toLowerCase();
40
- if (!ALLOWED_COMMANDS.has(baseCmd)) {
41
- throw new Error(`Command not allowed: ${cmd}. Allowed: ${Array.from(ALLOWED_COMMANDS).join(', ')}`);
42
- }
43
- }
44
-
45
- /**
46
- * Validate arguments don't contain injection patterns
47
- * @param {string[]} args - Arguments to validate
48
- * @throws {Error} If dangerous pattern found
49
- */
50
- function validateArgs(args) {
51
- for (const arg of args) {
52
- if (DANGEROUS_PATTERN.test(arg)) {
53
- throw new Error(`Dangerous argument rejected: ${arg}`);
54
- }
55
- }
56
- }
57
-
58
- /**
59
- * Execute command safely with validation and logging
60
- * @param {string} cmd - Command to execute
61
- * @param {string[]} args - Command arguments
62
- * @param {Object} options - Execution options
63
- * @returns {Promise<string>} - Command stdout
64
- */
65
- async function safeExec(cmd, args = [], options = {}) {
66
- const { timeout = 30000, log = true } = options;
67
-
68
- // Validate command and arguments
69
- validateCommand(cmd);
70
- validateArgs(args);
71
-
72
- const startTime = Date.now();
73
-
74
- try {
75
- if (log) {
76
- logger.info('Executing command', {
77
- cmd,
78
- args,
79
- timestamp: new Date().toISOString()
80
- });
81
- }
82
-
83
- const result = await execFileAsync(cmd, args, {
84
- timeout,
85
- maxBuffer: 10 * 1024 * 1024 // 10MB buffer
86
- });
87
-
88
- const duration = Date.now() - startTime;
89
- if (log) {
90
- logger.debug('Command completed', {
91
- cmd,
92
- duration,
93
- stdout_length: result.stdout?.length || 0
94
- });
95
- }
96
-
97
- return result.stdout.trim();
98
- } catch (err) {
99
- const duration = Date.now() - startTime;
100
- logger.error('Command failed', {
101
- cmd,
102
- args,
103
- error: err.message,
104
- duration,
105
- code: err.code,
106
- signal: err.signal
107
- });
108
- throw err;
109
- }
110
- }
111
-
112
- /**
113
- * Execute command and return JSON parsed output
114
- * @param {string} cmd - Command to execute
115
- * @param {string[]} args - Command arguments
116
- * @returns {Promise<Object>} - Parsed JSON output
117
- */
118
- async function safeExecJSON(cmd, args = []) {
119
- const output = await safeExec(cmd, args);
120
- try {
121
- return JSON.parse(output);
122
- } catch (err) {
123
- logger.error('Failed to parse JSON output', { cmd, output });
124
- throw new Error(`Invalid JSON from ${cmd}: ${err.message}`);
125
- }
126
- }
127
-
128
- module.exports = { safeExec, safeExecJSON, ALLOWED_COMMANDS };
1
+ #!/usr/bin/env node
2
+
3
+ /**
4
+ * GSD Safe Exec — Secure command execution with allowlist and validation
5
+ *
6
+ * Prevents command injection by:
7
+ * - Using execFile instead of execSync with string concatenation
8
+ * - Validating commands against allowlist
9
+ * - Blocking dangerous shell metacharacters in arguments
10
+ * - Logging all commands for audit
11
+ *
12
+ * Usage:
13
+ * const { safeExec, safeExecJSON } = require('./safe-exec.cjs');
14
+ * const result = await safeExec('git', ['status']);
15
+ */
16
+
17
+ const { execFile } = require('child_process');
18
+ const { promisify } = require('util');
19
+ const execFileAsync = promisify(execFile);
20
+ const Logger = require('./logger.cjs');
21
+ const logger = new Logger();
22
+
23
+ // Allowlist of safe commands
24
+ const ALLOWED_COMMANDS = new Set([
25
+ 'git', 'node', 'npm', 'npx', 'find', 'grep', 'head', 'tail', 'wc',
26
+ 'mkdir', 'cp', 'mv', 'rm', 'cat', 'echo', 'test', 'ls', 'dir',
27
+ 'pwd', 'cd', 'type', 'where', 'which', 'chmod', 'touch'
28
+ ]);
29
+
30
+ // Dangerous shell metacharacters that could enable injection
31
+ const DANGEROUS_PATTERN = /[;&|`$(){}\\<>]/;
32
+
33
+ /**
34
+ * Validate command is in allowlist
35
+ * @param {string} cmd - Command to validate
36
+ * @throws {Error} If command not allowed
37
+ */
38
+ function validateCommand(cmd) {
39
+ const baseCmd = cmd.split(' ')[0].toLowerCase();
40
+ if (!ALLOWED_COMMANDS.has(baseCmd)) {
41
+ throw new Error(`Command not allowed: ${cmd}. Allowed: ${Array.from(ALLOWED_COMMANDS).join(', ')}`);
42
+ }
43
+ }
44
+
45
+ /**
46
+ * Validate arguments don't contain injection patterns
47
+ * @param {string[]} args - Arguments to validate
48
+ * @throws {Error} If dangerous pattern found
49
+ */
50
+ function validateArgs(args) {
51
+ for (const arg of args) {
52
+ if (DANGEROUS_PATTERN.test(arg)) {
53
+ throw new Error(`Dangerous argument rejected: ${arg}`);
54
+ }
55
+ }
56
+ }
57
+
58
+ /**
59
+ * Execute command safely with validation and logging
60
+ * @param {string} cmd - Command to execute
61
+ * @param {string[]} args - Command arguments
62
+ * @param {Object} options - Execution options
63
+ * @returns {Promise<string>} - Command stdout
64
+ */
65
+ async function safeExec(cmd, args = [], options = {}) {
66
+ const { timeout = 30000, log = true } = options;
67
+
68
+ // Validate command and arguments
69
+ validateCommand(cmd);
70
+ validateArgs(args);
71
+
72
+ const startTime = Date.now();
73
+
74
+ try {
75
+ if (log) {
76
+ logger.info('Executing command', {
77
+ cmd,
78
+ args,
79
+ timestamp: new Date().toISOString()
80
+ });
81
+ }
82
+
83
+ const result = await execFileAsync(cmd, args, {
84
+ timeout,
85
+ maxBuffer: 10 * 1024 * 1024 // 10MB buffer
86
+ });
87
+
88
+ const duration = Date.now() - startTime;
89
+ if (log) {
90
+ logger.debug('Command completed', {
91
+ cmd,
92
+ duration,
93
+ stdout_length: result.stdout?.length || 0
94
+ });
95
+ }
96
+
97
+ return result.stdout.trim();
98
+ } catch (err) {
99
+ const duration = Date.now() - startTime;
100
+ logger.error('Command failed', {
101
+ cmd,
102
+ args,
103
+ error: err.message,
104
+ duration,
105
+ code: err.code,
106
+ signal: err.signal
107
+ });
108
+ throw err;
109
+ }
110
+ }
111
+
112
+ /**
113
+ * Execute command and return JSON parsed output
114
+ * @param {string} cmd - Command to execute
115
+ * @param {string[]} args - Command arguments
116
+ * @returns {Promise<Object>} - Parsed JSON output
117
+ */
118
+ async function safeExecJSON(cmd, args = []) {
119
+ const output = await safeExec(cmd, args);
120
+ try {
121
+ return JSON.parse(output);
122
+ } catch (err) {
123
+ logger.error('Failed to parse JSON output', { cmd, output });
124
+ throw new Error(`Invalid JSON from ${cmd}: ${err.message}`);
125
+ }
126
+ }
127
+
128
+ module.exports = { safeExec, safeExecJSON, ALLOWED_COMMANDS };
@@ -1,130 +1,130 @@
1
- #!/usr/bin/env node
2
-
3
- /**
4
- * GSD Safe Path — Path traversal prevention utility
5
- *
6
- * Prevents path traversal attacks by:
7
- * - Resolving and validating paths against base directory
8
- * - Blocking paths that escape base directory
9
- * - Handling Windows and Unix path formats
10
- * - Logging blocked attempts for security audit
11
- *
12
- * Usage:
13
- * const { normalizePath, isPathSafe, safeReadFile } = require('./safe-path.cjs');
14
- * const safePath = normalizePath(process.cwd(), userPath);
15
- */
16
-
17
- const path = require('path');
18
- const fs = require('fs');
19
- const Logger = require('./logger.cjs');
20
- const logger = new Logger();
21
-
22
- /**
23
- * Normalize and validate a user-provided path against a base directory
24
- * @param {string} baseDir - Base directory (trusted)
25
- * @param {string} userPath - User-provided path (untrusted)
26
- * @returns {string} - Resolved absolute path if safe
27
- * @throws {Error} If path traversal detected
28
- */
29
- function normalizePath(baseDir, userPath) {
30
- // Resolve both paths to absolute
31
- const resolvedBase = path.resolve(baseDir);
32
- const resolvedUser = path.resolve(baseDir, userPath);
33
-
34
- // Normalize for comparison (handle Windows backslashes)
35
- const normalizedBase = resolvedBase + path.sep;
36
-
37
- // Check if user path is within base directory
38
- const isWithin =
39
- resolvedUser === resolvedBase ||
40
- resolvedUser.startsWith(normalizedBase);
41
-
42
- if (!isWithin) {
43
- logger.error('Path traversal detected', {
44
- baseDir: resolvedBase,
45
- userPath,
46
- resolvedUser,
47
- timestamp: new Date().toISOString()
48
- });
49
- throw new Error(`Path traversal detected: ${userPath}`);
50
- }
51
-
52
- return resolvedUser;
53
- }
54
-
55
- /**
56
- * Check if a path is safe (within base directory) without throwing
57
- * @param {string} baseDir - Base directory (trusted)
58
- * @param {string} userPath - User-provided path (untrusted)
59
- * @returns {boolean} - True if path is safe
60
- */
61
- function isPathSafe(baseDir, userPath) {
62
- try {
63
- normalizePath(baseDir, userPath);
64
- return true;
65
- } catch (err) {
66
- return false;
67
- }
68
- }
69
-
70
- /**
71
- * Validate path exists and is safe
72
- * @param {string} baseDir - Base directory
73
- * @param {string} userPath - User-provided path
74
- * @returns {string} - Resolved path if exists and safe
75
- * @throws {Error} If not found or traversal detected
76
- */
77
- function validatePathExists(baseDir, userPath) {
78
- const resolvedPath = normalizePath(baseDir, userPath);
79
-
80
- if (!fs.existsSync(resolvedPath)) {
81
- logger.warn('Path does not exist', {
82
- resolvedPath,
83
- userPath
84
- });
85
- throw new Error(`Path not found: ${userPath}`);
86
- }
87
-
88
- return resolvedPath;
89
- }
90
-
91
- /**
92
- * Safely read a file (validates path before reading)
93
- * @param {string} baseDir - Base directory
94
- * @param {string} userPath - User-provided path
95
- * @param {string} encoding - File encoding (default: utf-8)
96
- * @returns {string} - File content
97
- * @throws {Error} If path unsafe or file not found
98
- */
99
- function safeReadFile(baseDir, userPath, encoding = 'utf-8') {
100
- const resolvedPath = validatePathExists(baseDir, userPath);
101
-
102
- logger.debug('Reading file', { resolvedPath, userPath });
103
-
104
- return fs.readFileSync(resolvedPath, encoding);
105
- }
106
-
107
- /**
108
- * Get relative path from base, with validation
109
- * @param {string} baseDir - Base directory
110
- * @param {string} fullPath - Full path to convert
111
- * @returns {string} - Relative path or throws if outside base
112
- */
113
- function toRelativePath(baseDir, fullPath) {
114
- const resolvedFull = path.resolve(fullPath);
115
- const resolvedBase = path.resolve(baseDir);
116
-
117
- if (!isPathSafe(baseDir, resolvedFull)) {
118
- throw new Error(`Path outside base: ${fullPath}`);
119
- }
120
-
121
- return path.relative(resolvedBase, resolvedFull);
122
- }
123
-
124
- module.exports = {
125
- normalizePath,
126
- isPathSafe,
127
- validatePathExists,
128
- safeReadFile,
129
- toRelativePath
130
- };
1
+ #!/usr/bin/env node
2
+
3
+ /**
4
+ * GSD Safe Path — Path traversal prevention utility
5
+ *
6
+ * Prevents path traversal attacks by:
7
+ * - Resolving and validating paths against base directory
8
+ * - Blocking paths that escape base directory
9
+ * - Handling Windows and Unix path formats
10
+ * - Logging blocked attempts for security audit
11
+ *
12
+ * Usage:
13
+ * const { normalizePath, isPathSafe, safeReadFile } = require('./safe-path.cjs');
14
+ * const safePath = normalizePath(process.cwd(), userPath);
15
+ */
16
+
17
+ const path = require('path');
18
+ const fs = require('fs');
19
+ const Logger = require('./logger.cjs');
20
+ const logger = new Logger();
21
+
22
+ /**
23
+ * Normalize and validate a user-provided path against a base directory
24
+ * @param {string} baseDir - Base directory (trusted)
25
+ * @param {string} userPath - User-provided path (untrusted)
26
+ * @returns {string} - Resolved absolute path if safe
27
+ * @throws {Error} If path traversal detected
28
+ */
29
+ function normalizePath(baseDir, userPath) {
30
+ // Resolve both paths to absolute
31
+ const resolvedBase = path.resolve(baseDir);
32
+ const resolvedUser = path.resolve(baseDir, userPath);
33
+
34
+ // Normalize for comparison (handle Windows backslashes)
35
+ const normalizedBase = resolvedBase + path.sep;
36
+
37
+ // Check if user path is within base directory
38
+ const isWithin =
39
+ resolvedUser === resolvedBase ||
40
+ resolvedUser.startsWith(normalizedBase);
41
+
42
+ if (!isWithin) {
43
+ logger.error('Path traversal detected', {
44
+ baseDir: resolvedBase,
45
+ userPath,
46
+ resolvedUser,
47
+ timestamp: new Date().toISOString()
48
+ });
49
+ throw new Error(`Path traversal detected: ${userPath}`);
50
+ }
51
+
52
+ return resolvedUser;
53
+ }
54
+
55
+ /**
56
+ * Check if a path is safe (within base directory) without throwing
57
+ * @param {string} baseDir - Base directory (trusted)
58
+ * @param {string} userPath - User-provided path (untrusted)
59
+ * @returns {boolean} - True if path is safe
60
+ */
61
+ function isPathSafe(baseDir, userPath) {
62
+ try {
63
+ normalizePath(baseDir, userPath);
64
+ return true;
65
+ } catch (err) {
66
+ return false;
67
+ }
68
+ }
69
+
70
+ /**
71
+ * Validate path exists and is safe
72
+ * @param {string} baseDir - Base directory
73
+ * @param {string} userPath - User-provided path
74
+ * @returns {string} - Resolved path if exists and safe
75
+ * @throws {Error} If not found or traversal detected
76
+ */
77
+ function validatePathExists(baseDir, userPath) {
78
+ const resolvedPath = normalizePath(baseDir, userPath);
79
+
80
+ if (!fs.existsSync(resolvedPath)) {
81
+ logger.warn('Path does not exist', {
82
+ resolvedPath,
83
+ userPath
84
+ });
85
+ throw new Error(`Path not found: ${userPath}`);
86
+ }
87
+
88
+ return resolvedPath;
89
+ }
90
+
91
+ /**
92
+ * Safely read a file (validates path before reading)
93
+ * @param {string} baseDir - Base directory
94
+ * @param {string} userPath - User-provided path
95
+ * @param {string} encoding - File encoding (default: utf-8)
96
+ * @returns {string} - File content
97
+ * @throws {Error} If path unsafe or file not found
98
+ */
99
+ function safeReadFile(baseDir, userPath, encoding = 'utf-8') {
100
+ const resolvedPath = validatePathExists(baseDir, userPath);
101
+
102
+ logger.debug('Reading file', { resolvedPath, userPath });
103
+
104
+ return fs.readFileSync(resolvedPath, encoding);
105
+ }
106
+
107
+ /**
108
+ * Get relative path from base, with validation
109
+ * @param {string} baseDir - Base directory
110
+ * @param {string} fullPath - Full path to convert
111
+ * @returns {string} - Relative path or throws if outside base
112
+ */
113
+ function toRelativePath(baseDir, fullPath) {
114
+ const resolvedFull = path.resolve(fullPath);
115
+ const resolvedBase = path.resolve(baseDir);
116
+
117
+ if (!isPathSafe(baseDir, resolvedFull)) {
118
+ throw new Error(`Path outside base: ${fullPath}`);
119
+ }
120
+
121
+ return path.relative(resolvedBase, resolvedFull);
122
+ }
123
+
124
+ module.exports = {
125
+ normalizePath,
126
+ isPathSafe,
127
+ validatePathExists,
128
+ safeReadFile,
129
+ toRelativePath
130
+ };