@howlil/ez-agents 3.4.1 → 3.5.0

package/ez-agents/bin/lib/timeout-exec.cjs

@@ -1,63 +1,63 @@
-#!/usr/bin/env node
-
-/**
- * EZ Timeout Exec — Command execution with timeout and fallback
- * 
- * Provides safe command execution with configurable timeout
- * Logs errors and supports fallback values
- * 
- * Usage:
- *   const { execWithTimeout } = require('./timeout-exec.cjs');
- *   const result = await execWithTimeout('node', ['script.js'], { timeout: 5000, fallback: 'default' });
- */
-
-const { execFile } = require('child_process');
-const { promisify } = require('util');
-const execFileAsync = promisify(execFile);
-const Logger = require('./logger.cjs');
-const logger = new Logger();
-
-const DEFAULT_TIMEOUT = 5000; // 5 seconds
-
-/**
- * Execute a command with timeout
- * @param {string} cmd - Command to execute
- * @param {string[]} args - Command arguments
- * @param {Object} options - Execution options
- * @param {number} options.timeout - Timeout in milliseconds (default: 5000)
- * @param {any} options.fallback - Fallback value if command fails or times out
- * @returns {Promise<string>} - Command stdout or fallback value
- */
-async function execWithTimeout(cmd, args, options = {}) {
-  const { timeout = DEFAULT_TIMEOUT, fallback = null } = options;
-  const hasFallback = Object.prototype.hasOwnProperty.call(options, 'fallback');
-  
-  return new Promise(async (resolve, reject) => {
-    const timeoutId = setTimeout(() => {
-      logger.error(`Command timed out: ${cmd} ${args.join(' ')}`, { timeout });
-      if (hasFallback) {
-        logger.info('Using fallback value', { fallback });
-        resolve(fallback);
-      } else {
-        reject(new Error(`Command timed out after ${timeout}ms: ${cmd}`));
-      }
-    }, timeout);
-
-    try {
-      const result = await execFileAsync(cmd, args, { timeout });
-      clearTimeout(timeoutId);
-      resolve(result.stdout.trim());
-    } catch (err) {
-      clearTimeout(timeoutId);
-      logger.error(`Command failed: ${cmd}`, { error: err.message, args });
-      if (hasFallback) {
-        logger.info('Using fallback value', { fallback });
-        resolve(fallback);
-      } else {
-        reject(err);
-      }
-    }
-  });
-}
-
-module.exports = { execWithTimeout };
+#!/usr/bin/env node
+
+/**
+ * EZ Timeout Exec — Command execution with timeout and fallback
+ * 
+ * Provides safe command execution with configurable timeout
+ * Logs errors and supports fallback values
+ * 
+ * Usage:
+ *   const { execWithTimeout } = require('./timeout-exec.cjs');
+ *   const result = await execWithTimeout('node', ['script.js'], { timeout: 5000, fallback: 'default' });
+ */
+
+const { execFile } = require('child_process');
+const { promisify } = require('util');
+const execFileAsync = promisify(execFile);
+const Logger = require('./logger.cjs');
+const logger = new Logger();
+
+const DEFAULT_TIMEOUT = 5000; // 5 seconds
+
+/**
+ * Execute a command with timeout
+ * @param {string} cmd - Command to execute
+ * @param {string[]} args - Command arguments
+ * @param {Object} options - Execution options
+ * @param {number} options.timeout - Timeout in milliseconds (default: 5000)
+ * @param {any} options.fallback - Fallback value if command fails or times out
+ * @returns {Promise<string>} - Command stdout or fallback value
+ */
+async function execWithTimeout(cmd, args, options = {}) {
+  const { timeout = DEFAULT_TIMEOUT, fallback = null } = options;
+  const hasFallback = Object.prototype.hasOwnProperty.call(options, 'fallback');
+  
+  return new Promise(async (resolve, reject) => {
+    const timeoutId = setTimeout(() => {
+      logger.error(`Command timed out: ${cmd} ${args.join(' ')}`, { timeout });
+      if (hasFallback) {
+        logger.info('Using fallback value', { fallback });
+        resolve(fallback);
+      } else {
+        reject(new Error(`Command timed out after ${timeout}ms: ${cmd}`));
+      }
+    }, timeout);
+
+    try {
+      const result = await execFileAsync(cmd, args, { timeout });
+      clearTimeout(timeoutId);
+      resolve(result.stdout.trim());
+    } catch (err) {
+      clearTimeout(timeoutId);
+      logger.error(`Command failed: ${cmd}`, { error: err.message, args });
+      if (hasFallback) {
+        logger.info('Using fallback value', { fallback });
+        resolve(fallback);
+      } else {
+        reject(err);
+      }
+    }
+  });
+}
+
+module.exports = { execWithTimeout };

package/ez-agents/bin/lib/url-fetch.cjs

@@ -0,0 +1,170 @@
+#!/usr/bin/env node
+
+/**
+ * URL Fetch Service
+ *
+ * Provides secure URL fetching with HTTPS validation and user confirmation.
+ * Only HTTPS URLs are allowed. HTTP, file, data, javascript, and vbscript protocols are blocked.
+ */
+
+const { URL } = require('url');
+const { URLFetchError } = require('./context-errors.cjs');
+
+const DEFAULT_TIMEOUT = 30000; // 30 seconds
+const BLOCKED_PROTOCOLS = ['http:', 'file:', 'data:', 'javascript:', 'vbscript:'];
+
+class URLValidator {
+  /**
+   * Validate a URL string
+   * @param {string} urlString - The URL to validate
+   * @returns {{valid: boolean, error?: string}} - Validation result
+   */
+  static validate(urlString) {
+    if (!urlString || typeof urlString !== 'string') {
+      return { valid: false, error: 'URL is required' };
+    }
+
+    try {
+      const url = new URL(urlString);
+
+      // Check protocol
+      if (url.protocol !== 'https:') {
+        if (BLOCKED_PROTOCOLS.includes(url.protocol)) {
+          return { 
+            valid: false, 
+            error: `Protocol '${url.protocol}' is not allowed. Only HTTPS is permitted.` 
+          };
+        }
+        return { 
+          valid: false, 
+          error: `Invalid protocol '${url.protocol}'. Only HTTPS is allowed.` 
+        };
+      }
+
+      // Check hostname exists
+      if (!url.hostname || url.hostname.trim() === '') {
+        return { valid: false, error: 'Invalid URL: missing hostname' };
+      }
+
+      // Reject localhost URLs
+      if (url.hostname === 'localhost' || 
+          url.hostname === '127.0.0.1' || 
+          url.hostname === '::1' ||
+          url.hostname.endsWith('.localhost')) {
+        return { 
+          valid: false, 
+          error: 'Localhost URLs are not allowed. Use a publicly accessible HTTPS URL.' 
+        };
+      }
+
+      return { valid: true };
+    } catch (err) {
+      return { 
+        valid: false, 
+        error: `Invalid URL format: ${err.message}` 
+      };
+    }
+  }
+}
+
+class URLFetchService {
+  /**
+   * Create a new URLFetchService instance
+   * @param {number} timeout - Request timeout in milliseconds (default: 30000)
+   */
+  constructor(timeout = DEFAULT_TIMEOUT) {
+    this.timeout = timeout;
+  }
+
+  /**
+   * Validate a URL
+   * @param {string} urlString - The URL to validate
+   * @returns {{valid: boolean, error?: string}} - Validation result
+   */
+  validateUrl(urlString) {
+    return URLValidator.validate(urlString);
+  }
+
+  /**
+   * Fetch content from a URL
+   * @param {string} url - The URL to fetch
+   * @returns {{content: string, contentType: string}} - Fetched content
+   * @throws {URLFetchError} - On fetch errors
+   */
+  async fetchUrl(url) {
+    // Validate URL first
+    const validation = this.validateUrl(url);
+    if (!validation.valid) {
+      throw new URLFetchError(url, validation.error);
+    }
+
+    try {
+      // Create abort controller for timeout
+      const controller = new AbortController();
+      const timeoutId = setTimeout(() => controller.abort(), this.timeout);
+
+      const response = await fetch(url, {
+        headers: {
+          'User-Agent': 'ez-agents/1.0'
+        },
+        signal: controller.signal,
+        redirect: 'follow'
+      });
+
+      clearTimeout(timeoutId);
+
+      // Check for HTTP errors
+      if (!response.ok) {
+        throw new URLFetchError(
+          url, 
+          `HTTP ${response.status}: ${response.statusText}`
+        );
+      }
+
+      // Get content type
+      const contentType = response.headers.get('content-type') || 'text/plain';
+
+      // Get content
+      const content = await response.text();
+
+      return {
+        content,
+        contentType
+      };
+    } catch (err) {
+      if (err.name === 'AbortError') {
+        throw new URLFetchError(url, `Request timeout after ${this.timeout}ms`);
+      }
+      
+      if (err.name === 'URLFetchError') {
+        throw err;
+      }
+
+      throw new URLFetchError(url, `Network error: ${err.message}`);
+    }
+  }
+
+  /**
+   * Prompt user for confirmation before fetching a URL
+   * @param {string} url - The URL to fetch
+   * @returns {Promise<boolean>} - True if user confirmed
+   */
+  static async confirmUrlFetch(url) {
+    const readline = require('readline');
+    
+    return new Promise((resolve) => {
+      const rl = readline.createInterface({
+        input: process.stdin,
+        output: process.stdout
+      });
+
+      rl.question(`Fetch ${url}? (y/n): `, (answer) => {
+        rl.close();
+        resolve(answer.toLowerCase() === 'y');
+      });
+    });
+  }
+}
+
+module.exports = URLFetchService;
+module.exports.URLValidator = URLValidator;

package/ez-agents/bin/lib/verify.cjs

@@ -270,11 +270,25 @@ async function cmdVerifyCommits(cwd, hashes, raw) {
   const valid = [];
   const invalid = [];
   for (const hash of hashes) {
+    // Use git cat-file -t which supports both short and full hashes
+    // First try with the hash as-is (works for both short and full)
     const result = await execGit(cwd, ['cat-file', '-t', hash]);
     if (result.exitCode === 0 && result.stdout.trim() === 'commit') {
       valid.push(hash);
     } else {
-      invalid.push(hash);
+      // If that fails, try to resolve to full hash first
+      const resolveResult = await execGit(cwd, ['rev-parse', hash]);
+      if (resolveResult.exitCode === 0) {
+        const fullHash = resolveResult.stdout.trim();
+        const result2 = await execGit(cwd, ['cat-file', '-t', fullHash]);
+        if (result2.exitCode === 0 && result2.stdout.trim() === 'commit') {
+          valid.push(hash);
+        } else {
+          invalid.push(hash);
+        }
+      } else {
+        invalid.push(hash);
+      }
     }
   }