npm - @ian2018cs/agenthub - Versions diffs - 0.1.5 → 0.1.6 - Mend

@ian2018cs/agenthub 0.1.5 → 0.1.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/package.json +1 -1
package/server/routes/skills.js +63 -4

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@ian2018cs/agenthub",
-  "version": "0.1.5",
+  "version": "0.1.6",
   "description": "A web-based UI for AI Agents",
   "type": "module",
   "main": "server/index.js",

package/server/routes/skills.js CHANGED Viewed

@@ -13,7 +13,7 @@ const router = express.Router();
 const SKILL_NAME_REGEX = /^[a-zA-Z0-9_-]{1,100}$/;
 // Trusted git hosting domains
-const TRUSTED_GIT_HOSTS = ['github.com', 'gitlab.com', 'bitbucket.org'];
+const TRUSTED_GIT_HOSTS = ['github.com', 'gitlab.com', 'bitbucket.org', 'git.amberweather.com'];
 // Configure multer for zip file uploads
 const upload = multer({
@@ -84,6 +84,30 @@ async function isValidSkill(skillPath) {
   }
 }
+/**
+ * Check if URL is SSH format (git@host:path)
+ */
+function isSshUrl(url) {
+  return /^[a-zA-Z0-9_-]+@[a-zA-Z0-9.-]+:.+$/.test(url);
+}
+/**
+ * Parse SSH URL format (git@host:owner/repo.git)
+ */
+function parseSshUrl(url) {
+  const match = url.match(/^[a-zA-Z0-9_-]+@([a-zA-Z0-9.-]+):(.+)$/);
+  if (!match) return null;
+  const host = match[1].toLowerCase();
+  const pathPart = match[2].replace(/\.git$/, '');
+  const pathParts = pathPart.split('/');
+  if (pathParts.length >= 2) {
+    return { host, owner: pathParts[0], repo: pathParts[1] };
+  }
+  return { host, owner: null, repo: null };
+}
 /**
  * Validate GitHub URL
  */
@@ -92,6 +116,23 @@ function validateGitUrl(url) {
     return { valid: false, error: 'Repository URL is required' };
   }
+  // Handle SSH format: git@host:owner/repo.git
+  if (isSshUrl(url)) {
+    const parsed = parseSshUrl(url);
+    if (!parsed) {
+      return { valid: false, error: 'Invalid SSH URL format' };
+    }
+    if (!TRUSTED_GIT_HOSTS.includes(parsed.host)) {
+      return {
+        valid: false,
+        error: `Only trusted git hosts are allowed: ${TRUSTED_GIT_HOSTS.join(', ')}`
+      };
+    }
+    return { valid: true, isSsh: true };
+  }
   let parsedUrl;
   try {
     parsedUrl = new URL(url);
@@ -99,11 +140,20 @@ function validateGitUrl(url) {
     return { valid: false, error: 'Invalid URL format' };
   }
-  if (parsedUrl.protocol !== 'https:') {
-    return { valid: false, error: 'Only HTTPS URLs are allowed' };
+  const host = parsedUrl.hostname.toLowerCase();
+  const allowedProtocols = ['https:', 'http:'];
+  // Allow http protocol only for git.amberweather.com
+  if (host === 'git.amberweather.com') {
+    if (!allowedProtocols.includes(parsedUrl.protocol)) {
+      return { valid: false, error: 'Only HTTPS or HTTP URLs are allowed for this host' };
+    }
+  } else {
+    if (parsedUrl.protocol !== 'https:') {
+      return { valid: false, error: 'Only HTTPS URLs are allowed' };
+    }
   }
-  const host = parsedUrl.hostname.toLowerCase();
   if (!TRUSTED_GIT_HOSTS.includes(host)) {
     return {
       valid: false,
@@ -118,6 +168,15 @@ function validateGitUrl(url) {
  * Extract owner and repo from git URL
  */
 function parseGitUrl(url) {
+  // Handle SSH format
+  if (isSshUrl(url)) {
+    const parsed = parseSshUrl(url);
+    if (parsed && parsed.owner && parsed.repo) {
+      return { owner: parsed.owner, repo: parsed.repo };
+    }
+    return null;
+  }
   const parsedUrl = new URL(url);
   const pathParts = parsedUrl.pathname.replace(/^\//, '').replace(/\.git$/, '').split('/');
   if (pathParts.length >= 2) {