npm - @jagilber-org/index-server - Versions diffs - 1.22.1 → 1.26.4 - Mend

@jagilber-org/index-server 1.22.1 → 1.26.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (190) hide show

package/CHANGELOG.md +91 -2
package/CODE_OF_CONDUCT.md +2 -0
package/CONTRIBUTING.md +32 -2
package/README.md +82 -19
package/SECURITY.md +17 -5
package/dist/config/dashboardConfig.d.ts +3 -0
package/dist/config/dashboardConfig.js +3 -0
package/dist/config/defaultValues.d.ts +1 -1
package/dist/config/defaultValues.js +1 -1
package/dist/config/featureConfig.d.ts +2 -0
package/dist/config/featureConfig.js +6 -1
package/dist/config/runtimeConfig.d.ts +1 -1
package/dist/config/runtimeConfig.js +8 -9
package/dist/dashboard/client/admin.html +170 -53
package/dist/dashboard/client/css/admin.css +132 -0
package/dist/dashboard/client/js/admin.auth.js +25 -11
package/dist/dashboard/client/js/admin.config.js +1 -1
package/dist/dashboard/client/js/admin.feedback.js +328 -0
package/dist/dashboard/client/js/admin.graph.js +120 -18
package/dist/dashboard/client/js/admin.instructions.js +27 -13
package/dist/dashboard/client/js/admin.logs.js +1 -5
package/dist/dashboard/client/js/admin.maintenance.js +53 -8
package/dist/dashboard/client/js/admin.messaging.js +1 -4
package/dist/dashboard/client/js/admin.overview.js +5 -1
package/dist/dashboard/client/js/admin.sessions.js +1 -1
package/dist/dashboard/client/js/admin.utils.js +43 -1
package/dist/dashboard/client/js/mermaid.min.js +813 -537
package/dist/dashboard/export/DataExporter.js +2 -1
package/dist/dashboard/server/AdminPanel.d.ts +3 -0
package/dist/dashboard/server/AdminPanel.js +132 -35
package/dist/dashboard/server/ApiRoutes.js +40 -9
package/dist/dashboard/server/DashboardServer.js +1 -1
package/dist/dashboard/server/FileMetricsStorage.d.ts +19 -0
package/dist/dashboard/server/FileMetricsStorage.js +52 -5
package/dist/dashboard/server/HttpTransport.js +6 -0
package/dist/dashboard/server/InstanceManager.js +7 -2
package/dist/dashboard/server/KnowledgeStore.js +7 -2
package/dist/dashboard/server/MetricsCollector.d.ts +16 -0
package/dist/dashboard/server/MetricsCollector.js +113 -17
package/dist/dashboard/server/legacyDashboardHtml.js +7 -2
package/dist/dashboard/server/middleware/ensureLoadedMiddleware.d.ts +1 -1
package/dist/dashboard/server/middleware/ensureLoadedMiddleware.js +8 -3
package/dist/dashboard/server/routes/admin.feedback.routes.d.ts +15 -0
package/dist/dashboard/server/routes/admin.feedback.routes.js +188 -0
package/dist/dashboard/server/routes/admin.routes.js +35 -27
package/dist/dashboard/server/routes/alerts.routes.js +4 -3
package/dist/dashboard/server/routes/api.feedback.routes.js +2 -1
package/dist/dashboard/server/routes/api.usage.routes.js +8 -7
package/dist/dashboard/server/routes/embeddings.routes.d.ts +2 -1
package/dist/dashboard/server/routes/embeddings.routes.js +18 -9
package/dist/dashboard/server/routes/graph.routes.js +10 -13
package/dist/dashboard/server/routes/index.d.ts +1 -0
package/dist/dashboard/server/routes/index.js +74 -39
package/dist/dashboard/server/routes/instances.routes.js +2 -1
package/dist/dashboard/server/routes/instructions.routes.js +46 -27
package/dist/dashboard/server/routes/knowledge.routes.js +4 -3
package/dist/dashboard/server/routes/logs.routes.js +5 -4
package/dist/dashboard/server/routes/messaging.routes.js +15 -14
package/dist/dashboard/server/routes/metrics.routes.js +14 -13
package/dist/dashboard/server/routes/scripts.routes.js +6 -3
package/dist/dashboard/server/routes/status.routes.js +5 -4
package/dist/dashboard/server/routes/synthetic.routes.js +3 -2
package/dist/dashboard/server/routes/usage.routes.js +2 -1
package/dist/dashboard/server/utils/escapeHtml.d.ts +1 -0
package/dist/dashboard/server/utils/escapeHtml.js +11 -0
package/dist/dashboard/server/utils/pathContainment.d.ts +1 -0
package/dist/dashboard/server/utils/pathContainment.js +15 -0
package/dist/dashboard/server/wsInit.js +2 -2
package/dist/lib/mcpStdioLogging.d.ts +165 -0
package/dist/lib/mcpStdioLogging.js +287 -0
package/dist/schemas/index.d.ts +37 -2
package/dist/schemas/index.js +27 -3
package/dist/server/backgroundServicesStartup.d.ts +7 -1
package/dist/server/backgroundServicesStartup.js +25 -8
package/dist/server/certInit.d.ts +97 -0
package/dist/server/certInit.js +359 -0
package/dist/server/certInit.types.d.ts +92 -0
package/dist/server/certInit.types.js +34 -0
package/dist/server/handshake/fallbackFrames.d.ts +31 -0
package/dist/server/handshake/fallbackFrames.js +38 -0
package/dist/server/handshake/initializeDetector.d.ts +31 -0
package/dist/server/handshake/initializeDetector.js +88 -0
package/dist/server/handshake/protocol.d.ts +15 -0
package/dist/server/handshake/protocol.js +37 -0
package/dist/server/handshake/readyEmitter.d.ts +6 -0
package/dist/server/handshake/readyEmitter.js +88 -0
package/dist/server/handshake/safetyFallbacks.d.ts +1 -0
package/dist/server/handshake/safetyFallbacks.js +134 -0
package/dist/server/handshake/stdinSniffer.d.ts +1 -0
package/dist/server/handshake/stdinSniffer.js +260 -0
package/dist/server/handshake/tracing.d.ts +16 -0
package/dist/server/handshake/tracing.js +95 -0
package/dist/server/handshakeManager.d.ts +23 -23
package/dist/server/handshakeManager.js +36 -466
package/dist/server/index-server.d.ts +23 -0
package/dist/server/index-server.js +194 -9
package/dist/server/mcpReadOnlySurfaces.d.ts +44 -0
package/dist/server/mcpReadOnlySurfaces.js +297 -0
package/dist/server/sdkServer.js +69 -7
package/dist/server/transport.d.ts +5 -6
package/dist/server/transport.js +46 -64
package/dist/server/transportFactory.d.ts +3 -9
package/dist/server/transportFactory.js +18 -380
package/dist/services/atomicFs.d.ts +3 -0
package/dist/services/atomicFs.js +171 -13
package/dist/services/auditLog.d.ts +17 -2
package/dist/services/auditLog.js +75 -14
package/dist/services/bootstrapGating.js +1 -1
package/dist/services/categoryRules.d.ts +10 -0
package/dist/services/categoryRules.js +17 -0
package/dist/services/classificationService.js +7 -5
package/dist/services/embeddingService.d.ts +27 -11
package/dist/services/embeddingService.js +51 -14
package/dist/services/feedbackStorage.d.ts +39 -0
package/dist/services/feedbackStorage.js +88 -0
package/dist/services/handlers/instructions.add.js +429 -317
package/dist/services/handlers/instructions.groom.js +128 -31
package/dist/services/handlers/instructions.import.js +56 -23
package/dist/services/handlers/instructions.patch.js +43 -32
package/dist/services/handlers/instructions.query.js +20 -29
package/dist/services/handlers/instructions.shared.d.ts +54 -0
package/dist/services/handlers/instructions.shared.js +126 -1
package/dist/services/handlers.activation.js +83 -81
package/dist/services/handlers.dashboardConfig.d.ts +2 -2
package/dist/services/handlers.dashboardConfig.js +1 -2
package/dist/services/handlers.diagnostics.js +75 -54
package/dist/services/handlers.feedback.d.ts +4 -11
package/dist/services/handlers.feedback.js +11 -333
package/dist/services/handlers.gates.js +69 -37
package/dist/services/handlers.graph.js +2 -2
package/dist/services/handlers.help.js +2 -2
package/dist/services/handlers.instructionSchema.js +4 -2
package/dist/services/handlers.integrity.js +42 -22
package/dist/services/handlers.messaging.js +1 -1
package/dist/services/handlers.metrics.js +51 -6
package/dist/services/handlers.prompt.js +10 -2
package/dist/services/handlers.search.js +94 -44
package/dist/services/handlers.trace.js +1 -1
package/dist/services/handlers.usage.js +38 -7
package/dist/services/indexContext.d.ts +21 -1
package/dist/services/indexContext.js +263 -78
package/dist/services/indexLoader.d.ts +1 -0
package/dist/services/indexLoader.js +28 -8
package/dist/services/instructionRecordValidation.d.ts +39 -0
package/dist/services/instructionRecordValidation.js +388 -0
package/dist/services/instructions.dispatcher.js +4 -4
package/dist/services/loaderSchemaValidator.d.ts +15 -0
package/dist/services/loaderSchemaValidator.js +69 -0
package/dist/services/logger.js +11 -2
package/dist/services/mcpLogBridge.d.ts +49 -0
package/dist/services/mcpLogBridge.js +83 -0
package/dist/services/ownershipService.js +18 -8
package/dist/services/performanceBaseline.js +23 -22
package/dist/services/promptReviewService.d.ts +3 -1
package/dist/services/promptReviewService.js +41 -13
package/dist/services/regexSafety.d.ts +6 -0
package/dist/services/regexSafety.js +46 -0
package/dist/services/seedBootstrap.js +1 -1
package/dist/services/storage/factory.d.ts +14 -1
package/dist/services/storage/factory.js +61 -1
package/dist/services/storage/jsonEmbeddingStore.d.ts +15 -0
package/dist/services/storage/jsonEmbeddingStore.js +83 -0
package/dist/services/storage/jsonFileStore.d.ts +3 -1
package/dist/services/storage/jsonFileStore.js +8 -6
package/dist/services/storage/migrationEngine.d.ts +13 -0
package/dist/services/storage/migrationEngine.js +31 -0
package/dist/services/storage/sqliteEmbeddingStore.d.ts +30 -0
package/dist/services/storage/sqliteEmbeddingStore.js +222 -0
package/dist/services/storage/sqliteStore.d.ts +3 -1
package/dist/services/storage/sqliteStore.js +2 -2
package/dist/services/storage/types.d.ts +48 -1
package/dist/services/toolRegistry.js +77 -67
package/dist/services/toolRegistry.zod.js +89 -86
package/dist/services/tracing.js +5 -4
package/dist/utils/envUtils.d.ts +4 -0
package/dist/utils/envUtils.js +7 -0
package/dist/utils/memoryMonitor.js +11 -10
package/package.json +12 -4
package/schemas/instruction.schema.json +38 -1
package/scripts/copy-dashboard-assets.mjs +1 -1
package/scripts/dist/README.md +1 -1
package/scripts/generate-certs.mjs +201 -0
package/scripts/setup-wizard.mjs +781 -0
package/server.json +20 -0
package/dist/externalClientLib.d.ts +0 -1
package/dist/externalClientLib.js +0 -2
package/dist/portableClientWrapper.d.ts +0 -1
package/dist/portableClientWrapper.js +0 -2
package/dist/services/indexingService.d.ts +0 -1
package/dist/services/indexingService.js +0 -2

package/scripts/generate-certs.mjs ADDED Viewed

@@ -0,0 +1,201 @@
+#!/usr/bin/env node
+/**
+ * generate-certs.mjs — Generate self-signed TLS certificates for Index Server.
+ *
+ * Creates a CA + server certificate pair in ./certs/ for HTTPS dashboard access.
+ * For production, replace with certificates from a real CA.
+ *
+ * Usage:
+ *   node scripts/generate-certs.mjs [--hostname <name>] [--days <n>] [--output <dir>]
+ */
+import { execFileSync } from 'child_process';
+import fs from 'fs';
+import path from 'path';
+import { fileURLToPath } from 'url';
+const __dirname = path.dirname(fileURLToPath(import.meta.url));
+const ROOT = path.resolve(__dirname, '..');
+function parseArgs() {
+  const args = process.argv.slice(2);
+  const config = {
+    hostname: 'localhost',
+    days: 365,
+    outputDir: path.join(ROOT, 'certs'),
+    keySize: 4096,
+  };
+  for (let i = 0; i < args.length; i++) {
+    if (args[i] === '--hostname' && args[i + 1]) config.hostname = args[++i];
+    else if (args[i] === '--days' && args[i + 1]) config.days = parseInt(args[++i], 10);
+    else if (args[i] === '--output' && args[i + 1]) config.outputDir = path.resolve(args[++i]);
+    else if (args[i] === '--key-size' && args[i + 1]) config.keySize = parseInt(args[++i], 10);
+    else if (args[i] === '--help') {
+      console.log(`Usage: generate-certs.mjs [options]
+  --hostname <name>  Server hostname (default: localhost)
+  --days <n>         Certificate validity in days (default: 365)
+  --output <dir>     Output directory (default: ./certs)
+  --key-size <bits>  RSA key size (default: 4096)`);
+      process.exit(0);
+    }
+  }
+  return config;
+}
+const WELL_KNOWN_OPENSSL_DIRS = [
+  'C:\\Program Files\\Git\\usr\\bin',
+  'C:\\Program Files (x86)\\Git\\usr\\bin',
+  'C:\\Program Files\\OpenSSL-Win64\\bin',
+  'C:\\Program Files\\OpenSSL\\bin',
+];
+function checkOpenssl() {
+  try {
+    execFileSync('openssl', ['version'], { stdio: 'pipe' });
+    return true;
+  } catch {
+    // Try well-known paths on Windows
+    for (const dir of WELL_KNOWN_OPENSSL_DIRS) {
+      const exe = path.join(dir, 'openssl.exe');
+      if (fs.existsSync(exe)) {
+        console.log(`ℹ️  Found OpenSSL at: ${dir}`);
+        process.env.PATH = `${dir}${path.delimiter}${process.env.PATH}`;
+        return true;
+      }
+    }
+    return false;
+  }
+}
+function runOpenSsl(args, options = {}) {
+  execFileSync('openssl', args, { stdio: 'pipe', ...options });
+}
+function generateCerts(config) {
+  const { hostname, days, outputDir, keySize } = config;
+  // Validate hostname to prevent command injection via -subj parameter
+  if (!/^[a-zA-Z0-9._-]+$/.test(hostname)) {
+    console.error(`❌ Invalid hostname: "${hostname}". Only alphanumeric, dots, hyphens, and underscores allowed.`);
+    process.exit(1);
+  }
+  if (!Number.isInteger(days) || days < 1 || days > 3650) {
+    console.error(`❌ Invalid days value: "${days}". Expected an integer between 1 and 3650.`);
+    process.exit(1);
+  }
+  if (!Number.isInteger(keySize) || ![2048, 3072, 4096].includes(keySize)) {
+    console.error(`❌ Invalid key size: "${keySize}". Allowed values: 2048, 3072, 4096.`);
+    process.exit(1);
+  }
+  // Ensure output directory exists
+  fs.mkdirSync(outputDir, { recursive: true });
+  const caKeyPath = path.join(outputDir, 'ca.key');
+  const caCertPath = path.join(outputDir, 'ca.crt');
+  const serverKeyPath = path.join(outputDir, 'server.key');
+  const serverCsrPath = path.join(outputDir, 'server.csr');
+  const serverCertPath = path.join(outputDir, 'server.crt');
+  const extPath = path.join(outputDir, 'server.ext');
+  const cnfPath = path.join(outputDir, 'openssl.cnf');
+  console.log(`\n🔐 Generating TLS certificates for: ${hostname}`);
+  console.log(`   Output: ${outputDir}`);
+  console.log(`   Validity: ${days} days`);
+  console.log(`   Key size: ${keySize} bits\n`);
+  // Create a minimal openssl config to avoid system config issues (Windows compat)
+  const cnfContent = `[req]
+distinguished_name = req_dn
+prompt = no
+[req_dn]
+C = US
+ST = Dev
+L = Local
+O = IndexServer
+`;
+  fs.writeFileSync(cnfPath, cnfContent, 'utf8');
+  const cnfEnv = { ...process.env, OPENSSL_CONF: cnfPath };
+  // Step 1: Generate CA private key
+  console.log('1/5 Generating CA private key...');
+  runOpenSsl(['genrsa', '-out', caKeyPath, String(keySize)], { env: cnfEnv });
+  // Step 2: Generate CA certificate
+  console.log('2/5 Generating CA certificate...');
+  runOpenSsl([
+    'req', '-x509', '-new', '-nodes', '-key', caKeyPath, '-sha256', '-days', String(days),
+    '-subj', '/C=US/ST=Dev/L=Local/O=IndexServer/OU=Dev/CN=IndexServerCA',
+    '-config', cnfPath, '-out', caCertPath,
+  ], { env: cnfEnv });
+  // Step 3: Generate server private key
+  console.log('3/5 Generating server private key...');
+  runOpenSsl(['genrsa', '-out', serverKeyPath, String(keySize)], { env: cnfEnv });
+  // Step 4: Generate server CSR
+  console.log('4/5 Generating server CSR...');
+  runOpenSsl([
+    'req', '-new', '-key', serverKeyPath,
+    '-subj', `/C=US/ST=Dev/L=Local/O=IndexServer/OU=Server/CN=${hostname}`,
+    '-config', cnfPath, '-out', serverCsrPath,
+  ], { env: cnfEnv });
+  // Step 5: Create extensions file and sign server cert
+  console.log('5/5 Signing server certificate...');
+  const extContent = `authorityKeyIdentifier=keyid,issuer
+basicConstraints=CA:FALSE
+keyUsage=digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment
+subjectAltName=@alt_names
+[alt_names]
+DNS.1=${hostname}
+DNS.2=*.${hostname}
+IP.1=127.0.0.1
+IP.2=::1`;
+  fs.writeFileSync(extPath, extContent, 'utf8');
+  runOpenSsl([
+    'x509', '-req', '-in', serverCsrPath, '-CA', caCertPath, '-CAkey', caKeyPath,
+    '-CAcreateserial', '-out', serverCertPath, '-days', String(days), '-sha256', '-extfile', extPath,
+  ], { env: cnfEnv });
+  // Cleanup intermediate files
+  try { fs.unlinkSync(serverCsrPath); } catch { /* ok */ }
+  try { fs.unlinkSync(extPath); } catch { /* ok */ }
+  try { fs.unlinkSync(cnfPath); } catch { /* ok */ }
+  try { fs.unlinkSync(path.join(outputDir, 'ca.srl')); } catch { /* ok */ }
+  // Set restrictive permissions on private keys
+  try {
+    fs.chmodSync(caKeyPath, 0o600);
+    fs.chmodSync(serverKeyPath, 0o600);
+  } catch { /* Windows doesn't support chmod */ }
+  console.log('\n✅ TLS certificates generated successfully:');
+  console.log(`   CA cert:     ${caCertPath}`);
+  console.log(`   Server cert: ${serverCertPath}`);
+  console.log(`   Server key:  ${serverKeyPath}`);
+  console.log(`   CA key:      ${caKeyPath}`);
+  console.log('\nTo use with Docker:');
+  console.log('  docker compose --profile tls up -d');
+  console.log('\nTo use standalone:');
+  console.log(`  INDEX_SERVER_DASHBOARD_TLS=1 \\`);
+  console.log(`  INDEX_SERVER_DASHBOARD_TLS_CERT=${serverCertPath} \\`);
+  console.log(`  INDEX_SERVER_DASHBOARD_TLS_KEY=${serverKeyPath} \\`);
+  console.log('  node dist/server/index-server.js --dashboard');
+}
+// Main
+const config = parseArgs();
+if (!checkOpenssl()) {
+  console.error('❌ OpenSSL is not installed or not in PATH.');
+  console.error('   Install OpenSSL and try again.');
+  console.error('   Options:');
+  console.error('   - Install Git for Windows (includes OpenSSL): https://git-scm.com/download/win');
+  console.error('   - Install OpenSSL directly: https://slproweb.com/products/Win32OpenSSL.html');
+  console.error('   - On Linux/macOS: sudo apt install openssl / brew install openssl');
+  process.exit(1);
+}
+generateCerts(config);