npm - @js-eyes/protocol - Versions diffs - 2.6.0 → 2.6.2 - Mend

@js-eyes/protocol 2.6.0 → 2.6.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

package/skill-runner.js ADDED Viewed

@@ -0,0 +1,48 @@
+'use strict';
+// skill-runner: launches a sub-skill's own Node CLI entry.
+//
+// Kept out of skills.js so the only `child_process` call in @js-eyes/protocol
+// that lives on skills.js's transitive imports is safe-npm.js (which has its
+// own hardening). This module MUST NOT import `ws`, `http`, `https`, `net`,
+// or any network helper — the invariant is enforced by
+// test/import-boundaries.test.js.
+//
+// Contract:
+//   * `process.execPath` is the argv[0] — we never invoke a shell;
+//   * argv entries are forwarded verbatim from the caller; spawnSync is
+//     always called with `shell: false` and `windowsHide: true`;
+//   * the caller's env is inherited (extended with `JS_EYES_SKILL_DIR`).
+//     Unlike safe-npm we do not filter env here because the skill CLI
+//     legitimately needs the full environment — sub-skills are on-disk code
+//     the operator has already linked/approved via the integrity workflow.
+//
+// See SECURITY_SCAN_NOTES.md ("Shell command execution").
+const fs = require('fs');
+const path = require('path');
+const { spawnSync } = require('child_process');
+function runSkillCli(options) {
+  const { skillDir, argv = [], stdio = 'inherit', env = process.env } = options;
+  if (!skillDir || typeof skillDir !== 'string') {
+    throw new TypeError('runSkillCli: skillDir is required');
+  }
+  const { normalizeSkillMetadata } = require('./skills');
+  const skill = normalizeSkillMetadata(skillDir);
+  if (!fs.existsSync(skill.cliEntry)) {
+    throw new Error(`技能 ${skill.id} 缺少 CLI 入口: ${skill.cliEntry}`);
+  }
+  return spawnSync(process.execPath, [skill.cliEntry, ...argv], {
+    cwd: skillDir,
+    env: { ...env, JS_EYES_SKILL_DIR: skillDir },
+    stdio,
+    shell: false,
+    windowsHide: true,
+    encoding: stdio === 'pipe' ? 'utf8' : undefined,
+  });
+}
+module.exports = { runSkillCli };

package/skills.js CHANGED Viewed

@@ -4,23 +4,15 @@ const crypto = require('crypto');
 const fs = require('fs');
 const os = require('os');
 const path = require('path');
-const { spawnSync } = require('child_process');
 const { extractZipBuffer } = require('./zip-extract');
+const { ensureDir, readJson, safeStat } = require('./fs-io');
+const { getOpenClawConfigPath } = require('./openclaw-paths');
+const safeNpm = require('./safe-npm');
 const SKILL_CONTRACT_FILE = 'skill.contract.js';
 const INTEGRITY_FILE = '.integrity.json';
 const INSTALL_MANIFEST_FILE = 'skills-install.json';
-function ensureDir(dir) {
-  fs.mkdirSync(dir, { recursive: true });
-  return dir;
-}
-function readJson(filePath) {
-  if (!fs.existsSync(filePath)) return null;
-  return JSON.parse(fs.readFileSync(filePath, 'utf8'));
-}
 function loadSkillContract(skillDir) {
   const contractPath = path.resolve(skillDir, SKILL_CONTRACT_FILE);
   if (!fs.existsSync(contractPath)) return null;
@@ -32,14 +24,6 @@ function hasSkillContract(skillDir) {
   return fs.existsSync(path.join(skillDir, SKILL_CONTRACT_FILE));
 }
-function safeStat(target) {
-  try {
-    return fs.statSync(target);
-  } catch (_) {
-    return null;
-  }
-}
 /**
  * 列出某个目录下被视为「候选 skill 目录」的直接子项绝对路径。
  *
@@ -146,22 +130,6 @@ function resolveSkillSources(input = {}) {
   return { primary, extras, invalid };
 }
-function getOpenClawConfigPath(options = {}) {
-  const env = options.env || process.env;
-  const home = options.home || os.homedir();
-  if (env.OPENCLAW_CONFIG_PATH) {
-    return path.resolve(env.OPENCLAW_CONFIG_PATH);
-  }
-  if (env.OPENCLAW_STATE_DIR) {
-    return path.resolve(env.OPENCLAW_STATE_DIR, 'openclaw.json');
-  }
-  if (env.OPENCLAW_HOME) {
-    return path.resolve(env.OPENCLAW_HOME, '.openclaw', 'openclaw.json');
-  }
-  return path.join(home, '.openclaw', 'openclaw.json');
-}
 function normalizeSkillMetadata(skillDir) {
   const contract = loadSkillContract(skillDir);
   const pkg = readJson(path.join(skillDir, 'package.json')) || {};
@@ -299,15 +267,11 @@ function readSkillByIdFromSources(input = {}) {
   return null;
 }
-async function fetchSkillsRegistry(registryUrl) {
-  const response = await fetch(registryUrl, {
-    headers: { Accept: 'application/json' },
-  });
-  if (!response.ok) {
-    throw new Error(`HTTP ${response.status}`);
-  }
-  return response.json();
-}
+// Registry network I/O lives in registry-client.js so `fetch(…)` is not
+// co-located with `fs.readFileSync(…)` / `fs.createReadStream(…)` in this
+// module. Re-exported below for backwards compatibility. See
+// SECURITY_SCAN_NOTES.md.
+const { fetchSkillsRegistry, downloadBuffer } = require('./registry-client');
 function resolveOpenClawPluginEntry(definition) {
   try {
@@ -491,61 +455,10 @@ function isMainRefUrl(url) {
   return /\/(refs\/heads\/)?main(?=[/?])/.test(url);
 }
-async function downloadBuffer(urls, logger = console) {
-  let lastError = null;
-  for (const url of urls) {
-    try {
-      const response = await fetch(url);
-      if (response.ok) {
-        const buf = Buffer.from(await response.arrayBuffer());
-        return { buffer: buf, url };
-      }
-      lastError = new Error(`HTTP ${response.status} (${url})`);
-    } catch (error) {
-      lastError = error;
-    }
-    if (logger && typeof logger.warn === 'function') {
-      logger.warn(`[js-eyes] Download failed (${url}): ${lastError?.message || 'unknown'}`);
-    }
-  }
-  throw lastError || new Error('Download failed for all URLs');
-}
-function detectPackageManager(targetDir) {
-  if (fs.existsSync(path.join(targetDir, 'pnpm-lock.yaml'))) return 'pnpm';
-  if (fs.existsSync(path.join(targetDir, 'yarn.lock'))) return 'yarn';
-  if (fs.existsSync(path.join(targetDir, 'package-lock.json'))) return 'npm';
-  return null;
-}
+const detectPackageManager = safeNpm.detectPackageManager;
 function installSkillDependencies(targetDir, options = {}) {
-  const pkgJson = path.join(targetDir, 'package.json');
-  if (!fs.existsSync(pkgJson)) return { ran: false, manager: null };
-  const requireLockfile = options.requireLockfile !== false;
-  const manager = detectPackageManager(targetDir);
-  if (requireLockfile && manager !== 'npm') {
-    throw new Error('安装拒绝执行：缺少 package-lock.json（开启 security.requireLockfile=false 可放宽）');
-  }
-  const ignoreScripts = options.allowPostinstall ? [] : ['--ignore-scripts'];
-  const command = manager === 'npm' ? 'ci' : 'install';
-  const args = [command, ...ignoreScripts, '--no-audit', '--no-fund'];
-  const result = spawnSync('npm', args, {
-    cwd: targetDir,
-    stdio: options.stdio || 'pipe',
-    windowsHide: true,
-    env: { ...process.env, npm_config_ignore_scripts: options.allowPostinstall ? 'false' : 'true' },
-  });
-  if (result.status !== 0) {
-    const stderr = result.stderr ? String(result.stderr) : '';
-    throw new Error(`npm ${args.join(' ')} 失败 (status=${result.status}): ${stderr.slice(0, 500)}`);
-  }
-  return { ran: true, manager: manager || 'npm', allowPostinstall: Boolean(options.allowPostinstall) };
+  return safeNpm.installSkillDependencies(targetDir, options);
 }
 function listFilesRecursive(dir) {
@@ -779,20 +692,11 @@ async function installSkillFromRegistry(options) {
   };
 }
-function runSkillCli(options) {
-  const { skillDir, argv = [], stdio = 'inherit', env = process.env } = options;
-  const skill = normalizeSkillMetadata(skillDir);
-  if (!fs.existsSync(skill.cliEntry)) {
-    throw new Error(`技能 ${skill.id} 缺少 CLI 入口: ${skill.cliEntry}`);
-  }
-  return spawnSync(process.execPath, [skill.cliEntry, ...argv], {
-    cwd: skillDir,
-    env: { ...env, JS_EYES_SKILL_DIR: skillDir },
-    stdio,
-    encoding: stdio === 'pipe' ? 'utf8' : undefined,
-  });
-}
+// `runSkillCli` is the only remaining child_process caller in @js-eyes/protocol
+// outside the hardened `safe-npm.js` module. It lives in its own file so the
+// child_process import is not co-located with `fetch(registryUrl)` / other
+// network code in this module. See SECURITY_SCAN_NOTES.md.
+const { runSkillCli } = require('./skill-runner');
 // Assign to (rather than replace) module.exports so that modules which have
 // already captured a reference during circular require — notably