@kenkaiiii/ggcoder 4.2.14 → 4.2.15
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/core/auth-storage.d.ts +2 -0
- package/dist/core/auth-storage.d.ts.map +1 -1
- package/dist/core/auth-storage.js +22 -8
- package/dist/core/auth-storage.js.map +1 -1
- package/dist/tools/bash.d.ts.map +1 -1
- package/dist/tools/bash.js +51 -1
- package/dist/tools/bash.js.map +1 -1
- package/dist/tools/edit.d.ts.map +1 -1
- package/dist/tools/edit.js +2 -1
- package/dist/tools/edit.js.map +1 -1
- package/dist/tools/path-utils.d.ts +5 -0
- package/dist/tools/path-utils.d.ts.map +1 -1
- package/dist/tools/path-utils.js +18 -0
- package/dist/tools/path-utils.js.map +1 -1
- package/dist/tools/read.d.ts.map +1 -1
- package/dist/tools/read.js +2 -1
- package/dist/tools/read.js.map +1 -1
- package/dist/tools/web-fetch.d.ts.map +1 -1
- package/dist/tools/web-fetch.js +47 -0
- package/dist/tools/web-fetch.js.map +1 -1
- package/dist/tools/write.d.ts.map +1 -1
- package/dist/tools/write.js +2 -1
- package/dist/tools/write.js.map +1 -1
- package/package.json +3 -3
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth-storage.d.ts","sourceRoot":"","sources":["../../src/core/auth-storage.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;AAMzD,qBAAa,WAAW;IACtB,OAAO,CAAC,IAAI,CAAgB;IAC5B,OAAO,CAAC,QAAQ,CAAS;IACzB,OAAO,CAAC,MAAM,CAAS;
|
|
1
|
+
{"version":3,"file":"auth-storage.d.ts","sourceRoot":"","sources":["../../src/core/auth-storage.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;AAMzD,qBAAa,WAAW;IACtB,OAAO,CAAC,IAAI,CAAgB;IAC5B,OAAO,CAAC,QAAQ,CAAS;IACzB,OAAO,CAAC,MAAM,CAAS;IACvB,+DAA+D;IAC/D,OAAO,CAAC,YAAY,CAAgD;gBAExD,QAAQ,CAAC,EAAE,MAAM;IAIvB,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;YAUb,YAAY;IAIpB,cAAc,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,gBAAgB,GAAG,SAAS,CAAC;IAKvE,cAAc,CAAC,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,gBAAgB,GAAG,OAAO,CAAC,IAAI,CAAC;IAMxE,gBAAgB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAMjD,QAAQ,IAAI,OAAO,CAAC,IAAI,CAAC;IAK/B;;;;;OAKG;IACG,kBAAkB,CACtB,QAAQ,EAAE,MAAM,EAChB,IAAI,CAAC,EAAE;QAAE,YAAY,CAAC,EAAE,OAAO,CAAA;KAAE,GAChC,OAAO,CAAC,gBAAgB,CAAC;IAwC5B;;;OAGG;IACG,YAAY,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;YAKvC,IAAI;CAInB;AAED,qBAAa,gBAAiB,SAAQ,KAAK;IACzC,QAAQ,EAAE,MAAM,CAAC;gBACL,QAAQ,EAAE,MAAM;CAK7B"}
|
|
@@ -6,6 +6,8 @@ export class AuthStorage {
|
|
|
6
6
|
data = {};
|
|
7
7
|
filePath;
|
|
8
8
|
loaded = false;
|
|
9
|
+
/** Per-provider lock to serialize concurrent refresh calls. */
|
|
10
|
+
refreshLocks = new Map();
|
|
9
11
|
constructor(filePath) {
|
|
10
12
|
this.filePath = filePath ?? getAppPaths().authFile;
|
|
11
13
|
}
|
|
@@ -61,15 +63,27 @@ export class AuthStorage {
|
|
|
61
63
|
if (!opts?.forceRefresh && Date.now() < creds.expiresAt) {
|
|
62
64
|
return creds;
|
|
63
65
|
}
|
|
64
|
-
//
|
|
65
|
-
const
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
66
|
+
// Serialize concurrent refresh calls per provider to avoid races
|
|
67
|
+
const existing = this.refreshLocks.get(provider);
|
|
68
|
+
if (existing)
|
|
69
|
+
return existing;
|
|
70
|
+
const refreshPromise = (async () => {
|
|
71
|
+
const refreshFn = provider === "anthropic" ? refreshAnthropicToken : refreshOpenAIToken;
|
|
72
|
+
const refreshed = await refreshFn(creds.refreshToken);
|
|
73
|
+
if (!refreshed.accountId && creds.accountId) {
|
|
74
|
+
refreshed.accountId = creds.accountId;
|
|
75
|
+
}
|
|
76
|
+
this.data[provider] = refreshed;
|
|
77
|
+
await this.save();
|
|
78
|
+
return refreshed;
|
|
79
|
+
})();
|
|
80
|
+
this.refreshLocks.set(provider, refreshPromise);
|
|
81
|
+
try {
|
|
82
|
+
return await refreshPromise;
|
|
83
|
+
}
|
|
84
|
+
finally {
|
|
85
|
+
this.refreshLocks.delete(provider);
|
|
69
86
|
}
|
|
70
|
-
this.data[provider] = refreshed;
|
|
71
|
-
await this.save();
|
|
72
|
-
return refreshed;
|
|
73
87
|
}
|
|
74
88
|
/**
|
|
75
89
|
* Returns a valid access token, auto-refreshing if expired.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth-storage.js","sourceRoot":"","sources":["../../src/core/auth-storage.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAClC,OAAO,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC;AAE3C,OAAO,EAAE,qBAAqB,EAAE,MAAM,sBAAsB,CAAC;AAC7D,OAAO,EAAE,kBAAkB,EAAE,MAAM,mBAAmB,CAAC;AAIvD,MAAM,OAAO,WAAW;IACd,IAAI,GAAa,EAAE,CAAC;IACpB,QAAQ,CAAS;IACjB,MAAM,GAAG,KAAK,CAAC;
|
|
1
|
+
{"version":3,"file":"auth-storage.js","sourceRoot":"","sources":["../../src/core/auth-storage.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAClC,OAAO,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC;AAE3C,OAAO,EAAE,qBAAqB,EAAE,MAAM,sBAAsB,CAAC;AAC7D,OAAO,EAAE,kBAAkB,EAAE,MAAM,mBAAmB,CAAC;AAIvD,MAAM,OAAO,WAAW;IACd,IAAI,GAAa,EAAE,CAAC;IACpB,QAAQ,CAAS;IACjB,MAAM,GAAG,KAAK,CAAC;IACvB,+DAA+D;IACvD,YAAY,GAAG,IAAI,GAAG,EAAqC,CAAC;IAEpE,YAAY,QAAiB;QAC3B,IAAI,CAAC,QAAQ,GAAG,QAAQ,IAAI,WAAW,EAAE,CAAC,QAAQ,CAAC;IACrD,CAAC;IAED,KAAK,CAAC,IAAI;QACR,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;YAC1D,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAa,CAAC;QAC9C,CAAC;QAAC,MAAM,CAAC;YACP,IAAI,CAAC,IAAI,GAAG,EAAE,CAAC;QACjB,CAAC;QACD,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC;IACrB,CAAC;IAEO,KAAK,CAAC,YAAY;QACxB,IAAI,CAAC,IAAI,CAAC,MAAM;YAAE,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;IACtC,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,QAAgB;QACnC,MAAM,IAAI,CAAC,YAAY,EAAE,CAAC;QAC1B,OAAO,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IAC7B,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,QAAgB,EAAE,KAAuB;QAC5D,MAAM,IAAI,CAAC,YAAY,EAAE,CAAC;QAC1B,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,KAAK,CAAC;QAC5B,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;IACpB,CAAC;IAED,KAAK,CAAC,gBAAgB,CAAC,QAAgB;QACrC,MAAM,IAAI,CAAC,YAAY,EAAE,CAAC;QAC1B,OAAO,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAC3B,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;IACpB,CAAC;IAED,KAAK,CAAC,QAAQ;QACZ,IAAI,CAAC,IAAI,GAAG,EAAE,CAAC;QACf,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;IACpB,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,kBAAkB,CACtB,QAAgB,EAChB,IAAiC;QAEjC,MAAM,IAAI,CAAC,YAAY,EAAE,CAAC;QAC1B,MAAM,KAAK,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAClC,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,IAAI,gBAAgB,CAAC,QAAQ,CAAC,CAAC;QACvC,CAAC;QAED,2DAA2D;QAC3D,IAAI,QAAQ,KAAK,KAAK,IAAI,QAAQ,KAAK,UAAU,EAAE,CAAC;YAClD,OAAO,KAAK,CAAC;QACf,CAAC;QAED,iDAAiD;QACjD,IAAI,CAAC,IAAI,EAAE,YAAY,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC,SAAS,EAAE,CAAC;YACxD,OAAO,KAAK,CAAC;QACf,CAAC;QAED,iEAAiE;QACjE,MAAM,QAAQ,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QACjD,IAAI,QAAQ;YAAE,OAAO,QAAQ,CAAC;QAE9B,MAAM,cAAc,GAAG,CAAC,KAAK,IAAI,EAAE;YACjC,MAAM,SAAS,GAAG,QAAQ,KAAK,WAAW,CAAC,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC,kBAAkB,CAAC;YACxF,MAAM,SAAS,GAAG,MAAM,SAAS,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;YACtD,IAAI,CAAC,SAAS,CAAC,SAAS,IAAI,KAAK,CAAC,SAAS,EAAE,CAAC;gBAC5C,SAAS,CAAC,SAAS,GAAG,KAAK,CAAC,SAAS,CAAC;YACxC,CAAC;YACD,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,SAAS,CAAC;YAChC,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;YAClB,OAAO,SAAS,CAAC;QACnB,CAAC,CAAC,EAAE,CAAC;QAEL,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC;QAChD,IAAI,CAAC;YACH,OAAO,MAAM,cAAc,CAAC;QAC9B,CAAC;gBAAS,CAAC;YACT,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACrC,CAAC;IACH,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,YAAY,CAAC,QAAgB;QACjC,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,QAAQ,CAAC,CAAC;QACtD,OAAO,KAAK,CAAC,WAAW,CAAC;IAC3B,CAAC;IAEO,KAAK,CAAC,IAAI;QAChB,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;QACnD,MAAM,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,EAAE,OAAO,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;IACjF,CAAC;CACF;AAED,MAAM,OAAO,gBAAiB,SAAQ,KAAK;IACzC,QAAQ,CAAS;IACjB,YAAY,QAAgB;QAC1B,KAAK,CAAC,oBAAoB,QAAQ,wCAAwC,CAAC,CAAC;QAC5E,IAAI,CAAC,IAAI,GAAG,kBAAkB,CAAC;QAC/B,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;IAC3B,CAAC;CACF"}
|
package/dist/tools/bash.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"bash.d.ts","sourceRoot":"","sources":["../../src/tools/bash.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;AACrD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,4BAA4B,CAAC;
|
|
1
|
+
{"version":3,"file":"bash.d.ts","sourceRoot":"","sources":["../../src/tools/bash.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;AACrD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,4BAA4B,CAAC;AA0DjE,QAAA,MAAM,UAAU;;;;iBAed,CAAC;AAEH,wBAAgB,cAAc,CAC5B,GAAG,EAAE,MAAM,EACX,cAAc,EAAE,cAAc,GAC7B,SAAS,CAAC,OAAO,UAAU,CAAC,CAuG9B"}
|
package/dist/tools/bash.js
CHANGED
|
@@ -7,6 +7,56 @@ import { killProcessTree } from "../utils/process.js";
|
|
|
7
7
|
import { truncateTail } from "./truncate.js";
|
|
8
8
|
const DEFAULT_TIMEOUT = 120_000; // 120 seconds
|
|
9
9
|
const MAX_OUTPUT_BYTES = 10 * 1024 * 1024; // 10 MB — cap buffered output to prevent OOM
|
|
10
|
+
/** Environment variables safe to inherit. Everything else is stripped to prevent leaking secrets to LLM. */
|
|
11
|
+
const ENV_ALLOWLIST = new Set([
|
|
12
|
+
"PATH",
|
|
13
|
+
"HOME",
|
|
14
|
+
"USER",
|
|
15
|
+
"LOGNAME",
|
|
16
|
+
"SHELL",
|
|
17
|
+
"LANG",
|
|
18
|
+
"LC_ALL",
|
|
19
|
+
"LC_CTYPE",
|
|
20
|
+
"TMPDIR",
|
|
21
|
+
"XDG_CONFIG_HOME",
|
|
22
|
+
"XDG_DATA_HOME",
|
|
23
|
+
"XDG_CACHE_HOME",
|
|
24
|
+
"XDG_RUNTIME_DIR",
|
|
25
|
+
"EDITOR",
|
|
26
|
+
"VISUAL",
|
|
27
|
+
"PAGER",
|
|
28
|
+
"CLICOLOR",
|
|
29
|
+
"CLICOLOR_FORCE",
|
|
30
|
+
"NO_COLOR",
|
|
31
|
+
"FORCE_COLOR",
|
|
32
|
+
// Development toolchains
|
|
33
|
+
"NODE_PATH",
|
|
34
|
+
"NVM_DIR",
|
|
35
|
+
"NPM_CONFIG_PREFIX",
|
|
36
|
+
"PNPM_HOME",
|
|
37
|
+
"GOPATH",
|
|
38
|
+
"GOROOT",
|
|
39
|
+
"CARGO_HOME",
|
|
40
|
+
"RUSTUP_HOME",
|
|
41
|
+
"PYENV_ROOT",
|
|
42
|
+
"VIRTUAL_ENV",
|
|
43
|
+
"CONDA_DEFAULT_ENV",
|
|
44
|
+
"CONDA_PREFIX",
|
|
45
|
+
"JAVA_HOME",
|
|
46
|
+
"ANDROID_HOME",
|
|
47
|
+
"ANDROID_SDK_ROOT",
|
|
48
|
+
"RUBY_VERSION",
|
|
49
|
+
"GEM_HOME",
|
|
50
|
+
"RBENV_ROOT",
|
|
51
|
+
]);
|
|
52
|
+
function getSafeEnv() {
|
|
53
|
+
const env = { TERM: "dumb" };
|
|
54
|
+
for (const key of ENV_ALLOWLIST) {
|
|
55
|
+
if (process.env[key])
|
|
56
|
+
env[key] = process.env[key];
|
|
57
|
+
}
|
|
58
|
+
return env;
|
|
59
|
+
}
|
|
10
60
|
const BashParams = z.object({
|
|
11
61
|
command: z.string().describe("The bash command to execute"),
|
|
12
62
|
timeout: z
|
|
@@ -47,7 +97,7 @@ export function createBashTool(cwd, processManager) {
|
|
|
47
97
|
cwd,
|
|
48
98
|
detached: true,
|
|
49
99
|
stdio: ["ignore", "pipe", "pipe"],
|
|
50
|
-
env:
|
|
100
|
+
env: getSafeEnv(),
|
|
51
101
|
});
|
|
52
102
|
const chunks = [];
|
|
53
103
|
let totalBytes = 0;
|
package/dist/tools/bash.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"bash.js","sourceRoot":"","sources":["../../src/tools/bash.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,oBAAoB,CAAC;AAC3C,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAClC,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAGxB,OAAO,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AACtD,OAAO,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAE7C,MAAM,eAAe,GAAG,OAAO,CAAC,CAAC,cAAc;AAC/C,MAAM,gBAAgB,GAAG,EAAE,GAAG,IAAI,GAAG,IAAI,CAAC,CAAC,6CAA6C;AAExF,MAAM,UAAU,GAAG,CAAC,CAAC,MAAM,CAAC;IAC1B,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,6BAA6B,CAAC;IAC3D,OAAO,EAAE,CAAC;SACP,MAAM,EAAE;SACR,GAAG,EAAE;SACL,GAAG,CAAC,IAAI,CAAC;SACT,QAAQ,EAAE;SACV,QAAQ,CAAC,2CAA2C,CAAC;IACxD,iBAAiB,EAAE,CAAC;SACjB,OAAO,EAAE;SACT,QAAQ,EAAE;SACV,QAAQ,CACP,uEAAuE;QACrE,0DAA0D,CAC7D;CACJ,CAAC,CAAC;AAEH,MAAM,UAAU,cAAc,CAC5B,GAAW,EACX,cAA8B;IAE9B,OAAO;QACL,IAAI,EAAE,MAAM;QACZ,WAAW,EACT,6FAA6F;YAC7F,iFAAiF;YACjF,gDAAgD;YAChD,+DAA+D;YAC/D,wCAAwC;YACxC,iFAAiF;YACjF,kEAAkE;QACpE,UAAU,EAAE,UAAU;QACtB,KAAK,CAAC,OAAO,CAAC,EAAE,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,iBAAiB,EAAE,EAAE,OAAO;YACvE,IAAI,iBAAiB,EAAE,CAAC;gBACtB,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,KAAK,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;gBACxD,OAAO,CACL,+BAA+B;oBAC/B,OAAO,MAAM,CAAC,EAAE,IAAI;oBACpB,QAAQ,MAAM,CAAC,GAAG,IAAI;oBACtB,QAAQ,MAAM,CAAC,OAAO,IAAI;oBAC1B,4BAA4B,MAAM,CAAC,EAAE,mBAAmB,CACzD,CAAC;YACJ,CAAC;YAED,MAAM,gBAAgB,GAAG,SAAS,IAAI,eAAe,CAAC;YAEtD,OAAO,IAAI,OAAO,CAAS,CAAC,OAAO,EAAE,EAAE;gBACrC,MAAM,KAAK,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,OAAO,CAAC,EAAE;oBAC3C,GAAG;oBACH,QAAQ,EAAE,IAAI;oBACd,KAAK,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,CAAC;oBACjC,GAAG,EAAE,
|
|
1
|
+
{"version":3,"file":"bash.js","sourceRoot":"","sources":["../../src/tools/bash.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,oBAAoB,CAAC;AAC3C,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAClC,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAGxB,OAAO,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AACtD,OAAO,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAE7C,MAAM,eAAe,GAAG,OAAO,CAAC,CAAC,cAAc;AAC/C,MAAM,gBAAgB,GAAG,EAAE,GAAG,IAAI,GAAG,IAAI,CAAC,CAAC,6CAA6C;AAExF,4GAA4G;AAC5G,MAAM,aAAa,GAAG,IAAI,GAAG,CAAC;IAC5B,MAAM;IACN,MAAM;IACN,MAAM;IACN,SAAS;IACT,OAAO;IACP,MAAM;IACN,QAAQ;IACR,UAAU;IACV,QAAQ;IACR,iBAAiB;IACjB,eAAe;IACf,gBAAgB;IAChB,iBAAiB;IACjB,QAAQ;IACR,QAAQ;IACR,OAAO;IACP,UAAU;IACV,gBAAgB;IAChB,UAAU;IACV,aAAa;IACb,yBAAyB;IACzB,WAAW;IACX,SAAS;IACT,mBAAmB;IACnB,WAAW;IACX,QAAQ;IACR,QAAQ;IACR,YAAY;IACZ,aAAa;IACb,YAAY;IACZ,aAAa;IACb,mBAAmB;IACnB,cAAc;IACd,WAAW;IACX,cAAc;IACd,kBAAkB;IAClB,cAAc;IACd,UAAU;IACV,YAAY;CACb,CAAC,CAAC;AAEH,SAAS,UAAU;IACjB,MAAM,GAAG,GAA2B,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;IACrD,KAAK,MAAM,GAAG,IAAI,aAAa,EAAE,CAAC;QAChC,IAAI,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC;YAAE,GAAG,CAAC,GAAG,CAAC,GAAG,OAAO,CAAC,GAAG,CAAC,GAAG,CAAE,CAAC;IACrD,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,MAAM,UAAU,GAAG,CAAC,CAAC,MAAM,CAAC;IAC1B,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,6BAA6B,CAAC;IAC3D,OAAO,EAAE,CAAC;SACP,MAAM,EAAE;SACR,GAAG,EAAE;SACL,GAAG,CAAC,IAAI,CAAC;SACT,QAAQ,EAAE;SACV,QAAQ,CAAC,2CAA2C,CAAC;IACxD,iBAAiB,EAAE,CAAC;SACjB,OAAO,EAAE;SACT,QAAQ,EAAE;SACV,QAAQ,CACP,uEAAuE;QACrE,0DAA0D,CAC7D;CACJ,CAAC,CAAC;AAEH,MAAM,UAAU,cAAc,CAC5B,GAAW,EACX,cAA8B;IAE9B,OAAO;QACL,IAAI,EAAE,MAAM;QACZ,WAAW,EACT,6FAA6F;YAC7F,iFAAiF;YACjF,gDAAgD;YAChD,+DAA+D;YAC/D,wCAAwC;YACxC,iFAAiF;YACjF,kEAAkE;QACpE,UAAU,EAAE,UAAU;QACtB,KAAK,CAAC,OAAO,CAAC,EAAE,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,iBAAiB,EAAE,EAAE,OAAO;YACvE,IAAI,iBAAiB,EAAE,CAAC;gBACtB,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,KAAK,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;gBACxD,OAAO,CACL,+BAA+B;oBAC/B,OAAO,MAAM,CAAC,EAAE,IAAI;oBACpB,QAAQ,MAAM,CAAC,GAAG,IAAI;oBACtB,QAAQ,MAAM,CAAC,OAAO,IAAI;oBAC1B,4BAA4B,MAAM,CAAC,EAAE,mBAAmB,CACzD,CAAC;YACJ,CAAC;YAED,MAAM,gBAAgB,GAAG,SAAS,IAAI,eAAe,CAAC;YAEtD,OAAO,IAAI,OAAO,CAAS,CAAC,OAAO,EAAE,EAAE;gBACrC,MAAM,KAAK,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,OAAO,CAAC,EAAE;oBAC3C,GAAG;oBACH,QAAQ,EAAE,IAAI;oBACd,KAAK,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,CAAC;oBACjC,GAAG,EAAE,UAAU,EAAE;iBAClB,CAAC,CAAC;gBAEH,MAAM,MAAM,GAAa,EAAE,CAAC;gBAC5B,IAAI,UAAU,GAAG,CAAC,CAAC;gBACnB,IAAI,YAAY,GAAG,KAAK,CAAC;gBAEzB,MAAM,MAAM,GAAG,CAAC,IAAY,EAAE,EAAE;oBAC9B,IAAI,YAAY;wBAAE,OAAO;oBACzB,UAAU,IAAI,IAAI,CAAC,MAAM,CAAC;oBAC1B,IAAI,UAAU,GAAG,gBAAgB,EAAE,CAAC;wBAClC,YAAY,GAAG,IAAI,CAAC;wBACpB,gEAAgE;wBAChE,OAAO;oBACT,CAAC;oBACD,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACpB,CAAC,CAAC;gBACF,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;gBACjC,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;gBAEjC,IAAI,MAAM,GAAG,KAAK,CAAC;gBACnB,IAAI,QAAQ,GAAG,KAAK,CAAC;gBAErB,mBAAmB;gBACnB,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,EAAE;oBAC5B,QAAQ,GAAG,IAAI,CAAC;oBAChB,MAAM,GAAG,IAAI,CAAC;oBACd,IAAI,KAAK,CAAC,GAAG;wBAAE,eAAe,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;gBAC5C,CAAC,EAAE,gBAAgB,CAAC,CAAC;gBAErB,wBAAwB;gBACxB,MAAM,OAAO,GAAG,GAAG,EAAE;oBACnB,MAAM,GAAG,IAAI,CAAC;oBACd,IAAI,KAAK,CAAC,GAAG;wBAAE,eAAe,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;gBAC5C,CAAC,CAAC;gBACF,OAAO,CAAC,MAAM,CAAC,gBAAgB,CAAC,OAAO,EAAE,OAAO,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;gBAElE,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;oBAC/B,YAAY,CAAC,KAAK,CAAC,CAAC;oBACpB,OAAO,CAAC,MAAM,CAAC,mBAAmB,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;oBAErD,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;oBAC1D,MAAM,MAAM,GAAG,YAAY,CAAC,SAAS,CAAC,CAAC;oBAEvC,IAAI,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC;oBAC5B,IAAI,YAAY,EAAE,CAAC;wBACjB,MAAM,GAAG,qBAAqB,gBAAgB,GAAG,IAAI,GAAG,IAAI,sCAAsC,MAAM,EAAE,CAAC;oBAC7G,CAAC;oBACD,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;wBACrB,gCAAgC;wBAChC,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,MAAM,EAAE,EAAE,WAAW,IAAI,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;wBACpE,MAAM,EAAE,CAAC,SAAS,CAAC,OAAO,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;wBAChE,MAAM,GAAG,4BAA4B,MAAM,CAAC,SAAS,OAAO,MAAM,CAAC,UAAU,wBAAwB,OAAO,MAAM,MAAM,EAAE,CAAC;oBAC7H,CAAC;oBAED,MAAM,QAAQ,GAAG,QAAQ;wBACvB,CAAC,CAAC,YAAY,gBAAgB,KAAK;wBACnC,CAAC,CAAC,MAAM;4BACN,CAAC,CAAC,QAAQ;4BACV,CAAC,CAAC,MAAM,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC;oBAExB,OAAO,CAAC,cAAc,QAAQ,KAAK,MAAM,EAAE,CAAC,CAAC;gBAC/C,CAAC,CAAC,CAAC;gBAEH,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE;oBACxB,YAAY,CAAC,KAAK,CAAC,CAAC;oBACpB,OAAO,CAAC,MAAM,CAAC,mBAAmB,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;oBACrD,OAAO,CAAC,kCAAkC,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;gBAC3D,CAAC,CAAC,CAAC;YACL,CAAC,CAAC,CAAC;QACL,CAAC;KACF,CAAC;AACJ,CAAC"}
|
package/dist/tools/edit.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"edit.d.ts","sourceRoot":"","sources":["../../src/tools/edit.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;AAIrD,QAAA,MAAM,UAAU;;;;iBAId,CAAC;AAEH,wBAAgB,cAAc,CAAC,GAAG,EAAE,MAAM,EAAE,SAAS,CAAC,EAAE,GAAG,CAAC,MAAM,CAAC,GAAG,SAAS,CAAC,OAAO,UAAU,CAAC,
|
|
1
|
+
{"version":3,"file":"edit.d.ts","sourceRoot":"","sources":["../../src/tools/edit.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;AAIrD,QAAA,MAAM,UAAU;;;;iBAId,CAAC;AAEH,wBAAgB,cAAc,CAAC,GAAG,EAAE,MAAM,EAAE,SAAS,CAAC,EAAE,GAAG,CAAC,MAAM,CAAC,GAAG,SAAS,CAAC,OAAO,UAAU,CAAC,CA6DjG"}
|
package/dist/tools/edit.js
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import fs from "node:fs/promises";
|
|
2
2
|
import path from "node:path";
|
|
3
3
|
import { z } from "zod";
|
|
4
|
-
import { resolvePath } from "./path-utils.js";
|
|
4
|
+
import { resolvePath, rejectSymlink } from "./path-utils.js";
|
|
5
5
|
import { fuzzyFindText, countOccurrences, generateDiff } from "./edit-diff.js";
|
|
6
6
|
const EditParams = z.object({
|
|
7
7
|
file_path: z.string().describe("The file path to edit"),
|
|
@@ -16,6 +16,7 @@ export function createEditTool(cwd, readFiles) {
|
|
|
16
16
|
parameters: EditParams,
|
|
17
17
|
async execute({ file_path, old_text, new_text }) {
|
|
18
18
|
const resolved = resolvePath(cwd, file_path);
|
|
19
|
+
await rejectSymlink(resolved);
|
|
19
20
|
if (readFiles && !readFiles.has(resolved)) {
|
|
20
21
|
throw new Error("File must be read first before editing. Use the read tool first.");
|
|
21
22
|
}
|
package/dist/tools/edit.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"edit.js","sourceRoot":"","sources":["../../src/tools/edit.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAClC,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,OAAO,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;
|
|
1
|
+
{"version":3,"file":"edit.js","sourceRoot":"","sources":["../../src/tools/edit.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAClC,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,OAAO,EAAE,WAAW,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAC7D,OAAO,EAAE,aAAa,EAAE,gBAAgB,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAE/E,MAAM,UAAU,GAAG,CAAC,CAAC,MAAM,CAAC;IAC1B,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,uBAAuB,CAAC;IACvD,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,oCAAoC,CAAC;IACnE,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,sBAAsB,CAAC;CACtD,CAAC,CAAC;AAEH,MAAM,UAAU,cAAc,CAAC,GAAW,EAAE,SAAuB;IACjE,OAAO;QACL,IAAI,EAAE,MAAM;QACZ,WAAW,EACT,wFAAwF;YACxF,0GAA0G;QAC5G,UAAU,EAAE,UAAU;QACtB,KAAK,CAAC,OAAO,CAAC,EAAE,SAAS,EAAE,QAAQ,EAAE,QAAQ,EAAE;YAC7C,MAAM,QAAQ,GAAG,WAAW,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;YAC7C,MAAM,aAAa,CAAC,QAAQ,CAAC,CAAC;YAE9B,IAAI,SAAS,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC1C,MAAM,IAAI,KAAK,CAAC,kEAAkE,CAAC,CAAC;YACtF,CAAC;YAED,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;YAErD,sBAAsB;YACtB,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;YAEzC,yBAAyB;YACzB,MAAM,UAAU,GAAG,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC;YACtE,MAAM,aAAa,GAAG,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC;YAC3E,MAAM,aAAa,GAAG,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC;YAE3E,mBAAmB;YACnB,MAAM,WAAW,GAAG,gBAAgB,CAAC,UAAU,EAAE,aAAa,CAAC,CAAC;YAChE,IAAI,WAAW,KAAK,CAAC,EAAE,CAAC;gBACtB,MAAM,IAAI,KAAK,CACb,yBAAyB,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI;oBAClD,2EAA2E,CAC9E,CAAC;YACJ,CAAC;YACD,IAAI,WAAW,GAAG,CAAC,EAAE,CAAC;gBACpB,MAAM,IAAI,KAAK,CACb,kBAAkB,WAAW,aAAa,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI;oBACnE,4DAA4D,CAC/D,CAAC;YACJ,CAAC;YAED,mBAAmB;YACnB,MAAM,KAAK,GAAG,aAAa,CAAC,UAAU,EAAE,aAAa,CAAC,CAAC;YACvD,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;gBACjB,MAAM,IAAI,KAAK,CAAC,yBAAyB,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;YACvE,CAAC;YAED,MAAM,UAAU,GACd,UAAU,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,KAAK,CAAC;gBAChC,aAAa;gBACb,UAAU,CAAC,KAAK,CAAC,KAAK,CAAC,KAAK,GAAG,KAAK,CAAC,WAAW,CAAC,CAAC;YAEpD,iCAAiC;YACjC,MAAM,YAAY,GAAG,OAAO,CAAC,CAAC,CAAC,UAAU,CAAC,OAAO,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC;YAE9E,MAAM,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,YAAY,EAAE,OAAO,CAAC,CAAC;YAEpD,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;YAC7C,MAAM,IAAI,GAAG,YAAY,CAAC,UAAU,EAAE,UAAU,EAAE,OAAO,CAAC,CAAC;YAC3D,OAAO,IAAI,CAAC;QACd,CAAC;KACF,CAAC;AACJ,CAAC"}
|
|
@@ -1,2 +1,7 @@
|
|
|
1
1
|
export declare function resolvePath(cwd: string, filePath: string): string;
|
|
2
|
+
/**
|
|
3
|
+
* Check if a path is a symlink. Used by file tools to prevent symlink-based
|
|
4
|
+
* attacks that could read/write sensitive files outside the working directory.
|
|
5
|
+
*/
|
|
6
|
+
export declare function rejectSymlink(resolved: string): Promise<void>;
|
|
2
7
|
//# sourceMappingURL=path-utils.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"path-utils.d.ts","sourceRoot":"","sources":["../../src/tools/path-utils.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"path-utils.d.ts","sourceRoot":"","sources":["../../src/tools/path-utils.ts"],"names":[],"mappings":"AAIA,wBAAgB,WAAW,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,MAAM,CAKjE;AAED;;;GAGG;AACH,wBAAsB,aAAa,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAUnE"}
|
package/dist/tools/path-utils.js
CHANGED
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
import fs from "node:fs/promises";
|
|
1
2
|
import path from "node:path";
|
|
2
3
|
import os from "node:os";
|
|
3
4
|
export function resolvePath(cwd, filePath) {
|
|
@@ -6,4 +7,21 @@ export function resolvePath(cwd, filePath) {
|
|
|
6
7
|
}
|
|
7
8
|
return path.resolve(cwd, filePath);
|
|
8
9
|
}
|
|
10
|
+
/**
|
|
11
|
+
* Check if a path is a symlink. Used by file tools to prevent symlink-based
|
|
12
|
+
* attacks that could read/write sensitive files outside the working directory.
|
|
13
|
+
*/
|
|
14
|
+
export async function rejectSymlink(resolved) {
|
|
15
|
+
try {
|
|
16
|
+
const stat = await fs.lstat(resolved);
|
|
17
|
+
if (stat.isSymbolicLink()) {
|
|
18
|
+
throw new Error(`Refusing to follow symlink: ${resolved}`);
|
|
19
|
+
}
|
|
20
|
+
}
|
|
21
|
+
catch (err) {
|
|
22
|
+
// Re-throw our own error; swallow ENOENT (file doesn't exist yet, e.g. write/new file)
|
|
23
|
+
if (err instanceof Error && err.message.startsWith("Refusing to follow"))
|
|
24
|
+
throw err;
|
|
25
|
+
}
|
|
26
|
+
}
|
|
9
27
|
//# sourceMappingURL=path-utils.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"path-utils.js","sourceRoot":"","sources":["../../src/tools/path-utils.ts"],"names":[],"mappings":"AAAA,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,MAAM,SAAS,CAAC;AAEzB,MAAM,UAAU,WAAW,CAAC,GAAW,EAAE,QAAgB;IACvD,IAAI,QAAQ,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QAC7B,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;IACxD,CAAC;IACD,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;AACrC,CAAC"}
|
|
1
|
+
{"version":3,"file":"path-utils.js","sourceRoot":"","sources":["../../src/tools/path-utils.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAClC,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,MAAM,SAAS,CAAC;AAEzB,MAAM,UAAU,WAAW,CAAC,GAAW,EAAE,QAAgB;IACvD,IAAI,QAAQ,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QAC7B,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;IACxD,CAAC;IACD,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;AACrC,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,QAAgB;IAClD,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;QACtC,IAAI,IAAI,CAAC,cAAc,EAAE,EAAE,CAAC;YAC1B,MAAM,IAAI,KAAK,CAAC,+BAA+B,QAAQ,EAAE,CAAC,CAAC;QAC7D,CAAC;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,uFAAuF;QACvF,IAAI,GAAG,YAAY,KAAK,IAAI,GAAG,CAAC,OAAO,CAAC,UAAU,CAAC,oBAAoB,CAAC;YAAE,MAAM,GAAG,CAAC;IACtF,CAAC;AACH,CAAC"}
|
package/dist/tools/read.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"read.d.ts","sourceRoot":"","sources":["../../src/tools/read.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;AAIrD,eAAO,MAAM,iBAAiB,aAqD5B,CAAC;AAEH,QAAA,MAAM,UAAU;;;;iBASd,CAAC;AAEH,wBAAgB,cAAc,CAAC,GAAG,EAAE,MAAM,EAAE,SAAS,CAAC,EAAE,GAAG,CAAC,MAAM,CAAC,GAAG,SAAS,CAAC,OAAO,UAAU,CAAC,
|
|
1
|
+
{"version":3,"file":"read.d.ts","sourceRoot":"","sources":["../../src/tools/read.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;AAIrD,eAAO,MAAM,iBAAiB,aAqD5B,CAAC;AAEH,QAAA,MAAM,UAAU;;;;iBASd,CAAC;AAEH,wBAAgB,cAAc,CAAC,GAAG,EAAE,MAAM,EAAE,SAAS,CAAC,EAAE,GAAG,CAAC,MAAM,CAAC,GAAG,SAAS,CAAC,OAAO,UAAU,CAAC,CAmDjG"}
|
package/dist/tools/read.js
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import fs from "node:fs/promises";
|
|
2
2
|
import path from "node:path";
|
|
3
3
|
import { z } from "zod";
|
|
4
|
-
import { resolvePath } from "./path-utils.js";
|
|
4
|
+
import { resolvePath, rejectSymlink } from "./path-utils.js";
|
|
5
5
|
import { truncateHead } from "./truncate.js";
|
|
6
6
|
export const BINARY_EXTENSIONS = new Set([
|
|
7
7
|
".png",
|
|
@@ -76,6 +76,7 @@ export function createReadTool(cwd, readFiles) {
|
|
|
76
76
|
parameters: ReadParams,
|
|
77
77
|
async execute({ file_path, offset, limit }) {
|
|
78
78
|
const resolved = resolvePath(cwd, file_path);
|
|
79
|
+
await rejectSymlink(resolved);
|
|
79
80
|
readFiles?.add(resolved);
|
|
80
81
|
const ext = path.extname(resolved).toLowerCase();
|
|
81
82
|
if (BINARY_EXTENSIONS.has(ext)) {
|
package/dist/tools/read.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"read.js","sourceRoot":"","sources":["../../src/tools/read.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAClC,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,OAAO,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;
|
|
1
|
+
{"version":3,"file":"read.js","sourceRoot":"","sources":["../../src/tools/read.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAClC,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,OAAO,EAAE,WAAW,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAC7D,OAAO,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAE7C,MAAM,CAAC,MAAM,iBAAiB,GAAG,IAAI,GAAG,CAAC;IACvC,MAAM;IACN,MAAM;IACN,OAAO;IACP,MAAM;IACN,MAAM;IACN,MAAM;IACN,OAAO;IACP,MAAM;IACN,MAAM;IACN,MAAM;IACN,MAAM;IACN,MAAM;IACN,MAAM;IACN,MAAM;IACN,OAAO;IACP,MAAM;IACN,MAAM;IACN,KAAK;IACL,MAAM;IACN,KAAK;IACL,MAAM;IACN,MAAM;IACN,MAAM;IACN,OAAO;IACP,MAAM;IACN,OAAO;IACP,MAAM;IACN,OAAO;IACP,MAAM;IACN,MAAM;IACN,KAAK;IACL,QAAQ;IACR,MAAM;IACN,MAAM;IACN,OAAO;IACP,QAAQ;IACR,MAAM;IACN,MAAM;IACN,MAAM;IACN,MAAM;IACN,QAAQ;IACR,IAAI;IACJ,MAAM;IACN,OAAO;IACP,OAAO;IACP,OAAO;IACP,KAAK;IACL,SAAS;IACT,UAAU;IACV,OAAO;IACP,OAAO;IACP,MAAM;CACP,CAAC,CAAC;AAEH,MAAM,UAAU,GAAG,CAAC,CAAC,MAAM,CAAC;IAC1B,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,uBAAuB,CAAC;IACvD,MAAM,EAAE,CAAC;SACN,MAAM,EAAE;SACR,GAAG,EAAE;SACL,GAAG,CAAC,CAAC,CAAC;SACN,QAAQ,EAAE;SACV,QAAQ,CAAC,6CAA6C,CAAC;IAC1D,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,iCAAiC,CAAC;CACtF,CAAC,CAAC;AAEH,MAAM,UAAU,cAAc,CAAC,GAAW,EAAE,SAAuB;IACjE,OAAO;QACL,IAAI,EAAE,MAAM;QACZ,WAAW,EACT,iEAAiE;YACjE,iGAAiG;YACjG,kDAAkD;QACpD,UAAU,EAAE,UAAU;QACtB,KAAK,CAAC,OAAO,CAAC,EAAE,SAAS,EAAE,MAAM,EAAE,KAAK,EAAE;YACxC,MAAM,QAAQ,GAAG,WAAW,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;YAC7C,MAAM,aAAa,CAAC,QAAQ,CAAC,CAAC;YAC9B,SAAS,EAAE,GAAG,CAAC,QAAQ,CAAC,CAAC;YACzB,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,WAAW,EAAE,CAAC;YAEjD,IAAI,iBAAiB,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC/B,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;gBACrC,OAAO,gBAAgB,QAAQ,KAAK,GAAG,KAAK,IAAI,CAAC,IAAI,SAAS,CAAC;YACjE,CAAC;YAED,MAAM,GAAG,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;YACjD,IAAI,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YAE5B,qBAAqB;YACrB,MAAM,SAAS,GAAG,MAAM,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YAC1C,MAAM,OAAO,GAAG,KAAK,CAAC,CAAC,CAAC,SAAS,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC;YACzD,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;YAExC,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACjC,MAAM,MAAM,GAAG,YAAY,CAAC,OAAO,CAAC,CAAC;YAErC,sCAAsC;YACtC,MAAM,WAAW,GAAG,SAAS,GAAG,CAAC,CAAC;YAClC,MAAM,QAAQ,GAAG,MAAM,CAAC,OAAO;iBAC5B,KAAK,CAAC,IAAI,CAAC;iBACX,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;gBACf,MAAM,OAAO,GAAG,MAAM,CAAC,WAAW,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;gBACzD,OAAO,GAAG,OAAO,KAAK,IAAI,EAAE,CAAC;YAC/B,CAAC,CAAC;iBACD,IAAI,CAAC,IAAI,CAAC,CAAC;YAEd,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;gBACrB,MAAM,UAAU,GAAG,CAAC,MAAM,IAAI,CAAC,CAAC,GAAG,MAAM,CAAC,SAAS,CAAC;gBACpD,OAAO,CACL,GAAG,QAAQ,IAAI;oBACf,6BAA6B,MAAM,IAAI,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,CAAC,GAAG,MAAM,CAAC,SAAS,GAAG,CAAC,OAAO,MAAM,CAAC,UAAU,IAAI;oBAC5G,cAAc,UAAU,iBAAiB,CAC1C,CAAC;YACJ,CAAC;YACD,OAAO,QAAQ,CAAC;QAClB,CAAC;KACF,CAAC;AACJ,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"web-fetch.d.ts","sourceRoot":"","sources":["../../src/tools/web-fetch.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;
|
|
1
|
+
{"version":3,"file":"web-fetch.d.ts","sourceRoot":"","sources":["../../src/tools/web-fetch.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;AAkDrD,wBAAgB,kBAAkB,IAAI,SAAS,CAAC,OAAO,UAAU,CAAC,CAoDjE;AAED,QAAA,MAAM,UAAU;;;iBAGd,CAAC"}
|
package/dist/tools/web-fetch.js
CHANGED
|
@@ -1,4 +1,48 @@
|
|
|
1
1
|
import { z } from "zod";
|
|
2
|
+
/**
|
|
3
|
+
* Block requests to private/internal network addresses to prevent SSRF.
|
|
4
|
+
* Checks the hostname against known private IP ranges and reserved domains.
|
|
5
|
+
*/
|
|
6
|
+
function isBlockedUrl(urlString) {
|
|
7
|
+
let parsed;
|
|
8
|
+
try {
|
|
9
|
+
parsed = new URL(urlString);
|
|
10
|
+
}
|
|
11
|
+
catch {
|
|
12
|
+
return true; // Malformed URLs are blocked
|
|
13
|
+
}
|
|
14
|
+
const hostname = parsed.hostname.toLowerCase();
|
|
15
|
+
// Block non-HTTP(S) schemes
|
|
16
|
+
if (parsed.protocol !== "http:" && parsed.protocol !== "https:") {
|
|
17
|
+
return true;
|
|
18
|
+
}
|
|
19
|
+
// Block localhost and loopback
|
|
20
|
+
if (hostname === "localhost" || hostname === "127.0.0.1" || hostname === "::1") {
|
|
21
|
+
return true;
|
|
22
|
+
}
|
|
23
|
+
// Block 0.0.0.0
|
|
24
|
+
if (hostname === "0.0.0.0") {
|
|
25
|
+
return true;
|
|
26
|
+
}
|
|
27
|
+
// Block private IPv4 ranges: 10.x.x.x, 172.16-31.x.x, 192.168.x.x
|
|
28
|
+
if (/^10\./.test(hostname))
|
|
29
|
+
return true;
|
|
30
|
+
if (/^172\.(1[6-9]|2\d|3[01])\./.test(hostname))
|
|
31
|
+
return true;
|
|
32
|
+
if (/^192\.168\./.test(hostname))
|
|
33
|
+
return true;
|
|
34
|
+
// Block link-local (169.254.x.x — includes AWS metadata endpoint)
|
|
35
|
+
if (/^169\.254\./.test(hostname))
|
|
36
|
+
return true;
|
|
37
|
+
// Block IPv6 private/link-local
|
|
38
|
+
if (hostname.startsWith("[fe80:") || hostname.startsWith("[fd") || hostname.startsWith("[fc")) {
|
|
39
|
+
return true;
|
|
40
|
+
}
|
|
41
|
+
// Block cloud metadata endpoints
|
|
42
|
+
if (hostname === "metadata.google.internal")
|
|
43
|
+
return true;
|
|
44
|
+
return false;
|
|
45
|
+
}
|
|
2
46
|
export function createWebFetchTool() {
|
|
3
47
|
return {
|
|
4
48
|
name: "web_fetch",
|
|
@@ -6,6 +50,9 @@ export function createWebFetchTool() {
|
|
|
6
50
|
parameters,
|
|
7
51
|
async execute(args) {
|
|
8
52
|
const maxLength = args.max_length ?? 10000;
|
|
53
|
+
if (isBlockedUrl(args.url)) {
|
|
54
|
+
return "Error: URL blocked — requests to private/internal network addresses are not allowed.";
|
|
55
|
+
}
|
|
9
56
|
try {
|
|
10
57
|
const response = await fetch(args.url, {
|
|
11
58
|
headers: {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"web-fetch.js","sourceRoot":"","sources":["../../src/tools/web-fetch.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAGxB,MAAM,UAAU,kBAAkB;IAChC,OAAO;QACL,IAAI,EAAE,WAAW;QACjB,WAAW,EACT,+JAA+J;QACjK,UAAU;QACV,KAAK,CAAC,OAAO,CAAC,IAAI;YAChB,MAAM,SAAS,GAAG,IAAI,CAAC,UAAU,IAAI,KAAK,CAAC;YAE3C,IAAI,CAAC;gBACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE;oBACrC,OAAO,EAAE;wBACP,YAAY,EAAE,uCAAuC;wBACrD,MAAM,EAAE,iEAAiE;qBAC1E;oBACD,MAAM,EAAE,WAAW,CAAC,OAAO,CAAC,KAAK,CAAC;iBACnC,CAAC,CAAC;gBAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;oBACjB,OAAO,eAAe,QAAQ,CAAC,MAAM,IAAI,QAAQ,CAAC,UAAU,EAAE,CAAC;gBACjE,CAAC;gBAED,MAAM,WAAW,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,EAAE,CAAC;gBAC/D,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;gBAEnC,IAAI,OAAe,CAAC;gBACpB,IAAI,WAAW,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;oBACjC,OAAO,GAAG,IAAI;yBACX,OAAO,CAAC,6BAA6B,EAAE,EAAE,CAAC;yBAC1C,OAAO,CAAC,2BAA2B,EAAE,EAAE,CAAC;yBACxC,OAAO,CAAC,UAAU,EAAE,GAAG,CAAC;yBACxB,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC;yBACpB,IAAI,EAAE,CAAC;gBACZ,CAAC;qBAAM,CAAC;oBACN,OAAO,GAAG,IAAI,CAAC;gBACjB,CAAC;gBAED,IAAI,OAAO,CAAC,MAAM,GAAG,SAAS,EAAE,CAAC;oBAC/B,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,SAAS,CAAC,GAAG,yBAAyB,CAAC;gBACpE,CAAC;gBAED,OAAO,OAAO,CAAC;YACjB,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,MAAM,GAAG,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;gBACnE,OAAO,kBAAkB,IAAI,CAAC,GAAG,KAAK,GAAG,EAAE,CAAC;YAC9C,CAAC;QACH,CAAC;KACF,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,GAAG,CAAC,CAAC,MAAM,CAAC;IAC1B,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,kBAAkB,CAAC;IAC5C,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,+CAA+C,CAAC;CAC5F,CAAC,CAAC"}
|
|
1
|
+
{"version":3,"file":"web-fetch.js","sourceRoot":"","sources":["../../src/tools/web-fetch.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAGxB;;;GAGG;AACH,SAAS,YAAY,CAAC,SAAiB;IACrC,IAAI,MAAW,CAAC;IAChB,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,GAAG,CAAC,SAAS,CAAC,CAAC;IAC9B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC,CAAC,6BAA6B;IAC5C,CAAC;IAED,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC;IAE/C,4BAA4B;IAC5B,IAAI,MAAM,CAAC,QAAQ,KAAK,OAAO,IAAI,MAAM,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;QAChE,OAAO,IAAI,CAAC;IACd,CAAC;IAED,+BAA+B;IAC/B,IAAI,QAAQ,KAAK,WAAW,IAAI,QAAQ,KAAK,WAAW,IAAI,QAAQ,KAAK,KAAK,EAAE,CAAC;QAC/E,OAAO,IAAI,CAAC;IACd,CAAC;IAED,gBAAgB;IAChB,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;QAC3B,OAAO,IAAI,CAAC;IACd,CAAC;IAED,kEAAkE;IAClE,IAAI,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC;QAAE,OAAO,IAAI,CAAC;IACxC,IAAI,4BAA4B,CAAC,IAAI,CAAC,QAAQ,CAAC;QAAE,OAAO,IAAI,CAAC;IAC7D,IAAI,aAAa,CAAC,IAAI,CAAC,QAAQ,CAAC;QAAE,OAAO,IAAI,CAAC;IAE9C,kEAAkE;IAClE,IAAI,aAAa,CAAC,IAAI,CAAC,QAAQ,CAAC;QAAE,OAAO,IAAI,CAAC;IAE9C,gCAAgC;IAChC,IAAI,QAAQ,CAAC,UAAU,CAAC,QAAQ,CAAC,IAAI,QAAQ,CAAC,UAAU,CAAC,KAAK,CAAC,IAAI,QAAQ,CAAC,UAAU,CAAC,KAAK,CAAC,EAAE,CAAC;QAC9F,OAAO,IAAI,CAAC;IACd,CAAC;IAED,iCAAiC;IACjC,IAAI,QAAQ,KAAK,0BAA0B;QAAE,OAAO,IAAI,CAAC;IAEzD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAM,UAAU,kBAAkB;IAChC,OAAO;QACL,IAAI,EAAE,WAAW;QACjB,WAAW,EACT,+JAA+J;QACjK,UAAU;QACV,KAAK,CAAC,OAAO,CAAC,IAAI;YAChB,MAAM,SAAS,GAAG,IAAI,CAAC,UAAU,IAAI,KAAK,CAAC;YAE3C,IAAI,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC3B,OAAO,sFAAsF,CAAC;YAChG,CAAC;YAED,IAAI,CAAC;gBACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE;oBACrC,OAAO,EAAE;wBACP,YAAY,EAAE,uCAAuC;wBACrD,MAAM,EAAE,iEAAiE;qBAC1E;oBACD,MAAM,EAAE,WAAW,CAAC,OAAO,CAAC,KAAK,CAAC;iBACnC,CAAC,CAAC;gBAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;oBACjB,OAAO,eAAe,QAAQ,CAAC,MAAM,IAAI,QAAQ,CAAC,UAAU,EAAE,CAAC;gBACjE,CAAC;gBAED,MAAM,WAAW,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,EAAE,CAAC;gBAC/D,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;gBAEnC,IAAI,OAAe,CAAC;gBACpB,IAAI,WAAW,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;oBACjC,OAAO,GAAG,IAAI;yBACX,OAAO,CAAC,6BAA6B,EAAE,EAAE,CAAC;yBAC1C,OAAO,CAAC,2BAA2B,EAAE,EAAE,CAAC;yBACxC,OAAO,CAAC,UAAU,EAAE,GAAG,CAAC;yBACxB,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC;yBACpB,IAAI,EAAE,CAAC;gBACZ,CAAC;qBAAM,CAAC;oBACN,OAAO,GAAG,IAAI,CAAC;gBACjB,CAAC;gBAED,IAAI,OAAO,CAAC,MAAM,GAAG,SAAS,EAAE,CAAC;oBAC/B,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,SAAS,CAAC,GAAG,yBAAyB,CAAC;gBACpE,CAAC;gBAED,OAAO,OAAO,CAAC;YACjB,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,MAAM,GAAG,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;gBACnE,OAAO,kBAAkB,IAAI,CAAC,GAAG,KAAK,GAAG,EAAE,CAAC;YAC9C,CAAC;QACH,CAAC;KACF,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,GAAG,CAAC,CAAC,MAAM,CAAC;IAC1B,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,kBAAkB,CAAC;IAC5C,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,+CAA+C,CAAC;CAC5F,CAAC,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"write.d.ts","sourceRoot":"","sources":["../../src/tools/write.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;AAGrD,QAAA,MAAM,WAAW;;;iBAGf,CAAC;AAEH,wBAAgB,eAAe,CAC7B,GAAG,EAAE,MAAM,EACX,SAAS,CAAC,EAAE,GAAG,CAAC,MAAM,CAAC,GACtB,SAAS,CAAC,OAAO,WAAW,CAAC,
|
|
1
|
+
{"version":3,"file":"write.d.ts","sourceRoot":"","sources":["../../src/tools/write.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;AAGrD,QAAA,MAAM,WAAW;;;iBAGf,CAAC;AAEH,wBAAgB,eAAe,CAC7B,GAAG,EAAE,MAAM,EACX,SAAS,CAAC,EAAE,GAAG,CAAC,MAAM,CAAC,GACtB,SAAS,CAAC,OAAO,WAAW,CAAC,CA2B/B"}
|
package/dist/tools/write.js
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import fs from "node:fs/promises";
|
|
2
2
|
import path from "node:path";
|
|
3
3
|
import { z } from "zod";
|
|
4
|
-
import { resolvePath } from "./path-utils.js";
|
|
4
|
+
import { resolvePath, rejectSymlink } from "./path-utils.js";
|
|
5
5
|
const WriteParams = z.object({
|
|
6
6
|
file_path: z.string().describe("The file path to write to"),
|
|
7
7
|
content: z.string().describe("The content to write"),
|
|
@@ -14,6 +14,7 @@ export function createWriteTool(cwd, readFiles) {
|
|
|
14
14
|
parameters: WriteParams,
|
|
15
15
|
async execute({ file_path, content }) {
|
|
16
16
|
const resolved = resolvePath(cwd, file_path);
|
|
17
|
+
await rejectSymlink(resolved);
|
|
17
18
|
// Block overwriting existing files that haven't been read
|
|
18
19
|
if (readFiles && !readFiles.has(resolved)) {
|
|
19
20
|
const exists = await fs.stat(resolved).then(() => true, () => false);
|
package/dist/tools/write.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"write.js","sourceRoot":"","sources":["../../src/tools/write.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAClC,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,OAAO,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;
|
|
1
|
+
{"version":3,"file":"write.js","sourceRoot":"","sources":["../../src/tools/write.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAClC,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,OAAO,EAAE,WAAW,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAE7D,MAAM,WAAW,GAAG,CAAC,CAAC,MAAM,CAAC;IAC3B,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,2BAA2B,CAAC;IAC3D,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,sBAAsB,CAAC;CACrD,CAAC,CAAC;AAEH,MAAM,UAAU,eAAe,CAC7B,GAAW,EACX,SAAuB;IAEvB,OAAO;QACL,IAAI,EAAE,OAAO;QACb,WAAW,EACT,iEAAiE;YACjE,+FAA+F;QACjG,UAAU,EAAE,WAAW;QACvB,KAAK,CAAC,OAAO,CAAC,EAAE,SAAS,EAAE,OAAO,EAAE;YAClC,MAAM,QAAQ,GAAG,WAAW,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;YAC7C,MAAM,aAAa,CAAC,QAAQ,CAAC,CAAC;YAE9B,0DAA0D;YAC1D,IAAI,SAAS,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC1C,MAAM,MAAM,GAAG,MAAM,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,IAAI,CACzC,GAAG,EAAE,CAAC,IAAI,EACV,GAAG,EAAE,CAAC,KAAK,CACZ,CAAC;gBACF,IAAI,MAAM,EAAE,CAAC;oBACX,MAAM,IAAI,KAAK,CAAC,sEAAsE,CAAC,CAAC;gBAC1F,CAAC;YACH,CAAC;YACD,MAAM,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YAC5D,MAAM,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;YAC/C,MAAM,KAAK,GAAG,MAAM,CAAC,UAAU,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;YAClD,OAAO,SAAS,KAAK,aAAa,QAAQ,EAAE,CAAC;QAC/C,CAAC;KACF,CAAC;AACJ,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@kenkaiiii/ggcoder",
|
|
3
|
-
"version": "4.2.
|
|
3
|
+
"version": "4.2.15",
|
|
4
4
|
"type": "module",
|
|
5
5
|
"description": "CLI coding agent with OAuth authentication for Anthropic and OpenAI",
|
|
6
6
|
"license": "MIT",
|
|
@@ -35,8 +35,8 @@
|
|
|
35
35
|
"string-width": "^8.2.0",
|
|
36
36
|
"wrap-ansi": "^10.0.0",
|
|
37
37
|
"zod": "^4.3.6",
|
|
38
|
-
"@kenkaiiii/gg-agent": "4.2.
|
|
39
|
-
"@kenkaiiii/gg-ai": "4.2.
|
|
38
|
+
"@kenkaiiii/gg-agent": "4.2.15",
|
|
39
|
+
"@kenkaiiii/gg-ai": "4.2.15"
|
|
40
40
|
},
|
|
41
41
|
"devDependencies": {
|
|
42
42
|
"@types/node": "^25.3.5",
|