@link-assistant/hive-mind 1.37.2 → 1.37.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +6 -0
- package/package.json +1 -1
- package/src/solve.branch.lib.mjs +18 -0
- package/src/telegram-bot.mjs +21 -0
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,11 @@
|
|
|
1
1
|
# @link-assistant/hive-mind
|
|
2
2
|
|
|
3
|
+
## 1.37.3
|
|
4
|
+
|
|
5
|
+
### Patch Changes
|
|
6
|
+
|
|
7
|
+
- 7bc72fa: add early --base-branch/--target-branch validation in telegram bot to reject URLs and invalid branch names before spawning solve/hive processes (Issue #1482)
|
|
8
|
+
|
|
3
9
|
## 1.37.2
|
|
4
10
|
|
|
5
11
|
### Patch Changes
|
package/package.json
CHANGED
package/src/solve.branch.lib.mjs
CHANGED
|
@@ -187,6 +187,24 @@ export function validateBranchName(branchName) {
|
|
|
187
187
|
return { valid: true };
|
|
188
188
|
}
|
|
189
189
|
|
|
190
|
+
// Issue #1482: Validate --base-branch/--target-branch values in an args array
|
|
191
|
+
// Used by telegram-bot.mjs for early validation before spawning processes
|
|
192
|
+
export function validateBranchInArgs(args) {
|
|
193
|
+
const branchFlags = ['--base-branch', '-b', '--target-branch', '-tb'];
|
|
194
|
+
for (let i = 0; i < args.length; i++) {
|
|
195
|
+
for (const flag of branchFlags) {
|
|
196
|
+
if (args[i] === flag && i + 1 < args.length) {
|
|
197
|
+
const v = validateBranchName(args[i + 1]);
|
|
198
|
+
if (!v.valid) return `Invalid ${flag} value: ${v.reason}`;
|
|
199
|
+
} else if (args[i].startsWith(flag + '=')) {
|
|
200
|
+
const v = validateBranchName(args[i].substring(flag.length + 1));
|
|
201
|
+
if (!v.valid) return `Invalid ${flag} value: ${v.reason}`;
|
|
202
|
+
}
|
|
203
|
+
}
|
|
204
|
+
}
|
|
205
|
+
return null;
|
|
206
|
+
}
|
|
207
|
+
|
|
190
208
|
export async function createOrCheckoutBranch({ isContinueMode, prBranch, issueNumber, tempDir, defaultBranch, argv, log, formatAligned, $, crypto, owner, repo, prNumber }) {
|
|
191
209
|
// Create a branch for the issue or checkout existing PR branch
|
|
192
210
|
let branchName;
|
package/src/telegram-bot.mjs
CHANGED
|
@@ -48,6 +48,7 @@ const { createYargsConfig: createSolveYargsConfig, detectMalformedFlags } = awai
|
|
|
48
48
|
const { createYargsConfig: createHiveYargsConfig } = await import('./hive.config.lib.mjs');
|
|
49
49
|
const { parseGitHubUrl } = await import('./github.lib.mjs');
|
|
50
50
|
const { validateModelName, buildModelOptionDescription } = await import('./models/index.mjs');
|
|
51
|
+
const { validateBranchInArgs } = await import('./solve.branch.lib.mjs');
|
|
51
52
|
const { formatUsageMessage, getAllCachedLimits } = await import('./limits.lib.mjs');
|
|
52
53
|
const { getVersionInfo, formatVersionMessage } = await import('./version-info.lib.mjs');
|
|
53
54
|
const { escapeMarkdown, escapeMarkdownV2, cleanNonPrintableChars, makeSpecialCharsVisible } = await import('./telegram-markdown.lib.mjs');
|
|
@@ -203,6 +204,9 @@ if (solveEnabled && solveOverrides.length > 0) {
|
|
|
203
204
|
throw new Error(msg);
|
|
204
205
|
});
|
|
205
206
|
await testYargs.parse(testArgs);
|
|
207
|
+
// Issue #1482: Validate --base-branch in overrides early
|
|
208
|
+
const overrideBranchError = validateBranchInArgs(solveOverrides);
|
|
209
|
+
if (overrideBranchError) throw new Error(overrideBranchError);
|
|
206
210
|
console.log('✅ Solve overrides validated successfully');
|
|
207
211
|
} finally {
|
|
208
212
|
// Restore stderr
|
|
@@ -243,6 +247,11 @@ if (hiveEnabled && hiveOverrides.length > 0) {
|
|
|
243
247
|
throw new Error(msg);
|
|
244
248
|
});
|
|
245
249
|
await testYargs.parse(testArgs);
|
|
250
|
+
// Issue #1482: Validate --base-branch/--target-branch in overrides early
|
|
251
|
+
const overrideBranchError = validateBranchInArgs(hiveOverrides);
|
|
252
|
+
if (overrideBranchError) {
|
|
253
|
+
throw new Error(overrideBranchError);
|
|
254
|
+
}
|
|
246
255
|
console.log('✅ Hive overrides validated successfully');
|
|
247
256
|
} finally {
|
|
248
257
|
// Restore stderr
|
|
@@ -957,6 +966,12 @@ async function handleSolveCommand(ctx) {
|
|
|
957
966
|
await ctx.reply(`❌ ${modelError}`, { parse_mode: 'Markdown', reply_to_message_id: ctx.message.message_id });
|
|
958
967
|
return;
|
|
959
968
|
}
|
|
969
|
+
// Issue #1482: Validate --base-branch early to reject URLs and invalid branch names
|
|
970
|
+
const branchError = validateBranchInArgs(args);
|
|
971
|
+
if (branchError) {
|
|
972
|
+
await ctx.reply(`❌ ${branchError}`, { parse_mode: 'Markdown', reply_to_message_id: ctx.message.message_id });
|
|
973
|
+
return;
|
|
974
|
+
}
|
|
960
975
|
// Issue #1092: Detect malformed flag patterns like "-- model" (space after --)
|
|
961
976
|
const { malformed, errors: malformedErrors } = detectMalformedFlags(args);
|
|
962
977
|
if (malformed.length > 0) {
|
|
@@ -1137,6 +1152,12 @@ async function handleHiveCommand(ctx) {
|
|
|
1137
1152
|
await ctx.reply(`❌ ${hiveModelError}`, { parse_mode: 'Markdown', reply_to_message_id: ctx.message.message_id });
|
|
1138
1153
|
return;
|
|
1139
1154
|
}
|
|
1155
|
+
// Issue #1482: Validate branch flags early to reject URLs and invalid branch names
|
|
1156
|
+
const hiveBranchError = validateBranchInArgs(args);
|
|
1157
|
+
if (hiveBranchError) {
|
|
1158
|
+
await ctx.reply(`❌ ${hiveBranchError}`, { parse_mode: 'Markdown', reply_to_message_id: ctx.message.message_id });
|
|
1159
|
+
return;
|
|
1160
|
+
}
|
|
1140
1161
|
|
|
1141
1162
|
// Validate merged arguments using hive's yargs config
|
|
1142
1163
|
try {
|