@mneme-ai/core 2.3.1 → 2.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/aegis/consent_kernel.d.ts.map +1 -1
- package/dist/aegis/consent_kernel.js +6 -3
- package/dist/aegis/consent_kernel.js.map +1 -1
- package/dist/aegis/killswitch.d.ts.map +1 -1
- package/dist/aegis/killswitch.js +3 -1
- package/dist/aegis/killswitch.js.map +1 -1
- package/dist/agent_manifest.d.ts.map +1 -1
- package/dist/agent_manifest.js +9 -4
- package/dist/agent_manifest.js.map +1 -1
- package/dist/anchor/pole_id.d.ts.map +1 -1
- package/dist/anchor/pole_id.js +10 -2
- package/dist/anchor/pole_id.js.map +1 -1
- package/dist/apoptosis/witnesses.d.ts.map +1 -1
- package/dist/apoptosis/witnesses.js +8 -11
- package/dist/apoptosis/witnesses.js.map +1 -1
- package/dist/audit/merkle-chain.d.ts.map +1 -1
- package/dist/audit/merkle-chain.js +2 -1
- package/dist/audit/merkle-chain.js.map +1 -1
- package/dist/aura/pair_payload.d.ts.map +1 -1
- package/dist/aura/pair_payload.js +2 -1
- package/dist/aura/pair_payload.js.map +1 -1
- package/dist/autoboot/install_linux.d.ts +0 -1
- package/dist/autoboot/install_linux.d.ts.map +1 -1
- package/dist/autoboot/install_linux.js +37 -39
- package/dist/autoboot/install_linux.js.map +1 -1
- package/dist/autoboot/install_macos.d.ts +0 -1
- package/dist/autoboot/install_macos.d.ts.map +1 -1
- package/dist/autoboot/install_macos.js +43 -34
- package/dist/autoboot/install_macos.js.map +1 -1
- package/dist/autoboot/install_windows.d.ts +0 -1
- package/dist/autoboot/install_windows.d.ts.map +1 -1
- package/dist/autoboot/install_windows.js +25 -24
- package/dist/autoboot/install_windows.js.map +1 -1
- package/dist/avatar/gossip_mesh.d.ts.map +1 -1
- package/dist/avatar/gossip_mesh.js +2 -1
- package/dist/avatar/gossip_mesh.js.map +1 -1
- package/dist/avatar/replicating_wisdom.d.ts.map +1 -1
- package/dist/avatar/replicating_wisdom.js +2 -1
- package/dist/avatar/replicating_wisdom.js.map +1 -1
- package/dist/covenant/covenant.d.ts.map +1 -1
- package/dist/covenant/covenant.js +3 -1
- package/dist/covenant/covenant.js.map +1 -1
- package/dist/diaspora/session_capsule.d.ts.map +1 -1
- package/dist/diaspora/session_capsule.js +2 -1
- package/dist/diaspora/session_capsule.js.map +1 -1
- package/dist/evolve/synthesis/lineage.d.ts.map +1 -1
- package/dist/evolve/synthesis/lineage.js +2 -1
- package/dist/evolve/synthesis/lineage.js.map +1 -1
- package/dist/evolve/synthesis/synthesize.d.ts.map +1 -1
- package/dist/evolve/synthesis/synthesize.js +3 -1
- package/dist/evolve/synthesis/synthesize.js.map +1 -1
- package/dist/exodus/wanderer.d.ts.map +1 -1
- package/dist/exodus/wanderer.js +2 -1
- package/dist/exodus/wanderer.js.map +1 -1
- package/dist/genesplice/soul_prompt.d.ts.map +1 -1
- package/dist/genesplice/soul_prompt.js +16 -4
- package/dist/genesplice/soul_prompt.js.map +1 -1
- package/dist/index.d.ts +1 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +9 -2
- package/dist/index.js.map +1 -1
- package/dist/interstellar/index.d.ts.map +1 -1
- package/dist/interstellar/index.js +2 -1
- package/dist/interstellar/index.js.map +1 -1
- package/dist/lexicon/index.d.ts +1 -0
- package/dist/lexicon/index.d.ts.map +1 -1
- package/dist/lexicon/index.js +22 -0
- package/dist/lexicon/index.js.map +1 -1
- package/dist/lexicon/writer_routing.test.d.ts +2 -0
- package/dist/lexicon/writer_routing.test.d.ts.map +1 -0
- package/dist/lexicon/writer_routing.test.js +22 -0
- package/dist/lexicon/writer_routing.test.js.map +1 -0
- package/dist/living_will/index.d.ts.map +1 -1
- package/dist/living_will/index.js +2 -1
- package/dist/living_will/index.js.map +1 -1
- package/dist/parasite/bridge.d.ts.map +1 -1
- package/dist/parasite/bridge.js +10 -3
- package/dist/parasite/bridge.js.map +1 -1
- package/dist/precog/trust_certificate.d.ts.map +1 -1
- package/dist/precog/trust_certificate.js +2 -1
- package/dist/precog/trust_certificate.js.map +1 -1
- package/dist/prophecy/index.d.ts.map +1 -1
- package/dist/prophecy/index.js +2 -1
- package/dist/prophecy/index.js.map +1 -1
- package/dist/pulse.d.ts.map +1 -1
- package/dist/pulse.js +18 -4
- package/dist/pulse.js.map +1 -1
- package/dist/rainbow/passport.d.ts.map +1 -1
- package/dist/rainbow/passport.js +2 -1
- package/dist/rainbow/passport.js.map +1 -1
- package/dist/reactor/reactor_modules.d.ts.map +1 -1
- package/dist/reactor/reactor_modules.js +2 -1
- package/dist/reactor/reactor_modules.js.map +1 -1
- package/dist/security/audit-log.d.ts.map +1 -1
- package/dist/security/audit-log.js +4 -2
- package/dist/security/audit-log.js.map +1 -1
- package/dist/sentinel/audit_ledger.d.ts.map +1 -1
- package/dist/sentinel/audit_ledger.js +2 -1
- package/dist/sentinel/audit_ledger.js.map +1 -1
- package/dist/symbiosis/fusion.d.ts +46 -0
- package/dist/symbiosis/fusion.d.ts.map +1 -0
- package/dist/symbiosis/fusion.js +62 -0
- package/dist/symbiosis/fusion.js.map +1 -0
- package/dist/symbiosis/index.d.ts +25 -0
- package/dist/symbiosis/index.d.ts.map +1 -0
- package/dist/symbiosis/index.js +25 -0
- package/dist/symbiosis/index.js.map +1 -0
- package/dist/symbiosis/intent.d.ts +28 -0
- package/dist/symbiosis/intent.d.ts.map +1 -0
- package/dist/symbiosis/intent.js +63 -0
- package/dist/symbiosis/intent.js.map +1 -0
- package/dist/symbiosis/ledger.d.ts +54 -0
- package/dist/symbiosis/ledger.d.ts.map +1 -0
- package/dist/symbiosis/ledger.js +95 -0
- package/dist/symbiosis/ledger.js.map +1 -0
- package/dist/symbiosis/symbiosis.test.d.ts +2 -0
- package/dist/symbiosis/symbiosis.test.d.ts.map +1 -0
- package/dist/symbiosis/symbiosis.test.js +155 -0
- package/dist/symbiosis/symbiosis.test.js.map +1 -0
- package/dist/symbiosis/voice.d.ts +50 -0
- package/dist/symbiosis/voice.d.ts.map +1 -0
- package/dist/symbiosis/voice.js +121 -0
- package/dist/symbiosis/voice.js.map +1 -0
- package/dist/util/hmac_compare.d.ts +27 -0
- package/dist/util/hmac_compare.d.ts.map +1 -0
- package/dist/util/hmac_compare.js +43 -0
- package/dist/util/hmac_compare.js.map +1 -0
- package/dist/util/hmac_compare.test.d.ts +2 -0
- package/dist/util/hmac_compare.test.d.ts.map +1 -0
- package/dist/util/hmac_compare.test.js +30 -0
- package/dist/util/hmac_compare.test.js.map +1 -0
- package/dist/util/prompt_sanitize.d.ts +38 -0
- package/dist/util/prompt_sanitize.d.ts.map +1 -0
- package/dist/util/prompt_sanitize.js +78 -0
- package/dist/util/prompt_sanitize.js.map +1 -0
- package/dist/util/prompt_sanitize.test.d.ts +2 -0
- package/dist/util/prompt_sanitize.test.d.ts.map +1 -0
- package/dist/util/prompt_sanitize.test.js +58 -0
- package/dist/util/prompt_sanitize.test.js.map +1 -0
- package/dist/util/safe_exec.d.ts +66 -0
- package/dist/util/safe_exec.d.ts.map +1 -0
- package/dist/util/safe_exec.js +106 -0
- package/dist/util/safe_exec.js.map +1 -0
- package/dist/util/safe_exec.test.d.ts +2 -0
- package/dist/util/safe_exec.test.d.ts.map +1 -0
- package/dist/util/safe_exec.test.js +0 -0
- package/dist/util/safe_exec.test.js.map +1 -0
- package/dist/util/secret_store.d.ts +38 -0
- package/dist/util/secret_store.d.ts.map +1 -0
- package/dist/util/secret_store.js +100 -0
- package/dist/util/secret_store.js.map +1 -0
- package/dist/util/secret_store.test.d.ts +2 -0
- package/dist/util/secret_store.test.d.ts.map +1 -0
- package/dist/util/secret_store.test.js +54 -0
- package/dist/util/secret_store.test.js.map +1 -0
- package/dist/wisdom_shards/index.d.ts.map +1 -1
- package/dist/wisdom_shards/index.js +2 -1
- package/dist/wisdom_shards/index.js.map +1 -1
- package/package.json +1 -1
|
@@ -20,6 +20,7 @@
|
|
|
20
20
|
* No cloud, no mDNS dependency, no broadcast. Privacy by default.
|
|
21
21
|
*/
|
|
22
22
|
import { createHmac, createHash } from "node:crypto";
|
|
23
|
+
import { safeHmacNotEqual } from "../util/hmac_compare.js";
|
|
23
24
|
function canonical(p) {
|
|
24
25
|
return JSON.stringify({ v: p.v, lanUrl: p.lanUrl, code: p.code, expiresAt: p.expiresAt, owner: p.owner });
|
|
25
26
|
}
|
|
@@ -62,7 +63,7 @@ export function decodePairing(token, expectedOwnerPubKeyHash, ownerSecret, now =
|
|
|
62
63
|
return { ok: false, reason: "wrong-owner" };
|
|
63
64
|
}
|
|
64
65
|
const expectedSig = createHmac("sha256", ownerSecret).update(canonical(payload)).digest("hex");
|
|
65
|
-
if (expectedSig
|
|
66
|
+
if (safeHmacNotEqual(expectedSig, payload.sig)) {
|
|
66
67
|
return { ok: false, reason: "bad-sig" };
|
|
67
68
|
}
|
|
68
69
|
if (new Date(payload.expiresAt).getTime() < now.getTime()) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"pair_payload.js","sourceRoot":"","sources":["../../src/aura/pair_payload.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;AAEH,OAAO,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;
|
|
1
|
+
{"version":3,"file":"pair_payload.js","sourceRoot":"","sources":["../../src/aura/pair_payload.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;AAEH,OAAO,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACrD,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAyB3D,SAAS,SAAS,CAAC,CAA2B;IAC5C,OAAO,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,SAAS,EAAE,CAAC,CAAC,SAAS,EAAE,KAAK,EAAE,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC;AAC5G,CAAC;AAED,SAAS,gBAAgB,CAAC,UAAkB;IAC1C,OAAO,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;AAC5E,CAAC;AAED,+EAA+E;AAC/E,MAAM,UAAU,aAAa,CAAC,KAAgB;IAC5C,MAAM,KAAK,GAAG,gBAAgB,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;IACtD,MAAM,IAAI,GAA6B;QACrC,CAAC,EAAE,CAAC;QACJ,MAAM,EAAE,KAAK,CAAC,MAAM;QACpB,IAAI,EAAE,KAAK,CAAC,IAAI;QAChB,SAAS,EAAE,KAAK,CAAC,SAAS;QAC1B,KAAK;KACN,CAAC;IACF,MAAM,GAAG,GAAG,UAAU,CAAC,QAAQ,EAAE,KAAK,CAAC,WAAW,CAAC,CAAC,MAAM,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAC1F,MAAM,OAAO,GAAgB,EAAE,GAAG,IAAI,EAAE,GAAG,EAAE,CAAC;IAC9C,MAAM,KAAK,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;IACjF,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;AAC5B,CAAC;AAMD;;;yDAGyD;AACzD,MAAM,UAAU,aAAa,CAC3B,KAAa,EACb,uBAA+B,EAC/B,WAAmB,EACnB,MAAY,IAAI,IAAI,EAAE;IAEtB,IAAI,OAAoB,CAAC;IACzB,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;QAC9D,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC7B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC;IAC5C,CAAC;IACD,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC,IAAI,IAAI,CAAC,OAAO,CAAC,KAAK,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;QACtG,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC;IAC5C,CAAC;IACD,MAAM,aAAa,GAAG,gBAAgB,CAAC,uBAAuB,CAAC,CAAC;IAChE,IAAI,OAAO,CAAC,KAAK,KAAK,aAAa,EAAE,CAAC;QACpC,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC;IAC9C,CAAC;IACD,MAAM,WAAW,GAAG,UAAU,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAC,MAAM,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAC/F,IAAI,gBAAgB,CAAC,WAAW,EAAE,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;QAC/C,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC;IAC1C,CAAC;IACD,IAAI,IAAI,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,OAAO,EAAE,GAAG,GAAG,CAAC,OAAO,EAAE,EAAE,CAAC;QAC1D,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC;IAC1C,CAAC;IACD,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;AAC/B,CAAC"}
|
|
@@ -15,7 +15,6 @@ import type { InstallResult } from "./install_windows.js";
|
|
|
15
15
|
/** Plan 1: systemd user unit. */
|
|
16
16
|
export declare function installSystemd(nodePath: string, mnemeBin: string): InstallResult;
|
|
17
17
|
export declare function uninstallSystemd(): InstallResult;
|
|
18
|
-
/** Plan 2: crontab @reboot (re-uses macOS cron logic structurally). */
|
|
19
18
|
export declare function installCronReboot(nodePath: string, mnemeBin: string): InstallResult;
|
|
20
19
|
export declare function uninstallCronReboot(): InstallResult;
|
|
21
20
|
/** Plan 3: append to ~/.bashrc / ~/.profile. */
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"install_linux.d.ts","sourceRoot":"","sources":["../../src/autoboot/install_linux.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;
|
|
1
|
+
{"version":3,"file":"install_linux.d.ts","sourceRoot":"","sources":["../../src/autoboot/install_linux.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAKH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AAuB1D,iCAAiC;AACjC,wBAAgB,cAAc,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,aAAa,CAwBhF;AAED,wBAAgB,gBAAgB,IAAI,aAAa,CAahD;AAuBD,wBAAgB,iBAAiB,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,aAAa,CAanF;AAED,wBAAgB,mBAAmB,IAAI,aAAa,CAWnD;AAED,gDAAgD;AAChD,wBAAgB,cAAc,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,aAAa,CAwBhF;AAED,wBAAgB,gBAAgB,IAAI,aAAa,CAqBhD;AAED,eAAO,MAAM,gBAAgB,EAAE,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM,KAAK,aAAa,CAIpF,CAAC;AAEF,eAAO,MAAM,kBAAkB,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,aAAa,CAIlE,CAAC"}
|
|
@@ -11,10 +11,10 @@
|
|
|
11
11
|
* Plan 3: append to ~/.bashrc / ~/.profile. Fires on every login shell.
|
|
12
12
|
* Cooperative PID-lock prevents double-spawn.
|
|
13
13
|
*/
|
|
14
|
-
import { execSync } from "node:child_process";
|
|
15
14
|
import { existsSync, writeFileSync, readFileSync, mkdirSync, appendFileSync, unlinkSync } from "node:fs";
|
|
16
15
|
import { join } from "node:path";
|
|
17
|
-
import { homedir, userInfo } from "node:os";
|
|
16
|
+
import { homedir, userInfo, tmpdir } from "node:os";
|
|
17
|
+
import { safeExec, safeExecTry } from "../util/safe_exec.js";
|
|
18
18
|
const UNIT_NAME = "mneme-daemon.service";
|
|
19
19
|
const MNEME_BLOCK_MARKER = "# >>> mneme phoenix autoboot >>>";
|
|
20
20
|
const MNEME_BLOCK_END = "# <<< mneme phoenix autoboot <<<";
|
|
@@ -47,23 +47,14 @@ export function installSystemd(nodePath, mnemeBin) {
|
|
|
47
47
|
// Reload + enable + start. Best-effort: any single failure (e.g. no DBus
|
|
48
48
|
// session in a container) doesn't kill the whole install -- caller
|
|
49
49
|
// falls through to Plan 2.
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
}
|
|
53
|
-
catch { /* */ }
|
|
54
|
-
try {
|
|
55
|
-
execSync(`systemctl --user enable ${UNIT_NAME}`, { stdio: ["ignore", "ignore", "ignore"], timeout: 5000 });
|
|
56
|
-
}
|
|
57
|
-
catch { /* */ }
|
|
58
|
-
try {
|
|
59
|
-
execSync(`systemctl --user start ${UNIT_NAME}`, { stdio: ["ignore", "ignore", "ignore"], timeout: 5000 });
|
|
60
|
-
}
|
|
61
|
-
catch { /* */ }
|
|
50
|
+
safeExecTry("systemctl", ["--user", "daemon-reload"], { timeoutMs: 5000 });
|
|
51
|
+
safeExecTry("systemctl", ["--user", "enable", UNIT_NAME], { timeoutMs: 5000 });
|
|
52
|
+
safeExecTry("systemctl", ["--user", "start", UNIT_NAME], { timeoutMs: 5000 });
|
|
62
53
|
// Lingering keeps the user unit alive after logout. Requires no root
|
|
63
54
|
// on modern systemd; falls back silent on errors.
|
|
64
55
|
try {
|
|
65
56
|
const user = userInfo().username;
|
|
66
|
-
|
|
57
|
+
safeExecTry("loginctl", ["enable-linger", user], { timeoutMs: 5000 });
|
|
67
58
|
}
|
|
68
59
|
catch { /* */ }
|
|
69
60
|
return { mechanism: "systemd", ok: true, message: drift ? "user unit installed + enabled" : "already installed", target };
|
|
@@ -75,14 +66,8 @@ export function installSystemd(nodePath, mnemeBin) {
|
|
|
75
66
|
export function uninstallSystemd() {
|
|
76
67
|
try {
|
|
77
68
|
const target = join(homedir(), ".config", "systemd", "user", UNIT_NAME);
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
}
|
|
81
|
-
catch { /* */ }
|
|
82
|
-
try {
|
|
83
|
-
execSync(`systemctl --user stop ${UNIT_NAME}`, { stdio: ["ignore", "ignore", "ignore"] });
|
|
84
|
-
}
|
|
85
|
-
catch { /* */ }
|
|
69
|
+
safeExecTry("systemctl", ["--user", "disable", UNIT_NAME], { timeoutMs: 5000 });
|
|
70
|
+
safeExecTry("systemctl", ["--user", "stop", UNIT_NAME], { timeoutMs: 5000 });
|
|
86
71
|
if (existsSync(target)) {
|
|
87
72
|
unlinkSync(target);
|
|
88
73
|
return { mechanism: "systemd", ok: true, message: "user unit removed", target };
|
|
@@ -93,22 +78,39 @@ export function uninstallSystemd() {
|
|
|
93
78
|
return { mechanism: "systemd", ok: false, message: `systemd uninstall failed: ${e.message.slice(0, 80)}` };
|
|
94
79
|
}
|
|
95
80
|
}
|
|
96
|
-
/** Plan 2: crontab @reboot (re-uses macOS cron logic structurally).
|
|
97
|
-
|
|
81
|
+
/** Plan 2: crontab @reboot (re-uses macOS cron logic structurally).
|
|
82
|
+
*
|
|
83
|
+
* v2.4 root-cause fix: temp-file approach replaces the old `echo "..."
|
|
84
|
+
* | crontab -` shell pipe — same injection vector as install_macos.ts.
|
|
85
|
+
*/
|
|
86
|
+
function writeCrontabFromString(body) {
|
|
87
|
+
const tmpPath = join(tmpdir(), `mneme-crontab-${process.pid}-${Date.now()}.txt`);
|
|
88
|
+
writeFileSync(tmpPath, body, { encoding: "utf8", mode: 0o600 });
|
|
98
89
|
try {
|
|
99
|
-
|
|
100
|
-
|
|
90
|
+
safeExec("crontab", [tmpPath], { timeoutMs: 5000 });
|
|
91
|
+
}
|
|
92
|
+
finally {
|
|
101
93
|
try {
|
|
102
|
-
|
|
94
|
+
unlinkSync(tmpPath);
|
|
103
95
|
}
|
|
104
|
-
catch { /* */ }
|
|
96
|
+
catch { /* best-effort */ }
|
|
97
|
+
}
|
|
98
|
+
}
|
|
99
|
+
function readCurrentCrontab() {
|
|
100
|
+
const r = safeExecTry("crontab", ["-l"], { timeoutMs: 5000 });
|
|
101
|
+
if (!r || r.status !== 0)
|
|
102
|
+
return "";
|
|
103
|
+
return r.stdout;
|
|
104
|
+
}
|
|
105
|
+
export function installCronReboot(nodePath, mnemeBin) {
|
|
106
|
+
try {
|
|
107
|
+
const line = `@reboot ${nodePath} ${mnemeBin} daemon start --attached`;
|
|
108
|
+
const current = readCurrentCrontab();
|
|
105
109
|
if (current.split("\n").some((l) => l.trim() === line.trim())) {
|
|
106
110
|
return { mechanism: "cron", ok: true, message: "already in crontab", target: "user crontab" };
|
|
107
111
|
}
|
|
108
112
|
const merged = current.trimEnd() + (current ? "\n" : "") + line + "\n";
|
|
109
|
-
|
|
110
|
-
shell: "/bin/bash", stdio: ["ignore", "ignore", "pipe"], timeout: 5000,
|
|
111
|
-
});
|
|
113
|
+
writeCrontabFromString(merged);
|
|
112
114
|
return { mechanism: "cron", ok: true, message: "crontab @reboot armed", target: "user crontab" };
|
|
113
115
|
}
|
|
114
116
|
catch (e) {
|
|
@@ -117,16 +119,12 @@ export function installCronReboot(nodePath, mnemeBin) {
|
|
|
117
119
|
}
|
|
118
120
|
export function uninstallCronReboot() {
|
|
119
121
|
try {
|
|
120
|
-
|
|
121
|
-
|
|
122
|
-
current = execSync(`crontab -l 2>/dev/null`, { encoding: "utf8" });
|
|
123
|
-
}
|
|
124
|
-
catch {
|
|
122
|
+
const current = readCurrentCrontab();
|
|
123
|
+
if (!current)
|
|
125
124
|
return { mechanism: "cron", ok: true, message: "no crontab" };
|
|
126
|
-
}
|
|
127
125
|
const lines = current.split("\n").filter((l) => !/mneme.*daemon.*start/i.test(l));
|
|
128
126
|
const merged = lines.join("\n");
|
|
129
|
-
|
|
127
|
+
writeCrontabFromString(merged);
|
|
130
128
|
return { mechanism: "cron", ok: true, message: "crontab line removed" };
|
|
131
129
|
}
|
|
132
130
|
catch (e) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"install_linux.js","sourceRoot":"","sources":["../../src/autoboot/install_linux.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"install_linux.js","sourceRoot":"","sources":["../../src/autoboot/install_linux.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,OAAO,EAAE,UAAU,EAAE,aAAa,EAAE,YAAY,EAAE,SAAS,EAAE,cAAc,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AACzG,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AAEpD,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAC;AAE7D,MAAM,SAAS,GAAG,sBAAsB,CAAC;AACzC,MAAM,kBAAkB,GAAG,kCAAkC,CAAC;AAC9D,MAAM,eAAe,GAAG,kCAAkC,CAAC;AAE3D,SAAS,QAAQ,CAAC,QAAgB,EAAE,QAAgB;IAClD,OAAO;;;;;;YAMG,QAAQ,IAAI,QAAQ;;;;;;CAM/B,CAAC;AACF,CAAC;AAED,iCAAiC;AACjC,MAAM,UAAU,cAAc,CAAC,QAAgB,EAAE,QAAgB;IAC/D,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,SAAS,EAAE,MAAM,CAAC,CAAC;QAC1D,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC;YAAE,SAAS,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAC1D,MAAM,MAAM,GAAG,IAAI,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;QACpC,MAAM,IAAI,GAAG,QAAQ,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;QAC1C,MAAM,KAAK,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,YAAY,CAAC,MAAM,EAAE,MAAM,CAAC,KAAK,IAAI,CAAC;QAC3E,IAAI,KAAK;YAAE,aAAa,CAAC,MAAM,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC;QAC/C,yEAAyE;QACzE,mEAAmE;QACnE,2BAA2B;QAC3B,WAAW,CAAC,WAAW,EAAE,CAAC,QAAQ,EAAE,eAAe,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAC3E,WAAW,CAAC,WAAW,EAAE,CAAC,QAAQ,EAAE,QAAQ,EAAE,SAAS,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAC/E,WAAW,CAAC,WAAW,EAAE,CAAC,QAAQ,EAAE,OAAO,EAAE,SAAS,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAC9E,qEAAqE;QACrE,kDAAkD;QAClD,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,QAAQ,EAAE,CAAC,QAAQ,CAAC;YACjC,WAAW,CAAC,UAAU,EAAE,CAAC,eAAe,EAAE,IAAI,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QACxE,CAAC;QAAC,MAAM,CAAC,CAAC,KAAK,CAAC,CAAC;QACjB,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC,+BAA+B,CAAC,CAAC,CAAC,mBAAmB,EAAE,MAAM,EAAE,CAAC;IAC5H,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,2BAA4B,CAAW,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,CAAC;IACvH,CAAC;AACH,CAAC;AAED,MAAM,UAAU,gBAAgB;IAC9B,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,SAAS,EAAE,MAAM,EAAE,SAAS,CAAC,CAAC;QACxE,WAAW,CAAC,WAAW,EAAE,CAAC,QAAQ,EAAE,SAAS,EAAE,SAAS,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAChF,WAAW,CAAC,WAAW,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,SAAS,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAC7E,IAAI,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;YACvB,UAAU,CAAC,MAAM,CAAC,CAAC;YACnB,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,mBAAmB,EAAE,MAAM,EAAE,CAAC;QAClF,CAAC;QACD,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,eAAe,EAAE,CAAC;IACtE,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,6BAA8B,CAAW,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;IACxH,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,SAAS,sBAAsB,CAAC,IAAY;IAC1C,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,EAAE,EAAE,iBAAiB,OAAO,CAAC,GAAG,IAAI,IAAI,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;IACjF,aAAa,CAAC,OAAO,EAAE,IAAI,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;IAChE,IAAI,CAAC;QACH,QAAQ,CAAC,SAAS,EAAE,CAAC,OAAO,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IACtD,CAAC;YAAS,CAAC;QACT,IAAI,CAAC;YAAC,UAAU,CAAC,OAAO,CAAC,CAAC;QAAC,CAAC;QAAC,MAAM,CAAC,CAAC,iBAAiB,CAAC,CAAC;IAC1D,CAAC;AACH,CAAC;AAED,SAAS,kBAAkB;IACzB,MAAM,CAAC,GAAG,WAAW,CAAC,SAAS,EAAE,CAAC,IAAI,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAC9D,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,CAAC;IACpC,OAAO,CAAC,CAAC,MAAM,CAAC;AAClB,CAAC;AAED,MAAM,UAAU,iBAAiB,CAAC,QAAgB,EAAE,QAAgB;IAClE,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,WAAW,QAAQ,IAAI,QAAQ,0BAA0B,CAAC;QACvE,MAAM,OAAO,GAAG,kBAAkB,EAAE,CAAC;QACrC,IAAI,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,KAAK,IAAI,CAAC,IAAI,EAAE,CAAC,EAAE,CAAC;YAC9D,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,oBAAoB,EAAE,MAAM,EAAE,cAAc,EAAE,CAAC;QAChG,CAAC;QACD,MAAM,MAAM,GAAG,OAAO,CAAC,OAAO,EAAE,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,IAAI,GAAG,IAAI,CAAC;QACvE,sBAAsB,CAAC,MAAM,CAAC,CAAC;QAC/B,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,uBAAuB,EAAE,MAAM,EAAE,cAAc,EAAE,CAAC;IACnG,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,wBAAyB,CAAW,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,CAAC;IACjH,CAAC;AACH,CAAC;AAED,MAAM,UAAU,mBAAmB;IACjC,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,kBAAkB,EAAE,CAAC;QACrC,IAAI,CAAC,OAAO;YAAE,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,YAAY,EAAE,CAAC;QAC5E,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,uBAAuB,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;QAClF,MAAM,MAAM,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAChC,sBAAsB,CAAC,MAAM,CAAC,CAAC;QAC/B,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,sBAAsB,EAAE,CAAC;IAC1E,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,0BAA2B,CAAW,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;IAClH,CAAC;AACH,CAAC;AAED,gDAAgD;AAChD,MAAM,UAAU,cAAc,CAAC,QAAgB,EAAE,QAAgB;IAC/D,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,EAAE,EAAE,SAAS,CAAC,CAAC;QAC1C,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,EAAE,EAAE,UAAU,CAAC,CAAC;QAC5C,MAAM,MAAM,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC;QACrD,MAAM,KAAK,GAAG;YACZ,kBAAkB;YAClB,sEAAsE;YACtE,mFAAmF;YACnF,OAAO,QAAQ,MAAM,QAAQ,8CAA8C;YAC3E,IAAI;YACJ,eAAe;YACf,EAAE;SACH,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACb,IAAI,QAAQ,GAAG,EAAE,CAAC;QAClB,IAAI,CAAC;YAAC,QAAQ,GAAG,YAAY,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAAC,CAAC;QAAC,MAAM,CAAC,CAAC,KAAK,CAAC,CAAC;QAChE,IAAI,QAAQ,CAAC,QAAQ,CAAC,kBAAkB,CAAC,EAAE,CAAC;YAC1C,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,qBAAqB,EAAE,MAAM,EAAE,CAAC;QACpF,CAAC;QACD,cAAc,CAAC,MAAM,EAAE,IAAI,GAAG,KAAK,EAAE,MAAM,CAAC,CAAC;QAC7C,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,eAAe,MAAM,EAAE,EAAE,MAAM,EAAE,CAAC;IACtF,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,2BAA4B,CAAW,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,CAAC;IACvH,CAAC;AACH,CAAC;AAED,MAAM,UAAU,gBAAgB;IAC9B,IAAI,CAAC;QACH,MAAM,UAAU,GAAG,CAAC,IAAI,CAAC,OAAO,EAAE,EAAE,SAAS,CAAC,EAAE,IAAI,CAAC,OAAO,EAAE,EAAE,UAAU,CAAC,EAAE,IAAI,CAAC,OAAO,EAAE,EAAE,QAAQ,CAAC,CAAC,CAAC;QACxG,IAAI,OAAO,GAAG,EAAE,CAAC;QACjB,KAAK,MAAM,MAAM,IAAI,UAAU,EAAE,CAAC;YAChC,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC;gBAAE,SAAS;YAClC,MAAM,IAAI,GAAG,YAAY,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;YAC1C,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,kBAAkB,CAAC;gBAAE,SAAS;YACjD,MAAM,KAAK,GAAG,IAAI,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC;YAC/C,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,KAAK,CAAC,CAAC;YACjD,IAAI,KAAK,GAAG,CAAC,IAAI,GAAG,GAAG,CAAC;gBAAE,SAAS;YACnC,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;YAC1H,aAAa,CAAC,MAAM,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC;YACvC,OAAO,GAAG,MAAM,CAAC;QACnB,CAAC;QACD,OAAO,OAAO;YACZ,CAAC,CAAC,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,wBAAwB,EAAE,MAAM,EAAE,OAAO,EAAE;YACxF,CAAC,CAAC,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,eAAe,EAAE,CAAC;IACnE,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,8BAA+B,CAAW,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;IACzH,CAAC;AACH,CAAC;AAED,MAAM,CAAC,MAAM,gBAAgB,GAA4D;IACvF,OAAO,EAAE,cAAc;IACvB,IAAI,EAAE,iBAAiB;IACvB,OAAO,EAAE,cAAc;CACxB,CAAC;AAEF,MAAM,CAAC,MAAM,kBAAkB,GAAwC;IACrE,OAAO,EAAE,gBAAgB;IACzB,IAAI,EAAE,mBAAmB;IACzB,OAAO,EAAE,gBAAgB;CAC1B,CAAC"}
|
|
@@ -18,7 +18,6 @@ import type { InstallResult } from "./install_windows.js";
|
|
|
18
18
|
/** Plan 1: LaunchAgent plist. */
|
|
19
19
|
export declare function installLaunchAgent(nodePath: string, mnemeBin: string): InstallResult;
|
|
20
20
|
export declare function uninstallLaunchAgent(): InstallResult;
|
|
21
|
-
/** Plan 2: crontab @reboot. */
|
|
22
21
|
export declare function installCronReboot(nodePath: string, mnemeBin: string): InstallResult;
|
|
23
22
|
export declare function uninstallCronReboot(): InstallResult;
|
|
24
23
|
/** Plan 3: append to ~/.zshrc or ~/.bash_profile. */
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"install_macos.d.ts","sourceRoot":"","sources":["../../src/autoboot/install_macos.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;
|
|
1
|
+
{"version":3,"file":"install_macos.d.ts","sourceRoot":"","sources":["../../src/autoboot/install_macos.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAKH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AA+B1D,iCAAiC;AACjC,wBAAgB,kBAAkB,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,aAAa,CA0BpF;AAED,wBAAgB,oBAAoB,IAAI,aAAa,CAYpD;AA4BD,wBAAgB,iBAAiB,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,aAAa,CAanF;AAED,wBAAgB,mBAAmB,IAAI,aAAa,CAWnD;AAED,qDAAqD;AACrD,wBAAgB,cAAc,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,aAAa,CAyBhF;AAED,wBAAgB,gBAAgB,IAAI,aAAa,CAqBhD;AAED,eAAO,MAAM,gBAAgB,EAAE,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM,KAAK,aAAa,CAIpF,CAAC;AAEF,eAAO,MAAM,kBAAkB,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,aAAa,CAIlE,CAAC"}
|
|
@@ -14,10 +14,10 @@
|
|
|
14
14
|
* - Fires on every shell start. Not ideal (multiple shells = multiple
|
|
15
15
|
* spawn attempts; PID-lock cooperative startup handles the race).
|
|
16
16
|
*/
|
|
17
|
-
import {
|
|
18
|
-
import { existsSync, writeFileSync, readFileSync, mkdirSync, appendFileSync } from "node:fs";
|
|
17
|
+
import { existsSync, writeFileSync, readFileSync, mkdirSync, appendFileSync, unlinkSync } from "node:fs";
|
|
19
18
|
import { join } from "node:path";
|
|
20
|
-
import { homedir } from "node:os";
|
|
19
|
+
import { homedir, tmpdir } from "node:os";
|
|
20
|
+
import { safeExec, safeExecTry } from "../util/safe_exec.js";
|
|
21
21
|
const PLIST_LABEL = "ai.mneme.daemon";
|
|
22
22
|
const PLIST_NAME = `${PLIST_LABEL}.plist`;
|
|
23
23
|
const MNEME_BLOCK_MARKER = "# >>> mneme phoenix autoboot >>>";
|
|
@@ -63,20 +63,14 @@ export function installLaunchAgent(nodePath, mnemeBin) {
|
|
|
63
63
|
const existing = readFileSync(target, "utf8");
|
|
64
64
|
if (existing === body) {
|
|
65
65
|
// Reload anyway in case launchd dropped it on a previous session.
|
|
66
|
-
|
|
67
|
-
execSync(`launchctl load -w "${target}"`, { stdio: ["ignore", "ignore", "ignore"] });
|
|
68
|
-
}
|
|
69
|
-
catch { /* */ }
|
|
66
|
+
safeExecTry("launchctl", ["load", "-w", target], { timeoutMs: 5000 });
|
|
70
67
|
return { mechanism: "launchctl", ok: true, message: "already installed", target };
|
|
71
68
|
}
|
|
72
69
|
// Body drift -- unload + rewrite.
|
|
73
|
-
|
|
74
|
-
execSync(`launchctl unload "${target}"`, { stdio: ["ignore", "ignore", "ignore"] });
|
|
75
|
-
}
|
|
76
|
-
catch { /* */ }
|
|
70
|
+
safeExecTry("launchctl", ["unload", target], { timeoutMs: 5000 });
|
|
77
71
|
}
|
|
78
72
|
writeFileSync(target, body, "utf8");
|
|
79
|
-
|
|
73
|
+
safeExec("launchctl", ["load", "-w", target], { timeoutMs: 5000 });
|
|
80
74
|
return { mechanism: "launchctl", ok: true, message: "LaunchAgent installed + loaded", target };
|
|
81
75
|
}
|
|
82
76
|
catch (e) {
|
|
@@ -87,11 +81,11 @@ export function uninstallLaunchAgent() {
|
|
|
87
81
|
try {
|
|
88
82
|
const target = join(homedir(), "Library", "LaunchAgents", PLIST_NAME);
|
|
89
83
|
if (existsSync(target)) {
|
|
84
|
+
safeExecTry("launchctl", ["unload", target], { timeoutMs: 5000 });
|
|
90
85
|
try {
|
|
91
|
-
|
|
86
|
+
unlinkSync(target);
|
|
92
87
|
}
|
|
93
|
-
catch { /* */ }
|
|
94
|
-
execSync(`rm -f "${target}"`, { stdio: ["ignore", "ignore", "ignore"] });
|
|
88
|
+
catch { /* best-effort */ }
|
|
95
89
|
return { mechanism: "launchctl", ok: true, message: "removed", target };
|
|
96
90
|
}
|
|
97
91
|
return { mechanism: "launchctl", ok: true, message: "not installed" };
|
|
@@ -100,25 +94,44 @@ export function uninstallLaunchAgent() {
|
|
|
100
94
|
return { mechanism: "launchctl", ok: false, message: `uninstall failed: ${e.message.slice(0, 80)}` };
|
|
101
95
|
}
|
|
102
96
|
}
|
|
103
|
-
/** Plan 2: crontab @reboot.
|
|
104
|
-
|
|
97
|
+
/** Plan 2: crontab @reboot.
|
|
98
|
+
*
|
|
99
|
+
* v2.4 root-cause fix: the old `echo "..." | crontab -` shell pipe was a
|
|
100
|
+
* direct command-injection vector — any backtick / $() / newline that
|
|
101
|
+
* survived the naive double-quote escape would execute. We now:
|
|
102
|
+
* 1. read existing crontab via spawnSync (no shell)
|
|
103
|
+
* 2. write the merged body to a private temp file
|
|
104
|
+
* 3. pass the temp file path as a single argv element to `crontab`
|
|
105
|
+
* No shell, no pipe, no template interpolation.
|
|
106
|
+
*/
|
|
107
|
+
function writeCrontabFromString(body) {
|
|
108
|
+
const tmpPath = join(tmpdir(), `mneme-crontab-${process.pid}-${Date.now()}.txt`);
|
|
109
|
+
writeFileSync(tmpPath, body, { encoding: "utf8", mode: 0o600 });
|
|
105
110
|
try {
|
|
106
|
-
|
|
107
|
-
|
|
111
|
+
safeExec("crontab", [tmpPath], { timeoutMs: 5000 });
|
|
112
|
+
}
|
|
113
|
+
finally {
|
|
108
114
|
try {
|
|
109
|
-
|
|
115
|
+
unlinkSync(tmpPath);
|
|
110
116
|
}
|
|
111
|
-
catch { /*
|
|
117
|
+
catch { /* best-effort */ }
|
|
118
|
+
}
|
|
119
|
+
}
|
|
120
|
+
function readCurrentCrontab() {
|
|
121
|
+
const r = safeExecTry("crontab", ["-l"], { timeoutMs: 5000 });
|
|
122
|
+
if (!r || r.status !== 0)
|
|
123
|
+
return "";
|
|
124
|
+
return r.stdout;
|
|
125
|
+
}
|
|
126
|
+
export function installCronReboot(nodePath, mnemeBin) {
|
|
127
|
+
try {
|
|
128
|
+
const line = `@reboot ${nodePath} ${mnemeBin} daemon start --attached`;
|
|
129
|
+
const current = readCurrentCrontab();
|
|
112
130
|
if (current.split("\n").some((l) => l.trim() === line.trim())) {
|
|
113
131
|
return { mechanism: "cron", ok: true, message: "already in crontab", target: "@reboot line" };
|
|
114
132
|
}
|
|
115
133
|
const merged = current.trimEnd() + (current ? "\n" : "") + line + "\n";
|
|
116
|
-
|
|
117
|
-
execSync(`echo "${merged.replace(/"/g, '\\"')}" | crontab -`, {
|
|
118
|
-
shell: "/bin/bash",
|
|
119
|
-
stdio: ["ignore", "ignore", "pipe"],
|
|
120
|
-
timeout: 5000,
|
|
121
|
-
});
|
|
134
|
+
writeCrontabFromString(merged);
|
|
122
135
|
return { mechanism: "cron", ok: true, message: "crontab @reboot armed", target: "user crontab" };
|
|
123
136
|
}
|
|
124
137
|
catch (e) {
|
|
@@ -127,16 +140,12 @@ export function installCronReboot(nodePath, mnemeBin) {
|
|
|
127
140
|
}
|
|
128
141
|
export function uninstallCronReboot() {
|
|
129
142
|
try {
|
|
130
|
-
|
|
131
|
-
|
|
132
|
-
current = execSync(`crontab -l 2>/dev/null`, { encoding: "utf8" });
|
|
133
|
-
}
|
|
134
|
-
catch {
|
|
143
|
+
const current = readCurrentCrontab();
|
|
144
|
+
if (!current)
|
|
135
145
|
return { mechanism: "cron", ok: true, message: "no crontab" };
|
|
136
|
-
}
|
|
137
146
|
const lines = current.split("\n").filter((l) => !/mneme.*daemon.*start/i.test(l));
|
|
138
147
|
const merged = lines.join("\n");
|
|
139
|
-
|
|
148
|
+
writeCrontabFromString(merged);
|
|
140
149
|
return { mechanism: "cron", ok: true, message: "crontab line removed" };
|
|
141
150
|
}
|
|
142
151
|
catch (e) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"install_macos.js","sourceRoot":"","sources":["../../src/autoboot/install_macos.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAEH,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"install_macos.js","sourceRoot":"","sources":["../../src/autoboot/install_macos.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAEH,OAAO,EAAE,UAAU,EAAE,aAAa,EAAE,YAAY,EAAE,SAAS,EAAE,cAAc,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AACzG,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AAE1C,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAC;AAE7D,MAAM,WAAW,GAAG,iBAAiB,CAAC;AACtC,MAAM,UAAU,GAAG,GAAG,WAAW,QAAQ,CAAC;AAC1C,MAAM,kBAAkB,GAAG,kCAAkC,CAAC;AAC9D,MAAM,eAAe,GAAG,kCAAkC,CAAC;AAE3D,SAAS,SAAS,CAAC,QAAgB,EAAE,QAAgB,EAAE,MAAc;IACnE,OAAO;;;;4BAImB,WAAW;;;cAGzB,QAAQ;cACR,QAAQ;;;;;;;sCAOgB,IAAI,CAAC,MAAM,EAAE,yBAAyB,CAAC;wCACrC,IAAI,CAAC,MAAM,EAAE,yBAAyB,CAAC;;;CAG9E,CAAC;AACF,CAAC;AAED,iCAAiC;AACjC,MAAM,UAAU,kBAAkB,CAAC,QAAgB,EAAE,QAAgB;IACnE,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,cAAc,CAAC,CAAC;QACvD,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC;YAAE,SAAS,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAC1D,MAAM,MAAM,GAAG,IAAI,CAAC,GAAG,EAAE,UAAU,CAAC,CAAC;QACrC,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC;QAC3D,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;YACxB,IAAI,CAAC;gBAAC,SAAS,CAAC,MAAM,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YAAC,CAAC;YAAC,MAAM,CAAC,CAAC,KAAK,CAAC,CAAC;QACjE,CAAC;QACD,MAAM,IAAI,GAAG,SAAS,CAAC,QAAQ,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC;QACnD,IAAI,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;YACvB,MAAM,QAAQ,GAAG,YAAY,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;YAC9C,IAAI,QAAQ,KAAK,IAAI,EAAE,CAAC;gBACtB,kEAAkE;gBAClE,WAAW,CAAC,WAAW,EAAE,CAAC,MAAM,EAAE,IAAI,EAAE,MAAM,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;gBACtE,OAAO,EAAE,SAAS,EAAE,WAAW,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,mBAAmB,EAAE,MAAM,EAAE,CAAC;YACpF,CAAC;YACD,kCAAkC;YAClC,WAAW,CAAC,WAAW,EAAE,CAAC,QAAQ,EAAE,MAAM,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QACpE,CAAC;QACD,aAAa,CAAC,MAAM,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC;QACpC,QAAQ,CAAC,WAAW,EAAE,CAAC,MAAM,EAAE,IAAI,EAAE,MAAM,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QACnE,OAAO,EAAE,SAAS,EAAE,WAAW,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,gCAAgC,EAAE,MAAM,EAAE,CAAC;IACjG,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO,EAAE,SAAS,EAAE,WAAW,EAAE,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,qBAAsB,CAAW,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,CAAC;IACnH,CAAC;AACH,CAAC;AAED,MAAM,UAAU,oBAAoB;IAClC,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,cAAc,EAAE,UAAU,CAAC,CAAC;QACtE,IAAI,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;YACvB,WAAW,CAAC,WAAW,EAAE,CAAC,QAAQ,EAAE,MAAM,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YAClE,IAAI,CAAC;gBAAC,UAAU,CAAC,MAAM,CAAC,CAAC;YAAC,CAAC;YAAC,MAAM,CAAC,CAAC,iBAAiB,CAAC,CAAC;YACvD,OAAO,EAAE,SAAS,EAAE,WAAW,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,CAAC;QAC1E,CAAC;QACD,OAAO,EAAE,SAAS,EAAE,WAAW,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,eAAe,EAAE,CAAC;IACxE,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO,EAAE,SAAS,EAAE,WAAW,EAAE,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,qBAAsB,CAAW,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;IAClH,CAAC;AACH,CAAC;AAED;;;;;;;;;GASG;AACH,SAAS,sBAAsB,CAAC,IAAY;IAC1C,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,EAAE,EAAE,iBAAiB,OAAO,CAAC,GAAG,IAAI,IAAI,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;IACjF,aAAa,CAAC,OAAO,EAAE,IAAI,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;IAChE,IAAI,CAAC;QACH,QAAQ,CAAC,SAAS,EAAE,CAAC,OAAO,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IACtD,CAAC;YAAS,CAAC;QACT,IAAI,CAAC;YAAC,UAAU,CAAC,OAAO,CAAC,CAAC;QAAC,CAAC;QAAC,MAAM,CAAC,CAAC,iBAAiB,CAAC,CAAC;IAC1D,CAAC;AACH,CAAC;AAED,SAAS,kBAAkB;IACzB,MAAM,CAAC,GAAG,WAAW,CAAC,SAAS,EAAE,CAAC,IAAI,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAC9D,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,CAAC;IACpC,OAAO,CAAC,CAAC,MAAM,CAAC;AAClB,CAAC;AAED,MAAM,UAAU,iBAAiB,CAAC,QAAgB,EAAE,QAAgB;IAClE,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,WAAW,QAAQ,IAAI,QAAQ,0BAA0B,CAAC;QACvE,MAAM,OAAO,GAAG,kBAAkB,EAAE,CAAC;QACrC,IAAI,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,KAAK,IAAI,CAAC,IAAI,EAAE,CAAC,EAAE,CAAC;YAC9D,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,oBAAoB,EAAE,MAAM,EAAE,cAAc,EAAE,CAAC;QAChG,CAAC;QACD,MAAM,MAAM,GAAG,OAAO,CAAC,OAAO,EAAE,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,IAAI,GAAG,IAAI,CAAC;QACvE,sBAAsB,CAAC,MAAM,CAAC,CAAC;QAC/B,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,uBAAuB,EAAE,MAAM,EAAE,cAAc,EAAE,CAAC;IACnG,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,wBAAyB,CAAW,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,CAAC;IACjH,CAAC;AACH,CAAC;AAED,MAAM,UAAU,mBAAmB;IACjC,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,kBAAkB,EAAE,CAAC;QACrC,IAAI,CAAC,OAAO;YAAE,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,YAAY,EAAE,CAAC;QAC5E,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,uBAAuB,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;QAClF,MAAM,MAAM,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAChC,sBAAsB,CAAC,MAAM,CAAC,CAAC;QAC/B,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,sBAAsB,EAAE,CAAC;IAC1E,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,0BAA2B,CAAW,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;IAClH,CAAC;AACH,CAAC;AAED,qDAAqD;AACrD,MAAM,UAAU,cAAc,CAAC,QAAgB,EAAE,QAAgB;IAC/D,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,OAAO,EAAE,EAAE,QAAQ,CAAC,CAAC;QAClE,MAAM,WAAW,GAAG,IAAI,CAAC,OAAO,EAAE,EAAE,eAAe,CAAC,CAAC;QACrD,MAAM,MAAM,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,WAAW,CAAC;QACvD,MAAM,KAAK,GAAG;YACZ,kBAAkB;YAClB,8EAA8E;YAC9E,iFAAiF;YACjF,qDAAqD;YACrD,OAAO,QAAQ,MAAM,QAAQ,8CAA8C;YAC3E,IAAI;YACJ,eAAe;YACf,EAAE;SACH,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACb,IAAI,QAAQ,GAAG,EAAE,CAAC;QAClB,IAAI,CAAC;YAAC,QAAQ,GAAG,YAAY,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAAC,CAAC;QAAC,MAAM,CAAC,CAAC,wBAAwB,CAAC,CAAC;QACnF,IAAI,QAAQ,CAAC,QAAQ,CAAC,kBAAkB,CAAC,EAAE,CAAC;YAC1C,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,qBAAqB,EAAE,MAAM,EAAE,CAAC;QACpF,CAAC;QACD,cAAc,CAAC,MAAM,EAAE,IAAI,GAAG,KAAK,EAAE,MAAM,CAAC,CAAC;QAC7C,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,eAAe,MAAM,EAAE,EAAE,MAAM,EAAE,CAAC;IACtF,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,2BAA4B,CAAW,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,CAAC;IACvH,CAAC;AACH,CAAC;AAED,MAAM,UAAU,gBAAgB;IAC9B,IAAI,CAAC;QACH,MAAM,UAAU,GAAG,CAAC,IAAI,CAAC,OAAO,EAAE,EAAE,QAAQ,CAAC,EAAE,IAAI,CAAC,OAAO,EAAE,EAAE,eAAe,CAAC,EAAE,IAAI,CAAC,OAAO,EAAE,EAAE,SAAS,CAAC,EAAE,IAAI,CAAC,OAAO,EAAE,EAAE,UAAU,CAAC,CAAC,CAAC;QAC1I,IAAI,OAAO,GAAG,EAAE,CAAC;QACjB,KAAK,MAAM,MAAM,IAAI,UAAU,EAAE,CAAC;YAChC,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC;gBAAE,SAAS;YAClC,MAAM,IAAI,GAAG,YAAY,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;YAC1C,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,kBAAkB,CAAC;gBAAE,SAAS;YACjD,MAAM,KAAK,GAAG,IAAI,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC;YAC/C,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,KAAK,CAAC,CAAC;YACjD,IAAI,KAAK,GAAG,CAAC,IAAI,GAAG,GAAG,CAAC;gBAAE,SAAS;YACnC,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;YAC1H,aAAa,CAAC,MAAM,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC;YACvC,OAAO,GAAG,MAAM,CAAC;QACnB,CAAC;QACD,OAAO,OAAO;YACZ,CAAC,CAAC,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,wBAAwB,EAAE,MAAM,EAAE,OAAO,EAAE;YACxF,CAAC,CAAC,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,eAAe,EAAE,CAAC;IACnE,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,8BAA+B,CAAW,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;IACzH,CAAC;AACH,CAAC;AAED,MAAM,CAAC,MAAM,gBAAgB,GAA4D;IACvF,SAAS,EAAE,kBAAkB;IAC7B,IAAI,EAAE,iBAAiB;IACvB,OAAO,EAAE,cAAc;CACxB,CAAC;AAEF,MAAM,CAAC,MAAM,kBAAkB,GAAwC;IACrE,SAAS,EAAE,oBAAoB;IAC/B,IAAI,EAAE,mBAAmB;IACzB,OAAO,EAAE,gBAAgB;CAC1B,CAAC"}
|
|
@@ -28,7 +28,6 @@ export declare function uninstallSchtasks(): InstallResult;
|
|
|
28
28
|
/** Plan 2: Startup folder .cmd shortcut. */
|
|
29
29
|
export declare function installStartupFolder(nodePath: string, mnemeBin: string): InstallResult;
|
|
30
30
|
export declare function uninstallStartupFolder(): InstallResult;
|
|
31
|
-
/** Plan 3: HKCU Registry Run key. */
|
|
32
31
|
export declare function installRegistryRun(nodePath: string, mnemeBin: string): InstallResult;
|
|
33
32
|
export declare function uninstallRegistryRun(): InstallResult;
|
|
34
33
|
export declare const WINDOWS_INSTALLERS: Record<string, (n: string, m: string) => InstallResult>;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"install_windows.d.ts","sourceRoot":"","sources":["../../src/autoboot/install_windows.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;
|
|
1
|
+
{"version":3,"file":"install_windows.d.ts","sourceRoot":"","sources":["../../src/autoboot/install_windows.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAQH,MAAM,WAAW,aAAa;IAC5B,SAAS,EAAE,MAAM,CAAC;IAClB,EAAE,EAAE,OAAO,CAAC;IACZ,OAAO,EAAE,MAAM,CAAC;IAChB,oDAAoD;IACpD,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAsBD,yEAAyE;AACzE,wBAAgB,eAAe,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,aAAa,CAsCjF;AAED,wBAAgB,iBAAiB,IAAI,aAAa,CAQjD;AAED,4CAA4C;AAC5C,wBAAgB,oBAAoB,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,aAAa,CAqBtF;AAED,wBAAgB,sBAAsB,IAAI,aAAa,CAatD;AAKD,wBAAgB,kBAAkB,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,aAAa,CAepF;AAED,wBAAgB,oBAAoB,IAAI,aAAa,CASpD;AAED,eAAO,MAAM,kBAAkB,EAAE,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM,KAAK,aAAa,CAItF,CAAC;AAEF,eAAO,MAAM,oBAAoB,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,aAAa,CAIpE,CAAC"}
|
|
@@ -15,10 +15,11 @@
|
|
|
15
15
|
* Idempotent: each install checks if the entry already exists before
|
|
16
16
|
* writing. Re-installing produces no side effect.
|
|
17
17
|
*/
|
|
18
|
-
import {
|
|
19
|
-
import { existsSync, writeFileSync, mkdirSync, readFileSync } from "node:fs";
|
|
18
|
+
import { spawnSync } from "node:child_process";
|
|
19
|
+
import { existsSync, writeFileSync, mkdirSync, readFileSync, unlinkSync } from "node:fs";
|
|
20
20
|
import { join } from "node:path";
|
|
21
21
|
import { homedir } from "node:os";
|
|
22
|
+
import { safeExec, safeExecTry } from "../util/safe_exec.js";
|
|
22
23
|
const TASK_NAME = "MnemeDaemon";
|
|
23
24
|
const REGISTRY_NAME = "MnemeDaemon";
|
|
24
25
|
const STARTUP_FILE = "mneme-daemon.cmd";
|
|
@@ -40,11 +41,11 @@ function schtasksShimPath() {
|
|
|
40
41
|
export function installSchtasks(nodePath, mnemeBin) {
|
|
41
42
|
try {
|
|
42
43
|
// Check if already exists -- query returns non-zero when missing.
|
|
43
|
-
|
|
44
|
-
|
|
44
|
+
// v2.4: spawnSync with argv array; no shell, no template interpolation.
|
|
45
|
+
const queryResult = safeExecTry("schtasks", ["/Query", "/TN", TASK_NAME], { timeoutMs: 5000 });
|
|
46
|
+
if (queryResult?.status === 0) {
|
|
45
47
|
return { mechanism: "schtasks", ok: true, message: "already installed", target: TASK_NAME };
|
|
46
48
|
}
|
|
47
|
-
catch { /* not installed yet -- continue */ }
|
|
48
49
|
// Write a tiny .cmd shim with the full daemon command. schtasks /TR
|
|
49
50
|
// gets the shim path (no spaces -> no quoting hell). The shim itself
|
|
50
51
|
// handles quoting the node + mneme paths in cmd.exe-native syntax.
|
|
@@ -79,8 +80,10 @@ export function installSchtasks(nodePath, mnemeBin) {
|
|
|
79
80
|
}
|
|
80
81
|
export function uninstallSchtasks() {
|
|
81
82
|
try {
|
|
82
|
-
|
|
83
|
-
|
|
83
|
+
const r = safeExecTry("schtasks", ["/Delete", "/TN", TASK_NAME, "/F"], { timeoutMs: 5000 });
|
|
84
|
+
if (r && r.status === 0)
|
|
85
|
+
return { mechanism: "schtasks", ok: true, message: "removed" };
|
|
86
|
+
return { mechanism: "schtasks", ok: true, message: "not installed (nothing to remove)" };
|
|
84
87
|
}
|
|
85
88
|
catch {
|
|
86
89
|
return { mechanism: "schtasks", ok: true, message: "not installed (nothing to remove)" };
|
|
@@ -117,7 +120,12 @@ export function uninstallStartupFolder() {
|
|
|
117
120
|
try {
|
|
118
121
|
const target = join(process.env["APPDATA"] ?? "", "Microsoft", "Windows", "Start Menu", "Programs", "Startup", STARTUP_FILE);
|
|
119
122
|
if (existsSync(target)) {
|
|
120
|
-
|
|
123
|
+
// v2.4: prefer Node's fs.unlinkSync over shelling out to `del`. No
|
|
124
|
+
// string interpolation; no shell metacharacter risk.
|
|
125
|
+
try {
|
|
126
|
+
unlinkSync(target);
|
|
127
|
+
}
|
|
128
|
+
catch { /* best-effort */ }
|
|
121
129
|
return { mechanism: "startupFolder", ok: true, message: "removed", target };
|
|
122
130
|
}
|
|
123
131
|
return { mechanism: "startupFolder", ok: true, message: "not installed" };
|
|
@@ -127,24 +135,17 @@ export function uninstallStartupFolder() {
|
|
|
127
135
|
}
|
|
128
136
|
}
|
|
129
137
|
/** Plan 3: HKCU Registry Run key. */
|
|
138
|
+
const RUN_KEY = "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Run";
|
|
130
139
|
export function installRegistryRun(nodePath, mnemeBin) {
|
|
131
140
|
try {
|
|
132
141
|
const value = daemonCommand(nodePath, mnemeBin);
|
|
133
|
-
//
|
|
134
|
-
|
|
135
|
-
|
|
136
|
-
|
|
137
|
-
|
|
138
|
-
});
|
|
139
|
-
if (r.includes(value)) {
|
|
140
|
-
return { mechanism: "registryRun", ok: true, message: "already installed", target: `HKCU\\Run\\${REGISTRY_NAME}` };
|
|
141
|
-
}
|
|
142
|
+
// v2.4: spawnSync argv array; REGISTRY_NAME + value pass as separate
|
|
143
|
+
// argv elements, never composed into a shell template.
|
|
144
|
+
const queryResult = safeExecTry("reg", ["query", RUN_KEY, "/v", REGISTRY_NAME], { timeoutMs: 5000 });
|
|
145
|
+
if (queryResult?.status === 0 && queryResult.stdout.includes(value)) {
|
|
146
|
+
return { mechanism: "registryRun", ok: true, message: "already installed", target: `HKCU\\Run\\${REGISTRY_NAME}` };
|
|
142
147
|
}
|
|
143
|
-
|
|
144
|
-
execSync(`reg add "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Run" /v "${REGISTRY_NAME}" /t REG_SZ /d "${value.replace(/"/g, '\\"')}" /f`, {
|
|
145
|
-
stdio: ["ignore", "ignore", "pipe"],
|
|
146
|
-
timeout: 5000,
|
|
147
|
-
});
|
|
148
|
+
safeExec("reg", ["add", RUN_KEY, "/v", REGISTRY_NAME, "/t", "REG_SZ", "/d", value, "/f"], { timeoutMs: 5000 });
|
|
148
149
|
return { mechanism: "registryRun", ok: true, message: "HKCU Run key set", target: `HKCU\\Run\\${REGISTRY_NAME}` };
|
|
149
150
|
}
|
|
150
151
|
catch (e) {
|
|
@@ -153,8 +154,8 @@ export function installRegistryRun(nodePath, mnemeBin) {
|
|
|
153
154
|
}
|
|
154
155
|
export function uninstallRegistryRun() {
|
|
155
156
|
try {
|
|
156
|
-
|
|
157
|
-
|
|
157
|
+
safeExecTry("reg", ["delete", RUN_KEY, "/v", REGISTRY_NAME, "/f"], {
|
|
158
|
+
timeoutMs: 5000,
|
|
158
159
|
});
|
|
159
160
|
return { mechanism: "registryRun", ok: true, message: "removed" };
|
|
160
161
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"install_windows.js","sourceRoot":"","sources":["../../src/autoboot/install_windows.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"install_windows.js","sourceRoot":"","sources":["../../src/autoboot/install_windows.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH,OAAO,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAC;AAC/C,OAAO,EAAE,UAAU,EAAE,aAAa,EAAE,SAAS,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AACzF,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAClC,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAC;AAU7D,MAAM,SAAS,GAAG,aAAa,CAAC;AAChC,MAAM,aAAa,GAAG,aAAa,CAAC;AACpC,MAAM,YAAY,GAAG,kBAAkB,CAAC;AAExC,sEAAsE;AACtE,SAAS,aAAa,CAAC,QAAgB,EAAE,QAAgB;IACvD,OAAO,IAAI,QAAQ,MAAM,QAAQ,2BAA2B,CAAC;AAC/D,CAAC;AAED;;;;;gBAKgB;AAChB,SAAS,gBAAgB;IACvB,kCAAkC;IAClC,OAAO,IAAI,CAAC,OAAO,EAAE,EAAE,yBAAyB,CAAC,CAAC;AACpD,CAAC;AAED,yEAAyE;AACzE,MAAM,UAAU,eAAe,CAAC,QAAgB,EAAE,QAAgB;IAChE,IAAI,CAAC;QACH,kEAAkE;QAClE,wEAAwE;QACxE,MAAM,WAAW,GAAG,WAAW,CAAC,UAAU,EAAE,CAAC,QAAQ,EAAE,KAAK,EAAE,SAAS,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAC/F,IAAI,WAAW,EAAE,MAAM,KAAK,CAAC,EAAE,CAAC;YAC9B,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,mBAAmB,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC;QAC9F,CAAC;QAED,oEAAoE;QACpE,qEAAqE;QACrE,mEAAmE;QACnE,MAAM,IAAI,GAAG,gBAAgB,EAAE,CAAC;QAChC,MAAM,QAAQ,GAAG;YACf,WAAW;YACX,gBAAgB,QAAQ,MAAM,QAAQ,2BAA2B;SAClE,CAAC,IAAI,CAAC,MAAM,CAAC,GAAG,MAAM,CAAC;QACxB,aAAa,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC;QAEpD,mEAAmE;QACnE,sEAAsE;QACtE,wEAAwE;QACxE,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,EAAE,CAAC;QAC3C,MAAM,QAAQ,GAAG,CAAC,SAAS,EAAE,KAAK,EAAE,SAAS,EAAE,KAAK,EAAE,IAAI,EAAE,KAAK,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC;QACpF,IAAI,IAAI,EAAE,CAAC;YAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;QAAC,CAAC;QACzC,IAAI,CAAC,GAAG,SAAS,CAAC,UAAU,EAAE,CAAC,GAAG,QAAQ,EAAE,KAAK,EAAE,SAAS,CAAC,EAAE,EAAE,KAAK,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;QACrH,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACnB,qEAAqE;YACrE,CAAC,GAAG,SAAS,CAAC,UAAU,EAAE,QAAQ,EAAE,EAAE,KAAK,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;QAC5F,CAAC;QACD,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACnB,MAAM,GAAG,GAAG,CAAC,CAAC,CAAC,MAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,MAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,IAAI,QAAQ,CAAC,CAAC,MAAM,EAAE,CAAC;YAC7G,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,oBAAoB,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,CAAC;QAChG,CAAC;QACD,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,2CAA2C,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC;IACtH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,oBAAqB,CAAW,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,CAAC;IACjH,CAAC;AACH,CAAC;AAED,MAAM,UAAU,iBAAiB;IAC/B,IAAI,CAAC;QACH,MAAM,CAAC,GAAG,WAAW,CAAC,UAAU,EAAE,CAAC,SAAS,EAAE,KAAK,EAAE,SAAS,EAAE,IAAI,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAC5F,IAAI,CAAC,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,SAAS,EAAE,CAAC;QACxF,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,mCAAmC,EAAE,CAAC;IAC3F,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,mCAAmC,EAAE,CAAC;IAC3F,CAAC;AACH,CAAC;AAED,4CAA4C;AAC5C,MAAM,UAAU,oBAAoB,CAAC,QAAgB,EAAE,QAAgB;IACrE,IAAI,CAAC;QACH,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,EAAE,EAAE,WAAW,EAAE,SAAS,EAAE,YAAY,EAAE,UAAU,EAAE,SAAS,CAAC,CAAC;QACnH,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;YAC5B,IAAI,CAAC;gBAAC,SAAS,CAAC,UAAU,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YAAC,CAAC;YAAC,MAAM,CAAC,CAAC,KAAK,CAAC,CAAC;QACrE,CAAC;QACD,MAAM,MAAM,GAAG,IAAI,CAAC,UAAU,EAAE,YAAY,CAAC,CAAC;QAC9C,MAAM,GAAG,GAAG,aAAa,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;QAC9C,yEAAyE;QACzE,MAAM,IAAI,GAAG,0BAA0B,GAAG,IAAI,CAAC;QAC/C,IAAI,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;YACvB,MAAM,QAAQ,GAAG,YAAY,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;YAC9C,IAAI,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC3B,OAAO,EAAE,SAAS,EAAE,eAAe,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,mBAAmB,EAAE,MAAM,EAAE,CAAC;YACxF,CAAC;QACH,CAAC;QACD,aAAa,CAAC,MAAM,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC;QACpC,OAAO,EAAE,SAAS,EAAE,eAAe,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,+BAA+B,EAAE,MAAM,EAAE,CAAC;IACpG,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO,EAAE,SAAS,EAAE,eAAe,EAAE,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,yBAA0B,CAAW,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,CAAC;IAC3H,CAAC;AACH,CAAC;AAED,MAAM,UAAU,sBAAsB;IACpC,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,EAAE,EAAE,WAAW,EAAE,SAAS,EAAE,YAAY,EAAE,UAAU,EAAE,SAAS,EAAE,YAAY,CAAC,CAAC;QAC7H,IAAI,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;YACvB,mEAAmE;YACnE,qDAAqD;YACrD,IAAI,CAAC;gBAAC,UAAU,CAAC,MAAM,CAAC,CAAC;YAAC,CAAC;YAAC,MAAM,CAAC,CAAC,iBAAiB,CAAC,CAAC;YACvD,OAAO,EAAE,SAAS,EAAE,eAAe,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,CAAC;QAC9E,CAAC;QACD,OAAO,EAAE,SAAS,EAAE,eAAe,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,eAAe,EAAE,CAAC;IAC5E,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO,EAAE,SAAS,EAAE,eAAe,EAAE,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,kBAAmB,CAAW,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;IACnH,CAAC;AACH,CAAC;AAED,qCAAqC;AACrC,MAAM,OAAO,GAAG,yDAAyD,CAAC;AAE1E,MAAM,UAAU,kBAAkB,CAAC,QAAgB,EAAE,QAAgB;IACnE,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,aAAa,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;QAChD,qEAAqE;QACrE,uDAAuD;QACvD,MAAM,WAAW,GAAG,WAAW,CAAC,KAAK,EAAE,CAAC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,aAAa,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QACrG,IAAI,WAAW,EAAE,MAAM,KAAK,CAAC,IAAI,WAAW,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;YACpE,OAAO,EAAE,SAAS,EAAE,aAAa,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,mBAAmB,EAAE,MAAM,EAAE,cAAc,aAAa,EAAE,EAAE,CAAC;QACrH,CAAC;QAED,QAAQ,CAAC,KAAK,EAAE,CAAC,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,aAAa,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAC/G,OAAO,EAAE,SAAS,EAAE,aAAa,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,kBAAkB,EAAE,MAAM,EAAE,cAAc,aAAa,EAAE,EAAE,CAAC;IACpH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO,EAAE,SAAS,EAAE,aAAa,EAAE,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,oBAAqB,CAAW,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,CAAC;IACpH,CAAC;AACH,CAAC;AAED,MAAM,UAAU,oBAAoB;IAClC,IAAI,CAAC;QACH,WAAW,CAAC,KAAK,EAAE,CAAC,QAAQ,EAAE,OAAO,EAAE,IAAI,EAAE,aAAa,EAAE,IAAI,CAAC,EAAE;YACjE,SAAS,EAAE,IAAI;SAChB,CAAC,CAAC;QACH,OAAO,EAAE,SAAS,EAAE,aAAa,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,SAAS,EAAE,CAAC;IACpE,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,SAAS,EAAE,aAAa,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,eAAe,EAAE,CAAC;IAC1E,CAAC;AACH,CAAC;AAED,MAAM,CAAC,MAAM,kBAAkB,GAA4D;IACzF,QAAQ,EAAE,eAAe;IACzB,aAAa,EAAE,oBAAoB;IACnC,WAAW,EAAE,kBAAkB;CAChC,CAAC;AAEF,MAAM,CAAC,MAAM,oBAAoB,GAAwC;IACvE,QAAQ,EAAE,iBAAiB;IAC3B,aAAa,EAAE,sBAAsB;IACrC,WAAW,EAAE,oBAAoB;CAClC,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"gossip_mesh.d.ts","sourceRoot":"","sources":["../../src/avatar/gossip_mesh.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+BG;
|
|
1
|
+
{"version":3,"file":"gossip_mesh.d.ts","sourceRoot":"","sources":["../../src/avatar/gossip_mesh.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+BG;AAcH,MAAM,MAAM,UAAU,GAAG,SAAS,GAAG,UAAU,GAAG,WAAW,CAAC;AAE9D,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,UAAU,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,aAAa;IAC5B,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,UAAU,GAAG,WAAW,GAAG,eAAe,GAAG,eAAe,GAAG,gBAAgB,GAAG,oBAAoB,CAAC;IAChH,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAWD,wBAAgB,qBAAqB,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,CAO9D;AAUD,wBAAgB,WAAW,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE;IAAE,IAAI,EAAE,UAAU,CAAC;IAAC,MAAM,EAAE,MAAM,CAAC;IAAC,IAAI,EAAE,MAAM,CAAA;CAAE,GAAG,aAAa,CAarH;AAED,UAAU,UAAU;IAAG,EAAE,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,MAAM,CAAC;IAAC,EAAE,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,aAAa,CAAC,SAAS,CAAC,CAAA;CAAE;AAkClG,wBAAgB,aAAa,CAAC,QAAQ,EAAE,MAAM,EAAE,GAAG,EAAE,aAAa,GAAG,aAAa,CAqCjF;AAED;;;GAGG;AACH,wBAAgB,OAAO,CAAC,QAAQ,EAAE,MAAM,EAAE,GAAG,EAAE,aAAa,GAAG,aAAa,GAAG,IAAI,CASlF;AAED,wBAAgB,cAAc,CAAC,QAAQ,EAAE,MAAM,GAAG,aAAa,EAAE,CAShE;AAED,wBAAgB,QAAQ,CAAC,QAAQ,EAAE,MAAM,GAAG,UAAU,EAAE,CAEvD"}
|
|
@@ -33,6 +33,7 @@
|
|
|
33
33
|
import { existsSync, readFileSync, readdirSync, writeFileSync, mkdirSync, appendFileSync } from "node:fs";
|
|
34
34
|
import { join, resolve } from "node:path";
|
|
35
35
|
import { createHash, createHmac, randomBytes } from "node:crypto";
|
|
36
|
+
import { safeHmacNotEqual } from "../util/hmac_compare.js";
|
|
36
37
|
const MESH_SECRET_REL = ".mneme/mesh-secret";
|
|
37
38
|
const SEEN_REL = ".mneme/mesh-seen.jsonl";
|
|
38
39
|
const QUARANTINE_REL = ".mneme/mesh-quarantine";
|
|
@@ -117,7 +118,7 @@ export function ingestMessage(repoRoot, msg) {
|
|
|
117
118
|
return { msgId: msg.id, outcome: "hops-exceeded" };
|
|
118
119
|
// 2. Signature
|
|
119
120
|
const expected = signMessage(secret, msg.kind, msg.sender, msg.body, msg.hops);
|
|
120
|
-
if (expected
|
|
121
|
+
if (safeHmacNotEqual(expected, msg.signature)) {
|
|
121
122
|
appendSeen(repoRoot, { id: msg.id, sender: msg.sender, at: new Date().toISOString(), outcome: "bad-signature" });
|
|
122
123
|
return { msgId: msg.id, outcome: "bad-signature", reason: "HMAC mismatch — message dropped" };
|
|
123
124
|
}
|