@mrclrchtr/supi-tree-sitter 1.0.0 → 1.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/package.json +10 -30
  2. package/src/runtime.ts +9 -0
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@mrclrchtr/supi-tree-sitter",
3
- "version": "1.0.0",
3
+ "version": "1.1.2",
4
4
  "description": "SuPi Tree-sitter extension — structural AST analysis for pi",
5
5
  "license": "MIT",
6
6
  "repository": {
@@ -22,14 +22,6 @@
22
22
  "scripts/*.mjs",
23
23
  "!__tests__"
24
24
  ],
25
- "scripts": {
26
- "vendor:wasm": "node scripts/vendor-wasm.mjs",
27
- "check:wasm": "node scripts/vendor-wasm.mjs --check",
28
- "generate:kotlin-wasm": "node scripts/generate-kotlin-wasm.mjs",
29
- "check:kotlin-wasm": "node scripts/generate-kotlin-wasm.mjs --check",
30
- "generate:sql-wasm": "node scripts/generate-sql-wasm.mjs",
31
- "check:sql-wasm": "node scripts/generate-sql-wasm.mjs --check"
32
- },
33
25
  "dependencies": {
34
26
  "web-tree-sitter": "^0.26.8"
35
27
  },
@@ -38,30 +30,18 @@
38
30
  "@earendil-works/pi-coding-agent": "*",
39
31
  "typebox": "*"
40
32
  },
41
- "devDependencies": {
42
- "@davisvaughan/tree-sitter-r": "1.2.0",
43
- "@derekstride/tree-sitter-sql": "0.3.11",
44
- "@types/node": "25.6.2",
45
- "tree-sitter-bash": "0.25.1",
46
- "tree-sitter-c": "0.24.1",
47
- "tree-sitter-cli": "0.26.8",
48
- "tree-sitter-cpp": "0.23.4",
49
- "tree-sitter-go": "0.25.0",
50
- "tree-sitter-html": "0.23.2",
51
- "tree-sitter-java": "0.23.5",
52
- "tree-sitter-javascript": "0.25.0",
53
- "tree-sitter-kotlin": "0.3.8",
54
- "tree-sitter-python": "0.25.0",
55
- "tree-sitter-ruby": "0.23.1",
56
- "tree-sitter-rust": "0.24.0",
57
- "tree-sitter-typescript": "0.23.2",
58
- "vitest": "4.1.5",
59
- "@mrclrchtr/supi-test-utils": "workspace:*"
60
- },
61
33
  "pi": {
62
34
  "extensions": [
63
35
  "./src/tree-sitter.ts"
64
36
  ]
65
37
  },
66
- "main": "src/index.ts"
38
+ "main": "src/index.ts",
39
+ "scripts": {
40
+ "vendor:wasm": "node scripts/vendor-wasm.mjs",
41
+ "check:wasm": "node scripts/vendor-wasm.mjs --check",
42
+ "generate:kotlin-wasm": "node scripts/generate-kotlin-wasm.mjs",
43
+ "check:kotlin-wasm": "node scripts/generate-kotlin-wasm.mjs --check",
44
+ "generate:sql-wasm": "node scripts/generate-sql-wasm.mjs",
45
+ "check:sql-wasm": "node scripts/generate-sql-wasm.mjs --check"
46
+ }
67
47
  }
package/src/runtime.ts CHANGED
@@ -158,6 +158,12 @@ export class TreeSitterRuntime {
158
158
  if (!queryString || queryString.trim().length === 0) {
159
159
  return { kind: "validation-error", message: "query is required and must be non-empty" };
160
160
  }
161
+ if (queryString.length > MAX_QUERY_LENGTH) {
162
+ return {
163
+ kind: "validation-error",
164
+ message: `query exceeds maximum length of ${MAX_QUERY_LENGTH} characters`,
165
+ };
166
+ }
161
167
 
162
168
  const parseResult = await this.parseFile(filePath);
163
169
  if (parseResult.kind !== "success") return parseResult;
@@ -229,6 +235,9 @@ export class TreeSitterRuntime {
229
235
  }
230
236
  }
231
237
 
238
+ /** Max query string length to prevent ReDoS via overly complex Tree-sitter patterns. */
239
+ const MAX_QUERY_LENGTH = 10_000;
240
+
232
241
  /** Format errors with their cause chain's first message for user-facing tool output. */
233
242
  function formatError(err: unknown, fallback = "Operation failed"): string {
234
243
  if (!(err instanceof Error)) return String(err || fallback);