@mseep/anything-analyzer 3.6.50

package/src/main/cdp/cdp-manager.ts

@@ -0,0 +1,233 @@
+import { EventEmitter } from 'events'
+import type { WebContents } from 'electron'
+
+const MAX_BODY_SIZE = 1024 * 1024 // 1MB
+
+// Binary content types that should not have their body stored
+const BINARY_CONTENT_TYPES = [
+  'image/', 'font/', 'audio/', 'video/',
+  'application/octet-stream', 'application/pdf', 'application/zip'
+]
+
+interface RequestInfo {
+  method: string
+  url: string
+  headers: Record<string, string>
+  postData: string | null
+  timestamp: number
+  initiator: unknown
+  isOptions: boolean
+}
+
+/**
+ * CdpManager — Chrome DevTools Protocol manager for network interception.
+ * Attaches to a WebContents debugger and intercepts all Fetch/XHR requests.
+ */
+export class CdpManager extends EventEmitter {
+  private webContents: WebContents | null = null
+  private pendingRequests = new Map<string, RequestInfo>()
+  private running = false
+  private messageHandler: ((event: Electron.Event, method: string, params: Record<string, unknown>) => void) | null = null
+  private detachedHandler: (() => void) | null = null
+
+  async start(webContents: WebContents): Promise<void> {
+    this.webContents = webContents
+
+    if (webContents.isDestroyed()) {
+      throw new Error('Cannot start CDP on destroyed WebContents')
+    }
+
+    // Detach if already attached (e.g. leftover from a previous session)
+    if (webContents.debugger.isAttached()) {
+      try { webContents.debugger.detach() } catch { /* ignore */ }
+    }
+
+    try {
+      webContents.debugger.attach('1.3')
+    } catch (err) {
+      throw new Error(`Failed to attach CDP debugger: ${(err as Error).message}`)
+    }
+
+    this.messageHandler = (_event, method, params) => {
+      this.handleCdpMessage(method, params)
+    }
+    this.detachedHandler = () => {
+      this.running = false
+      this.emit('detached')
+    }
+
+    webContents.debugger.on('message', this.messageHandler)
+    webContents.debugger.on('detach', this.detachedHandler)
+
+    await Promise.all([
+      this.send('Fetch.enable', {
+        patterns: [
+          { urlPattern: '*', requestStage: 'Request' },
+          { urlPattern: '*', requestStage: 'Response' }
+        ]
+      }),
+      this.send('Network.enable', {}),
+      this.send('Page.enable', {})
+    ])
+
+    this.running = true
+  }
+
+  async stop(): Promise<void> {
+    if (!this.running || !this.webContents) return
+    this.running = false
+    if (this.webContents.isDestroyed()) return
+    try {
+      await this.send('Fetch.disable', {})
+    } catch { /* ignore */ }
+  }
+
+  detach(): void {
+    if (!this.webContents) return
+    if (!this.webContents.isDestroyed()) {
+      if (this.messageHandler) {
+        this.webContents.debugger.removeListener('message', this.messageHandler)
+      }
+      if (this.detachedHandler) {
+        this.webContents.debugger.removeListener('detach', this.detachedHandler)
+      }
+      try { this.webContents.debugger.detach() } catch { /* already detached */ }
+    }
+    this.pendingRequests.clear()
+    this.webContents = null
+  }
+
+  /**
+   * Send a raw CDP command. Exposed for advanced use cases (e.g. stealth injection).
+   */
+  async sendCommand(method: string, params: Record<string, unknown>): Promise<Record<string, unknown>> {
+    if (!this.webContents || this.webContents.isDestroyed()) throw new Error('No WebContents attached')
+    return this.webContents.debugger.sendCommand(method, params) as Promise<Record<string, unknown>>
+  }
+
+  private async send(method: string, params: Record<string, unknown>): Promise<Record<string, unknown>> {
+    return this.sendCommand(method, params)
+  }
+
+  private handleCdpMessage(method: string, params: Record<string, unknown>): void {
+    switch (method) {
+      case 'Fetch.requestPaused':
+        this.handleRequestPaused(params)
+        break
+      case 'Network.webSocketFrameSent':
+        this.emit('websocket-frame', { direction: 'sent', ...params })
+        break
+      case 'Network.webSocketFrameReceived':
+        this.emit('websocket-frame', { direction: 'received', ...params })
+        break
+      case 'Network.webSocketCreated':
+        this.emit('websocket-created', params)
+        break
+      case 'Network.webSocketClosed':
+        this.emit('websocket-closed', params)
+        break
+      case 'Page.frameNavigated':
+        this.emit('frame-navigated', params)
+        break
+    }
+  }
+
+  private async handleRequestPaused(params: Record<string, unknown>): Promise<void> {
+    const requestId = params.requestId as string
+    const responseStatusCode = params.responseStatusCode as number | undefined
+
+    if (responseStatusCode === undefined) {
+      await this.handleRequestStage(requestId, params)
+    } else {
+      await this.handleResponseStage(requestId, params)
+    }
+  }
+
+  private async handleRequestStage(requestId: string, params: Record<string, unknown>): Promise<void> {
+    const request = params.request as Record<string, unknown>
+    const method = (request.method as string) || 'GET'
+    const url = (request.url as string) || ''
+    const headers = (request.headers as Record<string, string>) || {}
+    const postData = (request.postData as string) || null
+    const isOptions = method.toUpperCase() === 'OPTIONS'
+
+    const info: RequestInfo = {
+      method, url, headers, postData,
+      timestamp: Date.now(),
+      initiator: params.initiator || null,
+      isOptions
+    }
+    this.pendingRequests.set(requestId, info)
+
+    this.emit('request-captured', {
+      requestId, method, url,
+      headers: JSON.stringify(headers),
+      body: postData,
+      timestamp: info.timestamp,
+      initiator: params.initiator ? JSON.stringify(params.initiator) : null,
+      isOptions
+    })
+
+    try { await this.send('Fetch.continueRequest', { requestId }) } catch { /* cancelled */ }
+  }
+
+  private async handleResponseStage(requestId: string, params: Record<string, unknown>): Promise<void> {
+    const requestInfo = this.pendingRequests.get(requestId)
+    const statusCode = params.responseStatusCode as number
+    const responseHeaders = (params.responseHeaders as Array<{ name: string; value: string }>) || []
+
+    const headersObj: Record<string, string> = {}
+    for (const h of responseHeaders) {
+      headersObj[h.name.toLowerCase()] = h.value
+    }
+
+    const contentType = headersObj['content-type'] || null
+    const isBinary = contentType ? BINARY_CONTENT_TYPES.some(t => contentType.includes(t)) : false
+
+    let responseBody: string | null = null
+    let truncated = false
+
+    if (!isBinary) {
+      try {
+        const bodyResult = await this.send('Fetch.getResponseBody', { requestId })
+        const body = bodyResult.body as string
+        const base64Encoded = bodyResult.base64Encoded as boolean
+        responseBody = base64Encoded ? Buffer.from(body, 'base64').toString('utf-8') : body
+
+        if (responseBody && responseBody.length > MAX_BODY_SIZE) {
+          responseBody = responseBody.substring(0, MAX_BODY_SIZE) + '\n[TRUNCATED]'
+          truncated = true
+        }
+      } catch { responseBody = null }
+    }
+
+    const durationMs = requestInfo ? Date.now() - requestInfo.timestamp : null
+    const STATIC_EXTENSIONS = /\.(js|css|png|jpg|jpeg|gif|svg|woff|woff2|ttf|eot|ico|map)(\?|$)/i
+
+    const isStreaming = contentType ? contentType.includes('text/event-stream') : false
+    const isWebSocket = requestInfo
+      ? Object.entries(requestInfo.headers).some(([key, value]) =>
+          key.toLowerCase() === 'upgrade' && value.toLowerCase() === 'websocket')
+      : false
+
+    this.emit('response-captured', {
+      requestId,
+      method: requestInfo?.method || 'UNKNOWN',
+      url: requestInfo?.url || '',
+      requestHeaders: requestInfo ? JSON.stringify(requestInfo.headers) : '{}',
+      requestBody: requestInfo?.postData || null,
+      statusCode, responseHeaders: JSON.stringify(headersObj),
+      responseBody, contentType,
+      initiator: requestInfo?.initiator ? JSON.stringify(requestInfo.initiator) : null,
+      durationMs,
+      isOptions: requestInfo?.isOptions || false,
+      isStatic: requestInfo ? STATIC_EXTENSIONS.test(requestInfo.url) : false,
+      isStreaming,
+      isWebSocket,
+      truncated, timestamp: requestInfo?.timestamp || Date.now()
+    })
+
+    this.pendingRequests.delete(requestId)
+    try { await this.send('Fetch.continueResponse', { requestId }) } catch { /* cancelled */ }
+  }
+}

package/src/main/db/database.ts

@@ -0,0 +1,41 @@
+import Database from 'better-sqlite3'
+import { app } from 'electron'
+import { join } from 'path'
+import { existsSync, mkdirSync } from 'fs'
+
+let db: Database.Database | null = null
+
+/**
+ * Get or initialize the SQLite database connection.
+ * Database file is stored in the app's user data directory.
+ */
+export function getDatabase(): Database.Database {
+  if (db) return db
+
+  const userDataPath = app.getPath('userData')
+  const dbDir = join(userDataPath, 'data')
+
+  if (!existsSync(dbDir)) {
+    mkdirSync(dbDir, { recursive: true })
+  }
+
+  const dbPath = join(dbDir, 'anything-register.db')
+
+  db = new Database(dbPath)
+
+  // Enable WAL mode for better concurrent read performance
+  db.pragma('journal_mode = WAL')
+  db.pragma('foreign_keys = ON')
+
+  return db
+}
+
+/**
+ * Close the database connection (called on app quit).
+ */
+export function closeDatabase(): void {
+  if (db) {
+    db.close()
+    db = null
+  }
+}

package/src/main/db/migrations.ts

@@ -0,0 +1,235 @@
+import type Database from 'better-sqlite3'
+
+/**
+ * Migration 005: Add streaming and WebSocket flags to requests table
+ * Safe to call multiple times (handles duplicate column errors)
+ */
+export function migrateAddStreamingAndWebSocketFlags(db: Database.Database): void {
+  const migrations = [
+    `ALTER TABLE requests ADD COLUMN is_streaming INTEGER DEFAULT 0`,
+    `ALTER TABLE requests ADD COLUMN is_websocket INTEGER DEFAULT 0`,
+  ]
+
+  for (const migration of migrations) {
+    try {
+      db.exec(migration)
+    } catch (err) {
+      // Ignore error if column already exists
+      if (!String(err).includes('duplicate column name')) {
+        throw err
+      }
+    }
+  }
+}
+
+/**
+ * Run all database migrations — create tables and indexes.
+ * Safe to call multiple times (uses IF NOT EXISTS).
+ */
+export function runMigrations(db: Database.Database): void {
+  db.exec(`
+    -- Sessions table
+    CREATE TABLE IF NOT EXISTS sessions (
+      id          TEXT PRIMARY KEY,
+      name        TEXT,
+      target_url  TEXT,
+      status      TEXT NOT NULL DEFAULT 'stopped',
+      created_at  INTEGER NOT NULL,
+      stopped_at  INTEGER
+    );
+
+    -- HTTP request records
+    CREATE TABLE IF NOT EXISTS requests (
+      id               TEXT PRIMARY KEY,
+      session_id       TEXT NOT NULL REFERENCES sessions(id) ON DELETE CASCADE,
+      sequence         INTEGER NOT NULL,
+      timestamp        INTEGER NOT NULL,
+      method           TEXT NOT NULL,
+      url              TEXT NOT NULL,
+      request_headers  TEXT,
+      request_body     TEXT,
+      status_code      INTEGER,
+      response_headers TEXT,
+      response_body    TEXT,
+      content_type     TEXT,
+      initiator        TEXT,
+      duration_ms      INTEGER
+    );
+
+    -- JS Hook capture records
+    CREATE TABLE IF NOT EXISTS js_hooks (
+      id                 INTEGER PRIMARY KEY AUTOINCREMENT,
+      session_id         TEXT NOT NULL REFERENCES sessions(id) ON DELETE CASCADE,
+      timestamp          INTEGER NOT NULL,
+      hook_type          TEXT NOT NULL,
+      function_name      TEXT NOT NULL,
+      arguments          TEXT,
+      result             TEXT,
+      call_stack         TEXT,
+      related_request_id TEXT
+    );
+
+    -- Storage snapshots
+    CREATE TABLE IF NOT EXISTS storage_snapshots (
+      id           INTEGER PRIMARY KEY AUTOINCREMENT,
+      session_id   TEXT NOT NULL REFERENCES sessions(id) ON DELETE CASCADE,
+      timestamp    INTEGER NOT NULL,
+      domain       TEXT NOT NULL,
+      storage_type TEXT NOT NULL,
+      data         TEXT
+    );
+
+    -- AI analysis reports
+    CREATE TABLE IF NOT EXISTS analysis_reports (
+      id                TEXT PRIMARY KEY,
+      session_id        TEXT NOT NULL REFERENCES sessions(id) ON DELETE CASCADE,
+      created_at        INTEGER NOT NULL,
+      llm_provider      TEXT NOT NULL,
+      llm_model         TEXT NOT NULL,
+      prompt_tokens     INTEGER,
+      completion_tokens INTEGER,
+      report_content    TEXT
+    );
+
+    -- Fingerprint profiles (one per session)
+    CREATE TABLE IF NOT EXISTS fingerprint_profiles (
+      session_id   TEXT PRIMARY KEY REFERENCES sessions(id) ON DELETE CASCADE,
+      profile_json TEXT NOT NULL
+    );
+
+    -- Indexes
+    CREATE INDEX IF NOT EXISTS idx_requests_session ON requests(session_id, sequence);
+    CREATE INDEX IF NOT EXISTS idx_requests_url ON requests(url);
+    CREATE INDEX IF NOT EXISTS idx_js_hooks_session ON js_hooks(session_id, timestamp);
+    CREATE INDEX IF NOT EXISTS idx_storage_session ON storage_snapshots(session_id, timestamp);
+    CREATE INDEX IF NOT EXISTS idx_reports_session ON analysis_reports(session_id);
+  `)
+
+  // Run additional migrations
+  migrateAddStreamingAndWebSocketFlags(db)
+  migrateAddFilterTokenColumns(db)
+  migrateAddSourceColumn(db)
+  migrateAddChatMessagesTable(db)
+  migrateAddAiRequestLogsTable(db)
+  migrateAddInteractionEventsTable(db)
+}
+
+/**
+ * Migration 008: Add chat_messages table for persisting follow-up Q&A per report
+ * Safe to call multiple times (uses IF NOT EXISTS).
+ */
+export function migrateAddChatMessagesTable(db: Database.Database): void {
+  db.exec(`
+    CREATE TABLE IF NOT EXISTS chat_messages (
+      id         INTEGER PRIMARY KEY AUTOINCREMENT,
+      report_id  TEXT NOT NULL REFERENCES analysis_reports(id) ON DELETE CASCADE,
+      role       TEXT NOT NULL,
+      content    TEXT NOT NULL,
+      created_at INTEGER NOT NULL
+    );
+    CREATE INDEX IF NOT EXISTS idx_chat_messages_report ON chat_messages(report_id, id);
+  `)
+}
+
+/**
+ * Migration 007: Add source column to requests table for MITM proxy support
+ * Safe to call multiple times (handles duplicate column errors)
+ */
+export function migrateAddSourceColumn(db: Database.Database): void {
+  try {
+    db.exec(`ALTER TABLE requests ADD COLUMN source TEXT DEFAULT 'cdp'`);
+  } catch (err) {
+    if (!String(err).includes("duplicate column name")) throw err;
+  }
+}
+
+/**
+ * Migration 006: Add Phase 1 filter token columns to analysis_reports
+ * Safe to call multiple times (handles duplicate column errors)
+ */
+export function migrateAddFilterTokenColumns(db: Database.Database): void {
+  const migrations = [
+    `ALTER TABLE analysis_reports ADD COLUMN filter_prompt_tokens INTEGER`,
+    `ALTER TABLE analysis_reports ADD COLUMN filter_completion_tokens INTEGER`,
+  ]
+
+  for (const migration of migrations) {
+    try {
+      db.exec(migration)
+    } catch (err) {
+      if (!String(err).includes('duplicate column name')) {
+        throw err
+      }
+    }
+  }
+}
+
+/**
+ * Migration 009: Add ai_request_logs table for recording LLM HTTP requests
+ * Safe to call multiple times (uses IF NOT EXISTS).
+ */
+export function migrateAddAiRequestLogsTable(db: Database.Database): void {
+  db.exec(`
+    CREATE TABLE IF NOT EXISTS ai_request_logs (
+      id                INTEGER PRIMARY KEY AUTOINCREMENT,
+      session_id        TEXT REFERENCES sessions(id) ON DELETE CASCADE,
+      report_id         TEXT REFERENCES analysis_reports(id) ON DELETE SET NULL,
+      type              TEXT NOT NULL,
+      provider          TEXT NOT NULL,
+      model             TEXT NOT NULL,
+      request_url       TEXT NOT NULL,
+      request_method    TEXT NOT NULL DEFAULT 'POST',
+      request_headers   TEXT NOT NULL,
+      request_body      TEXT NOT NULL,
+      status_code       INTEGER,
+      response_headers  TEXT,
+      response_body     TEXT,
+      prompt_tokens     INTEGER DEFAULT 0,
+      completion_tokens INTEGER DEFAULT 0,
+      duration_ms       INTEGER,
+      error             TEXT,
+      created_at        INTEGER NOT NULL
+    );
+    CREATE INDEX IF NOT EXISTS idx_ai_logs_session ON ai_request_logs(session_id);
+    CREATE INDEX IF NOT EXISTS idx_ai_logs_created ON ai_request_logs(created_at);
+  `)
+}
+
+/**
+ * Migration 010: Add interaction_events table for recording user interactions
+ * Safe to call multiple times (uses IF NOT EXISTS).
+ */
+export function migrateAddInteractionEventsTable(db: Database.Database): void {
+  db.exec(`
+    CREATE TABLE IF NOT EXISTS interaction_events (
+      id            INTEGER PRIMARY KEY AUTOINCREMENT,
+      session_id    TEXT NOT NULL REFERENCES sessions(id) ON DELETE CASCADE,
+      sequence      INTEGER NOT NULL,
+      type          TEXT NOT NULL,
+      timestamp     INTEGER NOT NULL,
+      x             REAL,
+      y             REAL,
+      viewport_x    REAL,
+      viewport_y    REAL,
+      selector      TEXT,
+      xpath         TEXT,
+      tag_name      TEXT,
+      element_text  TEXT,
+      attributes    TEXT,
+      bounding_rect TEXT,
+      input_value   TEXT,
+      key           TEXT,
+      scroll_x      REAL,
+      scroll_y      REAL,
+      scroll_dx     REAL,
+      scroll_dy     REAL,
+      url           TEXT NOT NULL,
+      page_title    TEXT,
+      path          TEXT,
+      created_at    INTEGER NOT NULL
+    );
+    CREATE INDEX IF NOT EXISTS idx_interactions_session ON interaction_events(session_id);
+    CREATE INDEX IF NOT EXISTS idx_interactions_session_seq ON interaction_events(session_id, sequence);
+    CREATE INDEX IF NOT EXISTS idx_interactions_type ON interaction_events(session_id, type);
+  `)
+}