@nasl/cli 0.1.16 → 0.1.18

package/dist/index.mjs

@@ -1,6 +1,6 @@
 import * as sysPath from 'path';
-import sysPath__default from 'path';
-import require$$0$3, { unwatchFile, watchFile, watch as watch$1, stat as stat$3 } from 'fs';
+import sysPath__default, { join } from 'path';
+import require$$0$3, { promises, unwatchFile, watchFile, watch as watch$1, stat as stat$3 } from 'fs';
 import stream$4, { Readable } from 'stream';
 import require$$0$1, { type as type$1 } from 'os';
 import require$$0$2 from 'util';
@@ -11,23 +11,23 @@ import require$$5 from 'assert';
 import require$$3 from 'http';
 import require$$4 from 'https';
 import require$$0$6 from 'url';
-import require$$8 from 'crypto';
+import crypto$1, { createHash } from 'crypto';
 import http2 from 'http2';
 import zlib from 'zlib';
 import { spawn, spawnSync } from 'child_process';
 import { realpath as realpath$1, stat as stat$2, lstat as lstat$1, open, readdir as readdir$1 } from 'fs/promises';
 import { lstat, stat as stat$1, readdir, realpath } from 'node:fs/promises';
 import { Readable as Readable$1 } from 'node:stream';
-import { resolve, join, relative, sep } from 'node:path';
+import { resolve, join as join$1, relative, sep } from 'node:path';
 
 /**
  * 默认配置
  */
 const DEFAULT_CONFIG = {
-    serverBaseURL: 'https://nasl.lcap.163yun.com/api/v1/nasl',
+    serverBaseURL: 'https://nasl.lcap.163yun.com',
     representation: 'NaturalTS',
     namespaceResolution: 'filename-as-namespace',
-    ideVersion: '4.3',
+    ideVersion: '4.4',
     srcDir: 'src',
     outDir: 'out',
 };
@@ -13582,10 +13582,39 @@ function loadConfig(configDir) {
         const content = libExports.readFileSync(configPath, 'utf-8');
         const config = JSON.parse(content);
         // 验证必需字段
-        if (!config.serverBaseURL || !config.ideVersion || !config.srcDir || !config.outDir) {
-            defaultLogger.error('配置文件格式不正确，缺少必需字段');
+        if (!config.srcDir || !config.outDir) {
+            defaultLogger.error('配置文件格式不正确，缺少必需的 srcDir 或 outDir 字段');
             return defaultLogger.exit(1);
         }
+        if (!config.ideVersion) {
+            config.ideVersion = process.env.NASL_IDE_VERSION || '';
+            if (!config.ideVersion) {
+                defaultLogger.error('缺少配置 ideVersion，请在配置文件中添加，或在环境变量中配置 NASL_IDE_VERSION');
+                return defaultLogger.exit(1);
+            }
+        }
+        if (!config.serverBaseURL) {
+            config.serverBaseURL = process.env.NASL_SERVER_BASE_URL || '';
+            if (!config.serverBaseURL) {
+                defaultLogger.error('缺少配置 serverBaseURL，请在配置文件中添加，或在环境变量中配置 NASL_SERVER_BASE_URL');
+                return defaultLogger.exit(1);
+            }
+        }
+        if (!config.useOPENAPI)
+            config.useOPENAPI = process.env.USE_LCAP_OPENAPI === 'true';
+        if (!config.OPENAPI_AK)
+            config.OPENAPI_AK = process.env.LCAP_OPENAPI_AK;
+        if (!config.OPENAPI_SK)
+            config.OPENAPI_SK = process.env.LCAP_OPENAPI_SK;
+        if (config.useOPENAPI) {
+            if (!config.OPENAPI_AK || !config.OPENAPI_SK) {
+                defaultLogger.error(`配置了 useOPENAPI，但缺少配置 OPENAPI_AK 和 OPENAPI_SK:
+- 在 nasl.config.json 中配置 OPENAPI_AK 和 OPENAPI_SK，或者在环境变量中配置 LCAP_OPENAPI_AK 和 LCAP_OPENAPI_SK
+- 或将 useOPENAPI 配置为 false
+`);
+                return defaultLogger.exit(1);
+            }
+        }
         return config;
     }
     catch (error) {
@@ -27652,7 +27681,7 @@ function requireForm_data () {
 	var parseUrl = require$$0$6.parse;
 	var fs = require$$0$3;
 	var Stream = stream$4.Stream;
-	var crypto = require$$8;
+	var crypto = crypto$1;
 	var mime = requireMimeTypes();
 	var asynckit = requireAsynckit();
 	var setToStringTag = /*@__PURE__*/ requireEsSetTostringtag();
@@ -28561,7 +28590,7 @@ const generateString = (size = 16, alphabet = ALPHABET.ALPHA_DIGIT) => {
   let str = '';
   const {length} = alphabet;
   const randomValues = new Uint32Array(size);
-  require$$8.randomFillSync(randomValues);
+  crypto$1.randomFillSync(randomValues);
   for (let i = 0; i < size; i++) {
     str += alphabet[randomValues[i] % length];
   }
@@ -34346,14 +34375,286 @@ const {
   mergeConfig
 } = axios;
 
-function createAxios(baseURL) {
-    return axios.create({
+// Unique ID creation requires a high quality random # generator. In the browser we therefore
+// require the crypto API and do not support built-in fallback to lower quality random number
+// generators (like Math.random()).
+let getRandomValues;
+const rnds8 = new Uint8Array(16);
+function rng() {
+  // lazy load so that environments that need to polyfill have a chance to do so
+  if (!getRandomValues) {
+    // getRandomValues needs to be invoked in a context where "this" is a Crypto implementation.
+    getRandomValues = typeof crypto !== 'undefined' && crypto.getRandomValues && crypto.getRandomValues.bind(crypto);
+
+    if (!getRandomValues) {
+      throw new Error('crypto.getRandomValues() not supported. See https://github.com/uuidjs/uuid#getrandomvalues-not-supported');
+    }
+  }
+
+  return getRandomValues(rnds8);
+}
+
+/**
+ * Convert array of 16 byte values to UUID string format of the form:
+ * XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX
+ */
+
+const byteToHex = [];
+
+for (let i = 0; i < 256; ++i) {
+  byteToHex.push((i + 0x100).toString(16).slice(1));
+}
+
+function unsafeStringify(arr, offset = 0) {
+  // Note: Be careful editing this code!  It's been tuned for performance
+  // and works in ways you may not expect. See https://github.com/uuidjs/uuid/pull/434
+  return byteToHex[arr[offset + 0]] + byteToHex[arr[offset + 1]] + byteToHex[arr[offset + 2]] + byteToHex[arr[offset + 3]] + '-' + byteToHex[arr[offset + 4]] + byteToHex[arr[offset + 5]] + '-' + byteToHex[arr[offset + 6]] + byteToHex[arr[offset + 7]] + '-' + byteToHex[arr[offset + 8]] + byteToHex[arr[offset + 9]] + '-' + byteToHex[arr[offset + 10]] + byteToHex[arr[offset + 11]] + byteToHex[arr[offset + 12]] + byteToHex[arr[offset + 13]] + byteToHex[arr[offset + 14]] + byteToHex[arr[offset + 15]];
+}
+
+const randomUUID = typeof crypto !== 'undefined' && crypto.randomUUID && crypto.randomUUID.bind(crypto);
+var native = {
+  randomUUID
+};
+
+function v4(options, buf, offset) {
+  if (native.randomUUID && true && !options) {
+    return native.randomUUID();
+  }
+
+  options = options || {};
+  const rnds = options.random || (options.rng || rng)(); // Per 4.4, set bits for version and `clock_seq_hi_and_reserved`
+
+  rnds[6] = rnds[6] & 0x0f | 0x40;
+  rnds[8] = rnds[8] & 0x3f | 0x80; // Copy bytes to buffer, if provided
+
+  return unsafeStringify(rnds);
+}
+
+function generateHash(params) {
+    const hash = createHash('sha256');
+    hash.update(JSON.stringify(params));
+    return hash.digest('hex');
+}
+async function getCachePathWithTimestamp(hash) {
+    const cacheDir = join(process.cwd(), '.cache');
+    await promises.mkdir(cacheDir, { recursive: true });
+    return join(cacheDir, `${hash}_${Date.now()}.json`);
+}
+/**
+ * 查找指定 hash 的有效缓存文件
+ * @param hash 缓存标识
+ * @param ttl 缓存有效期（毫秒）
+ * @returns 缓存文件路径和缓存内容，如果没有有效缓存则返回 null
+ */
+async function findValidCache(hash, ttl) {
+    const cacheDir = join(process.cwd(), '.cache');
+    try {
+        await promises.mkdir(cacheDir, { recursive: true });
+        const files = await promises.readdir(cacheDir);
+        const now = Date.now();
+        // 查找所有匹配的缓存文件
+        const matchingFiles = files
+            .filter((file) => file.startsWith(`${hash}_`) && file.endsWith('.json'))
+            .map((file) => {
+            const match = file.match(/_(\d+)\.json$/);
+            if (!match)
+                return null;
+            const timestamp = parseInt(match[1], 10);
+            return {
+                path: join(cacheDir, file),
+                timestamp,
+                isExpired: now - timestamp > ttl,
+            };
+        })
+            .filter((item) => item !== null);
+        // 删除过期的缓存文件
+        const expiredFiles = matchingFiles.filter((item) => item.isExpired);
+        await Promise.all(expiredFiles.map((item) => promises.unlink(item.path).catch(() => { })));
+        // 查找有效的缓存文件（按时间戳降序排序，获取最新的）
+        const validFiles = matchingFiles.filter((item) => !item.isExpired).sort((a, b) => b.timestamp - a.timestamp);
+        if (validFiles.length > 0) {
+            const cacheFile = validFiles[0];
+            const cacheContent = await promises.readFile(cacheFile.path, 'utf-8');
+            const cachedResult = JSON.parse(cacheContent);
+            return { path: cacheFile.path, data: cachedResult };
+        }
+        return null;
+    }
+    catch (error) {
+        return null;
+    }
+}
+/**
+ * 高阶函数，为异步函数添加带时间戳的缓存功能
+ * @param fn 需要添加缓存的函数
+ * @param ttl 缓存有效期（毫秒），默认 1 小时
+ * @param getCacheKey 可选的自定义缓存 key 生成函数，如果不提供则使用整个 params
+ * @returns 带缓存的函数版本
+ */
+function cachableWithTTL(fn, ttl = 3600 * 1000, // 默认 1 小时
+getCacheKey) {
+    return async (params, extraParams) => {
+        const functionName = fn.name;
+        const logPrefix = functionName ? `[${functionName}]` : '[cachableWithTTL]';
+        // 检查是否启用缓存
+        if (process.env.NO_AI_CACHE) {
+            return fn(params, extraParams);
+        }
+        // 使用自定义的 getCacheKey 或默认使用整个 params
+        const cacheKey = getCacheKey ? getCacheKey(params) : params;
+        const hash = generateHash(cacheKey);
+        // 查找有效的缓存
+        const validCache = await findValidCache(hash, ttl);
+        if (validCache) {
+            console.log(`${logPrefix} ✓ 使用缓存`);
+            return validCache.data;
+        }
+        // 调用原函数
+        const result = await fn(params, extraParams);
+        // 保存结果到缓存（带时间戳）
+        try {
+            const cachePath = await getCachePathWithTimestamp(hash);
+            await promises.writeFile(cachePath, JSON.stringify(result, null, 2), 'utf-8');
+        }
+        catch (error) {
+            // 缓存写入失败，但不影响返回结果
+        }
+        return result;
+    };
+}
+
+/**
+ * 生成客户端签名信息
+ * @param appKey AppKey
+ * @param secretKey SecretKey
+ * @returns 签名信息
+ */
+function generateClientSignature(appKey, secretKey) {
+    const timestamp = Math.floor(Date.now() / 1000).toString();
+    const nonce = v4();
+    const plainText = `${appKey}&${nonce}&${timestamp}&${secretKey}`;
+    const signature = crypto$1.createHash('md5').update(plainText).digest('hex');
+    return {
+        appKey,
+        timestamp,
+        nonce,
+        signature,
+    };
+}
+/**
+ * 生成基础认证头
+ * @param ak AppKey
+ * @param sk SecretKey
+ * @returns 基础认证头
+ */
+function generateBaseHeaders(ak, sk) {
+    const { timestamp, signature, nonce } = generateClientSignature(ak, sk);
+    return {
+        'Content-Type': 'application/json',
+        'x-appKey': ak,
+        'x-timestamp': timestamp,
+        'x-nonce': nonce,
+        'x-signature': signature,
+    };
+}
+/**
+ * 获取租户的 signInfo（内部实现）
+ * @param options 服务器选项
+ * @param baseHeaders 基础认证头
+ * @returns x-signInfo 值
+ */
+async function _fetchSignInfo({ options, baseHeaders }) {
+    const tenantName = options.tenantName || 'defaulttenant';
+    const userName = tenantName === 'defaulttenant' ? 'admin' : `${tenantName}-admin`;
+    const data = {
+        tenantName,
+        userName,
+        source: 'Normal',
+    };
+    const url = `${options.serverBaseURL}/openapi/v3/auth/getSignInfo`;
+    try {
+        const tempAxios = axios.create({
+            headers: baseHeaders,
+            timeout: 120000,
+        });
+        const response = await tempAxios.post(url, data);
+        return response?.data?.result || null;
+    }
+    catch (error) {
+        console.error('Error fetching sign info:', error.response?.data);
+        return null;
+    }
+}
+/**
+ * 获取租户的 signInfo（带缓存，1 小时过期）
+ * @param options 服务器选项
+ * @param baseHeaders 基础认证头
+ * @returns x-signInfo 值
+ */
+const fetchSignInfo = cachableWithTTL(_fetchSignInfo, 3600 * 1000, // 1 小时
+(params) => params.options);
+/**
+ * 生成完整的认证头（包含 x-signInfo）
+ * @param options 服务器选项
+ * @returns 完整的认证头
+ */
+async function generateCompleteHeaders(options) {
+    const headers = {
+        'Content-Type': 'application/json',
+    };
+    // 如果没有提供 ak 和 sk，返回基础 headers
+    if (!options.OPENAPI_AK || !options.OPENAPI_SK) {
+        throw new Error(`配置了 useOPENAPI，但缺少配置 OPENAPI_AK 和 OPENAPI_SK:
+- 在 nasl.config.json 中配置 OPENAPI_AK 和 OPENAPI_SK，或者在环境变量中配置 LCAP_OPENAPI_AK 和 LCAP_OPENAPI_SK
+- 或将 useOPENAPI 配置为 false
+`);
+    }
+    // 生成基础认证头
+    const baseHeaders = generateBaseHeaders(options.OPENAPI_AK, options.OPENAPI_SK);
+    Object.assign(headers, baseHeaders);
+    // 获取 signInfo
+    const signInfo = await fetchSignInfo({ options, baseHeaders: headers });
+    if (signInfo) {
+        headers['x-signInfo'] = signInfo;
+    }
+    return headers;
+}
+
+/**
+ * 创建 Axios 实例
+ * @param options 服务器选项，包含认证信息
+ * @returns Axios 实例
+ */
+async function createAxios(options) {
+    // 如果需要鉴权，拼接 /openapi/v3/nasl；否则使用原始 URL
+    const serverBaseURL = new URL(options.serverBaseURL).origin;
+    const baseURL = options.useOPENAPI ? `${serverBaseURL}/openapi/v3/nasl` : `${serverBaseURL}/api/v1/nasl`;
+    // 如果需要鉴权，生成完整的认证头；否则只使用基础 headers
+    const headers = options.useOPENAPI ? await generateCompleteHeaders(options) : { 'Content-Type': 'application/json' };
+    console.log('本次服务调用方为:', baseURL);
+    const instance = axios.create({
         baseURL,
-        headers: {
-            'Content-Type': 'application/json',
-        },
+        headers,
         timeout: 120000,
     });
+    const oldPost = instance.post;
+    instance.post = async (url, data, config) => {
+        return oldPost(url, data, config).then((res) => {
+            const data = res.data;
+            if (data.code !== 200)
+                throw new Error(JSON.stringify(data));
+            return res;
+        }).catch((err) => {
+            // console.log(err.response ? err.response.data : err);
+            if (err.response) {
+                throw new Error(JSON.stringify(err.response.data));
+            }
+            else {
+                throw err;
+            }
+        });
+    };
+    return instance;
 }
 
 function truncate(str, maxLength) {
@@ -34367,13 +34668,11 @@ function truncate(str, maxLength) {
 async function compileApi(fullNaturalTS, options) {
     // 这里需要调用实际的编译服务接口
     // 示例实现：
-    const axios = createAxios(options.serverBaseURL);
+    const axios = await createAxios(options);
     const res = await axios.post(`/compile/tsx?ideVersion=${options.ideVersion}&needAnnotation=true`, fullNaturalTS, {
         headers: { 'Content-Type': 'text/plain' },
     });
     const data = res.data;
-    if (data.code !== 200)
-        throw new Error(data.message);
     const { bundle } = data.result;
     const fileMap = bundle.frontendBundle.files;
     const files = Object.keys(fileMap).map((key) => {
@@ -34401,7 +34700,7 @@ window.backendApp = app;
  * TODO: 实现具体的 API 调用逻辑
  */
 async function checkApi(fullNaturalTS, options) {
-    const axios = createAxios(options.serverBaseURL);
+    const axios = await createAxios(options);
     const res = await axios.post(`/check/tsx?ideVersion=${options.ideVersion}`, fullNaturalTS, {
         headers: { 'Content-Type': 'text/plain' },
     });
@@ -34419,7 +34718,7 @@ async function checkApi(fullNaturalTS, options) {
 async function createAppSyncApi(fullNaturalTS, options) {
     const url = new URL(options.serverBaseURL);
     const origin = url.origin + '/app-ai-creator';
-    const axios = createAxios(origin);
+    const axios = await createAxios({ serverBaseURL: origin, ideVersion: options.ideVersion });
     try {
         const res = await axios.post('/api/createAppSync', {
             fullNaturalTS,
@@ -34466,10 +34765,7 @@ async function compile(entry, options) {
     logger.info('正在调用编译服务...');
     try {
         const fullNaturalTS = composeToString(collectedFiles);
-        const outputFiles = await compileApi(fullNaturalTS, {
-            serverBaseURL: config.serverBaseURL,
-            ideVersion: config.ideVersion,
-        });
+        const outputFiles = await compileApi(fullNaturalTS, config);
         logger.success('编译成功！');
         // 写入输出文件
         for (const file of outputFiles) {
@@ -34516,10 +34812,7 @@ async function check(entry, options) {
         result = error.message.trim();
     }
     if (!result && fullNaturalTS) {
-        result = (await checkApi(fullNaturalTS, {
-            serverBaseURL: config.serverBaseURL,
-            ideVersion: config.ideVersion,
-        })).trim();
+        result = (await checkApi(fullNaturalTS, config)).trim();
     }
     const checkResult = {
         success: !result,
@@ -34798,6 +35091,10 @@ async function createAppInIde(entry, options) {
     logger.info('开始创建应用在 IDE 中...');
     // 收集需要处理的文件
     const { collectedFiles, config } = await resolveNASLFiles(entry, logger, false, options?.verbose);
+    if (config.useOPENAPI) {
+        logger.error('create-app-in-ide 暂不支持 useOPENAPI 模式');
+        logger.exit(1);
+    }
     // 生成 fullNaturalTS
     logger.newLine();
     logger.info('正在生成 NaturalTS 代码...');
@@ -34859,15 +35156,13 @@ async function createAppInIde(entry, options) {
  * 编译 NASL 代码
  * TODO: 实现具体的 API 调用逻辑
  */
-async function transformJson2FilesApi(jsonContent, options) {
+async function transformJson2FilesApi(json, options) {
     // 示例实现：
-    const axios = createAxios(options.serverBaseURL);
-    const res = await axios.post(`/transform/json2files?ideVersion=${options.ideVersion}`, jsonContent, {
-        headers: { 'Content-Type': 'text/plain' },
+    const axios = await createAxios(options);
+    const res = await axios.post(`/transform/json2files?ideVersion=${options.ideVersion}`, json, {
+        headers: { 'Content-Type': 'application/json' },
     });
     const data = res.data;
-    if (data.code !== 200)
-        throw new Error(data.message);
     return data.result;
 }
 
@@ -34907,17 +35202,19 @@ const transformFns = {
         const projectRoot = getProjectRoot();
         logger.info(`项目根目录: ${projectRoot}`);
         logger.info(`源代码目录: ${config.srcDir}`);
+        if (!libExports.existsSync(config.srcDir)) {
+            logger.error(`当前目录下 ${config.srcDir} 目录不存在，请先创建`);
+            logger.exit(1);
+        }
         let jsonContent = '';
         if (!entry) {
             logger.warn('没有指定 JSON 文件路径，按照默认 IDE 版本的基础模板转换');
         }
         else {
             jsonContent = libExports.readFileSync(entry, 'utf-8');
+            logger.info(`读取到 JSON 文件: ${entry}`);
         }
-        const files = await transformJson2FilesApi(jsonContent, {
-            serverBaseURL: config.serverBaseURL,
-            ideVersion: config.ideVersion,
-        });
+        const files = await transformJson2FilesApi(jsonContent ? JSON.parse(jsonContent) : {}, config);
         await Promise.all(files.map(async (file) => {
             const outputPath = sysPath.join(projectRoot, config.srcDir, file.path);
             await libExports.writeFile(outputPath, file.content);
@@ -35101,7 +35398,7 @@ class ReaddirpStream extends Readable$1 {
         let entry;
         const basename = this._isDirent ? dirent.name : dirent;
         try {
-            const fullPath = resolve(join(path, basename));
+            const fullPath = resolve(join$1(path, basename));
             entry = { path: relative(this._root, fullPath), fullPath, basename };
             entry[this._statsProp] = this._isDirent ? dirent : await this._stat(fullPath);
         }