@objectstack/core 2.0.1 → 2.0.3

package/dist/index.d.cts

@@ -1236,6 +1236,7 @@ declare class PluginPermissionEnforcer {
     private checkPermission;
     private checkServiceAccess;
     private checkHookAccess;
+    private matchGlob;
     private checkFileRead;
     private checkFileWrite;
     private checkNetworkAccess;
@@ -1395,9 +1396,12 @@ interface SandboxContext {
  * and access controls
  */
 declare class PluginSandboxRuntime {
+    private static readonly MONITORING_INTERVAL_MS;
     private logger;
     private sandboxes;
     private monitoringIntervals;
+    private memoryBaselines;
+    private cpuBaselines;
     constructor(logger: ObjectLogger);
     /**
      * Create a sandbox for a plugin
@@ -1416,14 +1420,12 @@ declare class PluginSandboxRuntime {
     };
     /**
      * Check file system access
-     * WARNING: Uses simple prefix matching. For production, use proper path
-     * resolution with path.resolve() and path.normalize() to prevent traversal.
+     * Uses path.resolve() and path.normalize() to prevent directory traversal.
      */
     private checkFileAccess;
     /**
      * Check network access
-     * WARNING: Uses simple string matching. For production, use proper URL
-     * parsing with new URL() and check hostname property.
+     * Uses URL parsing to properly validate hostnames.
      */
     private checkNetworkAccess;
     /**
@@ -1456,10 +1458,9 @@ declare class PluginSandboxRuntime {
     /**
      * Update resource usage statistics
      *
-     * NOTE: Currently uses global process.memoryUsage() which tracks the entire
-     * Node.js process, not individual plugins. For production, implement proper
-     * per-plugin tracking using V8 heap snapshots or allocation tracking at
-     * plugin boundaries.
+     * Tracks per-plugin memory and CPU usage using delta from baseline
+     * captured at sandbox creation time. This is an approximation since
+     * true per-plugin isolation isn't possible in a single Node.js process.
      */
     private updateResourceUsage;
     /**
@@ -1667,9 +1668,7 @@ declare class PluginStateManager {
      */
     clearState(pluginId: string): void;
     /**
-     * Calculate simple checksum for state verification
-     * WARNING: This is a simple hash for demo purposes.
-     * In production, use a cryptographic hash like SHA-256.
+     * Calculate checksum for state verification using SHA-256.
      */
     private calculateChecksum;
     /**

package/dist/index.d.ts

@@ -1236,6 +1236,7 @@ declare class PluginPermissionEnforcer {
     private checkPermission;
     private checkServiceAccess;
     private checkHookAccess;
+    private matchGlob;
     private checkFileRead;
     private checkFileWrite;
     private checkNetworkAccess;
@@ -1395,9 +1396,12 @@ interface SandboxContext {
  * and access controls
  */
 declare class PluginSandboxRuntime {
+    private static readonly MONITORING_INTERVAL_MS;
     private logger;
     private sandboxes;
     private monitoringIntervals;
+    private memoryBaselines;
+    private cpuBaselines;
     constructor(logger: ObjectLogger);
     /**
      * Create a sandbox for a plugin
@@ -1416,14 +1420,12 @@ declare class PluginSandboxRuntime {
     };
     /**
      * Check file system access
-     * WARNING: Uses simple prefix matching. For production, use proper path
-     * resolution with path.resolve() and path.normalize() to prevent traversal.
+     * Uses path.resolve() and path.normalize() to prevent directory traversal.
      */
     private checkFileAccess;
     /**
      * Check network access
-     * WARNING: Uses simple string matching. For production, use proper URL
-     * parsing with new URL() and check hostname property.
+     * Uses URL parsing to properly validate hostnames.
      */
     private checkNetworkAccess;
     /**
@@ -1456,10 +1458,9 @@ declare class PluginSandboxRuntime {
     /**
      * Update resource usage statistics
      *
-     * NOTE: Currently uses global process.memoryUsage() which tracks the entire
-     * Node.js process, not individual plugins. For production, implement proper
-     * per-plugin tracking using V8 heap snapshots or allocation tracking at
-     * plugin boundaries.
+     * Tracks per-plugin memory and CPU usage using delta from baseline
+     * captured at sandbox creation time. This is an approximation since
+     * true per-plugin isolation isn't possible in a single Node.js process.
      */
     private updateResourceUsage;
     /**
@@ -1667,9 +1668,7 @@ declare class PluginStateManager {
      */
     clearState(pluginId: string): void;
     /**
-     * Calculate simple checksum for state verification
-     * WARNING: This is a simple hash for demo purposes.
-     * In production, use a cryptographic hash like SHA-256.
+     * Calculate checksum for state verification using SHA-256.
      */
     private calculateChecksum;
     /**

package/dist/index.js

@@ -2081,8 +2081,18 @@ var TestRunner = class {
     }
     return result;
   }
-  resolveVariables(action, _context) {
-    return action;
+  resolveVariables(action, context) {
+    const actionStr = JSON.stringify(action);
+    const resolved = actionStr.replace(/\{\{([^}]+)\}\}/g, (_match, varPath) => {
+      const value = this.getValueByPath(context, varPath.trim());
+      if (value === void 0) return _match;
+      return typeof value === "string" ? value : JSON.stringify(value);
+    });
+    try {
+      return JSON.parse(resolved);
+    } catch {
+      return action;
+    }
   }
   getValueByPath(obj, path) {
     if (!path) return obj;
@@ -2419,9 +2429,38 @@ var PluginSignatureVerifier = class {
       return false;
     }
   }
-  async verifyCryptoSignatureBrowser(_data, _signature, _publicKey) {
-    this.logger.warn("Browser signature verification not yet implemented");
-    return false;
+  async verifyCryptoSignatureBrowser(data, signature, publicKey) {
+    try {
+      const subtle = globalThis.crypto?.subtle;
+      if (!subtle) {
+        this.logger.error("SubtleCrypto not available in this environment");
+        return false;
+      }
+      const pemBody = publicKey.replace(/-----BEGIN PUBLIC KEY-----/, "").replace(/-----END PUBLIC KEY-----/, "").replace(/\s/g, "");
+      const keyBytes = Uint8Array.from(atob(pemBody), (c) => c.charCodeAt(0));
+      let importAlgorithm;
+      let verifyAlgorithm;
+      if (this.config.algorithm === "ES256") {
+        importAlgorithm = { name: "ECDSA", namedCurve: "P-256" };
+        verifyAlgorithm = { name: "ECDSA", hash: "SHA-256" };
+      } else {
+        importAlgorithm = { name: "RSASSA-PKCS1-v1_5", hash: "SHA-256" };
+        verifyAlgorithm = { name: "RSASSA-PKCS1-v1_5" };
+      }
+      const cryptoKey = await subtle.importKey(
+        "spki",
+        keyBytes,
+        importAlgorithm,
+        false,
+        ["verify"]
+      );
+      const signatureBytes = Uint8Array.from(atob(signature), (c) => c.charCodeAt(0));
+      const dataBytes = new TextEncoder().encode(data);
+      return await subtle.verify(verifyAlgorithm, cryptoKey, signatureBytes, dataBytes);
+    } catch (error) {
+      this.logger.error("Browser signature verification failed", error);
+      return false;
+    }
   }
   validateConfig() {
     if (!this.config.trustedPublicKeys || this.config.trustedPublicKeys.size === 0) {
@@ -2639,29 +2678,48 @@ var PluginPermissionEnforcer = class {
       return false;
     });
   }
-  checkFileRead(capabilities, _path) {
+  matchGlob(pattern, str) {
+    const regexStr = pattern.split("**").map((segment) => {
+      const escaped = segment.replace(/[.+?^${}()|[\]\\]/g, "\\$&");
+      return escaped.replace(/\*/g, "[^/]*");
+    }).join(".*");
+    return new RegExp(`^${regexStr}$`).test(str);
+  }
+  checkFileRead(capabilities, path) {
     return capabilities.some((cap) => {
       const protocolId = cap.protocol.id;
       if (protocolId.includes("protocol.filesystem.read")) {
-        return true;
+        const paths = cap.metadata?.paths;
+        if (!Array.isArray(paths) || paths.length === 0) {
+          return true;
+        }
+        return paths.some((p) => typeof p === "string" && this.matchGlob(p, path));
       }
       return false;
     });
   }
-  checkFileWrite(capabilities, _path) {
+  checkFileWrite(capabilities, path) {
     return capabilities.some((cap) => {
       const protocolId = cap.protocol.id;
       if (protocolId.includes("protocol.filesystem.write")) {
-        return true;
+        const paths = cap.metadata?.paths;
+        if (!Array.isArray(paths) || paths.length === 0) {
+          return true;
+        }
+        return paths.some((p) => typeof p === "string" && this.matchGlob(p, path));
       }
       return false;
     });
   }
-  checkNetworkAccess(capabilities, _url) {
+  checkNetworkAccess(capabilities, url) {
     return capabilities.some((cap) => {
       const protocolId = cap.protocol.id;
       if (protocolId.includes("protocol.network")) {
-        return true;
+        const hosts = cap.metadata?.hosts;
+        if (!Array.isArray(hosts) || hosts.length === 0) {
+          return true;
+        }
+        return hosts.some((h) => typeof h === "string" && this.matchGlob(h, url));
       }
       return false;
     });
@@ -2928,12 +2986,16 @@ var PluginPermissionManager = class {
 };
 
 // src/security/sandbox-runtime.ts
-var PluginSandboxRuntime = class {
+import nodePath from "path";
+var _PluginSandboxRuntime = class _PluginSandboxRuntime {
   constructor(logger) {
     // Active sandboxes (pluginId -> context)
     this.sandboxes = /* @__PURE__ */ new Map();
     // Resource monitoring intervals
     this.monitoringIntervals = /* @__PURE__ */ new Map();
+    // Per-plugin resource baselines for delta tracking
+    this.memoryBaselines = /* @__PURE__ */ new Map();
+    this.cpuBaselines = /* @__PURE__ */ new Map();
     this.logger = logger.child({ component: "SandboxRuntime" });
   }
   /**
@@ -2954,6 +3016,9 @@ var PluginSandboxRuntime = class {
       }
     };
     this.sandboxes.set(pluginId, context);
+    const baselineMemory = getMemoryUsage();
+    this.memoryBaselines.set(pluginId, baselineMemory.heapUsed);
+    this.cpuBaselines.set(pluginId, process.cpuUsage());
     this.startResourceMonitoring(pluginId);
     this.logger.info("Sandbox created", {
       pluginId,
@@ -2972,6 +3037,8 @@ var PluginSandboxRuntime = class {
       return;
     }
     this.stopResourceMonitoring(pluginId);
+    this.memoryBaselines.delete(pluginId);
+    this.cpuBaselines.delete(pluginId);
     this.sandboxes.delete(pluginId);
     this.logger.info("Sandbox destroyed", { pluginId });
   }
@@ -2999,45 +3066,46 @@ var PluginSandboxRuntime = class {
   }
   /**
    * Check file system access
-   * WARNING: Uses simple prefix matching. For production, use proper path
-   * resolution with path.resolve() and path.normalize() to prevent traversal.
+   * Uses path.resolve() and path.normalize() to prevent directory traversal.
    */
-  checkFileAccess(config, path) {
+  checkFileAccess(config, filePath) {
     if (config.level === "none") {
       return { allowed: true };
     }
     if (!config.filesystem) {
       return { allowed: false, reason: "File system access not configured" };
     }
-    if (!path) {
+    if (!filePath) {
       return { allowed: config.filesystem.mode !== "none" };
     }
     const allowedPaths = config.filesystem.allowedPaths || [];
+    const resolvedPath = nodePath.normalize(nodePath.resolve(filePath));
     const isAllowed = allowedPaths.some((allowed) => {
-      return path.startsWith(allowed);
+      const resolvedAllowed = nodePath.normalize(nodePath.resolve(allowed));
+      return resolvedPath.startsWith(resolvedAllowed);
     });
     if (allowedPaths.length > 0 && !isAllowed) {
       return {
         allowed: false,
-        reason: `Path not in allowed list: ${path}`
+        reason: `Path not in allowed list: ${filePath}`
       };
     }
     const deniedPaths = config.filesystem.deniedPaths || [];
     const isDenied = deniedPaths.some((denied) => {
-      return path.startsWith(denied);
+      const resolvedDenied = nodePath.normalize(nodePath.resolve(denied));
+      return resolvedPath.startsWith(resolvedDenied);
     });
     if (isDenied) {
       return {
         allowed: false,
-        reason: `Path is explicitly denied: ${path}`
+        reason: `Path is explicitly denied: ${filePath}`
       };
     }
     return { allowed: true };
   }
   /**
    * Check network access
-   * WARNING: Uses simple string matching. For production, use proper URL
-   * parsing with new URL() and check hostname property.
+   * Uses URL parsing to properly validate hostnames.
    */
   checkNetworkAccess(config, url) {
     if (config.level === "none") {
@@ -3052,10 +3120,16 @@ var PluginSandboxRuntime = class {
     if (!url) {
       return { allowed: config.network.mode !== "none" };
     }
+    let parsedHostname;
+    try {
+      parsedHostname = new URL(url).hostname;
+    } catch {
+      return { allowed: false, reason: `Invalid URL: ${url}` };
+    }
     const allowedHosts = config.network.allowedHosts || [];
     if (allowedHosts.length > 0) {
       const isAllowed = allowedHosts.some((host) => {
-        return url.includes(host);
+        return parsedHostname === host;
       });
       if (!isAllowed) {
         return {
@@ -3066,7 +3140,7 @@ var PluginSandboxRuntime = class {
     }
     const deniedHosts = config.network.deniedHosts || [];
     const isDenied = deniedHosts.some((host) => {
-      return url.includes(host);
+      return parsedHostname === host;
     });
     if (isDenied) {
       return {
@@ -3143,7 +3217,7 @@ var PluginSandboxRuntime = class {
   startResourceMonitoring(pluginId) {
     const interval = setInterval(() => {
       this.updateResourceUsage(pluginId);
-    }, 5e3);
+    }, _PluginSandboxRuntime.MONITORING_INTERVAL_MS);
     this.monitoringIntervals.set(pluginId, interval);
   }
   /**
@@ -3159,10 +3233,9 @@ var PluginSandboxRuntime = class {
   /**
    * Update resource usage statistics
    * 
-   * NOTE: Currently uses global process.memoryUsage() which tracks the entire
-   * Node.js process, not individual plugins. For production, implement proper
-   * per-plugin tracking using V8 heap snapshots or allocation tracking at
-   * plugin boundaries.
+   * Tracks per-plugin memory and CPU usage using delta from baseline
+   * captured at sandbox creation time. This is an approximation since
+   * true per-plugin isolation isn't possible in a single Node.js process.
    */
   updateResourceUsage(pluginId) {
     const context = this.sandboxes.get(pluginId);
@@ -3170,12 +3243,21 @@ var PluginSandboxRuntime = class {
       return;
     }
     const memoryUsage = getMemoryUsage();
-    context.resourceUsage.memory.current = memoryUsage.heapUsed;
+    const memoryBaseline = this.memoryBaselines.get(pluginId) ?? 0;
+    const memoryDelta = Math.max(0, memoryUsage.heapUsed - memoryBaseline);
+    context.resourceUsage.memory.current = memoryDelta;
     context.resourceUsage.memory.peak = Math.max(
       context.resourceUsage.memory.peak,
-      memoryUsage.heapUsed
+      memoryDelta
     );
-    context.resourceUsage.cpu.current = 0;
+    const cpuBaseline = this.cpuBaselines.get(pluginId) ?? { user: 0, system: 0 };
+    const cpuCurrent = process.cpuUsage();
+    const cpuDeltaUser = cpuCurrent.user - cpuBaseline.user;
+    const cpuDeltaSystem = cpuCurrent.system - cpuBaseline.system;
+    const totalCpuMicros = cpuDeltaUser + cpuDeltaSystem;
+    const intervalMicros = _PluginSandboxRuntime.MONITORING_INTERVAL_MS * 1e3;
+    context.resourceUsage.cpu.current = totalCpuMicros / intervalMicros * 100;
+    this.cpuBaselines.set(pluginId, cpuCurrent);
     const { withinLimits, violations } = this.checkResourceLimits(pluginId);
     if (!withinLimits) {
       this.logger.warn("Resource limit violations detected", {
@@ -3198,9 +3280,13 @@ var PluginSandboxRuntime = class {
       this.stopResourceMonitoring(pluginId);
     }
     this.sandboxes.clear();
+    this.memoryBaselines.clear();
+    this.cpuBaselines.clear();
     this.logger.info("Sandbox runtime shutdown complete");
   }
 };
+_PluginSandboxRuntime.MONITORING_INTERVAL_MS = 5e3;
+var PluginSandboxRuntime = _PluginSandboxRuntime;
 
 // src/security/security-scanner.ts
 var PluginSecurityScanner = class {
@@ -3667,6 +3753,7 @@ var PluginHealthMonitor = class {
 };
 
 // src/hot-reload.ts
+import { createHash } from "crypto";
 var generateUUID = () => {
   if (typeof crypto !== "undefined" && crypto.randomUUID) {
     return crypto.randomUUID();
@@ -3757,19 +3844,11 @@ var PluginStateManager = class {
     this.logger.debug("State cleared", { pluginId });
   }
   /**
-   * Calculate simple checksum for state verification
-   * WARNING: This is a simple hash for demo purposes.
-   * In production, use a cryptographic hash like SHA-256.
+   * Calculate checksum for state verification using SHA-256.
    */
   calculateChecksum(state) {
     const stateStr = JSON.stringify(state);
-    let hash = 0;
-    for (let i = 0; i < stateStr.length; i++) {
-      const char = stateStr.charCodeAt(i);
-      hash = (hash << 5) - hash + char;
-      hash = hash & hash;
-    }
-    return hash.toString(16);
+    return createHash("sha256").update(stateStr).digest("hex");
   }
   /**
    * Shutdown state manager