npm - @oddessentials/odd-repo-mapper - Versions diffs - 3.0.5 → 3.2.0 - Mend

@oddessentials/odd-repo-mapper 3.0.5 → 3.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/dist/core/safety.d.ts ADDED Viewed

@@ -0,0 +1,41 @@
+/**
+ * Path Safety Utilities
+ *
+ * Local implementation mirroring @oddessentials/odd-hive-mind/primitives/safety API.
+ * When odd-hive-mind is published to npm, replace with:
+ *   import { resolveAndCheckPath, checkForbidden } from '@oddessentials/odd-hive-mind/primitives/safety';
+ *
+ * @see https://github.com/oddessentials/odd-hive-mind/blob/main/src/primitives/safety.ts
+ */
+/**
+ * Resolve a path and check it doesn't escape the project root.
+ * Throws if path escapes containment.
+ *
+ * @param projectRoot - The root directory to contain writes to
+ * @param relPath - Relative path within the project
+ * @returns Resolved absolute path
+ * @throws Error if path escapes project root
+ */
+export declare function resolveAndCheckPath(projectRoot: string, relPath: string): string;
+/**
+ * Check if a path matches forbidden patterns.
+ *
+ * @param relPath - Relative path to check
+ * @param extraPatterns - Additional patterns to check against
+ * @returns Object indicating if forbidden and which rule matched
+ */
+export declare function checkForbidden(relPath: string, extraPatterns?: string[]): {
+    forbidden: boolean;
+    rule?: string;
+};
+/**
+ * Validate output path is safe for writing.
+ * Combines containment check and forbidden pattern check.
+ *
+ * @param projectRoot - Project root for containment
+ * @param outputPath - Path to validate
+ * @returns Validated absolute path
+ * @throws Error if path is forbidden or escapes root
+ */
+export declare function validateOutputPath(projectRoot: string, outputPath: string): string;
+//# sourceMappingURL=safety.d.ts.map

package/dist/core/safety.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"safety.d.ts","sourceRoot":"","sources":["../../src/core/safety.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAgBH;;;;;;;;GAQG;AACH,wBAAgB,mBAAmB,CAAC,WAAW,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,MAAM,CAmBhF;AAED;;;;;;GAMG;AACH,wBAAgB,cAAc,CAC1B,OAAO,EAAE,MAAM,EACf,aAAa,GAAE,MAAM,EAAO,GAC7B;IAAE,SAAS,EAAE,OAAO,CAAC;IAAC,IAAI,CAAC,EAAE,MAAM,CAAA;CAAE,CAgBvC;AAwBD;;;;;;;;GAQG;AACH,wBAAgB,kBAAkB,CAAC,WAAW,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,MAAM,CAUlF"}

package/dist/core/safety.js ADDED Viewed

@@ -0,0 +1,104 @@
+/**
+ * Path Safety Utilities
+ *
+ * Local implementation mirroring @oddessentials/odd-hive-mind/primitives/safety API.
+ * When odd-hive-mind is published to npm, replace with:
+ *   import { resolveAndCheckPath, checkForbidden } from '@oddessentials/odd-hive-mind/primitives/safety';
+ *
+ * @see https://github.com/oddessentials/odd-hive-mind/blob/main/src/primitives/safety.ts
+ */
+import { resolve, relative, sep } from 'node:path';
+import { realpathSync, existsSync } from 'node:fs';
+/**
+ * Patterns forbidden for write operations
+ */
+const FORBIDDEN_PATTERNS = [
+    '.git/**',
+    'node_modules/**',
+    '.env*',
+    'package-lock.json',
+    '*.log',
+];
+/**
+ * Resolve a path and check it doesn't escape the project root.
+ * Throws if path escapes containment.
+ *
+ * @param projectRoot - The root directory to contain writes to
+ * @param relPath - Relative path within the project
+ * @returns Resolved absolute path
+ * @throws Error if path escapes project root
+ */
+export function resolveAndCheckPath(projectRoot, relPath) {
+    const rootReal = realpathSync(projectRoot);
+    const candidate = resolve(projectRoot, relPath);
+    let resolved;
+    if (existsSync(candidate)) {
+        resolved = realpathSync(candidate);
+    }
+    else {
+        // For new files, use path.resolve; still enforce boundary
+        resolved = resolve(projectRoot, relPath);
+    }
+    const rootWithSep = rootReal.endsWith(sep) ? rootReal : rootReal + sep;
+    if (!resolved.startsWith(rootWithSep) && resolved !== rootReal) {
+        throw new Error(`Path escapes project root: ${relPath}`);
+    }
+    return resolved;
+}
+/**
+ * Check if a path matches forbidden patterns.
+ *
+ * @param relPath - Relative path to check
+ * @param extraPatterns - Additional patterns to check against
+ * @returns Object indicating if forbidden and which rule matched
+ */
+export function checkForbidden(relPath, extraPatterns = []) {
+    const p = relPath.replace(/\\/g, '/');
+    if (!p) {
+        return { forbidden: true, rule: '<empty path>' };
+    }
+    const patterns = [...FORBIDDEN_PATTERNS, ...extraPatterns];
+    for (const rule of patterns) {
+        if (matchesPattern(p, rule)) {
+            return { forbidden: true, rule };
+        }
+    }
+    return { forbidden: false };
+}
+/**
+ * Simple glob pattern matching
+ */
+function matchesPattern(path, pattern) {
+    const p = path.replace(/\\/g, '/');
+    const pat = pattern.replace(/\\/g, '/');
+    // Handle ** (any depth)
+    if (pat.includes('**')) {
+        const prefix = pat.split('**')[0];
+        return p.startsWith(prefix);
+    }
+    // Handle * (single segment)
+    if (pat.includes('*')) {
+        const regex = new RegExp('^' + pat.replace(/\*/g, '[^/]*') + '$');
+        return regex.test(p);
+    }
+    return p === pat;
+}
+/**
+ * Validate output path is safe for writing.
+ * Combines containment check and forbidden pattern check.
+ *
+ * @param projectRoot - Project root for containment
+ * @param outputPath - Path to validate
+ * @returns Validated absolute path
+ * @throws Error if path is forbidden or escapes root
+ */
+export function validateOutputPath(projectRoot, outputPath) {
+    const absPath = resolveAndCheckPath(projectRoot, outputPath);
+    const relPath = relative(projectRoot, absPath);
+    const forbidden = checkForbidden(relPath);
+    if (forbidden.forbidden) {
+        throw new Error(`Forbidden path: ${relPath} (matched: ${forbidden.rule})`);
+    }
+    return absPath;
+}
+//# sourceMappingURL=safety.js.map

package/dist/core/safety.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"safety.js","sourceRoot":"","sources":["../../src/core/safety.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,GAAG,EAAE,MAAM,WAAW,CAAC;AACnD,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AAEnD;;GAEG;AACH,MAAM,kBAAkB,GAAG;IACvB,SAAS;IACT,iBAAiB;IACjB,OAAO;IACP,mBAAmB;IACnB,OAAO;CACD,CAAC;AAEX;;;;;;;;GAQG;AACH,MAAM,UAAU,mBAAmB,CAAC,WAAmB,EAAE,OAAe;IACpE,MAAM,QAAQ,GAAG,YAAY,CAAC,WAAW,CAAC,CAAC;IAC3C,MAAM,SAAS,GAAG,OAAO,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;IAEhD,IAAI,QAAgB,CAAC;IACrB,IAAI,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QACxB,QAAQ,GAAG,YAAY,CAAC,SAAS,CAAC,CAAC;IACvC,CAAC;SAAM,CAAC;QACJ,0DAA0D;QAC1D,QAAQ,GAAG,OAAO,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;IAC7C,CAAC;IAED,MAAM,WAAW,GAAG,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,GAAG,GAAG,CAAC;IAEvE,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,WAAW,CAAC,IAAI,QAAQ,KAAK,QAAQ,EAAE,CAAC;QAC7D,MAAM,IAAI,KAAK,CAAC,8BAA8B,OAAO,EAAE,CAAC,CAAC;IAC7D,CAAC;IAED,OAAO,QAAQ,CAAC;AACpB,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,cAAc,CAC1B,OAAe,EACf,gBAA0B,EAAE;IAE5B,MAAM,CAAC,GAAG,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;IAEtC,IAAI,CAAC,CAAC,EAAE,CAAC;QACL,OAAO,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,cAAc,EAAE,CAAC;IACrD,CAAC;IAED,MAAM,QAAQ,GAAG,CAAC,GAAG,kBAAkB,EAAE,GAAG,aAAa,CAAC,CAAC;IAE3D,KAAK,MAAM,IAAI,IAAI,QAAQ,EAAE,CAAC;QAC1B,IAAI,cAAc,CAAC,CAAC,EAAE,IAAI,CAAC,EAAE,CAAC;YAC1B,OAAO,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;QACrC,CAAC;IACL,CAAC;IAED,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC;AAChC,CAAC;AAED;;GAEG;AACH,SAAS,cAAc,CAAC,IAAY,EAAE,OAAe;IACjD,MAAM,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;IACnC,MAAM,GAAG,GAAG,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;IAExC,wBAAwB;IACxB,IAAI,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACrB,MAAM,MAAM,GAAG,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;QAClC,OAAO,CAAC,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;IAChC,CAAC;IAED,4BAA4B;IAC5B,IAAI,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QACpB,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,GAAG,GAAG,GAAG,CAAC,OAAO,CAAC,KAAK,EAAE,OAAO,CAAC,GAAG,GAAG,CAAC,CAAC;QAClE,OAAO,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACzB,CAAC;IAED,OAAO,CAAC,KAAK,GAAG,CAAC;AACrB,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,UAAU,kBAAkB,CAAC,WAAmB,EAAE,UAAkB;IACtE,MAAM,OAAO,GAAG,mBAAmB,CAAC,WAAW,EAAE,UAAU,CAAC,CAAC;IAC7D,MAAM,OAAO,GAAG,QAAQ,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;IAE/C,MAAM,SAAS,GAAG,cAAc,CAAC,OAAO,CAAC,CAAC;IAC1C,IAAI,SAAS,CAAC,SAAS,EAAE,CAAC;QACtB,MAAM,IAAI,KAAK,CAAC,mBAAmB,OAAO,cAAc,SAAS,CAAC,IAAI,GAAG,CAAC,CAAC;IAC/E,CAAC;IAED,OAAO,OAAO,CAAC;AACnB,CAAC"}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
     "name": "@oddessentials/odd-repo-mapper",
-    "version": "3.0.5",
+    "version": "3.2.0",
     "description": "Deterministic code intelligence tool producing evidence-backed architecture diagrams and feature-test traceability matrices",
     "type": "module",
     "engines": {
@@ -39,7 +39,7 @@
         "@commitlint/cli": "^20.2.0",
         "@commitlint/config-conventional": "^20.2.0",
         "@eslint/js": "^9.39.2",
-        "@oddessentials/repo-standards": "^4.0.0",
+        "@oddessentials/repo-standards": "^4.3.0",
         "@semantic-release/changelog": "^6.0.3",
         "@semantic-release/exec": "^7.1.0",
         "@semantic-release/git": "^10.0.1",