@pan-sec/notebooklm-mcp 2026.1.3 → 2026.1.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"file-permissions.d.ts","sourceRoot":"","sources":["../../src/utils/file-permissions.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAMH;;GAEG;AACH,eAAO,MAAM,SAAS,SAA+B,CAAC;AACtD,eAAO,MAAM,OAAO,SAAgC,CAAC;AACrD,eAAO,MAAM,OAAO,SAA+B,CAAC;AACpD,eAAO,MAAM,MAAM,SAAa,CAAC;AAEjC;;GAEG;AACH,eAAO,MAAM,gBAAgB;IAC3B,wDAAwD;;IAExD,+DAA+D;;IAE/D,iEAAiE;;IAEjE,yEAAyE;;CAEjE,CAAC;AAEX;;;;;;GAMG;AACH,wBAAgB,wBAAwB,CACtC,QAAQ,EAAE,MAAM,EAChB,IAAI,GAAE,MAA0C,GAC/C,OAAO,CAYT;AAED;;;;;;GAMG;AACH,wBAAgB,6BAA6B,CAC3C,OAAO,EAAE,MAAM,EACf,IAAI,GAAE,MAAoC,GACzC,OAAO,CAYT;
|
|
1
|
+
{"version":3,"file":"file-permissions.d.ts","sourceRoot":"","sources":["../../src/utils/file-permissions.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAMH;;GAEG;AACH,eAAO,MAAM,SAAS,SAA+B,CAAC;AACtD,eAAO,MAAM,OAAO,SAAgC,CAAC;AACrD,eAAO,MAAM,OAAO,SAA+B,CAAC;AACpD,eAAO,MAAM,MAAM,SAAa,CAAC;AAEjC;;GAEG;AACH,eAAO,MAAM,gBAAgB;IAC3B,wDAAwD;;IAExD,+DAA+D;;IAE/D,iEAAiE;;IAEjE,yEAAyE;;CAEjE,CAAC;AAEX;;;;;;GAMG;AACH,wBAAgB,wBAAwB,CACtC,QAAQ,EAAE,MAAM,EAChB,IAAI,GAAE,MAA0C,GAC/C,OAAO,CAYT;AAED;;;;;;GAMG;AACH,wBAAgB,6BAA6B,CAC3C,OAAO,EAAE,MAAM,EACf,IAAI,GAAE,MAAoC,GACzC,OAAO,CAYT;AAwGD;;;;;GAKG;AACH,wBAAgB,WAAW,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,GAAE,MAAoC,GAAG,IAAI,CAU7F;AAED;;;;;;GAMG;AACH,wBAAgB,eAAe,CAC7B,QAAQ,EAAE,MAAM,EAChB,OAAO,EAAE,MAAM,GAAG,MAAM,EACxB,IAAI,GAAE,MAA0C,GAC/C,IAAI,CAYN;AAED;;;;;;GAMG;AACH,wBAAgB,gBAAgB,CAC9B,QAAQ,EAAE,MAAM,EAChB,OAAO,EAAE,MAAM,GAAG,MAAM,EACxB,IAAI,GAAE,MAA0C,GAC/C,IAAI,CAQN;AAED;;GAEG;AACH,wBAAgB,eAAe,IAAI;IACjC,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,OAAO,CAAC;IACnB,OAAO,EAAE,OAAO,CAAC;IACjB,OAAO,EAAE,OAAO,CAAC;IACjB,uBAAuB,EAAE,OAAO,CAAC;IACjC,mBAAmB,EAAE,OAAO,CAAC;CAC9B,CASA"}
|
|
@@ -79,6 +79,50 @@ export function setSecureDirectoryPermissions(dirPath, mode = PERMISSION_MODES.O
|
|
|
79
79
|
return false;
|
|
80
80
|
}
|
|
81
81
|
}
|
|
82
|
+
/**
|
|
83
|
+
* Validate path for safe use in shell commands (defense-in-depth)
|
|
84
|
+
*
|
|
85
|
+
* @param targetPath - Path to validate
|
|
86
|
+
* @returns true if path is safe for shell use
|
|
87
|
+
*/
|
|
88
|
+
function isPathSafeForShell(targetPath) {
|
|
89
|
+
if (!targetPath || typeof targetPath !== "string") {
|
|
90
|
+
return false;
|
|
91
|
+
}
|
|
92
|
+
// Block shell metacharacters that could enable command injection
|
|
93
|
+
const dangerousChars = /[;&|`$<>(){}[\]!*?~\n\r]/;
|
|
94
|
+
if (dangerousChars.test(targetPath)) {
|
|
95
|
+
return false;
|
|
96
|
+
}
|
|
97
|
+
// Block path traversal attempts
|
|
98
|
+
if (targetPath.includes("..")) {
|
|
99
|
+
return false;
|
|
100
|
+
}
|
|
101
|
+
// Block UNC paths that could access network resources unexpectedly
|
|
102
|
+
if (targetPath.startsWith("\\\\")) {
|
|
103
|
+
return false;
|
|
104
|
+
}
|
|
105
|
+
// Ensure path is within reasonable length (Windows MAX_PATH is 260)
|
|
106
|
+
if (targetPath.length > 32767) {
|
|
107
|
+
return false;
|
|
108
|
+
}
|
|
109
|
+
return true;
|
|
110
|
+
}
|
|
111
|
+
/**
|
|
112
|
+
* Validate username for safe use in shell commands
|
|
113
|
+
*
|
|
114
|
+
* @param username - Username to validate
|
|
115
|
+
* @returns true if username is safe
|
|
116
|
+
*/
|
|
117
|
+
function isUsernameSafe(username) {
|
|
118
|
+
if (!username || typeof username !== "string") {
|
|
119
|
+
return false;
|
|
120
|
+
}
|
|
121
|
+
// Usernames should only contain alphanumeric, underscore, hyphen, dot
|
|
122
|
+
// and be reasonably short
|
|
123
|
+
const safeUsername = /^[a-zA-Z0-9_.\-]{1,256}$/;
|
|
124
|
+
return safeUsername.test(username);
|
|
125
|
+
}
|
|
82
126
|
/**
|
|
83
127
|
* Set Windows file/directory permissions using icacls
|
|
84
128
|
*
|
|
@@ -90,8 +134,20 @@ function setWindowsFilePermissions(targetPath, ownerOnly) {
|
|
|
90
134
|
if (!isWindows)
|
|
91
135
|
return false;
|
|
92
136
|
try {
|
|
137
|
+
// Defense-in-depth: Validate path before using in shell command
|
|
138
|
+
if (!isPathSafeForShell(targetPath)) {
|
|
139
|
+
// Log would be nice but we don't have logger imported here
|
|
140
|
+
// Silently fail for invalid paths
|
|
141
|
+
return false;
|
|
142
|
+
}
|
|
93
143
|
const username = process.env.USERNAME || process.env.USER;
|
|
94
|
-
if (!username) {
|
|
144
|
+
if (!username || !isUsernameSafe(username)) {
|
|
145
|
+
return false;
|
|
146
|
+
}
|
|
147
|
+
// Normalize path to resolve any . or redundant separators
|
|
148
|
+
const normalizedPath = path.normalize(targetPath);
|
|
149
|
+
// Double-check normalized path is still safe
|
|
150
|
+
if (!isPathSafeForShell(normalizedPath)) {
|
|
95
151
|
return false;
|
|
96
152
|
}
|
|
97
153
|
if (ownerOnly) {
|
|
@@ -99,7 +155,7 @@ function setWindowsFilePermissions(targetPath, ownerOnly) {
|
|
|
99
155
|
// /inheritance:r - Remove inherited ACLs
|
|
100
156
|
// /grant:r - Replace existing permissions with specified ones
|
|
101
157
|
// (F) - Full control
|
|
102
|
-
execSync(`icacls "${
|
|
158
|
+
execSync(`icacls "${normalizedPath}" /inheritance:r /grant:r "${username}:(F)" /q`, { stdio: "pipe" });
|
|
103
159
|
}
|
|
104
160
|
return true;
|
|
105
161
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"file-permissions.js","sourceRoot":"","sources":["../../src/utils/file-permissions.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AAEzC;;GAEG;AACH,MAAM,CAAC,MAAM,SAAS,GAAG,OAAO,CAAC,QAAQ,KAAK,OAAO,CAAC;AACtD,MAAM,CAAC,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,KAAK,QAAQ,CAAC;AACrD,MAAM,CAAC,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,KAAK,OAAO,CAAC;AACpD,MAAM,CAAC,MAAM,MAAM,GAAG,CAAC,SAAS,CAAC;AAEjC;;GAEG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG;IAC9B,wDAAwD;IACxD,gBAAgB,EAAE,KAAK;IACvB,+DAA+D;IAC/D,UAAU,EAAE,KAAK;IACjB,iEAAiE;IACjE,oBAAoB,EAAE,KAAK;IAC3B,yEAAyE;IACzE,2BAA2B,EAAE,KAAK;CAC1B,CAAC;AAEX;;;;;;GAMG;AACH,MAAM,UAAU,wBAAwB,CACtC,QAAgB,EAChB,OAAe,gBAAgB,CAAC,gBAAgB;IAEhD,IAAI,CAAC;QACH,IAAI,SAAS,EAAE,CAAC;YACd,OAAO,yBAAyB,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;QACnD,CAAC;aAAM,CAAC;YACN,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;YAC7B,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,8DAA8D;QAC9D,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,6BAA6B,CAC3C,OAAe,EACf,OAAe,gBAAgB,CAAC,UAAU;IAE1C,IAAI,CAAC;QACH,IAAI,SAAS,EAAE,CAAC;YACd,OAAO,yBAAyB,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;QAClD,CAAC;aAAM,CAAC;YACN,EAAE,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;YAC5B,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,8DAA8D;QAC9D,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED;;;;;;GAMG;AACH,SAAS,yBAAyB,CAAC,UAAkB,EAAE,SAAkB;IACvE,IAAI,CAAC,SAAS;QAAE,OAAO,KAAK,CAAC;IAE7B,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,QAAQ,IAAI,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC;QAC1D,IAAI,CAAC,QAAQ,EAAE,CAAC;
|
|
1
|
+
{"version":3,"file":"file-permissions.js","sourceRoot":"","sources":["../../src/utils/file-permissions.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AAEzC;;GAEG;AACH,MAAM,CAAC,MAAM,SAAS,GAAG,OAAO,CAAC,QAAQ,KAAK,OAAO,CAAC;AACtD,MAAM,CAAC,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,KAAK,QAAQ,CAAC;AACrD,MAAM,CAAC,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,KAAK,OAAO,CAAC;AACpD,MAAM,CAAC,MAAM,MAAM,GAAG,CAAC,SAAS,CAAC;AAEjC;;GAEG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG;IAC9B,wDAAwD;IACxD,gBAAgB,EAAE,KAAK;IACvB,+DAA+D;IAC/D,UAAU,EAAE,KAAK;IACjB,iEAAiE;IACjE,oBAAoB,EAAE,KAAK;IAC3B,yEAAyE;IACzE,2BAA2B,EAAE,KAAK;CAC1B,CAAC;AAEX;;;;;;GAMG;AACH,MAAM,UAAU,wBAAwB,CACtC,QAAgB,EAChB,OAAe,gBAAgB,CAAC,gBAAgB;IAEhD,IAAI,CAAC;QACH,IAAI,SAAS,EAAE,CAAC;YACd,OAAO,yBAAyB,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;QACnD,CAAC;aAAM,CAAC;YACN,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;YAC7B,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,8DAA8D;QAC9D,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,6BAA6B,CAC3C,OAAe,EACf,OAAe,gBAAgB,CAAC,UAAU;IAE1C,IAAI,CAAC;QACH,IAAI,SAAS,EAAE,CAAC;YACd,OAAO,yBAAyB,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;QAClD,CAAC;aAAM,CAAC;YACN,EAAE,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;YAC5B,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,8DAA8D;QAC9D,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,SAAS,kBAAkB,CAAC,UAAkB;IAC5C,IAAI,CAAC,UAAU,IAAI,OAAO,UAAU,KAAK,QAAQ,EAAE,CAAC;QAClD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,iEAAiE;IACjE,MAAM,cAAc,GAAG,0BAA0B,CAAC;IAClD,IAAI,cAAc,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC;QACpC,OAAO,KAAK,CAAC;IACf,CAAC;IAED,gCAAgC;IAChC,IAAI,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QAC9B,OAAO,KAAK,CAAC;IACf,CAAC;IAED,mEAAmE;IACnE,IAAI,UAAU,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;QAClC,OAAO,KAAK,CAAC;IACf,CAAC;IAED,oEAAoE;IACpE,IAAI,UAAU,CAAC,MAAM,GAAG,KAAK,EAAE,CAAC;QAC9B,OAAO,KAAK,CAAC;IACf,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;GAKG;AACH,SAAS,cAAc,CAAC,QAAgB;IACtC,IAAI,CAAC,QAAQ,IAAI,OAAO,QAAQ,KAAK,QAAQ,EAAE,CAAC;QAC9C,OAAO,KAAK,CAAC;IACf,CAAC;IAED,sEAAsE;IACtE,0BAA0B;IAC1B,MAAM,YAAY,GAAG,0BAA0B,CAAC;IAChD,OAAO,YAAY,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;AACrC,CAAC;AAED;;;;;;GAMG;AACH,SAAS,yBAAyB,CAAC,UAAkB,EAAE,SAAkB;IACvE,IAAI,CAAC,SAAS;QAAE,OAAO,KAAK,CAAC;IAE7B,IAAI,CAAC;QACH,gEAAgE;QAChE,IAAI,CAAC,kBAAkB,CAAC,UAAU,CAAC,EAAE,CAAC;YACpC,2DAA2D;YAC3D,kCAAkC;YAClC,OAAO,KAAK,CAAC;QACf,CAAC;QAED,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,QAAQ,IAAI,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC;QAC1D,IAAI,CAAC,QAAQ,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC3C,OAAO,KAAK,CAAC;QACf,CAAC;QAED,0DAA0D;QAC1D,MAAM,cAAc,GAAG,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;QAElD,6CAA6C;QAC7C,IAAI,CAAC,kBAAkB,CAAC,cAAc,CAAC,EAAE,CAAC;YACxC,OAAO,KAAK,CAAC;QACf,CAAC;QAED,IAAI,SAAS,EAAE,CAAC;YACd,2EAA2E;YAC3E,yCAAyC;YACzC,8DAA8D;YAC9D,qBAAqB;YACrB,QAAQ,CACN,WAAW,cAAc,8BAA8B,QAAQ,UAAU,EACzE,EAAE,KAAK,EAAE,MAAM,EAAE,CAClB,CAAC;QACJ,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,MAAM,CAAC;QACP,iEAAiE;QACjE,iEAAiE;QACjE,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,WAAW,CAAC,OAAe,EAAE,OAAe,gBAAgB,CAAC,UAAU;IACrF,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;QAC5B,IAAI,SAAS,EAAE,CAAC;YACd,0DAA0D;YAC1D,EAAE,CAAC,SAAS,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YAC3C,yBAAyB,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;QAC3C,CAAC;aAAM,CAAC;YACN,EAAE,CAAC,SAAS,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;QACnD,CAAC;IACH,CAAC;AACH,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,eAAe,CAC7B,QAAgB,EAChB,OAAwB,EACxB,OAAe,gBAAgB,CAAC,gBAAgB;IAEhD,iCAAiC;IACjC,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IACnC,WAAW,CAAC,GAAG,CAAC,CAAC;IAEjB,IAAI,SAAS,EAAE,CAAC;QACd,oDAAoD;QACpD,EAAE,CAAC,aAAa,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QACpC,yBAAyB,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;IAC5C,CAAC;SAAM,CAAC;QACN,EAAE,CAAC,aAAa,CAAC,QAAQ,EAAE,OAAO,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC;IAChD,CAAC;AACH,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,gBAAgB,CAC9B,QAAgB,EAChB,OAAwB,EACxB,OAAe,gBAAgB,CAAC,gBAAgB;IAEhD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC7B,wDAAwD;QACxD,eAAe,CAAC,QAAQ,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;IAC3C,CAAC;SAAM,CAAC;QACN,qDAAqD;QACrD,EAAE,CAAC,cAAc,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IACvC,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,eAAe;IAQ7B,OAAO;QACL,QAAQ,EAAE,OAAO,CAAC,QAAQ;QAC1B,SAAS;QACT,OAAO;QACP,OAAO;QACP,uBAAuB,EAAE,MAAM;QAC/B,mBAAmB,EAAE,SAAS;KAC/B,CAAC;AACJ,CAAC"}
|