@pensar/apex 2.0.0-canary.241920ad → 2.0.0

package/build/cli-3knnkdps.js

@@ -0,0 +1,666 @@
+import {
+  init_ai
+} from "./cli-1yavz2pb.js";
+import {
+  generateObjectResponse
+} from "./cli-h825qzmd.js";
+import {
+  exports_external1 as exports_external,
+  init_zod,
+  zod_default
+} from "./cli-e6rgwtpb.js";
+import {
+  __callDispose,
+  __using
+} from "./cli-8rxa073f.js";
+
+// src/util/name.ts
+init_zod();
+init_ai();
+var adjectives = [
+  "swift",
+  "bright",
+  "calm",
+  "bold",
+  "keen",
+  "noble",
+  "quick",
+  "sharp",
+  "vivid",
+  "warm",
+  "agile",
+  "brave",
+  "clever",
+  "daring",
+  "eager",
+  "fierce",
+  "gentle",
+  "humble",
+  "jolly",
+  "lively",
+  "merry",
+  "nimble",
+  "proud",
+  "quiet",
+  "rapid",
+  "serene",
+  "sturdy",
+  "tender",
+  "valiant",
+  "witty",
+  "zealous"
+];
+var nouns = [
+  "falcon",
+  "wolf",
+  "hawk",
+  "bear",
+  "lion",
+  "tiger",
+  "eagle",
+  "raven",
+  "phoenix",
+  "dragon",
+  "panther",
+  "cobra",
+  "viper",
+  "shark",
+  "orca",
+  "mantis",
+  "spider",
+  "scorpion",
+  "hydra",
+  "griffin",
+  "sphinx",
+  "kraken",
+  "cipher",
+  "nexus",
+  "prism",
+  "vector",
+  "matrix",
+  "pulse",
+  "surge",
+  "flux"
+];
+function generateRandomName() {
+  const adj = adjectives[Math.floor(Math.random() * adjectives.length)] ?? "swift";
+  const noun = nouns[Math.floor(Math.random() * nouns.length)] ?? "falcon";
+  return `${adj}-${noun}`;
+}
+var sessionNameSchema = exports_external.object({
+  name: exports_external.string().describe("A short, descriptive session name (2-4 words, lowercase, hyphenated)")
+});
+async function generateSessionName(opts) {
+  const { targets, userMessage, model, authConfig, abortSignal } = opts;
+  const contextParts = [];
+  if (targets.length > 0) {
+    contextParts.push(`Target(s): ${targets.join(", ")}`);
+  }
+  if (userMessage) {
+    contextParts.push(`User objective: ${userMessage}`);
+  }
+  if (contextParts.length === 0)
+    return null;
+  const prompt = [
+    "Generate a short, descriptive name for a penetration testing session.",
+    "The name should be 2-4 lowercase words separated by hyphens.",
+    "It should capture the key aspect of the target or task — e.g. 'acme-api-pentest', 'login-auth-bypass', 'ecommerce-checkout-test'.",
+    "",
+    ...contextParts
+  ].join(`
+`);
+  try {
+    const result = await generateObjectResponse({
+      model,
+      schema: sessionNameSchema,
+      prompt,
+      maxTokens: 50,
+      temperature: 0.7,
+      authConfig,
+      abortSignal
+    });
+    if (!result?.name)
+      return null;
+    const name = result.name.toLowerCase().replace(/[^a-z0-9-]/g, "-").replace(/-+/g, "-").replace(/^-|-$/g, "").slice(0, 50);
+    return name || null;
+  } catch {
+    return null;
+  }
+}
+
+// src/core/credentials/manager.ts
+import { randomBytes } from "crypto";
+function generateCredentialId() {
+  return `cred_${randomBytes(8).toString("hex")}`;
+}
+function inferType(cred) {
+  const hasPwd = !!cred.password;
+  const hasApiKey = !!cred.apiKey;
+  const hasBearer = !!cred.tokens?.bearerToken;
+  const hasHeaders = !!cred.tokens?.customHeaders && Object.keys(cred.tokens.customHeaders).length > 0;
+  const hasCookies = !!cred.tokens?.cookies;
+  const count = (hasPwd ? 1 : 0) + (hasApiKey ? 1 : 0) + (hasBearer ? 1 : 0) + (hasHeaders ? 1 : 0) + (hasCookies ? 1 : 0);
+  if (count > 1)
+    return "composite";
+  if (hasPwd)
+    return "username-password";
+  if (hasApiKey)
+    return "api-key";
+  if (hasBearer)
+    return "bearer-token";
+  if (hasHeaders)
+    return "custom-headers";
+  if (hasCookies)
+    return "cookies";
+  return "username-password";
+}
+function toReference(stored) {
+  const ref = {
+    id: stored.id,
+    type: stored.type
+  };
+  if (stored.label)
+    ref.label = stored.label;
+  if (stored.role)
+    ref.role = stored.role;
+  if (stored.username)
+    ref.username = stored.username;
+  if (stored.loginUrl)
+    ref.loginUrl = stored.loginUrl;
+  if (stored.tokens?.customHeaders) {
+    ref.customHeaderKeys = Object.keys(stored.tokens.customHeaders);
+  }
+  const ctx = stored.metadata?.context;
+  if (typeof ctx === "string" && ctx)
+    ref.context = ctx;
+  return ref;
+}
+
+class CredentialManager {
+  store = new Map;
+  findDuplicate(candidate) {
+    for (const [id, existing] of this.store) {
+      if (existing.username === candidate.username && existing.password === candidate.password && existing.apiKey === candidate.apiKey && existing.loginUrl === candidate.loginUrl && existing.tokens?.bearerToken === candidate.tokens?.bearerToken && existing.tokens?.cookies === candidate.tokens?.cookies && existing.tokens?.sessionToken === candidate.tokens?.sessionToken && JSON.stringify(existing.tokens?.customHeaders) === JSON.stringify(candidate.tokens?.customHeaders)) {
+        return id;
+      }
+    }
+    return;
+  }
+  add(input) {
+    const id = input.id ?? generateCredentialId();
+    const type = input.type ?? inferType(input);
+    const stored = { ...input, id, type };
+    this.store.set(id, stored);
+    return id;
+  }
+  addFromAuthCredentials(creds, extra) {
+    const candidate = {
+      username: creds.username,
+      password: creds.password,
+      apiKey: creds.apiKey,
+      loginUrl: creds.loginUrl,
+      additionalFields: creds.additionalFields,
+      tokens: creds.tokens,
+      label: extra?.label,
+      role: extra?.role ?? creds.role,
+      metadata: creds.context ? { context: creds.context } : undefined
+    };
+    const existingId = this.findDuplicate(candidate);
+    if (existingId)
+      return existingId;
+    return this.add(candidate);
+  }
+  resolve(credentialId) {
+    return this.store.get(credentialId);
+  }
+  getReference(credentialId) {
+    const stored = this.store.get(credentialId);
+    if (!stored)
+      return;
+    return toReference(stored);
+  }
+  listReferences() {
+    return Array.from(this.store.values()).map(toReference);
+  }
+  listCredentialsWithHeaders() {
+    const out = [];
+    for (const stored of this.store.values()) {
+      const headers = stored.tokens?.customHeaders;
+      if (headers && Object.keys(headers).length > 0) {
+        out.push({ tokens: { customHeaders: { ...headers } } });
+      }
+    }
+    return out;
+  }
+  remove(credentialId) {
+    return this.store.delete(credentialId);
+  }
+  get size() {
+    return this.store.size;
+  }
+  clear() {
+    this.store.clear();
+  }
+  toAuthCredentials(credentialId) {
+    const stored = this.resolve(credentialId);
+    if (!stored)
+      return;
+    const result = {};
+    if (stored.username)
+      result.username = stored.username;
+    if (stored.password)
+      result.password = stored.password;
+    if (stored.apiKey)
+      result.apiKey = stored.apiKey;
+    if (stored.loginUrl)
+      result.loginUrl = stored.loginUrl;
+    if (stored.additionalFields)
+      result.additionalFields = stored.additionalFields;
+    if (stored.tokens)
+      result.tokens = { ...stored.tokens };
+    return result;
+  }
+  formatForPrompt() {
+    const refs = this.listReferences();
+    if (refs.length === 0)
+      return "";
+    const lines = refs.map((ref) => {
+      const parts = [`- Credential ID: ${ref.id}`];
+      if (ref.label)
+        parts.push(`  Label: ${ref.label}`);
+      parts.push(`  Type: ${ref.type}`);
+      if (ref.role)
+        parts.push(`  Role: ${ref.role}`);
+      if (ref.username)
+        parts.push(`  Username: ${ref.username}`);
+      if (ref.loginUrl)
+        parts.push(`  Login URL: ${ref.loginUrl}`);
+      if (ref.customHeaderKeys?.length) {
+        parts.push(`  Header keys: ${ref.customHeaderKeys.join(", ")}`);
+      }
+      if (ref.context)
+        parts.push(`  Context: ${ref.context}`);
+      return parts.join(`
+`);
+    });
+    return `<available_credentials>
+The following credentials are available. To use a credential, pass its ID to the appropriate tool.
+Do NOT ask the user for passwords or secrets — they are resolved automatically from the credential ID.
+
+${lines.join(`
+
+`)}
+</available_credentials>`;
+  }
+}
+// src/core/id/id.ts
+init_zod();
+import { randomBytes as randomBytes2 } from "crypto";
+var prefixes = {
+  session: "ses",
+  message: "msg",
+  permission: "per",
+  user: "usr",
+  part: "prt"
+};
+function schema(prefix) {
+  return zod_default.string().startsWith(prefixes[prefix]);
+}
+var LENGTH = 26;
+var lastTimestamp = 0;
+var counter = 0;
+function descending(prefix, given) {
+  return generateID(prefix, true, given);
+}
+function generateID(prefix, descending2, given) {
+  if (!given) {
+    return create(prefix, descending2);
+  }
+  if (!given.startsWith(prefixes[prefix])) {
+    throw new Error(`ID ${given} does not start with ${prefixes[prefix]}`);
+  }
+  return given;
+}
+function randomBase62(length) {
+  const chars = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
+  let result = "";
+  const bytes = randomBytes2(length);
+  for (let i = 0;i < length; i++) {
+    result += chars[bytes[i] % 62];
+  }
+  return result;
+}
+function create(prefix, descending2, timestamp) {
+  const currentTimestamp = timestamp ?? Date.now();
+  if (currentTimestamp !== lastTimestamp) {
+    lastTimestamp = currentTimestamp;
+    counter = 0;
+  }
+  counter++;
+  let now = BigInt(currentTimestamp) * BigInt(4096) + BigInt(counter);
+  now = descending2 ? ~now : now;
+  const timeBytes = Buffer.alloc(6);
+  for (let i = 0;i < 6; i++) {
+    timeBytes[i] = Number(now >> BigInt(40 - 8 * i) & BigInt(255));
+  }
+  return prefixes[prefix] + "_" + timeBytes.toString("hex") + randomBase62(LENGTH - 12);
+}
+
+// src/core/services/rateLimiter/index.ts
+function sleep(ms) {
+  return new Promise((resolve) => setTimeout(resolve, ms));
+}
+
+class RateLimiter {
+  tokens;
+  lastRefillTime;
+  rps;
+  bucketSize;
+  msPerToken;
+  queue;
+  constructor(config) {
+    this.rps = config?.requestsPerSecond;
+    this.bucketSize = this.rps ? 1 : 0;
+    this.tokens = this.bucketSize;
+    this.lastRefillTime = performance.now();
+    this.msPerToken = this.rps ? 1000 / this.rps : undefined;
+    this.queue = Promise.resolve();
+  }
+  async acquireSlot() {
+    if (!this.rps || !this.msPerToken)
+      return;
+    const previousPromise = this.queue;
+    let resolveCurrentRequest;
+    this.queue = new Promise((resolve) => {
+      resolveCurrentRequest = resolve;
+    });
+    await previousPromise;
+    try {
+      const now = performance.now();
+      this.refill(now);
+      if (this.tokens < 1) {
+        const waitTime = (1 - this.tokens) * this.msPerToken;
+        await sleep(waitTime);
+        const nowAfterSleep = performance.now();
+        this.refill(nowAfterSleep);
+      }
+      this.tokens -= 1;
+    } finally {
+      resolveCurrentRequest();
+    }
+  }
+  refill(now) {
+    if (this.tokens >= this.bucketSize) {
+      this.lastRefillTime = now;
+      return;
+    }
+    const elapsed = now - this.lastRefillTime;
+    const tokensToAdd = elapsed / this.msPerToken;
+    this.tokens = Math.min(this.bucketSize, this.tokens + tokensToAdd);
+    this.lastRefillTime = now;
+  }
+  isEnabled() {
+    return this.rps !== undefined;
+  }
+}
+
+// src/core/storage/index.ts
+init_zod();
+import fs, { readdir } from "fs/promises";
+import os from "os";
+import path from "path";
+
+// src/util/errors.ts
+init_zod();
+
+class NamedError extends Error {
+  static create(name, data) {
+    const schema2 = zod_default.object({
+      name: zod_default.literal(name),
+      data
+    });
+    const result = class extends NamedError {
+      data;
+      static Schema = schema2;
+      name = name;
+      constructor(data2, options) {
+        super(name, options);
+        this.data = data2;
+        this.name = name;
+      }
+      static isInstance(input) {
+        return typeof input === "object" && input !== null && "name" in input && input.name === name;
+      }
+      schema() {
+        return schema2;
+      }
+      toObject() {
+        return {
+          name,
+          data: this.data
+        };
+      }
+    };
+    Object.defineProperty(result, "name", { value: name });
+    return result;
+  }
+  static Unknown = NamedError.create("UnknownError", zod_default.object({
+    message: zod_default.string()
+  }));
+}
+
+// src/util/lock.ts
+var locks = new Map;
+function getLock(key) {
+  let lock = locks.get(key);
+  if (!lock) {
+    lock = {
+      readers: 0,
+      writer: false,
+      waitingReaders: [],
+      waitingWriters: []
+    };
+    locks.set(key, lock);
+  }
+  return lock;
+}
+function processQueue(key) {
+  const lock = locks.get(key);
+  if (!lock || lock.writer || lock.readers > 0)
+    return;
+  if (lock.waitingWriters.length > 0) {
+    const nextWriter = lock.waitingWriters.shift();
+    nextWriter?.();
+    return;
+  }
+  while (lock.waitingReaders.length > 0) {
+    const nextReader = lock.waitingReaders.shift();
+    nextReader?.();
+  }
+  if (lock.readers === 0 && !lock.writer && lock.waitingReaders.length === 0 && lock.waitingWriters.length === 0) {
+    locks.delete(key);
+  }
+}
+async function read(key) {
+  const lock = getLock(key);
+  return new Promise((resolve) => {
+    if (!lock.writer && lock.waitingWriters.length === 0) {
+      lock.readers++;
+      resolve({
+        [Symbol.dispose]: () => {
+          lock.readers--;
+          processQueue(key);
+        }
+      });
+    } else {
+      lock.waitingReaders.push(() => {
+        lock.readers++;
+        resolve({
+          [Symbol.dispose]: () => {
+            lock.readers--;
+            processQueue(key);
+          }
+        });
+      });
+    }
+  });
+}
+async function write(key) {
+  const lock = getLock(key);
+  return new Promise((resolve) => {
+    if (!lock.writer && lock.readers === 0) {
+      lock.writer = true;
+      resolve({
+        [Symbol.dispose]: () => {
+          lock.writer = false;
+          processQueue(key);
+        }
+      });
+    } else {
+      lock.waitingWriters.push(() => {
+        lock.writer = true;
+        resolve({
+          [Symbol.dispose]: () => {
+            lock.writer = false;
+            processQueue(key);
+          }
+        });
+      });
+    }
+  });
+}
+
+// src/core/storage/index.ts
+var NotFoundError = NamedError.create("NotFoundError", zod_default.object({
+  message: zod_default.string()
+}));
+function getBaseDir() {
+  return process.env.PENSAR_DATA_DIR ?? path.join(os.homedir(), ".pensar");
+}
+async function write2(key, content, ext) {
+  const dir = getBaseDir();
+  const target = path.join(dir, ...key) + (ext ? ext : ".json");
+  return withErrorHandling(async () => {
+    let __stack = [];
+    try {
+      const _ = __using(__stack, await write(target), 0);
+      await fs.mkdir(path.dirname(target), { recursive: true });
+      await fs.writeFile(target, JSON.stringify(content, null, 2), "utf-8");
+    } catch (_catch) {
+      var _err = _catch, _hasErr = 1;
+    } finally {
+      __callDispose(__stack, _err, _hasErr);
+    }
+  });
+}
+async function createDir(key) {
+  const dir = getBaseDir();
+  const target = path.join(dir, ...key);
+  return withErrorHandling(async () => {
+    let __stack = [];
+    try {
+      const _ = __using(__stack, await write(target), 0);
+      await fs.mkdir(target, { recursive: true });
+    } catch (_catch) {
+      var _err = _catch, _hasErr = 1;
+    } finally {
+      __callDispose(__stack, _err, _hasErr);
+    }
+  });
+}
+async function writeRaw(key, content) {
+  const dir = getBaseDir();
+  const target = path.join(dir, ...key);
+  return withErrorHandling(async () => {
+    let __stack = [];
+    try {
+      const _ = __using(__stack, await write(target), 0);
+      const parentDir = path.dirname(target);
+      await fs.mkdir(parentDir, { recursive: true });
+      await fs.writeFile(target, content, "utf-8");
+    } catch (_catch) {
+      var _err = _catch, _hasErr = 1;
+    } finally {
+      __callDispose(__stack, _err, _hasErr);
+    }
+  });
+}
+async function read2(key, ext) {
+  const dir = getBaseDir();
+  const target = path.join(dir, ...key) + (ext ? ext : ".json");
+  return withErrorHandling(async () => {
+    let __stack = [];
+    try {
+      const _ = __using(__stack, await read(target), 0);
+      const text = await fs.readFile(target, "utf-8");
+      const result = ext ? text : JSON.parse(text);
+      return result;
+    } catch (_catch) {
+      var _err = _catch, _hasErr = 1;
+    } finally {
+      __callDispose(__stack, _err, _hasErr);
+    }
+  });
+}
+async function update(key, fn, ext) {
+  const dir = getBaseDir();
+  const target = path.join(dir, ...key) + (ext ? ext : ".json");
+  return withErrorHandling(async () => {
+    let __stack = [];
+    try {
+      const _ = __using(__stack, await write(target), 0);
+      const text = await fs.readFile(target, "utf-8");
+      const content = ext ? text : JSON.parse(text);
+      fn(content);
+      await fs.writeFile(target, JSON.stringify(content, null, 2), "utf-8");
+      return content;
+    } catch (_catch) {
+      var _err = _catch, _hasErr = 1;
+    } finally {
+      __callDispose(__stack, _err, _hasErr);
+    }
+  });
+}
+async function withErrorHandling(body) {
+  return body().catch((e) => {
+    if (!(e instanceof Error))
+      throw e;
+    const errnoExcpetion = e;
+    if (errnoExcpetion.code === "ENOENT") {
+      throw new NotFoundError({
+        message: `Resource not found: ${errnoExcpetion.path}`
+      });
+    }
+    throw e;
+  });
+}
+async function listFilesRecursively(dir) {
+  const entries = await readdir(dir, { withFileTypes: true });
+  const files = [];
+  for (const entry of entries) {
+    const fullPath = path.join(dir, entry.name);
+    if (entry.isDirectory()) {
+      files.push(...await listFilesRecursively(fullPath));
+    } else {
+      files.push(fullPath);
+    }
+  }
+  return files;
+}
+async function list(prefix) {
+  const dir = getBaseDir();
+  const targetDir = path.join(dir, ...prefix);
+  try {
+    const files = await listFilesRecursively(targetDir);
+    const result = files.map((filePath) => {
+      const relativePath = path.relative(targetDir, filePath);
+      return [...prefix, ...relativePath.slice(0, -5).split(path.sep)];
+    });
+    result.sort();
+    return result;
+  } catch {
+    return [];
+  }
+}
+
+export { generateRandomName, generateSessionName, CredentialManager, schema, descending, RateLimiter, NotFoundError, write2 as write, createDir, writeRaw, read2 as read, update, list };