@pheem49/mint 1.5.0 → 1.5.1

package/src/System/action_executor.js

@@ -1,19 +1,33 @@
-const { clipboard: electronClipboard } = require('electron');
+let electronClipboard = null;
+try {
+    ({ clipboard: electronClipboard } = require('electron'));
+} catch (_) {
+    electronClipboard = {
+        writeText: () => {}
+    };
+}
 const { openApp } = require('../Automation_Layer/open_app');
 const { openWebsite, openSearch } = require('../Automation_Layer/open_website');
 const { performWebAutomation } = require('../Automation_Layer/browser_automation');
 const { createFolder, openFile, deleteFile, findPath } = require('../Automation_Layer/file_operations');
 const { indexFile, indexFolder } = require('../AI_Brain/knowledge_base');
+const { getSystemInfo, getWeather } = require('./system_info');
 const pluginManager = require('../Plugins/plugin_manager');
 const mcpManager = require('../Plugins/mcp_manager');
-const granularAutomation = require('./granular_automation');
 const SystemAutomation = require('./system_automation');
 const safetyManager = require('./safety_manager');
+const toolRegistry = require('./tool_registry');
+const os = require('os');
+const path = require('path');
 
 async function executeAction(action, options = {}) {
-    console.log("Executing action:", action);
+    if (process.env.MINT_DEBUG === '1') {
+        console.log("Executing action:", action);
+    }
+    toolRegistry.validateToolInput(action.type, action);
     const clipboard = options.clipboard || electronClipboard;
     const safety = safetyManager.assertActionAllowed(action, {
+        allowApproval: options.allowApproval === true,
         allowDangerous: options.allowDangerous === true
     });
     safetyManager.appendActionLog({
@@ -21,7 +35,7 @@ async function executeAction(action, options = {}) {
         action: action.type,
         target: action.target || action.path || '',
         tier: safety.tier,
-        approved: options.allowDangerous === true || safety.tier !== safetyManager.TIERS.DANGEROUS
+        approved: options.allowApproval === true || options.allowDangerous === true || safety.tier === safetyManager.TIERS.SAFE
     });
 
     switch (action.type) {
@@ -37,17 +51,23 @@ async function executeAction(action, options = {}) {
         case 'web_automation':
             return await performWebAutomation(action.target);
         case 'create_folder':
+            safetyManager.assertPathCapability(action.target, 'write', {
+                defaultBase: path.join(os.homedir(), 'Desktop')
+            });
             createFolder(action.target);
             break;
         case 'open_file': {
+            safetyManager.assertPathCapability(action.target, 'read');
             const fileRes = await openFile(action.target);
             return fileRes || `Successfully opened file: ${action.target} ✅`;
         }
         case 'open_folder': {
+            safetyManager.assertPathCapability(action.target, 'read');
             const folderRes = await openFile(action.target);
             return folderRes || `Successfully opened folder: ${action.target} ✅`;
         }
         case 'delete_file':
+            safetyManager.assertPathCapability(action.target, 'write');
             await deleteFile(action.target);
             break;
         case 'find_path':
@@ -56,21 +76,33 @@ async function executeAction(action, options = {}) {
             clipboard.writeText(action.target);
             break;
         case 'learn_file':
+            safetyManager.assertPathCapability(action.target, 'read');
             return await indexFile(action.target);
         case 'learn_folder':
+            safetyManager.assertPathCapability(action.target, 'read');
             return await indexFolder(action.target);
+        case 'system_info':
+            return await handleSystemInfo(action.target);
         case 'mcp_tool': {
             const mcpResult = await mcpManager.callTool(action.server, action.target, action.args);
             return JSON.stringify(mcpResult.content);
         }
-        case 'mouse_move':
+        case 'mouse_move': {
+            const granularAutomation = require('./granular_automation');
             return await granularAutomation.mouseMove(action.x, action.y);
-        case 'mouse_click':
+        }
+        case 'mouse_click': {
+            const granularAutomation = require('./granular_automation');
             return await granularAutomation.mouseClick(action.x, action.y, action.button || 1);
-        case 'type_text':
+        }
+        case 'type_text': {
+            const granularAutomation = require('./granular_automation');
             return await granularAutomation.typeText(action.target);
-        case 'key_tap':
+        }
+        case 'key_tap': {
+            const granularAutomation = require('./granular_automation');
             return await granularAutomation.keyTap(action.target);
+        }
         case 'plugin':
             return await pluginManager.executePlugin(action.pluginName, action.target);
         case 'system_automation':
@@ -80,10 +112,27 @@ async function executeAction(action, options = {}) {
     }
 }
 
+async function handleSystemInfo(target = '') {
+    const query = String(target || '').trim();
+    if (query) {
+        const weather = await getWeather(query);
+        return JSON.stringify({
+            type: 'weather',
+            target: query,
+            ...weather
+        });
+    }
+    return JSON.stringify({
+        type: 'system_info',
+        data: getSystemInfo()
+    });
+}
+
 async function executeFindPath(action) {
     const result = findPath(action.target, {
         type: action.pathType,
-        maxResults: 10
+        maxResults: 10,
+        roots: safetyManager.getAllowedRoots('read')
     });
     if (!result.success) {
         return result.message;
@@ -126,4 +175,4 @@ async function handleSystemAutomation(target) {
     }
 }
 
-module.exports = { executeAction, handleSystemAutomation };
+module.exports = { executeAction, handleSystemAutomation, handleSystemInfo };

package/src/System/config_manager.js

@@ -99,7 +99,37 @@ const DEFAULT_CONFIG = {
     enableAgentCollaboration: false,
     enableAutoUpdate: true,
     autoUpdateCheckIntervalHours: 24,
-    lastUpdateCheckAt: ''
+    lastUpdateCheckAt: '',
+    safetyEnabled: true,
+    sandboxMode: 'prefer', // off | prefer | enforce
+    sandboxCommand: process.platform === 'darwin' ? 'sandbox-exec' : process.platform === 'linux' ? 'bwrap' : '',
+    allowedReadPaths: [
+        os.homedir(),
+        process.cwd(),
+        path.join(os.homedir(), 'Desktop'),
+        path.join(os.homedir(), 'Documents'),
+        path.join(os.homedir(), 'Downloads'),
+        path.join(os.homedir(), 'Pictures'),
+        path.join(os.homedir(), 'Music'),
+        path.join(os.homedir(), 'Videos')
+    ],
+    allowedWritePaths: [
+        os.homedir(),
+        process.cwd(),
+        path.join(os.homedir(), 'Desktop'),
+        path.join(os.homedir(), 'Documents'),
+        path.join(os.homedir(), 'Downloads'),
+        path.join(os.homedir(), 'Pictures'),
+        path.join(os.homedir(), 'Music'),
+        path.join(os.homedir(), 'Videos')
+    ],
+    blockedPaths: [
+        path.join(os.homedir(), '.ssh'),
+        path.join(os.homedir(), '.gnupg'),
+        path.join(os.homedir(), '.config', 'mint', 'mint-config.json'),
+        path.join(os.homedir(), '.mint', 'mint-config.json')
+    ],
+    blockedFileNames: ['.env', 'id_rsa', 'id_ed25519']
 };
 
 

package/src/System/granular_automation.js

@@ -1,88 +1,157 @@
-const { exec } = require('child_process');
+const { execFile, spawnSync } = require('child_process');
 const { screen } = require('electron');
 
-/**
- * GranularAutomation handles low-level OS input via xdotool.
- * It uses a normalized coordinate system (0-1000).
- */
+function commandExists(command) {
+    const lookup = process.platform === 'win32' ? 'where' : 'which';
+    const result = spawnSync(lookup, [command], { encoding: 'utf8', shell: false });
+    return result.status === 0;
+}
+
+function run(command, args = []) {
+    return new Promise((resolve, reject) => {
+        execFile(command, args, (err, stdout, stderr) => {
+            if (err) {
+                err.stderr = stderr;
+                reject(err);
+                return;
+            }
+            resolve(stdout);
+        });
+    });
+}
+
+function unsupported(feature) {
+    throw new Error(`${feature} is not supported on ${process.platform} by the current input automation provider.`);
+}
+
+function escapePowerShellSingleQuoted(value) {
+    return String(value || '').replace(/'/g, "''");
+}
+
+function keyToMacKey(key) {
+    const value = String(key || '').trim();
+    const map = {
+        Enter: 'return',
+        Return: 'return',
+        Escape: 'escape',
+        Esc: 'escape',
+        Space: 'space',
+        Backspace: 'delete',
+        Delete: 'forward delete',
+        Tab: 'tab'
+    };
+    return map[value] || value;
+}
+
 class GranularAutomation {
     constructor() {
-        this.screenWidth = 1920; // Default fallback
+        this.screenWidth = 1920;
         this.screenHeight = 1080;
         this.updateScreenSize();
     }
 
     updateScreenSize() {
         try {
-            // In Electron main process, we can use the screen module
             const primaryDisplay = screen.getPrimaryDisplay();
             if (primaryDisplay && primaryDisplay.size) {
                 this.screenWidth = primaryDisplay.size.width;
                 this.screenHeight = primaryDisplay.size.height;
-                console.log(`[Automation] Screen detected: ${this.screenWidth}x${this.screenHeight}`);
             }
-        } catch (e) {
-            // Fallback for CLI or cases where screen module is unavailable
-            exec('xdpyinfo | grep dimensions', (err, stdout) => {
-                if (!err && stdout) {
-                    const match = stdout.match(/(\d+)x(\d+) pixels/);
-                    if (match) {
-                        this.screenWidth = parseInt(match[1]);
-                        this.screenHeight = parseInt(match[2]);
-                        console.log(`[Automation] Screen detected via xdpyinfo: ${this.screenWidth}x${this.screenHeight}`);
-                    }
-                }
-            });
+        } catch (_) {
+            // Electron screen can be unavailable in CLI-only contexts.
         }
     }
 
     scaleX(x) {
-        return Math.round((x / 1000) * this.screenWidth);
+        return Math.round((Number(x) / 1000) * this.screenWidth);
     }
 
     scaleY(y) {
-        return Math.round((y / 1000) * this.screenHeight);
+        return Math.round((Number(y) / 1000) * this.screenHeight);
     }
 
-    run(command) {
-        return new Promise((resolve, reject) => {
-            exec(command, (err, stdout, stderr) => {
-                if (err) {
-                    console.error(`[Automation] xdotool error: ${stderr}`);
-                    reject(err);
-                } else {
-                    resolve(stdout);
-                }
-            });
-        });
+    provider() {
+        if (process.platform === 'darwin') return macProvider;
+        if (process.platform === 'win32') return windowsProvider;
+        return linuxProvider;
     }
 
-    async mouseMove(x, y) {
-        const sx = this.scaleX(x);
-        const sy = this.scaleY(y);
-        console.log(`[Automation] Moving mouse to ${sx}, ${sy}`);
-        return this.run(`xdotool mousemove ${sx} ${sy}`);
+    mouseMove(x, y) {
+        return this.provider().mouseMove(this.scaleX(x), this.scaleY(y));
     }
 
-    async mouseClick(x, y, button = 1) {
-        const sx = this.scaleX(x);
-        const sy = this.scaleY(y);
-        console.log(`[Automation] Clicking ${button} at ${sx}, ${sy}`);
-        // move first then click to be safe
-        return this.run(`xdotool mousemove ${sx} ${sy} click ${button}`);
+    mouseClick(x, y, button = 1) {
+        return this.provider().mouseClick(this.scaleX(x), this.scaleY(y), button);
     }
 
-    async typeText(text) {
-        console.log(`[Automation] Typing: ${text}`);
-        // Escape double quotes for shell
-        const escaped = text.replace(/"/g, '\\"');
-        return this.run(`xdotool type "${escaped}"`);
+    typeText(text) {
+        return this.provider().typeText(String(text || ''));
     }
 
-    async keyTap(key) {
-        console.log(`[Automation] Key tap: ${key}`);
-        return this.run(`xdotool key "${key}"`);
+    keyTap(key) {
+        return this.provider().keyTap(String(key || ''));
     }
 }
 
-module.exports = new GranularAutomation();
+const linuxProvider = {
+    mouseMove: (x, y) => run('xdotool', ['mousemove', String(x), String(y)]),
+    mouseClick: (x, y, button = 1) => run('xdotool', ['mousemove', String(x), String(y), 'click', String(button)]),
+    typeText: (text) => run('xdotool', ['type', text]),
+    keyTap: (key) => run('xdotool', ['key', key])
+};
+
+const macProvider = {
+    mouseMove(x, y) {
+        if (!commandExists('cliclick')) return unsupported('Mouse move');
+        return run('cliclick', [`m:${x},${y}`]);
+    },
+    mouseClick(x, y) {
+        if (!commandExists('cliclick')) return unsupported('Mouse click');
+        return run('cliclick', [`c:${x},${y}`]);
+    },
+    typeText(text) {
+        if (commandExists('cliclick')) return run('cliclick', [`t:${text}`]);
+        return run('osascript', ['-e', `tell application "System Events" to keystroke ${JSON.stringify(text)}`]);
+    },
+    keyTap(key) {
+        const macKey = keyToMacKey(key);
+        if (commandExists('cliclick')) return run('cliclick', [`kp:${macKey}`]);
+        if (macKey.length === 1) {
+            return run('osascript', ['-e', `tell application "System Events" to keystroke ${JSON.stringify(macKey)}`]);
+        }
+        return unsupported('Special key tap without cliclick');
+    }
+};
+
+const windowsProvider = {
+    mouseMove(x, y) {
+        const script = `[void][Reflection.Assembly]::LoadWithPartialName('System.Windows.Forms'); [System.Windows.Forms.Cursor]::Position = New-Object System.Drawing.Point(${x}, ${y})`;
+        return run('powershell.exe', ['-NoProfile', '-NonInteractive', '-Command', script]);
+    },
+    mouseClick(x, y, button = 1) {
+        const down = Number(button) === 2 ? '0x0008' : '0x0002';
+        const up = Number(button) === 2 ? '0x0010' : '0x0004';
+        const script = [
+            "Add-Type -MemberDefinition '[DllImport(\"user32.dll\")] public static extern bool SetCursorPos(int X,int Y); [DllImport(\"user32.dll\")] public static extern void mouse_event(int dwFlags,int dx,int dy,int dwData,int dwExtraInfo);' -Name NativeMouse -Namespace Mint;",
+            `[Mint.NativeMouse]::SetCursorPos(${x}, ${y}) | Out-Null;`,
+            `[Mint.NativeMouse]::mouse_event(${down},0,0,0,0);`,
+            `[Mint.NativeMouse]::mouse_event(${up},0,0,0,0);`
+        ].join(' ');
+        return run('powershell.exe', ['-NoProfile', '-NonInteractive', '-Command', script]);
+    },
+    typeText(text) {
+        const safe = escapePowerShellSingleQuoted(text);
+        const script = `Add-Type -AssemblyName System.Windows.Forms; [System.Windows.Forms.SendKeys]::SendWait('${safe}')`;
+        return run('powershell.exe', ['-NoProfile', '-NonInteractive', '-Command', script]);
+    },
+    keyTap(key) {
+        const safe = escapePowerShellSingleQuoted(key);
+        const script = `Add-Type -AssemblyName System.Windows.Forms; [System.Windows.Forms.SendKeys]::SendWait('{${safe}}')`;
+        return run('powershell.exe', ['-NoProfile', '-NonInteractive', '-Command', script]);
+    }
+};
+
+const instance = new GranularAutomation();
+instance._providers = { linuxProvider, macProvider, windowsProvider, commandExists };
+
+module.exports = instance;

package/src/System/proactive_loop.js

@@ -1,10 +1,24 @@
 const { BrowserWindow, desktopCapturer, screen, powerMonitor } = require('electron');
 const path = require('path');
-const { analyzeAndSuggest } = require('../AI_Brain/proactive_engine');
-const { recordBehavior, getBehaviorSummary } = require('../AI_Brain/behavior_memory');
 
 const IDLE_THRESHOLD_SEC = 300;
 
+let proactiveEngine = null;
+function getProactiveEngine() {
+    if (!proactiveEngine) {
+        proactiveEngine = require('../AI_Brain/proactive_engine');
+    }
+    return proactiveEngine;
+}
+
+let behaviorMemory = null;
+function getBehaviorMemory() {
+    if (!behaviorMemory) {
+        behaviorMemory = require('../AI_Brain/behavior_memory');
+    }
+    return behaviorMemory;
+}
+
 function createProactiveLoop({ app, projectRoot, readConfig, getMainWindow }) {
     let proactiveGlowWindow = null;
     let proactiveIntervalHandle = null;
@@ -29,6 +43,8 @@ function createProactiveLoop({ app, projectRoot, readConfig, getMainWindow }) {
             if (!primarySource || !primarySource.thumbnail) return;
 
             const base64Image = primarySource.thumbnail.toJPEG(60).toString('base64');
+            const { analyzeAndSuggest } = getProactiveEngine();
+            const { recordBehavior, getBehaviorSummary } = getBehaviorMemory();
             const result = await analyzeAndSuggest(base64Image, getBehaviorSummary());
 
             if (result && result.message && Array.isArray(result.suggestions)) {
@@ -130,7 +146,7 @@ function createProactiveLoop({ app, projectRoot, readConfig, getMainWindow }) {
         stop,
         startIdleWatcher,
         isRunning: () => Boolean(proactiveIntervalHandle),
-        recordBehavior
+        recordBehavior: (...args) => getBehaviorMemory().recordBehavior(...args)
     };
 }
 

package/src/System/safety_manager.js

@@ -1,6 +1,7 @@
 const fs = require('fs');
 const os = require('os');
 const path = require('path');
+const { readConfig } = require('./config_manager');
 
 const TIERS = Object.freeze({
     SAFE: 'safe',
@@ -40,6 +41,7 @@ const SAFE_ACTIONS = new Set([
     'clipboard_write',
     'learn_file',
     'learn_folder',
+    'system_info',
     'mcp_tool',
     'mouse_move',
     'mouse_click',
@@ -56,6 +58,103 @@ function normalizeCommand(command) {
     return String(command || '').replace(/\s+/g, ' ').trim();
 }
 
+function expandHome(targetPath) {
+    const value = String(targetPath || '');
+    if (value === '~') return os.homedir();
+    if (value.startsWith('~/')) return path.join(os.homedir(), value.slice(2));
+    return value;
+}
+
+function normalizeRootList(paths) {
+    return (Array.isArray(paths) ? paths : [])
+        .filter(Boolean)
+        .map((entry) => path.resolve(expandHome(entry)));
+}
+
+function getPolicy(config = readConfig()) {
+    const enabled = config.safetyEnabled !== false;
+    const fallbackRead = [
+        os.homedir(),
+        process.cwd(),
+        path.join(os.homedir(), 'Desktop'),
+        path.join(os.homedir(), 'Documents'),
+        path.join(os.homedir(), 'Downloads'),
+        path.join(os.homedir(), 'Pictures'),
+        path.join(os.homedir(), 'Music'),
+        path.join(os.homedir(), 'Videos')
+    ];
+    const fallbackWrite = [
+        os.homedir(),
+        process.cwd(),
+        path.join(os.homedir(), 'Desktop'),
+        path.join(os.homedir(), 'Documents'),
+        path.join(os.homedir(), 'Downloads'),
+        path.join(os.homedir(), 'Pictures'),
+        path.join(os.homedir(), 'Music'),
+        path.join(os.homedir(), 'Videos')
+    ];
+
+    return {
+        enabled,
+        sandboxMode: ['off', 'prefer', 'enforce'].includes(config.sandboxMode) ? config.sandboxMode : 'prefer',
+        sandboxCommand: config.sandboxCommand || (process.platform === 'darwin' ? 'sandbox-exec' : process.platform === 'linux' ? 'bwrap' : ''),
+        allowedReadPaths: normalizeRootList(config.allowedReadPaths && config.allowedReadPaths.length ? config.allowedReadPaths : fallbackRead),
+        allowedWritePaths: normalizeRootList(config.allowedWritePaths && config.allowedWritePaths.length ? config.allowedWritePaths : fallbackWrite),
+        blockedPaths: normalizeRootList(config.blockedPaths || []),
+        blockedFileNames: new Set(Array.isArray(config.blockedFileNames) ? config.blockedFileNames : ['.env', 'id_rsa', 'id_ed25519'])
+    };
+}
+
+function isPathWithin(root, targetPath) {
+    const relative = path.relative(root, targetPath);
+    return relative === '' || (!relative.startsWith('..') && !path.isAbsolute(relative));
+}
+
+function resolveCapabilityPath(targetPath, options = {}) {
+    if (!targetPath) throw new Error('Target path is required.');
+
+    const expanded = expandHome(targetPath);
+    if (path.isAbsolute(expanded)) return path.resolve(expanded);
+
+    const firstPart = String(expanded).split(/[/\\]/)[0];
+    const commonHomeFolders = new Set(['Desktop', 'Documents', 'Downloads', 'Pictures', 'Music', 'Videos']);
+    if (commonHomeFolders.has(firstPart)) {
+        return path.resolve(os.homedir(), expanded);
+    }
+
+    const base = options.defaultBase || process.cwd();
+    return path.resolve(base, expanded);
+}
+
+function assertPathCapability(targetPath, capability = 'read', options = {}) {
+    const policy = getPolicy(options.config);
+    const resolved = resolveCapabilityPath(targetPath, options);
+
+    if (!policy.enabled) return resolved;
+
+    if (policy.blockedFileNames.has(path.basename(resolved))) {
+        throw new Error(`Blocked ${capability} access to sensitive file name: ${path.basename(resolved)}`);
+    }
+
+    const blockedRoot = policy.blockedPaths.find((root) => isPathWithin(root, resolved));
+    if (blockedRoot) {
+        throw new Error(`Blocked ${capability} access to protected path: ${resolved}`);
+    }
+
+    const allowedRoots = capability === 'write' ? policy.allowedWritePaths : policy.allowedReadPaths;
+    const allowed = allowedRoots.some((root) => isPathWithin(root, resolved));
+    if (!allowed) {
+        throw new Error(`Path ${capability} denied by capability policy: ${resolved}`);
+    }
+
+    return resolved;
+}
+
+function getAllowedRoots(capability = 'read', options = {}) {
+    const policy = getPolicy(options.config);
+    return capability === 'write' ? policy.allowedWritePaths : policy.allowedReadPaths;
+}
+
 function classifyShellCommand(command) {
     const normalized = normalizeCommand(command);
     if (!normalized) {
@@ -105,6 +204,7 @@ function classifyAction(action = {}) {
 function assertActionAllowed(action, options = {}) {
     const classification = classifyAction(action);
     const allowDangerous = options.allowDangerous === true;
+    const allowApproval = options.allowApproval === true;
 
     if (classification.tier === TIERS.BLOCKED) {
         throw new Error(`Blocked action (${classification.reason}): ${action.type}`);
@@ -114,6 +214,10 @@ function assertActionAllowed(action, options = {}) {
         throw new Error(`Dangerous action requires explicit permission (${classification.reason}): ${action.type}`);
     }
 
+    if (classification.tier === TIERS.APPROVAL && !allowApproval) {
+        throw new Error(`Action requires approval (${classification.reason}): ${action.type}`);
+    }
+
     return classification;
 }
 
@@ -156,10 +260,14 @@ function appendActionLog(entry, options = {}) {
 
 module.exports = {
     TIERS,
+    getPolicy,
+    getAllowedRoots,
     classifyShellCommand,
     assertShellCommandAllowed,
     classifyAction,
     assertActionAllowed,
+    assertPathCapability,
+    resolveCapabilityPath,
     resolveWithinRoot,
     appendActionLog
 };