@posthog/wizard 2.9.0 → 2.10.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (731) hide show
  1. package/README.md +40 -0
  2. package/dist/McpScreen-BmHapIaP.js +3357 -0
  3. package/dist/McpScreen-BmHapIaP.js.map +1 -0
  4. package/dist/add-mcp-server-to-clients-DZtISNrs.js +455 -0
  5. package/dist/add-mcp-server-to-clients-DZtISNrs.js.map +1 -0
  6. package/dist/agent-runner-CGwrcr57.js +1112 -0
  7. package/dist/agent-runner-CGwrcr57.js.map +1 -0
  8. package/dist/agent-skill-BVjJqol6.js +59 -0
  9. package/dist/agent-skill-BVjJqol6.js.map +1 -0
  10. package/dist/analytics-C4jO5Qda.js +207 -0
  11. package/dist/analytics-C4jO5Qda.js.map +1 -0
  12. package/dist/analytics-CpjaBpx6.js +2 -0
  13. package/dist/bin.d.ts +1 -2
  14. package/dist/bin.js +635 -524
  15. package/dist/bin.js.map +1 -1
  16. package/dist/craft-pre-release.sh +10 -0
  17. package/dist/debug-CIyf0ZGx.js +2 -0
  18. package/dist/debug-CyJ_3dTP.js +201 -0
  19. package/dist/debug-CyJ_3dTP.js.map +1 -0
  20. package/dist/defaults-DoVkE0gW.js +234 -0
  21. package/dist/defaults-DoVkE0gW.js.map +1 -0
  22. package/dist/detection-CkLpxBCD.js +122 -0
  23. package/dist/detection-CkLpxBCD.js.map +1 -0
  24. package/dist/env-api-key-K8TdTDII.js +20 -0
  25. package/dist/env-api-key-K8TdTDII.js.map +1 -0
  26. package/dist/file-utils-BWneZy6p.js +38 -0
  27. package/dist/file-utils-BWneZy6p.js.map +1 -0
  28. package/dist/generate-version.cjs +11 -0
  29. package/dist/package-json-BQgl5C3Z.js +2 -0
  30. package/dist/package-json-Ctq6LSl8.js +25 -0
  31. package/dist/package-json-Ctq6LSl8.js.map +1 -0
  32. package/dist/package-manager-nUQ-ebjr.js +222 -0
  33. package/dist/package-manager-nUQ-ebjr.js.map +1 -0
  34. package/dist/posthog-integration-BzxdDK4z.js +230 -0
  35. package/dist/posthog-integration-BzxdDK4z.js.map +1 -0
  36. package/dist/readiness-Dn7eq8NE.js +2156 -0
  37. package/dist/readiness-Dn7eq8NE.js.map +1 -0
  38. package/dist/registry-s55_iuJT.js +2922 -0
  39. package/dist/registry-s55_iuJT.js.map +1 -0
  40. package/dist/rolldown-runtime-B_-DWIq7.js +15 -0
  41. package/dist/router-D5A1Sb4p.js +141 -0
  42. package/dist/router-D5A1Sb4p.js.map +1 -0
  43. package/dist/setup-utils-CdDnllRW.js +928 -0
  44. package/dist/setup-utils-CdDnllRW.js.map +1 -0
  45. package/dist/smoke-test-ci.sh +165 -0
  46. package/dist/start-playground-B8qCLu7U.js +1005 -0
  47. package/dist/start-playground-B8qCLu7U.js.map +1 -0
  48. package/dist/start-tui-PygiIyNC.js +1887 -0
  49. package/dist/start-tui-PygiIyNC.js.map +1 -0
  50. package/dist/steps-CySv8XdD.js +146 -0
  51. package/dist/steps-CySv8XdD.js.map +1 -0
  52. package/dist/telemetry-Ct_GGkSO.js +13 -0
  53. package/dist/telemetry-Ct_GGkSO.js.map +1 -0
  54. package/dist/wizard-abort-7HUIsqv1.js +39 -0
  55. package/dist/wizard-abort-7HUIsqv1.js.map +1 -0
  56. package/dist/wizard-abort-Dhjb2o08.js +2 -0
  57. package/dist/wizard-session-Db6R023m.js +62 -0
  58. package/dist/wizard-session-Db6R023m.js.map +1 -0
  59. package/dist/wizard-session-y7nf6aKH.js +2 -0
  60. package/npm-shrinkwrap.json +2 -2
  61. package/package.json +16 -8
  62. package/dist/src/__tests__/cli.test.d.ts +0 -1
  63. package/dist/src/__tests__/cli.test.js +0 -256
  64. package/dist/src/__tests__/cli.test.js.map +0 -1
  65. package/dist/src/__tests__/package-json.test.d.ts +0 -1
  66. package/dist/src/__tests__/package-json.test.js +0 -173
  67. package/dist/src/__tests__/package-json.test.js.map +0 -1
  68. package/dist/src/__tests__/wizard-abort.test.d.ts +0 -1
  69. package/dist/src/__tests__/wizard-abort.test.js +0 -148
  70. package/dist/src/__tests__/wizard-abort.test.js.map +0 -1
  71. package/dist/src/frameworks/android/android-wizard-agent.d.ts +0 -6
  72. package/dist/src/frameworks/android/android-wizard-agent.js +0 -142
  73. package/dist/src/frameworks/android/android-wizard-agent.js.map +0 -1
  74. package/dist/src/frameworks/android/utils.d.ts +0 -11
  75. package/dist/src/frameworks/android/utils.js +0 -97
  76. package/dist/src/frameworks/android/utils.js.map +0 -1
  77. package/dist/src/frameworks/angular/angular-wizard-agent.d.ts +0 -4
  78. package/dist/src/frameworks/angular/angular-wizard-agent.js +0 -65
  79. package/dist/src/frameworks/angular/angular-wizard-agent.js.map +0 -1
  80. package/dist/src/frameworks/angular/utils.d.ts +0 -4
  81. package/dist/src/frameworks/angular/utils.js +0 -9
  82. package/dist/src/frameworks/angular/utils.js.map +0 -1
  83. package/dist/src/frameworks/astro/astro-wizard-agent.d.ts +0 -7
  84. package/dist/src/frameworks/astro/astro-wizard-agent.js +0 -102
  85. package/dist/src/frameworks/astro/astro-wizard-agent.js.map +0 -1
  86. package/dist/src/frameworks/astro/utils.d.ts +0 -14
  87. package/dist/src/frameworks/astro/utils.js +0 -114
  88. package/dist/src/frameworks/astro/utils.js.map +0 -1
  89. package/dist/src/frameworks/django/django-wizard-agent.d.ts +0 -8
  90. package/dist/src/frameworks/django/django-wizard-agent.js +0 -173
  91. package/dist/src/frameworks/django/django-wizard-agent.js.map +0 -1
  92. package/dist/src/frameworks/django/utils.d.ts +0 -31
  93. package/dist/src/frameworks/django/utils.js +0 -306
  94. package/dist/src/frameworks/django/utils.js.map +0 -1
  95. package/dist/src/frameworks/fastapi/fastapi-wizard-agent.d.ts +0 -5
  96. package/dist/src/frameworks/fastapi/fastapi-wizard-agent.js +0 -191
  97. package/dist/src/frameworks/fastapi/fastapi-wizard-agent.js.map +0 -1
  98. package/dist/src/frameworks/fastapi/utils.d.ts +0 -26
  99. package/dist/src/frameworks/fastapi/utils.js +0 -258
  100. package/dist/src/frameworks/fastapi/utils.js.map +0 -1
  101. package/dist/src/frameworks/flask/flask-wizard-agent.d.ts +0 -8
  102. package/dist/src/frameworks/flask/flask-wizard-agent.js +0 -179
  103. package/dist/src/frameworks/flask/flask-wizard-agent.js.map +0 -1
  104. package/dist/src/frameworks/flask/utils.d.ts +0 -28
  105. package/dist/src/frameworks/flask/utils.js +0 -344
  106. package/dist/src/frameworks/flask/utils.js.map +0 -1
  107. package/dist/src/frameworks/javascript-node/javascript-node-wizard-agent.d.ts +0 -4
  108. package/dist/src/frameworks/javascript-node/javascript-node-wizard-agent.js +0 -61
  109. package/dist/src/frameworks/javascript-node/javascript-node-wizard-agent.js.map +0 -1
  110. package/dist/src/frameworks/javascript-web/javascript-web-wizard-agent.d.ts +0 -3
  111. package/dist/src/frameworks/javascript-web/javascript-web-wizard-agent.js +0 -152
  112. package/dist/src/frameworks/javascript-web/javascript-web-wizard-agent.js.map +0 -1
  113. package/dist/src/frameworks/javascript-web/utils.d.ts +0 -28
  114. package/dist/src/frameworks/javascript-web/utils.js +0 -147
  115. package/dist/src/frameworks/javascript-web/utils.js.map +0 -1
  116. package/dist/src/frameworks/laravel/laravel-wizard-agent.d.ts +0 -10
  117. package/dist/src/frameworks/laravel/laravel-wizard-agent.js +0 -182
  118. package/dist/src/frameworks/laravel/laravel-wizard-agent.js.map +0 -1
  119. package/dist/src/frameworks/laravel/utils.d.ts +0 -38
  120. package/dist/src/frameworks/laravel/utils.js +0 -238
  121. package/dist/src/frameworks/laravel/utils.js.map +0 -1
  122. package/dist/src/frameworks/nextjs/nextjs-wizard-agent.d.ts +0 -7
  123. package/dist/src/frameworks/nextjs/nextjs-wizard-agent.js +0 -94
  124. package/dist/src/frameworks/nextjs/nextjs-wizard-agent.js.map +0 -1
  125. package/dist/src/frameworks/nextjs/utils.d.ts +0 -12
  126. package/dist/src/frameworks/nextjs/utils.js +0 -52
  127. package/dist/src/frameworks/nextjs/utils.js.map +0 -1
  128. package/dist/src/frameworks/nuxt/nuxt-wizard-agent.d.ts +0 -6
  129. package/dist/src/frameworks/nuxt/nuxt-wizard-agent.js +0 -77
  130. package/dist/src/frameworks/nuxt/nuxt-wizard-agent.js.map +0 -1
  131. package/dist/src/frameworks/python/python-wizard-agent.d.ts +0 -7
  132. package/dist/src/frameworks/python/python-wizard-agent.js +0 -195
  133. package/dist/src/frameworks/python/python-wizard-agent.js.map +0 -1
  134. package/dist/src/frameworks/python/utils.d.ts +0 -28
  135. package/dist/src/frameworks/python/utils.js +0 -147
  136. package/dist/src/frameworks/python/utils.js.map +0 -1
  137. package/dist/src/frameworks/rails/rails-wizard-agent.d.ts +0 -8
  138. package/dist/src/frameworks/rails/rails-wizard-agent.js +0 -90
  139. package/dist/src/frameworks/rails/rails-wizard-agent.js.map +0 -1
  140. package/dist/src/frameworks/rails/utils.d.ts +0 -37
  141. package/dist/src/frameworks/rails/utils.js +0 -187
  142. package/dist/src/frameworks/rails/utils.js.map +0 -1
  143. package/dist/src/frameworks/react-native/react-native-wizard-agent.d.ts +0 -7
  144. package/dist/src/frameworks/react-native/react-native-wizard-agent.js +0 -89
  145. package/dist/src/frameworks/react-native/react-native-wizard-agent.js.map +0 -1
  146. package/dist/src/frameworks/react-native/utils.d.ts +0 -8
  147. package/dist/src/frameworks/react-native/utils.js +0 -28
  148. package/dist/src/frameworks/react-native/utils.js.map +0 -1
  149. package/dist/src/frameworks/react-router/react-router-wizard-agent.d.ts +0 -7
  150. package/dist/src/frameworks/react-router/react-router-wizard-agent.js +0 -94
  151. package/dist/src/frameworks/react-router/react-router-wizard-agent.js.map +0 -1
  152. package/dist/src/frameworks/react-router/utils.d.ts +0 -13
  153. package/dist/src/frameworks/react-router/utils.js +0 -161
  154. package/dist/src/frameworks/react-router/utils.js.map +0 -1
  155. package/dist/src/frameworks/ruby/ruby-wizard-agent.d.ts +0 -7
  156. package/dist/src/frameworks/ruby/ruby-wizard-agent.js +0 -113
  157. package/dist/src/frameworks/ruby/ruby-wizard-agent.js.map +0 -1
  158. package/dist/src/frameworks/ruby/utils.d.ts +0 -25
  159. package/dist/src/frameworks/ruby/utils.js +0 -158
  160. package/dist/src/frameworks/ruby/utils.js.map +0 -1
  161. package/dist/src/frameworks/svelte/svelte-wizard-agent.d.ts +0 -4
  162. package/dist/src/frameworks/svelte/svelte-wizard-agent.js +0 -61
  163. package/dist/src/frameworks/svelte/svelte-wizard-agent.js.map +0 -1
  164. package/dist/src/frameworks/swift/swift-wizard-agent.d.ts +0 -7
  165. package/dist/src/frameworks/swift/swift-wizard-agent.js +0 -143
  166. package/dist/src/frameworks/swift/swift-wizard-agent.js.map +0 -1
  167. package/dist/src/frameworks/swift/utils.d.ts +0 -8
  168. package/dist/src/frameworks/swift/utils.js +0 -105
  169. package/dist/src/frameworks/swift/utils.js.map +0 -1
  170. package/dist/src/frameworks/tanstack-router/tanstack-router-wizard-agent.d.ts +0 -7
  171. package/dist/src/frameworks/tanstack-router/tanstack-router-wizard-agent.js +0 -96
  172. package/dist/src/frameworks/tanstack-router/tanstack-router-wizard-agent.js.map +0 -1
  173. package/dist/src/frameworks/tanstack-router/utils.d.ts +0 -11
  174. package/dist/src/frameworks/tanstack-router/utils.js +0 -149
  175. package/dist/src/frameworks/tanstack-router/utils.js.map +0 -1
  176. package/dist/src/frameworks/tanstack-start/tanstack-start-wizard-agent.d.ts +0 -4
  177. package/dist/src/frameworks/tanstack-start/tanstack-start-wizard-agent.js +0 -64
  178. package/dist/src/frameworks/tanstack-start/tanstack-start-wizard-agent.js.map +0 -1
  179. package/dist/src/frameworks/tanstack-start/utils.d.ts +0 -4
  180. package/dist/src/frameworks/tanstack-start/utils.js +0 -9
  181. package/dist/src/frameworks/tanstack-start/utils.js.map +0 -1
  182. package/dist/src/frameworks/vue/vue-wizard-agent.d.ts +0 -4
  183. package/dist/src/frameworks/vue/vue-wizard-agent.js +0 -62
  184. package/dist/src/frameworks/vue/vue-wizard-agent.js.map +0 -1
  185. package/dist/src/lib/__tests__/agent-interface.test.d.ts +0 -1
  186. package/dist/src/lib/__tests__/agent-interface.test.js +0 -317
  187. package/dist/src/lib/__tests__/agent-interface.test.js.map +0 -1
  188. package/dist/src/lib/__tests__/cloudflare-detection.test.d.ts +0 -1
  189. package/dist/src/lib/__tests__/cloudflare-detection.test.js +0 -119
  190. package/dist/src/lib/__tests__/cloudflare-detection.test.js.map +0 -1
  191. package/dist/src/lib/__tests__/wizard-tools.test.d.ts +0 -1
  192. package/dist/src/lib/__tests__/wizard-tools.test.js +0 -200
  193. package/dist/src/lib/__tests__/wizard-tools.test.js.map +0 -1
  194. package/dist/src/lib/__tests__/yara-hooks.test.d.ts +0 -1
  195. package/dist/src/lib/__tests__/yara-hooks.test.js +0 -432
  196. package/dist/src/lib/__tests__/yara-hooks.test.js.map +0 -1
  197. package/dist/src/lib/__tests__/yara-scanner.test.d.ts +0 -1
  198. package/dist/src/lib/__tests__/yara-scanner.test.js +0 -613
  199. package/dist/src/lib/__tests__/yara-scanner.test.js.map +0 -1
  200. package/dist/src/lib/agent/__tests__/agent-prompt.test.d.ts +0 -1
  201. package/dist/src/lib/agent/__tests__/agent-prompt.test.js +0 -57
  202. package/dist/src/lib/agent/__tests__/agent-prompt.test.js.map +0 -1
  203. package/dist/src/lib/agent/agent-interface.d.ts +0 -171
  204. package/dist/src/lib/agent/agent-interface.js +0 -1082
  205. package/dist/src/lib/agent/agent-interface.js.map +0 -1
  206. package/dist/src/lib/agent/agent-prompt.d.ts +0 -23
  207. package/dist/src/lib/agent/agent-prompt.js +0 -47
  208. package/dist/src/lib/agent/agent-prompt.js.map +0 -1
  209. package/dist/src/lib/agent/agent-runner.d.ts +0 -78
  210. package/dist/src/lib/agent/agent-runner.js +0 -323
  211. package/dist/src/lib/agent/agent-runner.js.map +0 -1
  212. package/dist/src/lib/agent/commandments.d.ts +0 -1
  213. package/dist/src/lib/agent/commandments.js +0 -26
  214. package/dist/src/lib/agent/commandments.js.map +0 -1
  215. package/dist/src/lib/api.d.ts +0 -75
  216. package/dist/src/lib/api.js +0 -105
  217. package/dist/src/lib/api.js.map +0 -1
  218. package/dist/src/lib/cloudflare-detection.d.ts +0 -14
  219. package/dist/src/lib/cloudflare-detection.js +0 -74
  220. package/dist/src/lib/cloudflare-detection.js.map +0 -1
  221. package/dist/src/lib/constants.d.ts +0 -74
  222. package/dist/src/lib/constants.js +0 -98
  223. package/dist/src/lib/constants.js.map +0 -1
  224. package/dist/src/lib/detection/__tests__/context.test.d.ts +0 -1
  225. package/dist/src/lib/detection/__tests__/context.test.js +0 -72
  226. package/dist/src/lib/detection/__tests__/context.test.js.map +0 -1
  227. package/dist/src/lib/detection/__tests__/features.test.d.ts +0 -1
  228. package/dist/src/lib/detection/__tests__/features.test.js +0 -75
  229. package/dist/src/lib/detection/__tests__/features.test.js.map +0 -1
  230. package/dist/src/lib/detection/__tests__/package-manager.test.d.ts +0 -1
  231. package/dist/src/lib/detection/__tests__/package-manager.test.js +0 -195
  232. package/dist/src/lib/detection/__tests__/package-manager.test.js.map +0 -1
  233. package/dist/src/lib/detection/context.d.ts +0 -31
  234. package/dist/src/lib/detection/context.js +0 -92
  235. package/dist/src/lib/detection/context.js.map +0 -1
  236. package/dist/src/lib/detection/features.d.ts +0 -16
  237. package/dist/src/lib/detection/features.js +0 -56
  238. package/dist/src/lib/detection/features.js.map +0 -1
  239. package/dist/src/lib/detection/framework.d.ts +0 -14
  240. package/dist/src/lib/detection/framework.js +0 -35
  241. package/dist/src/lib/detection/framework.js.map +0 -1
  242. package/dist/src/lib/detection/index.d.ts +0 -3
  243. package/dist/src/lib/detection/index.js +0 -11
  244. package/dist/src/lib/detection/index.js.map +0 -1
  245. package/dist/src/lib/detection/package-manager.d.ts +0 -37
  246. package/dist/src/lib/detection/package-manager.js +0 -183
  247. package/dist/src/lib/detection/package-manager.js.map +0 -1
  248. package/dist/src/lib/framework-config.d.ts +0 -175
  249. package/dist/src/lib/framework-config.js +0 -22
  250. package/dist/src/lib/framework-config.js.map +0 -1
  251. package/dist/src/lib/health-checks/__tests__/health-checks.test.d.ts +0 -18
  252. package/dist/src/lib/health-checks/__tests__/health-checks.test.js +0 -759
  253. package/dist/src/lib/health-checks/__tests__/health-checks.test.js.map +0 -1
  254. package/dist/src/lib/health-checks/endpoints.d.ts +0 -4
  255. package/dist/src/lib/health-checks/endpoints.js +0 -49
  256. package/dist/src/lib/health-checks/endpoints.js.map +0 -1
  257. package/dist/src/lib/health-checks/index.d.ts +0 -4
  258. package/dist/src/lib/health-checks/index.js +0 -24
  259. package/dist/src/lib/health-checks/index.js.map +0 -1
  260. package/dist/src/lib/health-checks/readiness.d.ts +0 -29
  261. package/dist/src/lib/health-checks/readiness.js +0 -188
  262. package/dist/src/lib/health-checks/readiness.js.map +0 -1
  263. package/dist/src/lib/health-checks/statuspage.d.ts +0 -9
  264. package/dist/src/lib/health-checks/statuspage.js +0 -105
  265. package/dist/src/lib/health-checks/statuspage.js.map +0 -1
  266. package/dist/src/lib/health-checks/types.d.ts +0 -32
  267. package/dist/src/lib/health-checks/types.js +0 -10
  268. package/dist/src/lib/health-checks/types.js.map +0 -1
  269. package/dist/src/lib/helper-functions.d.ts +0 -1
  270. package/dist/src/lib/helper-functions.js +0 -6
  271. package/dist/src/lib/helper-functions.js.map +0 -1
  272. package/dist/src/lib/middleware/benchmark.d.ts +0 -54
  273. package/dist/src/lib/middleware/benchmark.js +0 -45
  274. package/dist/src/lib/middleware/benchmark.js.map +0 -1
  275. package/dist/src/lib/middleware/benchmarks/cache-tracker.d.ts +0 -44
  276. package/dist/src/lib/middleware/benchmarks/cache-tracker.js +0 -81
  277. package/dist/src/lib/middleware/benchmarks/cache-tracker.js.map +0 -1
  278. package/dist/src/lib/middleware/benchmarks/compaction-tracker.d.ts +0 -29
  279. package/dist/src/lib/middleware/benchmarks/compaction-tracker.js +0 -60
  280. package/dist/src/lib/middleware/benchmarks/compaction-tracker.js.map +0 -1
  281. package/dist/src/lib/middleware/benchmarks/context-size-tracker.d.ts +0 -26
  282. package/dist/src/lib/middleware/benchmarks/context-size-tracker.js +0 -56
  283. package/dist/src/lib/middleware/benchmarks/context-size-tracker.js.map +0 -1
  284. package/dist/src/lib/middleware/benchmarks/cost-tracker.d.ts +0 -16
  285. package/dist/src/lib/middleware/benchmarks/cost-tracker.js +0 -76
  286. package/dist/src/lib/middleware/benchmarks/cost-tracker.js.map +0 -1
  287. package/dist/src/lib/middleware/benchmarks/duration-tracker.d.ts +0 -20
  288. package/dist/src/lib/middleware/benchmarks/duration-tracker.js +0 -40
  289. package/dist/src/lib/middleware/benchmarks/duration-tracker.js.map +0 -1
  290. package/dist/src/lib/middleware/benchmarks/index.d.ts +0 -9
  291. package/dist/src/lib/middleware/benchmarks/index.js +0 -60
  292. package/dist/src/lib/middleware/benchmarks/index.js.map +0 -1
  293. package/dist/src/lib/middleware/benchmarks/json-writer.d.ts +0 -15
  294. package/dist/src/lib/middleware/benchmarks/json-writer.js +0 -144
  295. package/dist/src/lib/middleware/benchmarks/json-writer.js.map +0 -1
  296. package/dist/src/lib/middleware/benchmarks/summary.d.ts +0 -9
  297. package/dist/src/lib/middleware/benchmarks/summary.js +0 -102
  298. package/dist/src/lib/middleware/benchmarks/summary.js.map +0 -1
  299. package/dist/src/lib/middleware/benchmarks/token-tracker.d.ts +0 -40
  300. package/dist/src/lib/middleware/benchmarks/token-tracker.js +0 -77
  301. package/dist/src/lib/middleware/benchmarks/token-tracker.js.map +0 -1
  302. package/dist/src/lib/middleware/benchmarks/turn-counter.d.ts +0 -34
  303. package/dist/src/lib/middleware/benchmarks/turn-counter.js +0 -59
  304. package/dist/src/lib/middleware/benchmarks/turn-counter.js.map +0 -1
  305. package/dist/src/lib/middleware/config.d.ts +0 -24
  306. package/dist/src/lib/middleware/config.js +0 -78
  307. package/dist/src/lib/middleware/config.js.map +0 -1
  308. package/dist/src/lib/middleware/index.d.ts +0 -11
  309. package/dist/src/lib/middleware/index.js +0 -18
  310. package/dist/src/lib/middleware/index.js.map +0 -1
  311. package/dist/src/lib/middleware/phase-detector.d.ts +0 -7
  312. package/dist/src/lib/middleware/phase-detector.js +0 -64
  313. package/dist/src/lib/middleware/phase-detector.js.map +0 -1
  314. package/dist/src/lib/middleware/pipeline.d.ts +0 -29
  315. package/dist/src/lib/middleware/pipeline.js +0 -82
  316. package/dist/src/lib/middleware/pipeline.js.map +0 -1
  317. package/dist/src/lib/middleware/types.d.ts +0 -40
  318. package/dist/src/lib/middleware/types.js +0 -9
  319. package/dist/src/lib/middleware/types.js.map +0 -1
  320. package/dist/src/lib/registry.d.ts +0 -3
  321. package/dist/src/lib/registry.js +0 -49
  322. package/dist/src/lib/registry.js.map +0 -1
  323. package/dist/src/lib/safe-tools.d.ts +0 -2
  324. package/dist/src/lib/safe-tools.js +0 -215
  325. package/dist/src/lib/safe-tools.js.map +0 -1
  326. package/dist/src/lib/skill-install.d.ts +0 -10
  327. package/dist/src/lib/skill-install.js +0 -23
  328. package/dist/src/lib/skill-install.js.map +0 -1
  329. package/dist/src/lib/version.d.ts +0 -1
  330. package/dist/src/lib/version.js +0 -6
  331. package/dist/src/lib/version.js.map +0 -1
  332. package/dist/src/lib/wizard-session.d.ts +0 -146
  333. package/dist/src/lib/wizard-session.js +0 -116
  334. package/dist/src/lib/wizard-session.js.map +0 -1
  335. package/dist/src/lib/wizard-tools.d.ts +0 -91
  336. package/dist/src/lib/wizard-tools.js +0 -389
  337. package/dist/src/lib/wizard-tools.js.map +0 -1
  338. package/dist/src/lib/workflows/__tests__/agent-skill.test.d.ts +0 -1
  339. package/dist/src/lib/workflows/__tests__/agent-skill.test.js +0 -66
  340. package/dist/src/lib/workflows/__tests__/agent-skill.test.js.map +0 -1
  341. package/dist/src/lib/workflows/__tests__/revenue-analytics-detect.test.d.ts +0 -1
  342. package/dist/src/lib/workflows/__tests__/revenue-analytics-detect.test.js +0 -101
  343. package/dist/src/lib/workflows/__tests__/revenue-analytics-detect.test.js.map +0 -1
  344. package/dist/src/lib/workflows/__tests__/workflow-registry.test.d.ts +0 -1
  345. package/dist/src/lib/workflows/__tests__/workflow-registry.test.js +0 -32
  346. package/dist/src/lib/workflows/__tests__/workflow-registry.test.js.map +0 -1
  347. package/dist/src/lib/workflows/__tests__/workflow-step.test.d.ts +0 -1
  348. package/dist/src/lib/workflows/__tests__/workflow-step.test.js +0 -54
  349. package/dist/src/lib/workflows/__tests__/workflow-step.test.js.map +0 -1
  350. package/dist/src/lib/workflows/agent-skill/index.d.ts +0 -44
  351. package/dist/src/lib/workflows/agent-skill/index.js +0 -47
  352. package/dist/src/lib/workflows/agent-skill/index.js.map +0 -1
  353. package/dist/src/lib/workflows/agent-skill/steps.d.ts +0 -8
  354. package/dist/src/lib/workflows/agent-skill/steps.js +0 -32
  355. package/dist/src/lib/workflows/agent-skill/steps.js.map +0 -1
  356. package/dist/src/lib/workflows/posthog-integration/detect.d.ts +0 -12
  357. package/dist/src/lib/workflows/posthog-integration/detect.js +0 -57
  358. package/dist/src/lib/workflows/posthog-integration/detect.js.map +0 -1
  359. package/dist/src/lib/workflows/posthog-integration/index.d.ts +0 -3
  360. package/dist/src/lib/workflows/posthog-integration/index.js +0 -152
  361. package/dist/src/lib/workflows/posthog-integration/index.js.map +0 -1
  362. package/dist/src/lib/workflows/posthog-integration/steps.d.ts +0 -9
  363. package/dist/src/lib/workflows/posthog-integration/steps.js +0 -100
  364. package/dist/src/lib/workflows/posthog-integration/steps.js.map +0 -1
  365. package/dist/src/lib/workflows/revenue-analytics/detect.d.ts +0 -40
  366. package/dist/src/lib/workflows/revenue-analytics/detect.js +0 -156
  367. package/dist/src/lib/workflows/revenue-analytics/detect.js.map +0 -1
  368. package/dist/src/lib/workflows/revenue-analytics/index.d.ts +0 -4
  369. package/dist/src/lib/workflows/revenue-analytics/index.js +0 -30
  370. package/dist/src/lib/workflows/revenue-analytics/index.js.map +0 -1
  371. package/dist/src/lib/workflows/revenue-analytics/steps.d.ts +0 -8
  372. package/dist/src/lib/workflows/revenue-analytics/steps.js +0 -48
  373. package/dist/src/lib/workflows/revenue-analytics/steps.js.map +0 -1
  374. package/dist/src/lib/workflows/workflow-registry.d.ts +0 -18
  375. package/dist/src/lib/workflows/workflow-registry.js +0 -32
  376. package/dist/src/lib/workflows/workflow-registry.js.map +0 -1
  377. package/dist/src/lib/workflows/workflow-step.d.ts +0 -126
  378. package/dist/src/lib/workflows/workflow-step.js +0 -28
  379. package/dist/src/lib/workflows/workflow-step.js.map +0 -1
  380. package/dist/src/lib/yara-hooks.d.ts +0 -44
  381. package/dist/src/lib/yara-hooks.js +0 -377
  382. package/dist/src/lib/yara-hooks.js.map +0 -1
  383. package/dist/src/lib/yara-scanner.d.ts +0 -61
  384. package/dist/src/lib/yara-scanner.js +0 -328
  385. package/dist/src/lib/yara-scanner.js.map +0 -1
  386. package/dist/src/steps/add-mcp-server-to-clients/MCPClient.d.ts +0 -30
  387. package/dist/src/steps/add-mcp-server-to-clients/MCPClient.js +0 -138
  388. package/dist/src/steps/add-mcp-server-to-clients/MCPClient.js.map +0 -1
  389. package/dist/src/steps/add-mcp-server-to-clients/__tests__/defaults.test.d.ts +0 -1
  390. package/dist/src/steps/add-mcp-server-to-clients/__tests__/defaults.test.js +0 -72
  391. package/dist/src/steps/add-mcp-server-to-clients/__tests__/defaults.test.js.map +0 -1
  392. package/dist/src/steps/add-mcp-server-to-clients/clients/__tests__/claude.test.d.ts +0 -1
  393. package/dist/src/steps/add-mcp-server-to-clients/clients/__tests__/claude.test.js +0 -341
  394. package/dist/src/steps/add-mcp-server-to-clients/clients/__tests__/claude.test.js.map +0 -1
  395. package/dist/src/steps/add-mcp-server-to-clients/clients/__tests__/codex.test.d.ts +0 -1
  396. package/dist/src/steps/add-mcp-server-to-clients/clients/__tests__/codex.test.js +0 -108
  397. package/dist/src/steps/add-mcp-server-to-clients/clients/__tests__/codex.test.js.map +0 -1
  398. package/dist/src/steps/add-mcp-server-to-clients/clients/claude-code.d.ts +0 -89
  399. package/dist/src/steps/add-mcp-server-to-clients/clients/claude-code.js +0 -169
  400. package/dist/src/steps/add-mcp-server-to-clients/clients/claude-code.js.map +0 -1
  401. package/dist/src/steps/add-mcp-server-to-clients/clients/claude.d.ts +0 -80
  402. package/dist/src/steps/add-mcp-server-to-clients/clients/claude.js +0 -64
  403. package/dist/src/steps/add-mcp-server-to-clients/clients/claude.js.map +0 -1
  404. package/dist/src/steps/add-mcp-server-to-clients/clients/codex.d.ts +0 -88
  405. package/dist/src/steps/add-mcp-server-to-clients/clients/codex.js +0 -76
  406. package/dist/src/steps/add-mcp-server-to-clients/clients/codex.js.map +0 -1
  407. package/dist/src/steps/add-mcp-server-to-clients/clients/cursor.d.ts +0 -84
  408. package/dist/src/steps/add-mcp-server-to-clients/clients/cursor.js +0 -61
  409. package/dist/src/steps/add-mcp-server-to-clients/clients/cursor.js.map +0 -1
  410. package/dist/src/steps/add-mcp-server-to-clients/clients/visual-studio-code.d.ts +0 -92
  411. package/dist/src/steps/add-mcp-server-to-clients/clients/visual-studio-code.js +0 -101
  412. package/dist/src/steps/add-mcp-server-to-clients/clients/visual-studio-code.js.map +0 -1
  413. package/dist/src/steps/add-mcp-server-to-clients/clients/zed.d.ts +0 -110
  414. package/dist/src/steps/add-mcp-server-to-clients/clients/zed.js +0 -102
  415. package/dist/src/steps/add-mcp-server-to-clients/clients/zed.js.map +0 -1
  416. package/dist/src/steps/add-mcp-server-to-clients/defaults.d.ts +0 -119
  417. package/dist/src/steps/add-mcp-server-to-clients/defaults.js +0 -239
  418. package/dist/src/steps/add-mcp-server-to-clients/defaults.js.map +0 -1
  419. package/dist/src/steps/add-mcp-server-to-clients/index.d.ts +0 -23
  420. package/dist/src/steps/add-mcp-server-to-clients/index.js +0 -111
  421. package/dist/src/steps/add-mcp-server-to-clients/index.js.map +0 -1
  422. package/dist/src/steps/add-or-update-environment-variables.d.ts +0 -10
  423. package/dist/src/steps/add-or-update-environment-variables.js +0 -188
  424. package/dist/src/steps/add-or-update-environment-variables.js.map +0 -1
  425. package/dist/src/steps/index.d.ts +0 -4
  426. package/dist/src/steps/index.js +0 -21
  427. package/dist/src/steps/index.js.map +0 -1
  428. package/dist/src/steps/run-prettier.d.ts +0 -5
  429. package/dist/src/steps/run-prettier.js +0 -91
  430. package/dist/src/steps/run-prettier.js.map +0 -1
  431. package/dist/src/steps/upload-environment-variables/EnvironmentProvider.d.ts +0 -11
  432. package/dist/src/steps/upload-environment-variables/EnvironmentProvider.js +0 -12
  433. package/dist/src/steps/upload-environment-variables/EnvironmentProvider.js.map +0 -1
  434. package/dist/src/steps/upload-environment-variables/index.d.ts +0 -6
  435. package/dist/src/steps/upload-environment-variables/index.js +0 -38
  436. package/dist/src/steps/upload-environment-variables/index.js.map +0 -1
  437. package/dist/src/steps/upload-environment-variables/providers/__tests__/vercel.test.d.ts +0 -1
  438. package/dist/src/steps/upload-environment-variables/providers/__tests__/vercel.test.js +0 -117
  439. package/dist/src/steps/upload-environment-variables/providers/__tests__/vercel.test.js.map +0 -1
  440. package/dist/src/steps/upload-environment-variables/providers/vercel.d.ts +0 -15
  441. package/dist/src/steps/upload-environment-variables/providers/vercel.js +0 -142
  442. package/dist/src/steps/upload-environment-variables/providers/vercel.js.map +0 -1
  443. package/dist/src/telemetry.d.ts +0 -2
  444. package/dist/src/telemetry.js +0 -13
  445. package/dist/src/telemetry.js.map +0 -1
  446. package/dist/src/ui/index.d.ts +0 -8
  447. package/dist/src/ui/index.js +0 -17
  448. package/dist/src/ui/index.js.map +0 -1
  449. package/dist/src/ui/logging-ui.d.ts +0 -52
  450. package/dist/src/ui/logging-ui.js +0 -121
  451. package/dist/src/ui/logging-ui.js.map +0 -1
  452. package/dist/src/ui/tui/App.d.ts +0 -6
  453. package/dist/src/ui/tui/App.js +0 -10
  454. package/dist/src/ui/tui/App.js.map +0 -1
  455. package/dist/src/ui/tui/__tests__/flows.test.d.ts +0 -1
  456. package/dist/src/ui/tui/__tests__/flows.test.js +0 -115
  457. package/dist/src/ui/tui/__tests__/flows.test.js.map +0 -1
  458. package/dist/src/ui/tui/__tests__/layout-helpers.test.d.ts +0 -1
  459. package/dist/src/ui/tui/__tests__/layout-helpers.test.js +0 -68
  460. package/dist/src/ui/tui/__tests__/layout-helpers.test.js.map +0 -1
  461. package/dist/src/ui/tui/__tests__/router.test.d.ts +0 -1
  462. package/dist/src/ui/tui/__tests__/router.test.js +0 -87
  463. package/dist/src/ui/tui/__tests__/router.test.js.map +0 -1
  464. package/dist/src/ui/tui/__tests__/store.test.d.ts +0 -1
  465. package/dist/src/ui/tui/__tests__/store.test.js +0 -889
  466. package/dist/src/ui/tui/__tests__/store.test.js.map +0 -1
  467. package/dist/src/ui/tui/components/LearnCard.d.ts +0 -10
  468. package/dist/src/ui/tui/components/LearnCard.js +0 -217
  469. package/dist/src/ui/tui/components/LearnCard.js.map +0 -1
  470. package/dist/src/ui/tui/components/ServiceHealthList.d.ts +0 -15
  471. package/dist/src/ui/tui/components/ServiceHealthList.js +0 -57
  472. package/dist/src/ui/tui/components/ServiceHealthList.js.map +0 -1
  473. package/dist/src/ui/tui/components/TipsCard.d.ts +0 -9
  474. package/dist/src/ui/tui/components/TipsCard.js +0 -55
  475. package/dist/src/ui/tui/components/TipsCard.js.map +0 -1
  476. package/dist/src/ui/tui/components/TitleBar.d.ts +0 -6
  477. package/dist/src/ui/tui/components/TitleBar.js +0 -17
  478. package/dist/src/ui/tui/components/TitleBar.js.map +0 -1
  479. package/dist/src/ui/tui/flows.d.ts +0 -51
  480. package/dist/src/ui/tui/flows.js +0 -75
  481. package/dist/src/ui/tui/flows.js.map +0 -1
  482. package/dist/src/ui/tui/hooks/useStdoutDimensions.d.ts +0 -9
  483. package/dist/src/ui/tui/hooks/useStdoutDimensions.js +0 -37
  484. package/dist/src/ui/tui/hooks/useStdoutDimensions.js.map +0 -1
  485. package/dist/src/ui/tui/ink-ui.d.ts +0 -58
  486. package/dist/src/ui/tui/ink-ui.js +0 -125
  487. package/dist/src/ui/tui/ink-ui.js.map +0 -1
  488. package/dist/src/ui/tui/package.json +0 -1
  489. package/dist/src/ui/tui/playground/PlaygroundApp.d.ts +0 -12
  490. package/dist/src/ui/tui/playground/PlaygroundApp.js +0 -44
  491. package/dist/src/ui/tui/playground/PlaygroundApp.js.map +0 -1
  492. package/dist/src/ui/tui/playground/demos/HealthCheckDemo.d.ts +0 -11
  493. package/dist/src/ui/tui/playground/demos/HealthCheckDemo.js +0 -57
  494. package/dist/src/ui/tui/playground/demos/HealthCheckDemo.js.map +0 -1
  495. package/dist/src/ui/tui/playground/demos/InputDemo.d.ts +0 -4
  496. package/dist/src/ui/tui/playground/demos/InputDemo.js +0 -53
  497. package/dist/src/ui/tui/playground/demos/InputDemo.js.map +0 -1
  498. package/dist/src/ui/tui/playground/demos/LayoutDemo.d.ts +0 -5
  499. package/dist/src/ui/tui/playground/demos/LayoutDemo.js +0 -25
  500. package/dist/src/ui/tui/playground/demos/LayoutDemo.js.map +0 -1
  501. package/dist/src/ui/tui/playground/demos/LogDemo.d.ts +0 -5
  502. package/dist/src/ui/tui/playground/demos/LogDemo.js +0 -53
  503. package/dist/src/ui/tui/playground/demos/LogDemo.js.map +0 -1
  504. package/dist/src/ui/tui/playground/demos/ModalDemo.d.ts +0 -6
  505. package/dist/src/ui/tui/playground/demos/ModalDemo.js +0 -13
  506. package/dist/src/ui/tui/playground/demos/ModalDemo.js.map +0 -1
  507. package/dist/src/ui/tui/playground/demos/ProgressDemo.d.ts +0 -5
  508. package/dist/src/ui/tui/playground/demos/ProgressDemo.js +0 -58
  509. package/dist/src/ui/tui/playground/demos/ProgressDemo.js.map +0 -1
  510. package/dist/src/ui/tui/playground/demos/RunScreenDemo.d.ts +0 -11
  511. package/dist/src/ui/tui/playground/demos/RunScreenDemo.js +0 -159
  512. package/dist/src/ui/tui/playground/demos/RunScreenDemo.js.map +0 -1
  513. package/dist/src/ui/tui/playground/demos/WelcomeDemo.d.ts +0 -9
  514. package/dist/src/ui/tui/playground/demos/WelcomeDemo.js +0 -15
  515. package/dist/src/ui/tui/playground/demos/WelcomeDemo.js.map +0 -1
  516. package/dist/src/ui/tui/playground/start-playground.d.ts +0 -4
  517. package/dist/src/ui/tui/playground/start-playground.js +0 -24
  518. package/dist/src/ui/tui/playground/start-playground.js.map +0 -1
  519. package/dist/src/ui/tui/primitives/CardLayout.d.ts +0 -12
  520. package/dist/src/ui/tui/primitives/CardLayout.js +0 -10
  521. package/dist/src/ui/tui/primitives/CardLayout.js.map +0 -1
  522. package/dist/src/ui/tui/primitives/ConfirmationInput.d.ts +0 -13
  523. package/dist/src/ui/tui/primitives/ConfirmationInput.js +0 -35
  524. package/dist/src/ui/tui/primitives/ConfirmationInput.js.map +0 -1
  525. package/dist/src/ui/tui/primitives/ContentSequencer.d.ts +0 -42
  526. package/dist/src/ui/tui/primitives/ContentSequencer.js +0 -137
  527. package/dist/src/ui/tui/primitives/ContentSequencer.js.map +0 -1
  528. package/dist/src/ui/tui/primitives/DissolveTransition.d.ts +0 -21
  529. package/dist/src/ui/tui/primitives/DissolveTransition.js +0 -149
  530. package/dist/src/ui/tui/primitives/DissolveTransition.js.map +0 -1
  531. package/dist/src/ui/tui/primitives/Divider.d.ts +0 -6
  532. package/dist/src/ui/tui/primitives/Divider.js +0 -15
  533. package/dist/src/ui/tui/primitives/Divider.js.map +0 -1
  534. package/dist/src/ui/tui/primitives/EventPlanViewer.d.ts +0 -9
  535. package/dist/src/ui/tui/primitives/EventPlanViewer.js +0 -9
  536. package/dist/src/ui/tui/primitives/EventPlanViewer.js.map +0 -1
  537. package/dist/src/ui/tui/primitives/GroupedPickerMenu.d.ts +0 -23
  538. package/dist/src/ui/tui/primitives/GroupedPickerMenu.js +0 -182
  539. package/dist/src/ui/tui/primitives/GroupedPickerMenu.js.map +0 -1
  540. package/dist/src/ui/tui/primitives/HNViewer.d.ts +0 -7
  541. package/dist/src/ui/tui/primitives/HNViewer.js +0 -63
  542. package/dist/src/ui/tui/primitives/HNViewer.js.map +0 -1
  543. package/dist/src/ui/tui/primitives/LinesBlock.d.ts +0 -16
  544. package/dist/src/ui/tui/primitives/LinesBlock.js +0 -37
  545. package/dist/src/ui/tui/primitives/LinesBlock.js.map +0 -1
  546. package/dist/src/ui/tui/primitives/LoadingBox.d.ts +0 -8
  547. package/dist/src/ui/tui/primitives/LoadingBox.js +0 -10
  548. package/dist/src/ui/tui/primitives/LoadingBox.js.map +0 -1
  549. package/dist/src/ui/tui/primitives/LogViewer.d.ts +0 -11
  550. package/dist/src/ui/tui/primitives/LogViewer.js +0 -55
  551. package/dist/src/ui/tui/primitives/LogViewer.js.map +0 -1
  552. package/dist/src/ui/tui/primitives/ModalOverlay.d.ts +0 -25
  553. package/dist/src/ui/tui/primitives/ModalOverlay.js +0 -7
  554. package/dist/src/ui/tui/primitives/ModalOverlay.js.map +0 -1
  555. package/dist/src/ui/tui/primitives/NodeBlock.d.ts +0 -13
  556. package/dist/src/ui/tui/primitives/NodeBlock.js +0 -17
  557. package/dist/src/ui/tui/primitives/NodeBlock.js.map +0 -1
  558. package/dist/src/ui/tui/primitives/PickerMenu.d.ts +0 -20
  559. package/dist/src/ui/tui/primitives/PickerMenu.js +0 -143
  560. package/dist/src/ui/tui/primitives/PickerMenu.js.map +0 -1
  561. package/dist/src/ui/tui/primitives/ProgressList.d.ts +0 -17
  562. package/dist/src/ui/tui/primitives/ProgressList.js +0 -32
  563. package/dist/src/ui/tui/primitives/ProgressList.js.map +0 -1
  564. package/dist/src/ui/tui/primitives/PromptLabel.d.ts +0 -11
  565. package/dist/src/ui/tui/primitives/PromptLabel.js +0 -13
  566. package/dist/src/ui/tui/primitives/PromptLabel.js.map +0 -1
  567. package/dist/src/ui/tui/primitives/ScreenContainer.d.ts +0 -16
  568. package/dist/src/ui/tui/primitives/ScreenContainer.js +0 -36
  569. package/dist/src/ui/tui/primitives/ScreenContainer.js.map +0 -1
  570. package/dist/src/ui/tui/primitives/ScreenErrorBoundary.d.ts +0 -22
  571. package/dist/src/ui/tui/primitives/ScreenErrorBoundary.js +0 -35
  572. package/dist/src/ui/tui/primitives/ScreenErrorBoundary.js.map +0 -1
  573. package/dist/src/ui/tui/primitives/SplitView.d.ts +0 -11
  574. package/dist/src/ui/tui/primitives/SplitView.js +0 -9
  575. package/dist/src/ui/tui/primitives/SplitView.js.map +0 -1
  576. package/dist/src/ui/tui/primitives/TabContainer.d.ts +0 -23
  577. package/dist/src/ui/tui/primitives/TabContainer.js +0 -45
  578. package/dist/src/ui/tui/primitives/TabContainer.js.map +0 -1
  579. package/dist/src/ui/tui/primitives/TextBlock.d.ts +0 -41
  580. package/dist/src/ui/tui/primitives/TextBlock.js +0 -144
  581. package/dist/src/ui/tui/primitives/TextBlock.js.map +0 -1
  582. package/dist/src/ui/tui/primitives/content-types.d.ts +0 -37
  583. package/dist/src/ui/tui/primitives/content-types.js +0 -19
  584. package/dist/src/ui/tui/primitives/content-types.js.map +0 -1
  585. package/dist/src/ui/tui/primitives/index.d.ts +0 -27
  586. package/dist/src/ui/tui/primitives/index.js +0 -24
  587. package/dist/src/ui/tui/primitives/index.js.map +0 -1
  588. package/dist/src/ui/tui/primitives/layout-helpers.d.ts +0 -36
  589. package/dist/src/ui/tui/primitives/layout-helpers.js +0 -95
  590. package/dist/src/ui/tui/primitives/layout-helpers.js.map +0 -1
  591. package/dist/src/ui/tui/primitives/text-helpers.d.ts +0 -10
  592. package/dist/src/ui/tui/primitives/text-helpers.js +0 -43
  593. package/dist/src/ui/tui/primitives/text-helpers.js.map +0 -1
  594. package/dist/src/ui/tui/router.d.ts +0 -58
  595. package/dist/src/ui/tui/router.js +0 -96
  596. package/dist/src/ui/tui/router.js.map +0 -1
  597. package/dist/src/ui/tui/screen-registry.d.ts +0 -19
  598. package/dist/src/ui/tui/screen-registry.js +0 -44
  599. package/dist/src/ui/tui/screen-registry.js.map +0 -1
  600. package/dist/src/ui/tui/screens/AuthErrorScreen.d.ts +0 -7
  601. package/dist/src/ui/tui/screens/AuthErrorScreen.js +0 -16
  602. package/dist/src/ui/tui/screens/AuthErrorScreen.js.map +0 -1
  603. package/dist/src/ui/tui/screens/AuthScreen.d.ts +0 -13
  604. package/dist/src/ui/tui/screens/AuthScreen.js +0 -20
  605. package/dist/src/ui/tui/screens/AuthScreen.js.map +0 -1
  606. package/dist/src/ui/tui/screens/IntroScreen.d.ts +0 -16
  607. package/dist/src/ui/tui/screens/IntroScreen.js +0 -79
  608. package/dist/src/ui/tui/screens/IntroScreen.js.map +0 -1
  609. package/dist/src/ui/tui/screens/ManagedSettingsScreen.d.ts +0 -13
  610. package/dist/src/ui/tui/screens/ManagedSettingsScreen.js +0 -32
  611. package/dist/src/ui/tui/screens/ManagedSettingsScreen.js.map +0 -1
  612. package/dist/src/ui/tui/screens/McpScreen.d.ts +0 -24
  613. package/dist/src/ui/tui/screens/McpScreen.js +0 -127
  614. package/dist/src/ui/tui/screens/McpScreen.js.map +0 -1
  615. package/dist/src/ui/tui/screens/OutroScreen.d.ts +0 -11
  616. package/dist/src/ui/tui/screens/OutroScreen.js +0 -22
  617. package/dist/src/ui/tui/screens/OutroScreen.js.map +0 -1
  618. package/dist/src/ui/tui/screens/PortConflictScreen.d.ts +0 -11
  619. package/dist/src/ui/tui/screens/PortConflictScreen.js +0 -30
  620. package/dist/src/ui/tui/screens/PortConflictScreen.js.map +0 -1
  621. package/dist/src/ui/tui/screens/RevenueIntroScreen.d.ts +0 -16
  622. package/dist/src/ui/tui/screens/RevenueIntroScreen.js +0 -64
  623. package/dist/src/ui/tui/screens/RevenueIntroScreen.js.map +0 -1
  624. package/dist/src/ui/tui/screens/RunScreen.d.ts +0 -16
  625. package/dist/src/ui/tui/screens/RunScreen.js +0 -73
  626. package/dist/src/ui/tui/screens/RunScreen.js.map +0 -1
  627. package/dist/src/ui/tui/screens/SettingsOverrideScreen.d.ts +0 -6
  628. package/dist/src/ui/tui/screens/SettingsOverrideScreen.js +0 -30
  629. package/dist/src/ui/tui/screens/SettingsOverrideScreen.js.map +0 -1
  630. package/dist/src/ui/tui/screens/SetupScreen.d.ts +0 -13
  631. package/dist/src/ui/tui/screens/SetupScreen.js +0 -74
  632. package/dist/src/ui/tui/screens/SetupScreen.js.map +0 -1
  633. package/dist/src/ui/tui/screens/SkillsScreen.d.ts +0 -14
  634. package/dist/src/ui/tui/screens/SkillsScreen.js +0 -71
  635. package/dist/src/ui/tui/screens/SkillsScreen.js.map +0 -1
  636. package/dist/src/ui/tui/screens/health/HealthCheckScreen.d.ts +0 -14
  637. package/dist/src/ui/tui/screens/health/HealthCheckScreen.js +0 -77
  638. package/dist/src/ui/tui/screens/health/HealthCheckScreen.js.map +0 -1
  639. package/dist/src/ui/tui/services/mcp-installer.d.ts +0 -21
  640. package/dist/src/ui/tui/services/mcp-installer.js +0 -58
  641. package/dist/src/ui/tui/services/mcp-installer.js.map +0 -1
  642. package/dist/src/ui/tui/start-tui.d.ts +0 -9
  643. package/dist/src/ui/tui/start-tui.js +0 -41
  644. package/dist/src/ui/tui/start-tui.js.map +0 -1
  645. package/dist/src/ui/tui/store.d.ts +0 -190
  646. package/dist/src/ui/tui/store.js +0 -472
  647. package/dist/src/ui/tui/store.js.map +0 -1
  648. package/dist/src/ui/tui/styles.d.ts +0 -32
  649. package/dist/src/ui/tui/styles.js +0 -35
  650. package/dist/src/ui/tui/styles.js.map +0 -1
  651. package/dist/src/ui/wizard-ui.d.ts +0 -81
  652. package/dist/src/ui/wizard-ui.js +0 -19
  653. package/dist/src/ui/wizard-ui.js.map +0 -1
  654. package/dist/src/utils/__tests__/analytics.test.d.ts +0 -1
  655. package/dist/src/utils/__tests__/analytics.test.js +0 -136
  656. package/dist/src/utils/__tests__/analytics.test.js.map +0 -1
  657. package/dist/src/utils/__tests__/provisioning.test.d.ts +0 -1
  658. package/dist/src/utils/__tests__/provisioning.test.js +0 -192
  659. package/dist/src/utils/__tests__/provisioning.test.js.map +0 -1
  660. package/dist/src/utils/__tests__/semver.test.d.ts +0 -1
  661. package/dist/src/utils/__tests__/semver.test.js +0 -159
  662. package/dist/src/utils/__tests__/semver.test.js.map +0 -1
  663. package/dist/src/utils/__tests__/setup-utils.test.d.ts +0 -1
  664. package/dist/src/utils/__tests__/setup-utils.test.js +0 -138
  665. package/dist/src/utils/__tests__/setup-utils.test.js.map +0 -1
  666. package/dist/src/utils/analytics.d.ts +0 -33
  667. package/dist/src/utils/analytics.js +0 -137
  668. package/dist/src/utils/analytics.js.map +0 -1
  669. package/dist/src/utils/anthropic-status.d.ts +0 -17
  670. package/dist/src/utils/anthropic-status.js +0 -49
  671. package/dist/src/utils/anthropic-status.js.map +0 -1
  672. package/dist/src/utils/bash.d.ts +0 -2
  673. package/dist/src/utils/bash.js +0 -54
  674. package/dist/src/utils/bash.js.map +0 -1
  675. package/dist/src/utils/custom-headers.d.ts +0 -9
  676. package/dist/src/utils/custom-headers.js +0 -24
  677. package/dist/src/utils/custom-headers.js.map +0 -1
  678. package/dist/src/utils/debug.d.ts +0 -29
  679. package/dist/src/utils/debug.js +0 -87
  680. package/dist/src/utils/debug.js.map +0 -1
  681. package/dist/src/utils/env-api-key.d.ts +0 -5
  682. package/dist/src/utils/env-api-key.js +0 -57
  683. package/dist/src/utils/env-api-key.js.map +0 -1
  684. package/dist/src/utils/environment.d.ts +0 -4
  685. package/dist/src/utils/environment.js +0 -77
  686. package/dist/src/utils/environment.js.map +0 -1
  687. package/dist/src/utils/file-utils.d.ts +0 -10
  688. package/dist/src/utils/file-utils.js +0 -49
  689. package/dist/src/utils/file-utils.js.map +0 -1
  690. package/dist/src/utils/logging.d.ts +0 -9
  691. package/dist/src/utils/logging.js +0 -47
  692. package/dist/src/utils/logging.js.map +0 -1
  693. package/dist/src/utils/oauth.d.ts +0 -33
  694. package/dist/src/utils/oauth.js +0 -288
  695. package/dist/src/utils/oauth.js.map +0 -1
  696. package/dist/src/utils/package-json.d.ts +0 -30
  697. package/dist/src/utils/package-json.js +0 -47
  698. package/dist/src/utils/package-json.js.map +0 -1
  699. package/dist/src/utils/package-manager.d.ts +0 -21
  700. package/dist/src/utils/package-manager.js +0 -210
  701. package/dist/src/utils/package-manager.js.map +0 -1
  702. package/dist/src/utils/provisioning.d.ts +0 -25
  703. package/dist/src/utils/provisioning.js +0 -191
  704. package/dist/src/utils/provisioning.js.map +0 -1
  705. package/dist/src/utils/rules/astro-rules.md +0 -44
  706. package/dist/src/utils/rules/next-rules.md +0 -9
  707. package/dist/src/utils/rules/react-native-rules.md +0 -7
  708. package/dist/src/utils/rules/react-rules.md +0 -7
  709. package/dist/src/utils/rules/svelte-rules.md +0 -7
  710. package/dist/src/utils/rules/universal.md +0 -32
  711. package/dist/src/utils/semver.d.ts +0 -21
  712. package/dist/src/utils/semver.js +0 -87
  713. package/dist/src/utils/semver.js.map +0 -1
  714. package/dist/src/utils/setup-utils.d.ts +0 -79
  715. package/dist/src/utils/setup-utils.js +0 -406
  716. package/dist/src/utils/setup-utils.js.map +0 -1
  717. package/dist/src/utils/string.d.ts +0 -1
  718. package/dist/src/utils/string.js +0 -9
  719. package/dist/src/utils/string.js.map +0 -1
  720. package/dist/src/utils/types.d.ts +0 -85
  721. package/dist/src/utils/types.js +0 -3
  722. package/dist/src/utils/types.js.map +0 -1
  723. package/dist/src/utils/urls.d.ts +0 -7
  724. package/dist/src/utils/urls.js +0 -78
  725. package/dist/src/utils/urls.js.map +0 -1
  726. package/dist/src/utils/vendor/is-unicorn-supported.d.ts +0 -1
  727. package/dist/src/utils/vendor/is-unicorn-supported.js +0 -24
  728. package/dist/src/utils/vendor/is-unicorn-supported.js.map +0 -1
  729. package/dist/src/utils/wizard-abort.d.ts +0 -16
  730. package/dist/src/utils/wizard-abort.js +0 -59
  731. package/dist/src/utils/wizard-abort.js.map +0 -1
package/dist/src/lib/yara-scanner.js DELETED
@@ -1,328 +0,0 @@
1
- "use strict";
2
- /**
3
- * YARA content scanner for the PostHog wizard.
4
- *
5
- * This file is the single source of truth for all wizard YARA rules.
6
- *
7
- * Scans tool inputs (pre-execution) and outputs (post-execution) for
8
- * security violations including PII leakage, hardcoded secrets,
9
- * prompt injection, and secret exfiltration.
10
- *
11
- * We use YARA-style regex rules rather than the real YARA C library to
12
- * avoid native binary dependencies in an npx-distributed npm package.
13
- *
14
- * This is Layer 2 (L2) in the wizard's defense-in-depth model,
15
- * complementing the prompt-based commandments (L0) and the
16
- * canUseTool() allowlist (L1).
17
- */
18
- Object.defineProperty(exports, "__esModule", { value: true });
19
- exports.RULES = void 0;
20
- exports.scan = scan;
21
- exports.scanSkillDirectory = scanSkillDirectory;
22
- // ─── Rule Definitions ────────────────────────────────────────────
23
- //
24
- // Patterns are compiled once at module load time for performance.
25
- // Design spec: policies/yara/RULES.md
26
- const POST_WRITE_EDIT = [
27
- { phase: 'PostToolUse', tool: 'Write' },
28
- { phase: 'PostToolUse', tool: 'Edit' },
29
- ];
30
- const POST_READ_GREP = [
31
- { phase: 'PostToolUse', tool: 'Read' },
32
- { phase: 'PostToolUse', tool: 'Grep' },
33
- ];
34
- const PRE_BASH = [
35
- { phase: 'PreToolUse', tool: 'Bash' },
36
- ];
37
- // ── §1 PostHog API Violations ────────────────────────────────────
38
- const pii_in_capture_call = {
39
- name: 'pii_in_capture_call',
40
- description: "Detects PII fields passed to posthog.capture() — violates 'NEVER send PII in capture()' commandment",
41
- severity: 'high',
42
- category: 'posthog_pii',
43
- appliesTo: POST_WRITE_EDIT,
44
- patterns: [
45
- // Direct PII field names in capture properties
46
- /\.capture\s*\([^)]{0,200}email/i,
47
- /\.capture\s*\([^)]{0,200}phone/i,
48
- /\.capture\s*\([^)]{0,200}full[_\s]?name/i,
49
- /\.capture\s*\([^)]{0,200}first[_\s]?name/i,
50
- /\.capture\s*\([^)]{0,200}last[_\s]?name/i,
51
- /\.capture\s*\([^)]{0,200}(street|mailing|home|billing)[_\s]?address/i,
52
- /\.capture\s*\([^)]{0,200}(ssn|social[_\s]?security)/i,
53
- /\.capture\s*\([^)]{0,200}(date[_\s]?of[_\s]?birth|dob|birthday)/i,
54
- /\.capture\s*\([^)]{0,200}\$ip/,
55
- // identify() allows email/phone/name (standard PostHog user properties),
56
- // but highly sensitive PII is still blocked in identify().
57
- /\.identify\s*\([^)]{0,200}(ssn|social[_\s]?security)/i,
58
- /\.identify\s*\([^)]{0,200}(card[_\s]?number|cvv|credit[_\s]?card)/i,
59
- /\.identify\s*\([^)]{0,200}(date[_\s]?of[_\s]?birth|dob|birthday)/i,
60
- /\.identify\s*\([^)]{0,200}(street|mailing|home|billing)[_\s]?address/i,
61
- // PII in $set properties via capture (bound to same object)
62
- /\$set[^}]{0,200}email/i,
63
- /\$set[^}]{0,200}phone/i,
64
- ],
65
- };
66
- const hardcoded_posthog_key = {
67
- name: 'hardcoded_posthog_key',
68
- description: "Detects hardcoded PostHog API keys in source — violates 'use environment variables' commandment",
69
- severity: 'high',
70
- category: 'posthog_hardcoded_key',
71
- appliesTo: POST_WRITE_EDIT,
72
- patterns: [
73
- // PostHog project API key (phc_ prefix, 20+ alphanumeric chars)
74
- /phc_[a-zA-Z0-9]{20,}/,
75
- // PostHog personal API key (phx_ prefix)
76
- /phx_[a-zA-Z0-9]{20,}/,
77
- // Hardcoded key assignment patterns
78
- /apiKey\s*[:=]\s*['"][a-zA-Z0-9_]{20,}['"]/,
79
- /api_key\s*[:=]\s*['"][a-zA-Z0-9_]{20,}['"]/,
80
- /POSTHOG_PROJECT_TOKEN\s*[:=]\s*['"][a-zA-Z0-9_]{20,}['"]/,
81
- ],
82
- };
83
- const autocapture_disabled = {
84
- name: 'autocapture_disabled',
85
- description: "Detects agent disabling autocapture — violates 'don't disable autocapture' commandment",
86
- severity: 'medium',
87
- category: 'posthog_autocapture',
88
- appliesTo: POST_WRITE_EDIT,
89
- patterns: [
90
- /autocapture\s*:\s*false/,
91
- /autocapture\s*:\s*'false'/,
92
- /autocapture\s*:\s*"false"/,
93
- /autocapture\s*=\s*False/,
94
- /disable_autocapture\s*[:=]\s*(true|True|1)/,
95
- ],
96
- };
97
- // ── §1b Additional PostHog config rules ──────────────────────────
98
- const hardcoded_posthog_host = {
99
- name: 'hardcoded_posthog_host',
100
- description: 'Detects hardcoded PostHog host URLs in source — should use environment variables',
101
- severity: 'high',
102
- category: 'posthog_hardcoded_key',
103
- appliesTo: POST_WRITE_EDIT,
104
- patterns: [/['"]https:\/\/(us|eu)\.i\.posthog\.com['"]/],
105
- };
106
- const session_recording_disabled = {
107
- name: 'session_recording_disabled',
108
- description: 'Detects agent disabling session recording',
109
- severity: 'medium',
110
- category: 'posthog_config',
111
- appliesTo: POST_WRITE_EDIT,
112
- patterns: [
113
- /disable_session_recording\s*:\s*true/i,
114
- /disable_session_recording\s*=\s*True/,
115
- ],
116
- };
117
- const opt_out_capturing = {
118
- name: 'opt_out_capturing',
119
- description: 'Detects agent opting out of PostHog capturing entirely',
120
- severity: 'medium',
121
- category: 'posthog_config',
122
- appliesTo: POST_WRITE_EDIT,
123
- patterns: [
124
- // Match opt_out_capturing as a config property (in init options), not as a method call.
125
- // posthog.opt_out_capturing() is a legitimate GDPR-required API.
126
- /opt_out_capturing\s*[:=]\s*(true|True|1)/i,
127
- /opted_out\s*[:=]\s*(true|True|1)/i,
128
- ],
129
- };
130
- // ── §2 Prompt Injection ──────────────────────────────────────────
131
- const prompt_injection_wizard_override = {
132
- name: 'prompt_injection_wizard_override',
133
- description: 'Detects classic prompt injection attempting to override agent instructions',
134
- severity: 'critical',
135
- category: 'prompt_injection',
136
- appliesTo: POST_READ_GREP,
137
- patterns: [
138
- // Direct instruction override — classic injection patterns
139
- /ignore previous instructions/i,
140
- /disregard all/i,
141
- /forget your instructions/i,
142
- /override your rules/i,
143
- // Role manipulation
144
- /act as a different/i,
145
- /new instructions:/i,
146
- ],
147
- };
148
- const prompt_injection_wizard_specific = {
149
- name: 'prompt_injection_wizard_specific',
150
- description: 'Detects wizard-specific manipulation or tool abuse attempts in project files',
151
- severity: 'medium',
152
- category: 'prompt_injection',
153
- appliesTo: POST_READ_GREP,
154
- patterns: [
155
- // Wizard-specific manipulation
156
- /skip posthog/i,
157
- /do not install posthog/i,
158
- /remove posthog/i,
159
- /uninstall posthog/i,
160
- /delete the posthog/i,
161
- // Tool abuse via file content
162
- /run the following command/i,
163
- /execute this shell command/i,
164
- // Role hijacking — require "you are now a" to avoid false positives
165
- // on legitimate phrases like "you are now ready to..."
166
- /you are now a\s/i,
167
- ],
168
- };
169
- const prompt_injection_base64 = {
170
- name: 'prompt_injection_base64',
171
- description: 'Detects suspicious base64-encoded blocks in file content that may contain obfuscated prompt injection',
172
- severity: 'critical',
173
- category: 'prompt_injection',
174
- appliesTo: POST_READ_GREP,
175
- patterns: [
176
- // Long base64 strings (100+ chars) in comments or string literals
177
- // that aren't typical data URIs or legitimate base64 content
178
- /(?:\/\/|#|\/\*)\s*[A-Za-z0-9+/]{100,}={0,2}/,
179
- ],
180
- };
181
- // ── §3 Secret Exfiltration ───────────────────────────────────────
182
- const secret_exfiltration_via_command = {
183
- name: 'secret_exfiltration_via_command',
184
- description: 'Detects shell commands attempting to exfiltrate secrets or credentials',
185
- severity: 'critical',
186
- category: 'exfiltration',
187
- appliesTo: PRE_BASH,
188
- patterns: [
189
- // curl/wget with environment variable secrets
190
- /curl\s+.*\$\{?[A-Z_]*(KEY|TOKEN|SECRET|PASSWORD|CREDENTIAL)/i,
191
- /wget\s+.*\$\{?[A-Z_]*(KEY|TOKEN|SECRET|PASSWORD|CREDENTIAL)/i,
192
- // Piping sensitive content to network tools
193
- /(\$\{?[A-Z_]*(KEY|TOKEN|SECRET|PASSWORD)|\.env|credentials)\S*.*\|\s*curl/i,
194
- /(\$\{?[A-Z_]*(KEY|TOKEN|SECRET|PASSWORD)|\.env|credentials)\S*.*\|\s*wget/i,
195
- /\|\s*nc\s/,
196
- /\|\s*netcat\s/,
197
- // Base64 encoding piped to network
198
- /base64.*\|\s*(curl|wget|nc\s)/i,
199
- // Reading .env and sending
200
- /cat\s+.*\.env.*\|\s*(curl|wget)/,
201
- // PostHog key exfiltration specifically
202
- /curl.*phc_[a-zA-Z0-9]/,
203
- /wget.*phc_[a-zA-Z0-9]/,
204
- ],
205
- };
206
- // ── §4 Filesystem Safety ─────────────────────────────────────────
207
- const destructive_rm = {
208
- name: 'destructive_rm',
209
- description: 'Detects rm -rf or rm -r commands that could mass-delete files',
210
- severity: 'critical',
211
- category: 'filesystem_safety',
212
- appliesTo: PRE_BASH,
213
- patterns: [
214
- // Combined flags: rm -rf, rm -fr, rm -rfi, etc.
215
- /\brm\s+(-[a-zA-Z]*r[a-zA-Z]*f|-[a-zA-Z]*f[a-zA-Z]*r)\b/,
216
- // Separated flags: rm -r -f, rm -f -r (with optional other flags)
217
- /\brm\s+(-[a-zA-Z]*\s+)*-[a-zA-Z]*r[a-zA-Z]*\s+(-[a-zA-Z]*\s+)*-[a-zA-Z]*f\b/,
218
- /\brm\s+(-[a-zA-Z]*\s+)*-[a-zA-Z]*f[a-zA-Z]*\s+(-[a-zA-Z]*\s+)*-[a-zA-Z]*r\b/,
219
- ],
220
- };
221
- const git_force_push = {
222
- name: 'git_force_push',
223
- description: 'Detects git push --force which can overwrite remote history',
224
- severity: 'critical',
225
- category: 'filesystem_safety',
226
- appliesTo: PRE_BASH,
227
- patterns: [/git\s+push\s+.*--force/, /git\s+push\s+.*-f\b/],
228
- };
229
- const git_reset_hard = {
230
- name: 'git_reset_hard',
231
- description: 'Detects git reset --hard which discards all uncommitted changes',
232
- severity: 'critical',
233
- category: 'filesystem_safety',
234
- appliesTo: PRE_BASH,
235
- patterns: [/git\s+reset\s+--hard/],
236
- };
237
- // ── §5 Supply Chain ──────────────────────────────────────────────
238
- const wrong_posthog_package = {
239
- name: 'wrong_posthog_package',
240
- description: 'Detects installing the wrong PostHog npm package — should be posthog-js or posthog-node',
241
- severity: 'high',
242
- category: 'supply_chain',
243
- appliesTo: PRE_BASH,
244
- patterns: [
245
- // Match "npm install posthog" but not "posthog-js", "posthog-node", etc.
246
- /npm\s+install\s+(?:--save\s+|--save-dev\s+|-[SD]\s+)*posthog(?!\s*-)/,
247
- /pnpm\s+(?:add|install)\s+(?:--save\s+|--save-dev\s+|-[SD]\s+)*posthog(?!\s*-)/,
248
- /yarn\s+add\s+(?:--dev\s+|-D\s+)*posthog(?!\s*-)/,
249
- /bun\s+(?:add|install)\s+(?:--dev\s+|-[dD]\s+)*posthog(?!\s*-)/,
250
- ],
251
- };
252
- const npm_install_global = {
253
- name: 'npm_install_global',
254
- description: 'Detects global npm installs — should never install packages globally',
255
- severity: 'high',
256
- category: 'supply_chain',
257
- appliesTo: PRE_BASH,
258
- patterns: [/npm\s+install\s+-g\b/, /npm\s+install\s+--global\b/],
259
- };
260
- // ─── Rule Registry ───────────────────────────────────────────────
261
- exports.RULES = [
262
- // §1 PostHog API violations
263
- pii_in_capture_call,
264
- hardcoded_posthog_key,
265
- autocapture_disabled,
266
- hardcoded_posthog_host,
267
- session_recording_disabled,
268
- opt_out_capturing,
269
- // §2 Prompt injection
270
- prompt_injection_wizard_override,
271
- prompt_injection_wizard_specific,
272
- prompt_injection_base64,
273
- // §3 Secret exfiltration
274
- secret_exfiltration_via_command,
275
- // §4 Filesystem safety
276
- destructive_rm,
277
- git_force_push,
278
- git_reset_hard,
279
- // §5 Supply chain
280
- wrong_posthog_package,
281
- npm_install_global,
282
- ];
283
- // ─── Scan Engine ─────────────────────────────────────────────────
284
- /** Maximum content length to scan (100 KB). Inputs beyond this are truncated. */
285
- const MAX_SCAN_LENGTH = 100_000;
286
- /**
287
- * Scan content against rules applicable to a given hook phase and tool.
288
- * Returns all matching rules (one match per rule, first pattern wins).
289
- */
290
- function scan(content, phase, tool) {
291
- // Cap input length to prevent pathological regex performance
292
- const scanContent = content.length > MAX_SCAN_LENGTH
293
- ? content.slice(0, MAX_SCAN_LENGTH)
294
- : content;
295
- const applicableRules = exports.RULES.filter((r) => r.appliesTo.some((a) => a.phase === phase && a.tool === tool));
296
- const matches = [];
297
- for (const rule of applicableRules) {
298
- for (const pattern of rule.patterns) {
299
- const match = pattern.exec(scanContent);
300
- if (match) {
301
- matches.push({
302
- rule,
303
- matchedText: match[0],
304
- offset: match.index,
305
- });
306
- break; // One match per rule is sufficient
307
- }
308
- }
309
- }
310
- return matches.length > 0 ? { matched: true, matches } : { matched: false };
311
- }
312
- /**
313
- * Scan all files in a skill directory for prompt injection.
314
- * Used for context-mill scanning after skill installation.
315
- */
316
- function scanSkillDirectory(files) {
317
- const allMatches = [];
318
- for (const file of files) {
319
- const result = scan(file.content, 'PostToolUse', 'Read');
320
- if (result.matched) {
321
- allMatches.push(...result.matches);
322
- }
323
- }
324
- return allMatches.length > 0
325
- ? { matched: true, matches: allMatches }
326
- : { matched: false };
327
- }
328
- //# sourceMappingURL=yara-scanner.js.map
package/dist/src/lib/yara-scanner.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"yara-scanner.js","sourceRoot":"","sources":["../../../src/lib/yara-scanner.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;GAeG;;;AA+VH,oBA8BC;AAMD,gDAaC;AArWD,oEAAoE;AACpE,EAAE;AACF,kEAAkE;AAClE,sCAAsC;AAEtC,MAAM,eAAe,GAAkD;IACrE,EAAE,KAAK,EAAE,aAAa,EAAE,IAAI,EAAE,OAAO,EAAE;IACvC,EAAE,KAAK,EAAE,aAAa,EAAE,IAAI,EAAE,MAAM,EAAE;CACvC,CAAC;AAEF,MAAM,cAAc,GAAkD;IACpE,EAAE,KAAK,EAAE,aAAa,EAAE,IAAI,EAAE,MAAM,EAAE;IACtC,EAAE,KAAK,EAAE,aAAa,EAAE,IAAI,EAAE,MAAM,EAAE;CACvC,CAAC;AAEF,MAAM,QAAQ,GAAkD;IAC9D,EAAE,KAAK,EAAE,YAAY,EAAE,IAAI,EAAE,MAAM,EAAE;CACtC,CAAC;AAEF,oEAAoE;AAEpE,MAAM,mBAAmB,GAAa;IACpC,IAAI,EAAE,qBAAqB;IAC3B,WAAW,EACT,qGAAqG;IACvG,QAAQ,EAAE,MAAM;IAChB,QAAQ,EAAE,aAAa;IACvB,SAAS,EAAE,eAAe;IAC1B,QAAQ,EAAE;QACR,+CAA+C;QAC/C,iCAAiC;QACjC,iCAAiC;QACjC,0CAA0C;QAC1C,2CAA2C;QAC3C,0CAA0C;QAC1C,sEAAsE;QACtE,sDAAsD;QACtD,kEAAkE;QAClE,+BAA+B;QAC/B,yEAAyE;QACzE,2DAA2D;QAC3D,uDAAuD;QACvD,oEAAoE;QACpE,mEAAmE;QACnE,uEAAuE;QACvE,4DAA4D;QAC5D,wBAAwB;QACxB,wBAAwB;KACzB;CACF,CAAC;AAEF,MAAM,qBAAqB,GAAa;IACtC,IAAI,EAAE,uBAAuB;IAC7B,WAAW,EACT,iGAAiG;IACnG,QAAQ,EAAE,MAAM;IAChB,QAAQ,EAAE,uBAAuB;IACjC,SAAS,EAAE,eAAe;IAC1B,QAAQ,EAAE;QACR,gEAAgE;QAChE,sBAAsB;QACtB,yCAAyC;QACzC,sBAAsB;QACtB,oCAAoC;QACpC,2CAA2C;QAC3C,4CAA4C;QAC5C,0DAA0D;KAC3D;CACF,CAAC;AAEF,MAAM,oBAAoB,GAAa;IACrC,IAAI,EAAE,sBAAsB;IAC5B,WAAW,EACT,wFAAwF;IAC1F,QAAQ,EAAE,QAAQ;IAClB,QAAQ,EAAE,qBAAqB;IAC/B,SAAS,EAAE,eAAe;IAC1B,QAAQ,EAAE;QACR,yBAAyB;QACzB,2BAA2B;QAC3B,2BAA2B;QAC3B,yBAAyB;QACzB,4CAA4C;KAC7C;CACF,CAAC;AAEF,oEAAoE;AAEpE,MAAM,sBAAsB,GAAa;IACvC,IAAI,EAAE,wBAAwB;IAC9B,WAAW,EACT,kFAAkF;IACpF,QAAQ,EAAE,MAAM;IAChB,QAAQ,EAAE,uBAAuB;IACjC,SAAS,EAAE,eAAe;IAC1B,QAAQ,EAAE,CAAC,4CAA4C,CAAC;CACzD,CAAC;AAEF,MAAM,0BAA0B,GAAa;IAC3C,IAAI,EAAE,4BAA4B;IAClC,WAAW,EAAE,2CAA2C;IACxD,QAAQ,EAAE,QAAQ;IAClB,QAAQ,EAAE,gBAAgB;IAC1B,SAAS,EAAE,eAAe;IAC1B,QAAQ,EAAE;QACR,uCAAuC;QACvC,sCAAsC;KACvC;CACF,CAAC;AAEF,MAAM,iBAAiB,GAAa;IAClC,IAAI,EAAE,mBAAmB;IACzB,WAAW,EAAE,wDAAwD;IACrE,QAAQ,EAAE,QAAQ;IAClB,QAAQ,EAAE,gBAAgB;IAC1B,SAAS,EAAE,eAAe;IAC1B,QAAQ,EAAE;QACR,wFAAwF;QACxF,iEAAiE;QACjE,2CAA2C;QAC3C,mCAAmC;KACpC;CACF,CAAC;AAEF,oEAAoE;AAEpE,MAAM,gCAAgC,GAAa;IACjD,IAAI,EAAE,kCAAkC;IACxC,WAAW,EACT,4EAA4E;IAC9E,QAAQ,EAAE,UAAU;IACpB,QAAQ,EAAE,kBAAkB;IAC5B,SAAS,EAAE,cAAc;IACzB,QAAQ,EAAE;QACR,2DAA2D;QAC3D,+BAA+B;QAC/B,gBAAgB;QAChB,2BAA2B;QAC3B,sBAAsB;QACtB,oBAAoB;QACpB,qBAAqB;QACrB,oBAAoB;KACrB;CACF,CAAC;AAEF,MAAM,gCAAgC,GAAa;IACjD,IAAI,EAAE,kCAAkC;IACxC,WAAW,EACT,8EAA8E;IAChF,QAAQ,EAAE,QAAQ;IAClB,QAAQ,EAAE,kBAAkB;IAC5B,SAAS,EAAE,cAAc;IACzB,QAAQ,EAAE;QACR,+BAA+B;QAC/B,eAAe;QACf,yBAAyB;QACzB,iBAAiB;QACjB,oBAAoB;QACpB,qBAAqB;QACrB,8BAA8B;QAC9B,4BAA4B;QAC5B,6BAA6B;QAC7B,oEAAoE;QACpE,uDAAuD;QACvD,kBAAkB;KACnB;CACF,CAAC;AAEF,MAAM,uBAAuB,GAAa;IACxC,IAAI,EAAE,yBAAyB;IAC/B,WAAW,EACT,uGAAuG;IACzG,QAAQ,EAAE,UAAU;IACpB,QAAQ,EAAE,kBAAkB;IAC5B,SAAS,EAAE,cAAc;IACzB,QAAQ,EAAE;QACR,kEAAkE;QAClE,6DAA6D;QAC7D,6CAA6C;KAC9C;CACF,CAAC;AAEF,oEAAoE;AAEpE,MAAM,+BAA+B,GAAa;IAChD,IAAI,EAAE,iCAAiC;IACvC,WAAW,EACT,wEAAwE;IAC1E,QAAQ,EAAE,UAAU;IACpB,QAAQ,EAAE,cAAc;IACxB,SAAS,EAAE,QAAQ;IACnB,QAAQ,EAAE;QACR,8CAA8C;QAC9C,8DAA8D;QAC9D,8DAA8D;QAC9D,4CAA4C;QAC5C,4EAA4E;QAC5E,4EAA4E;QAC5E,WAAW;QACX,eAAe;QACf,mCAAmC;QACnC,gCAAgC;QAChC,2BAA2B;QAC3B,iCAAiC;QACjC,wCAAwC;QACxC,uBAAuB;QACvB,uBAAuB;KACxB;CACF,CAAC;AAEF,oEAAoE;AAEpE,MAAM,cAAc,GAAa;IAC/B,IAAI,EAAE,gBAAgB;IACtB,WAAW,EAAE,+DAA+D;IAC5E,QAAQ,EAAE,UAAU;IACpB,QAAQ,EAAE,mBAAmB;IAC7B,SAAS,EAAE,QAAQ;IACnB,QAAQ,EAAE;QACR,gDAAgD;QAChD,wDAAwD;QACxD,kEAAkE;QAClE,6EAA6E;QAC7E,6EAA6E;KAC9E;CACF,CAAC;AAEF,MAAM,cAAc,GAAa;IAC/B,IAAI,EAAE,gBAAgB;IACtB,WAAW,EAAE,6DAA6D;IAC1E,QAAQ,EAAE,UAAU;IACpB,QAAQ,EAAE,mBAAmB;IAC7B,SAAS,EAAE,QAAQ;IACnB,QAAQ,EAAE,CAAC,wBAAwB,EAAE,qBAAqB,CAAC;CAC5D,CAAC;AAEF,MAAM,cAAc,GAAa;IAC/B,IAAI,EAAE,gBAAgB;IACtB,WAAW,EACT,iEAAiE;IACnE,QAAQ,EAAE,UAAU;IACpB,QAAQ,EAAE,mBAAmB;IAC7B,SAAS,EAAE,QAAQ;IACnB,QAAQ,EAAE,CAAC,sBAAsB,CAAC;CACnC,CAAC;AAEF,oEAAoE;AAEpE,MAAM,qBAAqB,GAAa;IACtC,IAAI,EAAE,uBAAuB;IAC7B,WAAW,EACT,yFAAyF;IAC3F,QAAQ,EAAE,MAAM;IAChB,QAAQ,EAAE,cAAc;IACxB,SAAS,EAAE,QAAQ;IACnB,QAAQ,EAAE;QACR,yEAAyE;QACzE,sEAAsE;QACtE,+EAA+E;QAC/E,iDAAiD;QACjD,+DAA+D;KAChE;CACF,CAAC;AAEF,MAAM,kBAAkB,GAAa;IACnC,IAAI,EAAE,oBAAoB;IAC1B,WAAW,EACT,sEAAsE;IACxE,QAAQ,EAAE,MAAM;IAChB,QAAQ,EAAE,cAAc;IACxB,SAAS,EAAE,QAAQ;IACnB,QAAQ,EAAE,CAAC,sBAAsB,EAAE,4BAA4B,CAAC;CACjE,CAAC;AAEF,oEAAoE;AAEvD,QAAA,KAAK,GAAe;IAC/B,4BAA4B;IAC5B,mBAAmB;IACnB,qBAAqB;IACrB,oBAAoB;IACpB,sBAAsB;IACtB,0BAA0B;IAC1B,iBAAiB;IACjB,sBAAsB;IACtB,gCAAgC;IAChC,gCAAgC;IAChC,uBAAuB;IACvB,yBAAyB;IACzB,+BAA+B;IAC/B,uBAAuB;IACvB,cAAc;IACd,cAAc;IACd,cAAc;IACd,kBAAkB;IAClB,qBAAqB;IACrB,kBAAkB;CACnB,CAAC;AAEF,oEAAoE;AAEpE,iFAAiF;AACjF,MAAM,eAAe,GAAG,OAAO,CAAC;AAEhC;;;GAGG;AACH,SAAgB,IAAI,CAClB,OAAe,EACf,KAAgB,EAChB,IAAgB;IAEhB,6DAA6D;IAC7D,MAAM,WAAW,GACf,OAAO,CAAC,MAAM,GAAG,eAAe;QAC9B,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,eAAe,CAAC;QACnC,CAAC,CAAC,OAAO,CAAC;IACd,MAAM,eAAe,GAAG,aAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CACzC,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,KAAK,KAAK,IAAI,CAAC,CAAC,IAAI,KAAK,IAAI,CAAC,CAC9D,CAAC;IAEF,MAAM,OAAO,GAAgB,EAAE,CAAC;IAChC,KAAK,MAAM,IAAI,IAAI,eAAe,EAAE,CAAC;QACnC,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YACpC,MAAM,KAAK,GAAG,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;YACxC,IAAI,KAAK,EAAE,CAAC;gBACV,OAAO,CAAC,IAAI,CAAC;oBACX,IAAI;oBACJ,WAAW,EAAE,KAAK,CAAC,CAAC,CAAC;oBACrB,MAAM,EAAE,KAAK,CAAC,KAAK;iBACpB,CAAC,CAAC;gBACH,MAAM,CAAC,mCAAmC;YAC5C,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;AAC9E,CAAC;AAED;;;GAGG;AACH,SAAgB,kBAAkB,CAChC,KAA+C;IAE/C,MAAM,UAAU,GAAgB,EAAE,CAAC;IACnC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,aAAa,EAAE,MAAM,CAAC,CAAC;QACzD,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;YACnB,UAAU,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,OAAO,CAAC,CAAC;QACrC,CAAC;IACH,CAAC;IACD,OAAO,UAAU,CAAC,MAAM,GAAG,CAAC;QAC1B,CAAC,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,UAAU,EAAE;QACxC,CAAC,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;AACzB,CAAC","sourcesContent":["/**\n * YARA content scanner for the PostHog wizard.\n *\n * This file is the single source of truth for all wizard YARA rules.\n *\n * Scans tool inputs (pre-execution) and outputs (post-execution) for\n * security violations including PII leakage, hardcoded secrets,\n * prompt injection, and secret exfiltration.\n *\n * We use YARA-style regex rules rather than the real YARA C library to\n * avoid native binary dependencies in an npx-distributed npm package.\n *\n * This is Layer 2 (L2) in the wizard's defense-in-depth model,\n * complementing the prompt-based commandments (L0) and the\n * canUseTool() allowlist (L1).\n */\n\n// ─── Types ───────────────────────────────────────────────────────\n\nexport type YaraSeverity = 'critical' | 'high' | 'medium' | 'low';\n\nexport type YaraCategory =\n | 'posthog_pii'\n | 'posthog_hardcoded_key'\n | 'posthog_autocapture'\n | 'posthog_config'\n | 'prompt_injection'\n | 'exfiltration'\n | 'filesystem_safety'\n | 'supply_chain';\n\nexport type HookPhase = 'PreToolUse' | 'PostToolUse';\nexport type ToolTarget = 'Bash' | 'Write' | 'Edit' | 'Read' | 'Grep';\n\nexport interface YaraRule {\n /** Rule name matching the .yar file (e.g. 'pii_in_capture_call') */\n name: string;\n description: string;\n severity: YaraSeverity;\n category: YaraCategory;\n /** Which hook+tool combinations this rule applies to */\n appliesTo: Array<{ phase: HookPhase; tool: ToolTarget }>;\n /** Compiled regex patterns — any match triggers the rule */\n patterns: RegExp[];\n}\n\nexport interface YaraMatch {\n rule: YaraRule;\n /** The matched substring */\n matchedText: string;\n /** Byte offset in the scanned content */\n offset: number;\n}\n\nexport type ScanResult =\n | { matched: false }\n | { matched: true; matches: YaraMatch[] };\n\n// ─── Rule Definitions ────────────────────────────────────────────\n//\n// Patterns are compiled once at module load time for performance.\n// Design spec: policies/yara/RULES.md\n\nconst POST_WRITE_EDIT: Array<{ phase: HookPhase; tool: ToolTarget }> = [\n { phase: 'PostToolUse', tool: 'Write' },\n { phase: 'PostToolUse', tool: 'Edit' },\n];\n\nconst POST_READ_GREP: Array<{ phase: HookPhase; tool: ToolTarget }> = [\n { phase: 'PostToolUse', tool: 'Read' },\n { phase: 'PostToolUse', tool: 'Grep' },\n];\n\nconst PRE_BASH: Array<{ phase: HookPhase; tool: ToolTarget }> = [\n { phase: 'PreToolUse', tool: 'Bash' },\n];\n\n// ── §1 PostHog API Violations ────────────────────────────────────\n\nconst pii_in_capture_call: YaraRule = {\n name: 'pii_in_capture_call',\n description:\n \"Detects PII fields passed to posthog.capture() — violates 'NEVER send PII in capture()' commandment\",\n severity: 'high',\n category: 'posthog_pii',\n appliesTo: POST_WRITE_EDIT,\n patterns: [\n // Direct PII field names in capture properties\n /\\.capture\\s*\\([^)]{0,200}email/i,\n /\\.capture\\s*\\([^)]{0,200}phone/i,\n /\\.capture\\s*\\([^)]{0,200}full[_\\s]?name/i,\n /\\.capture\\s*\\([^)]{0,200}first[_\\s]?name/i,\n /\\.capture\\s*\\([^)]{0,200}last[_\\s]?name/i,\n /\\.capture\\s*\\([^)]{0,200}(street|mailing|home|billing)[_\\s]?address/i,\n /\\.capture\\s*\\([^)]{0,200}(ssn|social[_\\s]?security)/i,\n /\\.capture\\s*\\([^)]{0,200}(date[_\\s]?of[_\\s]?birth|dob|birthday)/i,\n /\\.capture\\s*\\([^)]{0,200}\\$ip/,\n // identify() allows email/phone/name (standard PostHog user properties),\n // but highly sensitive PII is still blocked in identify().\n /\\.identify\\s*\\([^)]{0,200}(ssn|social[_\\s]?security)/i,\n /\\.identify\\s*\\([^)]{0,200}(card[_\\s]?number|cvv|credit[_\\s]?card)/i,\n /\\.identify\\s*\\([^)]{0,200}(date[_\\s]?of[_\\s]?birth|dob|birthday)/i,\n /\\.identify\\s*\\([^)]{0,200}(street|mailing|home|billing)[_\\s]?address/i,\n // PII in $set properties via capture (bound to same object)\n /\\$set[^}]{0,200}email/i,\n /\\$set[^}]{0,200}phone/i,\n ],\n};\n\nconst hardcoded_posthog_key: YaraRule = {\n name: 'hardcoded_posthog_key',\n description:\n \"Detects hardcoded PostHog API keys in source — violates 'use environment variables' commandment\",\n severity: 'high',\n category: 'posthog_hardcoded_key',\n appliesTo: POST_WRITE_EDIT,\n patterns: [\n // PostHog project API key (phc_ prefix, 20+ alphanumeric chars)\n /phc_[a-zA-Z0-9]{20,}/,\n // PostHog personal API key (phx_ prefix)\n /phx_[a-zA-Z0-9]{20,}/,\n // Hardcoded key assignment patterns\n /apiKey\\s*[:=]\\s*['\"][a-zA-Z0-9_]{20,}['\"]/,\n /api_key\\s*[:=]\\s*['\"][a-zA-Z0-9_]{20,}['\"]/,\n /POSTHOG_PROJECT_TOKEN\\s*[:=]\\s*['\"][a-zA-Z0-9_]{20,}['\"]/,\n ],\n};\n\nconst autocapture_disabled: YaraRule = {\n name: 'autocapture_disabled',\n description:\n \"Detects agent disabling autocapture — violates 'don't disable autocapture' commandment\",\n severity: 'medium',\n category: 'posthog_autocapture',\n appliesTo: POST_WRITE_EDIT,\n patterns: [\n /autocapture\\s*:\\s*false/,\n /autocapture\\s*:\\s*'false'/,\n /autocapture\\s*:\\s*\"false\"/,\n /autocapture\\s*=\\s*False/,\n /disable_autocapture\\s*[:=]\\s*(true|True|1)/,\n ],\n};\n\n// ── §1b Additional PostHog config rules ──────────────────────────\n\nconst hardcoded_posthog_host: YaraRule = {\n name: 'hardcoded_posthog_host',\n description:\n 'Detects hardcoded PostHog host URLs in source — should use environment variables',\n severity: 'high',\n category: 'posthog_hardcoded_key',\n appliesTo: POST_WRITE_EDIT,\n patterns: [/['\"]https:\\/\\/(us|eu)\\.i\\.posthog\\.com['\"]/],\n};\n\nconst session_recording_disabled: YaraRule = {\n name: 'session_recording_disabled',\n description: 'Detects agent disabling session recording',\n severity: 'medium',\n category: 'posthog_config',\n appliesTo: POST_WRITE_EDIT,\n patterns: [\n /disable_session_recording\\s*:\\s*true/i,\n /disable_session_recording\\s*=\\s*True/,\n ],\n};\n\nconst opt_out_capturing: YaraRule = {\n name: 'opt_out_capturing',\n description: 'Detects agent opting out of PostHog capturing entirely',\n severity: 'medium',\n category: 'posthog_config',\n appliesTo: POST_WRITE_EDIT,\n patterns: [\n // Match opt_out_capturing as a config property (in init options), not as a method call.\n // posthog.opt_out_capturing() is a legitimate GDPR-required API.\n /opt_out_capturing\\s*[:=]\\s*(true|True|1)/i,\n /opted_out\\s*[:=]\\s*(true|True|1)/i,\n ],\n};\n\n// ── §2 Prompt Injection ──────────────────────────────────────────\n\nconst prompt_injection_wizard_override: YaraRule = {\n name: 'prompt_injection_wizard_override',\n description:\n 'Detects classic prompt injection attempting to override agent instructions',\n severity: 'critical',\n category: 'prompt_injection',\n appliesTo: POST_READ_GREP,\n patterns: [\n // Direct instruction override — classic injection patterns\n /ignore previous instructions/i,\n /disregard all/i,\n /forget your instructions/i,\n /override your rules/i,\n // Role manipulation\n /act as a different/i,\n /new instructions:/i,\n ],\n};\n\nconst prompt_injection_wizard_specific: YaraRule = {\n name: 'prompt_injection_wizard_specific',\n description:\n 'Detects wizard-specific manipulation or tool abuse attempts in project files',\n severity: 'medium',\n category: 'prompt_injection',\n appliesTo: POST_READ_GREP,\n patterns: [\n // Wizard-specific manipulation\n /skip posthog/i,\n /do not install posthog/i,\n /remove posthog/i,\n /uninstall posthog/i,\n /delete the posthog/i,\n // Tool abuse via file content\n /run the following command/i,\n /execute this shell command/i,\n // Role hijacking — require \"you are now a\" to avoid false positives\n // on legitimate phrases like \"you are now ready to...\"\n /you are now a\\s/i,\n ],\n};\n\nconst prompt_injection_base64: YaraRule = {\n name: 'prompt_injection_base64',\n description:\n 'Detects suspicious base64-encoded blocks in file content that may contain obfuscated prompt injection',\n severity: 'critical',\n category: 'prompt_injection',\n appliesTo: POST_READ_GREP,\n patterns: [\n // Long base64 strings (100+ chars) in comments or string literals\n // that aren't typical data URIs or legitimate base64 content\n /(?:\\/\\/|#|\\/\\*)\\s*[A-Za-z0-9+/]{100,}={0,2}/,\n ],\n};\n\n// ── §3 Secret Exfiltration ───────────────────────────────────────\n\nconst secret_exfiltration_via_command: YaraRule = {\n name: 'secret_exfiltration_via_command',\n description:\n 'Detects shell commands attempting to exfiltrate secrets or credentials',\n severity: 'critical',\n category: 'exfiltration',\n appliesTo: PRE_BASH,\n patterns: [\n // curl/wget with environment variable secrets\n /curl\\s+.*\\$\\{?[A-Z_]*(KEY|TOKEN|SECRET|PASSWORD|CREDENTIAL)/i,\n /wget\\s+.*\\$\\{?[A-Z_]*(KEY|TOKEN|SECRET|PASSWORD|CREDENTIAL)/i,\n // Piping sensitive content to network tools\n /(\\$\\{?[A-Z_]*(KEY|TOKEN|SECRET|PASSWORD)|\\.env|credentials)\\S*.*\\|\\s*curl/i,\n /(\\$\\{?[A-Z_]*(KEY|TOKEN|SECRET|PASSWORD)|\\.env|credentials)\\S*.*\\|\\s*wget/i,\n /\\|\\s*nc\\s/,\n /\\|\\s*netcat\\s/,\n // Base64 encoding piped to network\n /base64.*\\|\\s*(curl|wget|nc\\s)/i,\n // Reading .env and sending\n /cat\\s+.*\\.env.*\\|\\s*(curl|wget)/,\n // PostHog key exfiltration specifically\n /curl.*phc_[a-zA-Z0-9]/,\n /wget.*phc_[a-zA-Z0-9]/,\n ],\n};\n\n// ── §4 Filesystem Safety ─────────────────────────────────────────\n\nconst destructive_rm: YaraRule = {\n name: 'destructive_rm',\n description: 'Detects rm -rf or rm -r commands that could mass-delete files',\n severity: 'critical',\n category: 'filesystem_safety',\n appliesTo: PRE_BASH,\n patterns: [\n // Combined flags: rm -rf, rm -fr, rm -rfi, etc.\n /\\brm\\s+(-[a-zA-Z]*r[a-zA-Z]*f|-[a-zA-Z]*f[a-zA-Z]*r)\\b/,\n // Separated flags: rm -r -f, rm -f -r (with optional other flags)\n /\\brm\\s+(-[a-zA-Z]*\\s+)*-[a-zA-Z]*r[a-zA-Z]*\\s+(-[a-zA-Z]*\\s+)*-[a-zA-Z]*f\\b/,\n /\\brm\\s+(-[a-zA-Z]*\\s+)*-[a-zA-Z]*f[a-zA-Z]*\\s+(-[a-zA-Z]*\\s+)*-[a-zA-Z]*r\\b/,\n ],\n};\n\nconst git_force_push: YaraRule = {\n name: 'git_force_push',\n description: 'Detects git push --force which can overwrite remote history',\n severity: 'critical',\n category: 'filesystem_safety',\n appliesTo: PRE_BASH,\n patterns: [/git\\s+push\\s+.*--force/, /git\\s+push\\s+.*-f\\b/],\n};\n\nconst git_reset_hard: YaraRule = {\n name: 'git_reset_hard',\n description:\n 'Detects git reset --hard which discards all uncommitted changes',\n severity: 'critical',\n category: 'filesystem_safety',\n appliesTo: PRE_BASH,\n patterns: [/git\\s+reset\\s+--hard/],\n};\n\n// ── §5 Supply Chain ──────────────────────────────────────────────\n\nconst wrong_posthog_package: YaraRule = {\n name: 'wrong_posthog_package',\n description:\n 'Detects installing the wrong PostHog npm package — should be posthog-js or posthog-node',\n severity: 'high',\n category: 'supply_chain',\n appliesTo: PRE_BASH,\n patterns: [\n // Match \"npm install posthog\" but not \"posthog-js\", \"posthog-node\", etc.\n /npm\\s+install\\s+(?:--save\\s+|--save-dev\\s+|-[SD]\\s+)*posthog(?!\\s*-)/,\n /pnpm\\s+(?:add|install)\\s+(?:--save\\s+|--save-dev\\s+|-[SD]\\s+)*posthog(?!\\s*-)/,\n /yarn\\s+add\\s+(?:--dev\\s+|-D\\s+)*posthog(?!\\s*-)/,\n /bun\\s+(?:add|install)\\s+(?:--dev\\s+|-[dD]\\s+)*posthog(?!\\s*-)/,\n ],\n};\n\nconst npm_install_global: YaraRule = {\n name: 'npm_install_global',\n description:\n 'Detects global npm installs — should never install packages globally',\n severity: 'high',\n category: 'supply_chain',\n appliesTo: PRE_BASH,\n patterns: [/npm\\s+install\\s+-g\\b/, /npm\\s+install\\s+--global\\b/],\n};\n\n// ─── Rule Registry ───────────────────────────────────────────────\n\nexport const RULES: YaraRule[] = [\n // §1 PostHog API violations\n pii_in_capture_call,\n hardcoded_posthog_key,\n autocapture_disabled,\n hardcoded_posthog_host,\n session_recording_disabled,\n opt_out_capturing,\n // §2 Prompt injection\n prompt_injection_wizard_override,\n prompt_injection_wizard_specific,\n prompt_injection_base64,\n // §3 Secret exfiltration\n secret_exfiltration_via_command,\n // §4 Filesystem safety\n destructive_rm,\n git_force_push,\n git_reset_hard,\n // §5 Supply chain\n wrong_posthog_package,\n npm_install_global,\n];\n\n// ─── Scan Engine ─────────────────────────────────────────────────\n\n/** Maximum content length to scan (100 KB). Inputs beyond this are truncated. */\nconst MAX_SCAN_LENGTH = 100_000;\n\n/**\n * Scan content against rules applicable to a given hook phase and tool.\n * Returns all matching rules (one match per rule, first pattern wins).\n */\nexport function scan(\n content: string,\n phase: HookPhase,\n tool: ToolTarget,\n): ScanResult {\n // Cap input length to prevent pathological regex performance\n const scanContent =\n content.length > MAX_SCAN_LENGTH\n ? content.slice(0, MAX_SCAN_LENGTH)\n : content;\n const applicableRules = RULES.filter((r) =>\n r.appliesTo.some((a) => a.phase === phase && a.tool === tool),\n );\n\n const matches: YaraMatch[] = [];\n for (const rule of applicableRules) {\n for (const pattern of rule.patterns) {\n const match = pattern.exec(scanContent);\n if (match) {\n matches.push({\n rule,\n matchedText: match[0],\n offset: match.index,\n });\n break; // One match per rule is sufficient\n }\n }\n }\n\n return matches.length > 0 ? { matched: true, matches } : { matched: false };\n}\n\n/**\n * Scan all files in a skill directory for prompt injection.\n * Used for context-mill scanning after skill installation.\n */\nexport function scanSkillDirectory(\n files: Array<{ path: string; content: string }>,\n): ScanResult {\n const allMatches: YaraMatch[] = [];\n for (const file of files) {\n const result = scan(file.content, 'PostToolUse', 'Read');\n if (result.matched) {\n allMatches.push(...result.matches);\n }\n }\n return allMatches.length > 0\n ? { matched: true, matches: allMatches }\n : { matched: false };\n}\n"]}
package/dist/src/steps/add-mcp-server-to-clients/MCPClient.d.ts DELETED
@@ -1,30 +0,0 @@
1
- export type MCPServerConfig = Record<string, unknown>;
2
- export declare abstract class MCPClient {
3
- name: string;
4
- abstract getConfigPath(): Promise<string>;
5
- abstract getServerPropertyName(): string;
6
- abstract isServerInstalled(local?: boolean): Promise<boolean>;
7
- abstract addServer(apiKey?: string, selectedFeatures?: string[], local?: boolean): Promise<{
8
- success: boolean;
9
- }>;
10
- abstract removeServer(local?: boolean): Promise<{
11
- success: boolean;
12
- }>;
13
- abstract isClientSupported(): Promise<boolean>;
14
- }
15
- export declare abstract class DefaultMCPClient extends MCPClient {
16
- name: string;
17
- constructor();
18
- getServerPropertyName(): string;
19
- getServerConfig(apiKey: string | undefined, type: 'sse' | 'streamable-http', selectedFeatures?: string[], local?: boolean): MCPServerConfig;
20
- isServerInstalled(local?: boolean): Promise<boolean>;
21
- addServer(apiKey?: string, selectedFeatures?: string[], local?: boolean): Promise<{
22
- success: boolean;
23
- }>;
24
- _addServerType(apiKey: string | undefined, type: 'sse' | 'streamable-http', selectedFeatures?: string[], local?: boolean): Promise<{
25
- success: boolean;
26
- }>;
27
- removeServer(local?: boolean): Promise<{
28
- success: boolean;
29
- }>;
30
- }
package/dist/src/steps/add-mcp-server-to-clients/MCPClient.js DELETED
@@ -1,138 +0,0 @@
1
- "use strict";
2
- var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
3
- if (k2 === undefined) k2 = k;
4
- var desc = Object.getOwnPropertyDescriptor(m, k);
5
- if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
6
- desc = { enumerable: true, get: function() { return m[k]; } };
7
- }
8
- Object.defineProperty(o, k2, desc);
9
- }) : (function(o, m, k, k2) {
10
- if (k2 === undefined) k2 = k;
11
- o[k2] = m[k];
12
- }));
13
- var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
14
- Object.defineProperty(o, "default", { enumerable: true, value: v });
15
- }) : function(o, v) {
16
- o["default"] = v;
17
- });
18
- var __importStar = (this && this.__importStar) || (function () {
19
- var ownKeys = function(o) {
20
- ownKeys = Object.getOwnPropertyNames || function (o) {
21
- var ar = [];
22
- for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
23
- return ar;
24
- };
25
- return ownKeys(o);
26
- };
27
- return function (mod) {
28
- if (mod && mod.__esModule) return mod;
29
- var result = {};
30
- if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
31
- __setModuleDefault(result, mod);
32
- return result;
33
- };
34
- })();
35
- Object.defineProperty(exports, "__esModule", { value: true });
36
- exports.DefaultMCPClient = exports.MCPClient = void 0;
37
- const fs = __importStar(require("fs"));
38
- const path = __importStar(require("path"));
39
- const jsonc = __importStar(require("jsonc-parser"));
40
- const defaults_1 = require("./defaults");
41
- class MCPClient {
42
- name;
43
- }
44
- exports.MCPClient = MCPClient;
45
- class DefaultMCPClient extends MCPClient {
46
- name = 'Default';
47
- constructor() {
48
- super();
49
- }
50
- getServerPropertyName() {
51
- return 'mcpServers';
52
- }
53
- getServerConfig(apiKey, type, selectedFeatures, local) {
54
- return (0, defaults_1.getDefaultServerConfig)(apiKey, type, selectedFeatures, local);
55
- }
56
- async isServerInstalled(local) {
57
- try {
58
- const configPath = await this.getConfigPath();
59
- if (!fs.existsSync(configPath)) {
60
- return false;
61
- }
62
- const configContent = await fs.promises.readFile(configPath, 'utf8');
63
- const config = jsonc.parse(configContent);
64
- const serverPropertyName = this.getServerPropertyName();
65
- const serverName = local ? 'posthog-local' : 'posthog';
66
- return (serverPropertyName in config && serverName in config[serverPropertyName]);
67
- }
68
- catch {
69
- return false;
70
- }
71
- }
72
- async addServer(apiKey, selectedFeatures, local) {
73
- return this._addServerType(apiKey, 'sse', selectedFeatures, local);
74
- }
75
- async _addServerType(apiKey, type, selectedFeatures, local) {
76
- try {
77
- const configPath = await this.getConfigPath();
78
- const configDir = path.dirname(configPath);
79
- await fs.promises.mkdir(configDir, { recursive: true });
80
- const serverPropertyName = this.getServerPropertyName();
81
- let configContent = '';
82
- let existingConfig = {};
83
- if (fs.existsSync(configPath)) {
84
- configContent = await fs.promises.readFile(configPath, 'utf8');
85
- existingConfig = jsonc.parse(configContent) || {};
86
- }
87
- const newServerConfig = this.getServerConfig(apiKey, type, selectedFeatures, local);
88
- const typedConfig = existingConfig;
89
- if (!typedConfig[serverPropertyName]) {
90
- typedConfig[serverPropertyName] = {};
91
- }
92
- const serverName = local ? 'posthog-local' : 'posthog';
93
- typedConfig[serverPropertyName][serverName] = newServerConfig;
94
- const edits = jsonc.modify(configContent, [serverPropertyName, serverName], newServerConfig, {
95
- formattingOptions: {
96
- tabSize: 2,
97
- insertSpaces: true,
98
- },
99
- });
100
- const modifiedContent = jsonc.applyEdits(configContent, edits);
101
- await fs.promises.writeFile(configPath, modifiedContent, 'utf8');
102
- return { success: true };
103
- }
104
- catch {
105
- return { success: false };
106
- }
107
- }
108
- async removeServer(local) {
109
- try {
110
- const configPath = await this.getConfigPath();
111
- if (!fs.existsSync(configPath)) {
112
- return { success: false };
113
- }
114
- const configContent = await fs.promises.readFile(configPath, 'utf8');
115
- const config = jsonc.parse(configContent);
116
- const serverPropertyName = this.getServerPropertyName();
117
- const serverName = local ? 'posthog-local' : 'posthog';
118
- if (serverPropertyName in config &&
119
- serverName in config[serverPropertyName]) {
120
- const edits = jsonc.modify(configContent, [serverPropertyName, serverName], undefined, {
121
- formattingOptions: {
122
- tabSize: 2,
123
- insertSpaces: true,
124
- },
125
- });
126
- const modifiedContent = jsonc.applyEdits(configContent, edits);
127
- await fs.promises.writeFile(configPath, modifiedContent, 'utf8');
128
- return { success: true };
129
- }
130
- }
131
- catch {
132
- //
133
- }
134
- return { success: false };
135
- }
136
- }
137
- exports.DefaultMCPClient = DefaultMCPClient;
138
- //# sourceMappingURL=MCPClient.js.map
package/dist/src/steps/add-mcp-server-to-clients/MCPClient.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"MCPClient.js","sourceRoot":"","sources":["../../../../src/steps/add-mcp-server-to-clients/MCPClient.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAyB;AACzB,2CAA6B;AAC7B,oDAAsC;AACtC,yCAAoD;AAIpD,MAAsB,SAAS;IAC7B,IAAI,CAAS;CAWd;AAZD,8BAYC;AAED,MAAsB,gBAAiB,SAAQ,SAAS;IACtD,IAAI,GAAG,SAAS,CAAC;IAEjB;QACE,KAAK,EAAE,CAAC;IACV,CAAC;IAED,qBAAqB;QACnB,OAAO,YAAY,CAAC;IACtB,CAAC;IAED,eAAe,CACb,MAA0B,EAC1B,IAA+B,EAC/B,gBAA2B,EAC3B,KAAe;QAEf,OAAO,IAAA,iCAAsB,EAAC,MAAM,EAAE,IAAI,EAAE,gBAAgB,EAAE,KAAK,CAAC,CAAC;IACvE,CAAC;IAED,KAAK,CAAC,iBAAiB,CAAC,KAAe;QACrC,IAAI,CAAC;YACH,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,aAAa,EAAE,CAAC;YAE9C,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;gBAC/B,OAAO,KAAK,CAAC;YACf,CAAC;YAED,MAAM,aAAa,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;YACrE,MAAM,MAAM,GAAG,KAAK,CAAC,KAAK,CAAC,aAAa,CAAwB,CAAC;YACjE,MAAM,kBAAkB,GAAG,IAAI,CAAC,qBAAqB,EAAE,CAAC;YACxD,MAAM,UAAU,GAAG,KAAK,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAEvD,OAAO,CACL,kBAAkB,IAAI,MAAM,IAAI,UAAU,IAAI,MAAM,CAAC,kBAAkB,CAAC,CACzE,CAAC;QACJ,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAED,KAAK,CAAC,SAAS,CACb,MAAe,EACf,gBAA2B,EAC3B,KAAe;QAEf,OAAO,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE,KAAK,EAAE,gBAAgB,EAAE,KAAK,CAAC,CAAC;IACrE,CAAC;IAED,KAAK,CAAC,cAAc,CAClB,MAA0B,EAC1B,IAA+B,EAC/B,gBAA2B,EAC3B,KAAe;QAEf,IAAI,CAAC;YACH,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,aAAa,EAAE,CAAC;YAC9C,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;YAE3C,MAAM,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YAExD,MAAM,kBAAkB,GAAG,IAAI,CAAC,qBAAqB,EAAE,CAAC;YACxD,IAAI,aAAa,GAAG,EAAE,CAAC;YACvB,IAAI,cAAc,GAAG,EAAE,CAAC;YAExB,IAAI,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;gBAC9B,aAAa,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;gBAC/D,cAAc,GAAG,KAAK,CAAC,KAAK,CAAC,aAAa,CAAC,IAAI,EAAE,CAAC;YACpD,CAAC;YAED,MAAM,eAAe,GAAG,IAAI,CAAC,eAAe,CAC1C,MAAM,EACN,IAAI,EACJ,gBAAgB,EAChB,KAAK,CACN,CAAC;YACF,MAAM,WAAW,GAAG,cAAqC,CAAC;YAC1D,IAAI,CAAC,WAAW,CAAC,kBAAkB,CAAC,EAAE,CAAC;gBACrC,WAAW,CAAC,kBAAkB,CAAC,GAAG,EAAE,CAAC;YACvC,CAAC;YACD,MAAM,UAAU,GAAG,KAAK,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YACvD,WAAW,CAAC,kBAAkB,CAAC,CAAC,UAAU,CAAC,GAAG,eAAe,CAAC;YAE9D,MAAM,KAAK,GAAG,KAAK,CAAC,MAAM,CACxB,aAAa,EACb,CAAC,kBAAkB,EAAE,UAAU,CAAC,EAChC,eAAe,EACf;gBACE,iBAAiB,EAAE;oBACjB,OAAO,EAAE,CAAC;oBACV,YAAY,EAAE,IAAI;iBACnB;aACF,CACF,CAAC;YAEF,MAAM,eAAe,GAAG,KAAK,CAAC,UAAU,CAAC,aAAa,EAAE,KAAK,CAAC,CAAC;YAE/D,MAAM,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,UAAU,EAAE,eAAe,EAAE,MAAM,CAAC,CAAC;YAEjE,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;QAC3B,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;QAC5B,CAAC;IACH,CAAC;IAED,KAAK,CAAC,YAAY,CAAC,KAAe;QAChC,IAAI,CAAC;YACH,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,aAAa,EAAE,CAAC;YAE9C,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;gBAC/B,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;YAC5B,CAAC;YAED,MAAM,aAAa,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;YACrE,MAAM,MAAM,GAAG,KAAK,CAAC,KAAK,CAAC,aAAa,CAAwB,CAAC;YACjE,MAAM,kBAAkB,GAAG,IAAI,CAAC,qBAAqB,EAAE,CAAC;YAExD,MAAM,UAAU,GAAG,KAAK,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAEvD,IACE,kBAAkB,IAAI,MAAM;gBAC5B,UAAU,IAAI,MAAM,CAAC,kBAAkB,CAAC,EACxC,CAAC;gBACD,MAAM,KAAK,GAAG,KAAK,CAAC,MAAM,CACxB,aAAa,EACb,CAAC,kBAAkB,EAAE,UAAU,CAAC,EAChC,SAAS,EACT;oBACE,iBAAiB,EAAE;wBACjB,OAAO,EAAE,CAAC;wBACV,YAAY,EAAE,IAAI;qBACnB;iBACF,CACF,CAAC;gBAEF,MAAM,eAAe,GAAG,KAAK,CAAC,UAAU,CAAC,aAAa,EAAE,KAAK,CAAC,CAAC;gBAE/D,MAAM,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,UAAU,EAAE,eAAe,EAAE,MAAM,CAAC,CAAC;gBAEjE,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;YAC3B,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,EAAE;QACJ,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;IAC5B,CAAC;CACF;AAnJD,4CAmJC","sourcesContent":["import * as fs from 'fs';\nimport * as path from 'path';\nimport * as jsonc from 'jsonc-parser';\nimport { getDefaultServerConfig } from './defaults';\n\nexport type MCPServerConfig = Record<string, unknown>;\n\nexport abstract class MCPClient {\n name: string;\n abstract getConfigPath(): Promise<string>;\n abstract getServerPropertyName(): string;\n abstract isServerInstalled(local?: boolean): Promise<boolean>;\n abstract addServer(\n apiKey?: string,\n selectedFeatures?: string[],\n local?: boolean,\n ): Promise<{ success: boolean }>;\n abstract removeServer(local?: boolean): Promise<{ success: boolean }>;\n abstract isClientSupported(): Promise<boolean>;\n}\n\nexport abstract class DefaultMCPClient extends MCPClient {\n name = 'Default';\n\n constructor() {\n super();\n }\n\n getServerPropertyName(): string {\n return 'mcpServers';\n }\n\n getServerConfig(\n apiKey: string | undefined,\n type: 'sse' | 'streamable-http',\n selectedFeatures?: string[],\n local?: boolean,\n ): MCPServerConfig {\n return getDefaultServerConfig(apiKey, type, selectedFeatures, local);\n }\n\n async isServerInstalled(local?: boolean): Promise<boolean> {\n try {\n const configPath = await this.getConfigPath();\n\n if (!fs.existsSync(configPath)) {\n return false;\n }\n\n const configContent = await fs.promises.readFile(configPath, 'utf8');\n const config = jsonc.parse(configContent) as Record<string, any>;\n const serverPropertyName = this.getServerPropertyName();\n const serverName = local ? 'posthog-local' : 'posthog';\n\n return (\n serverPropertyName in config && serverName in config[serverPropertyName]\n );\n } catch {\n return false;\n }\n }\n\n async addServer(\n apiKey?: string,\n selectedFeatures?: string[],\n local?: boolean,\n ): Promise<{ success: boolean }> {\n return this._addServerType(apiKey, 'sse', selectedFeatures, local);\n }\n\n async _addServerType(\n apiKey: string | undefined,\n type: 'sse' | 'streamable-http',\n selectedFeatures?: string[],\n local?: boolean,\n ): Promise<{ success: boolean }> {\n try {\n const configPath = await this.getConfigPath();\n const configDir = path.dirname(configPath);\n\n await fs.promises.mkdir(configDir, { recursive: true });\n\n const serverPropertyName = this.getServerPropertyName();\n let configContent = '';\n let existingConfig = {};\n\n if (fs.existsSync(configPath)) {\n configContent = await fs.promises.readFile(configPath, 'utf8');\n existingConfig = jsonc.parse(configContent) || {};\n }\n\n const newServerConfig = this.getServerConfig(\n apiKey,\n type,\n selectedFeatures,\n local,\n );\n const typedConfig = existingConfig as Record<string, any>;\n if (!typedConfig[serverPropertyName]) {\n typedConfig[serverPropertyName] = {};\n }\n const serverName = local ? 'posthog-local' : 'posthog';\n typedConfig[serverPropertyName][serverName] = newServerConfig;\n\n const edits = jsonc.modify(\n configContent,\n [serverPropertyName, serverName],\n newServerConfig,\n {\n formattingOptions: {\n tabSize: 2,\n insertSpaces: true,\n },\n },\n );\n\n const modifiedContent = jsonc.applyEdits(configContent, edits);\n\n await fs.promises.writeFile(configPath, modifiedContent, 'utf8');\n\n return { success: true };\n } catch {\n return { success: false };\n }\n }\n\n async removeServer(local?: boolean): Promise<{ success: boolean }> {\n try {\n const configPath = await this.getConfigPath();\n\n if (!fs.existsSync(configPath)) {\n return { success: false };\n }\n\n const configContent = await fs.promises.readFile(configPath, 'utf8');\n const config = jsonc.parse(configContent) as Record<string, any>;\n const serverPropertyName = this.getServerPropertyName();\n\n const serverName = local ? 'posthog-local' : 'posthog';\n\n if (\n serverPropertyName in config &&\n serverName in config[serverPropertyName]\n ) {\n const edits = jsonc.modify(\n configContent,\n [serverPropertyName, serverName],\n undefined,\n {\n formattingOptions: {\n tabSize: 2,\n insertSpaces: true,\n },\n },\n );\n\n const modifiedContent = jsonc.applyEdits(configContent, edits);\n\n await fs.promises.writeFile(configPath, modifiedContent, 'utf8');\n\n return { success: true };\n }\n } catch {\n //\n }\n\n return { success: false };\n }\n}\n"]}
package/dist/src/steps/add-mcp-server-to-clients/__tests__/defaults.test.js DELETED
@@ -1,72 +0,0 @@
1
- "use strict";
2
- Object.defineProperty(exports, "__esModule", { value: true });
3
- const defaults_1 = require("../defaults");
4
- describe('defaults', () => {
5
- describe('buildMCPUrl', () => {
6
- it('should build base URL for streamable-http type', () => {
7
- const url = (0, defaults_1.buildMCPUrl)('streamable-http');
8
- expect(url).toBe('https://mcp.posthog.com/mcp');
9
- });
10
- it('should build base URL for sse type', () => {
11
- const url = (0, defaults_1.buildMCPUrl)('sse');
12
- expect(url).toBe('https://mcp.posthog.com/sse');
13
- });
14
- it('should use localhost for local mode', () => {
15
- const url = (0, defaults_1.buildMCPUrl)('streamable-http', undefined, true);
16
- expect(url).toBe('http://localhost:8787/mcp');
17
- });
18
- it('should add features param when not all features selected', () => {
19
- const url = (0, defaults_1.buildMCPUrl)('streamable-http', ['dashboards', 'insights']);
20
- expect(url).toBe('https://mcp.posthog.com/mcp?features=dashboards,insights');
21
- });
22
- it('should not add region param in local mode', () => {
23
- const url = (0, defaults_1.buildMCPUrl)('streamable-http', undefined, true);
24
- expect(url).toBe('http://localhost:8787/mcp');
25
- });
26
- });
27
- describe('getDefaultServerConfig', () => {
28
- it('should return config with auth header when API key provided', () => {
29
- const config = (0, defaults_1.getDefaultServerConfig)('phx_test123', 'sse');
30
- expect(config).toEqual({
31
- command: 'npx',
32
- args: [
33
- '-y',
34
- 'mcp-remote@latest',
35
- 'https://mcp.posthog.com/sse',
36
- '--header',
37
- 'Authorization:${POSTHOG_AUTH_HEADER}',
38
- ],
39
- env: {
40
- POSTHOG_AUTH_HEADER: 'Bearer phx_test123',
41
- },
42
- });
43
- });
44
- it('should return config without auth header for OAuth mode (no API key)', () => {
45
- const config = (0, defaults_1.getDefaultServerConfig)(undefined, 'sse');
46
- expect(config).toEqual({
47
- command: 'npx',
48
- args: ['-y', 'mcp-remote@latest', 'https://mcp.posthog.com/sse'],
49
- });
50
- expect(config).not.toHaveProperty('env');
51
- });
52
- });
53
- describe('getNativeHTTPServerConfig', () => {
54
- it('should return config with headers when API key provided', () => {
55
- const config = (0, defaults_1.getNativeHTTPServerConfig)('phx_test123', 'streamable-http');
56
- expect(config).toEqual({
57
- url: 'https://mcp.posthog.com/mcp',
58
- headers: {
59
- Authorization: 'Bearer phx_test123',
60
- },
61
- });
62
- });
63
- it('should return config without headers for OAuth mode (no API key)', () => {
64
- const config = (0, defaults_1.getNativeHTTPServerConfig)(undefined, 'streamable-http');
65
- expect(config).toEqual({
66
- url: 'https://mcp.posthog.com/mcp',
67
- });
68
- expect(config).not.toHaveProperty('headers');
69
- });
70
- });
71
- });
72
- //# sourceMappingURL=defaults.test.js.map