@posthog/wizard 2.9.1 → 2.10.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +40 -0
- package/dist/McpScreen-BmHapIaP.js +3357 -0
- package/dist/McpScreen-BmHapIaP.js.map +1 -0
- package/dist/add-mcp-server-to-clients-DZtISNrs.js +455 -0
- package/dist/add-mcp-server-to-clients-DZtISNrs.js.map +1 -0
- package/dist/agent-runner-CGwrcr57.js +1112 -0
- package/dist/agent-runner-CGwrcr57.js.map +1 -0
- package/dist/agent-skill-BVjJqol6.js +59 -0
- package/dist/agent-skill-BVjJqol6.js.map +1 -0
- package/dist/analytics-C4jO5Qda.js +207 -0
- package/dist/analytics-C4jO5Qda.js.map +1 -0
- package/dist/analytics-CpjaBpx6.js +2 -0
- package/dist/bin.d.ts +1 -2
- package/dist/bin.js +635 -521
- package/dist/bin.js.map +1 -1
- package/dist/craft-pre-release.sh +10 -0
- package/dist/debug-CIyf0ZGx.js +2 -0
- package/dist/debug-CyJ_3dTP.js +201 -0
- package/dist/debug-CyJ_3dTP.js.map +1 -0
- package/dist/defaults-DoVkE0gW.js +234 -0
- package/dist/defaults-DoVkE0gW.js.map +1 -0
- package/dist/detection-CkLpxBCD.js +122 -0
- package/dist/detection-CkLpxBCD.js.map +1 -0
- package/dist/env-api-key-K8TdTDII.js +20 -0
- package/dist/env-api-key-K8TdTDII.js.map +1 -0
- package/dist/file-utils-BWneZy6p.js +38 -0
- package/dist/file-utils-BWneZy6p.js.map +1 -0
- package/dist/generate-version.cjs +11 -0
- package/dist/package-json-BQgl5C3Z.js +2 -0
- package/dist/package-json-Ctq6LSl8.js +25 -0
- package/dist/package-json-Ctq6LSl8.js.map +1 -0
- package/dist/package-manager-nUQ-ebjr.js +222 -0
- package/dist/package-manager-nUQ-ebjr.js.map +1 -0
- package/dist/posthog-integration-BzxdDK4z.js +230 -0
- package/dist/posthog-integration-BzxdDK4z.js.map +1 -0
- package/dist/readiness-Dn7eq8NE.js +2156 -0
- package/dist/readiness-Dn7eq8NE.js.map +1 -0
- package/dist/registry-s55_iuJT.js +2922 -0
- package/dist/registry-s55_iuJT.js.map +1 -0
- package/dist/rolldown-runtime-B_-DWIq7.js +15 -0
- package/dist/router-D5A1Sb4p.js +141 -0
- package/dist/router-D5A1Sb4p.js.map +1 -0
- package/dist/setup-utils-CdDnllRW.js +928 -0
- package/dist/setup-utils-CdDnllRW.js.map +1 -0
- package/dist/smoke-test-ci.sh +165 -0
- package/dist/start-playground-B8qCLu7U.js +1005 -0
- package/dist/start-playground-B8qCLu7U.js.map +1 -0
- package/dist/start-tui-PygiIyNC.js +1887 -0
- package/dist/start-tui-PygiIyNC.js.map +1 -0
- package/dist/steps-CySv8XdD.js +146 -0
- package/dist/steps-CySv8XdD.js.map +1 -0
- package/dist/telemetry-Ct_GGkSO.js +13 -0
- package/dist/telemetry-Ct_GGkSO.js.map +1 -0
- package/dist/wizard-abort-7HUIsqv1.js +39 -0
- package/dist/wizard-abort-7HUIsqv1.js.map +1 -0
- package/dist/wizard-abort-Dhjb2o08.js +2 -0
- package/dist/wizard-session-Db6R023m.js +62 -0
- package/dist/wizard-session-Db6R023m.js.map +1 -0
- package/dist/wizard-session-y7nf6aKH.js +2 -0
- package/npm-shrinkwrap.json +2 -2
- package/package.json +16 -8
- package/dist/src/__tests__/cli.test.d.ts +0 -1
- package/dist/src/__tests__/cli.test.js +0 -256
- package/dist/src/__tests__/cli.test.js.map +0 -1
- package/dist/src/__tests__/package-json.test.d.ts +0 -1
- package/dist/src/__tests__/package-json.test.js +0 -173
- package/dist/src/__tests__/package-json.test.js.map +0 -1
- package/dist/src/__tests__/wizard-abort.test.d.ts +0 -1
- package/dist/src/__tests__/wizard-abort.test.js +0 -148
- package/dist/src/__tests__/wizard-abort.test.js.map +0 -1
- package/dist/src/frameworks/android/android-wizard-agent.d.ts +0 -6
- package/dist/src/frameworks/android/android-wizard-agent.js +0 -142
- package/dist/src/frameworks/android/android-wizard-agent.js.map +0 -1
- package/dist/src/frameworks/android/utils.d.ts +0 -11
- package/dist/src/frameworks/android/utils.js +0 -97
- package/dist/src/frameworks/android/utils.js.map +0 -1
- package/dist/src/frameworks/angular/angular-wizard-agent.d.ts +0 -4
- package/dist/src/frameworks/angular/angular-wizard-agent.js +0 -65
- package/dist/src/frameworks/angular/angular-wizard-agent.js.map +0 -1
- package/dist/src/frameworks/angular/utils.d.ts +0 -4
- package/dist/src/frameworks/angular/utils.js +0 -9
- package/dist/src/frameworks/angular/utils.js.map +0 -1
- package/dist/src/frameworks/astro/astro-wizard-agent.d.ts +0 -7
- package/dist/src/frameworks/astro/astro-wizard-agent.js +0 -102
- package/dist/src/frameworks/astro/astro-wizard-agent.js.map +0 -1
- package/dist/src/frameworks/astro/utils.d.ts +0 -14
- package/dist/src/frameworks/astro/utils.js +0 -114
- package/dist/src/frameworks/astro/utils.js.map +0 -1
- package/dist/src/frameworks/django/django-wizard-agent.d.ts +0 -8
- package/dist/src/frameworks/django/django-wizard-agent.js +0 -173
- package/dist/src/frameworks/django/django-wizard-agent.js.map +0 -1
- package/dist/src/frameworks/django/utils.d.ts +0 -31
- package/dist/src/frameworks/django/utils.js +0 -306
- package/dist/src/frameworks/django/utils.js.map +0 -1
- package/dist/src/frameworks/fastapi/fastapi-wizard-agent.d.ts +0 -5
- package/dist/src/frameworks/fastapi/fastapi-wizard-agent.js +0 -191
- package/dist/src/frameworks/fastapi/fastapi-wizard-agent.js.map +0 -1
- package/dist/src/frameworks/fastapi/utils.d.ts +0 -26
- package/dist/src/frameworks/fastapi/utils.js +0 -258
- package/dist/src/frameworks/fastapi/utils.js.map +0 -1
- package/dist/src/frameworks/flask/flask-wizard-agent.d.ts +0 -8
- package/dist/src/frameworks/flask/flask-wizard-agent.js +0 -179
- package/dist/src/frameworks/flask/flask-wizard-agent.js.map +0 -1
- package/dist/src/frameworks/flask/utils.d.ts +0 -28
- package/dist/src/frameworks/flask/utils.js +0 -344
- package/dist/src/frameworks/flask/utils.js.map +0 -1
- package/dist/src/frameworks/javascript-node/javascript-node-wizard-agent.d.ts +0 -4
- package/dist/src/frameworks/javascript-node/javascript-node-wizard-agent.js +0 -61
- package/dist/src/frameworks/javascript-node/javascript-node-wizard-agent.js.map +0 -1
- package/dist/src/frameworks/javascript-web/javascript-web-wizard-agent.d.ts +0 -3
- package/dist/src/frameworks/javascript-web/javascript-web-wizard-agent.js +0 -152
- package/dist/src/frameworks/javascript-web/javascript-web-wizard-agent.js.map +0 -1
- package/dist/src/frameworks/javascript-web/utils.d.ts +0 -28
- package/dist/src/frameworks/javascript-web/utils.js +0 -147
- package/dist/src/frameworks/javascript-web/utils.js.map +0 -1
- package/dist/src/frameworks/laravel/laravel-wizard-agent.d.ts +0 -10
- package/dist/src/frameworks/laravel/laravel-wizard-agent.js +0 -182
- package/dist/src/frameworks/laravel/laravel-wizard-agent.js.map +0 -1
- package/dist/src/frameworks/laravel/utils.d.ts +0 -38
- package/dist/src/frameworks/laravel/utils.js +0 -238
- package/dist/src/frameworks/laravel/utils.js.map +0 -1
- package/dist/src/frameworks/nextjs/nextjs-wizard-agent.d.ts +0 -7
- package/dist/src/frameworks/nextjs/nextjs-wizard-agent.js +0 -94
- package/dist/src/frameworks/nextjs/nextjs-wizard-agent.js.map +0 -1
- package/dist/src/frameworks/nextjs/utils.d.ts +0 -12
- package/dist/src/frameworks/nextjs/utils.js +0 -52
- package/dist/src/frameworks/nextjs/utils.js.map +0 -1
- package/dist/src/frameworks/nuxt/nuxt-wizard-agent.d.ts +0 -6
- package/dist/src/frameworks/nuxt/nuxt-wizard-agent.js +0 -77
- package/dist/src/frameworks/nuxt/nuxt-wizard-agent.js.map +0 -1
- package/dist/src/frameworks/python/python-wizard-agent.d.ts +0 -7
- package/dist/src/frameworks/python/python-wizard-agent.js +0 -195
- package/dist/src/frameworks/python/python-wizard-agent.js.map +0 -1
- package/dist/src/frameworks/python/utils.d.ts +0 -28
- package/dist/src/frameworks/python/utils.js +0 -147
- package/dist/src/frameworks/python/utils.js.map +0 -1
- package/dist/src/frameworks/rails/rails-wizard-agent.d.ts +0 -8
- package/dist/src/frameworks/rails/rails-wizard-agent.js +0 -90
- package/dist/src/frameworks/rails/rails-wizard-agent.js.map +0 -1
- package/dist/src/frameworks/rails/utils.d.ts +0 -37
- package/dist/src/frameworks/rails/utils.js +0 -187
- package/dist/src/frameworks/rails/utils.js.map +0 -1
- package/dist/src/frameworks/react-native/react-native-wizard-agent.d.ts +0 -7
- package/dist/src/frameworks/react-native/react-native-wizard-agent.js +0 -89
- package/dist/src/frameworks/react-native/react-native-wizard-agent.js.map +0 -1
- package/dist/src/frameworks/react-native/utils.d.ts +0 -8
- package/dist/src/frameworks/react-native/utils.js +0 -28
- package/dist/src/frameworks/react-native/utils.js.map +0 -1
- package/dist/src/frameworks/react-router/react-router-wizard-agent.d.ts +0 -7
- package/dist/src/frameworks/react-router/react-router-wizard-agent.js +0 -94
- package/dist/src/frameworks/react-router/react-router-wizard-agent.js.map +0 -1
- package/dist/src/frameworks/react-router/utils.d.ts +0 -13
- package/dist/src/frameworks/react-router/utils.js +0 -161
- package/dist/src/frameworks/react-router/utils.js.map +0 -1
- package/dist/src/frameworks/ruby/ruby-wizard-agent.d.ts +0 -7
- package/dist/src/frameworks/ruby/ruby-wizard-agent.js +0 -113
- package/dist/src/frameworks/ruby/ruby-wizard-agent.js.map +0 -1
- package/dist/src/frameworks/ruby/utils.d.ts +0 -25
- package/dist/src/frameworks/ruby/utils.js +0 -158
- package/dist/src/frameworks/ruby/utils.js.map +0 -1
- package/dist/src/frameworks/svelte/svelte-wizard-agent.d.ts +0 -4
- package/dist/src/frameworks/svelte/svelte-wizard-agent.js +0 -61
- package/dist/src/frameworks/svelte/svelte-wizard-agent.js.map +0 -1
- package/dist/src/frameworks/swift/swift-wizard-agent.d.ts +0 -7
- package/dist/src/frameworks/swift/swift-wizard-agent.js +0 -143
- package/dist/src/frameworks/swift/swift-wizard-agent.js.map +0 -1
- package/dist/src/frameworks/swift/utils.d.ts +0 -8
- package/dist/src/frameworks/swift/utils.js +0 -105
- package/dist/src/frameworks/swift/utils.js.map +0 -1
- package/dist/src/frameworks/tanstack-router/tanstack-router-wizard-agent.d.ts +0 -7
- package/dist/src/frameworks/tanstack-router/tanstack-router-wizard-agent.js +0 -96
- package/dist/src/frameworks/tanstack-router/tanstack-router-wizard-agent.js.map +0 -1
- package/dist/src/frameworks/tanstack-router/utils.d.ts +0 -11
- package/dist/src/frameworks/tanstack-router/utils.js +0 -149
- package/dist/src/frameworks/tanstack-router/utils.js.map +0 -1
- package/dist/src/frameworks/tanstack-start/tanstack-start-wizard-agent.d.ts +0 -4
- package/dist/src/frameworks/tanstack-start/tanstack-start-wizard-agent.js +0 -64
- package/dist/src/frameworks/tanstack-start/tanstack-start-wizard-agent.js.map +0 -1
- package/dist/src/frameworks/tanstack-start/utils.d.ts +0 -4
- package/dist/src/frameworks/tanstack-start/utils.js +0 -9
- package/dist/src/frameworks/tanstack-start/utils.js.map +0 -1
- package/dist/src/frameworks/vue/vue-wizard-agent.d.ts +0 -4
- package/dist/src/frameworks/vue/vue-wizard-agent.js +0 -62
- package/dist/src/frameworks/vue/vue-wizard-agent.js.map +0 -1
- package/dist/src/lib/__tests__/agent-interface.test.d.ts +0 -1
- package/dist/src/lib/__tests__/agent-interface.test.js +0 -317
- package/dist/src/lib/__tests__/agent-interface.test.js.map +0 -1
- package/dist/src/lib/__tests__/cloudflare-detection.test.d.ts +0 -1
- package/dist/src/lib/__tests__/cloudflare-detection.test.js +0 -119
- package/dist/src/lib/__tests__/cloudflare-detection.test.js.map +0 -1
- package/dist/src/lib/__tests__/wizard-tools.test.d.ts +0 -1
- package/dist/src/lib/__tests__/wizard-tools.test.js +0 -200
- package/dist/src/lib/__tests__/wizard-tools.test.js.map +0 -1
- package/dist/src/lib/__tests__/yara-hooks.test.d.ts +0 -1
- package/dist/src/lib/__tests__/yara-hooks.test.js +0 -432
- package/dist/src/lib/__tests__/yara-hooks.test.js.map +0 -1
- package/dist/src/lib/__tests__/yara-scanner.test.d.ts +0 -1
- package/dist/src/lib/__tests__/yara-scanner.test.js +0 -613
- package/dist/src/lib/__tests__/yara-scanner.test.js.map +0 -1
- package/dist/src/lib/agent/__tests__/agent-prompt.test.d.ts +0 -1
- package/dist/src/lib/agent/__tests__/agent-prompt.test.js +0 -57
- package/dist/src/lib/agent/__tests__/agent-prompt.test.js.map +0 -1
- package/dist/src/lib/agent/agent-interface.d.ts +0 -171
- package/dist/src/lib/agent/agent-interface.js +0 -1082
- package/dist/src/lib/agent/agent-interface.js.map +0 -1
- package/dist/src/lib/agent/agent-prompt.d.ts +0 -23
- package/dist/src/lib/agent/agent-prompt.js +0 -47
- package/dist/src/lib/agent/agent-prompt.js.map +0 -1
- package/dist/src/lib/agent/agent-runner.d.ts +0 -78
- package/dist/src/lib/agent/agent-runner.js +0 -325
- package/dist/src/lib/agent/agent-runner.js.map +0 -1
- package/dist/src/lib/agent/commandments.d.ts +0 -1
- package/dist/src/lib/agent/commandments.js +0 -26
- package/dist/src/lib/agent/commandments.js.map +0 -1
- package/dist/src/lib/api.d.ts +0 -75
- package/dist/src/lib/api.js +0 -105
- package/dist/src/lib/api.js.map +0 -1
- package/dist/src/lib/cloudflare-detection.d.ts +0 -14
- package/dist/src/lib/cloudflare-detection.js +0 -74
- package/dist/src/lib/cloudflare-detection.js.map +0 -1
- package/dist/src/lib/constants.d.ts +0 -74
- package/dist/src/lib/constants.js +0 -98
- package/dist/src/lib/constants.js.map +0 -1
- package/dist/src/lib/detection/__tests__/context.test.d.ts +0 -1
- package/dist/src/lib/detection/__tests__/context.test.js +0 -72
- package/dist/src/lib/detection/__tests__/context.test.js.map +0 -1
- package/dist/src/lib/detection/__tests__/features.test.d.ts +0 -1
- package/dist/src/lib/detection/__tests__/features.test.js +0 -75
- package/dist/src/lib/detection/__tests__/features.test.js.map +0 -1
- package/dist/src/lib/detection/__tests__/package-manager.test.d.ts +0 -1
- package/dist/src/lib/detection/__tests__/package-manager.test.js +0 -195
- package/dist/src/lib/detection/__tests__/package-manager.test.js.map +0 -1
- package/dist/src/lib/detection/context.d.ts +0 -31
- package/dist/src/lib/detection/context.js +0 -92
- package/dist/src/lib/detection/context.js.map +0 -1
- package/dist/src/lib/detection/features.d.ts +0 -16
- package/dist/src/lib/detection/features.js +0 -56
- package/dist/src/lib/detection/features.js.map +0 -1
- package/dist/src/lib/detection/framework.d.ts +0 -14
- package/dist/src/lib/detection/framework.js +0 -35
- package/dist/src/lib/detection/framework.js.map +0 -1
- package/dist/src/lib/detection/index.d.ts +0 -3
- package/dist/src/lib/detection/index.js +0 -11
- package/dist/src/lib/detection/index.js.map +0 -1
- package/dist/src/lib/detection/package-manager.d.ts +0 -37
- package/dist/src/lib/detection/package-manager.js +0 -183
- package/dist/src/lib/detection/package-manager.js.map +0 -1
- package/dist/src/lib/framework-config.d.ts +0 -175
- package/dist/src/lib/framework-config.js +0 -22
- package/dist/src/lib/framework-config.js.map +0 -1
- package/dist/src/lib/health-checks/__tests__/health-checks.test.d.ts +0 -18
- package/dist/src/lib/health-checks/__tests__/health-checks.test.js +0 -759
- package/dist/src/lib/health-checks/__tests__/health-checks.test.js.map +0 -1
- package/dist/src/lib/health-checks/endpoints.d.ts +0 -4
- package/dist/src/lib/health-checks/endpoints.js +0 -49
- package/dist/src/lib/health-checks/endpoints.js.map +0 -1
- package/dist/src/lib/health-checks/index.d.ts +0 -4
- package/dist/src/lib/health-checks/index.js +0 -24
- package/dist/src/lib/health-checks/index.js.map +0 -1
- package/dist/src/lib/health-checks/readiness.d.ts +0 -29
- package/dist/src/lib/health-checks/readiness.js +0 -188
- package/dist/src/lib/health-checks/readiness.js.map +0 -1
- package/dist/src/lib/health-checks/statuspage.d.ts +0 -9
- package/dist/src/lib/health-checks/statuspage.js +0 -105
- package/dist/src/lib/health-checks/statuspage.js.map +0 -1
- package/dist/src/lib/health-checks/types.d.ts +0 -32
- package/dist/src/lib/health-checks/types.js +0 -10
- package/dist/src/lib/health-checks/types.js.map +0 -1
- package/dist/src/lib/helper-functions.d.ts +0 -1
- package/dist/src/lib/helper-functions.js +0 -6
- package/dist/src/lib/helper-functions.js.map +0 -1
- package/dist/src/lib/middleware/benchmark.d.ts +0 -54
- package/dist/src/lib/middleware/benchmark.js +0 -45
- package/dist/src/lib/middleware/benchmark.js.map +0 -1
- package/dist/src/lib/middleware/benchmarks/cache-tracker.d.ts +0 -44
- package/dist/src/lib/middleware/benchmarks/cache-tracker.js +0 -81
- package/dist/src/lib/middleware/benchmarks/cache-tracker.js.map +0 -1
- package/dist/src/lib/middleware/benchmarks/compaction-tracker.d.ts +0 -29
- package/dist/src/lib/middleware/benchmarks/compaction-tracker.js +0 -60
- package/dist/src/lib/middleware/benchmarks/compaction-tracker.js.map +0 -1
- package/dist/src/lib/middleware/benchmarks/context-size-tracker.d.ts +0 -26
- package/dist/src/lib/middleware/benchmarks/context-size-tracker.js +0 -56
- package/dist/src/lib/middleware/benchmarks/context-size-tracker.js.map +0 -1
- package/dist/src/lib/middleware/benchmarks/cost-tracker.d.ts +0 -16
- package/dist/src/lib/middleware/benchmarks/cost-tracker.js +0 -76
- package/dist/src/lib/middleware/benchmarks/cost-tracker.js.map +0 -1
- package/dist/src/lib/middleware/benchmarks/duration-tracker.d.ts +0 -20
- package/dist/src/lib/middleware/benchmarks/duration-tracker.js +0 -40
- package/dist/src/lib/middleware/benchmarks/duration-tracker.js.map +0 -1
- package/dist/src/lib/middleware/benchmarks/index.d.ts +0 -9
- package/dist/src/lib/middleware/benchmarks/index.js +0 -60
- package/dist/src/lib/middleware/benchmarks/index.js.map +0 -1
- package/dist/src/lib/middleware/benchmarks/json-writer.d.ts +0 -15
- package/dist/src/lib/middleware/benchmarks/json-writer.js +0 -144
- package/dist/src/lib/middleware/benchmarks/json-writer.js.map +0 -1
- package/dist/src/lib/middleware/benchmarks/summary.d.ts +0 -9
- package/dist/src/lib/middleware/benchmarks/summary.js +0 -102
- package/dist/src/lib/middleware/benchmarks/summary.js.map +0 -1
- package/dist/src/lib/middleware/benchmarks/token-tracker.d.ts +0 -40
- package/dist/src/lib/middleware/benchmarks/token-tracker.js +0 -77
- package/dist/src/lib/middleware/benchmarks/token-tracker.js.map +0 -1
- package/dist/src/lib/middleware/benchmarks/turn-counter.d.ts +0 -34
- package/dist/src/lib/middleware/benchmarks/turn-counter.js +0 -59
- package/dist/src/lib/middleware/benchmarks/turn-counter.js.map +0 -1
- package/dist/src/lib/middleware/config.d.ts +0 -24
- package/dist/src/lib/middleware/config.js +0 -78
- package/dist/src/lib/middleware/config.js.map +0 -1
- package/dist/src/lib/middleware/index.d.ts +0 -11
- package/dist/src/lib/middleware/index.js +0 -18
- package/dist/src/lib/middleware/index.js.map +0 -1
- package/dist/src/lib/middleware/phase-detector.d.ts +0 -7
- package/dist/src/lib/middleware/phase-detector.js +0 -64
- package/dist/src/lib/middleware/phase-detector.js.map +0 -1
- package/dist/src/lib/middleware/pipeline.d.ts +0 -29
- package/dist/src/lib/middleware/pipeline.js +0 -82
- package/dist/src/lib/middleware/pipeline.js.map +0 -1
- package/dist/src/lib/middleware/types.d.ts +0 -40
- package/dist/src/lib/middleware/types.js +0 -9
- package/dist/src/lib/middleware/types.js.map +0 -1
- package/dist/src/lib/registry.d.ts +0 -3
- package/dist/src/lib/registry.js +0 -49
- package/dist/src/lib/registry.js.map +0 -1
- package/dist/src/lib/safe-tools.d.ts +0 -2
- package/dist/src/lib/safe-tools.js +0 -215
- package/dist/src/lib/safe-tools.js.map +0 -1
- package/dist/src/lib/skill-install.d.ts +0 -10
- package/dist/src/lib/skill-install.js +0 -23
- package/dist/src/lib/skill-install.js.map +0 -1
- package/dist/src/lib/version.d.ts +0 -1
- package/dist/src/lib/version.js +0 -6
- package/dist/src/lib/version.js.map +0 -1
- package/dist/src/lib/wizard-session.d.ts +0 -146
- package/dist/src/lib/wizard-session.js +0 -116
- package/dist/src/lib/wizard-session.js.map +0 -1
- package/dist/src/lib/wizard-tools.d.ts +0 -91
- package/dist/src/lib/wizard-tools.js +0 -389
- package/dist/src/lib/wizard-tools.js.map +0 -1
- package/dist/src/lib/workflows/__tests__/agent-skill.test.d.ts +0 -1
- package/dist/src/lib/workflows/__tests__/agent-skill.test.js +0 -73
- package/dist/src/lib/workflows/__tests__/agent-skill.test.js.map +0 -1
- package/dist/src/lib/workflows/__tests__/revenue-analytics-detect.test.d.ts +0 -1
- package/dist/src/lib/workflows/__tests__/revenue-analytics-detect.test.js +0 -101
- package/dist/src/lib/workflows/__tests__/revenue-analytics-detect.test.js.map +0 -1
- package/dist/src/lib/workflows/__tests__/workflow-registry.test.d.ts +0 -1
- package/dist/src/lib/workflows/__tests__/workflow-registry.test.js +0 -32
- package/dist/src/lib/workflows/__tests__/workflow-registry.test.js.map +0 -1
- package/dist/src/lib/workflows/__tests__/workflow-step.test.d.ts +0 -1
- package/dist/src/lib/workflows/__tests__/workflow-step.test.js +0 -54
- package/dist/src/lib/workflows/__tests__/workflow-step.test.js.map +0 -1
- package/dist/src/lib/workflows/agent-skill/index.d.ts +0 -44
- package/dist/src/lib/workflows/agent-skill/index.js +0 -47
- package/dist/src/lib/workflows/agent-skill/index.js.map +0 -1
- package/dist/src/lib/workflows/agent-skill/steps.d.ts +0 -8
- package/dist/src/lib/workflows/agent-skill/steps.js +0 -43
- package/dist/src/lib/workflows/agent-skill/steps.js.map +0 -1
- package/dist/src/lib/workflows/posthog-integration/detect.d.ts +0 -12
- package/dist/src/lib/workflows/posthog-integration/detect.js +0 -57
- package/dist/src/lib/workflows/posthog-integration/detect.js.map +0 -1
- package/dist/src/lib/workflows/posthog-integration/index.d.ts +0 -3
- package/dist/src/lib/workflows/posthog-integration/index.js +0 -152
- package/dist/src/lib/workflows/posthog-integration/index.js.map +0 -1
- package/dist/src/lib/workflows/posthog-integration/steps.d.ts +0 -9
- package/dist/src/lib/workflows/posthog-integration/steps.js +0 -100
- package/dist/src/lib/workflows/posthog-integration/steps.js.map +0 -1
- package/dist/src/lib/workflows/revenue-analytics/detect.d.ts +0 -40
- package/dist/src/lib/workflows/revenue-analytics/detect.js +0 -156
- package/dist/src/lib/workflows/revenue-analytics/detect.js.map +0 -1
- package/dist/src/lib/workflows/revenue-analytics/index.d.ts +0 -4
- package/dist/src/lib/workflows/revenue-analytics/index.js +0 -30
- package/dist/src/lib/workflows/revenue-analytics/index.js.map +0 -1
- package/dist/src/lib/workflows/revenue-analytics/steps.d.ts +0 -8
- package/dist/src/lib/workflows/revenue-analytics/steps.js +0 -53
- package/dist/src/lib/workflows/revenue-analytics/steps.js.map +0 -1
- package/dist/src/lib/workflows/workflow-registry.d.ts +0 -18
- package/dist/src/lib/workflows/workflow-registry.js +0 -32
- package/dist/src/lib/workflows/workflow-registry.js.map +0 -1
- package/dist/src/lib/workflows/workflow-step.d.ts +0 -126
- package/dist/src/lib/workflows/workflow-step.js +0 -28
- package/dist/src/lib/workflows/workflow-step.js.map +0 -1
- package/dist/src/lib/yara-hooks.d.ts +0 -44
- package/dist/src/lib/yara-hooks.js +0 -377
- package/dist/src/lib/yara-hooks.js.map +0 -1
- package/dist/src/lib/yara-scanner.d.ts +0 -61
- package/dist/src/lib/yara-scanner.js +0 -328
- package/dist/src/lib/yara-scanner.js.map +0 -1
- package/dist/src/steps/add-mcp-server-to-clients/MCPClient.d.ts +0 -30
- package/dist/src/steps/add-mcp-server-to-clients/MCPClient.js +0 -138
- package/dist/src/steps/add-mcp-server-to-clients/MCPClient.js.map +0 -1
- package/dist/src/steps/add-mcp-server-to-clients/__tests__/defaults.test.d.ts +0 -1
- package/dist/src/steps/add-mcp-server-to-clients/__tests__/defaults.test.js +0 -72
- package/dist/src/steps/add-mcp-server-to-clients/__tests__/defaults.test.js.map +0 -1
- package/dist/src/steps/add-mcp-server-to-clients/clients/__tests__/claude.test.d.ts +0 -1
- package/dist/src/steps/add-mcp-server-to-clients/clients/__tests__/claude.test.js +0 -341
- package/dist/src/steps/add-mcp-server-to-clients/clients/__tests__/claude.test.js.map +0 -1
- package/dist/src/steps/add-mcp-server-to-clients/clients/__tests__/codex.test.d.ts +0 -1
- package/dist/src/steps/add-mcp-server-to-clients/clients/__tests__/codex.test.js +0 -108
- package/dist/src/steps/add-mcp-server-to-clients/clients/__tests__/codex.test.js.map +0 -1
- package/dist/src/steps/add-mcp-server-to-clients/clients/claude-code.d.ts +0 -89
- package/dist/src/steps/add-mcp-server-to-clients/clients/claude-code.js +0 -169
- package/dist/src/steps/add-mcp-server-to-clients/clients/claude-code.js.map +0 -1
- package/dist/src/steps/add-mcp-server-to-clients/clients/claude.d.ts +0 -80
- package/dist/src/steps/add-mcp-server-to-clients/clients/claude.js +0 -64
- package/dist/src/steps/add-mcp-server-to-clients/clients/claude.js.map +0 -1
- package/dist/src/steps/add-mcp-server-to-clients/clients/codex.d.ts +0 -88
- package/dist/src/steps/add-mcp-server-to-clients/clients/codex.js +0 -76
- package/dist/src/steps/add-mcp-server-to-clients/clients/codex.js.map +0 -1
- package/dist/src/steps/add-mcp-server-to-clients/clients/cursor.d.ts +0 -84
- package/dist/src/steps/add-mcp-server-to-clients/clients/cursor.js +0 -61
- package/dist/src/steps/add-mcp-server-to-clients/clients/cursor.js.map +0 -1
- package/dist/src/steps/add-mcp-server-to-clients/clients/visual-studio-code.d.ts +0 -92
- package/dist/src/steps/add-mcp-server-to-clients/clients/visual-studio-code.js +0 -101
- package/dist/src/steps/add-mcp-server-to-clients/clients/visual-studio-code.js.map +0 -1
- package/dist/src/steps/add-mcp-server-to-clients/clients/zed.d.ts +0 -110
- package/dist/src/steps/add-mcp-server-to-clients/clients/zed.js +0 -102
- package/dist/src/steps/add-mcp-server-to-clients/clients/zed.js.map +0 -1
- package/dist/src/steps/add-mcp-server-to-clients/defaults.d.ts +0 -119
- package/dist/src/steps/add-mcp-server-to-clients/defaults.js +0 -239
- package/dist/src/steps/add-mcp-server-to-clients/defaults.js.map +0 -1
- package/dist/src/steps/add-mcp-server-to-clients/index.d.ts +0 -23
- package/dist/src/steps/add-mcp-server-to-clients/index.js +0 -111
- package/dist/src/steps/add-mcp-server-to-clients/index.js.map +0 -1
- package/dist/src/steps/add-or-update-environment-variables.d.ts +0 -10
- package/dist/src/steps/add-or-update-environment-variables.js +0 -188
- package/dist/src/steps/add-or-update-environment-variables.js.map +0 -1
- package/dist/src/steps/index.d.ts +0 -4
- package/dist/src/steps/index.js +0 -21
- package/dist/src/steps/index.js.map +0 -1
- package/dist/src/steps/run-prettier.d.ts +0 -5
- package/dist/src/steps/run-prettier.js +0 -91
- package/dist/src/steps/run-prettier.js.map +0 -1
- package/dist/src/steps/upload-environment-variables/EnvironmentProvider.d.ts +0 -11
- package/dist/src/steps/upload-environment-variables/EnvironmentProvider.js +0 -12
- package/dist/src/steps/upload-environment-variables/EnvironmentProvider.js.map +0 -1
- package/dist/src/steps/upload-environment-variables/index.d.ts +0 -6
- package/dist/src/steps/upload-environment-variables/index.js +0 -38
- package/dist/src/steps/upload-environment-variables/index.js.map +0 -1
- package/dist/src/steps/upload-environment-variables/providers/__tests__/vercel.test.d.ts +0 -1
- package/dist/src/steps/upload-environment-variables/providers/__tests__/vercel.test.js +0 -117
- package/dist/src/steps/upload-environment-variables/providers/__tests__/vercel.test.js.map +0 -1
- package/dist/src/steps/upload-environment-variables/providers/vercel.d.ts +0 -15
- package/dist/src/steps/upload-environment-variables/providers/vercel.js +0 -142
- package/dist/src/steps/upload-environment-variables/providers/vercel.js.map +0 -1
- package/dist/src/telemetry.d.ts +0 -2
- package/dist/src/telemetry.js +0 -13
- package/dist/src/telemetry.js.map +0 -1
- package/dist/src/ui/index.d.ts +0 -8
- package/dist/src/ui/index.js +0 -17
- package/dist/src/ui/index.js.map +0 -1
- package/dist/src/ui/logging-ui.d.ts +0 -52
- package/dist/src/ui/logging-ui.js +0 -121
- package/dist/src/ui/logging-ui.js.map +0 -1
- package/dist/src/ui/tui/App.d.ts +0 -6
- package/dist/src/ui/tui/App.js +0 -10
- package/dist/src/ui/tui/App.js.map +0 -1
- package/dist/src/ui/tui/__tests__/flows.test.d.ts +0 -1
- package/dist/src/ui/tui/__tests__/flows.test.js +0 -115
- package/dist/src/ui/tui/__tests__/flows.test.js.map +0 -1
- package/dist/src/ui/tui/__tests__/layout-helpers.test.d.ts +0 -1
- package/dist/src/ui/tui/__tests__/layout-helpers.test.js +0 -68
- package/dist/src/ui/tui/__tests__/layout-helpers.test.js.map +0 -1
- package/dist/src/ui/tui/__tests__/router.test.d.ts +0 -1
- package/dist/src/ui/tui/__tests__/router.test.js +0 -87
- package/dist/src/ui/tui/__tests__/router.test.js.map +0 -1
- package/dist/src/ui/tui/__tests__/store.test.d.ts +0 -1
- package/dist/src/ui/tui/__tests__/store.test.js +0 -935
- package/dist/src/ui/tui/__tests__/store.test.js.map +0 -1
- package/dist/src/ui/tui/components/LearnCard.d.ts +0 -10
- package/dist/src/ui/tui/components/LearnCard.js +0 -217
- package/dist/src/ui/tui/components/LearnCard.js.map +0 -1
- package/dist/src/ui/tui/components/ServiceHealthList.d.ts +0 -15
- package/dist/src/ui/tui/components/ServiceHealthList.js +0 -57
- package/dist/src/ui/tui/components/ServiceHealthList.js.map +0 -1
- package/dist/src/ui/tui/components/TipsCard.d.ts +0 -9
- package/dist/src/ui/tui/components/TipsCard.js +0 -55
- package/dist/src/ui/tui/components/TipsCard.js.map +0 -1
- package/dist/src/ui/tui/components/TitleBar.d.ts +0 -6
- package/dist/src/ui/tui/components/TitleBar.js +0 -17
- package/dist/src/ui/tui/components/TitleBar.js.map +0 -1
- package/dist/src/ui/tui/flows.d.ts +0 -52
- package/dist/src/ui/tui/flows.js +0 -76
- package/dist/src/ui/tui/flows.js.map +0 -1
- package/dist/src/ui/tui/hooks/useStdoutDimensions.d.ts +0 -9
- package/dist/src/ui/tui/hooks/useStdoutDimensions.js +0 -37
- package/dist/src/ui/tui/hooks/useStdoutDimensions.js.map +0 -1
- package/dist/src/ui/tui/ink-ui.d.ts +0 -58
- package/dist/src/ui/tui/ink-ui.js +0 -125
- package/dist/src/ui/tui/ink-ui.js.map +0 -1
- package/dist/src/ui/tui/package.json +0 -1
- package/dist/src/ui/tui/playground/PlaygroundApp.d.ts +0 -12
- package/dist/src/ui/tui/playground/PlaygroundApp.js +0 -50
- package/dist/src/ui/tui/playground/PlaygroundApp.js.map +0 -1
- package/dist/src/ui/tui/playground/demos/HealthCheckDemo.d.ts +0 -11
- package/dist/src/ui/tui/playground/demos/HealthCheckDemo.js +0 -57
- package/dist/src/ui/tui/playground/demos/HealthCheckDemo.js.map +0 -1
- package/dist/src/ui/tui/playground/demos/InputDemo.d.ts +0 -4
- package/dist/src/ui/tui/playground/demos/InputDemo.js +0 -53
- package/dist/src/ui/tui/playground/demos/InputDemo.js.map +0 -1
- package/dist/src/ui/tui/playground/demos/LayoutDemo.d.ts +0 -5
- package/dist/src/ui/tui/playground/demos/LayoutDemo.js +0 -25
- package/dist/src/ui/tui/playground/demos/LayoutDemo.js.map +0 -1
- package/dist/src/ui/tui/playground/demos/LogDemo.d.ts +0 -5
- package/dist/src/ui/tui/playground/demos/LogDemo.js +0 -53
- package/dist/src/ui/tui/playground/demos/LogDemo.js.map +0 -1
- package/dist/src/ui/tui/playground/demos/McpDemo.d.ts +0 -12
- package/dist/src/ui/tui/playground/demos/McpDemo.js +0 -27
- package/dist/src/ui/tui/playground/demos/McpDemo.js.map +0 -1
- package/dist/src/ui/tui/playground/demos/ModalDemo.d.ts +0 -6
- package/dist/src/ui/tui/playground/demos/ModalDemo.js +0 -13
- package/dist/src/ui/tui/playground/demos/ModalDemo.js.map +0 -1
- package/dist/src/ui/tui/playground/demos/ProgressDemo.d.ts +0 -5
- package/dist/src/ui/tui/playground/demos/ProgressDemo.js +0 -58
- package/dist/src/ui/tui/playground/demos/ProgressDemo.js.map +0 -1
- package/dist/src/ui/tui/playground/demos/RunScreenDemo.d.ts +0 -11
- package/dist/src/ui/tui/playground/demos/RunScreenDemo.js +0 -159
- package/dist/src/ui/tui/playground/demos/RunScreenDemo.js.map +0 -1
- package/dist/src/ui/tui/playground/demos/WelcomeDemo.d.ts +0 -9
- package/dist/src/ui/tui/playground/demos/WelcomeDemo.js +0 -15
- package/dist/src/ui/tui/playground/demos/WelcomeDemo.js.map +0 -1
- package/dist/src/ui/tui/playground/start-playground.d.ts +0 -4
- package/dist/src/ui/tui/playground/start-playground.js +0 -24
- package/dist/src/ui/tui/playground/start-playground.js.map +0 -1
- package/dist/src/ui/tui/primitives/CardLayout.d.ts +0 -12
- package/dist/src/ui/tui/primitives/CardLayout.js +0 -10
- package/dist/src/ui/tui/primitives/CardLayout.js.map +0 -1
- package/dist/src/ui/tui/primitives/ConfirmationInput.d.ts +0 -13
- package/dist/src/ui/tui/primitives/ConfirmationInput.js +0 -35
- package/dist/src/ui/tui/primitives/ConfirmationInput.js.map +0 -1
- package/dist/src/ui/tui/primitives/ContentSequencer.d.ts +0 -42
- package/dist/src/ui/tui/primitives/ContentSequencer.js +0 -137
- package/dist/src/ui/tui/primitives/ContentSequencer.js.map +0 -1
- package/dist/src/ui/tui/primitives/DissolveTransition.d.ts +0 -21
- package/dist/src/ui/tui/primitives/DissolveTransition.js +0 -149
- package/dist/src/ui/tui/primitives/DissolveTransition.js.map +0 -1
- package/dist/src/ui/tui/primitives/Divider.d.ts +0 -6
- package/dist/src/ui/tui/primitives/Divider.js +0 -15
- package/dist/src/ui/tui/primitives/Divider.js.map +0 -1
- package/dist/src/ui/tui/primitives/EventPlanViewer.d.ts +0 -9
- package/dist/src/ui/tui/primitives/EventPlanViewer.js +0 -9
- package/dist/src/ui/tui/primitives/EventPlanViewer.js.map +0 -1
- package/dist/src/ui/tui/primitives/GroupedPickerMenu.d.ts +0 -23
- package/dist/src/ui/tui/primitives/GroupedPickerMenu.js +0 -182
- package/dist/src/ui/tui/primitives/GroupedPickerMenu.js.map +0 -1
- package/dist/src/ui/tui/primitives/HNViewer.d.ts +0 -7
- package/dist/src/ui/tui/primitives/HNViewer.js +0 -63
- package/dist/src/ui/tui/primitives/HNViewer.js.map +0 -1
- package/dist/src/ui/tui/primitives/LinesBlock.d.ts +0 -16
- package/dist/src/ui/tui/primitives/LinesBlock.js +0 -37
- package/dist/src/ui/tui/primitives/LinesBlock.js.map +0 -1
- package/dist/src/ui/tui/primitives/LoadingBox.d.ts +0 -8
- package/dist/src/ui/tui/primitives/LoadingBox.js +0 -10
- package/dist/src/ui/tui/primitives/LoadingBox.js.map +0 -1
- package/dist/src/ui/tui/primitives/LogViewer.d.ts +0 -11
- package/dist/src/ui/tui/primitives/LogViewer.js +0 -55
- package/dist/src/ui/tui/primitives/LogViewer.js.map +0 -1
- package/dist/src/ui/tui/primitives/ModalOverlay.d.ts +0 -25
- package/dist/src/ui/tui/primitives/ModalOverlay.js +0 -7
- package/dist/src/ui/tui/primitives/ModalOverlay.js.map +0 -1
- package/dist/src/ui/tui/primitives/NodeBlock.d.ts +0 -13
- package/dist/src/ui/tui/primitives/NodeBlock.js +0 -17
- package/dist/src/ui/tui/primitives/NodeBlock.js.map +0 -1
- package/dist/src/ui/tui/primitives/PickerMenu.d.ts +0 -20
- package/dist/src/ui/tui/primitives/PickerMenu.js +0 -143
- package/dist/src/ui/tui/primitives/PickerMenu.js.map +0 -1
- package/dist/src/ui/tui/primitives/ProgressList.d.ts +0 -15
- package/dist/src/ui/tui/primitives/ProgressList.js +0 -32
- package/dist/src/ui/tui/primitives/ProgressList.js.map +0 -1
- package/dist/src/ui/tui/primitives/PromptLabel.d.ts +0 -11
- package/dist/src/ui/tui/primitives/PromptLabel.js +0 -13
- package/dist/src/ui/tui/primitives/PromptLabel.js.map +0 -1
- package/dist/src/ui/tui/primitives/ScreenContainer.d.ts +0 -16
- package/dist/src/ui/tui/primitives/ScreenContainer.js +0 -36
- package/dist/src/ui/tui/primitives/ScreenContainer.js.map +0 -1
- package/dist/src/ui/tui/primitives/ScreenErrorBoundary.d.ts +0 -22
- package/dist/src/ui/tui/primitives/ScreenErrorBoundary.js +0 -35
- package/dist/src/ui/tui/primitives/ScreenErrorBoundary.js.map +0 -1
- package/dist/src/ui/tui/primitives/SplitView.d.ts +0 -11
- package/dist/src/ui/tui/primitives/SplitView.js +0 -9
- package/dist/src/ui/tui/primitives/SplitView.js.map +0 -1
- package/dist/src/ui/tui/primitives/TabContainer.d.ts +0 -23
- package/dist/src/ui/tui/primitives/TabContainer.js +0 -45
- package/dist/src/ui/tui/primitives/TabContainer.js.map +0 -1
- package/dist/src/ui/tui/primitives/TextBlock.d.ts +0 -41
- package/dist/src/ui/tui/primitives/TextBlock.js +0 -144
- package/dist/src/ui/tui/primitives/TextBlock.js.map +0 -1
- package/dist/src/ui/tui/primitives/content-types.d.ts +0 -37
- package/dist/src/ui/tui/primitives/content-types.js +0 -19
- package/dist/src/ui/tui/primitives/content-types.js.map +0 -1
- package/dist/src/ui/tui/primitives/index.d.ts +0 -27
- package/dist/src/ui/tui/primitives/index.js +0 -24
- package/dist/src/ui/tui/primitives/index.js.map +0 -1
- package/dist/src/ui/tui/primitives/layout-helpers.d.ts +0 -36
- package/dist/src/ui/tui/primitives/layout-helpers.js +0 -95
- package/dist/src/ui/tui/primitives/layout-helpers.js.map +0 -1
- package/dist/src/ui/tui/primitives/text-helpers.d.ts +0 -10
- package/dist/src/ui/tui/primitives/text-helpers.js +0 -43
- package/dist/src/ui/tui/primitives/text-helpers.js.map +0 -1
- package/dist/src/ui/tui/router.d.ts +0 -58
- package/dist/src/ui/tui/router.js +0 -96
- package/dist/src/ui/tui/router.js.map +0 -1
- package/dist/src/ui/tui/screen-registry.d.ts +0 -19
- package/dist/src/ui/tui/screen-registry.js +0 -46
- package/dist/src/ui/tui/screen-registry.js.map +0 -1
- package/dist/src/ui/tui/screens/AgentSkillIntroScreen.d.ts +0 -12
- package/dist/src/ui/tui/screens/AgentSkillIntroScreen.js +0 -75
- package/dist/src/ui/tui/screens/AgentSkillIntroScreen.js.map +0 -1
- package/dist/src/ui/tui/screens/AuthErrorScreen.d.ts +0 -7
- package/dist/src/ui/tui/screens/AuthErrorScreen.js +0 -16
- package/dist/src/ui/tui/screens/AuthErrorScreen.js.map +0 -1
- package/dist/src/ui/tui/screens/AuthScreen.d.ts +0 -13
- package/dist/src/ui/tui/screens/AuthScreen.js +0 -20
- package/dist/src/ui/tui/screens/AuthScreen.js.map +0 -1
- package/dist/src/ui/tui/screens/IntroScreenLayout.d.ts +0 -46
- package/dist/src/ui/tui/screens/IntroScreenLayout.js +0 -33
- package/dist/src/ui/tui/screens/IntroScreenLayout.js.map +0 -1
- package/dist/src/ui/tui/screens/KeepSkillsScreen.d.ts +0 -14
- package/dist/src/ui/tui/screens/KeepSkillsScreen.js +0 -74
- package/dist/src/ui/tui/screens/KeepSkillsScreen.js.map +0 -1
- package/dist/src/ui/tui/screens/ManagedSettingsScreen.d.ts +0 -13
- package/dist/src/ui/tui/screens/ManagedSettingsScreen.js +0 -32
- package/dist/src/ui/tui/screens/ManagedSettingsScreen.js.map +0 -1
- package/dist/src/ui/tui/screens/McpScreen.d.ts +0 -24
- package/dist/src/ui/tui/screens/McpScreen.js +0 -130
- package/dist/src/ui/tui/screens/McpScreen.js.map +0 -1
- package/dist/src/ui/tui/screens/OutroScreen.d.ts +0 -11
- package/dist/src/ui/tui/screens/OutroScreen.js +0 -22
- package/dist/src/ui/tui/screens/OutroScreen.js.map +0 -1
- package/dist/src/ui/tui/screens/PortConflictScreen.d.ts +0 -11
- package/dist/src/ui/tui/screens/PortConflictScreen.js +0 -30
- package/dist/src/ui/tui/screens/PortConflictScreen.js.map +0 -1
- package/dist/src/ui/tui/screens/PostHogIntegrationIntroScreen.d.ts +0 -15
- package/dist/src/ui/tui/screens/PostHogIntegrationIntroScreen.js +0 -135
- package/dist/src/ui/tui/screens/PostHogIntegrationIntroScreen.js.map +0 -1
- package/dist/src/ui/tui/screens/RevenueIntroScreen.d.ts +0 -16
- package/dist/src/ui/tui/screens/RevenueIntroScreen.js +0 -89
- package/dist/src/ui/tui/screens/RevenueIntroScreen.js.map +0 -1
- package/dist/src/ui/tui/screens/RunScreen.d.ts +0 -16
- package/dist/src/ui/tui/screens/RunScreen.js +0 -73
- package/dist/src/ui/tui/screens/RunScreen.js.map +0 -1
- package/dist/src/ui/tui/screens/SettingsOverrideScreen.d.ts +0 -6
- package/dist/src/ui/tui/screens/SettingsOverrideScreen.js +0 -30
- package/dist/src/ui/tui/screens/SettingsOverrideScreen.js.map +0 -1
- package/dist/src/ui/tui/screens/SetupScreen.d.ts +0 -13
- package/dist/src/ui/tui/screens/SetupScreen.js +0 -74
- package/dist/src/ui/tui/screens/SetupScreen.js.map +0 -1
- package/dist/src/ui/tui/screens/health/HealthCheckScreen.d.ts +0 -14
- package/dist/src/ui/tui/screens/health/HealthCheckScreen.js +0 -77
- package/dist/src/ui/tui/screens/health/HealthCheckScreen.js.map +0 -1
- package/dist/src/ui/tui/services/mcp-installer.d.ts +0 -21
- package/dist/src/ui/tui/services/mcp-installer.js +0 -58
- package/dist/src/ui/tui/services/mcp-installer.js.map +0 -1
- package/dist/src/ui/tui/start-tui.d.ts +0 -9
- package/dist/src/ui/tui/start-tui.js +0 -41
- package/dist/src/ui/tui/start-tui.js.map +0 -1
- package/dist/src/ui/tui/store.d.ts +0 -190
- package/dist/src/ui/tui/store.js +0 -474
- package/dist/src/ui/tui/store.js.map +0 -1
- package/dist/src/ui/tui/styles.d.ts +0 -32
- package/dist/src/ui/tui/styles.js +0 -35
- package/dist/src/ui/tui/styles.js.map +0 -1
- package/dist/src/ui/wizard-ui.d.ts +0 -81
- package/dist/src/ui/wizard-ui.js +0 -19
- package/dist/src/ui/wizard-ui.js.map +0 -1
- package/dist/src/utils/__tests__/analytics.test.d.ts +0 -1
- package/dist/src/utils/__tests__/analytics.test.js +0 -136
- package/dist/src/utils/__tests__/analytics.test.js.map +0 -1
- package/dist/src/utils/__tests__/provisioning.test.d.ts +0 -1
- package/dist/src/utils/__tests__/provisioning.test.js +0 -192
- package/dist/src/utils/__tests__/provisioning.test.js.map +0 -1
- package/dist/src/utils/__tests__/semver.test.d.ts +0 -1
- package/dist/src/utils/__tests__/semver.test.js +0 -159
- package/dist/src/utils/__tests__/semver.test.js.map +0 -1
- package/dist/src/utils/__tests__/setup-utils.test.d.ts +0 -1
- package/dist/src/utils/__tests__/setup-utils.test.js +0 -138
- package/dist/src/utils/__tests__/setup-utils.test.js.map +0 -1
- package/dist/src/utils/analytics.d.ts +0 -33
- package/dist/src/utils/analytics.js +0 -137
- package/dist/src/utils/analytics.js.map +0 -1
- package/dist/src/utils/anthropic-status.d.ts +0 -17
- package/dist/src/utils/anthropic-status.js +0 -49
- package/dist/src/utils/anthropic-status.js.map +0 -1
- package/dist/src/utils/bash.d.ts +0 -2
- package/dist/src/utils/bash.js +0 -54
- package/dist/src/utils/bash.js.map +0 -1
- package/dist/src/utils/custom-headers.d.ts +0 -9
- package/dist/src/utils/custom-headers.js +0 -24
- package/dist/src/utils/custom-headers.js.map +0 -1
- package/dist/src/utils/debug.d.ts +0 -29
- package/dist/src/utils/debug.js +0 -87
- package/dist/src/utils/debug.js.map +0 -1
- package/dist/src/utils/env-api-key.d.ts +0 -5
- package/dist/src/utils/env-api-key.js +0 -57
- package/dist/src/utils/env-api-key.js.map +0 -1
- package/dist/src/utils/environment.d.ts +0 -4
- package/dist/src/utils/environment.js +0 -77
- package/dist/src/utils/environment.js.map +0 -1
- package/dist/src/utils/file-utils.d.ts +0 -10
- package/dist/src/utils/file-utils.js +0 -49
- package/dist/src/utils/file-utils.js.map +0 -1
- package/dist/src/utils/logging.d.ts +0 -9
- package/dist/src/utils/logging.js +0 -47
- package/dist/src/utils/logging.js.map +0 -1
- package/dist/src/utils/oauth.d.ts +0 -33
- package/dist/src/utils/oauth.js +0 -288
- package/dist/src/utils/oauth.js.map +0 -1
- package/dist/src/utils/package-json.d.ts +0 -30
- package/dist/src/utils/package-json.js +0 -47
- package/dist/src/utils/package-json.js.map +0 -1
- package/dist/src/utils/package-manager.d.ts +0 -21
- package/dist/src/utils/package-manager.js +0 -210
- package/dist/src/utils/package-manager.js.map +0 -1
- package/dist/src/utils/provisioning.d.ts +0 -25
- package/dist/src/utils/provisioning.js +0 -191
- package/dist/src/utils/provisioning.js.map +0 -1
- package/dist/src/utils/rules/astro-rules.md +0 -44
- package/dist/src/utils/rules/next-rules.md +0 -9
- package/dist/src/utils/rules/react-native-rules.md +0 -7
- package/dist/src/utils/rules/react-rules.md +0 -7
- package/dist/src/utils/rules/svelte-rules.md +0 -7
- package/dist/src/utils/rules/universal.md +0 -32
- package/dist/src/utils/semver.d.ts +0 -21
- package/dist/src/utils/semver.js +0 -87
- package/dist/src/utils/semver.js.map +0 -1
- package/dist/src/utils/setup-utils.d.ts +0 -79
- package/dist/src/utils/setup-utils.js +0 -406
- package/dist/src/utils/setup-utils.js.map +0 -1
- package/dist/src/utils/string.d.ts +0 -1
- package/dist/src/utils/string.js +0 -9
- package/dist/src/utils/string.js.map +0 -1
- package/dist/src/utils/types.d.ts +0 -85
- package/dist/src/utils/types.js +0 -3
- package/dist/src/utils/types.js.map +0 -1
- package/dist/src/utils/urls.d.ts +0 -7
- package/dist/src/utils/urls.js +0 -78
- package/dist/src/utils/urls.js.map +0 -1
- package/dist/src/utils/vendor/is-unicorn-supported.d.ts +0 -1
- package/dist/src/utils/vendor/is-unicorn-supported.js +0 -24
- package/dist/src/utils/vendor/is-unicorn-supported.js.map +0 -1
- package/dist/src/utils/wizard-abort.d.ts +0 -16
- package/dist/src/utils/wizard-abort.js +0 -59
- package/dist/src/utils/wizard-abort.js.map +0 -1
|
@@ -1,328 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
/**
|
|
3
|
-
* YARA content scanner for the PostHog wizard.
|
|
4
|
-
*
|
|
5
|
-
* This file is the single source of truth for all wizard YARA rules.
|
|
6
|
-
*
|
|
7
|
-
* Scans tool inputs (pre-execution) and outputs (post-execution) for
|
|
8
|
-
* security violations including PII leakage, hardcoded secrets,
|
|
9
|
-
* prompt injection, and secret exfiltration.
|
|
10
|
-
*
|
|
11
|
-
* We use YARA-style regex rules rather than the real YARA C library to
|
|
12
|
-
* avoid native binary dependencies in an npx-distributed npm package.
|
|
13
|
-
*
|
|
14
|
-
* This is Layer 2 (L2) in the wizard's defense-in-depth model,
|
|
15
|
-
* complementing the prompt-based commandments (L0) and the
|
|
16
|
-
* canUseTool() allowlist (L1).
|
|
17
|
-
*/
|
|
18
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
19
|
-
exports.RULES = void 0;
|
|
20
|
-
exports.scan = scan;
|
|
21
|
-
exports.scanSkillDirectory = scanSkillDirectory;
|
|
22
|
-
// ─── Rule Definitions ────────────────────────────────────────────
|
|
23
|
-
//
|
|
24
|
-
// Patterns are compiled once at module load time for performance.
|
|
25
|
-
// Design spec: policies/yara/RULES.md
|
|
26
|
-
const POST_WRITE_EDIT = [
|
|
27
|
-
{ phase: 'PostToolUse', tool: 'Write' },
|
|
28
|
-
{ phase: 'PostToolUse', tool: 'Edit' },
|
|
29
|
-
];
|
|
30
|
-
const POST_READ_GREP = [
|
|
31
|
-
{ phase: 'PostToolUse', tool: 'Read' },
|
|
32
|
-
{ phase: 'PostToolUse', tool: 'Grep' },
|
|
33
|
-
];
|
|
34
|
-
const PRE_BASH = [
|
|
35
|
-
{ phase: 'PreToolUse', tool: 'Bash' },
|
|
36
|
-
];
|
|
37
|
-
// ── §1 PostHog API Violations ────────────────────────────────────
|
|
38
|
-
const pii_in_capture_call = {
|
|
39
|
-
name: 'pii_in_capture_call',
|
|
40
|
-
description: "Detects PII fields passed to posthog.capture() — violates 'NEVER send PII in capture()' commandment",
|
|
41
|
-
severity: 'high',
|
|
42
|
-
category: 'posthog_pii',
|
|
43
|
-
appliesTo: POST_WRITE_EDIT,
|
|
44
|
-
patterns: [
|
|
45
|
-
// Direct PII field names in capture properties
|
|
46
|
-
/\.capture\s*\([^)]{0,200}email/i,
|
|
47
|
-
/\.capture\s*\([^)]{0,200}phone/i,
|
|
48
|
-
/\.capture\s*\([^)]{0,200}full[_\s]?name/i,
|
|
49
|
-
/\.capture\s*\([^)]{0,200}first[_\s]?name/i,
|
|
50
|
-
/\.capture\s*\([^)]{0,200}last[_\s]?name/i,
|
|
51
|
-
/\.capture\s*\([^)]{0,200}(street|mailing|home|billing)[_\s]?address/i,
|
|
52
|
-
/\.capture\s*\([^)]{0,200}(ssn|social[_\s]?security)/i,
|
|
53
|
-
/\.capture\s*\([^)]{0,200}(date[_\s]?of[_\s]?birth|dob|birthday)/i,
|
|
54
|
-
/\.capture\s*\([^)]{0,200}\$ip/,
|
|
55
|
-
// identify() allows email/phone/name (standard PostHog user properties),
|
|
56
|
-
// but highly sensitive PII is still blocked in identify().
|
|
57
|
-
/\.identify\s*\([^)]{0,200}(ssn|social[_\s]?security)/i,
|
|
58
|
-
/\.identify\s*\([^)]{0,200}(card[_\s]?number|cvv|credit[_\s]?card)/i,
|
|
59
|
-
/\.identify\s*\([^)]{0,200}(date[_\s]?of[_\s]?birth|dob|birthday)/i,
|
|
60
|
-
/\.identify\s*\([^)]{0,200}(street|mailing|home|billing)[_\s]?address/i,
|
|
61
|
-
// PII in $set properties via capture (bound to same object)
|
|
62
|
-
/\$set[^}]{0,200}email/i,
|
|
63
|
-
/\$set[^}]{0,200}phone/i,
|
|
64
|
-
],
|
|
65
|
-
};
|
|
66
|
-
const hardcoded_posthog_key = {
|
|
67
|
-
name: 'hardcoded_posthog_key',
|
|
68
|
-
description: "Detects hardcoded PostHog API keys in source — violates 'use environment variables' commandment",
|
|
69
|
-
severity: 'high',
|
|
70
|
-
category: 'posthog_hardcoded_key',
|
|
71
|
-
appliesTo: POST_WRITE_EDIT,
|
|
72
|
-
patterns: [
|
|
73
|
-
// PostHog project API key (phc_ prefix, 20+ alphanumeric chars)
|
|
74
|
-
/phc_[a-zA-Z0-9]{20,}/,
|
|
75
|
-
// PostHog personal API key (phx_ prefix)
|
|
76
|
-
/phx_[a-zA-Z0-9]{20,}/,
|
|
77
|
-
// Hardcoded key assignment patterns
|
|
78
|
-
/apiKey\s*[:=]\s*['"][a-zA-Z0-9_]{20,}['"]/,
|
|
79
|
-
/api_key\s*[:=]\s*['"][a-zA-Z0-9_]{20,}['"]/,
|
|
80
|
-
/POSTHOG_PROJECT_TOKEN\s*[:=]\s*['"][a-zA-Z0-9_]{20,}['"]/,
|
|
81
|
-
],
|
|
82
|
-
};
|
|
83
|
-
const autocapture_disabled = {
|
|
84
|
-
name: 'autocapture_disabled',
|
|
85
|
-
description: "Detects agent disabling autocapture — violates 'don't disable autocapture' commandment",
|
|
86
|
-
severity: 'medium',
|
|
87
|
-
category: 'posthog_autocapture',
|
|
88
|
-
appliesTo: POST_WRITE_EDIT,
|
|
89
|
-
patterns: [
|
|
90
|
-
/autocapture\s*:\s*false/,
|
|
91
|
-
/autocapture\s*:\s*'false'/,
|
|
92
|
-
/autocapture\s*:\s*"false"/,
|
|
93
|
-
/autocapture\s*=\s*False/,
|
|
94
|
-
/disable_autocapture\s*[:=]\s*(true|True|1)/,
|
|
95
|
-
],
|
|
96
|
-
};
|
|
97
|
-
// ── §1b Additional PostHog config rules ──────────────────────────
|
|
98
|
-
const hardcoded_posthog_host = {
|
|
99
|
-
name: 'hardcoded_posthog_host',
|
|
100
|
-
description: 'Detects hardcoded PostHog host URLs in source — should use environment variables',
|
|
101
|
-
severity: 'high',
|
|
102
|
-
category: 'posthog_hardcoded_key',
|
|
103
|
-
appliesTo: POST_WRITE_EDIT,
|
|
104
|
-
patterns: [/['"]https:\/\/(us|eu)\.i\.posthog\.com['"]/],
|
|
105
|
-
};
|
|
106
|
-
const session_recording_disabled = {
|
|
107
|
-
name: 'session_recording_disabled',
|
|
108
|
-
description: 'Detects agent disabling session recording',
|
|
109
|
-
severity: 'medium',
|
|
110
|
-
category: 'posthog_config',
|
|
111
|
-
appliesTo: POST_WRITE_EDIT,
|
|
112
|
-
patterns: [
|
|
113
|
-
/disable_session_recording\s*:\s*true/i,
|
|
114
|
-
/disable_session_recording\s*=\s*True/,
|
|
115
|
-
],
|
|
116
|
-
};
|
|
117
|
-
const opt_out_capturing = {
|
|
118
|
-
name: 'opt_out_capturing',
|
|
119
|
-
description: 'Detects agent opting out of PostHog capturing entirely',
|
|
120
|
-
severity: 'medium',
|
|
121
|
-
category: 'posthog_config',
|
|
122
|
-
appliesTo: POST_WRITE_EDIT,
|
|
123
|
-
patterns: [
|
|
124
|
-
// Match opt_out_capturing as a config property (in init options), not as a method call.
|
|
125
|
-
// posthog.opt_out_capturing() is a legitimate GDPR-required API.
|
|
126
|
-
/opt_out_capturing\s*[:=]\s*(true|True|1)/i,
|
|
127
|
-
/opted_out\s*[:=]\s*(true|True|1)/i,
|
|
128
|
-
],
|
|
129
|
-
};
|
|
130
|
-
// ── §2 Prompt Injection ──────────────────────────────────────────
|
|
131
|
-
const prompt_injection_wizard_override = {
|
|
132
|
-
name: 'prompt_injection_wizard_override',
|
|
133
|
-
description: 'Detects classic prompt injection attempting to override agent instructions',
|
|
134
|
-
severity: 'critical',
|
|
135
|
-
category: 'prompt_injection',
|
|
136
|
-
appliesTo: POST_READ_GREP,
|
|
137
|
-
patterns: [
|
|
138
|
-
// Direct instruction override — classic injection patterns
|
|
139
|
-
/ignore previous instructions/i,
|
|
140
|
-
/disregard all/i,
|
|
141
|
-
/forget your instructions/i,
|
|
142
|
-
/override your rules/i,
|
|
143
|
-
// Role manipulation
|
|
144
|
-
/act as a different/i,
|
|
145
|
-
/new instructions:/i,
|
|
146
|
-
],
|
|
147
|
-
};
|
|
148
|
-
const prompt_injection_wizard_specific = {
|
|
149
|
-
name: 'prompt_injection_wizard_specific',
|
|
150
|
-
description: 'Detects wizard-specific manipulation or tool abuse attempts in project files',
|
|
151
|
-
severity: 'medium',
|
|
152
|
-
category: 'prompt_injection',
|
|
153
|
-
appliesTo: POST_READ_GREP,
|
|
154
|
-
patterns: [
|
|
155
|
-
// Wizard-specific manipulation
|
|
156
|
-
/skip posthog/i,
|
|
157
|
-
/do not install posthog/i,
|
|
158
|
-
/remove posthog/i,
|
|
159
|
-
/uninstall posthog/i,
|
|
160
|
-
/delete the posthog/i,
|
|
161
|
-
// Tool abuse via file content
|
|
162
|
-
/run the following command/i,
|
|
163
|
-
/execute this shell command/i,
|
|
164
|
-
// Role hijacking — require "you are now a" to avoid false positives
|
|
165
|
-
// on legitimate phrases like "you are now ready to..."
|
|
166
|
-
/you are now a\s/i,
|
|
167
|
-
],
|
|
168
|
-
};
|
|
169
|
-
const prompt_injection_base64 = {
|
|
170
|
-
name: 'prompt_injection_base64',
|
|
171
|
-
description: 'Detects suspicious base64-encoded blocks in file content that may contain obfuscated prompt injection',
|
|
172
|
-
severity: 'critical',
|
|
173
|
-
category: 'prompt_injection',
|
|
174
|
-
appliesTo: POST_READ_GREP,
|
|
175
|
-
patterns: [
|
|
176
|
-
// Long base64 strings (100+ chars) in comments or string literals
|
|
177
|
-
// that aren't typical data URIs or legitimate base64 content
|
|
178
|
-
/(?:\/\/|#|\/\*)\s*[A-Za-z0-9+/]{100,}={0,2}/,
|
|
179
|
-
],
|
|
180
|
-
};
|
|
181
|
-
// ── §3 Secret Exfiltration ───────────────────────────────────────
|
|
182
|
-
const secret_exfiltration_via_command = {
|
|
183
|
-
name: 'secret_exfiltration_via_command',
|
|
184
|
-
description: 'Detects shell commands attempting to exfiltrate secrets or credentials',
|
|
185
|
-
severity: 'critical',
|
|
186
|
-
category: 'exfiltration',
|
|
187
|
-
appliesTo: PRE_BASH,
|
|
188
|
-
patterns: [
|
|
189
|
-
// curl/wget with environment variable secrets
|
|
190
|
-
/curl\s+.*\$\{?[A-Z_]*(KEY|TOKEN|SECRET|PASSWORD|CREDENTIAL)/i,
|
|
191
|
-
/wget\s+.*\$\{?[A-Z_]*(KEY|TOKEN|SECRET|PASSWORD|CREDENTIAL)/i,
|
|
192
|
-
// Piping sensitive content to network tools
|
|
193
|
-
/(\$\{?[A-Z_]*(KEY|TOKEN|SECRET|PASSWORD)|\.env|credentials)\S*.*\|\s*curl/i,
|
|
194
|
-
/(\$\{?[A-Z_]*(KEY|TOKEN|SECRET|PASSWORD)|\.env|credentials)\S*.*\|\s*wget/i,
|
|
195
|
-
/\|\s*nc\s/,
|
|
196
|
-
/\|\s*netcat\s/,
|
|
197
|
-
// Base64 encoding piped to network
|
|
198
|
-
/base64.*\|\s*(curl|wget|nc\s)/i,
|
|
199
|
-
// Reading .env and sending
|
|
200
|
-
/cat\s+.*\.env.*\|\s*(curl|wget)/,
|
|
201
|
-
// PostHog key exfiltration specifically
|
|
202
|
-
/curl.*phc_[a-zA-Z0-9]/,
|
|
203
|
-
/wget.*phc_[a-zA-Z0-9]/,
|
|
204
|
-
],
|
|
205
|
-
};
|
|
206
|
-
// ── §4 Filesystem Safety ─────────────────────────────────────────
|
|
207
|
-
const destructive_rm = {
|
|
208
|
-
name: 'destructive_rm',
|
|
209
|
-
description: 'Detects rm -rf or rm -r commands that could mass-delete files',
|
|
210
|
-
severity: 'critical',
|
|
211
|
-
category: 'filesystem_safety',
|
|
212
|
-
appliesTo: PRE_BASH,
|
|
213
|
-
patterns: [
|
|
214
|
-
// Combined flags: rm -rf, rm -fr, rm -rfi, etc.
|
|
215
|
-
/\brm\s+(-[a-zA-Z]*r[a-zA-Z]*f|-[a-zA-Z]*f[a-zA-Z]*r)\b/,
|
|
216
|
-
// Separated flags: rm -r -f, rm -f -r (with optional other flags)
|
|
217
|
-
/\brm\s+(-[a-zA-Z]*\s+)*-[a-zA-Z]*r[a-zA-Z]*\s+(-[a-zA-Z]*\s+)*-[a-zA-Z]*f\b/,
|
|
218
|
-
/\brm\s+(-[a-zA-Z]*\s+)*-[a-zA-Z]*f[a-zA-Z]*\s+(-[a-zA-Z]*\s+)*-[a-zA-Z]*r\b/,
|
|
219
|
-
],
|
|
220
|
-
};
|
|
221
|
-
const git_force_push = {
|
|
222
|
-
name: 'git_force_push',
|
|
223
|
-
description: 'Detects git push --force which can overwrite remote history',
|
|
224
|
-
severity: 'critical',
|
|
225
|
-
category: 'filesystem_safety',
|
|
226
|
-
appliesTo: PRE_BASH,
|
|
227
|
-
patterns: [/git\s+push\s+.*--force/, /git\s+push\s+.*-f\b/],
|
|
228
|
-
};
|
|
229
|
-
const git_reset_hard = {
|
|
230
|
-
name: 'git_reset_hard',
|
|
231
|
-
description: 'Detects git reset --hard which discards all uncommitted changes',
|
|
232
|
-
severity: 'critical',
|
|
233
|
-
category: 'filesystem_safety',
|
|
234
|
-
appliesTo: PRE_BASH,
|
|
235
|
-
patterns: [/git\s+reset\s+--hard/],
|
|
236
|
-
};
|
|
237
|
-
// ── §5 Supply Chain ──────────────────────────────────────────────
|
|
238
|
-
const wrong_posthog_package = {
|
|
239
|
-
name: 'wrong_posthog_package',
|
|
240
|
-
description: 'Detects installing the wrong PostHog npm package — should be posthog-js or posthog-node',
|
|
241
|
-
severity: 'high',
|
|
242
|
-
category: 'supply_chain',
|
|
243
|
-
appliesTo: PRE_BASH,
|
|
244
|
-
patterns: [
|
|
245
|
-
// Match "npm install posthog" but not "posthog-js", "posthog-node", etc.
|
|
246
|
-
/npm\s+install\s+(?:--save\s+|--save-dev\s+|-[SD]\s+)*posthog(?!\s*-)/,
|
|
247
|
-
/pnpm\s+(?:add|install)\s+(?:--save\s+|--save-dev\s+|-[SD]\s+)*posthog(?!\s*-)/,
|
|
248
|
-
/yarn\s+add\s+(?:--dev\s+|-D\s+)*posthog(?!\s*-)/,
|
|
249
|
-
/bun\s+(?:add|install)\s+(?:--dev\s+|-[dD]\s+)*posthog(?!\s*-)/,
|
|
250
|
-
],
|
|
251
|
-
};
|
|
252
|
-
const npm_install_global = {
|
|
253
|
-
name: 'npm_install_global',
|
|
254
|
-
description: 'Detects global npm installs — should never install packages globally',
|
|
255
|
-
severity: 'high',
|
|
256
|
-
category: 'supply_chain',
|
|
257
|
-
appliesTo: PRE_BASH,
|
|
258
|
-
patterns: [/npm\s+install\s+-g\b/, /npm\s+install\s+--global\b/],
|
|
259
|
-
};
|
|
260
|
-
// ─── Rule Registry ───────────────────────────────────────────────
|
|
261
|
-
exports.RULES = [
|
|
262
|
-
// §1 PostHog API violations
|
|
263
|
-
pii_in_capture_call,
|
|
264
|
-
hardcoded_posthog_key,
|
|
265
|
-
autocapture_disabled,
|
|
266
|
-
hardcoded_posthog_host,
|
|
267
|
-
session_recording_disabled,
|
|
268
|
-
opt_out_capturing,
|
|
269
|
-
// §2 Prompt injection
|
|
270
|
-
prompt_injection_wizard_override,
|
|
271
|
-
prompt_injection_wizard_specific,
|
|
272
|
-
prompt_injection_base64,
|
|
273
|
-
// §3 Secret exfiltration
|
|
274
|
-
secret_exfiltration_via_command,
|
|
275
|
-
// §4 Filesystem safety
|
|
276
|
-
destructive_rm,
|
|
277
|
-
git_force_push,
|
|
278
|
-
git_reset_hard,
|
|
279
|
-
// §5 Supply chain
|
|
280
|
-
wrong_posthog_package,
|
|
281
|
-
npm_install_global,
|
|
282
|
-
];
|
|
283
|
-
// ─── Scan Engine ─────────────────────────────────────────────────
|
|
284
|
-
/** Maximum content length to scan (100 KB). Inputs beyond this are truncated. */
|
|
285
|
-
const MAX_SCAN_LENGTH = 100_000;
|
|
286
|
-
/**
|
|
287
|
-
* Scan content against rules applicable to a given hook phase and tool.
|
|
288
|
-
* Returns all matching rules (one match per rule, first pattern wins).
|
|
289
|
-
*/
|
|
290
|
-
function scan(content, phase, tool) {
|
|
291
|
-
// Cap input length to prevent pathological regex performance
|
|
292
|
-
const scanContent = content.length > MAX_SCAN_LENGTH
|
|
293
|
-
? content.slice(0, MAX_SCAN_LENGTH)
|
|
294
|
-
: content;
|
|
295
|
-
const applicableRules = exports.RULES.filter((r) => r.appliesTo.some((a) => a.phase === phase && a.tool === tool));
|
|
296
|
-
const matches = [];
|
|
297
|
-
for (const rule of applicableRules) {
|
|
298
|
-
for (const pattern of rule.patterns) {
|
|
299
|
-
const match = pattern.exec(scanContent);
|
|
300
|
-
if (match) {
|
|
301
|
-
matches.push({
|
|
302
|
-
rule,
|
|
303
|
-
matchedText: match[0],
|
|
304
|
-
offset: match.index,
|
|
305
|
-
});
|
|
306
|
-
break; // One match per rule is sufficient
|
|
307
|
-
}
|
|
308
|
-
}
|
|
309
|
-
}
|
|
310
|
-
return matches.length > 0 ? { matched: true, matches } : { matched: false };
|
|
311
|
-
}
|
|
312
|
-
/**
|
|
313
|
-
* Scan all files in a skill directory for prompt injection.
|
|
314
|
-
* Used for context-mill scanning after skill installation.
|
|
315
|
-
*/
|
|
316
|
-
function scanSkillDirectory(files) {
|
|
317
|
-
const allMatches = [];
|
|
318
|
-
for (const file of files) {
|
|
319
|
-
const result = scan(file.content, 'PostToolUse', 'Read');
|
|
320
|
-
if (result.matched) {
|
|
321
|
-
allMatches.push(...result.matches);
|
|
322
|
-
}
|
|
323
|
-
}
|
|
324
|
-
return allMatches.length > 0
|
|
325
|
-
? { matched: true, matches: allMatches }
|
|
326
|
-
: { matched: false };
|
|
327
|
-
}
|
|
328
|
-
//# sourceMappingURL=yara-scanner.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"yara-scanner.js","sourceRoot":"","sources":["../../../src/lib/yara-scanner.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;GAeG;;;AA+VH,oBA8BC;AAMD,gDAaC;AArWD,oEAAoE;AACpE,EAAE;AACF,kEAAkE;AAClE,sCAAsC;AAEtC,MAAM,eAAe,GAAkD;IACrE,EAAE,KAAK,EAAE,aAAa,EAAE,IAAI,EAAE,OAAO,EAAE;IACvC,EAAE,KAAK,EAAE,aAAa,EAAE,IAAI,EAAE,MAAM,EAAE;CACvC,CAAC;AAEF,MAAM,cAAc,GAAkD;IACpE,EAAE,KAAK,EAAE,aAAa,EAAE,IAAI,EAAE,MAAM,EAAE;IACtC,EAAE,KAAK,EAAE,aAAa,EAAE,IAAI,EAAE,MAAM,EAAE;CACvC,CAAC;AAEF,MAAM,QAAQ,GAAkD;IAC9D,EAAE,KAAK,EAAE,YAAY,EAAE,IAAI,EAAE,MAAM,EAAE;CACtC,CAAC;AAEF,oEAAoE;AAEpE,MAAM,mBAAmB,GAAa;IACpC,IAAI,EAAE,qBAAqB;IAC3B,WAAW,EACT,qGAAqG;IACvG,QAAQ,EAAE,MAAM;IAChB,QAAQ,EAAE,aAAa;IACvB,SAAS,EAAE,eAAe;IAC1B,QAAQ,EAAE;QACR,+CAA+C;QAC/C,iCAAiC;QACjC,iCAAiC;QACjC,0CAA0C;QAC1C,2CAA2C;QAC3C,0CAA0C;QAC1C,sEAAsE;QACtE,sDAAsD;QACtD,kEAAkE;QAClE,+BAA+B;QAC/B,yEAAyE;QACzE,2DAA2D;QAC3D,uDAAuD;QACvD,oEAAoE;QACpE,mEAAmE;QACnE,uEAAuE;QACvE,4DAA4D;QAC5D,wBAAwB;QACxB,wBAAwB;KACzB;CACF,CAAC;AAEF,MAAM,qBAAqB,GAAa;IACtC,IAAI,EAAE,uBAAuB;IAC7B,WAAW,EACT,iGAAiG;IACnG,QAAQ,EAAE,MAAM;IAChB,QAAQ,EAAE,uBAAuB;IACjC,SAAS,EAAE,eAAe;IAC1B,QAAQ,EAAE;QACR,gEAAgE;QAChE,sBAAsB;QACtB,yCAAyC;QACzC,sBAAsB;QACtB,oCAAoC;QACpC,2CAA2C;QAC3C,4CAA4C;QAC5C,0DAA0D;KAC3D;CACF,CAAC;AAEF,MAAM,oBAAoB,GAAa;IACrC,IAAI,EAAE,sBAAsB;IAC5B,WAAW,EACT,wFAAwF;IAC1F,QAAQ,EAAE,QAAQ;IAClB,QAAQ,EAAE,qBAAqB;IAC/B,SAAS,EAAE,eAAe;IAC1B,QAAQ,EAAE;QACR,yBAAyB;QACzB,2BAA2B;QAC3B,2BAA2B;QAC3B,yBAAyB;QACzB,4CAA4C;KAC7C;CACF,CAAC;AAEF,oEAAoE;AAEpE,MAAM,sBAAsB,GAAa;IACvC,IAAI,EAAE,wBAAwB;IAC9B,WAAW,EACT,kFAAkF;IACpF,QAAQ,EAAE,MAAM;IAChB,QAAQ,EAAE,uBAAuB;IACjC,SAAS,EAAE,eAAe;IAC1B,QAAQ,EAAE,CAAC,4CAA4C,CAAC;CACzD,CAAC;AAEF,MAAM,0BAA0B,GAAa;IAC3C,IAAI,EAAE,4BAA4B;IAClC,WAAW,EAAE,2CAA2C;IACxD,QAAQ,EAAE,QAAQ;IAClB,QAAQ,EAAE,gBAAgB;IAC1B,SAAS,EAAE,eAAe;IAC1B,QAAQ,EAAE;QACR,uCAAuC;QACvC,sCAAsC;KACvC;CACF,CAAC;AAEF,MAAM,iBAAiB,GAAa;IAClC,IAAI,EAAE,mBAAmB;IACzB,WAAW,EAAE,wDAAwD;IACrE,QAAQ,EAAE,QAAQ;IAClB,QAAQ,EAAE,gBAAgB;IAC1B,SAAS,EAAE,eAAe;IAC1B,QAAQ,EAAE;QACR,wFAAwF;QACxF,iEAAiE;QACjE,2CAA2C;QAC3C,mCAAmC;KACpC;CACF,CAAC;AAEF,oEAAoE;AAEpE,MAAM,gCAAgC,GAAa;IACjD,IAAI,EAAE,kCAAkC;IACxC,WAAW,EACT,4EAA4E;IAC9E,QAAQ,EAAE,UAAU;IACpB,QAAQ,EAAE,kBAAkB;IAC5B,SAAS,EAAE,cAAc;IACzB,QAAQ,EAAE;QACR,2DAA2D;QAC3D,+BAA+B;QAC/B,gBAAgB;QAChB,2BAA2B;QAC3B,sBAAsB;QACtB,oBAAoB;QACpB,qBAAqB;QACrB,oBAAoB;KACrB;CACF,CAAC;AAEF,MAAM,gCAAgC,GAAa;IACjD,IAAI,EAAE,kCAAkC;IACxC,WAAW,EACT,8EAA8E;IAChF,QAAQ,EAAE,QAAQ;IAClB,QAAQ,EAAE,kBAAkB;IAC5B,SAAS,EAAE,cAAc;IACzB,QAAQ,EAAE;QACR,+BAA+B;QAC/B,eAAe;QACf,yBAAyB;QACzB,iBAAiB;QACjB,oBAAoB;QACpB,qBAAqB;QACrB,8BAA8B;QAC9B,4BAA4B;QAC5B,6BAA6B;QAC7B,oEAAoE;QACpE,uDAAuD;QACvD,kBAAkB;KACnB;CACF,CAAC;AAEF,MAAM,uBAAuB,GAAa;IACxC,IAAI,EAAE,yBAAyB;IAC/B,WAAW,EACT,uGAAuG;IACzG,QAAQ,EAAE,UAAU;IACpB,QAAQ,EAAE,kBAAkB;IAC5B,SAAS,EAAE,cAAc;IACzB,QAAQ,EAAE;QACR,kEAAkE;QAClE,6DAA6D;QAC7D,6CAA6C;KAC9C;CACF,CAAC;AAEF,oEAAoE;AAEpE,MAAM,+BAA+B,GAAa;IAChD,IAAI,EAAE,iCAAiC;IACvC,WAAW,EACT,wEAAwE;IAC1E,QAAQ,EAAE,UAAU;IACpB,QAAQ,EAAE,cAAc;IACxB,SAAS,EAAE,QAAQ;IACnB,QAAQ,EAAE;QACR,8CAA8C;QAC9C,8DAA8D;QAC9D,8DAA8D;QAC9D,4CAA4C;QAC5C,4EAA4E;QAC5E,4EAA4E;QAC5E,WAAW;QACX,eAAe;QACf,mCAAmC;QACnC,gCAAgC;QAChC,2BAA2B;QAC3B,iCAAiC;QACjC,wCAAwC;QACxC,uBAAuB;QACvB,uBAAuB;KACxB;CACF,CAAC;AAEF,oEAAoE;AAEpE,MAAM,cAAc,GAAa;IAC/B,IAAI,EAAE,gBAAgB;IACtB,WAAW,EAAE,+DAA+D;IAC5E,QAAQ,EAAE,UAAU;IACpB,QAAQ,EAAE,mBAAmB;IAC7B,SAAS,EAAE,QAAQ;IACnB,QAAQ,EAAE;QACR,gDAAgD;QAChD,wDAAwD;QACxD,kEAAkE;QAClE,6EAA6E;QAC7E,6EAA6E;KAC9E;CACF,CAAC;AAEF,MAAM,cAAc,GAAa;IAC/B,IAAI,EAAE,gBAAgB;IACtB,WAAW,EAAE,6DAA6D;IAC1E,QAAQ,EAAE,UAAU;IACpB,QAAQ,EAAE,mBAAmB;IAC7B,SAAS,EAAE,QAAQ;IACnB,QAAQ,EAAE,CAAC,wBAAwB,EAAE,qBAAqB,CAAC;CAC5D,CAAC;AAEF,MAAM,cAAc,GAAa;IAC/B,IAAI,EAAE,gBAAgB;IACtB,WAAW,EACT,iEAAiE;IACnE,QAAQ,EAAE,UAAU;IACpB,QAAQ,EAAE,mBAAmB;IAC7B,SAAS,EAAE,QAAQ;IACnB,QAAQ,EAAE,CAAC,sBAAsB,CAAC;CACnC,CAAC;AAEF,oEAAoE;AAEpE,MAAM,qBAAqB,GAAa;IACtC,IAAI,EAAE,uBAAuB;IAC7B,WAAW,EACT,yFAAyF;IAC3F,QAAQ,EAAE,MAAM;IAChB,QAAQ,EAAE,cAAc;IACxB,SAAS,EAAE,QAAQ;IACnB,QAAQ,EAAE;QACR,yEAAyE;QACzE,sEAAsE;QACtE,+EAA+E;QAC/E,iDAAiD;QACjD,+DAA+D;KAChE;CACF,CAAC;AAEF,MAAM,kBAAkB,GAAa;IACnC,IAAI,EAAE,oBAAoB;IAC1B,WAAW,EACT,sEAAsE;IACxE,QAAQ,EAAE,MAAM;IAChB,QAAQ,EAAE,cAAc;IACxB,SAAS,EAAE,QAAQ;IACnB,QAAQ,EAAE,CAAC,sBAAsB,EAAE,4BAA4B,CAAC;CACjE,CAAC;AAEF,oEAAoE;AAEvD,QAAA,KAAK,GAAe;IAC/B,4BAA4B;IAC5B,mBAAmB;IACnB,qBAAqB;IACrB,oBAAoB;IACpB,sBAAsB;IACtB,0BAA0B;IAC1B,iBAAiB;IACjB,sBAAsB;IACtB,gCAAgC;IAChC,gCAAgC;IAChC,uBAAuB;IACvB,yBAAyB;IACzB,+BAA+B;IAC/B,uBAAuB;IACvB,cAAc;IACd,cAAc;IACd,cAAc;IACd,kBAAkB;IAClB,qBAAqB;IACrB,kBAAkB;CACnB,CAAC;AAEF,oEAAoE;AAEpE,iFAAiF;AACjF,MAAM,eAAe,GAAG,OAAO,CAAC;AAEhC;;;GAGG;AACH,SAAgB,IAAI,CAClB,OAAe,EACf,KAAgB,EAChB,IAAgB;IAEhB,6DAA6D;IAC7D,MAAM,WAAW,GACf,OAAO,CAAC,MAAM,GAAG,eAAe;QAC9B,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,eAAe,CAAC;QACnC,CAAC,CAAC,OAAO,CAAC;IACd,MAAM,eAAe,GAAG,aAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CACzC,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,KAAK,KAAK,IAAI,CAAC,CAAC,IAAI,KAAK,IAAI,CAAC,CAC9D,CAAC;IAEF,MAAM,OAAO,GAAgB,EAAE,CAAC;IAChC,KAAK,MAAM,IAAI,IAAI,eAAe,EAAE,CAAC;QACnC,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YACpC,MAAM,KAAK,GAAG,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;YACxC,IAAI,KAAK,EAAE,CAAC;gBACV,OAAO,CAAC,IAAI,CAAC;oBACX,IAAI;oBACJ,WAAW,EAAE,KAAK,CAAC,CAAC,CAAC;oBACrB,MAAM,EAAE,KAAK,CAAC,KAAK;iBACpB,CAAC,CAAC;gBACH,MAAM,CAAC,mCAAmC;YAC5C,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;AAC9E,CAAC;AAED;;;GAGG;AACH,SAAgB,kBAAkB,CAChC,KAA+C;IAE/C,MAAM,UAAU,GAAgB,EAAE,CAAC;IACnC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,aAAa,EAAE,MAAM,CAAC,CAAC;QACzD,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;YACnB,UAAU,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,OAAO,CAAC,CAAC;QACrC,CAAC;IACH,CAAC;IACD,OAAO,UAAU,CAAC,MAAM,GAAG,CAAC;QAC1B,CAAC,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,UAAU,EAAE;QACxC,CAAC,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;AACzB,CAAC","sourcesContent":["/**\n * YARA content scanner for the PostHog wizard.\n *\n * This file is the single source of truth for all wizard YARA rules.\n *\n * Scans tool inputs (pre-execution) and outputs (post-execution) for\n * security violations including PII leakage, hardcoded secrets,\n * prompt injection, and secret exfiltration.\n *\n * We use YARA-style regex rules rather than the real YARA C library to\n * avoid native binary dependencies in an npx-distributed npm package.\n *\n * This is Layer 2 (L2) in the wizard's defense-in-depth model,\n * complementing the prompt-based commandments (L0) and the\n * canUseTool() allowlist (L1).\n */\n\n// ─── Types ───────────────────────────────────────────────────────\n\nexport type YaraSeverity = 'critical' | 'high' | 'medium' | 'low';\n\nexport type YaraCategory =\n | 'posthog_pii'\n | 'posthog_hardcoded_key'\n | 'posthog_autocapture'\n | 'posthog_config'\n | 'prompt_injection'\n | 'exfiltration'\n | 'filesystem_safety'\n | 'supply_chain';\n\nexport type HookPhase = 'PreToolUse' | 'PostToolUse';\nexport type ToolTarget = 'Bash' | 'Write' | 'Edit' | 'Read' | 'Grep';\n\nexport interface YaraRule {\n /** Rule name matching the .yar file (e.g. 'pii_in_capture_call') */\n name: string;\n description: string;\n severity: YaraSeverity;\n category: YaraCategory;\n /** Which hook+tool combinations this rule applies to */\n appliesTo: Array<{ phase: HookPhase; tool: ToolTarget }>;\n /** Compiled regex patterns — any match triggers the rule */\n patterns: RegExp[];\n}\n\nexport interface YaraMatch {\n rule: YaraRule;\n /** The matched substring */\n matchedText: string;\n /** Byte offset in the scanned content */\n offset: number;\n}\n\nexport type ScanResult =\n | { matched: false }\n | { matched: true; matches: YaraMatch[] };\n\n// ─── Rule Definitions ────────────────────────────────────────────\n//\n// Patterns are compiled once at module load time for performance.\n// Design spec: policies/yara/RULES.md\n\nconst POST_WRITE_EDIT: Array<{ phase: HookPhase; tool: ToolTarget }> = [\n { phase: 'PostToolUse', tool: 'Write' },\n { phase: 'PostToolUse', tool: 'Edit' },\n];\n\nconst POST_READ_GREP: Array<{ phase: HookPhase; tool: ToolTarget }> = [\n { phase: 'PostToolUse', tool: 'Read' },\n { phase: 'PostToolUse', tool: 'Grep' },\n];\n\nconst PRE_BASH: Array<{ phase: HookPhase; tool: ToolTarget }> = [\n { phase: 'PreToolUse', tool: 'Bash' },\n];\n\n// ── §1 PostHog API Violations ────────────────────────────────────\n\nconst pii_in_capture_call: YaraRule = {\n name: 'pii_in_capture_call',\n description:\n \"Detects PII fields passed to posthog.capture() — violates 'NEVER send PII in capture()' commandment\",\n severity: 'high',\n category: 'posthog_pii',\n appliesTo: POST_WRITE_EDIT,\n patterns: [\n // Direct PII field names in capture properties\n /\\.capture\\s*\\([^)]{0,200}email/i,\n /\\.capture\\s*\\([^)]{0,200}phone/i,\n /\\.capture\\s*\\([^)]{0,200}full[_\\s]?name/i,\n /\\.capture\\s*\\([^)]{0,200}first[_\\s]?name/i,\n /\\.capture\\s*\\([^)]{0,200}last[_\\s]?name/i,\n /\\.capture\\s*\\([^)]{0,200}(street|mailing|home|billing)[_\\s]?address/i,\n /\\.capture\\s*\\([^)]{0,200}(ssn|social[_\\s]?security)/i,\n /\\.capture\\s*\\([^)]{0,200}(date[_\\s]?of[_\\s]?birth|dob|birthday)/i,\n /\\.capture\\s*\\([^)]{0,200}\\$ip/,\n // identify() allows email/phone/name (standard PostHog user properties),\n // but highly sensitive PII is still blocked in identify().\n /\\.identify\\s*\\([^)]{0,200}(ssn|social[_\\s]?security)/i,\n /\\.identify\\s*\\([^)]{0,200}(card[_\\s]?number|cvv|credit[_\\s]?card)/i,\n /\\.identify\\s*\\([^)]{0,200}(date[_\\s]?of[_\\s]?birth|dob|birthday)/i,\n /\\.identify\\s*\\([^)]{0,200}(street|mailing|home|billing)[_\\s]?address/i,\n // PII in $set properties via capture (bound to same object)\n /\\$set[^}]{0,200}email/i,\n /\\$set[^}]{0,200}phone/i,\n ],\n};\n\nconst hardcoded_posthog_key: YaraRule = {\n name: 'hardcoded_posthog_key',\n description:\n \"Detects hardcoded PostHog API keys in source — violates 'use environment variables' commandment\",\n severity: 'high',\n category: 'posthog_hardcoded_key',\n appliesTo: POST_WRITE_EDIT,\n patterns: [\n // PostHog project API key (phc_ prefix, 20+ alphanumeric chars)\n /phc_[a-zA-Z0-9]{20,}/,\n // PostHog personal API key (phx_ prefix)\n /phx_[a-zA-Z0-9]{20,}/,\n // Hardcoded key assignment patterns\n /apiKey\\s*[:=]\\s*['\"][a-zA-Z0-9_]{20,}['\"]/,\n /api_key\\s*[:=]\\s*['\"][a-zA-Z0-9_]{20,}['\"]/,\n /POSTHOG_PROJECT_TOKEN\\s*[:=]\\s*['\"][a-zA-Z0-9_]{20,}['\"]/,\n ],\n};\n\nconst autocapture_disabled: YaraRule = {\n name: 'autocapture_disabled',\n description:\n \"Detects agent disabling autocapture — violates 'don't disable autocapture' commandment\",\n severity: 'medium',\n category: 'posthog_autocapture',\n appliesTo: POST_WRITE_EDIT,\n patterns: [\n /autocapture\\s*:\\s*false/,\n /autocapture\\s*:\\s*'false'/,\n /autocapture\\s*:\\s*\"false\"/,\n /autocapture\\s*=\\s*False/,\n /disable_autocapture\\s*[:=]\\s*(true|True|1)/,\n ],\n};\n\n// ── §1b Additional PostHog config rules ──────────────────────────\n\nconst hardcoded_posthog_host: YaraRule = {\n name: 'hardcoded_posthog_host',\n description:\n 'Detects hardcoded PostHog host URLs in source — should use environment variables',\n severity: 'high',\n category: 'posthog_hardcoded_key',\n appliesTo: POST_WRITE_EDIT,\n patterns: [/['\"]https:\\/\\/(us|eu)\\.i\\.posthog\\.com['\"]/],\n};\n\nconst session_recording_disabled: YaraRule = {\n name: 'session_recording_disabled',\n description: 'Detects agent disabling session recording',\n severity: 'medium',\n category: 'posthog_config',\n appliesTo: POST_WRITE_EDIT,\n patterns: [\n /disable_session_recording\\s*:\\s*true/i,\n /disable_session_recording\\s*=\\s*True/,\n ],\n};\n\nconst opt_out_capturing: YaraRule = {\n name: 'opt_out_capturing',\n description: 'Detects agent opting out of PostHog capturing entirely',\n severity: 'medium',\n category: 'posthog_config',\n appliesTo: POST_WRITE_EDIT,\n patterns: [\n // Match opt_out_capturing as a config property (in init options), not as a method call.\n // posthog.opt_out_capturing() is a legitimate GDPR-required API.\n /opt_out_capturing\\s*[:=]\\s*(true|True|1)/i,\n /opted_out\\s*[:=]\\s*(true|True|1)/i,\n ],\n};\n\n// ── §2 Prompt Injection ──────────────────────────────────────────\n\nconst prompt_injection_wizard_override: YaraRule = {\n name: 'prompt_injection_wizard_override',\n description:\n 'Detects classic prompt injection attempting to override agent instructions',\n severity: 'critical',\n category: 'prompt_injection',\n appliesTo: POST_READ_GREP,\n patterns: [\n // Direct instruction override — classic injection patterns\n /ignore previous instructions/i,\n /disregard all/i,\n /forget your instructions/i,\n /override your rules/i,\n // Role manipulation\n /act as a different/i,\n /new instructions:/i,\n ],\n};\n\nconst prompt_injection_wizard_specific: YaraRule = {\n name: 'prompt_injection_wizard_specific',\n description:\n 'Detects wizard-specific manipulation or tool abuse attempts in project files',\n severity: 'medium',\n category: 'prompt_injection',\n appliesTo: POST_READ_GREP,\n patterns: [\n // Wizard-specific manipulation\n /skip posthog/i,\n /do not install posthog/i,\n /remove posthog/i,\n /uninstall posthog/i,\n /delete the posthog/i,\n // Tool abuse via file content\n /run the following command/i,\n /execute this shell command/i,\n // Role hijacking — require \"you are now a\" to avoid false positives\n // on legitimate phrases like \"you are now ready to...\"\n /you are now a\\s/i,\n ],\n};\n\nconst prompt_injection_base64: YaraRule = {\n name: 'prompt_injection_base64',\n description:\n 'Detects suspicious base64-encoded blocks in file content that may contain obfuscated prompt injection',\n severity: 'critical',\n category: 'prompt_injection',\n appliesTo: POST_READ_GREP,\n patterns: [\n // Long base64 strings (100+ chars) in comments or string literals\n // that aren't typical data URIs or legitimate base64 content\n /(?:\\/\\/|#|\\/\\*)\\s*[A-Za-z0-9+/]{100,}={0,2}/,\n ],\n};\n\n// ── §3 Secret Exfiltration ───────────────────────────────────────\n\nconst secret_exfiltration_via_command: YaraRule = {\n name: 'secret_exfiltration_via_command',\n description:\n 'Detects shell commands attempting to exfiltrate secrets or credentials',\n severity: 'critical',\n category: 'exfiltration',\n appliesTo: PRE_BASH,\n patterns: [\n // curl/wget with environment variable secrets\n /curl\\s+.*\\$\\{?[A-Z_]*(KEY|TOKEN|SECRET|PASSWORD|CREDENTIAL)/i,\n /wget\\s+.*\\$\\{?[A-Z_]*(KEY|TOKEN|SECRET|PASSWORD|CREDENTIAL)/i,\n // Piping sensitive content to network tools\n /(\\$\\{?[A-Z_]*(KEY|TOKEN|SECRET|PASSWORD)|\\.env|credentials)\\S*.*\\|\\s*curl/i,\n /(\\$\\{?[A-Z_]*(KEY|TOKEN|SECRET|PASSWORD)|\\.env|credentials)\\S*.*\\|\\s*wget/i,\n /\\|\\s*nc\\s/,\n /\\|\\s*netcat\\s/,\n // Base64 encoding piped to network\n /base64.*\\|\\s*(curl|wget|nc\\s)/i,\n // Reading .env and sending\n /cat\\s+.*\\.env.*\\|\\s*(curl|wget)/,\n // PostHog key exfiltration specifically\n /curl.*phc_[a-zA-Z0-9]/,\n /wget.*phc_[a-zA-Z0-9]/,\n ],\n};\n\n// ── §4 Filesystem Safety ─────────────────────────────────────────\n\nconst destructive_rm: YaraRule = {\n name: 'destructive_rm',\n description: 'Detects rm -rf or rm -r commands that could mass-delete files',\n severity: 'critical',\n category: 'filesystem_safety',\n appliesTo: PRE_BASH,\n patterns: [\n // Combined flags: rm -rf, rm -fr, rm -rfi, etc.\n /\\brm\\s+(-[a-zA-Z]*r[a-zA-Z]*f|-[a-zA-Z]*f[a-zA-Z]*r)\\b/,\n // Separated flags: rm -r -f, rm -f -r (with optional other flags)\n /\\brm\\s+(-[a-zA-Z]*\\s+)*-[a-zA-Z]*r[a-zA-Z]*\\s+(-[a-zA-Z]*\\s+)*-[a-zA-Z]*f\\b/,\n /\\brm\\s+(-[a-zA-Z]*\\s+)*-[a-zA-Z]*f[a-zA-Z]*\\s+(-[a-zA-Z]*\\s+)*-[a-zA-Z]*r\\b/,\n ],\n};\n\nconst git_force_push: YaraRule = {\n name: 'git_force_push',\n description: 'Detects git push --force which can overwrite remote history',\n severity: 'critical',\n category: 'filesystem_safety',\n appliesTo: PRE_BASH,\n patterns: [/git\\s+push\\s+.*--force/, /git\\s+push\\s+.*-f\\b/],\n};\n\nconst git_reset_hard: YaraRule = {\n name: 'git_reset_hard',\n description:\n 'Detects git reset --hard which discards all uncommitted changes',\n severity: 'critical',\n category: 'filesystem_safety',\n appliesTo: PRE_BASH,\n patterns: [/git\\s+reset\\s+--hard/],\n};\n\n// ── §5 Supply Chain ──────────────────────────────────────────────\n\nconst wrong_posthog_package: YaraRule = {\n name: 'wrong_posthog_package',\n description:\n 'Detects installing the wrong PostHog npm package — should be posthog-js or posthog-node',\n severity: 'high',\n category: 'supply_chain',\n appliesTo: PRE_BASH,\n patterns: [\n // Match \"npm install posthog\" but not \"posthog-js\", \"posthog-node\", etc.\n /npm\\s+install\\s+(?:--save\\s+|--save-dev\\s+|-[SD]\\s+)*posthog(?!\\s*-)/,\n /pnpm\\s+(?:add|install)\\s+(?:--save\\s+|--save-dev\\s+|-[SD]\\s+)*posthog(?!\\s*-)/,\n /yarn\\s+add\\s+(?:--dev\\s+|-D\\s+)*posthog(?!\\s*-)/,\n /bun\\s+(?:add|install)\\s+(?:--dev\\s+|-[dD]\\s+)*posthog(?!\\s*-)/,\n ],\n};\n\nconst npm_install_global: YaraRule = {\n name: 'npm_install_global',\n description:\n 'Detects global npm installs — should never install packages globally',\n severity: 'high',\n category: 'supply_chain',\n appliesTo: PRE_BASH,\n patterns: [/npm\\s+install\\s+-g\\b/, /npm\\s+install\\s+--global\\b/],\n};\n\n// ─── Rule Registry ───────────────────────────────────────────────\n\nexport const RULES: YaraRule[] = [\n // §1 PostHog API violations\n pii_in_capture_call,\n hardcoded_posthog_key,\n autocapture_disabled,\n hardcoded_posthog_host,\n session_recording_disabled,\n opt_out_capturing,\n // §2 Prompt injection\n prompt_injection_wizard_override,\n prompt_injection_wizard_specific,\n prompt_injection_base64,\n // §3 Secret exfiltration\n secret_exfiltration_via_command,\n // §4 Filesystem safety\n destructive_rm,\n git_force_push,\n git_reset_hard,\n // §5 Supply chain\n wrong_posthog_package,\n npm_install_global,\n];\n\n// ─── Scan Engine ─────────────────────────────────────────────────\n\n/** Maximum content length to scan (100 KB). Inputs beyond this are truncated. */\nconst MAX_SCAN_LENGTH = 100_000;\n\n/**\n * Scan content against rules applicable to a given hook phase and tool.\n * Returns all matching rules (one match per rule, first pattern wins).\n */\nexport function scan(\n content: string,\n phase: HookPhase,\n tool: ToolTarget,\n): ScanResult {\n // Cap input length to prevent pathological regex performance\n const scanContent =\n content.length > MAX_SCAN_LENGTH\n ? content.slice(0, MAX_SCAN_LENGTH)\n : content;\n const applicableRules = RULES.filter((r) =>\n r.appliesTo.some((a) => a.phase === phase && a.tool === tool),\n );\n\n const matches: YaraMatch[] = [];\n for (const rule of applicableRules) {\n for (const pattern of rule.patterns) {\n const match = pattern.exec(scanContent);\n if (match) {\n matches.push({\n rule,\n matchedText: match[0],\n offset: match.index,\n });\n break; // One match per rule is sufficient\n }\n }\n }\n\n return matches.length > 0 ? { matched: true, matches } : { matched: false };\n}\n\n/**\n * Scan all files in a skill directory for prompt injection.\n * Used for context-mill scanning after skill installation.\n */\nexport function scanSkillDirectory(\n files: Array<{ path: string; content: string }>,\n): ScanResult {\n const allMatches: YaraMatch[] = [];\n for (const file of files) {\n const result = scan(file.content, 'PostToolUse', 'Read');\n if (result.matched) {\n allMatches.push(...result.matches);\n }\n }\n return allMatches.length > 0\n ? { matched: true, matches: allMatches }\n : { matched: false };\n}\n"]}
|
|
@@ -1,30 +0,0 @@
|
|
|
1
|
-
export type MCPServerConfig = Record<string, unknown>;
|
|
2
|
-
export declare abstract class MCPClient {
|
|
3
|
-
name: string;
|
|
4
|
-
abstract getConfigPath(): Promise<string>;
|
|
5
|
-
abstract getServerPropertyName(): string;
|
|
6
|
-
abstract isServerInstalled(local?: boolean): Promise<boolean>;
|
|
7
|
-
abstract addServer(apiKey?: string, selectedFeatures?: string[], local?: boolean): Promise<{
|
|
8
|
-
success: boolean;
|
|
9
|
-
}>;
|
|
10
|
-
abstract removeServer(local?: boolean): Promise<{
|
|
11
|
-
success: boolean;
|
|
12
|
-
}>;
|
|
13
|
-
abstract isClientSupported(): Promise<boolean>;
|
|
14
|
-
}
|
|
15
|
-
export declare abstract class DefaultMCPClient extends MCPClient {
|
|
16
|
-
name: string;
|
|
17
|
-
constructor();
|
|
18
|
-
getServerPropertyName(): string;
|
|
19
|
-
getServerConfig(apiKey: string | undefined, type: 'sse' | 'streamable-http', selectedFeatures?: string[], local?: boolean): MCPServerConfig;
|
|
20
|
-
isServerInstalled(local?: boolean): Promise<boolean>;
|
|
21
|
-
addServer(apiKey?: string, selectedFeatures?: string[], local?: boolean): Promise<{
|
|
22
|
-
success: boolean;
|
|
23
|
-
}>;
|
|
24
|
-
_addServerType(apiKey: string | undefined, type: 'sse' | 'streamable-http', selectedFeatures?: string[], local?: boolean): Promise<{
|
|
25
|
-
success: boolean;
|
|
26
|
-
}>;
|
|
27
|
-
removeServer(local?: boolean): Promise<{
|
|
28
|
-
success: boolean;
|
|
29
|
-
}>;
|
|
30
|
-
}
|
|
@@ -1,138 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
-
if (k2 === undefined) k2 = k;
|
|
4
|
-
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
-
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
-
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
-
}
|
|
8
|
-
Object.defineProperty(o, k2, desc);
|
|
9
|
-
}) : (function(o, m, k, k2) {
|
|
10
|
-
if (k2 === undefined) k2 = k;
|
|
11
|
-
o[k2] = m[k];
|
|
12
|
-
}));
|
|
13
|
-
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
14
|
-
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
15
|
-
}) : function(o, v) {
|
|
16
|
-
o["default"] = v;
|
|
17
|
-
});
|
|
18
|
-
var __importStar = (this && this.__importStar) || (function () {
|
|
19
|
-
var ownKeys = function(o) {
|
|
20
|
-
ownKeys = Object.getOwnPropertyNames || function (o) {
|
|
21
|
-
var ar = [];
|
|
22
|
-
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
|
|
23
|
-
return ar;
|
|
24
|
-
};
|
|
25
|
-
return ownKeys(o);
|
|
26
|
-
};
|
|
27
|
-
return function (mod) {
|
|
28
|
-
if (mod && mod.__esModule) return mod;
|
|
29
|
-
var result = {};
|
|
30
|
-
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
|
|
31
|
-
__setModuleDefault(result, mod);
|
|
32
|
-
return result;
|
|
33
|
-
};
|
|
34
|
-
})();
|
|
35
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
36
|
-
exports.DefaultMCPClient = exports.MCPClient = void 0;
|
|
37
|
-
const fs = __importStar(require("fs"));
|
|
38
|
-
const path = __importStar(require("path"));
|
|
39
|
-
const jsonc = __importStar(require("jsonc-parser"));
|
|
40
|
-
const defaults_1 = require("./defaults");
|
|
41
|
-
class MCPClient {
|
|
42
|
-
name;
|
|
43
|
-
}
|
|
44
|
-
exports.MCPClient = MCPClient;
|
|
45
|
-
class DefaultMCPClient extends MCPClient {
|
|
46
|
-
name = 'Default';
|
|
47
|
-
constructor() {
|
|
48
|
-
super();
|
|
49
|
-
}
|
|
50
|
-
getServerPropertyName() {
|
|
51
|
-
return 'mcpServers';
|
|
52
|
-
}
|
|
53
|
-
getServerConfig(apiKey, type, selectedFeatures, local) {
|
|
54
|
-
return (0, defaults_1.getDefaultServerConfig)(apiKey, type, selectedFeatures, local);
|
|
55
|
-
}
|
|
56
|
-
async isServerInstalled(local) {
|
|
57
|
-
try {
|
|
58
|
-
const configPath = await this.getConfigPath();
|
|
59
|
-
if (!fs.existsSync(configPath)) {
|
|
60
|
-
return false;
|
|
61
|
-
}
|
|
62
|
-
const configContent = await fs.promises.readFile(configPath, 'utf8');
|
|
63
|
-
const config = jsonc.parse(configContent);
|
|
64
|
-
const serverPropertyName = this.getServerPropertyName();
|
|
65
|
-
const serverName = local ? 'posthog-local' : 'posthog';
|
|
66
|
-
return (serverPropertyName in config && serverName in config[serverPropertyName]);
|
|
67
|
-
}
|
|
68
|
-
catch {
|
|
69
|
-
return false;
|
|
70
|
-
}
|
|
71
|
-
}
|
|
72
|
-
async addServer(apiKey, selectedFeatures, local) {
|
|
73
|
-
return this._addServerType(apiKey, 'sse', selectedFeatures, local);
|
|
74
|
-
}
|
|
75
|
-
async _addServerType(apiKey, type, selectedFeatures, local) {
|
|
76
|
-
try {
|
|
77
|
-
const configPath = await this.getConfigPath();
|
|
78
|
-
const configDir = path.dirname(configPath);
|
|
79
|
-
await fs.promises.mkdir(configDir, { recursive: true });
|
|
80
|
-
const serverPropertyName = this.getServerPropertyName();
|
|
81
|
-
let configContent = '';
|
|
82
|
-
let existingConfig = {};
|
|
83
|
-
if (fs.existsSync(configPath)) {
|
|
84
|
-
configContent = await fs.promises.readFile(configPath, 'utf8');
|
|
85
|
-
existingConfig = jsonc.parse(configContent) || {};
|
|
86
|
-
}
|
|
87
|
-
const newServerConfig = this.getServerConfig(apiKey, type, selectedFeatures, local);
|
|
88
|
-
const typedConfig = existingConfig;
|
|
89
|
-
if (!typedConfig[serverPropertyName]) {
|
|
90
|
-
typedConfig[serverPropertyName] = {};
|
|
91
|
-
}
|
|
92
|
-
const serverName = local ? 'posthog-local' : 'posthog';
|
|
93
|
-
typedConfig[serverPropertyName][serverName] = newServerConfig;
|
|
94
|
-
const edits = jsonc.modify(configContent, [serverPropertyName, serverName], newServerConfig, {
|
|
95
|
-
formattingOptions: {
|
|
96
|
-
tabSize: 2,
|
|
97
|
-
insertSpaces: true,
|
|
98
|
-
},
|
|
99
|
-
});
|
|
100
|
-
const modifiedContent = jsonc.applyEdits(configContent, edits);
|
|
101
|
-
await fs.promises.writeFile(configPath, modifiedContent, 'utf8');
|
|
102
|
-
return { success: true };
|
|
103
|
-
}
|
|
104
|
-
catch {
|
|
105
|
-
return { success: false };
|
|
106
|
-
}
|
|
107
|
-
}
|
|
108
|
-
async removeServer(local) {
|
|
109
|
-
try {
|
|
110
|
-
const configPath = await this.getConfigPath();
|
|
111
|
-
if (!fs.existsSync(configPath)) {
|
|
112
|
-
return { success: false };
|
|
113
|
-
}
|
|
114
|
-
const configContent = await fs.promises.readFile(configPath, 'utf8');
|
|
115
|
-
const config = jsonc.parse(configContent);
|
|
116
|
-
const serverPropertyName = this.getServerPropertyName();
|
|
117
|
-
const serverName = local ? 'posthog-local' : 'posthog';
|
|
118
|
-
if (serverPropertyName in config &&
|
|
119
|
-
serverName in config[serverPropertyName]) {
|
|
120
|
-
const edits = jsonc.modify(configContent, [serverPropertyName, serverName], undefined, {
|
|
121
|
-
formattingOptions: {
|
|
122
|
-
tabSize: 2,
|
|
123
|
-
insertSpaces: true,
|
|
124
|
-
},
|
|
125
|
-
});
|
|
126
|
-
const modifiedContent = jsonc.applyEdits(configContent, edits);
|
|
127
|
-
await fs.promises.writeFile(configPath, modifiedContent, 'utf8');
|
|
128
|
-
return { success: true };
|
|
129
|
-
}
|
|
130
|
-
}
|
|
131
|
-
catch {
|
|
132
|
-
//
|
|
133
|
-
}
|
|
134
|
-
return { success: false };
|
|
135
|
-
}
|
|
136
|
-
}
|
|
137
|
-
exports.DefaultMCPClient = DefaultMCPClient;
|
|
138
|
-
//# sourceMappingURL=MCPClient.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"MCPClient.js","sourceRoot":"","sources":["../../../../src/steps/add-mcp-server-to-clients/MCPClient.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAyB;AACzB,2CAA6B;AAC7B,oDAAsC;AACtC,yCAAoD;AAIpD,MAAsB,SAAS;IAC7B,IAAI,CAAS;CAWd;AAZD,8BAYC;AAED,MAAsB,gBAAiB,SAAQ,SAAS;IACtD,IAAI,GAAG,SAAS,CAAC;IAEjB;QACE,KAAK,EAAE,CAAC;IACV,CAAC;IAED,qBAAqB;QACnB,OAAO,YAAY,CAAC;IACtB,CAAC;IAED,eAAe,CACb,MAA0B,EAC1B,IAA+B,EAC/B,gBAA2B,EAC3B,KAAe;QAEf,OAAO,IAAA,iCAAsB,EAAC,MAAM,EAAE,IAAI,EAAE,gBAAgB,EAAE,KAAK,CAAC,CAAC;IACvE,CAAC;IAED,KAAK,CAAC,iBAAiB,CAAC,KAAe;QACrC,IAAI,CAAC;YACH,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,aAAa,EAAE,CAAC;YAE9C,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;gBAC/B,OAAO,KAAK,CAAC;YACf,CAAC;YAED,MAAM,aAAa,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;YACrE,MAAM,MAAM,GAAG,KAAK,CAAC,KAAK,CAAC,aAAa,CAAwB,CAAC;YACjE,MAAM,kBAAkB,GAAG,IAAI,CAAC,qBAAqB,EAAE,CAAC;YACxD,MAAM,UAAU,GAAG,KAAK,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAEvD,OAAO,CACL,kBAAkB,IAAI,MAAM,IAAI,UAAU,IAAI,MAAM,CAAC,kBAAkB,CAAC,CACzE,CAAC;QACJ,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAED,KAAK,CAAC,SAAS,CACb,MAAe,EACf,gBAA2B,EAC3B,KAAe;QAEf,OAAO,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE,KAAK,EAAE,gBAAgB,EAAE,KAAK,CAAC,CAAC;IACrE,CAAC;IAED,KAAK,CAAC,cAAc,CAClB,MAA0B,EAC1B,IAA+B,EAC/B,gBAA2B,EAC3B,KAAe;QAEf,IAAI,CAAC;YACH,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,aAAa,EAAE,CAAC;YAC9C,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;YAE3C,MAAM,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YAExD,MAAM,kBAAkB,GAAG,IAAI,CAAC,qBAAqB,EAAE,CAAC;YACxD,IAAI,aAAa,GAAG,EAAE,CAAC;YACvB,IAAI,cAAc,GAAG,EAAE,CAAC;YAExB,IAAI,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;gBAC9B,aAAa,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;gBAC/D,cAAc,GAAG,KAAK,CAAC,KAAK,CAAC,aAAa,CAAC,IAAI,EAAE,CAAC;YACpD,CAAC;YAED,MAAM,eAAe,GAAG,IAAI,CAAC,eAAe,CAC1C,MAAM,EACN,IAAI,EACJ,gBAAgB,EAChB,KAAK,CACN,CAAC;YACF,MAAM,WAAW,GAAG,cAAqC,CAAC;YAC1D,IAAI,CAAC,WAAW,CAAC,kBAAkB,CAAC,EAAE,CAAC;gBACrC,WAAW,CAAC,kBAAkB,CAAC,GAAG,EAAE,CAAC;YACvC,CAAC;YACD,MAAM,UAAU,GAAG,KAAK,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YACvD,WAAW,CAAC,kBAAkB,CAAC,CAAC,UAAU,CAAC,GAAG,eAAe,CAAC;YAE9D,MAAM,KAAK,GAAG,KAAK,CAAC,MAAM,CACxB,aAAa,EACb,CAAC,kBAAkB,EAAE,UAAU,CAAC,EAChC,eAAe,EACf;gBACE,iBAAiB,EAAE;oBACjB,OAAO,EAAE,CAAC;oBACV,YAAY,EAAE,IAAI;iBACnB;aACF,CACF,CAAC;YAEF,MAAM,eAAe,GAAG,KAAK,CAAC,UAAU,CAAC,aAAa,EAAE,KAAK,CAAC,CAAC;YAE/D,MAAM,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,UAAU,EAAE,eAAe,EAAE,MAAM,CAAC,CAAC;YAEjE,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;QAC3B,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;QAC5B,CAAC;IACH,CAAC;IAED,KAAK,CAAC,YAAY,CAAC,KAAe;QAChC,IAAI,CAAC;YACH,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,aAAa,EAAE,CAAC;YAE9C,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;gBAC/B,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;YAC5B,CAAC;YAED,MAAM,aAAa,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;YACrE,MAAM,MAAM,GAAG,KAAK,CAAC,KAAK,CAAC,aAAa,CAAwB,CAAC;YACjE,MAAM,kBAAkB,GAAG,IAAI,CAAC,qBAAqB,EAAE,CAAC;YAExD,MAAM,UAAU,GAAG,KAAK,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAEvD,IACE,kBAAkB,IAAI,MAAM;gBAC5B,UAAU,IAAI,MAAM,CAAC,kBAAkB,CAAC,EACxC,CAAC;gBACD,MAAM,KAAK,GAAG,KAAK,CAAC,MAAM,CACxB,aAAa,EACb,CAAC,kBAAkB,EAAE,UAAU,CAAC,EAChC,SAAS,EACT;oBACE,iBAAiB,EAAE;wBACjB,OAAO,EAAE,CAAC;wBACV,YAAY,EAAE,IAAI;qBACnB;iBACF,CACF,CAAC;gBAEF,MAAM,eAAe,GAAG,KAAK,CAAC,UAAU,CAAC,aAAa,EAAE,KAAK,CAAC,CAAC;gBAE/D,MAAM,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,UAAU,EAAE,eAAe,EAAE,MAAM,CAAC,CAAC;gBAEjE,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;YAC3B,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,EAAE;QACJ,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;IAC5B,CAAC;CACF;AAnJD,4CAmJC","sourcesContent":["import * as fs from 'fs';\nimport * as path from 'path';\nimport * as jsonc from 'jsonc-parser';\nimport { getDefaultServerConfig } from './defaults';\n\nexport type MCPServerConfig = Record<string, unknown>;\n\nexport abstract class MCPClient {\n name: string;\n abstract getConfigPath(): Promise<string>;\n abstract getServerPropertyName(): string;\n abstract isServerInstalled(local?: boolean): Promise<boolean>;\n abstract addServer(\n apiKey?: string,\n selectedFeatures?: string[],\n local?: boolean,\n ): Promise<{ success: boolean }>;\n abstract removeServer(local?: boolean): Promise<{ success: boolean }>;\n abstract isClientSupported(): Promise<boolean>;\n}\n\nexport abstract class DefaultMCPClient extends MCPClient {\n name = 'Default';\n\n constructor() {\n super();\n }\n\n getServerPropertyName(): string {\n return 'mcpServers';\n }\n\n getServerConfig(\n apiKey: string | undefined,\n type: 'sse' | 'streamable-http',\n selectedFeatures?: string[],\n local?: boolean,\n ): MCPServerConfig {\n return getDefaultServerConfig(apiKey, type, selectedFeatures, local);\n }\n\n async isServerInstalled(local?: boolean): Promise<boolean> {\n try {\n const configPath = await this.getConfigPath();\n\n if (!fs.existsSync(configPath)) {\n return false;\n }\n\n const configContent = await fs.promises.readFile(configPath, 'utf8');\n const config = jsonc.parse(configContent) as Record<string, any>;\n const serverPropertyName = this.getServerPropertyName();\n const serverName = local ? 'posthog-local' : 'posthog';\n\n return (\n serverPropertyName in config && serverName in config[serverPropertyName]\n );\n } catch {\n return false;\n }\n }\n\n async addServer(\n apiKey?: string,\n selectedFeatures?: string[],\n local?: boolean,\n ): Promise<{ success: boolean }> {\n return this._addServerType(apiKey, 'sse', selectedFeatures, local);\n }\n\n async _addServerType(\n apiKey: string | undefined,\n type: 'sse' | 'streamable-http',\n selectedFeatures?: string[],\n local?: boolean,\n ): Promise<{ success: boolean }> {\n try {\n const configPath = await this.getConfigPath();\n const configDir = path.dirname(configPath);\n\n await fs.promises.mkdir(configDir, { recursive: true });\n\n const serverPropertyName = this.getServerPropertyName();\n let configContent = '';\n let existingConfig = {};\n\n if (fs.existsSync(configPath)) {\n configContent = await fs.promises.readFile(configPath, 'utf8');\n existingConfig = jsonc.parse(configContent) || {};\n }\n\n const newServerConfig = this.getServerConfig(\n apiKey,\n type,\n selectedFeatures,\n local,\n );\n const typedConfig = existingConfig as Record<string, any>;\n if (!typedConfig[serverPropertyName]) {\n typedConfig[serverPropertyName] = {};\n }\n const serverName = local ? 'posthog-local' : 'posthog';\n typedConfig[serverPropertyName][serverName] = newServerConfig;\n\n const edits = jsonc.modify(\n configContent,\n [serverPropertyName, serverName],\n newServerConfig,\n {\n formattingOptions: {\n tabSize: 2,\n insertSpaces: true,\n },\n },\n );\n\n const modifiedContent = jsonc.applyEdits(configContent, edits);\n\n await fs.promises.writeFile(configPath, modifiedContent, 'utf8');\n\n return { success: true };\n } catch {\n return { success: false };\n }\n }\n\n async removeServer(local?: boolean): Promise<{ success: boolean }> {\n try {\n const configPath = await this.getConfigPath();\n\n if (!fs.existsSync(configPath)) {\n return { success: false };\n }\n\n const configContent = await fs.promises.readFile(configPath, 'utf8');\n const config = jsonc.parse(configContent) as Record<string, any>;\n const serverPropertyName = this.getServerPropertyName();\n\n const serverName = local ? 'posthog-local' : 'posthog';\n\n if (\n serverPropertyName in config &&\n serverName in config[serverPropertyName]\n ) {\n const edits = jsonc.modify(\n configContent,\n [serverPropertyName, serverName],\n undefined,\n {\n formattingOptions: {\n tabSize: 2,\n insertSpaces: true,\n },\n },\n );\n\n const modifiedContent = jsonc.applyEdits(configContent, edits);\n\n await fs.promises.writeFile(configPath, modifiedContent, 'utf8');\n\n return { success: true };\n }\n } catch {\n //\n }\n\n return { success: false };\n }\n}\n"]}
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
export {};
|
|
@@ -1,72 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
const defaults_1 = require("../defaults");
|
|
4
|
-
describe('defaults', () => {
|
|
5
|
-
describe('buildMCPUrl', () => {
|
|
6
|
-
it('should build base URL for streamable-http type', () => {
|
|
7
|
-
const url = (0, defaults_1.buildMCPUrl)('streamable-http');
|
|
8
|
-
expect(url).toBe('https://mcp.posthog.com/mcp');
|
|
9
|
-
});
|
|
10
|
-
it('should build base URL for sse type', () => {
|
|
11
|
-
const url = (0, defaults_1.buildMCPUrl)('sse');
|
|
12
|
-
expect(url).toBe('https://mcp.posthog.com/sse');
|
|
13
|
-
});
|
|
14
|
-
it('should use localhost for local mode', () => {
|
|
15
|
-
const url = (0, defaults_1.buildMCPUrl)('streamable-http', undefined, true);
|
|
16
|
-
expect(url).toBe('http://localhost:8787/mcp');
|
|
17
|
-
});
|
|
18
|
-
it('should add features param when not all features selected', () => {
|
|
19
|
-
const url = (0, defaults_1.buildMCPUrl)('streamable-http', ['dashboards', 'insights']);
|
|
20
|
-
expect(url).toBe('https://mcp.posthog.com/mcp?features=dashboards,insights');
|
|
21
|
-
});
|
|
22
|
-
it('should not add region param in local mode', () => {
|
|
23
|
-
const url = (0, defaults_1.buildMCPUrl)('streamable-http', undefined, true);
|
|
24
|
-
expect(url).toBe('http://localhost:8787/mcp');
|
|
25
|
-
});
|
|
26
|
-
});
|
|
27
|
-
describe('getDefaultServerConfig', () => {
|
|
28
|
-
it('should return config with auth header when API key provided', () => {
|
|
29
|
-
const config = (0, defaults_1.getDefaultServerConfig)('phx_test123', 'sse');
|
|
30
|
-
expect(config).toEqual({
|
|
31
|
-
command: 'npx',
|
|
32
|
-
args: [
|
|
33
|
-
'-y',
|
|
34
|
-
'mcp-remote@latest',
|
|
35
|
-
'https://mcp.posthog.com/sse',
|
|
36
|
-
'--header',
|
|
37
|
-
'Authorization:${POSTHOG_AUTH_HEADER}',
|
|
38
|
-
],
|
|
39
|
-
env: {
|
|
40
|
-
POSTHOG_AUTH_HEADER: 'Bearer phx_test123',
|
|
41
|
-
},
|
|
42
|
-
});
|
|
43
|
-
});
|
|
44
|
-
it('should return config without auth header for OAuth mode (no API key)', () => {
|
|
45
|
-
const config = (0, defaults_1.getDefaultServerConfig)(undefined, 'sse');
|
|
46
|
-
expect(config).toEqual({
|
|
47
|
-
command: 'npx',
|
|
48
|
-
args: ['-y', 'mcp-remote@latest', 'https://mcp.posthog.com/sse'],
|
|
49
|
-
});
|
|
50
|
-
expect(config).not.toHaveProperty('env');
|
|
51
|
-
});
|
|
52
|
-
});
|
|
53
|
-
describe('getNativeHTTPServerConfig', () => {
|
|
54
|
-
it('should return config with headers when API key provided', () => {
|
|
55
|
-
const config = (0, defaults_1.getNativeHTTPServerConfig)('phx_test123', 'streamable-http');
|
|
56
|
-
expect(config).toEqual({
|
|
57
|
-
url: 'https://mcp.posthog.com/mcp',
|
|
58
|
-
headers: {
|
|
59
|
-
Authorization: 'Bearer phx_test123',
|
|
60
|
-
},
|
|
61
|
-
});
|
|
62
|
-
});
|
|
63
|
-
it('should return config without headers for OAuth mode (no API key)', () => {
|
|
64
|
-
const config = (0, defaults_1.getNativeHTTPServerConfig)(undefined, 'streamable-http');
|
|
65
|
-
expect(config).toEqual({
|
|
66
|
-
url: 'https://mcp.posthog.com/mcp',
|
|
67
|
-
});
|
|
68
|
-
expect(config).not.toHaveProperty('headers');
|
|
69
|
-
});
|
|
70
|
-
});
|
|
71
|
-
});
|
|
72
|
-
//# sourceMappingURL=defaults.test.js.map
|