@raviolelabs/engram-mcp 0.5.4 → 0.5.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cloud/bridge-client.d.ts.map +1 -1
- package/dist/cloud/bridge-client.js +14 -1
- package/dist/cloud/bridge-client.js.map +1 -1
- package/dist/core/db/index.d.ts.map +1 -1
- package/dist/core/db/index.js +31 -15
- package/dist/core/db/index.js.map +1 -1
- package/dist/core/logger.d.ts.map +1 -1
- package/dist/core/logger.js +22 -4
- package/dist/core/logger.js.map +1 -1
- package/dist/core/server/http.d.ts.map +1 -1
- package/dist/core/server/http.js +14 -3
- package/dist/core/server/http.js.map +1 -1
- package/package.json +2 -2
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"bridge-client.d.ts","sourceRoot":"","sources":["../../src/cloud/bridge-client.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"bridge-client.d.ts","sourceRoot":"","sources":["../../src/cloud/bridge-client.ts"],"names":[],"mappings":"AAuKA,MAAM,WAAW,mBAAmB;IAClC,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,YAAY;IAC3B,+CAA+C;IAC/C,IAAI,EAAE,MAAM,IAAI,CAAC;CAClB;AAED,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,mBAAmB,GAAG,YAAY,CAuHzE"}
|
|
@@ -111,9 +111,22 @@ async function forwardToLocal(req, localPort) {
|
|
|
111
111
|
};
|
|
112
112
|
}
|
|
113
113
|
const responseBody = await res.text();
|
|
114
|
+
// SECURITY: only forward a fixed whitelist of headers back through the
|
|
115
|
+
// cloud relay. Forwarding everything would leak Set-Cookie, Authorization,
|
|
116
|
+
// and any future auth headers the local /api/* might emit — those should
|
|
117
|
+
// never leave the user's machine.
|
|
118
|
+
const SAFE_HEADERS = new Set([
|
|
119
|
+
'content-type',
|
|
120
|
+
'content-length',
|
|
121
|
+
'cache-control',
|
|
122
|
+
'etag',
|
|
123
|
+
'last-modified',
|
|
124
|
+
]);
|
|
114
125
|
const responseHeaders = {};
|
|
115
126
|
res.headers.forEach((value, key) => {
|
|
116
|
-
|
|
127
|
+
if (SAFE_HEADERS.has(key.toLowerCase())) {
|
|
128
|
+
responseHeaders[key] = value;
|
|
129
|
+
}
|
|
117
130
|
});
|
|
118
131
|
return {
|
|
119
132
|
requestId: req.requestId,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"bridge-client.js","sourceRoot":"","sources":["../../src/cloud/bridge-client.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AACH,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,SAAS,EAAE,MAAM,IAAI,CAAC;AAC/B,OAAO,EAAE,YAAY,EAAE,MAAM,cAAc,CAAC;AAC5C,OAAO,EAAE,WAAW,EAAE,MAAM,WAAW,CAAC;AAExC;;;;;GAKG;AACH,SAAS,yBAAyB;IAChC,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,SAAS,CAAC,CAAC;IACrD,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC;IACrD,IAAI,QAAQ,GAAkB,IAAI,CAAC;IACnC,IAAI,CAAC;QACH,IAAI,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;YAC9B,MAAM,CAAC,GAAG,EAAE,CAAC,YAAY,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,CAAC;YACrD,IAAI,CAAC,IAAI,CAAC,CAAC,MAAM,IAAI,EAAE,IAAI,kBAAkB,CAAC,IAAI,CAAC,CAAC,CAAC;gBAAE,QAAQ,GAAG,CAAC,CAAC;QACtE,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,gCAAgC;IAClC,CAAC;IACD,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,QAAQ,GAAG,IAAI,EAAE,CAAC;QAClB,IAAI,CAAC;YACH,EAAE,CAAC,SAAS,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YAC7C,EAAE,CAAC,aAAa,CAAC,UAAU,EAAE,QAAQ,GAAG,IAAI,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;QACjE,CAAC;QAAC,MAAM,CAAC;YACP,mEAAmE;QACrE,CAAC;IACH,CAAC;IACD,MAAM,UAAU,GAAG,CAAC,EAAE,CAAC,QAAQ,EAAE,IAAI,IAAI,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IACxD,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,CAAC;AAClC,CAAC;AAED,MAAM,GAAG,GAAG,YAAY,CAAC,cAAc,CAAC,CAAC;AAEzC,MAAM,UAAU,GAAG,WAAW,CAAC;AAC/B,MAAM,cAAc,GAAG,kBAAkB,CAAC;AAC1C,MAAM,cAAc,GAAG,CAAC,GAAG,IAAI,GAAG,IAAI,CAAC,CAAC,MAAM;AAC9C,MAAM,iBAAiB,GAAG,KAAK,CAAC;AAChC,MAAM,gBAAgB,GAAG,MAAM,CAAC;AAqBhC,8EAA8E;AAC9E,uBAAuB;AACvB,8EAA8E;AAE9E,KAAK,UAAU,cAAc,CAAC,GAAkB,EAAE,SAAiB;IACjE,8BAA8B;IAC9B,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;QAClC,OAAO;YACL,SAAS,EAAE,GAAG,CAAC,SAAS;YACxB,MAAM,EAAE,GAAG;YACX,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;YAC/C,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,yCAAyC,EAAE,CAAC;SAC3E,CAAC;IACJ,CAAC;IAED,MAAM,GAAG,GAAG,GAAG,cAAc,IAAI,SAAS,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC;IACxD,MAAM,SAAS,GAAgB;QAC7B,MAAM,EAAE,GAAG,CAAC,MAAM;QAClB,OAAO,EAAE;YACP,cAAc,EAAE,kBAAkB;YAClC,GAAG,GAAG,CAAC,OAAO;SACf;QACD,MAAM,EAAE,WAAW,CAAC,OAAO,CAAC,MAAM,CAAC;KACpC,CAAC;IAEF,IAAI,GAAG,CAAC,IAAI,IAAI,CAAC,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;QAC9E,IAAI,GAAG,CAAC,IAAI,CAAC,MAAM,GAAG,cAAc,EAAE,CAAC;YACrC,OAAO;gBACL,SAAS,EAAE,GAAG,CAAC,SAAS;gBACxB,MAAM,EAAE,GAAG;gBACX,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;gBAC/C,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,kCAAkC,EAAE,CAAC;aACpE,CAAC;QACJ,CAAC;QACD,SAAS,CAAC,IAAI,GAAG,GAAG,CAAC,IAAI,CAAC;IAC5B,CAAC;IAED,IAAI,GAAa,CAAC;IAClB,IAAI,CAAC;QACH,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;IACpC,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO;YACL,SAAS,EAAE,GAAG,CAAC,SAAS;YACxB,MAAM,EAAE,GAAG;YACX,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;YAC/C,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,KAAK,EAAE,0BAA0B,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE;aAC9E,CAAC;SACH,CAAC;IACJ,CAAC;IAED,MAAM,YAAY,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;IACtC,MAAM,eAAe,GAA2B,EAAE,CAAC;IACnD,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE;QACjC,eAAe,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;
|
|
1
|
+
{"version":3,"file":"bridge-client.js","sourceRoot":"","sources":["../../src/cloud/bridge-client.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AACH,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,SAAS,EAAE,MAAM,IAAI,CAAC;AAC/B,OAAO,EAAE,YAAY,EAAE,MAAM,cAAc,CAAC;AAC5C,OAAO,EAAE,WAAW,EAAE,MAAM,WAAW,CAAC;AAExC;;;;;GAKG;AACH,SAAS,yBAAyB;IAChC,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,SAAS,CAAC,CAAC;IACrD,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC;IACrD,IAAI,QAAQ,GAAkB,IAAI,CAAC;IACnC,IAAI,CAAC;QACH,IAAI,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;YAC9B,MAAM,CAAC,GAAG,EAAE,CAAC,YAAY,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,CAAC;YACrD,IAAI,CAAC,IAAI,CAAC,CAAC,MAAM,IAAI,EAAE,IAAI,kBAAkB,CAAC,IAAI,CAAC,CAAC,CAAC;gBAAE,QAAQ,GAAG,CAAC,CAAC;QACtE,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,gCAAgC;IAClC,CAAC;IACD,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,QAAQ,GAAG,IAAI,EAAE,CAAC;QAClB,IAAI,CAAC;YACH,EAAE,CAAC,SAAS,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YAC7C,EAAE,CAAC,aAAa,CAAC,UAAU,EAAE,QAAQ,GAAG,IAAI,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;QACjE,CAAC;QAAC,MAAM,CAAC;YACP,mEAAmE;QACrE,CAAC;IACH,CAAC;IACD,MAAM,UAAU,GAAG,CAAC,EAAE,CAAC,QAAQ,EAAE,IAAI,IAAI,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IACxD,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,CAAC;AAClC,CAAC;AAED,MAAM,GAAG,GAAG,YAAY,CAAC,cAAc,CAAC,CAAC;AAEzC,MAAM,UAAU,GAAG,WAAW,CAAC;AAC/B,MAAM,cAAc,GAAG,kBAAkB,CAAC;AAC1C,MAAM,cAAc,GAAG,CAAC,GAAG,IAAI,GAAG,IAAI,CAAC,CAAC,MAAM;AAC9C,MAAM,iBAAiB,GAAG,KAAK,CAAC;AAChC,MAAM,gBAAgB,GAAG,MAAM,CAAC;AAqBhC,8EAA8E;AAC9E,uBAAuB;AACvB,8EAA8E;AAE9E,KAAK,UAAU,cAAc,CAAC,GAAkB,EAAE,SAAiB;IACjE,8BAA8B;IAC9B,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;QAClC,OAAO;YACL,SAAS,EAAE,GAAG,CAAC,SAAS;YACxB,MAAM,EAAE,GAAG;YACX,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;YAC/C,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,yCAAyC,EAAE,CAAC;SAC3E,CAAC;IACJ,CAAC;IAED,MAAM,GAAG,GAAG,GAAG,cAAc,IAAI,SAAS,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC;IACxD,MAAM,SAAS,GAAgB;QAC7B,MAAM,EAAE,GAAG,CAAC,MAAM;QAClB,OAAO,EAAE;YACP,cAAc,EAAE,kBAAkB;YAClC,GAAG,GAAG,CAAC,OAAO;SACf;QACD,MAAM,EAAE,WAAW,CAAC,OAAO,CAAC,MAAM,CAAC;KACpC,CAAC;IAEF,IAAI,GAAG,CAAC,IAAI,IAAI,CAAC,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;QAC9E,IAAI,GAAG,CAAC,IAAI,CAAC,MAAM,GAAG,cAAc,EAAE,CAAC;YACrC,OAAO;gBACL,SAAS,EAAE,GAAG,CAAC,SAAS;gBACxB,MAAM,EAAE,GAAG;gBACX,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;gBAC/C,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,kCAAkC,EAAE,CAAC;aACpE,CAAC;QACJ,CAAC;QACD,SAAS,CAAC,IAAI,GAAG,GAAG,CAAC,IAAI,CAAC;IAC5B,CAAC;IAED,IAAI,GAAa,CAAC;IAClB,IAAI,CAAC;QACH,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;IACpC,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO;YACL,SAAS,EAAE,GAAG,CAAC,SAAS;YACxB,MAAM,EAAE,GAAG;YACX,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;YAC/C,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,KAAK,EAAE,0BAA0B,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE;aAC9E,CAAC;SACH,CAAC;IACJ,CAAC;IAED,MAAM,YAAY,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;IACtC,uEAAuE;IACvE,2EAA2E;IAC3E,yEAAyE;IACzE,kCAAkC;IAClC,MAAM,YAAY,GAAG,IAAI,GAAG,CAAC;QAC3B,cAAc;QACd,gBAAgB;QAChB,eAAe;QACf,MAAM;QACN,eAAe;KAChB,CAAC,CAAC;IACH,MAAM,eAAe,GAA2B,EAAE,CAAC;IACnD,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE;QACjC,IAAI,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;YACxC,eAAe,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;QAC/B,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,OAAO;QACL,SAAS,EAAE,GAAG,CAAC,SAAS;QACxB,MAAM,EAAE,GAAG,CAAC,MAAM;QAClB,OAAO,EAAE,eAAe;QACxB,IAAI,EAAE,YAAY;KACnB,CAAC;AACJ,CAAC;AAgBD,MAAM,UAAU,iBAAiB,CAAC,IAAyB;IACzD,MAAM,EAAE,QAAQ,EAAE,UAAU,EAAE,GAAG,yBAAyB,EAAE,CAAC;IAC7D,MAAM,MAAM,GACV,IAAI,CAAC,OAAO;SACT,OAAO,CAAC,aAAa,EAAE,QAAQ,CAAC;SAChC,OAAO,CAAC,YAAY,EAAE,OAAO,CAAC;SAC9B,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,GAAG,UAAU,CAAC;IACrC,MAAM,KAAK,GAAG,GAAG,MAAM,cAAc,kBAAkB,CACrD,QAAQ,CACT,gBAAgB,kBAAkB,CAAC,UAAU,CAAC,EAAE,CAAC;IAElD,IAAI,OAAO,GAAG,KAAK,CAAC;IACpB,IAAI,EAAE,GAAqB,IAAI,CAAC;IAChC,IAAI,cAAc,GAAG,iBAAiB,CAAC;IACvC,IAAI,cAAc,GAA0B,IAAI,CAAC;IAEjD,SAAS,OAAO;QACd,IAAI,OAAO;YAAE,OAAO;QAEpB,GAAG,CAAC,IAAI,CAAC,+BAA+B,KAAK,EAAE,CAAC,CAAC;QAEjD,2DAA2D;QAC3D,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC;aACtB,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE;YACZ,IAAI,OAAO;gBAAE,OAAO;YAEpB,EAAE,GAAG,IAAI,SAAS,CAAC,KAAK,EAAE;gBACxB,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,GAAG,EAAE,EAAE;aAC5C,CAAC,CAAC;YAEH,EAAE,CAAC,EAAE,CAAC,MAAM,EAAE,GAAG,EAAE;gBACjB,GAAG,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;gBACpC,cAAc,GAAG,iBAAiB,CAAC,CAAC,2BAA2B;gBAC/D,EAAG,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC,CAAC,CAAC;YACjD,CAAC,CAAC,CAAC;YAEH,EAAE,CAAC,EAAE,CAAC,SAAS,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;gBAC9B,IAAI,GAAY,CAAC;gBACjB,IAAI,CAAC;oBACH,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC;gBACpC,CAAC;gBAAC,MAAM,CAAC;oBACP,GAAG,CAAC,IAAI,CAAC,mDAAmD,CAAC,CAAC;oBAC9D,OAAO;gBACT,CAAC;gBAED,sFAAsF;gBACtF,kCAAkC;gBAClC,oEAAoE;gBACpE,mCAAmC;gBACnC,MAAM,GAAG,GAAG,GAA8B,CAAC;gBAC3C,IAAI,OAAO,GAAG,CAAC,IAAI,KAAK,QAAQ,IAAI,GAAG,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;oBAC3D,GAAG,CAAC,KAAK,CAAC,oCAAoC,GAAG,CAAC,IAAc,aAAa,CAAC,CAAC;oBAC/E,OAAO;gBACT,CAAC;gBAED,qDAAqD;gBACrD,IACE,OAAO,GAAG,CAAC,SAAS,KAAK,QAAQ;oBACjC,OAAO,GAAG,CAAC,MAAM,KAAK,QAAQ;oBAC9B,OAAO,GAAG,CAAC,IAAI,KAAK,QAAQ,EAC5B,CAAC;oBACD,GAAG,CAAC,IAAI,CACN,8EAA8E,CAC/E,CAAC;oBACF,OAAO;gBACT,CAAC;gBAED,MAAM,GAAG,GAAG,GAA+B,CAAC;gBAC5C,GAAG,CAAC,KAAK,CAAC,gCAAgC,GAAG,CAAC,SAAS,IAAI,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;gBAErF,MAAM,QAAQ,GAAG,MAAM,cAAc,CAAC,GAAG,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC;gBAC3D,IAAI,EAAE,EAAE,UAAU,KAAK,SAAS,CAAC,IAAI,EAAE,CAAC;oBACtC,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC;gBACpC,CAAC;YACH,CAAC,CAAC,CAAC;YAEH,EAAE,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,IAAI,EAAE,MAAM,EAAE,EAAE;gBAC9B,GAAG,CAAC,IAAI,CACN,oCAAoC,IAAI,YAAY,MAAM,CAAC,QAAQ,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CACtF,CAAC;gBACF,iBAAiB,EAAE,CAAC;YACtB,CAAC,CAAC,CAAC;YAEH,EAAE,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE;gBACrB,GAAG,CAAC,KAAK,CAAC,2BAA2B,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;gBACpD,qEAAqE;YACvE,CAAC,CAAC,CAAC;QACL,CAAC,CAAC;aACD,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE;YACX,GAAG,CAAC,KAAK,CACP,qCAAqC,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAClF,CAAC;YACF,iBAAiB,EAAE,CAAC;QACtB,CAAC,CAAC,CAAC;IACP,CAAC;IAED,SAAS,iBAAiB;QACxB,IAAI,OAAO;YAAE,OAAO;QACpB,GAAG,CAAC,IAAI,CAAC,iCAAiC,cAAc,IAAI,CAAC,CAAC;QAC9D,cAAc,GAAG,UAAU,CAAC,GAAG,EAAE;YAC/B,cAAc,GAAG,IAAI,CAAC,GAAG,CAAC,cAAc,GAAG,CAAC,EAAE,gBAAgB,CAAC,CAAC;YAChE,OAAO,EAAE,CAAC;QACZ,CAAC,EAAE,cAAc,CAAC,CAAC;IACrB,CAAC;IAED,yBAAyB;IACzB,OAAO,EAAE,CAAC;IAEV,OAAO;QACL,IAAI,EAAE,GAAG,EAAE;YACT,OAAO,GAAG,IAAI,CAAC;YACf,IAAI,cAAc;gBAAE,YAAY,CAAC,cAAc,CAAC,CAAC;YACjD,IAAI,EAAE,EAAE,CAAC;gBACP,EAAE,CAAC,KAAK,CAAC,IAAI,EAAE,uBAAuB,CAAC,CAAC;gBACxC,EAAE,GAAG,IAAI,CAAC;YACZ,CAAC;YACD,GAAG,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;QACpC,CAAC;KACF,CAAC;AACJ,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/core/db/index.ts"],"names":[],"mappings":"AACA,OAAO,QAAQ,MAAM,gBAAgB,CAAC;AAetC,wBAAgB,KAAK,IAAI,QAAQ,CAAC,QAAQ,CAGzC;AAED,wBAAgB,OAAO,IAAI,IAAI,CAK9B;AAED,wBAAgB,MAAM,CAAC,OAAO,EAAE,MAAM,GAAG,QAAQ,CAAC,QAAQ,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/core/db/index.ts"],"names":[],"mappings":"AACA,OAAO,QAAQ,MAAM,gBAAgB,CAAC;AAetC,wBAAgB,KAAK,IAAI,QAAQ,CAAC,QAAQ,CAGzC;AAED,wBAAgB,OAAO,IAAI,IAAI,CAK9B;AAED,wBAAgB,MAAM,CAAC,OAAO,EAAE,MAAM,GAAG,QAAQ,CAAC,QAAQ,CAuCzD;AAmFD,wBAAgB,eAAe,CAAC,EAAE,EAAE,QAAQ,CAAC,QAAQ,GAAG,MAAM,CAS7D;AAED,wBAAgB,gBAAgB,CAAC,EAAE,EAAE,QAAQ,CAAC,QAAQ,EAAE,QAAQ,EAAE,MAAM,GAAG,MAAM,CAOhF"}
|
package/dist/core/db/index.js
CHANGED
|
@@ -24,24 +24,40 @@ export function closeDb() {
|
|
|
24
24
|
}
|
|
25
25
|
export function initDb(dataDir) {
|
|
26
26
|
const resolved = resolvePath(dataDir);
|
|
27
|
-
|
|
27
|
+
// SECURITY: tighten umask around dir + sqlite open so we never leave a
|
|
28
|
+
// window where engram.db / engram.db-wal / engram.db-shm are world-readable.
|
|
29
|
+
// The previous code did mkdir(mode:0o700) + chmodSync(0o600) AFTER open —
|
|
30
|
+
// between sqlite-open and chmod, another local user on a shared box could
|
|
31
|
+
// open the freshly-created file and read it. umask 0o077 applied to every
|
|
32
|
+
// file/dir created during this block closes that window.
|
|
33
|
+
const prevUmask = process.umask(0o077);
|
|
28
34
|
try {
|
|
29
|
-
fs.
|
|
35
|
+
fs.mkdirSync(resolved, { recursive: true, mode: 0o700 });
|
|
36
|
+
try {
|
|
37
|
+
fs.chmodSync(resolved, 0o700);
|
|
38
|
+
}
|
|
39
|
+
catch { }
|
|
40
|
+
const dbPath = path.join(resolved, 'engram.db');
|
|
41
|
+
log.info(`Opening database at ${dbPath}`);
|
|
42
|
+
_db = new Database(dbPath);
|
|
43
|
+
_db.pragma('journal_mode = WAL');
|
|
44
|
+
_db.pragma('foreign_keys = ON');
|
|
45
|
+
_db.pragma('synchronous = NORMAL');
|
|
46
|
+
// Belt-and-suspenders: chmod the 3 sqlite files explicitly. -wal/-shm
|
|
47
|
+
// get created lazily on first write; chmod is best-effort.
|
|
48
|
+
for (const f of ['engram.db', 'engram.db-wal', 'engram.db-shm']) {
|
|
49
|
+
try {
|
|
50
|
+
fs.chmodSync(path.join(resolved, f), 0o600);
|
|
51
|
+
}
|
|
52
|
+
catch { }
|
|
53
|
+
}
|
|
54
|
+
runMigrations(_db);
|
|
55
|
+
log.info('Database ready');
|
|
56
|
+
return _db;
|
|
30
57
|
}
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
log.info(`Opening database at ${dbPath}`);
|
|
34
|
-
_db = new Database(dbPath);
|
|
35
|
-
_db.pragma('journal_mode = WAL');
|
|
36
|
-
_db.pragma('foreign_keys = ON');
|
|
37
|
-
_db.pragma('synchronous = NORMAL');
|
|
38
|
-
try {
|
|
39
|
-
fs.chmodSync(dbPath, 0o600);
|
|
58
|
+
finally {
|
|
59
|
+
process.umask(prevUmask);
|
|
40
60
|
}
|
|
41
|
-
catch { }
|
|
42
|
-
runMigrations(_db);
|
|
43
|
-
log.info('Database ready');
|
|
44
|
-
return _db;
|
|
45
61
|
}
|
|
46
62
|
function runMigrations(db) {
|
|
47
63
|
db.exec(`
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/core/db/index.ts"],"names":[],"mappings":"AAAA,uBAAuB;AACvB,OAAO,QAAQ,MAAM,gBAAgB,CAAC;AACtC,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,EAAE,YAAY,EAAE,MAAM,cAAc,CAAC;AAE5C,MAAM,GAAG,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC;AAE/B,IAAI,GAAG,GAA6B,IAAI,CAAC;AAEzC,SAAS,WAAW,CAAC,CAAS;IAC5B,IAAI,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;IAClE,OAAO,CAAC,CAAC;AACX,CAAC;AAED,MAAM,UAAU,KAAK;IACnB,IAAI,CAAC,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;IACtE,OAAO,GAAG,CAAC;AACb,CAAC;AAED,MAAM,UAAU,OAAO;IACrB,IAAI,GAAG,EAAE,CAAC;QACR,GAAG,CAAC,KAAK,EAAE,CAAC;QACZ,GAAG,GAAG,IAAI,CAAC;IACb,CAAC;AACH,CAAC;AAED,MAAM,UAAU,MAAM,CAAC,OAAe;IACpC,MAAM,QAAQ,GAAG,WAAW,CAAC,OAAO,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/core/db/index.ts"],"names":[],"mappings":"AAAA,uBAAuB;AACvB,OAAO,QAAQ,MAAM,gBAAgB,CAAC;AACtC,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,EAAE,YAAY,EAAE,MAAM,cAAc,CAAC;AAE5C,MAAM,GAAG,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC;AAE/B,IAAI,GAAG,GAA6B,IAAI,CAAC;AAEzC,SAAS,WAAW,CAAC,CAAS;IAC5B,IAAI,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;IAClE,OAAO,CAAC,CAAC;AACX,CAAC;AAED,MAAM,UAAU,KAAK;IACnB,IAAI,CAAC,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;IACtE,OAAO,GAAG,CAAC;AACb,CAAC;AAED,MAAM,UAAU,OAAO;IACrB,IAAI,GAAG,EAAE,CAAC;QACR,GAAG,CAAC,KAAK,EAAE,CAAC;QACZ,GAAG,GAAG,IAAI,CAAC;IACb,CAAC;AACH,CAAC;AAED,MAAM,UAAU,MAAM,CAAC,OAAe;IACpC,MAAM,QAAQ,GAAG,WAAW,CAAC,OAAO,CAAC,CAAC;IAEtC,uEAAuE;IACvE,6EAA6E;IAC7E,0EAA0E;IAC1E,0EAA0E;IAC1E,0EAA0E;IAC1E,yDAAyD;IACzD,MAAM,SAAS,GAAG,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;IACvC,IAAI,CAAC;QACH,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;QACzD,IAAI,CAAC;YACH,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;QAChC,CAAC;QAAC,MAAM,CAAC,CAAA,CAAC;QAEV,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAC;QAChD,GAAG,CAAC,IAAI,CAAC,uBAAuB,MAAM,EAAE,CAAC,CAAC;QAE1C,GAAG,GAAG,IAAI,QAAQ,CAAC,MAAM,CAAC,CAAC;QAC3B,GAAG,CAAC,MAAM,CAAC,oBAAoB,CAAC,CAAC;QACjC,GAAG,CAAC,MAAM,CAAC,mBAAmB,CAAC,CAAC;QAChC,GAAG,CAAC,MAAM,CAAC,sBAAsB,CAAC,CAAC;QAEnC,sEAAsE;QACtE,2DAA2D;QAC3D,KAAK,MAAM,CAAC,IAAI,CAAC,WAAW,EAAE,eAAe,EAAE,eAAe,CAAC,EAAE,CAAC;YAChE,IAAI,CAAC;gBACH,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;YAC9C,CAAC;YAAC,MAAM,CAAC,CAAA,CAAC;QACZ,CAAC;QAED,aAAa,CAAC,GAAG,CAAC,CAAC;QACnB,GAAG,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;QAE3B,OAAO,GAAG,CAAC;IACb,CAAC;YAAS,CAAC;QACT,OAAO,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;IAC3B,CAAC;AACH,CAAC;AAED,SAAS,aAAa,CAAC,EAAqB;IAC1C,EAAE,CAAC,IAAI,CAAC;;;;;GAKP,CAAC,CAAC;IAEH,MAAM,GAAG,GAAG,EAAE,CAAC,OAAO,CAAC,8CAA8C,CAAC,CAAC,GAAG,EAEzE,CAAC;IACF,MAAM,OAAO,GAAG,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC;IAE3B,MAAM,UAAU,GAA4C;QAC1D,EAAE,OAAO,EAAE,CAAC,EAAE,GAAG,EAAE,WAAW,EAAE;QAChC,EAAE,OAAO,EAAE,CAAC,EAAE,GAAG,EAAE,WAAW,EAAE;QAChC,EAAE,OAAO,EAAE,CAAC,EAAE,GAAG,EAAE,WAAW,EAAE;QAChC,EAAE,OAAO,EAAE,CAAC,EAAE,GAAG,EAAE,WAAW,EAAE;QAChC,EAAE,OAAO,EAAE,CAAC,EAAE,GAAG,EAAE,WAAW,EAAE;QAChC,EAAE,OAAO,EAAE,CAAC,EAAE,GAAG,EAAE,WAAW,EAAE;QAChC,EAAE,OAAO,EAAE,CAAC,EAAE,GAAG,EAAE,WAAW,EAAE;QAChC,EAAE,OAAO,EAAE,CAAC,EAAE,GAAG,EAAE,WAAW,EAAE;QAChC,EAAE,OAAO,EAAE,CAAC,EAAE,GAAG,EAAE,EAAE,CAAC,0CAA0C,EAAE;KACnE,CAAC;IAEF,KAAK,MAAM,CAAC,IAAI,UAAU,EAAE,CAAC;QAC3B,IAAI,CAAC,CAAC,OAAO,GAAG,OAAO,EAAE,CAAC;YACxB,GAAG,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;YAC7C,IAAI,CAAC,CAAC,OAAO,KAAK,CAAC,EAAE,CAAC;gBACpB,wEAAwE;gBACxE,sEAAsE;gBACtE,MAAM,IAAI,GAAG,EAAE,CAAC,OAAO,CAAC,6BAA6B,CAAC,CAAC,GAAG,EAA6B,CAAC;gBACxF,MAAM,GAAG,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC;gBAC1D,IAAI,CAAC,GAAG,CAAC,cAAc,CAAC;oBACtB,EAAE,CAAC,IAAI,CAAC,yEAAyE,CAAC,CAAC;gBACrF,IAAI,CAAC,GAAG,CAAC,kBAAkB,CAAC;oBAC1B,EAAE,CAAC,IAAI,CAAC,0DAA0D,CAAC,CAAC;gBACtE,IAAI,CAAC,GAAG,CAAC,YAAY,CAAC;oBACpB,EAAE,CAAC,IAAI,CAAC,2EAA2E,CAAC,CAAC;gBACvF,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC;oBAChB,EAAE,CAAC,IAAI,CAAC,mEAAmE,CAAC,CAAC;gBAC/E,IAAI,CAAC,GAAG,CAAC,cAAc,CAAC;oBACtB,EAAE,CAAC,IAAI,CAAC,wEAAwE,CAAC,CAAC;gBACpF,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC;oBAAE,EAAE,CAAC,IAAI,CAAC,6CAA6C,CAAC,CAAC;gBAC3E,IAAI,CAAC,GAAG,CAAC,YAAY,CAAC;oBACpB,EAAE,CAAC,IAAI,CAAC,sEAAsE,CAAC,CAAC;gBAClF,EAAE,CAAC,IAAI,CACL,oFAAoF,CACrF,CAAC;gBACF,EAAE,CAAC,IAAI,CAAC,oEAAoE,CAAC,CAAC;gBAC9E,EAAE,CAAC,IAAI,CACL,qFAAqF,CACtF,CAAC;YACJ,CAAC;iBAAM,IAAI,CAAC,CAAC,OAAO,KAAK,CAAC,EAAE,CAAC;gBAC3B,iEAAiE;gBACjE,MAAM,IAAI,GAAG,EAAE,CAAC,OAAO,CAAC,6BAA6B,CAAC,CAAC,GAAG,EAA6B,CAAC;gBACxF,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,OAAO,CAAC,EAAE,CAAC;oBAC1C,EAAE,CAAC,IAAI,CAAC,wEAAwE,CAAC,CAAC;gBACpF,CAAC;gBACD,2BAA2B;gBAC3B,EAAE,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;gBAChC,EAAE,CAAC,IAAI,CAAC,kEAAkE,CAAC,CAAC;YAC9E,CAAC;iBAAM,IAAI,CAAC,CAAC,OAAO,KAAK,CAAC,EAAE,CAAC;gBAC3B,mDAAmD;gBACnD,mEAAmE;gBACnE,6DAA6D;gBAC7D,MAAM,IAAI,GAAG,EAAE,CAAC,OAAO,CAAC,gCAAgC,CAAC,CAAC,GAAG,EAA6B,CAAC;gBAC3F,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,YAAY,CAAC,EAAE,CAAC;oBAC/C,EAAE,CAAC,IAAI,CAAC,0EAA0E,CAAC,CAAC;gBACtF,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;YACjB,CAAC;YACD,EAAE,CAAC,OAAO,CAAC,gEAAgE,CAAC,CAAC,GAAG,CAC9E,CAAC,CAAC,OAAO,EACT,IAAI,CAAC,GAAG,EAAE,CACX,CAAC;QACJ,CAAC;IACH,CAAC;AACH,CAAC;AAED,MAAM,UAAU,eAAe,CAAC,EAAqB;IACnD,MAAM,GAAG,GAAG,EAAE;SACX,OAAO,CACN;;SAEG,CACJ;SACA,GAAG,EAA2C,CAAC;IAClD,OAAO,GAAG,EAAE,MAAM,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,MAAM,UAAU,gBAAgB,CAAC,EAAqB,EAAE,QAAgB;IACtE,MAAM,OAAO,GAAG,EAAE;SACf,OAAO,CAAC,4DAA4D,CAAC;SACrE,GAAG,CAAC,QAAQ,CAAuC,CAAC;IACvD,MAAM,IAAI,GAAG,CAAC,OAAO,EAAE,UAAU,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;IAC5C,EAAE,CAAC,OAAO,CAAC,+DAA+D,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;IAChG,OAAO,IAAI,CAAC;AACd,CAAC;AAED,mFAAmF;AACnF,+DAA+D;AAC/D,MAAM,WAAW,GAAG,mDAAmD,CAAC;AAExE,0EAA0E;AAC1E,iEAAiE;AACjE,+EAA+E;AAC/E,MAAM,sBAAsB,GAAG;;;;;;;;CAQ9B,CAAC;AAEF,kFAAkF;AAClF,+DAA+D;AAC/D,MAAM,WAAW,GAAG,2DAA2D,CAAC;AAEhF,MAAM,WAAW,GAAG;;;;;;;;;;;;;;;;CAgBnB,CAAC;AAEF,MAAM,WAAW,GAAG;;;;;;;;;;;;;;;;;CAiBnB,CAAC;AAEF,MAAM,WAAW,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CA+CnB,CAAC;AAEF,MAAM,WAAW,GAAG;;;;;;;;;;;;;;;;;;CAkBnB,CAAC;AAEF,MAAM,WAAW,GAAG;;;;;;;;;;;;;;;;;CAiBnB,CAAC;AAEF,MAAM,WAAW,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAkDnB,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"logger.d.ts","sourceRoot":"","sources":["../../src/core/logger.ts"],"names":[],"mappings":"AAMA,KAAK,QAAQ,GAAG,OAAO,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,CAAC;AAIpD,eAAO,MAAM,QAAQ,QAAmD,CAAC;AASzE,wBAAgB,kBAAkB,CAAC,cAAc,EAAE,MAAM,GAAG,IAAI,CAsC/D;AAED,wBAAgB,SAAS,IAAI;IAAE,OAAO,EAAE,MAAM,EAAE,CAAC;IAAC,SAAS,EAAE,MAAM,CAAA;CAAE,CAmBpE;
|
|
1
|
+
{"version":3,"file":"logger.d.ts","sourceRoot":"","sources":["../../src/core/logger.ts"],"names":[],"mappings":"AAMA,KAAK,QAAQ,GAAG,OAAO,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,CAAC;AAIpD,eAAO,MAAM,QAAQ,QAAmD,CAAC;AASzE,wBAAgB,kBAAkB,CAAC,cAAc,EAAE,MAAM,GAAG,IAAI,CAsC/D;AAED,wBAAgB,SAAS,IAAI;IAAE,OAAO,EAAE,MAAM,EAAE,CAAC;IAAC,SAAS,EAAE,MAAM,CAAA;CAAE,CAmBpE;AAiID,QAAA,IAAI,aAAa,EAAE,CAAC,CAAC,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,OAAO,KAAK,IAAI,CAAC,GAAG,IACxF,CAAC;AAEP,wBAAgB,WAAW,CAAC,KAAK,EAAE,QAAQ,QAE1C;AAED,wBAAgB,gBAAgB,CAAC,EAAE,EAAE,OAAO,aAAa,QAExD;AAuBD,wBAAgB,YAAY,CAAC,MAAM,EAAE,MAAM;iBAE1B,MAAM,SAAS,OAAO;gBACvB,MAAM,SAAS,OAAO;gBACtB,MAAM,SAAS,OAAO;iBACrB,MAAM,SAAS,OAAO;EAEtC;AAED,MAAM,MAAM,MAAM,GAAG,UAAU,CAAC,OAAO,YAAY,CAAC,CAAC"}
|
package/dist/core/logger.js
CHANGED
|
@@ -89,8 +89,20 @@ function openLogFd() {
|
|
|
89
89
|
if (logFd !== null)
|
|
90
90
|
return logFd;
|
|
91
91
|
try {
|
|
92
|
-
|
|
93
|
-
|
|
92
|
+
// SECURITY: 0700 on the dir + 0600 on the file. The log can contain
|
|
93
|
+
// request URLs, error messages with surrounding context, and (despite
|
|
94
|
+
// the redactor below) edge cases we missed — keep it readable only by
|
|
95
|
+
// the owning user.
|
|
96
|
+
fs.mkdirSync(path.dirname(LOG_FILE), { recursive: true, mode: 0o700 });
|
|
97
|
+
logFd = fs.openSync(LOG_FILE, 'a', 0o600);
|
|
98
|
+
// openSync mode is only honored when the file is CREATED. If the log
|
|
99
|
+
// already existed with looser perms, chmod it down explicitly.
|
|
100
|
+
try {
|
|
101
|
+
fs.chmodSync(LOG_FILE, 0o600);
|
|
102
|
+
}
|
|
103
|
+
catch {
|
|
104
|
+
/* race or perms — best-effort */
|
|
105
|
+
}
|
|
94
106
|
}
|
|
95
107
|
catch {
|
|
96
108
|
logFd = null;
|
|
@@ -157,12 +169,18 @@ const RESET = '\x1b[0m';
|
|
|
157
169
|
const SECRET_PATTERNS = [
|
|
158
170
|
/sk-[A-Za-z0-9\-_]{20,}/g, // Anthropic / Stripe API keys
|
|
159
171
|
/pk-[A-Za-z0-9\-_]{20,}/g, // Public keys
|
|
160
|
-
/Bearer\s+[A-Za-z0-9\-_.~+/]
|
|
172
|
+
/Bearer\s+[A-Za-z0-9\-_.~+/]+=*/g, // Bearer tokens (any length; HTTP grammar)
|
|
161
173
|
/ntn_[A-Za-z0-9]{20,}/g, // Notion tokens
|
|
162
174
|
/xoxb-[A-Za-z0-9\-]{20,}/g, // Slack bot tokens
|
|
163
175
|
/ghp_[A-Za-z0-9]{20,}/g, // GitHub PATs
|
|
164
176
|
/gho_[A-Za-z0-9]{20,}/g, // GitHub OAuth tokens
|
|
165
|
-
|
|
177
|
+
// JWT: header.payload.signature — require all three base64url segments so
|
|
178
|
+
// we don't mistakenly match "eyJ…" inside arbitrary base64 blobs.
|
|
179
|
+
/eyJ[A-Za-z0-9\-_]+\.[A-Za-z0-9\-_]+\.[A-Za-z0-9\-_]+/g,
|
|
180
|
+
// Engram-issued API key — see engram-cloud/workers/shared/apikey.ts:
|
|
181
|
+
// raw = "engram_" + 64 hex chars (32 random bytes). Catch the full token,
|
|
182
|
+
// not just the 15-char prefix which is also stored DB-side for display.
|
|
183
|
+
/engram_[a-f0-9]{32,}/g,
|
|
166
184
|
];
|
|
167
185
|
function sanitizeLogData(data) {
|
|
168
186
|
if (typeof data === 'string') {
|
package/dist/core/logger.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"logger.js","sourceRoot":"","sources":["../../src/core/logger.ts"],"names":[],"mappings":"AAAA,0EAA0E;AAE1E,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EAAE,MAAM,IAAI,CAAC;AAIpB,iFAAiF;AACjF,uEAAuE;AACvE,MAAM,CAAC,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,YAAY,CAAC,CAAC;AACzE,MAAM,SAAS,GAAG,EAAE,GAAG,IAAI,GAAG,IAAI,CAAC;AACnC,MAAM,aAAa,GAAG,CAAC,CAAC;AACxB,MAAM,OAAO,GAAG,iBAAiB,CAAC;AAElC,SAAS,SAAS,CAAC,CAAS;IAC1B,OAAO,CAAC,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;AAChC,CAAC;AAED,MAAM,UAAU,kBAAkB,CAAC,cAAsB;IACvD,IAAI,CAAC;QACH,IAAI,IAAI,GAAG,CAAC,CAAC;QACb,IAAI,CAAC;YACH,IAAI,GAAG,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC;QACpC,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,CAAC,yBAAyB;QACnC,CAAC;QACD,IAAI,IAAI,GAAG,cAAc,IAAI,SAAS;YAAE,OAAO;QAE/C,2EAA2E;QAC3E,0EAA0E;QAC1E,yEAAyE;QACzE,8CAA8C;QAC9C,MAAM,MAAM,GAAG,GAAG,QAAQ,IAAI,aAAa,EAAE,CAAC;QAC9C,IAAI,CAAC;YACH,IAAI,EAAE,CAAC,UAAU,CAAC,MAAM,CAAC;gBAAE,EAAE,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;QACnD,CAAC;QAAC,MAAM,CAAC;YACP,YAAY;QACd,CAAC;QACD,KAAK,IAAI,CAAC,GAAG,aAAa,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;YAC5C,MAAM,GAAG,GAAG,GAAG,QAAQ,IAAI,CAAC,EAAE,CAAC;YAC/B,MAAM,GAAG,GAAG,GAAG,QAAQ,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;YACnC,IAAI,CAAC;gBACH,IAAI,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC;oBAAE,EAAE,CAAC,UAAU,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;YAClD,CAAC;YAAC,MAAM,CAAC;gBACP,YAAY;YACd,CAAC;QACH,CAAC;QACD,IAAI,CAAC;YACH,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,GAAG,QAAQ,IAAI,CAAC,CAAC;YAC3C,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;QAC/B,CAAC;QAAC,MAAM,CAAC;YACP,YAAY;QACd,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,6CAA6C;IAC/C,CAAC;AACH,CAAC;AAED,MAAM,UAAU,SAAS;IACvB,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,aAAa,EAAE,CAAC,EAAE,EAAE,CAAC;QACxC,MAAM,CAAC,GAAG,GAAG,QAAQ,IAAI,CAAC,EAAE,CAAC;QAC7B,IAAI,CAAC;YACH,IAAI,EAAE,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC;gBACrB,EAAE,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;gBACjB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,YAAY;QACd,CAAC;IACH,CAAC;IACD,IAAI,CAAC;QACH,IAAI,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC;YAAE,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;IAC5D,CAAC;IAAC,MAAM,CAAC;QACP,YAAY;IACd,CAAC;IACD,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC;AAC1C,CAAC;AAED,8EAA8E;AAC9E,4EAA4E;AAC5E,wEAAwE;AACxE,mDAAmD;AACnD,IAAI,KAAK,GAAkB,IAAI,CAAC;AAChC,SAAS,SAAS;IAChB,IAAI,KAAK,KAAK,IAAI;QAAE,OAAO,KAAK,CAAC;IACjC,IAAI,CAAC;QACH,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"logger.js","sourceRoot":"","sources":["../../src/core/logger.ts"],"names":[],"mappings":"AAAA,0EAA0E;AAE1E,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EAAE,MAAM,IAAI,CAAC;AAIpB,iFAAiF;AACjF,uEAAuE;AACvE,MAAM,CAAC,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,YAAY,CAAC,CAAC;AACzE,MAAM,SAAS,GAAG,EAAE,GAAG,IAAI,GAAG,IAAI,CAAC;AACnC,MAAM,aAAa,GAAG,CAAC,CAAC;AACxB,MAAM,OAAO,GAAG,iBAAiB,CAAC;AAElC,SAAS,SAAS,CAAC,CAAS;IAC1B,OAAO,CAAC,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;AAChC,CAAC;AAED,MAAM,UAAU,kBAAkB,CAAC,cAAsB;IACvD,IAAI,CAAC;QACH,IAAI,IAAI,GAAG,CAAC,CAAC;QACb,IAAI,CAAC;YACH,IAAI,GAAG,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC;QACpC,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,CAAC,yBAAyB;QACnC,CAAC;QACD,IAAI,IAAI,GAAG,cAAc,IAAI,SAAS;YAAE,OAAO;QAE/C,2EAA2E;QAC3E,0EAA0E;QAC1E,yEAAyE;QACzE,8CAA8C;QAC9C,MAAM,MAAM,GAAG,GAAG,QAAQ,IAAI,aAAa,EAAE,CAAC;QAC9C,IAAI,CAAC;YACH,IAAI,EAAE,CAAC,UAAU,CAAC,MAAM,CAAC;gBAAE,EAAE,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;QACnD,CAAC;QAAC,MAAM,CAAC;YACP,YAAY;QACd,CAAC;QACD,KAAK,IAAI,CAAC,GAAG,aAAa,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;YAC5C,MAAM,GAAG,GAAG,GAAG,QAAQ,IAAI,CAAC,EAAE,CAAC;YAC/B,MAAM,GAAG,GAAG,GAAG,QAAQ,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;YACnC,IAAI,CAAC;gBACH,IAAI,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC;oBAAE,EAAE,CAAC,UAAU,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;YAClD,CAAC;YAAC,MAAM,CAAC;gBACP,YAAY;YACd,CAAC;QACH,CAAC;QACD,IAAI,CAAC;YACH,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,GAAG,QAAQ,IAAI,CAAC,CAAC;YAC3C,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;QAC/B,CAAC;QAAC,MAAM,CAAC;YACP,YAAY;QACd,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,6CAA6C;IAC/C,CAAC;AACH,CAAC;AAED,MAAM,UAAU,SAAS;IACvB,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,aAAa,EAAE,CAAC,EAAE,EAAE,CAAC;QACxC,MAAM,CAAC,GAAG,GAAG,QAAQ,IAAI,CAAC,EAAE,CAAC;QAC7B,IAAI,CAAC;YACH,IAAI,EAAE,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC;gBACrB,EAAE,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;gBACjB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,YAAY;QACd,CAAC;IACH,CAAC;IACD,IAAI,CAAC;QACH,IAAI,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC;YAAE,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;IAC5D,CAAC;IAAC,MAAM,CAAC;QACP,YAAY;IACd,CAAC;IACD,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC;AAC1C,CAAC;AAED,8EAA8E;AAC9E,4EAA4E;AAC5E,wEAAwE;AACxE,mDAAmD;AACnD,IAAI,KAAK,GAAkB,IAAI,CAAC;AAChC,SAAS,SAAS;IAChB,IAAI,KAAK,KAAK,IAAI;QAAE,OAAO,KAAK,CAAC;IACjC,IAAI,CAAC;QACH,oEAAoE;QACpE,sEAAsE;QACtE,sEAAsE;QACtE,mBAAmB;QACnB,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;QACvE,KAAK,GAAG,EAAE,CAAC,QAAQ,CAAC,QAAQ,EAAE,GAAG,EAAE,KAAK,CAAC,CAAC;QAC1C,qEAAqE;QACrE,+DAA+D;QAC/D,IAAI,CAAC;YACH,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;QAChC,CAAC;QAAC,MAAM,CAAC;YACP,iCAAiC;QACnC,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,KAAK,GAAG,IAAI,CAAC;IACf,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,cAAc,CAAC,IAAY;IAClC,MAAM,EAAE,GAAG,SAAS,EAAE,CAAC;IACvB,IAAI,EAAE,KAAK,IAAI;QAAE,OAAO;IACxB,MAAM,KAAK,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC;IAC9B,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,GAAG,IAAI,CAAC,CAAC;IACrE,IAAI,CAAC;QACH,kBAAkB,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;QACnC,EAAE,CAAC,SAAS,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;IACxB,CAAC;IAAC,MAAM,CAAC;QACP,6CAA6C;IAC/C,CAAC;AACH,CAAC;AAED,gFAAgF;AAChF,6EAA6E;AAC7E,6EAA6E;AAC7E,2EAA2E;AAC3E,mDAAmD;AACnD,IAAI,iBAAiB,GAAG,KAAK,CAAC;AAC9B,IAAI,CAAC;IACH,MAAM,UAAU,GAAG,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;IACnC,MAAM,QAAQ,GAAG,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IACvC,IAAI,UAAU,CAAC,GAAG,KAAK,QAAQ,CAAC,GAAG,IAAI,UAAU,CAAC,GAAG,KAAK,QAAQ,CAAC,GAAG,EAAE,CAAC;QACvE,iBAAiB,GAAG,IAAI,CAAC;IAC3B,CAAC;AACH,CAAC;AAAC,MAAM,CAAC;IACP,6DAA6D;AAC/D,CAAC;AAED,IAAI,iBAAiB,EAAE,CAAC;IACtB,MAAM,IAAI,GAAG,CAAC,MAA2B,EAAE,OAAiB,EAAE,EAAY,EAAW,EAAE;QACrF,6EAA6E;QAC7E,MAAM,QAAQ,GAAG,OAAO,OAAO,KAAK,UAAU,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC;QAC9D,IAAI,OAAO,QAAQ,KAAK,UAAU;YAAG,QAAuB,EAAE,CAAC;QAC/D,OAAO,IAAI,CAAC;IACd,CAAC,CAAC;IACF,8DAA8D;IAC7D,OAAO,CAAC,MAAM,CAAC,KAAa,GAAG,IAAI,CAAC;IACrC,8DAA8D;IAC7D,OAAO,CAAC,MAAM,CAAC,KAAa,GAAG,IAAI,CAAC;AACvC,CAAC;AAED,MAAM,MAAM,GAA6B;IACvC,KAAK,EAAE,CAAC;IACR,IAAI,EAAE,CAAC;IACP,IAAI,EAAE,CAAC;IACP,KAAK,EAAE,CAAC;CACT,CAAC;AAEF,MAAM,MAAM,GAA6B;IACvC,KAAK,EAAE,UAAU,EAAE,OAAO;IAC1B,IAAI,EAAE,UAAU,EAAE,OAAO;IACzB,IAAI,EAAE,UAAU,EAAE,SAAS;IAC3B,KAAK,EAAE,UAAU,EAAE,MAAM;CAC1B,CAAC;AAEF,MAAM,KAAK,GAAG,SAAS,CAAC;AAExB,2DAA2D;AAC3D,MAAM,eAAe,GAAG;IACtB,yBAAyB,EAAE,8BAA8B;IACzD,yBAAyB,EAAE,cAAc;IACzC,iCAAiC,EAAE,2CAA2C;IAC9E,uBAAuB,EAAE,gBAAgB;IACzC,0BAA0B,EAAE,mBAAmB;IAC/C,uBAAuB,EAAE,cAAc;IACvC,uBAAuB,EAAE,sBAAsB;IAC/C,0EAA0E;IAC1E,kEAAkE;IAClE,uDAAuD;IACvD,qEAAqE;IACrE,0EAA0E;IAC1E,wEAAwE;IACxE,uBAAuB;CACxB,CAAC;AAEF,SAAS,eAAe,CAAC,IAAa;IACpC,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;QAC7B,IAAI,SAAS,GAAG,IAAI,CAAC;QACrB,KAAK,MAAM,OAAO,IAAI,eAAe,EAAE,CAAC;YACtC,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,aAAa,CAAC,CAAC;QACvF,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IACD,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,KAAK,IAAI,EAAE,CAAC;QAC9C,OAAO,IAAI,CAAC,KAAK,CACf,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;YACnC,IAAI,OAAO,KAAK,KAAK,QAAQ;gBAAE,OAAO,KAAK,CAAC;YAC5C,IAAI,SAAS,GAAG,KAAK,CAAC;YACtB,KAAK,MAAM,OAAO,IAAI,eAAe,EAAE,CAAC;gBACtC,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,aAAa,CAAC,CAAC;YACvF,CAAC;YACD,OAAO,SAAS,CAAC;QACnB,CAAC,CAAC,CACH,CAAC;IACJ,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,IAAI,YAAY,GAAa,OAAO,CAAC;AACrC,IAAI,aAAa,GACf,IAAI,CAAC;AAEP,MAAM,UAAU,WAAW,CAAC,KAAe;IACzC,YAAY,GAAG,KAAK,CAAC;AACvB,CAAC;AAED,MAAM,UAAU,gBAAgB,CAAC,EAAwB;IACvD,aAAa,GAAG,EAAE,CAAC;AACrB,CAAC;AAED,SAAS,GAAG,CAAC,KAAe,EAAE,MAAc,EAAE,GAAW,EAAE,IAAc;IACvE,IAAI,MAAM,CAAC,KAAK,CAAC,GAAG,MAAM,CAAC,YAAY,CAAC;QAAE,OAAO;IAEjD,MAAM,EAAE,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IACpC,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC;IAC5B,MAAM,MAAM,GAAG,GAAG,KAAK,IAAI,KAAK,CAAC,WAAW,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,KAAK,IAAI,EAAE,KAAK,MAAM,GAAG,CAAC;IAEtF,IAAI,IAAY,CAAC;IACjB,IAAI,IAAI,KAAK,SAAS,EAAE,CAAC;QACvB,MAAM,IAAI,GAAG,eAAe,CAAC,IAAI,CAAC,CAAC;QACnC,MAAM,IAAI,GAAG,OAAO,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACrF,IAAI,GAAG,GAAG,MAAM,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;IACpC,CAAC;SAAM,CAAC;QACN,IAAI,GAAG,GAAG,MAAM,IAAI,GAAG,EAAE,CAAC;IAC5B,CAAC;IACD,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,iCAAiC;IACpD,cAAc,CAAC,IAAI,CAAC,CAAC;IAErB,aAAa,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC;AAC5C,CAAC;AAED,MAAM,UAAU,YAAY,CAAC,MAAc;IACzC,OAAO;QACL,KAAK,EAAE,CAAC,GAAW,EAAE,IAAc,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,IAAI,CAAC;QACvE,IAAI,EAAE,CAAC,GAAW,EAAE,IAAc,EAAE,EAAE,CAAC,GAAG,CAAC,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,IAAI,CAAC;QACrE,IAAI,EAAE,CAAC,GAAW,EAAE,IAAc,EAAE,EAAE,CAAC,GAAG,CAAC,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,IAAI,CAAC;QACrE,KAAK,EAAE,CAAC,GAAW,EAAE,IAAc,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,IAAI,CAAC;KACxE,CAAC;AACJ,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"http.d.ts","sourceRoot":"","sources":["../../../src/core/server/http.ts"],"names":[],"mappings":"AAAA,OAAgB,EAAE,KAAK,OAAO,EAAE,MAAM,SAAS,CAAC;AAChD,OAAO,IAAI,MAAM,MAAM,CAAC;AAmBxB,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AAC9D,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAInD,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,WAAW,CAAC;IACnB,MAAM,EAAE,UAAU,CAAC;IACnB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,gEAAgE;IAChE,SAAS,CAAC,EAAE,UAAU,CAAC;IACvB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,wBAAgB,WAAW,CAAC,OAAO,EAAE,aAAa,GAAG;IAAE,GAAG,EAAE,OAAO,CAAC;IAAC,MAAM,EAAE,IAAI,CAAC,MAAM,CAAA;CAAE,
|
|
1
|
+
{"version":3,"file":"http.d.ts","sourceRoot":"","sources":["../../../src/core/server/http.ts"],"names":[],"mappings":"AAAA,OAAgB,EAAE,KAAK,OAAO,EAAE,MAAM,SAAS,CAAC;AAChD,OAAO,IAAI,MAAM,MAAM,CAAC;AAmBxB,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AAC9D,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAInD,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,WAAW,CAAC;IACnB,MAAM,EAAE,UAAU,CAAC;IACnB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,gEAAgE;IAChE,SAAS,CAAC,EAAE,UAAU,CAAC;IACvB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,wBAAgB,WAAW,CAAC,OAAO,EAAE,aAAa,GAAG;IAAE,GAAG,EAAE,OAAO,CAAC;IAAC,MAAM,EAAE,IAAI,CAAC,MAAM,CAAA;CAAE,CA4FzF"}
|
package/dist/core/server/http.js
CHANGED
|
@@ -22,11 +22,22 @@ const log = createLogger('webapp');
|
|
|
22
22
|
export function startWebapp(options) {
|
|
23
23
|
const app = express();
|
|
24
24
|
app.use(express.json({ limit: '4mb', strict: false }));
|
|
25
|
-
//
|
|
25
|
+
// SECURITY: restrict CORS to the configured port + standard dev ports.
|
|
26
|
+
// Previous code allowed any localhost:* origin, which meant a malicious
|
|
27
|
+
// process on another localhost port (e.g. a compromised dev server, a
|
|
28
|
+
// worm in an npm postinstall) could read the user's memories via the
|
|
29
|
+
// dashboard API. Now only same-port + vite/next dev defaults are allowed.
|
|
30
|
+
const allowedOrigins = new Set([
|
|
31
|
+
`http://localhost:${options.port}`,
|
|
32
|
+
`http://127.0.0.1:${options.port}`,
|
|
33
|
+
'http://localhost:5173', // vite default (engram-mcp client dev)
|
|
34
|
+
'http://127.0.0.1:5173',
|
|
35
|
+
'http://localhost:3000', // next default (rarely needed locally)
|
|
36
|
+
'http://127.0.0.1:3000',
|
|
37
|
+
]);
|
|
26
38
|
app.use((req, res, next) => {
|
|
27
39
|
const origin = req.headers.origin ?? '';
|
|
28
|
-
if (
|
|
29
|
-
/^https?:\/\/127\.0\.0\.1(:\d+)?$/.test(origin)) {
|
|
40
|
+
if (allowedOrigins.has(origin)) {
|
|
30
41
|
res.setHeader('Access-Control-Allow-Origin', origin);
|
|
31
42
|
res.setHeader('Access-Control-Allow-Methods', 'GET,POST,PATCH,DELETE,OPTIONS');
|
|
32
43
|
res.setHeader('Access-Control-Allow-Headers', 'Content-Type,Authorization');
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"http.js","sourceRoot":"","sources":["../../../src/core/server/http.ts"],"names":[],"mappings":"AAAA,OAAO,OAAyB,MAAM,SAAS,CAAC;AAChD,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EAAE,aAAa,EAAE,MAAM,KAAK,CAAC;AACpC,OAAO,EAAE,YAAY,EAAE,MAAM,cAAc,CAAC;AAC5C,OAAO,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAC7C,OAAO,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAC;AAChD,OAAO,EAAE,WAAW,EAAE,MAAM,8BAA8B,CAAC;AAC3D,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AACzD,OAAO,EAAE,QAAQ,EAAE,MAAM,2BAA2B,CAAC;AACrD,OAAO,EAAE,QAAQ,EAAE,MAAM,2BAA2B,CAAC;AACrD,OAAO,EAAE,QAAQ,EAAE,MAAM,2BAA2B,CAAC;AACrD,OAAO,EAAE,WAAW,EAAE,MAAM,8BAA8B,CAAC;AAC3D,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AACzD,OAAO,EAAE,gBAAgB,EAAE,MAAM,iCAAiC,CAAC;AACnE,OAAO,EAAE,QAAQ,EAAE,MAAM,2BAA2B,CAAC;AACrD,OAAO,EAAE,eAAe,EAAE,MAAM,kCAAkC,CAAC;AACnE,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AACzD,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AACnD,OAAO,EAAE,eAAe,EAAE,MAAM,0BAA0B,CAAC;AAI3D,MAAM,GAAG,GAAG,YAAY,CAAC,QAAQ,CAAC,CAAC;AAYnC,MAAM,UAAU,WAAW,CAAC,OAAsB;IAChD,MAAM,GAAG,GAAG,OAAO,EAAE,CAAC;IACtB,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC;IAEvD,
|
|
1
|
+
{"version":3,"file":"http.js","sourceRoot":"","sources":["../../../src/core/server/http.ts"],"names":[],"mappings":"AAAA,OAAO,OAAyB,MAAM,SAAS,CAAC;AAChD,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EAAE,aAAa,EAAE,MAAM,KAAK,CAAC;AACpC,OAAO,EAAE,YAAY,EAAE,MAAM,cAAc,CAAC;AAC5C,OAAO,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAC7C,OAAO,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAC;AAChD,OAAO,EAAE,WAAW,EAAE,MAAM,8BAA8B,CAAC;AAC3D,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AACzD,OAAO,EAAE,QAAQ,EAAE,MAAM,2BAA2B,CAAC;AACrD,OAAO,EAAE,QAAQ,EAAE,MAAM,2BAA2B,CAAC;AACrD,OAAO,EAAE,QAAQ,EAAE,MAAM,2BAA2B,CAAC;AACrD,OAAO,EAAE,WAAW,EAAE,MAAM,8BAA8B,CAAC;AAC3D,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AACzD,OAAO,EAAE,gBAAgB,EAAE,MAAM,iCAAiC,CAAC;AACnE,OAAO,EAAE,QAAQ,EAAE,MAAM,2BAA2B,CAAC;AACrD,OAAO,EAAE,eAAe,EAAE,MAAM,kCAAkC,CAAC;AACnE,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AACzD,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AACnD,OAAO,EAAE,eAAe,EAAE,MAAM,0BAA0B,CAAC;AAI3D,MAAM,GAAG,GAAG,YAAY,CAAC,QAAQ,CAAC,CAAC;AAYnC,MAAM,UAAU,WAAW,CAAC,OAAsB;IAChD,MAAM,GAAG,GAAG,OAAO,EAAE,CAAC;IACtB,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC;IAEvD,uEAAuE;IACvE,wEAAwE;IACxE,sEAAsE;IACtE,qEAAqE;IACrE,0EAA0E;IAC1E,MAAM,cAAc,GAAG,IAAI,GAAG,CAAS;QACrC,oBAAoB,OAAO,CAAC,IAAI,EAAE;QAClC,oBAAoB,OAAO,CAAC,IAAI,EAAE;QAClC,uBAAuB,EAAE,uCAAuC;QAChE,uBAAuB;QACvB,uBAAuB,EAAE,uCAAuC;QAChE,uBAAuB;KACxB,CAAC,CAAC;IACH,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QACzB,MAAM,MAAM,GAAG,GAAG,CAAC,OAAO,CAAC,MAAM,IAAI,EAAE,CAAC;QACxC,IAAI,cAAc,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;YAC/B,GAAG,CAAC,SAAS,CAAC,6BAA6B,EAAE,MAAM,CAAC,CAAC;YACrD,GAAG,CAAC,SAAS,CAAC,8BAA8B,EAAE,+BAA+B,CAAC,CAAC;YAC/E,GAAG,CAAC,SAAS,CAAC,8BAA8B,EAAE,4BAA4B,CAAC,CAAC;YAC5E,GAAG,CAAC,SAAS,CAAC,kCAAkC,EAAE,MAAM,CAAC,CAAC;YAC1D,IAAI,GAAG,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;gBAC7B,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;gBACpB,OAAO;YACT,CAAC;QACH,CAAC;QACD,IAAI,EAAE,CAAC;IACT,CAAC,CAAC,CAAC;IAEH,wBAAwB;IACxB,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QACzB,MAAM,IAAI,GAAG,GAAG,CAAC,OAAO,CAAC,IAAI,IAAI,EAAE,CAAC;QACpC,IACE,CAAC,IAAI,CAAC,UAAU,CAAC,YAAY,CAAC;YAC9B,CAAC,IAAI,CAAC,UAAU,CAAC,YAAY,CAAC;YAC9B,IAAI,KAAK,WAAW;YACpB,IAAI,KAAK,WAAW,EACpB,CAAC;YACD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,6CAA6C,EAAE,CAAC,CAAC;YAC/E,OAAO;QACT,CAAC;QACD,IAAI,EAAE,CAAC;IACT,CAAC,CAAC,CAAC;IAEH,WAAW;IACX,GAAG,CAAC,GAAG,CAAC,eAAe,EAAE,WAAW,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC;IACrD,GAAG,CAAC,GAAG,CAAC,cAAc,EAAE,UAAU,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC;IACnD,GAAG,CAAC,GAAG,CAAC,YAAY,EAAE,QAAQ,EAAE,CAAC,CAAC;IAClC,GAAG,CAAC,GAAG,CAAC,YAAY,EAAE,QAAQ,EAAE,CAAC,CAAC;IAClC,GAAG,CAAC,GAAG,CAAC,YAAY,EAAE,QAAQ,EAAE,CAAC,CAAC;IAClC,GAAG,CAAC,GAAG,CAAC,eAAe,EAAE,WAAW,EAAE,CAAC,CAAC;IACxC,GAAG,CAAC,GAAG,CAAC,cAAc,EAAE,UAAU,EAAE,CAAC,CAAC;IACtC,GAAG,CAAC,GAAG,CAAC,YAAY,EAAE,QAAQ,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC;IAC/C,GAAG,CAAC,GAAG,CACL,mBAAmB,EACnB,eAAe,CAAC,GAAG,EAAE,CAAC,UAAU,EAAE,CAAC,CACpC,CAAC;IACF,GAAG,CAAC,GAAG,CAAC,cAAc,EAAE,UAAU,EAAE,CAAC,CAAC;IACtC,GAAG,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAC,CAAC;IAE5B,6DAA6D;IAC7D,IAAI,OAAO,CAAC,SAAS,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;QACzC,GAAG,CAAC,GAAG,CACL,WAAW,EACX,eAAe,CAAC,EAAE,OAAO,EAAE,OAAO,CAAC,OAAO,EAAE,SAAS,EAAE,OAAO,CAAC,SAAS,EAAE,CAAC,CAC5E,CAAC;QACF,GAAG,CAAC,IAAI,CAAC,0CAA0C,CAAC,CAAC;IACvD,CAAC;IAED,qBAAqB;IACrB,YAAY,CAAC,GAAG,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC;IAElC,6BAA6B;IAC7B,MAAM,UAAU,GACd,OAAO,CAAC,aAAa;QACrB,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,mBAAmB,CAAC,CAAC;IAC/E,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC;IACpC,GAAG,CAAC,GAAG,CAAC,yBAAyB,EAAE,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE;QAC/C,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,YAAY,CAAC,CAAC,CAAC;IACpD,CAAC,CAAC,CAAC;IAEH,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC;IACtC,cAAc,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC;IAEtC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,EAAE,WAAW,EAAE,GAAG,EAAE;QAC5C,GAAG,CAAC,IAAI,CAAC,2CAA2C,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;IACtE,CAAC,CAAC,CAAC;IAEH,OAAO,EAAE,GAAG,EAAE,MAAM,EAAE,CAAC;AACzB,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@raviolelabs/engram-mcp",
|
|
3
|
-
"version": "0.5.
|
|
3
|
+
"version": "0.5.6",
|
|
4
4
|
"mcpName": "io.github.RavioleLabs/engram-mcp",
|
|
5
5
|
"description": "EngramMCP — local-first semantic memory layer for AI agents",
|
|
6
6
|
"license": "Elastic-2.0",
|
|
@@ -71,7 +71,7 @@
|
|
|
71
71
|
"@typescript-eslint/eslint-plugin": "8.59.3",
|
|
72
72
|
"@typescript-eslint/parser": "8.59.3",
|
|
73
73
|
"@vitejs/plugin-react": "6.0.2",
|
|
74
|
-
"@yao-pkg/pkg": "
|
|
74
|
+
"@yao-pkg/pkg": "6.19.0",
|
|
75
75
|
"autoprefixer": "10.4.0",
|
|
76
76
|
"eslint": "9.0.0",
|
|
77
77
|
"postcss": "8.5.15",
|