@scriptdb/cli 1.0.8 → 1.1.0

package/README.md

@@ -4,31 +4,20 @@ Command-line interface for ScriptDB - Database management with TypeScript script
 
 ## Installation
 
-### From Binary (Info Only)
-
-Pre-built binaries are available for download:
-
-- **Linux x64**: `scriptdb-linux-x64`
-- **Linux ARM64**: `scriptdb-linux-arm64`
-- **Linux x64 (musl)**: `scriptdb-linux-x64-musl`
-- **Linux ARM64 (musl)**: `scriptdb-linux-arm64-musl`
-- **macOS x64 (Intel)**: `scriptdb-darwin-x64`
-- **macOS ARM64 (Apple Silicon)**: `scriptdb-darwin-arm64`
-- **Windows x64**: `scriptdb-windows-x64.exe`
-
-**Note**: These binaries are standalone info-only builds. They show help/version but don't include server functionality. For full functionality, install from source.
-
-Make it executable (Linux/macOS):
+Install from npm:
 ```bash
-chmod +x scriptdb-*
-sudo mv scriptdb-* /usr/local/bin/scriptdb
+npm install -g @scriptdb/cli
+# or
+bun add -g @scriptdb/cli
 ```
 
-### From Source (Recommended for Full Functionality)
-
+Install from source:
 ```bash
+git clone <repo>
+cd scriptdb
 bun install
-bun run build:all
+bun run build
+npm link
 ```
 
 ## Usage
@@ -109,6 +98,55 @@ Example:
 }
 ```
 
+### Package Management
+
+Install packages to ScriptDB:
+```bash
+# Install to ~/.scriptdb/packages
+scriptdb add lodash
+scriptdb add axios express
+
+# Install to current directory
+scriptdb add --local lodash
+```
+
+Remove packages:
+```bash
+# Remove from ~/.scriptdb/packages
+scriptdb remove lodash
+
+# Remove from current directory
+scriptdb remove --local lodash
+```
+
+### Monitoring
+
+View real-time logs:
+```bash
+scriptdb logs
+```
+
+Monitor performance (CPU, memory, uptime):
+```bash
+scriptdb monit
+```
+
+## Commands
+
+| Command | Description |
+|---------|-------------|
+| `scriptdb start [-d]` | Start server (`-d` for daemon/PM2 mode) |
+| `scriptdb stop` | Stop the running server |
+| `scriptdb restart [-d]` | Restart the server |
+| `scriptdb status` | Check server status and view metrics |
+| `scriptdb logs` | View real-time logs |
+| `scriptdb monit` | Monitor performance (CPU, memory, uptime) |
+| `scriptdb shell` | Start interactive shell |
+| `scriptdb add <pkg>` | Install packages to ~/.scriptdb |
+| `scriptdb add --local <pkg>` | Install packages to current directory |
+| `scriptdb remove <pkg>` | Remove packages from ~/.scriptdb |
+| `scriptdb remove --local <pkg>` | Remove packages from current directory |
+
 ## Building
 
 ### Build for all platforms (local)
@@ -145,10 +183,28 @@ bun run dev
 
 ## Files
 
-- PID file: `~/.scriptdb/scriptdb.pid`
-- Log file: `~/.scriptdb/scriptdb.log`
 - Config file: `~/.scriptdb/config.json`
+- Ecosystem config: `~/.scriptdb/ecosystem.config.js` (PM2)
+- PM2 logs: `~/.scriptdb/pm2-*.log`
 - Databases: `~/.scriptdb/databases/`
+- Packages: `~/.scriptdb/packages/`
+
+## Changelog
+
+### 1.1.0 (2025-01-16)
+
+**Added**
+- Native `scriptdb logs` command to view real-time logs
+- Native `scriptdb monit` command to monitor performance
+- Native `scriptdb restart` command to restart the server
+- Native `scriptdb stop` command to stop the server
+- Dynamic version reading from package.json
+- ESLint configuration for TypeScript linting
+
+**Fixed**
+- Fixed TypeScript module resolution errors
+- Fixed test command to continue gracefully when packages have no tests
+- Improved error handling and Windows compatibility
 
 ## License
 

package/dist/index.js

@@ -93810,6 +93810,7 @@ class Protocal {
   IP_FAIL_WINDOW_MS;
   MAX_LOGIN_ATTEMPTS;
   LOCK_DURATION_MS;
+  ENABLE_IP_LOCKOUT;
   MAX_MESSAGE_BYTES;
   MAX_MESSAGES_PER_CONNECTION;
   CONNECTION_TIMEOUT_MS;
@@ -93923,9 +93924,10 @@ class Protocal {
     });
     this.loginAttemptCache = new Map;
     this.ipAttemptCache = new Map;
-    this.IP_FAIL_WINDOW_MS = options2.ipFailWindowMs || 15 * 60 * 1000;
-    this.MAX_LOGIN_ATTEMPTS = options2.maxLoginAttempts || 5;
-    this.LOCK_DURATION_MS = options2.lockDurationMs || 15 * 60 * 1000;
+    this.IP_FAIL_WINDOW_MS = options2.ipFailWindowMs || fileConfig.ipFailWindowMs || 15 * 60 * 1000;
+    this.MAX_LOGIN_ATTEMPTS = options2.maxLoginAttempts || fileConfig.maxLoginAttempts || 5;
+    this.LOCK_DURATION_MS = options2.lockDurationMs || fileConfig.lockDurationMs || 15 * 60 * 1000;
+    this.ENABLE_IP_LOCKOUT = options2.enableIpLockout !== undefined ? options2.enableIpLockout : fileConfig.enableIpLockout !== undefined ? fileConfig.enableIpLockout : true;
     this.MAX_MESSAGE_BYTES = options2.maxMessageBytes || 64 * 1024;
     this.MAX_MESSAGES_PER_CONNECTION = options2.maxMessagesPerConnection || 1000;
     this.CONNECTION_TIMEOUT_MS = typeof options2.connectionTimeoutMs === "number" ? options2.connectionTimeoutMs : typeof fileConfig.connectionTimeoutMs === "number" ? fileConfig.connectionTimeoutMs : 0;
@@ -94371,32 +94373,34 @@ class Protocal {
                   err: e && e.message || String(e)
                 });
               }
-              const nowTs = Date.now();
-              const ipRec = this.ipAttemptCache.get(remoteIP) || {
-                attempts: 0,
-                lockedUntil: 0,
-                expiresAt: nowTs + this._attemptCacheTTL
-              };
-              ipRec.attempts = (ipRec.attempts || 0) + 1;
-              ipRec.expiresAt = nowTs + this._attemptCacheTTL;
-              if (ipRec.attempts >= this.MAX_LOGIN_ATTEMPTS) {
-                ipRec.lockedUntil = nowTs + this.LOCK_DURATION_MS;
-                this.audit("ip.lockout", {
-                  ip: remoteIP,
-                  attempts: ipRec.attempts
-                });
-              }
-              this.ipAttemptCache.set(remoteIP, ipRec);
-              if (ipRec.lockedUntil && ipRec.lockedUntil > nowTs) {
-                this.audit("ip.locked", { ip: remoteIP });
-                try {
-                  sendWithBackpressure({
-                    command: "login",
-                    message: "LOCKED_IP",
-                    data: null
+              if (this.ENABLE_IP_LOCKOUT) {
+                const nowTs = Date.now();
+                const ipRec = this.ipAttemptCache.get(remoteIP) || {
+                  attempts: 0,
+                  lockedUntil: 0,
+                  expiresAt: nowTs + this._attemptCacheTTL
+                };
+                ipRec.attempts = (ipRec.attempts || 0) + 1;
+                ipRec.expiresAt = nowTs + this._attemptCacheTTL;
+                if (ipRec.attempts >= this.MAX_LOGIN_ATTEMPTS) {
+                  ipRec.lockedUntil = nowTs + this.LOCK_DURATION_MS;
+                  this.audit("ip.lockout", {
+                    ip: remoteIP,
+                    attempts: ipRec.attempts
                   });
-                } catch (e) {}
-                break;
+                }
+                this.ipAttemptCache.set(remoteIP, ipRec);
+                if (ipRec.lockedUntil && ipRec.lockedUntil > nowTs) {
+                  this.audit("ip.locked", { ip: remoteIP });
+                  try {
+                    sendWithBackpressure({
+                      command: "login",
+                      message: "LOCKED_IP",
+                      data: null
+                    });
+                  } catch (e) {}
+                  break;
+                }
               }
               const now = Date.now();
               const record = this.loginAttemptCache.get(username) || {
@@ -95211,9 +95215,8 @@ export const ${databaseName} = {};
         if (this.users && Array.isArray(this.users) && this.users.length > 0) {
           const u = this.users[0] || { username: "" };
           const uname = u.username || null;
-          const pwd = typeof u.password === "string" && u.password ? u.password : null;
-          if (uname && pwd) {
-            cred = encodeURIComponent(String(uname)) + ":" + encodeURIComponent(String(pwd)) + "@";
+          if (uname && typeof u.password === "string" && u.password) {
+            cred = encodeURIComponent(String(uname)) + ":" + "*****" + "@";
           } else if (uname) {
             cred = encodeURIComponent(String(uname)) + "@";
           }
@@ -95254,7 +95257,7 @@ import { spawn } from "node:child_process";
 import Storage from "@scriptdb/storage";
 var pkgData = `{
   "name": "scriptdb-workspace",
-  "version": "1.0.8",
+  "version": "1.1.0",
   "description": "ScriptDB workspace for custom scripts, services, and databases",
   "private": true,
   "devDependencies": {
@@ -95341,6 +95344,10 @@ var configDefault = {
   GITHUB_URL: "",
   GITHUB_TOKEN: "",
   GITHUB_BRANCH: "main",
+  enableIpLockout: true,
+  ipFailWindowMs: 900000,
+  maxLoginAttempts: 5,
+  lockDurationMs: 900000,
   users: [
     {
       username: "admin",
@@ -97296,7 +97303,7 @@ function ensureScriptDBDir() {
   if (!existsSync3(PACKAGE_JSON)) {
     const packageJsonContent = {
       name: "scriptdb-workspace",
-      version: "1.0.8",
+      version: "1.1.0",
       description: "ScriptDB workspace for custom scripts, services, and databases",
       private: true,
       devDependencies: {

package/dist/workers/bcrypt-worker.js

@@ -0,0 +1,12 @@
+const { parentPort } = require('worker_threads');
+const bcrypt = require('bcryptjs');
+
+parentPort.on('message', async (msg) => {
+  const { id, password, hash } = msg;
+  try {
+    const ok = await bcrypt.compare(password, hash);
+    parentPort.postMessage({ id, ok });
+  } catch (e) {
+    parentPort.postMessage({ id, error: (e && e.message) || String(e) });
+  }
+});

package/dist/workers/validator-worker.js

@@ -0,0 +1,82 @@
+const { parentPort } = require('worker_threads');
+
+// Lightweight validation + sanitization worker
+// Expects messages: { id, action: 'validate', payload, options }
+
+function shallowValidate(payload, schema, maxDepth = 4, maxNodes = 1000) {
+  const out = {};
+  let nodes = 0;
+  const checkDepth = (obj, depth) => {
+    if (depth > maxDepth) return false;
+    if (nodes++ > maxNodes) return false;
+    if (obj && typeof obj === 'object') {
+      for (const k of Object.keys(obj)) {
+        const expected = (schema || {})[k];
+        if (!expected) continue;
+        const val = obj[k];
+        if (expected === 'string' && typeof val === 'string') out[k] = val;
+        else if (expected === 'number' && typeof val === 'number') out[k] = val;
+        else if (expected === 'object' && val && typeof val === 'object') {
+          if (depth + 1 <= maxDepth) {
+            out[k] = {};
+            for (const nk of Object.keys(val)) {
+              if ((schema || {})[nk]) out[k][nk] = val[nk];
+            }
+          }
+        }
+      }
+      return true;
+    }
+    return false;
+  };
+  if (!checkDepth(payload, 0)) return {};
+  return out;
+}
+
+function sanitizeResult(res, opts) {
+  const allowedKeys = opts && opts.allowedKeys ? opts.allowedKeys : ['result', 'value', 'items', 'length', 'status', 'message'];
+  const maxNodes = opts && opts.maxNodes || 2000;
+  const maxDepth = opts && opts.maxDepth || 6;
+  const maxString = opts && opts.maxString || 1000;
+  let nodes = 0;
+  const rec = (input, depth = 0) => {
+    if (nodes++ > maxNodes) return '[REDACTED_NODES]';
+    if (depth > maxDepth) return '[REDACTED_DEPTH]';
+    if (input === null || input === undefined) return input;
+    if (typeof input === 'string') {
+      if (input.length > maxString) return input.slice(0, maxString) + '...[TRUNC]';
+      return input;
+    }
+    if (typeof input === 'number' || typeof input === 'boolean') return input;
+    if (Array.isArray(input)) return input.map((v) => rec(v, depth + 1));
+    if (typeof input === 'object') {
+      const out = {};
+      for (const k of Object.keys(input)) {
+        if (allowedKeys.includes(k)) out[k] = rec(input[k], depth + 1);
+        else out[k] = '[REDACTED]';
+      }
+      return out;
+    }
+    return '[REDACTED]';
+  };
+  return rec(res, 0);
+}
+
+parentPort.on('message', async (m) => {
+  if (!m || !m.id) return;
+  try {
+    if (m.action === 'validate') {
+      const allowed = shallowValidate(m.payload, m.options.schema, m.options.maxDepth, m.options.maxNodes);
+      parentPort.postMessage({ id: m.id, res: allowed });
+      return;
+    }
+    if (m.action === 'sanitize') {
+      const out = sanitizeResult(m.payload, m.options || {});
+      parentPort.postMessage({ id: m.id, res: out });
+      return;
+    }
+    parentPort.postMessage({ id: m.id, error: 'unknown action' });
+  } catch (e) {
+    parentPort.postMessage({ id: m.id, error: (e && e.message) || String(e) });
+  }
+});

package/dist/workers/vm-worker.js

@@ -0,0 +1,25 @@
+const { parentPort } = require('worker_threads');
+const VMModule = require('@scriptdb/vm');
+const VM = VMModule && VMModule.VM ? VMModule.VM : VMModule;
+
+let vmInstance = null;
+
+parentPort.on('message', async (msg) => {
+  const { id, action, options, payload } = msg;
+  try {
+    if (action === 'init') {
+      vmInstance = new VM(options || {});
+      parentPort.postMessage({ id, ok: true });
+      return;
+    }
+    if (action === 'run') {
+      if (!vmInstance) throw new Error('vm not initialized');
+      const res = await vmInstance.run(payload);
+      parentPort.postMessage({ id, res });
+      return;
+    }
+    parentPort.postMessage({ id, error: 'unknown action' });
+  } catch (e) {
+    parentPort.postMessage({ id, error: (e && e.message) || String(e) });
+  }
+});

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@scriptdb/cli",
-  "version": "1.0.8",
+  "version": "1.1.0",
   "description": "CLI tool to start and manage ScriptDB server",
   "type": "module",
   "bin": {
@@ -13,7 +13,7 @@
   ],
   "scripts": {
     "dev": "bun --watch src/index.ts",
-    "build": "bun build src/index.ts --outdir dist --target node --format esm --external '@scriptdb/*'",
+    "build": "bun build src/index.ts --outdir dist --target node --format esm --external '@scriptdb/*' && node scripts/copy-workers.cjs",
     "build:types": "tsc --emitDeclarationOnly",
     "build:all": "bun run build && bun run build:types",
     "test": "bun test",
@@ -38,8 +38,8 @@
     "typescript": "^5.0.0"
   },
   "dependencies": {
-    "@scriptdb/client": "^1.0.8",
-    "@scriptdb/server": "^1.0.8",
+    "@scriptdb/client": "^1.1.0",
+    "@scriptdb/server": "^1.1.0",
     "bcryptjs": "^3.0.3",
     "bottleneck": "^2.19.5",
     "jsonwebtoken": "^9.0.3",