@sienklogic/plan-build-run 2.0.0 → 2.0.1

package/dashboard/src/repositories/planning.repository.js

@@ -1,128 +1,128 @@
-import { readFile, readdir } from 'node:fs/promises';
-import { join, resolve, relative, normalize } from 'node:path';
-import matter from 'gray-matter';
-import { marked } from 'marked';
-
-/**
- * Strip UTF-8 BOM (Byte Order Mark) if present.
- * Windows editors (Notepad, older VS Code) may prepend BOM to UTF-8 files.
- * gray-matter will fail to detect frontmatter delimiters if BOM is present.
- * @param {string} content - Raw file content
- * @returns {string} Content without BOM
- */
-function stripBOM(content) {
-  return content.replace(/^\uFEFF/, '');
-}
-
-/**
- * Validate that a resolved path stays within the base directory.
- * Prevents path traversal attacks (e.g., ../../etc/passwd).
- *
- * @param {string} basePath - Absolute base directory path
- * @param {string} userPath - User-provided path (may be relative)
- * @returns {string} Validated absolute path
- * @throws {Error} With status 403 if path escapes base directory
- */
-export function validatePath(basePath, userPath) {
-  const resolvedBase = normalize(resolve(basePath));
-  const resolvedUser = normalize(resolve(basePath, userPath));
-
-  // Compute the relative path from base to target
-  const rel = relative(resolvedBase, resolvedUser);
-
-  // If relative path starts with '..' it escaped the base directory.
-  // If rel resolves to an absolute path, it was an absolute path injection.
-  if (rel.startsWith('..') || resolve(rel) === rel) {
-    const err = new Error('Path traversal attempt detected');
-    err.status = 403;
-    err.code = 'PATH_TRAVERSAL';
-    throw err;
-  }
-
-  return resolvedUser;
-}
-
-/**
- * Read and parse a single markdown file with YAML frontmatter.
- *
- * @param {string} filePath - Absolute path to the markdown file
- * @returns {Promise<{frontmatter: object, html: string, rawContent: string}>}
- * @throws {Error} ENOENT if file does not exist, parse error if YAML is malformed
- */
-export async function readMarkdownFile(filePath) {
-  const fileContent = await readFile(filePath, 'utf-8');
-  const cleanContent = stripBOM(fileContent);
-
-  let data, content;
-  try {
-    ({ data, content } = matter(cleanContent, {
-      engines: {
-        javascript: false
-      }
-    }));
-  } catch (error) {
-    // gray-matter throws YAMLException for malformed frontmatter.
-    // Wrap it in a user-friendly error with status 400.
-    if (error.name === 'YAMLException' || (error.constructor && error.constructor.name === 'YAMLException')) {
-      const wrapped = new Error(`Invalid YAML frontmatter in ${filePath}: ${error.message}`);
-      wrapped.status = 400;
-      wrapped.cause = error;
-      throw wrapped;
-    }
-    throw error;
-  }
-
-  const html = marked.parse(content);
-
-  return {
-    frontmatter: data,
-    html,
-    rawContent: content
-  };
-}
-
-/**
- * Read and parse multiple markdown files in parallel (fail-fast).
- * If any file fails, the entire operation rejects immediately.
- *
- * @param {string[]} filePaths - Array of absolute file paths
- * @returns {Promise<Array<{frontmatter: object, html: string, rawContent: string}>>}
- */
-export async function readMarkdownFiles(filePaths) {
-  return Promise.all(
-    filePaths.map(filePath => readMarkdownFile(filePath))
-  );
-}
-
-/**
- * Read and parse multiple markdown files with partial failure tolerance.
- * All reads complete even if some fail. Returns settled results.
- *
- * @param {string[]} filePaths - Array of absolute file paths
- * @returns {Promise<Array<{status: 'fulfilled', value: object} | {status: 'rejected', reason: Error}>>}
- */
-export async function readMarkdownFilesSettled(filePaths) {
-  return Promise.allSettled(
-    filePaths.map(filePath => readMarkdownFile(filePath))
-  );
-}
-
-/**
- * List all markdown files under the .planning/ directory recursively.
- * Uses native fs.readdir with recursive option (Node.js 18.17+).
- *
- * @param {string} projectDir - Absolute path to the project root
- * @returns {Promise<string[]>} Array of absolute file paths to .md files
- * @throws {Error} ENOENT if .planning/ directory does not exist
- */
-export async function listPlanningFiles(projectDir) {
-  const planningDir = join(projectDir, '.planning');
-  const entries = await readdir(planningDir, {
-    recursive: true,
-    withFileTypes: true
-  });
-
-  return entries
-    .filter(entry => entry.isFile() && entry.name.endsWith('.md'))
-    .map(entry => join(entry.parentPath || entry.path, entry.name));
-}
+import { readFile, readdir } from 'node:fs/promises';
+import { join, resolve, relative, normalize } from 'node:path';
+import matter from 'gray-matter';
+import { marked } from 'marked';
+
+/**
+ * Strip UTF-8 BOM (Byte Order Mark) if present.
+ * Windows editors (Notepad, older VS Code) may prepend BOM to UTF-8 files.
+ * gray-matter will fail to detect frontmatter delimiters if BOM is present.
+ * @param {string} content - Raw file content
+ * @returns {string} Content without BOM
+ */
+function stripBOM(content) {
+  return content.replace(/^\uFEFF/, '');
+}
+
+/**
+ * Validate that a resolved path stays within the base directory.
+ * Prevents path traversal attacks (e.g., ../../etc/passwd).
+ *
+ * @param {string} basePath - Absolute base directory path
+ * @param {string} userPath - User-provided path (may be relative)
+ * @returns {string} Validated absolute path
+ * @throws {Error} With status 403 if path escapes base directory
+ */
+export function validatePath(basePath, userPath) {
+  const resolvedBase = normalize(resolve(basePath));
+  const resolvedUser = normalize(resolve(basePath, userPath));
+
+  // Compute the relative path from base to target
+  const rel = relative(resolvedBase, resolvedUser);
+
+  // If relative path starts with '..' it escaped the base directory.
+  // If rel resolves to an absolute path, it was an absolute path injection.
+  if (rel.startsWith('..') || resolve(rel) === rel) {
+    const err = new Error('Path traversal attempt detected');
+    err.status = 403;
+    err.code = 'PATH_TRAVERSAL';
+    throw err;
+  }
+
+  return resolvedUser;
+}
+
+/**
+ * Read and parse a single markdown file with YAML frontmatter.
+ *
+ * @param {string} filePath - Absolute path to the markdown file
+ * @returns {Promise<{frontmatter: object, html: string, rawContent: string}>}
+ * @throws {Error} ENOENT if file does not exist, parse error if YAML is malformed
+ */
+export async function readMarkdownFile(filePath) {
+  const fileContent = await readFile(filePath, 'utf-8');
+  const cleanContent = stripBOM(fileContent);
+
+  let data, content;
+  try {
+    ({ data, content } = matter(cleanContent, {
+      engines: {
+        javascript: false
+      }
+    }));
+  } catch (error) {
+    // gray-matter throws YAMLException for malformed frontmatter.
+    // Wrap it in a user-friendly error with status 400.
+    if (error.name === 'YAMLException' || (error.constructor && error.constructor.name === 'YAMLException')) {
+      const wrapped = new Error(`Invalid YAML frontmatter in ${filePath}: ${error.message}`);
+      wrapped.status = 400;
+      wrapped.cause = error;
+      throw wrapped;
+    }
+    throw error;
+  }
+
+  const html = marked.parse(content);
+
+  return {
+    frontmatter: data,
+    html,
+    rawContent: content
+  };
+}
+
+/**
+ * Read and parse multiple markdown files in parallel (fail-fast).
+ * If any file fails, the entire operation rejects immediately.
+ *
+ * @param {string[]} filePaths - Array of absolute file paths
+ * @returns {Promise<Array<{frontmatter: object, html: string, rawContent: string}>>}
+ */
+export async function readMarkdownFiles(filePaths) {
+  return Promise.all(
+    filePaths.map(filePath => readMarkdownFile(filePath))
+  );
+}
+
+/**
+ * Read and parse multiple markdown files with partial failure tolerance.
+ * All reads complete even if some fail. Returns settled results.
+ *
+ * @param {string[]} filePaths - Array of absolute file paths
+ * @returns {Promise<Array<{status: 'fulfilled', value: object} | {status: 'rejected', reason: Error}>>}
+ */
+export async function readMarkdownFilesSettled(filePaths) {
+  return Promise.allSettled(
+    filePaths.map(filePath => readMarkdownFile(filePath))
+  );
+}
+
+/**
+ * List all markdown files under the .planning/ directory recursively.
+ * Uses native fs.readdir with recursive option (Node.js 18.17+).
+ *
+ * @param {string} projectDir - Absolute path to the project root
+ * @returns {Promise<string[]>} Array of absolute file paths to .md files
+ * @throws {Error} ENOENT if .planning/ directory does not exist
+ */
+export async function listPlanningFiles(projectDir) {
+  const planningDir = join(projectDir, '.planning');
+  const entries = await readdir(planningDir, {
+    recursive: true,
+    withFileTypes: true
+  });
+
+  return entries
+    .filter(entry => entry.isFile() && entry.name.endsWith('.md'))
+    .map(entry => join(entry.parentPath || entry.path, entry.name));
+}

package/dashboard/src/routes/events.routes.js

@@ -1,40 +1,40 @@
-import { Router } from 'express';
-import { addClient, removeClient } from '../services/sse.service.js';
-
-const router = Router();
-
-/**
- * GET /stream - Server-Sent Events endpoint.
- * Establishes a long-lived SSE connection. Events are pushed by the SSE service
- * when the file watcher detects changes. Heartbeat comments every 30s keep the
- * connection alive.
- */
-router.get('/stream', (req, res) => {
-  // Set SSE headers
-  res.writeHead(200, {
-    'Content-Type': 'text/event-stream',
-    'Cache-Control': 'no-cache',
-    'Connection': 'keep-alive',
-    'X-Accel-Buffering': 'no'
-  });
-  res.flushHeaders();
-
-  // Send initial connection confirmation
-  res.write(': connected\n\n');
-
-  // Register this client for broadcasts
-  addClient(res);
-
-  // Heartbeat every 30 seconds to keep connection alive
-  const heartbeat = setInterval(() => {
-    res.write(': heartbeat\n\n');
-  }, 30000);
-
-  // Clean up on client disconnect
-  req.on('close', () => {
-    clearInterval(heartbeat);
-    removeClient(res);
-  });
-});
-
-export default router;
+import { Router } from 'express';
+import { addClient, removeClient } from '../services/sse.service.js';
+
+const router = Router();
+
+/**
+ * GET /stream - Server-Sent Events endpoint.
+ * Establishes a long-lived SSE connection. Events are pushed by the SSE service
+ * when the file watcher detects changes. Heartbeat comments every 30s keep the
+ * connection alive.
+ */
+router.get('/stream', (req, res) => {
+  // Set SSE headers
+  res.writeHead(200, {
+    'Content-Type': 'text/event-stream',
+    'Cache-Control': 'no-cache',
+    'Connection': 'keep-alive',
+    'X-Accel-Buffering': 'no'
+  });
+  res.flushHeaders();
+
+  // Send initial connection confirmation
+  res.write(': connected\n\n');
+
+  // Register this client for broadcasts
+  addClient(res);
+
+  // Heartbeat every 30 seconds to keep connection alive
+  const heartbeat = setInterval(() => {
+    res.write(': heartbeat\n\n');
+  }, 30000);
+
+  // Clean up on client disconnect
+  req.on('close', () => {
+    clearInterval(heartbeat);
+    removeClient(res);
+  });
+});
+
+export default router;

package/dashboard/src/routes/index.routes.js

@@ -1,31 +1,31 @@
-import { Router } from 'express';
-import { getHomepage } from '../services/project.service.js';
-import { getDashboardData } from '../services/dashboard.service.js';
-
-const router = Router();
-
-router.get('/', async (req, res) => {
-  const projectDir = req.app.locals.projectDir;
-
-  const [homepageData, dashboardData] = await Promise.all([
-    getHomepage(projectDir),
-    getDashboardData(projectDir)
-  ]);
-
-  const templateData = {
-    ...homepageData,
-    ...dashboardData,
-    activePage: 'dashboard',
-    currentPath: '/'
-  };
-
-  res.setHeader('Vary', 'HX-Request');
-
-  if (req.get('HX-Request') === 'true') {
-    res.render('partials/dashboard-content', templateData);
-  } else {
-    res.render('index', templateData);
-  }
-});
-
-export default router;
+import { Router } from 'express';
+import { getHomepage } from '../services/project.service.js';
+import { getDashboardData } from '../services/dashboard.service.js';
+
+const router = Router();
+
+router.get('/', async (req, res) => {
+  const projectDir = req.app.locals.projectDir;
+
+  const [homepageData, dashboardData] = await Promise.all([
+    getHomepage(projectDir),
+    getDashboardData(projectDir)
+  ]);
+
+  const templateData = {
+    ...homepageData,
+    ...dashboardData,
+    activePage: 'dashboard',
+    currentPath: '/'
+  };
+
+  res.setHeader('Vary', 'HX-Request');
+
+  if (req.get('HX-Request') === 'true') {
+    res.render('partials/dashboard-content', templateData);
+  } else {
+    res.render('index', templateData);
+  }
+});
+
+export default router;