@stackmemoryai/stackmemory 0.3.16 → 0.3.18

package/scripts/test-chromadb-full.js

@@ -0,0 +1,115 @@
+#!/usr/bin/env node
+
+/**
+ * Comprehensive ChromaDB integration test
+ */
+
+import { ChromaDBContextSaver, TRIGGER_EVENTS } from '../.claude/hooks/chromadb-save-hook.js';
+import chalk from 'chalk';
+
+async function testAllEventTypes() {
+  const saver = new ChromaDBContextSaver();
+  
+  console.log(chalk.cyan('\n🧪 Testing ChromaDB Context Saving\n'));
+  
+  // Test different event types
+  const testCases = [
+    {
+      event: TRIGGER_EVENTS.TASK_COMPLETE,
+      data: {
+        task: 'Fix TypeScript and lint errors',
+        taskId: 'STA-293',
+        duration: 1200000,
+        filesChanged: ['src/skills/claude-skills.ts', 'src/cli/index.ts']
+      }
+    },
+    {
+      event: TRIGGER_EVENTS.CODE_CHANGE,
+      data: {
+        files: ['src/core/storage/chromadb-simple.ts'],
+        linesAdded: 45,
+        linesRemoved: 23
+      }
+    },
+    {
+      event: TRIGGER_EVENTS.TEST_RUN,
+      data: {
+        total: 421,
+        passed: 421,
+        failed: 0,
+        coverage: 87.5
+      }
+    },
+    {
+      event: TRIGGER_EVENTS.DECISION_MADE,
+      data: {
+        decision: 'Use ChromaDB Cloud for context persistence',
+        category: 'architecture',
+        alternatives: ['Local SQLite', 'Redis', 'PostgreSQL'],
+        reasoning: 'Cloud-based solution provides better persistence and sharing'
+      }
+    },
+    {
+      event: TRIGGER_EVENTS.PERIODIC_SAVE,
+      data: {
+        interval: '15m',
+        activeFiles: ['scripts/test-chromadb-sync.ts']
+      }
+    }
+  ];
+  
+  let successCount = 0;
+  let failCount = 0;
+  
+  for (const testCase of testCases) {
+    console.log(chalk.yellow(`\n📝 Testing: ${testCase.event}`));
+    console.log(chalk.gray(`   Data: ${JSON.stringify(testCase.data).substring(0, 100)}...`));
+    
+    try {
+      const result = await saver.saveContext(testCase.event, testCase.data);
+      if (result && result.success) {
+        console.log(chalk.green(`   ✅ Saved successfully: ${result.id}`));
+        successCount++;
+      } else {
+        console.log(chalk.red(`   ❌ Save failed: ${result?.error || 'Unknown error'}`));
+        failCount++;
+      }
+    } catch (error) {
+      console.log(chalk.red(`   ❌ Error: ${error.message}`));
+      failCount++;
+    }
+  }
+  
+  // Load recent contexts
+  console.log(chalk.cyan('\n🔍 Loading recent contexts...'));
+  const recentContexts = await saver.loadRecentContext(1); // Last hour
+  
+  console.log(chalk.blue(`\n📊 Summary:`));
+  console.log(`   Saved: ${successCount}/${testCases.length}`);
+  console.log(`   Failed: ${failCount}/${testCases.length}`);
+  console.log(`   Recent contexts found: ${recentContexts.length}`);
+  
+  // Display recent contexts
+  if (recentContexts.length > 0) {
+    console.log(chalk.cyan('\n📚 Recent Contexts:'));
+    recentContexts.slice(0, 5).forEach((ctx, i) => {
+      console.log(`\n   ${i + 1}. ${ctx.type || 'unknown'} - ${new Date(ctx.timestamp).toLocaleString()}`);
+      console.log(`      ${ctx.content?.substring(0, 80)}...`);
+    });
+  }
+  
+  return successCount === testCases.length;
+}
+
+// Run tests
+testAllEventTypes().then(success => {
+  if (success) {
+    console.log(chalk.green('\n✅ All tests passed! ChromaDB integration is working.'));
+  } else {
+    console.log(chalk.yellow('\n⚠️  Some tests failed, but ChromaDB is partially working.'));
+  }
+  process.exit(success ? 0 : 1);
+}).catch(error => {
+  console.error(chalk.red('\n❌ Test failed:'), error);
+  process.exit(1);
+});

package/scripts/test-chromadb-hooks.sh

@@ -0,0 +1,28 @@
+#!/bin/bash
+
+echo "🧪 Testing ChromaDB Hooks"
+echo "========================"
+echo ""
+
+# Test save hook
+echo "1. Testing save hook..."
+echo "Test content" | $HOME/.claude/hooks/on-save
+sleep 1
+
+# Test query hook
+echo "2. Testing query hook..."
+echo "test query" | $HOME/.claude/hooks/on-query
+sleep 1
+
+# Test checkpoint hook
+echo "3. Testing checkpoint hook..."
+$HOME/.claude/hooks/on-checkpoint
+sleep 1
+
+# Check logs
+echo ""
+echo "📄 Recent hook activity:"
+tail -10 "$HOME/.stackmemory/logs/chromadb-hook.log" 2>/dev/null || echo "No logs yet"
+
+echo ""
+echo "✅ Hook test complete"

package/scripts/test-chromadb-sync.ts

@@ -0,0 +1,245 @@
+#!/usr/bin/env tsx
+
+/**
+ * Test ChromaDB synchronization and upload local contexts
+ */
+
+import { ChromaClient } from 'chromadb';
+import * as fs from 'fs';
+import * as path from 'path';
+import * as os from 'os';
+import * as readline from 'readline';
+import dotenv from 'dotenv';
+
+// Load environment variables
+dotenv.config();
+
+async function testChromaDBConnection() {
+  const apiKey = process.env.CHROMADB_API_KEY;
+  const tenant = process.env.CHROMADB_TENANT;
+  const database = process.env.CHROMADB_DATABASE || 'stackmemory';
+  
+  if (!apiKey || !tenant) {
+    console.error('❌ Missing ChromaDB credentials in .env');
+    console.log('   CHROMADB_API_KEY:', apiKey ? '✓ Set' : '✗ Missing');
+    console.log('   CHROMADB_TENANT:', tenant ? '✓ Set' : '✗ Missing');
+    console.log('   CHROMADB_DATABASE:', database);
+    return null;
+  }
+
+  console.log('🔄 Connecting to ChromaDB Cloud...');
+  console.log('   Tenant:', tenant);
+  console.log('   Database:', database);
+  
+  try {
+    // Create ChromaDB client for cloud using new API
+    const client = new ChromaClient({
+      ssl: true,
+      host: 'api.trychroma.com',
+      port: 443,
+      headers: {
+        'X-Chroma-Token': apiKey
+      },
+      tenant: tenant,
+      database: database
+    });
+
+    // Test connection
+    const heartbeat = await client.heartbeat();
+    console.log('✅ ChromaDB connection successful:', heartbeat);
+    
+    return client;
+  } catch (error: unknown) {
+    console.error('❌ Failed to connect to ChromaDB:', (error as Error).message);
+    return null;
+  }
+}
+
+async function getOrCreateCollection(client: ChromaClient) {
+  const collectionName = 'stackmemory_contexts';
+  
+  try {
+    // Try to get existing collection
+    const collections = await client.listCollections();
+    console.log('📚 Existing collections:', collections.map((c: any) => c.name).join(', ') || 'none');
+    
+    // Get or create the collection
+    const collection = await client.getOrCreateCollection({
+      name: collectionName,
+      metadata: {
+        description: 'StackMemory context storage',
+        created_by: 'test-chromadb-sync',
+        version: '2.0.0'
+      }
+    });
+    
+    console.log(`✅ Collection '${collectionName}' ready`);
+    
+    // Get collection count
+    const count = await collection.count();
+    console.log(`   Current entries: ${count}`);
+    
+    return collection;
+  } catch (error: unknown) {
+    console.error('❌ Failed to create/get collection:', (error as Error).message);
+    return null;
+  }
+}
+
+async function loadLocalContexts() {
+  const storageFile = path.join(os.homedir(), '.stackmemory', 'context-storage', 'contexts.jsonl');
+  
+  if (!fs.existsSync(storageFile)) {
+    console.log('⚠️  No local contexts found');
+    return [];
+  }
+  
+  const contexts: any[] = [];
+  const fileStream = fs.createReadStream(storageFile);
+  const rl = readline.createInterface({
+    input: fileStream,
+    crlfDelay: Infinity
+  });
+
+  for await (const line of rl) {
+    if (line.trim()) {
+      try {
+        contexts.push(JSON.parse(line));
+      } catch (error) {
+        console.warn('Failed to parse line:', line.substring(0, 50));
+      }
+    }
+  }
+  
+  console.log(`📁 Loaded ${contexts.length} local contexts`);
+  return contexts;
+}
+
+async function syncContextsToChromaDB(collection: any, contexts: any[]) {
+  console.log(`\n🔄 Syncing ${contexts.length} contexts to ChromaDB...`);
+  
+  let synced = 0;
+  let failed = 0;
+  
+  // Batch upload for efficiency
+  const batchSize = 10;
+  for (let i = 0; i < contexts.length; i += batchSize) {
+    const batch = contexts.slice(i, Math.min(i + batchSize, contexts.length));
+    
+    const ids: string[] = [];
+    const documents: string[] = [];
+    const metadatas: any[] = [];
+    
+    for (const ctx of batch) {
+      ids.push(ctx.id || `ctx_${Date.now()}_${Math.random().toString(36).substr(2, 9)}`);
+      documents.push(ctx.content || JSON.stringify(ctx));
+      
+      // Prepare metadata
+      const metadata: any = {
+        timestamp: ctx.timestamp || ctx.stored_at || new Date().toISOString(),
+        type: ctx.type || 'context',
+        user_id: ctx.user_id || process.env.USER || 'default',
+        project: ctx.project || 'stackmemory'
+      };
+      
+      // Add additional metadata if present
+      if (ctx.session_id) metadata.session_id = ctx.session_id;
+      if (ctx.metadata) {
+        Object.entries(ctx.metadata).forEach(([key, value]) => {
+          if (value !== undefined && value !== null) {
+            metadata[key] = String(value);
+          }
+        });
+      }
+      
+      metadatas.push(metadata);
+    }
+    
+    try {
+      await collection.upsert({
+        ids,
+        documents,
+        metadatas
+      });
+      synced += batch.length;
+      console.log(`   ✓ Batch ${Math.floor(i / batchSize) + 1}: ${batch.length} contexts synced`);
+    } catch (error: unknown) {
+      failed += batch.length;
+      console.error(`   ✗ Batch ${Math.floor(i / batchSize) + 1} failed:`, (error as Error).message);
+    }
+  }
+  
+  console.log(`\n📊 Sync complete:`);
+  console.log(`   ✅ Synced: ${synced}`);
+  console.log(`   ❌ Failed: ${failed}`);
+  
+  return { synced, failed };
+}
+
+async function queryRecentContexts(collection: any) {
+  console.log('\n🔍 Querying recent contexts...');
+  
+  try {
+    // Query for recent contexts
+    const results = await collection.query({
+      queryTexts: ['task complete code change'],
+      nResults: 5
+    });
+    
+    if (results.ids && results.ids[0].length > 0) {
+      console.log(`Found ${results.ids[0].length} relevant contexts:`);
+      
+      for (let i = 0; i < results.ids[0].length; i++) {
+        const metadata = results.metadatas[0][i];
+        const document = results.documents[0][i];
+        console.log(`\n📄 Context ${i + 1}:`);
+        console.log(`   ID: ${results.ids[0][i]}`);
+        console.log(`   Type: ${metadata.type}`);
+        console.log(`   Timestamp: ${metadata.timestamp}`);
+        console.log(`   Content: ${document.substring(0, 100)}...`);
+      }
+    } else {
+      console.log('No contexts found');
+    }
+  } catch (error: unknown) {
+    console.error('Failed to query contexts:', (error as Error).message);
+  }
+}
+
+async function main() {
+  console.log('🚀 ChromaDB Sync Test\n');
+  
+  // Connect to ChromaDB
+  const client = await testChromaDBConnection();
+  if (!client) {
+    console.error('\n❌ Cannot proceed without ChromaDB connection');
+    console.log('\n📝 To fix:');
+    console.log('1. Ensure you have a ChromaDB Cloud account');
+    console.log('2. Add credentials to .env:');
+    console.log('   CHROMADB_API_KEY=your-api-key');
+    console.log('   CHROMADB_TENANT=your-tenant-id');
+    console.log('   CHROMADB_DATABASE=stackmemory');
+    process.exit(1);
+  }
+  
+  // Get or create collection
+  const collection = await getOrCreateCollection(client);
+  if (!collection) {
+    process.exit(1);
+  }
+  
+  // Load local contexts
+  const contexts = await loadLocalContexts();
+  
+  if (contexts.length > 0) {
+    // Sync to ChromaDB
+    await syncContextsToChromaDB(collection, contexts);
+  }
+  
+  // Query recent contexts
+  await queryRecentContexts(collection);
+  
+  console.log('\n✅ Test complete!');
+}
+
+main().catch(console.error);

package/scripts/test-cli-security.js

@@ -0,0 +1,293 @@
+#!/usr/bin/env node
+
+/**
+ * Security Testing Script for StackMemory CLI/API
+ * Tests input validation and security vulnerabilities
+ */
+
+import { spawn, execSync } from 'child_process';
+import { existsSync, mkdirSync, rmSync } from 'fs';
+import { join } from 'path';
+
+const TEST_DIR = '/tmp/stackmemory-security-test';
+const TESTS_PASSED = [];
+const TESTS_FAILED = [];
+
+// Color output helpers
+const red = (str) => `\x1b[31m${str}\x1b[0m`;
+const green = (str) => `\x1b[32m${str}\x1b[0m`;
+const yellow = (str) => `\x1b[33m${str}\x1b[0m`;
+const blue = (str) => `\x1b[34m${str}\x1b[0m`;
+
+// Test runner
+async function runTest(name, testFn) {
+  process.stdout.write(`Testing ${name}... `);
+  try {
+    await testFn();
+    TESTS_PASSED.push(name);
+    console.log(green('✓ PASSED'));
+    return true;
+  } catch (error) {
+    TESTS_FAILED.push({ name, error: error.message });
+    console.log(red('✗ FAILED'));
+    console.log(`  ${yellow(error.message)}`);
+    return false;
+  }
+}
+
+// Execute CLI command safely
+function execCLI(args, options = {}) {
+  try {
+    const result = execSync(`npx stackmemory ${args}`, {
+      cwd: TEST_DIR,
+      encoding: 'utf8',
+      stdio: 'pipe',
+      ...options
+    });
+    return { success: true, output: result };
+  } catch (error) {
+    return { 
+      success: false, 
+      output: error.stdout || '',
+      error: error.stderr || error.message 
+    };
+  }
+}
+
+// Setup test environment
+function setupTestEnv() {
+  if (existsSync(TEST_DIR)) {
+    rmSync(TEST_DIR, { recursive: true, force: true });
+  }
+  mkdirSync(TEST_DIR, { recursive: true });
+  process.chdir(TEST_DIR);
+  
+  // Initialize StackMemory
+  execSync('npx stackmemory init', { cwd: TEST_DIR, stdio: 'ignore' });
+}
+
+// Security Tests
+const securityTests = {
+  // SQL Injection Tests
+  async testSQLInjection() {
+    const payloads = [
+      "'; DROP TABLE frames; --",
+      "1' OR '1'='1",
+      "1; DELETE FROM tasks WHERE 1=1; --",
+      "' UNION SELECT * FROM frames --",
+      "1' AND (SELECT * FROM (SELECT(SLEEP(5)))a)--"
+    ];
+    
+    for (const payload of payloads) {
+      const result = execCLI(`search "${payload}"`);
+      if (!result.success && result.error?.includes('DROP TABLE')) {
+        throw new Error(`SQL injection vulnerability detected with payload: ${payload}`);
+      }
+    }
+  },
+
+  // Command Injection Tests
+  async testCommandInjection() {
+    const payloads = [
+      '$(whoami)',
+      '`id`',
+      '; ls -la',
+      '| cat /etc/passwd',
+      '&& rm -rf /',
+      '\n/bin/sh',
+      '"; cat ~/.ssh/id_rsa; echo "'
+    ];
+    
+    for (const payload of payloads) {
+      const result = execCLI(`linear update "${payload}"`);
+      // Check if command was executed
+      if (result.output?.includes('root') || result.output?.includes('uid=')) {
+        throw new Error(`Command injection vulnerability with payload: ${payload}`);
+      }
+    }
+  },
+
+  // Path Traversal Tests
+  async testPathTraversal() {
+    const payloads = [
+      '../../../etc/passwd',
+      '..\\..\\..\\windows\\system32\\config\\sam',
+      'file:///etc/passwd',
+      '....//....//....//etc/passwd',
+      '%2e%2e%2f%2e%2e%2f%2e%2e%2fetc%2fpasswd'
+    ];
+    
+    for (const payload of payloads) {
+      // Test with project commands
+      const result = execCLI(`projects add "${payload}"`);
+      if (result.output?.includes('root:') || result.output?.includes('Administrator:')) {
+        throw new Error(`Path traversal vulnerability with payload: ${payload}`);
+      }
+    }
+  },
+
+  // Invalid Input Handling
+  async testInvalidInputs() {
+    const tests = [
+      { cmd: 'linear sync --direction invalid', shouldFail: true },
+      { cmd: 'linear config --set-interval -1', shouldFail: true },
+      { cmd: 'linear config --set-quiet-start 25', shouldFail: true },
+      { cmd: 'analytics --port abc', shouldFail: true },
+      { cmd: 'search --limit notanumber', shouldFail: true }
+    ];
+    
+    for (const test of tests) {
+      const result = execCLI(test.cmd);
+      if (test.shouldFail && result.success) {
+        throw new Error(`Invalid input accepted: ${test.cmd}`);
+      }
+    }
+  },
+
+  // Buffer Overflow Tests
+  async testBufferOverflow() {
+    const largeString = 'A'.repeat(1000000); // 1MB string
+    const veryLargeString = 'B'.repeat(10000000); // 10MB string
+    
+    // Test with large inputs
+    const result1 = execCLI(`search "${largeString}"`);
+    const result2 = execCLI(`linear create --title "${veryLargeString}"`);
+    
+    // Should handle gracefully without crashing
+    if (result1.error?.includes('Segmentation fault') || 
+        result2.error?.includes('Segmentation fault')) {
+      throw new Error('Buffer overflow vulnerability detected');
+    }
+  },
+
+  // YAML/JSON Injection
+  async testYAMLInjection() {
+    const payloads = [
+      '!!python/object/apply:os.system ["ls"]',
+      '{"__proto__": {"isAdmin": true}}',
+      '{"constructor": {"prototype": {"isAdmin": true}}}',
+      '{ "$gt": "" }',
+      '{"$where": "sleep(1000)"}'
+    ];
+    
+    for (const payload of payloads) {
+      const result = execCLI(`config --import '${payload}'`);
+      if (result.output?.includes('isAdmin') || 
+          result.output?.includes('bin') ||
+          result.output?.includes('etc')) {
+        throw new Error(`YAML/JSON injection vulnerability with payload: ${payload}`);
+      }
+    }
+  },
+
+  // Environment Variable Injection
+  async testEnvVarInjection() {
+    const payloads = [
+      '$HOME',
+      '${PATH}',
+      '$(printenv)',
+      '%USERPROFILE%'
+    ];
+    
+    for (const payload of payloads) {
+      const result = execCLI(`linear setup --client-id "${payload}"`);
+      if (result.output?.includes('/home/') || 
+          result.output?.includes('/usr/') ||
+          result.output?.includes('Users')) {
+        throw new Error(`Environment variable injection with payload: ${payload}`);
+      }
+    }
+  },
+
+  // Integer Overflow Tests
+  async testIntegerOverflow() {
+    const tests = [
+      { cmd: 'search --limit 999999999999999999999', field: 'limit' },
+      { cmd: 'analytics --port 999999999', field: 'port' },
+      { cmd: 'linear config --set-interval 2147483648', field: 'interval' }
+    ];
+    
+    for (const test of tests) {
+      const result = execCLI(test.cmd);
+      // Should validate numeric ranges
+      if (!result.error && result.success) {
+        throw new Error(`Integer overflow not handled for ${test.field}`);
+      }
+    }
+  },
+
+  // XSS in Terminal Output
+  async testXSSInTerminal() {
+    const payloads = [
+      '\x1b[31mRED\x1b[0m\x1b]0;HIJACKED\x07',
+      '<script>alert(1)</script>',
+      '\r\nInjected line',
+      '\x1b[2J\x1b[H' // Clear screen escape
+    ];
+    
+    for (const payload of payloads) {
+      const result = execCLI(`search "${payload}"`);
+      // Output should be sanitized
+      if (result.output?.includes('\x1b]0;') || 
+          result.output?.includes('\x1b[2J')) {
+        throw new Error('Terminal escape sequences not sanitized');
+      }
+    }
+  },
+
+  // Authentication Bypass Tests
+  async testAuthBypass() {
+    // Test accessing Linear commands without auth
+    const commands = [
+      'linear sync',
+      'linear list',
+      'linear update TEST-123'
+    ];
+    
+    // Unset LINEAR_API_KEY for test
+    delete process.env.LINEAR_API_KEY;
+    
+    for (const cmd of commands) {
+      const result = execCLI(cmd);
+      // Should require authentication
+      if (result.success && !result.output?.includes('not configured')) {
+        throw new Error(`Authentication bypass for: ${cmd}`);
+      }
+    }
+  }
+};
+
+// Main test runner
+async function main() {
+  console.log(blue('\n🔒 StackMemory CLI/API Security Testing\n'));
+  console.log('Setting up test environment...\n');
+  
+  setupTestEnv();
+  
+  // Run all security tests
+  for (const [name, testFn] of Object.entries(securityTests)) {
+    await runTest(name, testFn);
+  }
+  
+  // Summary
+  console.log(blue('\n📊 Test Summary\n'));
+  console.log(green(`✓ Passed: ${TESTS_PASSED.length}`));
+  console.log(red(`✗ Failed: ${TESTS_FAILED.length}`));
+  
+  if (TESTS_FAILED.length > 0) {
+    console.log(red('\n❌ Failed Tests:'));
+    TESTS_FAILED.forEach(({ name, error }) => {
+      console.log(`  - ${name}: ${error}`);
+    });
+  }
+  
+  // Cleanup
+  if (existsSync(TEST_DIR)) {
+    rmSync(TEST_DIR, { recursive: true, force: true });
+  }
+  
+  process.exit(TESTS_FAILED.length > 0 ? 1 : 0);
+}
+
+// Run tests
+main().catch(console.error);