@stackmemoryai/stackmemory 0.3.20 → 0.3.22

package/scripts/delete-linear-tasks.js

@@ -8,7 +8,7 @@ import 'dotenv/config';
 import fs from 'fs';
 import readline from 'readline';
 
-const API_KEY = process.env.LINEAR_API_KEY;
+const API_KEY = process.env.STACKMEMORY_LINEAR_API_KEY || process.env.LINEAR_API_KEY;
 if (!API_KEY) {
   console.error('❌ LINEAR_API_KEY environment variable not set');
   console.log('Please set LINEAR_API_KEY in your .env file or export it in your shell');
@@ -83,7 +83,7 @@ async function deleteLinearTasks() {
         const response = await fetch('https://api.linear.app/graphql', {
           method: 'POST',
           headers: {
-            'Authorization': API_KEY,
+            'Authorization': `Bearer ${API_KEY}`,
             'Content-Type': 'application/json'
           },
           body: JSON.stringify({

package/scripts/install-code-execution-hooks.sh

@@ -0,0 +1,96 @@
+#!/bin/bash
+
+# Install Code Execution and Pre-Tool-Use Hooks for StackMemory
+
+set -e
+
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+PROJECT_ROOT="$(dirname "$SCRIPT_DIR")"
+CLAUDE_HOOKS_DIR="$HOME/.claude/hooks"
+
+echo "🚀 Installing StackMemory Code Execution Hooks"
+echo "============================================"
+
+# Create hooks directory if it doesn't exist
+if [ ! -d "$CLAUDE_HOOKS_DIR" ]; then
+    echo "Creating Claude hooks directory..."
+    mkdir -p "$CLAUDE_HOOKS_DIR"
+fi
+
+# Build the project first to ensure handlers are compiled
+echo ""
+echo "📦 Building project..."
+cd "$PROJECT_ROOT"
+npm run build
+
+# Install pre-tool-use hook
+echo ""
+echo "🔒 Installing pre-tool-use hook..."
+if [ -f "$PROJECT_ROOT/templates/claude-hooks/pre-tool-use" ]; then
+    # Backup existing hook if present
+    if [ -f "$CLAUDE_HOOKS_DIR/pre-tool-use" ]; then
+        echo "  Backing up existing pre-tool-use hook..."
+        cp "$CLAUDE_HOOKS_DIR/pre-tool-use" "$CLAUDE_HOOKS_DIR/pre-tool-use.backup.$(date +%Y%m%d_%H%M%S)"
+    fi
+    
+    # Copy new hook
+    cp "$PROJECT_ROOT/templates/claude-hooks/pre-tool-use" "$CLAUDE_HOOKS_DIR/"
+    chmod +x "$CLAUDE_HOOKS_DIR/pre-tool-use"
+    echo "  ✅ pre-tool-use hook installed"
+else
+    echo "  ❌ pre-tool-use hook not found"
+fi
+
+# Create configuration file
+echo ""
+echo "⚙️  Setting up configuration..."
+STACKMEMORY_CONFIG_DIR="$HOME/.stackmemory"
+mkdir -p "$STACKMEMORY_CONFIG_DIR"
+
+# Create mode configuration
+cat > "$STACKMEMORY_CONFIG_DIR/tool-mode.conf" << EOF
+# StackMemory Tool Mode Configuration
+# Options: permissive (default), restrictive, code_only
+
+STACKMEMORY_TOOL_MODE=permissive
+EOF
+
+echo "  ✅ Configuration created at $STACKMEMORY_CONFIG_DIR/tool-mode.conf"
+
+# Test code execution handler
+echo ""
+echo "🧪 Testing code execution handler..."
+node "$PROJECT_ROOT/scripts/test-code-execution.js" 2>/dev/null || {
+    echo "  ⚠️  Code execution test failed - handler may need dependencies"
+    echo "  Run: node scripts/test-code-execution.js for details"
+}
+
+# Display usage information
+echo ""
+echo "📝 Installation Complete!"
+echo ""
+echo "Usage:"
+echo "------"
+echo "1. Set tool mode (optional):"
+echo "   export STACKMEMORY_TOOL_MODE=permissive  # Default - all tools allowed"
+echo "   export STACKMEMORY_TOOL_MODE=restrictive  # Block dangerous tools"
+echo "   export STACKMEMORY_TOOL_MODE=code_only    # Only code execution allowed"
+echo ""
+echo "2. Or edit: ~/.stackmemory/tool-mode.conf"
+echo ""
+echo "3. View tool usage logs:"
+echo "   tail -f ~/.stackmemory/tool-use.log"
+echo ""
+echo "4. Test code execution:"
+echo "   node $PROJECT_ROOT/scripts/test-code-execution.js"
+echo ""
+echo "Modes:"
+echo "------"
+echo "• permissive: All tools allowed, dangerous ones logged"
+echo "• restrictive: Blocks Bash, Write, Edit, Delete, WebFetch"
+echo "• code_only: Only Python/JavaScript execution (pure computation)"
+echo ""
+echo "The code_only mode creates a restricted environment similar to"
+echo "execute_code_py, where Claude can only perform computations."
+echo ""
+echo "✨ Ready to use with Claude Code!"

package/scripts/linear-task-review.js

@@ -17,7 +17,7 @@ async function queryLinear(query, variables = {}) {
     method: 'POST',
     headers: {
       'Content-Type': 'application/json',
-      'Authorization': process.env.LINEAR_API_KEY
+      'Authorization': process.env.STACKMEMORY_LINEAR_API_KEY || process.env.LINEAR_API_KEY
     },
     body: JSON.stringify({ query, variables })
   });

package/scripts/sync-and-clean-tasks.js

@@ -10,7 +10,7 @@ import path from 'path';
 import { fileURLToPath } from 'url';
 
 const __dirname = path.dirname(fileURLToPath(import.meta.url));
-const API_KEY = process.env.LINEAR_OAUTH_TOKEN || process.env.LINEAR_API_KEY;
+const API_KEY = process.env.LINEAR_OAUTH_TOKEN || process.env.STACKMEMORY_LINEAR_API_KEY || process.env.LINEAR_API_KEY;
 if (!API_KEY) {
   console.error('❌ LINEAR_OAUTH_TOKEN or LINEAR_API_KEY environment variable not set');
   console.log('Please set LINEAR_OAUTH_TOKEN or LINEAR_API_KEY in your .env file or export it in your shell');

package/scripts/sync-linear-graphql.js

@@ -16,14 +16,14 @@ dotenv.config({
 });
 
 // Debug: Check if key is loaded
-console.log(`API Key loaded: ${process.env.LINEAR_API_KEY ? 'Yes' : 'No'} (length: ${process.env.LINEAR_API_KEY?.length || 0})`);
+console.log(`API Key loaded: ${(process.env.STACKMEMORY_LINEAR_API_KEY || process.env.LINEAR_API_KEY) ? 'Yes' : 'No'} (length: ${(process.env.STACKMEMORY_LINEAR_API_KEY || process.env.LINEAR_API_KEY)?.length || 0})`);
 
 async function queryLinear(query, variables = {}) {
   const response = await fetch('https://api.linear.app/graphql', {
     method: 'POST',
     headers: {
       'Content-Type': 'application/json',
-      'Authorization': process.env.LINEAR_API_KEY
+      'Authorization': process.env.STACKMEMORY_LINEAR_API_KEY || process.env.LINEAR_API_KEY
     },
     body: JSON.stringify({ query, variables })
   });
@@ -36,7 +36,7 @@ async function queryLinear(query, variables = {}) {
 }
 
 async function syncLinearTasks() {
-  const apiKey = process.env.LINEAR_API_KEY;
+  const apiKey = process.env.STACKMEMORY_LINEAR_API_KEY || process.env.LINEAR_API_KEY;
   
   if (!apiKey) {
     console.error('❌ LINEAR_API_KEY not found in environment');

package/scripts/sync-linear-tasks.js

@@ -12,7 +12,7 @@ const __dirname = path.dirname(fileURLToPath(import.meta.url));
 dotenv.config({ path: path.join(__dirname, '..', '.env') });
 
 async function syncLinearTasks() {
-  const apiKey = process.env.LINEAR_API_KEY;
+  const apiKey = process.env.STACKMEMORY_LINEAR_API_KEY || process.env.LINEAR_API_KEY;
   
   if (!apiKey) {
     console.error('❌ LINEAR_API_KEY not found in environment');

package/scripts/test-code-execution.js

@@ -0,0 +1,143 @@
+#!/usr/bin/env node
+
+/**
+ * Test code execution MCP handler
+ */
+
+import { CodeExecutionHandler } from '../dist/integrations/mcp/handlers/code-execution-handlers.js';
+
+async function testPythonExecution() {
+  console.log('🐍 Testing Python Code Execution\n');
+  
+  const handler = new CodeExecutionHandler();
+  
+  // Test 1: Simple Python code
+  console.log('Test 1: Simple calculation');
+  const result1 = await handler.executeCode({
+    language: 'python',
+    code: `
+import math
+
+def calculate_circle_area(radius):
+    return math.pi * radius ** 2
+
+# Test the function
+radius = 5
+area = calculate_circle_area(radius)
+print(f"Circle with radius {radius} has area: {area:.2f}")
+
+# Generate some data
+data = [i**2 for i in range(10)]
+print(f"Squares: {data}")
+`,
+  });
+  
+  console.log('Success:', result1.success);
+  console.log('Output:', result1.stdout);
+  if (result1.stderr) console.log('Errors:', result1.stderr);
+  console.log('---\n');
+  
+  // Test 2: Code with warnings
+  console.log('Test 2: Code with security warnings');
+  const code2 = `
+import os
+import subprocess
+
+# This should trigger warnings
+print("Current directory:", os.getcwd())
+`;
+  
+  const validation = handler.validateCode(code2);
+  console.log('Validation result:', validation);
+  
+  if (!validation.safe) {
+    console.log('Executing anyway with force flag...');
+    const result2 = await handler.executeCode({
+      language: 'python',
+      code: code2,
+    });
+    console.log('Output:', result2.stdout);
+  }
+  console.log('---\n');
+  
+  // Test 3: JavaScript execution
+  console.log('Test 3: JavaScript code');
+  const result3 = await handler.executeCode({
+    language: 'javascript',
+    code: `
+// Calculate fibonacci
+function fibonacci(n) {
+  if (n <= 1) return n;
+  return fibonacci(n - 1) + fibonacci(n - 2);
+}
+
+for (let i = 0; i < 10; i++) {
+  console.log(\`fibonacci(\${i}) = \${fibonacci(i)}\`);
+}
+
+// Test async operation
+setTimeout(() => {
+  console.log('Async operation completed');
+}, 100);
+
+// Wait a bit for async
+new Promise(resolve => setTimeout(resolve, 200)).then(() => {
+  console.log('Promise resolved');
+});
+`,
+  });
+  
+  console.log('Success:', result3.success);
+  console.log('Output:', result3.stdout);
+  console.log('---\n');
+  
+  // Test 4: Long-running code with timeout
+  console.log('Test 4: Timeout test');
+  const result4 = await handler.executeCode({
+    language: 'python',
+    code: `
+import time
+print("Starting long operation...")
+time.sleep(5)  # This should timeout if timeout is < 5 seconds
+print("This should not print")
+`,
+    timeout: 2000, // 2 second timeout
+  });
+  
+  console.log('Success:', result4.success);
+  console.log('Output:', result4.stdout);
+  console.log('Errors:', result4.stderr);
+  console.log('---\n');
+  
+  // Test 5: Large output truncation
+  console.log('Test 5: Large output handling');
+  const result5 = await handler.executeCode({
+    language: 'python',
+    code: `
+# Generate large output
+for i in range(10000):
+    print(f"Line {i}: {'=' * 50}")
+`,
+  });
+  
+  console.log('Success:', result5.success);
+  console.log('Truncated:', result5.truncated);
+  if (result5.truncated) {
+    console.log('Output file:', result5.outputFile);
+  }
+  console.log('Output length:', result5.stdout.length);
+  console.log('---\n');
+  
+  // Get sandbox status
+  const status = await handler.getSandboxStatus();
+  console.log('📊 Sandbox Status:', status);
+  
+  // Clean sandbox
+  console.log('\n🧹 Cleaning sandbox...');
+  await handler.cleanSandbox();
+  const statusAfter = await handler.getSandboxStatus();
+  console.log('Sandbox after cleanup:', statusAfter);
+}
+
+// Run tests
+testPythonExecution().catch(console.error);

package/scripts/update-linear-tasks-fixed.js

@@ -6,7 +6,7 @@
 
 import 'dotenv/config';
 
-const API_KEY = process.env.LINEAR_OAUTH_TOKEN || process.env.LINEAR_API_KEY;
+const API_KEY = process.env.LINEAR_OAUTH_TOKEN || process.env.STACKMEMORY_LINEAR_API_KEY || process.env.LINEAR_API_KEY;
 if (!API_KEY) {
   console.error('❌ LINEAR_OAUTH_TOKEN or LINEAR_API_KEY environment variable not set');
   console.log('Please set LINEAR_OAUTH_TOKEN or LINEAR_API_KEY in your .env file or export it in your shell');

package/scripts/validate-railway-deployment.js

@@ -0,0 +1,137 @@
+#!/usr/bin/env node
+
+/**
+ * Validate Railway deployment and check all services
+ */
+
+async function checkEndpoint(url, expectedKeys = []) {
+  try {
+    console.log(`\n📍 Checking: ${url}`);
+    const response = await fetch(url);
+    const data = await response.json();
+    
+    console.log(`  Status: ${response.status}`);
+    console.log(`  Response:`, JSON.stringify(data, null, 2));
+    
+    // Check for expected keys
+    for (const key of expectedKeys) {
+      if (key in data) {
+        console.log(`  ✅ Found key: ${key}`);
+      } else {
+        console.log(`  ❌ Missing key: ${key}`);
+      }
+    }
+    
+    return { success: response.ok, data };
+  } catch (error) {
+    console.log(`  ❌ Error: ${error.message}`);
+    return { success: false, error: error.message };
+  }
+}
+
+async function testAuth(baseUrl) {
+  console.log('\n🔐 Testing Authentication Endpoints:');
+  
+  // Test signup
+  const signupData = {
+    email: `test${Date.now()}@example.com`,
+    password: 'TestPass123!',
+    name: 'Test User'
+  };
+  
+  console.log('\n📝 Testing POST /auth/signup');
+  try {
+    const response = await fetch(`${baseUrl}/auth/signup`, {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify(signupData)
+    });
+    
+    const data = await response.json();
+    console.log(`  Status: ${response.status}`);
+    
+    if (response.ok) {
+      console.log('  ✅ Signup endpoint works!');
+      console.log(`  Response:`, JSON.stringify(data, null, 2));
+    } else {
+      console.log('  ❌ Signup failed:', data.error || data.message);
+    }
+  } catch (error) {
+    console.log('  ❌ Signup endpoint not available:', error.message);
+  }
+  
+  // Test login
+  console.log('\n🔑 Testing POST /auth/login');
+  try {
+    const response = await fetch(`${baseUrl}/auth/login`, {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({
+        email: signupData.email,
+        password: signupData.password
+      })
+    });
+    
+    const data = await response.json();
+    console.log(`  Status: ${response.status}`);
+    
+    if (response.ok) {
+      console.log('  ✅ Login endpoint works!');
+      console.log(`  Token received:`, data.token ? 'Yes' : 'No');
+      console.log(`  API Key:`, data.apiKey ? 'Yes' : 'No');
+    } else {
+      console.log('  ❌ Login failed:', data.error || data.message);
+    }
+  } catch (error) {
+    console.log('  ❌ Login endpoint not available:', error.message);
+  }
+}
+
+async function main() {
+  const baseUrl = process.argv[2] || 'https://stackmemory-production.up.railway.app';
+  
+  console.log('🚀 StackMemory Railway Deployment Validator');
+  console.log('==========================================');
+  console.log(`Base URL: ${baseUrl}`);
+  console.log(`Timestamp: ${new Date().toISOString()}`);
+  
+  // Check root endpoint
+  const root = await checkEndpoint(baseUrl, ['message', 'version', 'endpoints']);
+  
+  // Detect server type
+  if (root.data?.message?.includes('Minimal')) {
+    console.log('\n⚠️  WARNING: Minimal server is running!');
+    console.log('   The full server with auth endpoints is not deployed.');
+  } else if (root.data?.message?.includes('API Server')) {
+    console.log('\n✅ Full API server is running!');
+  }
+  
+  // Check health
+  await checkEndpoint(`${baseUrl}/health`, ['status']);
+  
+  // Check database connections
+  const dbTest = await checkEndpoint(`${baseUrl}/test-db`, ['postgresql', 'redis']);
+  
+  if (dbTest.data) {
+    console.log('\n📊 Database Status:');
+    if (dbTest.data.postgresql?.status === 'connected') {
+      console.log('  ✅ PostgreSQL: Connected');
+    } else {
+      console.log('  ❌ PostgreSQL:', dbTest.data.postgresql?.status || 'Not configured');
+    }
+    
+    if (dbTest.data.redis?.status === 'connected') {
+      console.log('  ✅ Redis: Connected');
+    } else {
+      console.log('  ❌ Redis:', dbTest.data.redis?.status || 'Not configured');
+    }
+  }
+  
+  // Test auth endpoints
+  await testAuth(baseUrl);
+  
+  console.log('\n==========================================');
+  console.log('Validation complete!');
+}
+
+main().catch(console.error);

package/templates/claude-hooks/hook-config.json

@@ -0,0 +1,59 @@
+{
+  "pre-tool-use": {
+    "description": "Controls tool usage based on configured policies",
+    "version": "1.0.0",
+    "modes": {
+      "permissive": {
+        "description": "Allow all tools but log dangerous operations",
+        "default": true,
+        "restrictions": []
+      },
+      "restrictive": {
+        "description": "Block potentially dangerous tools",
+        "restrictions": ["Bash", "Write", "Edit", "Delete", "WebFetch"],
+        "allowed": ["TodoWrite", "TodoRead", "Read", "Grep", "LS"]
+      },
+      "code_only": {
+        "description": "Only allow code execution tools - pure computational environment",
+        "restrictions": ["*"],
+        "allowed": ["mcp__stackmemory__code.execute", "mcp__code-executor__execute_code", "TodoWrite", "TodoRead"]
+      }
+    },
+    "alwaysAllowed": [
+      "mcp__stackmemory__save_context",
+      "mcp__stackmemory__load_context",
+      "TodoWrite",
+      "TodoRead"
+    ],
+    "dangerousTools": [
+      "Bash",
+      "Write",
+      "Edit",
+      "Delete",
+      "WebFetch",
+      "MultiEdit"
+    ],
+    "codeExecutionTools": [
+      "mcp__code-executor__execute_code",
+      "mcp__stackmemory__code.execute"
+    ]
+  },
+  "installation": {
+    "commands": [
+      "# Install pre-tool-use hook",
+      "cp templates/claude-hooks/pre-tool-use ~/.claude/hooks/",
+      "chmod +x ~/.claude/hooks/pre-tool-use",
+      "",
+      "# Set mode (optional, defaults to permissive)",
+      "export STACKMEMORY_TOOL_MODE=permissive  # or restrictive, code_only",
+      "",
+      "# View tool usage logs",
+      "tail -f ~/.stackmemory/tool-use.log"
+    ]
+  },
+  "usage": {
+    "permissive_mode": "Default mode - all tools allowed with logging",
+    "restrictive_mode": "Blocks dangerous tools like Bash, Write, Edit",
+    "code_only_mode": "Only code execution allowed - ideal for pure computation tasks"
+  }
+}