@vtstech/pi-shared 1.1.8 → 1.2.0

package/config-io.js

@@ -2,6 +2,16 @@
 import * as fs from "node:fs";
 import * as path from "node:path";
 import os from "node:os";
+
+// shared/debug.ts
+var DEBUG_ENABLED = process.env.PI_EXTENSIONS_DEBUG === "1";
+function debugLog(module, message, ...args) {
+  if (!DEBUG_ENABLED) return;
+  const timestamp = (/* @__PURE__ */ new Date()).toISOString();
+  console.debug(`[pi-ext:${module}] ${timestamp} ${message}`, ...args);
+}
+
+// shared/config-io.ts
 var PI_AGENT_DIR = path.join(os.homedir(), ".pi", "agent");
 function readJsonConfig(filePath, defaultValue = {}) {
   try {
@@ -9,9 +19,7 @@ function readJsonConfig(filePath, defaultValue = {}) {
       return JSON.parse(fs.readFileSync(filePath, "utf-8"));
     }
   } catch (err) {
-    if (typeof process !== "undefined" && process.env.PI_EXTENSIONS_DEBUG === "1") {
-      console.debug(`[config-io] Failed to read config: ${filePath}`, err);
-    }
+    debugLog("config-io", `failed to read config: ${filePath}`, err);
   }
   return defaultValue;
 }

package/errors.js

@@ -24,11 +24,11 @@ var ApiError = class extends ExtensionError {
     this.name = "ApiError";
   }
 };
-var TimeoutError = class extends ExtensionError {
+var ExtensionTimeoutError = class extends ExtensionError {
   constructor(message, timeoutMs) {
     super(message, "TIMEOUT");
     __publicField(this, "timeoutMs", timeoutMs);
-    this.name = "TimeoutError";
+    this.name = "ExtensionTimeoutError";
   }
 };
 var SecurityError = class extends ExtensionError {
@@ -50,7 +50,7 @@ export {
   ApiError,
   ConfigError,
   ExtensionError,
+  ExtensionTimeoutError,
   SecurityError,
-  TimeoutError,
   ToolError
 };

package/ollama.js

@@ -12,7 +12,7 @@ function debugLog(module, message, ...args) {
 }
 
 // shared/ollama.ts
-var EXTENSION_VERSION = "1.1.8";
+var EXTENSION_VERSION = "1.2.0";
 var MODELS_JSON_PATH = path.join(os.homedir(), ".pi", "agent", "models.json");
 var _modelsJsonCache = null;
 var _ollamaBaseUrlCache = null;
@@ -180,7 +180,7 @@ async function fetchModelContextLength(baseUrl, modelName) {
       const numCtx = data?.model_info?.["num_ctx"];
       if (typeof numCtx === "number") return numCtx;
     } catch (err) {
-      debugLog("ollama", `failed to fetch context length for ${model}`, err);
+      debugLog("ollama", `failed to fetch context length for ${modelName}`, err);
       return void 0;
     }
     return void 0;
@@ -214,7 +214,8 @@ var BUILTIN_PROVIDERS = {
   xai: { api: "openai-completions", baseUrl: "https://api.x.ai/v1", envKey: "XAI_API_KEY" },
   together: { api: "openai-completions", baseUrl: "https://api.together.xyz/v1", envKey: "TOGETHER_API_KEY" },
   fireworks: { api: "openai-completions", baseUrl: "https://api.fireworks.ai/inference/v1", envKey: "FIREWORKS_API_KEY" },
-  cohere: { api: "cohere-chat", baseUrl: "https://api.cohere.com/v1", envKey: "COHERE_API_KEY" }
+  cohere: { api: "cohere-chat", baseUrl: "https://api.cohere.com/v1", envKey: "COHERE_API_KEY" },
+  zai: { api: "openai-completions", baseUrl: "https://open.bigmodel.cn/api/paas/v4", envKey: "ZAI_API_KEY" }
 };
 function detectModelFamily(modelName) {
   const name = modelName.toLowerCase();
@@ -234,6 +235,8 @@ function detectModelFamily(modelName) {
     ["gemma", "gemma2"],
     ["granite", "granite"],
     ["dolphin", "dolphin"],
+    ["glm-4", "glm"],
+    ["glm", "glm"],
     ["deepseek-r1", "deepseek-r1"],
     ["deepseek", "deepseek"],
     ["mistral", "qwen2"],
@@ -247,9 +250,9 @@ function detectModelFamily(modelName) {
   return "unknown";
 }
 function detectProvider(ctx) {
-  const model2 = ctx.model;
-  if (!model2) return { kind: "unknown", name: "none" };
-  const providerName = model2.provider || "";
+  const model = ctx.model;
+  if (!model) return { kind: "unknown", name: "none" };
+  const providerName = model.provider || "";
   if (!providerName) return { kind: "unknown", name: "none" };
   const modelsJson = readModelsJson();
   const userProviderCfg = (modelsJson.providers || {})[providerName];
@@ -286,6 +289,11 @@ function detectProvider(ctx) {
   }
   return { kind: "unknown", name: providerName };
 }
+function isLocalProvider(baseUrl, providerName) {
+  if (providerName === "ollama") return true;
+  const url = baseUrl || "";
+  return url.includes("localhost") || url.includes("127.0.0.1") || url.includes("0.0.0.0");
+}
 export {
   BUILTIN_PROVIDERS,
   EXTENSION_VERSION,
@@ -297,6 +305,7 @@ export {
   fetchModelContextLength,
   fetchOllamaModels,
   getOllamaBaseUrl,
+  isLocalProvider,
   isReasoningModel,
   readModelsJson,
   readModifyWriteModelsJson,

package/package.json

@@ -1,14 +1,17 @@
 {
   "name": "@vtstech/pi-shared",
-  "version": "1.1.8",
+  "version": "1.2.0",
   "description": "Shared utilities for Pi Coding Agent extensions",
   "exports": {
+    "./config-io": "./config-io.js",
     "./debug": "./debug.js",
     "./format": "./format.js",
     "./model-test-utils": "./model-test-utils.js",
     "./ollama": "./ollama.js",
+    "./provider-sync": "./provider-sync.js",
     "./react-parser": "./react-parser.js",
     "./security": "./security.js",
+    "./test-report": "./test-report.js",
     "./types": "./types.js"
   },
   "keywords": ["pi-extensions"],

package/security.js

@@ -1,7 +1,7 @@
 // shared/security.ts
 import * as fs from "node:fs";
-import * as path from "node:path";
-import os from "node:os";
+import * as path2 from "node:path";
+import os2 from "node:os";
 
 // shared/debug.ts
 var DEBUG_ENABLED = process.env.PI_EXTENSIONS_DEBUG === "1";
@@ -13,8 +13,19 @@ function debugLog(module, message, ...args) {
 
 // shared/security.ts
 import dns from "node:dns";
-var SETTINGS_PATH = path.join(os.homedir(), ".pi", "agent", "settings.json");
-var SECURITY_CONFIG_PATH = path.join(os.homedir(), ".pi", "agent", "security.json");
+
+// shared/config-io.ts
+import * as path from "node:path";
+import os from "node:os";
+var PI_AGENT_DIR = path.join(os.homedir(), ".pi", "agent");
+var SETTINGS_PATH = path.join(PI_AGENT_DIR, "settings.json");
+var SECURITY_PATH = path.join(PI_AGENT_DIR, "security.json");
+var REACT_MODE_PATH = path.join(PI_AGENT_DIR, "react-mode.json");
+var MODEL_TEST_CONFIG_PATH = path.join(PI_AGENT_DIR, "model-test-config.json");
+
+// shared/security.ts
+var SETTINGS_PATH2 = SETTINGS_PATH;
+var SECURITY_CONFIG_PATH = SECURITY_PATH;
 function getSecurityMode() {
   try {
     if (!fs.existsSync(SECURITY_CONFIG_PATH)) return "max";
@@ -28,7 +39,7 @@ function getSecurityMode() {
   }
 }
 function setSecurityMode(mode) {
-  const configDir = path.dirname(SECURITY_CONFIG_PATH);
+  const configDir = path2.dirname(SECURITY_CONFIG_PATH);
   try {
     if (!fs.existsSync(configDir)) {
       fs.mkdirSync(configDir, { recursive: true });
@@ -222,7 +233,7 @@ function validatePath(filePath, allowedDirs) {
   }
   let resolved;
   try {
-    resolved = path.resolve(filePath);
+    resolved = path2.resolve(filePath);
     try {
       resolved = fs.realpathSync(resolved);
     } catch {
@@ -240,9 +251,9 @@ function validatePath(filePath, allowedDirs) {
     "/etc/passwd",
     "/.ssh/",
     "/.gnupg/",
-    path.join(os.homedir(), ".ssh"),
-    path.join(os.homedir(), ".gnupg"),
-    SETTINGS_PATH,
+    path2.join(os2.homedir(), ".ssh"),
+    path2.join(os2.homedir(), ".gnupg"),
+    SETTINGS_PATH2,
     SECURITY_CONFIG_PATH
     // NOTE: models.json is intentionally excluded from sensitivePaths.
     // Extensions use readModelsJson()/writeModelsJson() from shared/ollama.ts
@@ -262,7 +273,7 @@ function validatePath(filePath, allowedDirs) {
   if (allowedDirs) {
     for (const dir of allowedDirs) {
       try {
-        const absDir = path.resolve(dir);
+        const absDir = path2.resolve(dir);
         if (resolved.startsWith(absDir)) return { valid: true, error: "" };
       } catch {
       }
@@ -345,12 +356,24 @@ function isSafeUrl(url, blockSsrf = true) {
     const mode = getSecurityMode();
     for (const pattern of BLOCKED_URL_ALWAYS) {
       if (normalized === pattern || normalized.endsWith("." + pattern) || normalized.startsWith(pattern)) {
+        if (/^\d|^::/.test(pattern)) {
+          const nextChar = normalized[pattern.length];
+          if (nextChar && nextChar !== "/" && nextChar !== ":" && !/\d/.test(nextChar)) {
+            continue;
+          }
+        }
         return { safe: false, error: `SSRF protection: blocked hostname pattern '${pattern}'` };
       }
     }
     if (mode === "max") {
       for (const pattern of BLOCKED_URL_MAX_ONLY) {
         if (normalized === pattern || normalized.endsWith("." + pattern) || normalized.startsWith(pattern)) {
+          if (/^\d|^::/.test(pattern)) {
+            const nextChar = normalized[pattern.length];
+            if (nextChar && nextChar !== "/" && nextChar !== ":" && !/\d/.test(nextChar)) {
+              continue;
+            }
+          }
           return { safe: false, error: `SSRF protection: blocked hostname pattern '${pattern}' (max mode)` };
         }
       }
@@ -359,31 +382,19 @@ function isSafeUrl(url, blockSsrf = true) {
   return { safe: true, error: "" };
 }
 var INJECTION_PATTERNS = [
-  // Command chaining with dangerous commands only
+  // Semicolon chaining to dangerous commands — mode-independent.
+  // Unlike && (conditional), ; ALWAYS runs the second command.
   /;\s*(rm|sudo|chmod|chown|mkfs|dd|shred|kill|pkill)\b/i,
-  // Piping to dangerous commands
-  /\|\s*(rm|sudo|chmod|chown|shred|mkfs)\b/i,
-  // AND chaining with dangerous commands
-  /&&\s*(rm|sudo|chmod|chown|mkfs|dd|shred|kill)\b/i,
   // Command substitution (backticks) — still dangerous
   /`[^`]+`/,
   // Command substitution ($()) — still dangerous
   /\$\([^)]+\)/,
   // Variable expansion targeting sensitive env vars
-  /\$\{?(?:HOME|USER|PATH|SHELL|PWD|SSH|GPG|API_KEY|TOKEN|SECRET|PASSWORD)\}?/i,
-  // Bare pipe without space (likely injection, not intentional piping)
-  /\|(?=[^\s|])/
+  /\$\{?(?:HOME|USER|PATH|SHELL|PWD|SSH|GPG|API_KEY|TOKEN|SECRET|PASSWORD)\}?/i
 ];
-function sanitizeCommand(command) {
-  if (!command) return { isSafe: false, error: "Command cannot be empty", command: "" };
-  let normalizedCmd = command.normalize("NFKC");
-  normalizedCmd = normalizedCmd.replace(/[\u0000-\u001f\u007f-\u009f\u200b-\u200f\u2028-\u202e\ufeff\u2060-\u2069]/g, "");
-  if (normalizedCmd !== command.replace(/[\u0000-\u001f\u007f-\u009f\u200b-\u200f\u2028-\u202e\ufeff\u2060-\u2069]/g, "").normalize("NFKC")) {
-    debugLog("security", "command contained Unicode normalization variance (possible homoglyph bypass)", { original: command });
-  }
-  command = normalizedCmd;
+function checkSingleCommand(command, mode) {
   const trimmed = command.trim();
-  if (!trimmed) return { isSafe: false, error: "Command cannot be empty", command: "" };
+  if (!trimmed) return { isSafe: true, error: "", command: "" };
   const parts = trimmed.split(/\s+/);
   let baseCmd = parts[0].toLowerCase();
   if (baseCmd.includes("/")) baseCmd = baseCmd.split("/").pop();
@@ -396,23 +407,57 @@ function sanitizeCommand(command) {
       return { isSafe: false, error: `Blocked command: ${word} (critical)`, command: "" };
     }
   }
-  const mode = getSecurityMode();
   if (mode === "max" && EXTENDED_COMMANDS.has(baseCmd)) {
     return { isSafe: false, error: `Blocked command: ${baseCmd} (max mode)`, command: "" };
   }
-  const stripped = command.replace(/\n/g, " ").replace(/\r/g, " ");
-  if (stripped !== command) {
+  for (const pattern of INJECTION_PATTERNS) {
+    if (pattern.test(trimmed)) {
+      return { isSafe: false, error: `Potential injection pattern detected in: ${trimmed}`, command: "" };
+    }
+  }
+  return { isSafe: true, error: "", command: trimmed };
+}
+function sanitizeCommand(command) {
+  if (!command) return { isSafe: false, error: "Command cannot be empty", command: "" };
+  let normalizedCmd = command.normalize("NFKC");
+  normalizedCmd = normalizedCmd.replace(/[\u0000-\u001f\u007f-\u009f\u200b-\u200f\u2028-\u202e\ufeff\u2060-\u2069]/g, "");
+  const strippedForCompare = command.replace(/[\u0000-\u001f\u007f-\u009f\u200b-\u200f\u2028-\u202e\ufeff\u2060-\u2069]/g, "").normalize("NFKC");
+  if (normalizedCmd !== strippedForCompare) {
+    return { isSafe: false, error: `Command rejected: Unicode normalization variance detected (possible homoglyph bypass)`, command: "" };
+  }
+  command = normalizedCmd;
+  const trimmed = command.trim();
+  if (!trimmed) return { isSafe: false, error: "Command cannot be empty", command: "" };
+  const newlineStripped = command.replace(/\n/g, " ").replace(/\r/g, " ");
+  if (newlineStripped !== command) {
     return { isSafe: false, error: "Newline characters detected: potential command injection", command: "" };
   }
   for (const pattern of INJECTION_PATTERNS) {
-    if (pattern.test(command)) {
+    if (pattern.test(trimmed)) {
       return { isSafe: false, error: `Potential injection pattern detected`, command: "" };
     }
   }
+  const subCommands = [];
+  let remaining = trimmed;
+  const chainRegex = /&&|\|\||(?<!\|)\|(?!\|)/g;
+  let match;
+  let lastIndex = 0;
+  while ((match = chainRegex.exec(remaining)) !== null) {
+    subCommands.push(remaining.slice(lastIndex, match.index));
+    lastIndex = match.index + match[0].length;
+  }
+  subCommands.push(remaining.slice(lastIndex));
+  const mode = getSecurityMode();
+  for (const subCmd of subCommands) {
+    const result = checkSingleCommand(subCmd, mode);
+    if (!result.isSafe) {
+      return { isSafe: false, error: result.error, command: "" };
+    }
+  }
   return { isSafe: true, error: "", command };
 }
-var AUDIT_DIR = path.join(os.homedir(), ".pi", "agent");
-var AUDIT_LOG_PATH = path.join(AUDIT_DIR, "audit.log");
+var AUDIT_DIR = path2.join(os2.homedir(), ".pi", "agent");
+var AUDIT_LOG_PATH = path2.join(AUDIT_DIR, "audit.log");
 var AUDIT_BUFFER_MAX_ENTRIES = 50;
 var AUDIT_FLUSH_INTERVAL_MS = 500;
 var _auditBuffer = [];
@@ -445,6 +490,19 @@ function flushAuditBuffer() {
 function appendAuditEntry(entry) {
   try {
     ensureAuditFlushTimer();
+    const AUDIT_LOG_MAX_SIZE = 5 * 1024 * 1024;
+    try {
+      if (fs.existsSync(AUDIT_LOG_PATH)) {
+        const stat = fs.statSync(AUDIT_LOG_PATH);
+        if (stat.size > AUDIT_LOG_MAX_SIZE) {
+          const entries = readRecentAuditEntries(1e3);
+          const content = entries.map((e) => JSON.stringify(e)).join("\n") + "\n";
+          fs.writeFileSync(AUDIT_LOG_PATH, content, "utf-8");
+        }
+      }
+    } catch (err) {
+      debugLog("security", "audit log rotation failed", err);
+    }
     const enriched = { ...entry, securityMode: getSecurityMode() };
     const line = JSON.stringify(enriched) + "\n";
     _auditBuffer.push(line);
@@ -458,8 +516,31 @@ function appendAuditEntry(entry) {
 function readRecentAuditEntries(count = 50) {
   try {
     if (!fs.existsSync(AUDIT_LOG_PATH)) return [];
-    const content = fs.readFileSync(AUDIT_LOG_PATH, "utf-8");
-    const lines = content.trim().split("\n");
+    const fileSize = fs.statSync(AUDIT_LOG_PATH).size;
+    if (fileSize === 0) return [];
+    const fd = fs.openSync(AUDIT_LOG_PATH, "r");
+    const bufferSize = 8192;
+    const buffer = Buffer.alloc(bufferSize);
+    const lines = [];
+    let pos = fileSize;
+    let partial = "";
+    while (pos > 0 && lines.length < count) {
+      const readSize = Math.min(bufferSize, pos);
+      pos -= readSize;
+      fs.readSync(fd, buffer, 0, readSize, pos);
+      const chunk = buffer.slice(0, readSize).toString("utf-8");
+      partial = chunk + partial;
+      const lineBreak = partial.lastIndexOf("\n");
+      if (lineBreak !== -1) {
+        const complete = partial.slice(lineBreak + 1);
+        if (complete.trim()) lines.unshift(complete);
+        partial = partial.slice(0, lineBreak);
+      }
+    }
+    fs.closeSync(fd);
+    if (partial.trim() && lines.length < count) {
+      lines.unshift(partial);
+    }
     const recent = lines.slice(-count);
     return recent.map((line) => {
       try {
@@ -543,7 +624,7 @@ export {
   CRITICAL_COMMANDS,
   EXTENDED_COMMANDS,
   SECURITY_CONFIG_PATH,
-  SETTINGS_PATH,
+  SETTINGS_PATH2 as SETTINGS_PATH,
   appendAuditEntry,
   checkBashToolInput,
   checkFileToolInput,

package/test-report.js

@@ -29,7 +29,7 @@ import os from "node:os";
 var DEBUG_ENABLED = process.env.PI_EXTENSIONS_DEBUG === "1";
 
 // shared/ollama.ts
-var EXTENSION_VERSION = "1.1.8";
+var EXTENSION_VERSION = "1.2.0";
 var MODELS_JSON_PATH = path.join(os.homedir(), ".pi", "agent", "models.json");
 
 // shared/test-report.ts
@@ -66,18 +66,18 @@ function formatTestSummary(tests, totalMs) {
   lines.push(info(`Score: ${passed}/${tests.length} tests passed`));
   return lines;
 }
-function formatRecommendation(model2, passed, total, via) {
+function formatRecommendation(model, passed, total, via) {
   const suffix = via ? ` via ${via}` : "";
   const lines = [];
   lines.push(section("RECOMMENDATION"));
   if (passed === total) {
-    lines.push(ok(`${model2} is a STRONG model${suffix} \u2014 full capability`));
+    lines.push(ok(`${model} is a STRONG model${suffix} \u2014 full capability`));
   } else if (passed > 0 && passed >= total - 1) {
-    lines.push(ok(`${model2} is a GOOD model${suffix} \u2014 most capabilities work`));
+    lines.push(ok(`${model} is a GOOD model${suffix} \u2014 most capabilities work`));
   } else if (passed > 0 && passed >= total - 2) {
-    lines.push(warn(`${model2} is USABLE${suffix} \u2014 some capabilities are limited`));
+    lines.push(warn(`${model} is USABLE${suffix} \u2014 some capabilities are limited`));
   } else {
-    lines.push(fail(`${model2} is WEAK${suffix} \u2014 limited capabilities for agent use`));
+    lines.push(fail(`${model} is WEAK${suffix} \u2014 limited capabilities for agent use`));
   }
   return lines;
 }