npm - agentsmesh - Versions diffs - 0.19.1 → 0.21.0 - Mend

agentsmesh 0.19.1 → 0.21.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (13) hide show

package/dist/engine.js CHANGED Viewed

@@ -768,6 +768,33 @@ async function readDirRecursive(dir, visited, branchSegments) {
     );
   }
 }
+async function readDirRecursiveNoSymlinks(dir, branchSegments) {
+  const currentBranchSegments = branchSegments ?? [basename(dir)];
+  try {
+    const entries = await readdir(dir, { withFileTypes: true });
+    const files = [];
+    for (const ent of entries) {
+      if (ent.isSymbolicLink()) continue;
+      const full = join(dir, ent.name);
+      if (ent.isDirectory()) {
+        const nextSegments = [...currentBranchSegments, ent.name];
+        if (shouldSkipRecursiveBranch(nextSegments)) continue;
+        files.push(...await readDirRecursiveNoSymlinks(full, nextSegments));
+      } else if (ent.isFile()) {
+        files.push(full);
+      }
+    }
+    return files;
+  } catch (err) {
+    const e = err;
+    if (e.code === "ENOENT" || e.code === "ENOTDIR" || e.code === "EACCES") return [];
+    throw new FileSystemError(
+      dir,
+      `Failed to read directory ${dir}: ${e.message}. Check permissions.`,
+      { cause: err, errnoCode: e.code }
+    );
+  }
+}
 var MAX_RECURSIVE_DEPTH, MAX_SEGMENT_REPETITIONS;
 var init_fs_traverse = __esm({
   "src/utils/filesystem/fs-traverse.ts"() {
@@ -1022,7 +1049,7 @@ ${legacy}`, "");
   }
   return result.trim();
 }
-var ROOT_INSTRUCTION_BODY_V1, ROOT_INSTRUCTION_BODY_V2, ROOT_INSTRUCTION_BODY_V3, ROOT_INSTRUCTION_BODY_V4, ROOT_INSTRUCTION_BODY_V5, ROOT_INSTRUCTION_BODY_V6, ROOT_INSTRUCTION_BODY_V7, ROOT_INSTRUCTION_BODY, LEGACY_AGENTSMESH_ROOT_INSTRUCTION_PARAGRAPH, LEGACY_AGENTSMESH_ROOT_INSTRUCTION_SECTION, AGENTSMESH_CONTRACT_WITH_V1_BODY, AGENTSMESH_CONTRACT_WITH_V2_BODY, AGENTSMESH_CONTRACT_WITH_V3_BODY, AGENTSMESH_CONTRACT_WITH_V4_BODY, AGENTSMESH_CONTRACT_WITH_V5_BODY, AGENTSMESH_CONTRACT_WITH_V6_BODY, AGENTSMESH_CONTRACT_WITH_V7_BODY, AGENTSMESH_ROOT_INSTRUCTION_PARAGRAPH, LEGACY_FORMS;
+var ROOT_INSTRUCTION_BODY_V1, ROOT_INSTRUCTION_BODY_V2, ROOT_INSTRUCTION_BODY_V3, ROOT_INSTRUCTION_BODY_V4, ROOT_INSTRUCTION_BODY_V5, ROOT_INSTRUCTION_BODY_V6, ROOT_INSTRUCTION_BODY_V7, ROOT_INSTRUCTION_BODY_V8, ROOT_INSTRUCTION_BODY, LEGACY_AGENTSMESH_ROOT_INSTRUCTION_PARAGRAPH, LEGACY_AGENTSMESH_ROOT_INSTRUCTION_SECTION, AGENTSMESH_CONTRACT_WITH_V1_BODY, AGENTSMESH_CONTRACT_WITH_V2_BODY, AGENTSMESH_CONTRACT_WITH_V3_BODY, AGENTSMESH_CONTRACT_WITH_V4_BODY, AGENTSMESH_CONTRACT_WITH_V5_BODY, AGENTSMESH_CONTRACT_WITH_V6_BODY, AGENTSMESH_CONTRACT_WITH_V7_BODY, AGENTSMESH_CONTRACT_WITH_V8_BODY, AGENTSMESH_ROOT_INSTRUCTION_PARAGRAPH, LEGACY_FORMS;
 var init_root_instruction_paragraph = __esm({
   "src/targets/projection/root-instruction-paragraph.ts"() {
     init_managed_blocks();
@@ -1033,7 +1060,8 @@ var init_root_instruction_paragraph = __esm({
     ROOT_INSTRUCTION_BODY_V5 = "Use Claude-style Markdown in `.agentsmesh`: `agents/*.md`, `commands/*.md`, and `skills/*/SKILL.md`; keep rules in `rules/*.md`, hooks in `hooks.yaml`, MCP in `mcp.json`, permissions in `permissions.yaml`, and ignore patterns in `ignore`, then run `agentsmesh generate`.";
     ROOT_INSTRUCTION_BODY_V6 = "Create canonical files in `.agentsmesh`: `rules/_root.md` and `rules/*.md` are Markdown rules; `commands/*.md`, `agents/*.md`, and `skills/*/SKILL.md` plus supporting files use Claude-style frontmatter Markdown; `mcp.json` is MCP JSON; `hooks.yaml` and `permissions.yaml` are YAML; `ignore` is gitignore-style text. Then run `agentsmesh generate`.";
     ROOT_INSTRUCTION_BODY_V7 = "`.agentsmesh` is the only folder you edit or add these files in: `rules/_root.md` and `rules/*.md` are Markdown rules; `commands/*.md`, `agents/*.md`, and `skills/*/SKILL.md` plus supporting files use Claude-style frontmatter Markdown; `mcp.json` is MCP JSON; `hooks.yaml` and `permissions.yaml` are YAML; `ignore` is gitignore-style text. Do not edit generated tool files; run `agentsmesh generate`.";
-    ROOT_INSTRUCTION_BODY = "`agentsmesh.yaml` selects targets/features (`agentsmesh.local.yaml` overrides locally), and `.agentsmesh` is the only place to add or edit canonical items: `rules/_root.md`, `rules/*.md`, `commands/*.md`, `agents/*.md`, `skills/*/SKILL.md` plus supporting files, `mcp.json`, `hooks.yaml`, `permissions.yaml`, and `ignore`; if missing run `agentsmesh init`, use `agentsmesh import --from <tool>` for native configs, `agentsmesh install <source>` or `install --sync` for reusable packs, then run `agentsmesh generate`. Use `diff`, `lint`, `check`, `watch`, `matrix`, and `merge` as needed; never edit generated tool files.";
+    ROOT_INSTRUCTION_BODY_V8 = "`agentsmesh.yaml` selects targets/features (`agentsmesh.local.yaml` overrides locally), and `.agentsmesh` is the only place to add or edit canonical items: `rules/_root.md`, `rules/*.md`, `commands/*.md`, `agents/*.md`, `skills/*/SKILL.md` plus supporting files, `mcp.json`, `hooks.yaml`, `permissions.yaml`, and `ignore`; if missing run `agentsmesh init`, use `agentsmesh import --from <tool>` for native configs, `agentsmesh install <source>` or `install --sync` for reusable packs, then run `agentsmesh generate`. Use `diff`, `lint`, `check`, `watch`, `matrix`, and `merge` as needed; never edit generated tool files.";
+    ROOT_INSTRUCTION_BODY = "`agentsmesh.yaml` selects targets/features (`agentsmesh.local.yaml` overrides locally), and `.agentsmesh` is the only place to add or edit canonical items: `rules/_root.md`, `rules/*.md`, `commands/*.md`, `agents/*.md`, `skills/*/SKILL.md` plus supporting files, `mcp.json`, `hooks.yaml`, `permissions.yaml`, and `ignore`; if missing run `agentsmesh init`, use `agentsmesh import --from <tool>` for native configs, `agentsmesh install <source>` or `install --sync` for reusable packs, then run `agentsmesh generate`. Use `diff`, `lint`, `check`, `watch`, `matrix`, `merge`, and `refresh` as needed; never edit generated tool files.";
     LEGACY_AGENTSMESH_ROOT_INSTRUCTION_PARAGRAPH = ROOT_INSTRUCTION_BODY_V1;
     LEGACY_AGENTSMESH_ROOT_INSTRUCTION_SECTION = `## Project-Specific Rules
@@ -1059,12 +1087,16 @@ ${ROOT_INSTRUCTION_BODY_V6}`;
     AGENTSMESH_CONTRACT_WITH_V7_BODY = `## AgentsMesh Generation Contract
 ${ROOT_INSTRUCTION_BODY_V7}`;
+    AGENTSMESH_CONTRACT_WITH_V8_BODY = `## AgentsMesh Generation Contract
+${ROOT_INSTRUCTION_BODY_V8}`;
     AGENTSMESH_ROOT_INSTRUCTION_PARAGRAPH = `${ROOT_CONTRACT_START}
 ## AgentsMesh Generation Contract
 ${ROOT_INSTRUCTION_BODY}
 ${ROOT_CONTRACT_END}`;
     LEGACY_FORMS = [
+      AGENTSMESH_CONTRACT_WITH_V8_BODY,
       AGENTSMESH_CONTRACT_WITH_V7_BODY,
       AGENTSMESH_CONTRACT_WITH_V6_BODY,
       AGENTSMESH_CONTRACT_WITH_V5_BODY,
@@ -20142,6 +20174,19 @@ init_fs();
 // src/config/remote/git-remote.ts
 init_fs();
+// src/utils/output/redact-url-secrets.ts
+var URL_WITH_CREDENTIALS = /([a-zA-Z][a-zA-Z0-9+.-]*:\/\/)([^/@\s"'<>]+)@([^\s"'<>]+)/g;
+function redactUrlSecrets(message) {
+  return message.replace(
+    URL_WITH_CREDENTIALS,
+    (_full, scheme, _userinfo, rest) => {
+      return `${scheme}***@${rest}`;
+    }
+  );
+}
+// src/config/remote/git-remote.ts
 var execFileAsync = promisify(execFile);
 var REPO_DIRNAME = "repo";
 function ensureNotFlag(value, kind) {
@@ -20175,12 +20220,13 @@ async function fetchGitRemoteExtend(parsed, extendName, options, cacheDir, build
     await rm(stagedRoot, { recursive: true, force: true });
     const allowFallback = options.allowOfflineFallback !== false;
     if (allowFallback && await hasCachedRepo(cacheRepoDir)) {
+      const rawMsg = err instanceof Error ? err.message : String(err);
       console.warn(
-        `[agentsmesh] Remote fetch failed for ${extendName}; using cached version. Error: ${err instanceof Error ? err.message : String(err)}`
+        `[agentsmesh] Remote fetch failed for ${extendName}; using cached version. Error: ${redactUrlSecrets(rawMsg)}`
       );
       return readCachedRepo(cacheRepoDir);
     }
-    throw err;
+    throw err instanceof Error ? Object.assign(new Error(redactUrlSecrets(err.message)), { cause: err.cause }) : err;
   }
 }
 async function readCachedRepo(repoDir) {
@@ -20341,13 +20387,14 @@ async function fetchGithubRemoteExtend(parsed, extendName, options, cacheDir, bu
     if (allowFallback && await exists(extractDir)) {
       const topDir2 = await findExtractTopDir(extractDir);
       if (topDir2) {
+        const rawMsg = err instanceof Error ? err.message : String(err);
         console.warn(
-          `[agentsmesh] Network failed for ${extendName}; using cached version. Error: ${err instanceof Error ? err.message : String(err)}`
+          `[agentsmesh] Network failed for ${extendName}; using cached version. Error: ${redactUrlSecrets(rawMsg)}`
         );
         return { resolvedPath: join(extractDir, topDir2), version: tag };
       }
     }
-    throw err;
+    throw err instanceof Error ? Object.assign(new Error(redactUrlSecrets(err.message)), { cause: err.cause }) : err;
   }
   await rm(extractDir, { recursive: true, force: true });
   await mkdir(extractDir, { recursive: true });
@@ -20358,12 +20405,14 @@ async function fetchGithubRemoteExtend(parsed, extendName, options, cacheDir, bu
       file: tarPath,
       cwd: extractDir,
       strict: true,
+      // Allowlist entry types instead of denylist: only `File` and `Directory`
+      // can be extracted. Hardlinks (`Link`), symlinks (`SymbolicLink`), FIFOs,
+      // character/block devices, and any future/exotic tar entry type are
+      // rejected. A denylist would silently let an unknown variant through.
       filter: (entryPath, entry) => {
         if (isZipSlipPath(entryPath)) return false;
-        if (entry && "type" in entry && (entry.type === "Link" || entry.type === "SymbolicLink")) {
-          return false;
-        }
-        return true;
+        const type = entry && "type" in entry ? entry.type : void 0;
+        return type === "File" || type === "Directory";
       }
     });
   } finally {
@@ -20461,8 +20510,11 @@ function parseGitSource(source) {
     return null;
   }
   const allowInsecure = process.env.AGENTSMESH_ALLOW_INSECURE_GIT === "1" || process.env.AGENTSMESH_ALLOW_INSECURE_GIT === "true";
-  const allowedProtocols = allowInsecure ? ["https:", "http:", "ssh:", "file:"] : ["https:", "ssh:", "file:"];
-  if (!allowedProtocols.includes(parsedUrl.protocol)) {
+  const allowLocalGit = process.env.AGENTSMESH_ALLOW_LOCAL_GIT === "1" || process.env.AGENTSMESH_ALLOW_LOCAL_GIT === "true";
+  const allowed = ["https:", "ssh:"];
+  if (allowInsecure) allowed.push("http:");
+  if (allowLocalGit) allowed.push("file:");
+  if (!allowed.includes(parsedUrl.protocol)) {
     return null;
   }
   return { url, ref };
@@ -20921,6 +20973,7 @@ async function parseAgents(agentsDir, opts = {}) {
 // src/canonical/features/skills.ts
 init_fs();
+init_fs_traverse();
 init_markdown();
 init_boilerplate_filter();
 async function readContent(path) {
@@ -20939,7 +20992,7 @@ function sanitizeSkillName(raw) {
   return raw.toLowerCase().replace(/[^a-z0-9-]+/g, "-").replace(/-+/g, "-").replace(/^-|-$/g, "");
 }
 async function listSupportingFiles(skillDir) {
-  const files = await readDirRecursive(skillDir);
+  const files = await readDirRecursiveNoSymlinks(skillDir);
   const result = [];
   for (const absPath of files) {
     const raw = absPath.slice(skillDir.length + 1);