agentx-sdk 0.5.3 → 0.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/agent.d.ts.map +1 -1
- package/dist/agent.js +10 -2
- package/dist/agent.js.map +1 -1
- package/dist/core/streaming-tool-executor.d.ts.map +1 -1
- package/dist/core/streaming-tool-executor.js +30 -14
- package/dist/core/streaming-tool-executor.js.map +1 -1
- package/dist/knowledge/sqlite-vector-store.d.ts.map +1 -1
- package/dist/knowledge/sqlite-vector-store.js +3 -1
- package/dist/knowledge/sqlite-vector-store.js.map +1 -1
- package/dist/llm/llm-client.d.ts +2 -0
- package/dist/llm/llm-client.d.ts.map +1 -1
- package/dist/llm/llm-client.js +33 -15
- package/dist/llm/llm-client.js.map +1 -1
- package/dist/memory/memory-extractor.d.ts.map +1 -1
- package/dist/memory/memory-extractor.js +6 -2
- package/dist/memory/memory-extractor.js.map +1 -1
- package/dist/storage/sqlite-conversation-store.d.ts +3 -1
- package/dist/storage/sqlite-conversation-store.d.ts.map +1 -1
- package/dist/storage/sqlite-conversation-store.js +15 -6
- package/dist/storage/sqlite-conversation-store.js.map +1 -1
- package/dist/tools/builtin/bash.d.ts +7 -1
- package/dist/tools/builtin/bash.d.ts.map +1 -1
- package/dist/tools/builtin/bash.js +22 -1
- package/dist/tools/builtin/bash.js.map +1 -1
- package/dist/tools/builtin/file-edit.d.ts +1 -1
- package/dist/tools/builtin/file-edit.d.ts.map +1 -1
- package/dist/tools/builtin/file-edit.js +10 -1
- package/dist/tools/builtin/file-edit.js.map +1 -1
- package/dist/tools/builtin/file-read.d.ts +1 -1
- package/dist/tools/builtin/file-read.d.ts.map +1 -1
- package/dist/tools/builtin/file-read.js +10 -1
- package/dist/tools/builtin/file-read.js.map +1 -1
- package/dist/tools/builtin/file-write.d.ts +1 -1
- package/dist/tools/builtin/file-write.d.ts.map +1 -1
- package/dist/tools/builtin/file-write.js +10 -1
- package/dist/tools/builtin/file-write.js.map +1 -1
- package/dist/tools/builtin/glob.d.ts +1 -1
- package/dist/tools/builtin/glob.d.ts.map +1 -1
- package/dist/tools/builtin/glob.js +11 -2
- package/dist/tools/builtin/glob.js.map +1 -1
- package/dist/tools/builtin/grep.d.ts +1 -1
- package/dist/tools/builtin/grep.d.ts.map +1 -1
- package/dist/tools/builtin/grep.js +14 -4
- package/dist/tools/builtin/grep.js.map +1 -1
- package/dist/tools/builtin/index.d.ts +2 -2
- package/dist/tools/builtin/index.d.ts.map +1 -1
- package/dist/tools/builtin/index.js +6 -6
- package/dist/tools/builtin/index.js.map +1 -1
- package/dist/tools/builtin/path-guard.d.ts +6 -0
- package/dist/tools/builtin/path-guard.d.ts.map +1 -0
- package/dist/tools/builtin/path-guard.js +32 -0
- package/dist/tools/builtin/path-guard.js.map +1 -0
- package/dist/tools/builtin/web-fetch.d.ts +8 -1
- package/dist/tools/builtin/web-fetch.d.ts.map +1 -1
- package/dist/tools/builtin/web-fetch.js +170 -8
- package/dist/tools/builtin/web-fetch.js.map +1 -1
- package/dist/tools/json-schema-to-zod.d.ts.map +1 -1
- package/dist/tools/json-schema-to-zod.js +10 -3
- package/dist/tools/json-schema-to-zod.js.map +1 -1
- package/dist/tools/mcp-adapter.d.ts.map +1 -1
- package/dist/tools/mcp-adapter.js +98 -34
- package/dist/tools/mcp-adapter.js.map +1 -1
- package/dist/tools/sql/sql-tool-factory.d.ts.map +1 -1
- package/dist/tools/sql/sql-tool-factory.js +13 -4
- package/dist/tools/sql/sql-tool-factory.js.map +1 -1
- package/dist/tools/tool-executor.d.ts.map +1 -1
- package/dist/tools/tool-executor.js +4 -1
- package/dist/tools/tool-executor.js.map +1 -1
- package/package.json +7 -1
|
@@ -1,10 +1,13 @@
|
|
|
1
|
+
import { createLogger } from '../utils/logger.js';
|
|
1
2
|
/**
|
|
2
3
|
* SQLite implementation of ConversationStore.
|
|
3
4
|
*/
|
|
4
5
|
export class SQLiteConversationStore {
|
|
5
6
|
database;
|
|
6
|
-
|
|
7
|
+
logger;
|
|
8
|
+
constructor(database, logger) {
|
|
7
9
|
this.database = database;
|
|
10
|
+
this.logger = logger ?? createLogger({ level: 'warn', prefix: 'SQLiteConversationStore' });
|
|
8
11
|
}
|
|
9
12
|
appendMessage(message, threadId) {
|
|
10
13
|
this.database.db.prepare(`
|
|
@@ -14,18 +17,18 @@ export class SQLiteConversationStore {
|
|
|
14
17
|
}
|
|
15
18
|
listThread(threadId) {
|
|
16
19
|
const rows = this.database.db.prepare('SELECT * FROM conversations WHERE thread_id = ? ORDER BY created_at ASC').all(threadId);
|
|
17
|
-
return rows.map(rowToMessage);
|
|
20
|
+
return rows.map(row => rowToMessage(row, this.logger));
|
|
18
21
|
}
|
|
19
22
|
listPinned(threadId) {
|
|
20
23
|
const rows = this.database.db.prepare('SELECT * FROM conversations WHERE thread_id = ? AND pinned = 1 ORDER BY created_at ASC').all(threadId);
|
|
21
|
-
return rows.map(rowToMessage);
|
|
24
|
+
return rows.map(row => rowToMessage(row, this.logger));
|
|
22
25
|
}
|
|
23
26
|
clearThread(threadId) {
|
|
24
27
|
this.database.db.prepare('DELETE FROM conversations WHERE thread_id = ?').run(threadId);
|
|
25
28
|
}
|
|
26
29
|
}
|
|
27
30
|
const VALID_ROLES = new Set(['user', 'assistant', 'system', 'tool']);
|
|
28
|
-
function rowToMessage(row) {
|
|
31
|
+
function rowToMessage(row, logger) {
|
|
29
32
|
if (!VALID_ROLES.has(row.role)) {
|
|
30
33
|
throw new Error(`Invalid message role in database: "${row.role}"`);
|
|
31
34
|
}
|
|
@@ -42,8 +45,14 @@ function rowToMessage(row) {
|
|
|
42
45
|
try {
|
|
43
46
|
toolCalls = JSON.parse(row.tool_calls);
|
|
44
47
|
}
|
|
45
|
-
catch {
|
|
46
|
-
|
|
48
|
+
catch (e) {
|
|
49
|
+
// Issue #25: corrupted tool_calls must be loud, not silently dropped —
|
|
50
|
+
// partial writes, migration bugs, or manual DB edits would otherwise
|
|
51
|
+
// feed the LLM a truncated history. Issue #63: use the injected logger
|
|
52
|
+
// (never console.* directly) so tests / hosts can capture warnings.
|
|
53
|
+
const errMsg = e instanceof Error ? e.message : String(e);
|
|
54
|
+
logger.warn(`[SQLiteConversationStore] Invalid tool_calls JSON (rowId=${row.id}, threadId=${row.thread_id}): ${errMsg}`);
|
|
55
|
+
throw new Error(`Corrupted tool_calls JSON for rowId=${row.id} (threadId=${row.thread_id}): ${errMsg}`);
|
|
47
56
|
}
|
|
48
57
|
}
|
|
49
58
|
return {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"sqlite-conversation-store.js","sourceRoot":"","sources":["../../src/storage/sqlite-conversation-store.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"sqlite-conversation-store.js","sourceRoot":"","sources":["../../src/storage/sqlite-conversation-store.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAGlD;;GAEG;AACH,MAAM,OAAO,uBAAuB;IACjB,QAAQ,CAAiB;IACzB,MAAM,CAAS;IAEhC,YAAY,QAAwB,EAAE,MAAe;QACnD,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACzB,IAAI,CAAC,MAAM,GAAG,MAAM,IAAI,YAAY,CAAC,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,yBAAyB,EAAE,CAAC,CAAC;IAC7F,CAAC;IAED,aAAa,CAAC,OAAoB,EAAE,QAAgB;QAClD,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,OAAO,CAAC;;;KAGxB,CAAC,CAAC,GAAG,CACJ,QAAQ,EACR,OAAO,CAAC,IAAI,EACZ,OAAO,OAAO,CAAC,OAAO,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,OAAO,CAAC,EACvF,OAAO,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,EAC5D,OAAO,CAAC,UAAU,IAAI,IAAI,EAC1B,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EACtB,OAAO,CAAC,SAAS,CAClB,CAAC;IACJ,CAAC;IAED,UAAU,CAAC,QAAgB;QACzB,MAAM,IAAI,GAAG,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,OAAO,CACnC,yEAAyE,CAC1E,CAAC,GAAG,CAAC,QAAQ,CAAsB,CAAC;QACrC,OAAO,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,YAAY,CAAC,GAAG,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC;IACzD,CAAC;IAED,UAAU,CAAC,QAAgB;QACzB,MAAM,IAAI,GAAG,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,OAAO,CACnC,wFAAwF,CACzF,CAAC,GAAG,CAAC,QAAQ,CAAsB,CAAC;QACrC,OAAO,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,YAAY,CAAC,GAAG,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC;IACzD,CAAC;IAED,WAAW,CAAC,QAAgB;QAC1B,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,OAAO,CAAC,+CAA+C,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IAC1F,CAAC;CACF;AAED,MAAM,WAAW,GAAG,IAAI,GAAG,CAAS,CAAC,MAAM,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC,CAAC;AAE7E,SAAS,YAAY,CAAC,GAAoB,EAAE,MAAc;IACxD,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;QAC/B,MAAM,IAAI,KAAK,CAAC,sCAAsC,GAAG,CAAC,IAAI,GAAG,CAAC,CAAC;IACrE,CAAC;IAED,IAAI,OAAqF,CAAC;IAC1F,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QACvC,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC;IACzD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,GAAG,GAAG,CAAC,OAAO,CAAC;IACxB,CAAC;IAED,IAAI,SAAmC,CAAC;IACxC,IAAI,GAAG,CAAC,UAAU,EAAE,CAAC;QACnB,IAAI,CAAC;YACH,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;QACzC,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,uEAAuE;YACvE,qEAAqE;YACrE,uEAAuE;YACvE,oEAAoE;YACpE,MAAM,MAAM,GAAG,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;YAC1D,MAAM,CAAC,IAAI,CACT,4DAA4D,GAAG,CAAC,EAAE,cAAc,GAAG,CAAC,SAAS,MAAM,MAAM,EAAE,CAC5G,CAAC;YACF,MAAM,IAAI,KAAK,CACb,uCAAuC,GAAG,CAAC,EAAE,cAAc,GAAG,CAAC,SAAS,MAAM,MAAM,EAAE,CACvF,CAAC;QACJ,CAAC;IACH,CAAC;IAED,OAAO;QACL,IAAI,EAAE,GAAG,CAAC,IAA2B;QACrC,OAAO,EAAE,OAAiC;QAC1C,SAAS;QACT,UAAU,EAAE,GAAG,CAAC,YAAY,IAAI,SAAS;QACzC,MAAM,EAAE,GAAG,CAAC,MAAM,KAAK,CAAC;QACxB,SAAS,EAAE,GAAG,CAAC,UAAU;KAC1B,CAAC;AACJ,CAAC"}
|
|
@@ -1,3 +1,9 @@
|
|
|
1
1
|
import type { AgentTool } from '../../contracts/entities/agent-tool.js';
|
|
2
|
-
export
|
|
2
|
+
export interface BashToolOptions {
|
|
3
|
+
/** Restrict the subprocess working directory. Commands run relative to this path. */
|
|
4
|
+
workingDir?: string;
|
|
5
|
+
/** If set, only commands whose first token matches a prefix in this list are allowed. */
|
|
6
|
+
allowedCommands?: string[];
|
|
7
|
+
}
|
|
8
|
+
export declare function createBashTool(options?: BashToolOptions): AgentTool;
|
|
3
9
|
//# sourceMappingURL=bash.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"bash.d.ts","sourceRoot":"","sources":["../../../src/tools/builtin/bash.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,wCAAwC,CAAC;AAkCxE,wBAAgB,cAAc,
|
|
1
|
+
{"version":3,"file":"bash.d.ts","sourceRoot":"","sources":["../../../src/tools/builtin/bash.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,wCAAwC,CAAC;AAkCxE,MAAM,WAAW,eAAe;IAC9B,qFAAqF;IACrF,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,yFAAyF;IACzF,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;CAC5B;AAED,wBAAgB,cAAc,CAAC,OAAO,GAAE,eAAoB,GAAG,SAAS,CA6EvE"}
|
|
@@ -32,7 +32,8 @@ const BashParams = z.object({
|
|
|
32
32
|
.optional()
|
|
33
33
|
.describe('Timeout in milliseconds. Default: 120000 (2 minutes). Max: 300000 (5 minutes).'),
|
|
34
34
|
});
|
|
35
|
-
export function createBashTool() {
|
|
35
|
+
export function createBashTool(options = {}) {
|
|
36
|
+
const { workingDir, allowedCommands } = options;
|
|
36
37
|
return {
|
|
37
38
|
name: 'Bash',
|
|
38
39
|
description: 'Execute a shell command and return stdout/stderr.',
|
|
@@ -41,12 +42,32 @@ export function createBashTool() {
|
|
|
41
42
|
timeoutMs: DEFAULT_TIMEOUT,
|
|
42
43
|
async execute(rawArgs, signal) {
|
|
43
44
|
const { command, timeout } = BashParams.parse(rawArgs);
|
|
45
|
+
if (allowedCommands && allowedCommands.length > 0) {
|
|
46
|
+
// Reject shell metacharacters that allow command chaining/injection even when the
|
|
47
|
+
// first token is in the allow-list (e.g. "ls; rm -rf /", "echo hi | cat").
|
|
48
|
+
const DANGEROUS_METACHAR = /[;&|`$<>()\n\\]/;
|
|
49
|
+
if (DANGEROUS_METACHAR.test(command)) {
|
|
50
|
+
return {
|
|
51
|
+
content: 'Command contains forbidden shell metacharacters',
|
|
52
|
+
isError: true,
|
|
53
|
+
};
|
|
54
|
+
}
|
|
55
|
+
const firstToken = command.trimStart().split(/\s+/)[0] ?? '';
|
|
56
|
+
const allowed = allowedCommands.some(prefix => firstToken === prefix);
|
|
57
|
+
if (!allowed) {
|
|
58
|
+
return {
|
|
59
|
+
content: `Command not allowed by allowedCommands policy. Allowed prefixes: ${allowedCommands.join(', ')}`,
|
|
60
|
+
isError: true,
|
|
61
|
+
};
|
|
62
|
+
}
|
|
63
|
+
}
|
|
44
64
|
const effectiveTimeout = timeout ?? DEFAULT_TIMEOUT;
|
|
45
65
|
return new Promise((resolve) => {
|
|
46
66
|
const child = exec(command, {
|
|
47
67
|
timeout: effectiveTimeout,
|
|
48
68
|
maxBuffer: MAX_OUTPUT,
|
|
49
69
|
shell: process.env.SHELL || '/bin/sh',
|
|
70
|
+
...(workingDir ? { cwd: workingDir } : {}),
|
|
50
71
|
// Detach on POSIX so the child gets its own process group —
|
|
51
72
|
// lets us kill the whole tree (including backgrounded grandchildren).
|
|
52
73
|
...(process.platform !== 'win32' ? { detached: true } : {}),
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"bash.js","sourceRoot":"","sources":["../../../src/tools/builtin/bash.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,oBAAoB,CAAC;AAC1C,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAGxB;;;;;;GAMG;AACH,SAAS,QAAQ,CAAC,GAAuB,EAAE,SAAyB,SAAS;IAC3E,IAAI,CAAC,GAAG;QAAE,OAAO;IACjB,IAAI,CAAC;QACH,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE,CAAC;YACjC,OAAO,CAAC,IAAI,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;QAC5B,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;QAC7B,CAAC;IACH,CAAC;IAAC,MAAM,CAAC,CAAC,oBAAoB,CAAC,CAAC;AAClC,CAAC;AAED,MAAM,eAAe,GAAG,OAAO,CAAC;AAChC,MAAM,UAAU,GAAG,OAAO,CAAC,CAAC,QAAQ;AAEpC,MAAM,UAAU,GAAG,CAAC,CAAC,MAAM,CAAC;IAC1B,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,0BAA0B,CAAC;IACxD,OAAO,EAAE,CAAC;SACP,MAAM,EAAE;SACR,GAAG,EAAE;SACL,GAAG,CAAC,CAAC,EAAE,8BAA8B,CAAC;SACtC,GAAG,CAAC,OAAO,EAAE,4CAA4C,CAAC;SAC1D,QAAQ,EAAE;SACV,QAAQ,CAAC,gFAAgF,CAAC;CAC9F,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"bash.js","sourceRoot":"","sources":["../../../src/tools/builtin/bash.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,oBAAoB,CAAC;AAC1C,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAGxB;;;;;;GAMG;AACH,SAAS,QAAQ,CAAC,GAAuB,EAAE,SAAyB,SAAS;IAC3E,IAAI,CAAC,GAAG;QAAE,OAAO;IACjB,IAAI,CAAC;QACH,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE,CAAC;YACjC,OAAO,CAAC,IAAI,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;QAC5B,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;QAC7B,CAAC;IACH,CAAC;IAAC,MAAM,CAAC,CAAC,oBAAoB,CAAC,CAAC;AAClC,CAAC;AAED,MAAM,eAAe,GAAG,OAAO,CAAC;AAChC,MAAM,UAAU,GAAG,OAAO,CAAC,CAAC,QAAQ;AAEpC,MAAM,UAAU,GAAG,CAAC,CAAC,MAAM,CAAC;IAC1B,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,0BAA0B,CAAC;IACxD,OAAO,EAAE,CAAC;SACP,MAAM,EAAE;SACR,GAAG,EAAE;SACL,GAAG,CAAC,CAAC,EAAE,8BAA8B,CAAC;SACtC,GAAG,CAAC,OAAO,EAAE,4CAA4C,CAAC;SAC1D,QAAQ,EAAE;SACV,QAAQ,CAAC,gFAAgF,CAAC;CAC9F,CAAC,CAAC;AASH,MAAM,UAAU,cAAc,CAAC,UAA2B,EAAE;IAC1D,MAAM,EAAE,UAAU,EAAE,eAAe,EAAE,GAAG,OAAO,CAAC;IAEhD,OAAO;QACL,IAAI,EAAE,MAAM;QACZ,WAAW,EAAE,mDAAmD;QAChE,UAAU,EAAE,UAAU;QACtB,aAAa,EAAE,IAAI,EAAE,gDAAgD;QACrE,SAAS,EAAE,eAAe;QAE1B,KAAK,CAAC,OAAO,CAAC,OAAgB,EAAE,MAAmB;YACjD,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,GAAG,UAAU,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;YAEvD,IAAI,eAAe,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAClD,kFAAkF;gBAClF,2EAA2E;gBAC3E,MAAM,kBAAkB,GAAG,iBAAiB,CAAC;gBAC7C,IAAI,kBAAkB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;oBACrC,OAAO;wBACL,OAAO,EAAE,iDAAiD;wBAC1D,OAAO,EAAE,IAAI;qBACd,CAAC;gBACJ,CAAC;gBACD,MAAM,UAAU,GAAG,OAAO,CAAC,SAAS,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;gBAC7D,MAAM,OAAO,GAAG,eAAe,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,UAAU,KAAK,MAAM,CAAC,CAAC;gBACtE,IAAI,CAAC,OAAO,EAAE,CAAC;oBACb,OAAO;wBACL,OAAO,EAAE,oEAAoE,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;wBACzG,OAAO,EAAE,IAAI;qBACd,CAAC;gBACJ,CAAC;YACH,CAAC;YAED,MAAM,gBAAgB,GAAG,OAAO,IAAI,eAAe,CAAC;YAEpD,OAAO,IAAI,OAAO,CAAkD,CAAC,OAAO,EAAE,EAAE;gBAC9E,MAAM,KAAK,GAAG,IAAI,CAAC,OAAO,EAAE;oBAC1B,OAAO,EAAE,gBAAgB;oBACzB,SAAS,EAAE,UAAU;oBACrB,KAAK,EAAE,OAAO,CAAC,GAAG,CAAC,KAAK,IAAI,SAAS;oBACrC,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,UAAU,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;oBAC1C,4DAA4D;oBAC5D,sEAAsE;oBACtE,GAAG,CAAC,OAAO,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;iBAC5D,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,EAAE;oBAC3B,MAAM,GAAG,GAAG,MAAM,EAAE,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,IAAI,EAAE,CAAC;oBAC/C,MAAM,GAAG,GAAG,MAAM,EAAE,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,IAAI,EAAE,CAAC;oBAE/C,IAAI,KAAK,EAAE,CAAC;wBACV,MAAM,QAAQ,GAAG,KAAK,CAAC,IAAI,IAAI,SAAS,CAAC;wBACzC,MAAM,KAAK,GAAa,EAAE,CAAC;wBAC3B,IAAI,GAAG;4BAAE,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;wBACzB,IAAI,GAAG;4BAAE,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;wBACzB,IAAI,CAAC,GAAG,IAAI,CAAC,GAAG;4BAAE,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;wBAC5C,KAAK,CAAC,IAAI,CAAC,gBAAgB,QAAQ,EAAE,CAAC,CAAC;wBAEvC,OAAO,CAAC,EAAE,OAAO,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;wBACtD,OAAO;oBACT,CAAC;oBAED,MAAM,KAAK,GAAa,EAAE,CAAC;oBAC3B,IAAI,GAAG;wBAAE,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;oBACzB,IAAI,GAAG;wBAAE,KAAK,CAAC,IAAI,CAAC,aAAa,GAAG,EAAE,CAAC,CAAC;oBACxC,IAAI,CAAC,GAAG,IAAI,CAAC,GAAG;wBAAE,KAAK,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;oBAE5C,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;gBAC5B,CAAC,CAAC,CAAC;gBAEH,gEAAgE;gBAChE,+CAA+C;gBAC/C,MAAM,OAAO,GAAG,GAAS,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;gBAC3D,IAAI,MAAM,CAAC,OAAO;oBAAE,OAAO,EAAE,CAAC;;oBACzB,MAAM,CAAC,gBAAgB,CAAC,OAAO,EAAE,OAAO,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;gBAC/D,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,mBAAmB,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC;YACxE,CAAC,CAAC,CAAC;QACL,CAAC;KACF,CAAC;AACJ,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"file-edit.d.ts","sourceRoot":"","sources":["../../../src/tools/builtin/file-edit.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,wCAAwC,CAAC;
|
|
1
|
+
{"version":3,"file":"file-edit.d.ts","sourceRoot":"","sources":["../../../src/tools/builtin/file-edit.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,wCAAwC,CAAC;AAUxE,wBAAgB,kBAAkB,CAAC,UAAU,CAAC,EAAE,MAAM,GAAG,SAAS,CAqDjE"}
|
|
@@ -1,12 +1,13 @@
|
|
|
1
1
|
import { readFile, writeFile } from 'node:fs/promises';
|
|
2
2
|
import { z } from 'zod';
|
|
3
|
+
import { assertSafePath } from './path-guard.js';
|
|
3
4
|
const FileEditParams = z.object({
|
|
4
5
|
file_path: z.string().describe('Absolute path to the file to edit'),
|
|
5
6
|
old_string: z.string().describe('Exact string to find and replace'),
|
|
6
7
|
new_string: z.string().describe('Replacement string'),
|
|
7
8
|
replace_all: z.boolean().optional().describe('Replace all occurrences. Default: false (must be unique).'),
|
|
8
9
|
});
|
|
9
|
-
export function createFileEditTool() {
|
|
10
|
+
export function createFileEditTool(workingDir) {
|
|
10
11
|
return {
|
|
11
12
|
name: 'Edit',
|
|
12
13
|
description: 'Find and replace exact strings in a file. By default, old_string must be unique in the file.',
|
|
@@ -14,6 +15,14 @@ export function createFileEditTool() {
|
|
|
14
15
|
getFilePath: (args) => args.file_path,
|
|
15
16
|
async execute(rawArgs) {
|
|
16
17
|
const { file_path, old_string, new_string, replace_all } = rawArgs;
|
|
18
|
+
if (workingDir) {
|
|
19
|
+
try {
|
|
20
|
+
assertSafePath(file_path, workingDir);
|
|
21
|
+
}
|
|
22
|
+
catch (error) {
|
|
23
|
+
return { content: error.message, isError: true };
|
|
24
|
+
}
|
|
25
|
+
}
|
|
17
26
|
let content;
|
|
18
27
|
try {
|
|
19
28
|
content = await readFile(file_path, 'utf-8');
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"file-edit.js","sourceRoot":"","sources":["../../../src/tools/builtin/file-edit.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AACvD,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;
|
|
1
|
+
{"version":3,"file":"file-edit.js","sourceRoot":"","sources":["../../../src/tools/builtin/file-edit.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AACvD,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,OAAO,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC;AAEjD,MAAM,cAAc,GAAG,CAAC,CAAC,MAAM,CAAC;IAC9B,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,mCAAmC,CAAC;IACnE,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,kCAAkC,CAAC;IACnE,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,oBAAoB,CAAC;IACrD,WAAW,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,2DAA2D,CAAC;CAC1G,CAAC,CAAC;AAEH,MAAM,UAAU,kBAAkB,CAAC,UAAmB;IACpD,OAAO;QACL,IAAI,EAAE,MAAM;QACZ,WAAW,EAAE,8FAA8F;QAC3G,UAAU,EAAE,cAAc;QAC1B,WAAW,EAAE,CAAC,IAAI,EAAE,EAAE,CAAE,IAA8B,CAAC,SAAS;QAEhE,KAAK,CAAC,OAAO,CAAC,OAAgB;YAC5B,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,UAAU,EAAE,WAAW,EAAE,GAAG,OAAyC,CAAC;YAErG,IAAI,UAAU,EAAE,CAAC;gBACf,IAAI,CAAC;oBACH,cAAc,CAAC,SAAS,EAAE,UAAU,CAAC,CAAC;gBACxC,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,OAAO,EAAE,OAAO,EAAG,KAAe,CAAC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;gBAC9D,CAAC;YACH,CAAC;YAED,IAAI,OAAe,CAAC;YACpB,IAAI,CAAC;gBACH,OAAO,GAAG,MAAM,QAAQ,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;YAC/C,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,EAAE,OAAO,EAAE,qBAAqB,SAAS,MAAO,KAAe,CAAC,OAAO,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;YACpG,CAAC;YAED,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;gBAClC,OAAO,EAAE,OAAO,EAAE,2BAA2B,SAAS,iCAAiC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;YAC3G,CAAC;YAED,IAAI,CAAC,WAAW,EAAE,CAAC;gBACjB,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC;gBACnD,IAAI,KAAK,GAAG,CAAC,EAAE,CAAC;oBACd,OAAO;wBACL,OAAO,EAAE,oBAAoB,KAAK,sBAAsB,SAAS,oEAAoE;wBACrI,OAAO,EAAE,IAAI;qBACd,CAAC;gBACJ,CAAC;YACH,CAAC;YAED,MAAM,OAAO,GAAG,WAAW;gBACzB,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC;gBAC5C,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;YAE5C,IAAI,CAAC;gBACH,MAAM,SAAS,CAAC,SAAS,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;YAC/C,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,EAAE,OAAO,EAAE,sBAAsB,SAAS,MAAO,KAAe,CAAC,OAAO,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;YACrG,CAAC;YAED,MAAM,YAAY,GAAG,WAAW,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YAC5E,OAAO,uBAAuB,SAAS,KAAK,YAAY,eAAe,YAAY,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC;QACxG,CAAC;KACF,CAAC;AACJ,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"file-read.d.ts","sourceRoot":"","sources":["../../../src/tools/builtin/file-read.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,wCAAwC,CAAC;
|
|
1
|
+
{"version":3,"file":"file-read.d.ts","sourceRoot":"","sources":["../../../src/tools/builtin/file-read.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,wCAAwC,CAAC;AAYxE,wBAAgB,kBAAkB,CAAC,UAAU,CAAC,EAAE,MAAM,GAAG,SAAS,CAkDjE"}
|
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
import { readFile, stat } from 'node:fs/promises';
|
|
2
2
|
import { z } from 'zod';
|
|
3
|
+
import { assertSafePath } from './path-guard.js';
|
|
3
4
|
const MAX_FILE_SIZE = 1_000_000; // 1MB
|
|
4
5
|
const DEFAULT_LIMIT = 2000;
|
|
5
6
|
const FileReadParams = z.object({
|
|
@@ -7,7 +8,7 @@ const FileReadParams = z.object({
|
|
|
7
8
|
offset: z.number().optional().describe('Line number to start reading from (1-based)'),
|
|
8
9
|
limit: z.number().optional().describe('Number of lines to read. Default: 2000'),
|
|
9
10
|
});
|
|
10
|
-
export function createFileReadTool() {
|
|
11
|
+
export function createFileReadTool(workingDir) {
|
|
11
12
|
return {
|
|
12
13
|
name: 'Read',
|
|
13
14
|
description: 'Read file contents with line numbers. Supports partial reads with offset and limit.',
|
|
@@ -17,6 +18,14 @@ export function createFileReadTool() {
|
|
|
17
18
|
getFilePath: (args) => args.file_path,
|
|
18
19
|
async execute(rawArgs) {
|
|
19
20
|
const { file_path, offset, limit } = rawArgs;
|
|
21
|
+
if (workingDir) {
|
|
22
|
+
try {
|
|
23
|
+
assertSafePath(file_path, workingDir);
|
|
24
|
+
}
|
|
25
|
+
catch (error) {
|
|
26
|
+
return { content: error.message, isError: true };
|
|
27
|
+
}
|
|
28
|
+
}
|
|
20
29
|
try {
|
|
21
30
|
const fileStat = await stat(file_path);
|
|
22
31
|
if (fileStat.size > MAX_FILE_SIZE) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"file-read.js","sourceRoot":"","sources":["../../../src/tools/builtin/file-read.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,kBAAkB,CAAC;AAClD,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;
|
|
1
|
+
{"version":3,"file":"file-read.js","sourceRoot":"","sources":["../../../src/tools/builtin/file-read.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,kBAAkB,CAAC;AAClD,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,OAAO,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC;AAEjD,MAAM,aAAa,GAAG,SAAS,CAAC,CAAC,MAAM;AACvC,MAAM,aAAa,GAAG,IAAI,CAAC;AAE3B,MAAM,cAAc,GAAG,CAAC,CAAC,MAAM,CAAC;IAC9B,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,mCAAmC,CAAC;IACnE,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,6CAA6C,CAAC;IACrF,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,wCAAwC,CAAC;CAChF,CAAC,CAAC;AAEH,MAAM,UAAU,kBAAkB,CAAC,UAAmB;IACpD,OAAO;QACL,IAAI,EAAE,MAAM;QACZ,WAAW,EAAE,qFAAqF;QAClG,UAAU,EAAE,cAAc;QAC1B,iBAAiB,EAAE,IAAI;QACvB,UAAU,EAAE,IAAI;QAChB,WAAW,EAAE,CAAC,IAAI,EAAE,EAAE,CAAE,IAA8B,CAAC,SAAS;QAEhE,KAAK,CAAC,OAAO,CAAC,OAAgB;YAC5B,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,KAAK,EAAE,GAAG,OAAyC,CAAC;YAE/E,IAAI,UAAU,EAAE,CAAC;gBACf,IAAI,CAAC;oBACH,cAAc,CAAC,SAAS,EAAE,UAAU,CAAC,CAAC;gBACxC,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,OAAO,EAAE,OAAO,EAAG,KAAe,CAAC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;gBAC9D,CAAC;YACH,CAAC;YAED,IAAI,CAAC;gBACH,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,CAAC;gBACvC,IAAI,QAAQ,CAAC,IAAI,GAAG,aAAa,EAAE,CAAC;oBAClC,OAAO,EAAE,OAAO,EAAE,mBAAmB,QAAQ,CAAC,IAAI,6CAA6C,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;gBACnH,CAAC;gBAED,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;gBACnD,MAAM,QAAQ,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAErC,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,MAAM,IAAI,CAAC,CAAC,CAAC;gBAC3C,MAAM,SAAS,GAAG,KAAK,IAAI,aAAa,CAAC;gBACzC,MAAM,OAAO,GAAG,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM,EAAE,SAAS,GAAG,SAAS,GAAG,CAAC,CAAC,CAAC;gBAErE,MAAM,QAAQ,GAAG,QAAQ;qBACtB,KAAK,CAAC,SAAS,GAAG,CAAC,EAAE,OAAO,CAAC;qBAC7B,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,MAAM,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;qBACjE,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEd,MAAM,KAAK,GAAG,QAAQ,CAAC,MAAM,CAAC;gBAC9B,MAAM,OAAO,GAAG,OAAO,GAAG,SAAS,GAAG,CAAC,CAAC;gBACxC,MAAM,MAAM,GAAG,OAAO,GAAG,KAAK;oBAC5B,CAAC,CAAC,iBAAiB,SAAS,IAAI,OAAO,OAAO,KAAK,KAAK;oBACxD,CAAC,CAAC,EAAE,CAAC;gBAEP,OAAO,GAAG,MAAM,GAAG,QAAQ,EAAE,CAAC;YAChC,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,EAAE,OAAO,EAAE,qBAAqB,SAAS,MAAO,KAAe,CAAC,OAAO,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;YACpG,CAAC;QACH,CAAC;KACF,CAAC;AACJ,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"file-write.d.ts","sourceRoot":"","sources":["../../../src/tools/builtin/file-write.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,wCAAwC,CAAC;
|
|
1
|
+
{"version":3,"file":"file-write.d.ts","sourceRoot":"","sources":["../../../src/tools/builtin/file-write.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,wCAAwC,CAAC;AAQxE,wBAAgB,mBAAmB,CAAC,UAAU,CAAC,EAAE,MAAM,GAAG,SAAS,CA6BlE"}
|
|
@@ -1,11 +1,12 @@
|
|
|
1
1
|
import { writeFile, mkdir } from 'node:fs/promises';
|
|
2
2
|
import { dirname } from 'node:path';
|
|
3
3
|
import { z } from 'zod';
|
|
4
|
+
import { assertSafePath } from './path-guard.js';
|
|
4
5
|
const FileWriteParams = z.object({
|
|
5
6
|
file_path: z.string().describe('Absolute path to the file to write'),
|
|
6
7
|
content: z.string().describe('Content to write to the file'),
|
|
7
8
|
});
|
|
8
|
-
export function createFileWriteTool() {
|
|
9
|
+
export function createFileWriteTool(workingDir) {
|
|
9
10
|
return {
|
|
10
11
|
name: 'Write',
|
|
11
12
|
description: 'Write content to a file. Creates parent directories if needed. Overwrites existing files.',
|
|
@@ -14,6 +15,14 @@ export function createFileWriteTool() {
|
|
|
14
15
|
getFilePath: (args) => args.file_path,
|
|
15
16
|
async execute(rawArgs) {
|
|
16
17
|
const { file_path, content } = rawArgs;
|
|
18
|
+
if (workingDir) {
|
|
19
|
+
try {
|
|
20
|
+
assertSafePath(file_path, workingDir);
|
|
21
|
+
}
|
|
22
|
+
catch (error) {
|
|
23
|
+
return { content: error.message, isError: true };
|
|
24
|
+
}
|
|
25
|
+
}
|
|
17
26
|
try {
|
|
18
27
|
await mkdir(dirname(file_path), { recursive: true });
|
|
19
28
|
await writeFile(file_path, content, 'utf-8');
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"file-write.js","sourceRoot":"","sources":["../../../src/tools/builtin/file-write.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,kBAAkB,CAAC;AACpD,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;
|
|
1
|
+
{"version":3,"file":"file-write.js","sourceRoot":"","sources":["../../../src/tools/builtin/file-write.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,kBAAkB,CAAC;AACpD,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,OAAO,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC;AAEjD,MAAM,eAAe,GAAG,CAAC,CAAC,MAAM,CAAC;IAC/B,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,oCAAoC,CAAC;IACpE,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,8BAA8B,CAAC;CAC7D,CAAC,CAAC;AAEH,MAAM,UAAU,mBAAmB,CAAC,UAAmB;IACrD,OAAO;QACL,IAAI,EAAE,OAAO;QACb,WAAW,EAAE,2FAA2F;QACxG,UAAU,EAAE,eAAe;QAC3B,aAAa,EAAE,IAAI;QACnB,WAAW,EAAE,CAAC,IAAI,EAAE,EAAE,CAAE,IAA8B,CAAC,SAAS;QAEhE,KAAK,CAAC,OAAO,CAAC,OAAgB;YAC5B,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,GAAG,OAA0C,CAAC;YAE1E,IAAI,UAAU,EAAE,CAAC;gBACf,IAAI,CAAC;oBACH,cAAc,CAAC,SAAS,EAAE,UAAU,CAAC,CAAC;gBACxC,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,OAAO,EAAE,OAAO,EAAG,KAAe,CAAC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;gBAC9D,CAAC;YACH,CAAC;YAED,IAAI,CAAC;gBACH,MAAM,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;gBACrD,MAAM,SAAS,CAAC,SAAS,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;gBAC7C,MAAM,KAAK,GAAG,MAAM,CAAC,UAAU,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;gBAClD,OAAO,sBAAsB,KAAK,aAAa,SAAS,EAAE,CAAC;YAC7D,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,EAAE,OAAO,EAAE,sBAAsB,SAAS,MAAO,KAAe,CAAC,OAAO,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;YACrG,CAAC;QACH,CAAC;KACF,CAAC;AACJ,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"glob.d.ts","sourceRoot":"","sources":["../../../src/tools/builtin/glob.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,wCAAwC,CAAC;
|
|
1
|
+
{"version":3,"file":"glob.d.ts","sourceRoot":"","sources":["../../../src/tools/builtin/glob.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,wCAAwC,CAAC;AAwBxE,wBAAgB,cAAc,CAAC,UAAU,CAAC,EAAE,MAAM,GAAG,SAAS,CA6D7D"}
|
|
@@ -2,6 +2,7 @@ import { readdir, stat } from 'node:fs/promises';
|
|
|
2
2
|
import { join, relative, sep } from 'node:path';
|
|
3
3
|
import { z } from 'zod';
|
|
4
4
|
import { matchGlob } from '../../skills/skill-glob.js';
|
|
5
|
+
import { assertSafePath } from './path-guard.js';
|
|
5
6
|
const MAX_RESULTS = 100;
|
|
6
7
|
const GlobParams = z.object({
|
|
7
8
|
pattern: z.string().describe('Glob pattern to match (e.g. "**/*.ts", "src/*.js")'),
|
|
@@ -21,7 +22,7 @@ async function walkDir(dir, results) {
|
|
|
21
22
|
}
|
|
22
23
|
}
|
|
23
24
|
}
|
|
24
|
-
export function createGlobTool() {
|
|
25
|
+
export function createGlobTool(workingDir) {
|
|
25
26
|
return {
|
|
26
27
|
name: 'Glob',
|
|
27
28
|
description: 'Fast file pattern matching. Returns matching file paths sorted by modification time.',
|
|
@@ -30,7 +31,15 @@ export function createGlobTool() {
|
|
|
30
31
|
isReadOnly: true,
|
|
31
32
|
async execute(rawArgs, _signal) {
|
|
32
33
|
const { pattern, path: searchPath } = rawArgs;
|
|
33
|
-
|
|
34
|
+
if (workingDir && searchPath) {
|
|
35
|
+
try {
|
|
36
|
+
assertSafePath(searchPath, workingDir);
|
|
37
|
+
}
|
|
38
|
+
catch (error) {
|
|
39
|
+
return { content: error.message, isError: true };
|
|
40
|
+
}
|
|
41
|
+
}
|
|
42
|
+
const baseDir = searchPath || workingDir || process.cwd();
|
|
34
43
|
const allFiles = [];
|
|
35
44
|
try {
|
|
36
45
|
await walkDir(baseDir, allFiles);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"glob.js","sourceRoot":"","sources":["../../../src/tools/builtin/glob.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,kBAAkB,CAAC;AACjD,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,GAAG,EAAE,MAAM,WAAW,CAAC;AAChD,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,OAAO,EAAE,SAAS,EAAE,MAAM,4BAA4B,CAAC;
|
|
1
|
+
{"version":3,"file":"glob.js","sourceRoot":"","sources":["../../../src/tools/builtin/glob.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,kBAAkB,CAAC;AACjD,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,GAAG,EAAE,MAAM,WAAW,CAAC;AAChD,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,OAAO,EAAE,SAAS,EAAE,MAAM,4BAA4B,CAAC;AACvD,OAAO,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC;AAEjD,MAAM,WAAW,GAAG,GAAG,CAAC;AAExB,MAAM,UAAU,GAAG,CAAC,CAAC,MAAM,CAAC;IAC1B,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,oDAAoD,CAAC;IAClF,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,0CAA0C,CAAC;CACjF,CAAC,CAAC;AAEH,KAAK,UAAU,OAAO,CAAC,GAAW,EAAE,OAAiB;IACnD,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,GAAG,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC;IAC5D,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;QAC5B,IAAI,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC;YAAE,SAAS;QACzC,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC;QACnC,IAAI,KAAK,CAAC,WAAW,EAAE,EAAE,CAAC;YACxB,MAAM,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;QAC/B,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACrB,CAAC;IACH,CAAC;AACH,CAAC;AAED,MAAM,UAAU,cAAc,CAAC,UAAmB;IAChD,OAAO;QACL,IAAI,EAAE,MAAM;QACZ,WAAW,EAAE,sFAAsF;QACnG,UAAU,EAAE,UAAU;QACtB,iBAAiB,EAAE,IAAI;QACvB,UAAU,EAAE,IAAI;QAEhB,KAAK,CAAC,OAAO,CAAC,OAAgB,EAAE,OAAoB;YAClD,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,GAAG,OAAqC,CAAC;YAE5E,IAAI,UAAU,IAAI,UAAU,EAAE,CAAC;gBAC7B,IAAI,CAAC;oBACH,cAAc,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;gBACzC,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,OAAO,EAAE,OAAO,EAAG,KAAe,CAAC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;gBAC9D,CAAC;YACH,CAAC;YAED,MAAM,OAAO,GAAG,UAAU,IAAI,UAAU,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC;YAE1D,MAAM,QAAQ,GAAa,EAAE,CAAC;YAC9B,IAAI,CAAC;gBACH,MAAM,OAAO,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;YACnC,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,EAAE,OAAO,EAAE,0BAA0B,OAAO,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;YACzE,CAAC;YAED,0EAA0E;YAC1E,qEAAqE;YACrE,MAAM,OAAO,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE;gBAClC,MAAM,GAAG,GAAG,QAAQ,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;gBACjC,IAAI,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,GAAG,KAAK,EAAE;oBAAE,OAAO,KAAK,CAAC;gBACrD,MAAM,KAAK,GAAG,GAAG,KAAK,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;gBAC3D,OAAO,SAAS,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;YACnC,CAAC,CAAC,CAAC;YAEH,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACzB,OAAO,4BAA4B,OAAO,QAAQ,OAAO,EAAE,CAAC;YAC9D,CAAC;YAED,+BAA+B;YAC/B,MAAM,SAAS,GAAG,MAAM,OAAO,CAAC,GAAG,CACjC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,WAAW,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,EAAC,CAAC,EAAC,EAAE;gBAC9C,IAAI,CAAC;oBACH,MAAM,CAAC,GAAG,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC;oBACxB,OAAO,EAAE,IAAI,EAAE,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC;gBACzC,CAAC;gBAAC,MAAM,CAAC;oBACP,OAAO,EAAE,IAAI,EAAE,CAAC,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC;gBACjC,CAAC;YACH,CAAC,CAAC,CACH,CAAC;YACF,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,GAAG,CAAC,CAAC,OAAO,CAAC,CAAC;YAEhD,MAAM,OAAO,GAAG,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC;YAChD,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;YACvC,MAAM,SAAS,GAAG,OAAO,CAAC,MAAM,GAAG,WAAW,CAAC;YAE/C,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,OAAO,CAAC,MAAM,GAAG,WAAW,wBAAwB,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QAC5G,CAAC;KACF,CAAC;AACJ,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"grep.d.ts","sourceRoot":"","sources":["../../../src/tools/builtin/grep.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,wCAAwC,CAAC;
|
|
1
|
+
{"version":3,"file":"grep.d.ts","sourceRoot":"","sources":["../../../src/tools/builtin/grep.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,wCAAwC,CAAC;AAoCxE,wBAAgB,cAAc,CAAC,UAAU,CAAC,EAAE,MAAM,GAAG,SAAS,CA8E7D"}
|
|
@@ -2,6 +2,7 @@ import { readdir, readFile, stat } from 'node:fs/promises';
|
|
|
2
2
|
import { join } from 'node:path';
|
|
3
3
|
import { z } from 'zod';
|
|
4
4
|
import { matchGlob } from '../../skills/skill-glob.js';
|
|
5
|
+
import { assertSafePath } from './path-guard.js';
|
|
5
6
|
const DEFAULT_MAX_RESULTS = 50;
|
|
6
7
|
const GrepParams = z.object({
|
|
7
8
|
pattern: z.string().describe('Regex pattern to search for'),
|
|
@@ -39,7 +40,7 @@ async function collectFiles(dir, globPattern) {
|
|
|
39
40
|
await walk(dir);
|
|
40
41
|
return results;
|
|
41
42
|
}
|
|
42
|
-
export function createGrepTool() {
|
|
43
|
+
export function createGrepTool(workingDir) {
|
|
43
44
|
return {
|
|
44
45
|
name: 'Grep',
|
|
45
46
|
description: 'Search file contents using regex. Returns matching lines with file paths and line numbers.',
|
|
@@ -48,11 +49,20 @@ export function createGrepTool() {
|
|
|
48
49
|
isReadOnly: true,
|
|
49
50
|
async execute(rawArgs, signal) {
|
|
50
51
|
const { pattern, path: searchPath, glob: globFilter, max_results } = rawArgs;
|
|
51
|
-
|
|
52
|
+
if (workingDir && searchPath) {
|
|
53
|
+
try {
|
|
54
|
+
assertSafePath(searchPath, workingDir);
|
|
55
|
+
}
|
|
56
|
+
catch (error) {
|
|
57
|
+
return { content: error.message, isError: true };
|
|
58
|
+
}
|
|
59
|
+
}
|
|
60
|
+
const baseDir = searchPath || workingDir || process.cwd();
|
|
52
61
|
const maxResults = max_results ?? DEFAULT_MAX_RESULTS;
|
|
53
62
|
// Reject patterns that can cause catastrophic backtracking (ReDoS).
|
|
54
|
-
// Catches: quantified groups (a+)+, consecutive quantifiers a+*, quantified classes [a-z]
|
|
55
|
-
|
|
63
|
+
// Catches: quantified groups (a+)+, consecutive quantifiers a+*, quantified classes [a-z]*,
|
|
64
|
+
// and alternation groups with external quantifier (a|ab)*.
|
|
65
|
+
const REDOS_RISK = /(\(.*[+*?]\)|[+*?]{2,}|\[\^?.*\]\*|\([^)]*\|[^)]*\)[+*?{])/;
|
|
56
66
|
if (REDOS_RISK.test(pattern)) {
|
|
57
67
|
return { content: 'Pattern too complex — potential ReDoS risk', isError: true };
|
|
58
68
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"grep.js","sourceRoot":"","sources":["../../../src/tools/builtin/grep.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,kBAAkB,CAAC;AAC3D,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,OAAO,EAAE,SAAS,EAAE,MAAM,4BAA4B,CAAC;
|
|
1
|
+
{"version":3,"file":"grep.js","sourceRoot":"","sources":["../../../src/tools/builtin/grep.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,kBAAkB,CAAC;AAC3D,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,OAAO,EAAE,SAAS,EAAE,MAAM,4BAA4B,CAAC;AACvD,OAAO,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC;AAEjD,MAAM,mBAAmB,GAAG,EAAE,CAAC;AAE/B,MAAM,UAAU,GAAG,CAAC,CAAC,MAAM,CAAC;IAC1B,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,6BAA6B,CAAC;IAC3D,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,0CAA0C,CAAC;IAChF,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,4CAA4C,CAAC;IAClF,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,4CAA4C,CAAC;CAC1F,CAAC,CAAC;AAEH,KAAK,UAAU,YAAY,CAAC,GAAW,EAAE,WAAoB;IAC3D,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,KAAK,UAAU,IAAI,CAAC,CAAS;QAC3B,IAAI,OAAO,CAAC;QACZ,IAAI,CAAC;YAAC,OAAO,GAAG,MAAM,OAAO,CAAC,CAAC,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC;QAAC,CAAC;QAAC,MAAM,CAAC;YAAC,OAAO;QAAC,CAAC;QAC9E,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;YAC5B,IAAI,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,KAAK,CAAC,IAAI,KAAK,cAAc;gBAAE,SAAS;YAC1E,MAAM,IAAI,GAAG,IAAI,CAAC,CAAC,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC;YACjC,IAAI,KAAK,CAAC,WAAW,EAAE,EAAE,CAAC;gBACxB,MAAM,IAAI,CAAC,IAAI,CAAC,CAAC;YACnB,CAAC;iBAAM,CAAC;gBACN,IAAI,WAAW,EAAE,CAAC;oBAChB,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;oBAC5C,IAAI,CAAC,SAAS,CAAC,WAAW,EAAE,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,WAAW,EAAE,KAAK,CAAC,IAAI,CAAC;wBAAE,SAAS;gBACzF,CAAC;gBACD,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACrB,CAAC;QACH,CAAC;IACH,CAAC;IACD,MAAM,IAAI,CAAC,GAAG,CAAC,CAAC;IAChB,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,MAAM,UAAU,cAAc,CAAC,UAAmB;IAChD,OAAO;QACL,IAAI,EAAE,MAAM;QACZ,WAAW,EAAE,4FAA4F;QACzG,UAAU,EAAE,UAAU;QACtB,iBAAiB,EAAE,IAAI;QACvB,UAAU,EAAE,IAAI;QAEhB,KAAK,CAAC,OAAO,CAAC,OAAgB,EAAE,MAAmB;YACjD,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,IAAI,EAAE,UAAU,EAAE,WAAW,EAAE,GAAG,OAAqC,CAAC;YAE3G,IAAI,UAAU,IAAI,UAAU,EAAE,CAAC;gBAC7B,IAAI,CAAC;oBACH,cAAc,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;gBACzC,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,OAAO,EAAE,OAAO,EAAG,KAAe,CAAC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;gBAC9D,CAAC;YACH,CAAC;YAED,MAAM,OAAO,GAAG,UAAU,IAAI,UAAU,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC;YAC1D,MAAM,UAAU,GAAG,WAAW,IAAI,mBAAmB,CAAC;YAEtD,oEAAoE;YACpE,4FAA4F;YAC5F,2DAA2D;YAC3D,MAAM,UAAU,GAAG,4DAA4D,CAAC;YAChF,IAAI,UAAU,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC7B,OAAO,EAAE,OAAO,EAAE,4CAA4C,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;YAClF,CAAC;YAED,IAAI,KAAa,CAAC;YAClB,IAAI,CAAC;gBACH,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;YACnC,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,OAAO,EAAE,OAAO,EAAE,kBAAkB,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;YACnE,CAAC;YAED,8DAA8D;YAC9D,mEAAmE;YACnE,6DAA6D;YAC7D,MAAM,eAAe,GAAG,MAAM,CAAC;YAE/B,MAAM,KAAK,GAAG,MAAM,YAAY,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC;YACtD,MAAM,OAAO,GAAa,EAAE,CAAC;YAE7B,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;gBACzB,IAAI,OAAO,CAAC,MAAM,IAAI,UAAU;oBAAE,MAAM;gBACxC,IAAI,MAAM,CAAC,OAAO;oBAAE,MAAM;gBAE1B,IAAI,CAAC;oBACH,MAAM,CAAC,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,CAAC;oBAC3B,IAAI,CAAC,CAAC,IAAI,GAAG,SAAS;wBAAE,SAAS,CAAC,mBAAmB;oBAErD,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;oBAC9C,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;oBAElC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;wBACtC,IAAI,OAAO,CAAC,MAAM,IAAI,UAAU;4BAAE,MAAM;wBACxC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAE,CAAC;wBACvB,IAAI,IAAI,CAAC,MAAM,GAAG,eAAe;4BAAE,SAAS;wBAC5C,KAAK,CAAC,SAAS,GAAG,CAAC,CAAC;wBACpB,IAAI,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;4BACrB,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC,IAAI,IAAI,CAAC;4BACxD,OAAO,CAAC,IAAI,CAAC,GAAG,QAAQ,IAAI,CAAC,GAAG,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC;wBAC/C,CAAC;oBACH,CAAC;gBACH,CAAC;gBAAC,MAAM,CAAC;oBACP,wBAAwB;gBAC1B,CAAC;YACH,CAAC;YAED,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACzB,OAAO,yBAAyB,OAAO,QAAQ,OAAO,EAAE,CAAC;YAC3D,CAAC;YAED,OAAO,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC5B,CAAC;KACF,CAAC;AACJ,CAAC"}
|
|
@@ -33,9 +33,9 @@ export declare const builtinTools: {
|
|
|
33
33
|
/** Ask user a question (requires callback) */
|
|
34
34
|
askUser: typeof createAskUserTool;
|
|
35
35
|
/** All tools except askUser (which needs a callback) */
|
|
36
|
-
all(): AgentTool[];
|
|
36
|
+
all(workingDir?: string): AgentTool[];
|
|
37
37
|
/** File operation tools: read + write + edit + glob + grep */
|
|
38
|
-
fileOps(): AgentTool[];
|
|
38
|
+
fileOps(workingDir?: string): AgentTool[];
|
|
39
39
|
};
|
|
40
40
|
export { createGlobTool } from './glob.js';
|
|
41
41
|
export { createGrepTool } from './grep.js';
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/tools/builtin/index.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,wCAAwC,CAAC;AACxE,OAAO,EAAE,cAAc,EAAE,MAAM,WAAW,CAAC;AAC3C,OAAO,EAAE,cAAc,EAAE,MAAM,WAAW,CAAC;AAC3C,OAAO,EAAE,kBAAkB,EAAE,MAAM,gBAAgB,CAAC;AACpD,OAAO,EAAE,mBAAmB,EAAE,MAAM,iBAAiB,CAAC;AACtD,OAAO,EAAE,kBAAkB,EAAE,MAAM,gBAAgB,CAAC;AACpD,OAAO,EAAE,cAAc,EAAE,MAAM,WAAW,CAAC;AAC3C,OAAO,EAAE,kBAAkB,EAAE,MAAM,gBAAgB,CAAC;AACpD,OAAO,EAAE,iBAAiB,EAA0C,MAAM,eAAe,CAAC;AAE1F,eAAO,MAAM,YAAY;IACvB,qCAAqC;;IAErC,+BAA+B;;IAE/B,2CAA2C;;IAE3C,yBAAyB;;IAEzB,iCAAiC;;IAEjC,8BAA8B;;IAE9B,wBAAwB;;IAExB,8CAA8C;;IAG9C,wDAAwD;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/tools/builtin/index.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,wCAAwC,CAAC;AACxE,OAAO,EAAE,cAAc,EAAE,MAAM,WAAW,CAAC;AAC3C,OAAO,EAAE,cAAc,EAAE,MAAM,WAAW,CAAC;AAC3C,OAAO,EAAE,kBAAkB,EAAE,MAAM,gBAAgB,CAAC;AACpD,OAAO,EAAE,mBAAmB,EAAE,MAAM,iBAAiB,CAAC;AACtD,OAAO,EAAE,kBAAkB,EAAE,MAAM,gBAAgB,CAAC;AACpD,OAAO,EAAE,cAAc,EAAE,MAAM,WAAW,CAAC;AAC3C,OAAO,EAAE,kBAAkB,EAAE,MAAM,gBAAgB,CAAC;AACpD,OAAO,EAAE,iBAAiB,EAA0C,MAAM,eAAe,CAAC;AAE1F,eAAO,MAAM,YAAY;IACvB,qCAAqC;;IAErC,+BAA+B;;IAE/B,2CAA2C;;IAE3C,yBAAyB;;IAEzB,iCAAiC;;IAEjC,8BAA8B;;IAE9B,wBAAwB;;IAExB,8CAA8C;;IAG9C,wDAAwD;qBACvC,MAAM,GAAG,SAAS,EAAE;IAYrC,8DAA8D;yBACzC,MAAM,GAAG,SAAS,EAAE;CAS1C,CAAC;AAEF,OAAO,EAAE,cAAc,EAAE,MAAM,WAAW,CAAC;AAC3C,OAAO,EAAE,cAAc,EAAE,MAAM,WAAW,CAAC;AAC3C,OAAO,EAAE,kBAAkB,EAAE,MAAM,gBAAgB,CAAC;AACpD,OAAO,EAAE,mBAAmB,EAAE,MAAM,iBAAiB,CAAC;AACtD,OAAO,EAAE,kBAAkB,EAAE,MAAM,gBAAgB,CAAC;AACpD,OAAO,EAAE,cAAc,EAAE,MAAM,WAAW,CAAC;AAC3C,OAAO,EAAE,kBAAkB,EAAE,MAAM,gBAAgB,CAAC;AACpD,OAAO,EAAE,iBAAiB,EAAE,MAAM,eAAe,CAAC;AAClD,YAAY,EAAE,cAAc,EAAE,MAAM,eAAe,CAAC"}
|
|
@@ -32,23 +32,23 @@ export const builtinTools = {
|
|
|
32
32
|
/** Ask user a question (requires callback) */
|
|
33
33
|
askUser: createAskUserTool,
|
|
34
34
|
/** All tools except askUser (which needs a callback) */
|
|
35
|
-
all() {
|
|
35
|
+
all(workingDir) {
|
|
36
36
|
return [
|
|
37
37
|
createGlobTool(),
|
|
38
38
|
createGrepTool(),
|
|
39
39
|
createFileReadTool(),
|
|
40
|
-
createFileWriteTool(),
|
|
41
|
-
createFileEditTool(),
|
|
40
|
+
createFileWriteTool(workingDir),
|
|
41
|
+
createFileEditTool(workingDir),
|
|
42
42
|
createBashTool(),
|
|
43
43
|
createWebFetchTool(),
|
|
44
44
|
];
|
|
45
45
|
},
|
|
46
46
|
/** File operation tools: read + write + edit + glob + grep */
|
|
47
|
-
fileOps() {
|
|
47
|
+
fileOps(workingDir) {
|
|
48
48
|
return [
|
|
49
49
|
createFileReadTool(),
|
|
50
|
-
createFileWriteTool(),
|
|
51
|
-
createFileEditTool(),
|
|
50
|
+
createFileWriteTool(workingDir),
|
|
51
|
+
createFileEditTool(workingDir),
|
|
52
52
|
createGlobTool(),
|
|
53
53
|
createGrepTool(),
|
|
54
54
|
];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/tools/builtin/index.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAGH,OAAO,EAAE,cAAc,EAAE,MAAM,WAAW,CAAC;AAC3C,OAAO,EAAE,cAAc,EAAE,MAAM,WAAW,CAAC;AAC3C,OAAO,EAAE,kBAAkB,EAAE,MAAM,gBAAgB,CAAC;AACpD,OAAO,EAAE,mBAAmB,EAAE,MAAM,iBAAiB,CAAC;AACtD,OAAO,EAAE,kBAAkB,EAAE,MAAM,gBAAgB,CAAC;AACpD,OAAO,EAAE,cAAc,EAAE,MAAM,WAAW,CAAC;AAC3C,OAAO,EAAE,kBAAkB,EAAE,MAAM,gBAAgB,CAAC;AACpD,OAAO,EAAE,iBAAiB,EAA0C,MAAM,eAAe,CAAC;AAE1F,MAAM,CAAC,MAAM,YAAY,GAAG;IAC1B,qCAAqC;IACrC,IAAI,EAAE,cAAc;IACpB,+BAA+B;IAC/B,IAAI,EAAE,cAAc;IACpB,2CAA2C;IAC3C,QAAQ,EAAE,kBAAkB;IAC5B,yBAAyB;IACzB,SAAS,EAAE,mBAAmB;IAC9B,iCAAiC;IACjC,QAAQ,EAAE,kBAAkB;IAC5B,8BAA8B;IAC9B,IAAI,EAAE,cAAc;IACpB,wBAAwB;IACxB,QAAQ,EAAE,kBAAkB;IAC5B,8CAA8C;IAC9C,OAAO,EAAE,iBAAiB;IAE1B,wDAAwD;IACxD,GAAG;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/tools/builtin/index.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAGH,OAAO,EAAE,cAAc,EAAE,MAAM,WAAW,CAAC;AAC3C,OAAO,EAAE,cAAc,EAAE,MAAM,WAAW,CAAC;AAC3C,OAAO,EAAE,kBAAkB,EAAE,MAAM,gBAAgB,CAAC;AACpD,OAAO,EAAE,mBAAmB,EAAE,MAAM,iBAAiB,CAAC;AACtD,OAAO,EAAE,kBAAkB,EAAE,MAAM,gBAAgB,CAAC;AACpD,OAAO,EAAE,cAAc,EAAE,MAAM,WAAW,CAAC;AAC3C,OAAO,EAAE,kBAAkB,EAAE,MAAM,gBAAgB,CAAC;AACpD,OAAO,EAAE,iBAAiB,EAA0C,MAAM,eAAe,CAAC;AAE1F,MAAM,CAAC,MAAM,YAAY,GAAG;IAC1B,qCAAqC;IACrC,IAAI,EAAE,cAAc;IACpB,+BAA+B;IAC/B,IAAI,EAAE,cAAc;IACpB,2CAA2C;IAC3C,QAAQ,EAAE,kBAAkB;IAC5B,yBAAyB;IACzB,SAAS,EAAE,mBAAmB;IAC9B,iCAAiC;IACjC,QAAQ,EAAE,kBAAkB;IAC5B,8BAA8B;IAC9B,IAAI,EAAE,cAAc;IACpB,wBAAwB;IACxB,QAAQ,EAAE,kBAAkB;IAC5B,8CAA8C;IAC9C,OAAO,EAAE,iBAAiB;IAE1B,wDAAwD;IACxD,GAAG,CAAC,UAAmB;QACrB,OAAO;YACL,cAAc,EAAE;YAChB,cAAc,EAAE;YAChB,kBAAkB,EAAE;YACpB,mBAAmB,CAAC,UAAU,CAAC;YAC/B,kBAAkB,CAAC,UAAU,CAAC;YAC9B,cAAc,EAAE;YAChB,kBAAkB,EAAE;SACrB,CAAC;IACJ,CAAC;IAED,8DAA8D;IAC9D,OAAO,CAAC,UAAmB;QACzB,OAAO;YACL,kBAAkB,EAAE;YACpB,mBAAmB,CAAC,UAAU,CAAC;YAC/B,kBAAkB,CAAC,UAAU,CAAC;YAC9B,cAAc,EAAE;YAChB,cAAc,EAAE;SACjB,CAAC;IACJ,CAAC;CACF,CAAC;AAEF,OAAO,EAAE,cAAc,EAAE,MAAM,WAAW,CAAC;AAC3C,OAAO,EAAE,cAAc,EAAE,MAAM,WAAW,CAAC;AAC3C,OAAO,EAAE,kBAAkB,EAAE,MAAM,gBAAgB,CAAC;AACpD,OAAO,EAAE,mBAAmB,EAAE,MAAM,iBAAiB,CAAC;AACtD,OAAO,EAAE,kBAAkB,EAAE,MAAM,gBAAgB,CAAC;AACpD,OAAO,EAAE,cAAc,EAAE,MAAM,WAAW,CAAC;AAC3C,OAAO,EAAE,kBAAkB,EAAE,MAAM,gBAAgB,CAAC;AACpD,OAAO,EAAE,iBAAiB,EAAE,MAAM,eAAe,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"path-guard.d.ts","sourceRoot":"","sources":["../../../src/tools/builtin/path-guard.ts"],"names":[],"mappings":"AAcA;;;GAGG;AACH,wBAAgB,cAAc,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,IAAI,CAYtE"}
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
import { resolve, relative, isAbsolute, dirname, basename } from 'node:path';
|
|
2
|
+
import { existsSync, realpathSync } from 'node:fs';
|
|
3
|
+
/**
|
|
4
|
+
* Resolve symlinks starting from the deepest existing path component.
|
|
5
|
+
* Handles paths that don't yet exist by walking up to the nearest existing ancestor.
|
|
6
|
+
*/
|
|
7
|
+
function resolveReal(p) {
|
|
8
|
+
if (existsSync(p))
|
|
9
|
+
return realpathSync(p);
|
|
10
|
+
const parent = dirname(p);
|
|
11
|
+
if (parent === p)
|
|
12
|
+
return p; // filesystem root
|
|
13
|
+
return resolve(resolveReal(parent), basename(p));
|
|
14
|
+
}
|
|
15
|
+
/**
|
|
16
|
+
* Asserts that filePath is contained within rootDir.
|
|
17
|
+
* Throws if the resolved path (including symlinks) escapes the root.
|
|
18
|
+
*/
|
|
19
|
+
export function assertSafePath(filePath, rootDir) {
|
|
20
|
+
const abs = resolve(filePath);
|
|
21
|
+
const rel = relative(rootDir, abs);
|
|
22
|
+
if (rel.startsWith('..') || isAbsolute(rel)) {
|
|
23
|
+
throw new Error(`Path traversal blocked: "${filePath}" is outside working directory "${rootDir}"`);
|
|
24
|
+
}
|
|
25
|
+
// Resolve symlinks to catch traversal via symlinks inside workDir
|
|
26
|
+
const real = resolveReal(abs);
|
|
27
|
+
const realRel = relative(rootDir, real);
|
|
28
|
+
if (realRel.startsWith('..') || isAbsolute(realRel)) {
|
|
29
|
+
throw new Error(`Path traversal via symlink blocked: "${filePath}" resolves outside working directory "${rootDir}"`);
|
|
30
|
+
}
|
|
31
|
+
}
|
|
32
|
+
//# sourceMappingURL=path-guard.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"path-guard.js","sourceRoot":"","sources":["../../../src/tools/builtin/path-guard.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,WAAW,CAAC;AAC7E,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAEnD;;;GAGG;AACH,SAAS,WAAW,CAAC,CAAS;IAC5B,IAAI,UAAU,CAAC,CAAC,CAAC;QAAE,OAAO,YAAY,CAAC,CAAC,CAAC,CAAC;IAC1C,MAAM,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;IAC1B,IAAI,MAAM,KAAK,CAAC;QAAE,OAAO,CAAC,CAAC,CAAC,kBAAkB;IAC9C,OAAO,OAAO,CAAC,WAAW,CAAC,MAAM,CAAC,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;AACnD,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,cAAc,CAAC,QAAgB,EAAE,OAAe;IAC9D,MAAM,GAAG,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;IAC9B,MAAM,GAAG,GAAG,QAAQ,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;IACnC,IAAI,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QAC5C,MAAM,IAAI,KAAK,CAAC,4BAA4B,QAAQ,mCAAmC,OAAO,GAAG,CAAC,CAAC;IACrG,CAAC;IACD,kEAAkE;IAClE,MAAM,IAAI,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC;IAC9B,MAAM,OAAO,GAAG,QAAQ,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;IACxC,IAAI,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;QACpD,MAAM,IAAI,KAAK,CAAC,wCAAwC,QAAQ,yCAAyC,OAAO,GAAG,CAAC,CAAC;IACvH,CAAC;AACH,CAAC"}
|
|
@@ -1,3 +1,10 @@
|
|
|
1
1
|
import type { AgentTool } from '../../contracts/entities/agent-tool.js';
|
|
2
|
-
|
|
2
|
+
/** Minimal DNS resolver interface — injectable for testing. */
|
|
3
|
+
export interface DnsResolver {
|
|
4
|
+
resolve4(hostname: string): Promise<string[]>;
|
|
5
|
+
resolve6(hostname: string): Promise<string[]>;
|
|
6
|
+
}
|
|
7
|
+
export declare function createWebFetchTool(options?: {
|
|
8
|
+
dnsResolver?: DnsResolver;
|
|
9
|
+
}): AgentTool;
|
|
3
10
|
//# sourceMappingURL=web-fetch.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"web-fetch.d.ts","sourceRoot":"","sources":["../../../src/tools/builtin/web-fetch.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,wCAAwC,CAAC;
|
|
1
|
+
{"version":3,"file":"web-fetch.d.ts","sourceRoot":"","sources":["../../../src/tools/builtin/web-fetch.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,wCAAwC,CAAC;AA0ExE,+DAA+D;AAC/D,MAAM,WAAW,WAAW;IAC1B,QAAQ,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;IAC9C,QAAQ,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;CAC/C;AA0GD,wBAAgB,kBAAkB,CAAC,OAAO,CAAC,EAAE;IAAE,WAAW,CAAC,EAAE,WAAW,CAAA;CAAE,GAAG,SAAS,CAuFrF"}
|