ai-evaluate 2.1.8 → 2.2.0

package/src/repl.ts

@@ -1,228 +0,0 @@
-/**
- * REPL session support for ai-evaluate
- *
- * Provides persistent evaluation sessions with context preservation.
- */
-
-import type { EvaluateOptions, EvaluateResult, SandboxEnv, SDKConfig } from './types.js'
-
-/**
- * REPL session configuration
- */
-export interface ReplSessionConfig {
-  /** Use local Miniflare instead of remote workers */
-  local?: boolean
-  /** Authentication token for remote execution */
-  auth?: string
-  /** SDK configuration for platform primitives */
-  sdk?: SDKConfig | boolean
-  /** Code to run when session starts (defines globals, imports) */
-  prelude?: string
-  /** Timeout for each evaluation in milliseconds */
-  timeout?: number
-  /** Allow network access */
-  allowNetwork?: boolean
-}
-
-/**
- * Result from a REPL evaluation
- */
-export interface ReplEvalResult extends EvaluateResult {
-  /** Variables exported during evaluation */
-  exports?: Record<string, unknown>
-}
-
-/**
- * REPL session with persistent context
- */
-export interface ReplSession {
-  /** Evaluate code in the session context */
-  eval(code: string): Promise<ReplEvalResult>
-
-  /** Get current session context (accumulated exports) */
-  getContext(): Record<string, unknown>
-
-  /** Set a value in the session context */
-  setContext(key: string, value: unknown): void
-
-  /** Clear the session context */
-  clearContext(): void
-
-  /** Run prelude code (called automatically on first eval) */
-  runPrelude(): Promise<void>
-
-  /** Close the session and release resources */
-  close(): Promise<void>
-}
-
-/**
- * Create a REPL session for interactive code evaluation
- *
- * @example
- * ```ts
- * import { createReplSession } from 'ai-evaluate/repl'
- *
- * const session = await createReplSession({ local: true })
- *
- * await session.eval('const sum = (a, b) => a + b')
- * const result = await session.eval('sum(1, 2)')
- * console.log(result.value) // 3
- *
- * await session.close()
- * ```
- */
-export async function createReplSession(
-  config?: ReplSessionConfig,
-  env?: SandboxEnv
-): Promise<ReplSession> {
-  // Context accumulates across evaluations
-  let context: Record<string, unknown> = {}
-  let preludeRun = false
-  let miniflare: unknown = null
-
-  // Build module code from accumulated context
-  function buildContextModule(): string {
-    const entries = Object.entries(context)
-    if (entries.length === 0) return ''
-
-    return entries
-      .map(([key, value]) => {
-        if (typeof value === 'function') {
-          return `export const ${key} = ${value.toString()}`
-        }
-        return `export const ${key} = ${JSON.stringify(value)}`
-      })
-      .join('\n')
-  }
-
-  // Get the evaluate function (local or remote)
-  async function getEvaluate(): Promise<
-    (options: EvaluateOptions, env?: SandboxEnv) => Promise<EvaluateResult>
-  > {
-    if (config?.local) {
-      // Use local Miniflare via node.ts
-      const { evaluate } = await import('./node.js')
-      return evaluate
-    } else if (env) {
-      // Use remote worker loaders
-      const { evaluate } = await import('./evaluate.js')
-      return (options) => evaluate(options, env)
-    } else {
-      // Default to local if no env
-      const { evaluate } = await import('./node.js')
-      return evaluate
-    }
-  }
-
-  const evaluate = await getEvaluate()
-
-  async function runPrelude(): Promise<void> {
-    if (preludeRun || !config?.prelude) return
-    preludeRun = true
-
-    const result = await evaluate(
-      {
-        module: config.prelude,
-        script: 'return Object.keys(module)',
-        sdk: config.sdk,
-        timeout: config.timeout,
-        fetch: config.allowNetwork === false ? null : undefined,
-      },
-      env
-    )
-
-    if (result.success && Array.isArray(result.value)) {
-      // Store exported names in context
-      for (const key of result.value) {
-        context[key] = `__prelude_${key}__`
-      }
-    }
-  }
-
-  return {
-    async eval(code: string): Promise<ReplEvalResult> {
-      await runPrelude()
-
-      // Wrap code to capture any declared variables
-      const contextModule = buildContextModule()
-      const preludeModule = config?.prelude || ''
-
-      // Try to parse as expression first, then as statement
-      const isExpression =
-        !code.includes('const ') &&
-        !code.includes('let ') &&
-        !code.includes('function ') &&
-        !code.includes('class ') &&
-        !code.includes('export ')
-
-      const script = isExpression
-        ? `return (${code})`
-        : code.includes('return ')
-        ? code
-        : `${code}\nreturn undefined`
-
-      const result = await evaluate(
-        {
-          module: preludeModule + '\n' + contextModule,
-          script,
-          sdk: config?.sdk,
-          timeout: config?.timeout,
-          fetch: config?.allowNetwork === false ? null : undefined,
-        },
-        env
-      )
-
-      return result
-    },
-
-    getContext(): Record<string, unknown> {
-      return { ...context }
-    },
-
-    setContext(key: string, value: unknown): void {
-      context[key] = value
-    },
-
-    clearContext(): void {
-      context = {}
-    },
-
-    runPrelude,
-
-    async close(): Promise<void> {
-      context = {}
-      preludeRun = false
-      if (
-        miniflare &&
-        typeof (miniflare as { dispose?: () => Promise<void> }).dispose === 'function'
-      ) {
-        await (miniflare as { dispose: () => Promise<void> }).dispose()
-        miniflare = null
-      }
-    },
-  }
-}
-
-/**
- * Quick evaluation helper for one-off evaluations
- *
- * @example
- * ```ts
- * import { quickEval } from 'ai-evaluate/repl'
- *
- * const result = await quickEval('1 + 2 * 3')
- * console.log(result.value) // 7
- * ```
- */
-export async function quickEval(
-  code: string,
-  config?: ReplSessionConfig,
-  env?: SandboxEnv
-): Promise<ReplEvalResult> {
-  const session = await createReplSession(config, env)
-  try {
-    return await session.eval(code)
-  } finally {
-    await session.close()
-  }
-}

package/src/shared.ts

@@ -1,186 +0,0 @@
-/**
- * Shared utilities for ai-evaluate
- *
- * Contains constants and helper functions used by both
- * evaluate.ts (Workers) and node.ts (Node.js/Miniflare)
- */
-
-import type { EvaluateResult } from './types.js'
-
-/**
- * Compatibility date for dynamic workers (2026)
- */
-export const COMPATIBILITY_DATE = '2026-01-01'
-
-/**
- * Normalize an import specifier to a full URL
- *
- * Supports:
- * - Full URLs: https://esm.sh/lodash@4.17.21 (unchanged)
- * - Bare package names: lodash -> https://esm.sh/lodash
- * - Package with version: lodash@4.17.21 -> https://esm.sh/lodash@4.17.21
- * - Scoped packages: @scope/pkg -> https://esm.sh/@scope/pkg
- */
-export function normalizeImport(specifier: string): string {
-  // Already a URL - return as-is
-  if (specifier.includes('://')) {
-    return specifier
-  }
-
-  // Bare package name or scoped package - prepend esm.sh
-  return `https://esm.sh/${specifier}`
-}
-
-/**
- * Normalize an array of import specifiers
- */
-export function normalizeImports(imports: string[] | undefined): string[] | undefined {
-  if (!imports || imports.length === 0) return imports
-  return imports.map(normalizeImport)
-}
-
-/**
- * Extract package name from import specifier for variable naming
- * Supports: lodash, lodash@4.17.21, @scope/pkg, https://esm.sh/lodash
- */
-export function extractPackageName(specifier: string, index: number): string {
-  let pkgName: string
-  if (specifier.includes('://')) {
-    // Full URL - extract from path
-    const match = specifier.match(/esm\.sh\/(@?[^@/]+)/)
-    pkgName = match ? match[1].replace(/^@/, '').replace(/-/g, '_') : `pkg${index}`
-  } else {
-    // Bare package name - extract before @ version
-    pkgName = specifier.split('@')[0].replace(/^@/, '').replace(/-/g, '_').replace(/\//g, '_')
-  }
-  return pkgName
-}
-
-/**
- * Default sandbox URL for worker fetch requests
- */
-export const SANDBOX_URL = 'http://sandbox/execute'
-
-/**
- * Generate a unique sandbox worker ID
- */
-export const generateSandboxId = (): string =>
-  `sandbox-${Date.now()}-${Math.random().toString(36).slice(2)}`
-
-/**
- * Create an error result with consistent structure
- */
-export function createErrorResult(error: unknown, start: number): EvaluateResult {
-  return {
-    success: false,
-    logs: [],
-    error: error instanceof Error ? error.message : String(error),
-    duration: Date.now() - start,
-  }
-}
-
-/**
- * Process a result from worker execution, adding duration
- */
-export function processResult(result: EvaluateResult, start: number): EvaluateResult {
-  return {
-    ...result,
-    duration: Date.now() - start,
-  }
-}
-
-/**
- * Check if a domain matches a pattern (supports wildcards)
- * @param domain - The domain to check (e.g., 'api.example.com')
- * @param pattern - The pattern to match against (e.g., '*.example.com' or 'api.example.com')
- * @returns true if the domain matches the pattern
- */
-export function matchesDomainPattern(domain: string, pattern: string): boolean {
-  // Normalize both to lowercase
-  const normalizedDomain = domain.toLowerCase()
-  const normalizedPattern = pattern.toLowerCase()
-
-  // Exact match
-  if (normalizedDomain === normalizedPattern) {
-    return true
-  }
-
-  // Wildcard pattern: *.example.com
-  if (normalizedPattern.startsWith('*.')) {
-    const suffix = normalizedPattern.slice(2) // Remove '*.'
-    // Domain must end with the suffix and have at least one character before it
-    // e.g., 'api.example.com' matches '*.example.com'
-    // but 'example.com' does not match '*.example.com'
-    return normalizedDomain.endsWith('.' + suffix) || normalizedDomain === suffix
-  }
-
-  return false
-}
-
-/**
- * Check if a URL's domain is in the allowed list
- * @param url - The URL to check
- * @param allowedDomains - List of allowed domains (supports wildcards like '*.example.com')
- * @returns true if the URL's domain is allowed
- */
-export function isDomainAllowed(url: string, allowedDomains: string[]): boolean {
-  try {
-    const parsedUrl = new URL(url)
-    const hostname = parsedUrl.hostname
-
-    for (const pattern of allowedDomains) {
-      if (matchesDomainPattern(hostname, pattern)) {
-        return true
-      }
-    }
-
-    return false
-  } catch {
-    // Invalid URL - not allowed
-    return false
-  }
-}
-
-/**
- * Generate JavaScript code for domain checking in workers
- * This is embedded into the worker source code
- */
-export function generateDomainCheckCode(allowedDomains: string[]): string {
-  const domainsJson = JSON.stringify(allowedDomains)
-
-  return `
-// Domain allowlist checking
-const __allowedDomains__ = ${domainsJson};
-
-const __matchesDomainPattern__ = (domain, pattern) => {
-  const normalizedDomain = domain.toLowerCase();
-  const normalizedPattern = pattern.toLowerCase();
-  if (normalizedDomain === normalizedPattern) return true;
-  if (normalizedPattern.startsWith('*.')) {
-    const suffix = normalizedPattern.slice(2);
-    return normalizedDomain.endsWith('.' + suffix) || normalizedDomain === suffix;
-  }
-  return false;
-};
-
-const __isDomainAllowed__ = (url) => {
-  try {
-    const parsedUrl = new URL(url);
-    const hostname = parsedUrl.hostname;
-    for (const pattern of __allowedDomains__) {
-      if (__matchesDomainPattern__(hostname, pattern)) return true;
-    }
-    return false;
-  } catch { return false; }
-};
-
-const __originalFetch__ = globalThis.fetch;
-globalThis.fetch = async (input, init) => {
-  const url = typeof input === 'string' ? input : input instanceof Request ? input.url : String(input);
-  if (!__isDomainAllowed__(url)) {
-    throw new Error(\`Network access blocked: domain not in allowlist. Attempted: \${new URL(url).hostname}\`);
-  }
-  return __originalFetch__(input, init);
-};
-`
-}