aica-cli 0.0.1

package/README.md

@@ -0,0 +1,11 @@
+# aica
+
+AI-ассистент мост между LLM в чате и локальной файловой системой разработчика.
+
+## Установка
+
+```bash
+git clone <repo> aica
+cd aica
+npm install
+npm link   # для глобальной команды `aica`

package/bin/aica.js

@@ -0,0 +1,147 @@
+#!/usr/bin/env node
+
+import chalk from 'chalk';
+import { generatePassword } from '../lib/password.js';
+import { startServer } from '../lib/server.js';
+import { setupUPnP, createCloudflareTunnel, getExternalIP } from '../lib/tunnel.js';
+import { showStartupUI } from '../lib/ui.js';
+
+async function main() {
+    const args = process.argv.slice(2);
+
+    const role = args.find(arg => !arg.startsWith('--'));
+    const useUPnP = args.includes('--upnp');
+    const useIP = args.includes('--ip');
+    const useCloudflared = args.includes('--cloudflared');
+    const useQPost = args.includes('--q-post');
+    const useQGet = args.includes('--q-get');
+    const useQMix = args.includes('--q-mix');
+    const useAuto = args.includes('--auto');
+
+    // Проверка что только один режим
+    const modes = [useQPost, useQGet, useQMix].filter(Boolean).length;
+    if (modes > 1) {
+        console.error('❌ Можно указать только один режим: --q-post, --q-get или --q-mix');
+        process.exit(1);
+    }
+
+    // По умолчанию mixed
+    const requestMode = useQPost ? 'post' : useQGet ? 'get' : 'mixed';
+
+    const portIndex = args.indexOf('--port');
+    let customPort = null;
+    if (portIndex !== -1) {
+        const portArg = args[portIndex + 1];
+        customPort = parseInt(portArg, 10);
+        if (isNaN(customPort) || customPort < 1 || customPort > 65535) {
+            console.error('❌ Неверный порт');
+            process.exit(1);
+        }
+    }
+
+    const urlIndex = args.indexOf('--url');
+    let publicUrl = null;
+    if (urlIndex !== -1) {
+        publicUrl = args[urlIndex + 1];
+    }
+
+    if (!role) {
+        console.error('❌ Укажите роль: aica <role> [flags]');
+        console.error('');
+        console.error('Флаги:');
+        console.error('  --port <N>        Порт сервера (по умолчанию 3000)');
+        console.error('  --url <URL>       Публичный URL для промпта');
+        console.error('  --upnp            Внешний IP + UPnP проброс порта');
+        console.error('  --ip              Только внешний IP');
+        console.error('  --cloudflared     Туннель через cloudflared');
+        console.error('  --q-mix           Режим mixed: GET для чтения, POST для изменений (по умолчанию)');
+        console.error('  --q-get           Режим get: всё через GET');
+        console.error('  --q-post          Режим post: всё через POST');
+        console.error('  --auto            Автономный режим: без подтверждений');
+        process.exit(1);
+    }
+
+    const workdir = process.cwd();
+    const password = generatePassword();
+    const startPort = customPort || 3000;
+    const port = await findAvailablePort(startPort);
+
+    const listenHost = (useUPnP || useIP) ? '0.0.0.0' : '127.0.0.1';
+    const server = await startServer({ workdir, role, password, port, listenHost, requestMode, autoMode: useAuto, publicUrl });
+
+    let upnpClient = null;
+    let tunnelUrl = null;
+    let tunnelProcess = null;
+    let externalIP = null;
+
+    if (useUPnP) {
+        try {
+            externalIP = await getExternalIP();
+            console.log(chalk.green(` ✅ Внешний IP: ${externalIP}`));
+        } catch (e) {
+            console.log(chalk.yellow(' ⚠️  Не удалось определить внешний IP'));
+        }
+        try {
+            upnpClient = await setupUPnP(port);
+        } catch (e) {
+            console.log(chalk.yellow(' ⚠️  UPnP не сработал'));
+        }
+    }
+
+    if (useIP) {
+        try {
+            externalIP = await getExternalIP();
+            console.log(chalk.green(` ✅ Внешний IP: ${externalIP}`));
+        } catch (e) {
+            console.log(chalk.yellow(' ⚠️  Не удалось определить внешний IP'));
+        }
+    }
+
+    if (useCloudflared) {
+        try {
+            const result = await createCloudflareTunnel(port);
+            tunnelUrl = result.url;
+            tunnelProcess = result.process;
+        } catch (e) {
+            console.log(chalk.yellow(' ⚠️  Туннель не создан'));
+        }
+    }
+
+    showStartupUI({
+        role, workdir, port, password, tunnelUrl, externalIP, publicUrl,
+        useUPnP, useIP, useCloudflared, requestMode, autoMode: useAuto
+    });
+
+    const cleanup = () => {
+        if (upnpClient) {
+            try { upnpClient.portUnmapping({ public: port }); } catch {}
+        }
+        if (tunnelProcess) {
+            try { tunnelProcess.kill(); } catch {}
+        }
+        process.exit(0);
+    };
+
+    process.on('SIGINT', cleanup);
+    process.on('SIGTERM', cleanup);
+}
+
+async function findAvailablePort(startPort) {
+    const net = await import('net');
+    for (let port = startPort; port < startPort + 100; port++) {
+        try {
+            await new Promise((resolve, reject) => {
+                const server = net.createServer();
+                server.listen(port, () => server.close(() => resolve()));
+                server.on('error', reject);
+            });
+            return port;
+        } catch (e) {}
+    }
+    throw new Error('Нет свободных портов');
+}
+
+main().catch(err => {
+    console.error('❌ Ошибка запуска:', err.message);
+    process.exit(1);
+});

package/lib/actions.js

@@ -0,0 +1,131 @@
+import fs from 'fs';
+import path from 'path';
+import { applyPatch } from 'diff';
+import { execSync } from 'child_process';
+import { validatePath, validateCommand, loadAllowedCommands } from './security.js';
+import { BackupManager } from './backup.js';
+
+export class ActionExecutor {
+    constructor(workdir, logDir) {
+        this.workdir = workdir;
+        this.backup = new BackupManager(logDir);
+        this.allowedCommands = loadAllowedCommands(workdir);
+    }
+
+    execute(action) {
+        if (action.action === 'sequence') {
+            return this.executeSequence(action.steps);
+        }
+
+        return this.executeSingle(action);
+    }
+
+    executeSingle(action) {
+        if (action.action === 'exec') {
+            return this.executeCommand(action.command);
+        }
+
+        const filePath = action.file || action.path;
+        const abs = validatePath(filePath, this.workdir);
+
+        if (!['create', 'delete'].includes(action.action)) {
+            this.backup.create(abs);
+        }
+
+        switch (action.action) {
+            case 'patch':
+                return this.applyPatch(abs, action.diff);
+            case 'replace':
+                return this.replaceFile(abs, action.content);
+            case 'create':
+                return this.createFile(abs, action.content);
+            case 'delete':
+                return this.deleteFile(abs);
+            case 'rename':
+                return this.renameFile(abs, action.to);
+            case 'append':
+                return this.appendFile(abs, action.content);
+            default:
+                throw new Error(`unknown_action: ${action.action}`);
+        }
+    }
+
+    executeSequence(steps) {
+        const results = [];
+
+        for (const step of steps) {
+            try {
+                const result = this.executeSingle(step);
+                results.push({ step: step.stepIndex, action: step.action, status: 'success', result });
+            } catch (e) {
+                results.push({ step: step.stepIndex, action: step.action, status: 'failed', error: e.message });
+                throw new SequenceError(results, e.message);
+            }
+        }
+
+        return { sequence: true, results };
+    }
+
+    executeCommand(command) {
+        validateCommand(command, this.allowedCommands);
+
+        try {
+            const out = execSync(command, {
+                encoding: 'utf8',
+                timeout: 120000,
+                cwd: this.workdir,
+                maxBuffer: 10 * 1024 * 1024
+            });
+            return { success: true, output: out };
+        } catch (e) {
+            return {
+                success: false,
+                output: (e.stdout || '') + (e.stderr || ''),
+                exitCode: e.status
+            };
+        }
+    }
+
+    applyPatch(abs, diff) {
+        const original = fs.readFileSync(abs, 'utf8');
+        const result = applyPatch(original, diff);
+        if (result === false) throw new Error('patch_conflict');
+        fs.writeFileSync(abs, result);
+        return 'patched';
+    }
+
+    replaceFile(abs, content) {
+        fs.writeFileSync(abs, content);
+        return 'replaced';
+    }
+
+    createFile(abs, content) {
+        fs.mkdirSync(path.dirname(abs), { recursive: true });
+        fs.writeFileSync(abs, content);
+        return 'created';
+    }
+
+    deleteFile(abs) {
+        fs.unlinkSync(abs);
+        return 'deleted';
+    }
+
+    renameFile(abs, to) {
+        const toAbs = validatePath(to, this.workdir);
+        fs.renameSync(abs, toAbs);
+        return 'renamed';
+    }
+
+    appendFile(abs, content) {
+        fs.appendFileSync(abs, content);
+        return 'appended';
+    }
+}
+
+export class SequenceError extends Error {
+    constructor(results, message) {
+        super(message);
+        this.name = 'SequenceError';
+        this.results = results;
+    }
+}

package/lib/backup.js

@@ -0,0 +1,40 @@
+import fs from 'fs';
+import path from 'path';
+
+export class BackupManager {
+    constructor(logDir) {
+        this.logDir = logDir;
+    }
+
+    create(filePath) {
+        if (!fs.existsSync(filePath)) return null;
+
+        const ts = new Date().toISOString().replace(/[:.]/g, '-');
+        const name = path.basename(filePath);
+        const backupPath = path.join(this.logDir, `.backup_${name}_${ts}`);
+
+        fs.copyFileSync(filePath, backupPath);
+        return backupPath;
+    }
+
+    getLatest(filePath) {
+        const name = path.basename(filePath);
+        const pattern = `.backup_${name}_`;
+
+        const backups = fs.readdirSync(this.logDir)
+            .filter(f => f.startsWith(pattern))
+            .sort()
+            .reverse();
+
+        if (backups.length === 0) return null;
+        return path.join(this.logDir, backups[0]);
+    }
+
+    restore(filePath) {
+        const latest = this.getLatest(filePath);
+        if (!latest) throw new Error('No backup found');
+
+        fs.copyFileSync(latest, filePath);
+        return latest;
+    }
+}

package/lib/logger.js

@@ -0,0 +1,63 @@
+import fs from 'fs';
+import path from 'path';
+import chalk from 'chalk';
+
+export class Logger {
+    constructor(workdir) {
+        this.workdir = workdir;
+        this.logDir = path.join(workdir, '.ai-log');
+        this.requestsLog = path.join(this.logDir, 'requests.log');
+        this.counterFile = path.join(this.logDir, 'counter.txt');
+
+        fs.mkdirSync(this.logDir, { recursive: true });
+        this.ensureGitignore();
+    }
+
+    ensureGitignore() {
+        const gi = path.join(this.workdir, '.gitignore');
+        let content = fs.existsSync(gi) ? fs.readFileSync(gi, 'utf8') : '';
+        const additions = [];
+        if (!content.includes('.ai-log')) additions.push('.ai-log/');
+        if (!content.includes('ai-patch-')) additions.push('ai-patch-*.txt');
+
+        if (additions.length > 0) {
+            content += '\n# aica agent\n' + additions.join('\n') + '\n';
+            fs.writeFileSync(gi, content);
+        }
+    }
+
+    logRequest(method, endpoint, body) {
+        const timestamp = new Date().toISOString();
+        const entry = {
+            time: timestamp,
+            method,
+            endpoint,
+            path: body.path,
+            reason: body.reason,
+            context: body.context
+        };
+
+        fs.appendFileSync(this.requestsLog, JSON.stringify(entry) + '\n');
+
+        console.log(chalk.gray(`[${timestamp.slice(11, 19)}] ${method} ${endpoint} ${body.path || ''}`));
+        if (body.reason) console.log(chalk.gray(`  💭 "${body.reason}"`));
+    }
+
+    getNextId() {
+        let counter = 0;
+        if (fs.existsSync(this.counterFile)) {
+            counter = parseInt(fs.readFileSync(this.counterFile, 'utf8'), 10) || 0;
+        }
+        counter++;
+        fs.writeFileSync(this.counterFile, String(counter));
+        return counter;
+    }
+
+    getRecentRequests(limit = 5) {
+        if (!fs.existsSync(this.requestsLog)) return [];
+        const lines = fs.readFileSync(this.requestsLog, 'utf8').trim().split('\n');
+        return lines.slice(-limit).map(l => {
+            try { return JSON.parse(l); } catch { return null; }
+        }).filter(Boolean);
+    }
+}

package/lib/parser.js

@@ -0,0 +1,94 @@
+export function parseActionFile(text) {
+    const splitIndex = text.search(/\n\s*\n/);
+    const headerPart = splitIndex === -1 ? text : text.slice(0, splitIndex);
+    const body = splitIndex === -1 ? '' : text.slice(splitIndex).replace(/^\s*\n/, '');
+
+    const headers = {};
+    for (const line of headerPart.split('\n')) {
+        const m = line.match(/^([A-Za-z-]+):\s*(.*)$/);
+        if (m) headers[m[1].toLowerCase()] = m[2].trim();
+    }
+
+    if (!headers.action) throw new Error('parse_error: missing Action header');
+
+    if (headers.action === 'sequence') {
+        return parseSequence(body, headers);
+    }
+
+    return parseSingleAction(body, headers);
+}
+
+function parseSequence(body, headers) {
+    const parts = body.split(/\n---\n/).map(p => p.trim()).filter(Boolean);
+
+    if (parts.length === 0) {
+        throw new Error('parse_error: empty sequence');
+    }
+
+    const steps = [];
+    for (let i = 0; i < parts.length; i++) {
+        const part = parts[i];
+        const stepSplitIndex = part.search(/\n\s*\n/);
+        const stepHeaderPart = stepSplitIndex === -1 ? part : part.slice(0, stepSplitIndex);
+        const stepBody = stepSplitIndex === -1 ? '' : part.slice(stepSplitIndex).replace(/^\s*\n/, '');
+
+        const stepHeaders = {};
+        for (const line of stepHeaderPart.split('\n')) {
+            const m = line.match(/^([A-Za-z-]+):\s*(.*)$/);
+            if (m) stepHeaders[m[1].toLowerCase()] = m[2].trim();
+        }
+
+        if (!stepHeaders.action) {
+            throw new Error(`parse_error: step ${i + 1} missing Action`);
+        }
+
+        const step = parseSingleAction(stepBody, stepHeaders);
+        step.stepIndex = i + 1;
+        steps.push(step);
+    }
+
+    return {
+        action: 'sequence',
+        description: headers.description,
+        reason: headers.reason,
+        notify: headers.notify !== undefined ? headers.notify.toLowerCase() === 'true' : true,
+        steps
+    };
+}
+
+function parseSingleAction(body, headers) {
+    const validActions = ['patch', 'replace', 'create', 'delete', 'rename', 'append', 'exec'];
+
+    if (!validActions.includes(headers.action)) {
+        throw new Error(`parse_error: unknown action "${headers.action}"`);
+    }
+
+    const result = { ...headers };
+
+    if (headers.notify !== undefined) {
+        result.notify = headers.notify.toLowerCase() === 'true';
+    } else {
+        result.notify = true;
+    }
+
+    if (['patch', 'replace', 'create', 'delete', 'rename', 'append'].includes(headers.action)) {
+        if (!headers.file && !headers.path) {
+            throw new Error(`parse_error: missing File header for ${headers.action}`);
+        }
+    }
+
+    if (headers.action === 'exec') {
+        if (!headers.command) {
+            throw new Error('parse_error: missing Command header for exec');
+        }
+    }
+
+    if (headers.action === 'patch') {
+        result.diff = body;
+        if (!body.trim()) throw new Error('parse_error: empty diff');
+    } else if (['replace', 'create', 'append'].includes(headers.action)) {
+        result.content = body;
+    }
+
+    return result;
+}

package/lib/password.js

@@ -0,0 +1,8 @@
+export function generatePassword() {
+    const chars = 'abcdefghijkmnpqrstuvwxyz23456789';
+    let password = '';
+    for (let i = 0; i < 8; i++) {
+        password += chars[Math.floor(Math.random() * chars.length)];
+    }
+    return password;
+}

package/lib/security.js

@@ -0,0 +1,121 @@
+import fs from 'fs';
+import path from 'path';
+
+const FORBIDDEN_PATTERNS = [
+    /node_modules/i,
+    /\.env(\..*)?$/i,
+    /\.git\//i,
+    /\.ai-log/i,
+    /ai-patch-/i,
+    /agent\.js/i,
+    /\.key$/i,
+    /secret/i,
+    /private.*key/i,
+    /token/i
+];
+
+const DEFAULT_ALLOWED_COMMANDS = [
+    'npm test',
+    'npm run *',
+    'npx jest',
+    'npx vitest',
+    'npx eslint *',
+    'npx tsc',
+    'npx tsc --*',
+    'yarn test',
+    'yarn run *',
+    'pnpm test',
+    'pnpm run *'
+];
+
+export function validatePath(filePath, workdir) {
+    if (!filePath) throw new Error('forbidden_path: path is required');
+    
+    const abs = path.resolve(workdir, filePath);
+    
+    if (!abs.startsWith(path.resolve(workdir))) {
+        throw new Error('forbidden_path: outside workspace');
+    }
+    
+    // Исправлено: исключаем lib/ из проверки password
+    const relativePath = path.relative(workdir, abs);
+    if (!relativePath.startsWith('lib' + path.sep) && !relativePath.startsWith('lib/')) {
+        for (const pattern of FORBIDDEN_PATTERNS) {
+            if (pattern.test(abs)) {
+                throw new Error(`forbidden_path: matches ${pattern}`);
+            }
+        }
+    } else {
+        // Для lib/ проверяем все паттерны кроме password
+        const libPatterns = FORBIDDEN_PATTERNS.filter(p => p.source !== 'password');
+        for (const pattern of libPatterns) {
+            if (pattern.test(abs)) {
+                throw new Error(`forbidden_path: matches ${pattern}`);
+            }
+        }
+    }
+    
+    return abs;
+}
+
+export function isGitignored(absPath, workdir) {
+    try {
+        const gitignorePath = path.join(workdir, '.gitignore');
+        if (!fs.existsSync(gitignorePath)) return false;
+        
+        const content = fs.readFileSync(gitignorePath, 'utf8');
+        const relPath = path.relative(workdir, absPath);
+        
+        for (const line of content.split('\n')) {
+            const pattern = line.trim();
+            if (!pattern || pattern.startsWith('#')) continue;
+            
+            if (relPath.includes(pattern.replace(/\*/g, ''))) {
+                return true;
+            }
+        }
+        return false;
+    } catch {
+        return false;
+    }
+}
+
+export function loadAllowedCommands(workdir) {
+    const configPath = path.join(workdir, 'aica.config.json');
+    
+    if (fs.existsSync(configPath)) {
+        try {
+            const config = JSON.parse(fs.readFileSync(configPath, 'utf8'));
+            if (Array.isArray(config.allowedCommands)) {
+                return config.allowedCommands;
+            }
+        } catch (e) {
+            console.warn(`⚠️  Ошибка чтения aica.config.json: ${e.message}`);
+        }
+    }
+    
+    return DEFAULT_ALLOWED_COMMANDS;
+}
+
+export function validateCommand(command, allowedCommands) {
+    if (!command || typeof command !== 'string') {
+        throw new Error('forbidden_command: empty command');
+    }
+    
+    const cmd = command.trim();
+    
+    if (/[;&|`$]/.test(cmd)) {
+        throw new Error('forbidden_command: shell metacharacters not allowed');
+    }
+    
+    for (const pattern of allowedCommands) {
+        if (pattern.includes('*')) {
+            const regex = new RegExp('^' + pattern.replace(/\*/g, '.*') + '$');
+            if (regex.test(cmd)) return true;
+        } else if (cmd === pattern) {
+            return true;
+        }
+    }
+    
+    throw new Error(`forbidden_command: "${cmd}" not in whitelist`);
+}