code-graph-context 1.0.0 → 2.0.0

package/dist/core/config/nestjs-framework-schema.js

@@ -103,6 +103,14 @@ function extractModuleControllers(node) {
 function extractModuleExports(node) {
     return extractModuleArrayProperty(node, 'exports');
 }
+/**
+ * Escapes special regex characters in a string to prevent ReDoS attacks.
+ * @param str The string to escape
+ * @returns The escaped string safe for use in a regex
+ */
+function escapeRegexChars(str) {
+    return str.replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
+}
 function extractModuleArrayProperty(node, propertyName) {
     const decorator = node.getDecorator('Module');
     if (!decorator)
@@ -111,7 +119,9 @@ function extractModuleArrayProperty(node, propertyName) {
     if (args.length === 0)
         return [];
     const configText = args[0].getText();
-    const regex = new RegExp(`${propertyName}\\s*:\\s*\\[([^\\]]+)\\]`);
+    // SECURITY: Escape propertyName to prevent ReDoS attacks
+    const escapedPropertyName = escapeRegexChars(propertyName);
+    const regex = new RegExp(`${escapedPropertyName}\\s*:\\s*\\[([^\\]]+)\\]`);
     const match = configText.match(regex);
     if (!match)
         return [];

package/dist/core/config/schema.js

@@ -193,7 +193,7 @@ export const CORE_TYPESCRIPT_SCHEMA = {
             relationships: [
                 {
                     edgeType: CoreEdgeType.EXTENDS,
-                    method: 'getBaseClass',
+                    method: 'getExtends', // Use getExtends() instead of getBaseClass() - works in lazy mode
                     cardinality: 'single',
                     targetNodeType: CoreNodeType.CLASS_DECLARATION,
                 },

package/dist/core/config/timeouts.js

@@ -0,0 +1,27 @@
+/**
+ * Timeout Configuration
+ * Centralized timeout settings for external services (Neo4j, OpenAI)
+ */
+export const TIMEOUT_DEFAULTS = {
+    neo4j: {
+        queryTimeoutMs: 30_000, // 30 seconds
+        connectionTimeoutMs: 10_000, // 10 seconds
+    },
+    openai: {
+        embeddingTimeoutMs: 60_000, // 60 seconds
+        assistantTimeoutMs: 120_000, // 2 minutes (assistant/threads can take longer)
+    },
+};
+/**
+ * Get timeout configuration with environment variable overrides
+ */
+export const getTimeoutConfig = () => ({
+    neo4j: {
+        queryTimeoutMs: parseInt(process.env.NEO4J_QUERY_TIMEOUT_MS ?? '', 10) || TIMEOUT_DEFAULTS.neo4j.queryTimeoutMs,
+        connectionTimeoutMs: parseInt(process.env.NEO4J_CONNECTION_TIMEOUT_MS ?? '', 10) || TIMEOUT_DEFAULTS.neo4j.connectionTimeoutMs,
+    },
+    openai: {
+        embeddingTimeoutMs: parseInt(process.env.OPENAI_EMBEDDING_TIMEOUT_MS ?? '', 10) || TIMEOUT_DEFAULTS.openai.embeddingTimeoutMs,
+        assistantTimeoutMs: parseInt(process.env.OPENAI_ASSISTANT_TIMEOUT_MS ?? '', 10) || TIMEOUT_DEFAULTS.openai.assistantTimeoutMs,
+    },
+});

package/dist/core/embeddings/embeddings.service.js

@@ -1,15 +1,57 @@
 import OpenAI from 'openai';
+import { debugLog } from '../../mcp/utils.js';
+import { getTimeoutConfig } from '../config/timeouts.js';
+/**
+ * Custom error class for OpenAI configuration issues
+ * Provides helpful guidance on how to resolve the issue
+ */
+export class OpenAIConfigError extends Error {
+    constructor(message) {
+        super(message);
+        this.name = 'OpenAIConfigError';
+    }
+}
+/**
+ * Custom error class for OpenAI API issues (rate limits, quota, etc.)
+ */
+export class OpenAIAPIError extends Error {
+    statusCode;
+    constructor(message, statusCode) {
+        super(message);
+        this.statusCode = statusCode;
+        this.name = 'OpenAIAPIError';
+    }
+}
+export const EMBEDDING_BATCH_CONFIG = {
+    maxBatchSize: 100, // OpenAI supports up to 2048, but 100 is efficient
+    delayBetweenBatchesMs: 500, // Rate limit protection (500ms = ~2 batches/sec)
+};
 export class EmbeddingsService {
     openai;
     model;
     constructor(model = 'text-embedding-3-large') {
         const apiKey = process.env.OPENAI_API_KEY;
         if (!apiKey) {
-            throw new Error('OPENAI_API_KEY environment variable is required');
+            throw new OpenAIConfigError('OPENAI_API_KEY environment variable is required.\n\n' +
+                'To use semantic search features (search_codebase, natural_language_to_cypher), ' +
+                'you need an OpenAI API key.\n\n' +
+                'Set it in your environment:\n' +
+                '  export OPENAI_API_KEY=sk-...\n\n' +
+                'Or in .env file:\n' +
+                '  OPENAI_API_KEY=sk-...\n\n' +
+                'Alternative: Use impact_analysis or traverse_from_node which do not require OpenAI.');
         }
-        this.openai = new OpenAI({ apiKey });
+        const timeoutConfig = getTimeoutConfig();
+        this.openai = new OpenAI({
+            apiKey,
+            timeout: timeoutConfig.openai.embeddingTimeoutMs,
+            maxRetries: 2, // Built-in retry for transient errors
+        });
         this.model = model;
     }
+    /**
+     * Embed a single text string
+     */
     async embedText(text) {
         try {
             const response = await this.openai.embeddings.create({
@@ -19,8 +61,86 @@ export class EmbeddingsService {
             return response.data[0].embedding;
         }
         catch (error) {
+            // Handle specific error types with helpful messages
+            if (error.code === 'ETIMEDOUT' || error.message?.includes('timeout')) {
+                throw new OpenAIAPIError('OpenAI embedding request timed out. Consider increasing OPENAI_EMBEDDING_TIMEOUT_MS.');
+            }
+            if (error.status === 429) {
+                throw new OpenAIAPIError('OpenAI rate limit exceeded.\n\n' +
+                    'This usually means:\n' +
+                    '- You have hit your API rate limit\n' +
+                    '- You have exceeded your quota\n\n' +
+                    'Solutions:\n' +
+                    '- Wait a few minutes and try again\n' +
+                    '- Check your OpenAI usage at https://platform.openai.com/usage\n' +
+                    '- Use impact_analysis or traverse_from_node which do not require OpenAI', 429);
+            }
+            if (error.status === 401) {
+                throw new OpenAIAPIError('OpenAI API key is invalid or expired.\n\n' + 'Please check your OPENAI_API_KEY environment variable.', 401);
+            }
+            if (error.status === 402 || error.message?.includes('quota') || error.message?.includes('billing')) {
+                throw new OpenAIAPIError('OpenAI quota exceeded or billing issue.\n\n' +
+                    'Solutions:\n' +
+                    '- Check your OpenAI billing at https://platform.openai.com/settings/organization/billing\n' +
+                    '- Add credits to your account\n' +
+                    '- Use impact_analysis or traverse_from_node which do not require OpenAI', 402);
+            }
             console.error('Error creating embedding:', error);
             throw error;
         }
     }
+    /**
+     * Embed multiple texts in a single API call.
+     * OpenAI's embedding API supports batching natively.
+     */
+    async embedTexts(texts) {
+        if (texts.length === 0)
+            return [];
+        try {
+            const response = await this.openai.embeddings.create({
+                model: this.model,
+                input: texts,
+            });
+            // Map results back to original order (OpenAI returns with index)
+            return response.data.sort((a, b) => a.index - b.index).map((d) => d.embedding);
+        }
+        catch (error) {
+            if (error.code === 'ETIMEDOUT' || error.message?.includes('timeout')) {
+                throw new OpenAIAPIError('OpenAI batch embedding request timed out. Consider reducing batch size or increasing timeout.');
+            }
+            // Rate limited - SDK already has maxRetries:2, don't add recursive retry
+            if (error.status === 429) {
+                throw new OpenAIAPIError('OpenAI rate limit exceeded. Wait a few minutes and try again.\n' +
+                    'Check your usage at https://platform.openai.com/usage', 429);
+            }
+            // Re-throw with context
+            throw new OpenAIAPIError(`OpenAI embedding failed: ${error.message}`, error.status);
+        }
+    }
+    /**
+     * Embed texts in batches with rate limiting.
+     * Returns array of embeddings in same order as input.
+     * @param texts Array of texts to embed
+     * @param batchSize Number of texts per API call (default: 100)
+     */
+    async embedTextsInBatches(texts, batchSize = EMBEDDING_BATCH_CONFIG.maxBatchSize) {
+        await debugLog('Batch embedding started', { textCount: texts.length });
+        const results = [];
+        const totalBatches = Math.ceil(texts.length / batchSize);
+        for (let i = 0; i < texts.length; i += batchSize) {
+            const batch = texts.slice(i, i + batchSize);
+            const batchIndex = Math.floor(i / batchSize) + 1;
+            await debugLog('Embedding batch progress', { batchIndex, totalBatches, batchSize: batch.length });
+            const batchResults = await this.embedTexts(batch);
+            results.push(...batchResults);
+            // Rate limit protection between batches
+            if (i + batchSize < texts.length) {
+                await this.delay(EMBEDDING_BATCH_CONFIG.delayBetweenBatchesMs);
+            }
+        }
+        return results;
+    }
+    delay(ms) {
+        return new Promise((resolve) => setTimeout(resolve, ms));
+    }
 }