codebot-ai 1.4.3 → 1.6.0

package/dist/agent.d.ts

@@ -7,6 +7,9 @@ export declare class Agent {
     private maxIterations;
     private autoApprove;
     private model;
+    private cache;
+    private rateLimiter;
+    private auditLogger;
     private askPermission;
     private onMessage?;
     constructor(opts: {

package/dist/agent.js

@@ -43,6 +43,52 @@ const repo_map_1 = require("./context/repo-map");
 const memory_1 = require("./memory");
 const registry_1 = require("./providers/registry");
 const plugins_1 = require("./plugins");
+const cache_1 = require("./cache");
+const rate_limiter_1 = require("./rate-limiter");
+const audit_1 = require("./audit");
+/** Lightweight schema validation — returns error string or null if valid */
+function validateToolArgs(args, schema) {
+    const props = schema.properties;
+    const required = schema.required;
+    if (!props)
+        return null;
+    // Check required fields exist
+    if (required) {
+        for (const field of required) {
+            if (args[field] === undefined || args[field] === null) {
+                return `missing required field '${field}'`;
+            }
+        }
+    }
+    // Check types match for provided fields
+    for (const [key, value] of Object.entries(args)) {
+        const propSchema = props[key];
+        if (!propSchema)
+            continue; // extra fields are OK
+        const expectedType = propSchema.type;
+        if (!expectedType)
+            continue;
+        const actualType = Array.isArray(value) ? 'array' : typeof value;
+        if (expectedType === 'string' && actualType !== 'string') {
+            return `field '${key}' expected string, got ${actualType}`;
+        }
+        if (expectedType === 'number' && actualType !== 'number') {
+            return `field '${key}' expected number, got ${actualType}`;
+        }
+        if (expectedType === 'boolean' && actualType !== 'boolean') {
+            return `field '${key}' expected boolean, got ${actualType}`;
+        }
+        if (expectedType === 'array' && !Array.isArray(value)) {
+            return `field '${key}' expected array, got ${actualType}`;
+        }
+        if (expectedType === 'object' && (actualType !== 'object' || Array.isArray(value))) {
+            return `field '${key}' expected object, got ${actualType}`;
+        }
+    }
+    return null;
+}
+/** Tools that use shared global state and must not run concurrently */
+const SEQUENTIAL_TOOLS = new Set(['browser']);
 class Agent {
     provider;
     tools;
@@ -51,6 +97,9 @@ class Agent {
     maxIterations;
     autoApprove;
     model;
+    cache;
+    rateLimiter;
+    auditLogger;
     askPermission;
     onMessage;
     constructor(opts) {
@@ -62,6 +111,9 @@ class Agent {
         this.autoApprove = opts.autoApprove || false;
         this.askPermission = opts.askPermission || defaultAskPermission;
         this.onMessage = opts.onMessage;
+        this.cache = new cache_1.ToolCache();
+        this.rateLimiter = new rate_limiter_1.RateLimiter();
+        this.auditLogger = new audit_1.AuditLogger();
         // Load plugins
         try {
             const plugins = (0, plugins_1.loadPlugins)(process.cwd());
@@ -179,16 +231,12 @@ class Agent {
                 yield { type: 'done' };
                 return;
             }
-            // Execute each tool call
+            const prepared = [];
             for (const tc of toolCalls) {
                 const toolName = tc.function.name;
                 const tool = this.tools.get(toolName);
                 if (!tool) {
-                    const errResult = `Error: Unknown tool "${toolName}"`;
-                    const toolMsg = { role: 'tool', content: errResult, tool_call_id: tc.id };
-                    this.messages.push(toolMsg);
-                    this.onMessage?.(toolMsg);
-                    yield { type: 'tool_result', toolResult: { name: toolName, result: errResult, is_error: true } };
+                    prepared.push({ tc, tool: null, args: {}, denied: false, error: `Error: Unknown tool "${toolName}"` });
                     continue;
                 }
                 let args;
@@ -196,41 +244,120 @@ class Agent {
                     args = JSON.parse(tc.function.arguments);
                 }
                 catch {
-                    const errResult = `Error: Invalid JSON arguments for ${toolName}`;
-                    const toolMsg = { role: 'tool', content: errResult, tool_call_id: tc.id };
-                    this.messages.push(toolMsg);
-                    this.onMessage?.(toolMsg);
-                    yield { type: 'tool_result', toolResult: { name: toolName, result: errResult, is_error: true } };
+                    prepared.push({ tc, tool, args: {}, denied: false, error: `Error: Invalid JSON arguments for ${toolName}` });
+                    continue;
+                }
+                // Arg validation against schema
+                const validationError = validateToolArgs(args, tool.parameters);
+                if (validationError) {
+                    prepared.push({ tc, tool, args, denied: false, error: `Error: ${validationError} for ${toolName}` });
                     continue;
                 }
                 yield { type: 'tool_call', toolCall: { name: toolName, args } };
-                // Permission check
+                // Permission check (sequential — needs user interaction)
                 const needsPermission = tool.permission === 'always-ask' ||
                     (tool.permission === 'prompt' && !this.autoApprove);
+                let denied = false;
                 if (needsPermission) {
                     const approved = await this.askPermission(toolName, args);
                     if (!approved) {
-                        const toolMsg = { role: 'tool', content: 'Permission denied by user.', tool_call_id: tc.id };
-                        this.messages.push(toolMsg);
-                        this.onMessage?.(toolMsg);
-                        yield { type: 'tool_result', toolResult: { name: toolName, result: 'Permission denied.' } };
-                        continue;
+                        denied = true;
+                        this.auditLogger.log({ tool: toolName, action: 'deny', args, reason: 'User denied permission' });
+                    }
+                }
+                prepared.push({ tc, tool, args, denied });
+            }
+            const results = new Array(prepared.length);
+            // Immediately resolve errors and denials
+            const toExecute = [];
+            for (let idx = 0; idx < prepared.length; idx++) {
+                const prep = prepared[idx];
+                if (prep.error) {
+                    results[idx] = { content: prep.error, is_error: true };
+                }
+                else if (prep.denied) {
+                    results[idx] = { content: 'Permission denied by user.' };
+                }
+                else {
+                    toExecute.push({ index: idx, prep });
+                }
+            }
+            // Split into parallel-safe and sequential (browser) groups
+            const parallelBatch = [];
+            const sequentialBatch = [];
+            for (const item of toExecute) {
+                if (SEQUENTIAL_TOOLS.has(item.prep.tc.function.name)) {
+                    sequentialBatch.push(item);
+                }
+                else {
+                    parallelBatch.push(item);
+                }
+            }
+            // Helper to execute a single tool with cache + rate limiting
+            const executeTool = async (prep) => {
+                const toolName = prep.tc.function.name;
+                // Check cache first
+                if (prep.tool.cacheable) {
+                    const cacheKey = cache_1.ToolCache.key(toolName, prep.args);
+                    const cached = this.cache.get(cacheKey);
+                    if (cached !== null) {
+                        return { content: cached };
                     }
                 }
-                // Execute
+                // Rate limit
+                await this.rateLimiter.throttle(toolName);
                 try {
-                    const output = await tool.execute(args);
-                    const toolMsg = { role: 'tool', content: output, tool_call_id: tc.id };
-                    this.messages.push(toolMsg);
-                    this.onMessage?.(toolMsg);
-                    yield { type: 'tool_result', toolResult: { name: toolName, result: output } };
+                    const output = await prep.tool.execute(prep.args);
+                    // Audit log: successful execution
+                    this.auditLogger.log({ tool: toolName, action: 'execute', args: prep.args, result: 'success' });
+                    // Store in cache for cacheable tools
+                    if (prep.tool.cacheable) {
+                        const ttl = cache_1.ToolCache.TTL[toolName] || 30_000;
+                        this.cache.set(cache_1.ToolCache.key(toolName, prep.args), output, ttl);
+                    }
+                    // Invalidate cache on write operations
+                    if (toolName === 'write_file' || toolName === 'edit_file' || toolName === 'batch_edit') {
+                        const filePath = prep.args.path;
+                        if (filePath)
+                            this.cache.invalidate(filePath);
+                    }
+                    // Audit log: check if tool returned a security block
+                    if (output.startsWith('Error: Blocked:') || output.startsWith('Error: CWD')) {
+                        this.auditLogger.log({ tool: toolName, action: 'security_block', args: prep.args, reason: output });
+                    }
+                    return { content: output };
                 }
                 catch (err) {
                     const errMsg = err instanceof Error ? err.message : String(err);
-                    const toolMsg = { role: 'tool', content: `Error: ${errMsg}`, tool_call_id: tc.id };
-                    this.messages.push(toolMsg);
-                    this.onMessage?.(toolMsg);
-                    yield { type: 'tool_result', toolResult: { name: toolName, result: errMsg, is_error: true } };
+                    // Audit log: error
+                    this.auditLogger.log({ tool: toolName, action: 'error', args: prep.args, result: 'error', reason: errMsg });
+                    return { content: `Error: ${errMsg}`, is_error: true };
+                }
+            };
+            // Execute parallel batch concurrently
+            if (parallelBatch.length > 0) {
+                const promises = parallelBatch.map(async ({ index, prep }) => {
+                    results[index] = await executeTool(prep);
+                });
+                await Promise.allSettled(promises);
+            }
+            // Execute sequential batch one at a time
+            for (const { index, prep } of sequentialBatch) {
+                results[index] = await executeTool(prep);
+            }
+            // ── Phase 3: Push results in original order + yield events ──
+            for (let idx = 0; idx < prepared.length; idx++) {
+                const prep = prepared[idx];
+                const output = results[idx] || { content: 'Error: execution failed', is_error: true };
+                const toolName = prep.tc.function.name;
+                const toolMsg = { role: 'tool', content: output.content, tool_call_id: prep.tc.id };
+                this.messages.push(toolMsg);
+                this.onMessage?.(toolMsg);
+                if (prep.denied) {
+                    yield { type: 'tool_result', toolResult: { name: toolName, result: 'Permission denied.' } };
+                }
+                else {
+                    yield { type: 'tool_result', toolResult: { name: toolName, result: output.content, is_error: output.is_error } };
                 }
             }
             // Compact after tool results if needed
@@ -391,6 +518,7 @@ ${this.tools.all().map(t => `- ${t.name}: ${t.description}`).join('\n')}`;
     }
 }
 exports.Agent = Agent;
+const PERMISSION_TIMEOUT_MS = 30_000;
 async function defaultAskPermission(tool, args) {
     const rl = readline.createInterface({ input: process.stdin, output: process.stdout });
     const summary = Object.entries(args)
@@ -399,11 +527,19 @@ async function defaultAskPermission(tool, args) {
         return `  ${k}: ${val}`;
     })
         .join('\n');
-    return new Promise(resolve => {
-        rl.question(`\n⚡ ${tool}\n${summary}\nAllow? [y/N] `, answer => {
+    const userResponse = new Promise(resolve => {
+        rl.question(`\n⚡ ${tool}\n${summary}\nAllow? [y/N] (${PERMISSION_TIMEOUT_MS / 1000}s timeout) `, answer => {
             rl.close();
             resolve(answer.toLowerCase().startsWith('y'));
         });
     });
+    const timeout = new Promise(resolve => {
+        setTimeout(() => {
+            rl.close();
+            process.stdout.write('\n⏱ Permission timed out — denied by default.\n');
+            resolve(false);
+        }, PERMISSION_TIMEOUT_MS);
+    });
+    return Promise.race([userResponse, timeout]);
 }
 //# sourceMappingURL=agent.js.map

package/dist/audit.d.ts

@@ -0,0 +1,39 @@
+/**
+ * Audit logger for CodeBot.
+ *
+ * Provides append-only JSONL logging of all security-relevant actions.
+ * Logs are stored at ~/.codebot/audit/audit-YYYY-MM-DD.jsonl
+ * Masks secrets in args before writing.
+ * NEVER throws — audit failures must not crash the agent.
+ */
+export interface AuditEntry {
+    timestamp: string;
+    sessionId: string;
+    tool: string;
+    action: 'execute' | 'deny' | 'error' | 'security_block';
+    args: Record<string, unknown>;
+    result?: string;
+    reason?: string;
+}
+export declare class AuditLogger {
+    private logDir;
+    private sessionId;
+    constructor(logDir?: string);
+    /** Get the current session ID */
+    getSessionId(): string;
+    /** Append an audit entry to the log file */
+    log(entry: Omit<AuditEntry, 'timestamp' | 'sessionId'>): void;
+    /** Read log entries, optionally filtered */
+    query(filter?: {
+        tool?: string;
+        action?: string;
+        since?: string;
+    }): AuditEntry[];
+    /** Get the path to today's log file */
+    private getLogFilePath;
+    /** Rotate log file if it exceeds MAX_LOG_SIZE */
+    private rotateIfNeeded;
+    /** Sanitize args for logging: mask secrets and truncate long values */
+    private sanitizeArgs;
+}
+//# sourceMappingURL=audit.d.ts.map

package/dist/audit.js

@@ -0,0 +1,157 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AuditLogger = void 0;
+const fs = __importStar(require("fs"));
+const path = __importStar(require("path"));
+const os = __importStar(require("os"));
+const secrets_1 = require("./secrets");
+const MAX_LOG_SIZE = 10 * 1024 * 1024; // 10MB before rotation
+const MAX_ARG_LENGTH = 500; // Truncate long arg values for logging
+class AuditLogger {
+    logDir;
+    sessionId;
+    constructor(logDir) {
+        this.logDir = logDir || path.join(os.homedir(), '.codebot', 'audit');
+        this.sessionId = `${Date.now()}-${Math.random().toString(36).substring(2, 8)}`;
+        try {
+            fs.mkdirSync(this.logDir, { recursive: true });
+        }
+        catch {
+            // Can't create dir — logging will be disabled
+        }
+    }
+    /** Get the current session ID */
+    getSessionId() {
+        return this.sessionId;
+    }
+    /** Append an audit entry to the log file */
+    log(entry) {
+        try {
+            const fullEntry = {
+                timestamp: new Date().toISOString(),
+                sessionId: this.sessionId,
+                ...entry,
+                args: this.sanitizeArgs(entry.args),
+            };
+            const logFile = this.getLogFilePath();
+            const line = JSON.stringify(fullEntry) + '\n';
+            // Check if rotation is needed
+            this.rotateIfNeeded(logFile);
+            fs.appendFileSync(logFile, line, 'utf-8');
+        }
+        catch {
+            // Audit failures must NEVER crash the agent
+        }
+    }
+    /** Read log entries, optionally filtered */
+    query(filter) {
+        const entries = [];
+        try {
+            const files = fs.readdirSync(this.logDir)
+                .filter(f => f.startsWith('audit-') && f.endsWith('.jsonl'))
+                .sort();
+            for (const file of files) {
+                const content = fs.readFileSync(path.join(this.logDir, file), 'utf-8');
+                for (const line of content.split('\n')) {
+                    if (!line.trim())
+                        continue;
+                    try {
+                        const entry = JSON.parse(line);
+                        if (filter?.tool && entry.tool !== filter.tool)
+                            continue;
+                        if (filter?.action && entry.action !== filter.action)
+                            continue;
+                        if (filter?.since && entry.timestamp < filter.since)
+                            continue;
+                        entries.push(entry);
+                    }
+                    catch { /* skip malformed */ }
+                }
+            }
+        }
+        catch {
+            // Can't read logs
+        }
+        return entries;
+    }
+    /** Get the path to today's log file */
+    getLogFilePath() {
+        const date = new Date().toISOString().split('T')[0]; // YYYY-MM-DD
+        return path.join(this.logDir, `audit-${date}.jsonl`);
+    }
+    /** Rotate log file if it exceeds MAX_LOG_SIZE */
+    rotateIfNeeded(logFile) {
+        try {
+            if (!fs.existsSync(logFile))
+                return;
+            const stat = fs.statSync(logFile);
+            if (stat.size >= MAX_LOG_SIZE) {
+                const rotated = logFile.replace('.jsonl', `-${Date.now()}.jsonl`);
+                fs.renameSync(logFile, rotated);
+            }
+        }
+        catch {
+            // Rotation failure is non-fatal
+        }
+    }
+    /** Sanitize args for logging: mask secrets and truncate long values */
+    sanitizeArgs(args) {
+        const sanitized = {};
+        for (const [key, value] of Object.entries(args)) {
+            if (typeof value === 'string') {
+                let masked = (0, secrets_1.maskSecretsInString)(value);
+                if (masked.length > MAX_ARG_LENGTH) {
+                    masked = masked.substring(0, MAX_ARG_LENGTH) + `... (${value.length} chars)`;
+                }
+                sanitized[key] = masked;
+            }
+            else if (typeof value === 'object' && value !== null) {
+                // For objects/arrays, stringify and mask
+                const str = JSON.stringify(value);
+                const masked = (0, secrets_1.maskSecretsInString)(str);
+                sanitized[key] = masked.length > MAX_ARG_LENGTH
+                    ? masked.substring(0, MAX_ARG_LENGTH) + '...'
+                    : masked;
+            }
+            else {
+                sanitized[key] = value;
+            }
+        }
+        return sanitized;
+    }
+}
+exports.AuditLogger = AuditLogger;
+//# sourceMappingURL=audit.js.map

package/dist/cache.d.ts

@@ -0,0 +1,36 @@
+/**
+ * LRU Tool Result Cache with TTL
+ *
+ * Caches results from read-only tools (read_file, grep, glob, etc.)
+ * to avoid redundant I/O. Invalidates on writes to affected paths.
+ *
+ * @since v1.5.0
+ */
+export declare class ToolCache {
+    private cache;
+    private maxSize;
+    private currentSize;
+    /** Default TTLs per tool (ms) */
+    static readonly TTL: Record<string, number>;
+    constructor(maxSizeBytes?: number);
+    /** Build a deterministic cache key from tool name + sorted args */
+    static key(toolName: string, args: Record<string, unknown>): string;
+    /** Get a cached value, or null if expired/missing */
+    get(key: string): string | null;
+    /** Store a value with TTL */
+    set(key: string, value: string, ttlMs: number): void;
+    /** Remove a specific key */
+    private delete;
+    /**
+     * Invalidate all cache entries whose key contains the given substring.
+     * Used when a file is written/edited — invalidate any cached reads for that path.
+     */
+    invalidate(pattern: string): void;
+    /** Clear entire cache */
+    clear(): void;
+    /** Number of entries currently cached */
+    get size(): number;
+    /** Total bytes currently cached */
+    get bytes(): number;
+}
+//# sourceMappingURL=cache.d.ts.map

package/dist/cache.js

@@ -0,0 +1,106 @@
+"use strict";
+/**
+ * LRU Tool Result Cache with TTL
+ *
+ * Caches results from read-only tools (read_file, grep, glob, etc.)
+ * to avoid redundant I/O. Invalidates on writes to affected paths.
+ *
+ * @since v1.5.0
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ToolCache = void 0;
+class ToolCache {
+    cache = new Map();
+    maxSize;
+    currentSize = 0;
+    /** Default TTLs per tool (ms) */
+    static TTL = {
+        read_file: 30_000,
+        grep: 30_000,
+        glob: 30_000,
+        code_analysis: 60_000,
+        code_review: 60_000,
+        image_info: 60_000,
+    };
+    constructor(maxSizeBytes = 50 * 1024 * 1024) {
+        this.maxSize = maxSizeBytes;
+    }
+    /** Build a deterministic cache key from tool name + sorted args */
+    static key(toolName, args) {
+        const sorted = Object.keys(args)
+            .sort()
+            .map(k => `${k}=${JSON.stringify(args[k])}`)
+            .join('&');
+        return `${toolName}:${sorted}`;
+    }
+    /** Get a cached value, or null if expired/missing */
+    get(key) {
+        const entry = this.cache.get(key);
+        if (!entry)
+            return null;
+        if (Date.now() > entry.expires) {
+            this.delete(key);
+            return null;
+        }
+        // Move to end (most recently used) — Map preserves insertion order
+        this.cache.delete(key);
+        this.cache.set(key, entry);
+        return entry.value;
+    }
+    /** Store a value with TTL */
+    set(key, value, ttlMs) {
+        // Delete existing entry first (update size tracking)
+        this.delete(key);
+        const size = key.length + value.length;
+        // Don't cache if single entry exceeds 10% of max
+        if (size > this.maxSize * 0.1)
+            return;
+        // Evict LRU entries until we have room
+        while (this.currentSize + size > this.maxSize && this.cache.size > 0) {
+            const oldest = this.cache.keys().next().value;
+            if (oldest !== undefined) {
+                this.delete(oldest);
+            }
+        }
+        this.cache.set(key, {
+            value,
+            expires: Date.now() + ttlMs,
+            size,
+        });
+        this.currentSize += size;
+    }
+    /** Remove a specific key */
+    delete(key) {
+        const entry = this.cache.get(key);
+        if (entry) {
+            this.currentSize -= entry.size;
+            this.cache.delete(key);
+        }
+    }
+    /**
+     * Invalidate all cache entries whose key contains the given substring.
+     * Used when a file is written/edited — invalidate any cached reads for that path.
+     */
+    invalidate(pattern) {
+        for (const key of [...this.cache.keys()]) {
+            if (key.includes(pattern)) {
+                this.delete(key);
+            }
+        }
+    }
+    /** Clear entire cache */
+    clear() {
+        this.cache.clear();
+        this.currentSize = 0;
+    }
+    /** Number of entries currently cached */
+    get size() {
+        return this.cache.size;
+    }
+    /** Total bytes currently cached */
+    get bytes() {
+        return this.currentSize;
+    }
+}
+exports.ToolCache = ToolCache;
+//# sourceMappingURL=cache.js.map

package/dist/cli.js

@@ -44,7 +44,7 @@ const setup_1 = require("./setup");
 const banner_1 = require("./banner");
 const tools_1 = require("./tools");
 const scheduler_1 = require("./scheduler");
-const VERSION = '1.4.3';
+const VERSION = '1.6.0';
 // Session-wide token tracking
 let sessionTokens = { input: 0, output: 0, total: 0 };
 const C = {

package/dist/history.d.ts

@@ -15,9 +15,9 @@ export declare class SessionManager {
     getId(): string;
     /** Append a message to the session file */
     save(message: Message): void;
-    /** Save all messages (overwrite) */
+    /** Save all messages (atomic overwrite via temp file + rename) */
     saveAll(messages: Message[]): void;
-    /** Load messages from a session file */
+    /** Load messages from a session file (skips malformed lines) */
     load(): Message[];
     /** List recent sessions */
     static list(limit?: number): SessionMeta[];