codeep 1.2.16 → 1.2.18
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +20 -7
- package/dist/api/index.d.ts +7 -0
- package/dist/api/index.js +21 -17
- package/dist/renderer/App.d.ts +1 -5
- package/dist/renderer/App.js +106 -486
- package/dist/renderer/Input.js +8 -1
- package/dist/renderer/agentExecution.d.ts +36 -0
- package/dist/renderer/agentExecution.js +394 -0
- package/dist/renderer/commands.d.ts +16 -0
- package/dist/renderer/commands.js +838 -0
- package/dist/renderer/handlers.d.ts +87 -0
- package/dist/renderer/handlers.js +260 -0
- package/dist/renderer/highlight.d.ts +18 -0
- package/dist/renderer/highlight.js +130 -0
- package/dist/renderer/main.d.ts +4 -2
- package/dist/renderer/main.js +103 -1550
- package/dist/utils/agent.d.ts +5 -15
- package/dist/utils/agent.js +9 -693
- package/dist/utils/agentChat.d.ts +46 -0
- package/dist/utils/agentChat.js +343 -0
- package/dist/utils/agentStream.d.ts +23 -0
- package/dist/utils/agentStream.js +216 -0
- package/dist/utils/keychain.js +3 -2
- package/dist/utils/learning.js +9 -3
- package/dist/utils/mcpIntegration.d.ts +61 -0
- package/dist/utils/mcpIntegration.js +154 -0
- package/dist/utils/project.js +8 -3
- package/dist/utils/skills.js +21 -11
- package/dist/utils/smartContext.d.ts +4 -0
- package/dist/utils/smartContext.js +51 -14
- package/dist/utils/toolExecution.d.ts +27 -0
- package/dist/utils/toolExecution.js +525 -0
- package/dist/utils/toolParsing.d.ts +18 -0
- package/dist/utils/toolParsing.js +302 -0
- package/dist/utils/tools.d.ts +27 -24
- package/dist/utils/tools.js +30 -1169
- package/package.json +3 -1
- package/dist/config/config.test.d.ts +0 -1
- package/dist/config/config.test.js +0 -157
- package/dist/config/providers.test.d.ts +0 -1
- package/dist/config/providers.test.js +0 -187
- package/dist/hooks/index.d.ts +0 -4
- package/dist/hooks/index.js +0 -4
- package/dist/hooks/useAgent.d.ts +0 -29
- package/dist/hooks/useAgent.js +0 -148
- package/dist/utils/agent.test.d.ts +0 -1
- package/dist/utils/agent.test.js +0 -315
- package/dist/utils/git.test.d.ts +0 -1
- package/dist/utils/git.test.js +0 -193
- package/dist/utils/gitignore.test.d.ts +0 -1
- package/dist/utils/gitignore.test.js +0 -167
- package/dist/utils/project.test.d.ts +0 -1
- package/dist/utils/project.test.js +0 -212
- package/dist/utils/ratelimit.test.d.ts +0 -1
- package/dist/utils/ratelimit.test.js +0 -131
- package/dist/utils/retry.test.d.ts +0 -1
- package/dist/utils/retry.test.js +0 -163
- package/dist/utils/smartContext.test.d.ts +0 -1
- package/dist/utils/smartContext.test.js +0 -382
- package/dist/utils/tools.test.d.ts +0 -1
- package/dist/utils/tools.test.js +0 -676
- package/dist/utils/validation.test.d.ts +0 -1
- package/dist/utils/validation.test.js +0 -164
|
@@ -1 +0,0 @@
|
|
|
1
|
-
export {};
|
|
@@ -1,164 +0,0 @@
|
|
|
1
|
-
import { describe, it, expect } from 'vitest';
|
|
2
|
-
import { validateInput, validateApiKey, validateCommandArgs, validateFilePath, sanitizeOutput, } from './validation.js';
|
|
3
|
-
describe('validation utilities', () => {
|
|
4
|
-
describe('validateInput', () => {
|
|
5
|
-
it('should reject empty input', () => {
|
|
6
|
-
expect(validateInput('').valid).toBe(false);
|
|
7
|
-
expect(validateInput(' ').valid).toBe(false);
|
|
8
|
-
});
|
|
9
|
-
it('should accept valid input', () => {
|
|
10
|
-
const result = validateInput('Hello, world!');
|
|
11
|
-
expect(result.valid).toBe(true);
|
|
12
|
-
expect(result.sanitized).toBe('Hello, world!');
|
|
13
|
-
});
|
|
14
|
-
it('should reject input exceeding max length', () => {
|
|
15
|
-
const longInput = 'a'.repeat(60000);
|
|
16
|
-
const result = validateInput(longInput);
|
|
17
|
-
expect(result.valid).toBe(false);
|
|
18
|
-
expect(result.error).toContain('too long');
|
|
19
|
-
});
|
|
20
|
-
it('should reject input with too many lines', () => {
|
|
21
|
-
const manyLines = Array(6000).fill('line').join('\n');
|
|
22
|
-
const result = validateInput(manyLines);
|
|
23
|
-
expect(result.valid).toBe(false);
|
|
24
|
-
expect(result.error).toContain('Too many lines');
|
|
25
|
-
});
|
|
26
|
-
it('should remove null bytes', () => {
|
|
27
|
-
const result = validateInput('hello\0world');
|
|
28
|
-
expect(result.valid).toBe(true);
|
|
29
|
-
expect(result.sanitized).toBe('helloworld');
|
|
30
|
-
});
|
|
31
|
-
it('should remove control characters except newlines and tabs', () => {
|
|
32
|
-
const result = validateInput('hello\x01\x02world\n\ttab');
|
|
33
|
-
expect(result.valid).toBe(true);
|
|
34
|
-
expect(result.sanitized).toBe('helloworld\n\ttab');
|
|
35
|
-
});
|
|
36
|
-
it('should limit consecutive newlines to 4', () => {
|
|
37
|
-
const result = validateInput('hello\n\n\n\n\n\n\nworld');
|
|
38
|
-
expect(result.valid).toBe(true);
|
|
39
|
-
expect(result.sanitized).toBe('hello\n\n\n\nworld');
|
|
40
|
-
});
|
|
41
|
-
it('should preserve normal formatting', () => {
|
|
42
|
-
const input = 'function test() {\n return true;\n}';
|
|
43
|
-
const result = validateInput(input);
|
|
44
|
-
expect(result.valid).toBe(true);
|
|
45
|
-
expect(result.sanitized).toBe(input);
|
|
46
|
-
});
|
|
47
|
-
});
|
|
48
|
-
describe('validateApiKey', () => {
|
|
49
|
-
it('should reject empty key', () => {
|
|
50
|
-
expect(validateApiKey('').valid).toBe(false);
|
|
51
|
-
expect(validateApiKey(' ').valid).toBe(false);
|
|
52
|
-
});
|
|
53
|
-
it('should accept valid API key', () => {
|
|
54
|
-
const result = validateApiKey('sk-abcdef123456789012345');
|
|
55
|
-
expect(result.valid).toBe(true);
|
|
56
|
-
expect(result.sanitized).toBe('sk-abcdef123456789012345');
|
|
57
|
-
});
|
|
58
|
-
it('should reject key with invalid characters', () => {
|
|
59
|
-
const result = validateApiKey('sk-test!@#$%');
|
|
60
|
-
expect(result.valid).toBe(false);
|
|
61
|
-
expect(result.error).toContain('invalid characters');
|
|
62
|
-
});
|
|
63
|
-
it('should reject too short keys', () => {
|
|
64
|
-
const result = validateApiKey('short');
|
|
65
|
-
expect(result.valid).toBe(false);
|
|
66
|
-
expect(result.error).toContain('length invalid');
|
|
67
|
-
});
|
|
68
|
-
it('should reject too long keys', () => {
|
|
69
|
-
const result = validateApiKey('a'.repeat(250));
|
|
70
|
-
expect(result.valid).toBe(false);
|
|
71
|
-
expect(result.error).toContain('length invalid');
|
|
72
|
-
});
|
|
73
|
-
it('should reject keys with whitespace', () => {
|
|
74
|
-
// API keys with leading/trailing spaces contain invalid characters
|
|
75
|
-
const result = validateApiKey(' sk-validkey12345678 ');
|
|
76
|
-
expect(result.valid).toBe(false);
|
|
77
|
-
});
|
|
78
|
-
it('should accept keys with dots, underscores, and dashes', () => {
|
|
79
|
-
const result = validateApiKey('sk_test.key-123456789');
|
|
80
|
-
expect(result.valid).toBe(true);
|
|
81
|
-
});
|
|
82
|
-
});
|
|
83
|
-
describe('validateCommandArgs', () => {
|
|
84
|
-
it('should accept safe commands', () => {
|
|
85
|
-
const result = validateCommandArgs('help', []);
|
|
86
|
-
expect(result.valid).toBe(true);
|
|
87
|
-
});
|
|
88
|
-
it('should reject shell metacharacters', () => {
|
|
89
|
-
expect(validateCommandArgs('test', ['; rm -rf /']).valid).toBe(false);
|
|
90
|
-
expect(validateCommandArgs('test', ['| cat /etc/passwd']).valid).toBe(false);
|
|
91
|
-
expect(validateCommandArgs('test', ['`whoami`']).valid).toBe(false);
|
|
92
|
-
expect(validateCommandArgs('test', ['$(id)']).valid).toBe(false);
|
|
93
|
-
expect(validateCommandArgs('test', ['&& echo']).valid).toBe(false);
|
|
94
|
-
});
|
|
95
|
-
it('should reject path traversal', () => {
|
|
96
|
-
const result = validateCommandArgs('read', ['../../etc/passwd']);
|
|
97
|
-
expect(result.valid).toBe(false);
|
|
98
|
-
});
|
|
99
|
-
it('should reject eval attempts', () => {
|
|
100
|
-
const result = validateCommandArgs('run', ['eval("code")', 'test']);
|
|
101
|
-
expect(result.valid).toBe(false);
|
|
102
|
-
});
|
|
103
|
-
it('should reject exec attempts', () => {
|
|
104
|
-
const result = validateCommandArgs('run', ['exec(cmd)']);
|
|
105
|
-
expect(result.valid).toBe(false);
|
|
106
|
-
});
|
|
107
|
-
});
|
|
108
|
-
describe('validateFilePath', () => {
|
|
109
|
-
it('should reject empty path', () => {
|
|
110
|
-
expect(validateFilePath('').valid).toBe(false);
|
|
111
|
-
expect(validateFilePath(' ').valid).toBe(false);
|
|
112
|
-
});
|
|
113
|
-
it('should accept valid paths', () => {
|
|
114
|
-
expect(validateFilePath('src/index.ts').valid).toBe(true);
|
|
115
|
-
expect(validateFilePath('./package.json').valid).toBe(true);
|
|
116
|
-
expect(validateFilePath('utils/helper.js').valid).toBe(true);
|
|
117
|
-
});
|
|
118
|
-
it('should reject path traversal', () => {
|
|
119
|
-
expect(validateFilePath('../secret.txt').valid).toBe(false);
|
|
120
|
-
expect(validateFilePath('src/../../etc/passwd').valid).toBe(false);
|
|
121
|
-
expect(validateFilePath('..').valid).toBe(false);
|
|
122
|
-
});
|
|
123
|
-
it('should reject system paths on Unix', () => {
|
|
124
|
-
expect(validateFilePath('/etc/passwd').valid).toBe(false);
|
|
125
|
-
expect(validateFilePath('/sys/kernel').valid).toBe(false);
|
|
126
|
-
expect(validateFilePath('/proc/self').valid).toBe(false);
|
|
127
|
-
});
|
|
128
|
-
it('should reject system paths on Windows', () => {
|
|
129
|
-
expect(validateFilePath('C:\\Windows\\System32').valid).toBe(false);
|
|
130
|
-
expect(validateFilePath('C:\\System\\config').valid).toBe(false);
|
|
131
|
-
});
|
|
132
|
-
it('should trim whitespace', () => {
|
|
133
|
-
const result = validateFilePath(' src/index.ts ');
|
|
134
|
-
expect(result.valid).toBe(true);
|
|
135
|
-
expect(result.sanitized).toBe('src/index.ts');
|
|
136
|
-
});
|
|
137
|
-
});
|
|
138
|
-
describe('sanitizeOutput', () => {
|
|
139
|
-
it('should preserve normal text', () => {
|
|
140
|
-
expect(sanitizeOutput('Hello, world!')).toBe('Hello, world!');
|
|
141
|
-
});
|
|
142
|
-
it('should remove cursor control sequences', () => {
|
|
143
|
-
// Move cursor up
|
|
144
|
-
expect(sanitizeOutput('text\x1b[2Amore')).toBe('textmore');
|
|
145
|
-
// Move cursor down
|
|
146
|
-
expect(sanitizeOutput('text\x1b[5Bmore')).toBe('textmore');
|
|
147
|
-
// Clear screen
|
|
148
|
-
expect(sanitizeOutput('text\x1b[2Jmore')).toBe('textmore');
|
|
149
|
-
});
|
|
150
|
-
it('should remove OSC sequences', () => {
|
|
151
|
-
// Set window title
|
|
152
|
-
expect(sanitizeOutput('text\x1b]0;malicious title\x07more')).toBe('textmore');
|
|
153
|
-
});
|
|
154
|
-
it('should handle multiple escape sequences', () => {
|
|
155
|
-
const malicious = '\x1b[2J\x1b[H\x1b]0;pwned\x07dangerous content';
|
|
156
|
-
const result = sanitizeOutput(malicious);
|
|
157
|
-
expect(result).not.toContain('\x1b');
|
|
158
|
-
expect(result).toContain('dangerous content');
|
|
159
|
-
});
|
|
160
|
-
it('should handle empty string', () => {
|
|
161
|
-
expect(sanitizeOutput('')).toBe('');
|
|
162
|
-
});
|
|
163
|
-
});
|
|
164
|
-
});
|