npm - codegpt-ai - Versions diffs - 2.7.0 → 2.9.0 - Mend

codegpt-ai 2.7.0 → 2.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/chat.py +86 -60
package/package.json +2 -2

package/chat.py CHANGED Viewed

@@ -723,6 +723,36 @@ code_exec_count = 0
 AUTO_LOCK_MINUTES = 10
 last_activity = [time.time()]
+# Rate limiting — prevent rapid-fire commands
+RATE_LIMIT_WINDOW = 2  # seconds
+RATE_LIMIT_MAX = 5     # max commands in window
+_cmd_timestamps = []
+def check_rate_limit():
+    """Block rapid-fire command spam. Returns True if OK."""
+    now = time.time()
+    # Remove old timestamps
+    while _cmd_timestamps and now - _cmd_timestamps[0] > RATE_LIMIT_WINDOW:
+        _cmd_timestamps.pop(0)
+    _cmd_timestamps.append(now)
+    if len(_cmd_timestamps) > RATE_LIMIT_MAX:
+        return False
+    return True
+def sanitize_input(text):
+    """Strip control characters and null bytes from user input."""
+    # Remove null bytes, control chars (except newline/tab)
+    cleaned = ""
+    for c in text:
+        if c == '\x00':
+            continue
+        if ord(c) < 32 and c not in ('\n', '\t', '\r'):
+            continue
+        cleaned += c
+    return cleaned.strip()
 def hash_pin(pin, salt=None):
     """Hash a PIN with a random salt. Returns 'salt:hash'."""
@@ -1237,72 +1267,58 @@ def print_header(model):
         console.print()
-        # Banner parts
         R = "bold red"
         B = "bold bright_blue"
         D = "dim"
-        def build_banner(pos):
-            """Build banner with spider at given position (0-7 around the border)."""
-            sp_faces = ["  /╲(o.o)╱\\", "  /╲(o.o)╱\\", "~~~(o.o)>", "~~~(o.o)>",
-                        "  \\╱(o.o)╲/", "  \\╱(o.o)╲/", "<(o.o)~~~", "<(o.o)~~~"]
-            spider = sp_faces[pos % 8]
-            top_b = f"[{R}]  ╔════════════════════════════════════════════════════╗[/]"
-            bot_b = f"[{R}]  ╚════════════════════════════════════════════════════╝[/]"
-            empty = f"[{R}]  ║[/]                                                    [{R}]║[/]"
-            title = f"[{R}]  ║[/]          [{R}]C[/][{B}]o[/][{R}]d[/][{B}]e[/]  [{R}]G[/][{B}]P[/][{R}]T[/]   [{D}]v2.0[/]                    [{R}]║[/]"
-            sub   = f"[{R}]  ║[/]          [{D}]local ai · powered by ollama[/]             [{R}]║[/]"
-            stats = f"[{R}]  ║[/]          [{B}]123[/] [{D}]commands ·[/] [{B}]26[/] [{D}]tools ·[/] [{B}]8[/] [{D}]agents[/]       [{R}]║[/]"
-            lines = []
-            p = pos % 8
-            if p in (0, 1):  # top
-                lines.append(f"[{D}]               {spider}[/]")
-                lines.append(f"[{D}]                  ||[/]")
-                lines.extend([top_b, empty, title, sub, stats, empty, bot_b])
-            elif p in (2, 3):  # right
-                lines.append(top_b)
-                lines.append(empty)
-                lines.append(title)
-                lines.append(f"[{R}]  ║[/]          [{D}]local ai · powered by ollama[/]             [{R}]║[/][{D}]~~{spider}[/]")
-                lines.extend([stats, empty, bot_b])
-            elif p in (4, 5):  # bottom
-                lines.extend([top_b, empty, title, sub, stats, empty, bot_b])
-                lines.append(f"[{D}]                       ||[/]")
-                lines.append(f"[{D}]                    {spider}[/]")
-            else:  # left (6, 7)
-                lines.append(top_b)
-                lines.append(empty)
-                lines.append(f"[{D}]{spider}~~[/][{R}]║[/]          [{R}]C[/][{B}]o[/][{R}]d[/][{B}]e[/]  [{R}]G[/][{B}]P[/][{R}]T[/]   [{D}]v2.0[/]                    [{R}]║[/]")
-                lines.extend([sub, stats, empty, bot_b])
-            return "\n".join(lines)
-        # Animate spider crawling around the banner
-        try:
-            with Live(
-                Text.from_markup(build_banner(0)),
-                console=console, refresh_per_second=6, transient=True,
-            ) as live:
-                for frame in range(16):  # 2 full laps
-                    live.update(Text.from_markup(build_banner(frame)))
-                    time.sleep(0.2)
-            # Final position — static
-            import random
-            final = random.randint(0, 7)
-            console.print(Text.from_markup(build_banner(final)))
-        except Exception:
-            # Fallback if Live doesn't work
-            console.print(Text.from_markup(build_banner(0)))
+        # Banner
+        console.print(Text.from_markup(
+            f"[{R}]  ╔══════════════════════════════════════════════════╗[/]\n"
+            f"[{R}]  ║[/]                                                [{R}]║[/]\n"
+            f"[{R}]  ║[/]      [{R}]C[/][{B}]o[/][{R}]d[/][{B}]e[/]  [{R}]G[/][{B}]P[/][{R}]T[/]   [{D}]v2.0[/]                  [{R}]║[/]\n"
+            f"[{R}]  ║[/]      [{D}]local ai · powered by ollama[/]           [{R}]║[/]\n"
+            f"[{R}]  ║[/]                                                [{R}]║[/]\n"
+            f"[{R}]  ╚══════════════════════════════════════════════════╝[/]"
+        ))
+        console.print()
+        # Info block — model, server, tokens, security
+        total_tok = profile.get("total_tokens", 0)
+        total_msgs = profile.get("total_messages", 0)
+        sessions = profile.get("total_sessions", 0)
+        pin_on = has_pin()
+        perms = len(PERMISSION_ALWAYS_ALLOW)
+        audit_count = 0
+        if AUDIT_FILE.exists():
+            try:
+                audit_count = len(AUDIT_FILE.read_text().strip().splitlines())
+            except Exception:
+                pass
+        console.print(Text.from_markup(
+            f"  [{D}]model[/]      [{B}]{model}[/]\n"
+            f"  [{D}]server[/]     [green]{server}[/]\n"
+            f"  [{D}]user[/]       {name}\n"
+            f"  [{D}]memory[/]     {mem_count} items"
+        ))
+        console.print()
+        # Token counter
+        console.print(Text.from_markup(
+            f"  [{D}]tokens[/]     [{B}]{total_tok:,}[/] [{D}]lifetime[/]\n"
+            f"  [{D}]messages[/]   [{B}]{total_msgs:,}[/] [{D}]across {sessions} sessions[/]"
+        ))
         console.print()
+        # Security status
+        pin_status = f"[green]on[/]" if pin_on else f"[yellow]off[/] [{D}]— /pin-set to enable[/]"
+        sandbox_status = f"[green]active[/]"
         console.print(Text.from_markup(
-            f"  [dim]model[/]    [bright_blue]{model}[/]\n"
-            f"  [dim]server[/]   [green]{server}[/]\n"
-            f"  [dim]user[/]     {name}\n"
-            f"  [dim]memory[/]   {mem_count} items"
+            f"  [{D}]security[/]\n"
+            f"    [{D}]pin lock[/]     {pin_status}\n"
+            f"    [{D}]sandbox[/]      {sandbox_status}\n"
+            f"    [{D}]permissions[/]  [{B}]{perms}[/] [{D}]always-allowed[/]\n"
+            f"    [{D}]audit log[/]    [{B}]{audit_count}[/] [{D}]events[/]"
         ))
         console.print(Rule(style="dim", characters="─"))
         console.print()
@@ -5025,6 +5041,16 @@ def main():
         if not user_input:
             continue
+        # Sanitize input
+        user_input = sanitize_input(user_input)
+        if not user_input:
+            continue
+        # Rate limit
+        if user_input.startswith("/") and not check_rate_limit():
+            print_err("Slow down — too many commands. Wait a moment.")
+            continue
         last_activity[0] = time.time()
         # Suggestion number shortcut

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "codegpt-ai",
-  "version": "2.7.0",
+  "version": "2.9.0",
   "description": "Local AI Assistant Hub — 80+ commands, 29 tools, 8 agents, training, security",
   "author": "ArukuX",
   "license": "MIT",
@@ -36,6 +36,6 @@
     "README.md"
   ],
   "dependencies": {
-    "codegpt-ai": "^1.18.0"
+    "codegpt-ai": "^1.28.2"
   }
 }