codemem 0.22.0 → 0.22.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -0
- package/dist/commands/serve.d.ts +1 -0
- package/dist/commands/serve.d.ts.map +1 -1
- package/dist/index.js +10 -0
- package/dist/index.js.map +1 -1
- package/package.json +4 -4
package/README.md
CHANGED
package/dist/commands/serve.d.ts
CHANGED
|
@@ -2,6 +2,7 @@ import { Command } from "commander";
|
|
|
2
2
|
import { type ResolvedServeInvocation } from "./serve-invocation.js";
|
|
3
3
|
export declare function extractViewerPid(payload: unknown): number | null;
|
|
4
4
|
export declare function isLocalHost(host: string): boolean;
|
|
5
|
+
export declare function isLoopbackOnlyHost(host: string): boolean;
|
|
5
6
|
export declare function isLikelyViewerCommand(command: string): boolean;
|
|
6
7
|
export declare function pickViewerPidCandidate(statsPid: number | null, listenerPid: number | null): number | null;
|
|
7
8
|
export declare function buildForegroundRunnerArgs(scriptPath: string, invocation: ResolvedServeInvocation, execArgv?: string[]): string[];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"serve.d.ts","sourceRoot":"","sources":["../../src/commands/serve.ts"],"names":[],"mappings":"AAgBA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAEpC,OAAO,EAEN,KAAK,uBAAuB,EAG5B,MAAM,uBAAuB,CAAC;AAQ/B,wBAAgB,gBAAgB,CAAC,OAAO,EAAE,OAAO,GAAG,MAAM,GAAG,IAAI,CAKhE;AAED,wBAAgB,WAAW,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CASjD;AAED,wBAAgB,qBAAqB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAQ9D;AAED,wBAAgB,sBAAsB,CACrC,QAAQ,EAAE,MAAM,GAAG,IAAI,EACvB,WAAW,EAAE,MAAM,GAAG,IAAI,GACxB,MAAM,GAAG,IAAI,CAGf;AAqLD,wBAAgB,yBAAyB,CACxC,UAAU,EAAE,MAAM,EAClB,UAAU,EAAE,uBAAuB,EACnC,QAAQ,GAAE,MAAM,EAAqB,GACnC,MAAM,EAAE,CAgBV;AAED,wBAAgB,sBAAsB,CAAC,KAAK,EAAE,OAAO,GAAG,OAAO,CAS9D;AAED,wBAAgB,2BAA2B,CAAC,KAAK,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,CAUpF;
|
|
1
|
+
{"version":3,"file":"serve.d.ts","sourceRoot":"","sources":["../../src/commands/serve.ts"],"names":[],"mappings":"AAgBA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAEpC,OAAO,EAEN,KAAK,uBAAuB,EAG5B,MAAM,uBAAuB,CAAC;AAQ/B,wBAAgB,gBAAgB,CAAC,OAAO,EAAE,OAAO,GAAG,MAAM,GAAG,IAAI,CAKhE;AAED,wBAAgB,WAAW,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CASjD;AAED,wBAAgB,kBAAkB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAQxD;AASD,wBAAgB,qBAAqB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAQ9D;AAED,wBAAgB,sBAAsB,CACrC,QAAQ,EAAE,MAAM,GAAG,IAAI,EACvB,WAAW,EAAE,MAAM,GAAG,IAAI,GACxB,MAAM,GAAG,IAAI,CAGf;AAqLD,wBAAgB,yBAAyB,CACxC,UAAU,EAAE,MAAM,EAClB,UAAU,EAAE,uBAAuB,EACnC,QAAQ,GAAE,MAAM,EAAqB,GACnC,MAAM,EAAE,CAgBV;AAED,wBAAgB,sBAAsB,CAAC,KAAK,EAAE,OAAO,GAAG,OAAO,CAS9D;AAED,wBAAgB,2BAA2B,CAAC,KAAK,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,CAUpF;AA6SD,eAAO,MAAM,YAAY,SAuBtB,CAAC"}
|
package/dist/index.js
CHANGED
|
@@ -953,6 +953,14 @@ function isLocalHost(host) {
|
|
|
953
953
|
const normalized = host.trim().toLowerCase();
|
|
954
954
|
return normalized === "127.0.0.1" || normalized === "localhost" || normalized === "::1" || normalized === "0.0.0.0" || normalized === "::";
|
|
955
955
|
}
|
|
956
|
+
function isLoopbackOnlyHost(host) {
|
|
957
|
+
const normalized = host.trim().toLowerCase();
|
|
958
|
+
return normalized === "localhost" || /^127(?:\.\d{1,3}){0,3}$/.test(normalized) || normalized === "::1" || normalized === "0:0:0:0:0:0:0:1";
|
|
959
|
+
}
|
|
960
|
+
function warnIfViewerExposed(host, port) {
|
|
961
|
+
if (isLoopbackOnlyHost(host)) return;
|
|
962
|
+
p.log.warn(`Viewer bound to ${host}:${port}. codemem's viewer trust model assumes localhost-only access; do not expose it through a reverse proxy, tunnel, or public bind without adding your own auth layer.`);
|
|
963
|
+
}
|
|
956
964
|
function isLikelyViewerCommand(command) {
|
|
957
965
|
const lowered = command.toLowerCase();
|
|
958
966
|
if (!/\bserve\s+start\b/.test(lowered)) return false;
|
|
@@ -1165,6 +1173,7 @@ function sqliteVecFailureDiagnostics(error, dbPath) {
|
|
|
1165
1173
|
];
|
|
1166
1174
|
}
|
|
1167
1175
|
async function startBackgroundViewer(invocation) {
|
|
1176
|
+
warnIfViewerExposed(invocation.host, invocation.port);
|
|
1168
1177
|
if (await isPortOpen(invocation.host, invocation.port)) {
|
|
1169
1178
|
p.log.warn(`Viewer already running at http://${invocation.host}:${invocation.port}`);
|
|
1170
1179
|
return;
|
|
@@ -1193,6 +1202,7 @@ async function startForegroundViewer(invocation) {
|
|
|
1193
1202
|
const { createApp, createSyncApp, closeStore, getStore } = await import("@codemem/server");
|
|
1194
1203
|
const { serve } = await import("@hono/node-server");
|
|
1195
1204
|
if (invocation.dbPath) process.env.CODEMEM_DB = invocation.dbPath;
|
|
1205
|
+
warnIfViewerExposed(invocation.host, invocation.port);
|
|
1196
1206
|
if (await isPortOpen(invocation.host, invocation.port)) {
|
|
1197
1207
|
p.log.warn(`Viewer already running at http://${invocation.host}:${invocation.port}`);
|
|
1198
1208
|
process.exitCode = 1;
|