coding-tool-x 3.2.0

package/src/server/services/enhanced-cache.js

@@ -0,0 +1,196 @@
+/**
+ * Enhanced Cache Manager
+ * 
+ * 提供全局缓存管理,支持TTL、自动清理、LRU策略
+ */
+
+class CacheManager {
+    constructor(options = {}) {
+        this.caches = new Map();
+        this.ttls = new Map();
+        this.accessTimes = new Map();
+        this.maxSize = options.maxSize || 1000; // 最大缓存条目数
+        this.defaultTTL = options.defaultTTL || 300000; // 默认5分钟
+        this.cleanupInterval = options.cleanupInterval || 60000; // 1分钟清理一次
+
+        // 启动自动清理
+        this.startCleanup();
+    }
+
+    /**
+     * 设置缓存
+     * @param {string} key - 缓存键
+     * @param {any} value - 缓存值
+     * @param {number} ttl - 过期时间(毫秒),默认使用defaultTTL
+     */
+    set(key, value, ttl) {
+        const expiryTime = Date.now() + (ttl || this.defaultTTL);
+
+        // 如果缓存已满,清理最少使用的条目
+        if (this.caches.size >= this.maxSize) {
+            this.evictLRU();
+        }
+
+        this.caches.set(key, value);
+        this.ttls.set(key, expiryTime);
+        this.accessTimes.set(key, Date.now());
+    }
+
+    /**
+     * 获取缓存
+     * @param {string} key - 缓存键
+     * @returns {any|null} 缓存值,不存在或过期返回null
+     */
+    get(key) {
+        if (!this.caches.has(key)) {
+            return null;
+        }
+
+        // 检查是否过期
+        if (Date.now() > this.ttls.get(key)) {
+            this.delete(key);
+            return null;
+        }
+
+        // 更新访问时间(LRU)
+        this.accessTimes.set(key, Date.now());
+        return this.caches.get(key);
+    }
+
+    /**
+     * 删除缓存
+     * @param {string} key - 缓存键
+     */
+    delete(key) {
+        this.caches.delete(key);
+        this.ttls.delete(key);
+        this.accessTimes.delete(key);
+    }
+
+    /**
+     * 清空所有缓存
+     */
+    clear() {
+        this.caches.clear();
+        this.ttls.clear();
+        this.accessTimes.clear();
+    }
+
+    /**
+     * 检查缓存是否存在且有效
+     * @param {string} key - 缓存键
+     * @returns {boolean}
+     */
+    has(key) {
+        return this.get(key) !== null;
+    }
+
+    /**
+     * 获取或设置缓存(如果不存在则调用工厂函数)
+     * @param {string} key - 缓存键
+     * @param {Function} factory - 工厂函数,返回值或Promise
+     * @param {number} ttl - 过期时间
+     * @returns {any|Promise<any>}
+     */
+    async getOrSet(key, factory, ttl) {
+        const cached = this.get(key);
+        if (cached !== null) {
+            return cached;
+        }
+
+        const value = await factory();
+        this.set(key, value, ttl);
+        return value;
+    }
+
+    /**
+     * LRU驱逐策略:移除最久未使用的条目
+     */
+    evictLRU() {
+        let oldestKey = null;
+        let oldestTime = Infinity;
+
+        for (const [key, accessTime] of this.accessTimes) {
+            if (accessTime < oldestTime) {
+                oldestTime = accessTime;
+                oldestKey = key;
+            }
+        }
+
+        if (oldestKey) {
+            this.delete(oldestKey);
+        }
+    }
+
+    /**
+     * 启动自动清理过期缓存
+     */
+    startCleanup() {
+        this.cleanupTimer = setInterval(() => {
+            const now = Date.now();
+            const expiredKeys = [];
+
+            for (const [key, expiryTime] of this.ttls) {
+                if (now > expiryTime) {
+                    expiredKeys.push(key);
+                }
+            }
+
+            expiredKeys.forEach(key => this.delete(key));
+
+            if (expiredKeys.length > 0) {
+                console.log(`[CacheManager] Cleaned up ${expiredKeys.length} expired entries`);
+            }
+        }, this.cleanupInterval);
+
+        // 确保Node.js进程退出时清理定时器
+        if (this.cleanupTimer.unref) {
+            this.cleanupTimer.unref();
+        }
+    }
+
+    /**
+     * 停止自动清理
+     */
+    stopCleanup() {
+        if (this.cleanupTimer) {
+            clearInterval(this.cleanupTimer);
+            this.cleanupTimer = null;
+        }
+    }
+
+    /**
+     * 获取缓存统计信息
+     * @returns {object}
+     */
+    getStats() {
+        return {
+            size: this.caches.size,
+            maxSize: this.maxSize,
+            keys: Array.from(this.caches.keys())
+        };
+    }
+}
+
+// 创建全局缓存实例
+const globalCache = new CacheManager({
+    maxSize: 1000,
+    defaultTTL: 300000, // 5分钟
+    cleanupInterval: 60000 // 1分钟
+});
+
+// 预定义的缓存键前缀
+const CacheKeys = {
+    PROJECTS: 'projects:',
+    SESSIONS: 'sessions:',
+    SKILLS: 'skills:',
+    CONFIG_TEMPLATES: 'config-templates:',
+    REPOS: 'repos:',
+    HAS_MESSAGES: 'has-messages:'
+};
+
+module.exports = {
+    CacheManager,
+    globalCache,
+    CacheKeys
+};

package/src/server/services/env-checker.js

@@ -0,0 +1,409 @@
+/**
+ * 环境变量检测服务
+ *
+ * 检测系统中可能导致 API 配置冲突的环境变量
+ * 支持 macOS/Linux/Windows 的 shell 配置文件检测
+ */
+
+const fs = require('fs');
+const path = require('path');
+const os = require('os');
+const crypto = require('crypto');
+
+// 各平台需要检测的环境变量关键词
+const PLATFORM_KEYWORDS = {
+  claude: ['ANTHROPIC'],
+  codex: ['OPENAI'],
+  gemini: ['GEMINI', 'GOOGLE_GEMINI']
+};
+
+// 敏感变量后缀模式 - 只有同时匹配关键词和这些后缀的变量才会被检测
+// 这样可以过滤掉 IDE 集成等无害变量（如 GEMINI_CLI_IDE_WORKSPACE_PATH）
+const SENSITIVE_PATTERNS = [
+  '_API_KEY',
+  '_SECRET_KEY',
+  '_ACCESS_TOKEN',
+  '_AUTH_TOKEN',
+  '_BASE_URL',
+  '_API_BASE',
+  '_API_URL',
+  '_ENDPOINT',
+  '_API_ENDPOINT'
+];
+
+// 精确匹配的敏感变量名（不需要后缀匹配）
+const EXACT_SENSITIVE_VARS = [
+  'ANTHROPIC_API_KEY',
+  'ANTHROPIC_BASE_URL',
+  'OPENAI_API_KEY',
+  'OPENAI_BASE_URL',
+  'OPENAI_API_BASE',
+  'GEMINI_API_KEY',
+  'GOOGLE_API_KEY',
+  'GOOGLE_GEMINI_API_KEY'
+];
+
+// 需要检测的 shell 配置文件
+const SHELL_CONFIG_FILES = process.platform === 'win32'
+  ? [
+      '.bashrc',
+      '.bash_profile',
+      '.bash_login',
+      '.zshrc',
+      '.zshenv',
+      '.zprofile',
+      '.zlogin',
+      '.profile',
+      path.join('Documents', 'PowerShell', 'Microsoft.PowerShell_profile.ps1'),
+      path.join('Documents', 'WindowsPowerShell', 'Microsoft.PowerShell_profile.ps1')
+    ]
+  : [
+      '.bashrc',
+      '.bash_profile',
+      '.bash_login',
+      '.zshrc',
+      '.zshenv',
+      '.zprofile',
+      '.zlogin',
+      '.profile'
+    ];
+
+// 系统级配置文件
+const SYSTEM_CONFIG_FILES = [
+  '/etc/profile',
+  '/etc/bashrc',
+  '/etc/zshrc'
+];
+
+/**
+ * 检测环境变量冲突
+ * @param {string} platform - 平台名称: claude/codex/gemini，不传则检测所有
+ * @returns {Array} 冲突列表
+ */
+function checkEnvConflicts(platform = null) {
+  const keywords = getKeywords(platform);
+  const conflicts = [];
+
+  // 1. 检测当前进程环境变量
+  conflicts.push(...checkProcessEnv(keywords));
+
+  // 2. 检测用户 shell 配置文件
+  conflicts.push(...checkShellConfigs(keywords));
+
+  // 3. 检测系统配置文件
+  conflicts.push(...checkSystemConfigs(keywords));
+
+  // 去重 + 只保留“真实冲突”（同名变量在多个来源且值不一致）
+  const deduplicated = deduplicateConflicts(conflicts);
+  const realConflicts = filterRealConflicts(deduplicated);
+  return sanitizeConflicts(realConflicts);
+}
+
+/**
+ * 获取需要检测的关键词
+ */
+function getKeywords(platform) {
+  if (platform && PLATFORM_KEYWORDS[platform]) {
+    return PLATFORM_KEYWORDS[platform];
+  }
+  // 返回所有关键词
+  return Object.values(PLATFORM_KEYWORDS).flat();
+}
+
+/**
+ * 检测当前进程环境变量
+ */
+function checkProcessEnv(keywords) {
+  const conflicts = [];
+
+  for (const [key, value] of Object.entries(process.env)) {
+    if (!hasNonEmptyValue(value)) {
+      continue;
+    }
+
+    if (matchesKeywords(key, keywords)) {
+      conflicts.push({
+        varName: key,
+        varValue: maskSensitiveValue(value),
+        valueFingerprint: hashValue(value),
+        sourceType: 'process',
+        sourcePath: 'Process Environment',
+        platform: detectPlatform(key)
+      });
+    }
+  }
+
+  return conflicts;
+}
+
+/**
+ * 检测用户 shell 配置文件
+ */
+function checkShellConfigs(keywords) {
+  const conflicts = [];
+  const homeDir = os.homedir();
+
+  for (const fileName of SHELL_CONFIG_FILES) {
+    const filePath = path.isAbsolute(fileName) ? fileName : path.join(homeDir, fileName);
+    const fileConflicts = parseConfigFile(filePath, keywords);
+    conflicts.push(...fileConflicts);
+  }
+
+  return conflicts;
+}
+
+/**
+ * 检测系统配置文件
+ */
+function checkSystemConfigs(keywords) {
+  const conflicts = [];
+
+  for (const filePath of SYSTEM_CONFIG_FILES) {
+    const fileConflicts = parseConfigFile(filePath, keywords);
+    conflicts.push(...fileConflicts);
+  }
+
+  return conflicts;
+}
+
+/**
+ * 解析配置文件，查找环境变量定义
+ */
+function parseConfigFile(filePath, keywords) {
+  const conflicts = [];
+
+  try {
+    if (!fs.existsSync(filePath)) {
+      return conflicts;
+    }
+
+    const content = fs.readFileSync(filePath, 'utf-8');
+    const lines = content.split('\n');
+
+    for (let i = 0; i < lines.length; i++) {
+      const line = lines[i];
+      const trimmed = line.trim();
+
+      // 跳过注释行
+      if (trimmed.startsWith('#')) {
+        continue;
+      }
+
+      // 匹配 sh/bash/zsh 的 export VAR=value 或 VAR=value
+      const exportMatch = trimmed.match(/^(?:export\s+)?([A-Z_][A-Z0-9_]*)=(.*)$/);
+      // 匹配 PowerShell 的 $env:VAR = value
+      const psMatch = trimmed.match(/^\$env:([A-Z_][A-Z0-9_]*)\s*=\s*(.*)$/i);
+      const matched = exportMatch || psMatch;
+
+      if (matched) {
+        const [, varName, varValue] = matched;
+        const normalizedValue = cleanValue(varValue);
+
+        // 空值通常是占位或已清理状态，不再视为冲突
+        if (!hasNonEmptyValue(normalizedValue)) {
+          continue;
+        }
+
+        if (matchesKeywords(varName, keywords)) {
+          conflicts.push({
+            varName,
+            varValue: maskSensitiveValue(normalizedValue),
+            valueFingerprint: hashValue(normalizedValue),
+            sourceType: 'file',
+            sourcePath: `${filePath}:${i + 1}`,
+            filePath,
+            lineNumber: i + 1,
+            platform: detectPlatform(varName)
+          });
+        }
+      }
+    }
+  } catch (err) {
+    // 忽略无法读取的文件
+    console.debug(`[EnvChecker] Cannot read ${filePath}:`, err.message);
+  }
+
+  return conflicts;
+}
+
+/**
+ * 检查变量名是否匹配关键词且为敏感变量
+ *
+ * 双重过滤逻辑：
+ * 1. 变量名必须包含平台关键词（ANTHROPIC/OPENAI/GEMINI）
+ * 2. 同时满足以下条件之一：
+ *    - 精确匹配已知敏感变量名
+ *    - 变量名以敏感后缀结尾（如 _API_KEY, _BASE_URL）
+ *
+ * 这样可以过滤掉无害的 IDE 集成变量（如 GEMINI_CLI_IDE_WORKSPACE_PATH）
+ */
+function matchesKeywords(varName, keywords) {
+  const upperName = varName.toUpperCase();
+
+  // 检查是否精确匹配已知敏感变量
+  if (EXACT_SENSITIVE_VARS.includes(upperName)) {
+    return true;
+  }
+
+  // 首先检查是否命中平台关键词（按 token 匹配，避免 OPENAI2 误判为 OPENAI）
+  const hasKeyword = keywords.some(keyword => matchesKeywordToken(upperName, keyword));
+  if (!hasKeyword) {
+    return false;
+  }
+
+  // 检查是否以敏感后缀结尾
+  const hasSensitiveSuffix = SENSITIVE_PATTERNS.some(suffix =>
+    upperName.endsWith(suffix)
+  );
+
+  return hasSensitiveSuffix;
+}
+
+function matchesKeywordToken(varName, keyword) {
+  const token = String(keyword || '').trim().toUpperCase();
+  if (!token) return false;
+
+  return varName === token ||
+    varName.startsWith(`${token}_`) ||
+    varName.endsWith(`_${token}`) ||
+    varName.includes(`_${token}_`);
+}
+
+/**
+ * 检测变量属于哪个平台
+ */
+function detectPlatform(varName) {
+  const upperName = varName.toUpperCase();
+
+  for (const [platform, keywords] of Object.entries(PLATFORM_KEYWORDS)) {
+    if (keywords.some(k => upperName.includes(k))) {
+      return platform;
+    }
+  }
+
+  return 'unknown';
+}
+
+/**
+ * 清理变量值（去除引号）
+ */
+function cleanValue(value) {
+  let cleaned = value.trim();
+  // 去除首尾引号
+  if ((cleaned.startsWith('"') && cleaned.endsWith('"')) ||
+      (cleaned.startsWith("'") && cleaned.endsWith("'"))) {
+    cleaned = cleaned.slice(1, -1);
+  }
+  return cleaned;
+}
+
+/**
+ * 判断值是否为非空
+ */
+function hasNonEmptyValue(value) {
+  return typeof value === 'string' && value.trim() !== '';
+}
+
+/**
+ * 遮蔽敏感值
+ */
+function maskSensitiveValue(value) {
+  if (!value) return '';
+  if (value.length <= 8) return '****';
+  return value.substring(0, 4) + '****' + value.substring(value.length - 4);
+}
+
+function hashValue(value) {
+  return crypto
+    .createHash('sha256')
+    .update(String(value ?? ''), 'utf8')
+    .digest('hex');
+}
+
+function filterRealConflicts(conflicts) {
+  const grouped = new Map();
+
+  for (const conflict of conflicts) {
+    const key = String(conflict.varName || '').toUpperCase();
+    if (!grouped.has(key)) {
+      grouped.set(key, []);
+    }
+    grouped.get(key).push(conflict);
+  }
+
+  const results = [];
+  for (const group of grouped.values()) {
+    if (group.length < 2) {
+      continue;
+    }
+
+    const sourceCount = new Set(group.map(item => item.sourcePath)).size;
+    if (sourceCount < 2) {
+      continue;
+    }
+
+    const valueVariants = new Set(
+      group
+        .map(item => item.valueFingerprint)
+        .filter(Boolean)
+    );
+
+    // 同名变量在多个来源但值一致，不算冲突
+    if (valueVariants.size <= 1) {
+      continue;
+    }
+
+    results.push(...group);
+  }
+
+  return results;
+}
+
+function sanitizeConflicts(conflicts) {
+  return conflicts.map(({ valueFingerprint, ...rest }) => rest);
+}
+
+/**
+ * 去重冲突列表
+ */
+function deduplicateConflicts(conflicts) {
+  const seen = new Map();
+
+  for (const conflict of conflicts) {
+    const key = `${conflict.varName}:${conflict.sourcePath}`;
+    if (!seen.has(key)) {
+      seen.set(key, conflict);
+    }
+  }
+
+  return Array.from(seen.values());
+}
+
+/**
+ * 获取冲突统计
+ */
+function getConflictStats(conflicts) {
+  const stats = {
+    total: conflicts.length,
+    byPlatform: {},
+    bySourceType: {}
+  };
+
+  for (const conflict of conflicts) {
+    // 按平台统计
+    stats.byPlatform[conflict.platform] = (stats.byPlatform[conflict.platform] || 0) + 1;
+    // 按来源类型统计
+    stats.bySourceType[conflict.sourceType] = (stats.bySourceType[conflict.sourceType] || 0) + 1;
+  }
+
+  return stats;
+}
+
+module.exports = {
+  checkEnvConflicts,
+  getConflictStats,
+  PLATFORM_KEYWORDS,
+  SHELL_CONFIG_FILES,
+  SENSITIVE_PATTERNS,
+  EXACT_SENSITIVE_VARS
+};