npm - commandmate - Versions diffs - 0.2.12 → 0.3.0 - Mend

commandmate 0.2.12 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (155) hide show

package/dist/server/src/lib/ip-restriction.js ADDED Viewed

@@ -0,0 +1,241 @@
+"use strict";
+/**
+ * IP Restriction Module (Edge Runtime Compatible)
+ * Issue #332: Access control by IP address/CIDR range
+ *
+ * CONSTRAINT: This module must be Edge Runtime compatible.
+ * Do NOT import Node.js-specific modules (net, dns, os, fs, etc.).
+ *
+ * [S3-006] CLI build compatibility constraint:
+ * ip-restriction.ts is NOT directly imported from src/cli/.
+ * CLI sets CM_ALLOWED_IPS via process.env only; IP restriction logic
+ * runs server-side (middleware.ts / ws-server.ts).
+ *
+ * [S2-004] Difference from auth.ts:
+ * auth.ts silently disables on invalid hash (storedTokenHash = undefined).
+ * ip-restriction.ts uses fail-fast (throw) on invalid CIDR because
+ * silently ignoring security config errors would create a security hole.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.normalizeIp = normalizeIp;
+exports.parseAllowedIps = parseAllowedIps;
+exports.isIpAllowed = isIpAllowed;
+exports.getClientIp = getClientIp;
+exports.getAllowedRanges = getAllowedRanges;
+exports.isIpRestrictionEnabled = isIpRestrictionEnabled;
+// --- Internal constants (unexported) [S1-002] ---
+// Integrated into this module; no external references needed (YAGNI).
+const IPV4_MAPPED_IPV6_PREFIX = '::ffff:';
+const IPV4_PATTERN = /^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/;
+const IPV4_CIDR_PATTERN = /^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})\/(\d{1,2})$/;
+const MAX_IPV4_PREFIX_LENGTH = 32;
+/** [S4-002] DoS prevention: upper limit on CIDR entry count */
+const MAX_ALLOWED_IP_ENTRIES = 256;
+/** [S4-005] Input validation: max length per entry ('255.255.255.255/32' = 18 chars) */
+const MAX_CIDR_ENTRY_LENGTH = 18;
+// --- Module-scope initialization [S1-003] ---
+// Following auth.ts storedTokenHash pattern: read env once at module load.
+// Placed before functions that depend on these values for clarity.
+const allowedIpsEnv = process.env.CM_ALLOWED_IPS?.trim() || '';
+// [S4-006] CM_TRUST_PROXY value validation:
+// 'true' is the only value that enables proxy trust. Other non-empty values
+// (e.g., 'TRUE', '1', 'yes') fall back to safe default (no proxy trust),
+// and a warning is emitted to help operators detect configuration mistakes.
+const trustProxyEnv = process.env.CM_TRUST_PROXY?.trim() || '';
+if (trustProxyEnv !== '' && trustProxyEnv !== 'true' && trustProxyEnv !== 'false') {
+    console.warn(`[IP-RESTRICTION] CM_TRUST_PROXY has unexpected value: "${trustProxyEnv}". ` +
+        'Only "true" (lowercase) enables proxy trust.');
+}
+/** Whether CM_TRUST_PROXY is strictly 'true' */
+const trustProxy = trustProxyEnv === 'true';
+// --- Pure functions ---
+/**
+ * Parse an IPv4 address string into a 32-bit unsigned integer.
+ * Returns null if the format is invalid or any octet is out of range.
+ */
+function ipToInt(ip) {
+    const match = ip.match(IPV4_PATTERN);
+    if (!match)
+        return null;
+    const octets = [
+        parseInt(match[1], 10),
+        parseInt(match[2], 10),
+        parseInt(match[3], 10),
+        parseInt(match[4], 10),
+    ];
+    for (const octet of octets) {
+        if (octet < 0 || octet > 255)
+            return null;
+    }
+    // Use unsigned right shift (>>> 0) to ensure unsigned 32-bit integer
+    return ((octets[0] << 24) | (octets[1] << 16) | (octets[2] << 8) | octets[3]) >>> 0;
+}
+/**
+ * IPv4-mapped IPv6 address (::ffff:x.x.x.x) normalization.
+ * Returns the IPv4 portion if mapped, otherwise returns as-is.
+ */
+function normalizeIp(ip) {
+    if (!ip)
+        return '';
+    const lower = ip.toLowerCase();
+    if (lower.startsWith(IPV4_MAPPED_IPV6_PREFIX)) {
+        return ip.substring(IPV4_MAPPED_IPV6_PREFIX.length);
+    }
+    return ip;
+}
+/**
+ * Parse CM_ALLOWED_IPS environment variable string into CidrRange array.
+ * Throws Error on invalid CIDR format (fail-fast).
+ *
+ * [S4-002] Throws when entry count exceeds MAX_ALLOWED_IP_ENTRIES (256).
+ * Large CIDR entry counts cause parse delay and per-request OR-loop
+ * performance degradation.
+ *
+ * [S4-005] Throws when any entry exceeds MAX_CIDR_ENTRY_LENGTH (18 chars).
+ * IPv4 CIDR maximum is '255.255.255.255/32' (18 chars); longer input is
+ * rejected before regex matching.
+ *
+ * @throws {Error} Invalid IP address or CIDR format
+ * @throws {Error} Entry count exceeds MAX_ALLOWED_IP_ENTRIES (256)
+ * @throws {Error} Individual entry exceeds MAX_CIDR_ENTRY_LENGTH (18 chars)
+ */
+function parseAllowedIps(envValue) {
+    const trimmed = envValue.trim();
+    if (trimmed.length === 0)
+        return [];
+    const entries = trimmed.split(',').map(e => e.trim()).filter(e => e.length > 0);
+    // [S4-002] DoS prevention: entry count upper limit
+    if (entries.length > MAX_ALLOWED_IP_ENTRIES) {
+        throw new Error(`CM_ALLOWED_IPS: too many entries (${entries.length}). Maximum is ${MAX_ALLOWED_IP_ENTRIES}.`);
+    }
+    const ranges = [];
+    for (const entry of entries) {
+        // [S4-005] Entry length validation (before regex)
+        if (entry.length > MAX_CIDR_ENTRY_LENGTH) {
+            throw new Error(`CM_ALLOWED_IPS: entry "${entry}" exceeds maximum length of ${MAX_CIDR_ENTRY_LENGTH} characters.`);
+        }
+        // Try CIDR format first (x.x.x.x/N)
+        const cidrMatch = entry.match(IPV4_CIDR_PATTERN);
+        if (cidrMatch) {
+            const octets = [
+                parseInt(cidrMatch[1], 10),
+                parseInt(cidrMatch[2], 10),
+                parseInt(cidrMatch[3], 10),
+                parseInt(cidrMatch[4], 10),
+            ];
+            const prefix = parseInt(cidrMatch[5], 10);
+            for (const octet of octets) {
+                if (octet < 0 || octet > 255) {
+                    throw new Error(`CM_ALLOWED_IPS: invalid octet in "${entry}". Octets must be 0-255.`);
+                }
+            }
+            if (prefix < 0 || prefix > MAX_IPV4_PREFIX_LENGTH) {
+                throw new Error(`CM_ALLOWED_IPS: invalid prefix length in "${entry}". Must be 0-${MAX_IPV4_PREFIX_LENGTH}.`);
+            }
+            const network = ((octets[0] << 24) | (octets[1] << 16) | (octets[2] << 8) | octets[3]) >>> 0;
+            // Create mask: for prefix=24, mask = 0xFFFFFF00
+            // For prefix=0, mask = 0x00000000
+            const mask = prefix === 0 ? 0 : ((0xFFFFFFFF << (32 - prefix)) >>> 0);
+            ranges.push({ network: (network & mask) >>> 0, mask });
+            continue;
+        }
+        // Try plain IP format (x.x.x.x -> treat as /32)
+        const ipMatch = entry.match(IPV4_PATTERN);
+        if (ipMatch) {
+            const octets = [
+                parseInt(ipMatch[1], 10),
+                parseInt(ipMatch[2], 10),
+                parseInt(ipMatch[3], 10),
+                parseInt(ipMatch[4], 10),
+            ];
+            for (const octet of octets) {
+                if (octet < 0 || octet > 255) {
+                    throw new Error(`CM_ALLOWED_IPS: invalid octet in "${entry}". Octets must be 0-255.`);
+                }
+            }
+            const network = ((octets[0] << 24) | (octets[1] << 16) | (octets[2] << 8) | octets[3]) >>> 0;
+            const mask = 0xFFFFFFFF >>> 0;
+            ranges.push({ network, mask });
+            continue;
+        }
+        // Neither valid IP nor valid CIDR
+        throw new Error(`CM_ALLOWED_IPS: invalid entry "${entry}". Expected IPv4 address or CIDR notation.`);
+    }
+    return ranges;
+}
+/**
+ * Check if an IP address is allowed by any of the given CIDR ranges.
+ * Multiple ranges are evaluated with OR logic (match any = allowed).
+ */
+function isIpAllowed(ip, ranges) {
+    if (ranges.length === 0)
+        return false;
+    const normalized = normalizeIp(ip);
+    const ipInt = ipToInt(normalized);
+    if (ipInt === null)
+        return false;
+    for (const range of ranges) {
+        if ((ipInt & range.mask) >>> 0 === range.network) {
+            return true;
+        }
+    }
+    return false;
+}
+/**
+ * Get client IP from request headers.
+ *
+ * [S1-004] Request parsing responsibility - separate from CIDR matching
+ * (isIpAllowed). These are different responsibilities: request parsing vs
+ * IP range evaluation. If proxy-related settings grow (e.g., trusted proxies
+ * list via CM_TRUSTED_PROXIES), consider splitting to a separate module
+ * (e.g., request-ip.ts).
+ *
+ * [S4-001] WARNING: When CM_TRUST_PROXY=true, the leftmost IP from
+ * X-Forwarded-For is used. An attacker can inject arbitrary IPs at the
+ * front of the header. The reverse proxy MUST overwrite X-Forwarded-For
+ * with the client IP it received (trusted proxy sets the client IP it
+ * received as the first entry). If the proxy does not do this correctly,
+ * IP restriction bypass is possible.
+ * Future extension: introduce CM_TRUSTED_PROXIES for a trusted proxy IP
+ * list and switch to rightmost-non-trusted-IP extraction.
+ *
+ * @param headers - Request headers with get() method
+ * @returns Client IP string or null
+ */
+function getClientIp(headers) {
+    if (trustProxy) {
+        // Trust X-Forwarded-For when CM_TRUST_PROXY=true
+        const xff = headers.get('x-forwarded-for');
+        if (xff) {
+            const firstIp = xff.split(',')[0].trim();
+            if (firstIp)
+                return firstIp;
+        }
+    }
+    // Default: use X-Real-IP (set by server.ts from socket.remoteAddress)
+    return headers.get('x-real-ip') || null;
+}
+// [S1-001] Module-level cache of parsed ranges
+// Shared by middleware.ts and ws-server.ts via getAllowedRanges()
+const cachedRanges = allowedIpsEnv.length > 0
+    ? parseAllowedIps(allowedIpsEnv)
+    : [];
+/**
+ * Return the cached allowed CIDR ranges.
+ * Parsed once at module initialization from CM_ALLOWED_IPS.
+ *
+ * [S1-001] Use this instead of calling parseAllowedIps() each time.
+ * DRY cache strategy unified for HTTP and WebSocket layers.
+ */
+function getAllowedRanges() {
+    return cachedRanges;
+}
+/**
+ * Check if IP restriction is enabled.
+ *
+ * [S1-003] Uses module-scope captured allowedIpsEnv (not process.env).
+ * Ensures cache consistency with getAllowedRanges().
+ */
+function isIpRestrictionEnabled() {
+    return allowedIpsEnv.length > 0;
+}

package/dist/server/src/lib/response-poller.js CHANGED Viewed

@@ -17,6 +17,7 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.cleanClaudeResponse = cleanClaudeResponse;
 exports.cleanGeminiResponse = cleanGeminiResponse;
+exports.resolveExtractionStartIndex = resolveExtractionStartIndex;
 exports.startPolling = startPolling;
 exports.stopPolling = stopPolling;
 exports.stopAllPolling = stopAllPolling;
@@ -72,6 +73,31 @@ const GEMINI_LOADING_INDICATORS = [
 function incompleteResult(lineCount) {
     return { response: '', isComplete: false, lineCount };
 }
+/**
+ * Build a complete ExtractionResult for a detected prompt.
+ *
+ * Shared between Claude early prompt detection (section 3-4, site 1) and
+ * fallback prompt detection (section 3-4, site 2) in extractResponse().
+ * Applies resolveExtractionStartIndex() to limit extraction to lastCapturedLine
+ * onwards, then strips ANSI codes for safe DB storage (Stage 4 MF-001).
+ *
+ * @param lines - The trimmed tmux buffer lines array
+ * @param lastCapturedLine - Number of lines previously captured
+ * @param totalLines - Total line count in the buffer
+ * @param bufferReset - External buffer reset flag
+ * @param cliToolId - CLI tool identifier
+ * @param findRecentUserPromptIndex - Callback to locate the most recent user prompt
+ * @returns ExtractionResult with isComplete: true and ANSI-stripped response
+ */
+function buildPromptExtractionResult(lines, lastCapturedLine, totalLines, bufferReset, cliToolId, findRecentUserPromptIndex) {
+    const startIndex = resolveExtractionStartIndex(lastCapturedLine, totalLines, bufferReset, cliToolId, findRecentUserPromptIndex);
+    const extractedLines = lines.slice(startIndex);
+    return {
+        response: (0, cli_patterns_1.stripAnsi)(extractedLines.join('\n')),
+        isComplete: true,
+        lineCount: totalLines,
+    };
+}
 /**
  * Active pollers map: "worktreeId:cliToolId" -> NodeJS.Timeout
  */
@@ -223,6 +249,64 @@ function cleanGeminiResponse(response) {
     }
     return cleanedLines.join('\n').trim();
 }
+/**
+ * Determine the start index for response extraction based on buffer state.
+ * Shared between normal response extraction and prompt detection paths.
+ *
+ * Implements a 4-branch decision tree for startIndex determination:
+ *   1. bufferWasReset  -> findRecentUserPromptIndex(40) + 1, or 0 if not found
+ *   2. cliToolId === 'codex' -> Math.max(0, lastCapturedLine)
+ *   3. lastCapturedLine >= totalLines - 5 (scroll boundary) ->
+ *        findRecentUserPromptIndex(50) + 1, or totalLines - 40 if not found
+ *   4. Normal case -> Math.max(0, lastCapturedLine)
+ *
+ * `bufferWasReset` is computed internally from `lastCapturedLine`, `totalLines`,
+ * and `bufferReset`. Callers do NOT need to pre-compute `bufferWasReset`.
+ * (Design: MF-001 responsibility boundary)
+ *
+ * Design references:
+ * - Issue #326 design policy section 3-2 (4-branch startIndex table)
+ * - Stage 4 SF-001: Defensive validation (negative lastCapturedLine clamped to 0)
+ * - Stage 1 SF-001: findRecentUserPromptIndex as callback for SRP/testability
+ *
+ * @param lastCapturedLine - Number of lines previously captured from the tmux buffer.
+ *   Negative values are defensively clamped to 0 (Stage 4 SF-001).
+ * @param totalLines - Total number of (non-empty-trailing) lines in the current tmux buffer.
+ * @param bufferReset - External flag indicating the buffer was reset (e.g., session restart).
+ *   Combined with `lastCapturedLine >= totalLines` to derive internal `bufferWasReset`.
+ * @param cliToolId - CLI tool identifier. Affects branch 2 (Codex-specific path).
+ *   Note: When called from the Claude early prompt detection path (section 3-4),
+ *   cliToolId is always 'claude', making the Codex branch unreachable in that context.
+ *   The parameter is retained for the function's generality across all call sites.
+ * @param findRecentUserPromptIndex - Callback that searches the tmux buffer backwards
+ *   for the most recent user prompt line within a given window size.
+ *   Returns the line index (>= 0) if found, or -1 if not found.
+ * @returns The 0-based line index from which response extraction should begin.
+ *
+ * @internal Exported for testing only
+ */
+function resolveExtractionStartIndex(lastCapturedLine, totalLines, bufferReset, cliToolId, findRecentUserPromptIndex) {
+    // Defensive validation: clamp negative values to 0 (Stage 4 SF-001)
+    lastCapturedLine = Math.max(0, lastCapturedLine);
+    // Compute bufferWasReset internally (MF-001: responsibility boundary)
+    const bufferWasReset = lastCapturedLine >= totalLines || bufferReset;
+    // Branch 1: Buffer was reset - find the most recent user prompt as anchor
+    if (bufferWasReset) {
+        const foundUserPrompt = findRecentUserPromptIndex(40);
+        return foundUserPrompt >= 0 ? foundUserPrompt + 1 : 0;
+    }
+    // Branch 2: Codex uses lastCapturedLine directly (Codex-specific TUI behavior)
+    if (cliToolId === 'codex') {
+        return Math.max(0, lastCapturedLine);
+    }
+    // Branch 3: Near scroll boundary - buffer may have scrolled, search for user prompt
+    if (lastCapturedLine >= totalLines - 5) {
+        const foundUserPrompt = findRecentUserPromptIndex(50);
+        return foundUserPrompt >= 0 ? foundUserPrompt + 1 : Math.max(0, totalLines - 40);
+    }
+    // Branch 4: Normal case - start from lastCapturedLine
+    return Math.max(0, lastCapturedLine);
+}
 /**
  * Extract CLI tool response from tmux output
  * Detects when a CLI tool has completed a response by looking for tool-specific patterns
@@ -278,13 +362,8 @@ function extractResponse(output, lastCapturedLine, cliToolId) {
         const fullOutput = lines.join('\n');
         const promptDetection = detectPromptWithOptions(fullOutput, cliToolId);
         if (promptDetection.isPrompt) {
-            // Return the full output as a complete interactive prompt
-            // Use the cleaned output without ANSI codes
-            return {
-                response: (0, cli_patterns_1.stripAnsi)(fullOutput),
-                isComplete: true,
-                lineCount: totalLines,
-            };
+            // Prompt detection uses full buffer for accuracy, but return only lastCapturedLine onwards
+            return buildPromptExtractionResult(lines, lastCapturedLine, totalLines, bufferReset, cliToolId, findRecentUserPromptIndex);
         }
     }
     // Strip ANSI codes before pattern matching
@@ -302,32 +381,9 @@ function extractResponse(output, lastCapturedLine, cliToolId) {
         // CLI tool has completed response
         // Extract the response content from lastCapturedLine to the separator (not just last 20 lines)
         const responseLines = [];
-        // Handle tmux buffer scrolling: if lastCapturedLine >= totalLines, the buffer has scrolled
-        // In this case, we need to find the response in the current visible buffer
-        let startIndex;
-        // For all tools: check if buffer has been reset/cleared (startIndex would be >= totalLines)
-        // This happens when a session is restarted or buffer is cleared
-        const bufferWasReset = lastCapturedLine >= totalLines || bufferReset;
-        if (bufferWasReset) {
-            // Buffer was reset - find the most recent user prompt
-            const foundUserPrompt = findRecentUserPromptIndex(40);
-            startIndex = foundUserPrompt >= 0 ? foundUserPrompt + 1 : 0;
-        }
-        else if (cliToolId === 'codex') {
-            // Normal case for Codex: use lastCapturedLine
-            startIndex = Math.max(0, lastCapturedLine);
-        }
-        else if (lastCapturedLine >= totalLines - 5) {
-            // Buffer may have scrolled - look for the start of the new response
-            // Find the last user input prompt to identify where the response starts
-            const foundUserPrompt = findRecentUserPromptIndex(50);
-            // Start extraction from after the user prompt, or from a safe earlier point
-            startIndex = foundUserPrompt >= 0 ? foundUserPrompt + 1 : Math.max(0, totalLines - 40);
-        }
-        else {
-            // Normal case: start from lastCapturedLine
-            startIndex = Math.max(0, lastCapturedLine);
-        }
+        // Determine start index for response extraction using shared helper
+        // Handles buffer reset, Codex-specific logic, scroll boundary, and normal cases
+        const startIndex = resolveExtractionStartIndex(lastCapturedLine, totalLines, bufferReset, cliToolId, findRecentUserPromptIndex);
         let endIndex = totalLines; // Track where extraction actually ended
         for (let i = startIndex; i < totalLines; i++) {
             const line = lines[i];
@@ -415,12 +471,9 @@ function extractResponse(output, lastCapturedLine, cliToolId) {
     const fullOutput = lines.join('\n');
     const promptDetection = detectPromptWithOptions(fullOutput, cliToolId);
     if (promptDetection.isPrompt) {
-        // This is an interactive prompt - consider it complete
-        return {
-            response: fullOutput,
-            isComplete: true,
-            lineCount: totalLines,
-        };
+        // Prompt detection uses full buffer for accuracy, but return only lastCapturedLine onwards
+        // stripAnsi is applied inside buildPromptExtractionResult (Stage 4 MF-001: XSS risk mitigation)
+        return buildPromptExtractionResult(lines, lastCapturedLine, totalLines, bufferReset, cliToolId, findRecentUserPromptIndex);
     }
     // Not a prompt, but we may have a partial response in progress (even if Claude shows a spinner)
     const responseLines = [];

package/dist/server/src/lib/ws-server.js CHANGED Viewed

@@ -2,6 +2,7 @@
 /**
  * WebSocket Server for Real-time Communication
  * Manages WebSocket connections and room-based message broadcasting
+ * Issue #331: WebSocket authentication via Cookie header
  */
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.setupWebSocket = setupWebSocket;
@@ -10,14 +11,31 @@ exports.broadcastMessage = broadcastMessage;
 exports.cleanupRooms = cleanupRooms;
 exports.closeWebSocket = closeWebSocket;
 const ws_1 = require("ws");
+const auth_1 = require("./auth");
+const ip_restriction_1 = require("./ip-restriction");
 // Global state
 let wss = null;
 const clients = new Map();
 const rooms = new Map();
 /**
- * Setup WebSocket server on HTTP server
+ * Check if a WebSocket error is an expected non-fatal error.
+ * Common causes include mobile browser disconnects sending malformed close frames.
  *
- * @param server - HTTP server instance
+ * @param error - Error with optional code property
+ * @returns true if the error is expected and can be silently handled
+ */
+function isExpectedWebSocketError(error) {
+    return (error.code === 'WS_ERR_INVALID_CLOSE_CODE' ||
+        error.message?.includes('Invalid WebSocket frame') ||
+        error.message?.includes('write after end') ||
+        error.message?.includes('ECONNRESET') ||
+        error.message?.includes('EPIPE'));
+}
+/**
+ * Setup WebSocket server on HTTP or HTTPS server
+ * Issue #331: Added auth check on WebSocket upgrade
+ *
+ * @param server - HTTP or HTTPS server instance
  *
  * @example
  * ```typescript
@@ -31,10 +49,44 @@ function setupWebSocket(server) {
     // Handle upgrade requests - only accept app WebSocket connections, not Next.js HMR
     server.on('upgrade', (request, socket, head) => {
         const pathname = request.url || '/';
-        // Let Next.js handle its own HMR WebSocket connections
+        // Let Next.js handle its own HMR WebSocket connections in development.
+        // In production there are no /_next/ WebSocket connections (no HMR).
+        // Leaving the socket unhandled in production can trigger the Node.js 'request'
+        // event as a fallback on Node.js 19+, causing TypeError in handleRequestImpl
+        // because the response has no setHeader (Issue #331).
         if (pathname.startsWith('/_next/')) {
+            if (process.env.NODE_ENV !== 'development') {
+                socket.write('HTTP/1.1 426 Upgrade Required\r\nContent-Length: 0\r\nConnection: close\r\n\r\n');
+                socket.destroy();
+            }
             return;
         }
+        // Issue #332: WebSocket IP restriction
+        // [S2-008] Uses request.socket.remoteAddress directly (not getClientIp()).
+        // getClientIp() is for HTTP headers (X-Real-IP/X-Forwarded-For);
+        // WebSocket upgrade gets IP from the socket connection directly.
+        if ((0, ip_restriction_1.isIpRestrictionEnabled)()) {
+            const wsClientIp = (0, ip_restriction_1.normalizeIp)(request.socket.remoteAddress || '');
+            if (!(0, ip_restriction_1.isIpAllowed)(wsClientIp, (0, ip_restriction_1.getAllowedRanges)())) {
+                // [S4-004] Log injection prevention: normalizeIp() + substring(0, 45)
+                const safeIp = wsClientIp.substring(0, 45);
+                console.warn(`[IP-RESTRICTION] WebSocket denied: ${safeIp}`);
+                socket.write('HTTP/1.1 403 Forbidden\r\n\r\n');
+                socket.destroy();
+                return;
+            }
+        }
+        // Issue #331: WebSocket authentication via Cookie header
+        if ((0, auth_1.isAuthEnabled)()) {
+            const cookieHeader = request.headers.cookie || '';
+            const cookies = (0, auth_1.parseCookies)(cookieHeader);
+            const token = cookies[auth_1.AUTH_COOKIE_NAME];
+            if (!token || !(0, auth_1.verifyToken)(token)) {
+                socket.write('HTTP/1.1 401 Unauthorized\r\nContent-Length: 0\r\nConnection: close\r\n\r\n');
+                socket.destroy();
+                return;
+            }
+        }
         wss.handleUpgrade(request, socket, head, (ws) => {
             wss.emit('connection', ws, request);
         });
@@ -57,13 +109,7 @@ function setupWebSocket(server) {
         const socket = ws._socket;
         if (socket) {
             socket.on('error', (err) => {
-                // Suppress common mobile browser disconnect errors
-                const isExpectedError = err.code === 'WS_ERR_INVALID_CLOSE_CODE' ||
-                    err.message?.includes('Invalid WebSocket frame') ||
-                    err.message?.includes('write after end') ||
-                    err.message?.includes('ECONNRESET') ||
-                    err.message?.includes('EPIPE');
-                if (!isExpectedError) {
+                if (!isExpectedWebSocketError(err)) {
                     console.error('[WS Socket] Error:', err.message);
                 }
                 // Immediately destroy the socket to prevent further errors
@@ -94,11 +140,7 @@ function setupWebSocket(server) {
         });
         // Handle errors (including invalid close codes from mobile browsers)
         ws.on('error', (error) => {
-            // Suppress noisy errors from mobile browser disconnects
-            const isExpectedError = error.code === 'WS_ERR_INVALID_CLOSE_CODE' ||
-                error.message?.includes('Invalid WebSocket frame') ||
-                error.message?.includes('write after end');
-            if (!isExpectedError) {
+            if (!isExpectedWebSocketError(error)) {
                 console.error('[WS] WebSocket error:', error.message);
             }
             // Immediately terminate to prevent further errors
@@ -111,7 +153,7 @@ function setupWebSocket(server) {
             handleDisconnect(ws);
         });
     });
-    console.log('WebSocket server initialized');
+    // WebSocket server initialization complete (no log in production per CLAUDE.md)
 }
 /**
  * Handle incoming WebSocket message
@@ -137,7 +179,6 @@ function handleMessage(ws, message) {
 function handleSubscribe(ws, worktreeId) {
     const clientInfo = clients.get(ws);
     if (!clientInfo) {
-        console.log(`[WS] handleSubscribe: clientInfo not found for worktreeId: ${worktreeId}`);
         return;
     }
     // Add worktreeId to client's subscriptions
@@ -148,7 +189,7 @@ function handleSubscribe(ws, worktreeId) {
     }
     const room = rooms.get(worktreeId);
     room.add(ws);
-    console.log(`Client subscribed to worktree: ${worktreeId}, room size: ${room.size}, ws readyState: ${ws.readyState}`);
+    // Client subscribed (no log in production per CLAUDE.md)
 }
 /**
  * Unsubscribe client from a worktree room
@@ -168,20 +209,14 @@ function handleUnsubscribe(ws, worktreeId) {
             rooms.delete(worktreeId);
         }
     }
-    console.log(`Client unsubscribed from worktree: ${worktreeId}`);
+    // Client unsubscribed (no log in production per CLAUDE.md)
 }
 /**
  * Broadcast message to all clients in a worktree room
  */
 function handleBroadcast(worktreeId, data) {
     const room = rooms.get(worktreeId);
-    console.log(`[WS] handleBroadcast called for ${worktreeId}, room size: ${room?.size || 0}`);
-    if (!room) {
-        console.log(`[WS] No room found for ${worktreeId}`);
-        return;
-    }
-    if (room.size === 0) {
-        console.log(`[WS] Room for ${worktreeId} is empty`);
+    if (!room || room.size === 0) {
         return;
     }
     try {
@@ -190,21 +225,16 @@ function handleBroadcast(worktreeId, data) {
             worktreeId,
             data,
         });
-        let successCount = 0;
-        let errorCount = 0;
         room.forEach((client) => {
             if (client.readyState === ws_1.WebSocket.OPEN) {
                 try {
                     client.send(message);
-                    successCount++;
                 }
                 catch (sendError) {
-                    errorCount++;
                     console.error(`Error sending WebSocket message to client:`, sendError);
                 }
             }
         });
-        console.log(`Broadcast to worktree ${worktreeId}: ${successCount}/${room.size} clients (${errorCount} errors)`);
     }
     catch (broadcastError) {
         console.error(`Error broadcasting to worktree ${worktreeId}:`, broadcastError);
@@ -309,7 +339,7 @@ function cleanupRooms(worktreeIds) {
             });
             // Delete the room
             rooms.delete(worktreeId);
-            console.log(`[WS] Cleaned up room for worktree: ${worktreeId}`);
+            // Room cleaned up (no log in production per CLAUDE.md)
         }
     }
 }
@@ -329,6 +359,6 @@ function closeWebSocket() {
         // Close server
         wss.close();
         wss = null;
-        console.log('WebSocket server closed');
+        // WebSocket server closed (no log in production per CLAUDE.md)
     }
 }

package/dist/server/src/types/slash-commands.js CHANGED Viewed

@@ -17,6 +17,7 @@ exports.CATEGORY_LABELS = {
     review: 'Review',
     documentation: 'Documentation',
     workflow: 'Workflow',
+    skill: 'Skills', // Issue #343: Skills category label
     // Standard command category labels (Issue #56)
     'standard-session': 'Standard (Session)',
     'standard-config': 'Standard (Config)',

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "commandmate",
-  "version": "0.2.12",
+  "version": "0.3.0",
   "description": "Git worktree management with Claude CLI and tmux sessions",
   "keywords": [
     "claude-code",
@@ -95,6 +95,6 @@
     "tsc-alias": "~1.8.16",
     "tsx": "^4.20.6",
     "typescript": "^5.5.0",
-    "vitest": "^4.0.9"
+    "vitest": "^4.0.16"
   }
 }