cowork-cli 0.0.1 → 1.0.0

package/src/engine/tools/searchText.js

@@ -0,0 +1,133 @@
+import fs from 'fs/promises';
+import path from 'path';
+import { Buffer } from 'buffer';
+import { getIgnorePatterns, shouldIgnore } from '../../utils/fsUtils.js';
+
+const MAX_MATCHES_PER_FILE = 20;
+const MAX_TOTAL_MATCHES = 100;
+const MAX_DEPTH = 10;
+
+/**
+ * Enhanced searchText tool with recursion, ignore rules, and safety limits.
+ */
+export default async function searchText({ pattern, path: searchPath, recursive = false }) {
+  let totalMatches = 0;
+  let isTruncated = false;
+
+  try {
+    const stats = await fs.stat(searchPath);
+    if (!pattern) return "Error: Search pattern cannot be empty.";
+
+    let regex;
+    try {
+      regex = new RegExp(pattern, 'i');
+    } catch (e) {
+      return `Error: Invalid regex pattern '${pattern}': ${e.message}`;
+    }
+
+    const ignoreList = await getIgnorePatterns();
+    const results = [];
+
+    const walk = async (currentPath, depth = 0) => {
+      if (totalMatches >= MAX_TOTAL_MATCHES) {
+        isTruncated = true;
+        return;
+      }
+      
+      if (depth > MAX_DEPTH) return;
+
+      let items;
+      try {
+        items = await fs.readdir(currentPath, { withFileTypes: true });
+      } catch (err) {
+        return; // Skip unreadable directories
+      }
+
+      for (const item of items) {
+        if (totalMatches >= MAX_TOTAL_MATCHES) {
+          isTruncated = true;
+          break;
+        }
+
+        if (shouldIgnore(item.name, ignoreList)) continue;
+
+        const fullPath = path.join(currentPath, item.name);
+
+        if (item.isDirectory()) {
+          if (recursive || depth === 0) {
+            await walk(fullPath, depth + 1);
+          }
+        } else if (item.isFile()) {
+          const fileMatches = await searchInFile(fullPath, regex);
+          if (fileMatches.length > 0) {
+            const allowedInFile = Math.min(fileMatches.length, MAX_TOTAL_MATCHES - totalMatches);
+            results.push({
+              file: path.relative(process.cwd(), fullPath),
+              matches: fileMatches.slice(0, allowedInFile)
+            });
+            totalMatches += allowedInFile;
+            if (fileMatches.length > allowedInFile) isTruncated = true;
+          }
+        }
+      }
+    };
+
+    if (stats.isFile()) {
+      const fileMatches = await searchInFile(searchPath, regex);
+      if (fileMatches.length > 0) {
+        const allowed = Math.min(fileMatches.length, MAX_TOTAL_MATCHES);
+        results.push({
+          file: path.relative(process.cwd(), searchPath),
+          matches: fileMatches.slice(0, allowed)
+        });
+        totalMatches = allowed;
+        if (fileMatches.length > allowed) isTruncated = true;
+      }
+    } else {
+      await walk(searchPath);
+    }
+
+    if (results.length === 0) return "No matches found.";
+
+    let output = results.map(res => {
+      return `[${res.file}]\n${res.matches.join('\n')}`;
+    }).join('\n');
+
+    if (isTruncated) {
+      output += `\n[Warning: Truncated at ${MAX_TOTAL_MATCHES} matches]`;
+    }
+
+    return output;
+
+
+  } catch (err) {
+    if (err.code === 'ENOENT') return `Error: Path not found at '${searchPath}'.`;
+    return `Error searching text: ${err.message}`;
+  }
+}
+
+async function searchInFile(filePath, regex) {
+  try {
+    const handle = await fs.open(filePath, 'r');
+    const { bytesRead, buffer } = await handle.read(Buffer.alloc(1024), 0, 1024, 0);
+    await handle.close();
+    
+    for (let i = 0; i < bytesRead; i++) {
+      if (buffer[i] === 0) return []; // Skip binary
+    }
+
+    const content = await fs.readFile(filePath, 'utf8');
+    const lines = content.split('\n');
+    const matches = [];
+    
+    for (let i = 0; i < lines.length; i++) {
+      if (regex.test(lines[i])) {
+        matches.push(`${i + 1}:${lines[i].trim()}`);
+        if (matches.length >= MAX_MATCHES_PER_FILE) break;
+      }
+    }
+    return matches;
+  } catch (err) {
+    return [];
+  }
+}

package/src/engine/tools/webFetch.js

@@ -0,0 +1,154 @@
+import { lookup } from 'node:dns/promises';
+import { URL } from 'node:url';
+import ipaddr from 'ipaddr.js';
+
+const MAX_CHARS = 15000;
+const TIMEOUT_MS = 10000;
+const MAX_REDIRECTS = 5;
+
+/**
+ * Checks if a hostname resolves to a private or reserved IP address.
+ */
+async function validateUrlSafety(url) {
+  try {
+    const parsedUrl = new URL(url);
+    
+    // Enforce protocol
+    if (parsedUrl.protocol !== 'http:' && parsedUrl.protocol !== 'https:') {
+      throw new Error(`Unsupported protocol: ${parsedUrl.protocol}`);
+    }
+
+    const hostname = parsedUrl.hostname;
+
+    // Resolve hostname to IP addresses
+    // This also handles cases where hostname is already an IP address
+    const addresses = await lookup(hostname, { all: true });
+
+    if (addresses.length === 0) {
+      throw new Error(`Could not resolve hostname: ${hostname}`);
+    }
+
+    for (const addr of addresses) {
+      if (!ipaddr.isValid(addr.address)) continue;
+      
+      const parsedAddr = ipaddr.parse(addr.address);
+      let addrToTest = parsedAddr;
+      
+      // IPv4-mapped IPv6 handling
+      if (parsedAddr instanceof ipaddr.IPv6 && parsedAddr.isIPv4MappedAddress()) {
+        addrToTest = parsedAddr.toIPv4Address();
+      }
+
+      // Check range
+      const range = addrToTest.range();
+      
+      // We only allow 'unicast' for public internet access.
+      // This blocks: 'private', 'loopback', 'linkLocal', 'multicast', 'reserved', etc.
+      if (range !== 'unicast') {
+        return { safe: false, reason: `Address ${addr.address} (${range}) is not allowed.` };
+      }
+
+      // Explicitly block IANA benchmark range (198.18.0.0/15)
+      if (addrToTest instanceof ipaddr.IPv4) {
+        const [benchmarkRange, mask] = ipaddr.parseCIDR('198.18.0.0/15');
+        if (addrToTest.match(benchmarkRange, mask)) {
+          return { safe: false, reason: `Address ${addr.address} is in a reserved benchmark range.` };
+        }
+      }
+    }
+    return { safe: true };
+  } catch (err) {
+    throw new Error(`Safety validation failed: ${err.message}`);
+  }
+}
+
+/**
+ * webFetch tool implementation.
+ * Hardened with manual redirect following and SSRF protection at every hop.
+ */
+export default async function webFetch({ url }) {
+  let currentUrl = url;
+  let redirectCount = 0;
+
+  try {
+    while (redirectCount <= MAX_REDIRECTS) {
+      // 1. Safety Check for the current hop
+      const validation = await validateUrlSafety(currentUrl);
+      if (!validation.safe) {
+        throw new Error(`SSRF Protection: ${validation.reason}`);
+      }
+
+      // 2. Fetch with Timeout and manual redirect handling
+      const controller = new AbortController();
+      const timeoutId = setTimeout(() => controller.abort(), TIMEOUT_MS);
+
+      const response = await fetch(currentUrl, {
+        method: 'GET',
+        signal: controller.signal,
+        redirect: 'manual', // We handle redirects manually for safety
+        headers: {
+          'User-Agent': 'cowork-cli/0.1 (Analyst Tool; SSRF-Protected)',
+          'Accept': 'text/html,application/xhtml+xml,application/json,text/plain'
+        }
+      });
+
+      clearTimeout(timeoutId);
+
+      // 3. Handle Redirects
+      if ([301, 302, 303, 307, 308].includes(response.status)) {
+        const location = response.headers.get('location');
+        if (!location) {
+          throw new Error(`Redirect status ${response.status} received without Location header.`);
+        }
+        
+        // Resolve relative redirects
+        currentUrl = new URL(location, currentUrl).href;
+        redirectCount++;
+        continue; 
+      }
+
+      if (!response.ok) {
+        throw new Error(`HTTP error! status: ${response.status}`);
+      }
+
+      // 4. Process Response
+      let text = await response.text();
+      const contentType = response.headers.get('content-type') || '';
+
+      // 5. HTML Stripping (Aggressive for context awareness)
+      if (contentType.includes('text/html')) {
+        text = text
+          .replace(/<script\b[^<]*(?:(?!<\/script>)<[^<]*)*<\/script>/gi, '')
+          .replace(/<style\b[^<]*(?:(?!<\/style>)<[^<]*)*<\/style>/gi, '')
+          .replace(/<nav\b[^<]*(?:(?!<\/nav>)<[^<]*)*<\/nav>/gi, '')
+          .replace(/<header\b[^<]*(?:(?!<\/header>)<[^<]*)*<\/header>/gi, '')
+          .replace(/<footer\b[^<]*(?:(?!<\/footer>)<[^<]*)*<\/footer>/gi, '')
+          .replace(/<aside\b[^<]*(?:(?!<\/aside>)<[^<]*)*<\/aside>/gi, '')
+          .replace(/<[^>]+>/g, ' ')
+          .replace(/\s+/g, ' ')
+          .trim();
+      } else if (contentType.includes('application/json')) {
+        try {
+          text = JSON.stringify(JSON.parse(text), null, 2);
+        } catch (e) {
+          // Fallback to raw text if JSON parsing fails
+        }
+      }
+
+      // 6. Context Awareness: Truncation
+      if (text.length > MAX_CHARS) {
+        text = text.slice(0, MAX_CHARS) + "\n\n[Warning: Output truncated to fit context limits]";
+      }
+
+      return text;
+    }
+
+    throw new Error(`Too many redirects (max ${MAX_REDIRECTS})`);
+
+  } catch (err) {
+    if (err.name === 'AbortError') {
+      return `Error: Request timed out after ${TIMEOUT_MS}ms`;
+    }
+    return `Error: ${err.message}`;
+  }
+}

package/src/main.js

@@ -0,0 +1,50 @@
+import show_help from "./utils/helpMsg.js";
+import clientLoader from "./engine/client.js";
+import runQuery from "./engine/run.js";
+import { loadConfig, verifyConnectivity } from "./utils/configManager.js";
+import { logger } from "./utils/logger.js";
+import fs from 'fs';
+import path from 'path';
+import { fileURLToPath } from 'url';
+
+const __dirname = path.dirname(fileURLToPath(import.meta.url));
+const PKG_PATH = path.join(__dirname, '../package.json');
+
+/**
+ * Main entry point for the cwk CLI.
+ * @param {string[]} args Command line arguments.
+ */
+export default async function main(args) {
+  // Handle empty arguments or help flags
+  if (args.length === 0 || args[0] === '-h' || args[0] === '--help') {
+    show_help();
+    return;
+  }
+
+  // Handle version flags
+  if (args[0] === '-v' || args[0] === '--version') {
+    try {
+      const pkg = JSON.parse(fs.readFileSync(PKG_PATH, 'utf8'));
+      console.log(`cwk version ${pkg.version}`);
+    } catch (e) {
+      logger.error("Error reading version from package.json");
+    }
+    return;
+  }
+
+  // Handle query execution
+  const query = args[0];
+  const config = loadConfig();
+
+  // clientLoader handles config validation and throws if invalid
+  const client = clientLoader();
+  
+  // Silent connectivity check: logs only on failure
+  const isConnected = await verifyConnectivity(client);
+  if (!isConnected) {
+    process.exitCode = 1;
+    return;
+  }
+
+  await runQuery(client, config, query);
+}

package/src/utils/configManager.js

@@ -0,0 +1,71 @@
+import fs from 'fs';
+import path from 'path';
+import os from 'os';
+import dotenv from 'dotenv';
+import { logger } from './logger.js';
+
+const CONFIG_PATH = path.join(os.homedir(), '.env');
+
+/**
+ * Loads the user configuration from ~/.env file.
+ * @returns {Object|null} The configuration object or null if it doesn't exist or is invalid.
+ */
+export const loadConfig = () => {
+  try {
+    if (fs.existsSync(CONFIG_PATH)) {
+      const content = fs.readFileSync(CONFIG_PATH, 'utf8');
+      const envConfig = dotenv.parse(content);
+      
+      const config = {
+        model_name: envConfig.CWK_MODEL_NAME || envConfig.MODEL_NAME,
+        model_url: envConfig.CWK_MODEL_URL || envConfig.MODEL_URL,
+        model_api_key: envConfig.CWK_MODEL_API_KEY || envConfig.MODEL_API_KEY,
+        model_type: envConfig.CWK_MODEL_TYPE || envConfig.MODEL_TYPE
+      };
+
+      // Remove undefined/empty values
+      const filteredConfig = Object.fromEntries(
+        Object.entries(config).filter(([_, v]) => v !== undefined && v !== '')
+      );
+
+      if (Object.keys(filteredConfig).length > 0) {
+        return filteredConfig;
+      }
+    }
+  } catch (err) {
+    logger.error(`Error loading configuration from ~/.env: ${err.message}`);
+  }
+  return null;
+};
+
+/**
+ * Validates the configuration object.
+ * @param {Object} config The configuration object to validate.
+ * @returns {boolean} True if valid, false otherwise.
+ */
+export const validateConfig = (config) => {
+  if (!config) return false;
+  const requiredKeys = ['model_name', 'model_url', 'model_api_key', 'model_type'];
+  const hasAllKeys = requiredKeys.every(key => config[key] && config[key].trim() !== '');
+  
+  if (!hasAllKeys) return false;
+
+  const validTypes = ['openai', 'gemini'];
+  return validTypes.includes(config.model_type.toLowerCase());
+};
+
+/**
+ * Verifies the connectivity and credentials by listing models.
+ * @param {Object} client The initialized OpenAI client.
+ * @returns {Promise<boolean>} True if connectivity is verified, false otherwise.
+ */
+export const verifyConnectivity = async (client) => {
+  try {
+    // This call verifies both the API Key and the Base URL
+    await client.models.list();
+    return true;
+  } catch (err) {
+    logger.error(`Connection verification failed: ${err.message}`);
+    return false;
+  }
+};

package/src/utils/fsUtils.js

@@ -0,0 +1,37 @@
+import fs from 'fs/promises';
+import path from 'path';
+
+const DEFAULT_IGNORES = ['.git', 'node_modules', 'dist', 'build', '.npm', '.DS_Store'];
+
+/**
+ * Loads .gitignore patterns from the current working directory.
+ * @returns {Promise<string[]>} Array of ignore patterns.
+ */
+export async function getIgnorePatterns() {
+  const ignoreList = [...DEFAULT_IGNORES];
+  try {
+    const gitignorePath = path.join(process.cwd(), '.gitignore');
+    const content = await fs.readFile(gitignorePath, 'utf8');
+    const lines = content.split('\n')
+      .map(l => l.trim())
+      .filter(l => l && !l.startsWith('#'));
+    ignoreList.push(...lines);
+  } catch (e) {
+    // Ignore if not found or unreadable
+  }
+  return ignoreList;
+}
+
+/**
+ * Checks if a file or directory should be ignored.
+ * @param {string} name Item name.
+ * @param {string[]} ignoreList List of patterns.
+ * @returns {boolean}
+ */
+export function shouldIgnore(name, ignoreList) {
+  for (const ignore of ignoreList) {
+    const pattern = ignore.endsWith('/') ? ignore.slice(0, -1) : ignore;
+    if (name === pattern) return true;
+  }
+  return false;
+}

package/src/utils/helpMsg.js

@@ -0,0 +1,23 @@
+import { formatMain, formatSecondary, formatNormal } from './logger.js';
+
+const helpMsg = `${formatMain('cwk - Ask AI from your terminal')}
+
+${formatSecondary('Usage:')}
+  ${formatNormal('cwk "<query>"         Ask a question to your configured AI model.')}
+  ${formatNormal('cwk -v, --version     Show version information.')}
+  ${formatNormal('cwk -h, --help        Show this help message.')}
+
+${formatSecondary('Examples:')}
+  ${formatNormal('cwk "How do I list files in Node.js?"')}
+  ${formatNormal('cwk -h')}
+
+${formatSecondary('Configuration:')}
+  ${formatNormal('Provide API settings in your ~/.env file using these keys:')}
+  ${formatNormal('  CWK_MODEL_NAME=gpt-4')}
+  ${formatNormal('  CWK_MODEL_URL=https://api.openai.com/v1')}
+  ${formatNormal('  CWK_MODEL_API_KEY=your_key_here')}
+  ${formatNormal('  CWK_MODEL_TYPE=openai')}`;
+
+export default function show_help() {
+  console.log(helpMsg);
+}

package/src/utils/logger.js

@@ -0,0 +1,56 @@
+import fs from 'fs';
+import path from 'path';
+import { fileURLToPath } from 'url';
+
+const __dirname = path.dirname(fileURLToPath(import.meta.url));
+const configPath = path.join(__dirname, '../configs/config.json');
+
+let config;
+try {
+  config = JSON.parse(fs.readFileSync(configPath, 'utf8'));
+} catch (e) {
+  config = {
+    accents: {
+      main:    '#7BA5DA',
+      tool:    '#F2CF6E',
+      data:    '#C2C6C5',
+      success: '#7AC391',
+      error:   '#E07070',
+      dim:     '#606060',
+      header:  '#A37ACC',
+    }
+  };
+}
+
+function hexToAnsi(hex) {
+  const r = parseInt(hex.slice(1, 3), 16);
+  const g = parseInt(hex.slice(3, 5), 16);
+  const b = parseInt(hex.slice(5, 7), 16);
+  return `\x1b[38;2;${r};${g};${b}m`;
+}
+
+const reset = '\x1b[0m';
+
+const colors = {
+  main:    hexToAnsi(config.accents.main),
+  tool:    hexToAnsi(config.accents.tool),
+  data:    hexToAnsi(config.accents.data),
+  success: hexToAnsi(config.accents.success),
+  error:   hexToAnsi(config.accents.error),
+  dim:     hexToAnsi(config.accents.dim),
+  header:  hexToAnsi(config.accents.header),
+};
+
+export const formatMain      = (text) => `${colors.main}${text}${reset}`;
+export const formatSecondary = (text) => `${colors.tool}${text}${reset}`;
+export const formatNormal    = (text) => `${colors.data}${text}${reset}`;
+export const formatError     = (text) => `${colors.error}${text}${reset}`;
+export const formatDim       = (text) => `${colors.dim}${text}${reset}`;
+export const formatHeader    = (text) => `${colors.header}${text}${reset}`;
+
+export const logger = {
+  main:      (msg) => console.log(formatMain(msg)),
+  secondary: (msg) => console.log(formatSecondary(msg)),
+  normal:    (msg) => console.log(formatNormal(msg)),
+  error:     (msg) => console.error(formatError(msg)),
+};

package/src/utils/outputFormatter.js

@@ -0,0 +1,72 @@
+/**
+ * Wraps text to the current terminal width without breaking words unless necessary.
+ * Dynamically detects terminal width and preserves whitespace/indentation.
+ * @param {string} text The text to format.
+ * @param {number} [overrideWidth] Optional manual width override.
+ * @returns {string} The formatted text.
+ */
+export function outputFormatted(text, overrideWidth) {
+  if (!text) return '';
+  
+  // Dynamically determine width (fallback to 80 if not detectable)
+  const width = overrideWidth || process.stdout.columns || 80;
+  
+  const lines = text.split('\n');
+  const wrappedLines = lines.map(line => {
+    if (line.length <= width) return line;
+
+    // Split by whitespace but keep the whitespace as tokens
+    const tokens = line.split(/(\s+)/);
+    const result = [];
+    let currentLine = '';
+
+    for (const token of tokens) {
+      if (!token) continue;
+
+      // If adding this token exceeds width
+      if ((currentLine + token).length > width) {
+        
+        // If it's a long word (not whitespace) that exceeds the entire width
+        if (token.length > width && !/^\s+$/.test(token)) {
+          // If we have content in currentLine, push it first
+          if (currentLine) {
+            result.push(currentLine.trimEnd());
+            currentLine = '';
+          }
+          
+          // Force-break the long word
+          let remainingWord = token;
+          while (remainingWord.length > width) {
+            result.push(remainingWord.substring(0, width));
+            remainingWord = remainingWord.substring(width);
+          }
+          currentLine = remainingWord;
+        } 
+        // If it's whitespace that causes overflow, just wrap to next line
+        else if (/^\s+$/.test(token)) {
+          if (currentLine) {
+            result.push(currentLine.trimEnd());
+            currentLine = '';
+          }
+          // Do not start a new line with just spaces if it was leading spaces for a wrapped line
+          // (Unless they are the very first spaces on a line, which we handled)
+        }
+        // If it's a normal word that exceeds width, push currentLine and start new with this word
+        else {
+          if (currentLine) {
+            result.push(currentLine.trimEnd());
+          }
+          currentLine = token;
+        }
+      } else {
+        // Just append the token (word or whitespace)
+        currentLine += token;
+      }
+    }
+    
+    if (currentLine) result.push(currentLine.trimEnd());
+    return result.join('\n');
+  });
+
+  return wrappedLines.join('\n');
+}