npm - cwresdev - Versions diffs - 0.1.8 → 0.2.0 - Mend

cwresdev 0.1.8 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/bin/cwgit.js ADDED Viewed

@@ -0,0 +1,99 @@
+#!/usr/bin/env node
+"use strict";
+const path = require("node:path");
+const { detectChanges, exportCsv, findWorkspaceRoot, initBase, resolveDocRoot } = require("../src/cwgit");
+async function main() {
+  if (process.platform !== "win32") {
+    throw new Error("cwgit currently supports Windows only.");
+  }
+  const args = process.argv.slice(2);
+  const command = args[0];
+  if (!command || command === "--help" || command === "-h") {
+    process.stdout.write([
+      "cwgit <command>",
+      "",
+      "Commands:",
+      "  init      Snapshot the current project as the base version",
+      "  changes   Detect and export changed files as CSV",
+      "",
+      "Usage:",
+      "  Run from inside a project folder (under the docRoot).",
+      "  The tool locates the workspace root (package.json with cwrespro config)",
+      "  and resolves docRoot from that config.",
+      "",
+      "Examples:",
+      "  cd virtual_env/IC && cwgit init",
+      "  cd virtual_env/IC && cwgit changes",
+      "",
+    ].join("\n"));
+    return;
+  }
+  const cwd = process.cwd();
+  // Find the workspace root by walking up
+  const workspaceRoot = findWorkspaceRoot(cwd);
+  if (!workspaceRoot) {
+    throw new Error(
+      "Could not find workspace root.\n" +
+      "Ensure a package.json with a \"cwrespro\" key or a cwrespro.config.json exists in an ancestor directory."
+    );
+  }
+  // Resolve docRoot from config
+  const docRoot = resolveDocRoot(workspaceRoot);
+  if (command === "init") {
+    const { fileCount, basePath } = await initBase(cwd, docRoot);
+    process.stdout.write(`[cwgit] Base snapshot created: ${fileCount} files tracked.\n`);
+    process.stdout.write(`[cwgit] Stored at: ${basePath}\n`);
+    process.stdout.write(`[cwgit] Tip: add .cwgit/ to .gitignore if using Git.\n`);
+    return;
+  }
+  if (command === "changes") {
+    const changes = await detectChanges(cwd, docRoot);
+    if (changes.length === 0) {
+      process.stdout.write("[cwgit] No changes detected.\n");
+      return;
+    }
+    const csvPath = await exportCsv(changes, cwd);
+    // Print summary
+    const deleted = changes.filter((c) => c.status === "D").length;
+    const modified = changes.filter((c) => c.status === "M").length;
+    const untracked = changes.filter((c) => c.status === "U").length;
+    process.stdout.write(`[cwgit] ${changes.length} change(s) detected:\n`);
+    if (modified > 0) {
+      process.stdout.write(`  M (Modified):  ${modified}\n`);
+    }
+    if (untracked > 0) {
+      process.stdout.write(`  U (Untracked): ${untracked}\n`);
+    }
+    if (deleted > 0) {
+      process.stdout.write(`  D (Deleted):   ${deleted}\n`);
+    }
+    process.stdout.write(`[cwgit] CSV exported: ${csvPath}\n`);
+    return;
+  }
+  throw new Error(`Unknown command: "${command}". Use "cwgit --help" for usage.`);
+}
+main().catch((error) => {
+  process.stderr.write(`[cwgit] Error: ${error.message}\n`);
+  process.exit(1);
+});

package/package.json CHANGED Viewed

@@ -1,13 +1,14 @@
 {
   "name": "cwresdev",
-  "version": "0.1.8",
+  "version": "0.2.0",
   "description": "",
   "license": "MIT",
   "private": false,
   "type": "commonjs",
   "main": "./src/index.js",
   "bin": {
-    "cwrespro": "bin/cwrespro.js"
+    "cwrespro": "bin/cwrespro.js",
+    "cwgit": "bin/cwgit.js"
   },
   "files": [
     "bin",

package/src/cwgit.js ADDED Viewed

@@ -0,0 +1,362 @@
+"use strict";
+const crypto = require("node:crypto");
+const fs = require("node:fs");
+const path = require("node:path");
+const CWGIT_DIR = ".cwgit";
+const IGNORED_DIRS = new Set([".cwgit", "node_modules", ".git"]);
+const HASH_STREAM_THRESHOLD = 5 * 1024 * 1024; // 5 MB
+// CSV-injection-dangerous prefixes (OWASP)
+const CSV_DANGEROUS_CHARS = new Set(["=", "+", "-", "@", "\t", "\r"]);
+/**
+ * Walk up from startDir to find the nearest directory containing a package.json
+ * with a "cwrespro" key or a cwrespro.config.json file.
+ */
+function findWorkspaceRoot(startDir) {
+  let current = path.resolve(startDir);
+  const { root } = path.parse(current);
+  while (true) {
+    const pkgPath = path.join(current, "package.json");
+    if (fs.existsSync(pkgPath)) {
+      try {
+        const pkg = JSON.parse(fs.readFileSync(pkgPath, "utf8"));
+        if (pkg.cwrespro && typeof pkg.cwrespro === "object") {
+          return current;
+        }
+      } catch (_) {
+        // malformed package.json — skip
+      }
+    }
+    const configPath = path.join(current, "cwrespro.config.json");
+    if (fs.existsSync(configPath)) {
+      return current;
+    }
+    if (current === root) {
+      return null;
+    }
+    current = path.dirname(current);
+  }
+}
+/**
+ * Resolve the docRoot from the workspace root's config.
+ * Returns absolute docRoot path.
+ */
+function resolveDocRoot(workspaceRoot) {
+  const configPath = path.join(workspaceRoot, "cwrespro.config.json");
+  if (fs.existsSync(configPath)) {
+    try {
+      const cfg = JSON.parse(fs.readFileSync(configPath, "utf8"));
+      if (cfg.docRoot) {
+        return path.resolve(workspaceRoot, cfg.docRoot);
+      }
+    } catch (_) {
+      // fall through to package.json
+    }
+  }
+  const pkgPath = path.join(workspaceRoot, "package.json");
+  if (fs.existsSync(pkgPath)) {
+    try {
+      const pkg = JSON.parse(fs.readFileSync(pkgPath, "utf8"));
+      if (pkg.cwrespro && pkg.cwrespro.docRoot) {
+        return path.resolve(workspaceRoot, pkg.cwrespro.docRoot);
+      }
+    } catch (_) {
+      // fall through to default
+    }
+  }
+  return path.resolve(workspaceRoot, "virtual_env");
+}
+/**
+ * Compute SHA-256 hash of a file.
+ * Uses one-shot API for small files, streaming for large files.
+ */
+async function hashFile(filePath) {
+  const stat = await fs.promises.stat(filePath);
+  if (stat.size <= HASH_STREAM_THRESHOLD) {
+    const data = await fs.promises.readFile(filePath);
+    return crypto.createHash("sha256").update(data).digest("hex");
+  }
+  // Stream for large files (videos, images, etc.)
+  return new Promise((resolve, reject) => {
+    const hash = crypto.createHash("sha256");
+    const stream = fs.createReadStream(filePath);
+    stream.on("data", (chunk) => hash.update(chunk));
+    stream.on("end", () => resolve(hash.digest("hex")));
+    stream.on("error", reject);
+  });
+}
+/**
+ * Recursively collect all files in a directory.
+ * Skips symlinks, IGNORED_DIRS, and validates paths stay within boundary.
+ */
+async function collectFiles(dir, boundary) {
+  const results = [];
+  const resolvedBoundary = path.resolve(boundary);
+  async function walk(current) {
+    let entries;
+    try {
+      entries = await fs.promises.readdir(current, { withFileTypes: true });
+    } catch (err) {
+      if (err.code === "EACCES" || err.code === "EPERM") {
+        return; // skip inaccessible directories
+      }
+      throw err;
+    }
+    for (const entry of entries) {
+      if (IGNORED_DIRS.has(entry.name)) {
+        continue;
+      }
+      const fullPath = path.join(current, entry.name);
+      const resolved = path.resolve(fullPath);
+      // Path traversal guard
+      if (!resolved.startsWith(resolvedBoundary + path.sep) && resolved !== resolvedBoundary) {
+        continue;
+      }
+      // Use lstat to detect symlinks (don't follow them)
+      let stat;
+      try {
+        stat = await fs.promises.lstat(fullPath);
+      } catch (err) {
+        if (err.code === "EBUSY" || err.code === "EPERM" || err.code === "ENOENT") {
+          continue; // skip locked/deleted files
+        }
+        throw err;
+      }
+      // Skip symlinks for security
+      if (stat.isSymbolicLink()) {
+        continue;
+      }
+      if (stat.isDirectory()) {
+        await walk(fullPath);
+      } else if (stat.isFile()) {
+        results.push(fullPath);
+      }
+    }
+  }
+  await walk(dir);
+  return results;
+}
+/**
+ * Initialize (or re-initialize) the base snapshot for a project.
+ */
+async function initBase(projectDir, docRoot) {
+  const resolvedProject = path.resolve(projectDir);
+  const resolvedDocRoot = path.resolve(docRoot);
+  // Validate projectDir is inside or equal to docRoot
+  if (resolvedProject !== resolvedDocRoot && !resolvedProject.startsWith(resolvedDocRoot + path.sep)) {
+    throw new Error(`Project directory must be inside docRoot.\n  Project: ${resolvedProject}\n  DocRoot: ${resolvedDocRoot}`);
+  }
+  const relPath = resolvedProject === resolvedDocRoot
+    ? "."
+    : path.relative(resolvedDocRoot, resolvedProject);
+  const cwgitDir = path.join(resolvedDocRoot, CWGIT_DIR, relPath);
+  const basePath = path.join(cwgitDir, "base.json");
+  const tmpPath = basePath + ".tmp";
+  // Collect and hash files
+  const filePaths = await collectFiles(resolvedProject, resolvedProject);
+  const fileCount = filePaths.length;
+  process.stderr.write(`[cwgit] Hashing ${fileCount} files...\n`);
+  const files = {};
+  let processed = 0;
+  for (const filePath of filePaths) {
+    const relFilePath = path.relative(resolvedProject, filePath).replace(/\\/g, "/");
+    try {
+      files[relFilePath] = await hashFile(filePath);
+    } catch (err) {
+      if (err.code === "EBUSY" || err.code === "EPERM" || err.code === "ENOENT") {
+        process.stderr.write(`[cwgit] Warning: skipped inaccessible file: ${relFilePath}\n`);
+        continue;
+      }
+      throw err;
+    }
+    processed += 1;
+    if (processed % 100 === 0) {
+      process.stderr.write(`[cwgit] ${processed}/${fileCount} files hashed\n`);
+    }
+  }
+  const baseData = {
+    version: 1,
+    createdAt: new Date().toISOString(),
+    project: relPath,
+    files,
+  };
+  // Atomic write: write to tmp then rename
+  await fs.promises.mkdir(cwgitDir, { recursive: true });
+  await fs.promises.writeFile(tmpPath, JSON.stringify(baseData, null, 2), "utf8");
+  await fs.promises.rename(tmpPath, basePath);
+  return { fileCount: Object.keys(files).length, basePath };
+}
+/**
+ * Detect changes between current state and base snapshot.
+ * Returns array of { file, status } where status is M, U, or D.
+ */
+async function detectChanges(projectDir, docRoot) {
+  const resolvedProject = path.resolve(projectDir);
+  const resolvedDocRoot = path.resolve(docRoot);
+  if (resolvedProject !== resolvedDocRoot && !resolvedProject.startsWith(resolvedDocRoot + path.sep)) {
+    throw new Error(`Project directory must be inside docRoot.\n  Project: ${resolvedProject}\n  DocRoot: ${resolvedDocRoot}`);
+  }
+  const relPath = resolvedProject === resolvedDocRoot
+    ? "."
+    : path.relative(resolvedDocRoot, resolvedProject);
+  const basePath = path.join(resolvedDocRoot, CWGIT_DIR, relPath, "base.json");
+  if (!fs.existsSync(basePath)) {
+    throw new Error(`No base snapshot found. Run "cwgit init" first.\n  Expected: ${basePath}`);
+  }
+  const baseData = JSON.parse(await fs.promises.readFile(basePath, "utf8"));
+  const baseFiles = baseData.files || {};
+  // Collect current files
+  const currentPaths = await collectFiles(resolvedProject, resolvedProject);
+  const currentFiles = {};
+  process.stderr.write(`[cwgit] Scanning ${currentPaths.length} files...\n`);
+  for (const filePath of currentPaths) {
+    const relFilePath = path.relative(resolvedProject, filePath).replace(/\\/g, "/");
+    try {
+      currentFiles[relFilePath] = await hashFile(filePath);
+    } catch (err) {
+      if (err.code === "EBUSY" || err.code === "EPERM" || err.code === "ENOENT") {
+        process.stderr.write(`[cwgit] Warning: skipped inaccessible file: ${relFilePath}\n`);
+        continue;
+      }
+      throw err;
+    }
+  }
+  const changes = [];
+  // Check for modified and deleted files
+  for (const [file, hash] of Object.entries(baseFiles)) {
+    if (!(file in currentFiles)) {
+      changes.push({ file, status: "D" });
+    } else if (currentFiles[file] !== hash) {
+      changes.push({ file, status: "M" });
+    }
+  }
+  // Check for new/untracked files
+  for (const file of Object.keys(currentFiles)) {
+    if (!(file in baseFiles)) {
+      changes.push({ file, status: "U" });
+    }
+  }
+  // Sort: D first, then M, then U; alphabetical within each group
+  changes.sort((a, b) => {
+    const order = { D: 0, M: 1, U: 2 };
+    if (order[a.status] !== order[b.status]) {
+      return order[a.status] - order[b.status];
+    }
+    return a.file.localeCompare(b.file);
+  });
+  return changes;
+}
+/**
+ * Sanitize a CSV cell value to prevent formula injection.
+ */
+function sanitizeCsvCell(value) {
+  if (typeof value !== "string" || value.length === 0) {
+    return value;
+  }
+  if (CSV_DANGEROUS_CHARS.has(value[0])) {
+    return "'" + value;
+  }
+  return value;
+}
+/**
+ * Export changes to a CSV file.
+ */
+async function exportCsv(changes, outputDir) {
+  const csvPath = path.join(outputDir, "cwgit-changes.csv");
+  const lines = ["file,status"];
+  for (const { file, status } of changes) {
+    const safeFile = sanitizeCsvCell(file);
+    // Escape double quotes in file path and wrap in quotes if contains comma
+    const escaped = safeFile.includes(",") || safeFile.includes('"')
+      ? `"${safeFile.replace(/"/g, '""')}"`
+      : safeFile;
+    lines.push(`${escaped},${status}`);
+  }
+  await fs.promises.writeFile(csvPath, lines.join("\n") + "\n", "utf8");
+  return csvPath;
+}
+module.exports = {
+  CWGIT_DIR,
+  collectFiles,
+  detectChanges,
+  exportCsv,
+  findWorkspaceRoot,
+  hashFile,
+  initBase,
+  resolveDocRoot,
+  sanitizeCsvCell,
+};

package/src/proxy.js CHANGED Viewed

@@ -91,12 +91,22 @@ async function proxyRequest({ req, res, target, injectHtml = false, injectCookie
     outHeaders.cookie = _stagingCookie;
   }
-  const upstream = await fetch(target, {
+  const fetchOpts = {
     method: req.method,
     headers: outHeaders,
     body,
     redirect: "manual",
-  });
+  };
+  let upstream;
+  try {
+    upstream = await fetch(target, fetchOpts);
+  } catch (err) {
+    // Retry once – works around a transient Node.js v24 undici parser bug
+    // (ERR_ASSERTION in Parser.finish) that can reject the fetch promise.
+    upstream = await fetch(target, fetchOpts);
+  }
   res.status(upstream.status);

package/src/server.js CHANGED Viewed

@@ -231,6 +231,11 @@ async function startDevServer(config) {
     });
   });
+  // Block HTTP access to .cwgit tracking data
+  app.use("/.cwgit", (req, res) => {
+    res.status(404).type("text/plain").send("Not Found");
+  });
   app.get(CLIENT_SCRIPT_ROUTE, (req, res) => {
     res.type("application/javascript");
     res.send(clientScript);
@@ -340,9 +345,15 @@ async function startDevServer(config) {
     return (filePath) => filePath.replace(/\\/g, "/") === normalized;
   });
+  // Always ignore .cwgit tracking folder (prevents reload loops)
+  const cwgitIgnore = (filePath) => {
+    const normalized = filePath.replace(/\\/g, "/");
+    return normalized.includes("/.cwgit/") || normalized.endsWith("/.cwgit");
+  };
   const watcher = chokidar.watch(config.docRoot, {
     ignoreInitial: true,
-    ignored,
+    ignored: [cwgitIgnore, ...ignored],
   });
   watcher.on("all", (eventName, filePath) => {