depwire-cli 0.9.22 → 0.9.23

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/dist/{chunk-XBCQPU63.js → chunk-OBWFFD3M.js} +9 -0
  2. package/dist/index.js +1 -1
  3. package/dist/mcpb-entry.js +1 -1
  4. package/package.json +2 -2
package/dist/{chunk-XBCQPU63.js → chunk-OBWFFD3M.js} RENAMED
@@ -575,6 +575,9 @@ async function connectToRepo(source, subdirectory, state) {
575
575
  import { execSync } from "child_process";
576
576
  async function getCommitLog(dir, limit) {
577
577
  try {
578
+ if (limit !== void 0 && (!Number.isInteger(limit) || limit < 1)) {
579
+ throw new Error(`Invalid git log limit: ${limit}`);
580
+ }
578
581
  const limitArg = limit ? `-n ${limit}` : "";
579
582
  const output = execSync(
580
583
  `git log ${limitArg} --pretty=format:"%H|%aI|%s|%an"`,
@@ -602,6 +605,9 @@ async function getCurrentBranch(dir) {
602
605
  }
603
606
  }
604
607
  async function checkoutCommit(dir, hash) {
608
+ if (!/^[a-zA-Z0-9_.\-\/]+$/.test(hash)) {
609
+ throw new Error(`Invalid git ref: ${hash}`);
610
+ }
605
611
  try {
606
612
  execSync(`git checkout -q ${hash}`, { cwd: dir, stdio: "ignore" });
607
613
  } catch (error) {
@@ -609,6 +615,9 @@ async function checkoutCommit(dir, hash) {
609
615
  }
610
616
  }
611
617
  async function restoreOriginal(dir, originalBranch) {
618
+ if (!/^[a-zA-Z0-9_.\-\/]+$/.test(originalBranch)) {
619
+ throw new Error(`Invalid git ref: ${originalBranch}`);
620
+ }
612
621
  try {
613
622
  execSync(`git checkout -q ${originalBranch}`, {
614
623
  cwd: dir,
package/dist/index.js CHANGED
@@ -17,7 +17,7 @@ import {
17
17
  stashChanges,
18
18
  updateFileInGraph,
19
19
  watchProject
20
- } from "./chunk-XBCQPU63.js";
20
+ } from "./chunk-OBWFFD3M.js";
21
21
  import {
22
22
  SimulationEngine,
23
23
  analyzeDeadCode,
package/dist/mcpb-entry.js CHANGED
@@ -4,7 +4,7 @@ import {
4
4
  startMcpServer,
5
5
  updateFileInGraph,
6
6
  watchProject
7
- } from "./chunk-XBCQPU63.js";
7
+ } from "./chunk-OBWFFD3M.js";
8
8
  import {
9
9
  buildGraph,
10
10
  parseProject
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "depwire-cli",
3
- "version": "0.9.22",
4
- "description": "The missing context layer for AI coding assistants. Dependency graph, MCP server, architecture health, dead code detection.",
3
+ "version": "0.9.23",
4
+ "description": "Dependency graph + 16 MCP tools for AI coding assistants. Impact analysis, health scoring, visualization.",
5
5
  "type": "module",
6
6
  "bin": {
7
7
  "depwire": "dist/index.js"