devports 0.0.1 → 1.0.0

package/dist/validation.d.ts

@@ -0,0 +1,69 @@
+/**
+ * Input validation utilities for security-critical parameters
+ * Designed to prevent command injection and path traversal attacks
+ */
+export declare class ValidationError extends Error {
+    constructor(message: string);
+}
+/**
+ * Validation options for different contexts
+ */
+export interface ValidationOptions {
+    allowRelativePaths?: boolean;
+    maxLength?: number;
+    allowedExtensions?: string[];
+    mustExist?: boolean;
+    allowShellMetachars?: boolean;
+}
+/**
+ * Validate and sanitize a project name
+ */
+export declare function validateProjectName(project: string): string;
+/**
+ * Validate and sanitize a service name
+ */
+export declare function validateServiceName(service: string): string;
+/**
+ * Validate service type against known types
+ */
+export declare function validateServiceType(type: string): string;
+/**
+ * Validate port number
+ */
+export declare function validatePort(port: string | number): number;
+/**
+ * Validate git branch name
+ */
+export declare function validateBranchName(branch: string): string;
+/**
+ * Validate file path for template files, scripts, etc.
+ */
+export declare function validateFilePath(path: string, options?: ValidationOptions): string;
+/**
+ * Validate worktree path
+ */
+export declare function validateWorktreePath(path: string): string;
+/**
+ * Validate script path for hooks
+ */
+export declare function validateScriptPath(path: string): string;
+/**
+ * Validate service list format (service:type or service)
+ */
+export declare function validateServices(services: string[]): Array<{
+    service: string;
+    type: string;
+}>;
+/**
+ * Validate template file path
+ */
+export declare function validateTemplatePath(path: string): string;
+/**
+ * Validate output file path
+ */
+export declare function validateOutputPath(path: string): string;
+/**
+ * Safe string for display/logging that removes dangerous characters
+ */
+export declare function sanitizeForDisplay(input: string, maxLength?: number): string;
+//# sourceMappingURL=validation.d.ts.map

package/dist/validation.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"validation.d.ts","sourceRoot":"","sources":["../src/validation.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAKH,qBAAa,eAAgB,SAAQ,KAAK;gBAC5B,OAAO,EAAE,MAAM;CAI5B;AAED;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAC7B,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,iBAAiB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC7B,SAAS,CAAC,EAAE,OAAO,CAAC;IACpB,mBAAmB,CAAC,EAAE,OAAO,CAAC;CAC/B;AAuBD;;GAEG;AACH,wBAAgB,mBAAmB,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAoB3D;AAED;;GAEG;AACH,wBAAgB,mBAAmB,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAoB3D;AAED;;GAEG;AACH,wBAAgB,mBAAmB,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CAexD;AAED;;GAEG;AACH,wBAAgB,YAAY,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,GAAG,MAAM,CA6B1D;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,CAyBzD;AAED;;GAEG;AACH,wBAAgB,gBAAgB,CAC9B,IAAI,EAAE,MAAM,EACZ,OAAO,GAAE,iBAAsB,GAC9B,MAAM,CA0ER;AAED;;GAEG;AACH,wBAAgB,oBAAoB,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CA8DzD;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CAuCvD;AAED;;GAEG;AACH,wBAAgB,gBAAgB,CAC9B,QAAQ,EAAE,MAAM,EAAE,GACjB,KAAK,CAAC;IAAE,OAAO,EAAE,MAAM,CAAC;IAAC,IAAI,EAAE,MAAM,CAAA;CAAE,CAAC,CAqC1C;AAED;;GAEG;AACH,wBAAgB,oBAAoB,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CAMzD;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CAKvD;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAChC,KAAK,EAAE,MAAM,EACb,SAAS,GAAE,MAAY,GACtB,MAAM,CAYR"}

package/dist/validation.js

@@ -0,0 +1,344 @@
+/**
+ * Input validation utilities for security-critical parameters
+ * Designed to prevent command injection and path traversal attacks
+ */
+import { existsSync, statSync } from 'fs';
+import { isAbsolute, normalize } from 'path';
+export class ValidationError extends Error {
+    constructor(message) {
+        super(message);
+        this.name = 'ValidationError';
+    }
+}
+/**
+ * Shell metacharacters that could be used for injection
+ */
+const DANGEROUS_SHELL_CHARS = /[;|&$`<>(){}[\]"'\\*?~]/;
+/**
+ * Valid characters for project/service names
+ */
+const PROJECT_SERVICE_PATTERN = /^[a-zA-Z0-9._-]+$/;
+/**
+ * Valid characters for branch names (based on git branch naming rules)
+ */
+const BRANCH_NAME_PATTERN = /^[a-zA-Z0-9._/-]+$/;
+/**
+ * Valid port number range
+ */
+const PORT_MIN = 1024;
+const PORT_MAX = 65535;
+/**
+ * Validate and sanitize a project name
+ */
+export function validateProjectName(project) {
+    if (!project || typeof project !== 'string') {
+        throw new ValidationError('Project name is required');
+    }
+    if (project.length > 50) {
+        throw new ValidationError('Project name must be 50 characters or less');
+    }
+    if (!PROJECT_SERVICE_PATTERN.test(project)) {
+        throw new ValidationError('Project name can only contain letters, numbers, dots, underscores, and hyphens');
+    }
+    if (project.startsWith('.') || project.startsWith('-')) {
+        throw new ValidationError('Project name cannot start with a dot or hyphen');
+    }
+    return project.trim();
+}
+/**
+ * Validate and sanitize a service name
+ */
+export function validateServiceName(service) {
+    if (!service || typeof service !== 'string') {
+        throw new ValidationError('Service name is required');
+    }
+    if (service.length > 30) {
+        throw new ValidationError('Service name must be 30 characters or less');
+    }
+    if (!PROJECT_SERVICE_PATTERN.test(service)) {
+        throw new ValidationError('Service name can only contain letters, numbers, dots, underscores, and hyphens');
+    }
+    if (service.startsWith('.') || service.startsWith('-')) {
+        throw new ValidationError('Service name cannot start with a dot or hyphen');
+    }
+    return service.trim();
+}
+/**
+ * Validate service type against known types
+ */
+export function validateServiceType(type) {
+    if (!type || typeof type !== 'string') {
+        throw new ValidationError('Service type is required');
+    }
+    const validTypes = ['postgres', 'mysql', 'redis', 'api', 'app', 'custom'];
+    const normalizedType = type.toLowerCase().trim();
+    if (!validTypes.includes(normalizedType)) {
+        throw new ValidationError(`Invalid service type. Must be one of: ${validTypes.join(', ')}`);
+    }
+    return normalizedType;
+}
+/**
+ * Validate port number
+ */
+export function validatePort(port) {
+    let portNum;
+    if (typeof port === 'string') {
+        // Check for injection attempts in the string first
+        if (DANGEROUS_SHELL_CHARS.test(port)) {
+            throw new ValidationError('Port contains invalid characters');
+        }
+        portNum = parseInt(port, 10);
+        if (isNaN(portNum)) {
+            throw new ValidationError('Port must be a valid number');
+        }
+        // Ensure the string was purely numeric (no trailing chars)
+        if (port.trim() !== portNum.toString()) {
+            throw new ValidationError('Port must be a valid number');
+        }
+    }
+    else {
+        portNum = port;
+    }
+    if (portNum < PORT_MIN || portNum > PORT_MAX) {
+        throw new ValidationError(`Port must be between ${PORT_MIN} and ${PORT_MAX}`);
+    }
+    return portNum;
+}
+/**
+ * Validate git branch name
+ */
+export function validateBranchName(branch) {
+    if (!branch || typeof branch !== 'string') {
+        throw new ValidationError('Branch name is required');
+    }
+    if (branch.length > 100) {
+        throw new ValidationError('Branch name must be 100 characters or less');
+    }
+    if (!BRANCH_NAME_PATTERN.test(branch)) {
+        throw new ValidationError('Branch name contains invalid characters. Only letters, numbers, dots, underscores, forward slashes, and hyphens are allowed');
+    }
+    // Git branch name restrictions
+    if (branch.startsWith('-') || branch.endsWith('.') || branch.includes('..')) {
+        throw new ValidationError('Invalid branch name format');
+    }
+    if (branch.includes(' ')) {
+        throw new ValidationError('Branch name cannot contain spaces');
+    }
+    return branch.trim();
+}
+/**
+ * Validate file path for template files, scripts, etc.
+ */
+export function validateFilePath(path, options = {}) {
+    if (!path || typeof path !== 'string') {
+        throw new ValidationError('File path is required');
+    }
+    if (path.length > 500) {
+        throw new ValidationError('File path is too long (max 500 characters)');
+    }
+    // Check for shell metacharacters unless explicitly allowed
+    if (!options.allowShellMetachars && DANGEROUS_SHELL_CHARS.test(path)) {
+        throw new ValidationError('File path contains dangerous characters');
+    }
+    // Normalize the path to prevent traversal
+    const normalizedPath = normalize(path);
+    // Check for path traversal attempts
+    if (normalizedPath.includes('..')) {
+        throw new ValidationError('Path traversal is not allowed');
+    }
+    // Validate against null bytes and other dangerous sequences
+    if (normalizedPath.includes('\0') ||
+        normalizedPath.includes('\n') ||
+        normalizedPath.includes('\r')) {
+        throw new ValidationError('File path contains null bytes or newlines');
+    }
+    // Check if relative paths are allowed
+    if (!options.allowRelativePaths &&
+        !isAbsolute(normalizedPath) &&
+        normalizedPath.startsWith('../')) {
+        throw new ValidationError('Relative paths outside current directory are not allowed');
+    }
+    // Validate file extension if specified
+    if (options.allowedExtensions && options.allowedExtensions.length > 0) {
+        const hasValidExtension = options.allowedExtensions.some((ext) => normalizedPath.toLowerCase().endsWith(ext.toLowerCase()));
+        if (!hasValidExtension) {
+            throw new ValidationError(`File must have one of these extensions: ${options.allowedExtensions.join(', ')}`);
+        }
+    }
+    // Check if file exists if required
+    if (options.mustExist) {
+        try {
+            if (!existsSync(normalizedPath)) {
+                throw new ValidationError(`File does not exist: ${normalizedPath}`);
+            }
+            const stats = statSync(normalizedPath);
+            if (!stats.isFile()) {
+                throw new ValidationError(`Path is not a file: ${normalizedPath}`);
+            }
+        }
+        catch (error) {
+            if (error instanceof ValidationError) {
+                throw error;
+            }
+            throw new ValidationError(`Cannot access file: ${normalizedPath}`);
+        }
+    }
+    return normalizedPath;
+}
+/**
+ * Validate worktree path
+ */
+export function validateWorktreePath(path) {
+    if (!path || typeof path !== 'string') {
+        throw new ValidationError('Worktree path is required');
+    }
+    if (path.length > 300) {
+        throw new ValidationError('Worktree path is too long (max 300 characters)');
+    }
+    // Check for shell metacharacters
+    if (DANGEROUS_SHELL_CHARS.test(path)) {
+        throw new ValidationError('Worktree path contains dangerous characters');
+    }
+    // Normalize the path
+    const normalizedPath = normalize(path);
+    // Check for excessive path traversal attempts (more than 2 levels)
+    const traversalCount = (path.match(/\.\./g) ?? []).length;
+    if (traversalCount > 2) {
+        throw new ValidationError('Excessive path traversal is not allowed');
+    }
+    // Check for absolute paths to sensitive locations (allow temp directories)
+    if (normalizedPath.startsWith('/etc/') ||
+        normalizedPath.startsWith('/usr/') ||
+        normalizedPath.startsWith('/boot/') ||
+        normalizedPath.endsWith('/etc/passwd') ||
+        normalizedPath.endsWith('/etc/shadow')) {
+        throw new ValidationError('Access to system directories is not allowed');
+    }
+    // Allow /var/ only for temp directories (macOS uses /var/folders/... for temp)
+    if (normalizedPath.startsWith('/var/') &&
+        !normalizedPath.startsWith('/var/folders/') &&
+        !normalizedPath.startsWith('/tmp/')) {
+        throw new ValidationError('Access to system directories is not allowed');
+    }
+    // Validate against null bytes
+    if (normalizedPath.includes('\0') ||
+        normalizedPath.includes('\n') ||
+        normalizedPath.includes('\r')) {
+        throw new ValidationError('Worktree path contains null bytes or newlines');
+    }
+    // Additional safety - ensure it doesn't start with dangerous sequences
+    if (normalizedPath.startsWith('/dev/') ||
+        normalizedPath.startsWith('/proc/') ||
+        normalizedPath.startsWith('/sys/')) {
+        throw new ValidationError('Worktree path cannot target system directories');
+    }
+    return normalizedPath;
+}
+/**
+ * Validate script path for hooks
+ */
+export function validateScriptPath(path) {
+    const validatedPath = validateFilePath(path, {
+        allowRelativePaths: true,
+        maxLength: 200,
+        allowedExtensions: [
+            '.sh',
+            '.bash',
+            '.zsh',
+            '.fish',
+            '.py',
+            '.js',
+            '.mjs',
+            '.ts',
+        ],
+        mustExist: true,
+    });
+    // Additional checks for script execution safety
+    try {
+        const stats = statSync(validatedPath);
+        // Check if it's executable (on Unix-like systems)
+        if (process.platform !== 'win32') {
+            const mode = stats.mode;
+            if (!(mode & parseInt('0100', 8))) {
+                // Check if owner has execute permission
+                throw new ValidationError('Script file is not executable');
+            }
+        }
+    }
+    catch (error) {
+        if (error instanceof ValidationError) {
+            throw error;
+        }
+        throw new ValidationError(`Cannot verify script permissions: ${validatedPath}`);
+    }
+    return validatedPath;
+}
+/**
+ * Validate service list format (service:type or service)
+ */
+export function validateServices(services) {
+    if (!Array.isArray(services)) {
+        throw new ValidationError('Services must be an array');
+    }
+    if (services.length === 0) {
+        throw new ValidationError('At least one service is required');
+    }
+    if (services.length > 10) {
+        throw new ValidationError('Too many services (max 10)');
+    }
+    return services.map((serviceStr, index) => {
+        if (!serviceStr || typeof serviceStr !== 'string') {
+            throw new ValidationError(`Service at index ${index} is invalid`);
+        }
+        const trimmed = serviceStr.trim();
+        const parts = trimmed.split(':');
+        if (parts.length === 1) {
+            // Format: service (use same name for type)
+            const service = validateServiceName(parts[0]);
+            const type = validateServiceType(parts[0]);
+            return { service, type };
+        }
+        else if (parts.length === 2) {
+            // Format: service:type
+            const service = validateServiceName(parts[0]);
+            const type = validateServiceType(parts[1]);
+            return { service, type };
+        }
+        else {
+            throw new ValidationError(`Invalid service format at index ${index}. Use 'service' or 'service:type'`);
+        }
+    });
+}
+/**
+ * Validate template file path
+ */
+export function validateTemplatePath(path) {
+    return validateFilePath(path, {
+        allowRelativePaths: true,
+        allowedExtensions: ['.devports', '.env', '.template', '.tmpl'],
+        mustExist: true,
+    });
+}
+/**
+ * Validate output file path
+ */
+export function validateOutputPath(path) {
+    return validateFilePath(path, {
+        allowRelativePaths: true,
+        mustExist: false,
+    });
+}
+/**
+ * Safe string for display/logging that removes dangerous characters
+ */
+export function sanitizeForDisplay(input, maxLength = 100) {
+    if (!input || typeof input !== 'string') {
+        return '';
+    }
+    // Remove control characters and limit length
+    return (input
+        // eslint-disable-next-line no-control-regex
+        .replace(/[\x00-\x1F\x7F]/g, '') // Remove control characters
+        .substring(0, maxLength));
+}
+//# sourceMappingURL=validation.js.map

package/dist/validation.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"validation.js","sourceRoot":"","sources":["../src/validation.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,IAAI,CAAC;AAC1C,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,MAAM,CAAC;AAE7C,MAAM,OAAO,eAAgB,SAAQ,KAAK;IACxC,YAAY,OAAe;QACzB,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,iBAAiB,CAAC;IAChC,CAAC;CACF;AAaD;;GAEG;AACH,MAAM,qBAAqB,GAAG,yBAAyB,CAAC;AAExD;;GAEG;AACH,MAAM,uBAAuB,GAAG,mBAAmB,CAAC;AAEpD;;GAEG;AACH,MAAM,mBAAmB,GAAG,oBAAoB,CAAC;AAEjD;;GAEG;AACH,MAAM,QAAQ,GAAG,IAAI,CAAC;AACtB,MAAM,QAAQ,GAAG,KAAK,CAAC;AAEvB;;GAEG;AACH,MAAM,UAAU,mBAAmB,CAAC,OAAe;IACjD,IAAI,CAAC,OAAO,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE,CAAC;QAC5C,MAAM,IAAI,eAAe,CAAC,0BAA0B,CAAC,CAAC;IACxD,CAAC;IAED,IAAI,OAAO,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QACxB,MAAM,IAAI,eAAe,CAAC,4CAA4C,CAAC,CAAC;IAC1E,CAAC;IAED,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;QAC3C,MAAM,IAAI,eAAe,CACvB,gFAAgF,CACjF,CAAC;IACJ,CAAC;IAED,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QACvD,MAAM,IAAI,eAAe,CAAC,gDAAgD,CAAC,CAAC;IAC9E,CAAC;IAED,OAAO,OAAO,CAAC,IAAI,EAAE,CAAC;AACxB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,mBAAmB,CAAC,OAAe;IACjD,IAAI,CAAC,OAAO,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE,CAAC;QAC5C,MAAM,IAAI,eAAe,CAAC,0BAA0B,CAAC,CAAC;IACxD,CAAC;IAED,IAAI,OAAO,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QACxB,MAAM,IAAI,eAAe,CAAC,4CAA4C,CAAC,CAAC;IAC1E,CAAC;IAED,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;QAC3C,MAAM,IAAI,eAAe,CACvB,gFAAgF,CACjF,CAAC;IACJ,CAAC;IAED,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QACvD,MAAM,IAAI,eAAe,CAAC,gDAAgD,CAAC,CAAC;IAC9E,CAAC;IAED,OAAO,OAAO,CAAC,IAAI,EAAE,CAAC;AACxB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,mBAAmB,CAAC,IAAY;IAC9C,IAAI,CAAC,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;QACtC,MAAM,IAAI,eAAe,CAAC,0BAA0B,CAAC,CAAC;IACxD,CAAC;IAED,MAAM,UAAU,GAAG,CAAC,UAAU,EAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,QAAQ,CAAC,CAAC;IAC1E,MAAM,cAAc,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC,IAAI,EAAE,CAAC;IAEjD,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,CAAC;QACzC,MAAM,IAAI,eAAe,CACvB,yCAAyC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CACjE,CAAC;IACJ,CAAC;IAED,OAAO,cAAc,CAAC;AACxB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,YAAY,CAAC,IAAqB;IAChD,IAAI,OAAe,CAAC;IAEpB,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;QAC7B,mDAAmD;QACnD,IAAI,qBAAqB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACrC,MAAM,IAAI,eAAe,CAAC,kCAAkC,CAAC,CAAC;QAChE,CAAC;QAED,OAAO,GAAG,QAAQ,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;QAC7B,IAAI,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;YACnB,MAAM,IAAI,eAAe,CAAC,6BAA6B,CAAC,CAAC;QAC3D,CAAC;QAED,2DAA2D;QAC3D,IAAI,IAAI,CAAC,IAAI,EAAE,KAAK,OAAO,CAAC,QAAQ,EAAE,EAAE,CAAC;YACvC,MAAM,IAAI,eAAe,CAAC,6BAA6B,CAAC,CAAC;QAC3D,CAAC;IACH,CAAC;SAAM,CAAC;QACN,OAAO,GAAG,IAAI,CAAC;IACjB,CAAC;IAED,IAAI,OAAO,GAAG,QAAQ,IAAI,OAAO,GAAG,QAAQ,EAAE,CAAC;QAC7C,MAAM,IAAI,eAAe,CACvB,wBAAwB,QAAQ,QAAQ,QAAQ,EAAE,CACnD,CAAC;IACJ,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,kBAAkB,CAAC,MAAc;IAC/C,IAAI,CAAC,MAAM,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;QAC1C,MAAM,IAAI,eAAe,CAAC,yBAAyB,CAAC,CAAC;IACvD,CAAC;IAED,IAAI,MAAM,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;QACxB,MAAM,IAAI,eAAe,CAAC,4CAA4C,CAAC,CAAC;IAC1E,CAAC;IAED,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;QACtC,MAAM,IAAI,eAAe,CACvB,6HAA6H,CAC9H,CAAC;IACJ,CAAC;IAED,+BAA+B;IAC/B,IAAI,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QAC5E,MAAM,IAAI,eAAe,CAAC,4BAA4B,CAAC,CAAC;IAC1D,CAAC;IAED,IAAI,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QACzB,MAAM,IAAI,eAAe,CAAC,mCAAmC,CAAC,CAAC;IACjE,CAAC;IAED,OAAO,MAAM,CAAC,IAAI,EAAE,CAAC;AACvB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAC9B,IAAY,EACZ,UAA6B,EAAE;IAE/B,IAAI,CAAC,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;QACtC,MAAM,IAAI,eAAe,CAAC,uBAAuB,CAAC,CAAC;IACrD,CAAC;IAED,IAAI,IAAI,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;QACtB,MAAM,IAAI,eAAe,CAAC,4CAA4C,CAAC,CAAC;IAC1E,CAAC;IAED,2DAA2D;IAC3D,IAAI,CAAC,OAAO,CAAC,mBAAmB,IAAI,qBAAqB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QACrE,MAAM,IAAI,eAAe,CAAC,yCAAyC,CAAC,CAAC;IACvE,CAAC;IAED,0CAA0C;IAC1C,MAAM,cAAc,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC;IAEvC,oCAAoC;IACpC,IAAI,cAAc,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QAClC,MAAM,IAAI,eAAe,CAAC,+BAA+B,CAAC,CAAC;IAC7D,CAAC;IAED,4DAA4D;IAC5D,IACE,cAAc,CAAC,QAAQ,CAAC,IAAI,CAAC;QAC7B,cAAc,CAAC,QAAQ,CAAC,IAAI,CAAC;QAC7B,cAAc,CAAC,QAAQ,CAAC,IAAI,CAAC,EAC7B,CAAC;QACD,MAAM,IAAI,eAAe,CAAC,2CAA2C,CAAC,CAAC;IACzE,CAAC;IAED,sCAAsC;IACtC,IACE,CAAC,OAAO,CAAC,kBAAkB;QAC3B,CAAC,UAAU,CAAC,cAAc,CAAC;QAC3B,cAAc,CAAC,UAAU,CAAC,KAAK,CAAC,EAChC,CAAC;QACD,MAAM,IAAI,eAAe,CACvB,0DAA0D,CAC3D,CAAC;IACJ,CAAC;IAED,uCAAuC;IACvC,IAAI,OAAO,CAAC,iBAAiB,IAAI,OAAO,CAAC,iBAAiB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACtE,MAAM,iBAAiB,GAAG,OAAO,CAAC,iBAAiB,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAC/D,cAAc,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,CACzD,CAAC;QACF,IAAI,CAAC,iBAAiB,EAAE,CAAC;YACvB,MAAM,IAAI,eAAe,CACvB,2CAA2C,OAAO,CAAC,iBAAiB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAClF,CAAC;QACJ,CAAC;IACH,CAAC;IAED,mCAAmC;IACnC,IAAI,OAAO,CAAC,SAAS,EAAE,CAAC;QACtB,IAAI,CAAC;YACH,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,EAAE,CAAC;gBAChC,MAAM,IAAI,eAAe,CAAC,wBAAwB,cAAc,EAAE,CAAC,CAAC;YACtE,CAAC;YAED,MAAM,KAAK,GAAG,QAAQ,CAAC,cAAc,CAAC,CAAC;YACvC,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC;gBACpB,MAAM,IAAI,eAAe,CAAC,uBAAuB,cAAc,EAAE,CAAC,CAAC;YACrE,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,eAAe,EAAE,CAAC;gBACrC,MAAM,KAAK,CAAC;YACd,CAAC;YACD,MAAM,IAAI,eAAe,CAAC,uBAAuB,cAAc,EAAE,CAAC,CAAC;QACrE,CAAC;IACH,CAAC;IAED,OAAO,cAAc,CAAC;AACxB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,oBAAoB,CAAC,IAAY;IAC/C,IAAI,CAAC,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;QACtC,MAAM,IAAI,eAAe,CAAC,2BAA2B,CAAC,CAAC;IACzD,CAAC;IAED,IAAI,IAAI,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;QACtB,MAAM,IAAI,eAAe,CAAC,gDAAgD,CAAC,CAAC;IAC9E,CAAC;IAED,iCAAiC;IACjC,IAAI,qBAAqB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QACrC,MAAM,IAAI,eAAe,CAAC,6CAA6C,CAAC,CAAC;IAC3E,CAAC;IAED,qBAAqB;IACrB,MAAM,cAAc,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC;IAEvC,mEAAmE;IACnE,MAAM,cAAc,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC;IAC1D,IAAI,cAAc,GAAG,CAAC,EAAE,CAAC;QACvB,MAAM,IAAI,eAAe,CAAC,yCAAyC,CAAC,CAAC;IACvE,CAAC;IAED,2EAA2E;IAC3E,IACE,cAAc,CAAC,UAAU,CAAC,OAAO,CAAC;QAClC,cAAc,CAAC,UAAU,CAAC,OAAO,CAAC;QAClC,cAAc,CAAC,UAAU,CAAC,QAAQ,CAAC;QACnC,cAAc,CAAC,QAAQ,CAAC,aAAa,CAAC;QACtC,cAAc,CAAC,QAAQ,CAAC,aAAa,CAAC,EACtC,CAAC;QACD,MAAM,IAAI,eAAe,CAAC,6CAA6C,CAAC,CAAC;IAC3E,CAAC;IAED,+EAA+E;IAC/E,IACE,cAAc,CAAC,UAAU,CAAC,OAAO,CAAC;QAClC,CAAC,cAAc,CAAC,UAAU,CAAC,eAAe,CAAC;QAC3C,CAAC,cAAc,CAAC,UAAU,CAAC,OAAO,CAAC,EACnC,CAAC;QACD,MAAM,IAAI,eAAe,CAAC,6CAA6C,CAAC,CAAC;IAC3E,CAAC;IAED,8BAA8B;IAC9B,IACE,cAAc,CAAC,QAAQ,CAAC,IAAI,CAAC;QAC7B,cAAc,CAAC,QAAQ,CAAC,IAAI,CAAC;QAC7B,cAAc,CAAC,QAAQ,CAAC,IAAI,CAAC,EAC7B,CAAC;QACD,MAAM,IAAI,eAAe,CAAC,+CAA+C,CAAC,CAAC;IAC7E,CAAC;IAED,uEAAuE;IACvE,IACE,cAAc,CAAC,UAAU,CAAC,OAAO,CAAC;QAClC,cAAc,CAAC,UAAU,CAAC,QAAQ,CAAC;QACnC,cAAc,CAAC,UAAU,CAAC,OAAO,CAAC,EAClC,CAAC;QACD,MAAM,IAAI,eAAe,CAAC,gDAAgD,CAAC,CAAC;IAC9E,CAAC;IAED,OAAO,cAAc,CAAC;AACxB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,kBAAkB,CAAC,IAAY;IAC7C,MAAM,aAAa,GAAG,gBAAgB,CAAC,IAAI,EAAE;QAC3C,kBAAkB,EAAE,IAAI;QACxB,SAAS,EAAE,GAAG;QACd,iBAAiB,EAAE;YACjB,KAAK;YACL,OAAO;YACP,MAAM;YACN,OAAO;YACP,KAAK;YACL,KAAK;YACL,MAAM;YACN,KAAK;SACN;QACD,SAAS,EAAE,IAAI;KAChB,CAAC,CAAC;IAEH,gDAAgD;IAChD,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,QAAQ,CAAC,aAAa,CAAC,CAAC;QAEtC,kDAAkD;QAClD,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE,CAAC;YACjC,MAAM,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC;YACxB,IAAI,CAAC,CAAC,IAAI,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;gBAClC,wCAAwC;gBACxC,MAAM,IAAI,eAAe,CAAC,+BAA+B,CAAC,CAAC;YAC7D,CAAC;QACH,CAAC;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,KAAK,YAAY,eAAe,EAAE,CAAC;YACrC,MAAM,KAAK,CAAC;QACd,CAAC;QACD,MAAM,IAAI,eAAe,CACvB,qCAAqC,aAAa,EAAE,CACrD,CAAC;IACJ,CAAC;IAED,OAAO,aAAa,CAAC;AACvB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAC9B,QAAkB;IAElB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC7B,MAAM,IAAI,eAAe,CAAC,2BAA2B,CAAC,CAAC;IACzD,CAAC;IAED,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC1B,MAAM,IAAI,eAAe,CAAC,kCAAkC,CAAC,CAAC;IAChE,CAAC;IAED,IAAI,QAAQ,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QACzB,MAAM,IAAI,eAAe,CAAC,4BAA4B,CAAC,CAAC;IAC1D,CAAC;IAED,OAAO,QAAQ,CAAC,GAAG,CAAC,CAAC,UAAU,EAAE,KAAK,EAAE,EAAE;QACxC,IAAI,CAAC,UAAU,IAAI,OAAO,UAAU,KAAK,QAAQ,EAAE,CAAC;YAClD,MAAM,IAAI,eAAe,CAAC,oBAAoB,KAAK,aAAa,CAAC,CAAC;QACpE,CAAC;QAED,MAAM,OAAO,GAAG,UAAU,CAAC,IAAI,EAAE,CAAC;QAClC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAEjC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACvB,2CAA2C;YAC3C,MAAM,OAAO,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;YAC9C,MAAM,IAAI,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;YAC3C,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;QAC3B,CAAC;aAAM,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC9B,uBAAuB;YACvB,MAAM,OAAO,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;YAC9C,MAAM,IAAI,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;YAC3C,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;QAC3B,CAAC;aAAM,CAAC;YACN,MAAM,IAAI,eAAe,CACvB,mCAAmC,KAAK,mCAAmC,CAC5E,CAAC;QACJ,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,oBAAoB,CAAC,IAAY;IAC/C,OAAO,gBAAgB,CAAC,IAAI,EAAE;QAC5B,kBAAkB,EAAE,IAAI;QACxB,iBAAiB,EAAE,CAAC,WAAW,EAAE,MAAM,EAAE,WAAW,EAAE,OAAO,CAAC;QAC9D,SAAS,EAAE,IAAI;KAChB,CAAC,CAAC;AACL,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,kBAAkB,CAAC,IAAY;IAC7C,OAAO,gBAAgB,CAAC,IAAI,EAAE;QAC5B,kBAAkB,EAAE,IAAI;QACxB,SAAS,EAAE,KAAK;KACjB,CAAC,CAAC;AACL,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,kBAAkB,CAChC,KAAa,EACb,YAAoB,GAAG;IAEvB,IAAI,CAAC,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QACxC,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,6CAA6C;IAC7C,OAAO,CACL,KAAK;QACH,4CAA4C;SAC3C,OAAO,CAAC,kBAAkB,EAAE,EAAE,CAAC,CAAC,4BAA4B;SAC5D,SAAS,CAAC,CAAC,EAAE,SAAS,CAAC,CAC3B,CAAC;AACJ,CAAC"}

package/dist/worktree.d.ts

@@ -0,0 +1,24 @@
+/**
+ * Secure worktree operations with input validation and safe command execution
+ */
+interface WorktreeOptions {
+    envFile?: string | null;
+    services?: string[];
+    template?: string;
+    postHook?: string;
+}
+/**
+ * Secure version of createWorktree with input validation and safe command execution
+ */
+export declare function createWorktree(path: string, branch: string, options?: WorktreeOptions): Promise<{
+    worktreePath: string;
+    ports: Record<string, number>;
+}>;
+/**
+ * Secure version of removeWorktree with input validation
+ */
+export declare function removeWorktree(path: string, options?: {
+    force?: boolean;
+}): Promise<number>;
+export {};
+//# sourceMappingURL=worktree.d.ts.map

package/dist/worktree.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"worktree.d.ts","sourceRoot":"","sources":["../src/worktree.ts"],"names":[],"mappings":"AAAA;;GAEG;AA0BH,UAAU,eAAe;IACvB,OAAO,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACxB,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;IACpB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED;;GAEG;AACH,wBAAsB,cAAc,CAClC,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,MAAM,EACd,OAAO,GAAE,eAAoB,GAC5B,OAAO,CAAC;IAAE,YAAY,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;CAAE,CAAC,CAkKlE;AAED;;GAEG;AACH,wBAAsB,cAAc,CAClC,IAAI,EAAE,MAAM,EACZ,OAAO,GAAE;IAAE,KAAK,CAAC,EAAE,OAAO,CAAA;CAAO,GAChC,OAAO,CAAC,MAAM,CAAC,CA4BjB"}