gitnexus 1.5.3 → 1.6.0

package/dist/server/analyze-job.js

@@ -55,6 +55,10 @@ export class JobManager {
     getJob(id) {
         return this.jobs.get(id);
     }
+    /** Return a snapshot of all tracked jobs for inspection. */
+    listJobs() {
+        return Array.from(this.jobs.values());
+    }
     updateJob(id, update) {
         const job = this.jobs.get(id);
         if (!job)

package/dist/server/api.d.ts

@@ -4,9 +4,11 @@
  * REST API for browser-based clients to query the local .gitnexus/ index.
  * Also hosts the MCP server over StreamableHTTP for remote AI tool access.
  *
- * Security: binds to 127.0.0.1 by default (use --host to override).
+ * Security: binds to localhost by default (use --host to override).
  * CORS is restricted to localhost, private/LAN networks, and the deployed site.
  */
+import express from 'express';
+import { type GraphNode, type GraphRelationship } from '../_shared/index.js';
 /**
  * Determine whether an HTTP Origin header value is allowed by CORS policy.
  *
@@ -25,4 +27,21 @@
  * @returns `true` if the origin is allowed, `false` otherwise.
  */
 export declare const isAllowedOrigin: (origin: string | undefined) => boolean;
+type GraphStreamRecord = {
+    type: 'node';
+    data: GraphNode;
+} | {
+    type: 'relationship';
+    data: GraphRelationship;
+} | {
+    type: 'error';
+    error: string;
+};
+export declare class ClientDisconnectedError extends Error {
+    constructor();
+}
+export declare const isIgnorableGraphQueryError: (err: unknown) => boolean;
+export declare const writeNdjsonRecord: (res: express.Response, record: GraphStreamRecord, signal?: AbortSignal) => Promise<void>;
+export declare const streamGraphNdjson: (res: express.Response, includeContent?: boolean, signal?: AbortSignal) => Promise<void>;
 export declare const createServer: (port: number, host?: string) => Promise<void>;
+export {};

package/dist/server/api.js

@@ -4,7 +4,7 @@
  * REST API for browser-based clients to query the local .gitnexus/ index.
  * Also hosts the MCP server over StreamableHTTP for remote AI tool access.
  *
- * Security: binds to 127.0.0.1 by default (use --host to override).
+ * Security: binds to localhost by default (use --host to override).
  * CORS is restricted to localhost, private/LAN networks, and the deployed site.
  */
 import express from 'express';
@@ -13,8 +13,8 @@ import path from 'path';
 import fs from 'fs/promises';
 import { createRequire } from 'node:module';
 import { loadMeta, listRegisteredRepos, getStoragePath } from '../storage/repo-manager.js';
-import { executeQuery, executePrepared, executeWithReusedStatement, closeLbug, withLbugDb, } from '../core/lbug/lbug-adapter.js';
-import { isWriteQuery } from '../mcp/core/lbug-adapter.js';
+import { executeQuery, executePrepared, executeWithReusedStatement, streamQuery, closeLbug, withLbugDb, } from '../core/lbug/lbug-adapter.js';
+import { isWriteQuery } from '../core/lbug/pool-adapter.js';
 import { NODE_TABLES } from '../_shared/index.js';
 import { searchFTSFromLbug } from '../core/search/bm25-index.js';
 import { hybridSearch } from '../core/search/hybrid-search.js';
@@ -91,72 +91,181 @@ export const isAllowedOrigin = (origin) => {
         return true;
     return false;
 };
+export class ClientDisconnectedError extends Error {
+    constructor() {
+        super('Client disconnected during graph stream');
+        this.name = 'ClientDisconnectedError';
+    }
+}
+export const isIgnorableGraphQueryError = (err) => {
+    const message = err instanceof Error ? err.message : String(err);
+    return (message.includes('does not exist') ||
+        message.includes('not found') ||
+        message.includes('No table named'));
+};
+const ensureStreamIsWritable = (res, signal) => {
+    if (signal?.aborted || res.destroyed || res.writableEnded) {
+        throw new ClientDisconnectedError();
+    }
+};
+const waitForDrain = async (res, signal) => {
+    ensureStreamIsWritable(res, signal);
+    await new Promise((resolve, reject) => {
+        const cleanup = () => {
+            res.off('drain', onDrain);
+            res.off('close', onClose);
+            signal?.removeEventListener('abort', onAbort);
+        };
+        const onDrain = () => {
+            cleanup();
+            resolve();
+        };
+        const onClose = () => {
+            cleanup();
+            reject(new ClientDisconnectedError());
+        };
+        const onAbort = () => {
+            cleanup();
+            reject(new ClientDisconnectedError());
+        };
+        res.once('drain', onDrain);
+        res.once('close', onClose);
+        signal?.addEventListener('abort', onAbort, { once: true });
+        if (signal?.aborted || res.destroyed || res.writableEnded) {
+            onAbort();
+        }
+    });
+    ensureStreamIsWritable(res, signal);
+};
+const isClientDisconnectWriteError = (err) => {
+    if (!(err instanceof Error))
+        return false;
+    return (err.code === 'ERR_STREAM_DESTROYED' ||
+        err.code === 'EPIPE' ||
+        err.code === 'ECONNRESET' ||
+        err.message.includes('write after end'));
+};
+export const writeNdjsonRecord = async (res, record, signal) => {
+    ensureStreamIsWritable(res, signal);
+    try {
+        const canContinue = res.write(JSON.stringify(record) + '\n');
+        if (!canContinue) {
+            await waitForDrain(res, signal);
+        }
+    }
+    catch (err) {
+        if (isClientDisconnectWriteError(err)) {
+            throw new ClientDisconnectedError();
+        }
+        throw err;
+    }
+};
 const buildGraph = async (includeContent = false) => {
     const nodes = [];
     for (const table of NODE_TABLES) {
         try {
-            let query = '';
-            if (table === 'File') {
-                query = includeContent
-                    ? `MATCH (n:File) RETURN n.id AS id, n.name AS name, n.filePath AS filePath, n.content AS content`
-                    : `MATCH (n:File) RETURN n.id AS id, n.name AS name, n.filePath AS filePath`;
-            }
-            else if (table === 'Folder') {
-                query = `MATCH (n:Folder) RETURN n.id AS id, n.name AS name, n.filePath AS filePath`;
-            }
-            else if (table === 'Community') {
-                query = `MATCH (n:Community) RETURN n.id AS id, n.label AS label, n.heuristicLabel AS heuristicLabel, n.cohesion AS cohesion, n.symbolCount AS symbolCount`;
-            }
-            else if (table === 'Process') {
-                query = `MATCH (n:Process) RETURN n.id AS id, n.label AS label, n.heuristicLabel AS heuristicLabel, n.processType AS processType, n.stepCount AS stepCount, n.communities AS communities, n.entryPointId AS entryPointId, n.terminalId AS terminalId`;
-            }
-            else {
-                query = includeContent
-                    ? `MATCH (n:${table}) RETURN n.id AS id, n.name AS name, n.filePath AS filePath, n.startLine AS startLine, n.endLine AS endLine, n.content AS content`
-                    : `MATCH (n:${table}) RETURN n.id AS id, n.name AS name, n.filePath AS filePath, n.startLine AS startLine, n.endLine AS endLine`;
-            }
-            const rows = await executeQuery(query);
+            const rows = await executeQuery(getNodeQuery(table, includeContent));
             for (const row of rows) {
-                nodes.push({
-                    id: row.id ?? row[0],
-                    label: table,
-                    properties: {
-                        name: row.name ?? row.label ?? row[1],
-                        filePath: row.filePath ?? row[2],
-                        startLine: row.startLine,
-                        endLine: row.endLine,
-                        content: includeContent ? row.content : undefined,
-                        heuristicLabel: row.heuristicLabel,
-                        cohesion: row.cohesion,
-                        symbolCount: row.symbolCount,
-                        processType: row.processType,
-                        stepCount: row.stepCount,
-                        communities: row.communities,
-                        entryPointId: row.entryPointId,
-                        terminalId: row.terminalId,
-                    },
-                });
+                nodes.push(mapGraphNodeRow(table, row, includeContent));
             }
         }
-        catch {
-            // ignore empty tables
+        catch (err) {
+            if (!isIgnorableGraphQueryError(err)) {
+                throw err;
+            }
         }
     }
     const relationships = [];
-    const relRows = await executeQuery(`MATCH (a)-[r:CodeRelation]->(b) RETURN a.id AS sourceId, b.id AS targetId, r.type AS type, r.confidence AS confidence, r.reason AS reason, r.step AS step`);
+    const relRows = await executeQuery(GRAPH_RELATIONSHIP_QUERY);
     for (const row of relRows) {
-        relationships.push({
-            id: `${row.sourceId}_${row.type}_${row.targetId}`,
-            type: row.type,
-            sourceId: row.sourceId,
-            targetId: row.targetId,
-            confidence: row.confidence,
-            reason: row.reason,
-            step: row.step,
-        });
+        relationships.push(mapGraphRelationshipRow(row));
     }
     return { nodes, relationships };
 };
+const GRAPH_RELATIONSHIP_QUERY = `MATCH (a)-[r:CodeRelation]->(b) RETURN a.id AS sourceId, b.id AS targetId, ` +
+    `r.type AS type, r.confidence AS confidence, r.reason AS reason, r.step AS step`;
+const quoteNodeTable = (table) => `\`${table.replace(/`/g, '``')}\``;
+const getNodeQuery = (table, includeContent) => {
+    const tableLabel = quoteNodeTable(table);
+    if (table === 'File') {
+        return includeContent
+            ? `MATCH (n:${tableLabel}) RETURN n.id AS id, n.name AS name, n.filePath AS filePath, n.content AS content`
+            : `MATCH (n:${tableLabel}) RETURN n.id AS id, n.name AS name, n.filePath AS filePath`;
+    }
+    if (table === 'Folder') {
+        return `MATCH (n:${tableLabel}) RETURN n.id AS id, n.name AS name, n.filePath AS filePath`;
+    }
+    if (table === 'Community') {
+        return `MATCH (n:${tableLabel}) RETURN n.id AS id, n.label AS label, n.heuristicLabel AS heuristicLabel, n.cohesion AS cohesion, n.symbolCount AS symbolCount`;
+    }
+    if (table === 'Process') {
+        return `MATCH (n:${tableLabel}) RETURN n.id AS id, n.label AS label, n.heuristicLabel AS heuristicLabel, n.processType AS processType, n.stepCount AS stepCount, n.communities AS communities, n.entryPointId AS entryPointId, n.terminalId AS terminalId`;
+    }
+    if (table === 'Route') {
+        return `MATCH (n:${tableLabel}) RETURN n.id AS id, n.name AS name, n.filePath AS filePath, n.responseKeys AS responseKeys, n.errorKeys AS errorKeys, n.middleware AS middleware`;
+    }
+    if (table === 'Tool') {
+        return `MATCH (n:${tableLabel}) RETURN n.id AS id, n.name AS name, n.filePath AS filePath, n.description AS description`;
+    }
+    return includeContent
+        ? `MATCH (n:${tableLabel}) RETURN n.id AS id, n.name AS name, n.filePath AS filePath, n.startLine AS startLine, n.endLine AS endLine, n.content AS content`
+        : `MATCH (n:${tableLabel}) RETURN n.id AS id, n.name AS name, n.filePath AS filePath, n.startLine AS startLine, n.endLine AS endLine`;
+};
+const mapGraphNodeRow = (table, row, includeContent) => ({
+    id: row.id ?? row[0],
+    label: table,
+    properties: {
+        name: row.name ?? row.label ?? row[1],
+        filePath: row.filePath ?? row[2],
+        startLine: row.startLine,
+        endLine: row.endLine,
+        content: includeContent ? row.content : undefined,
+        responseKeys: row.responseKeys,
+        errorKeys: row.errorKeys,
+        middleware: row.middleware,
+        heuristicLabel: row.heuristicLabel,
+        cohesion: row.cohesion,
+        symbolCount: row.symbolCount,
+        description: row.description,
+        processType: row.processType,
+        stepCount: row.stepCount,
+        communities: row.communities,
+        entryPointId: row.entryPointId,
+        terminalId: row.terminalId,
+    },
+});
+const mapGraphRelationshipRow = (row) => ({
+    id: `${row.sourceId}_${row.type}_${row.targetId}`,
+    type: row.type,
+    sourceId: row.sourceId,
+    targetId: row.targetId,
+    confidence: row.confidence,
+    reason: row.reason,
+    step: row.step,
+});
+export const streamGraphNdjson = async (res, includeContent = false, signal) => {
+    for (const table of NODE_TABLES) {
+        try {
+            await streamQuery(getNodeQuery(table, includeContent), async (row) => {
+                await writeNdjsonRecord(res, {
+                    type: 'node',
+                    data: mapGraphNodeRow(table, row, includeContent),
+                }, signal);
+            });
+        }
+        catch (err) {
+            if (!isIgnorableGraphQueryError(err)) {
+                throw err;
+            }
+        }
+    }
+    await streamQuery(GRAPH_RELATIONSHIP_QUERY, async (row) => {
+        await writeNdjsonRecord(res, {
+            type: 'relationship',
+            data: mapGraphRelationshipRow(row),
+        }, signal);
+    });
+};
 /**
  * Mount an SSE progress endpoint for a JobManager.
  * Handles: initial state, terminal events, heartbeat, event IDs, client disconnect.
@@ -249,17 +358,29 @@ export const createServer = async (port, host = '127.0.0.1') => {
     app.disable('x-powered-by');
     // CORS: allow localhost, private/LAN networks, and the deployed site.
     // Non-browser requests (curl, server-to-server) have no origin and are allowed.
+    // Disallowed origins get the response without Access-Control-Allow-Origin,
+    // so the browser blocks it. We pass `false` instead of throwing an Error to
+    // avoid crashing into Express's default error handler (which returned 500).
     app.use(cors({
         origin: (origin, callback) => {
-            if (isAllowedOrigin(origin)) {
-                callback(null, true);
-            }
-            else {
-                callback(new Error('Not allowed by CORS'));
-            }
+            callback(null, isAllowedOrigin(origin));
         },
     }));
     app.use(express.json({ limit: '10mb' }));
+    // Support Chromium Private Network Access (required since Chrome 130+).
+    // Without this header, Chrome/Edge/Brave/Arc block public->loopback requests
+    // which breaks bridge mode entirely.
+    app.use((_req, res, next) => {
+        res.setHeader('Access-Control-Allow-Private-Network', 'true');
+        next();
+    });
+    // Handle PNA preflight: Chromium sends Access-Control-Request-Private-Network
+    // on OPTIONS requests and expects the allow header in the response.
+    // Note: the actual Allow-Private-Network header is already set by the global
+    // middleware above, so we just need to call next() here.
+    app.options('*', (_req, res, next) => {
+        next();
+    });
     // Initialize MCP backend (multi-repo, shared across all MCP sessions)
     const backend = new LocalBackend();
     await backend.init();
@@ -278,14 +399,75 @@ export const createServer = async (port, host = '127.0.0.1') => {
     const releaseRepoLock = (repoPath) => {
         activeRepoPaths.delete(repoPath);
     };
-    // Helper: resolve a repo by name from the global registry, or default to first
-    const resolveRepo = async (repoName) => {
+    /**
+     * Maximum time the hold-queue will wait for an active analysis job to complete.
+     * Must stay in sync with the frontend's `fetchRepoInfo({ awaitAnalysis: true })` timeout.
+     */
+    const HOLD_QUEUE_TIMEOUT_SECS = 300; // 5 minutes
+    // Helper: resolve a repo by name from the global registry, or default to first.
+    // Pass `req` to enable early exit if the client disconnects during the hold-queue wait.
+    const resolveRepo = async (repoName, isRetry = false, req) => {
         const repos = await listRegisteredRepos();
-        if (repos.length === 0)
-            return null;
-        if (repoName)
-            return repos.find((r) => r.name === repoName) || null;
-        return repos[0]; // default to first
+        let found = null;
+        // Normalize: if a full path is passed, extract just the basename.
+        // e.g. "C:\Users\LENOVO\.gitnexus\repos\todo.txt-cli" -> "todo.txt-cli"
+        const normalizedName = repoName ? path.basename(repoName) : undefined;
+        if (normalizedName) {
+            found =
+                repos.find((r) => r.name === normalizedName) ||
+                    repos.find((r) => r.name.toLowerCase() === normalizedName.toLowerCase()) ||
+                    null;
+        }
+        else if (repos.length > 0) {
+            found = repos[0]; // default to first repo
+        }
+        // If not yet in the registry, check whether a background job is actively cloning or
+        // analyzing this repo. Hold the connection open (up to 5 minutes) until it completes.
+        // We only wait for in-progress jobs ('queued'|'cloning'|'analyzing') — a 'complete' job
+        // whose repo is still missing means the registry sync failed; the fallback below handles it.
+        if (!found && normalizedName) {
+            const lower = normalizedName.toLowerCase();
+            // Track client disconnect to cancel the wait early
+            let clientGone = false;
+            req?.on('close', () => {
+                clientGone = true;
+            });
+            for (const job of jobManager.listJobs()) {
+                const isMatch = job.repoName?.toLowerCase() === lower ||
+                    (job.repoUrl && path.basename(job.repoUrl).replace('.git', '').toLowerCase() === lower) ||
+                    (job.repoPath && path.basename(job.repoPath).toLowerCase() === lower);
+                if (isMatch && ['queued', 'cloning', 'analyzing'].includes(job.status)) {
+                    if (process.env.DEBUG) {
+                        console.log(`[debug] resolveRepo waiting for active job ${job.id} (${normalizedName})...`);
+                    }
+                    for (let wait = 0; wait < HOLD_QUEUE_TIMEOUT_SECS; wait++) {
+                        if (clientGone)
+                            return null; // client disconnected — stop polling
+                        const currentJob = jobManager.getJob(job.id);
+                        if (!currentJob || currentJob.status === 'failed')
+                            break;
+                        if (currentJob.status === 'complete') {
+                            await backend.init();
+                            const freshRepos = await listRegisteredRepos();
+                            return freshRepos.find((r) => r.name === normalizedName) || null;
+                        }
+                        await new Promise((r) => setTimeout(r, 1000));
+                    }
+                    // Timed out — signal to the caller with a specific message
+                    return { __timedOut: true, repoName: normalizedName };
+                }
+            }
+        }
+        // Emergency fallback: re-sync the registry to handle Windows file-system race conditions
+        // (e.g. registry file not yet flushed after clone completes).
+        if (!found && normalizedName && !isRetry) {
+            if (process.env.DEBUG) {
+                console.log(`[debug] resolveRepo 404 for "${normalizedName}". Triggering deep init...`);
+            }
+            await backend.init();
+            return await resolveRepo(normalizedName, true, req);
+        }
+        return found;
     };
     // SSE heartbeat — clients connect to detect server liveness instantly.
     // When the server shuts down, the TCP connection drops and the client's
@@ -341,11 +523,18 @@ export const createServer = async (port, host = '127.0.0.1') => {
     // Get repo info
     app.get('/api/repo', async (req, res) => {
         try {
-            const entry = await resolveRepo(requestedRepo(req));
+            const entry = await resolveRepo(requestedRepo(req), false, req);
             if (!entry) {
                 res.status(404).json({ error: 'Repository not found. Run: gitnexus analyze' });
                 return;
             }
+            // Timed out waiting for an active analysis job
+            if (entry.__timedOut) {
+                res.status(503).json({
+                    error: `Repository analysis for "${entry.repoName}" is taking longer than expected. Please try again in a moment.`,
+                });
+                return;
+            }
             const meta = await loadMeta(entry.storagePath);
             res.json({
                 name: entry.name,
@@ -423,11 +612,56 @@ export const createServer = async (port, host = '127.0.0.1') => {
             }
             const lbugPath = path.join(entry.storagePath, 'lbug');
             const includeContent = req.query.includeContent === 'true';
+            const stream = req.query.stream === 'true';
+            if (stream) {
+                const abortController = new AbortController();
+                let responseFinished = false;
+                const markFinished = () => {
+                    responseFinished = true;
+                };
+                const abortStreaming = () => {
+                    if (!responseFinished) {
+                        abortController.abort();
+                    }
+                };
+                res.setHeader('Content-Type', 'application/x-ndjson; charset=utf-8');
+                res.setHeader('Cache-Control', 'no-cache');
+                res.flushHeaders();
+                req.once('aborted', abortStreaming);
+                res.once('finish', markFinished);
+                res.once('close', abortStreaming);
+                try {
+                    await withLbugDb(lbugPath, async () => streamGraphNdjson(res, includeContent, abortController.signal));
+                    if (!abortController.signal.aborted && !res.writableEnded) {
+                        res.end();
+                    }
+                }
+                finally {
+                    req.off('aborted', abortStreaming);
+                    res.off('finish', markFinished);
+                    res.off('close', abortStreaming);
+                }
+                return;
+            }
             const graph = await withLbugDb(lbugPath, async () => buildGraph(includeContent));
             res.json(graph);
         }
         catch (err) {
-            res.status(500).json({ error: err.message || 'Failed to build graph' });
+            if (err instanceof ClientDisconnectedError) {
+                return;
+            }
+            const message = err.message || 'Failed to build graph';
+            if (res.headersSent) {
+                try {
+                    res.write(JSON.stringify({ type: 'error', error: message }) + '\n');
+                }
+                catch {
+                    // Best-effort only after streaming has started.
+                }
+                res.end();
+                return;
+            }
+            res.status(500).json({ error: message });
         }
     });
     // Execute Cypher query
@@ -1134,7 +1368,8 @@ export const createServer = async (port, host = '127.0.0.1') => {
     // to the caller instead of crashing with an unhandled 'error' event.
     await new Promise((resolve, reject) => {
         const server = app.listen(port, host, () => {
-            console.log(`GitNexus server running on http://${host}:${port}`);
+            const displayHost = host === '::' || host === '0.0.0.0' ? 'localhost' : host;
+            console.log(`GitNexus server running on http://${displayHost}:${port}`);
             resolve();
         });
         server.on('error', (err) => reject(err));

package/dist/server/git-clone.d.ts

@@ -10,7 +10,8 @@ export declare function extractRepoName(url: string): string;
 export declare function getCloneDir(repoName: string): string;
 /**
  * Validate a git URL to prevent SSRF attacks.
- * Only allows https:// and http:// schemes. Blocks private/internal addresses.
+ * Only allows https:// and http:// schemes. Blocks private/internal addresses,
+ * IPv6 private ranges, cloud metadata hostnames, and numeric IP encodings.
  */
 export declare function validateGitUrl(url: string): void;
 export interface CloneProgress {

package/dist/server/git-clone.js

@@ -8,6 +8,7 @@ import { spawn } from 'child_process';
 import path from 'path';
 import os from 'os';
 import fs from 'fs/promises';
+import { isIP } from 'net';
 /** Extract the repository name from a git URL (HTTPS or SSH). */
 export function extractRepoName(url) {
     const cleaned = url.replace(/\/+$/, '');
@@ -18,9 +19,17 @@ export function extractRepoName(url) {
 export function getCloneDir(repoName) {
     return path.join(os.homedir(), '.gitnexus', 'repos', repoName);
 }
+// Cloud metadata hostnames that must never be reachable via user-supplied URLs
+const BLOCKED_HOSTNAMES = new Set([
+    'localhost',
+    'metadata.google.internal',
+    'metadata.azure.com',
+    'metadata.internal',
+]);
 /**
  * Validate a git URL to prevent SSRF attacks.
- * Only allows https:// and http:// schemes. Blocks private/internal addresses.
+ * Only allows https:// and http:// schemes. Blocks private/internal addresses,
+ * IPv6 private ranges, cloud metadata hostnames, and numeric IP encodings.
  */
 export function validateGitUrl(url) {
     let parsed;
@@ -34,14 +43,91 @@ export function validateGitUrl(url) {
         throw new Error('Only https:// and http:// git URLs are allowed');
     }
     const host = parsed.hostname.toLowerCase();
-    if (host === 'localhost' ||
-        host === '[::1]' ||
-        /^127\./.test(host) ||
+    // Block known dangerous hostnames (cloud metadata services)
+    if (BLOCKED_HOSTNAMES.has(host)) {
+        throw new Error('Cloning from private/internal addresses is not allowed');
+    }
+    // Strip IPv6 brackets if present (URL parser behavior varies across Node versions)
+    let normalizedHost = host;
+    if (host.startsWith('[') && host.endsWith(']')) {
+        normalizedHost = host.slice(1, -1);
+    }
+    // Check if this is an IPv6 address
+    // Use manual colon detection as fallback since isIP may return 0 for some
+    // normalized IPv6 forms (e.g. ::ffff:7f00:1)
+    const isIPv6 = isIP(normalizedHost) === 6 || normalizedHost.includes(':');
+    if (isIPv6) {
+        assertNotPrivateIPv6(normalizedHost);
+        return;
+    }
+    // Check if this is an IPv4 address (including numeric encodings)
+    if (isIP(normalizedHost) === 4) {
+        assertNotPrivateIPv4(normalizedHost);
+        return;
+    }
+    // For non-IP hostnames, check for numeric IP tricks
+    // Decimal encoding: 2130706433 = 127.0.0.1
+    // Hex encoding: 0x7f000001 = 127.0.0.1
+    if (/^\d+$/.test(host) || /^0x[0-9a-f]+$/i.test(host)) {
+        throw new Error('Cloning from private/internal addresses is not allowed');
+    }
+    // Standard IPv4 regex checks for dotted notation
+    if (/^127\./.test(host) ||
         /^10\./.test(host) ||
         /^172\.(1[6-9]|2\d|3[01])\./.test(host) ||
         /^192\.168\./.test(host) ||
         /^169\.254\./.test(host) ||
-        /^0\./.test(host)) {
+        /^0\./.test(host) ||
+        host === '0.0.0.0' ||
+        /^100\.(6[4-9]|[7-9]\d|1[01]\d|12[0-7])\./.test(host) ||
+        /^198\.1[89]\./.test(host)) {
+        throw new Error('Cloning from private/internal addresses is not allowed');
+    }
+}
+function assertNotPrivateIPv6(ip) {
+    // Expand common compressed forms for comparison
+    const lower = ip.toLowerCase();
+    // IPv6 loopback
+    if (lower === '::1' || lower === '0:0:0:0:0:0:0:1') {
+        throw new Error('Cloning from private/internal addresses is not allowed');
+    }
+    // Unspecified address
+    if (lower === '::' || lower === '0:0:0:0:0:0:0:0') {
+        throw new Error('Cloning from private/internal addresses is not allowed');
+    }
+    // IPv6 Unique Local Address (fc00::/7 = fc and fd prefixes)
+    if (lower.startsWith('fc') || lower.startsWith('fd')) {
+        throw new Error('Cloning from private/internal addresses is not allowed');
+    }
+    // IPv6 link-local (fe80::/10)
+    if (lower.startsWith('fe80') ||
+        lower.startsWith('fe8') ||
+        lower.startsWith('fe9') ||
+        lower.startsWith('fea') ||
+        lower.startsWith('feb')) {
+        throw new Error('Cloning from private/internal addresses is not allowed');
+    }
+    // IPv4-mapped IPv6 (::ffff:x.x.x.x or ::ffff:hex:hex)
+    // Node may normalize ::ffff:127.0.0.1 to ::ffff:7f00:1
+    if (lower.startsWith('::ffff:')) {
+        throw new Error('Cloning from private/internal addresses is not allowed');
+    }
+    // Also catch the expanded form: 0:0:0:0:0:ffff:
+    if (lower.includes(':ffff:')) {
+        throw new Error('Cloning from private/internal addresses is not allowed');
+    }
+}
+function assertNotPrivateIPv4(ip) {
+    const parts = ip.split('.').map(Number);
+    const [a, b] = parts;
+    if (a === 127 ||
+        a === 10 ||
+        (a === 172 && b >= 16 && b <= 31) ||
+        (a === 192 && b === 168) ||
+        (a === 169 && b === 254) ||
+        a === 0 ||
+        (a === 100 && b >= 64 && b <= 127) ||
+        (a === 198 && (b === 18 || b === 19))) {
         throw new Error('Cloning from private/internal addresses is not allowed');
     }
 }
@@ -69,6 +155,13 @@ function runGit(args, cwd) {
         const proc = spawn('git', args, {
             cwd,
             stdio: ['ignore', 'pipe', 'pipe'],
+            env: {
+                ...process.env,
+                // Prevent git from prompting for credentials (hangs the process)
+                GIT_TERMINAL_PROMPT: '0',
+                // Ensure no credential helper tries to open a GUI prompt
+                GIT_ASKPASS: process.platform === 'win32' ? 'echo' : '/bin/true',
+            },
         });
         let stderr = '';
         proc.stderr.on('data', (chunk) => {

package/dist/storage/git.d.ts

@@ -16,3 +16,16 @@ export declare const getGitRoot: (fromPath: string) => string | null;
  * @returns `true` when `.git` is present, `false` otherwise.
  */
 export declare const hasGitDir: (dirPath: string) => boolean;
+export interface DiffHunk {
+    startLine: number;
+    endLine: number;
+}
+export interface FileDiff {
+    filePath: string;
+    hunks: DiffHunk[];
+}
+/**
+ * Parse unified diff output (with -U0) into per-file hunk ranges.
+ * Extracts the new-file line ranges from @@ hunk headers.
+ */
+export declare function parseDiffHunks(diffOutput: string): FileDiff[];