groove-dev 0.25.16 → 0.25.17
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/node_modules/@groove-dev/daemon/src/api.js +31 -0
- package/node_modules/@groove-dev/gui/dist/assets/{index-BjUplOVu.js → index-Ca4wKXQ9.js} +19 -19
- package/node_modules/@groove-dev/gui/dist/index.html +1 -1
- package/node_modules/@groove-dev/gui/src/components/agents/agent-feed.jsx +26 -3
- package/package.json +1 -1
- package/packages/daemon/src/api.js +31 -0
- package/packages/gui/dist/assets/{index-BjUplOVu.js → index-Ca4wKXQ9.js} +19 -19
- package/packages/gui/dist/index.html +1 -1
- package/packages/gui/src/components/agents/agent-feed.jsx +26 -3
|
@@ -420,6 +420,37 @@ export function createApi(app, daemon) {
|
|
|
420
420
|
}
|
|
421
421
|
});
|
|
422
422
|
|
|
423
|
+
// Upload file to agent's working directory
|
|
424
|
+
app.post('/api/agents/:id/upload', (req, res) => {
|
|
425
|
+
const agent = daemon.registry.get(req.params.id);
|
|
426
|
+
if (!agent) return res.status(404).json({ error: 'Agent not found' });
|
|
427
|
+
|
|
428
|
+
const { filename, content } = req.body;
|
|
429
|
+
if (!filename || !content) return res.status(400).json({ error: 'filename and content required' });
|
|
430
|
+
|
|
431
|
+
// Sanitize filename — no path traversal
|
|
432
|
+
const safeName = String(filename).replace(/[/\\]/g, '_').replace(/\.\./g, '');
|
|
433
|
+
if (!safeName) return res.status(400).json({ error: 'Invalid filename' });
|
|
434
|
+
|
|
435
|
+
const dir = agent.workingDir || daemon.projectDir;
|
|
436
|
+
const filePath = resolve(dir, safeName);
|
|
437
|
+
|
|
438
|
+
// Ensure file stays within working directory
|
|
439
|
+
if (!filePath.startsWith(dir)) {
|
|
440
|
+
return res.status(400).json({ error: 'Path traversal detected' });
|
|
441
|
+
}
|
|
442
|
+
|
|
443
|
+
try {
|
|
444
|
+
mkdirSync(dir, { recursive: true });
|
|
445
|
+
const buffer = Buffer.from(content, 'base64');
|
|
446
|
+
writeFileSync(filePath, buffer);
|
|
447
|
+
daemon.audit.log('file.upload', { agentId: agent.id, filename: safeName, size: buffer.length });
|
|
448
|
+
res.json({ ok: true, path: safeName, size: buffer.length });
|
|
449
|
+
} catch (err) {
|
|
450
|
+
res.status(500).json({ error: `Upload failed: ${err.message}` });
|
|
451
|
+
}
|
|
452
|
+
});
|
|
453
|
+
|
|
423
454
|
// List MD files for an agent (from its working directory + .groove)
|
|
424
455
|
app.get('/api/agents/:id/mdfiles', (req, res) => {
|
|
425
456
|
const agent = daemon.registry.get(req.params.id);
|