groove-dev 0.27.106 → 0.27.107
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/moe-training/client/scrubber.js +2 -2
- package/moe-training/test/client/scrubber.test.js +24 -0
- package/node_modules/@groove-dev/cli/package.json +1 -1
- package/node_modules/@groove-dev/daemon/package.json +1 -1
- package/node_modules/@groove-dev/daemon/src/api.js +11 -4
- package/node_modules/@groove-dev/gui/dist/assets/{index-BN7fQKaF.js → index-DkAGIluW.js} +13 -13
- package/node_modules/@groove-dev/gui/dist/index.html +1 -1
- package/node_modules/@groove-dev/gui/package.json +1 -1
- package/node_modules/@groove-dev/gui/src/stores/groove.js +2 -1
- package/node_modules/@groove-dev/gui/src/views/settings.jsx +8 -7
- package/node_modules/moe-training/client/scrubber.js +2 -2
- package/node_modules/moe-training/test/client/scrubber.test.js +24 -0
- package/package.json +1 -1
- package/packages/cli/package.json +1 -1
- package/packages/daemon/package.json +1 -1
- package/packages/daemon/src/api.js +11 -4
- package/packages/gui/dist/assets/{index-BN7fQKaF.js → index-DkAGIluW.js} +13 -13
- package/packages/gui/dist/index.html +1 -1
- package/packages/gui/package.json +1 -1
- package/packages/gui/src/stores/groove.js +2 -1
- package/packages/gui/src/views/settings.jsx +8 -7
|
@@ -65,7 +65,7 @@ export class PIIScrubber {
|
|
|
65
65
|
},
|
|
66
66
|
{
|
|
67
67
|
name: 'ipv6',
|
|
68
|
-
regex: /(?:[0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}|(?:[0-9a-fA-F]{1,4}:){1,7}:|(?:[0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|::(?:[fF]{4}:)?(?:\d{1,3}\.){3}\d{1,3}|::1
|
|
68
|
+
regex: /(?:[0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}|(?:[0-9a-fA-F]{1,4}:){1,7}:|(?:[0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|::(?:[fF]{4}:)?(?:\d{1,3}\.){3}\d{1,3}|::1\b/g,
|
|
69
69
|
replacement: '[IP]',
|
|
70
70
|
},
|
|
71
71
|
{
|
|
@@ -100,7 +100,7 @@ export class PIIScrubber {
|
|
|
100
100
|
},
|
|
101
101
|
{
|
|
102
102
|
name: 'base64_secret',
|
|
103
|
-
regex: /(?<![A-Za-z0-9
|
|
103
|
+
regex: /(?<![A-Za-z0-9+])[A-Za-z0-9+]{40,}={0,2}(?![A-Za-z0-9+])/g,
|
|
104
104
|
replacement: '[API_KEY]',
|
|
105
105
|
},
|
|
106
106
|
];
|
|
@@ -131,6 +131,30 @@ describe('PIIScrubber', () => {
|
|
|
131
131
|
assert.equal(scrubber.scrub(input), 'cd ~');
|
|
132
132
|
});
|
|
133
133
|
|
|
134
|
+
it('does not scrub CSS pseudo-elements as IPv6', () => {
|
|
135
|
+
const input = '.hero-icon::before { content: ""; }';
|
|
136
|
+
assert.equal(scrubber.scrub(input), input);
|
|
137
|
+
});
|
|
138
|
+
|
|
139
|
+
it('still scrubs IPv6 loopback ::1', () => {
|
|
140
|
+
const input = 'listening on ::1 port 3000';
|
|
141
|
+
assert.equal(scrubber.scrub(input), 'listening on [IP] port 3000');
|
|
142
|
+
});
|
|
143
|
+
|
|
144
|
+
it('does not scrub file paths as base64 secrets', () => {
|
|
145
|
+
const input = '/home/user/project/groove/packages/gui/src/views/settings.jsx';
|
|
146
|
+
const result = scrubber.scrub(input);
|
|
147
|
+
assert.ok(!result.includes('[API_KEY]'), `expected no [API_KEY] in: ${result}`);
|
|
148
|
+
});
|
|
149
|
+
|
|
150
|
+
it('still scrubs real base64 secrets without slashes', () => {
|
|
151
|
+
const b64 = 'YWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4eXoxMjM0NTY3ODk';
|
|
152
|
+
const input = `key: ${b64} end`;
|
|
153
|
+
const result = scrubber.scrub(input);
|
|
154
|
+
assert.ok(result.includes('[API_KEY]'), `expected [API_KEY] in: ${result}`);
|
|
155
|
+
assert.ok(!result.includes(b64));
|
|
156
|
+
});
|
|
157
|
+
|
|
134
158
|
it('patterns do not interfere with each other', () => {
|
|
135
159
|
const input = 'user@example.com called 555-123-4567 from 192.168.1.1';
|
|
136
160
|
const result = scrubber.scrub(input);
|
|
@@ -740,9 +740,10 @@ export function createApi(app, daemon) {
|
|
|
740
740
|
};
|
|
741
741
|
|
|
742
742
|
const proc = spawn('codex', ['login'], {
|
|
743
|
-
stdio: ['
|
|
743
|
+
stdio: ['pipe', 'pipe', 'pipe'],
|
|
744
744
|
shell: true,
|
|
745
745
|
});
|
|
746
|
+
proc.stdin.on('error', () => {});
|
|
746
747
|
let stdout = '';
|
|
747
748
|
let stderr = '';
|
|
748
749
|
proc.stdout.on('data', (d) => { stdout += d.toString(); });
|
|
@@ -751,8 +752,8 @@ export function createApi(app, daemon) {
|
|
|
751
752
|
const timeout = setTimeout(() => {
|
|
752
753
|
const urlMatch = (stdout + stderr).match(/https:\/\/\S+/);
|
|
753
754
|
respond(urlMatch
|
|
754
|
-
? { status: 'pending', url: urlMatch[0] }
|
|
755
|
-
: { status: 'pending', message: 'Login started — check your browser' });
|
|
755
|
+
? { status: 'pending', url: urlMatch[0], browserOpened: true }
|
|
756
|
+
: { status: 'pending', message: 'Login started — check your browser', browserOpened: true });
|
|
756
757
|
}, 5000);
|
|
757
758
|
|
|
758
759
|
proc.on('close', (code) => {
|
|
@@ -4665,7 +4666,13 @@ Keep responses concise. Help them think, don't lecture them about the system the
|
|
|
4665
4666
|
const hasKey = daemon.credentials.hasKey(p.id);
|
|
4666
4667
|
let authStatus = 'not-configured';
|
|
4667
4668
|
if (p.authType === 'subscription') {
|
|
4668
|
-
|
|
4669
|
+
if (!p.installed) {
|
|
4670
|
+
authStatus = 'not-configured';
|
|
4671
|
+
} else {
|
|
4672
|
+
const provObj = getProvider(p.id);
|
|
4673
|
+
const authResult = provObj?.constructor?.isAuthenticated?.();
|
|
4674
|
+
authStatus = authResult?.authenticated ? 'authenticated' : 'not-configured';
|
|
4675
|
+
}
|
|
4669
4676
|
} else if (p.authType === 'api-key') {
|
|
4670
4677
|
authStatus = hasKey ? 'key-set' : 'not-configured';
|
|
4671
4678
|
if (p.authStatus?.authenticated) authStatus = 'authenticated';
|