grov 0.5.11 → 0.6.13

package/dist/lib/jsonl-parser.d.ts

@@ -1,87 +0,0 @@
-interface JsonlEntry {
-    type: 'user' | 'assistant' | 'system';
-    message?: {
-        role: string;
-        content: string | ContentBlock[];
-    };
-    timestamp?: string;
-    session_id?: string;
-    [key: string]: unknown;
-}
-interface ContentBlock {
-    type: string;
-    text?: string;
-    name?: string;
-    input?: unknown;
-    [key: string]: unknown;
-}
-export interface ParsedSession {
-    sessionId: string;
-    projectPath: string;
-    startTime: string;
-    endTime: string;
-    userMessages: string[];
-    assistantMessages: string[];
-    toolCalls: ToolCall[];
-    filesRead: string[];
-    filesWritten: string[];
-    rawEntries: JsonlEntry[];
-}
-export interface ToolCall {
-    name: string;
-    input: unknown;
-    timestamp?: string;
-}
-/**
- * Encode a project path the same way Claude Code does
- * /Users/dev/myapp -> -Users-dev-myapp
- */
-export declare function encodeProjectPath(projectPath: string): string;
-/**
- * Decode an encoded project path back to the original.
- * SECURITY: Validates that the decoded path doesn't contain traversal sequences.
- * @throws Error if path contains traversal sequences
- */
-export declare function decodeProjectPath(encoded: string): string;
-/**
- * Validate that a file path is within the expected project boundary.
- * SECURITY: Prevents path traversal outside project directory.
- */
-export declare function isPathWithinProject(projectPath: string, filePath: string): boolean;
-/**
- * Get the directory where Claude stores sessions for a project
- */
-export declare function getProjectSessionsDir(projectPath: string): string;
-/**
- * Extract session ID from a JSONL file path
- * ~/.claude/projects/-Users-dev-myapp/abc123def456.jsonl -> abc123def456
- * SECURITY: Validates session ID format to prevent path confusion attacks.
- */
-export declare function getSessionIdFromPath(jsonlPath: string): string;
-/**
- * Get the current session ID for a project (from the most recent session file)
- */
-export declare function getCurrentSessionId(projectPath: string): string | null;
-/**
- * Find the most recent session file for a project.
- * SECURITY: Handles TOCTOU race conditions gracefully.
- */
-export declare function findLatestSessionFile(projectPath: string): string | null;
-/**
- * List all session files for a project
- */
-export declare function listSessionFiles(projectPath: string): string[];
-/**
- * Parse a JSONL file into entries.
- * SECURITY: Limits entries to prevent memory exhaustion attacks.
- */
-export declare function parseJsonlFile(filePath: string): JsonlEntry[];
-/**
- * Parse a session file and extract structured data
- */
-export declare function parseSession(filePath: string): ParsedSession;
-/**
- * Get a summary of the session for LLM extraction
- */
-export declare function getSessionSummary(session: ParsedSession): string;
-export {};

package/dist/lib/jsonl-parser.js

@@ -1,281 +0,0 @@
-// Parse Claude Code session JSONL files from ~/.claude/projects/
-import { readFileSync, readdirSync, statSync, existsSync } from 'fs';
-import { homedir } from 'os';
-import { join, basename, resolve, normalize } from 'path';
-import { debugParser } from './debug.js';
-const CLAUDE_PROJECTS_DIR = join(homedir(), '.claude', 'projects');
-/**
- * Encode a project path the same way Claude Code does
- * /Users/dev/myapp -> -Users-dev-myapp
- */
-export function encodeProjectPath(projectPath) {
-    // Normalize the path first to prevent encoding malicious paths
-    const normalized = projectPath.replace(/\.\.+/g, '.');
-    return normalized.replace(/\//g, '-');
-}
-/**
- * Decode an encoded project path back to the original.
- * SECURITY: Validates that the decoded path doesn't contain traversal sequences.
- * @throws Error if path contains traversal sequences
- */
-export function decodeProjectPath(encoded) {
-    // First char is always '-' representing the root '/'
-    const decoded = encoded.replace(/-/g, '/');
-    // SECURITY: Prevent path traversal attacks
-    if (decoded.includes('..')) {
-        throw new Error('Invalid path: traversal sequence detected');
-    }
-    return decoded;
-}
-/**
- * Validate that a file path is within the expected project boundary.
- * SECURITY: Prevents path traversal outside project directory.
- */
-export function isPathWithinProject(projectPath, filePath) {
-    const resolvedProject = resolve(normalize(projectPath));
-    const resolvedFile = resolve(normalize(filePath));
-    return resolvedFile.startsWith(resolvedProject);
-}
-/**
- * Get the directory where Claude stores sessions for a project
- */
-export function getProjectSessionsDir(projectPath) {
-    const encoded = encodeProjectPath(projectPath);
-    return join(CLAUDE_PROJECTS_DIR, encoded);
-}
-// SECURITY: Valid session ID pattern (hex chars, dashes for UUIDs)
-const SESSION_ID_PATTERN = /^[a-f0-9-]+$/i;
-/**
- * Extract session ID from a JSONL file path
- * ~/.claude/projects/-Users-dev-myapp/abc123def456.jsonl -> abc123def456
- * SECURITY: Validates session ID format to prevent path confusion attacks.
- */
-export function getSessionIdFromPath(jsonlPath) {
-    const sessionId = basename(jsonlPath, '.jsonl');
-    // SECURITY: Validate session ID contains only safe characters
-    if (!SESSION_ID_PATTERN.test(sessionId)) {
-        debugParser('Invalid session ID format: %s', sessionId.substring(0, 20));
-        throw new Error('Invalid session ID format');
-    }
-    return sessionId;
-}
-/**
- * Get the current session ID for a project (from the most recent session file)
- */
-export function getCurrentSessionId(projectPath) {
-    const latestFile = findLatestSessionFile(projectPath);
-    return latestFile ? getSessionIdFromPath(latestFile) : null;
-}
-/**
- * Find the most recent session file for a project.
- * SECURITY: Handles TOCTOU race conditions gracefully.
- */
-export function findLatestSessionFile(projectPath) {
-    const sessionsDir = getProjectSessionsDir(projectPath);
-    if (!existsSync(sessionsDir)) {
-        return null;
-    }
-    // SECURITY: Handle TOCTOU - files may be deleted between list and stat
-    const files = [];
-    try {
-        const entries = readdirSync(sessionsDir).filter(f => f.endsWith('.jsonl'));
-        for (const f of entries) {
-            const filePath = join(sessionsDir, f);
-            try {
-                // SECURITY: Wrap stat in try-catch to handle deleted files
-                const stat = statSync(filePath);
-                files.push({
-                    name: f,
-                    path: filePath,
-                    mtime: stat.mtime
-                });
-            }
-            catch {
-                // File was deleted between readdir and stat - skip it
-                debugParser('File disappeared during listing: %s', f);
-            }
-        }
-    }
-    catch {
-        // Directory may have been deleted
-        debugParser('Could not read sessions directory: %s', sessionsDir);
-        return null;
-    }
-    files.sort((a, b) => b.mtime.getTime() - a.mtime.getTime());
-    return files.length > 0 ? files[0].path : null;
-}
-/**
- * List all session files for a project
- */
-export function listSessionFiles(projectPath) {
-    const sessionsDir = getProjectSessionsDir(projectPath);
-    if (!existsSync(sessionsDir)) {
-        return [];
-    }
-    return readdirSync(sessionsDir)
-        .filter(f => f.endsWith('.jsonl'))
-        .map(f => join(sessionsDir, f));
-}
-// SECURITY: Maximum entries to prevent memory exhaustion
-const MAX_JSONL_ENTRIES = 10000;
-/**
- * Parse a JSONL file into entries.
- * SECURITY: Limits entries to prevent memory exhaustion attacks.
- */
-export function parseJsonlFile(filePath) {
-    let content;
-    try {
-        content = readFileSync(filePath, 'utf-8');
-    }
-    catch {
-        // File may have been deleted/moved between finding and reading
-        debugParser('Could not read file: %s', filePath);
-        return [];
-    }
-    const lines = content.trim().split('\n').filter(line => line.trim());
-    const entries = [];
-    for (const line of lines) {
-        // SECURITY: Limit entries to prevent memory exhaustion
-        if (entries.length >= MAX_JSONL_ENTRIES) {
-            debugParser('Entry limit reached (%d), stopping parse', MAX_JSONL_ENTRIES);
-            break;
-        }
-        try {
-            const entry = JSON.parse(line);
-            entries.push(entry);
-        }
-        catch {
-            // Skip malformed lines
-            debugParser('Skipping malformed JSONL line');
-        }
-    }
-    return entries;
-}
-/**
- * Extract text content from a message content array
- */
-function extractTextContent(content) {
-    if (typeof content === 'string') {
-        return content;
-    }
-    return content
-        .filter(block => block.type === 'text' && block.text)
-        .map(block => block.text)
-        .join('\n');
-}
-/**
- * Extract tool calls from assistant message content
- */
-function extractToolCalls(content, timestamp) {
-    if (typeof content === 'string') {
-        return [];
-    }
-    return content
-        .filter(block => block.type === 'tool_use' && block.name)
-        .map(block => ({
-        name: block.name,
-        input: block.input,
-        timestamp
-    }));
-}
-/**
- * Parse a session file and extract structured data
- */
-export function parseSession(filePath) {
-    const entries = parseJsonlFile(filePath);
-    const sessionId = basename(filePath, '.jsonl');
-    const userMessages = [];
-    const assistantMessages = [];
-    const toolCalls = [];
-    const filesRead = new Set();
-    const filesWritten = new Set();
-    let startTime = '';
-    let endTime = '';
-    let projectPath = '';
-    for (const entry of entries) {
-        // Track timestamps
-        if (entry.timestamp) {
-            if (!startTime)
-                startTime = entry.timestamp;
-            endTime = entry.timestamp;
-        }
-        // Extract user messages
-        if (entry.type === 'user' && entry.message?.content) {
-            const text = extractTextContent(entry.message.content);
-            if (text)
-                userMessages.push(text);
-        }
-        // Extract assistant messages and tool calls
-        if (entry.type === 'assistant' && entry.message?.content) {
-            const text = extractTextContent(entry.message.content);
-            if (text)
-                assistantMessages.push(text);
-            const tools = extractToolCalls(entry.message.content, entry.timestamp);
-            toolCalls.push(...tools);
-            // Track files from tool calls
-            for (const tool of tools) {
-                const input = tool.input;
-                if (input?.file_path && typeof input.file_path === 'string') {
-                    if (tool.name === 'Read') {
-                        filesRead.add(input.file_path);
-                    }
-                    else if (tool.name === 'Write' || tool.name === 'Edit') {
-                        filesWritten.add(input.file_path);
-                    }
-                }
-            }
-        }
-    }
-    // Try to infer project path from file paths
-    const allFiles = [...filesRead, ...filesWritten];
-    if (allFiles.length > 0) {
-        // Find common prefix
-        const firstFile = allFiles[0];
-        const parts = firstFile.split('/');
-        // Assume project is a few levels deep (e.g., /Users/dev/project)
-        if (parts.length >= 4) {
-            projectPath = parts.slice(0, 4).join('/');
-        }
-    }
-    return {
-        sessionId,
-        projectPath,
-        startTime,
-        endTime,
-        userMessages,
-        assistantMessages,
-        toolCalls,
-        filesRead: [...filesRead],
-        filesWritten: [...filesWritten],
-        rawEntries: entries
-    };
-}
-/**
- * Get a summary of the session for LLM extraction
- */
-export function getSessionSummary(session) {
-    const lines = [];
-    lines.push(`Session ID: ${session.sessionId}`);
-    lines.push(`Time: ${session.startTime} to ${session.endTime}`);
-    lines.push('');
-    lines.push('## User Messages');
-    session.userMessages.forEach((msg, i) => {
-        lines.push(`[${i + 1}] ${msg.substring(0, 500)}${msg.length > 500 ? '...' : ''}`);
-    });
-    lines.push('');
-    lines.push('## Files Read');
-    session.filesRead.forEach(f => lines.push(`  - ${f}`));
-    lines.push('');
-    lines.push('## Files Written/Edited');
-    session.filesWritten.forEach(f => lines.push(`  - ${f}`));
-    lines.push('');
-    lines.push('## Tool Calls');
-    const toolSummary = session.toolCalls.reduce((acc, t) => {
-        acc[t.name] = (acc[t.name] || 0) + 1;
-        return acc;
-    }, {});
-    Object.entries(toolSummary).forEach(([name, count]) => {
-        lines.push(`  - ${name}: ${count}x`);
-    });
-    return lines.join('\n');
-}

package/dist/lib/session-parser.d.ts

@@ -1,44 +0,0 @@
-/**
- * Claude's action extracted from session JSONL
- */
-export interface ClaudeAction {
-    type: 'edit' | 'write' | 'bash' | 'read' | 'delete' | 'grep' | 'glob' | 'multiedit';
-    files: string[];
-    command?: string;
-    timestamp: number;
-}
-/**
- * Find session JSONL path from session_id and project path.
- *
- * Claude Code stores sessions in:
- *   ~/.claude/projects/<encoded-path>/<session_id>.jsonl
- *
- * The encoded path uses a specific encoding (not standard URL encoding).
- */
-export declare function findSessionFile(sessionId: string, projectPath: string): string | null;
-/**
- * Parse JSONL and extract ALL Claude's tool calls
- */
-export declare function parseSessionActions(sessionPath: string): ClaudeAction[];
-/**
- * Get only NEW actions since last check timestamp.
- * This is the main function used by prompt-inject.
- */
-export declare function getNewActions(sessionPath: string, lastCheckedTimestamp: number): ClaudeAction[];
-/**
- * Get actions that MODIFY files (not reads).
- * Use this for drift detection - reads are exploration, not drift.
- */
-export declare function getModifyingActions(actions: ClaudeAction[]): ClaudeAction[];
-/**
- * Extract all unique files touched by actions
- */
-export declare function extractFilesFromActions(actions: ClaudeAction[]): string[];
-/**
- * Extract unique folders from actions
- */
-export declare function extractFoldersFromActions(actions: ClaudeAction[]): string[];
-/**
- * Extract keywords from an action (for step storage)
- */
-export declare function extractKeywordsFromAction(action: ClaudeAction): string[];

package/dist/lib/session-parser.js

@@ -1,256 +0,0 @@
-// Session JSONL parser for anti-drift system
-// Parses Claude Code session files to extract Claude's ACTIONS (tool calls)
-//
-// CRITICAL: We monitor Claude's ACTIONS, NOT user prompts.
-// User can explore freely. We check what CLAUDE DOES.
-import { existsSync, readFileSync, readdirSync } from 'fs';
-import { homedir } from 'os';
-import { join, dirname } from 'path';
-import { debugInject } from './debug.js';
-// ============================================
-// MAIN FUNCTIONS
-// ============================================
-/**
- * Find session JSONL path from session_id and project path.
- *
- * Claude Code stores sessions in:
- *   ~/.claude/projects/<encoded-path>/<session_id>.jsonl
- *
- * The encoded path uses a specific encoding (not standard URL encoding).
- */
-export function findSessionFile(sessionId, projectPath) {
-    const claudeProjectsDir = join(homedir(), '.claude', 'projects');
-    if (!existsSync(claudeProjectsDir)) {
-        debugInject('Claude projects dir not found: %s', claudeProjectsDir);
-        return null;
-    }
-    // Try to find the project folder
-    // Claude Code uses a specific encoding for the path
-    // We'll search for folders that might contain our session
-    const projectFolders = readdirSync(claudeProjectsDir, { withFileTypes: true })
-        .filter(d => d.isDirectory())
-        .map(d => d.name);
-    // First, try URL-encoded path
-    const urlEncoded = encodeURIComponent(projectPath);
-    if (projectFolders.includes(urlEncoded)) {
-        const sessionPath = join(claudeProjectsDir, urlEncoded, `${sessionId}.jsonl`);
-        if (existsSync(sessionPath)) {
-            debugInject('Found session via URL encoding: %s', sessionPath);
-            return sessionPath;
-        }
-    }
-    // Try custom Claude encoding (%2F for /, etc.)
-    const customEncoded = projectPath
-        .replace(/\//g, '%2F')
-        .replace(/:/g, '%3A');
-    if (projectFolders.includes(customEncoded)) {
-        const sessionPath = join(claudeProjectsDir, customEncoded, `${sessionId}.jsonl`);
-        if (existsSync(sessionPath)) {
-            debugInject('Found session via custom encoding: %s', sessionPath);
-            return sessionPath;
-        }
-    }
-    // Search in all project folders for the session
-    for (const folder of projectFolders) {
-        const sessionPath = join(claudeProjectsDir, folder, `${sessionId}.jsonl`);
-        if (existsSync(sessionPath)) {
-            debugInject('Found session by scanning: %s', sessionPath);
-            return sessionPath;
-        }
-    }
-    debugInject('Session file not found for: %s in %s', sessionId, projectPath);
-    return null;
-}
-/**
- * Parse JSONL and extract ALL Claude's tool calls
- */
-export function parseSessionActions(sessionPath) {
-    if (!existsSync(sessionPath)) {
-        debugInject('Session file does not exist: %s', sessionPath);
-        return [];
-    }
-    const content = readFileSync(sessionPath, 'utf-8');
-    const lines = content.trim().split('\n').filter(Boolean);
-    const actions = [];
-    for (const line of lines) {
-        try {
-            const entry = JSON.parse(line);
-            // Only process assistant messages (Claude's responses)
-            if (entry.type !== 'assistant')
-                continue;
-            const timestamp = new Date(entry.timestamp).getTime();
-            // Extract tool calls from content array
-            for (const block of entry.message?.content || []) {
-                if (block.type !== 'tool_use')
-                    continue;
-                const action = parseToolCall(block, timestamp);
-                if (action) {
-                    actions.push(action);
-                }
-            }
-        }
-        catch {
-            // Skip malformed lines silently
-            continue;
-        }
-    }
-    debugInject('Parsed %d actions from session', actions.length);
-    return actions;
-}
-/**
- * Get only NEW actions since last check timestamp.
- * This is the main function used by prompt-inject.
- */
-export function getNewActions(sessionPath, lastCheckedTimestamp) {
-    const allActions = parseSessionActions(sessionPath);
-    const newActions = allActions.filter(a => a.timestamp > lastCheckedTimestamp);
-    debugInject('Found %d new actions since %d', newActions.length, lastCheckedTimestamp);
-    return newActions;
-}
-/**
- * Get actions that MODIFY files (not reads).
- * Use this for drift detection - reads are exploration, not drift.
- */
-export function getModifyingActions(actions) {
-    return actions.filter(a => a.type !== 'read' && a.type !== 'grep' && a.type !== 'glob');
-}
-/**
- * Extract all unique files touched by actions
- */
-export function extractFilesFromActions(actions) {
-    const files = new Set();
-    for (const action of actions) {
-        for (const file of action.files) {
-            files.add(file);
-        }
-    }
-    return [...files];
-}
-/**
- * Extract unique folders from actions
- */
-export function extractFoldersFromActions(actions) {
-    const folders = new Set();
-    for (const action of actions) {
-        for (const file of action.files) {
-            const folder = dirname(file);
-            if (folder && folder !== '.') {
-                folders.add(folder);
-            }
-        }
-    }
-    return [...folders];
-}
-// ============================================
-// HELPERS
-// ============================================
-/**
- * Parse a single tool call block into ClaudeAction
- */
-function parseToolCall(block, timestamp) {
-    const name = block.name?.toLowerCase();
-    const input = block.input || {};
-    switch (name) {
-        case 'edit':
-            return {
-                type: 'edit',
-                files: [input.file_path].filter(Boolean),
-                timestamp
-            };
-        case 'multiedit':
-            return {
-                type: 'multiedit',
-                files: [input.file_path].filter(Boolean),
-                timestamp
-            };
-        case 'write':
-            return {
-                type: 'write',
-                files: [input.file_path].filter(Boolean),
-                timestamp
-            };
-        case 'bash':
-            return {
-                type: 'bash',
-                files: extractFilesFromCommand(input.command || ''),
-                command: input.command,
-                timestamp
-            };
-        case 'read':
-            return {
-                type: 'read',
-                files: [input.file_path].filter(Boolean),
-                timestamp
-            };
-        case 'grep':
-            return {
-                type: 'grep',
-                files: [input.path].filter(Boolean),
-                timestamp
-            };
-        case 'glob':
-            return {
-                type: 'glob',
-                files: [input.path].filter(Boolean),
-                timestamp
-            };
-        default:
-            // Ignore other tools (Task, WebFetch, etc.)
-            return null;
-    }
-}
-/**
- * Extract file paths from a bash command.
- * Basic extraction - not perfect but catches common patterns.
- */
-function extractFilesFromCommand(command) {
-    if (!command)
-        return [];
-    const files = [];
-    const patterns = [
-        // Absolute paths: /path/to/file.ts
-        /(?:^|\s)(\/[\w\-\.\/]+\.\w+)/g,
-        // Relative paths with ./: ./src/file.ts
-        /(?:^|\s)(\.\/[\w\-\.\/]+\.\w+)/g,
-        // Relative paths: src/file.ts
-        /(?:^|\s)([\w\-]+\/[\w\-\.\/]+\.\w+)/g,
-    ];
-    for (const pattern of patterns) {
-        for (const match of command.matchAll(pattern)) {
-            const file = match[1];
-            // Filter out common non-files
-            if (file && !file.startsWith('http') && !file.match(/^\d+\.\d+/)) {
-                files.push(file);
-            }
-        }
-    }
-    return [...new Set(files)];
-}
-/**
- * Extract keywords from an action (for step storage)
- */
-export function extractKeywordsFromAction(action) {
-    const keywords = [];
-    // Extract from file names
-    for (const file of action.files) {
-        const fileName = file.split('/').pop() || '';
-        const baseName = fileName.replace(/\.\w+$/, '');
-        // Split camelCase and kebab-case
-        const parts = baseName
-            .replace(/([a-z])([A-Z])/g, '$1 $2')
-            .replace(/[-_]/g, ' ')
-            .toLowerCase()
-            .split(/\s+/)
-            .filter(p => p.length > 2);
-        keywords.push(...parts);
-    }
-    // Extract from bash command
-    if (action.command) {
-        const commandParts = action.command
-            .toLowerCase()
-            .split(/\s+/)
-            .filter(p => p.length > 3 && !p.startsWith('-'));
-        keywords.push(...commandParts.slice(0, 5));
-    }
-    return [...new Set(keywords)];
-}

package/dist/lib/store.d.ts

@@ -1 +0,0 @@
-export * from './store/index.js';