ima2-gen 1.1.7 → 1.1.8

package/config.js

@@ -122,6 +122,46 @@ export const config = {
       fileCfg.limits?.promptImportMaxSourceCharsScanned,
       512 * 1024,
     ),
+    promptImportMaxRepoIndexFiles: pickInt(
+      env.IMA2_PROMPT_IMPORT_MAX_REPO_INDEX_FILES,
+      fileCfg.limits?.promptImportMaxRepoIndexFiles,
+      500,
+    ),
+    promptImportCuratedSearchLimit: pickInt(
+      env.IMA2_PROMPT_IMPORT_CURATED_SEARCH_LIMIT,
+      fileCfg.limits?.promptImportCuratedSearchLimit,
+      50,
+    ),
+    promptImportIndexCacheTtlMs: pickInt(
+      env.IMA2_PROMPT_IMPORT_INDEX_CACHE_TTL_MS,
+      fileCfg.limits?.promptImportIndexCacheTtlMs,
+      24 * 60 * 60 * 1000,
+    ),
+    promptImportMaxFolderFiles: pickInt(
+      env.IMA2_PROMPT_IMPORT_MAX_FOLDER_FILES,
+      fileCfg.limits?.promptImportMaxFolderFiles,
+      100,
+    ),
+    promptImportMaxFolderPreviewFiles: pickInt(
+      env.IMA2_PROMPT_IMPORT_MAX_FOLDER_PREVIEW_FILES,
+      fileCfg.limits?.promptImportMaxFolderPreviewFiles,
+      20,
+    ),
+    promptImportDiscoverySearchLimit: pickInt(
+      env.IMA2_PROMPT_IMPORT_DISCOVERY_SEARCH_LIMIT,
+      fileCfg.limits?.promptImportDiscoverySearchLimit,
+      20,
+    ),
+    promptImportDiscoveryCacheTtlMs: pickInt(
+      env.IMA2_PROMPT_IMPORT_DISCOVERY_CACHE_TTL_MS,
+      fileCfg.limits?.promptImportDiscoveryCacheTtlMs,
+      60 * 60 * 1000,
+    ),
+    promptImportDiscoveryMaxQueries: pickInt(
+      env.IMA2_PROMPT_IMPORT_DISCOVERY_MAX_QUERIES,
+      fileCfg.limits?.promptImportDiscoveryMaxQueries,
+      5,
+    ),
   },
   history: {
     defaultPageSize: pickInt(
@@ -153,6 +193,9 @@ export const config = {
         : ["auto", "low"],
     ),
   },
+  github: {
+    token: pickStr(env.IMA2_GITHUB_TOKEN, fileCfg.github?.token, ""),
+  },
   storage: {
     configDir,
     packageRoot,
@@ -161,6 +204,16 @@ export const config = {
     generatedDirName: pickStr(env.IMA2_GENERATED_DIRNAME, fileCfg.storage?.generatedDirName, "generated"),
     trashDirName: pickStr(env.IMA2_TRASH_DIRNAME, fileCfg.storage?.trashDirName, ".trash"),
     dbPath: pickStr(env.IMA2_DB_PATH, fileCfg.storage?.dbPath, join(configDir, "sessions.db")),
+    promptImportIndexCacheFile: pickStr(
+      env.IMA2_PROMPT_IMPORT_INDEX_CACHE_FILE,
+      fileCfg.storage?.promptImportIndexCacheFile,
+      join(configDir, "prompt-import-index.json"),
+    ),
+    promptImportDiscoveryRegistryFile: pickStr(
+      env.IMA2_PROMPT_IMPORT_DISCOVERY_REGISTRY_FILE,
+      fileCfg.storage?.promptImportDiscoveryRegistryFile,
+      join(configDir, "prompt-import-discovery.json"),
+    ),
     configFile: join(configDir, "config.json"),
     advertiseFile: pickStr(env.IMA2_ADVERTISE_FILE, fileCfg.storage?.advertiseFile, join(configDir, "server.json")),
     staticMaxAge: pickStr(env.IMA2_STATIC_MAX_AGE, fileCfg.storage?.staticMaxAge, "1y"),

package/lib/localImportStore.js

@@ -0,0 +1,111 @@
+import { mkdir, writeFile } from "fs/promises";
+import { basename, join, normalize } from "path";
+import { randomBytes } from "crypto";
+import { embedImageMetadataBestEffort } from "./imageMetadataStore.js";
+
+const PNG_SIGNATURE_HEX = "89504e470d0a1a0a";
+const JPEG_SIGNATURE_HEX = "ffd8ff";
+const WEBP_RIFF_HEAD = "52494646";
+const WEBP_VP_TAIL = "57454250";
+
+function detectFormat(buffer) {
+  if (!Buffer.isBuffer(buffer) || buffer.length < 12) return null;
+  const head8 = buffer.subarray(0, 8).toString("hex");
+  if (head8 === PNG_SIGNATURE_HEX) return "png";
+  if (head8.startsWith(JPEG_SIGNATURE_HEX)) return "jpeg";
+  if (
+    buffer.subarray(0, 4).toString("hex") === WEBP_RIFF_HEAD &&
+    buffer.subarray(8, 12).toString("hex") === WEBP_VP_TAIL
+  ) {
+    return "webp";
+  }
+  return null;
+}
+
+function ensureInsideGeneratedDir(generatedDir, filename) {
+  const full = normalize(join(generatedDir, filename));
+  const root = normalize(generatedDir);
+  if (!full.startsWith(root)) {
+    const err = new Error("Imported path escapes generated directory");
+    err.status = 400;
+    err.code = "IMPORT_PATH_ESCAPE";
+    throw err;
+  }
+  return full;
+}
+
+function makeImportedFilename(format) {
+  const stamp = new Date().toISOString().slice(0, 19).replace(/[-:T]/g, "");
+  const rand = randomBytes(3).toString("hex");
+  return `imported-${stamp}-${rand}.${format}`;
+}
+
+function safeOriginalName(input) {
+  if (typeof input !== "string" || !input) return null;
+  const trimmed = input.slice(0, 200);
+  return basename(trimmed);
+}
+
+export async function createLocalImport(ctx, { buffer, originalFilename }) {
+  if (!Buffer.isBuffer(buffer) || buffer.length === 0) {
+    const err = new Error("Image body is required");
+    err.status = 400;
+    err.code = "EMPTY_IMPORT";
+    throw err;
+  }
+  const format = detectFormat(buffer);
+  if (!format) {
+    const err = new Error("Only PNG, JPEG, or WebP is supported");
+    err.status = 400;
+    err.code = "IMPORT_BAD_FORMAT";
+    throw err;
+  }
+  const filename = makeImportedFilename(format);
+  const fullPath = ensureInsideGeneratedDir(ctx.config.storage.generatedDir, filename);
+  await mkdir(ctx.config.storage.generatedDir, { recursive: true });
+
+  const meta = {
+    schema: "ima2.generation.v1",
+    app: "ima2-gen",
+    version: ctx.packageVersion,
+    createdAt: Date.now(),
+    kind: "imported",
+    canvasVersion: false,
+    originalFilename: safeOriginalName(originalFilename),
+    format,
+  };
+  const embedded = await embedImageMetadataBestEffort(buffer, format, meta, {
+    version: ctx.packageVersion,
+  });
+  await writeFile(fullPath, embedded.buffer);
+  await writeFile(`${fullPath}.json`, JSON.stringify(meta)).catch(() => {});
+
+  const url = `/generated/${encodeURIComponent(filename)}`;
+  return {
+    filename,
+    url,
+    image: url,
+    thumb: url,
+    createdAt: meta.createdAt,
+    format,
+    kind: "imported",
+    canvasVersion: false,
+    canvasSourceFilename: null,
+    canvasEditableFilename: null,
+    prompt: null,
+    userPrompt: null,
+    revisedPrompt: null,
+    promptMode: null,
+    quality: null,
+    size: null,
+    model: null,
+    provider: null,
+    usage: null,
+    webSearchCalls: 0,
+    sessionId: null,
+    nodeId: null,
+    parentNodeId: null,
+    refsCount: 0,
+    isFavorite: false,
+  };
+}

package/lib/promptImport/curatedSources.js

@@ -0,0 +1,139 @@
+const CURATED_SOURCES = [
+  {
+    id: "picotrex-nano-banana",
+    repo: "PicoTrex/Awesome-Nano-Banana-images",
+    owner: "PicoTrex",
+    name: "Awesome-Nano-Banana-images",
+    displayName: "Awesome Nano Banana Images",
+    defaultRef: "main",
+    allowedPaths: ["README_en.md", "README.md"],
+    extensions: ["md"],
+    sourceType: "nano-banana-gallery",
+    licenseSpdx: "Apache-2.0",
+    requiresAttribution: true,
+    trustTier: "curated",
+    lastVerifiedAt: "2026-04-28",
+    notes: "High-signal Nano Banana image prompt and example collection.",
+    searchSeeds: ["nano banana", "image generation", "reference image", "style transfer", "prompt"],
+    defaultSearch: true,
+  },
+  {
+    id: "aimikoda-nano-banana-pro",
+    repo: "aimikoda/nano-banana-pro-prompts",
+    owner: "aimikoda",
+    name: "nano-banana-pro-prompts",
+    displayName: "Nano Banana Pro Prompts",
+    defaultRef: "main",
+    allowedPaths: ["README.md"],
+    extensions: ["md"],
+    sourceType: "nano-banana-prompts",
+    licenseSpdx: "NOASSERTION",
+    requiresAttribution: true,
+    trustTier: "curated",
+    lastVerifiedAt: "2026-04-28",
+    notes: "Nano Banana Pro / Nano Banana 2 prompt source.",
+    searchSeeds: ["nano banana pro", "gpt-image-2", "prompt", "2k", "4k"],
+    defaultSearch: true,
+  },
+  {
+    id: "stable-diffusion-awesome-manual",
+    repo: "yuyan124/awesome-stable-diffusion-prompts",
+    displayName: "Awesome Stable Diffusion Prompts",
+    defaultRef: "main",
+    allowedPaths: [],
+    extensions: ["md", "txt"],
+    sourceType: "manual-review",
+    licenseSpdx: "NOASSERTION",
+    requiresAttribution: true,
+    trustTier: "manual-review",
+    lastVerifiedAt: null,
+    notes: "Manual-review candidate for a later registry promotion.",
+    searchSeeds: ["stable diffusion", "prompt"],
+    defaultSearch: false,
+  },
+  {
+    id: "stable-diffusion-templates-manual",
+    repo: "Dalabad/stable-diffusion-prompt-templates",
+    displayName: "Stable Diffusion Prompt Templates",
+    defaultRef: "main",
+    allowedPaths: [],
+    extensions: ["md", "txt"],
+    sourceType: "manual-review",
+    licenseSpdx: "NOASSERTION",
+    requiresAttribution: true,
+    trustTier: "manual-review",
+    lastVerifiedAt: null,
+    notes: "Manual-review candidate for structured Stable Diffusion prompt templates.",
+    searchSeeds: ["stable diffusion", "template", "prompt"],
+    defaultSearch: false,
+  },
+  {
+    id: "midjourney-awesome-manual",
+    repo: "Ezagor-dev/awesome-midjourney-prompts",
+    displayName: "Awesome Midjourney Prompts",
+    defaultRef: "main",
+    allowedPaths: [],
+    extensions: ["md", "txt"],
+    sourceType: "manual-review",
+    licenseSpdx: "NOASSERTION",
+    requiresAttribution: true,
+    trustTier: "manual-review",
+    lastVerifiedAt: null,
+    notes: "Manual-review candidate for broader model-aware search.",
+    searchSeeds: ["midjourney", "prompt"],
+    defaultSearch: false,
+  },
+  {
+    id: "diagram-image-prompts-manual",
+    repo: "danielrosehill/Tech-Diagram-Image-Gen-Prompts",
+    displayName: "Tech Diagram Image Gen Prompts",
+    defaultRef: "main",
+    allowedPaths: [],
+    extensions: ["md", "txt"],
+    sourceType: "manual-review",
+    licenseSpdx: "NOASSERTION",
+    requiresAttribution: true,
+    trustTier: "manual-review",
+    lastVerifiedAt: null,
+    notes: "Manual-review candidate for technical diagram image-generation prompts.",
+    searchSeeds: ["diagram", "technical", "image generation", "prompt"],
+    defaultSearch: false,
+  },
+];
+
+function publicSource(source) {
+  return {
+    id: source.id,
+    repo: source.repo,
+    owner: source.owner,
+    name: source.name,
+    displayName: source.displayName,
+    defaultRef: source.defaultRef,
+    allowedPaths: [...source.allowedPaths],
+    extensions: [...source.extensions],
+    sourceType: source.sourceType,
+    licenseSpdx: source.licenseSpdx,
+    requiresAttribution: source.requiresAttribution,
+    trustTier: source.trustTier,
+    lastVerifiedAt: source.lastVerifiedAt,
+    notes: source.notes,
+    searchSeeds: [...source.searchSeeds],
+    defaultSearch: source.defaultSearch,
+  };
+}
+
+export function listCuratedSources({ includeManualReview = true, defaultSearchOnly = false } = {}) {
+  return CURATED_SOURCES
+    .filter((source) => includeManualReview || source.trustTier !== "manual-review")
+    .filter((source) => !defaultSearchOnly || source.defaultSearch)
+    .map(publicSource);
+}
+
+export function getCuratedSource(sourceId) {
+  const source = CURATED_SOURCES.find((item) => item.id === sourceId);
+  return source ? publicSource(source) : null;
+}
+
+export function getDefaultSearchSources() {
+  return listCuratedSources({ includeManualReview: false, defaultSearchOnly: true });
+}

package/lib/promptImport/discoveryRegistry.js

@@ -0,0 +1,236 @@
+import { mkdir, readFile, rename, writeFile } from "node:fs/promises";
+import { dirname } from "node:path";
+import { promptImportError } from "./errors.js";
+
+const REGISTRY_VERSION = 1;
+const OWNER_REPO_RE = /^[A-Za-z0-9_.-]+$/;
+const SUPPORTED_EXTENSIONS = new Set(["md", "markdown", "txt"]);
+
+function registryFile(ctx) {
+  return ctx.config.storage.promptImportDiscoveryRegistryFile;
+}
+
+function emptyRegistry() {
+  return { version: REGISTRY_VERSION, updatedAt: null, candidates: {} };
+}
+
+function normalizeRepoFullName(repo) {
+  const value = String(repo || "").trim();
+  const parts = value.split("/");
+  if (parts.length !== 2 || !OWNER_REPO_RE.test(parts[0]) || !OWNER_REPO_RE.test(parts[1])) {
+    throw promptImportError("GITHUB_DISCOVERY_REVIEW_INVALID", "Review repo must be owner/repo");
+  }
+  return `${parts[0]}/${parts[1]}`;
+}
+
+function extensionForPath(path) {
+  const match = /\.([A-Za-z0-9]+)$/.exec(path);
+  return match?.[1]?.toLowerCase() ?? "";
+}
+
+function assertAllowedPath(path) {
+  const value = String(path || "").trim();
+  if (!value) {
+    throw promptImportError("GITHUB_DISCOVERY_REVIEW_INVALID", "Allowed path is required");
+  }
+  if (/^https?:\/\//i.test(value)) {
+    throw promptImportError("GITHUB_DISCOVERY_REVIEW_INVALID", "Allowed path must be repo-relative");
+  }
+  if (value.includes("\0") || /%00/i.test(value)) {
+    throw promptImportError("GITHUB_DISCOVERY_REVIEW_INVALID", "Allowed path contains a null byte");
+  }
+  if (/%2f|%5c/i.test(value)) {
+    throw promptImportError("GITHUB_DISCOVERY_REVIEW_INVALID", "Allowed path contains an encoded slash");
+  }
+  if (value.includes("\\") || value.split("/").includes("..")) {
+    throw promptImportError("GITHUB_DISCOVERY_REVIEW_INVALID", "Allowed path traversal is not allowed");
+  }
+  const clean = value.replace(/^\/+/, "");
+  const extension = extensionForPath(clean);
+  if (!SUPPORTED_EXTENSIONS.has(extension)) {
+    throw promptImportError("GITHUB_DISCOVERY_REVIEW_INVALID", "Allowed paths must be .md, .markdown, or .txt");
+  }
+  return clean;
+}
+
+function normalizeAllowedPaths(paths, limits) {
+  if (paths === undefined) return [];
+  if (!Array.isArray(paths)) {
+    throw promptImportError("GITHUB_DISCOVERY_REVIEW_INVALID", "allowedPaths must be an array");
+  }
+  if (paths.length > limits.maxRepoIndexFiles) {
+    throw promptImportError("GITHUB_DISCOVERY_REVIEW_INVALID", "Too many allowed paths", 413);
+  }
+  return [...new Set(paths.map(assertAllowedPath))];
+}
+
+function publicCandidate(candidate) {
+  return {
+    id: candidate.id,
+    repo: candidate.repo,
+    owner: candidate.owner,
+    name: candidate.name,
+    fullName: candidate.fullName,
+    htmlUrl: candidate.htmlUrl,
+    description: candidate.description,
+    defaultBranch: candidate.defaultBranch,
+    stars: candidate.stars,
+    forks: candidate.forks,
+    openIssues: candidate.openIssues,
+    updatedAt: candidate.updatedAt,
+    pushedAt: candidate.pushedAt,
+    licenseSpdx: candidate.licenseSpdx,
+    topics: Array.isArray(candidate.topics) ? [...candidate.topics] : [],
+    language: candidate.language,
+    score: candidate.score,
+    scoreReasons: Array.isArray(candidate.scoreReasons) ? [...candidate.scoreReasons] : [],
+    warnings: Array.isArray(candidate.warnings) ? [...candidate.warnings] : [],
+    status: candidate.status || "candidate",
+    query: candidate.query,
+    discoveredAt: candidate.discoveredAt,
+    reviewedAt: candidate.reviewedAt || null,
+    reviewNotes: candidate.reviewNotes || "",
+    approvedSource: candidate.approvedSource || null,
+  };
+}
+
+function reviewedSourceId(candidate) {
+  return `discovered-${candidate.fullName.toLowerCase().replace(/[^a-z0-9]+/g, "-").replace(/^-|-$/g, "")}`;
+}
+
+export async function readDiscoveryRegistry(ctx) {
+  try {
+    const parsed = JSON.parse(await readFile(registryFile(ctx), "utf8"));
+    if (parsed.version !== REGISTRY_VERSION) return emptyRegistry();
+    return {
+      version: REGISTRY_VERSION,
+      updatedAt: parsed.updatedAt || null,
+      candidates: parsed.candidates || {},
+    };
+  } catch {
+    return emptyRegistry();
+  }
+}
+
+export async function writeDiscoveryRegistry(ctx, registry) {
+  const file = registryFile(ctx);
+  await mkdir(dirname(file), { recursive: true });
+  const tmp = `${file}.${process.pid}.${Date.now()}.tmp`;
+  await writeFile(tmp, JSON.stringify(registry, null, 2));
+  await rename(tmp, file);
+}
+
+export async function listDiscoveryCandidates(ctx, filters = {}) {
+  const registry = await readDiscoveryRegistry(ctx);
+  const status = typeof filters.status === "string" ? filters.status : null;
+  return Object.values(registry.candidates)
+    .filter((candidate) => !status || candidate.status === status)
+    .map(publicCandidate)
+    .sort((a, b) => b.score - a.score || a.fullName.localeCompare(b.fullName));
+}
+
+export async function upsertDiscoveryCandidates(ctx, candidates) {
+  const registry = await readDiscoveryRegistry(ctx);
+  const now = new Date().toISOString();
+  for (const candidate of candidates) {
+    const fullName = normalizeRepoFullName(candidate.fullName || candidate.repo);
+    const existing = registry.candidates[fullName];
+    registry.candidates[fullName] = {
+      ...existing,
+      ...candidate,
+      fullName,
+      repo: fullName,
+      status: existing?.status || candidate.status || "candidate",
+      discoveredAt: existing?.discoveredAt || candidate.discoveredAt || now,
+    };
+  }
+  registry.updatedAt = now;
+  await writeDiscoveryRegistry(ctx, registry);
+  return Object.values(registry.candidates).map(publicCandidate);
+}
+
+export function reviewedSourceFromCandidate(candidate) {
+  const [owner, name] = String(candidate.fullName || candidate.repo).split("/");
+  const allowedPaths = Array.isArray(candidate.allowedPaths) ? candidate.allowedPaths : [];
+  return {
+    id: reviewedSourceId(candidate),
+    repo: `${owner}/${name}`,
+    owner,
+    name,
+    displayName: candidate.name || name,
+    defaultRef: candidate.defaultBranch || "main",
+    allowedPaths,
+    extensions: ["md", "markdown", "txt"],
+    sourceType: "discovered",
+    licenseSpdx: candidate.licenseSpdx || "NOASSERTION",
+    requiresAttribution: true,
+    trustTier: "reviewed",
+    lastVerifiedAt: candidate.reviewedAt || null,
+    notes: candidate.reviewNotes || candidate.description || "Reviewed GitHub discovery source.",
+    searchSeeds: [candidate.name, candidate.description, ...(candidate.topics || [])].filter(Boolean).slice(0, 8),
+    defaultSearch: Boolean(candidate.defaultSearch && allowedPaths.length > 0 && !String(candidate.defaultBranch || "").includes("/")),
+  };
+}
+
+export async function reviewDiscoveryCandidate(ctx, payload) {
+  const limits = {
+    maxRepoIndexFiles: ctx.config.limits.promptImportMaxRepoIndexFiles,
+  };
+  const repo = normalizeRepoFullName(payload?.repo);
+  const status = String(payload?.status || "");
+  if (!["approved", "rejected"].includes(status)) {
+    throw promptImportError("GITHUB_DISCOVERY_REVIEW_INVALID", "Review status must be approved or rejected");
+  }
+
+  const registry = await readDiscoveryRegistry(ctx);
+  const candidate = registry.candidates[repo];
+  if (!candidate) {
+    throw promptImportError("GITHUB_DISCOVERY_SOURCE_NOT_FOUND", "Discovery candidate was not found", 404);
+  }
+
+  const allowedPaths = normalizeAllowedPaths(payload?.allowedPaths, limits);
+  const warnings = [...(candidate.warnings || [])];
+  const defaultBranch = String(candidate.defaultBranch || "");
+  let defaultSearch = Boolean(payload?.defaultSearch);
+
+  if (status !== "approved" || allowedPaths.length === 0) defaultSearch = false;
+  if (defaultBranch.includes("/")) {
+    defaultSearch = false;
+    warnings.push("discovery-default-branch-unsupported");
+  }
+  if (status === "approved" && allowedPaths.length === 0) {
+    warnings.push("discovery-requires-paths");
+  }
+
+  const reviewed = {
+    ...candidate,
+    allowedPaths,
+    status,
+    warnings: [...new Set(warnings)],
+    defaultSearch,
+    reviewedAt: new Date().toISOString(),
+    reviewNotes: typeof payload?.reviewNotes === "string" ? payload.reviewNotes.slice(0, 500) : "",
+  };
+  reviewed.approvedSource = status === "approved" ? reviewedSourceFromCandidate(reviewed) : null;
+  registry.candidates[repo] = reviewed;
+  registry.updatedAt = reviewed.reviewedAt;
+  await writeDiscoveryRegistry(ctx, registry);
+  return { candidate: publicCandidate(reviewed), source: reviewed.approvedSource, warnings: reviewed.warnings };
+}
+
+export async function listReviewedDiscoverySources(ctx, { defaultSearchOnly = false } = {}) {
+  const registry = await readDiscoveryRegistry(ctx);
+  return Object.values(registry.candidates)
+    .filter((candidate) => candidate.status === "approved" && candidate.approvedSource)
+    .map((candidate) => candidate.approvedSource)
+    .filter((source) => !defaultSearchOnly || source.defaultSearch);
+}
+
+export async function getReviewedDiscoverySource(ctx, sourceId) {
+  const sources = await listReviewedDiscoverySources(ctx);
+  return sources.find((source) => source.id === sourceId) || null;
+}
+
+export async function getDefaultReviewedDiscoverySources(ctx) {
+  return listReviewedDiscoverySources(ctx, { defaultSearchOnly: true });
+}