npm - jinzd-ai-cli - Versions diffs - 0.4.87 → 0.4.89 - Mend

jinzd-ai-cli 0.4.87 → 0.4.89

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (23) hide show

package/dist/electron-server.js CHANGED Viewed

@@ -36,7 +36,7 @@ import {
   VERSION,
   buildUserIdentityPrompt,
   runTestsTool
-} from "./chunk-AQX3GYRD.js";
+} from "./chunk-4WVXTADR.js";
 import {
   hasSemanticIndex,
   semanticSearch
@@ -44,7 +44,10 @@ import {
 import {
   loadIndex
 } from "./chunk-BJAT4GNC.js";
-import "./chunk-XMA222FQ.js";
+import {
+  EMBEDDING_DIM,
+  embedOne
+} from "./chunk-XMA222FQ.js";
 // src/web/server.ts
 import express from "express";
@@ -223,6 +226,24 @@ var ConfigSchema = z.object({
   // 必须确认插件来源可信后，再设为 true 启用。
   // 可通过 /config 命令或直接编辑 ~/.aicli/config.json 开启。
   allowPlugins: z.boolean().default(false),
+  // 敏感信息脱敏（v0.4.88+，2026-04 凭据泄漏事件后引入）
+  // 会话保存到磁盘 / 发送给 Provider 前，自动将 API key、密码、PEM 私钥等
+  // 按正则替换为 [REDACTED:kind] 占位符。模式定义在 src/security/redactor.ts。
+  //
+  // redactOnSave 默认 true：保存到 ~/.aicli/history/*.json 时脱敏（推荐开启）
+  // redactOnSend 默认 false：发送到 Provider 时脱敏（激进，可能影响工具结果）
+  // mode:
+  //   'default' — 使用内置 13 条模式（推荐）
+  //   'strict'  — 同 default，但阈值更低（更激进，可能误报）
+  //   'off'     — 禁用所有模式（等同 redactOnSave=false）
+  // customPatterns — 用户补充正则字符串（支持 /pattern/flags 形式），
+  //                  无效正则会静默跳过，不会中断保存。
+  security: z.object({
+    redactOnSave: z.boolean().default(true),
+    redactOnSend: z.boolean().default(false),
+    mode: z.enum(["default", "strict", "off"]).default("default"),
+    customPatterns: z.array(z.string()).default([])
+  }).default({}),
   // 智能模型路由（v0.4.68+）
   // 按用户每轮输入的内容/标签/长度动态选择模型，在同一 provider 内切换，
   // 例：短问题走 haiku（省钱），planning 走 opus（质量）。
@@ -414,8 +435,8 @@ ${err}`
     return EnvLoader.getDefaultProvider() ?? this.config.defaultProvider;
   }
   /** 点分路径读取配置值，如 `ui.theme` → config.ui.theme */
-  getByPath(path3) {
-    const keys = path3.split(".");
+  getByPath(path4) {
+    const keys = path4.split(".");
     let current = this.config;
     for (const key of keys) {
       if (current == null || typeof current !== "object") return void 0;
@@ -424,8 +445,8 @@ ${err}`
     return current;
   }
   /** 点分路径写入配置值，自动类型转换（boolean/number/string）并持久化 */
-  setByPath(path3, rawValue) {
-    const keys = path3.split(".");
+  setByPath(path4, rawValue) {
+    const keys = path4.split(".");
     if (keys.length === 0) return;
     let value = rawValue;
     if (rawValue === "true") value = true;
@@ -444,7 +465,7 @@ ${err}`
     const result = ConfigSchema.safeParse(draft);
     if (!result.success) {
       const firstErr = result.error.errors[0];
-      throw new ConfigError(`Invalid config value for "${path3}": ${firstErr?.message ?? "validation failed"}`);
+      throw new ConfigError(`Invalid config value for "${path4}": ${firstErr?.message ?? "validation failed"}`);
     }
     this.config = result.data;
     this.save();
@@ -3036,6 +3057,104 @@ var Session = class _Session {
   }
 };
+// src/security/redactor.ts
+var DEFAULT_PATTERNS = [
+  // password: xxx / password = xxx / password="xxx"
+  // Covers YAML / JSON / shell-ish / env-file forms.
+  { kind: "password", regex: /\b(password|passwd|pwd)\s*[:=]\s*["']?([^\s"',;{}]{4,200})["']?/gi },
+  // PGPASSWORD=xxx (explicit bash env-var form, separate rule because no quotes usually)
+  { kind: "pgpassword-env", regex: /\b(PGPASSWORD)=([^\s"']{4,200})/g },
+  // JDBC/PG/MySQL/Mongo connection strings with inline credentials
+  // postgresql://user:pass@host/db → redact pass
+  { kind: "db-uri-password", regex: /(\b(?:postgres(?:ql)?|mysql|mongodb(?:\+srv)?|redis|amqp|mssql):\/\/[^:\s]+:)([^@\s]+)(@)/gi },
+  // Anthropic API keys
+  { kind: "anthropic-key", regex: /(sk-ant-[a-zA-Z0-9_-]{90,})/g },
+  // OpenAI / generic sk- keys — requires length ≥32 to avoid eating short identifiers
+  { kind: "openai-key", regex: /(sk-(?:proj-)?[a-zA-Z0-9_-]{32,})/g },
+  // GitHub personal access tokens
+  { kind: "github-pat", regex: /\b(ghp_[a-zA-Z0-9]{36})\b/g },
+  { kind: "github-oauth", regex: /\b(gho_[a-zA-Z0-9]{36})\b/g },
+  { kind: "github-install", regex: /\b(ghs_[a-zA-Z0-9]{36})\b/g },
+  // Slack tokens
+  { kind: "slack-bot", regex: /\b(xoxb-\d+-\d+-[a-zA-Z0-9]+)\b/g },
+  { kind: "slack-user", regex: /\b(xoxp-\d+-\d+-\d+-[a-zA-Z0-9]+)\b/g },
+  // AWS access key IDs (AKIA...) and secret access keys are context-dependent;
+  // we only catch the ID because secret key alone is indistinguishable from random base64.
+  { kind: "aws-access-key-id", regex: /\b(AKIA[0-9A-Z]{16})\b/g },
+  // Google API keys
+  { kind: "google-api-key", regex: /\b(AIza[0-9A-Za-z_-]{35})\b/g },
+  // Generic "api_key": "..." / "apiKey": "..." / api-key=xxx
+  { kind: "api-key", regex: /\b(api[_-]?key)\s*[:=]\s*["']?([a-zA-Z0-9_\-.]{16,200})["']?/gi },
+  // Generic token: xxx (only when value looks token-shaped; avoids eating human prose)
+  { kind: "token", regex: /\b(token|access[_-]?token|bearer[_-]?token)\s*[:=]\s*["']?([a-zA-Z0-9_\-.]{20,300})["']?/gi },
+  // Bearer <token> in Authorization headers
+  { kind: "bearer", regex: /\b(Authorization:\s*Bearer\s+)([a-zA-Z0-9_\-.=]{20,500})/g },
+  // Private key PEM blocks — catch the header+footer together
+  { kind: "private-key", regex: /-----BEGIN [A-Z ]*PRIVATE KEY-----[\s\S]*?-----END [A-Z ]*PRIVATE KEY-----/g }
+];
+function render(placeholder, kind) {
+  return placeholder.replace("{kind}", kind);
+}
+function redactString(input, options) {
+  if (!options.enabled || !input) return { redacted: input, hits: [] };
+  const placeholder = options.placeholder ?? "[REDACTED:{kind}]";
+  const patterns = [
+    ...options.patterns ?? DEFAULT_PATTERNS,
+    ...(options.customRegexes ?? []).flatMap((src, i) => {
+      try {
+        const flags = src.match(/^\/.*\/([gimsuy]*)$/)?.[1] ?? "";
+        const body = src.replace(/^\/(.*)\/[gimsuy]*$/, "$1");
+        const regex = new RegExp(body, flags.includes("g") ? flags : flags + "g");
+        return [{ kind: `custom-${i}`, regex }];
+      } catch {
+        return [];
+      }
+    })
+  ];
+  let redacted = input;
+  const hits = [];
+  for (const { kind, regex } of patterns) {
+    const rx = new RegExp(regex.source, regex.flags);
+    redacted = redacted.replace(rx, (...args) => {
+      const match = args[0];
+      const probe = new RegExp(rx.source).exec(match);
+      const captureCount = probe ? probe.length - 1 : 0;
+      const g1 = captureCount >= 1 ? args[1] : void 0;
+      const g2 = captureCount >= 2 ? args[2] : void 0;
+      const offset = args[1 + captureCount];
+      if (captureCount >= 2 && typeof g2 === "string") {
+        hits.push({ kind, start: offset + (g1?.length ?? 0), length: g2.length, secret: g2 });
+        return `${g1}${render(placeholder, kind)}`;
+      }
+      hits.push({ kind, start: offset, length: match.length, secret: g1 ?? match });
+      return render(placeholder, kind);
+    });
+  }
+  return { redacted, hits };
+}
+function redactJson(value, options) {
+  if (!options.enabled) return { value, hits: [] };
+  const allHits = [];
+  function walk(v) {
+    if (typeof v === "string") {
+      const r = redactString(v, options);
+      allHits.push(...r.hits);
+      return r.redacted;
+    }
+    if (Array.isArray(v)) return v.map(walk);
+    if (v && typeof v === "object") {
+      const out = {};
+      for (const [k, vv] of Object.entries(v)) {
+        out[k] = walk(vv);
+      }
+      return out;
+    }
+    return v;
+  }
+  const redacted = walk(value);
+  return { value: redacted, hits: allHits };
+}
 // src/session/session-manager.ts
 function safeDate(value) {
   const d = new Date(value);
@@ -3049,9 +3168,27 @@ function extractJsonField(header, field) {
 var SessionManager = class {
   _current = null;
   historyDir;
+  config;
+  /** Last save's redaction hit count — exposed for /security status reporting */
+  lastRedactionHits = 0;
   constructor(config) {
+    this.config = config;
     this.historyDir = config.getHistoryDir();
   }
+  /**
+   * Build redaction options from config. Returns `{ enabled: false }` when
+   * `security.redactOnSave` is off or `security.mode` is 'off'.
+   */
+  redactOptionsForSave() {
+    const security = this.config.get("security");
+    if (!security || !security.redactOnSave || security.mode === "off") {
+      return { enabled: false };
+    }
+    return {
+      enabled: true,
+      customRegexes: security.customPatterns ?? []
+    };
+  }
   get current() {
     return this._current;
   }
@@ -3077,8 +3214,12 @@ var SessionManager = class {
     if (!this._current) return;
     mkdirSync2(this.historyDir, { recursive: true });
     const filePath = join2(this.historyDir, `${this._current.id}.json`);
+    const raw = this._current.toJSON();
+    const opts = this.redactOptionsForSave();
+    const { value: payload, hits } = redactJson(raw, opts);
+    this.lastRedactionHits = hits.length;
     const tmpPath = filePath + ".tmp";
-    writeFileSync2(tmpPath, JSON.stringify(this._current.toJSON(), null, 2), "utf-8");
+    writeFileSync2(tmpPath, JSON.stringify(payload, null, 2), "utf-8");
     renameSync(tmpPath, filePath);
   }
   loadSession(id) {
@@ -4217,8 +4358,8 @@ function checkPermission(toolName, args, dangerLevel, rules, defaultAction = "co
     if (rule.when) {
       if (rule.when.dangerLevel && rule.when.dangerLevel !== dangerLevel) continue;
       if (rule.when.pathPattern) {
-        const path3 = String(args["path"] ?? args["command"] ?? "");
-        if (!path3.includes(rule.when.pathPattern)) continue;
+        const path4 = String(args["path"] ?? args["command"] ?? "");
+        if (!path4.includes(rule.when.pathPattern)) continue;
       }
     }
     return rule.action;
@@ -7718,6 +7859,160 @@ ${lines.join("\n")}`;
   }
 };
+// src/memory/chat-index.ts
+import fs2 from "fs";
+import path3 from "path";
+import os from "os";
+import crypto from "crypto";
+var MEMORY_DIR_NAME = "memory-index";
+var CHUNKS_FILE = "chunks.json";
+var VECTORS_FILE = "vectors.vec";
+var VEC_MAGIC = 1094929750;
+var VEC_VERSION = 1;
+var VEC_HEADER_BYTES = 16;
+function memoryIndexDir() {
+  return path3.join(os.homedir(), ".aicli", MEMORY_DIR_NAME);
+}
+function chunksPath() {
+  return path3.join(memoryIndexDir(), CHUNKS_FILE);
+}
+function vectorsPath() {
+  return path3.join(memoryIndexDir(), VECTORS_FILE);
+}
+function readVectorsFile(expectedCount) {
+  const p = vectorsPath();
+  if (!fs2.existsSync(p)) return null;
+  let buf;
+  try {
+    buf = fs2.readFileSync(p);
+  } catch {
+    return null;
+  }
+  if (buf.length < VEC_HEADER_BYTES) return null;
+  const magic = buf.readUInt32LE(0);
+  const version = buf.readUInt32LE(4);
+  const count = buf.readUInt32LE(8);
+  const dim = buf.readUInt32LE(12);
+  if (magic !== VEC_MAGIC || version !== VEC_VERSION || dim !== EMBEDDING_DIM) return null;
+  if (count !== expectedCount) return null;
+  const expected = VEC_HEADER_BYTES + count * dim * 4;
+  if (buf.length !== expected) return null;
+  return new Float32Array(
+    buf.buffer.slice(buf.byteOffset + VEC_HEADER_BYTES, buf.byteOffset + expected)
+  );
+}
+function readIndexFile() {
+  const p = chunksPath();
+  if (!fs2.existsSync(p)) return null;
+  try {
+    const raw = fs2.readFileSync(p, "utf-8");
+    const data = JSON.parse(raw);
+    if (data.version !== 1) return null;
+    return data;
+  } catch {
+    return null;
+  }
+}
+function loadChatIndex() {
+  const idx = readIndexFile();
+  if (!idx) return null;
+  const vectors = readVectorsFile(idx.chunks.length);
+  if (!vectors) return null;
+  return { idx, vectors };
+}
+async function searchChatMemory(query, options = {}) {
+  const topK = options.topK ?? 5;
+  const minScore = options.minScore ?? 0.25;
+  const loaded = loadChatIndex();
+  if (!loaded || loaded.idx.chunks.length === 0) return [];
+  const { idx, vectors } = loaded;
+  const { redacted } = redactString(query, { enabled: true });
+  const qvec = await embedOne(redacted);
+  const candidates = [];
+  for (let i = 0; i < idx.chunks.length; i++) {
+    const c = idx.chunks[i];
+    if (options.sessionId && c.sessionId !== options.sessionId) continue;
+    if (options.excludeSessionId && c.sessionId === options.excludeSessionId) continue;
+    let score = 0;
+    const base = i * EMBEDDING_DIM;
+    for (let d = 0; d < EMBEDDING_DIM; d++) {
+      score += vectors[base + d] * qvec[d];
+    }
+    if (score < minScore) continue;
+    candidates.push({ chunk: c, score });
+  }
+  candidates.sort((a, b) => b.score - a.score);
+  return candidates.slice(0, topK);
+}
+// src/tools/builtin/recall-memory.ts
+function formatHit(h, i) {
+  const ts = h.chunk.timestamp.slice(0, 16).replace("T", " ");
+  const title = h.chunk.sessionTitle ? ` \xB7 ${h.chunk.sessionTitle}` : "";
+  const sid = h.chunk.sessionId.slice(0, 8);
+  const score = h.score.toFixed(3);
+  const body = h.chunk.text.length > 600 ? h.chunk.text.slice(0, 600) + "\u2026" : h.chunk.text;
+  return `\u2500\u2500\u2500 Hit ${i + 1} (score ${score}, session ${sid}${title}, ${ts}) \u2500\u2500\u2500
+` + body;
+}
+var recallMemoryTool = {
+  definition: {
+    name: "recall_memory",
+    description: 'Semantic search over past chat sessions. Call this whenever the user references something that may have been discussed before ("last time", "remember", "\u4E4B\u524D", "\u4E0A\u6B21"), when context is ambiguous and continuity matters, or when you want to check what decisions or preferences have been established across prior conversations. Returns up to `topK` relevant snippets with session id, timestamp, and cosine similarity score. Prefer this over asking the user "can you remind me".',
+    parameters: {
+      query: {
+        type: "string",
+        description: "Natural-language description of what to recall. Chinese or English both work.",
+        required: true
+      },
+      topK: {
+        type: "number",
+        description: "Max number of snippets to return (default 5, max 20).",
+        required: false
+      },
+      excludeCurrentSession: {
+        type: "boolean",
+        description: "If true, exclude the current session from results (avoid echoing what you just said). Default false.",
+        required: false
+      },
+      currentSessionId: {
+        type: "string",
+        description: "Session ID to exclude when excludeCurrentSession=true. Usually the active session.",
+        required: false
+      },
+      minScore: {
+        type: "number",
+        description: "Drop hits below this cosine score. Default 0.25. Raise to 0.35+ for stricter matches.",
+        required: false
+      }
+    },
+    dangerous: false
+  },
+  async execute(args) {
+    const query = String(args["query"] ?? "").trim();
+    if (!query) throw new ToolError("recall_memory", "query is required");
+    const topK = Math.max(1, Math.min(20, Number(args["topK"] ?? 5)));
+    const excludeCurrent = Boolean(args["excludeCurrentSession"]);
+    const currentId = args["currentSessionId"] ? String(args["currentSessionId"]) : void 0;
+    const minScore = args["minScore"] !== void 0 ? Number(args["minScore"]) : 0.25;
+    const status = loadChatIndex();
+    if (!status) {
+      return "No chat memory index found. The index is built on REPL startup, or run `/memory rebuild` manually. If you have no past sessions yet, this is expected.";
+    }
+    const hits = await searchChatMemory(query, {
+      topK,
+      minScore,
+      excludeSessionId: excludeCurrent ? currentId : void 0
+    });
+    if (hits.length === 0) {
+      return `No memories matched "${query}" above score ${minScore}. Index has ${status.idx.chunks.length} chunks across ${Object.keys(status.idx.sessionMtimes).length} sessions. Consider lowering minScore to 0.15 or rephrasing the query.`;
+    }
+    const header = `Found ${hits.length} memory hit(s) for "${query}" (min-score ${minScore}):
+`;
+    return header + "\n" + hits.map(formatHit).join("\n\n");
+  }
+};
 // src/core/token-estimator.ts
 var CJK_REGEX = /[\u2E80-\u9FFF\uA000-\uA4FF\uAC00-\uD7FF\uF900-\uFAFF\uFE30-\uFE4F\uFF00-\uFFEF]/g;
 function estimateTokens(text) {
@@ -7777,6 +8072,7 @@ var ToolRegistry = class {
     this.register(getOutlineTool);
     this.register(findReferencesTool);
     this.register(searchCodeTool);
+    this.register(recallMemoryTool);
   }
   register(tool) {
     this.tools.set(tool.definition.name, tool);
@@ -8944,9 +9240,9 @@ function getDevStatePath() {
   return join10(homedir4(), CONFIG_DIR_NAME, DEV_STATE_FILE_NAME);
 }
 function loadDevState() {
-  const path3 = getDevStatePath();
-  if (!existsSync17(path3)) return null;
-  const content = readFileSync11(path3, "utf-8").trim();
+  const path4 = getDevStatePath();
+  if (!existsSync17(path4)) return null;
+  const content = readFileSync11(path4, "utf-8").trim();
   return content || null;
 }
@@ -11108,7 +11404,7 @@ ${undoResults.map((r) => `  \u2022 ${r}`).join("\n")}` });
       case "test": {
         this.send({ type: "info", message: "\u{1F9EA} Running tests..." });
         try {
-          const { executeTests } = await import("./run-tests-P7GIZ6UH.js");
+          const { executeTests } = await import("./run-tests-TGGXTOFF.js");
           const argStr = args.join(" ").trim();
           let testArgs = {};
           if (argStr) {

package/dist/{hub-HEC4GYKR.js → hub-4P2BH57W.js} RENAMED Viewed

@@ -385,7 +385,7 @@ ${content}`);
   }
 }
 async function runTaskMode(config, providers, configManager, topic) {
-  const { TaskOrchestrator } = await import("./task-orchestrator-36SFPCP7.js");
+  const { TaskOrchestrator } = await import("./task-orchestrator-ODU45UQG.js");
   const orchestrator = new TaskOrchestrator(config, providers, configManager);
   let interrupted = false;
   const onSigint = () => {