jishushell 0.4.30 → 0.5.15
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/apps/anythingllm-container.yaml +287 -0
- package/apps/browserless-chromium-container.yaml +18 -6
- package/apps/filebrowser-container.yaml +163 -0
- package/apps/openclaw-binary.yaml +8 -0
- package/apps/openclaw-container.yaml +9 -1
- package/apps/openclaw-with-searxng-container.yaml +4 -0
- package/apps/searxng-container.yaml +5 -4
- package/apps/weknora-container.yaml +471 -0
- package/dist/cli/panel.js.map +1 -1
- package/dist/config.d.ts +19 -0
- package/dist/config.js +99 -1
- package/dist/config.js.map +1 -1
- package/dist/install.js +3 -3
- package/dist/install.js.map +1 -1
- package/dist/routes/auth.js +2 -2
- package/dist/routes/auth.js.map +1 -1
- package/dist/routes/backup.js +64 -11
- package/dist/routes/backup.js.map +1 -1
- package/dist/routes/external-mounts.d.ts +17 -0
- package/dist/routes/external-mounts.js +73 -0
- package/dist/routes/external-mounts.js.map +1 -0
- package/dist/routes/file-mounts.d.ts +13 -0
- package/dist/routes/file-mounts.js +90 -0
- package/dist/routes/file-mounts.js.map +1 -0
- package/dist/routes/files-organize.d.ts +28 -0
- package/dist/routes/files-organize.js +167 -0
- package/dist/routes/files-organize.js.map +1 -0
- package/dist/routes/files.d.ts +31 -0
- package/dist/routes/files.js +321 -0
- package/dist/routes/files.js.map +1 -0
- package/dist/routes/instances.js +45 -7
- package/dist/routes/instances.js.map +1 -1
- package/dist/routes/internal.d.ts +2 -0
- package/dist/routes/internal.js +59 -0
- package/dist/routes/internal.js.map +1 -0
- package/dist/routes/setup.js +9 -9
- package/dist/routes/setup.js.map +1 -1
- package/dist/routes/system.js +1 -1
- package/dist/routes/system.js.map +1 -1
- package/dist/routes/webdav.d.ts +17 -0
- package/dist/routes/webdav.js +114 -0
- package/dist/routes/webdav.js.map +1 -0
- package/dist/server.js +341 -3
- package/dist/server.js.map +1 -1
- package/dist/services/app/app-compiler.d.ts +1 -1
- package/dist/services/app/app-compiler.js +5 -5
- package/dist/services/app/app-compiler.js.map +1 -1
- package/dist/services/app/app-manager.d.ts +1 -0
- package/dist/services/app/app-manager.js +172 -41
- package/dist/services/app/app-manager.js.map +1 -1
- package/dist/services/app/custom-manager.js.map +1 -1
- package/dist/services/app/hermes-agent-manager.js +1 -0
- package/dist/services/app/hermes-agent-manager.js.map +1 -1
- package/dist/services/app/ollama-manager.js +1 -1
- package/dist/services/app/ollama-manager.js.map +1 -1
- package/dist/services/app/openclaw-manager.js +20 -3
- package/dist/services/app/openclaw-manager.js.map +1 -1
- package/dist/services/app/platform-transform.d.ts +32 -0
- package/dist/services/app/platform-transform.js +65 -0
- package/dist/services/app/platform-transform.js.map +1 -0
- package/dist/services/app-passwords.d.ts +61 -0
- package/dist/services/app-passwords.js +173 -0
- package/dist/services/app-passwords.js.map +1 -0
- package/dist/services/backup-manager.d.ts +11 -0
- package/dist/services/backup-manager.js +177 -4
- package/dist/services/backup-manager.js.map +1 -1
- package/dist/services/connection-apply.d.ts +2 -0
- package/dist/services/connection-apply.js +55 -1
- package/dist/services/connection-apply.js.map +1 -1
- package/dist/services/connection-resolver.js +1 -1
- package/dist/services/connection-resolver.js.map +1 -1
- package/dist/services/connection-transactor.d.ts +2 -0
- package/dist/services/connection-transactor.js +12 -2
- package/dist/services/connection-transactor.js.map +1 -1
- package/dist/services/external-mounts.d.ts +40 -0
- package/dist/services/external-mounts.js +187 -0
- package/dist/services/external-mounts.js.map +1 -0
- package/dist/services/files-manager.d.ts +252 -0
- package/dist/services/files-manager.js +1075 -0
- package/dist/services/files-manager.js.map +1 -0
- package/dist/services/files-mounts.d.ts +42 -0
- package/dist/services/files-mounts.js +207 -0
- package/dist/services/files-mounts.js.map +1 -0
- package/dist/services/instance-manager.js +1 -23
- package/dist/services/instance-manager.js.map +1 -1
- package/dist/services/llm-proxy/index.js.map +1 -1
- package/dist/services/llm-proxy/ssrf.js +6 -2
- package/dist/services/llm-proxy/ssrf.js.map +1 -1
- package/dist/services/nomad-manager.d.ts +4 -0
- package/dist/services/nomad-manager.js +53 -19
- package/dist/services/nomad-manager.js.map +1 -1
- package/dist/services/organize/applier.d.ts +46 -0
- package/dist/services/organize/applier.js +218 -0
- package/dist/services/organize/applier.js.map +1 -0
- package/dist/services/organize/rules.d.ts +57 -0
- package/dist/services/organize/rules.js +286 -0
- package/dist/services/organize/rules.js.map +1 -0
- package/dist/services/organize/scanner.d.ts +50 -0
- package/dist/services/organize/scanner.js +366 -0
- package/dist/services/organize/scanner.js.map +1 -0
- package/dist/services/organize/store.d.ts +14 -0
- package/dist/services/organize/store.js +82 -0
- package/dist/services/organize/store.js.map +1 -0
- package/dist/services/panel-manager.js +20 -1
- package/dist/services/panel-manager.js.map +1 -1
- package/dist/services/process-manager.js +3 -2
- package/dist/services/process-manager.js.map +1 -1
- package/dist/services/runtime/adapters/hermes.js +1 -1
- package/dist/services/runtime/adapters/hermes.js.map +1 -1
- package/dist/services/runtime/adapters/openclaw-routes.d.ts +8 -2
- package/dist/services/runtime/adapters/openclaw-routes.js +68 -0
- package/dist/services/runtime/adapters/openclaw-routes.js.map +1 -1
- package/dist/services/runtime/adapters/openclaw.d.ts +90 -0
- package/dist/services/runtime/adapters/openclaw.js +957 -45
- package/dist/services/runtime/adapters/openclaw.js.map +1 -1
- package/dist/services/runtime/instance.d.ts +1 -1
- package/dist/services/runtime/instance.js +1 -1
- package/dist/services/runtime/instance.js.map +1 -1
- package/dist/services/runtime/mcp-shims/anythingllm-shim.d.ts +46 -0
- package/dist/services/runtime/mcp-shims/anythingllm-shim.js +281 -0
- package/dist/services/runtime/mcp-shims/anythingllm-shim.js.map +1 -0
- package/dist/services/runtime/mcp-shims/drive-shim.d.ts +54 -0
- package/dist/services/runtime/mcp-shims/drive-shim.js +489 -0
- package/dist/services/runtime/mcp-shims/drive-shim.js.map +1 -0
- package/dist/services/runtime/types.d.ts +31 -0
- package/dist/services/setup-manager.js +93 -18
- package/dist/services/setup-manager.js.map +1 -1
- package/dist/services/suggestions.js.map +1 -1
- package/dist/services/webdav/server.d.ts +24 -0
- package/dist/services/webdav/server.js +420 -0
- package/dist/services/webdav/server.js.map +1 -0
- package/dist/services/webdav/xml-builder.d.ts +73 -0
- package/dist/services/webdav/xml-builder.js +156 -0
- package/dist/services/webdav/xml-builder.js.map +1 -0
- package/dist/services/workspace-builder.d.ts +29 -0
- package/dist/services/workspace-builder.js +188 -0
- package/dist/services/workspace-builder.js.map +1 -0
- package/dist/types.d.ts +60 -0
- package/dist/utils/path-locks.d.ts +30 -0
- package/dist/utils/path-locks.js +63 -0
- package/dist/utils/path-locks.js.map +1 -0
- package/dist/utils/path-safety.d.ts +41 -0
- package/dist/utils/path-safety.js +119 -0
- package/dist/utils/path-safety.js.map +1 -0
- package/dist/utils/safe-write.d.ts +24 -0
- package/dist/utils/safe-write.js +82 -0
- package/dist/utils/safe-write.js.map +1 -0
- package/package.json +16 -1
- package/public/assets/Dashboard-BdWPtroF.js +1 -0
- package/public/assets/{HermesChatPanel-_GHoklgo.js → HermesChatPanel-B_2HlVBQ.js} +1 -1
- package/public/assets/{HermesConfigForm-anDnwUp_.js → HermesConfigForm-DVlhg3WV.js} +2 -2
- package/public/assets/{InitPassword-ZU9_-hDr.js → InitPassword-D7glTExX.js} +1 -1
- package/public/assets/InstanceDetail-CxSy2cpe.js +92 -0
- package/public/assets/{Login-BItXqYAJ.js → Login-Cfr5c2sv.js} +1 -1
- package/public/assets/NewInstance-BIYDmJis.js +1 -0
- package/public/assets/{ProviderRecommendations-DFYj7Fb6.js → ProviderRecommendations-BuRnvRcI.js} +1 -1
- package/public/assets/{Settings-Bttc6QmM.js → Settings-Cc-tYBil.js} +1 -1
- package/public/assets/{Setup-Bsxx1zgj.js → Setup-lGZEk5jq.js} +1 -1
- package/public/assets/{WeixinLoginPanel-DPZpAKgO.js → WeixinLoginPanel-CoGqzxeV.js} +2 -2
- package/public/assets/index-87IJXG-w.css +1 -0
- package/public/assets/index-BZc5zH7u.js +19 -0
- package/public/assets/{registry-5s2UB6is.js → registry-BWnkJgZ1.js} +2 -2
- package/public/assets/{usePolling-Do5Erqm_.js → usePolling-CwwT9KrC.js} +1 -1
- package/public/assets/{vendor-i18n-ucpM0OR0.js → vendor-i18n-y9V7Sfuu.js} +1 -1
- package/public/assets/{vendor-react-Bk1hRGiY.js → vendor-react-BWrEVJVb.js} +6 -6
- package/public/index.html +4 -4
- package/scripts/check-app-spec.mjs +18 -4
- package/scripts/check-new-file-tests.mjs +230 -0
- package/scripts/check-quarantine-expiry.mjs +105 -0
- package/scripts/perf/README.md +49 -0
- package/scripts/perf/auth.js +99 -0
- package/scripts/perf/config.js +63 -0
- package/scripts/perf/instances.js +143 -0
- package/scripts/perf/proxy.js +96 -0
- package/scripts/smoke/files-w1.sh +142 -0
- package/scripts/smoke-backend.mjs +122 -0
- package/scripts/smoke-post-publish.mjs +346 -0
- package/public/assets/Dashboard-rkWp-CXd.js +0 -1
- package/public/assets/InstanceDetail-CN0FH1aw.js +0 -92
- package/public/assets/NewInstance-BousE6kY.js +0 -1
- package/public/assets/index-8xZy1z5k.css +0 -1
- package/public/assets/index-Dw3HhUYE.js +0 -19
|
@@ -0,0 +1,252 @@
|
|
|
1
|
+
import { Readable } from "node:stream";
|
|
2
|
+
import { isHidden } from "../utils/path-safety.js";
|
|
3
|
+
import { type ExternalMount } from "./external-mounts.js";
|
|
4
|
+
export interface DirEntry {
|
|
5
|
+
name: string;
|
|
6
|
+
is_dir: boolean;
|
|
7
|
+
size: number;
|
|
8
|
+
mtime: number;
|
|
9
|
+
etag: string;
|
|
10
|
+
mime?: string;
|
|
11
|
+
child_count?: number;
|
|
12
|
+
}
|
|
13
|
+
export interface DirListing {
|
|
14
|
+
path: string;
|
|
15
|
+
entries: DirEntry[];
|
|
16
|
+
quota_mb: number;
|
|
17
|
+
used_mb: number;
|
|
18
|
+
available_mb: number;
|
|
19
|
+
}
|
|
20
|
+
export interface ReadStreamResult {
|
|
21
|
+
/** Lazy: opens the file only when called. Avoids leaking fds in 304 paths. */
|
|
22
|
+
openStream: () => Readable;
|
|
23
|
+
etag: string;
|
|
24
|
+
mime: string;
|
|
25
|
+
size: number;
|
|
26
|
+
mtime: number;
|
|
27
|
+
}
|
|
28
|
+
export interface ReadSmallResult {
|
|
29
|
+
buf: Buffer;
|
|
30
|
+
etag: string;
|
|
31
|
+
mime: string;
|
|
32
|
+
truncated: boolean;
|
|
33
|
+
size: number;
|
|
34
|
+
}
|
|
35
|
+
export interface WriteOptions {
|
|
36
|
+
ifMatch?: string;
|
|
37
|
+
overwrite?: boolean;
|
|
38
|
+
expectedSize?: number;
|
|
39
|
+
}
|
|
40
|
+
export interface WriteResult {
|
|
41
|
+
etag: string;
|
|
42
|
+
size: number;
|
|
43
|
+
mime: string;
|
|
44
|
+
}
|
|
45
|
+
export interface QuotaInfo {
|
|
46
|
+
quota_mb: number;
|
|
47
|
+
used_mb: number;
|
|
48
|
+
available_mb: number;
|
|
49
|
+
trash_mb: number;
|
|
50
|
+
}
|
|
51
|
+
export interface FilesManagerConfig {
|
|
52
|
+
filesRoot?: string;
|
|
53
|
+
trashRoot?: string;
|
|
54
|
+
auditLog?: string;
|
|
55
|
+
quotaMb?: number;
|
|
56
|
+
maxUploadMb?: number;
|
|
57
|
+
textPreviewMaxKb?: number;
|
|
58
|
+
blockedExtensions?: Set<string>;
|
|
59
|
+
/**
|
|
60
|
+
* External mount points — virtual subtrees of files/ that resolve
|
|
61
|
+
* to host paths outside FILES_ROOT. Validated by the caller (typically
|
|
62
|
+
* loaded from panel.json:external_mounts).
|
|
63
|
+
*/
|
|
64
|
+
externalMounts?: ExternalMount[];
|
|
65
|
+
}
|
|
66
|
+
export declare class FilesError extends Error {
|
|
67
|
+
code: string;
|
|
68
|
+
httpStatus: number;
|
|
69
|
+
constructor(message: string, code: string, httpStatus: number);
|
|
70
|
+
}
|
|
71
|
+
export interface SidecarMeta {
|
|
72
|
+
schema_version: 1;
|
|
73
|
+
sha256: string;
|
|
74
|
+
size: number;
|
|
75
|
+
mtime: number;
|
|
76
|
+
indexed_at: number;
|
|
77
|
+
tags?: string[];
|
|
78
|
+
summary?: string;
|
|
79
|
+
links?: Array<{
|
|
80
|
+
path: string;
|
|
81
|
+
rel: string;
|
|
82
|
+
}>;
|
|
83
|
+
agent_notes?: string;
|
|
84
|
+
[key: string]: any;
|
|
85
|
+
}
|
|
86
|
+
export interface SearchHit {
|
|
87
|
+
path: string;
|
|
88
|
+
sha256: string;
|
|
89
|
+
snippet: string;
|
|
90
|
+
score: number;
|
|
91
|
+
}
|
|
92
|
+
export interface ReindexResult {
|
|
93
|
+
indexed: number;
|
|
94
|
+
skipped: number;
|
|
95
|
+
errors: number;
|
|
96
|
+
}
|
|
97
|
+
export declare class FilesManager {
|
|
98
|
+
private filesRoot;
|
|
99
|
+
private trashRoot;
|
|
100
|
+
private auditLog;
|
|
101
|
+
private quotaMb;
|
|
102
|
+
private maxUploadMb;
|
|
103
|
+
private textPreviewMaxKb;
|
|
104
|
+
private blockedExtensions;
|
|
105
|
+
private externalMounts;
|
|
106
|
+
private _indexDb;
|
|
107
|
+
private _indexDbRegistered;
|
|
108
|
+
constructor(cfg?: FilesManagerConfig);
|
|
109
|
+
/**
|
|
110
|
+
* Replace the current external-mount set; used when panel.json is
|
|
111
|
+
* mutated through routes/external-mounts.ts so a new mount becomes
|
|
112
|
+
* visible without restarting the server.
|
|
113
|
+
*/
|
|
114
|
+
setExternalMounts(mounts: ExternalMount[]): void;
|
|
115
|
+
list(relPath: string, opts?: {
|
|
116
|
+
showHidden?: boolean;
|
|
117
|
+
}): Promise<DirListing>;
|
|
118
|
+
readStream(relPath: string): Promise<ReadStreamResult>;
|
|
119
|
+
readSmall(relPath: string, maxBytes: number): Promise<ReadSmallResult>;
|
|
120
|
+
writeStream(relPath: string, source: Readable, opts?: WriteOptions): Promise<WriteResult>;
|
|
121
|
+
mkdir(relPath: string): Promise<void>;
|
|
122
|
+
move(fromRel: string, toRel: string, overwrite?: boolean): Promise<void>;
|
|
123
|
+
remove(relPath: string): Promise<void>;
|
|
124
|
+
private removeInternal;
|
|
125
|
+
/**
|
|
126
|
+
* Resolve a files/-relative path to its absolute host filesystem path.
|
|
127
|
+
*
|
|
128
|
+
* Why a public API: the drive-shim (and the agents that call it via MCP)
|
|
129
|
+
* needs to hand the resulting absolute path to IM channel plugins
|
|
130
|
+
* (Feishu / WeChat / Telegram / ...) that send files. Those plugins read
|
|
131
|
+
* from the local filesystem, not via HTTP. The OpenClaw container runs
|
|
132
|
+
* with host==container bind mounts (see buildVolumes in
|
|
133
|
+
* src/services/runtime/adapters/openclaw.ts), so the same absolute
|
|
134
|
+
* string is valid on both sides; raw_exec / process service managers
|
|
135
|
+
* run the agent natively on the host, where the path is also directly
|
|
136
|
+
* usable.
|
|
137
|
+
*
|
|
138
|
+
* External mounts: a path whose first segment is an external mount
|
|
139
|
+
* alias resolves into the mount's host_path. The returned abs_path
|
|
140
|
+
* points at the real host location; external_mount is set so the
|
|
141
|
+
* caller can warn the user that this is outside files/. mode is
|
|
142
|
+
* propagated so writers know if it's read-only.
|
|
143
|
+
*
|
|
144
|
+
* Symlink policy: if the path resolves to a symlink we still surface
|
|
145
|
+
* the abs_path (callers may legitimately want to know where it points
|
|
146
|
+
* conceptually), but exists is reported as false to discourage handing
|
|
147
|
+
* symlinks to channel plugins.
|
|
148
|
+
*/
|
|
149
|
+
resolveLocalPath(relPath: string): Promise<{
|
|
150
|
+
abs_path: string;
|
|
151
|
+
exists: boolean;
|
|
152
|
+
external_mount?: string;
|
|
153
|
+
external_mount_mode?: "ro" | "rw";
|
|
154
|
+
is_dir?: boolean;
|
|
155
|
+
size?: number;
|
|
156
|
+
mtime?: number;
|
|
157
|
+
}>;
|
|
158
|
+
quota(): Promise<QuotaInfo>;
|
|
159
|
+
private assertQuotaAvailable;
|
|
160
|
+
audit(op: string, relPath: string, meta?: Record<string, any>): void;
|
|
161
|
+
/**
|
|
162
|
+
* Resolve a files/-relative path. If the first segment matches a
|
|
163
|
+
* registered external mount alias the path is virtualized into the
|
|
164
|
+
* mount's host_path; otherwise the path resolves under FILES_ROOT.
|
|
165
|
+
*
|
|
166
|
+
* Symlink defense (assertNoSymlinkInAncestors) and lstat checks in
|
|
167
|
+
* the calling op still run on the absolute path returned here, so
|
|
168
|
+
* symlinks INSIDE an external mount are still rejected.
|
|
169
|
+
*/
|
|
170
|
+
private resolve;
|
|
171
|
+
private resolveOp;
|
|
172
|
+
/**
|
|
173
|
+
* Refuse mutations that target a read-only external mount. Called by
|
|
174
|
+
* write / move / delete / mkdir before any fs work.
|
|
175
|
+
*/
|
|
176
|
+
private assertWritable;
|
|
177
|
+
/**
|
|
178
|
+
* Defense layer 3 (per path-safety.ts header): refuse symlinks at the
|
|
179
|
+
* target path AND refuse paths that traverse a symlink in their parent
|
|
180
|
+
* chain inside the trust root.
|
|
181
|
+
*
|
|
182
|
+
* For external mounts the trust root is the mount's host_path (the
|
|
183
|
+
* user explicitly chose that directory; symlinks inside it are their
|
|
184
|
+
* own filesystem and not an attack we need to defend against). For
|
|
185
|
+
* regular files/ paths the trust root is FILES_ROOT.
|
|
186
|
+
*/
|
|
187
|
+
private statOrThrow;
|
|
188
|
+
/**
|
|
189
|
+
* Walk up from `abs` toward the relevant trust root and refuse if any
|
|
190
|
+
* intermediate component is a symlink. Trust root is FILES_ROOT for
|
|
191
|
+
* regular paths and the matching external-mount host_path for paths
|
|
192
|
+
* that fall inside an external mount.
|
|
193
|
+
*/
|
|
194
|
+
private assertNoSymlinkInAncestors;
|
|
195
|
+
/**
|
|
196
|
+
* Find the trust root for an absolute path: either an external mount's
|
|
197
|
+
* host_path (if abs is inside one) or FILES_ROOT.
|
|
198
|
+
*/
|
|
199
|
+
private trustRootFor;
|
|
200
|
+
private checkExtension;
|
|
201
|
+
/**
|
|
202
|
+
* Returns the knowledge directory path (does NOT create it).
|
|
203
|
+
*/
|
|
204
|
+
private get knowledgeDir();
|
|
205
|
+
/**
|
|
206
|
+
* Returns the SQLite DB path.
|
|
207
|
+
*/
|
|
208
|
+
private get indexDbPath();
|
|
209
|
+
/**
|
|
210
|
+
* Returns the sidecar path for a given sha256.
|
|
211
|
+
*/
|
|
212
|
+
private sidecarPath;
|
|
213
|
+
/**
|
|
214
|
+
* Creates ~/.jishushell/files/.knowledge/ (mode 0700) and, on first
|
|
215
|
+
* creation only, writes a README.md explaining the directory is
|
|
216
|
+
* panel-private metadata. README is idempotent: only written when the
|
|
217
|
+
* file doesn't already exist, never overwritten.
|
|
218
|
+
*/
|
|
219
|
+
private ensureKnowledgeDir;
|
|
220
|
+
/**
|
|
221
|
+
* Lazy-initialize the SQLite FTS5 handle. Creates the .knowledge dir
|
|
222
|
+
* and the schema on first call.
|
|
223
|
+
*/
|
|
224
|
+
private getIndexDb;
|
|
225
|
+
/**
|
|
226
|
+
* Search the FTS5 index.
|
|
227
|
+
*/
|
|
228
|
+
searchIndex(query: string, opts?: {
|
|
229
|
+
limit?: number;
|
|
230
|
+
pathPrefix?: string;
|
|
231
|
+
}): Promise<SearchHit[]>;
|
|
232
|
+
/**
|
|
233
|
+
* Read a sidecar JSON for a file identified by sha256 or path.
|
|
234
|
+
*/
|
|
235
|
+
getMeta(args: {
|
|
236
|
+
sha256?: string;
|
|
237
|
+
path?: string;
|
|
238
|
+
}): Promise<SidecarMeta | null>;
|
|
239
|
+
/**
|
|
240
|
+
* Write (merge or replace) a sidecar for a given sha256.
|
|
241
|
+
*/
|
|
242
|
+
setMeta(sha256: string, payload: Partial<SidecarMeta>, opts?: {
|
|
243
|
+
merge?: boolean;
|
|
244
|
+
}): Promise<SidecarMeta>;
|
|
245
|
+
/**
|
|
246
|
+
* Walk the file tree and upsert text-indexable files into the FTS5 index.
|
|
247
|
+
*/
|
|
248
|
+
reindex(opts?: {
|
|
249
|
+
pathPrefix?: string;
|
|
250
|
+
}): Promise<ReindexResult>;
|
|
251
|
+
}
|
|
252
|
+
export { isHidden };
|