kiri-mcp-server 0.9.5 → 0.9.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +94 -7
- package/dist/package.json +11 -1
- package/dist/src/client/proxy.js +2 -1
- package/dist/src/client/proxy.js.map +1 -1
- package/dist/src/client/start-daemon.d.ts.map +1 -1
- package/dist/src/client/start-daemon.js +2 -1
- package/dist/src/client/start-daemon.js.map +1 -1
- package/dist/src/daemon/daemon.js +6 -4
- package/dist/src/daemon/daemon.js.map +1 -1
- package/dist/src/daemon/socket.d.ts +6 -4
- package/dist/src/daemon/socket.d.ts.map +1 -1
- package/dist/src/daemon/socket.js +62 -18
- package/dist/src/daemon/socket.js.map +1 -1
- package/dist/src/indexer/cli.d.ts +1 -0
- package/dist/src/indexer/cli.d.ts.map +1 -1
- package/dist/src/indexer/cli.js +503 -257
- package/dist/src/indexer/cli.js.map +1 -1
- package/dist/src/indexer/codeintel.d.ts +1 -1
- package/dist/src/indexer/codeintel.d.ts.map +1 -1
- package/dist/src/indexer/codeintel.js +296 -3
- package/dist/src/indexer/codeintel.js.map +1 -1
- package/dist/src/indexer/dart/analyze.d.ts +29 -0
- package/dist/src/indexer/dart/analyze.d.ts.map +1 -0
- package/dist/src/indexer/dart/analyze.js +452 -0
- package/dist/src/indexer/dart/analyze.js.map +1 -0
- package/dist/src/indexer/dart/client.d.ts +113 -0
- package/dist/src/indexer/dart/client.d.ts.map +1 -0
- package/dist/src/indexer/dart/client.js +444 -0
- package/dist/src/indexer/dart/client.js.map +1 -0
- package/dist/src/indexer/dart/config.d.ts +36 -0
- package/dist/src/indexer/dart/config.d.ts.map +1 -0
- package/dist/src/indexer/dart/config.js +62 -0
- package/dist/src/indexer/dart/config.js.map +1 -0
- package/dist/src/indexer/dart/dependencies.d.ts +17 -0
- package/dist/src/indexer/dart/dependencies.d.ts.map +1 -0
- package/dist/src/indexer/dart/dependencies.js +102 -0
- package/dist/src/indexer/dart/dependencies.js.map +1 -0
- package/dist/src/indexer/dart/pathKey.d.ts +40 -0
- package/dist/src/indexer/dart/pathKey.d.ts.map +1 -0
- package/dist/src/indexer/dart/pathKey.js +72 -0
- package/dist/src/indexer/dart/pathKey.js.map +1 -0
- package/dist/src/indexer/dart/poolGate.d.ts +57 -0
- package/dist/src/indexer/dart/poolGate.d.ts.map +1 -0
- package/dist/src/indexer/dart/poolGate.js +87 -0
- package/dist/src/indexer/dart/poolGate.js.map +1 -0
- package/dist/src/indexer/dart/sdk.d.ts +40 -0
- package/dist/src/indexer/dart/sdk.d.ts.map +1 -0
- package/dist/src/indexer/dart/sdk.js +167 -0
- package/dist/src/indexer/dart/sdk.js.map +1 -0
- package/dist/src/indexer/dart/transform.d.ts +17 -0
- package/dist/src/indexer/dart/transform.d.ts.map +1 -0
- package/dist/src/indexer/dart/transform.js +157 -0
- package/dist/src/indexer/dart/transform.js.map +1 -0
- package/dist/src/indexer/dart/types.d.ts +137 -0
- package/dist/src/indexer/dart/types.d.ts.map +1 -0
- package/dist/src/indexer/dart/types.js +5 -0
- package/dist/src/indexer/dart/types.js.map +1 -0
- package/dist/src/indexer/git.d.ts +1 -0
- package/dist/src/indexer/git.d.ts.map +1 -1
- package/dist/src/indexer/git.js +8 -0
- package/dist/src/indexer/git.js.map +1 -1
- package/dist/src/indexer/language.d.ts.map +1 -1
- package/dist/src/indexer/language.js +1 -0
- package/dist/src/indexer/language.js.map +1 -1
- package/dist/src/indexer/queue.d.ts +19 -0
- package/dist/src/indexer/queue.d.ts.map +1 -0
- package/dist/src/indexer/queue.js +50 -0
- package/dist/src/indexer/queue.js.map +1 -0
- package/dist/src/indexer/schema.d.ts +61 -1
- package/dist/src/indexer/schema.d.ts.map +1 -1
- package/dist/src/indexer/schema.js +253 -2
- package/dist/src/indexer/schema.js.map +1 -1
- package/dist/src/indexer/watch.d.ts +21 -0
- package/dist/src/indexer/watch.d.ts.map +1 -1
- package/dist/src/indexer/watch.js +189 -28
- package/dist/src/indexer/watch.js.map +1 -1
- package/dist/src/server/context.d.ts +7 -0
- package/dist/src/server/context.d.ts.map +1 -1
- package/dist/src/server/handlers.d.ts +7 -3
- package/dist/src/server/handlers.d.ts.map +1 -1
- package/dist/src/server/handlers.js +252 -24
- package/dist/src/server/handlers.js.map +1 -1
- package/dist/src/server/indexBootstrap.d.ts.map +1 -1
- package/dist/src/server/indexBootstrap.js +4 -1
- package/dist/src/server/indexBootstrap.js.map +1 -1
- package/dist/src/server/rpc.d.ts +40 -4
- package/dist/src/server/rpc.d.ts.map +1 -1
- package/dist/src/server/rpc.js +131 -41
- package/dist/src/server/rpc.js.map +1 -1
- package/dist/src/server/runtime.d.ts.map +1 -1
- package/dist/src/server/runtime.js +47 -7
- package/dist/src/server/runtime.js.map +1 -1
- package/dist/src/shared/duckdb.d.ts.map +1 -1
- package/dist/src/shared/duckdb.js +9 -0
- package/dist/src/shared/duckdb.js.map +1 -1
- package/dist/src/shared/security/masker.d.ts +1 -0
- package/dist/src/shared/security/masker.d.ts.map +1 -1
- package/dist/src/shared/security/masker.js +59 -13
- package/dist/src/shared/security/masker.js.map +1 -1
- package/dist/src/shared/utils/path.d.ts +46 -0
- package/dist/src/shared/utils/path.d.ts.map +1 -0
- package/dist/src/shared/utils/path.js +94 -0
- package/dist/src/shared/utils/path.js.map +1 -0
- package/dist/src/shared/utils/socket.d.ts +6 -2
- package/dist/src/shared/utils/socket.d.ts.map +1 -1
- package/dist/src/shared/utils/socket.js +62 -10
- package/dist/src/shared/utils/socket.js.map +1 -1
- package/package.json +11 -1
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"runtime.js","sourceRoot":"","sources":["../../../src/server/runtime.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAEnD,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"runtime.js","sourceRoot":"","sources":["../../../src/server/runtime.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAEnD,OAAO,EAAE,oBAAoB,EAAE,MAAM,sBAAsB,CAAC;AAC5D,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,iBAAiB,EAAE,eAAe,EAAE,qBAAqB,EAAE,MAAM,yBAAyB,CAAC;AAEpG,OAAO,EAAE,eAAe,EAAyB,MAAM,gBAAgB,CAAC;AAExE,OAAO,EAAE,iBAAiB,EAAE,MAAM,kCAAkC,CAAC;AACrE,OAAO,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAC9C,OAAO,EAAE,eAAe,EAAE,MAAM,4BAA4B,CAAC;AAC7D,OAAO,EAAE,cAAc,EAAE,MAAM,UAAU,CAAC;AAoB1C,MAAM,CAAC,KAAK,UAAU,mBAAmB,CAAC,OAA4B;IACpE,MAAM,kBAAkB,GAAG,qBAAqB,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IACnE,MAAM,QAAQ,GAAG,kBAAkB,CAAC,CAAC,CAAC,CAAC;IACvC,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,MAAM,IAAI,KAAK,CAAC,yCAAyC,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC;IAC/E,CAAC;IAED,8DAA8D;IAC9D,sEAAsE;IACtE,MAAM,iBAAiB,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;IAC9C,MAAM,YAAY,GAAG,eAAe,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;IAE3D,MAAM,eAAe,GAAG,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,eAAe,CAAC,CAAC;IAErE,MAAM,gBAAgB,GAAqB,EAAE,CAAC;IAC9C,IAAI,OAAO,CAAC,kBAAkB,EAAE,CAAC;QAC/B,gBAAgB,CAAC,kBAAkB,GAAG,OAAO,CAAC,kBAAkB,CAAC;IACnE,CAAC;IACD,gBAAgB,CAAC,gBAAgB,GAAG,OAAO,CAAC,gBAAgB;QAC1D,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,gBAAgB,CAAC;QACnC,CAAC,CAAC,eAAe,CAAC;IACpB,IAAI,OAAO,CAAC,cAAc,KAAK,SAAS,EAAE,CAAC;QACzC,gBAAgB,CAAC,cAAc,GAAG,OAAO,CAAC,cAAc,CAAC;IAC3D,CAAC;IACD,MAAM,SAAS,GAAG,eAAe,CAAC,gBAAgB,CAAC,CAAC;IAEpD,IAAI,EAAE,GAAwB,IAAI,CAAC;IACnC,IAAI,CAAC;QACH,EAAE,GAAG,MAAM,YAAY,CAAC,OAAO,CAAC,EAAE,YAAY,EAAE,eAAe,EAAE,IAAI,EAAE,CAAC,CAAC;QACzE,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,EAAE,EAAE,OAAO,CAAC,QAAQ,CAAC,CAAC;QAEzD,iCAAiC;QACjC,IAAI,MAAM,GAAG,MAAM,oBAAoB,CAAC,EAAE,CAAC,CAAC;QAC5C,MAAM,SAAS,GAAmB;YAChC,KAAK,EAAE,MAAM;YACb,YAAY,EAAE,MAAM;YACpB,QAAQ,EAAE,KAAK;YACf,WAAW,EAAE,IAAI,CAAC,GAAG,EAAE;SACxB,CAAC;QAEF,6DAA6D;QAC7D,qEAAqE;QACrE,IAAI,MAAM,EAAE,CAAC;YACX,IAAI,CAAC;gBACH,MAAM,UAAU,GAAG,MAAM,EAAE,CAAC,GAAG,CAC7B,2DAA2D,CAC5D,CAAC;gBACF,MAAM,QAAQ,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,KAAK,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;gBACjD,SAAS,CAAC,QAAQ,GAAG,QAAQ,CAAC;gBAC9B,IAAI,QAAQ,EAAE,CAAC;oBACb,MAAM,GAAG,KAAK,CAAC,CAAC,2CAA2C;oBAC3D,SAAS,CAAC,KAAK,GAAG,KAAK,CAAC;oBACxB,OAAO,CAAC,IAAI,CACV,6GAA6G,CAC9G,CAAC;gBACJ,CAAC;qBAAM,CAAC;oBACN,SAAS,CAAC,KAAK,GAAG,IAAI,CAAC;gBACzB,CAAC;YACH,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,+EAA+E;gBAC/E,MAAM,GAAG,KAAK,CAAC;gBACf,SAAS,CAAC,KAAK,GAAG,KAAK,CAAC;gBACxB,SAAS,CAAC,YAAY,GAAG,KAAK,CAAC;gBAC/B,OAAO,CAAC,IAAI,CAAC,uDAAuD,EAAE,KAAK,CAAC,CAAC;YAC/E,CAAC;QACH,CAAC;QAED,MAAM,cAAc,GAAG,IAAI,cAAc,EAAE,CAAC;QAE5C,MAAM,OAAO,GAAkB;YAC7B,EAAE;YACF,MAAM;YACN,QAAQ,EAAE;gBACR,GAAG,EAAE,MAAM;aACZ;YACD,cAAc,EAAE,SAAS;YACzB,cAAc;SACf,CAAC;QAEF,MAAM,OAAO,GAAG,IAAI,iBAAiB,CAAC,QAAQ,CAAC,CAAC;QAChD,MAAM,OAAO,GAAG,IAAI,eAAe,EAAE,CAAC;QACtC,MAAM,MAAM,GAAG,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,gBAAgB,IAAI,EAAE,CAAC;QAChE,MAAM,YAAY,GAAG,OAAO,CAAC,YAAY,IAAI,KAAK,CAAC;QAEnD,OAAO;YACL,OAAO;YACP,OAAO;YACP,OAAO;YACP,MAAM;YACN,YAAY;YACZ,KAAK,EAAE,KAAK,IAAI,EAAE;gBAChB,IAAI,EAAE,EAAE,CAAC;oBACP,MAAM,EAAE,CAAC,KAAK,EAAE,CAAC;gBACnB,CAAC;YACH,CAAC;SACF,CAAC;IACJ,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,EAAE,EAAE,CAAC;YACP,MAAM,EAAE,CAAC,KAAK,EAAE,CAAC;QACnB,CAAC;QACD,MAAM,KAAK,CAAC;IACd,CAAC;AACH,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"duckdb.d.ts","sourceRoot":"","sources":["../../../src/shared/duckdb.ts"],"names":[],"mappings":"AAKA,MAAM,WAAW,mBAAmB;IAClC,YAAY,EAAE,MAAM,CAAC;IACrB,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,aAAa,CAAC,EAAE,OAAO,CAAC;CACzB;AAED,KAAK,WAAW,GAAG,OAAO,EAAE,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;AAmEvD,qBAAa,YAAY;IACvB,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAA4B;gBAEzC,IAAI,EAAE,MAAM;WAIX,OAAO,CAAC,OAAO,EAAE,mBAAmB,GAAG,OAAO,CAAC,YAAY,CAAC;IAmBnE,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,MAAM,GAAE,WAAgB,GAAG,OAAO,CAAC,IAAI,CAAC;IA6BzD,GAAG,CAAC,CAAC,EAAE,GAAG,EAAE,MAAM,EAAE,MAAM,GAAE,WAAgB,GAAG,OAAO,CAAC,CAAC,EAAE,CAAC;IA6B3D,WAAW,CAAC,CAAC,EAAE,EAAE,EAAE,MAAM,OAAO,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC;IAchD,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;
|
|
1
|
+
{"version":3,"file":"duckdb.d.ts","sourceRoot":"","sources":["../../../src/shared/duckdb.ts"],"names":[],"mappings":"AAKA,MAAM,WAAW,mBAAmB;IAClC,YAAY,EAAE,MAAM,CAAC;IACrB,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,aAAa,CAAC,EAAE,OAAO,CAAC;CACzB;AAED,KAAK,WAAW,GAAG,OAAO,EAAE,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;AAmEvD,qBAAa,YAAY;IACvB,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAA4B;gBAEzC,IAAI,EAAE,MAAM;WAIX,OAAO,CAAC,OAAO,EAAE,mBAAmB,GAAG,OAAO,CAAC,YAAY,CAAC;IAmBnE,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,MAAM,GAAE,WAAgB,GAAG,OAAO,CAAC,IAAI,CAAC;IA6BzD,GAAG,CAAC,CAAC,EAAE,GAAG,EAAE,MAAM,EAAE,MAAM,GAAE,WAAgB,GAAG,OAAO,CAAC,CAAC,EAAE,CAAC;IA6B3D,WAAW,CAAC,CAAC,EAAE,EAAE,EAAE,MAAM,OAAO,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC;IAchD,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;CAoB7B"}
|
|
@@ -158,6 +158,15 @@ export class DuckDBClient {
|
|
|
158
158
|
}
|
|
159
159
|
}
|
|
160
160
|
async close() {
|
|
161
|
+
// Checkpoint WAL to ensure all writes are flushed to the main database file
|
|
162
|
+
// This is critical for multi-connection scenarios where subsequent connections
|
|
163
|
+
// need to see all changes from previous connections
|
|
164
|
+
try {
|
|
165
|
+
await this.run("CHECKPOINT");
|
|
166
|
+
}
|
|
167
|
+
catch {
|
|
168
|
+
// Ignore checkpoint errors - database might be in read-only mode or already checkpointed
|
|
169
|
+
}
|
|
161
170
|
await new Promise((resolve, reject) => {
|
|
162
171
|
this.database.close((err) => {
|
|
163
172
|
if (err) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"duckdb.js","sourceRoot":"","sources":["../../../src/shared/duckdb.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAC5D,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAE1C,OAAO,MAAM,MAAM,QAAQ,CAAC;AAU5B,SAAS,gBAAgB,CAAC,MAAmB;IAC3C,OAAO,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC;AACpF,CAAC;AAED,SAAS,iBAAiB,CAAC,GAAW,EAAE,MAAmB;IACzD,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QAC1B,MAAM,KAAK,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,KAAK,SAAS,CAAC,CAAC;QAC/D,IAAI,KAAK,IAAI,CAAC,EAAE,CAAC;YACf,MAAM,IAAI,KAAK,CAAC,aAAa,KAAK,0BAA0B,GAAG,EAAE,CAAC,CAAC;QACrE,CAAC;IACH,CAAC;SAAM,CAAC;QACN,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;YAClD,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;gBACxB,MAAM,IAAI,KAAK,CAAC,aAAa,GAAG,0BAA0B,GAAG,EAAE,CAAC,CAAC;YACnE,CAAC;QACH,CAAC;IACH,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,KAAK,UAAU,iBAAiB,CAAC,OAAe;IAC9C,IAAI,WAAW,GAAG,OAAO,CAAC;IAE1B,qDAAqD;IACrD,OAAO,IAAI,EAAE,CAAC;QACZ,MAAM,OAAO,GAAG,IAAI,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC;QAC1C,IAAI,CAAC;YACH,MAAM,MAAM,CAAC,OAAO,CAAC,CAAC;YACtB,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,MAAM,CAAC;YACP,4CAA4C;QAC9C,CAAC;QAED,MAAM,UAAU,GAAG,OAAO,CAAC,WAAW,CAAC,CAAC;QACxC,8DAA8D;QAC9D,IAAI,UAAU,KAAK,WAAW,EAAE,CAAC;YAC/B,OAAO,KAAK,CAAC;QACf,CAAC;QACD,WAAW,GAAG,UAAU,CAAC;IAC3B,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,KAAK,UAAU,uBAAuB,CAAC,OAAe;IACpD,MAAM,aAAa,GAAG,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;IAElD,IAAI,CAAC;QACH,MAAM,MAAM,CAAC,aAAa,CAAC,CAAC;QAC5B,kEAAkE;IACpE,CAAC;IAAC,MAAM,CAAC;QACP,uCAAuC;QACvC,MAAM,OAAO,GACX,qEAAqE;YACrE,mFAAmF;YACnF,KAAK,CAAC;QACR,MAAM,SAAS,CAAC,aAAa,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;IACnD,CAAC;AACH,CAAC;AAED,MAAM,OAAO,YAAY;IACN,QAAQ,CAA4B;IAErD,YAAY,IAAY;QACtB,IAAI,CAAC,QAAQ,GAAG,IAAI,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;IAC5C,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,OAA4B;QAC/C,MAAM,KAAK,GAAG,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;QAE5C,IAAI,OAAO,CAAC,eAAe,EAAE,CAAC;YAC5B,MAAM,KAAK,CAAC,KAAK,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAC1C,CAAC;QAED,oDAAoD;QACpD,MAAM,mBAAmB,GAAG,OAAO,CAAC,aAAa,IAAI,IAAI,CAAC;QAC1D,IAAI,mBAAmB,EAAE,CAAC;YACxB,MAAM,OAAO,GAAG,MAAM,iBAAiB,CAAC,KAAK,CAAC,CAAC;YAC/C,IAAI,OAAO,EAAE,CAAC;gBACZ,MAAM,uBAAuB,CAAC,KAAK,CAAC,CAAC;YACvC,CAAC;QACH,CAAC;QAED,OAAO,IAAI,YAAY,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;IAChD,CAAC;IAED,KAAK,CAAC,GAAG,CAAC,GAAW,EAAE,SAAsB,EAAE;QAC7C,iBAAiB,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;QAC/B,MAAM,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YAC1C,MAAM,QAAQ,GAAG,CAAC,GAAiB,EAAE,EAAE;gBACrC,IAAI,GAAG,EAAE,CAAC;oBACR,MAAM,CAAC,GAAG,CAAC,CAAC;oBACZ,OAAO;gBACT,CAAC;gBACD,OAAO,EAAE,CAAC;YACZ,CAAC,CAAC;YACF,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;gBAC1B,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACtB,sGAAsG;oBACtG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,MAAM,EAAE,QAAQ,CAAC,CAAC;gBAC9C,CAAC;qBAAM,CAAC;oBACN,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;gBACnC,CAAC;YACH,CAAC;iBAAM,IAAI,gBAAgB,CAAC,MAAM,CAAC,EAAE,CAAC;gBACpC,8DAA8D;gBAC9D,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,GAAG,EAAE,MAAa,EAAE,QAAQ,CAAC,CAAC;YAClD,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;YACnC,CAAC;QACH,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,KAAc,EAAE,EAAE;YAC1B,MAAM,OAAO,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YACvE,MAAM,IAAI,KAAK,CAAC,GAAG,OAAO,WAAW,GAAG,cAAc,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QAClF,CAAC,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,GAAG,CAAI,GAAW,EAAE,SAAsB,EAAE;QAChD,iBAAiB,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;QAC/B,OAAO,MAAM,IAAI,OAAO,CAAM,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YAChD,MAAM,QAAQ,GAAG,CAAC,GAAiB,EAAE,IAAS,EAAE,EAAE;gBAChD,IAAI,GAAG,EAAE,CAAC;oBACR,MAAM,CAAC,GAAG,CAAC,CAAC;oBACZ,OAAO;gBACT,CAAC;gBACD,OAAO,CAAC,IAAI,CAAC,CAAC;YAChB,CAAC,CAAC;YACF,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;gBAC1B,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACtB,sGAAsG;oBACtG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAI,GAAG,EAAE,GAAG,MAAM,EAAE,QAAQ,CAAC,CAAC;gBACjD,CAAC;qBAAM,CAAC;oBACN,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAI,GAAG,EAAE,QAAQ,CAAC,CAAC;gBACtC,CAAC;YACH,CAAC;iBAAM,IAAI,gBAAgB,CAAC,MAAM,CAAC,EAAE,CAAC;gBACpC,8DAA8D;gBAC9D,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAI,GAAG,EAAE,MAAa,EAAE,QAAQ,CAAC,CAAC;YACrD,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAI,GAAG,EAAE,QAAQ,CAAC,CAAC;YACtC,CAAC;QACH,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,KAAc,EAAE,EAAE;YAC1B,MAAM,OAAO,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YACvE,MAAM,IAAI,KAAK,CAAC,GAAG,OAAO,WAAW,GAAG,cAAc,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QAClF,CAAC,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,WAAW,CAAI,EAAoB;QACvC,MAAM,IAAI,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;QACpC,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,EAAE,EAAE,CAAC;YAC1B,MAAM,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YACzB,OAAO,MAAM,CAAC;QAChB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE;gBACpC,wDAAwD;YAC1D,CAAC,CAAC,CAAC;YACH,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED,KAAK,CAAC,KAAK;QACT,MAAM,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YAC1C,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,GAAiB,EAAE,EAAE;gBACxC,IAAI,GAAG,EAAE,CAAC;oBACR,MAAM,CAAC,GAAG,CAAC,CAAC;oBACZ,OAAO;gBACT,CAAC;gBACD,OAAO,EAAE,CAAC;YACZ,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC;CACF"}
|
|
1
|
+
{"version":3,"file":"duckdb.js","sourceRoot":"","sources":["../../../src/shared/duckdb.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAC5D,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAE1C,OAAO,MAAM,MAAM,QAAQ,CAAC;AAU5B,SAAS,gBAAgB,CAAC,MAAmB;IAC3C,OAAO,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC;AACpF,CAAC;AAED,SAAS,iBAAiB,CAAC,GAAW,EAAE,MAAmB;IACzD,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QAC1B,MAAM,KAAK,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,KAAK,SAAS,CAAC,CAAC;QAC/D,IAAI,KAAK,IAAI,CAAC,EAAE,CAAC;YACf,MAAM,IAAI,KAAK,CAAC,aAAa,KAAK,0BAA0B,GAAG,EAAE,CAAC,CAAC;QACrE,CAAC;IACH,CAAC;SAAM,CAAC;QACN,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;YAClD,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;gBACxB,MAAM,IAAI,KAAK,CAAC,aAAa,GAAG,0BAA0B,GAAG,EAAE,CAAC,CAAC;YACnE,CAAC;QACH,CAAC;IACH,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,KAAK,UAAU,iBAAiB,CAAC,OAAe;IAC9C,IAAI,WAAW,GAAG,OAAO,CAAC;IAE1B,qDAAqD;IACrD,OAAO,IAAI,EAAE,CAAC;QACZ,MAAM,OAAO,GAAG,IAAI,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC;QAC1C,IAAI,CAAC;YACH,MAAM,MAAM,CAAC,OAAO,CAAC,CAAC;YACtB,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,MAAM,CAAC;YACP,4CAA4C;QAC9C,CAAC;QAED,MAAM,UAAU,GAAG,OAAO,CAAC,WAAW,CAAC,CAAC;QACxC,8DAA8D;QAC9D,IAAI,UAAU,KAAK,WAAW,EAAE,CAAC;YAC/B,OAAO,KAAK,CAAC;QACf,CAAC;QACD,WAAW,GAAG,UAAU,CAAC;IAC3B,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,KAAK,UAAU,uBAAuB,CAAC,OAAe;IACpD,MAAM,aAAa,GAAG,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;IAElD,IAAI,CAAC;QACH,MAAM,MAAM,CAAC,aAAa,CAAC,CAAC;QAC5B,kEAAkE;IACpE,CAAC;IAAC,MAAM,CAAC;QACP,uCAAuC;QACvC,MAAM,OAAO,GACX,qEAAqE;YACrE,mFAAmF;YACnF,KAAK,CAAC;QACR,MAAM,SAAS,CAAC,aAAa,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;IACnD,CAAC;AACH,CAAC;AAED,MAAM,OAAO,YAAY;IACN,QAAQ,CAA4B;IAErD,YAAY,IAAY;QACtB,IAAI,CAAC,QAAQ,GAAG,IAAI,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;IAC5C,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,OAA4B;QAC/C,MAAM,KAAK,GAAG,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;QAE5C,IAAI,OAAO,CAAC,eAAe,EAAE,CAAC;YAC5B,MAAM,KAAK,CAAC,KAAK,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAC1C,CAAC;QAED,oDAAoD;QACpD,MAAM,mBAAmB,GAAG,OAAO,CAAC,aAAa,IAAI,IAAI,CAAC;QAC1D,IAAI,mBAAmB,EAAE,CAAC;YACxB,MAAM,OAAO,GAAG,MAAM,iBAAiB,CAAC,KAAK,CAAC,CAAC;YAC/C,IAAI,OAAO,EAAE,CAAC;gBACZ,MAAM,uBAAuB,CAAC,KAAK,CAAC,CAAC;YACvC,CAAC;QACH,CAAC;QAED,OAAO,IAAI,YAAY,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;IAChD,CAAC;IAED,KAAK,CAAC,GAAG,CAAC,GAAW,EAAE,SAAsB,EAAE;QAC7C,iBAAiB,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;QAC/B,MAAM,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YAC1C,MAAM,QAAQ,GAAG,CAAC,GAAiB,EAAE,EAAE;gBACrC,IAAI,GAAG,EAAE,CAAC;oBACR,MAAM,CAAC,GAAG,CAAC,CAAC;oBACZ,OAAO;gBACT,CAAC;gBACD,OAAO,EAAE,CAAC;YACZ,CAAC,CAAC;YACF,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;gBAC1B,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACtB,sGAAsG;oBACtG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,MAAM,EAAE,QAAQ,CAAC,CAAC;gBAC9C,CAAC;qBAAM,CAAC;oBACN,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;gBACnC,CAAC;YACH,CAAC;iBAAM,IAAI,gBAAgB,CAAC,MAAM,CAAC,EAAE,CAAC;gBACpC,8DAA8D;gBAC9D,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,GAAG,EAAE,MAAa,EAAE,QAAQ,CAAC,CAAC;YAClD,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;YACnC,CAAC;QACH,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,KAAc,EAAE,EAAE;YAC1B,MAAM,OAAO,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YACvE,MAAM,IAAI,KAAK,CAAC,GAAG,OAAO,WAAW,GAAG,cAAc,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QAClF,CAAC,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,GAAG,CAAI,GAAW,EAAE,SAAsB,EAAE;QAChD,iBAAiB,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;QAC/B,OAAO,MAAM,IAAI,OAAO,CAAM,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YAChD,MAAM,QAAQ,GAAG,CAAC,GAAiB,EAAE,IAAS,EAAE,EAAE;gBAChD,IAAI,GAAG,EAAE,CAAC;oBACR,MAAM,CAAC,GAAG,CAAC,CAAC;oBACZ,OAAO;gBACT,CAAC;gBACD,OAAO,CAAC,IAAI,CAAC,CAAC;YAChB,CAAC,CAAC;YACF,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;gBAC1B,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACtB,sGAAsG;oBACtG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAI,GAAG,EAAE,GAAG,MAAM,EAAE,QAAQ,CAAC,CAAC;gBACjD,CAAC;qBAAM,CAAC;oBACN,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAI,GAAG,EAAE,QAAQ,CAAC,CAAC;gBACtC,CAAC;YACH,CAAC;iBAAM,IAAI,gBAAgB,CAAC,MAAM,CAAC,EAAE,CAAC;gBACpC,8DAA8D;gBAC9D,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAI,GAAG,EAAE,MAAa,EAAE,QAAQ,CAAC,CAAC;YACrD,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAI,GAAG,EAAE,QAAQ,CAAC,CAAC;YACtC,CAAC;QACH,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,KAAc,EAAE,EAAE;YAC1B,MAAM,OAAO,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YACvE,MAAM,IAAI,KAAK,CAAC,GAAG,OAAO,WAAW,GAAG,cAAc,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QAClF,CAAC,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,WAAW,CAAI,EAAoB;QACvC,MAAM,IAAI,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;QACpC,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,EAAE,EAAE,CAAC;YAC1B,MAAM,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YACzB,OAAO,MAAM,CAAC;QAChB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE;gBACpC,wDAAwD;YAC1D,CAAC,CAAC,CAAC;YACH,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED,KAAK,CAAC,KAAK;QACT,4EAA4E;QAC5E,+EAA+E;QAC/E,oDAAoD;QACpD,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;QAC/B,CAAC;QAAC,MAAM,CAAC;YACP,yFAAyF;QAC3F,CAAC;QAED,MAAM,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YAC1C,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,GAAiB,EAAE,EAAE;gBACxC,IAAI,GAAG,EAAE,CAAC;oBACR,MAAM,CAAC,GAAG,CAAC,CAAC;oBACZ,OAAO;gBACT,CAAC;gBACD,OAAO,EAAE,CAAC;YACZ,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC;CACF"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"masker.d.ts","sourceRoot":"","sources":["../../../../src/shared/security/masker.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,cAAc;IAC7B,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,WAAW,CAAC,EAAE,MAAM,CAAC;
|
|
1
|
+
{"version":3,"file":"masker.d.ts","sourceRoot":"","sources":["../../../../src/shared/security/masker.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,cAAc;IAC7B,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;CACrB;AAED,MAAM,WAAW,UAAU,CAAC,CAAC;IAC3B,MAAM,EAAE,CAAC,CAAC;IACV,OAAO,EAAE,MAAM,CAAC;CACjB;AAyHD,wBAAgB,SAAS,CAAC,KAAK,EAAE,OAAO,EAAE,OAAO,EAAE,cAAc,GAAG,UAAU,CAAC,OAAO,CAAC,CAGtF"}
|
|
@@ -1,3 +1,7 @@
|
|
|
1
|
+
const SECRET_BODY_MIN_LENGTH = 10;
|
|
2
|
+
const SECRET_BODY_CHAR_CLASS = "[A-Za-z0-9_\\-+/=]";
|
|
3
|
+
const SECRET_BODY_PATTERN = `${SECRET_BODY_CHAR_CLASS}{${SECRET_BODY_MIN_LENGTH},}`;
|
|
4
|
+
const WORD_CHAR_CLASS = "[A-Za-z0-9]";
|
|
1
5
|
/**
|
|
2
6
|
* トークンパターンの妥当性を検証してReDoS攻撃を防ぐ
|
|
3
7
|
* @param token 検証対象のトークン文字列
|
|
@@ -12,31 +16,66 @@ function validateTokenPattern(token) {
|
|
|
12
16
|
throw new Error("Invalid pattern contains nested quantifiers. Simplify the pattern.");
|
|
13
17
|
}
|
|
14
18
|
}
|
|
15
|
-
function
|
|
16
|
-
|
|
17
|
-
|
|
19
|
+
function looksLikePrefixToken(token) {
|
|
20
|
+
if (!token) {
|
|
21
|
+
return false;
|
|
22
|
+
}
|
|
23
|
+
const trimmed = token.trim();
|
|
24
|
+
if (trimmed.length === 0) {
|
|
25
|
+
return false;
|
|
26
|
+
}
|
|
27
|
+
const lastChar = trimmed.charAt(trimmed.length - 1);
|
|
28
|
+
return /[^A-Za-z0-9]/.test(lastChar);
|
|
29
|
+
}
|
|
30
|
+
function createTokenMatchers(tokens) {
|
|
31
|
+
const matchers = [];
|
|
18
32
|
for (const token of tokens) {
|
|
19
33
|
if (!token)
|
|
20
34
|
continue;
|
|
21
|
-
validateTokenPattern(token);
|
|
35
|
+
validateTokenPattern(token);
|
|
22
36
|
const escaped = token.replace(/[.*+?^${}()|[\]\\]/g, "\\$&");
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
37
|
+
if (looksLikePrefixToken(token)) {
|
|
38
|
+
matchers.push({
|
|
39
|
+
pattern: `(?<!${WORD_CHAR_CLASS})${escaped}${SECRET_BODY_PATTERN}`,
|
|
40
|
+
flags: "g",
|
|
41
|
+
});
|
|
42
|
+
continue;
|
|
28
43
|
}
|
|
44
|
+
matchers.push({ pattern: escaped, flags: "g" });
|
|
45
|
+
}
|
|
46
|
+
return matchers;
|
|
47
|
+
}
|
|
48
|
+
function maskString(input, options) {
|
|
49
|
+
if (options.matchers.length === 0) {
|
|
50
|
+
return { masked: input, applied: 0 };
|
|
51
|
+
}
|
|
52
|
+
let applied = 0;
|
|
53
|
+
let output = input;
|
|
54
|
+
for (const matcher of options.matchers) {
|
|
55
|
+
const regex = new RegExp(matcher.pattern, matcher.flags);
|
|
56
|
+
output = output.replace(regex, () => {
|
|
57
|
+
applied += 1;
|
|
58
|
+
return options.replacement;
|
|
59
|
+
});
|
|
29
60
|
}
|
|
30
61
|
return { masked: output, applied };
|
|
31
62
|
}
|
|
32
|
-
|
|
63
|
+
function normalizeOptions(options) {
|
|
64
|
+
const skipKeySet = options.skipKeys && options.skipKeys.length > 0 ? new Set(options.skipKeys) : undefined;
|
|
65
|
+
return {
|
|
66
|
+
matchers: createTokenMatchers(options.tokens),
|
|
67
|
+
replacement: options.replacement ?? "***",
|
|
68
|
+
...(skipKeySet ? { skipKeySet } : {}),
|
|
69
|
+
};
|
|
70
|
+
}
|
|
71
|
+
function maskValueRecursive(value, normalized) {
|
|
33
72
|
if (typeof value === "string") {
|
|
34
|
-
return maskString(value,
|
|
73
|
+
return maskString(value, normalized);
|
|
35
74
|
}
|
|
36
75
|
if (Array.isArray(value)) {
|
|
37
76
|
let applied = 0;
|
|
38
77
|
const maskedArray = value.map((item) => {
|
|
39
|
-
const result =
|
|
78
|
+
const result = maskValueRecursive(item, normalized);
|
|
40
79
|
applied += result.applied;
|
|
41
80
|
return result.masked;
|
|
42
81
|
});
|
|
@@ -45,7 +84,10 @@ export function maskValue(value, options) {
|
|
|
45
84
|
if (value && typeof value === "object") {
|
|
46
85
|
let applied = 0;
|
|
47
86
|
const entries = Object.entries(value).map(([key, item]) => {
|
|
48
|
-
|
|
87
|
+
if (normalized.skipKeySet?.has(key)) {
|
|
88
|
+
return [key, item];
|
|
89
|
+
}
|
|
90
|
+
const result = maskValueRecursive(item, normalized);
|
|
49
91
|
applied += result.applied;
|
|
50
92
|
return [key, result.masked];
|
|
51
93
|
});
|
|
@@ -53,4 +95,8 @@ export function maskValue(value, options) {
|
|
|
53
95
|
}
|
|
54
96
|
return { masked: value, applied: 0 };
|
|
55
97
|
}
|
|
98
|
+
export function maskValue(value, options) {
|
|
99
|
+
const normalized = normalizeOptions(options);
|
|
100
|
+
return maskValueRecursive(value, normalized);
|
|
101
|
+
}
|
|
56
102
|
//# sourceMappingURL=masker.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"masker.js","sourceRoot":"","sources":["../../../../src/shared/security/masker.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"masker.js","sourceRoot":"","sources":["../../../../src/shared/security/masker.ts"],"names":[],"mappings":"AAWA,MAAM,sBAAsB,GAAG,EAAE,CAAC;AAClC,MAAM,sBAAsB,GAAG,oBAAoB,CAAC;AACpD,MAAM,mBAAmB,GAAG,GAAG,sBAAsB,IAAI,sBAAsB,IAAI,CAAC;AACpF,MAAM,eAAe,GAAG,aAAa,CAAC;AAatC;;;;GAIG;AACH,SAAS,oBAAoB,CAAC,KAAa;IACzC,IAAI,KAAK,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;QACvB,MAAM,IAAI,KAAK,CAAC,6DAA6D,CAAC,CAAC;IACjF,CAAC;IACD,8BAA8B;IAC9B,IAAI,yBAAyB,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;QAC1C,MAAM,IAAI,KAAK,CAAC,oEAAoE,CAAC,CAAC;IACxF,CAAC;AACH,CAAC;AAED,SAAS,oBAAoB,CAAC,KAAa;IACzC,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,KAAK,CAAC;IACf,CAAC;IACD,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC;IAC7B,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,KAAK,CAAC;IACf,CAAC;IACD,MAAM,QAAQ,GAAG,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IACpD,OAAO,cAAc,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;AACvC,CAAC;AAED,SAAS,mBAAmB,CAAC,MAAgB;IAC3C,MAAM,QAAQ,GAAmB,EAAE,CAAC;IACpC,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,IAAI,CAAC,KAAK;YAAE,SAAS;QACrB,oBAAoB,CAAC,KAAK,CAAC,CAAC;QAC5B,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,qBAAqB,EAAE,MAAM,CAAC,CAAC;QAC7D,IAAI,oBAAoB,CAAC,KAAK,CAAC,EAAE,CAAC;YAChC,QAAQ,CAAC,IAAI,CAAC;gBACZ,OAAO,EAAE,OAAO,eAAe,IAAI,OAAO,GAAG,mBAAmB,EAAE;gBAClE,KAAK,EAAE,GAAG;aACX,CAAC,CAAC;YACH,SAAS;QACX,CAAC;QACD,QAAQ,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,CAAC;IAClD,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,SAAS,UAAU,CAAC,KAAa,EAAE,OAAiC;IAClE,IAAI,OAAO,CAAC,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAClC,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC;IACvC,CAAC;IACD,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,IAAI,MAAM,GAAG,KAAK,CAAC;IACnB,KAAK,MAAM,OAAO,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;QACvC,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC;QACzD,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,EAAE;YAClC,OAAO,IAAI,CAAC,CAAC;YACb,OAAO,OAAO,CAAC,WAAW,CAAC;QAC7B,CAAC,CAAC,CAAC;IACL,CAAC;IACD,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,CAAC;AACrC,CAAC;AAED,SAAS,gBAAgB,CAAC,OAAuB;IAC/C,MAAM,UAAU,GACd,OAAO,CAAC,QAAQ,IAAI,OAAO,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IAE1F,OAAO;QACL,QAAQ,EAAE,mBAAmB,CAAC,OAAO,CAAC,MAAM,CAAC;QAC7C,WAAW,EAAE,OAAO,CAAC,WAAW,IAAI,KAAK;QACzC,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,UAAU,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KACtC,CAAC;AACJ,CAAC;AAED,SAAS,kBAAkB,CACzB,KAAc,EACd,UAAoC;IAEpC,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QAC9B,OAAO,UAAU,CAAC,KAAK,EAAE,UAAU,CAAC,CAAC;IACvC,CAAC;IACD,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACzB,IAAI,OAAO,GAAG,CAAC,CAAC;QAChB,MAAM,WAAW,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE;YACrC,MAAM,MAAM,GAAG,kBAAkB,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;YACpD,OAAO,IAAI,MAAM,CAAC,OAAO,CAAC;YAC1B,OAAO,MAAM,CAAC,MAAM,CAAC;QACvB,CAAC,CAAC,CAAC;QACH,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,OAAO,EAAE,CAAC;IAC1C,CAAC;IACD,IAAI,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QACvC,IAAI,OAAO,GAAG,CAAC,CAAC;QAChB,MAAM,OAAO,GAAG,MAAM,CAAC,OAAO,CAAC,KAAgC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,IAAI,CAAC,EAAE,EAAE;YACnF,IAAI,UAAU,CAAC,UAAU,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;gBACpC,OAAO,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;YACrB,CAAC;YACD,MAAM,MAAM,GAAG,kBAAkB,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;YACpD,OAAO,IAAI,MAAM,CAAC,OAAO,CAAC;YAC1B,OAAO,CAAC,GAAG,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC;QAC9B,CAAC,CAAC,CAAC;QACH,OAAO,EAAE,MAAM,EAAE,MAAM,CAAC,WAAW,CAAC,OAAO,CAAC,EAAE,OAAO,EAAE,CAAC;IAC1D,CAAC;IACD,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC;AACvC,CAAC;AAED,MAAM,UAAU,SAAS,CAAC,KAAc,EAAE,OAAuB;IAC/D,MAAM,UAAU,GAAG,gBAAgB,CAAC,OAAO,CAAC,CAAC;IAC7C,OAAO,kBAAkB,CAAC,KAAK,EAAE,UAAU,CAAC,CAAC;AAC/C,CAAC"}
|
|
@@ -0,0 +1,46 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Normalizes a database path by resolving to its canonical form.
|
|
3
|
+
*
|
|
4
|
+
* This prevents lock file and queue key bypass issues caused by symlinks or OS path aliases.
|
|
5
|
+
* The normalization strategy is:
|
|
6
|
+
* 1. Resolve to absolute path
|
|
7
|
+
* 2. If file exists, normalize the full path using realpathSync (follows symlinks)
|
|
8
|
+
* 3. If file doesn't exist, normalize parent directory and append filename
|
|
9
|
+
*
|
|
10
|
+
* Why this two-stage approach?
|
|
11
|
+
* - Database file may not exist yet (first indexer run)
|
|
12
|
+
* - realpathSync throws ENOENT on non-existent files
|
|
13
|
+
* - Must call ensureDbParentDir BEFORE this function to ensure parent exists
|
|
14
|
+
* - Once file exists, we normalize the full path to prevent symlink bypass
|
|
15
|
+
*
|
|
16
|
+
* @param input - Path to database file (may be relative or absolute)
|
|
17
|
+
* @returns Normalized absolute path (full path if exists, parent+filename if not)
|
|
18
|
+
*
|
|
19
|
+
* @example
|
|
20
|
+
* // First run (DB doesn't exist, symlink parent):
|
|
21
|
+
* ensureDbParentDir("/link/to/db.duckdb"); // Creates /real/path/
|
|
22
|
+
* normalizeDbPath("/link/to/db.duckdb") // "/real/path/db.duckdb"
|
|
23
|
+
*
|
|
24
|
+
* // Second run (DB exists, accessed via symlink):
|
|
25
|
+
* normalizeDbPath("/link/db.duckdb") // "/real/path/db.duckdb"
|
|
26
|
+
*
|
|
27
|
+
* // Result: Same normalized path → same lock file, same queue key
|
|
28
|
+
*/
|
|
29
|
+
export declare function normalizeDbPath(input: string): string;
|
|
30
|
+
/**
|
|
31
|
+
* Ensures the parent directory of a database path exists.
|
|
32
|
+
* This should be called before normalizeDbPath to guarantee successful normalization.
|
|
33
|
+
*
|
|
34
|
+
* @param dbPath - Path to database file
|
|
35
|
+
*/
|
|
36
|
+
export declare function ensureDbParentDir(dbPath: string): Promise<void>;
|
|
37
|
+
/**
|
|
38
|
+
* リポジトリパスを正規化して返す。realpath に失敗した場合は resolve 結果を使用する。
|
|
39
|
+
*/
|
|
40
|
+
export declare function normalizeRepoPath(input: string): string;
|
|
41
|
+
/**
|
|
42
|
+
* 旧バージョンのパス表現(resolve ベース)との互換性を保つための候補一覧を返す。
|
|
43
|
+
* 配列の先頭は正規化済みパス。
|
|
44
|
+
*/
|
|
45
|
+
export declare function getRepoPathCandidates(input: string): string[];
|
|
46
|
+
//# sourceMappingURL=path.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"path.d.ts","sourceRoot":"","sources":["../../../../src/shared/utils/path.ts"],"names":[],"mappings":"AAIA;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;AACH,wBAAgB,eAAe,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CA2BrD;AAED;;;;;GAKG;AACH,wBAAsB,iBAAiB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAGrE;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAOvD;AAED;;;GAGG;AACH,wBAAgB,qBAAqB,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,EAAE,CAQ7D"}
|
|
@@ -0,0 +1,94 @@
|
|
|
1
|
+
import { existsSync, realpathSync } from "node:fs";
|
|
2
|
+
import { mkdir } from "node:fs/promises";
|
|
3
|
+
import { dirname, basename, join, resolve } from "node:path";
|
|
4
|
+
/**
|
|
5
|
+
* Normalizes a database path by resolving to its canonical form.
|
|
6
|
+
*
|
|
7
|
+
* This prevents lock file and queue key bypass issues caused by symlinks or OS path aliases.
|
|
8
|
+
* The normalization strategy is:
|
|
9
|
+
* 1. Resolve to absolute path
|
|
10
|
+
* 2. If file exists, normalize the full path using realpathSync (follows symlinks)
|
|
11
|
+
* 3. If file doesn't exist, normalize parent directory and append filename
|
|
12
|
+
*
|
|
13
|
+
* Why this two-stage approach?
|
|
14
|
+
* - Database file may not exist yet (first indexer run)
|
|
15
|
+
* - realpathSync throws ENOENT on non-existent files
|
|
16
|
+
* - Must call ensureDbParentDir BEFORE this function to ensure parent exists
|
|
17
|
+
* - Once file exists, we normalize the full path to prevent symlink bypass
|
|
18
|
+
*
|
|
19
|
+
* @param input - Path to database file (may be relative or absolute)
|
|
20
|
+
* @returns Normalized absolute path (full path if exists, parent+filename if not)
|
|
21
|
+
*
|
|
22
|
+
* @example
|
|
23
|
+
* // First run (DB doesn't exist, symlink parent):
|
|
24
|
+
* ensureDbParentDir("/link/to/db.duckdb"); // Creates /real/path/
|
|
25
|
+
* normalizeDbPath("/link/to/db.duckdb") // "/real/path/db.duckdb"
|
|
26
|
+
*
|
|
27
|
+
* // Second run (DB exists, accessed via symlink):
|
|
28
|
+
* normalizeDbPath("/link/db.duckdb") // "/real/path/db.duckdb"
|
|
29
|
+
*
|
|
30
|
+
* // Result: Same normalized path → same lock file, same queue key
|
|
31
|
+
*/
|
|
32
|
+
export function normalizeDbPath(input) {
|
|
33
|
+
const abs = resolve(input);
|
|
34
|
+
// Fix #1: If file exists, normalize the full path including the file itself
|
|
35
|
+
// This prevents symlink bypass: /tmp/db.duckdb -> /var/index.duckdb
|
|
36
|
+
if (existsSync(abs)) {
|
|
37
|
+
try {
|
|
38
|
+
return realpathSync.native(abs);
|
|
39
|
+
}
|
|
40
|
+
catch {
|
|
41
|
+
// Fallback to parent normalization if full path fails
|
|
42
|
+
// (e.g., permissions issue)
|
|
43
|
+
}
|
|
44
|
+
}
|
|
45
|
+
// File doesn't exist yet - normalize parent and append filename
|
|
46
|
+
const parentDir = dirname(abs);
|
|
47
|
+
const filename = basename(abs);
|
|
48
|
+
try {
|
|
49
|
+
// Normalize parent directory to canonical form
|
|
50
|
+
const canonicalParent = realpathSync.native(parentDir);
|
|
51
|
+
return join(canonicalParent, filename);
|
|
52
|
+
}
|
|
53
|
+
catch {
|
|
54
|
+
// Parent directory doesn't exist yet - caller should have called ensureDbParentDir
|
|
55
|
+
// Return unnormalized path as fallback (will cause issues!)
|
|
56
|
+
return abs;
|
|
57
|
+
}
|
|
58
|
+
}
|
|
59
|
+
/**
|
|
60
|
+
* Ensures the parent directory of a database path exists.
|
|
61
|
+
* This should be called before normalizeDbPath to guarantee successful normalization.
|
|
62
|
+
*
|
|
63
|
+
* @param dbPath - Path to database file
|
|
64
|
+
*/
|
|
65
|
+
export async function ensureDbParentDir(dbPath) {
|
|
66
|
+
const parentDir = dirname(resolve(dbPath));
|
|
67
|
+
await mkdir(parentDir, { recursive: true });
|
|
68
|
+
}
|
|
69
|
+
/**
|
|
70
|
+
* リポジトリパスを正規化して返す。realpath に失敗した場合は resolve 結果を使用する。
|
|
71
|
+
*/
|
|
72
|
+
export function normalizeRepoPath(input) {
|
|
73
|
+
const abs = resolve(input);
|
|
74
|
+
try {
|
|
75
|
+
return realpathSync.native(abs);
|
|
76
|
+
}
|
|
77
|
+
catch {
|
|
78
|
+
return abs;
|
|
79
|
+
}
|
|
80
|
+
}
|
|
81
|
+
/**
|
|
82
|
+
* 旧バージョンのパス表現(resolve ベース)との互換性を保つための候補一覧を返す。
|
|
83
|
+
* 配列の先頭は正規化済みパス。
|
|
84
|
+
*/
|
|
85
|
+
export function getRepoPathCandidates(input) {
|
|
86
|
+
const normalized = normalizeRepoPath(input);
|
|
87
|
+
const legacy = resolve(input);
|
|
88
|
+
const candidates = [normalized];
|
|
89
|
+
if (legacy !== normalized) {
|
|
90
|
+
candidates.push(legacy);
|
|
91
|
+
}
|
|
92
|
+
return candidates;
|
|
93
|
+
}
|
|
94
|
+
//# sourceMappingURL=path.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"path.js","sourceRoot":"","sources":["../../../../src/shared/utils/path.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACnD,OAAO,EAAE,KAAK,EAAE,MAAM,kBAAkB,CAAC;AACzC,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAE7D;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;AACH,MAAM,UAAU,eAAe,CAAC,KAAa;IAC3C,MAAM,GAAG,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC;IAE3B,4EAA4E;IAC5E,oEAAoE;IACpE,IAAI,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QACpB,IAAI,CAAC;YACH,OAAO,YAAY,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAClC,CAAC;QAAC,MAAM,CAAC;YACP,sDAAsD;YACtD,4BAA4B;QAC9B,CAAC;IACH,CAAC;IAED,gEAAgE;IAChE,MAAM,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC;IAC/B,MAAM,QAAQ,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC;IAE/B,IAAI,CAAC;QACH,+CAA+C;QAC/C,MAAM,eAAe,GAAG,YAAY,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QACvD,OAAO,IAAI,CAAC,eAAe,EAAE,QAAQ,CAAC,CAAC;IACzC,CAAC;IAAC,MAAM,CAAC;QACP,mFAAmF;QACnF,4DAA4D;QAC5D,OAAO,GAAG,CAAC;IACb,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CAAC,MAAc;IACpD,MAAM,SAAS,GAAG,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC;IAC3C,MAAM,KAAK,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;AAC9C,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,iBAAiB,CAAC,KAAa;IAC7C,MAAM,GAAG,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC;IAC3B,IAAI,CAAC;QACH,OAAO,YAAY,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IAClC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,GAAG,CAAC;IACb,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,qBAAqB,CAAC,KAAa;IACjD,MAAM,UAAU,GAAG,iBAAiB,CAAC,KAAK,CAAC,CAAC;IAC5C,MAAM,MAAM,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC;IAC9B,MAAM,UAAU,GAAG,CAAC,UAAU,CAAC,CAAC;IAChC,IAAI,MAAM,KAAK,UAAU,EAAE,CAAC;QAC1B,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAC1B,CAAC;IACD,OAAO,UAAU,CAAC;AACpB,CAAC"}
|
|
@@ -9,10 +9,12 @@
|
|
|
9
9
|
* プラットフォームに応じた適切なソケットパスを生成
|
|
10
10
|
*
|
|
11
11
|
* Windows環境では名前付きパイプ形式(\\.\pipe\kiri-<hash>)を使用し、
|
|
12
|
-
* Unix系環境ではファイルシステムパス(<databasePath>.sock
|
|
12
|
+
* Unix系環境ではファイルシステムパス(<databasePath>.sock)を使用し、
|
|
13
|
+
* パス長が上限を超える場合は /tmp などの短いディレクトリに自動フォールバックする。
|
|
13
14
|
*
|
|
14
15
|
* **セキュリティ注意事項**:
|
|
15
16
|
* - Unix: ソケットファイルは0600パーミッション(所有者のみアクセス可能)で保護
|
|
17
|
+
* しつつ、KIRI_SOCKET_DIR でフォールバック先ディレクトリを明示できます。
|
|
16
18
|
* - Windows: 名前付きパイプはデフォルトACLを使用(同一システムの他ユーザーが
|
|
17
19
|
* アクセス可能な場合がある)。ハッシュベースのパイプ名で曖昧性を提供するが、
|
|
18
20
|
* マルチユーザー環境では信頼できる環境でのみ使用することを推奨。
|
|
@@ -36,7 +38,9 @@
|
|
|
36
38
|
* getSocketPath("C:\\Users\\user\\database.duckdb")
|
|
37
39
|
* // => "\\\\.\\pipe\\myapp-a1b2c3d4..."
|
|
38
40
|
*/
|
|
39
|
-
export declare function getSocketPath(databasePath: string
|
|
41
|
+
export declare function getSocketPath(databasePath: string, options?: {
|
|
42
|
+
ensureDir?: boolean;
|
|
43
|
+
}): string;
|
|
40
44
|
/**
|
|
41
45
|
* ソケットパスからデータベースパスを推測(Unix系のみ)
|
|
42
46
|
*
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"socket.d.ts","sourceRoot":"","sources":["../../../../src/shared/utils/socket.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;
|
|
1
|
+
{"version":3,"file":"socket.d.ts","sourceRoot":"","sources":["../../../../src/shared/utils/socket.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAsDH;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgCG;AACH,wBAAgB,aAAa,CAAC,YAAY,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE;IAAE,SAAS,CAAC,EAAE,OAAO,CAAA;CAAE,GAAG,MAAM,CAsB7F;AAED;;;;;;;;GAQG;AACH,wBAAgB,yBAAyB,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAY3E;AAED;;;;;GAKG;AACH,wBAAgB,sBAAsB,CAAC,YAAY,EAAE,MAAM,GAAG,MAAM,CA+BnE"}
|
|
@@ -6,16 +6,56 @@
|
|
|
6
6
|
* - Windows: Named pipes (e.g., \\.\pipe\kiri-<hash>)
|
|
7
7
|
*/
|
|
8
8
|
import * as crypto from "crypto";
|
|
9
|
+
import { mkdirSync } from "node:fs";
|
|
9
10
|
import * as os from "os";
|
|
10
11
|
import * as path from "path";
|
|
12
|
+
const UNIX_SOCKET_PATH_MAX = 96; // macOS 104-byte limitに安全マージンを残す
|
|
13
|
+
const SOCKET_PREFIX = "kiri";
|
|
14
|
+
const SOCKET_DIR_ENV = "KIRI_SOCKET_DIR";
|
|
15
|
+
function sanitizeBaseName(fileName) {
|
|
16
|
+
const sanitized = fileName.replace(/[^a-zA-Z0-9]/g, "-");
|
|
17
|
+
return sanitized.length > 0 ? sanitized.toLowerCase() : "db";
|
|
18
|
+
}
|
|
19
|
+
function ensureSocketDir(dirPath) {
|
|
20
|
+
try {
|
|
21
|
+
mkdirSync(dirPath, { recursive: true, mode: 0o700 });
|
|
22
|
+
}
|
|
23
|
+
catch (error) {
|
|
24
|
+
const err = error;
|
|
25
|
+
throw new Error(`Failed to prepare socket directory ${dirPath}: ${err.message}. ` +
|
|
26
|
+
`Set ${SOCKET_DIR_ENV} to a writable directory.`);
|
|
27
|
+
}
|
|
28
|
+
}
|
|
29
|
+
function buildFallbackUnixSocketPath(databasePath, ensureDir) {
|
|
30
|
+
const fallbackDir = process.env[SOCKET_DIR_ENV] || os.tmpdir();
|
|
31
|
+
const hash = crypto.createHash("sha256").update(databasePath).digest("hex");
|
|
32
|
+
const baseName = sanitizeBaseName(path.basename(databasePath));
|
|
33
|
+
const candidates = [
|
|
34
|
+
path.join(fallbackDir, `${SOCKET_PREFIX}-${baseName}-${hash.slice(0, 12)}.sock`),
|
|
35
|
+
path.join(fallbackDir, `${SOCKET_PREFIX}-${hash.slice(0, 12)}.sock`),
|
|
36
|
+
path.join(fallbackDir, `${SOCKET_PREFIX}-${hash.slice(0, 8)}.sock`),
|
|
37
|
+
];
|
|
38
|
+
for (const candidate of candidates) {
|
|
39
|
+
if (Buffer.byteLength(candidate, "utf8") <= UNIX_SOCKET_PATH_MAX) {
|
|
40
|
+
if (ensureDir) {
|
|
41
|
+
ensureSocketDir(path.dirname(candidate));
|
|
42
|
+
}
|
|
43
|
+
return candidate;
|
|
44
|
+
}
|
|
45
|
+
}
|
|
46
|
+
throw new Error(`Unable to construct Unix socket path under ${UNIX_SOCKET_PATH_MAX} characters. ` +
|
|
47
|
+
`Set ${SOCKET_DIR_ENV} to a shorter directory.`);
|
|
48
|
+
}
|
|
11
49
|
/**
|
|
12
50
|
* プラットフォームに応じた適切なソケットパスを生成
|
|
13
51
|
*
|
|
14
52
|
* Windows環境では名前付きパイプ形式(\\.\pipe\kiri-<hash>)を使用し、
|
|
15
|
-
* Unix系環境ではファイルシステムパス(<databasePath>.sock
|
|
53
|
+
* Unix系環境ではファイルシステムパス(<databasePath>.sock)を使用し、
|
|
54
|
+
* パス長が上限を超える場合は /tmp などの短いディレクトリに自動フォールバックする。
|
|
16
55
|
*
|
|
17
56
|
* **セキュリティ注意事項**:
|
|
18
57
|
* - Unix: ソケットファイルは0600パーミッション(所有者のみアクセス可能)で保護
|
|
58
|
+
* しつつ、KIRI_SOCKET_DIR でフォールバック先ディレクトリを明示できます。
|
|
19
59
|
* - Windows: 名前付きパイプはデフォルトACLを使用(同一システムの他ユーザーが
|
|
20
60
|
* アクセス可能な場合がある)。ハッシュベースのパイプ名で曖昧性を提供するが、
|
|
21
61
|
* マルチユーザー環境では信頼できる環境でのみ使用することを推奨。
|
|
@@ -39,21 +79,26 @@ import * as path from "path";
|
|
|
39
79
|
* getSocketPath("C:\\Users\\user\\database.duckdb")
|
|
40
80
|
* // => "\\\\.\\pipe\\myapp-a1b2c3d4..."
|
|
41
81
|
*/
|
|
42
|
-
export function getSocketPath(databasePath) {
|
|
82
|
+
export function getSocketPath(databasePath, options) {
|
|
83
|
+
const ensureDir = options?.ensureDir ?? false;
|
|
43
84
|
if (os.platform() === "win32") {
|
|
44
85
|
// Windows: 名前付きパイプを使用
|
|
45
86
|
// データベースパスのハッシュを使ってユニークなパイプ名を生成
|
|
46
87
|
const hash = crypto.createHash("sha256").update(databasePath).digest("hex");
|
|
47
88
|
// 環境変数でプレフィックスをカスタマイズ可能(追加のセキュリティ層)
|
|
48
|
-
const prefix = process.env.KIRI_PIPE_PREFIX ||
|
|
89
|
+
const prefix = process.env.KIRI_PIPE_PREFIX || SOCKET_PREFIX;
|
|
49
90
|
// 最初の16文字を使用(衝突リスクは極めて低い)
|
|
50
91
|
const pipeName = `${prefix}-${hash.substring(0, 16)}`;
|
|
51
92
|
return `\\\\.\\pipe\\${pipeName}`;
|
|
52
93
|
}
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
94
|
+
const defaultSocketPath = `${databasePath}.sock`;
|
|
95
|
+
if (Buffer.byteLength(defaultSocketPath, "utf8") <= UNIX_SOCKET_PATH_MAX) {
|
|
96
|
+
if (ensureDir) {
|
|
97
|
+
ensureSocketDir(path.dirname(defaultSocketPath));
|
|
98
|
+
}
|
|
99
|
+
return defaultSocketPath;
|
|
56
100
|
}
|
|
101
|
+
return buildFallbackUnixSocketPath(databasePath, ensureDir);
|
|
57
102
|
}
|
|
58
103
|
/**
|
|
59
104
|
* ソケットパスからデータベースパスを推測(Unix系のみ)
|
|
@@ -84,8 +129,11 @@ export function getDatabasePathFromSocket(socketPath) {
|
|
|
84
129
|
export function getSocketPathDebugInfo(databasePath) {
|
|
85
130
|
const socketPath = getSocketPath(databasePath);
|
|
86
131
|
const platform = os.platform();
|
|
87
|
-
const
|
|
88
|
-
|
|
132
|
+
const defaultUnixSocket = `${databasePath}.sock`;
|
|
133
|
+
// プラットフォーム固有のpathモジュールを使用して正しくパースする
|
|
134
|
+
const pathModule = platform === "win32" ? path.win32 : path.posix;
|
|
135
|
+
const dbDir = pathModule.dirname(databasePath);
|
|
136
|
+
const dbBase = pathModule.basename(databasePath);
|
|
89
137
|
if (platform === "win32") {
|
|
90
138
|
return [
|
|
91
139
|
`Database: ${dbBase} (${dbDir})`,
|
|
@@ -94,11 +142,15 @@ export function getSocketPathDebugInfo(databasePath) {
|
|
|
94
142
|
].join("\n");
|
|
95
143
|
}
|
|
96
144
|
else {
|
|
97
|
-
|
|
145
|
+
const lines = [
|
|
98
146
|
`Database: ${dbBase} (${dbDir})`,
|
|
99
147
|
`Socket: ${socketPath} (Unix domain socket)`,
|
|
100
148
|
`Permissions: Owner-only (0600)`,
|
|
101
|
-
]
|
|
149
|
+
];
|
|
150
|
+
if (socketPath !== defaultUnixSocket) {
|
|
151
|
+
lines.push(`Fallback: Socket path shortened (set ${SOCKET_DIR_ENV} to override base directory)`);
|
|
152
|
+
}
|
|
153
|
+
return lines.join("\n");
|
|
102
154
|
}
|
|
103
155
|
}
|
|
104
156
|
//# sourceMappingURL=socket.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"socket.js","sourceRoot":"","sources":["../../../../src/shared/utils/socket.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,MAAM,MAAM,QAAQ,CAAC;AACjC,OAAO,KAAK,EAAE,MAAM,IAAI,CAAC;AACzB,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAE7B
|
|
1
|
+
{"version":3,"file":"socket.js","sourceRoot":"","sources":["../../../../src/shared/utils/socket.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,MAAM,MAAM,QAAQ,CAAC;AACjC,OAAO,EAAE,SAAS,EAAE,MAAM,SAAS,CAAC;AACpC,OAAO,KAAK,EAAE,MAAM,IAAI,CAAC;AACzB,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAE7B,MAAM,oBAAoB,GAAG,EAAE,CAAC,CAAC,iCAAiC;AAClE,MAAM,aAAa,GAAG,MAAM,CAAC;AAC7B,MAAM,cAAc,GAAG,iBAAiB,CAAC;AAEzC,SAAS,gBAAgB,CAAC,QAAgB;IACxC,MAAM,SAAS,GAAG,QAAQ,CAAC,OAAO,CAAC,eAAe,EAAE,GAAG,CAAC,CAAC;IACzD,OAAO,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;AAC/D,CAAC;AAED,SAAS,eAAe,CAAC,OAAe;IACtC,IAAI,CAAC;QACH,SAAS,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;IACvD,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,GAAG,GAAG,KAA8B,CAAC;QAC3C,MAAM,IAAI,KAAK,CACb,sCAAsC,OAAO,KAAK,GAAG,CAAC,OAAO,IAAI;YAC/D,OAAO,cAAc,2BAA2B,CACnD,CAAC;IACJ,CAAC;AACH,CAAC;AAED,SAAS,2BAA2B,CAAC,YAAoB,EAAE,SAAkB;IAC3E,MAAM,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,EAAE,CAAC,MAAM,EAAE,CAAC;IAC/D,MAAM,IAAI,GAAG,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAC5E,MAAM,QAAQ,GAAG,gBAAgB,CAAC,IAAI,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC,CAAC;IAE/D,MAAM,UAAU,GAAG;QACjB,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,aAAa,IAAI,QAAQ,IAAI,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC;QAChF,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,aAAa,IAAI,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC;QACpE,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,aAAa,IAAI,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,OAAO,CAAC;KACpE,CAAC;IAEF,KAAK,MAAM,SAAS,IAAI,UAAU,EAAE,CAAC;QACnC,IAAI,MAAM,CAAC,UAAU,CAAC,SAAS,EAAE,MAAM,CAAC,IAAI,oBAAoB,EAAE,CAAC;YACjE,IAAI,SAAS,EAAE,CAAC;gBACd,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,CAAC;YAC3C,CAAC;YACD,OAAO,SAAS,CAAC;QACnB,CAAC;IACH,CAAC;IAED,MAAM,IAAI,KAAK,CACb,8CAA8C,oBAAoB,eAAe;QAC/E,OAAO,cAAc,0BAA0B,CAClD,CAAC;AACJ,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgCG;AACH,MAAM,UAAU,aAAa,CAAC,YAAoB,EAAE,OAAiC;IACnF,MAAM,SAAS,GAAG,OAAO,EAAE,SAAS,IAAI,KAAK,CAAC;IAC9C,IAAI,EAAE,CAAC,QAAQ,EAAE,KAAK,OAAO,EAAE,CAAC;QAC9B,sBAAsB;QACtB,gCAAgC;QAChC,MAAM,IAAI,GAAG,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QAC5E,oCAAoC;QACpC,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,gBAAgB,IAAI,aAAa,CAAC;QAC7D,0BAA0B;QAC1B,MAAM,QAAQ,GAAG,GAAG,MAAM,IAAI,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC;QACtD,OAAO,gBAAgB,QAAQ,EAAE,CAAC;IACpC,CAAC;IAED,MAAM,iBAAiB,GAAG,GAAG,YAAY,OAAO,CAAC;IACjD,IAAI,MAAM,CAAC,UAAU,CAAC,iBAAiB,EAAE,MAAM,CAAC,IAAI,oBAAoB,EAAE,CAAC;QACzE,IAAI,SAAS,EAAE,CAAC;YACd,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,iBAAiB,CAAC,CAAC,CAAC;QACnD,CAAC;QACD,OAAO,iBAAiB,CAAC;IAC3B,CAAC;IAED,OAAO,2BAA2B,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;AAC9D,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,UAAU,yBAAyB,CAAC,UAAkB;IAC1D,IAAI,EAAE,CAAC,QAAQ,EAAE,KAAK,OAAO,EAAE,CAAC;QAC9B,iCAAiC;QACjC,OAAO,IAAI,CAAC;IACd,CAAC;IAED,qBAAqB;IACrB,IAAI,UAAU,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;QACjC,OAAO,UAAU,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,gBAAgB;IAClD,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,sBAAsB,CAAC,YAAoB;IACzD,MAAM,UAAU,GAAG,aAAa,CAAC,YAAY,CAAC,CAAC;IAC/C,MAAM,QAAQ,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC;IAC/B,MAAM,iBAAiB,GAAG,GAAG,YAAY,OAAO,CAAC;IAEjD,oCAAoC;IACpC,MAAM,UAAU,GAAG,QAAQ,KAAK,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC;IAClE,MAAM,KAAK,GAAG,UAAU,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;IAC/C,MAAM,MAAM,GAAG,UAAU,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC;IAEjD,IAAI,QAAQ,KAAK,OAAO,EAAE,CAAC;QACzB,OAAO;YACL,aAAa,MAAM,KAAK,KAAK,GAAG;YAChC,WAAW,UAAU,uBAAuB;YAC5C,mEAAmE;SACpE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACf,CAAC;SAAM,CAAC;QACN,MAAM,KAAK,GAAG;YACZ,aAAa,MAAM,KAAK,KAAK,GAAG;YAChC,WAAW,UAAU,uBAAuB;YAC5C,gCAAgC;SACjC,CAAC;QAEF,IAAI,UAAU,KAAK,iBAAiB,EAAE,CAAC;YACrC,KAAK,CAAC,IAAI,CACR,wCAAwC,cAAc,8BAA8B,CACrF,CAAC;QACJ,CAAC;QAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;AACH,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "kiri-mcp-server",
|
|
3
|
-
"version": "0.9.
|
|
3
|
+
"version": "0.9.9",
|
|
4
4
|
"description": "KIRI context extraction platform",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"packageManager": "pnpm@9.0.0",
|
|
@@ -56,6 +56,13 @@
|
|
|
56
56
|
"dev": "tsx src/server/main.ts --port 8765",
|
|
57
57
|
"lint": "eslint \"{src,tests,scripts}/**/*.{ts,tsx}\" && prettier --check \"**/*.{ts,tsx,json,md,yml}\"",
|
|
58
58
|
"test": "vitest run --coverage --pool=forks --poolOptions.forks.singleFork --poolOptions.forks.maxForks=1 --poolOptions.forks.minForks=1",
|
|
59
|
+
"verify": "tsx scripts/test/verify-all.ts",
|
|
60
|
+
"verify:unit": "tsx scripts/test/verify-all.ts --category unit",
|
|
61
|
+
"verify:dart": "tsx scripts/test/verify-all.ts --category dart",
|
|
62
|
+
"verify:integration": "tsx scripts/test/verify-all.ts --category integration",
|
|
63
|
+
"verify:tools": "tsx scripts/test/verify-all.ts --category tools",
|
|
64
|
+
"verify:watch": "tsx scripts/test/verify-all.ts --category watch",
|
|
65
|
+
"verify:eval": "tsx scripts/test/verify-all.ts --category eval",
|
|
59
66
|
"check": "pnpm run lint && pnpm run test",
|
|
60
67
|
"prepublishOnly": "pnpm run build"
|
|
61
68
|
},
|
|
@@ -63,7 +70,9 @@
|
|
|
63
70
|
"chokidar": "^4.0.3",
|
|
64
71
|
"duckdb": "^1.1.0",
|
|
65
72
|
"gpt-tokenizer": "^3.2.0",
|
|
73
|
+
"p-queue": "^9.0.0",
|
|
66
74
|
"tree-sitter": "^0.22.0",
|
|
75
|
+
"tree-sitter-java": "^0.23.2",
|
|
67
76
|
"tree-sitter-php": "^0.22.8",
|
|
68
77
|
"tree-sitter-swift": "0.7.1",
|
|
69
78
|
"typescript": "^5.6.3",
|
|
@@ -78,6 +87,7 @@
|
|
|
78
87
|
"eslint": "^9.9.0",
|
|
79
88
|
"eslint-config-prettier": "^9.1.0",
|
|
80
89
|
"eslint-plugin-import": "^2.29.1",
|
|
90
|
+
"execa": "^9.6.0",
|
|
81
91
|
"lint-staged": "^15.2.10",
|
|
82
92
|
"prettier": "^3.3.3",
|
|
83
93
|
"simple-git-hooks": "^2.10.0",
|