npm - kubeagent - Versions diffs - 0.1.8 → 0.1.10 - Mend

kubeagent 0.1.8 → 0.1.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/auth.js +21 -14
package/dist/cli.js +3 -0
package/dist/update-notifier.d.ts +1 -0
package/dist/update-notifier.js +38 -0
package/dist/update-notifier.test.d.ts +1 -0
package/dist/update-notifier.test.js +50 -0
package/package.json +1 -1

package/dist/auth.js CHANGED Viewed

@@ -53,13 +53,19 @@ export async function loginBrowser(serverUrl, appUrl) {
                 res.end();
                 return;
             }
-            const url = new URL(req.url, "http://localhost");
-            const receivedState = url.searchParams.get("state");
-            const token = url.searchParams.get("token");
-            const email = url.searchParams.get("email") ?? "";
-            const name = url.searchParams.get("name") ?? "";
-            res.writeHead(200, { "Content-Type": "text/html; charset=utf-8" });
-            res.end(`<!DOCTYPE html>
+            // Parse credentials from POST body (hidden form submit) to avoid
+            // leaking the JWT in URL query params, browser history, and Referer headers.
+            const chunks = [];
+            req.on("data", (chunk) => chunks.push(chunk));
+            req.on("end", () => {
+                const body = Buffer.concat(chunks).toString();
+                const params = new URLSearchParams(body);
+                const receivedState = params.get("state");
+                const token = params.get("token");
+                const email = params.get("email") ?? "";
+                const name = params.get("name") ?? "";
+                res.writeHead(200, { "Content-Type": "text/html; charset=utf-8" });
+                res.end(`<!DOCTYPE html>
 <html lang="en">
 <head>
   <meta charset="UTF-8" />
@@ -89,13 +95,14 @@ export async function loginBrowser(serverUrl, appUrl) {
   </div>
 </body>
 </html>`);
-            server.close();
-            if (receivedState !== state || !token) {
-                reject(new Error("Invalid callback — state mismatch or missing token"));
-            }
-            else {
-                resolve({ token, email, name });
-            }
+                server.close();
+                if (receivedState !== state || !token) {
+                    reject(new Error("Invalid callback — state mismatch or missing token"));
+                }
+                else {
+                    resolve({ token, email, name });
+                }
+            });
         });
         server.listen(0, "127.0.0.1", async () => {
             const port = server.address().port;

package/dist/cli.js CHANGED Viewed

@@ -25,6 +25,7 @@ import { scanProjectDirectory, matchProjectsToWorkloads, bestMatches } from "./o
 import { scanCluster } from "./onboard/cluster-scan.js";
 import { formatProjectMarkdown } from "./onboard/code-scan.js";
 import { writeProjectKb, ensureKbDir } from "./kb/writer.js";
+import { checkForUpdate } from "./update-notifier.js";
 const program = new Command();
 program
     .name("kubeagent")
@@ -462,3 +463,5 @@ program
     }
 });
 program.parse();
+// Non-blocking update check — runs after command completes
+checkForUpdate();

package/dist/update-notifier.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export declare function checkForUpdate(): Promise<void>;

package/dist/update-notifier.js ADDED Viewed

@@ -0,0 +1,38 @@
+import chalk from "chalk";
+import { createRequire } from "node:module";
+const require = createRequire(import.meta.url);
+const { version: currentVersion } = require("../package.json");
+const REGISTRY_URL = "https://registry.npmjs.org/kubeagent/latest";
+function isNewer(latest, current) {
+    const parse = (v) => v.replace(/^v/, "").split(".").map(Number);
+    const [lMaj, lMin, lPatch] = parse(latest);
+    const [cMaj, cMin, cPatch] = parse(current);
+    if (lMaj !== cMaj)
+        return lMaj > cMaj;
+    if (lMin !== cMin)
+        return lMin > cMin;
+    return lPatch > cPatch;
+}
+export async function checkForUpdate() {
+    try {
+        const controller = new AbortController();
+        const timeout = setTimeout(() => controller.abort(), 3000);
+        const res = await fetch(REGISTRY_URL, { signal: controller.signal });
+        clearTimeout(timeout);
+        if (!res.ok)
+            return;
+        const data = (await res.json());
+        const latest = data.version;
+        if (!latest || !isNewer(latest, currentVersion))
+            return;
+        console.log("\n" +
+            chalk.yellow(`  Update available: ${currentVersion} → ${latest}`) +
+            "\n" +
+            chalk.dim("  Run ") +
+            chalk.cyan("npm update -g kubeagent") +
+            chalk.dim(" to update\n"));
+    }
+    catch {
+        // Network errors, timeouts — silently ignore
+    }
+}

package/dist/update-notifier.test.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export {};

package/dist/update-notifier.test.js ADDED Viewed

@@ -0,0 +1,50 @@
+import { describe, it, expect, vi, beforeEach, afterEach } from "vitest";
+// Mock chalk to return plain strings
+vi.mock("chalk", () => {
+    const identity = (s) => s;
+    const handler = {
+        get: () => new Proxy(identity, handler),
+        apply: (_t, _this, args) => args[0],
+    };
+    return { default: new Proxy(identity, handler) };
+});
+describe("update-notifier", () => {
+    let originalFetch;
+    beforeEach(() => {
+        originalFetch = globalThis.fetch;
+    });
+    afterEach(() => {
+        globalThis.fetch = originalFetch;
+        vi.restoreAllMocks();
+    });
+    it("prints update message when newer version exists", async () => {
+        globalThis.fetch = vi.fn().mockResolvedValue({
+            ok: true,
+            json: () => Promise.resolve({ version: "99.0.0" }),
+        });
+        const spy = vi.spyOn(console, "log").mockImplementation(() => { });
+        const { checkForUpdate } = await import("./update-notifier.js");
+        await checkForUpdate();
+        expect(spy).toHaveBeenCalled();
+        const output = spy.mock.calls.map((c) => c.join(" ")).join("\n");
+        expect(output).toContain("Update available");
+        expect(output).toContain("99.0.0");
+    });
+    it("prints nothing when already up to date", async () => {
+        globalThis.fetch = vi.fn().mockResolvedValue({
+            ok: true,
+            json: () => Promise.resolve({ version: "0.0.1" }),
+        });
+        const spy = vi.spyOn(console, "log").mockImplementation(() => { });
+        const { checkForUpdate } = await import("./update-notifier.js");
+        await checkForUpdate();
+        expect(spy).not.toHaveBeenCalled();
+    });
+    it("prints nothing on network error", async () => {
+        globalThis.fetch = vi.fn().mockRejectedValue(new Error("offline"));
+        const spy = vi.spyOn(console, "log").mockImplementation(() => { });
+        const { checkForUpdate } = await import("./update-notifier.js");
+        await checkForUpdate();
+        expect(spy).not.toHaveBeenCalled();
+    });
+});

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "kubeagent",
-  "version": "0.1.8",
+  "version": "0.1.10",
   "description": "AI-powered Kubernetes management CLI",
   "license": "SEE LICENSE IN LICENSE",
   "type": "module",