npm - lynkr - Versions diffs - 0.1.0 - Mend

lynkr 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (52) hide show

package/.eslintrc.cjs +12 -0
package/CLAUDE.md +39 -0
package/LICENSE +21 -0
package/README.md +417 -0
package/bin/cli.js +3 -0
package/index.js +3 -0
package/package.json +54 -0
package/src/api/middleware/logging.js +37 -0
package/src/api/middleware/session.js +55 -0
package/src/api/router.js +80 -0
package/src/cache/prompt.js +183 -0
package/src/clients/databricks.js +72 -0
package/src/config/index.js +301 -0
package/src/db/index.js +192 -0
package/src/diff/comments.js +153 -0
package/src/edits/index.js +171 -0
package/src/indexer/index.js +1610 -0
package/src/indexer/navigation/index.js +32 -0
package/src/indexer/navigation/providers/treeSitter.js +36 -0
package/src/indexer/parser.js +324 -0
package/src/logger/index.js +27 -0
package/src/mcp/client.js +194 -0
package/src/mcp/index.js +34 -0
package/src/mcp/permissions.js +69 -0
package/src/mcp/registry.js +225 -0
package/src/mcp/sandbox.js +238 -0
package/src/metrics/index.js +38 -0
package/src/orchestrator/index.js +1492 -0
package/src/policy/index.js +212 -0
package/src/policy/web-fallback.js +33 -0
package/src/server.js +73 -0
package/src/sessions/index.js +15 -0
package/src/sessions/record.js +31 -0
package/src/sessions/store.js +179 -0
package/src/tasks/store.js +349 -0
package/src/tests/coverage.js +173 -0
package/src/tests/index.js +171 -0
package/src/tests/store.js +213 -0
package/src/tools/edits.js +94 -0
package/src/tools/execution.js +169 -0
package/src/tools/git.js +1346 -0
package/src/tools/index.js +258 -0
package/src/tools/indexer.js +360 -0
package/src/tools/mcp-remote.js +81 -0
package/src/tools/mcp.js +116 -0
package/src/tools/process.js +151 -0
package/src/tools/stubs.js +55 -0
package/src/tools/tasks.js +260 -0
package/src/tools/tests.js +132 -0
package/src/tools/web.js +286 -0
package/src/tools/workspace.js +173 -0
package/src/workspace/index.js +95 -0

package/src/policy/index.js ADDED Viewed

@@ -0,0 +1,212 @@
+const config = require("../config");
+const logger = require("../logger");
+const SHELL_BLOCKLIST_PATTERNS = [
+  new RegExp("rm\\s+-rf\\s+/(?:\\s|$)", "i"),
+  /shutdown/i,
+  /reboot/i,
+  /systemctl\s+stop/i,
+  /mkfs\w*/i,
+  /dd\s+if=\/dev\//i,
+  /:(){:|:&};:/, // fork bomb
+  /chown\s+-R\s+root/i,
+];
+const PYTHON_BLOCKLIST_PATTERNS = [
+  /os\.remove\s*\(\s*['"]\/['"]\s*\)/i,
+  /subprocess\.(call|run)\s*\(\s*["']rm\s+-rf/i,
+  /shutil\.rmtree\s*\(\s*['"]\/['"]\s*\)/i,
+];
+const SENSITIVE_CONTENT_PATTERNS = [
+  {
+    regex: /-----BEGIN [^-]+ PRIVATE KEY-----/i,
+    replacement: "[REDACTED PRIVATE KEY]",
+  },
+  {
+    regex: new RegExp("\\b[A-Za-z0-9+/]{32,}={0,2}\\b", "g"),
+    maxLength: 64,
+    replacement: "[POTENTIAL SECRET]",
+  },
+];
+function parseArguments(call) {
+  const raw = call?.function?.arguments;
+  if (typeof raw !== "string") return {};
+  try {
+    return JSON.parse(raw);
+  } catch {
+    return {};
+  }
+}
+function isToolAllowed(toolName) {
+  if (!toolName) return true;
+  const disallowed = config.policy.disallowedTools ?? [];
+  return !disallowed.includes(toolName);
+}
+function matchesAny(patterns, value) {
+  if (typeof value !== "string") return false;
+  return patterns.some((regex) => regex.test(value));
+}
+function evaluateShellCall(args) {
+  const command =
+    typeof args.command === "string"
+      ? args.command
+      : typeof args.cmd === "string"
+      ? args.cmd
+      : typeof args.run === "string"
+      ? args.run
+      : Array.isArray(args.command)
+      ? args.command.join(" ")
+      : Array.isArray(args.args)
+      ? args.args.join(" ")
+      : "";
+  if (!command) return { allowed: true };
+  if (matchesAny(SHELL_BLOCKLIST_PATTERNS, command)) {
+    return {
+      allowed: false,
+      reason: "Command matched restricted pattern",
+    };
+  }
+  return { allowed: true };
+}
+function evaluatePythonCall(args) {
+  const code =
+    typeof args.code === "string"
+      ? args.code
+      : typeof args.script === "string"
+      ? args.script
+      : typeof args.input === "string"
+      ? args.input
+      : "";
+  if (!code) return { allowed: true };
+  if (matchesAny(PYTHON_BLOCKLIST_PATTERNS, code)) {
+    return {
+      allowed: false,
+      reason: "Python code matched restricted pattern",
+    };
+  }
+  return { allowed: true };
+}
+function evaluateToolCall({ call, toolCallsExecuted }) {
+  const toolName = call?.function?.name ?? call?.name;
+  if (!isToolAllowed(toolName)) {
+    return {
+      allowed: false,
+      reason: `Tool ${toolName} is disallowed by policy`,
+      status: 403,
+      code: "tool_disallowed",
+    };
+  }
+  const maxToolCalls = config.policy.maxToolCallsPerTurn;
+  if (toolCallsExecuted >= maxToolCalls) {
+    return {
+      allowed: false,
+      reason: `Exceeded max tool calls (${maxToolCalls})`,
+      status: 429,
+      code: "tool_limit_reached",
+    };
+  }
+  const args = parseArguments(call);
+  if (toolName && toolName.startsWith("workspace_git_")) {
+    const gitPolicy = config.policy.git ?? {};
+    if (
+      toolName === "workspace_git_push" &&
+      gitPolicy.allowPush !== true
+    ) {
+      return {
+        allowed: false,
+        reason: "Git push is disabled by policy.",
+        status: 403,
+        code: "git_push_disabled",
+      };
+    }
+    if (
+      toolName === "workspace_git_pull" &&
+      gitPolicy.allowPull !== true
+    ) {
+      return {
+        allowed: false,
+        reason: "Git pull is disabled by policy.",
+        status: 403,
+        code: "git_pull_disabled",
+      };
+    }
+    if (
+      toolName === "workspace_git_commit" &&
+      gitPolicy.allowCommit !== true
+    ) {
+      return {
+        allowed: false,
+        reason: "Git commit is disabled by policy.",
+        status: 403,
+        code: "git_commit_disabled",
+      };
+    }
+  }
+  if (toolName === "shell") {
+    const decision = evaluateShellCall(args);
+    if (!decision.allowed) {
+      return {
+        allowed: false,
+        reason: decision.reason,
+        status: 403,
+        code: "unsafe_shell_command",
+      };
+    }
+  }
+  if (toolName === "python_exec") {
+    const decision = evaluatePythonCall(args);
+    if (!decision.allowed) {
+      return {
+        allowed: false,
+        reason: decision.reason,
+        status: 403,
+        code: "unsafe_python_code",
+      };
+    }
+  }
+  return { allowed: true };
+}
+function sanitiseText(text) {
+  if (typeof text !== "string") return text;
+  let output = text;
+  for (const pattern of SENSITIVE_CONTENT_PATTERNS) {
+    if (pattern.maxLength && output.length < pattern.maxLength) continue;
+    output = output.replace(pattern.regex, pattern.replacement);
+  }
+  return output;
+}
+function sanitiseContent(contentItems) {
+  if (!Array.isArray(contentItems)) return contentItems;
+  return contentItems.map((item) => {
+    if (item?.type === "text" && typeof item.text === "string") {
+      return { ...item, text: sanitiseText(item.text) };
+    }
+    return item;
+  });
+}
+function logPolicyDecision(decision, context = {}) {
+  if (decision.allowed) return;
+  logger.warn({ decision, context }, "Policy blocked tool call");
+}
+module.exports = {
+  evaluateToolCall,
+  sanitiseContent,
+  logPolicyDecision,
+};

package/src/policy/web-fallback.js ADDED Viewed

@@ -0,0 +1,33 @@
+const BROWSING_FALLBACK_PATTERNS = [
+  /i (do|don't|cannot) have (browser|browsing|internet) (capability|access)/i,
+  /cannot look up information/i,
+  /no web browsing capability/i,
+  /can'?t (access|reach) the internet/i,
+  /(do not|don't) have access to .*web (?:browsing|browser|internet)/i,
+  /(do not|don't) have .*browser/i,
+  /web(fetch|_fetch| search).*(not available|disabled|unavailable)/i,
+  /tool.*(not available|disabled|unavailable)/i,
+  /don't have access to real-time/i,
+];
+function needsWebFallback(text) {
+  if (typeof text !== "string") return false;
+  const trimmed = text.trim();
+  if (!trimmed) return false;
+  // If the response already includes concrete financial data, skip fallback.
+  if (
+    /\bclosed at \$\d[\d.,]*/i.test(trimmed) ||
+    /\bprevious close\b/i.test(trimmed) ||
+    /\bday'?s range\b/i.test(trimmed) ||
+    /\btrading volume\b/i.test(trimmed)
+  ) {
+    return false;
+  }
+  return BROWSING_FALLBACK_PATTERNS.some((regex) => regex.test(trimmed));
+}
+module.exports = {
+  needsWebFallback,
+};

package/src/server.js ADDED Viewed

@@ -0,0 +1,73 @@
+const express = require("express");
+const config = require("./config");
+const loggingMiddleware = require("./api/middleware/logging");
+const router = require("./api/router");
+const { sessionMiddleware } = require("./api/middleware/session");
+const metrics = require("./metrics");
+const logger = require("./logger");
+const { initialiseMcp } = require("./mcp");
+const { registerStubTools } = require("./tools/stubs");
+const { registerWorkspaceTools } = require("./tools/workspace");
+const { registerExecutionTools } = require("./tools/execution");
+const { registerWebTools } = require("./tools/web");
+const { registerIndexerTools } = require("./tools/indexer");
+const { registerEditTools } = require("./tools/edits");
+const { registerGitTools } = require("./tools/git");
+const { registerTaskTools } = require("./tools/tasks");
+const { registerTestTools } = require("./tools/tests");
+const { registerMcpTools } = require("./tools/mcp");
+initialiseMcp();
+registerStubTools();
+registerWorkspaceTools();
+registerExecutionTools();
+registerWebTools();
+registerIndexerTools();
+registerEditTools();
+registerGitTools();
+registerTaskTools();
+registerTestTools();
+registerMcpTools();
+function createApp() {
+  const app = express();
+  app.use(express.json({ limit: config.server.jsonLimit }));
+  app.use(sessionMiddleware);
+  app.use(loggingMiddleware);
+  app.get("/metrics", (req, res) => {
+    res.json(metrics.snapshot());
+  });
+  app.use(router);
+  // Basic error handler to surface issues cleanly.
+  app.use((err, req, res, next) => {
+    logger.error({ err }, "Request error");
+    if (res.headersSent) {
+      return next(err);
+    }
+    const status = err.status ?? 500;
+    metrics.recordResponse(status);
+    res.status(status).json({
+      error: err.code ?? "internal_error",
+      message: err.message ?? "Unexpected error",
+    });
+  });
+  return app;
+}
+function start() {
+  const app = createApp();
+  app.listen(config.port, () => {
+    console.log(`Claude→Databricks proxy listening on http://localhost:${config.port}`);
+  });
+  return app;
+}
+module.exports = {
+  createApp,
+  start,
+};

package/src/sessions/index.js ADDED Viewed

@@ -0,0 +1,15 @@
+const {
+  getSession,
+  getOrCreateSession,
+  upsertSession,
+  appendSessionTurn,
+  deleteSession,
+} = require("./store");
+module.exports = {
+  getSession,
+  getOrCreateSession,
+  upsertSession,
+  appendSessionTurn,
+  deleteSession,
+};

package/src/sessions/record.js ADDED Viewed

@@ -0,0 +1,31 @@
+const { appendSessionTurn } = require("./store");
+function ensureSessionShape(session) {
+  if (!session) return null;
+  if (!Array.isArray(session.history)) {
+    session.history = [];
+  }
+  if (!session.createdAt) {
+    session.createdAt = Date.now();
+  }
+  return session;
+}
+function appendTurnToSession(session, entry) {
+  const target = ensureSessionShape(session);
+  if (!target) return null;
+  const turn = { ...entry, timestamp: Date.now() };
+  target.history.push(turn);
+  target.updatedAt = turn.timestamp;
+  if (target.id) {
+    appendSessionTurn(target.id, turn, target.metadata ?? {});
+  }
+  return turn;
+}
+module.exports = {
+  appendTurnToSession,
+};

package/src/sessions/store.js ADDED Viewed

@@ -0,0 +1,179 @@
+const db = require("../db");
+const logger = require("../logger");
+const selectSessionStmt = db.prepare(
+  "SELECT id, created_at, updated_at, metadata FROM sessions WHERE id = ?",
+);
+const selectHistoryStmt = db.prepare(
+  `SELECT role, type, status, content, metadata, timestamp
+   FROM session_history
+   WHERE session_id = ?
+   ORDER BY timestamp ASC, id ASC`,
+);
+const insertSessionStmt = db.prepare(
+  "INSERT INTO sessions (id, created_at, updated_at, metadata) VALUES (@id, @created_at, @updated_at, @metadata)",
+);
+const updateSessionStmt = db.prepare(
+  "UPDATE sessions SET updated_at = @updated_at, metadata = @metadata WHERE id = @id",
+);
+const updateSessionTimestampStmt = db.prepare(
+  "UPDATE sessions SET updated_at = @updated_at WHERE id = @id",
+);
+const deleteSessionStmt = db.prepare("DELETE FROM sessions WHERE id = ?");
+const deleteHistoryStmt = db.prepare("DELETE FROM session_history WHERE session_id = ?");
+const insertHistoryStmt = db.prepare(
+  `INSERT INTO session_history (session_id, role, type, status, content, metadata, timestamp)
+   VALUES (@session_id, @role, @type, @status, @content, @metadata, @timestamp)`,
+);
+function parseJSON(value, fallback) {
+  if (value === null || value === undefined) return fallback;
+  try {
+    return JSON.parse(value);
+  } catch (err) {
+    logger.warn({ err }, "Failed to parse JSON from session store");
+    return fallback;
+  }
+}
+function serialize(value) {
+  if (value === undefined) return null;
+  try {
+    return JSON.stringify(value);
+  } catch (err) {
+    logger.warn({ err }, "Failed to serialize JSON for session store");
+    return null;
+  }
+}
+function toSession(row, historyRows = []) {
+  return {
+    id: row.id,
+    createdAt: row.created_at,
+    updatedAt: row.updated_at,
+    metadata: parseJSON(row.metadata, {}) ?? {},
+    history: historyRows.map((item) => ({
+      role: item.role ?? undefined,
+      type: item.type ?? undefined,
+      status: item.status ?? undefined,
+      content: parseJSON(item.content, null),
+      metadata: parseJSON(item.metadata, null) ?? undefined,
+      timestamp: item.timestamp,
+    })),
+  };
+}
+function getSession(sessionId) {
+  if (!sessionId) return null;
+  const sessionRow = selectSessionStmt.get(sessionId);
+  if (!sessionRow) return null;
+  const historyRows = selectHistoryStmt.all(sessionId);
+  return toSession(sessionRow, historyRows);
+}
+function createSession(sessionId, metadata = {}) {
+  const now = Date.now();
+  insertSessionStmt.run({
+    id: sessionId,
+    created_at: now,
+    updated_at: now,
+    metadata: serialize(metadata) ?? "{}",
+  });
+  return {
+    id: sessionId,
+    createdAt: now,
+    updatedAt: now,
+    metadata: metadata ?? {},
+    history: [],
+  };
+}
+function getOrCreateSession(sessionId) {
+  const existing = getSession(sessionId);
+  if (existing) return existing;
+  try {
+    return createSession(sessionId);
+  } catch (err) {
+    if (err.code === "SQLITE_CONSTRAINT_PRIMARYKEY") {
+      return getSession(sessionId);
+    }
+    throw err;
+  }
+}
+function upsertSession(sessionId, data = {}) {
+  if (!sessionId) return null;
+  const metadata = data.metadata ?? {};
+  const updatedAt = data.updatedAt ?? Date.now();
+  const createdAt = data.createdAt ?? updatedAt;
+  const existing = selectSessionStmt.get(sessionId);
+  if (!existing) {
+    insertSessionStmt.run({
+      id: sessionId,
+      created_at: createdAt,
+      updated_at: updatedAt,
+      metadata: serialize(metadata) ?? "{}",
+    });
+  } else {
+    updateSessionStmt.run({
+      id: sessionId,
+      updated_at: updatedAt,
+      metadata: serialize(metadata) ?? "{}",
+    });
+  }
+  return getSession(sessionId);
+}
+function appendSessionTurn(sessionId, turn, metadata) {
+  if (!sessionId) return null;
+  const timestamp = turn.timestamp ?? Date.now();
+  const params = {
+    session_id: sessionId,
+    role: turn.role ?? null,
+    type: turn.type ?? null,
+    status: typeof turn.status === "number" ? turn.status : null,
+    content: serialize(turn.content),
+    metadata: serialize(turn.metadata),
+    timestamp,
+  };
+  logger.debug({ params }, "Inserting session history row");
+  insertHistoryStmt.run(params);
+  logger.debug({ sessionId, timestamp, metadata }, "Updating session metadata");
+  if (metadata !== undefined) {
+    updateSessionStmt.run({
+      id: sessionId,
+      updated_at: timestamp,
+      metadata: serialize(metadata) ?? "{}",
+    });
+  } else {
+    updateSessionTimestampStmt.run({
+      id: sessionId,
+      updated_at: timestamp,
+    });
+  }
+  return { ...turn, timestamp };
+}
+function deleteSession(sessionId) {
+  if (!sessionId) return;
+  const deleteHistory = db.transaction((id) => {
+    deleteHistoryStmt.run(id);
+    deleteSessionStmt.run(id);
+  });
+  deleteHistory(sessionId);
+}
+module.exports = {
+  getSession,
+  getOrCreateSession,
+  upsertSession,
+  appendSessionTurn,
+  deleteSession,
+};