monomind 1.11.13 → 1.12.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.claude/agents/generated/channel-intelligence-director.md +87 -0
- package/.claude/agents/generated/chief-growth-officer.md +88 -0
- package/.claude/agents/generated/content-seo-strategist.md +90 -0
- package/.claude/agents/generated/developer-community-strategist.md +91 -0
- package/.claude/agents/generated/outreach-partnership-strategist.md +90 -0
- package/.claude/agents/generated/social-media-strategist.md +91 -0
- package/.claude/agents/generated/video-visual-strategist.md +90 -0
- package/.claude/commands/mastermind/idea.md +1 -1
- package/.claude/helpers/auto-memory-hook.mjs +13 -4
- package/.claude/helpers/control-start.cjs +5 -0
- package/.claude/helpers/event-logger.cjs +114 -0
- package/.claude/helpers/handlers/adr-draft-handler.cjs +19 -5
- package/.claude/helpers/handlers/agent-start-handler.cjs +13 -4
- package/.claude/helpers/handlers/compact-handler.cjs +2 -0
- package/.claude/helpers/handlers/edit-handler.cjs +1 -1
- package/.claude/helpers/handlers/gates-handler.cjs +3 -0
- package/.claude/helpers/handlers/graph-status-handler.cjs +14 -8
- package/.claude/helpers/handlers/loops-status-handler.cjs +5 -2
- package/.claude/helpers/handlers/route-handler.cjs +13 -6
- package/.claude/helpers/handlers/session-handler.cjs +11 -4
- package/.claude/helpers/handlers/session-restore-handler.cjs +21 -11
- package/.claude/helpers/handlers/task-handler.cjs +13 -5
- package/.claude/helpers/intelligence.cjs +7 -2
- package/.claude/helpers/loop-tracker.cjs +15 -3
- package/.claude/helpers/memory.cjs +6 -1
- package/.claude/helpers/router.cjs +5 -2
- package/.claude/helpers/session.cjs +2 -0
- package/.claude/helpers/statusline.cjs +10 -2
- package/.claude/helpers/utils/micro-agents.cjs +20 -4
- package/.claude/scheduled_tasks.lock +1 -1
- package/.claude/settings.json +92 -1
- package/.claude/skills/mastermind/_protocol.md +23 -13
- package/.claude/skills/mastermind/architect.md +6 -9
- package/.claude/skills/mastermind/build.md +3 -3
- package/.claude/skills/mastermind/content.md +3 -3
- package/.claude/skills/mastermind/createorg.md +2 -2
- package/.claude/skills/mastermind/finance.md +3 -3
- package/.claude/skills/mastermind/idea.md +5 -3
- package/.claude/skills/mastermind/marketing.md +3 -3
- package/.claude/skills/mastermind/monitor.md +2 -2
- package/.claude/skills/mastermind/release.md +3 -3
- package/.claude/skills/mastermind/research.md +3 -3
- package/.claude/skills/mastermind/review.md +3 -3
- package/.claude/skills/mastermind/runorg.md +153 -86
- package/.claude/skills/mastermind/sales.md +3 -3
- package/README.md +286 -129
- package/package.json +19 -2
- package/packages/@monomind/cli/README.md +286 -129
- package/packages/@monomind/cli/bundled-graph/dist/src/build.js +73 -0
- package/packages/@monomind/cli/bundled-graph/dist/src/cluster.js +120 -0
- package/packages/@monomind/cli/bundled-graph/package.json +57 -0
- package/packages/@monomind/cli/dist/src/agents/halt-signal.d.ts +25 -0
- package/packages/@monomind/cli/dist/src/agents/halt-signal.js +76 -0
- package/packages/@monomind/cli/dist/src/agents/index.d.ts +18 -0
- package/packages/@monomind/cli/dist/src/agents/index.js +13 -0
- package/packages/@monomind/cli/dist/src/agents/managed-agent.d.ts +41 -0
- package/packages/@monomind/cli/dist/src/agents/managed-agent.js +69 -0
- package/packages/@monomind/cli/dist/src/agents/prompt-experiment.d.ts +23 -0
- package/packages/@monomind/cli/dist/src/agents/prompt-experiment.js +49 -0
- package/packages/@monomind/cli/dist/src/agents/prompt-version-manager.d.ts +22 -0
- package/packages/@monomind/cli/dist/src/agents/prompt-version-manager.js +80 -0
- package/packages/@monomind/cli/dist/src/agents/registry-builder.js +2 -0
- package/packages/@monomind/cli/dist/src/agents/registry-query.d.ts +71 -0
- package/packages/@monomind/cli/dist/src/agents/registry-query.js +125 -0
- package/packages/@monomind/cli/dist/src/agents/score-decay.d.ts +19 -0
- package/packages/@monomind/cli/dist/src/agents/score-decay.js +22 -0
- package/packages/@monomind/cli/dist/src/agents/shared-instructions-loader.d.ts +13 -0
- package/packages/@monomind/cli/dist/src/agents/shared-instructions-loader.js +40 -0
- package/packages/@monomind/cli/dist/src/agents/specialization-scorer.d.ts +54 -0
- package/packages/@monomind/cli/dist/src/agents/specialization-scorer.js +212 -0
- package/packages/@monomind/cli/dist/src/agents/termination-watcher.d.ts +30 -0
- package/packages/@monomind/cli/dist/src/agents/termination-watcher.js +84 -0
- package/packages/@monomind/cli/dist/src/agents/trigger-index.d.ts +20 -0
- package/packages/@monomind/cli/dist/src/agents/trigger-index.js +38 -0
- package/packages/@monomind/cli/dist/src/agents/trigger-scanner.d.ts +64 -0
- package/packages/@monomind/cli/dist/src/agents/trigger-scanner.js +308 -0
- package/packages/@monomind/cli/dist/src/agents/version-diff.d.ts +18 -0
- package/packages/@monomind/cli/dist/src/agents/version-diff.js +64 -0
- package/packages/@monomind/cli/dist/src/agents/version-store.d.ts +60 -0
- package/packages/@monomind/cli/dist/src/agents/version-store.js +235 -0
- package/packages/@monomind/cli/dist/src/autopilot-state.js +10 -5
- package/packages/@monomind/cli/dist/src/benchmarks/benchmark-runner.js +13 -0
- package/packages/@monomind/cli/dist/src/benchmarks/metric-evaluators.js +20 -9
- package/packages/@monomind/cli/dist/src/benchmarks/pretrain/index.d.ts +45 -0
- package/packages/@monomind/cli/dist/src/benchmarks/pretrain/index.js +404 -0
- package/packages/@monomind/cli/dist/src/browser/actions.js +10 -3
- package/packages/@monomind/cli/dist/src/browser/browser.js +12 -2
- package/packages/@monomind/cli/dist/src/browser/cdp.js +21 -3
- package/packages/@monomind/cli/dist/src/browser/har.js +27 -5
- package/packages/@monomind/cli/dist/src/commands/agent-wasm.d.ts +14 -0
- package/packages/@monomind/cli/dist/src/commands/agent-wasm.js +333 -0
- package/packages/@monomind/cli/dist/src/commands/agent.js +11 -8
- package/packages/@monomind/cli/dist/src/commands/analyze.js +36 -21
- package/packages/@monomind/cli/dist/src/commands/autopilot.js +12 -4
- package/packages/@monomind/cli/dist/src/commands/benchmark.js +51 -8
- package/packages/@monomind/cli/dist/src/commands/browse.js +5 -2
- package/packages/@monomind/cli/dist/src/commands/claims.js +29 -11
- package/packages/@monomind/cli/dist/src/commands/cleanup.js +25 -5
- package/packages/@monomind/cli/dist/src/commands/config.js +15 -7
- package/packages/@monomind/cli/dist/src/commands/daemon.js +6 -0
- package/packages/@monomind/cli/dist/src/commands/deployment.js +34 -19
- package/packages/@monomind/cli/dist/src/commands/doctor.js +151 -20
- package/packages/@monomind/cli/dist/src/commands/guidance.js +15 -2
- package/packages/@monomind/cli/dist/src/commands/hive-mind.js +37 -14
- package/packages/@monomind/cli/dist/src/commands/hooks.js +42 -25
- package/packages/@monomind/cli/dist/src/commands/init.js +9 -4
- package/packages/@monomind/cli/dist/src/commands/issues.js +29 -26
- package/packages/@monomind/cli/dist/src/commands/mcp.js +11 -5
- package/packages/@monomind/cli/dist/src/commands/memory.js +10 -0
- package/packages/@monomind/cli/dist/src/commands/migrate.js +5 -5
- package/packages/@monomind/cli/dist/src/commands/monograph.js +18 -5
- package/packages/@monomind/cli/dist/src/commands/monovector/backup.js +8 -2
- package/packages/@monomind/cli/dist/src/commands/monovector/benchmark.js +20 -7
- package/packages/@monomind/cli/dist/src/commands/monovector/import.js +15 -0
- package/packages/@monomind/cli/dist/src/commands/monovector/migrate.js +4 -1
- package/packages/@monomind/cli/dist/src/commands/monovector/optimize.js +11 -0
- package/packages/@monomind/cli/dist/src/commands/monovector/setup.js +11 -1
- package/packages/@monomind/cli/dist/src/commands/neural.js +1 -1
- package/packages/@monomind/cli/dist/src/commands/performance.js +20 -7
- package/packages/@monomind/cli/dist/src/commands/platforms.js +90 -8
- package/packages/@monomind/cli/dist/src/commands/plugins.js +12 -5
- package/packages/@monomind/cli/dist/src/commands/process.js +33 -10
- package/packages/@monomind/cli/dist/src/commands/progress.js +5 -3
- package/packages/@monomind/cli/dist/src/commands/providers.js +5 -5
- package/packages/@monomind/cli/dist/src/commands/replay.js +8 -2
- package/packages/@monomind/cli/dist/src/commands/route.js +27 -7
- package/packages/@monomind/cli/dist/src/commands/security.js +4 -0
- package/packages/@monomind/cli/dist/src/commands/session.js +12 -1
- package/packages/@monomind/cli/dist/src/commands/start.js +11 -4
- package/packages/@monomind/cli/dist/src/commands/status.js +7 -4
- package/packages/@monomind/cli/dist/src/commands/swarm.js +27 -13
- package/packages/@monomind/cli/dist/src/commands/task.js +26 -11
- package/packages/@monomind/cli/dist/src/commands/tokens.js +7 -2
- package/packages/@monomind/cli/dist/src/commands/transfer-store.js +36 -22
- package/packages/@monomind/cli/dist/src/commands/ui.js +68 -0
- package/packages/@monomind/cli/dist/src/commands/update.js +15 -3
- package/packages/@monomind/cli/dist/src/commands/workflow.js +39 -6
- package/packages/@monomind/cli/dist/src/consensus/audit-writer.js +18 -7
- package/packages/@monomind/cli/dist/src/consensus/index.d.ts +7 -0
- package/packages/@monomind/cli/dist/src/consensus/index.js +6 -0
- package/packages/@monomind/cli/dist/src/consensus/vote-signer.js +25 -8
- package/packages/@monomind/cli/dist/src/context/context-provider.d.ts +44 -0
- package/packages/@monomind/cli/dist/src/context/context-provider.js +25 -0
- package/packages/@monomind/cli/dist/src/context/git-state-provider.d.ts +12 -0
- package/packages/@monomind/cli/dist/src/context/git-state-provider.js +34 -0
- package/packages/@monomind/cli/dist/src/context/index.d.ts +12 -0
- package/packages/@monomind/cli/dist/src/context/index.js +12 -0
- package/packages/@monomind/cli/dist/src/context/project-conventions-provider.d.ts +15 -0
- package/packages/@monomind/cli/dist/src/context/project-conventions-provider.js +19 -0
- package/packages/@monomind/cli/dist/src/context/prompt-assembler.d.ts +26 -0
- package/packages/@monomind/cli/dist/src/context/prompt-assembler.js +93 -0
- package/packages/@monomind/cli/dist/src/context/task-history-provider.d.ts +24 -0
- package/packages/@monomind/cli/dist/src/context/task-history-provider.js +32 -0
- package/packages/@monomind/cli/dist/src/context/user-preferences-provider.d.ts +14 -0
- package/packages/@monomind/cli/dist/src/context/user-preferences-provider.js +27 -0
- package/packages/@monomind/cli/dist/src/dlq/dlq-reader.d.ts +31 -0
- package/packages/@monomind/cli/dist/src/dlq/dlq-reader.js +81 -0
- package/packages/@monomind/cli/dist/src/dlq/dlq-writer.d.ts +24 -0
- package/packages/@monomind/cli/dist/src/dlq/dlq-writer.js +65 -0
- package/packages/@monomind/cli/dist/src/dlq/index.d.ts +10 -0
- package/packages/@monomind/cli/dist/src/dlq/index.js +7 -0
- package/packages/@monomind/cli/dist/src/eval/dataset-manager.d.ts +33 -0
- package/packages/@monomind/cli/dist/src/eval/dataset-manager.js +107 -0
- package/packages/@monomind/cli/dist/src/eval/dataset-runner.d.ts +23 -0
- package/packages/@monomind/cli/dist/src/eval/dataset-runner.js +59 -0
- package/packages/@monomind/cli/dist/src/eval/index.d.ts +10 -0
- package/packages/@monomind/cli/dist/src/eval/index.js +7 -0
- package/packages/@monomind/cli/dist/src/eval/trace-collector.d.ts +40 -0
- package/packages/@monomind/cli/dist/src/eval/trace-collector.js +102 -0
- package/packages/@monomind/cli/dist/src/index.js +7 -3
- package/packages/@monomind/cli/dist/src/infrastructure/in-memory-repositories.d.ts +68 -0
- package/packages/@monomind/cli/dist/src/infrastructure/in-memory-repositories.js +264 -0
- package/packages/@monomind/cli/dist/src/init/executor.js +14 -11
- package/packages/@monomind/cli/dist/src/init/shared-instructions-generator.js +20 -4
- package/packages/@monomind/cli/dist/src/init/statusline-generator.js +33 -12
- package/packages/@monomind/cli/dist/src/interactive/interrupt.d.ts +22 -0
- package/packages/@monomind/cli/dist/src/interactive/interrupt.js +71 -0
- package/packages/@monomind/cli/dist/src/mcp/deprecation-injector.d.ts +25 -0
- package/packages/@monomind/cli/dist/src/mcp/deprecation-injector.js +48 -0
- package/packages/@monomind/cli/dist/src/mcp/tool-registry.d.ts +61 -0
- package/packages/@monomind/cli/dist/src/mcp/tool-registry.js +246 -0
- package/packages/@monomind/cli/dist/src/mcp-tools/a2a-tools.js +98 -13
- package/packages/@monomind/cli/dist/src/mcp-tools/agent-tools.js +16 -3
- package/packages/@monomind/cli/dist/src/mcp-tools/analyze-tools.js +80 -17
- package/packages/@monomind/cli/dist/src/mcp-tools/browser-tools.js +84 -22
- package/packages/@monomind/cli/dist/src/mcp-tools/claims-tools.js +35 -7
- package/packages/@monomind/cli/dist/src/mcp-tools/config-tools.js +82 -17
- package/packages/@monomind/cli/dist/src/mcp-tools/coordination-tools.js +37 -4
- package/packages/@monomind/cli/dist/src/mcp-tools/daa-tools.js +49 -7
- package/packages/@monomind/cli/dist/src/mcp-tools/embeddings-tools.js +45 -18
- package/packages/@monomind/cli/dist/src/mcp-tools/github-tools.js +75 -25
- package/packages/@monomind/cli/dist/src/mcp-tools/guidance-tools.js +32 -10
- package/packages/@monomind/cli/dist/src/mcp-tools/hive-mind-tools.js +91 -20
- package/packages/@monomind/cli/dist/src/mcp-tools/hooks-tools.js +188 -29
- package/packages/@monomind/cli/dist/src/mcp-tools/memory-tools.js +25 -7
- package/packages/@monomind/cli/dist/src/mcp-tools/monograph-compat.js +11 -2
- package/packages/@monomind/cli/dist/src/mcp-tools/monograph-tools.js +148 -26
- package/packages/@monomind/cli/dist/src/mcp-tools/neural-tools.js +44 -9
- package/packages/@monomind/cli/dist/src/mcp-tools/performance-tools.js +45 -10
- package/packages/@monomind/cli/dist/src/mcp-tools/progress-tools.js +7 -4
- package/packages/@monomind/cli/dist/src/mcp-tools/request-tracker.js +15 -1
- package/packages/@monomind/cli/dist/src/mcp-tools/security-tools.js +61 -9
- package/packages/@monomind/cli/dist/src/mcp-tools/session-tools.js +45 -14
- package/packages/@monomind/cli/dist/src/mcp-tools/swarm-tools.js +15 -3
- package/packages/@monomind/cli/dist/src/mcp-tools/system-tools.js +14 -7
- package/packages/@monomind/cli/dist/src/mcp-tools/task-tools.js +52 -10
- package/packages/@monomind/cli/dist/src/mcp-tools/terminal-tools.js +40 -6
- package/packages/@monomind/cli/dist/src/mcp-tools/transfer-tools.js +37 -4
- package/packages/@monomind/cli/dist/src/mcp-tools/wasm-agent-tools.d.ts +9 -0
- package/packages/@monomind/cli/dist/src/mcp-tools/wasm-agent-tools.js +230 -0
- package/packages/@monomind/cli/dist/src/mcp-tools/workflow-tools.js +29 -6
- package/packages/@monomind/cli/dist/src/memory/ewc-consolidation.js +26 -10
- package/packages/@monomind/cli/dist/src/memory/intelligence.js +80 -19
- package/packages/@monomind/cli/dist/src/memory/memory-bridge.js +21 -2
- package/packages/@monomind/cli/dist/src/memory/memory-initializer.js +67 -3
- package/packages/@monomind/cli/dist/src/memory/sona-optimizer.js +14 -4
- package/packages/@monomind/cli/dist/src/model/complexity-scorer.d.ts +21 -0
- package/packages/@monomind/cli/dist/src/model/complexity-scorer.js +106 -0
- package/packages/@monomind/cli/dist/src/model/index.d.ts +4 -0
- package/packages/@monomind/cli/dist/src/model/index.js +4 -0
- package/packages/@monomind/cli/dist/src/model/model-settings.d.ts +22 -0
- package/packages/@monomind/cli/dist/src/model/model-settings.js +33 -0
- package/packages/@monomind/cli/dist/src/model/model-tier-resolver.d.ts +24 -0
- package/packages/@monomind/cli/dist/src/model/model-tier-resolver.js +65 -0
- package/packages/@monomind/cli/dist/src/monovector/capabilities.d.ts +34 -0
- package/packages/@monomind/cli/dist/src/monovector/capabilities.js +37 -0
- package/packages/@monomind/cli/dist/src/monovector/command-outcomes.js +43 -7
- package/packages/@monomind/cli/dist/src/monovector/coverage-router.js +8 -4
- package/packages/@monomind/cli/dist/src/monovector/coverage-tools.js +6 -3
- package/packages/@monomind/cli/dist/src/monovector/diff-classifier.js +13 -0
- package/packages/@monomind/cli/dist/src/monovector/route-outcomes.d.ts +2 -1
- package/packages/@monomind/cli/dist/src/monovector/route-outcomes.js +46 -4
- package/packages/@monomind/cli/dist/src/observability/replay-reader.d.ts +1 -1
- package/packages/@monomind/cli/dist/src/orchestration/index.d.ts +7 -0
- package/packages/@monomind/cli/dist/src/orchestration/index.js +6 -0
- package/packages/@monomind/cli/dist/src/orchestration/mode-dispatcher.d.ts +11 -0
- package/packages/@monomind/cli/dist/src/orchestration/mode-dispatcher.js +31 -0
- package/packages/@monomind/cli/dist/src/orchestration/routing-modes.d.ts +68 -0
- package/packages/@monomind/cli/dist/src/orchestration/routing-modes.js +180 -0
- package/packages/@monomind/cli/dist/src/plugins/manager.js +8 -3
- package/packages/@monomind/cli/dist/src/plugins/store/discovery.js +46 -2
- package/packages/@monomind/cli/dist/src/plugins/store/search.js +5 -4
- package/packages/@monomind/cli/dist/src/plugins/tests/demo-plugin-store.d.ts +7 -0
- package/packages/@monomind/cli/dist/src/plugins/tests/demo-plugin-store.js +126 -0
- package/packages/@monomind/cli/dist/src/plugins/tests/standalone-test.d.ts +12 -0
- package/packages/@monomind/cli/dist/src/plugins/tests/standalone-test.js +188 -0
- package/packages/@monomind/cli/dist/src/plugins/tests/test-plugin-store.d.ts +7 -0
- package/packages/@monomind/cli/dist/src/plugins/tests/test-plugin-store.js +206 -0
- package/packages/@monomind/cli/dist/src/production/circuit-breaker.js +17 -3
- package/packages/@monomind/cli/dist/src/production/error-handler.js +3 -0
- package/packages/@monomind/cli/dist/src/production/monitoring.js +20 -3
- package/packages/@monomind/cli/dist/src/production/rate-limiter.js +13 -4
- package/packages/@monomind/cli/dist/src/production/retry.js +17 -9
- package/packages/@monomind/cli/dist/src/routing/embed-worker.js +6 -2
- package/packages/@monomind/cli/dist/src/routing/embedder.js +0 -0
- package/packages/@monomind/cli/dist/src/routing/llm-caller.js +13 -2
- package/packages/@monomind/cli/dist/src/routing/route-layer-factory.js +18 -3
- package/packages/@monomind/cli/dist/src/runtime/headless.d.ts +60 -0
- package/packages/@monomind/cli/dist/src/runtime/headless.js +284 -0
- package/packages/@monomind/cli/dist/src/services/agentic-flow-bridge.d.ts +50 -0
- package/packages/@monomind/cli/dist/src/services/agentic-flow-bridge.js +95 -0
- package/packages/@monomind/cli/dist/src/services/claim-service.d.ts +1 -0
- package/packages/@monomind/cli/dist/src/services/claim-service.js +8 -0
- package/packages/@monomind/cli/dist/src/services/config-file-manager.js +14 -2
- package/packages/@monomind/cli/dist/src/services/container-worker-pool.d.ts +197 -0
- package/packages/@monomind/cli/dist/src/services/container-worker-pool.js +623 -0
- package/packages/@monomind/cli/dist/src/services/headless-worker-executor.js +18 -2
- package/packages/@monomind/cli/dist/src/services/index.d.ts +13 -0
- package/packages/@monomind/cli/dist/src/services/index.js +11 -0
- package/packages/@monomind/cli/dist/src/services/worker-daemon.js +53 -12
- package/packages/@monomind/cli/dist/src/services/worker-queue.d.ts +201 -0
- package/packages/@monomind/cli/dist/src/services/worker-queue.js +594 -0
- package/packages/@monomind/cli/dist/src/swarm/communication-graph.d.ts +25 -0
- package/packages/@monomind/cli/dist/src/swarm/communication-graph.js +77 -0
- package/packages/@monomind/cli/dist/src/swarm/flow-enforcer.d.ts +31 -0
- package/packages/@monomind/cli/dist/src/swarm/flow-enforcer.js +61 -0
- package/packages/@monomind/cli/dist/src/swarm/flow-visualizer.d.ts +19 -0
- package/packages/@monomind/cli/dist/src/swarm/flow-visualizer.js +68 -0
- package/packages/@monomind/cli/dist/src/transfer/anonymization/index.d.ts +0 -3
- package/packages/@monomind/cli/dist/src/transfer/anonymization/index.js +16 -1
- package/packages/@monomind/cli/dist/src/transfer/deploy-seraphine.d.ts +13 -0
- package/packages/@monomind/cli/dist/src/transfer/deploy-seraphine.js +205 -0
- package/packages/@monomind/cli/dist/src/transfer/export.js +8 -0
- package/packages/@monomind/cli/dist/src/transfer/ipfs/upload.js +33 -3
- package/packages/@monomind/cli/dist/src/transfer/serialization/cfp.js +9 -3
- package/packages/@monomind/cli/dist/src/transfer/storage/gcs.js +37 -3
- package/packages/@monomind/cli/dist/src/transfer/store/discovery.js +45 -3
- package/packages/@monomind/cli/dist/src/transfer/store/download.js +5 -0
- package/packages/@monomind/cli/dist/src/transfer/store/publish.js +13 -1
- package/packages/@monomind/cli/dist/src/transfer/store/registry.d.ts +8 -0
- package/packages/@monomind/cli/dist/src/transfer/store/registry.js +30 -5
- package/packages/@monomind/cli/dist/src/transfer/store/search.js +20 -5
- package/packages/@monomind/cli/dist/src/transfer/store/tests/standalone-test.d.ts +12 -0
- package/packages/@monomind/cli/dist/src/transfer/store/tests/standalone-test.js +190 -0
- package/packages/@monomind/cli/dist/src/transfer/test-seraphine.d.ts +6 -0
- package/packages/@monomind/cli/dist/src/transfer/test-seraphine.js +105 -0
- package/packages/@monomind/cli/dist/src/transfer/tests/test-store.d.ts +7 -0
- package/packages/@monomind/cli/dist/src/transfer/tests/test-store.js +214 -0
- package/packages/@monomind/cli/dist/src/update/checker.js +59 -7
- package/packages/@monomind/cli/dist/src/update/executor.js +50 -3
- package/packages/@monomind/cli/dist/src/update/index.js +18 -1
- package/packages/@monomind/cli/dist/src/update/rate-limiter.d.ts +6 -0
- package/packages/@monomind/cli/dist/src/update/rate-limiter.js +79 -7
- package/packages/@monomind/cli/dist/src/update/validator.js +52 -1
- package/packages/@monomind/cli/dist/src/workflow/condition-evaluator.d.ts +10 -0
- package/packages/@monomind/cli/dist/src/workflow/condition-evaluator.js +82 -0
- package/packages/@monomind/cli/dist/src/workflow/context-resolver.d.ts +12 -0
- package/packages/@monomind/cli/dist/src/workflow/context-resolver.js +23 -0
- package/packages/@monomind/cli/dist/src/workflow/dag-builder.d.ts +17 -0
- package/packages/@monomind/cli/dist/src/workflow/dag-builder.js +129 -0
- package/packages/@monomind/cli/dist/src/workflow/dag-executor.d.ts +9 -0
- package/packages/@monomind/cli/dist/src/workflow/dag-executor.js +116 -0
- package/packages/@monomind/cli/dist/src/workflow/dag-types.d.ts +41 -0
- package/packages/@monomind/cli/dist/src/workflow/dag-types.js +8 -0
- package/packages/@monomind/cli/dist/src/workflow/dsl-parser.d.ts +12 -0
- package/packages/@monomind/cli/dist/src/workflow/dsl-parser.js +20 -0
- package/packages/@monomind/cli/dist/src/workflow/dsl-schema.d.ts +165 -0
- package/packages/@monomind/cli/dist/src/workflow/dsl-schema.js +82 -0
- package/packages/@monomind/cli/dist/src/workflow/index.d.ts +13 -0
- package/packages/@monomind/cli/dist/src/workflow/index.js +11 -0
- package/packages/@monomind/cli/dist/src/workflow/template-engine.d.ts +11 -0
- package/packages/@monomind/cli/dist/src/workflow/template-engine.js +40 -0
- package/packages/@monomind/cli/dist/src/workflow/workflow-executor.d.ts +29 -0
- package/packages/@monomind/cli/dist/src/workflow/workflow-executor.js +227 -0
- package/packages/@monomind/cli/package.json +9 -10
- package/packages/@monomind/guidance/dist/adversarial.d.ts +284 -0
- package/packages/@monomind/guidance/dist/adversarial.js +572 -0
- package/packages/@monomind/guidance/dist/analyzer.d.ts +530 -0
- package/packages/@monomind/guidance/dist/analyzer.js +2518 -0
- package/packages/@monomind/guidance/dist/artifacts.d.ts +283 -0
- package/packages/@monomind/guidance/dist/artifacts.js +356 -0
- package/packages/@monomind/guidance/dist/authority.d.ts +290 -0
- package/packages/@monomind/guidance/dist/authority.js +558 -0
- package/packages/@monomind/guidance/dist/capabilities.d.ts +209 -0
- package/packages/@monomind/guidance/dist/capabilities.js +485 -0
- package/packages/@monomind/guidance/dist/coherence.d.ts +233 -0
- package/packages/@monomind/guidance/dist/coherence.js +372 -0
- package/packages/@monomind/guidance/dist/compiler.d.ts +87 -0
- package/packages/@monomind/guidance/dist/compiler.js +419 -0
- package/packages/@monomind/guidance/dist/conformance-kit.d.ts +225 -0
- package/packages/@monomind/guidance/dist/conformance-kit.js +629 -0
- package/packages/@monomind/guidance/dist/continue-gate.d.ts +214 -0
- package/packages/@monomind/guidance/dist/continue-gate.js +353 -0
- package/packages/@monomind/guidance/dist/crypto-utils.d.ts +17 -0
- package/packages/@monomind/guidance/dist/crypto-utils.js +24 -0
- package/packages/@monomind/guidance/dist/evolution.d.ts +282 -0
- package/packages/@monomind/guidance/dist/evolution.js +500 -0
- package/packages/@monomind/guidance/dist/gates.d.ts +79 -0
- package/packages/@monomind/guidance/dist/gates.js +302 -0
- package/packages/@monomind/guidance/dist/gateway.d.ts +206 -0
- package/packages/@monomind/guidance/dist/gateway.js +452 -0
- package/packages/@monomind/guidance/dist/generators.d.ts +153 -0
- package/packages/@monomind/guidance/dist/generators.js +682 -0
- package/packages/@monomind/guidance/dist/headless.d.ts +177 -0
- package/packages/@monomind/guidance/dist/headless.js +342 -0
- package/packages/@monomind/guidance/dist/hooks.d.ts +109 -0
- package/packages/@monomind/guidance/dist/hooks.js +347 -0
- package/packages/@monomind/guidance/dist/index.d.ts +205 -0
- package/packages/@monomind/guidance/dist/index.js +321 -0
- package/packages/@monomind/guidance/dist/ledger.d.ts +162 -0
- package/packages/@monomind/guidance/dist/ledger.js +375 -0
- package/packages/@monomind/guidance/dist/manifest-validator.d.ts +289 -0
- package/packages/@monomind/guidance/dist/manifest-validator.js +838 -0
- package/packages/@monomind/guidance/dist/memory-gate.d.ts +222 -0
- package/packages/@monomind/guidance/dist/memory-gate.js +382 -0
- package/packages/@monomind/guidance/dist/meta-governance.d.ts +265 -0
- package/packages/@monomind/guidance/dist/meta-governance.js +348 -0
- package/packages/@monomind/guidance/dist/optimizer.d.ts +104 -0
- package/packages/@monomind/guidance/dist/optimizer.js +329 -0
- package/packages/@monomind/guidance/dist/persistence.d.ts +189 -0
- package/packages/@monomind/guidance/dist/persistence.js +464 -0
- package/packages/@monomind/guidance/dist/proof.d.ts +185 -0
- package/packages/@monomind/guidance/dist/proof.js +238 -0
- package/packages/@monomind/guidance/dist/retriever.d.ts +116 -0
- package/packages/@monomind/guidance/dist/retriever.js +394 -0
- package/packages/@monomind/guidance/dist/ruvbot-integration.d.ts +370 -0
- package/packages/@monomind/guidance/dist/ruvbot-integration.js +738 -0
- package/packages/@monomind/guidance/dist/temporal.d.ts +426 -0
- package/packages/@monomind/guidance/dist/temporal.js +658 -0
- package/packages/@monomind/guidance/dist/trust.d.ts +283 -0
- package/packages/@monomind/guidance/dist/trust.js +473 -0
- package/packages/@monomind/guidance/dist/truth-anchors.d.ts +276 -0
- package/packages/@monomind/guidance/dist/truth-anchors.js +488 -0
- package/packages/@monomind/guidance/dist/types.d.ts +378 -0
- package/packages/@monomind/guidance/dist/types.js +10 -0
- package/packages/@monomind/guidance/dist/uncertainty.d.ts +372 -0
- package/packages/@monomind/guidance/dist/uncertainty.js +619 -0
- package/packages/@monomind/guidance/dist/wasm-kernel.d.ts +48 -0
- package/packages/@monomind/guidance/dist/wasm-kernel.js +158 -0
|
@@ -7,6 +7,11 @@
|
|
|
7
7
|
import { output } from '../output.js';
|
|
8
8
|
import { existsSync, readFileSync, statSync } from 'fs';
|
|
9
9
|
import { join, dirname } from 'path';
|
|
10
|
+
const MAX_DOCTOR_PKG_BYTES = 1024 * 1024; // 1 MB — package.json / settings.json
|
|
11
|
+
const MAX_DOCTOR_CONFIG_BYTES = 10 * 1024 * 1024; // 10 MB — monomind.config.json / MCP configs
|
|
12
|
+
const MAX_DOCTOR_GITIGNORE_BYTES = 512 * 1024; // 512 KB — .gitignore
|
|
13
|
+
const MAX_DOCTOR_PID_BYTES = 64; // 64 bytes — daemon PID file
|
|
14
|
+
const MAX_DOCTOR_HELPER_BYTES = 2 * 1024 * 1024; // 2 MB — hook helper .cjs bundles
|
|
10
15
|
import { fileURLToPath } from 'url';
|
|
11
16
|
import { execSync, exec } from 'child_process';
|
|
12
17
|
import { homedir } from 'os';
|
|
@@ -67,7 +72,7 @@ async function checkConfigFile() {
|
|
|
67
72
|
'.monomind.json'
|
|
68
73
|
];
|
|
69
74
|
for (const configPath of jsonPaths) {
|
|
70
|
-
if (existsSync(configPath)) {
|
|
75
|
+
if (existsSync(configPath) && statSync(configPath).size <= MAX_DOCTOR_CONFIG_BYTES) {
|
|
71
76
|
try {
|
|
72
77
|
const content = readFileSync(configPath, 'utf8');
|
|
73
78
|
JSON.parse(content);
|
|
@@ -95,7 +100,7 @@ async function checkConfigFile() {
|
|
|
95
100
|
async function checkDaemonStatus() {
|
|
96
101
|
try {
|
|
97
102
|
const pidFile = '.monomind/daemon.pid';
|
|
98
|
-
if (existsSync(pidFile)) {
|
|
103
|
+
if (existsSync(pidFile) && statSync(pidFile).size <= MAX_DOCTOR_PID_BYTES) {
|
|
99
104
|
const pid = readFileSync(pidFile, 'utf8').trim();
|
|
100
105
|
try {
|
|
101
106
|
process.kill(parseInt(pid, 10), 0); // Check if process exists
|
|
@@ -184,7 +189,7 @@ async function checkMcpServers() {
|
|
|
184
189
|
'.mcp.json'
|
|
185
190
|
];
|
|
186
191
|
for (const configPath of mcpConfigPaths) {
|
|
187
|
-
if (existsSync(configPath)) {
|
|
192
|
+
if (existsSync(configPath) && statSync(configPath).size <= MAX_DOCTOR_CONFIG_BYTES) {
|
|
188
193
|
try {
|
|
189
194
|
const content = JSON.parse(readFileSync(configPath, 'utf8'));
|
|
190
195
|
const servers = content.mcpServers || content.servers || {};
|
|
@@ -202,7 +207,7 @@ async function checkMcpServers() {
|
|
|
202
207
|
}
|
|
203
208
|
}
|
|
204
209
|
}
|
|
205
|
-
return { name: 'MCP Servers', status: 'warn', message: 'No MCP config found', fix: 'claude mcp add monomind npx
|
|
210
|
+
return { name: 'MCP Servers', status: 'warn', message: 'No MCP config found', fix: 'claude mcp add monomind -- npx -y monomind@latest mcp start' };
|
|
206
211
|
}
|
|
207
212
|
// Check disk space (async with proper env inheritance)
|
|
208
213
|
async function checkDiskSpace() {
|
|
@@ -260,11 +265,11 @@ async function checkVersionFreshness() {
|
|
|
260
265
|
for (;;) {
|
|
261
266
|
const candidate = join(dir, 'package.json');
|
|
262
267
|
try {
|
|
263
|
-
if (existsSync(candidate)) {
|
|
268
|
+
if (existsSync(candidate) && statSync(candidate).size <= MAX_DOCTOR_PKG_BYTES) {
|
|
264
269
|
const pkg = JSON.parse(readFileSync(candidate, 'utf8'));
|
|
265
270
|
if (pkg.version &&
|
|
266
271
|
typeof pkg.name === 'string' &&
|
|
267
|
-
(pkg.name === '@monomind/cli' || pkg.name === 'monomind')) {
|
|
272
|
+
(pkg.name === '@monomind/cli' || pkg.name === 'monomind' || pkg.name === '@monoes/monomindcli')) {
|
|
268
273
|
currentVersion = pkg.version;
|
|
269
274
|
break;
|
|
270
275
|
}
|
|
@@ -287,10 +292,10 @@ async function checkVersionFreshness() {
|
|
|
287
292
|
const isNpx = process.argv[1]?.includes('_npx') ||
|
|
288
293
|
process.env.npm_execpath?.includes('npx') ||
|
|
289
294
|
process.cwd().includes('_npx');
|
|
290
|
-
// Query npm for latest version
|
|
295
|
+
// Query npm for latest version of the published umbrella package
|
|
291
296
|
let latestVersion = currentVersion;
|
|
292
297
|
try {
|
|
293
|
-
const npmInfo = await runCommand('npm view
|
|
298
|
+
const npmInfo = await runCommand('npm view monomind version', 5000);
|
|
294
299
|
latestVersion = npmInfo.trim();
|
|
295
300
|
}
|
|
296
301
|
catch {
|
|
@@ -322,8 +327,8 @@ async function checkVersionFreshness() {
|
|
|
322
327
|
(latest.major === current.major && latest.minor === current.minor && latest.patch === current.patch && latest.prerelease > current.prerelease));
|
|
323
328
|
if (isOutdated) {
|
|
324
329
|
const fix = isNpx
|
|
325
|
-
? 'rm -rf ~/.npm/_npx/* && npx -y
|
|
326
|
-
: 'npm update
|
|
330
|
+
? 'rm -rf ~/.npm/_npx/* && npx -y monomind@latest doctor'
|
|
331
|
+
: 'npm update -g monomind';
|
|
327
332
|
return {
|
|
328
333
|
name: 'Version Freshness',
|
|
329
334
|
status: 'warn',
|
|
@@ -387,18 +392,39 @@ async function installClaudeCode() {
|
|
|
387
392
|
async function checkMonograph() {
|
|
388
393
|
try {
|
|
389
394
|
const __filename = fileURLToPath(import.meta.url);
|
|
395
|
+
const _base = dirname(__filename);
|
|
396
|
+
let _globalRoot = '';
|
|
397
|
+
try {
|
|
398
|
+
_globalRoot = execSync('npm root -g', { encoding: 'utf8', timeout: 3000 }).trim();
|
|
399
|
+
}
|
|
400
|
+
catch { /* no npm */ }
|
|
390
401
|
const candidates = [
|
|
391
|
-
|
|
392
|
-
join(
|
|
402
|
+
// local dev monorepo paths (both old @monomind and published @monoes scope)
|
|
403
|
+
join(_base, '..', '..', 'node_modules', '@monomind', 'monograph', 'package.json'),
|
|
404
|
+
join(_base, '..', '..', '..', '..', 'node_modules', '@monomind', 'monograph', 'package.json'),
|
|
405
|
+
join(_base, '..', '..', 'node_modules', '@monoes', 'monograph', 'package.json'),
|
|
406
|
+
join(_base, '..', '..', '..', '..', 'node_modules', '@monoes', 'monograph', 'package.json'),
|
|
407
|
+
// global install paths
|
|
408
|
+
...(_globalRoot ? [
|
|
409
|
+
join(_globalRoot, '@monomind', 'monograph', 'package.json'),
|
|
410
|
+
join(_globalRoot, '@monoes', 'monograph', 'package.json'),
|
|
411
|
+
] : []),
|
|
393
412
|
];
|
|
394
|
-
|
|
395
|
-
|
|
413
|
+
const found = candidates.find(p => existsSync(p) && statSync(p).size <= MAX_DOCTOR_PKG_BYTES);
|
|
414
|
+
if (found) {
|
|
415
|
+
try {
|
|
416
|
+
const pkg = JSON.parse(readFileSync(found, 'utf-8'));
|
|
417
|
+
return { name: 'Monograph', status: 'pass', message: `v${pkg.version || '?'} available (knowledge graph engine)` };
|
|
418
|
+
}
|
|
419
|
+
catch {
|
|
420
|
+
return { name: 'Monograph', status: 'pass', message: 'available (knowledge graph engine)' };
|
|
421
|
+
}
|
|
396
422
|
}
|
|
397
423
|
return {
|
|
398
424
|
name: 'Monograph',
|
|
399
425
|
status: 'warn',
|
|
400
426
|
message: 'Package not found (knowledge graph disabled)',
|
|
401
|
-
fix: 'npm install
|
|
427
|
+
fix: 'npm install -g monomind@latest # reinstall to get @monoes/monograph'
|
|
402
428
|
};
|
|
403
429
|
}
|
|
404
430
|
catch {
|
|
@@ -406,9 +432,45 @@ async function checkMonograph() {
|
|
|
406
432
|
name: 'Monograph',
|
|
407
433
|
status: 'warn',
|
|
408
434
|
message: 'Package check failed (knowledge graph may be unavailable)',
|
|
409
|
-
fix: 'npm install
|
|
435
|
+
fix: 'npm install -g monomind@latest'
|
|
436
|
+
};
|
|
437
|
+
}
|
|
438
|
+
}
|
|
439
|
+
// Check @monoes/memory (optional HNSW vector search package)
|
|
440
|
+
async function checkMonoesMemory() {
|
|
441
|
+
try {
|
|
442
|
+
const __filename = fileURLToPath(import.meta.url);
|
|
443
|
+
const _base = dirname(__filename);
|
|
444
|
+
let _globalRoot = '';
|
|
445
|
+
try {
|
|
446
|
+
_globalRoot = execSync('npm root -g', { encoding: 'utf8', timeout: 3000 }).trim();
|
|
447
|
+
}
|
|
448
|
+
catch { /* no npm */ }
|
|
449
|
+
const candidates = [
|
|
450
|
+
join(_base, '..', '..', 'node_modules', '@monoes', 'memory', 'package.json'),
|
|
451
|
+
join(_base, '..', '..', '..', '..', 'node_modules', '@monoes', 'memory', 'package.json'),
|
|
452
|
+
...(_globalRoot ? [join(_globalRoot, '@monoes', 'memory', 'package.json')] : []),
|
|
453
|
+
];
|
|
454
|
+
const found = candidates.find(p => existsSync(p) && statSync(p).size <= MAX_DOCTOR_PKG_BYTES);
|
|
455
|
+
if (found) {
|
|
456
|
+
try {
|
|
457
|
+
const pkg = JSON.parse(readFileSync(found, 'utf-8'));
|
|
458
|
+
return { name: 'Vector Memory', status: 'pass', message: `@monoes/memory v${pkg.version || '?'} (HNSW search enabled)` };
|
|
459
|
+
}
|
|
460
|
+
catch {
|
|
461
|
+
return { name: 'Vector Memory', status: 'pass', message: '@monoes/memory available (HNSW search enabled)' };
|
|
462
|
+
}
|
|
463
|
+
}
|
|
464
|
+
return {
|
|
465
|
+
name: 'Vector Memory',
|
|
466
|
+
status: 'warn',
|
|
467
|
+
message: '@monoes/memory not installed (vector search disabled — using fallback)',
|
|
468
|
+
fix: 'npm install @monoes/memory'
|
|
410
469
|
};
|
|
411
470
|
}
|
|
471
|
+
catch {
|
|
472
|
+
return { name: 'Vector Memory', status: 'warn', message: 'Vector memory check failed' };
|
|
473
|
+
}
|
|
412
474
|
}
|
|
413
475
|
// Check agentic-flow v1 integration (filesystem-based to avoid slow WASM/DB init)
|
|
414
476
|
// Resolve the path to the bundled (npm-installed) copy of a helper file.
|
|
@@ -420,10 +482,10 @@ function _resolveBundledHelper(relativePath) {
|
|
|
420
482
|
let dir = dirname(thisFile);
|
|
421
483
|
for (;;) {
|
|
422
484
|
const candidate = join(dir, 'package.json');
|
|
423
|
-
if (existsSync(candidate)) {
|
|
485
|
+
if (existsSync(candidate) && statSync(candidate).size <= MAX_DOCTOR_PKG_BYTES) {
|
|
424
486
|
try {
|
|
425
487
|
const pkg = JSON.parse(readFileSync(candidate, 'utf8'));
|
|
426
|
-
if (pkg.name === '@monomind/cli' || pkg.name === 'monomind') {
|
|
488
|
+
if (pkg.name === '@monomind/cli' || pkg.name === 'monomind' || pkg.name === '@monoes/monomindcli') {
|
|
427
489
|
const helperPath = join(dir, relativePath);
|
|
428
490
|
return existsSync(helperPath) ? helperPath : null;
|
|
429
491
|
}
|
|
@@ -451,11 +513,15 @@ async function _detectStaleHelpers() {
|
|
|
451
513
|
const local = join(process.cwd(), '.claude', 'helpers', name);
|
|
452
514
|
if (!existsSync(local))
|
|
453
515
|
continue;
|
|
516
|
+
if (statSync(local).size > MAX_DOCTOR_HELPER_BYTES)
|
|
517
|
+
continue; // skip oversized helper
|
|
454
518
|
const bundled = _resolveBundledHelper(join('.claude', 'helpers', name));
|
|
455
519
|
if (!bundled) {
|
|
456
520
|
missing.push(name);
|
|
457
521
|
continue;
|
|
458
522
|
}
|
|
523
|
+
if (statSync(bundled).size > MAX_DOCTOR_HELPER_BYTES)
|
|
524
|
+
continue; // skip oversized bundled
|
|
459
525
|
try {
|
|
460
526
|
const hashLocal = crypto.createHash('sha256').update(readFileSync(local)).digest('hex');
|
|
461
527
|
const hashBundled = crypto.createHash('sha256').update(readFileSync(bundled)).digest('hex');
|
|
@@ -513,6 +579,9 @@ async function checkAgenticFlow() {
|
|
|
513
579
|
fix: 'npm install agentic-flow@latest'
|
|
514
580
|
};
|
|
515
581
|
}
|
|
582
|
+
if (statSync(pkgJsonPath).size > MAX_DOCTOR_PKG_BYTES) {
|
|
583
|
+
return { name: 'agentic-flow', status: 'warn', message: 'package.json too large to parse' };
|
|
584
|
+
}
|
|
516
585
|
const pkg = JSON.parse(readFileSync(pkgJsonPath, 'utf-8'));
|
|
517
586
|
const version = pkg.version || 'unknown';
|
|
518
587
|
const exports = pkg.exports || {};
|
|
@@ -524,7 +593,7 @@ async function checkAgenticFlow() {
|
|
|
524
593
|
return {
|
|
525
594
|
name: 'agentic-flow',
|
|
526
595
|
status: 'pass',
|
|
527
|
-
message: `v${version}
|
|
596
|
+
message: `v${version}${features.length ? ' (' + features.join(', ') + ')' : ' (installed)'}`
|
|
528
597
|
};
|
|
529
598
|
}
|
|
530
599
|
catch {
|
|
@@ -579,6 +648,61 @@ async function checkMonoesIntegration() {
|
|
|
579
648
|
};
|
|
580
649
|
}
|
|
581
650
|
}
|
|
651
|
+
// Patterns that must be covered by .gitignore to prevent leaking session data / machine paths.
|
|
652
|
+
// Uses the surgical approach: ignore specific sensitive subdirs and file globs inside .monomind/
|
|
653
|
+
// rather than the entire directory, so safe content (orgs/, test-fixtures/) can still be tracked.
|
|
654
|
+
const REQUIRED_GITIGNORE_PATTERNS = [
|
|
655
|
+
{ pattern: '.monomind/sessions/', reason: 'session files contain cwd and machine paths' },
|
|
656
|
+
{ pattern: '.monomind/data/', reason: 'intelligence data with edit file paths' },
|
|
657
|
+
{ pattern: '.monomind/metrics/', reason: 'metrics with file path references' },
|
|
658
|
+
{ pattern: '.monomind/knowledge/', reason: 'knowledge chunks with local file content' },
|
|
659
|
+
{ pattern: '.monomind/*.json', reason: 'root-level runtime JSON (control, registry, routing)' },
|
|
660
|
+
{ pattern: '.monomind/*.jsonl', reason: 'root-level event logs (decisions, routing-feedback)' },
|
|
661
|
+
{ pattern: '**/.monomind/sessions/', reason: 'nested session files in sub-packages' },
|
|
662
|
+
{ pattern: '**/.monomind/*.json', reason: 'nested runtime JSON in sub-packages' },
|
|
663
|
+
{ pattern: 'data/sessions/', reason: 'session files with machine paths' },
|
|
664
|
+
{ pattern: 'data/mastermind-*.json', reason: 'mastermind session data' },
|
|
665
|
+
{ pattern: 'data/mastermind-*.jsonl', reason: 'mastermind event logs' },
|
|
666
|
+
{ pattern: '**/.claude-flow/', reason: 'claude-flow runtime data with paths' },
|
|
667
|
+
{ pattern: '.hive-mind/', reason: 'hive-mind state with session info' },
|
|
668
|
+
{ pattern: '.swarm/', reason: 'swarm state files' },
|
|
669
|
+
];
|
|
670
|
+
// Check whether a gitignore file covers all required monomind runtime patterns
|
|
671
|
+
async function checkGitignoreCoverage() {
|
|
672
|
+
const gitignorePath = join(process.cwd(), '.gitignore');
|
|
673
|
+
if (!existsSync(gitignorePath)) {
|
|
674
|
+
return {
|
|
675
|
+
name: 'Gitignore Coverage',
|
|
676
|
+
status: 'warn',
|
|
677
|
+
message: 'No .gitignore found — all monomind runtime paths are unprotected',
|
|
678
|
+
fix: 'echo ".monomind/\\n**/.monomind/" >> .gitignore',
|
|
679
|
+
};
|
|
680
|
+
}
|
|
681
|
+
if (statSync(gitignorePath).size > MAX_DOCTOR_GITIGNORE_BYTES) {
|
|
682
|
+
return { name: 'Gitignore Coverage', status: 'warn', message: '.gitignore too large to parse' };
|
|
683
|
+
}
|
|
684
|
+
const content = readFileSync(gitignorePath, 'utf-8');
|
|
685
|
+
const lines = content.split('\n').map(l => l.trim()).filter(l => l && !l.startsWith('#'));
|
|
686
|
+
const missing = REQUIRED_GITIGNORE_PATTERNS.filter(({ pattern }) => {
|
|
687
|
+
// A pattern is "covered" if the gitignore contains it exactly, or a parent glob covers it
|
|
688
|
+
const base = pattern.replace(/\*\*\//g, '').replace(/\*/g, '');
|
|
689
|
+
return !lines.some(l => l === pattern ||
|
|
690
|
+
l === pattern.replace(/\/$/, '') ||
|
|
691
|
+
// e.g. "**/.monomind/" covers ".monomind/"
|
|
692
|
+
(l.includes('**') && base && l.replace(/\*\*\//g, '').replace(/\*/g, '') === base));
|
|
693
|
+
});
|
|
694
|
+
if (missing.length === 0) {
|
|
695
|
+
return { name: 'Gitignore Coverage', status: 'pass', message: 'All monomind runtime paths are gitignored' };
|
|
696
|
+
}
|
|
697
|
+
const missingList = missing.map(m => m.pattern).join(', ');
|
|
698
|
+
const fixLines = missing.map(m => m.pattern).join('\\n');
|
|
699
|
+
return {
|
|
700
|
+
name: 'Gitignore Coverage',
|
|
701
|
+
status: 'warn',
|
|
702
|
+
message: `${missing.length} runtime path(s) not in .gitignore: ${missingList}`,
|
|
703
|
+
fix: `printf "${fixLines}\\n" >> .gitignore`,
|
|
704
|
+
};
|
|
705
|
+
}
|
|
582
706
|
async function checkGuidanceGates() {
|
|
583
707
|
const settingsPath = join(process.cwd(), '.claude', 'settings.json');
|
|
584
708
|
const gatesHandlerPath = join(process.cwd(), '.claude', 'helpers', 'handlers', 'gates-handler.cjs');
|
|
@@ -599,6 +723,9 @@ async function checkGuidanceGates() {
|
|
|
599
723
|
};
|
|
600
724
|
}
|
|
601
725
|
try {
|
|
726
|
+
if (statSync(settingsPath).size > MAX_DOCTOR_CONFIG_BYTES) {
|
|
727
|
+
return { name: 'Guidance Gates', status: 'warn', message: 'settings.json too large to parse' };
|
|
728
|
+
}
|
|
602
729
|
const settings = JSON.parse(readFileSync(settingsPath, 'utf-8'));
|
|
603
730
|
const preToolUse = settings?.hooks?.PreToolUse ?? [];
|
|
604
731
|
const hasPreWrite = preToolUse.some(e => e.matcher === 'Write|Edit|MultiEdit' && e.hooks.some(h => h.command?.includes('pre-write')));
|
|
@@ -671,7 +798,7 @@ export const doctorCommand = {
|
|
|
671
798
|
{
|
|
672
799
|
name: 'component',
|
|
673
800
|
short: 'c',
|
|
674
|
-
description: 'Check specific component (version, node, npm, config, daemon, memory, api, git, mcp, claude, disk, typescript, monograph, helpers, monoes, gates)',
|
|
801
|
+
description: 'Check specific component (version, node, npm, config, daemon, memory, api, git, mcp, claude, disk, typescript, monograph, memory-pkg, helpers, agentic-flow, monoes, gates, gitignore)',
|
|
675
802
|
type: 'string'
|
|
676
803
|
},
|
|
677
804
|
{
|
|
@@ -714,10 +841,12 @@ export const doctorCommand = {
|
|
|
714
841
|
checkDiskSpace,
|
|
715
842
|
checkBuildTools,
|
|
716
843
|
checkMonograph,
|
|
844
|
+
checkMonoesMemory,
|
|
717
845
|
checkHelpersFresh,
|
|
718
846
|
checkAgenticFlow,
|
|
719
847
|
checkMonoesIntegration,
|
|
720
848
|
checkGuidanceGates,
|
|
849
|
+
checkGitignoreCoverage,
|
|
721
850
|
];
|
|
722
851
|
const componentMap = {
|
|
723
852
|
'version': checkVersionFreshness,
|
|
@@ -734,10 +863,12 @@ export const doctorCommand = {
|
|
|
734
863
|
'disk': checkDiskSpace,
|
|
735
864
|
'typescript': checkBuildTools,
|
|
736
865
|
'monograph': checkMonograph,
|
|
866
|
+
'memory-pkg': checkMonoesMemory,
|
|
737
867
|
'helpers': checkHelpersFresh,
|
|
738
868
|
'agentic-flow': checkAgenticFlow,
|
|
739
869
|
'monoes': checkMonoesIntegration,
|
|
740
870
|
'gates': checkGuidanceGates,
|
|
871
|
+
'gitignore': checkGitignoreCoverage,
|
|
741
872
|
};
|
|
742
873
|
let checksToRun = allChecks;
|
|
743
874
|
if (component && componentMap[component]) {
|
|
@@ -461,6 +461,19 @@ const abTestCommand = {
|
|
|
461
461
|
output.writeln(output.error(`Tasks file not found: ${tasksPath}`));
|
|
462
462
|
return { success: false, message: `File not found: ${tasksPath}` };
|
|
463
463
|
}
|
|
464
|
+
// Size guard: a multi-MB tasks file would be buffered in full before
|
|
465
|
+
// JSON.parse runs. Cap at 10 MB — any legitimate task list is far smaller.
|
|
466
|
+
const { statSync, lstatSync } = await import('node:fs');
|
|
467
|
+
const tasksLstat = lstatSync(tasksPath);
|
|
468
|
+
if (tasksLstat.isSymbolicLink()) {
|
|
469
|
+
output.writeln(output.error(`Symlinks are not allowed as task files: ${tasksPath}`));
|
|
470
|
+
return { success: false, message: 'Symlink not allowed as tasks file' };
|
|
471
|
+
}
|
|
472
|
+
const MAX_TASKS_FILE_BYTES = 10 * 1024 * 1024; // 10 MB
|
|
473
|
+
if (tasksLstat.size > MAX_TASKS_FILE_BYTES) {
|
|
474
|
+
output.writeln(output.error(`Tasks file too large (max 10 MB): ${tasksPath}`));
|
|
475
|
+
return { success: false, message: 'Tasks file too large' };
|
|
476
|
+
}
|
|
464
477
|
const tasksJson = await readFile(tasksPath, 'utf-8');
|
|
465
478
|
customTasks = JSON.parse(tasksJson);
|
|
466
479
|
output.writeln(` Custom tasks: ${output.bold(String(customTasks.length))} loaded from ${tasksPath}`);
|
|
@@ -542,7 +555,7 @@ const setupCommand = {
|
|
|
542
555
|
output.writeln(output.bold('Guidance Gates Setup'));
|
|
543
556
|
output.writeln(output.dim('─'.repeat(50)));
|
|
544
557
|
output.writeln();
|
|
545
|
-
const { readFileSync, writeFileSync, existsSync } = await import('node:fs');
|
|
558
|
+
const { readFileSync, writeFileSync, existsSync, statSync } = await import('node:fs');
|
|
546
559
|
const { join } = await import('node:path');
|
|
547
560
|
const settingsPath = join(projectDir, '.claude', 'settings.json');
|
|
548
561
|
const gatesHandlerPath = join(projectDir, '.claude', 'helpers', 'handlers', 'gates-handler.cjs');
|
|
@@ -553,7 +566,7 @@ const setupCommand = {
|
|
|
553
566
|
}
|
|
554
567
|
// Load or create settings.json
|
|
555
568
|
let settings = {};
|
|
556
|
-
if (existsSync(settingsPath)) {
|
|
569
|
+
if (existsSync(settingsPath) && statSync(settingsPath).size <= 1024 * 1024) {
|
|
557
570
|
try {
|
|
558
571
|
settings = JSON.parse(readFileSync(settingsPath, 'utf-8'));
|
|
559
572
|
}
|
|
@@ -10,7 +10,14 @@ import { select, confirm, input } from '../prompt.js';
|
|
|
10
10
|
import { callMCPTool, MCPClientError } from '../mcp-client.js';
|
|
11
11
|
import { spawn as childSpawn, execSync } from 'child_process';
|
|
12
12
|
import { mkdir, writeFile } from 'fs/promises';
|
|
13
|
-
import { join } from 'path';
|
|
13
|
+
import { join, resolve as resolvePath, sep } from 'path';
|
|
14
|
+
// Input length caps
|
|
15
|
+
const MAX_OBJECTIVE_LEN = 2_000;
|
|
16
|
+
const MAX_TASK_DESC_LEN = 4_000;
|
|
17
|
+
const MAX_MESSAGE_LEN = 2_000;
|
|
18
|
+
const MAX_KEY_LEN = 256;
|
|
19
|
+
const MAX_VALUE_LEN = 65_536;
|
|
20
|
+
const MAX_AGENT_ID_LEN = 128;
|
|
14
21
|
// Hive topologies
|
|
15
22
|
const TOPOLOGIES = [
|
|
16
23
|
{ value: 'hierarchical', label: 'Hierarchical', hint: 'Queen-led with worker agents' },
|
|
@@ -177,11 +184,21 @@ async function spawnClaudeCodeInstance(swarmId, swarmName, objective, workers, f
|
|
|
177
184
|
`Consensus: ${output.highlight(flags.consensus || 'byzantine')}`,
|
|
178
185
|
`MCP Tools: ${output.success('Full Monomind integration enabled')}`
|
|
179
186
|
]);
|
|
180
|
-
// Ensure sessions directory exists
|
|
181
|
-
|
|
187
|
+
// Ensure sessions directory exists (anchor to process.cwd() so relative paths
|
|
188
|
+
// don't escape when the caller changes directory)
|
|
189
|
+
const baseDir = resolvePath(process.cwd());
|
|
190
|
+
const sessionsDir = resolvePath(baseDir, '.hive-mind', 'sessions');
|
|
191
|
+
// Guard: sessions directory must stay inside cwd
|
|
192
|
+
if (!sessionsDir.startsWith(baseDir + sep) && sessionsDir !== baseDir) {
|
|
193
|
+
throw new Error('Sessions directory path traversal detected');
|
|
194
|
+
}
|
|
182
195
|
await mkdir(sessionsDir, { recursive: true });
|
|
183
196
|
const safeSwarmId = swarmId.replace(/[^a-zA-Z0-9_-]/g, '_');
|
|
184
197
|
const promptFile = join(sessionsDir, `hive-mind-prompt-${safeSwarmId}.txt`);
|
|
198
|
+
// Guard: prompt file must stay inside sessions directory
|
|
199
|
+
if (!resolvePath(promptFile).startsWith(sessionsDir + sep)) {
|
|
200
|
+
throw new Error('Prompt file path traversal detected');
|
|
201
|
+
}
|
|
185
202
|
await writeFile(promptFile, hiveMindPrompt, 'utf8');
|
|
186
203
|
output.writeln();
|
|
187
204
|
output.printSuccess(`Hive Mind prompt saved to: ${promptFile}`);
|
|
@@ -295,10 +312,14 @@ async function spawnClaudeCodeInstance(swarmId, swarmName, objective, workers, f
|
|
|
295
312
|
spinner.fail('Failed to prepare Claude Code coordination');
|
|
296
313
|
const errorMessage = error instanceof Error ? error.message : String(error);
|
|
297
314
|
output.printError(`Error: ${errorMessage}`);
|
|
298
|
-
// Try to save prompt as fallback
|
|
315
|
+
// Try to save prompt as fallback — write inside cwd to avoid path issues
|
|
299
316
|
try {
|
|
300
317
|
const safeSwarmIdFallback = swarmId.replace(/[^a-zA-Z0-9_-]/g, '_');
|
|
301
|
-
const
|
|
318
|
+
const fallbackDir = resolvePath(process.cwd());
|
|
319
|
+
const promptFile = join(fallbackDir, `hive-mind-prompt-${safeSwarmIdFallback}-fallback.txt`);
|
|
320
|
+
if (!resolvePath(promptFile).startsWith(fallbackDir + sep)) {
|
|
321
|
+
throw new Error('Fallback path traversal');
|
|
322
|
+
}
|
|
302
323
|
const workerGroups = groupWorkersByType(workers);
|
|
303
324
|
const hiveMindPrompt = generateHiveMindPrompt(swarmId, swarmName, objective, workers, workerGroups, flags);
|
|
304
325
|
await writeFile(promptFile, hiveMindPrompt, 'utf8');
|
|
@@ -502,12 +523,13 @@ const spawnCommand = {
|
|
|
502
523
|
],
|
|
503
524
|
action: async (ctx) => {
|
|
504
525
|
// Parse count with fallback to default
|
|
505
|
-
const
|
|
526
|
+
const rawCount = ctx.flags.count || 1;
|
|
527
|
+
const count = Number.isFinite(rawCount) ? Math.max(1, Math.min(rawCount, 50)) : 1;
|
|
506
528
|
const role = ctx.flags.role || 'worker';
|
|
507
529
|
const agentType = ctx.flags.type || 'worker';
|
|
508
530
|
const prefix = ctx.flags.prefix || 'hive-worker';
|
|
509
531
|
const launchClaude = ctx.flags.claude;
|
|
510
|
-
let objective = ctx.flags.objective || ctx.args.join(' ');
|
|
532
|
+
let objective = (ctx.flags.objective || ctx.args.join(' ')).slice(0, MAX_OBJECTIVE_LEN);
|
|
511
533
|
output.printInfo(`Spawning ${count} ${role} agent(s)...`);
|
|
512
534
|
try {
|
|
513
535
|
const result = await callMCPTool('hive-mind_spawn', {
|
|
@@ -761,12 +783,13 @@ const taskCommand = {
|
|
|
761
783
|
{ command: 'monomind hive-mind task -d "Security review" -p critical -c', description: 'Critical task with consensus' }
|
|
762
784
|
],
|
|
763
785
|
action: async (ctx) => {
|
|
764
|
-
let description = ctx.flags.description || ctx.args.join(' ');
|
|
786
|
+
let description = (ctx.flags.description || ctx.args.join(' ')).slice(0, MAX_TASK_DESC_LEN);
|
|
765
787
|
if (!description && ctx.interactive) {
|
|
766
788
|
description = await input({
|
|
767
789
|
message: 'Task description:',
|
|
768
790
|
validate: (v) => v.length > 0 || 'Description is required'
|
|
769
791
|
});
|
|
792
|
+
description = description.slice(0, MAX_TASK_DESC_LEN);
|
|
770
793
|
}
|
|
771
794
|
if (!description) {
|
|
772
795
|
output.printError('Task description is required');
|
|
@@ -888,7 +911,7 @@ const joinCommand = {
|
|
|
888
911
|
{ name: 'role', short: 'r', description: 'Agent role (worker, specialist, scout)', type: 'string', default: 'worker' }
|
|
889
912
|
],
|
|
890
913
|
action: async (ctx) => {
|
|
891
|
-
const agentId = ctx.args[0] || ctx.flags['agent-id'] || ctx.flags.agentId;
|
|
914
|
+
const agentId = (ctx.args[0] || ctx.flags['agent-id'] || ctx.flags.agentId || '').slice(0, MAX_AGENT_ID_LEN);
|
|
892
915
|
if (!agentId) {
|
|
893
916
|
output.printError('Agent ID is required. Use --agent-id or -a flag, or provide as argument.');
|
|
894
917
|
return { success: false, exitCode: 1 };
|
|
@@ -914,7 +937,7 @@ const leaveCommand = {
|
|
|
914
937
|
description: 'Remove an agent from the hive mind',
|
|
915
938
|
options: [{ name: 'agent-id', short: 'a', description: 'Agent ID to remove', type: 'string' }],
|
|
916
939
|
action: async (ctx) => {
|
|
917
|
-
const agentId = ctx.args[0] || ctx.flags['agent-id'] || ctx.flags.agentId;
|
|
940
|
+
const agentId = (ctx.args[0] || ctx.flags['agent-id'] || ctx.flags.agentId || '').slice(0, MAX_AGENT_ID_LEN);
|
|
918
941
|
if (!agentId) {
|
|
919
942
|
output.printError('Agent ID required.');
|
|
920
943
|
return { success: false, exitCode: 1 };
|
|
@@ -986,13 +1009,13 @@ const broadcastCommand = {
|
|
|
986
1009
|
{ name: 'from', short: 'f', description: 'Sender agent ID', type: 'string' }
|
|
987
1010
|
],
|
|
988
1011
|
action: async (ctx) => {
|
|
989
|
-
const message = ctx.args.join(' ') || ctx.flags.message;
|
|
1012
|
+
const message = (ctx.args.join(' ') || ctx.flags.message || '').slice(0, MAX_MESSAGE_LEN);
|
|
990
1013
|
if (!message) {
|
|
991
1014
|
output.printError('Message required. Use --message or -m flag.');
|
|
992
1015
|
return { success: false, exitCode: 1 };
|
|
993
1016
|
}
|
|
994
1017
|
try {
|
|
995
|
-
const result = await callMCPTool('hive-mind_broadcast', { message, priority: ctx.flags.priority, fromId: ctx.flags.from });
|
|
1018
|
+
const result = await callMCPTool('hive-mind_broadcast', { message, priority: ctx.flags.priority, fromId: typeof ctx.flags.from === 'string' ? ctx.flags.from.slice(0, MAX_AGENT_ID_LEN) : undefined });
|
|
996
1019
|
if (!result.success) {
|
|
997
1020
|
output.printError(result.error || 'Failed');
|
|
998
1021
|
return { success: false, exitCode: 1 };
|
|
@@ -1017,8 +1040,8 @@ const memorySubCommand = {
|
|
|
1017
1040
|
],
|
|
1018
1041
|
action: async (ctx) => {
|
|
1019
1042
|
const action = ctx.flags.action || 'list';
|
|
1020
|
-
const key = ctx.flags.key;
|
|
1021
|
-
const value = ctx.flags.value;
|
|
1043
|
+
const key = typeof ctx.flags.key === 'string' ? ctx.flags.key.slice(0, MAX_KEY_LEN) : undefined;
|
|
1044
|
+
const value = typeof ctx.flags.value === 'string' ? ctx.flags.value.slice(0, MAX_VALUE_LEN) : undefined;
|
|
1022
1045
|
if ((action === 'get' || action === 'delete') && !key) {
|
|
1023
1046
|
output.printError('Key required for get/delete.');
|
|
1024
1047
|
return { success: false, exitCode: 1 };
|
|
@@ -27,8 +27,10 @@ function readCoverageFromDisk() {
|
|
|
27
27
|
const summaryPath = join(cwd, relPath);
|
|
28
28
|
if (existsSync(summaryPath)) {
|
|
29
29
|
try {
|
|
30
|
-
|
|
31
|
-
|
|
30
|
+
if (statSync(summaryPath).size <= 4_194_304) {
|
|
31
|
+
const raw = JSON.parse(readFileSync(summaryPath, 'utf-8'));
|
|
32
|
+
return parseCoverageSummaryJson(raw, relPath);
|
|
33
|
+
}
|
|
32
34
|
}
|
|
33
35
|
catch {
|
|
34
36
|
// malformed, try next
|
|
@@ -40,8 +42,10 @@ function readCoverageFromDisk() {
|
|
|
40
42
|
const lcovPath = join(cwd, relPath);
|
|
41
43
|
if (existsSync(lcovPath)) {
|
|
42
44
|
try {
|
|
43
|
-
|
|
44
|
-
|
|
45
|
+
if (statSync(lcovPath).size <= 8_388_608) {
|
|
46
|
+
const raw = readFileSync(lcovPath, 'utf-8');
|
|
47
|
+
return parseLcovInfo(raw, relPath);
|
|
48
|
+
}
|
|
45
49
|
}
|
|
46
50
|
catch {
|
|
47
51
|
// malformed, try next
|
|
@@ -52,8 +56,10 @@ function readCoverageFromDisk() {
|
|
|
52
56
|
const nycPath = join(cwd, '.nyc_output', 'out.json');
|
|
53
57
|
if (existsSync(nycPath)) {
|
|
54
58
|
try {
|
|
55
|
-
|
|
56
|
-
|
|
59
|
+
if (statSync(nycPath).size <= 4_194_304) {
|
|
60
|
+
const raw = JSON.parse(readFileSync(nycPath, 'utf-8'));
|
|
61
|
+
return parseCoverageSummaryJson(raw, '.nyc_output/out.json');
|
|
62
|
+
}
|
|
57
63
|
}
|
|
58
64
|
catch {
|
|
59
65
|
// malformed
|
|
@@ -1785,9 +1791,11 @@ const intelligenceCommand = {
|
|
|
1785
1791
|
try {
|
|
1786
1792
|
const pStat = statSync(persistence.patternsFile);
|
|
1787
1793
|
patternsFileSize = pStat.size;
|
|
1788
|
-
|
|
1789
|
-
|
|
1790
|
-
|
|
1794
|
+
if (patternsFileSize <= 4_194_304) {
|
|
1795
|
+
const pData = JSON.parse(readFileSync(persistence.patternsFile, 'utf-8'));
|
|
1796
|
+
if (Array.isArray(pData))
|
|
1797
|
+
patternsFileEntries = pData.length;
|
|
1798
|
+
}
|
|
1791
1799
|
}
|
|
1792
1800
|
catch { /* ignore */ }
|
|
1793
1801
|
}
|
|
@@ -1796,9 +1804,12 @@ const intelligenceCommand = {
|
|
|
1796
1804
|
let lastAdaptationFromDisk = null;
|
|
1797
1805
|
if (persistence.statsExist) {
|
|
1798
1806
|
try {
|
|
1799
|
-
const
|
|
1800
|
-
|
|
1801
|
-
|
|
1807
|
+
const sStat = statSync(persistence.statsFile);
|
|
1808
|
+
if (sStat.size <= 524_288) {
|
|
1809
|
+
const sData = JSON.parse(readFileSync(persistence.statsFile, 'utf-8'));
|
|
1810
|
+
trajectoriesFromDisk = sData?.trajectoriesRecorded ?? 0;
|
|
1811
|
+
lastAdaptationFromDisk = sData?.lastAdaptation ?? null;
|
|
1812
|
+
}
|
|
1802
1813
|
}
|
|
1803
1814
|
catch { /* ignore */ }
|
|
1804
1815
|
}
|
|
@@ -3375,10 +3386,12 @@ const statuslineCommand = {
|
|
|
3375
3386
|
for (const lPath of learningJsonPaths) {
|
|
3376
3387
|
if (fs.existsSync(lPath)) {
|
|
3377
3388
|
try {
|
|
3378
|
-
|
|
3379
|
-
|
|
3380
|
-
|
|
3381
|
-
|
|
3389
|
+
if (fs.statSync(lPath).size <= 524_288) {
|
|
3390
|
+
const data = JSON.parse(fs.readFileSync(lPath, 'utf-8'));
|
|
3391
|
+
if (data.intelligence?.score !== undefined) {
|
|
3392
|
+
intelligencePct = Math.min(100, Math.floor(data.intelligence.score));
|
|
3393
|
+
break;
|
|
3394
|
+
}
|
|
3382
3395
|
}
|
|
3383
3396
|
}
|
|
3384
3397
|
catch { /* ignore */ }
|
|
@@ -3500,9 +3513,11 @@ const statuslineCommand = {
|
|
|
3500
3513
|
const settingsPath = path.join(process.cwd(), '.claude', 'settings.json');
|
|
3501
3514
|
if (fs.existsSync(settingsPath)) {
|
|
3502
3515
|
try {
|
|
3503
|
-
|
|
3504
|
-
|
|
3505
|
-
|
|
3516
|
+
if (fs.statSync(settingsPath).size <= 524_288) {
|
|
3517
|
+
const settings = JSON.parse(fs.readFileSync(settingsPath, 'utf-8'));
|
|
3518
|
+
if (settings.hooks) {
|
|
3519
|
+
hooksStats.enabled = Object.values(settings.hooks).filter((h) => h && typeof h === 'object').length;
|
|
3520
|
+
}
|
|
3506
3521
|
}
|
|
3507
3522
|
}
|
|
3508
3523
|
catch { /* ignore */ }
|
|
@@ -3585,12 +3600,14 @@ const statuslineCommand = {
|
|
|
3585
3600
|
const vectorsPath = path.join(process.cwd(), '.monomind', 'vectors.json');
|
|
3586
3601
|
if (fs.existsSync(vectorsPath) && agentdbStats.vectorCount === 0) {
|
|
3587
3602
|
try {
|
|
3588
|
-
|
|
3589
|
-
|
|
3590
|
-
|
|
3591
|
-
|
|
3592
|
-
|
|
3593
|
-
|
|
3603
|
+
if (fs.statSync(vectorsPath).size <= 8_388_608) {
|
|
3604
|
+
const data = JSON.parse(fs.readFileSync(vectorsPath, 'utf-8'));
|
|
3605
|
+
if (Array.isArray(data)) {
|
|
3606
|
+
agentdbStats.vectorCount = data.length;
|
|
3607
|
+
}
|
|
3608
|
+
else if (data.vectors) {
|
|
3609
|
+
agentdbStats.vectorCount = Object.keys(data.vectors).length;
|
|
3610
|
+
}
|
|
3594
3611
|
}
|
|
3595
3612
|
}
|
|
3596
3613
|
catch { /* ignore */ }
|
|
@@ -99,7 +99,7 @@ const initAction = async (ctx) => {
|
|
|
99
99
|
const { spawn } = await import('child_process');
|
|
100
100
|
const pidFile = path.join(ctx.cwd, '.monomind', 'monograph-watch.pid');
|
|
101
101
|
let alreadyRunning = false;
|
|
102
|
-
if (fs.existsSync(pidFile)) {
|
|
102
|
+
if (fs.existsSync(pidFile) && fs.statSync(pidFile).size <= 32) {
|
|
103
103
|
const existingPid = parseInt(fs.readFileSync(pidFile, 'utf8').trim(), 10);
|
|
104
104
|
if (!isNaN(existingPid)) {
|
|
105
105
|
try {
|
|
@@ -738,9 +738,14 @@ const upgradeCommand = {
|
|
|
738
738
|
// Try to read control URL for dashboard progress events (best-effort)
|
|
739
739
|
let controlUrl = 'http://localhost:4242';
|
|
740
740
|
try {
|
|
741
|
-
const
|
|
742
|
-
if (
|
|
743
|
-
|
|
741
|
+
const ctrlPath = path.join(process.cwd(), '.monomind', 'control.json');
|
|
742
|
+
if (fs.existsSync(ctrlPath) && fs.statSync(ctrlPath).size <= 4096) {
|
|
743
|
+
const ctrlCfg = JSON.parse(fs.readFileSync(ctrlPath, 'utf-8'));
|
|
744
|
+
// Only allow localhost/127.0.0.1 URLs to prevent SSRF via attacker-controlled control.json
|
|
745
|
+
if (typeof ctrlCfg.url === 'string' && /^https?:\/\/(localhost|127\.0\.0\.1)(:\d+)?(\/|$)/.test(ctrlCfg.url)) {
|
|
746
|
+
controlUrl = ctrlCfg.url;
|
|
747
|
+
}
|
|
748
|
+
}
|
|
744
749
|
}
|
|
745
750
|
catch { }
|
|
746
751
|
const emitUpgradeProgress = async (projDir, status, current, total) => {
|