monomind 1.11.13 → 1.12.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.claude/agents/generated/channel-intelligence-director.md +87 -0
- package/.claude/agents/generated/chief-growth-officer.md +88 -0
- package/.claude/agents/generated/content-seo-strategist.md +90 -0
- package/.claude/agents/generated/developer-community-strategist.md +91 -0
- package/.claude/agents/generated/outreach-partnership-strategist.md +90 -0
- package/.claude/agents/generated/social-media-strategist.md +91 -0
- package/.claude/agents/generated/video-visual-strategist.md +90 -0
- package/.claude/commands/mastermind/idea.md +1 -1
- package/.claude/helpers/auto-memory-hook.mjs +13 -4
- package/.claude/helpers/control-start.cjs +5 -0
- package/.claude/helpers/event-logger.cjs +114 -0
- package/.claude/helpers/handlers/adr-draft-handler.cjs +19 -5
- package/.claude/helpers/handlers/agent-start-handler.cjs +13 -4
- package/.claude/helpers/handlers/compact-handler.cjs +2 -0
- package/.claude/helpers/handlers/edit-handler.cjs +1 -1
- package/.claude/helpers/handlers/gates-handler.cjs +3 -0
- package/.claude/helpers/handlers/graph-status-handler.cjs +14 -8
- package/.claude/helpers/handlers/loops-status-handler.cjs +5 -2
- package/.claude/helpers/handlers/route-handler.cjs +13 -6
- package/.claude/helpers/handlers/session-handler.cjs +11 -4
- package/.claude/helpers/handlers/session-restore-handler.cjs +21 -11
- package/.claude/helpers/handlers/task-handler.cjs +13 -5
- package/.claude/helpers/intelligence.cjs +7 -2
- package/.claude/helpers/loop-tracker.cjs +15 -3
- package/.claude/helpers/memory.cjs +6 -1
- package/.claude/helpers/router.cjs +5 -2
- package/.claude/helpers/session.cjs +2 -0
- package/.claude/helpers/statusline.cjs +10 -2
- package/.claude/helpers/utils/micro-agents.cjs +20 -4
- package/.claude/scheduled_tasks.lock +1 -1
- package/.claude/settings.json +92 -1
- package/.claude/skills/mastermind/_protocol.md +23 -13
- package/.claude/skills/mastermind/architect.md +6 -9
- package/.claude/skills/mastermind/build.md +3 -3
- package/.claude/skills/mastermind/content.md +3 -3
- package/.claude/skills/mastermind/createorg.md +2 -2
- package/.claude/skills/mastermind/finance.md +3 -3
- package/.claude/skills/mastermind/idea.md +5 -3
- package/.claude/skills/mastermind/marketing.md +3 -3
- package/.claude/skills/mastermind/monitor.md +2 -2
- package/.claude/skills/mastermind/release.md +3 -3
- package/.claude/skills/mastermind/research.md +3 -3
- package/.claude/skills/mastermind/review.md +3 -3
- package/.claude/skills/mastermind/runorg.md +153 -86
- package/.claude/skills/mastermind/sales.md +3 -3
- package/README.md +286 -129
- package/package.json +19 -2
- package/packages/@monomind/cli/README.md +286 -129
- package/packages/@monomind/cli/bundled-graph/dist/src/build.js +73 -0
- package/packages/@monomind/cli/bundled-graph/dist/src/cluster.js +120 -0
- package/packages/@monomind/cli/bundled-graph/package.json +57 -0
- package/packages/@monomind/cli/dist/src/agents/halt-signal.d.ts +25 -0
- package/packages/@monomind/cli/dist/src/agents/halt-signal.js +76 -0
- package/packages/@monomind/cli/dist/src/agents/index.d.ts +18 -0
- package/packages/@monomind/cli/dist/src/agents/index.js +13 -0
- package/packages/@monomind/cli/dist/src/agents/managed-agent.d.ts +41 -0
- package/packages/@monomind/cli/dist/src/agents/managed-agent.js +69 -0
- package/packages/@monomind/cli/dist/src/agents/prompt-experiment.d.ts +23 -0
- package/packages/@monomind/cli/dist/src/agents/prompt-experiment.js +49 -0
- package/packages/@monomind/cli/dist/src/agents/prompt-version-manager.d.ts +22 -0
- package/packages/@monomind/cli/dist/src/agents/prompt-version-manager.js +80 -0
- package/packages/@monomind/cli/dist/src/agents/registry-builder.js +2 -0
- package/packages/@monomind/cli/dist/src/agents/registry-query.d.ts +71 -0
- package/packages/@monomind/cli/dist/src/agents/registry-query.js +125 -0
- package/packages/@monomind/cli/dist/src/agents/score-decay.d.ts +19 -0
- package/packages/@monomind/cli/dist/src/agents/score-decay.js +22 -0
- package/packages/@monomind/cli/dist/src/agents/shared-instructions-loader.d.ts +13 -0
- package/packages/@monomind/cli/dist/src/agents/shared-instructions-loader.js +40 -0
- package/packages/@monomind/cli/dist/src/agents/specialization-scorer.d.ts +54 -0
- package/packages/@monomind/cli/dist/src/agents/specialization-scorer.js +212 -0
- package/packages/@monomind/cli/dist/src/agents/termination-watcher.d.ts +30 -0
- package/packages/@monomind/cli/dist/src/agents/termination-watcher.js +84 -0
- package/packages/@monomind/cli/dist/src/agents/trigger-index.d.ts +20 -0
- package/packages/@monomind/cli/dist/src/agents/trigger-index.js +38 -0
- package/packages/@monomind/cli/dist/src/agents/trigger-scanner.d.ts +64 -0
- package/packages/@monomind/cli/dist/src/agents/trigger-scanner.js +308 -0
- package/packages/@monomind/cli/dist/src/agents/version-diff.d.ts +18 -0
- package/packages/@monomind/cli/dist/src/agents/version-diff.js +64 -0
- package/packages/@monomind/cli/dist/src/agents/version-store.d.ts +60 -0
- package/packages/@monomind/cli/dist/src/agents/version-store.js +235 -0
- package/packages/@monomind/cli/dist/src/autopilot-state.js +10 -5
- package/packages/@monomind/cli/dist/src/benchmarks/benchmark-runner.js +13 -0
- package/packages/@monomind/cli/dist/src/benchmarks/metric-evaluators.js +20 -9
- package/packages/@monomind/cli/dist/src/benchmarks/pretrain/index.d.ts +45 -0
- package/packages/@monomind/cli/dist/src/benchmarks/pretrain/index.js +404 -0
- package/packages/@monomind/cli/dist/src/browser/actions.js +10 -3
- package/packages/@monomind/cli/dist/src/browser/browser.js +12 -2
- package/packages/@monomind/cli/dist/src/browser/cdp.js +21 -3
- package/packages/@monomind/cli/dist/src/browser/har.js +27 -5
- package/packages/@monomind/cli/dist/src/commands/agent-wasm.d.ts +14 -0
- package/packages/@monomind/cli/dist/src/commands/agent-wasm.js +333 -0
- package/packages/@monomind/cli/dist/src/commands/agent.js +11 -8
- package/packages/@monomind/cli/dist/src/commands/analyze.js +36 -21
- package/packages/@monomind/cli/dist/src/commands/autopilot.js +12 -4
- package/packages/@monomind/cli/dist/src/commands/benchmark.js +51 -8
- package/packages/@monomind/cli/dist/src/commands/browse.js +5 -2
- package/packages/@monomind/cli/dist/src/commands/claims.js +29 -11
- package/packages/@monomind/cli/dist/src/commands/cleanup.js +25 -5
- package/packages/@monomind/cli/dist/src/commands/config.js +15 -7
- package/packages/@monomind/cli/dist/src/commands/daemon.js +6 -0
- package/packages/@monomind/cli/dist/src/commands/deployment.js +34 -19
- package/packages/@monomind/cli/dist/src/commands/doctor.js +151 -20
- package/packages/@monomind/cli/dist/src/commands/guidance.js +15 -2
- package/packages/@monomind/cli/dist/src/commands/hive-mind.js +37 -14
- package/packages/@monomind/cli/dist/src/commands/hooks.js +42 -25
- package/packages/@monomind/cli/dist/src/commands/init.js +9 -4
- package/packages/@monomind/cli/dist/src/commands/issues.js +29 -26
- package/packages/@monomind/cli/dist/src/commands/mcp.js +11 -5
- package/packages/@monomind/cli/dist/src/commands/memory.js +10 -0
- package/packages/@monomind/cli/dist/src/commands/migrate.js +5 -5
- package/packages/@monomind/cli/dist/src/commands/monograph.js +18 -5
- package/packages/@monomind/cli/dist/src/commands/monovector/backup.js +8 -2
- package/packages/@monomind/cli/dist/src/commands/monovector/benchmark.js +20 -7
- package/packages/@monomind/cli/dist/src/commands/monovector/import.js +15 -0
- package/packages/@monomind/cli/dist/src/commands/monovector/migrate.js +4 -1
- package/packages/@monomind/cli/dist/src/commands/monovector/optimize.js +11 -0
- package/packages/@monomind/cli/dist/src/commands/monovector/setup.js +11 -1
- package/packages/@monomind/cli/dist/src/commands/neural.js +1 -1
- package/packages/@monomind/cli/dist/src/commands/performance.js +20 -7
- package/packages/@monomind/cli/dist/src/commands/platforms.js +90 -8
- package/packages/@monomind/cli/dist/src/commands/plugins.js +12 -5
- package/packages/@monomind/cli/dist/src/commands/process.js +33 -10
- package/packages/@monomind/cli/dist/src/commands/progress.js +5 -3
- package/packages/@monomind/cli/dist/src/commands/providers.js +5 -5
- package/packages/@monomind/cli/dist/src/commands/replay.js +8 -2
- package/packages/@monomind/cli/dist/src/commands/route.js +27 -7
- package/packages/@monomind/cli/dist/src/commands/security.js +4 -0
- package/packages/@monomind/cli/dist/src/commands/session.js +12 -1
- package/packages/@monomind/cli/dist/src/commands/start.js +11 -4
- package/packages/@monomind/cli/dist/src/commands/status.js +7 -4
- package/packages/@monomind/cli/dist/src/commands/swarm.js +27 -13
- package/packages/@monomind/cli/dist/src/commands/task.js +26 -11
- package/packages/@monomind/cli/dist/src/commands/tokens.js +7 -2
- package/packages/@monomind/cli/dist/src/commands/transfer-store.js +36 -22
- package/packages/@monomind/cli/dist/src/commands/ui.js +68 -0
- package/packages/@monomind/cli/dist/src/commands/update.js +15 -3
- package/packages/@monomind/cli/dist/src/commands/workflow.js +39 -6
- package/packages/@monomind/cli/dist/src/consensus/audit-writer.js +18 -7
- package/packages/@monomind/cli/dist/src/consensus/index.d.ts +7 -0
- package/packages/@monomind/cli/dist/src/consensus/index.js +6 -0
- package/packages/@monomind/cli/dist/src/consensus/vote-signer.js +25 -8
- package/packages/@monomind/cli/dist/src/context/context-provider.d.ts +44 -0
- package/packages/@monomind/cli/dist/src/context/context-provider.js +25 -0
- package/packages/@monomind/cli/dist/src/context/git-state-provider.d.ts +12 -0
- package/packages/@monomind/cli/dist/src/context/git-state-provider.js +34 -0
- package/packages/@monomind/cli/dist/src/context/index.d.ts +12 -0
- package/packages/@monomind/cli/dist/src/context/index.js +12 -0
- package/packages/@monomind/cli/dist/src/context/project-conventions-provider.d.ts +15 -0
- package/packages/@monomind/cli/dist/src/context/project-conventions-provider.js +19 -0
- package/packages/@monomind/cli/dist/src/context/prompt-assembler.d.ts +26 -0
- package/packages/@monomind/cli/dist/src/context/prompt-assembler.js +93 -0
- package/packages/@monomind/cli/dist/src/context/task-history-provider.d.ts +24 -0
- package/packages/@monomind/cli/dist/src/context/task-history-provider.js +32 -0
- package/packages/@monomind/cli/dist/src/context/user-preferences-provider.d.ts +14 -0
- package/packages/@monomind/cli/dist/src/context/user-preferences-provider.js +27 -0
- package/packages/@monomind/cli/dist/src/dlq/dlq-reader.d.ts +31 -0
- package/packages/@monomind/cli/dist/src/dlq/dlq-reader.js +81 -0
- package/packages/@monomind/cli/dist/src/dlq/dlq-writer.d.ts +24 -0
- package/packages/@monomind/cli/dist/src/dlq/dlq-writer.js +65 -0
- package/packages/@monomind/cli/dist/src/dlq/index.d.ts +10 -0
- package/packages/@monomind/cli/dist/src/dlq/index.js +7 -0
- package/packages/@monomind/cli/dist/src/eval/dataset-manager.d.ts +33 -0
- package/packages/@monomind/cli/dist/src/eval/dataset-manager.js +107 -0
- package/packages/@monomind/cli/dist/src/eval/dataset-runner.d.ts +23 -0
- package/packages/@monomind/cli/dist/src/eval/dataset-runner.js +59 -0
- package/packages/@monomind/cli/dist/src/eval/index.d.ts +10 -0
- package/packages/@monomind/cli/dist/src/eval/index.js +7 -0
- package/packages/@monomind/cli/dist/src/eval/trace-collector.d.ts +40 -0
- package/packages/@monomind/cli/dist/src/eval/trace-collector.js +102 -0
- package/packages/@monomind/cli/dist/src/index.js +7 -3
- package/packages/@monomind/cli/dist/src/infrastructure/in-memory-repositories.d.ts +68 -0
- package/packages/@monomind/cli/dist/src/infrastructure/in-memory-repositories.js +264 -0
- package/packages/@monomind/cli/dist/src/init/executor.js +14 -11
- package/packages/@monomind/cli/dist/src/init/shared-instructions-generator.js +20 -4
- package/packages/@monomind/cli/dist/src/init/statusline-generator.js +33 -12
- package/packages/@monomind/cli/dist/src/interactive/interrupt.d.ts +22 -0
- package/packages/@monomind/cli/dist/src/interactive/interrupt.js +71 -0
- package/packages/@monomind/cli/dist/src/mcp/deprecation-injector.d.ts +25 -0
- package/packages/@monomind/cli/dist/src/mcp/deprecation-injector.js +48 -0
- package/packages/@monomind/cli/dist/src/mcp/tool-registry.d.ts +61 -0
- package/packages/@monomind/cli/dist/src/mcp/tool-registry.js +246 -0
- package/packages/@monomind/cli/dist/src/mcp-tools/a2a-tools.js +98 -13
- package/packages/@monomind/cli/dist/src/mcp-tools/agent-tools.js +16 -3
- package/packages/@monomind/cli/dist/src/mcp-tools/analyze-tools.js +80 -17
- package/packages/@monomind/cli/dist/src/mcp-tools/browser-tools.js +84 -22
- package/packages/@monomind/cli/dist/src/mcp-tools/claims-tools.js +35 -7
- package/packages/@monomind/cli/dist/src/mcp-tools/config-tools.js +82 -17
- package/packages/@monomind/cli/dist/src/mcp-tools/coordination-tools.js +37 -4
- package/packages/@monomind/cli/dist/src/mcp-tools/daa-tools.js +49 -7
- package/packages/@monomind/cli/dist/src/mcp-tools/embeddings-tools.js +45 -18
- package/packages/@monomind/cli/dist/src/mcp-tools/github-tools.js +75 -25
- package/packages/@monomind/cli/dist/src/mcp-tools/guidance-tools.js +32 -10
- package/packages/@monomind/cli/dist/src/mcp-tools/hive-mind-tools.js +91 -20
- package/packages/@monomind/cli/dist/src/mcp-tools/hooks-tools.js +188 -29
- package/packages/@monomind/cli/dist/src/mcp-tools/memory-tools.js +25 -7
- package/packages/@monomind/cli/dist/src/mcp-tools/monograph-compat.js +11 -2
- package/packages/@monomind/cli/dist/src/mcp-tools/monograph-tools.js +148 -26
- package/packages/@monomind/cli/dist/src/mcp-tools/neural-tools.js +44 -9
- package/packages/@monomind/cli/dist/src/mcp-tools/performance-tools.js +45 -10
- package/packages/@monomind/cli/dist/src/mcp-tools/progress-tools.js +7 -4
- package/packages/@monomind/cli/dist/src/mcp-tools/request-tracker.js +15 -1
- package/packages/@monomind/cli/dist/src/mcp-tools/security-tools.js +61 -9
- package/packages/@monomind/cli/dist/src/mcp-tools/session-tools.js +45 -14
- package/packages/@monomind/cli/dist/src/mcp-tools/swarm-tools.js +15 -3
- package/packages/@monomind/cli/dist/src/mcp-tools/system-tools.js +14 -7
- package/packages/@monomind/cli/dist/src/mcp-tools/task-tools.js +52 -10
- package/packages/@monomind/cli/dist/src/mcp-tools/terminal-tools.js +40 -6
- package/packages/@monomind/cli/dist/src/mcp-tools/transfer-tools.js +37 -4
- package/packages/@monomind/cli/dist/src/mcp-tools/wasm-agent-tools.d.ts +9 -0
- package/packages/@monomind/cli/dist/src/mcp-tools/wasm-agent-tools.js +230 -0
- package/packages/@monomind/cli/dist/src/mcp-tools/workflow-tools.js +29 -6
- package/packages/@monomind/cli/dist/src/memory/ewc-consolidation.js +26 -10
- package/packages/@monomind/cli/dist/src/memory/intelligence.js +80 -19
- package/packages/@monomind/cli/dist/src/memory/memory-bridge.js +21 -2
- package/packages/@monomind/cli/dist/src/memory/memory-initializer.js +67 -3
- package/packages/@monomind/cli/dist/src/memory/sona-optimizer.js +14 -4
- package/packages/@monomind/cli/dist/src/model/complexity-scorer.d.ts +21 -0
- package/packages/@monomind/cli/dist/src/model/complexity-scorer.js +106 -0
- package/packages/@monomind/cli/dist/src/model/index.d.ts +4 -0
- package/packages/@monomind/cli/dist/src/model/index.js +4 -0
- package/packages/@monomind/cli/dist/src/model/model-settings.d.ts +22 -0
- package/packages/@monomind/cli/dist/src/model/model-settings.js +33 -0
- package/packages/@monomind/cli/dist/src/model/model-tier-resolver.d.ts +24 -0
- package/packages/@monomind/cli/dist/src/model/model-tier-resolver.js +65 -0
- package/packages/@monomind/cli/dist/src/monovector/capabilities.d.ts +34 -0
- package/packages/@monomind/cli/dist/src/monovector/capabilities.js +37 -0
- package/packages/@monomind/cli/dist/src/monovector/command-outcomes.js +43 -7
- package/packages/@monomind/cli/dist/src/monovector/coverage-router.js +8 -4
- package/packages/@monomind/cli/dist/src/monovector/coverage-tools.js +6 -3
- package/packages/@monomind/cli/dist/src/monovector/diff-classifier.js +13 -0
- package/packages/@monomind/cli/dist/src/monovector/route-outcomes.d.ts +2 -1
- package/packages/@monomind/cli/dist/src/monovector/route-outcomes.js +46 -4
- package/packages/@monomind/cli/dist/src/observability/replay-reader.d.ts +1 -1
- package/packages/@monomind/cli/dist/src/orchestration/index.d.ts +7 -0
- package/packages/@monomind/cli/dist/src/orchestration/index.js +6 -0
- package/packages/@monomind/cli/dist/src/orchestration/mode-dispatcher.d.ts +11 -0
- package/packages/@monomind/cli/dist/src/orchestration/mode-dispatcher.js +31 -0
- package/packages/@monomind/cli/dist/src/orchestration/routing-modes.d.ts +68 -0
- package/packages/@monomind/cli/dist/src/orchestration/routing-modes.js +180 -0
- package/packages/@monomind/cli/dist/src/plugins/manager.js +8 -3
- package/packages/@monomind/cli/dist/src/plugins/store/discovery.js +46 -2
- package/packages/@monomind/cli/dist/src/plugins/store/search.js +5 -4
- package/packages/@monomind/cli/dist/src/plugins/tests/demo-plugin-store.d.ts +7 -0
- package/packages/@monomind/cli/dist/src/plugins/tests/demo-plugin-store.js +126 -0
- package/packages/@monomind/cli/dist/src/plugins/tests/standalone-test.d.ts +12 -0
- package/packages/@monomind/cli/dist/src/plugins/tests/standalone-test.js +188 -0
- package/packages/@monomind/cli/dist/src/plugins/tests/test-plugin-store.d.ts +7 -0
- package/packages/@monomind/cli/dist/src/plugins/tests/test-plugin-store.js +206 -0
- package/packages/@monomind/cli/dist/src/production/circuit-breaker.js +17 -3
- package/packages/@monomind/cli/dist/src/production/error-handler.js +3 -0
- package/packages/@monomind/cli/dist/src/production/monitoring.js +20 -3
- package/packages/@monomind/cli/dist/src/production/rate-limiter.js +13 -4
- package/packages/@monomind/cli/dist/src/production/retry.js +17 -9
- package/packages/@monomind/cli/dist/src/routing/embed-worker.js +6 -2
- package/packages/@monomind/cli/dist/src/routing/embedder.js +0 -0
- package/packages/@monomind/cli/dist/src/routing/llm-caller.js +13 -2
- package/packages/@monomind/cli/dist/src/routing/route-layer-factory.js +18 -3
- package/packages/@monomind/cli/dist/src/runtime/headless.d.ts +60 -0
- package/packages/@monomind/cli/dist/src/runtime/headless.js +284 -0
- package/packages/@monomind/cli/dist/src/services/agentic-flow-bridge.d.ts +50 -0
- package/packages/@monomind/cli/dist/src/services/agentic-flow-bridge.js +95 -0
- package/packages/@monomind/cli/dist/src/services/claim-service.d.ts +1 -0
- package/packages/@monomind/cli/dist/src/services/claim-service.js +8 -0
- package/packages/@monomind/cli/dist/src/services/config-file-manager.js +14 -2
- package/packages/@monomind/cli/dist/src/services/container-worker-pool.d.ts +197 -0
- package/packages/@monomind/cli/dist/src/services/container-worker-pool.js +623 -0
- package/packages/@monomind/cli/dist/src/services/headless-worker-executor.js +18 -2
- package/packages/@monomind/cli/dist/src/services/index.d.ts +13 -0
- package/packages/@monomind/cli/dist/src/services/index.js +11 -0
- package/packages/@monomind/cli/dist/src/services/worker-daemon.js +53 -12
- package/packages/@monomind/cli/dist/src/services/worker-queue.d.ts +201 -0
- package/packages/@monomind/cli/dist/src/services/worker-queue.js +594 -0
- package/packages/@monomind/cli/dist/src/swarm/communication-graph.d.ts +25 -0
- package/packages/@monomind/cli/dist/src/swarm/communication-graph.js +77 -0
- package/packages/@monomind/cli/dist/src/swarm/flow-enforcer.d.ts +31 -0
- package/packages/@monomind/cli/dist/src/swarm/flow-enforcer.js +61 -0
- package/packages/@monomind/cli/dist/src/swarm/flow-visualizer.d.ts +19 -0
- package/packages/@monomind/cli/dist/src/swarm/flow-visualizer.js +68 -0
- package/packages/@monomind/cli/dist/src/transfer/anonymization/index.d.ts +0 -3
- package/packages/@monomind/cli/dist/src/transfer/anonymization/index.js +16 -1
- package/packages/@monomind/cli/dist/src/transfer/deploy-seraphine.d.ts +13 -0
- package/packages/@monomind/cli/dist/src/transfer/deploy-seraphine.js +205 -0
- package/packages/@monomind/cli/dist/src/transfer/export.js +8 -0
- package/packages/@monomind/cli/dist/src/transfer/ipfs/upload.js +33 -3
- package/packages/@monomind/cli/dist/src/transfer/serialization/cfp.js +9 -3
- package/packages/@monomind/cli/dist/src/transfer/storage/gcs.js +37 -3
- package/packages/@monomind/cli/dist/src/transfer/store/discovery.js +45 -3
- package/packages/@monomind/cli/dist/src/transfer/store/download.js +5 -0
- package/packages/@monomind/cli/dist/src/transfer/store/publish.js +13 -1
- package/packages/@monomind/cli/dist/src/transfer/store/registry.d.ts +8 -0
- package/packages/@monomind/cli/dist/src/transfer/store/registry.js +30 -5
- package/packages/@monomind/cli/dist/src/transfer/store/search.js +20 -5
- package/packages/@monomind/cli/dist/src/transfer/store/tests/standalone-test.d.ts +12 -0
- package/packages/@monomind/cli/dist/src/transfer/store/tests/standalone-test.js +190 -0
- package/packages/@monomind/cli/dist/src/transfer/test-seraphine.d.ts +6 -0
- package/packages/@monomind/cli/dist/src/transfer/test-seraphine.js +105 -0
- package/packages/@monomind/cli/dist/src/transfer/tests/test-store.d.ts +7 -0
- package/packages/@monomind/cli/dist/src/transfer/tests/test-store.js +214 -0
- package/packages/@monomind/cli/dist/src/update/checker.js +59 -7
- package/packages/@monomind/cli/dist/src/update/executor.js +50 -3
- package/packages/@monomind/cli/dist/src/update/index.js +18 -1
- package/packages/@monomind/cli/dist/src/update/rate-limiter.d.ts +6 -0
- package/packages/@monomind/cli/dist/src/update/rate-limiter.js +79 -7
- package/packages/@monomind/cli/dist/src/update/validator.js +52 -1
- package/packages/@monomind/cli/dist/src/workflow/condition-evaluator.d.ts +10 -0
- package/packages/@monomind/cli/dist/src/workflow/condition-evaluator.js +82 -0
- package/packages/@monomind/cli/dist/src/workflow/context-resolver.d.ts +12 -0
- package/packages/@monomind/cli/dist/src/workflow/context-resolver.js +23 -0
- package/packages/@monomind/cli/dist/src/workflow/dag-builder.d.ts +17 -0
- package/packages/@monomind/cli/dist/src/workflow/dag-builder.js +129 -0
- package/packages/@monomind/cli/dist/src/workflow/dag-executor.d.ts +9 -0
- package/packages/@monomind/cli/dist/src/workflow/dag-executor.js +116 -0
- package/packages/@monomind/cli/dist/src/workflow/dag-types.d.ts +41 -0
- package/packages/@monomind/cli/dist/src/workflow/dag-types.js +8 -0
- package/packages/@monomind/cli/dist/src/workflow/dsl-parser.d.ts +12 -0
- package/packages/@monomind/cli/dist/src/workflow/dsl-parser.js +20 -0
- package/packages/@monomind/cli/dist/src/workflow/dsl-schema.d.ts +165 -0
- package/packages/@monomind/cli/dist/src/workflow/dsl-schema.js +82 -0
- package/packages/@monomind/cli/dist/src/workflow/index.d.ts +13 -0
- package/packages/@monomind/cli/dist/src/workflow/index.js +11 -0
- package/packages/@monomind/cli/dist/src/workflow/template-engine.d.ts +11 -0
- package/packages/@monomind/cli/dist/src/workflow/template-engine.js +40 -0
- package/packages/@monomind/cli/dist/src/workflow/workflow-executor.d.ts +29 -0
- package/packages/@monomind/cli/dist/src/workflow/workflow-executor.js +227 -0
- package/packages/@monomind/cli/package.json +9 -10
- package/packages/@monomind/guidance/dist/adversarial.d.ts +284 -0
- package/packages/@monomind/guidance/dist/adversarial.js +572 -0
- package/packages/@monomind/guidance/dist/analyzer.d.ts +530 -0
- package/packages/@monomind/guidance/dist/analyzer.js +2518 -0
- package/packages/@monomind/guidance/dist/artifacts.d.ts +283 -0
- package/packages/@monomind/guidance/dist/artifacts.js +356 -0
- package/packages/@monomind/guidance/dist/authority.d.ts +290 -0
- package/packages/@monomind/guidance/dist/authority.js +558 -0
- package/packages/@monomind/guidance/dist/capabilities.d.ts +209 -0
- package/packages/@monomind/guidance/dist/capabilities.js +485 -0
- package/packages/@monomind/guidance/dist/coherence.d.ts +233 -0
- package/packages/@monomind/guidance/dist/coherence.js +372 -0
- package/packages/@monomind/guidance/dist/compiler.d.ts +87 -0
- package/packages/@monomind/guidance/dist/compiler.js +419 -0
- package/packages/@monomind/guidance/dist/conformance-kit.d.ts +225 -0
- package/packages/@monomind/guidance/dist/conformance-kit.js +629 -0
- package/packages/@monomind/guidance/dist/continue-gate.d.ts +214 -0
- package/packages/@monomind/guidance/dist/continue-gate.js +353 -0
- package/packages/@monomind/guidance/dist/crypto-utils.d.ts +17 -0
- package/packages/@monomind/guidance/dist/crypto-utils.js +24 -0
- package/packages/@monomind/guidance/dist/evolution.d.ts +282 -0
- package/packages/@monomind/guidance/dist/evolution.js +500 -0
- package/packages/@monomind/guidance/dist/gates.d.ts +79 -0
- package/packages/@monomind/guidance/dist/gates.js +302 -0
- package/packages/@monomind/guidance/dist/gateway.d.ts +206 -0
- package/packages/@monomind/guidance/dist/gateway.js +452 -0
- package/packages/@monomind/guidance/dist/generators.d.ts +153 -0
- package/packages/@monomind/guidance/dist/generators.js +682 -0
- package/packages/@monomind/guidance/dist/headless.d.ts +177 -0
- package/packages/@monomind/guidance/dist/headless.js +342 -0
- package/packages/@monomind/guidance/dist/hooks.d.ts +109 -0
- package/packages/@monomind/guidance/dist/hooks.js +347 -0
- package/packages/@monomind/guidance/dist/index.d.ts +205 -0
- package/packages/@monomind/guidance/dist/index.js +321 -0
- package/packages/@monomind/guidance/dist/ledger.d.ts +162 -0
- package/packages/@monomind/guidance/dist/ledger.js +375 -0
- package/packages/@monomind/guidance/dist/manifest-validator.d.ts +289 -0
- package/packages/@monomind/guidance/dist/manifest-validator.js +838 -0
- package/packages/@monomind/guidance/dist/memory-gate.d.ts +222 -0
- package/packages/@monomind/guidance/dist/memory-gate.js +382 -0
- package/packages/@monomind/guidance/dist/meta-governance.d.ts +265 -0
- package/packages/@monomind/guidance/dist/meta-governance.js +348 -0
- package/packages/@monomind/guidance/dist/optimizer.d.ts +104 -0
- package/packages/@monomind/guidance/dist/optimizer.js +329 -0
- package/packages/@monomind/guidance/dist/persistence.d.ts +189 -0
- package/packages/@monomind/guidance/dist/persistence.js +464 -0
- package/packages/@monomind/guidance/dist/proof.d.ts +185 -0
- package/packages/@monomind/guidance/dist/proof.js +238 -0
- package/packages/@monomind/guidance/dist/retriever.d.ts +116 -0
- package/packages/@monomind/guidance/dist/retriever.js +394 -0
- package/packages/@monomind/guidance/dist/ruvbot-integration.d.ts +370 -0
- package/packages/@monomind/guidance/dist/ruvbot-integration.js +738 -0
- package/packages/@monomind/guidance/dist/temporal.d.ts +426 -0
- package/packages/@monomind/guidance/dist/temporal.js +658 -0
- package/packages/@monomind/guidance/dist/trust.d.ts +283 -0
- package/packages/@monomind/guidance/dist/trust.js +473 -0
- package/packages/@monomind/guidance/dist/truth-anchors.d.ts +276 -0
- package/packages/@monomind/guidance/dist/truth-anchors.js +488 -0
- package/packages/@monomind/guidance/dist/types.d.ts +378 -0
- package/packages/@monomind/guidance/dist/types.js +10 -0
- package/packages/@monomind/guidance/dist/uncertainty.d.ts +372 -0
- package/packages/@monomind/guidance/dist/uncertainty.js +619 -0
- package/packages/@monomind/guidance/dist/wasm-kernel.d.ts +48 -0
- package/packages/@monomind/guidance/dist/wasm-kernel.js +158 -0
|
@@ -106,9 +106,9 @@ const claimCommand = {
|
|
|
106
106
|
},
|
|
107
107
|
],
|
|
108
108
|
action: async (ctx) => {
|
|
109
|
-
const issueId = (ctx.flags.issue || ctx.args[0]);
|
|
110
|
-
const agentStr = ctx.flags.agent;
|
|
111
|
-
const userStr = ctx.flags.user;
|
|
109
|
+
const issueId = (ctx.flags.issue || ctx.args[0])?.slice(0, 256);
|
|
110
|
+
const agentStr = ctx.flags.agent?.slice(0, 256);
|
|
111
|
+
const userStr = ctx.flags.user?.slice(0, 256);
|
|
112
112
|
if (!issueId) {
|
|
113
113
|
output.printError('Issue ID is required');
|
|
114
114
|
return { success: false, exitCode: 1 };
|
|
@@ -120,13 +120,13 @@ const claimCommand = {
|
|
|
120
120
|
const claimant = agentStr
|
|
121
121
|
? {
|
|
122
122
|
type: 'agent',
|
|
123
|
-
agentType: agentStr.split(':')[0],
|
|
124
|
-
agentId: agentStr.split(':')[1] || `${agentStr.split(':')[0]}-1
|
|
123
|
+
agentType: agentStr.split(':')[0].slice(0, 64),
|
|
124
|
+
agentId: (agentStr.split(':')[1] || `${agentStr.split(':')[0]}-1`).slice(0, 128),
|
|
125
125
|
}
|
|
126
126
|
: {
|
|
127
127
|
type: 'human',
|
|
128
|
-
userId: userStr.split(':')[0],
|
|
129
|
-
name: userStr.split(':')[1] || userStr.split(':')[0],
|
|
128
|
+
userId: userStr.split(':')[0].slice(0, 128),
|
|
129
|
+
name: (userStr.split(':')[1] || userStr.split(':')[0]).slice(0, 128),
|
|
130
130
|
};
|
|
131
131
|
const service = getClaimService(ctx.cwd);
|
|
132
132
|
await service.initialize();
|
|
@@ -165,9 +165,9 @@ const releaseCommand = {
|
|
|
165
165
|
},
|
|
166
166
|
],
|
|
167
167
|
action: async (ctx) => {
|
|
168
|
-
const issueId = (ctx.flags.issue || ctx.args[0]);
|
|
169
|
-
const agentStr = ctx.flags.agent;
|
|
170
|
-
const userStr = ctx.flags.user;
|
|
168
|
+
const issueId = (ctx.flags.issue || ctx.args[0])?.slice(0, 256);
|
|
169
|
+
const agentStr = ctx.flags.agent?.slice(0, 256);
|
|
170
|
+
const userStr = ctx.flags.user?.slice(0, 256);
|
|
171
171
|
if (!issueId) {
|
|
172
172
|
output.printError('Issue ID is required');
|
|
173
173
|
return { success: false, exitCode: 1 };
|
|
@@ -179,13 +179,13 @@ const releaseCommand = {
|
|
|
179
179
|
const claimant = agentStr
|
|
180
180
|
? {
|
|
181
181
|
type: 'agent',
|
|
182
|
-
agentType: agentStr.split(':')[0],
|
|
183
|
-
agentId: agentStr.split(':')[1] || `${agentStr.split(':')[0]}-1
|
|
182
|
+
agentType: agentStr.split(':')[0].slice(0, 64),
|
|
183
|
+
agentId: (agentStr.split(':')[1] || `${agentStr.split(':')[0]}-1`).slice(0, 128),
|
|
184
184
|
}
|
|
185
185
|
: {
|
|
186
186
|
type: 'human',
|
|
187
|
-
userId: userStr.split(':')[0],
|
|
188
|
-
name: userStr.split(':')[1] || userStr.split(':')[0],
|
|
187
|
+
userId: userStr.split(':')[0].slice(0, 128),
|
|
188
|
+
name: (userStr.split(':')[1] || userStr.split(':')[0]).slice(0, 128),
|
|
189
189
|
};
|
|
190
190
|
const service = getClaimService(ctx.cwd);
|
|
191
191
|
await service.initialize();
|
|
@@ -210,10 +210,10 @@ const handoffCommand = {
|
|
|
210
210
|
{ name: 'reason', short: 'r', type: 'string', description: 'Handoff reason', default: 'Handoff requested' },
|
|
211
211
|
],
|
|
212
212
|
action: async (ctx) => {
|
|
213
|
-
const issueId = (ctx.flags.issue || ctx.args[0]);
|
|
214
|
-
const toStr = ctx.flags.to;
|
|
215
|
-
const fromStr = ctx.flags.from;
|
|
216
|
-
const reason = ctx.flags.reason;
|
|
213
|
+
const issueId = (ctx.flags.issue || ctx.args[0])?.slice(0, 256);
|
|
214
|
+
const toStr = ctx.flags.to?.slice(0, 256);
|
|
215
|
+
const fromStr = ctx.flags.from?.slice(0, 256);
|
|
216
|
+
const reason = (ctx.flags.reason || 'Handoff requested').slice(0, 512);
|
|
217
217
|
if (!issueId || !toStr) {
|
|
218
218
|
output.printError('Issue ID and --to are required');
|
|
219
219
|
return { success: false, exitCode: 1 };
|
|
@@ -257,7 +257,7 @@ const statusCommand = {
|
|
|
257
257
|
{ name: 'note', short: 'n', type: 'string', description: 'Status note' },
|
|
258
258
|
],
|
|
259
259
|
action: async (ctx) => {
|
|
260
|
-
const issueId = (ctx.flags.issue || ctx.args[0]);
|
|
260
|
+
const issueId = (ctx.flags.issue || ctx.args[0])?.slice(0, 256);
|
|
261
261
|
if (!issueId) {
|
|
262
262
|
output.printError('Issue ID is required');
|
|
263
263
|
return { success: false, exitCode: 1 };
|
|
@@ -265,8 +265,11 @@ const statusCommand = {
|
|
|
265
265
|
const service = getClaimService(ctx.cwd);
|
|
266
266
|
await service.initialize();
|
|
267
267
|
const newStatus = ctx.flags.set;
|
|
268
|
-
const
|
|
269
|
-
const
|
|
268
|
+
const rawProgress = ctx.flags.progress;
|
|
269
|
+
const progress = rawProgress !== undefined
|
|
270
|
+
? Math.max(0, Math.min(100, Math.floor(rawProgress)))
|
|
271
|
+
: undefined;
|
|
272
|
+
const note = ctx.flags.note?.slice(0, 512);
|
|
270
273
|
try {
|
|
271
274
|
if (newStatus) {
|
|
272
275
|
await service.updateStatus(issueId, newStatus, note);
|
|
@@ -301,7 +304,7 @@ const stealableCommand = {
|
|
|
301
304
|
{ name: 'type', short: 't', type: 'string', description: 'Filter by agent type' },
|
|
302
305
|
],
|
|
303
306
|
action: async (ctx) => {
|
|
304
|
-
const agentType = ctx.flags.type;
|
|
307
|
+
const agentType = ctx.flags.type?.slice(0, 64);
|
|
305
308
|
const service = getClaimService(ctx.cwd);
|
|
306
309
|
await service.initialize();
|
|
307
310
|
const stealable = await service.getStealable(agentType);
|
|
@@ -331,16 +334,16 @@ const stealCommand = {
|
|
|
331
334
|
{ name: 'agent', short: 'a', type: 'string', description: 'Steal as agent', required: true },
|
|
332
335
|
],
|
|
333
336
|
action: async (ctx) => {
|
|
334
|
-
const issueId = (ctx.flags.issue || ctx.args[0]);
|
|
335
|
-
const agentStr = ctx.flags.agent;
|
|
337
|
+
const issueId = (ctx.flags.issue || ctx.args[0])?.slice(0, 256);
|
|
338
|
+
const agentStr = (ctx.flags.agent || '').slice(0, 256);
|
|
336
339
|
if (!issueId) {
|
|
337
340
|
output.printError('Issue ID is required');
|
|
338
341
|
return { success: false, exitCode: 1 };
|
|
339
342
|
}
|
|
340
343
|
const stealer = {
|
|
341
344
|
type: 'agent',
|
|
342
|
-
agentType: agentStr.split(':')[0],
|
|
343
|
-
agentId: agentStr.split(':')[1] || `${agentStr.split(':')[0]}-1
|
|
345
|
+
agentType: agentStr.split(':')[0].slice(0, 64),
|
|
346
|
+
agentId: (agentStr.split(':')[1] || `${agentStr.split(':')[0]}-1`).slice(0, 128),
|
|
344
347
|
};
|
|
345
348
|
const service = getClaimService(ctx.cwd);
|
|
346
349
|
await service.initialize();
|
|
@@ -88,10 +88,15 @@ const startCommand = {
|
|
|
88
88
|
{ command: 'monomind mcp start -f', description: 'Force restart (kill existing)' }
|
|
89
89
|
],
|
|
90
90
|
action: async (ctx) => {
|
|
91
|
-
const
|
|
92
|
-
const
|
|
91
|
+
const rawPort = ctx.flags.port ?? 3000;
|
|
92
|
+
const port = Number.isFinite(rawPort) && rawPort >= 1 && rawPort <= 65535 ? Math.floor(rawPort) : 3000;
|
|
93
|
+
const rawHost = ctx.flags.host ?? 'localhost';
|
|
94
|
+
// Cap host length and reject control chars to prevent injection
|
|
95
|
+
const host = typeof rawHost === 'string' ? rawHost.slice(0, 253).replace(/[\x00-\x1f]/g, '') : 'localhost';
|
|
93
96
|
const transport = ctx.flags.transport ?? 'stdio';
|
|
94
|
-
const
|
|
97
|
+
const rawTools = ctx.flags.tools || 'all';
|
|
98
|
+
// Cap tools string to prevent DoS via oversized comma-separated lists
|
|
99
|
+
const tools = typeof rawTools === 'string' ? rawTools.slice(0, 2000) : 'all';
|
|
95
100
|
const daemon = ctx.flags.daemon ?? false;
|
|
96
101
|
const force = ctx.flags.force ?? false;
|
|
97
102
|
output.writeln();
|
|
@@ -599,14 +604,15 @@ const logsCommand = {
|
|
|
599
604
|
action: async (ctx) => {
|
|
600
605
|
const lines = ctx.flags.lines || 50;
|
|
601
606
|
// Try to find and read the actual log file
|
|
602
|
-
const { existsSync, readFileSync } = await import('fs');
|
|
607
|
+
const { existsSync, readFileSync, statSync } = await import('fs');
|
|
603
608
|
const { join } = await import('path');
|
|
609
|
+
const MAX_MCP_LOG_BYTES = 10 * 1024 * 1024; // 10 MB
|
|
604
610
|
const logPaths = [
|
|
605
611
|
join(ctx.cwd, '.monomind', 'logs', 'mcp-server.log'),
|
|
606
612
|
join(ctx.cwd, '.monomind', 'logs', 'daemon.log'),
|
|
607
613
|
join(ctx.cwd, '.monomind', 'mcp.log'),
|
|
608
614
|
];
|
|
609
|
-
const logFile = logPaths.find(p => existsSync(p));
|
|
615
|
+
const logFile = logPaths.find(p => existsSync(p) && statSync(p).size <= MAX_MCP_LOG_BYTES);
|
|
610
616
|
output.writeln();
|
|
611
617
|
output.writeln(output.bold('MCP Server Logs'));
|
|
612
618
|
output.writeln(output.dim('─'.repeat(50)));
|
|
@@ -511,6 +511,11 @@ const editCommand = {
|
|
|
511
511
|
output.printError(`File not found: ${filePath}`);
|
|
512
512
|
return { success: false, exitCode: 1 };
|
|
513
513
|
}
|
|
514
|
+
const MAX_MEMORY_FILE_BYTES = 50 * 1024 * 1024; // 50 MB
|
|
515
|
+
if (fs.statSync(filePath).size > MAX_MEMORY_FILE_BYTES) {
|
|
516
|
+
output.printError(`Memory file too large (> 50 MB): ${filePath}`);
|
|
517
|
+
return { success: false, exitCode: 1 };
|
|
518
|
+
}
|
|
514
519
|
let entries;
|
|
515
520
|
try {
|
|
516
521
|
const raw = fs.readFileSync(filePath, 'utf8');
|
|
@@ -763,6 +768,11 @@ const deleteCommand = {
|
|
|
763
768
|
output.printError(`File not found: ${filePath}`);
|
|
764
769
|
return { success: false, exitCode: 1 };
|
|
765
770
|
}
|
|
771
|
+
const MAX_MEMORY_FILE_BYTES = 50 * 1024 * 1024; // 50 MB
|
|
772
|
+
if (fs.statSync(filePath).size > MAX_MEMORY_FILE_BYTES) {
|
|
773
|
+
output.printError(`Memory file too large (> 50 MB): ${filePath}`);
|
|
774
|
+
return { success: false, exitCode: 1 };
|
|
775
|
+
}
|
|
766
776
|
let entries;
|
|
767
777
|
try {
|
|
768
778
|
const raw = fs.readFileSync(filePath, 'utf8');
|
|
@@ -47,7 +47,7 @@ const statusCommand = {
|
|
|
47
47
|
let hasV2Config = false;
|
|
48
48
|
let hasv1Config = false;
|
|
49
49
|
try {
|
|
50
|
-
if (fs.existsSync(v2ConfigPath)) {
|
|
50
|
+
if (fs.existsSync(v2ConfigPath) && fs.statSync(v2ConfigPath).size <= MAX_MIGRATE_FILE_BYTES) {
|
|
51
51
|
const raw = fs.readFileSync(v2ConfigPath, 'utf-8');
|
|
52
52
|
const parsed = JSON.parse(raw);
|
|
53
53
|
if (parsed.version === '2' || parsed.version === 2 || !parsed.version) {
|
|
@@ -110,7 +110,7 @@ const statusCommand = {
|
|
|
110
110
|
const migrationStatePath = path.join(cwd, '.monomind', 'migration-state.json');
|
|
111
111
|
let migrationState = null;
|
|
112
112
|
try {
|
|
113
|
-
if (fs.existsSync(migrationStatePath)) {
|
|
113
|
+
if (fs.existsSync(migrationStatePath) && fs.statSync(migrationStatePath).size <= MAX_MIGRATE_FILE_BYTES) {
|
|
114
114
|
const raw = fs.readFileSync(migrationStatePath, 'utf-8');
|
|
115
115
|
const parsed = JSON.parse(raw);
|
|
116
116
|
migrationState = parsed.status || 'unknown';
|
|
@@ -214,7 +214,7 @@ const runCommand = {
|
|
|
214
214
|
if (!target || target === 'config') {
|
|
215
215
|
const v2ConfigPath = path.join(cwd, 'monomind.config.json');
|
|
216
216
|
try {
|
|
217
|
-
if (fs.existsSync(v2ConfigPath)) {
|
|
217
|
+
if (fs.existsSync(v2ConfigPath) && fs.statSync(v2ConfigPath).size <= MAX_MIGRATE_FILE_BYTES) {
|
|
218
218
|
const raw = fs.readFileSync(v2ConfigPath, 'utf-8');
|
|
219
219
|
const parsed = JSON.parse(raw);
|
|
220
220
|
if (parsed.version === '2' || parsed.version === 2 || !parsed.version) {
|
|
@@ -415,7 +415,7 @@ const verifyCommand = {
|
|
|
415
415
|
// Check 1: Migration state file exists
|
|
416
416
|
let migrationState = null;
|
|
417
417
|
try {
|
|
418
|
-
if (fs.existsSync(migrationStatePath)) {
|
|
418
|
+
if (fs.existsSync(migrationStatePath) && fs.statSync(migrationStatePath).size <= MAX_MIGRATE_FILE_BYTES) {
|
|
419
419
|
const raw = fs.readFileSync(migrationStatePath, 'utf-8');
|
|
420
420
|
migrationState = JSON.parse(raw);
|
|
421
421
|
checks.push({ check: 'Migration state file', result: 'passed' });
|
|
@@ -432,7 +432,7 @@ const verifyCommand = {
|
|
|
432
432
|
// Check 2: v1 config exists and is valid JSON
|
|
433
433
|
const v1ConfigPath = path.join(v1Dir, 'config.json');
|
|
434
434
|
try {
|
|
435
|
-
if (fs.existsSync(v1ConfigPath)) {
|
|
435
|
+
if (fs.existsSync(v1ConfigPath) && fs.statSync(v1ConfigPath).size <= MAX_MIGRATE_FILE_BYTES) {
|
|
436
436
|
const raw = fs.readFileSync(v1ConfigPath, 'utf-8');
|
|
437
437
|
JSON.parse(raw); // validate JSON
|
|
438
438
|
checks.push({ check: 'v1 config (valid JSON)', result: 'passed' });
|
|
@@ -255,16 +255,27 @@ const searchCommand = {
|
|
|
255
255
|
{ command: 'monomind monograph search -q "pipeline" --mode semantic', description: 'Semantic (embedding) search' },
|
|
256
256
|
],
|
|
257
257
|
action: async (ctx) => {
|
|
258
|
-
const
|
|
259
|
-
const
|
|
260
|
-
const
|
|
261
|
-
const
|
|
258
|
+
const rawQuery = ctx.flags.query;
|
|
259
|
+
const rawLimit = parseInt(ctx.flags.limit || '15', 10);
|
|
260
|
+
const rawLabel = ctx.flags.label;
|
|
261
|
+
const rawMode = ctx.flags.mode ?? 'hybrid';
|
|
262
262
|
const root = resolve(ctx.flags.path ?? process.cwd());
|
|
263
263
|
const dbPath = getDbPath(root);
|
|
264
|
+
// Cap query to prevent SQLite FTS DoS from multi-MB query strings
|
|
265
|
+
const MAX_QUERY_LEN = 2048;
|
|
266
|
+
const query = typeof rawQuery === 'string' ? rawQuery.slice(0, MAX_QUERY_LEN) : '';
|
|
264
267
|
if (!query) {
|
|
265
268
|
output.printError('--query is required');
|
|
266
269
|
return { success: false, exitCode: 1 };
|
|
267
270
|
}
|
|
271
|
+
// Clamp limit to prevent huge result sets from causing OOM
|
|
272
|
+
const limit = isFinite(rawLimit) && rawLimit > 0 ? Math.min(rawLimit, 500) : 15;
|
|
273
|
+
// Validate mode to an explicit allowlist
|
|
274
|
+
const VALID_MODES = new Set(['bm25', 'semantic', 'hybrid']);
|
|
275
|
+
const mode = VALID_MODES.has(rawMode) ? rawMode : 'hybrid';
|
|
276
|
+
// Cap label to prevent oversized SQL filter values
|
|
277
|
+
const MAX_LABEL_LEN = 64;
|
|
278
|
+
const label = typeof rawLabel === 'string' ? rawLabel.slice(0, MAX_LABEL_LEN) : undefined;
|
|
268
279
|
if (!existsSync(dbPath)) {
|
|
269
280
|
output.printWarning('No knowledge graph found. Run: monomind monograph build');
|
|
270
281
|
return { success: false, exitCode: 1 };
|
|
@@ -345,7 +356,9 @@ const statsCommand = {
|
|
|
345
356
|
],
|
|
346
357
|
action: async (ctx) => {
|
|
347
358
|
const root = resolve(ctx.flags.path ?? process.cwd());
|
|
348
|
-
const
|
|
359
|
+
const rawTop = parseInt(ctx.flags.top || '10', 10);
|
|
360
|
+
// Clamp top-N to prevent arbitrarily large SQL LIMIT values
|
|
361
|
+
const top = isFinite(rawTop) && rawTop > 0 ? Math.min(rawTop, 200) : 10;
|
|
349
362
|
const dbPath = getDbPath(root);
|
|
350
363
|
if (!existsSync(dbPath)) {
|
|
351
364
|
output.printWarning('No knowledge graph found. Run: monomind monograph build');
|
|
@@ -461,7 +461,14 @@ const restoreSubcommand = {
|
|
|
461
461
|
output.printError(`File not found: ${inputPath}`);
|
|
462
462
|
return { success: false, exitCode: 1 };
|
|
463
463
|
}
|
|
464
|
-
// Read file
|
|
464
|
+
// Read file — check size first to avoid OOM on a runaway or corrupt file.
|
|
465
|
+
const fileSize = fs.statSync(inputPath).size;
|
|
466
|
+
const MAX_BACKUP_BYTES = 500 * 1024 * 1024; // 500 MB
|
|
467
|
+
if (fileSize > MAX_BACKUP_BYTES) {
|
|
468
|
+
spinner.fail('Backup file too large');
|
|
469
|
+
output.printError(`Backup file exceeds size limit (${formatBytes(fileSize)} > ${formatBytes(MAX_BACKUP_BYTES)})`);
|
|
470
|
+
return { success: false, exitCode: 1 };
|
|
471
|
+
}
|
|
465
472
|
let content;
|
|
466
473
|
if (inputPath.endsWith('.gz')) {
|
|
467
474
|
const zlib = await import('zlib');
|
|
@@ -473,7 +480,6 @@ const restoreSubcommand = {
|
|
|
473
480
|
else {
|
|
474
481
|
content = fs.readFileSync(inputPath, 'utf-8');
|
|
475
482
|
}
|
|
476
|
-
const fileSize = fs.statSync(inputPath).size;
|
|
477
483
|
spinner.succeed(`Read backup file (${formatBytes(fileSize)})`);
|
|
478
484
|
// Determine format
|
|
479
485
|
const isJson = content.trim().startsWith('{');
|
|
@@ -151,13 +151,26 @@ export const benchmarkCommand = {
|
|
|
151
151
|
],
|
|
152
152
|
action: async (ctx) => {
|
|
153
153
|
const config = getConnectionConfig(ctx);
|
|
154
|
-
|
|
155
|
-
const
|
|
156
|
-
const
|
|
157
|
-
const
|
|
158
|
-
const
|
|
159
|
-
|
|
160
|
-
const
|
|
154
|
+
// Clamp numeric inputs to safe ranges to prevent DoS via OOM
|
|
155
|
+
const numVectors = Math.min(Math.max(1, parseInt(ctx.flags.vectors || '10000', 10)), 1_000_000);
|
|
156
|
+
const dimensions = Math.min(Math.max(1, parseInt(ctx.flags.dimensions || '1536', 10)), 65536);
|
|
157
|
+
const numQueries = Math.min(Math.max(1, parseInt(ctx.flags.queries || '100', 10)), 10_000);
|
|
158
|
+
const topK = Math.min(Math.max(1, parseInt(ctx.flags.k || '10', 10)), 10_000);
|
|
159
|
+
// Validate metric and indexType against allowlists to prevent SQL injection
|
|
160
|
+
const VALID_METRICS = ['cosine', 'l2', 'inner'];
|
|
161
|
+
const VALID_INDEX_TYPES = ['hnsw', 'ivfflat', 'none'];
|
|
162
|
+
const rawMetric = ctx.flags.metric || 'cosine';
|
|
163
|
+
const rawIndexType = ctx.flags.index || 'hnsw';
|
|
164
|
+
const metric = VALID_METRICS.includes(rawMetric) ? rawMetric : 'cosine';
|
|
165
|
+
const indexType = VALID_INDEX_TYPES.includes(rawIndexType) ? rawIndexType : 'hnsw';
|
|
166
|
+
const batchSize = Math.min(Math.max(1, parseInt(ctx.flags['batch-size'] || '1000', 10)), 100_000);
|
|
167
|
+
// Validate schema identifier against safe pattern to prevent SQL injection
|
|
168
|
+
const rawSchema = config.schema || 'monomind';
|
|
169
|
+
if (!/^[a-zA-Z_][a-zA-Z0-9_]{0,62}$/.test(rawSchema)) {
|
|
170
|
+
output.printError('Invalid schema name. Only alphanumeric characters and underscores are allowed.');
|
|
171
|
+
return { success: false, exitCode: 1 };
|
|
172
|
+
}
|
|
173
|
+
config.schema = rawSchema;
|
|
161
174
|
const cleanup = ctx.flags.cleanup !== false;
|
|
162
175
|
output.writeln();
|
|
163
176
|
output.writeln(output.bold('MonoVector Performance Benchmark'));
|
|
@@ -184,6 +184,21 @@ export const importCommand = {
|
|
|
184
184
|
output.printError(`Input file not found: ${inputFile}`);
|
|
185
185
|
return { success: false, message: 'File not found' };
|
|
186
186
|
}
|
|
187
|
+
// Symlink guard: a symlink could redirect to /etc/passwd or a huge file.
|
|
188
|
+
// lstatSync checks the link itself, not the target — so symlinks are rejected
|
|
189
|
+
// regardless of what they point to (TOCTOU-safe for the check + read pair).
|
|
190
|
+
const lstat = fs.lstatSync(inputFile);
|
|
191
|
+
if (lstat.isSymbolicLink()) {
|
|
192
|
+
output.printError(`Symlinks are not allowed as input files: ${inputFile}`);
|
|
193
|
+
return { success: false, message: 'Symlink not allowed' };
|
|
194
|
+
}
|
|
195
|
+
// Size guard: without this, a user can pass a multi-GB file and exhaust the
|
|
196
|
+
// Node heap before JSON.parse ever runs, crashing the CLI with an OOM.
|
|
197
|
+
const MAX_IMPORT_FILE_BYTES = 50 * 1024 * 1024; // 50 MB
|
|
198
|
+
if (lstat.size > MAX_IMPORT_FILE_BYTES) {
|
|
199
|
+
output.printError(`Input file too large: ${inputFile} (max 50 MB)`);
|
|
200
|
+
return { success: false, message: 'Input file too large' };
|
|
201
|
+
}
|
|
187
202
|
try {
|
|
188
203
|
output.printInfo(`Reading: ${inputFile}`);
|
|
189
204
|
const content = fs.readFileSync(inputFile, 'utf-8');
|
|
@@ -130,10 +130,13 @@ const MIGRATIONS = [
|
|
|
130
130
|
`,
|
|
131
131
|
},
|
|
132
132
|
];
|
|
133
|
+
const IDENTIFIER_RE = /^[a-zA-Z_][a-zA-Z0-9_]{0,63}$/;
|
|
133
134
|
/**
|
|
134
135
|
* Get PostgreSQL connection config from context
|
|
135
136
|
*/
|
|
136
137
|
function getConnectionConfig(ctx) {
|
|
138
|
+
const rawSchema = ctx.flags.schema || 'monomind';
|
|
139
|
+
const schema = IDENTIFIER_RE.test(rawSchema) ? rawSchema : 'monomind';
|
|
137
140
|
return {
|
|
138
141
|
host: ctx.flags.host || process.env.PGHOST || 'localhost',
|
|
139
142
|
port: parseInt(ctx.flags.port || process.env.PGPORT || '5432', 10),
|
|
@@ -141,7 +144,7 @@ function getConnectionConfig(ctx) {
|
|
|
141
144
|
user: ctx.flags.user || process.env.PGUSER || 'postgres',
|
|
142
145
|
password: ctx.flags.password || process.env.PGPASSWORD || '',
|
|
143
146
|
ssl: ctx.flags.ssl || process.env.PGSSLMODE === 'require',
|
|
144
|
-
schema
|
|
147
|
+
schema,
|
|
145
148
|
};
|
|
146
149
|
}
|
|
147
150
|
/**
|
|
@@ -121,6 +121,17 @@ export const optimizeCommand = {
|
|
|
121
121
|
output.printError('Database name is required. Use --database or -d flag, or set PGDATABASE env.');
|
|
122
122
|
return { success: false, exitCode: 1 };
|
|
123
123
|
}
|
|
124
|
+
// Validate schema identifier to prevent SQL injection
|
|
125
|
+
const IDENT_RE = /^[a-zA-Z_][a-zA-Z0-9_]{0,62}$/;
|
|
126
|
+
if (!IDENT_RE.test(config.schema)) {
|
|
127
|
+
output.printError('Invalid schema name. Only alphanumeric characters and underscores are allowed.');
|
|
128
|
+
return { success: false, exitCode: 1 };
|
|
129
|
+
}
|
|
130
|
+
// Validate --index flag if provided
|
|
131
|
+
if (specificIndex !== undefined && !IDENT_RE.test(specificIndex)) {
|
|
132
|
+
output.printError('Invalid index name. Only alphanumeric characters and underscores are allowed.');
|
|
133
|
+
return { success: false, exitCode: 1 };
|
|
134
|
+
}
|
|
124
135
|
const spinner = output.createSpinner({ text: 'Connecting to PostgreSQL...', spinner: 'dots' });
|
|
125
136
|
spinner.start();
|
|
126
137
|
const recommendations = [];
|
|
@@ -685,13 +685,23 @@ export const setupCommand = {
|
|
|
685
685
|
{ command: 'monomind monovector setup --force', description: 'Overwrite existing files' },
|
|
686
686
|
],
|
|
687
687
|
action: async (ctx) => {
|
|
688
|
-
const
|
|
688
|
+
const rawOutputDir = ctx.flags.output || './monovector-postgres';
|
|
689
689
|
const printOnly = ctx.flags.print;
|
|
690
690
|
const force = ctx.flags.force;
|
|
691
691
|
output.writeln();
|
|
692
692
|
output.writeln(output.bold('MonoVector PostgreSQL Setup'));
|
|
693
693
|
output.writeln(output.dim('='.repeat(50)));
|
|
694
694
|
output.writeln();
|
|
695
|
+
// Guard against path traversal: resolve to absolute and ensure it stays within
|
|
696
|
+
// the current working directory or the user's home directory.
|
|
697
|
+
const resolvedOutput = path.resolve(rawOutputDir);
|
|
698
|
+
const safeBases = [process.cwd(), process.env.HOME || process.env.USERPROFILE || ''].filter(Boolean);
|
|
699
|
+
const withinSafeBase = safeBases.some(base => resolvedOutput.startsWith(base + path.sep) || resolvedOutput === base);
|
|
700
|
+
if (!withinSafeBase) {
|
|
701
|
+
output.printError(`Output path must be within the current directory or home directory: ${resolvedOutput}`);
|
|
702
|
+
return { success: false, exitCode: 1 };
|
|
703
|
+
}
|
|
704
|
+
const outputDir = resolvedOutput;
|
|
695
705
|
if (printOnly) {
|
|
696
706
|
// Print to stdout
|
|
697
707
|
output.writeln(output.bold('=== docker-compose.yml ==='));
|
|
@@ -940,7 +940,7 @@ const importCommand = {
|
|
|
940
940
|
}
|
|
941
941
|
const patternsFile = path.join(memoryDir, 'patterns.json');
|
|
942
942
|
let existingPatterns = [];
|
|
943
|
-
if (merge && fs.existsSync(patternsFile)) {
|
|
943
|
+
if (merge && fs.existsSync(patternsFile) && fs.statSync(patternsFile).size <= 50 * 1024 * 1024) {
|
|
944
944
|
existingPatterns = JSON.parse(fs.readFileSync(patternsFile, 'utf8'));
|
|
945
945
|
}
|
|
946
946
|
// Merge or replace
|
|
@@ -20,14 +20,18 @@ const benchmarkCommand = {
|
|
|
20
20
|
{ command: 'monomind performance benchmark -i 1000', description: 'Run with 1000 iterations' },
|
|
21
21
|
],
|
|
22
22
|
action: async (ctx) => {
|
|
23
|
-
const
|
|
23
|
+
const suiteRaw = ctx.flags.suite || 'all';
|
|
24
|
+
const VALID_SUITES = new Set(['all', 'wasm', 'neural', 'memory', 'search']);
|
|
25
|
+
const suite = VALID_SUITES.has(suiteRaw) ? suiteRaw : 'all';
|
|
24
26
|
const MAX_ITERATIONS = 10_000;
|
|
25
27
|
const MAX_WARMUP = 500;
|
|
26
28
|
const iterationsRaw = parseInt(ctx.flags.iterations || '100', 10);
|
|
27
29
|
const warmupRaw = parseInt(ctx.flags.warmup || '10', 10);
|
|
28
30
|
const iterations = Number.isFinite(iterationsRaw) ? Math.min(Math.max(1, iterationsRaw), MAX_ITERATIONS) : 100;
|
|
29
31
|
const warmup = Number.isFinite(warmupRaw) ? Math.min(Math.max(0, warmupRaw), MAX_WARMUP) : 10;
|
|
30
|
-
const
|
|
32
|
+
const outputFormatRaw = ctx.flags.output || 'text';
|
|
33
|
+
const VALID_OUTPUT_FORMATS = new Set(['text', 'json', 'csv']);
|
|
34
|
+
const outputFormat = VALID_OUTPUT_FORMATS.has(outputFormatRaw) ? outputFormatRaw : 'text';
|
|
31
35
|
output.writeln();
|
|
32
36
|
output.writeln(output.bold('Performance Benchmark (Real Measurements)'));
|
|
33
37
|
output.writeln(output.dim('─'.repeat(60)));
|
|
@@ -235,8 +239,11 @@ const profileCommand = {
|
|
|
235
239
|
{ command: 'monomind performance profile -d 60', description: 'Profile for 60 seconds' },
|
|
236
240
|
],
|
|
237
241
|
action: async (ctx) => {
|
|
238
|
-
const
|
|
239
|
-
const
|
|
242
|
+
const typeRaw = ctx.flags.type || 'all';
|
|
243
|
+
const VALID_PROFILE_TYPES = new Set(['cpu', 'memory', 'io', 'all']);
|
|
244
|
+
const type = VALID_PROFILE_TYPES.has(typeRaw) ? typeRaw : 'all';
|
|
245
|
+
const durationRaw = parseInt(ctx.flags.duration || '30', 10);
|
|
246
|
+
const duration = Number.isFinite(durationRaw) ? Math.min(Math.max(1, durationRaw), 300) : 30;
|
|
240
247
|
output.writeln();
|
|
241
248
|
output.writeln(output.bold('Performance Profiler'));
|
|
242
249
|
output.writeln(output.dim('─'.repeat(50)));
|
|
@@ -308,8 +315,12 @@ const metricsCommand = {
|
|
|
308
315
|
{ command: 'monomind performance metrics -f prometheus', description: 'Export as Prometheus format' },
|
|
309
316
|
],
|
|
310
317
|
action: async (ctx) => {
|
|
311
|
-
const
|
|
312
|
-
const
|
|
318
|
+
const timeframeRaw = ctx.flags.timeframe || '24h';
|
|
319
|
+
const VALID_TIMEFRAMES = new Set(['1h', '24h', '7d', '30d']);
|
|
320
|
+
const timeframe = VALID_TIMEFRAMES.has(timeframeRaw) ? timeframeRaw : '24h';
|
|
321
|
+
const formatRaw = ctx.flags.format || 'text';
|
|
322
|
+
const VALID_FORMATS = new Set(['text', 'json', 'prometheus']);
|
|
323
|
+
const format = VALID_FORMATS.has(formatRaw) ? formatRaw : 'text';
|
|
313
324
|
output.writeln();
|
|
314
325
|
output.writeln(output.bold(`Performance Metrics (${timeframe})`));
|
|
315
326
|
output.writeln(output.dim('─'.repeat(50)));
|
|
@@ -491,7 +502,9 @@ const optimizeCommand = {
|
|
|
491
502
|
{ command: 'monomind performance optimize --apply', description: 'Apply all optimizations' },
|
|
492
503
|
],
|
|
493
504
|
action: async (ctx) => {
|
|
494
|
-
const
|
|
505
|
+
const targetRaw = ctx.flags.target || 'all';
|
|
506
|
+
const VALID_TARGETS = new Set(['memory', 'cpu', 'latency', 'all']);
|
|
507
|
+
const target = VALID_TARGETS.has(targetRaw) ? targetRaw : 'all';
|
|
495
508
|
if (ctx.flags.apply) {
|
|
496
509
|
output.printWarning('Optimization application is not yet implemented. Showing recommendations only.');
|
|
497
510
|
}
|