monomind 1.11.13 → 1.12.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.claude/agents/generated/channel-intelligence-director.md +87 -0
- package/.claude/agents/generated/chief-growth-officer.md +88 -0
- package/.claude/agents/generated/content-seo-strategist.md +90 -0
- package/.claude/agents/generated/developer-community-strategist.md +91 -0
- package/.claude/agents/generated/outreach-partnership-strategist.md +90 -0
- package/.claude/agents/generated/social-media-strategist.md +91 -0
- package/.claude/agents/generated/video-visual-strategist.md +90 -0
- package/.claude/commands/mastermind/idea.md +1 -1
- package/.claude/helpers/auto-memory-hook.mjs +13 -4
- package/.claude/helpers/control-start.cjs +5 -0
- package/.claude/helpers/event-logger.cjs +114 -0
- package/.claude/helpers/handlers/adr-draft-handler.cjs +19 -5
- package/.claude/helpers/handlers/agent-start-handler.cjs +13 -4
- package/.claude/helpers/handlers/compact-handler.cjs +2 -0
- package/.claude/helpers/handlers/edit-handler.cjs +1 -1
- package/.claude/helpers/handlers/gates-handler.cjs +3 -0
- package/.claude/helpers/handlers/graph-status-handler.cjs +14 -8
- package/.claude/helpers/handlers/loops-status-handler.cjs +5 -2
- package/.claude/helpers/handlers/route-handler.cjs +13 -6
- package/.claude/helpers/handlers/session-handler.cjs +11 -4
- package/.claude/helpers/handlers/session-restore-handler.cjs +21 -11
- package/.claude/helpers/handlers/task-handler.cjs +13 -5
- package/.claude/helpers/intelligence.cjs +7 -2
- package/.claude/helpers/loop-tracker.cjs +15 -3
- package/.claude/helpers/memory.cjs +6 -1
- package/.claude/helpers/router.cjs +5 -2
- package/.claude/helpers/session.cjs +2 -0
- package/.claude/helpers/statusline.cjs +10 -2
- package/.claude/helpers/utils/micro-agents.cjs +20 -4
- package/.claude/scheduled_tasks.lock +1 -1
- package/.claude/settings.json +92 -1
- package/.claude/skills/mastermind/_protocol.md +23 -13
- package/.claude/skills/mastermind/architect.md +6 -9
- package/.claude/skills/mastermind/build.md +3 -3
- package/.claude/skills/mastermind/content.md +3 -3
- package/.claude/skills/mastermind/createorg.md +2 -2
- package/.claude/skills/mastermind/finance.md +3 -3
- package/.claude/skills/mastermind/idea.md +5 -3
- package/.claude/skills/mastermind/marketing.md +3 -3
- package/.claude/skills/mastermind/monitor.md +2 -2
- package/.claude/skills/mastermind/release.md +3 -3
- package/.claude/skills/mastermind/research.md +3 -3
- package/.claude/skills/mastermind/review.md +3 -3
- package/.claude/skills/mastermind/runorg.md +153 -86
- package/.claude/skills/mastermind/sales.md +3 -3
- package/README.md +286 -129
- package/package.json +19 -2
- package/packages/@monomind/cli/README.md +286 -129
- package/packages/@monomind/cli/bundled-graph/dist/src/build.js +73 -0
- package/packages/@monomind/cli/bundled-graph/dist/src/cluster.js +120 -0
- package/packages/@monomind/cli/bundled-graph/package.json +57 -0
- package/packages/@monomind/cli/dist/src/agents/halt-signal.d.ts +25 -0
- package/packages/@monomind/cli/dist/src/agents/halt-signal.js +76 -0
- package/packages/@monomind/cli/dist/src/agents/index.d.ts +18 -0
- package/packages/@monomind/cli/dist/src/agents/index.js +13 -0
- package/packages/@monomind/cli/dist/src/agents/managed-agent.d.ts +41 -0
- package/packages/@monomind/cli/dist/src/agents/managed-agent.js +69 -0
- package/packages/@monomind/cli/dist/src/agents/prompt-experiment.d.ts +23 -0
- package/packages/@monomind/cli/dist/src/agents/prompt-experiment.js +49 -0
- package/packages/@monomind/cli/dist/src/agents/prompt-version-manager.d.ts +22 -0
- package/packages/@monomind/cli/dist/src/agents/prompt-version-manager.js +80 -0
- package/packages/@monomind/cli/dist/src/agents/registry-builder.js +2 -0
- package/packages/@monomind/cli/dist/src/agents/registry-query.d.ts +71 -0
- package/packages/@monomind/cli/dist/src/agents/registry-query.js +125 -0
- package/packages/@monomind/cli/dist/src/agents/score-decay.d.ts +19 -0
- package/packages/@monomind/cli/dist/src/agents/score-decay.js +22 -0
- package/packages/@monomind/cli/dist/src/agents/shared-instructions-loader.d.ts +13 -0
- package/packages/@monomind/cli/dist/src/agents/shared-instructions-loader.js +40 -0
- package/packages/@monomind/cli/dist/src/agents/specialization-scorer.d.ts +54 -0
- package/packages/@monomind/cli/dist/src/agents/specialization-scorer.js +212 -0
- package/packages/@monomind/cli/dist/src/agents/termination-watcher.d.ts +30 -0
- package/packages/@monomind/cli/dist/src/agents/termination-watcher.js +84 -0
- package/packages/@monomind/cli/dist/src/agents/trigger-index.d.ts +20 -0
- package/packages/@monomind/cli/dist/src/agents/trigger-index.js +38 -0
- package/packages/@monomind/cli/dist/src/agents/trigger-scanner.d.ts +64 -0
- package/packages/@monomind/cli/dist/src/agents/trigger-scanner.js +308 -0
- package/packages/@monomind/cli/dist/src/agents/version-diff.d.ts +18 -0
- package/packages/@monomind/cli/dist/src/agents/version-diff.js +64 -0
- package/packages/@monomind/cli/dist/src/agents/version-store.d.ts +60 -0
- package/packages/@monomind/cli/dist/src/agents/version-store.js +235 -0
- package/packages/@monomind/cli/dist/src/autopilot-state.js +10 -5
- package/packages/@monomind/cli/dist/src/benchmarks/benchmark-runner.js +13 -0
- package/packages/@monomind/cli/dist/src/benchmarks/metric-evaluators.js +20 -9
- package/packages/@monomind/cli/dist/src/benchmarks/pretrain/index.d.ts +45 -0
- package/packages/@monomind/cli/dist/src/benchmarks/pretrain/index.js +404 -0
- package/packages/@monomind/cli/dist/src/browser/actions.js +10 -3
- package/packages/@monomind/cli/dist/src/browser/browser.js +12 -2
- package/packages/@monomind/cli/dist/src/browser/cdp.js +21 -3
- package/packages/@monomind/cli/dist/src/browser/har.js +27 -5
- package/packages/@monomind/cli/dist/src/commands/agent-wasm.d.ts +14 -0
- package/packages/@monomind/cli/dist/src/commands/agent-wasm.js +333 -0
- package/packages/@monomind/cli/dist/src/commands/agent.js +11 -8
- package/packages/@monomind/cli/dist/src/commands/analyze.js +36 -21
- package/packages/@monomind/cli/dist/src/commands/autopilot.js +12 -4
- package/packages/@monomind/cli/dist/src/commands/benchmark.js +51 -8
- package/packages/@monomind/cli/dist/src/commands/browse.js +5 -2
- package/packages/@monomind/cli/dist/src/commands/claims.js +29 -11
- package/packages/@monomind/cli/dist/src/commands/cleanup.js +25 -5
- package/packages/@monomind/cli/dist/src/commands/config.js +15 -7
- package/packages/@monomind/cli/dist/src/commands/daemon.js +6 -0
- package/packages/@monomind/cli/dist/src/commands/deployment.js +34 -19
- package/packages/@monomind/cli/dist/src/commands/doctor.js +151 -20
- package/packages/@monomind/cli/dist/src/commands/guidance.js +15 -2
- package/packages/@monomind/cli/dist/src/commands/hive-mind.js +37 -14
- package/packages/@monomind/cli/dist/src/commands/hooks.js +42 -25
- package/packages/@monomind/cli/dist/src/commands/init.js +9 -4
- package/packages/@monomind/cli/dist/src/commands/issues.js +29 -26
- package/packages/@monomind/cli/dist/src/commands/mcp.js +11 -5
- package/packages/@monomind/cli/dist/src/commands/memory.js +10 -0
- package/packages/@monomind/cli/dist/src/commands/migrate.js +5 -5
- package/packages/@monomind/cli/dist/src/commands/monograph.js +18 -5
- package/packages/@monomind/cli/dist/src/commands/monovector/backup.js +8 -2
- package/packages/@monomind/cli/dist/src/commands/monovector/benchmark.js +20 -7
- package/packages/@monomind/cli/dist/src/commands/monovector/import.js +15 -0
- package/packages/@monomind/cli/dist/src/commands/monovector/migrate.js +4 -1
- package/packages/@monomind/cli/dist/src/commands/monovector/optimize.js +11 -0
- package/packages/@monomind/cli/dist/src/commands/monovector/setup.js +11 -1
- package/packages/@monomind/cli/dist/src/commands/neural.js +1 -1
- package/packages/@monomind/cli/dist/src/commands/performance.js +20 -7
- package/packages/@monomind/cli/dist/src/commands/platforms.js +90 -8
- package/packages/@monomind/cli/dist/src/commands/plugins.js +12 -5
- package/packages/@monomind/cli/dist/src/commands/process.js +33 -10
- package/packages/@monomind/cli/dist/src/commands/progress.js +5 -3
- package/packages/@monomind/cli/dist/src/commands/providers.js +5 -5
- package/packages/@monomind/cli/dist/src/commands/replay.js +8 -2
- package/packages/@monomind/cli/dist/src/commands/route.js +27 -7
- package/packages/@monomind/cli/dist/src/commands/security.js +4 -0
- package/packages/@monomind/cli/dist/src/commands/session.js +12 -1
- package/packages/@monomind/cli/dist/src/commands/start.js +11 -4
- package/packages/@monomind/cli/dist/src/commands/status.js +7 -4
- package/packages/@monomind/cli/dist/src/commands/swarm.js +27 -13
- package/packages/@monomind/cli/dist/src/commands/task.js +26 -11
- package/packages/@monomind/cli/dist/src/commands/tokens.js +7 -2
- package/packages/@monomind/cli/dist/src/commands/transfer-store.js +36 -22
- package/packages/@monomind/cli/dist/src/commands/ui.js +68 -0
- package/packages/@monomind/cli/dist/src/commands/update.js +15 -3
- package/packages/@monomind/cli/dist/src/commands/workflow.js +39 -6
- package/packages/@monomind/cli/dist/src/consensus/audit-writer.js +18 -7
- package/packages/@monomind/cli/dist/src/consensus/index.d.ts +7 -0
- package/packages/@monomind/cli/dist/src/consensus/index.js +6 -0
- package/packages/@monomind/cli/dist/src/consensus/vote-signer.js +25 -8
- package/packages/@monomind/cli/dist/src/context/context-provider.d.ts +44 -0
- package/packages/@monomind/cli/dist/src/context/context-provider.js +25 -0
- package/packages/@monomind/cli/dist/src/context/git-state-provider.d.ts +12 -0
- package/packages/@monomind/cli/dist/src/context/git-state-provider.js +34 -0
- package/packages/@monomind/cli/dist/src/context/index.d.ts +12 -0
- package/packages/@monomind/cli/dist/src/context/index.js +12 -0
- package/packages/@monomind/cli/dist/src/context/project-conventions-provider.d.ts +15 -0
- package/packages/@monomind/cli/dist/src/context/project-conventions-provider.js +19 -0
- package/packages/@monomind/cli/dist/src/context/prompt-assembler.d.ts +26 -0
- package/packages/@monomind/cli/dist/src/context/prompt-assembler.js +93 -0
- package/packages/@monomind/cli/dist/src/context/task-history-provider.d.ts +24 -0
- package/packages/@monomind/cli/dist/src/context/task-history-provider.js +32 -0
- package/packages/@monomind/cli/dist/src/context/user-preferences-provider.d.ts +14 -0
- package/packages/@monomind/cli/dist/src/context/user-preferences-provider.js +27 -0
- package/packages/@monomind/cli/dist/src/dlq/dlq-reader.d.ts +31 -0
- package/packages/@monomind/cli/dist/src/dlq/dlq-reader.js +81 -0
- package/packages/@monomind/cli/dist/src/dlq/dlq-writer.d.ts +24 -0
- package/packages/@monomind/cli/dist/src/dlq/dlq-writer.js +65 -0
- package/packages/@monomind/cli/dist/src/dlq/index.d.ts +10 -0
- package/packages/@monomind/cli/dist/src/dlq/index.js +7 -0
- package/packages/@monomind/cli/dist/src/eval/dataset-manager.d.ts +33 -0
- package/packages/@monomind/cli/dist/src/eval/dataset-manager.js +107 -0
- package/packages/@monomind/cli/dist/src/eval/dataset-runner.d.ts +23 -0
- package/packages/@monomind/cli/dist/src/eval/dataset-runner.js +59 -0
- package/packages/@monomind/cli/dist/src/eval/index.d.ts +10 -0
- package/packages/@monomind/cli/dist/src/eval/index.js +7 -0
- package/packages/@monomind/cli/dist/src/eval/trace-collector.d.ts +40 -0
- package/packages/@monomind/cli/dist/src/eval/trace-collector.js +102 -0
- package/packages/@monomind/cli/dist/src/index.js +7 -3
- package/packages/@monomind/cli/dist/src/infrastructure/in-memory-repositories.d.ts +68 -0
- package/packages/@monomind/cli/dist/src/infrastructure/in-memory-repositories.js +264 -0
- package/packages/@monomind/cli/dist/src/init/executor.js +14 -11
- package/packages/@monomind/cli/dist/src/init/shared-instructions-generator.js +20 -4
- package/packages/@monomind/cli/dist/src/init/statusline-generator.js +33 -12
- package/packages/@monomind/cli/dist/src/interactive/interrupt.d.ts +22 -0
- package/packages/@monomind/cli/dist/src/interactive/interrupt.js +71 -0
- package/packages/@monomind/cli/dist/src/mcp/deprecation-injector.d.ts +25 -0
- package/packages/@monomind/cli/dist/src/mcp/deprecation-injector.js +48 -0
- package/packages/@monomind/cli/dist/src/mcp/tool-registry.d.ts +61 -0
- package/packages/@monomind/cli/dist/src/mcp/tool-registry.js +246 -0
- package/packages/@monomind/cli/dist/src/mcp-tools/a2a-tools.js +98 -13
- package/packages/@monomind/cli/dist/src/mcp-tools/agent-tools.js +16 -3
- package/packages/@monomind/cli/dist/src/mcp-tools/analyze-tools.js +80 -17
- package/packages/@monomind/cli/dist/src/mcp-tools/browser-tools.js +84 -22
- package/packages/@monomind/cli/dist/src/mcp-tools/claims-tools.js +35 -7
- package/packages/@monomind/cli/dist/src/mcp-tools/config-tools.js +82 -17
- package/packages/@monomind/cli/dist/src/mcp-tools/coordination-tools.js +37 -4
- package/packages/@monomind/cli/dist/src/mcp-tools/daa-tools.js +49 -7
- package/packages/@monomind/cli/dist/src/mcp-tools/embeddings-tools.js +45 -18
- package/packages/@monomind/cli/dist/src/mcp-tools/github-tools.js +75 -25
- package/packages/@monomind/cli/dist/src/mcp-tools/guidance-tools.js +32 -10
- package/packages/@monomind/cli/dist/src/mcp-tools/hive-mind-tools.js +91 -20
- package/packages/@monomind/cli/dist/src/mcp-tools/hooks-tools.js +188 -29
- package/packages/@monomind/cli/dist/src/mcp-tools/memory-tools.js +25 -7
- package/packages/@monomind/cli/dist/src/mcp-tools/monograph-compat.js +11 -2
- package/packages/@monomind/cli/dist/src/mcp-tools/monograph-tools.js +148 -26
- package/packages/@monomind/cli/dist/src/mcp-tools/neural-tools.js +44 -9
- package/packages/@monomind/cli/dist/src/mcp-tools/performance-tools.js +45 -10
- package/packages/@monomind/cli/dist/src/mcp-tools/progress-tools.js +7 -4
- package/packages/@monomind/cli/dist/src/mcp-tools/request-tracker.js +15 -1
- package/packages/@monomind/cli/dist/src/mcp-tools/security-tools.js +61 -9
- package/packages/@monomind/cli/dist/src/mcp-tools/session-tools.js +45 -14
- package/packages/@monomind/cli/dist/src/mcp-tools/swarm-tools.js +15 -3
- package/packages/@monomind/cli/dist/src/mcp-tools/system-tools.js +14 -7
- package/packages/@monomind/cli/dist/src/mcp-tools/task-tools.js +52 -10
- package/packages/@monomind/cli/dist/src/mcp-tools/terminal-tools.js +40 -6
- package/packages/@monomind/cli/dist/src/mcp-tools/transfer-tools.js +37 -4
- package/packages/@monomind/cli/dist/src/mcp-tools/wasm-agent-tools.d.ts +9 -0
- package/packages/@monomind/cli/dist/src/mcp-tools/wasm-agent-tools.js +230 -0
- package/packages/@monomind/cli/dist/src/mcp-tools/workflow-tools.js +29 -6
- package/packages/@monomind/cli/dist/src/memory/ewc-consolidation.js +26 -10
- package/packages/@monomind/cli/dist/src/memory/intelligence.js +80 -19
- package/packages/@monomind/cli/dist/src/memory/memory-bridge.js +21 -2
- package/packages/@monomind/cli/dist/src/memory/memory-initializer.js +67 -3
- package/packages/@monomind/cli/dist/src/memory/sona-optimizer.js +14 -4
- package/packages/@monomind/cli/dist/src/model/complexity-scorer.d.ts +21 -0
- package/packages/@monomind/cli/dist/src/model/complexity-scorer.js +106 -0
- package/packages/@monomind/cli/dist/src/model/index.d.ts +4 -0
- package/packages/@monomind/cli/dist/src/model/index.js +4 -0
- package/packages/@monomind/cli/dist/src/model/model-settings.d.ts +22 -0
- package/packages/@monomind/cli/dist/src/model/model-settings.js +33 -0
- package/packages/@monomind/cli/dist/src/model/model-tier-resolver.d.ts +24 -0
- package/packages/@monomind/cli/dist/src/model/model-tier-resolver.js +65 -0
- package/packages/@monomind/cli/dist/src/monovector/capabilities.d.ts +34 -0
- package/packages/@monomind/cli/dist/src/monovector/capabilities.js +37 -0
- package/packages/@monomind/cli/dist/src/monovector/command-outcomes.js +43 -7
- package/packages/@monomind/cli/dist/src/monovector/coverage-router.js +8 -4
- package/packages/@monomind/cli/dist/src/monovector/coverage-tools.js +6 -3
- package/packages/@monomind/cli/dist/src/monovector/diff-classifier.js +13 -0
- package/packages/@monomind/cli/dist/src/monovector/route-outcomes.d.ts +2 -1
- package/packages/@monomind/cli/dist/src/monovector/route-outcomes.js +46 -4
- package/packages/@monomind/cli/dist/src/observability/replay-reader.d.ts +1 -1
- package/packages/@monomind/cli/dist/src/orchestration/index.d.ts +7 -0
- package/packages/@monomind/cli/dist/src/orchestration/index.js +6 -0
- package/packages/@monomind/cli/dist/src/orchestration/mode-dispatcher.d.ts +11 -0
- package/packages/@monomind/cli/dist/src/orchestration/mode-dispatcher.js +31 -0
- package/packages/@monomind/cli/dist/src/orchestration/routing-modes.d.ts +68 -0
- package/packages/@monomind/cli/dist/src/orchestration/routing-modes.js +180 -0
- package/packages/@monomind/cli/dist/src/plugins/manager.js +8 -3
- package/packages/@monomind/cli/dist/src/plugins/store/discovery.js +46 -2
- package/packages/@monomind/cli/dist/src/plugins/store/search.js +5 -4
- package/packages/@monomind/cli/dist/src/plugins/tests/demo-plugin-store.d.ts +7 -0
- package/packages/@monomind/cli/dist/src/plugins/tests/demo-plugin-store.js +126 -0
- package/packages/@monomind/cli/dist/src/plugins/tests/standalone-test.d.ts +12 -0
- package/packages/@monomind/cli/dist/src/plugins/tests/standalone-test.js +188 -0
- package/packages/@monomind/cli/dist/src/plugins/tests/test-plugin-store.d.ts +7 -0
- package/packages/@monomind/cli/dist/src/plugins/tests/test-plugin-store.js +206 -0
- package/packages/@monomind/cli/dist/src/production/circuit-breaker.js +17 -3
- package/packages/@monomind/cli/dist/src/production/error-handler.js +3 -0
- package/packages/@monomind/cli/dist/src/production/monitoring.js +20 -3
- package/packages/@monomind/cli/dist/src/production/rate-limiter.js +13 -4
- package/packages/@monomind/cli/dist/src/production/retry.js +17 -9
- package/packages/@monomind/cli/dist/src/routing/embed-worker.js +6 -2
- package/packages/@monomind/cli/dist/src/routing/embedder.js +0 -0
- package/packages/@monomind/cli/dist/src/routing/llm-caller.js +13 -2
- package/packages/@monomind/cli/dist/src/routing/route-layer-factory.js +18 -3
- package/packages/@monomind/cli/dist/src/runtime/headless.d.ts +60 -0
- package/packages/@monomind/cli/dist/src/runtime/headless.js +284 -0
- package/packages/@monomind/cli/dist/src/services/agentic-flow-bridge.d.ts +50 -0
- package/packages/@monomind/cli/dist/src/services/agentic-flow-bridge.js +95 -0
- package/packages/@monomind/cli/dist/src/services/claim-service.d.ts +1 -0
- package/packages/@monomind/cli/dist/src/services/claim-service.js +8 -0
- package/packages/@monomind/cli/dist/src/services/config-file-manager.js +14 -2
- package/packages/@monomind/cli/dist/src/services/container-worker-pool.d.ts +197 -0
- package/packages/@monomind/cli/dist/src/services/container-worker-pool.js +623 -0
- package/packages/@monomind/cli/dist/src/services/headless-worker-executor.js +18 -2
- package/packages/@monomind/cli/dist/src/services/index.d.ts +13 -0
- package/packages/@monomind/cli/dist/src/services/index.js +11 -0
- package/packages/@monomind/cli/dist/src/services/worker-daemon.js +53 -12
- package/packages/@monomind/cli/dist/src/services/worker-queue.d.ts +201 -0
- package/packages/@monomind/cli/dist/src/services/worker-queue.js +594 -0
- package/packages/@monomind/cli/dist/src/swarm/communication-graph.d.ts +25 -0
- package/packages/@monomind/cli/dist/src/swarm/communication-graph.js +77 -0
- package/packages/@monomind/cli/dist/src/swarm/flow-enforcer.d.ts +31 -0
- package/packages/@monomind/cli/dist/src/swarm/flow-enforcer.js +61 -0
- package/packages/@monomind/cli/dist/src/swarm/flow-visualizer.d.ts +19 -0
- package/packages/@monomind/cli/dist/src/swarm/flow-visualizer.js +68 -0
- package/packages/@monomind/cli/dist/src/transfer/anonymization/index.d.ts +0 -3
- package/packages/@monomind/cli/dist/src/transfer/anonymization/index.js +16 -1
- package/packages/@monomind/cli/dist/src/transfer/deploy-seraphine.d.ts +13 -0
- package/packages/@monomind/cli/dist/src/transfer/deploy-seraphine.js +205 -0
- package/packages/@monomind/cli/dist/src/transfer/export.js +8 -0
- package/packages/@monomind/cli/dist/src/transfer/ipfs/upload.js +33 -3
- package/packages/@monomind/cli/dist/src/transfer/serialization/cfp.js +9 -3
- package/packages/@monomind/cli/dist/src/transfer/storage/gcs.js +37 -3
- package/packages/@monomind/cli/dist/src/transfer/store/discovery.js +45 -3
- package/packages/@monomind/cli/dist/src/transfer/store/download.js +5 -0
- package/packages/@monomind/cli/dist/src/transfer/store/publish.js +13 -1
- package/packages/@monomind/cli/dist/src/transfer/store/registry.d.ts +8 -0
- package/packages/@monomind/cli/dist/src/transfer/store/registry.js +30 -5
- package/packages/@monomind/cli/dist/src/transfer/store/search.js +20 -5
- package/packages/@monomind/cli/dist/src/transfer/store/tests/standalone-test.d.ts +12 -0
- package/packages/@monomind/cli/dist/src/transfer/store/tests/standalone-test.js +190 -0
- package/packages/@monomind/cli/dist/src/transfer/test-seraphine.d.ts +6 -0
- package/packages/@monomind/cli/dist/src/transfer/test-seraphine.js +105 -0
- package/packages/@monomind/cli/dist/src/transfer/tests/test-store.d.ts +7 -0
- package/packages/@monomind/cli/dist/src/transfer/tests/test-store.js +214 -0
- package/packages/@monomind/cli/dist/src/update/checker.js +59 -7
- package/packages/@monomind/cli/dist/src/update/executor.js +50 -3
- package/packages/@monomind/cli/dist/src/update/index.js +18 -1
- package/packages/@monomind/cli/dist/src/update/rate-limiter.d.ts +6 -0
- package/packages/@monomind/cli/dist/src/update/rate-limiter.js +79 -7
- package/packages/@monomind/cli/dist/src/update/validator.js +52 -1
- package/packages/@monomind/cli/dist/src/workflow/condition-evaluator.d.ts +10 -0
- package/packages/@monomind/cli/dist/src/workflow/condition-evaluator.js +82 -0
- package/packages/@monomind/cli/dist/src/workflow/context-resolver.d.ts +12 -0
- package/packages/@monomind/cli/dist/src/workflow/context-resolver.js +23 -0
- package/packages/@monomind/cli/dist/src/workflow/dag-builder.d.ts +17 -0
- package/packages/@monomind/cli/dist/src/workflow/dag-builder.js +129 -0
- package/packages/@monomind/cli/dist/src/workflow/dag-executor.d.ts +9 -0
- package/packages/@monomind/cli/dist/src/workflow/dag-executor.js +116 -0
- package/packages/@monomind/cli/dist/src/workflow/dag-types.d.ts +41 -0
- package/packages/@monomind/cli/dist/src/workflow/dag-types.js +8 -0
- package/packages/@monomind/cli/dist/src/workflow/dsl-parser.d.ts +12 -0
- package/packages/@monomind/cli/dist/src/workflow/dsl-parser.js +20 -0
- package/packages/@monomind/cli/dist/src/workflow/dsl-schema.d.ts +165 -0
- package/packages/@monomind/cli/dist/src/workflow/dsl-schema.js +82 -0
- package/packages/@monomind/cli/dist/src/workflow/index.d.ts +13 -0
- package/packages/@monomind/cli/dist/src/workflow/index.js +11 -0
- package/packages/@monomind/cli/dist/src/workflow/template-engine.d.ts +11 -0
- package/packages/@monomind/cli/dist/src/workflow/template-engine.js +40 -0
- package/packages/@monomind/cli/dist/src/workflow/workflow-executor.d.ts +29 -0
- package/packages/@monomind/cli/dist/src/workflow/workflow-executor.js +227 -0
- package/packages/@monomind/cli/package.json +9 -10
- package/packages/@monomind/guidance/dist/adversarial.d.ts +284 -0
- package/packages/@monomind/guidance/dist/adversarial.js +572 -0
- package/packages/@monomind/guidance/dist/analyzer.d.ts +530 -0
- package/packages/@monomind/guidance/dist/analyzer.js +2518 -0
- package/packages/@monomind/guidance/dist/artifacts.d.ts +283 -0
- package/packages/@monomind/guidance/dist/artifacts.js +356 -0
- package/packages/@monomind/guidance/dist/authority.d.ts +290 -0
- package/packages/@monomind/guidance/dist/authority.js +558 -0
- package/packages/@monomind/guidance/dist/capabilities.d.ts +209 -0
- package/packages/@monomind/guidance/dist/capabilities.js +485 -0
- package/packages/@monomind/guidance/dist/coherence.d.ts +233 -0
- package/packages/@monomind/guidance/dist/coherence.js +372 -0
- package/packages/@monomind/guidance/dist/compiler.d.ts +87 -0
- package/packages/@monomind/guidance/dist/compiler.js +419 -0
- package/packages/@monomind/guidance/dist/conformance-kit.d.ts +225 -0
- package/packages/@monomind/guidance/dist/conformance-kit.js +629 -0
- package/packages/@monomind/guidance/dist/continue-gate.d.ts +214 -0
- package/packages/@monomind/guidance/dist/continue-gate.js +353 -0
- package/packages/@monomind/guidance/dist/crypto-utils.d.ts +17 -0
- package/packages/@monomind/guidance/dist/crypto-utils.js +24 -0
- package/packages/@monomind/guidance/dist/evolution.d.ts +282 -0
- package/packages/@monomind/guidance/dist/evolution.js +500 -0
- package/packages/@monomind/guidance/dist/gates.d.ts +79 -0
- package/packages/@monomind/guidance/dist/gates.js +302 -0
- package/packages/@monomind/guidance/dist/gateway.d.ts +206 -0
- package/packages/@monomind/guidance/dist/gateway.js +452 -0
- package/packages/@monomind/guidance/dist/generators.d.ts +153 -0
- package/packages/@monomind/guidance/dist/generators.js +682 -0
- package/packages/@monomind/guidance/dist/headless.d.ts +177 -0
- package/packages/@monomind/guidance/dist/headless.js +342 -0
- package/packages/@monomind/guidance/dist/hooks.d.ts +109 -0
- package/packages/@monomind/guidance/dist/hooks.js +347 -0
- package/packages/@monomind/guidance/dist/index.d.ts +205 -0
- package/packages/@monomind/guidance/dist/index.js +321 -0
- package/packages/@monomind/guidance/dist/ledger.d.ts +162 -0
- package/packages/@monomind/guidance/dist/ledger.js +375 -0
- package/packages/@monomind/guidance/dist/manifest-validator.d.ts +289 -0
- package/packages/@monomind/guidance/dist/manifest-validator.js +838 -0
- package/packages/@monomind/guidance/dist/memory-gate.d.ts +222 -0
- package/packages/@monomind/guidance/dist/memory-gate.js +382 -0
- package/packages/@monomind/guidance/dist/meta-governance.d.ts +265 -0
- package/packages/@monomind/guidance/dist/meta-governance.js +348 -0
- package/packages/@monomind/guidance/dist/optimizer.d.ts +104 -0
- package/packages/@monomind/guidance/dist/optimizer.js +329 -0
- package/packages/@monomind/guidance/dist/persistence.d.ts +189 -0
- package/packages/@monomind/guidance/dist/persistence.js +464 -0
- package/packages/@monomind/guidance/dist/proof.d.ts +185 -0
- package/packages/@monomind/guidance/dist/proof.js +238 -0
- package/packages/@monomind/guidance/dist/retriever.d.ts +116 -0
- package/packages/@monomind/guidance/dist/retriever.js +394 -0
- package/packages/@monomind/guidance/dist/ruvbot-integration.d.ts +370 -0
- package/packages/@monomind/guidance/dist/ruvbot-integration.js +738 -0
- package/packages/@monomind/guidance/dist/temporal.d.ts +426 -0
- package/packages/@monomind/guidance/dist/temporal.js +658 -0
- package/packages/@monomind/guidance/dist/trust.d.ts +283 -0
- package/packages/@monomind/guidance/dist/trust.js +473 -0
- package/packages/@monomind/guidance/dist/truth-anchors.d.ts +276 -0
- package/packages/@monomind/guidance/dist/truth-anchors.js +488 -0
- package/packages/@monomind/guidance/dist/types.d.ts +378 -0
- package/packages/@monomind/guidance/dist/types.js +10 -0
- package/packages/@monomind/guidance/dist/uncertainty.d.ts +372 -0
- package/packages/@monomind/guidance/dist/uncertainty.js +619 -0
- package/packages/@monomind/guidance/dist/wasm-kernel.d.ts +48 -0
- package/packages/@monomind/guidance/dist/wasm-kernel.js +158 -0
|
@@ -4,8 +4,8 @@
|
|
|
4
4
|
*
|
|
5
5
|
* github.com/monoes/monomind
|
|
6
6
|
*/
|
|
7
|
-
import { existsSync, writeFileSync, mkdirSync, readFileSync } from 'fs';
|
|
8
|
-
import { join, dirname } from 'path';
|
|
7
|
+
import { existsSync, writeFileSync, mkdirSync, readFileSync, statSync } from 'fs';
|
|
8
|
+
import { join, dirname, resolve } from 'path';
|
|
9
9
|
import { output } from '../output.js';
|
|
10
10
|
export const SUPPORTED_PLATFORMS = [
|
|
11
11
|
'claude', 'gemini', 'cursor', 'vscode', 'copilot',
|
|
@@ -43,15 +43,63 @@ Graph is at \`.monomind/monograph.db\`. Rebuild with: \`npx monograph build\`
|
|
|
43
43
|
${MONOMIND_BLOCK_END}
|
|
44
44
|
`;
|
|
45
45
|
}
|
|
46
|
+
/**
|
|
47
|
+
* Maximum size for a platform config file we will read or append to.
|
|
48
|
+
* Platform config files (CLAUDE.md, .cursorrules, etc.) are never legitimately
|
|
49
|
+
* larger than a few hundred KB — a 1 MB cap prevents OOM when the flag points
|
|
50
|
+
* at an enormous file such as a binary or a DB dump.
|
|
51
|
+
*/
|
|
52
|
+
const MAX_CONFIG_FILE_BYTES = 1 * 1024 * 1024; // 1 MB
|
|
53
|
+
/**
|
|
54
|
+
* Resolve and validate the user-supplied --path flag.
|
|
55
|
+
*
|
|
56
|
+
* SECURITY: the flag is attacker-controlled. Without validation an adversary can
|
|
57
|
+
* pass --path /etc to overwrite system files, or --path "../../.." to escape
|
|
58
|
+
* the project. We resolve to an absolute path and reject anything that isn't
|
|
59
|
+
* a directory (or doesn't exist yet under a parent that does exist).
|
|
60
|
+
* We do NOT further restrict the path to cwd because a legitimate use case is
|
|
61
|
+
* "install into another repo at an absolute path", but we do require the
|
|
62
|
+
* resolved path to be a directory (or the parent to exist) so that the caller
|
|
63
|
+
* cannot aim the flag at a file.
|
|
64
|
+
*/
|
|
65
|
+
function resolveRepoPath(rawPath) {
|
|
66
|
+
// Prevent shell-injection via null bytes or unusual separators
|
|
67
|
+
if (rawPath.includes('\0'))
|
|
68
|
+
throw new Error('Invalid path: contains null byte');
|
|
69
|
+
const resolved = resolve(rawPath);
|
|
70
|
+
// If the path exists it must be a directory
|
|
71
|
+
if (existsSync(resolved)) {
|
|
72
|
+
const st = statSync(resolved);
|
|
73
|
+
if (!st.isDirectory())
|
|
74
|
+
throw new Error(`--path must be a directory, got a file: ${resolved}`);
|
|
75
|
+
}
|
|
76
|
+
return resolved;
|
|
77
|
+
}
|
|
78
|
+
/**
|
|
79
|
+
* Validate that fullPath is contained within repoRoot (path traversal defence).
|
|
80
|
+
* relPath comes from our own PLATFORM_CONFIG_FILES map, but we validate anyway
|
|
81
|
+
* to guard against future changes that introduce dynamic paths.
|
|
82
|
+
*/
|
|
83
|
+
function assertWithinRoot(fullPath, repoRoot) {
|
|
84
|
+
if (!fullPath.startsWith(repoRoot + '/') && fullPath !== repoRoot) {
|
|
85
|
+
throw new Error(`Path escapes repository root: ${fullPath}`);
|
|
86
|
+
}
|
|
87
|
+
}
|
|
46
88
|
function installPlatform(platform, repoPath) {
|
|
47
89
|
const files = PLATFORM_CONFIG_FILES[platform];
|
|
48
90
|
const instructions = getMonomindInstructions();
|
|
49
91
|
const written = [];
|
|
50
92
|
for (const relPath of files) {
|
|
51
|
-
const fullPath = join(repoPath, relPath);
|
|
93
|
+
const fullPath = resolve(join(repoPath, relPath));
|
|
94
|
+
assertWithinRoot(fullPath, repoPath);
|
|
52
95
|
const dir = dirname(fullPath);
|
|
53
96
|
mkdirSync(dir, { recursive: true });
|
|
54
97
|
if (existsSync(fullPath)) {
|
|
98
|
+
// Guard against reading oversized files (e.g. the flag points at a data file)
|
|
99
|
+
const fileStat = statSync(fullPath);
|
|
100
|
+
if (fileStat.size > MAX_CONFIG_FILE_BYTES) {
|
|
101
|
+
throw new Error(`Config file too large to read (${fileStat.size} bytes): ${relPath}`);
|
|
102
|
+
}
|
|
55
103
|
const existing = readFileSync(fullPath, 'utf8');
|
|
56
104
|
if (existing.includes(MONOMIND_BLOCK_START))
|
|
57
105
|
continue;
|
|
@@ -69,9 +117,15 @@ function uninstallPlatform(platform, repoPath) {
|
|
|
69
117
|
const blockRe = new RegExp(`\\n?${MONOMIND_BLOCK_START}[\\s\\S]*?${MONOMIND_BLOCK_END}\\n?`, 'g');
|
|
70
118
|
const cleaned = [];
|
|
71
119
|
for (const relPath of files) {
|
|
72
|
-
const fullPath = join(repoPath, relPath);
|
|
120
|
+
const fullPath = resolve(join(repoPath, relPath));
|
|
121
|
+
assertWithinRoot(fullPath, repoPath);
|
|
73
122
|
if (!existsSync(fullPath))
|
|
74
123
|
continue;
|
|
124
|
+
// Guard against reading oversized files
|
|
125
|
+
const fileStat = statSync(fullPath);
|
|
126
|
+
if (fileStat.size > MAX_CONFIG_FILE_BYTES) {
|
|
127
|
+
throw new Error(`Config file too large to read (${fileStat.size} bytes): ${relPath}`);
|
|
128
|
+
}
|
|
75
129
|
const content = readFileSync(fullPath, 'utf8');
|
|
76
130
|
writeFileSync(fullPath, content.replace(blockRe, ''), 'utf8');
|
|
77
131
|
cleaned.push(relPath);
|
|
@@ -81,7 +135,14 @@ function uninstallPlatform(platform, repoPath) {
|
|
|
81
135
|
async function handleInstall(ctx) {
|
|
82
136
|
const platform = ctx.flags['platform'];
|
|
83
137
|
const all = ctx.flags['all'];
|
|
84
|
-
|
|
138
|
+
let repoPath;
|
|
139
|
+
try {
|
|
140
|
+
repoPath = resolveRepoPath(ctx.flags['path'] ?? '.');
|
|
141
|
+
}
|
|
142
|
+
catch (err) {
|
|
143
|
+
output.error(`Invalid --path: ${err instanceof Error ? err.message : String(err)}`);
|
|
144
|
+
return { success: false, exitCode: 1 };
|
|
145
|
+
}
|
|
85
146
|
if (!platform && !all) {
|
|
86
147
|
output.error('Specify --platform <name> or --all');
|
|
87
148
|
output.info(`Supported platforms: ${SUPPORTED_PLATFORMS.join(', ')}`);
|
|
@@ -98,7 +159,14 @@ async function handleInstall(ctx) {
|
|
|
98
159
|
}
|
|
99
160
|
let totalFiles = 0;
|
|
100
161
|
for (const p of targets) {
|
|
101
|
-
|
|
162
|
+
let written;
|
|
163
|
+
try {
|
|
164
|
+
written = installPlatform(p, repoPath);
|
|
165
|
+
}
|
|
166
|
+
catch (err) {
|
|
167
|
+
output.error(`[${p}] Install failed: ${err instanceof Error ? err.message : String(err)}`);
|
|
168
|
+
continue;
|
|
169
|
+
}
|
|
102
170
|
if (written.length > 0) {
|
|
103
171
|
output.success(`[${p}] Installed Monograph context → ${written.join(', ')}`);
|
|
104
172
|
totalFiles += written.length;
|
|
@@ -113,7 +181,14 @@ async function handleInstall(ctx) {
|
|
|
113
181
|
async function handleUninstall(ctx) {
|
|
114
182
|
const platform = ctx.flags['platform'];
|
|
115
183
|
const all = ctx.flags['all'];
|
|
116
|
-
|
|
184
|
+
let repoPath;
|
|
185
|
+
try {
|
|
186
|
+
repoPath = resolveRepoPath(ctx.flags['path'] ?? '.');
|
|
187
|
+
}
|
|
188
|
+
catch (err) {
|
|
189
|
+
output.error(`Invalid --path: ${err instanceof Error ? err.message : String(err)}`);
|
|
190
|
+
return { success: false, exitCode: 1 };
|
|
191
|
+
}
|
|
117
192
|
if (!platform && !all) {
|
|
118
193
|
output.error('Specify --platform <name> or --all');
|
|
119
194
|
output.info(`Supported platforms: ${SUPPORTED_PLATFORMS.join(', ')}`);
|
|
@@ -130,7 +205,14 @@ async function handleUninstall(ctx) {
|
|
|
130
205
|
}
|
|
131
206
|
let totalFiles = 0;
|
|
132
207
|
for (const p of targets) {
|
|
133
|
-
|
|
208
|
+
let cleaned;
|
|
209
|
+
try {
|
|
210
|
+
cleaned = uninstallPlatform(p, repoPath);
|
|
211
|
+
}
|
|
212
|
+
catch (err) {
|
|
213
|
+
output.error(`[${p}] Uninstall failed: ${err instanceof Error ? err.message : String(err)}`);
|
|
214
|
+
continue;
|
|
215
|
+
}
|
|
134
216
|
if (cleaned.length > 0) {
|
|
135
217
|
output.success(`[${p}] Removed Monograph context from ${cleaned.join(', ')}`);
|
|
136
218
|
totalFiles += cleaned.length;
|
|
@@ -187,14 +187,16 @@ const installCommand = {
|
|
|
187
187
|
{ command: 'monomind plugins install -n ./my-plugin --dev', description: 'Install local plugin' },
|
|
188
188
|
],
|
|
189
189
|
action: async (ctx) => {
|
|
190
|
-
const
|
|
190
|
+
const rawName = ctx.flags.name;
|
|
191
191
|
const version = ctx.flags.version || 'latest';
|
|
192
192
|
const registryName = ctx.flags.registry;
|
|
193
193
|
const verify = ctx.flags.verify !== false;
|
|
194
|
-
if (!
|
|
194
|
+
if (!rawName) {
|
|
195
195
|
output.printError('Plugin name is required');
|
|
196
196
|
return { success: false, exitCode: 1 };
|
|
197
197
|
}
|
|
198
|
+
// Cap plugin name and version to prevent DoS/injection
|
|
199
|
+
const name = typeof rawName === 'string' ? rawName.slice(0, 214) : '';
|
|
198
200
|
// Check if it's a local path
|
|
199
201
|
const isLocalPath = name.startsWith('./') || name.startsWith('/') || name.startsWith('../');
|
|
200
202
|
output.writeln();
|
|
@@ -620,16 +622,21 @@ const searchCommand = {
|
|
|
620
622
|
{ command: 'monomind plugins search -q security --verified', description: 'Search verified security plugins' },
|
|
621
623
|
],
|
|
622
624
|
action: async (ctx) => {
|
|
623
|
-
const
|
|
625
|
+
const rawQuery = ctx.flags.query;
|
|
624
626
|
const category = ctx.flags.category;
|
|
625
627
|
const type = ctx.flags.type;
|
|
626
628
|
const verified = ctx.flags.verified;
|
|
627
|
-
const
|
|
629
|
+
const rawLimit = ctx.flags.limit;
|
|
628
630
|
const registryName = ctx.flags.registry;
|
|
629
|
-
if (!
|
|
631
|
+
if (!rawQuery) {
|
|
630
632
|
output.printError('Search query is required');
|
|
631
633
|
return { success: false, exitCode: 1 };
|
|
632
634
|
}
|
|
635
|
+
// Cap query length and limit to prevent DoS
|
|
636
|
+
const query = typeof rawQuery === 'string' ? rawQuery.slice(0, 200) : '';
|
|
637
|
+
const limit = typeof rawLimit === 'number' && Number.isFinite(rawLimit)
|
|
638
|
+
? Math.max(1, Math.min(Math.floor(rawLimit), 100))
|
|
639
|
+
: 20;
|
|
633
640
|
const spinner = output.createSpinner({ text: 'Searching plugin registry...', spinner: 'dots' });
|
|
634
641
|
spinner.start();
|
|
635
642
|
try {
|
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
* CLI Process Management Command
|
|
3
3
|
* Background process management, daemon mode, and monitoring
|
|
4
4
|
*/
|
|
5
|
-
import { writeFileSync, readFileSync, unlinkSync, existsSync, mkdirSync } from 'node:fs';
|
|
5
|
+
import { writeFileSync, readFileSync, statSync, unlinkSync, existsSync, mkdirSync } from 'node:fs';
|
|
6
6
|
import { dirname, resolve } from 'node:path';
|
|
7
7
|
// Helper functions for PID file management
|
|
8
8
|
function writePidFile(pidFile, pid, port) {
|
|
@@ -35,13 +35,22 @@ function writePidFile(pidFile, pid, port) {
|
|
|
35
35
|
}
|
|
36
36
|
}
|
|
37
37
|
}
|
|
38
|
+
const MAX_PID_FILE_BYTES = 4 * 1024; // 4 KB — a PID file should never be this large
|
|
38
39
|
function readPidFile(pidFile) {
|
|
39
40
|
try {
|
|
40
41
|
const path = resolve(pidFile);
|
|
41
42
|
if (!existsSync(path))
|
|
42
43
|
return null;
|
|
44
|
+
// Guard against oversized PID files before reading into memory
|
|
45
|
+
if (statSync(path).size > MAX_PID_FILE_BYTES)
|
|
46
|
+
return null;
|
|
43
47
|
const data = readFileSync(path, 'utf-8');
|
|
44
|
-
return JSON.parse(data)
|
|
48
|
+
return JSON.parse(data, (key, value) => {
|
|
49
|
+
// Prototype pollution guard
|
|
50
|
+
if (key === '__proto__' || key === 'constructor' || key === 'prototype')
|
|
51
|
+
return undefined;
|
|
52
|
+
return value;
|
|
53
|
+
});
|
|
45
54
|
}
|
|
46
55
|
catch {
|
|
47
56
|
return null;
|
|
@@ -270,9 +279,10 @@ const monitorCommand = {
|
|
|
270
279
|
// Try to read agent and task counts from local store files
|
|
271
280
|
let agentCount = 0;
|
|
272
281
|
const taskCounts = { running: 0, queued: 0, completed: 0, failed: 0 };
|
|
282
|
+
const MAX_PROCESS_STORE_BYTES = 50 * 1024 * 1024; // 50 MB
|
|
273
283
|
try {
|
|
274
284
|
const agentStorePath = resolve('.monomind/agents/store.json');
|
|
275
|
-
if (existsSync(agentStorePath)) {
|
|
285
|
+
if (existsSync(agentStorePath) && statSync(agentStorePath).size <= MAX_PROCESS_STORE_BYTES) {
|
|
276
286
|
const agentStore = JSON.parse(readFileSync(agentStorePath, 'utf-8'));
|
|
277
287
|
const agents = Array.isArray(agentStore) ? agentStore : Object.values(agentStore.agents || agentStore || {});
|
|
278
288
|
agentCount = agents.length;
|
|
@@ -281,7 +291,7 @@ const monitorCommand = {
|
|
|
281
291
|
catch { /* no agent store */ }
|
|
282
292
|
try {
|
|
283
293
|
const taskStorePath = resolve('.monomind/tasks/store.json');
|
|
284
|
-
if (existsSync(taskStorePath)) {
|
|
294
|
+
if (existsSync(taskStorePath) && statSync(taskStorePath).size <= MAX_PROCESS_STORE_BYTES) {
|
|
285
295
|
const taskStore = JSON.parse(readFileSync(taskStorePath, 'utf-8'));
|
|
286
296
|
const tasks = Array.isArray(taskStore) ? taskStore : Object.values(taskStore.tasks || taskStore || {});
|
|
287
297
|
for (const t of tasks) {
|
|
@@ -607,12 +617,22 @@ const logsCommand = {
|
|
|
607
617
|
{ command: 'monomind process logs --since 1h --grep "error"', description: 'Search logs' },
|
|
608
618
|
],
|
|
609
619
|
action: async (ctx) => {
|
|
610
|
-
const
|
|
611
|
-
const
|
|
620
|
+
const VALID_SOURCES = new Set(['daemon', 'workers', 'tasks', 'all']);
|
|
621
|
+
const VALID_LEVELS = new Set(['debug', 'info', 'warn', 'error']);
|
|
622
|
+
const MAX_TAIL = 10_000; // cap to prevent huge in-memory slice
|
|
623
|
+
const MAX_GREP_LEN = 256; // cap regex/pattern length
|
|
624
|
+
const MAX_SINCE_LEN = 64; // cap timestamp/duration string
|
|
625
|
+
const rawSource = ctx.flags?.source || 'all';
|
|
626
|
+
const source = VALID_SOURCES.has(rawSource) ? rawSource : 'all';
|
|
627
|
+
const rawTail = Number(ctx.flags?.tail ?? 50);
|
|
628
|
+
const tail = Number.isFinite(rawTail) && rawTail > 0 ? Math.min(rawTail, MAX_TAIL) : 50;
|
|
612
629
|
const follow = ctx.flags?.follow === true;
|
|
613
|
-
const
|
|
614
|
-
const
|
|
615
|
-
const
|
|
630
|
+
const rawLevel = ctx.flags?.level || 'info';
|
|
631
|
+
const level = VALID_LEVELS.has(rawLevel) ? rawLevel : 'info';
|
|
632
|
+
const rawSince = ctx.flags?.since;
|
|
633
|
+
const since = rawSince ? String(rawSince).slice(0, MAX_SINCE_LEN) : undefined;
|
|
634
|
+
const rawGrep = ctx.flags?.grep;
|
|
635
|
+
const grep = rawGrep ? String(rawGrep).slice(0, MAX_GREP_LEN) : undefined;
|
|
616
636
|
console.log(`\n📜 Process Logs (${source})\n`);
|
|
617
637
|
console.log(` Level: ${level}+ | Lines: ${tail}${since ? ` | Since: ${since}` : ''}${grep ? ` | Filter: ${grep}` : ''}`);
|
|
618
638
|
console.log('─'.repeat(70));
|
|
@@ -629,7 +649,10 @@ const logsCommand = {
|
|
|
629
649
|
.filter(f => source === 'all' || f.includes(source));
|
|
630
650
|
for (const file of logFiles) {
|
|
631
651
|
try {
|
|
632
|
-
const
|
|
652
|
+
const logFilePath = resolve(logsDir, file);
|
|
653
|
+
if (statSync(logFilePath).size > 10 * 1024 * 1024)
|
|
654
|
+
continue; // skip files > 10 MB
|
|
655
|
+
const content = readFileSync(logFilePath, 'utf-8');
|
|
633
656
|
const lines = content.split('\n').filter(l => l.trim());
|
|
634
657
|
for (const line of lines) {
|
|
635
658
|
// Filter by log level if detectable
|
|
@@ -158,7 +158,8 @@ const watchCommand = {
|
|
|
158
158
|
},
|
|
159
159
|
],
|
|
160
160
|
action: async (ctx) => {
|
|
161
|
-
const
|
|
161
|
+
const rawInterval = ctx.flags.interval || 5000;
|
|
162
|
+
const interval = Number.isFinite(rawInterval) ? Math.max(500, Math.min(rawInterval, 3_600_000)) : 5000; // min 500ms, max 1h
|
|
162
163
|
output.writeln(output.highlight(`Watching progress (interval: ${interval}ms). Press Ctrl+C to stop.`));
|
|
163
164
|
output.writeln();
|
|
164
165
|
let lastProgress = 0;
|
|
@@ -180,8 +181,9 @@ const watchCommand = {
|
|
|
180
181
|
};
|
|
181
182
|
await check();
|
|
182
183
|
const timer = setInterval(check, interval);
|
|
183
|
-
// Handle Ctrl+C
|
|
184
|
-
|
|
184
|
+
// Handle Ctrl+C — use once so repeated calls don't accumulate SIGINT handlers
|
|
185
|
+
// (which would trigger MaxListenersExceededWarning and a memory leak).
|
|
186
|
+
process.once('SIGINT', () => {
|
|
185
187
|
clearInterval(timer);
|
|
186
188
|
output.writeln();
|
|
187
189
|
output.writeln(output.dim('Stopped watching.'));
|
|
@@ -59,10 +59,10 @@ const configureCommand = {
|
|
|
59
59
|
],
|
|
60
60
|
action: async (ctx) => {
|
|
61
61
|
try {
|
|
62
|
-
const provider = ctx.flags.provider || (ctx.args && ctx.args[0]) || '';
|
|
63
|
-
const apiKey = ctx.flags.key;
|
|
64
|
-
const model = ctx.flags.model;
|
|
65
|
-
const endpoint = ctx.flags.endpoint;
|
|
62
|
+
const provider = (ctx.flags.provider || (ctx.args && ctx.args[0]) || '').slice(0, 64);
|
|
63
|
+
const apiKey = ctx.flags.key?.slice(0, 256);
|
|
64
|
+
const model = ctx.flags.model?.slice(0, 128);
|
|
65
|
+
const endpoint = ctx.flags.endpoint?.slice(0, 512);
|
|
66
66
|
if (!provider) {
|
|
67
67
|
output.printError('Provider name is required. Use -p <name> or pass as first argument.');
|
|
68
68
|
return { success: false, exitCode: 1 };
|
|
@@ -127,7 +127,7 @@ const testCommand = {
|
|
|
127
127
|
],
|
|
128
128
|
action: async (ctx) => {
|
|
129
129
|
try {
|
|
130
|
-
const provider = ctx.flags.provider || (ctx.args && ctx.args[0]) || '';
|
|
130
|
+
const provider = (ctx.flags.provider || (ctx.args && ctx.args[0]) || '').slice(0, 64);
|
|
131
131
|
const testAll = ctx.flags.all;
|
|
132
132
|
output.writeln();
|
|
133
133
|
output.writeln(output.bold('Provider Connectivity Test'));
|
|
@@ -10,7 +10,8 @@ const showSubcommand = {
|
|
|
10
10
|
{ name: 'json', type: 'boolean', description: 'Output as JSON', default: false },
|
|
11
11
|
],
|
|
12
12
|
action: async (ctx) => {
|
|
13
|
-
|
|
13
|
+
// Cap session ID to prevent DoS via oversized string and unbounded output reflection.
|
|
14
|
+
const sessionId = (ctx.args[0] || '').slice(0, 128);
|
|
14
15
|
if (!sessionId) {
|
|
15
16
|
output.error('Session ID is required: replay show <sessionId>');
|
|
16
17
|
return { success: false, message: 'Missing session ID' };
|
|
@@ -40,7 +41,12 @@ const listSubcommand = {
|
|
|
40
41
|
try {
|
|
41
42
|
const { ReplayReader } = await import('../observability/replay-reader.js');
|
|
42
43
|
const reader = new ReplayReader();
|
|
43
|
-
const
|
|
44
|
+
const rawLimit = ctx.flags['limit'];
|
|
45
|
+
// Cap limit to prevent DoS
|
|
46
|
+
const limit = typeof rawLimit === 'number' && Number.isFinite(rawLimit)
|
|
47
|
+
? Math.max(1, Math.min(Math.floor(rawLimit), 500))
|
|
48
|
+
: 20;
|
|
49
|
+
const data = await reader.list(limit);
|
|
44
50
|
const asJson = ctx.flags['json'];
|
|
45
51
|
output.writeln(asJson ? JSON.stringify(data, null, 2) : 'Available replays listed');
|
|
46
52
|
return { success: true, data };
|
|
@@ -90,15 +90,20 @@ const routeTaskCommand = {
|
|
|
90
90
|
{ command: 'monomind route task "review code" --agent reviewer', description: 'Force specific agent' },
|
|
91
91
|
],
|
|
92
92
|
action: async (ctx) => {
|
|
93
|
-
const
|
|
93
|
+
const rawTask = ctx.args[0];
|
|
94
94
|
const forceAgent = ctx.flags.agent;
|
|
95
95
|
const useExploration = ctx.flags.explore;
|
|
96
96
|
const jsonOutput = ctx.flags.json;
|
|
97
|
-
if (!
|
|
97
|
+
if (!rawTask) {
|
|
98
98
|
output.printError('Task description is required');
|
|
99
99
|
output.writeln(output.dim('Usage: monomind route task "task description"'));
|
|
100
100
|
return { success: false, exitCode: 1 };
|
|
101
101
|
}
|
|
102
|
+
if (rawTask.length > 4096) {
|
|
103
|
+
output.printError('Task description too long (max 4096 characters)');
|
|
104
|
+
return { success: false, exitCode: 1 };
|
|
105
|
+
}
|
|
106
|
+
const taskDescription = rawTask;
|
|
102
107
|
const spinner = output.createSpinner({ text: 'Analyzing task...', spinner: 'dots' });
|
|
103
108
|
spinner.start();
|
|
104
109
|
try {
|
|
@@ -349,14 +354,24 @@ const feedbackCommand = {
|
|
|
349
354
|
{ command: 'monomind route feedback -t "write tests" -a tester -r -0.5', description: 'Negative feedback' },
|
|
350
355
|
],
|
|
351
356
|
action: async (ctx) => {
|
|
352
|
-
const
|
|
357
|
+
const rawFeedbackTask = ctx.flags.task;
|
|
353
358
|
const agentId = ctx.flags.agent;
|
|
354
359
|
const reward = ctx.flags.reward;
|
|
355
|
-
const
|
|
356
|
-
if (!
|
|
360
|
+
const rawNextTask = ctx.flags['next-task'];
|
|
361
|
+
if (!rawFeedbackTask || !agentId) {
|
|
357
362
|
output.printError('Task description and agent are required');
|
|
358
363
|
return { success: false, exitCode: 1 };
|
|
359
364
|
}
|
|
365
|
+
if (rawFeedbackTask.length > 4096) {
|
|
366
|
+
output.printError('Task description too long (max 4096 characters)');
|
|
367
|
+
return { success: false, exitCode: 1 };
|
|
368
|
+
}
|
|
369
|
+
if (agentId.length > 128) {
|
|
370
|
+
output.printError('Agent ID too long (max 128 characters)');
|
|
371
|
+
return { success: false, exitCode: 1 };
|
|
372
|
+
}
|
|
373
|
+
const taskDescription = rawFeedbackTask;
|
|
374
|
+
const nextTask = rawNextTask && rawNextTask.length > 4096 ? undefined : rawNextTask;
|
|
360
375
|
// Validate agent
|
|
361
376
|
const agent = getAgentType(agentId);
|
|
362
377
|
if (!agent) {
|
|
@@ -776,13 +791,18 @@ const semanticRouteCommand = {
|
|
|
776
791
|
{ command: 'monomind route semantic -t "write unit tests" --debug', description: 'Show all route scores' },
|
|
777
792
|
],
|
|
778
793
|
action: async (ctx) => {
|
|
779
|
-
const
|
|
794
|
+
const rawSemanticTask = ctx.flags.task;
|
|
780
795
|
const debug = ctx.flags.debug;
|
|
781
796
|
const jsonOutput = ctx.flags.json;
|
|
782
|
-
if (!
|
|
797
|
+
if (!rawSemanticTask) {
|
|
783
798
|
output.printError('Task description is required. Use --task or -t flag.');
|
|
784
799
|
return { success: false, exitCode: 1 };
|
|
785
800
|
}
|
|
801
|
+
if (rawSemanticTask.length > 4096) {
|
|
802
|
+
output.printError('Task description too long (max 4096 characters)');
|
|
803
|
+
return { success: false, exitCode: 1 };
|
|
804
|
+
}
|
|
805
|
+
const taskDescription = rawSemanticTask;
|
|
786
806
|
const spinner = output.createSpinner({ text: 'Computing semantic route...', spinner: 'dots' });
|
|
787
807
|
spinner.start();
|
|
788
808
|
try {
|
|
@@ -33,6 +33,8 @@ function findSecretsInDir(dir, depthLimit, baseDir, findings) {
|
|
|
33
33
|
}
|
|
34
34
|
else if (entry.isFile() && (/\.(ts|js|json|yml|yaml)$/.test(entry.name) || isDotEnv) && !entry.name.endsWith('.d.ts')) {
|
|
35
35
|
try {
|
|
36
|
+
if (statSync(fullPath).size > 1024 * 1024)
|
|
37
|
+
continue; // skip files > 1 MB
|
|
36
38
|
const content = readFileSync(fullPath, 'utf-8');
|
|
37
39
|
const lines = content.split('\n');
|
|
38
40
|
for (let i = 0; i < lines.length; i++) {
|
|
@@ -185,6 +187,8 @@ const scanCommand = {
|
|
|
185
187
|
}
|
|
186
188
|
else if (entry.isFile() && /\.(ts|js|tsx|jsx)$/.test(entry.name) && !entry.name.endsWith('.d.ts')) {
|
|
187
189
|
try {
|
|
190
|
+
if (fs.statSync(fullPath).size > 1024 * 1024)
|
|
191
|
+
continue; // skip files > 1 MB
|
|
188
192
|
const content = fs.readFileSync(fullPath, 'utf-8');
|
|
189
193
|
const lines = content.split('\n');
|
|
190
194
|
for (let i = 0; i < lines.length; i++) {
|
|
@@ -68,7 +68,11 @@ const listCommand = {
|
|
|
68
68
|
action: async (ctx) => {
|
|
69
69
|
const activeOnly = ctx.flags.active;
|
|
70
70
|
const includeArchived = ctx.flags.all;
|
|
71
|
-
const
|
|
71
|
+
const rawLimit = ctx.flags.limit;
|
|
72
|
+
// Cap limit to prevent unbounded MCP calls
|
|
73
|
+
const limit = typeof rawLimit === 'number' && Number.isFinite(rawLimit)
|
|
74
|
+
? Math.max(1, Math.min(Math.floor(rawLimit), 200))
|
|
75
|
+
: 20;
|
|
72
76
|
try {
|
|
73
77
|
const result = await callMCPTool('session_list', {
|
|
74
78
|
status: activeOnly ? 'active' : includeArchived ? 'all' : 'active,saved',
|
|
@@ -173,6 +177,13 @@ const saveCommand = {
|
|
|
173
177
|
default: ''
|
|
174
178
|
});
|
|
175
179
|
}
|
|
180
|
+
// Cap name and description lengths to prevent DoS / oversized storage
|
|
181
|
+
if (typeof sessionName === 'string' && sessionName.length > 200) {
|
|
182
|
+
sessionName = sessionName.slice(0, 200);
|
|
183
|
+
}
|
|
184
|
+
if (typeof description === 'string' && description.length > 2000) {
|
|
185
|
+
description = description.slice(0, 2000);
|
|
186
|
+
}
|
|
176
187
|
const spinner = output.createSpinner({ text: 'Saving session...' });
|
|
177
188
|
spinner.start();
|
|
178
189
|
try {
|
|
@@ -72,6 +72,8 @@ function loadConfig(cwd) {
|
|
|
72
72
|
const configPath = path.join(cwd, '.monomind', 'config.yaml');
|
|
73
73
|
if (!fs.existsSync(configPath))
|
|
74
74
|
return null;
|
|
75
|
+
if (fs.statSync(configPath).size > 1024 * 1024)
|
|
76
|
+
return null; // skip files > 1 MB
|
|
75
77
|
try {
|
|
76
78
|
const content = fs.readFileSync(configPath, 'utf-8');
|
|
77
79
|
return parseSimpleYaml(content);
|
|
@@ -97,10 +99,14 @@ const startAction = async (ctx) => {
|
|
|
97
99
|
const config = loadConfig(cwd);
|
|
98
100
|
const swarmConfig = config?.swarm || {};
|
|
99
101
|
const mcpConfig = config?.mcp || {};
|
|
100
|
-
const
|
|
101
|
-
const
|
|
102
|
+
const VALID_TOPOLOGIES = new Set(['hierarchical-mesh', 'mesh', 'hierarchical', 'ring', 'star']);
|
|
103
|
+
const rawTopology = topology || swarmConfig.topology || DEFAULT_TOPOLOGY;
|
|
104
|
+
const finalTopology = VALID_TOPOLOGIES.has(rawTopology) ? rawTopology : DEFAULT_TOPOLOGY;
|
|
105
|
+
const rawMaxAgents = Number(swarmConfig.maxAgents || DEFAULT_MAX_AGENTS);
|
|
106
|
+
const maxAgents = Number.isFinite(rawMaxAgents) ? Math.max(1, Math.min(rawMaxAgents, 100)) : DEFAULT_MAX_AGENTS;
|
|
102
107
|
const autoStartMcp = mcpConfig.autoStart !== false && !skipMcp;
|
|
103
|
-
const
|
|
108
|
+
const rawMcpPort = port || Number(mcpConfig.serverPort) || DEFAULT_PORT;
|
|
109
|
+
const mcpPort = Number.isFinite(rawMcpPort) ? Math.max(1, Math.min(rawMcpPort, 65535)) : DEFAULT_PORT;
|
|
104
110
|
output.writeln();
|
|
105
111
|
output.writeln(output.bold('Starting Monomind'));
|
|
106
112
|
output.writeln();
|
|
@@ -262,7 +268,8 @@ const stopCommand = {
|
|
|
262
268
|
],
|
|
263
269
|
action: async (ctx) => {
|
|
264
270
|
const force = ctx.flags.force;
|
|
265
|
-
const
|
|
271
|
+
const rawTimeout = ctx.flags.timeout;
|
|
272
|
+
const timeout = Number.isFinite(rawTimeout) ? Math.max(1, Math.min(rawTimeout, 300)) : 30;
|
|
266
273
|
output.writeln();
|
|
267
274
|
output.writeln(output.bold('Stopping MonoMind'));
|
|
268
275
|
output.writeln();
|
|
@@ -259,7 +259,8 @@ function formatHealth(health) {
|
|
|
259
259
|
// Main status action
|
|
260
260
|
const statusAction = async (ctx) => {
|
|
261
261
|
const watch = ctx.flags.watch;
|
|
262
|
-
const
|
|
262
|
+
const rawInterval = ctx.flags.interval || DEFAULT_WATCH_INTERVAL / 1000;
|
|
263
|
+
const interval = Number.isFinite(rawInterval) ? Math.max(1, Math.min(rawInterval, 3600)) : DEFAULT_WATCH_INTERVAL / 1000;
|
|
263
264
|
const healthCheck = ctx.flags['health-check'];
|
|
264
265
|
const cwd = ctx.cwd;
|
|
265
266
|
// Check initialization
|
|
@@ -379,14 +380,16 @@ async function watchStatus(intervalSeconds) {
|
|
|
379
380
|
await refresh();
|
|
380
381
|
// Set up interval
|
|
381
382
|
const intervalId = setInterval(refresh, intervalSeconds * 1000);
|
|
382
|
-
// Handle exit
|
|
383
|
+
// Handle exit — use once so repeated calls to watchStatus don't accumulate
|
|
384
|
+
// SIGINT handlers (which would trigger a MaxListenersExceededWarning).
|
|
383
385
|
return new Promise((resolve) => {
|
|
384
|
-
|
|
386
|
+
const onSigint = () => {
|
|
385
387
|
clearInterval(intervalId);
|
|
386
388
|
output.writeln();
|
|
387
389
|
output.printInfo('Watch mode stopped');
|
|
388
390
|
resolve({ success: true });
|
|
389
|
-
}
|
|
391
|
+
};
|
|
392
|
+
process.once('SIGINT', onSigint);
|
|
390
393
|
});
|
|
391
394
|
}
|
|
392
395
|
// Agents subcommand
|
|
@@ -20,7 +20,10 @@ function getSwarmStatus(swarmId) {
|
|
|
20
20
|
let swarmState = null;
|
|
21
21
|
if (fs.existsSync(swarmStateFile)) {
|
|
22
22
|
try {
|
|
23
|
-
|
|
23
|
+
const swarmStatSz = fs.statSync(swarmStateFile).size;
|
|
24
|
+
if (swarmStatSz <= 1_048_576) {
|
|
25
|
+
swarmState = JSON.parse(fs.readFileSync(swarmStateFile, 'utf-8'));
|
|
26
|
+
}
|
|
24
27
|
}
|
|
25
28
|
catch {
|
|
26
29
|
// Ignore parse errors
|
|
@@ -36,9 +39,13 @@ function getSwarmStatus(swarmId) {
|
|
|
36
39
|
totalAgents = agentFiles.length;
|
|
37
40
|
for (const file of agentFiles) {
|
|
38
41
|
try {
|
|
39
|
-
const
|
|
40
|
-
|
|
41
|
-
|
|
42
|
+
const agentFilePath = path.join(agentsDir, file);
|
|
43
|
+
const agentSz = fs.statSync(agentFilePath).size;
|
|
44
|
+
if (agentSz <= 524_288) {
|
|
45
|
+
const agent = JSON.parse(fs.readFileSync(agentFilePath, 'utf-8'));
|
|
46
|
+
if (agent.status === 'active' || agent.status === 'running') {
|
|
47
|
+
activeAgents++;
|
|
48
|
+
}
|
|
42
49
|
}
|
|
43
50
|
}
|
|
44
51
|
catch {
|
|
@@ -83,15 +90,19 @@ function getSwarmStatus(swarmId) {
|
|
|
83
90
|
const taskFiles = fs.readdirSync(tasksDir).filter(f => f.endsWith('.json'));
|
|
84
91
|
for (const file of taskFiles) {
|
|
85
92
|
try {
|
|
86
|
-
const
|
|
87
|
-
|
|
88
|
-
|
|
89
|
-
|
|
90
|
-
|
|
91
|
-
|
|
92
|
-
|
|
93
|
-
|
|
94
|
-
|
|
93
|
+
const taskFilePath = path.join(tasksDir, file);
|
|
94
|
+
const taskSz = fs.statSync(taskFilePath).size;
|
|
95
|
+
if (taskSz <= 524_288) {
|
|
96
|
+
const task = JSON.parse(fs.readFileSync(taskFilePath, 'utf-8'));
|
|
97
|
+
if (task.status === 'completed' || task.status === 'done') {
|
|
98
|
+
completedTasks++;
|
|
99
|
+
}
|
|
100
|
+
else if (task.status === 'in_progress' || task.status === 'running') {
|
|
101
|
+
inProgressTasks++;
|
|
102
|
+
}
|
|
103
|
+
else {
|
|
104
|
+
pendingTasks++;
|
|
105
|
+
}
|
|
95
106
|
}
|
|
96
107
|
}
|
|
97
108
|
catch {
|
|
@@ -577,6 +588,9 @@ const stopCommand = {
|
|
|
577
588
|
const swarmStateFile = path.join(process.cwd(), '.swarm', 'state.json');
|
|
578
589
|
if (fs.existsSync(swarmStateFile)) {
|
|
579
590
|
try {
|
|
591
|
+
const stopStatSz = fs.statSync(swarmStateFile).size;
|
|
592
|
+
if (stopStatSz > 1_048_576)
|
|
593
|
+
throw new Error('swarm state file too large');
|
|
580
594
|
const state = JSON.parse(fs.readFileSync(swarmStateFile, 'utf-8'));
|
|
581
595
|
state.status = 'stopped';
|
|
582
596
|
state.stoppedAt = new Date().toISOString();
|