npm - mstro-app - Versions diffs - 0.1.47 - Mend

mstro-app 0.1.47

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (213) hide show

package/LICENSE +21 -0
package/README.md +177 -0
package/bin/commands/config.js +145 -0
package/bin/commands/login.js +313 -0
package/bin/commands/logout.js +75 -0
package/bin/commands/status.js +197 -0
package/bin/commands/whoami.js +161 -0
package/bin/configure-claude.js +298 -0
package/bin/mstro.js +581 -0
package/bin/postinstall.js +45 -0
package/bin/release.sh +110 -0
package/dist/server/cli/headless/claude-invoker.d.ts +17 -0
package/dist/server/cli/headless/claude-invoker.d.ts.map +1 -0
package/dist/server/cli/headless/claude-invoker.js +311 -0
package/dist/server/cli/headless/claude-invoker.js.map +1 -0
package/dist/server/cli/headless/index.d.ts +13 -0
package/dist/server/cli/headless/index.d.ts.map +1 -0
package/dist/server/cli/headless/index.js +10 -0
package/dist/server/cli/headless/index.js.map +1 -0
package/dist/server/cli/headless/mcp-config.d.ts +11 -0
package/dist/server/cli/headless/mcp-config.d.ts.map +1 -0
package/dist/server/cli/headless/mcp-config.js +76 -0
package/dist/server/cli/headless/mcp-config.js.map +1 -0
package/dist/server/cli/headless/output-utils.d.ts +33 -0
package/dist/server/cli/headless/output-utils.d.ts.map +1 -0
package/dist/server/cli/headless/output-utils.js +101 -0
package/dist/server/cli/headless/output-utils.js.map +1 -0
package/dist/server/cli/headless/prompt-utils.d.ts +21 -0
package/dist/server/cli/headless/prompt-utils.d.ts.map +1 -0
package/dist/server/cli/headless/prompt-utils.js +84 -0
package/dist/server/cli/headless/prompt-utils.js.map +1 -0
package/dist/server/cli/headless/runner.d.ts +24 -0
package/dist/server/cli/headless/runner.d.ts.map +1 -0
package/dist/server/cli/headless/runner.js +99 -0
package/dist/server/cli/headless/runner.js.map +1 -0
package/dist/server/cli/headless/types.d.ts +106 -0
package/dist/server/cli/headless/types.d.ts.map +1 -0
package/dist/server/cli/headless/types.js +4 -0
package/dist/server/cli/headless/types.js.map +1 -0
package/dist/server/cli/improvisation-session-manager.d.ts +155 -0
package/dist/server/cli/improvisation-session-manager.d.ts.map +1 -0
package/dist/server/cli/improvisation-session-manager.js +415 -0
package/dist/server/cli/improvisation-session-manager.js.map +1 -0
package/dist/server/index.d.ts +2 -0
package/dist/server/index.d.ts.map +1 -0
package/dist/server/index.js +386 -0
package/dist/server/index.js.map +1 -0
package/dist/server/mcp/bouncer-cli.d.ts +3 -0
package/dist/server/mcp/bouncer-cli.d.ts.map +1 -0
package/dist/server/mcp/bouncer-cli.js +99 -0
package/dist/server/mcp/bouncer-cli.js.map +1 -0
package/dist/server/mcp/bouncer-integration.d.ts +36 -0
package/dist/server/mcp/bouncer-integration.d.ts.map +1 -0
package/dist/server/mcp/bouncer-integration.js +301 -0
package/dist/server/mcp/bouncer-integration.js.map +1 -0
package/dist/server/mcp/security-audit.d.ts +52 -0
package/dist/server/mcp/security-audit.d.ts.map +1 -0
package/dist/server/mcp/security-audit.js +118 -0
package/dist/server/mcp/security-audit.js.map +1 -0
package/dist/server/mcp/security-patterns.d.ts +73 -0
package/dist/server/mcp/security-patterns.d.ts.map +1 -0
package/dist/server/mcp/security-patterns.js +247 -0
package/dist/server/mcp/security-patterns.js.map +1 -0
package/dist/server/mcp/server.d.ts +3 -0
package/dist/server/mcp/server.d.ts.map +1 -0
package/dist/server/mcp/server.js +146 -0
package/dist/server/mcp/server.js.map +1 -0
package/dist/server/routes/files.d.ts +9 -0
package/dist/server/routes/files.d.ts.map +1 -0
package/dist/server/routes/files.js +24 -0
package/dist/server/routes/files.js.map +1 -0
package/dist/server/routes/improvise.d.ts +3 -0
package/dist/server/routes/improvise.d.ts.map +1 -0
package/dist/server/routes/improvise.js +72 -0
package/dist/server/routes/improvise.js.map +1 -0
package/dist/server/routes/index.d.ts +10 -0
package/dist/server/routes/index.d.ts.map +1 -0
package/dist/server/routes/index.js +12 -0
package/dist/server/routes/index.js.map +1 -0
package/dist/server/routes/instances.d.ts +10 -0
package/dist/server/routes/instances.d.ts.map +1 -0
package/dist/server/routes/instances.js +47 -0
package/dist/server/routes/instances.js.map +1 -0
package/dist/server/routes/notifications.d.ts +3 -0
package/dist/server/routes/notifications.d.ts.map +1 -0
package/dist/server/routes/notifications.js +136 -0
package/dist/server/routes/notifications.js.map +1 -0
package/dist/server/services/analytics.d.ts +56 -0
package/dist/server/services/analytics.d.ts.map +1 -0
package/dist/server/services/analytics.js +240 -0
package/dist/server/services/analytics.js.map +1 -0
package/dist/server/services/auth.d.ts +26 -0
package/dist/server/services/auth.d.ts.map +1 -0
package/dist/server/services/auth.js +71 -0
package/dist/server/services/auth.js.map +1 -0
package/dist/server/services/client-id.d.ts +10 -0
package/dist/server/services/client-id.d.ts.map +1 -0
package/dist/server/services/client-id.js +61 -0
package/dist/server/services/client-id.js.map +1 -0
package/dist/server/services/credentials.d.ts +39 -0
package/dist/server/services/credentials.d.ts.map +1 -0
package/dist/server/services/credentials.js +110 -0
package/dist/server/services/credentials.js.map +1 -0
package/dist/server/services/files.d.ts +119 -0
package/dist/server/services/files.d.ts.map +1 -0
package/dist/server/services/files.js +560 -0
package/dist/server/services/files.js.map +1 -0
package/dist/server/services/instances.d.ts +52 -0
package/dist/server/services/instances.d.ts.map +1 -0
package/dist/server/services/instances.js +241 -0
package/dist/server/services/instances.js.map +1 -0
package/dist/server/services/pathUtils.d.ts +47 -0
package/dist/server/services/pathUtils.d.ts.map +1 -0
package/dist/server/services/pathUtils.js +124 -0
package/dist/server/services/pathUtils.js.map +1 -0
package/dist/server/services/platform.d.ts +72 -0
package/dist/server/services/platform.d.ts.map +1 -0
package/dist/server/services/platform.js +368 -0
package/dist/server/services/platform.js.map +1 -0
package/dist/server/services/sentry.d.ts +5 -0
package/dist/server/services/sentry.d.ts.map +1 -0
package/dist/server/services/sentry.js +71 -0
package/dist/server/services/sentry.js.map +1 -0
package/dist/server/services/terminal/pty-manager.d.ts +149 -0
package/dist/server/services/terminal/pty-manager.d.ts.map +1 -0
package/dist/server/services/terminal/pty-manager.js +377 -0
package/dist/server/services/terminal/pty-manager.js.map +1 -0
package/dist/server/services/terminal/tmux-manager.d.ts +82 -0
package/dist/server/services/terminal/tmux-manager.d.ts.map +1 -0
package/dist/server/services/terminal/tmux-manager.js +352 -0
package/dist/server/services/terminal/tmux-manager.js.map +1 -0
package/dist/server/services/websocket/autocomplete.d.ts +50 -0
package/dist/server/services/websocket/autocomplete.d.ts.map +1 -0
package/dist/server/services/websocket/autocomplete.js +361 -0
package/dist/server/services/websocket/autocomplete.js.map +1 -0
package/dist/server/services/websocket/file-utils.d.ts +44 -0
package/dist/server/services/websocket/file-utils.d.ts.map +1 -0
package/dist/server/services/websocket/file-utils.js +272 -0
package/dist/server/services/websocket/file-utils.js.map +1 -0
package/dist/server/services/websocket/handler.d.ts +246 -0
package/dist/server/services/websocket/handler.d.ts.map +1 -0
package/dist/server/services/websocket/handler.js +1771 -0
package/dist/server/services/websocket/handler.js.map +1 -0
package/dist/server/services/websocket/index.d.ts +11 -0
package/dist/server/services/websocket/index.d.ts.map +1 -0
package/dist/server/services/websocket/index.js +14 -0
package/dist/server/services/websocket/index.js.map +1 -0
package/dist/server/services/websocket/types.d.ts +214 -0
package/dist/server/services/websocket/types.d.ts.map +1 -0
package/dist/server/services/websocket/types.js +4 -0
package/dist/server/services/websocket/types.js.map +1 -0
package/dist/server/utils/agent-manager.d.ts +69 -0
package/dist/server/utils/agent-manager.d.ts.map +1 -0
package/dist/server/utils/agent-manager.js +269 -0
package/dist/server/utils/agent-manager.js.map +1 -0
package/dist/server/utils/paths.d.ts +25 -0
package/dist/server/utils/paths.d.ts.map +1 -0
package/dist/server/utils/paths.js +38 -0
package/dist/server/utils/paths.js.map +1 -0
package/dist/server/utils/port-manager.d.ts +10 -0
package/dist/server/utils/port-manager.d.ts.map +1 -0
package/dist/server/utils/port-manager.js +60 -0
package/dist/server/utils/port-manager.js.map +1 -0
package/dist/server/utils/port.d.ts +26 -0
package/dist/server/utils/port.d.ts.map +1 -0
package/dist/server/utils/port.js +83 -0
package/dist/server/utils/port.js.map +1 -0
package/hooks/bouncer.sh +138 -0
package/package.json +74 -0
package/server/README.md +191 -0
package/server/cli/headless/claude-invoker.ts +415 -0
package/server/cli/headless/index.ts +39 -0
package/server/cli/headless/mcp-config.ts +87 -0
package/server/cli/headless/output-utils.ts +109 -0
package/server/cli/headless/prompt-utils.ts +108 -0
package/server/cli/headless/runner.ts +133 -0
package/server/cli/headless/types.ts +118 -0
package/server/cli/improvisation-session-manager.ts +531 -0
package/server/index.ts +456 -0
package/server/mcp/README.md +122 -0
package/server/mcp/bouncer-cli.ts +127 -0
package/server/mcp/bouncer-integration.ts +430 -0
package/server/mcp/security-audit.ts +180 -0
package/server/mcp/security-patterns.ts +290 -0
package/server/mcp/server.ts +174 -0
package/server/routes/files.ts +29 -0
package/server/routes/improvise.ts +82 -0
package/server/routes/index.ts +13 -0
package/server/routes/instances.ts +54 -0
package/server/routes/notifications.ts +158 -0
package/server/services/analytics.ts +277 -0
package/server/services/auth.ts +80 -0
package/server/services/client-id.ts +68 -0
package/server/services/credentials.ts +134 -0
package/server/services/files.ts +710 -0
package/server/services/instances.ts +275 -0
package/server/services/pathUtils.ts +158 -0
package/server/services/platform.test.ts +1314 -0
package/server/services/platform.ts +435 -0
package/server/services/sentry.ts +81 -0
package/server/services/terminal/pty-manager.ts +464 -0
package/server/services/terminal/tmux-manager.ts +426 -0
package/server/services/websocket/autocomplete.ts +438 -0
package/server/services/websocket/file-utils.ts +305 -0
package/server/services/websocket/handler.test.ts +20 -0
package/server/services/websocket/handler.ts +2047 -0
package/server/services/websocket/index.ts +40 -0
package/server/services/websocket/types.ts +339 -0
package/server/tsconfig.json +19 -0
package/server/utils/agent-manager.ts +323 -0
package/server/utils/paths.ts +45 -0
package/server/utils/port-manager.ts +70 -0
package/server/utils/port.ts +102 -0

package/server/services/instances.ts ADDED Viewed

@@ -0,0 +1,275 @@
+// Copyright (c) 2025-present Mstro, Inc. All rights reserved.
+// Licensed under the MIT License. See LICENSE file for details.
+/**
+ * Instance Registry Service
+ *
+ * Manages multiple Mstro server instances
+ */
+import { existsSync, mkdirSync, readFileSync, renameSync, unlinkSync, writeFileSync } from 'node:fs'
+import { homedir } from 'node:os'
+import { join } from 'node:path'
+function clearStaleLock(lockPath: string): void {
+  if (!existsSync(lockPath)) return
+  try {
+    const lockTime = parseInt(readFileSync(lockPath, 'utf-8'), 10)
+    if (Date.now() - lockTime > 10000) {
+      try { unlinkSync(lockPath) } catch {}
+    }
+  } catch {}
+}
+function tryCreateLock(lockPath: string): boolean {
+  try {
+    writeFileSync(lockPath, Date.now().toString(), { flag: 'wx' })
+    return true
+  } catch {
+    return false
+  }
+}
+function busyWait(): void {
+  const endTime = Date.now() + Math.random() * 50 + 10
+  while (Date.now() < endTime) { /* busy wait */ }
+}
+function acquireLock(lockPath: string, timeout = 5000): boolean {
+  const start = Date.now()
+  while (Date.now() - start < timeout) {
+    clearStaleLock(lockPath)
+    if (tryCreateLock(lockPath)) return true
+    busyWait()
+  }
+  return false
+}
+function releaseLock(lockPath: string) {
+  try {
+    unlinkSync(lockPath)
+  } catch {
+    // Ignore errors when releasing lock
+  }
+}
+export interface MstroInstance {
+  id: string
+  port: number
+  url: string
+  workingDirectory: string
+  startedAt: number
+  lastHeartbeat: number
+  pid: number
+}
+export class InstanceRegistry {
+  private registryPath: string
+  private currentInstance: MstroInstance | null = null
+  private heartbeatInterval: ReturnType<typeof setInterval> | null = null
+  constructor() {
+    const mstroDir = join(homedir(), '.mstro')
+    if (!existsSync(mstroDir)) {
+      mkdirSync(mstroDir, { recursive: true, mode: 0o700 })
+    }
+    this.registryPath = join(mstroDir, 'instances.json')
+  }
+  /**
+   * Register current instance
+   */
+  register(port: number, workingDirectory: string): MstroInstance {
+    const instance: MstroInstance = {
+      id: `mstro-${Date.now()}-${Math.random().toString(36).substr(2, 9)}`,
+      port,
+      url: `http://localhost:${port}`,
+      workingDirectory,
+      startedAt: Date.now(),
+      lastHeartbeat: Date.now(),
+      pid: process.pid
+    }
+    this.currentInstance = instance
+    this.saveInstance(instance)
+    this.startHeartbeat()
+    return instance
+  }
+  /**
+   * Unregister current instance
+   */
+  unregister() {
+    if (this.currentInstance) {
+      this.removeInstance(this.currentInstance.id)
+      this.currentInstance = null
+    }
+    this.stopHeartbeat()
+  }
+  /**
+   * Get current instance info
+   */
+  getCurrentInstance(): MstroInstance | null {
+    return this.currentInstance
+  }
+  /**
+   * Get all instances (with file locking to prevent race conditions)
+   */
+  static getAllInstances(): MstroInstance[] {
+    const mstroDir = join(homedir(), '.mstro')
+    const registryPath = join(mstroDir, 'instances.json')
+    const lockPath = join(mstroDir, 'instances.lock')
+    if (!existsSync(registryPath)) {
+      return []
+    }
+    const locked = acquireLock(lockPath, 3000)
+    try {
+      const data = readFileSync(registryPath, 'utf-8')
+      // Handle empty or whitespace-only content
+      if (!data || !data.trim()) {
+        return []
+      }
+      const parsed = JSON.parse(data)
+      // Ensure we have an array
+      const instances: MstroInstance[] = Array.isArray(parsed) ? parsed : []
+      // Filter out stale instances (no heartbeat in last 2 minutes)
+      const now = Date.now()
+      const maxAge = 2 * 60 * 1000 // 2 minutes
+      return instances.filter(instance =>
+        now - instance.lastHeartbeat < maxAge
+      )
+    } catch (error) {
+      // If JSON is corrupted, log but don't spam - return empty and let next write fix it
+      if (error instanceof SyntaxError) {
+        console.warn('[InstanceRegistry] Registry file corrupted, will be recreated on next write')
+      } else {
+        console.error('[InstanceRegistry] Failed to read instances registry:', error)
+      }
+      return []
+    } finally {
+      if (locked) {
+        releaseLock(lockPath)
+      }
+    }
+  }
+  /**
+   * Get instance by ID
+   */
+  static getInstance(id: string): MstroInstance | null {
+    const instances = InstanceRegistry.getAllInstances()
+    return instances.find(i => i.id === id) || null
+  }
+  /**
+   * Save instance to registry (with file locking)
+   */
+  private saveInstance(instance: MstroInstance) {
+    const lockPath = join(homedir(), '.mstro', 'instances.lock')
+    const locked = acquireLock(lockPath, 5000)
+    try {
+      // Read current instances directly (without calling getAllInstances to avoid double-locking)
+      let instances: MstroInstance[] = []
+      if (existsSync(this.registryPath)) {
+        try {
+          const data = readFileSync(this.registryPath, 'utf-8')
+          if (data?.trim()) {
+            const parsed = JSON.parse(data)
+            instances = Array.isArray(parsed) ? parsed : []
+          }
+        } catch {
+          // If file is corrupted, start fresh
+          instances = []
+        }
+      }
+      // Filter out stale instances while we're at it
+      const now = Date.now()
+      const maxAge = 2 * 60 * 1000
+      instances = instances.filter(i =>
+        i.id !== instance.id && now - i.lastHeartbeat < maxAge
+      )
+      // Add new/updated instance
+      instances.push(instance)
+      // Write atomically by writing to temp file first then renaming
+      const tempPath = `${this.registryPath}.tmp`
+      writeFileSync(tempPath, JSON.stringify(instances, null, 2), 'utf-8')
+      // Rename is atomic on most filesystems
+      renameSync(tempPath, this.registryPath)
+    } finally {
+      if (locked) {
+        releaseLock(lockPath)
+      }
+    }
+  }
+  /**
+   * Remove instance from registry (with file locking)
+   */
+  private removeInstance(id: string) {
+    const lockPath = join(homedir(), '.mstro', 'instances.lock')
+    const locked = acquireLock(lockPath, 5000)
+    try {
+      let instances: MstroInstance[] = []
+      if (existsSync(this.registryPath)) {
+        try {
+          const data = readFileSync(this.registryPath, 'utf-8')
+          if (data?.trim()) {
+            const parsed = JSON.parse(data)
+            instances = Array.isArray(parsed) ? parsed : []
+          }
+        } catch {
+          instances = []
+        }
+      }
+      instances = instances.filter(i => i.id !== id)
+      const tempPath = `${this.registryPath}.tmp`
+      writeFileSync(tempPath, JSON.stringify(instances, null, 2), 'utf-8')
+      renameSync(tempPath, this.registryPath)
+    } finally {
+      if (locked) {
+        releaseLock(lockPath)
+      }
+    }
+  }
+  /**
+   * Start heartbeat to keep instance alive
+   */
+  private startHeartbeat() {
+    this.heartbeatInterval = setInterval(() => {
+      if (this.currentInstance) {
+        this.currentInstance.lastHeartbeat = Date.now()
+        this.saveInstance(this.currentInstance)
+      }
+    }, 30000) // Every 30 seconds
+  }
+  /**
+   * Stop heartbeat
+   */
+  private stopHeartbeat() {
+    if (this.heartbeatInterval) {
+      clearInterval(this.heartbeatInterval)
+      this.heartbeatInterval = null
+    }
+  }
+}

package/server/services/pathUtils.ts ADDED Viewed

@@ -0,0 +1,158 @@
+// Copyright (c) 2025-present Mstro, Inc. All rights reserved.
+// Licensed under the MIT License. See LICENSE file for details.
+/**
+ * Path Utilities
+ *
+ * Secure path validation utilities to prevent path traversal attacks.
+ * All file explorer operations MUST validate paths through these functions.
+ */
+import { isAbsolute, normalize, relative, resolve } from 'node:path';
+export interface PathValidationResult {
+  valid: boolean;
+  resolvedPath: string;
+  error?: string;
+}
+/**
+ * Validate that a path is within the allowed working directory.
+ * Prevents path traversal attacks using .. or absolute paths.
+ *
+ * @param targetPath - The path to validate (relative or absolute)
+ * @param workingDir - The allowed working directory boundary
+ * @returns PathValidationResult with validation status and resolved path
+ */
+export function validatePathWithinWorkingDir(
+  targetPath: string,
+  workingDir: string
+): PathValidationResult {
+  try {
+    // Normalize the working directory to get canonical path
+    const normalizedWorkingDir = resolve(workingDir);
+    // Resolve the target path relative to working directory
+    let resolvedPath: string;
+    if (isAbsolute(targetPath)) {
+      resolvedPath = resolve(targetPath);
+    } else {
+      resolvedPath = resolve(normalizedWorkingDir, targetPath);
+    }
+    // Normalize to remove any .. or . segments
+    resolvedPath = normalize(resolvedPath);
+    // Check if the resolved path starts with the working directory
+    // Add trailing separator to prevent partial matches (e.g., /home/user vs /home/username)
+    const workingDirWithSep = normalizedWorkingDir.endsWith('/')
+      ? normalizedWorkingDir
+      : `${normalizedWorkingDir}/`;
+    const isWithinWorkingDir =
+      resolvedPath === normalizedWorkingDir ||
+      resolvedPath.startsWith(workingDirWithSep);
+    if (!isWithinWorkingDir) {
+      // Log security violation for monitoring
+      console.error(
+        `[PathUtils] SECURITY: Path traversal attempt blocked. ` +
+        `Target: "${targetPath}", Resolved: "${resolvedPath}", WorkingDir: "${normalizedWorkingDir}"`
+      );
+      return {
+        valid: false,
+        resolvedPath: '',
+        error: 'Access denied: path is outside working directory'
+      };
+    }
+    return {
+      valid: true,
+      resolvedPath
+    };
+  } catch (error: any) {
+    console.error('[PathUtils] Error validating path:', error);
+    return {
+      valid: false,
+      resolvedPath: '',
+      error: `Invalid path: ${error.message}`
+    };
+  }
+}
+/**
+ * Validate both source and destination paths for rename/move operations.
+ * Both paths must be within the working directory.
+ *
+ * @param sourcePath - The source path
+ * @param destPath - The destination path
+ * @param workingDir - The allowed working directory boundary
+ * @returns Object with validation results for both paths
+ */
+export function validateBothPathsWithinWorkingDir(
+  sourcePath: string,
+  destPath: string,
+  workingDir: string
+): {
+  valid: boolean;
+  resolvedSourcePath: string;
+  resolvedDestPath: string;
+  error?: string;
+} {
+  const sourceValidation = validatePathWithinWorkingDir(sourcePath, workingDir);
+  if (!sourceValidation.valid) {
+    return {
+      valid: false,
+      resolvedSourcePath: '',
+      resolvedDestPath: '',
+      error: `Source path error: ${sourceValidation.error}`
+    };
+  }
+  const destValidation = validatePathWithinWorkingDir(destPath, workingDir);
+  if (!destValidation.valid) {
+    return {
+      valid: false,
+      resolvedSourcePath: '',
+      resolvedDestPath: '',
+      error: `Destination path error: ${destValidation.error}`
+    };
+  }
+  return {
+    valid: true,
+    resolvedSourcePath: sourceValidation.resolvedPath,
+    resolvedDestPath: destValidation.resolvedPath
+  };
+}
+/**
+ * Get the relative path from working directory.
+ * Useful for returning user-friendly paths in responses.
+ *
+ * @param absolutePath - The absolute path
+ * @param workingDir - The working directory
+ * @returns Relative path from working directory
+ */
+export function getRelativePath(absolutePath: string, workingDir: string): string {
+  return relative(resolve(workingDir), absolutePath);
+}
+/**
+ * Check if a path contains dangerous patterns that should be blocked.
+ * This is an additional layer of defense beyond path validation.
+ *
+ * @param path - The path to check
+ * @returns true if path contains dangerous patterns
+ */
+export function containsDangerousPatterns(path: string): boolean {
+  const dangerousPatterns = [
+    /\0/, // Null bytes
+    /^~/, // Home directory expansion (should use absolute paths)
+    /\$\{/, // Variable expansion
+    /\$\(/, // Command substitution
+  ];
+  return dangerousPatterns.some(pattern => pattern.test(path));
+}