npm - mstro-app - Versions diffs - 0.1.47 - Mend

mstro-app 0.1.47

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (213) hide show

package/LICENSE +21 -0
package/README.md +177 -0
package/bin/commands/config.js +145 -0
package/bin/commands/login.js +313 -0
package/bin/commands/logout.js +75 -0
package/bin/commands/status.js +197 -0
package/bin/commands/whoami.js +161 -0
package/bin/configure-claude.js +298 -0
package/bin/mstro.js +581 -0
package/bin/postinstall.js +45 -0
package/bin/release.sh +110 -0
package/dist/server/cli/headless/claude-invoker.d.ts +17 -0
package/dist/server/cli/headless/claude-invoker.d.ts.map +1 -0
package/dist/server/cli/headless/claude-invoker.js +311 -0
package/dist/server/cli/headless/claude-invoker.js.map +1 -0
package/dist/server/cli/headless/index.d.ts +13 -0
package/dist/server/cli/headless/index.d.ts.map +1 -0
package/dist/server/cli/headless/index.js +10 -0
package/dist/server/cli/headless/index.js.map +1 -0
package/dist/server/cli/headless/mcp-config.d.ts +11 -0
package/dist/server/cli/headless/mcp-config.d.ts.map +1 -0
package/dist/server/cli/headless/mcp-config.js +76 -0
package/dist/server/cli/headless/mcp-config.js.map +1 -0
package/dist/server/cli/headless/output-utils.d.ts +33 -0
package/dist/server/cli/headless/output-utils.d.ts.map +1 -0
package/dist/server/cli/headless/output-utils.js +101 -0
package/dist/server/cli/headless/output-utils.js.map +1 -0
package/dist/server/cli/headless/prompt-utils.d.ts +21 -0
package/dist/server/cli/headless/prompt-utils.d.ts.map +1 -0
package/dist/server/cli/headless/prompt-utils.js +84 -0
package/dist/server/cli/headless/prompt-utils.js.map +1 -0
package/dist/server/cli/headless/runner.d.ts +24 -0
package/dist/server/cli/headless/runner.d.ts.map +1 -0
package/dist/server/cli/headless/runner.js +99 -0
package/dist/server/cli/headless/runner.js.map +1 -0
package/dist/server/cli/headless/types.d.ts +106 -0
package/dist/server/cli/headless/types.d.ts.map +1 -0
package/dist/server/cli/headless/types.js +4 -0
package/dist/server/cli/headless/types.js.map +1 -0
package/dist/server/cli/improvisation-session-manager.d.ts +155 -0
package/dist/server/cli/improvisation-session-manager.d.ts.map +1 -0
package/dist/server/cli/improvisation-session-manager.js +415 -0
package/dist/server/cli/improvisation-session-manager.js.map +1 -0
package/dist/server/index.d.ts +2 -0
package/dist/server/index.d.ts.map +1 -0
package/dist/server/index.js +386 -0
package/dist/server/index.js.map +1 -0
package/dist/server/mcp/bouncer-cli.d.ts +3 -0
package/dist/server/mcp/bouncer-cli.d.ts.map +1 -0
package/dist/server/mcp/bouncer-cli.js +99 -0
package/dist/server/mcp/bouncer-cli.js.map +1 -0
package/dist/server/mcp/bouncer-integration.d.ts +36 -0
package/dist/server/mcp/bouncer-integration.d.ts.map +1 -0
package/dist/server/mcp/bouncer-integration.js +301 -0
package/dist/server/mcp/bouncer-integration.js.map +1 -0
package/dist/server/mcp/security-audit.d.ts +52 -0
package/dist/server/mcp/security-audit.d.ts.map +1 -0
package/dist/server/mcp/security-audit.js +118 -0
package/dist/server/mcp/security-audit.js.map +1 -0
package/dist/server/mcp/security-patterns.d.ts +73 -0
package/dist/server/mcp/security-patterns.d.ts.map +1 -0
package/dist/server/mcp/security-patterns.js +247 -0
package/dist/server/mcp/security-patterns.js.map +1 -0
package/dist/server/mcp/server.d.ts +3 -0
package/dist/server/mcp/server.d.ts.map +1 -0
package/dist/server/mcp/server.js +146 -0
package/dist/server/mcp/server.js.map +1 -0
package/dist/server/routes/files.d.ts +9 -0
package/dist/server/routes/files.d.ts.map +1 -0
package/dist/server/routes/files.js +24 -0
package/dist/server/routes/files.js.map +1 -0
package/dist/server/routes/improvise.d.ts +3 -0
package/dist/server/routes/improvise.d.ts.map +1 -0
package/dist/server/routes/improvise.js +72 -0
package/dist/server/routes/improvise.js.map +1 -0
package/dist/server/routes/index.d.ts +10 -0
package/dist/server/routes/index.d.ts.map +1 -0
package/dist/server/routes/index.js +12 -0
package/dist/server/routes/index.js.map +1 -0
package/dist/server/routes/instances.d.ts +10 -0
package/dist/server/routes/instances.d.ts.map +1 -0
package/dist/server/routes/instances.js +47 -0
package/dist/server/routes/instances.js.map +1 -0
package/dist/server/routes/notifications.d.ts +3 -0
package/dist/server/routes/notifications.d.ts.map +1 -0
package/dist/server/routes/notifications.js +136 -0
package/dist/server/routes/notifications.js.map +1 -0
package/dist/server/services/analytics.d.ts +56 -0
package/dist/server/services/analytics.d.ts.map +1 -0
package/dist/server/services/analytics.js +240 -0
package/dist/server/services/analytics.js.map +1 -0
package/dist/server/services/auth.d.ts +26 -0
package/dist/server/services/auth.d.ts.map +1 -0
package/dist/server/services/auth.js +71 -0
package/dist/server/services/auth.js.map +1 -0
package/dist/server/services/client-id.d.ts +10 -0
package/dist/server/services/client-id.d.ts.map +1 -0
package/dist/server/services/client-id.js +61 -0
package/dist/server/services/client-id.js.map +1 -0
package/dist/server/services/credentials.d.ts +39 -0
package/dist/server/services/credentials.d.ts.map +1 -0
package/dist/server/services/credentials.js +110 -0
package/dist/server/services/credentials.js.map +1 -0
package/dist/server/services/files.d.ts +119 -0
package/dist/server/services/files.d.ts.map +1 -0
package/dist/server/services/files.js +560 -0
package/dist/server/services/files.js.map +1 -0
package/dist/server/services/instances.d.ts +52 -0
package/dist/server/services/instances.d.ts.map +1 -0
package/dist/server/services/instances.js +241 -0
package/dist/server/services/instances.js.map +1 -0
package/dist/server/services/pathUtils.d.ts +47 -0
package/dist/server/services/pathUtils.d.ts.map +1 -0
package/dist/server/services/pathUtils.js +124 -0
package/dist/server/services/pathUtils.js.map +1 -0
package/dist/server/services/platform.d.ts +72 -0
package/dist/server/services/platform.d.ts.map +1 -0
package/dist/server/services/platform.js +368 -0
package/dist/server/services/platform.js.map +1 -0
package/dist/server/services/sentry.d.ts +5 -0
package/dist/server/services/sentry.d.ts.map +1 -0
package/dist/server/services/sentry.js +71 -0
package/dist/server/services/sentry.js.map +1 -0
package/dist/server/services/terminal/pty-manager.d.ts +149 -0
package/dist/server/services/terminal/pty-manager.d.ts.map +1 -0
package/dist/server/services/terminal/pty-manager.js +377 -0
package/dist/server/services/terminal/pty-manager.js.map +1 -0
package/dist/server/services/terminal/tmux-manager.d.ts +82 -0
package/dist/server/services/terminal/tmux-manager.d.ts.map +1 -0
package/dist/server/services/terminal/tmux-manager.js +352 -0
package/dist/server/services/terminal/tmux-manager.js.map +1 -0
package/dist/server/services/websocket/autocomplete.d.ts +50 -0
package/dist/server/services/websocket/autocomplete.d.ts.map +1 -0
package/dist/server/services/websocket/autocomplete.js +361 -0
package/dist/server/services/websocket/autocomplete.js.map +1 -0
package/dist/server/services/websocket/file-utils.d.ts +44 -0
package/dist/server/services/websocket/file-utils.d.ts.map +1 -0
package/dist/server/services/websocket/file-utils.js +272 -0
package/dist/server/services/websocket/file-utils.js.map +1 -0
package/dist/server/services/websocket/handler.d.ts +246 -0
package/dist/server/services/websocket/handler.d.ts.map +1 -0
package/dist/server/services/websocket/handler.js +1771 -0
package/dist/server/services/websocket/handler.js.map +1 -0
package/dist/server/services/websocket/index.d.ts +11 -0
package/dist/server/services/websocket/index.d.ts.map +1 -0
package/dist/server/services/websocket/index.js +14 -0
package/dist/server/services/websocket/index.js.map +1 -0
package/dist/server/services/websocket/types.d.ts +214 -0
package/dist/server/services/websocket/types.d.ts.map +1 -0
package/dist/server/services/websocket/types.js +4 -0
package/dist/server/services/websocket/types.js.map +1 -0
package/dist/server/utils/agent-manager.d.ts +69 -0
package/dist/server/utils/agent-manager.d.ts.map +1 -0
package/dist/server/utils/agent-manager.js +269 -0
package/dist/server/utils/agent-manager.js.map +1 -0
package/dist/server/utils/paths.d.ts +25 -0
package/dist/server/utils/paths.d.ts.map +1 -0
package/dist/server/utils/paths.js +38 -0
package/dist/server/utils/paths.js.map +1 -0
package/dist/server/utils/port-manager.d.ts +10 -0
package/dist/server/utils/port-manager.d.ts.map +1 -0
package/dist/server/utils/port-manager.js +60 -0
package/dist/server/utils/port-manager.js.map +1 -0
package/dist/server/utils/port.d.ts +26 -0
package/dist/server/utils/port.d.ts.map +1 -0
package/dist/server/utils/port.js +83 -0
package/dist/server/utils/port.js.map +1 -0
package/hooks/bouncer.sh +138 -0
package/package.json +74 -0
package/server/README.md +191 -0
package/server/cli/headless/claude-invoker.ts +415 -0
package/server/cli/headless/index.ts +39 -0
package/server/cli/headless/mcp-config.ts +87 -0
package/server/cli/headless/output-utils.ts +109 -0
package/server/cli/headless/prompt-utils.ts +108 -0
package/server/cli/headless/runner.ts +133 -0
package/server/cli/headless/types.ts +118 -0
package/server/cli/improvisation-session-manager.ts +531 -0
package/server/index.ts +456 -0
package/server/mcp/README.md +122 -0
package/server/mcp/bouncer-cli.ts +127 -0
package/server/mcp/bouncer-integration.ts +430 -0
package/server/mcp/security-audit.ts +180 -0
package/server/mcp/security-patterns.ts +290 -0
package/server/mcp/server.ts +174 -0
package/server/routes/files.ts +29 -0
package/server/routes/improvise.ts +82 -0
package/server/routes/index.ts +13 -0
package/server/routes/instances.ts +54 -0
package/server/routes/notifications.ts +158 -0
package/server/services/analytics.ts +277 -0
package/server/services/auth.ts +80 -0
package/server/services/client-id.ts +68 -0
package/server/services/credentials.ts +134 -0
package/server/services/files.ts +710 -0
package/server/services/instances.ts +275 -0
package/server/services/pathUtils.ts +158 -0
package/server/services/platform.test.ts +1314 -0
package/server/services/platform.ts +435 -0
package/server/services/sentry.ts +81 -0
package/server/services/terminal/pty-manager.ts +464 -0
package/server/services/terminal/tmux-manager.ts +426 -0
package/server/services/websocket/autocomplete.ts +438 -0
package/server/services/websocket/file-utils.ts +305 -0
package/server/services/websocket/handler.test.ts +20 -0
package/server/services/websocket/handler.ts +2047 -0
package/server/services/websocket/index.ts +40 -0
package/server/services/websocket/types.ts +339 -0
package/server/tsconfig.json +19 -0
package/server/utils/agent-manager.ts +323 -0
package/server/utils/paths.ts +45 -0
package/server/utils/port-manager.ts +70 -0
package/server/utils/port.ts +102 -0

package/server/services/websocket/file-utils.ts ADDED Viewed

@@ -0,0 +1,305 @@
+// Copyright (c) 2025-present Mstro, Inc. All rights reserved.
+// Licensed under the MIT License. See LICENSE file for details.
+/**
+ * File Utilities
+ *
+ * File type detection, gitignore parsing, and directory scanning utilities.
+ */
+import { existsSync, readdirSync, readFileSync, statSync } from 'node:fs';
+import { extname, join, relative, sep } from 'node:path';
+import type { CacheEntry, } from './types.js';
+// Directories always excluded from autocomplete scanning
+const ALWAYS_IGNORE_DIRS = new Set([
+  'node_modules', 'dist', 'dist-ssr', '.git', '__pycache__',
+  '.next', '.turbo', 'build', '.cache', 'coverage',
+  '.parcel-cache', '.nuxt', '.output', '.vercel', '.netlify',
+  '.nyc_output', 'venv', '.venv'
+]);
+// File type categorization for icons
+export const FILE_TYPE_MAP: Record<string, string> = {
+  // JavaScript/TypeScript
+  '.js': 'javascript',
+  '.jsx': 'javascript',
+  '.ts': 'typescript',
+  '.tsx': 'typescript',
+  '.mjs': 'javascript',
+  '.cjs': 'javascript',
+  // Web
+  '.html': 'html',
+  '.htm': 'html',
+  '.css': 'css',
+  '.scss': 'css',
+  '.sass': 'css',
+  '.less': 'css',
+  // Data
+  '.json': 'json',
+  '.yaml': 'yaml',
+  '.yml': 'yaml',
+  '.xml': 'xml',
+  '.toml': 'config',
+  // Config
+  '.env': 'config',
+  '.gitignore': 'config',
+  '.eslintrc': 'config',
+  '.prettierrc': 'config',
+  // Documentation
+  '.md': 'markdown',
+  '.mdx': 'markdown',
+  '.txt': 'text',
+  '.rst': 'text',
+  // Images
+  '.png': 'image',
+  '.jpg': 'image',
+  '.jpeg': 'image',
+  '.gif': 'image',
+  '.svg': 'image',
+  '.webp': 'image',
+  '.ico': 'image',
+  // Other languages
+  '.py': 'python',
+  '.rb': 'ruby',
+  '.go': 'go',
+  '.rs': 'rust',
+  '.java': 'java',
+  '.kt': 'kotlin',
+  '.swift': 'swift',
+  '.c': 'c',
+  '.cpp': 'cpp',
+  '.h': 'c',
+  '.hpp': 'cpp',
+  '.cs': 'csharp',
+  '.php': 'php',
+  '.sh': 'shell',
+  '.bash': 'shell',
+  '.zsh': 'shell',
+  '.fish': 'shell',
+  // Build/Package
+  '.lock': 'lock',
+  '.log': 'log',
+};
+// Directory cache
+export const directoryCache = new Map<string, CacheEntry>();
+export const CACHE_TTL_MS = 5000; // 5 second cache
+/**
+ * Get file type from extension
+ */
+export function getFileType(filePath: string): string {
+  const ext = extname(filePath).toLowerCase();
+  return FILE_TYPE_MAP[ext] || 'file';
+}
+/**
+ * Parse .gitignore patterns
+ */
+export function parseGitignore(workingDir: string): string[] {
+  const gitignorePath = join(workingDir, '.gitignore');
+  if (!existsSync(gitignorePath)) {
+    return [];
+  }
+  try {
+    const content = readFileSync(gitignorePath, 'utf-8');
+    const patterns = content
+      .split('\n')
+      .map(line => line.trim())
+      .filter(line => line && !line.startsWith('#') && !line.startsWith('!'));
+    return patterns;
+  } catch (error) {
+    console.error('[FileUtils] Error parsing .gitignore:', error);
+    return [];
+  }
+}
+/**
+ * Check if path matches gitignore pattern
+ * Follows gitignore semantics:
+ * - Patterns without slashes match anywhere in the path (e.g., "node_modules" matches "foo/node_modules/bar")
+ * - Patterns with slashes are anchored to the root (e.g., "src/foo" only matches "src/foo")
+ * - Patterns ending with / match directories
+ */
+function matchesSinglePattern(normalizedPath: string, pathSegments: string[], pattern: string): boolean {
+  const normalizedPattern = pattern.replace(/\\/g, '/');
+  const isDirectoryPattern = normalizedPattern.endsWith('/');
+  const cleanPattern = isDirectoryPattern ? normalizedPattern.slice(0, -1) : normalizedPattern;
+  if (cleanPattern.includes('/')) {
+    return normalizedPath === cleanPattern || normalizedPath.startsWith(`${cleanPattern}/`);
+  }
+  if (pathSegments.includes(cleanPattern)) {
+    return true;
+  }
+  if (cleanPattern.includes('*')) {
+    const regexPattern = cleanPattern
+      .replace(/\./g, '\\.')
+      .replace(/\*\*/g, '.*')
+      .replace(/\*/g, '[^/]*');
+    return new RegExp(`(^|/)${regexPattern}($|/)`).test(normalizedPath);
+  }
+  return false;
+}
+export function isIgnored(path: string, patterns: string[]): boolean {
+  const normalizedPath = path.replace(/\\/g, '/');
+  const pathSegments = normalizedPath.split('/');
+  return patterns.some(pattern => matchesSinglePattern(normalizedPath, pathSegments, pattern));
+}
+/**
+ * Recursively scan directory with depth limit for performance
+ */
+function shouldScanEntry(entry: { name: string; isDirectory: () => boolean }, relativePath: string, gitignorePatterns: string[]): boolean {
+  if (entry.name.startsWith('.')) return false;
+  if (entry.isDirectory() && ALWAYS_IGNORE_DIRS.has(entry.name)) return false;
+  if (gitignorePatterns.length > 0 && isIgnored(relativePath, gitignorePatterns)) return false;
+  return true;
+}
+export function scanDirectoryRecursiveWithDepth(
+  dir: string,
+  baseDir: string,
+  gitignorePatterns: string[],
+  results: Array<{ relativePath: string; isDirectory: boolean }> = [],
+  maxResults: number = 1000,
+  maxDepth: number = 10,
+  currentDepth: number = 0
+): Array<{ relativePath: string; isDirectory: boolean }> {
+  try {
+    if (results.length >= maxResults || currentDepth >= maxDepth) {
+      return results;
+    }
+    const entries = readdirSync(dir, { withFileTypes: true });
+    for (const entry of entries) {
+      if (results.length >= maxResults) break;
+      const fullPath = join(dir, entry.name);
+      const relativePath = relative(baseDir, fullPath);
+      if (!shouldScanEntry(entry, relativePath, gitignorePatterns)) continue;
+      results.push({ relativePath, isDirectory: entry.isDirectory() });
+      if (entry.isDirectory() && results.length < maxResults && currentDepth + 1 < maxDepth) {
+        scanDirectoryRecursiveWithDepth(fullPath, baseDir, gitignorePatterns, results, maxResults, maxDepth, currentDepth + 1);
+      }
+    }
+  } catch {
+    // Skip directories we can't read
+  }
+  return results;
+}
+/**
+ * Check if a path is in a safe location for reading (outside working dir)
+ */
+export function isPathInSafeLocation(fullPath: string): boolean {
+  const homeDir = process.env.HOME || process.env.USERPROFILE || '';
+  const safePatterns = [
+    join(homeDir, 'Desktop'),
+    join(homeDir, 'Downloads'),
+    join(homeDir, 'Pictures'),
+    join(homeDir, 'Documents'),
+    '/var/folders/', // macOS temp directories for screenshots
+    '/tmp/',
+    process.env.TMPDIR || '/tmp'
+  ];
+  return safePatterns.some(safePath => fullPath.startsWith(safePath));
+}
+/**
+ * Check if a file is an image based on extension
+ */
+export function isImageFile(filePath: string): boolean {
+  const imageExtensions = ['.png', '.jpg', '.jpeg', '.gif', '.webp', '.bmp', '.tiff', '.ico', '.svg'];
+  const ext = filePath.toLowerCase().split('.').pop();
+  return ext ? imageExtensions.includes(`.${ext}`) : false;
+}
+type FileContentResult = { path: string; fileName: string; content: string; size?: number; modifiedAt?: string; isImage?: boolean; mimeType?: string; error?: string };
+function readDirectoryContent(fullPath: string, filePath: string, fileName: string): FileContentResult {
+  try {
+    const entries = readdirSync(fullPath, { withFileTypes: true });
+    const listing = entries
+      .filter(e => !e.name.startsWith('.'))
+      .sort((a, b) => {
+        if (a.isDirectory() && !b.isDirectory()) return -1;
+        if (!a.isDirectory() && b.isDirectory()) return 1;
+        return a.name.localeCompare(b.name);
+      })
+      .map(e => e.isDirectory() ? `${e.name}/` : e.name)
+      .join('\n');
+    return { path: filePath, fileName, content: listing, size: listing.length };
+  } catch {
+    return { path: filePath, fileName, content: '', error: 'Cannot read directory' };
+  }
+}
+function readImageContent(fullPath: string, filePath: string, fileName: string, stats: { size: number; mtime: Date }): FileContentResult {
+  const buffer = readFileSync(fullPath);
+  const ext = fullPath.toLowerCase().split('.').pop() || 'png';
+  const mimeType = ext === 'svg' ? 'image/svg+xml' : ext === 'jpg' ? 'image/jpeg' : `image/${ext}`;
+  return {
+    path: filePath, fileName,
+    content: buffer.toString('base64'),
+    size: stats.size, modifiedAt: stats.mtime.toISOString(),
+    isImage: true, mimeType
+  };
+}
+function readTextContent(fullPath: string, filePath: string, fileName: string, stats: { size: number; mtime: Date }): FileContentResult {
+  return {
+    path: filePath, fileName,
+    content: readFileSync(fullPath, 'utf-8'),
+    size: stats.size, modifiedAt: stats.mtime.toISOString()
+  };
+}
+/**
+ * Read file content for context injection
+ */
+export function readFileContent(filePath: string, workingDir: string): FileContentResult {
+  try {
+    const fullPath = filePath.startsWith('/') ? filePath : join(workingDir, filePath);
+    const fileName = fullPath.split(sep).pop() || filePath;
+    const normalizedPath = join(fullPath);
+    const isInWorkingDir = normalizedPath.startsWith(join(workingDir));
+    if (!isInWorkingDir && !isPathInSafeLocation(normalizedPath)) {
+      return { path: filePath, fileName, content: '', error: 'Access denied: path outside allowed locations' };
+    }
+    if (!existsSync(fullPath)) {
+      return { path: filePath, fileName, content: '', error: 'File not found' };
+    }
+    const stats = statSync(fullPath);
+    if (stats.isDirectory()) {
+      return readDirectoryContent(fullPath, filePath, fileName);
+    }
+    const isImage = isImageFile(fullPath);
+    const MAX_FILE_SIZE = isImage ? 10 * 1024 * 1024 : 1024 * 1024;
+    if (stats.size > MAX_FILE_SIZE) {
+      return { path: filePath, fileName, content: '', size: stats.size, error: `File too large (${Math.round(stats.size / 1024)}KB). Maximum is ${isImage ? '10MB' : '1MB'}.` };
+    }
+    return isImage
+      ? readImageContent(fullPath, filePath, fileName, stats)
+      : readTextContent(fullPath, filePath, fileName, stats);
+  } catch (error: any) {
+    console.error('[FileUtils] Error reading file:', error);
+    return { path: filePath, fileName: filePath.split(sep).pop() || filePath, content: '', error: error.message || 'Failed to read file' };
+  }
+}

package/server/services/websocket/handler.test.ts ADDED Viewed

@@ -0,0 +1,20 @@
+import { readFileSync } from 'node:fs'
+import { join } from 'node:path'
+import { describe, expect, it } from 'vitest'
+describe('WebSocket handler code quality', () => {
+  const handlerSource = readFileSync(
+    join(import.meta.dirname || __dirname, 'handler.ts'),
+    'utf-8'
+  )
+  it('does not use require() — ESM only', () => {
+    // Ensure no require() calls exist (the bug was require('fs').mkdirSync)
+    const requireCalls = handlerSource.match(/require\s*\(/g)
+    expect(requireCalls).toBeNull()
+  })
+  it('imports mkdirSync from fs at the top level', () => {
+    expect(handlerSource).toContain("import { existsSync, mkdirSync, readdirSync, readFileSync, unlinkSync, writeFileSync } from 'node:fs'")
+  })
+})