multimodel-dev-os 3.1.0 → 3.5.0

package/src/core/globals.js

@@ -0,0 +1,52 @@
+import { existsSync, readFileSync } from 'fs';
+import { join, resolve, dirname } from 'path';
+import { fileURLToPath } from 'url';
+import { parseYaml } from './yaml.js';
+
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = dirname(__filename);
+
+// When bundled, __dirname will resolve to F:\multimodel-dev-os\bin or equivalent
+// So resolving '..' will give the project root directory
+export const sourceRoot = resolve(__dirname, '..');
+
+let pkgVersion = '3.0.2';
+try {
+  const pkgData = JSON.parse(readFileSync(resolve(sourceRoot, 'package.json'), 'utf8'));
+  pkgVersion = pkgData.version;
+} catch (e) {}
+
+export const version = pkgVersion;
+
+export function loadTemplates(customPath) {
+  let path = customPath || join(sourceRoot, '.ai', 'templates', 'registry.yaml');
+  try {
+    if (existsSync(path)) {
+      const templatesRegistry = parseYaml(readFileSync(path, 'utf8'));
+      return templatesRegistry.templates || {};
+    }
+  } catch (e) {}
+  return {
+    'general-app': {
+      name: 'general-app',
+      description: 'Baseline generic fallback profile for standard backend systems.',
+      stack: 'Universal backends baseline structure',
+      skill: 'example-skill.md',
+      skillDesc: 'Generic baseline instructions and coding standards.',
+      status: 'stable',
+      maturity: 'production-ready',
+      required_files: ['AGENTS.md', 'MEMORY.md', 'TASKS.md', 'RUNBOOK.md', '.ai/config.yaml']
+    }
+  };
+}
+
+export function loadAdapters(customPath) {
+  let path = customPath || join(sourceRoot, '.ai', 'adapters', 'registry.yaml');
+  try {
+    if (existsSync(path)) {
+      const adaptersRegistry = parseYaml(readFileSync(path, 'utf8'));
+      return adaptersRegistry.adapters || {};
+    }
+  } catch (e) {}
+  return {};
+}

package/src/core/hashes.js

@@ -0,0 +1,15 @@
+import { createHash } from 'crypto';
+import { readFileSync } from 'fs';
+
+export function computeSHA256(content) {
+  return createHash('sha256').update(content, 'utf8').digest('hex');
+}
+
+export function hashFile(filePath) {
+  try {
+    const data = readFileSync(filePath);
+    return createHash('sha256').update(data).digest('hex');
+  } catch (e) {
+    return '';
+  }
+}

package/src/core/policy.js

@@ -0,0 +1,44 @@
+import { existsSync, readFileSync } from 'fs';
+import { join } from 'path';
+import { sourceRoot } from './globals.js';
+import { parseYaml } from './yaml.js';
+
+export function loadRegistryPolicy(targetDir) {
+  const defaults = {
+    allow_remote_registries: false,
+    allow_http_localhost: false,
+    require_approval_for_remote_sync: true,
+    require_checksum: true,
+    require_signature: false,
+    require_lockfile_on_verify: false,
+    allow_untrusted_install: false,
+    allowed_write_roots: ['.ai/', 'adapters/'],
+    blocked_paths: ['.env', '.npmrc', '.git/', 'node_modules/', 'package.json', 'package-lock.json', 'pnpm-lock.yaml', 'yarn.lock'],
+    max_plugin_files: 20,
+    max_plugin_size_kb: 100,
+    max_registry_cache_size_kb: 512,
+    allowed_file_extensions: ['.md', '.yaml', '.yml', '.json'],
+    allow_unsigned_local: true,
+    allow_unsigned_bundled: true,
+    allow_unsigned_remote: false,
+    trusted_keys_file: '.ai/registries/trusted-keys.yaml',
+    allowed_signature_algorithms: ['ed25519', 'hmac-sha256'],
+    require_trusted_publisher: false,
+    provenance_required: true
+  };
+  const paths = [];
+  if (targetDir) {
+    paths.push(join(targetDir, '.ai', 'policies', 'registry-policy.yaml'));
+  }
+  paths.push(join(sourceRoot, '.ai', 'policies', 'registry-policy.yaml'));
+
+  for (const p of paths) {
+    if (existsSync(p)) {
+      try {
+        const parsed = parseYaml(readFileSync(p, 'utf8'));
+        return { ...defaults, ...parsed };
+      } catch (e) {}
+    }
+  }
+  return defaults;
+}

package/src/core/security.js

@@ -0,0 +1,61 @@
+export function shouldIgnorePath(relPath) {
+  const normalized = relPath.replace(/\\/g, '/');
+  const segments = normalized.split('/');
+  
+  // Ignored folders
+  const ignoredFolders = ['node_modules', '.git', 'dist', 'build', '.next', 'coverage'];
+  for (const seg of segments) {
+    if (ignoredFolders.includes(seg)) return true;
+  }
+  
+  // Special check for docs/.vitepress/dist and docs/.vitepress/cache
+  if (normalized.includes('docs/.vitepress/dist') || normalized.includes('docs/.vitepress/cache')) {
+    return true;
+  }
+  
+  // Ignore generated memory and intelligence runtime files
+  if (
+    normalized.endsWith('memory.hash.json') ||
+    normalized.endsWith('memory.summary.md') ||
+    normalized.endsWith('feedback-log.jsonl') ||
+    normalized.endsWith('learning-rules.md') ||
+    normalized.endsWith('apply-log.jsonl') ||
+    normalized.includes('.ai/proposals/')
+  ) {
+    return true;
+  }
+  
+  // Skip secret-like files/patterns
+  const lower = normalized.toLowerCase();
+  const filePart = segments[segments.length - 1];
+  if (
+    lower.endsWith('.env') ||
+    lower.includes('.env.') ||
+    lower.endsWith('.npmrc') ||
+    lower.endsWith('.keystore') ||
+    lower.endsWith('.jks') ||
+    lower.endsWith('.key') ||
+    lower.endsWith('.pem') ||
+    lower.endsWith('credentials.json') ||
+    filePart === 'id_rsa' ||
+    filePart === 'id_dsa' ||
+    filePart === 'id_ecdsa' ||
+    filePart === 'id_ed25519'
+  ) {
+    return true;
+  }
+  
+  return false;
+}
+
+export function isSafePath(filePath, policy = {}) {
+  const normPath = filePath.replace(/\\/g, '/').trim();
+  const allowed_write_roots = policy.allowed_write_roots || ['.ai/', 'adapters/'];
+  const blocked_paths = policy.blocked_paths || ['.env', '.npmrc', '.git/', 'node_modules/', 'package.json', 'package-lock.json', 'pnpm-lock.yaml', 'yarn.lock'];
+
+  const isSafeSubdir = allowed_write_roots.some(prefix => normPath.startsWith(prefix));
+  const hasTraversal = normPath.includes('..') || normPath.startsWith('/') || /^[a-zA-Z]:/.test(normPath);
+  const isBlacklisted = blocked_paths.some(black => normPath.includes(black) || normPath.split('/').includes(black.replace(/\/$/, '')));
+
+  return isSafeSubdir && !hasTraversal && !isBlacklisted;
+}

package/src/core/yaml.js

@@ -0,0 +1,136 @@
+export function parseFlowArray(str) {
+  const contents = str.slice(1, -1).trim();
+  if (!contents) return [];
+
+  const result = [];
+  const regex = /"((?:[^"\\]|\\.)*)"|'((?:[^'\\]|\\.)*)'|([^,\s][^,]*[^,\s]|[^,\s])/g;
+  let match;
+  while ((match = regex.exec(contents)) !== null) {
+    if (match[1] !== undefined) {
+      result.push(match[1].replace(/\\"/g, '"').replace(/\\\\/g, '\\'));
+    } else if (match[2] !== undefined) {
+      result.push(match[2].replace(/\\'/g, "'").replace(/\\\\/g, '\\'));
+    } else if (match[3] !== undefined) {
+      let val = match[3].trim();
+      if (val === 'true') val = true;
+      else if (val === 'false') val = false;
+      else if (val === 'null') val = null;
+      else if (/^-?\d+$/.test(val)) val = parseInt(val, 10);
+      result.push(val);
+    }
+  }
+  return result;
+}
+
+export function parseYaml(content) {
+  try {
+    const root = {};
+    const stack = [{ obj: root, indent: -1, key: null, isArray: false }];
+
+    const lines = content.split(/\r?\n/);
+    for (let line of lines) {
+      // Find comment index outside quotes
+      let commentIdx = -1;
+      let insideDouble = false;
+      let insideSingle = false;
+      for (let i = 0; i < line.length; i++) {
+        const char = line[i];
+        if (char === '"' && (i === 0 || line[i-1] !== '\\')) {
+          insideDouble = !insideDouble;
+        } else if (char === "'" && (i === 0 || line[i-1] !== '\\')) {
+          insideSingle = !insideSingle;
+        } else if (char === '#' && !insideDouble && !insideSingle) {
+          commentIdx = i;
+          break;
+        }
+      }
+      if (commentIdx !== -1) {
+        line = line.substring(0, commentIdx);
+      }
+      line = line.trimEnd();
+      if (!line.trim()) continue;
+
+      const indent = line.match(/^ */)[0].length;
+      let trimmed = line.trim();
+
+      while (stack.length > 1 && indent <= stack[stack.length - 1].indent) {
+        stack.pop();
+      }
+
+      const parent = stack[stack.length - 1];
+
+      if (trimmed.startsWith('-')) {
+        trimmed = trimmed.substring(1).trim();
+        if (!Array.isArray(parent.obj)) {
+          const grandparent = stack[stack.length - 2];
+          if (grandparent) {
+            grandparent.obj[parent.key] = [];
+            parent.obj = grandparent.obj[parent.key];
+          }
+        }
+        
+        const colonIdx = trimmed.indexOf(':');
+        if (colonIdx === -1) {
+          let val = trimmed;
+          if ((val.startsWith('"') && val.endsWith('"')) || (val.startsWith("'") && val.endsWith("'"))) {
+            val = val.substring(1, val.length - 1);
+          }
+          if (val.startsWith('[') && val.endsWith(']')) {
+            val = parseFlowArray(val);
+          }
+          parent.obj.push(val);
+        } else {
+          const key = trimmed.substring(0, colonIdx).trim();
+          let val = trimmed.substring(colonIdx + 1).trim();
+          let isQuoted = false;
+          if ((val.startsWith('"') && val.endsWith('"')) || (val.startsWith("'") && val.endsWith("'"))) {
+            val = val.substring(1, val.length - 1);
+            isQuoted = true;
+          }
+          if (val.startsWith('[') && val.endsWith(']')) {
+            val = parseFlowArray(val);
+          } else if (!isQuoted) {
+            if (val === 'true') val = true;
+            else if (val === 'false') val = false;
+            else if (val === 'null') val = null;
+            else if (/^-?\d+$/.test(val)) val = parseInt(val, 10);
+          }
+
+          const newObj = { [key]: val };
+          parent.obj.push(newObj);
+          stack.push({ obj: newObj, indent: indent, key: key, isArray: false });
+        }
+      } else {
+        const colonIdx = trimmed.indexOf(':');
+        if (colonIdx === -1) continue;
+
+        const key = trimmed.substring(0, colonIdx).trim();
+        let val = trimmed.substring(colonIdx + 1).trim();
+        let isQuoted = false;
+        if ((val.startsWith('"') && val.endsWith('"')) || (val.startsWith("'") && val.endsWith("'"))) {
+          val = val.substring(1, val.length - 1);
+          isQuoted = true;
+        }
+        if (val.startsWith('[') && val.endsWith(']')) {
+          val = parseFlowArray(val);
+        } else if (!isQuoted) {
+          if (val === 'true') val = true;
+          else if (val === 'false') val = false;
+          else if (val === 'null') val = null;
+          else if (/^-?\d+$/.test(val)) val = parseInt(val, 10);
+        }
+
+        if (val === '') {
+          parent.obj[key] = {};
+          stack.push({ obj: parent.obj[key], indent: indent, key: key, isArray: false });
+        } else {
+          parent.obj[key] = val;
+        }
+      }
+    }
+    return root;
+  } catch (e) {
+    console.warn(`\x1b[33m[WARNING] Failed to parse YAML: ${e.message}\x1b[0m`);
+    return {};
+  }
+}

package/src/plugin/manifest.js

@@ -0,0 +1,95 @@
+export function validatePluginManifest(manifestObj) {
+  const errors = [];
+
+  const reqKeys = ['name', 'slug', 'version', 'description', 'author'];
+  reqKeys.forEach(k => {
+    if (manifestObj[k] === undefined || manifestObj[k] === null) {
+      errors.push(`Missing required key: ${k}`);
+    } else if (typeof manifestObj[k] !== 'string') {
+      errors.push(`Key '${k}' must be a string`);
+    } else if (k === 'slug') {
+      if (!/^[a-z0-9-_]+$/i.test(manifestObj[k])) {
+        errors.push(`Key 'slug' must be alphanumeric with dashes or underscores only`);
+      }
+    }
+  });
+
+  if (manifestObj.allowed_file_patterns !== undefined) {
+    if (!Array.isArray(manifestObj.allowed_file_patterns)) {
+      errors.push(`allowed_file_patterns must be an array`);
+    } else {
+      manifestObj.allowed_file_patterns.forEach(pat => {
+        if (typeof pat !== 'string') {
+          errors.push(`allowed_file_patterns item must be a string: ${pat}`);
+          return;
+        }
+        const normPattern = pat.replace(/\\/g, '/').trim();
+        const isSafeSubdir = [
+          '.ai/plugins/',
+          '.ai/registries/',
+          '.ai/templates/',
+          '.ai/skills/',
+          '.ai/checks/',
+          '.ai/prompts/',
+          '.ai/adapters/',
+          'adapters/'
+        ].some(prefix => normPattern.startsWith(prefix));
+
+        const hasTraversal = normPattern.includes('..') || normPattern.startsWith('/');
+        const isBlacklisted = [
+          '.env',
+          '.npmrc',
+          '.git/',
+          'node_modules/',
+          'package.json',
+          'package-lock.json'
+        ].some(black => normPattern.includes(black));
+
+        if (!isSafeSubdir || hasTraversal || isBlacklisted) {
+          errors.push(`File pattern '${pat}' violates safety boundaries`);
+        }
+      });
+    }
+  }
+
+  if (manifestObj.denied_file_patterns !== undefined) {
+    if (!Array.isArray(manifestObj.denied_file_patterns)) {
+      errors.push(`denied_file_patterns must be an array`);
+    } else {
+      manifestObj.denied_file_patterns.forEach(pat => {
+        if (typeof pat !== 'string') {
+          errors.push(`denied_file_patterns item must be a string: ${pat}`);
+        }
+      });
+    }
+  }
+
+  if (manifestObj.workflows !== undefined) {
+    if (typeof manifestObj.workflows !== 'object' || Array.isArray(manifestObj.workflows)) {
+      errors.push(`workflows must be an object`);
+    }
+  }
+
+  if (manifestObj.templates !== undefined) {
+    if (typeof manifestObj.templates !== 'object' || Array.isArray(manifestObj.templates)) {
+      errors.push(`templates must be an object`);
+    }
+  }
+
+  if (manifestObj.adapters !== undefined) {
+    if (typeof manifestObj.adapters !== 'object' || Array.isArray(manifestObj.adapters)) {
+      errors.push(`adapters must be an object`);
+    }
+  }
+
+  if (manifestObj.safety_notes !== undefined) {
+    if (typeof manifestObj.safety_notes !== 'string') {
+      errors.push(`safety_notes must be a string`);
+    }
+  }
+
+  return {
+    success: errors.length === 0,
+    errors
+  };
+}

package/src/registry/provenance.js

@@ -0,0 +1,114 @@
+/**
+ * Registry Provenance — Lockfile I/O
+ *
+ * Manages `.ai/registry-lock.json`, the tamper-evident record that captures
+ * deterministic provenance for every synced registry: URL, catalog/manifest
+ * hashes, sync timestamp, and optional HMAC-SHA256 signature.
+ *
+ * This module is pure I/O + structure. No signing logic lives here.
+ * See: src/registry/signing.js for HMAC operations.
+ */
+
+import { existsSync, readFileSync, writeFileSync, mkdirSync } from 'fs';
+import { join, dirname } from 'path';
+
+const LOCKFILE_VERSION = '1';
+const LOCKFILE_FILENAME = 'registry-lock.json';
+
+/**
+ * Return the absolute path to the registry lockfile for a given project dir.
+ * @param {string} targetDir  Absolute path to the project root.
+ * @returns {string}
+ */
+export function getLockfilePath(targetDir) {
+  return join(targetDir, '.ai', LOCKFILE_FILENAME);
+}
+
+/**
+ * Load the registry lockfile from disk.
+ * Returns a well-formed empty structure if the file does not exist or is invalid.
+ *
+ * @param {string} targetDir  Absolute path to the project root.
+ * @returns {{ lockfile_version: string, generated_at: string, entries: Object }}
+ */
+export function loadRegistryLockfile(targetDir) {
+  const lockfilePath = getLockfilePath(targetDir);
+  const empty = { lockfile_version: LOCKFILE_VERSION, generated_at: '', entries: {} };
+
+  if (!existsSync(lockfilePath)) {
+    return empty;
+  }
+
+  try {
+    const raw = readFileSync(lockfilePath, 'utf8');
+    const parsed = JSON.parse(raw);
+    if (!parsed || typeof parsed !== 'object' || !parsed.entries) {
+      return empty;
+    }
+    // Ensure lockfile_version is present
+    parsed.lockfile_version = parsed.lockfile_version || LOCKFILE_VERSION;
+    return parsed;
+  } catch (_e) {
+    return empty;
+  }
+}
+
+/**
+ * Persist the lockfile to disk.
+ * Creates the `.ai/` directory if it does not exist.
+ *
+ * @param {string} targetDir  Absolute path to the project root.
+ * @param {{ lockfile_version: string, generated_at: string, entries: Object }} lockfile
+ */
+export function saveRegistryLockfile(targetDir, lockfile) {
+  const lockfilePath = getLockfilePath(targetDir);
+  const lockfileDir = dirname(lockfilePath);
+
+  if (!existsSync(lockfileDir)) {
+    mkdirSync(lockfileDir, { recursive: true });
+  }
+
+  lockfile.generated_at = new Date().toISOString();
+  lockfile.lockfile_version = LOCKFILE_VERSION;
+
+  writeFileSync(lockfilePath, JSON.stringify(lockfile, null, 2) + '\n', 'utf8');
+}
+
+/**
+ * Upsert a provenance entry for a registry into the lockfile object.
+ * Does NOT write to disk — call saveRegistryLockfile() after this.
+ *
+ * @param {{ entries: Object }} lockfile         The lockfile object to mutate.
+ * @param {string}              name             Registry name key.
+ * @param {ProvenanceEntry}     entry
+ *
+ * @typedef  {Object}      ProvenanceEntry
+ * @property {string}      url              Registry URL.
+ * @property {string}      synced_at        ISO 8601 timestamp of the sync.
+ * @property {string}      catalog_sha256   SHA-256 hex of the downloaded catalog.yaml.
+ * @property {string|null} manifest_sha256  SHA-256 hex of manifest.json (null if not downloaded).
+ * @property {string|null} signature        HMAC-SHA256 hex of catalog_sha256 (null if no key).
+ * @property {string}      signature_alg    Algorithm identifier (e.g. "hmac-sha256").
+ */
+export function updateLockfileEntry(lockfile, name, entry) {
+  if (!lockfile.entries || typeof lockfile.entries !== 'object') {
+    lockfile.entries = {};
+  }
+  lockfile.entries[name] = {
+    url: entry.url,
+    synced_at: entry.synced_at || new Date().toISOString(),
+    catalog_sha256: entry.catalog_sha256,
+    manifest_sha256: entry.manifest_sha256 ?? null,
+    signature: entry.signature ?? null,
+    signature_alg: entry.signature_alg || 'hmac-sha256',
+    public_signature_status: entry.public_signature_status ?? null,
+    public_signature_algorithm: entry.public_signature_algorithm ?? null,
+    public_signature_key_id: entry.public_signature_key_id ?? null,
+    trusted_publisher_status: entry.trusted_publisher_status ?? null,
+    trust_store_path: entry.trust_store_path ?? null,
+    trust_verdict: entry.trust_verdict ?? null,
+    lockfile_verdict: entry.lockfile_verdict ?? null,
+    verification_errors: entry.verification_errors ?? [],
+    verification_warnings: entry.verification_warnings ?? []
+  };
+}