natureco-cli 2.23.28 → 2.23.29

package/src/commands/security.js

@@ -3,18 +3,128 @@ const fs = require('fs');
 const path = require('path');
 const os = require('os');
 const { getConfig, CONFIG_FILE, CONFIG_DIR } = require('../utils/config');
+const { listSecretRefs, resolveSecretRef, coerceSecretRef } = require('../utils/secrets');
+const { NatureCoError, handleError } = require('../utils/errors');
 
 async function security(args) {
   const [action, ...params] = (args || []);
 
   if (!action || action === 'audit') return audit(args);
 
+  if (action === 'allowlist') return allowlistAction(args);
+
+  if (action === 'policy') return policyAction(args);
+
+  if (action === 'secrets') return scanSecrets(args);
+
   console.log(chalk.red(`\n  ❌ Bilinmeyen komut: ${action}\n`));
-  console.log(chalk.gray('  Kullanım: natureco security [audit]\n'));
+  console.log(chalk.gray('  Kullanım: natureco security [audit|allowlist|policy|secrets]\n'));
   process.exit(1);
 }
 
+async function allowlistAction(args) {
+  const { loadApprovals, addAllowlistEntry, listAllowlist, removeAllowlistEntry } = require('../utils/approvals');
+  const sub = args[1];
+
+  if (!sub || sub === 'list') {
+    const entries = listAllowlist('default');
+    console.log('');
+    console.log(chalk.cyan.bold('\n  Exec Allowlist\n'));
+    if (entries.length === 0) {
+      console.log(chalk.gray('  No entries. Add with: natureco security allowlist add "<command>"'));
+    } else {
+      entries.forEach((e, i) => {
+        console.log(chalk.gray(`  ${i + 1}. `) + chalk.white(e.lastUsedCommand || e.pattern));
+        console.log(chalk.gray(`     id: ${e.id} · source: ${e.source || 'manual'}`));
+      });
+    }
+    console.log('');
+    return;
+  }
+
+  if (sub === 'add' && args[2]) {
+    addAllowlistEntry('default', args.slice(2).join(' '));
+    console.log(chalk.green('\n  ✓ Command added to allowlist\n'));
+    return;
+  }
+
+  if (sub === 'remove' && args[2]) {
+    const removed = removeAllowlistEntry('default', args[2]);
+    if (removed) {
+      console.log(chalk.green('\n  ✓ Entry removed from allowlist\n'));
+    } else {
+      console.log(chalk.yellow('\n  ⚠️  Entry not found\n'));
+    }
+    return;
+  }
+
+  console.log(chalk.gray('\n  Kullanım:'));
+  console.log(chalk.gray('    natureco security allowlist list'));
+  console.log(chalk.gray('    natureco security allowlist add "<command>"'));
+  console.log(chalk.gray('    natureco security allowlist remove <id>\n'));
+}
+
+async function policyAction(args) {
+  const { setSecurityPolicy } = require('../utils/approvals');
+  const sub = args[1];
+
+  if (sub === 'set' && args[2]) {
+    const value = args[2];
+    if (['deny', 'allowlist', 'full'].includes(value)) {
+      setSecurityPolicy('default', { security: value });
+      console.log(chalk.green(`\n  ✓ Security policy set to: ${value}\n`));
+    } else {
+      console.log(chalk.red(`\n  ❌ Invalid policy: ${value}. Use: deny, allowlist, full\n`));
+    }
+    return;
+  }
+
+  console.log(chalk.gray('\n  Kullanım:'));
+  console.log(chalk.gray('    natureco security policy set deny|allowlist|full'));
+  console.log(chalk.gray('\n  Policy levels:'));
+  console.log(chalk.gray('    deny       - Block all command execution'));
+  console.log(chalk.gray('    allowlist  - Only allowlisted commands'));
+  console.log(chalk.gray('    full       - Allow all commands (default)\n'));
+}
+
+async function scanSecrets(args) {
+  const config = getConfig();
+  const refs = listSecretRefs(config);
+  const fix = args.includes('--fix');
+
+  console.log('');
+  console.log(chalk.cyan.bold('\n  Secret Reference Scan\n'));
+
+  if (refs.length === 0) {
+    console.log(chalk.green('  ✓ No secret references found in config\n'));
+    return;
+  }
+
+  let resolved = 0;
+  let unresolved = 0;
+
+  for (const ref of refs) {
+    try {
+      const value = resolveSecretRef(ref.ref, { throwOnMissing: true });
+      console.log(chalk.green(`  ✓ ${ref.path} → resolved (${ref.ref.source}:${ref.ref.id})`));
+      resolved++;
+    } catch {
+      console.log(chalk.yellow(`  ⚠️  ${ref.path} → ${ref.ref.source}:${ref.ref.id} (unresolved)`));
+      unresolved++;
+    }
+  }
+
+  console.log('');
+  console.log(chalk.gray(`  ${resolved} resolved · ${unresolved} unresolved`));
+
+  if (unresolved > 0) {
+    console.log(chalk.gray('\n  Set environment variables or use .env file to resolve secrets.\n'));
+  }
+  console.log('');
+}
+
 async function audit(args) {
+  const { DANGEROUS_PATTERNS, loadApprovals } = require('../utils/approvals');
   const fix = args.includes('--fix');
   const json = args.includes('--json');
 
@@ -90,6 +200,44 @@ async function audit(args) {
     }
   }
 
+  // 7. Secret refs in config
+  const secretRefs = listSecretRefs(config);
+  if (secretRefs.length > 0) {
+    let unresolvedCount = 0;
+    for (const ref of secretRefs) {
+      try {
+        resolveSecretRef(ref.ref, { throwOnMissing: true });
+      } catch {
+        unresolvedCount++;
+      }
+    }
+    if (unresolvedCount > 0) {
+      warnings.push({ id: 'unresolved-secrets', msg: `${unresolvedCount}/${secretRefs.length} secret reference(s) unresolved` });
+    } else {
+      ok.push('Secret references resolvable');
+    }
+  }
+
+  // 8. Exec approvals policy
+  const approvals = loadApprovals();
+  if (approvals.defaults?.security === 'deny') {
+    warnings.push({ id: 'deny-policy', msg: 'Exec approvals: all commands denied' });
+  } else if (approvals.defaults?.security === 'allowlist') {
+    const entries = Object.values(approvals.agents || {}).reduce((a, ag) => a + (ag.allowlist?.length || 0), 0);
+    ok.push(`Exec approvals: allowlist mode (${entries} entries)`);
+  } else {
+    ok.push('Exec approvals: full mode');
+  }
+
+  // 9. Config backup status
+  const { listBackups } = require('../utils/config');
+  const backups = listBackups();
+  if (backups.length > 0) {
+    ok.push(`Config backups: ${backups.length} available`);
+  } else {
+    warnings.push({ id: 'no-backups', msg: 'No config backups found. Backups are created automatically on config changes.' });
+  }
+
   if (json) {
     console.log(JSON.stringify({ ok, warnings: warnings.map(w => w.msg), issues: issues.map(i => i.msg) }, null, 2));
     return;

package/src/commands/setup.js

@@ -454,9 +454,7 @@ async function setup() {
     language: lang,
     providerUrl,
     providerApiKey: providerApiKey.trim(),
-    providerModel,
-    apiKey: providerApiKey.trim(), // login bypass — chat doğrudan çalışsın
-    botName: safeBotName,
+    botName: safeBotName,
     userName: userName.trim(),
     debug: existingConfig.debug || false,
     skills: existingConfig.skills || { enabled: true, list: [] },

package/src/commands/signal.js

@@ -0,0 +1,66 @@
+const chalk = require('chalk');
+const inquirer = require('../utils/inquirer-wrapper');
+const { getConfig, saveConfig } = require('../utils/config');
+
+async function signal(action) {
+  if (!action || action === 'connect') return connectSignal();
+  if (action === 'disconnect') return disconnectSignal();
+  if (action === 'status') return statusSignal();
+  console.log(chalk.red('\n❌ Unknown action\n'));
+  console.log(chalk.gray('Available actions: connect, disconnect, status\n'));
+  process.exit(1);
+}
+
+async function connectSignal() {
+  const config = getConfig();
+  if (!config.providerUrl) {
+    console.log(chalk.red('\n❌ Setup yapılmamış. Önce "natureco setup" çalıştırın.\n'));
+    process.exit(1);
+  }
+  console.log(chalk.yellow('\n⏳ Signal bağlantısı hazırlanıyor...\n'));
+  console.log(chalk.gray('Signal, signal-cli REST API üzerinden bağlanır.'));
+  console.log(chalk.gray('Önce signal-cli kurulu olmalı: https://github.com/AsamK/signal-cli\n'));
+  const answers = await inquirer.prompt([
+    { type: 'input', name: 'httpUrl', message: 'signal-cli REST API URL (örn: http://localhost:8080):', validate: v => v.trim() ? true : 'URL boş olamaz' },
+    { type: 'input', name: 'account', message: 'Signal hesap numarası (+905551234567):', validate: v => v.trim() ? true : 'Numara boş olamaz' },
+    { type: 'list', name: 'dmPolicy', message: 'DM politikası:', choices: [{ name: 'Pairing (önerilen)', value: 'pairing' }, { name: 'Allowlist', value: 'allowlist' }, { name: 'Open', value: 'open' }, { name: 'Disabled', value: 'disabled' }], default: 'pairing' },
+  ]);
+  const botId = `signal_${Date.now()}`;
+  config.signalHttpUrl = answers.httpUrl.trim();
+  config.signalAccount = answers.account.trim();
+  config.signalDmPolicy = answers.dmPolicy;
+  config.signalBotId = botId;
+  saveConfig(config);
+  console.log(chalk.green('\n✅ Signal bağlantısı kaydedildi!\n'));
+  console.log(chalk.cyan('Bot ID:'), chalk.white(botId));
+  console.log(chalk.cyan('API URL:'), chalk.white(answers.httpUrl.trim()));
+  console.log(chalk.cyan('Hesap:'), chalk.white(answers.account.trim()));
+  console.log(chalk.gray('\nNot: signal-cli\'nin çalıştığından emin olun.'));
+  console.log(chalk.gray('Gateway ile başlatmak için: natureco gateway start\n'));
+}
+
+async function disconnectSignal() {
+  const config = getConfig();
+  if (!config.signalBotId) { console.log(chalk.gray('\n⚠️  No Signal connection found\n')); return; }
+  const { confirm } = await inquirer.prompt([{ type: 'confirm', name: 'confirm', message: 'Signal bağlantısını kaldırmak istediğinize emin misiniz?', default: false }]);
+  if (!confirm) { console.log(chalk.gray('\nCancelled\n')); return; }
+  delete config.signalHttpUrl;
+  delete config.signalAccount;
+  delete config.signalDmPolicy;
+  delete config.signalBotId;
+  saveConfig(config);
+  console.log(chalk.green('\n✅ Signal disconnected\n'));
+}
+
+function statusSignal() {
+  const config = getConfig();
+  if (!config.signalBotId) { console.log(chalk.gray('\n⚠️  Signal not connected\n')); console.log(chalk.gray('Connect with: natureco signal connect\n')); return; }
+  console.log(chalk.green('\n✅ Signal connected\n'));
+  console.log(chalk.cyan('Bot ID:'), chalk.white(config.signalBotId));
+  console.log(chalk.cyan('API URL:'), chalk.white(config.signalHttpUrl));
+  console.log(chalk.cyan('Hesap:'), chalk.white(config.signalAccount));
+  console.log(chalk.cyan('DM Politikası:'), chalk.white(config.signalDmPolicy || 'pairing'));
+  console.log(chalk.gray('\nDisconnect with: natureco signal disconnect\n'));
+}
+
+module.exports = signal;

package/src/commands/skills.js

@@ -1,6 +1,7 @@
 const chalk = require('chalk');
 const inquirer = require('../utils/inquirer-wrapper');
 const { getSkills, installSkill, removeSkill, updateAllSkills, createSkillTemplate, getPopularSkills } = require('../utils/skills');
+const { NatureCoError, SkillError, handleError } = require('../utils/errors');
 
 async function skills(args) {
   const [action, ...params] = args;
@@ -167,11 +168,15 @@ async function createSkillCommand(name) {
 
 async function searchSkillsCommand(query) {
   if (!query || query.trim().length === 0) {
-    const popularSkills = await getPopularSkills();
-    console.log(chalk.yellow('\nPopüler Skill\'ler:\n'));
-    popularSkills.forEach(skill => {
-      console.log(chalk.cyan(`  ${skill.name.padEnd(15)}`), chalk.gray(skill.description));
-    });
+    try {
+      const popularSkills = await getPopularSkills();
+      console.log(chalk.yellow('\nPopüler Skill\'ler:\n'));
+      popularSkills.forEach(skill => {
+        console.log(chalk.cyan(`  ${skill.name.padEnd(15)}`), chalk.gray(skill.description));
+      });
+    } catch (err) {
+      console.log(chalk.red(`\n  ❌ Popüler skill'ler alınamadı: ${err.message}\n`));
+    }
     console.log('');
     console.log(chalk.gray('Kurmak için: '), chalk.cyan('natureco skills install <slug>'));
     console.log(chalk.gray('Örnek: '), chalk.cyan('natureco skills install github'));
@@ -188,14 +193,14 @@ async function searchSkillsCommand(query) {
     const response = await fetch(searchUrl);
     
     if (!response.ok) {
-      throw new Error('ClawHub API\'ye erişilemedi');
+      throw new SkillError('ClawHub API\'ye erişilemedi', 'fetch', `https://clawhub.ai/api/skills?q=${encodeURIComponent(query)}`);
     }
 
     let data;
     try {
       data = await response.json();
     } catch {
-      throw new Error('ClawHub geçersiz yanıt döndü (JSON bekleniyordu)');
+      throw new SkillError('ClawHub geçersiz yanıt döndü (JSON bekleniyordu)', 'parse', searchUrl);
     }
     const results = data.skills || [];
 
@@ -211,32 +216,18 @@ async function searchSkillsCommand(query) {
     });
     console.log('');
   } catch (err) {
-    // Fallback to local popular skills search
-    console.log(chalk.gray('ClawHub\'a bağlanılamadı, yerel aramada...\n'));
-    
-    const popularSkills = await getPopularSkills();
-    const results = popularSkills.filter(skill => 
-      skill.name.toLowerCase().includes(query.toLowerCase()) ||
-      skill.description.toLowerCase().includes(query.toLowerCase()) ||
-      skill.slug.toLowerCase().includes(query.toLowerCase())
-    );
-
-    if (results.length === 0) {
-      console.log(chalk.yellow(`"${query}" için sonuç bulunamadı.\n`));
-      return;
-    }
-
-    console.log(chalk.yellow(`"${query}" için ${results.length} sonuç:\n`));
-    results.forEach(skill => {
-      console.log(chalk.cyan(`  ${skill.name.padEnd(15)}`), chalk.gray(skill.description));
-      console.log(chalk.gray(`    Kurmak için: natureco skills install ${skill.slug}`));
-    });
-    console.log('');
+    console.log(chalk.red(`\n  ❌ Arama başarısız: ${err.message}\n`));
   }
 }
 
 async function browseSkillsCommand() {
-  const popularSkills = await getPopularSkills();
+  let popularSkills;
+  try {
+    popularSkills = await getPopularSkills();
+  } catch (err) {
+    console.log(chalk.red(`\n  ❌ Popüler skill'ler alınamadı: ${err.message}\n`));
+    return;
+  }
   
   console.log(chalk.green.bold('\n╭─ Popüler Skill\'ler ─╮\n'));
 

package/src/commands/sms.js

@@ -0,0 +1,64 @@
+const chalk = require('chalk');
+const inquirer = require('../utils/inquirer-wrapper');
+const { getConfig, saveConfig } = require('../utils/config');
+
+async function sms(action) {
+  if (!action || action === 'connect') return connectSms();
+  if (action === 'disconnect') return disconnectSms();
+  if (action === 'status') return statusSms();
+  console.log(chalk.red('\n❌ Unknown action\n'));
+  console.log(chalk.gray('Available actions: connect, disconnect, status\n'));
+  process.exit(1);
+}
+
+async function connectSms() {
+  const config = getConfig();
+  if (!config.providerUrl) { console.log(chalk.red('\n❌ Setup yapılmamış. Önce "natureco setup" çalıştırın.\n')); process.exit(1); }
+  console.log(chalk.yellow('\n⏳ SMS (Twilio) bağlantısı hazırlanıyor...\n'));
+  console.log(chalk.gray('Twilio hesabı gereklidir: https://twilio.com'));
+  console.log(chalk.gray('Account SID ve Auth Token\'ı Twilio Console\'dan alın.\n'));
+  const answers = await inquirer.prompt([
+    { type: 'input', name: 'accountSid', message: 'Twilio Account SID:', validate: v => v.trim() ? true : 'Gerekli' },
+    { type: 'password', name: 'authToken', message: 'Twilio Auth Token:', validate: v => v.trim() ? true : 'Gerekli' },
+    { type: 'input', name: 'fromNumber', message: 'Twilio telefon numarası (E.164, örn: +15551234567):', validate: v => v.trim() ? true : 'Gerekli' },
+    { type: 'input', name: 'publicWebhookUrl', message: 'Webhook URL\'si (opsiyonel, ngrok vb.):' },
+    { type: 'list', name: 'dmPolicy', message: 'DM politikası:', choices: [{ name: 'Allowlist (önerilen)', value: 'allowlist' }, { name: 'Pairing', value: 'pairing' }, { name: 'Open', value: 'open' }, { name: 'Disabled', value: 'disabled' }], default: 'allowlist' },
+  ]);
+  const botId = `sms_${Date.now()}`;
+  config.smsAccountSid = answers.accountSid.trim();
+  config.smsAuthToken = answers.authToken.trim();
+  config.smsFromNumber = answers.fromNumber.trim();
+  config.smsPublicWebhookUrl = answers.publicWebhookUrl.trim() || '';
+  config.smsDmPolicy = answers.dmPolicy;
+  config.smsBotId = botId;
+  saveConfig(config);
+  console.log(chalk.green('\n✅ SMS (Twilio) bağlantısı kaydedildi!\n'));
+  console.log(chalk.cyan('Bot ID:'), chalk.white(botId));
+  console.log(chalk.cyan('Account SID:'), chalk.white(answers.accountSid.slice(0, 20) + '...'));
+  console.log(chalk.cyan('Numara:'), chalk.white(answers.fromNumber.trim()));
+  console.log(chalk.gray('\nNot: SMS webhook\'u için Twilio Console\'da Webhook URL\'si ayarlayın.'));
+  console.log(chalk.gray('Gateway ile başlatmak için: natureco gateway start\n'));
+}
+
+async function disconnectSms() {
+  const config = getConfig();
+  if (!config.smsBotId) { console.log(chalk.gray('\n⚠️  No SMS connection found\n')); return; }
+  const { confirm } = await inquirer.prompt([{ type: 'confirm', name: 'confirm', message: 'SMS bağlantısını kaldırmak istediğinize emin misiniz?', default: false }]);
+  if (!confirm) { console.log(chalk.gray('\nCancelled\n')); return; }
+  delete config.smsAccountSid; delete config.smsAuthToken; delete config.smsFromNumber;
+  delete config.smsPublicWebhookUrl; delete config.smsDmPolicy; delete config.smsBotId;
+  saveConfig(config);
+  console.log(chalk.green('\n✅ SMS disconnected\n'));
+}
+
+function statusSms() {
+  const config = getConfig();
+  if (!config.smsBotId) { console.log(chalk.gray('\n⚠️  SMS not connected\n')); console.log(chalk.gray('Connect with: natureco sms connect\n')); return; }
+  console.log(chalk.green('\n✅ SMS (Twilio) connected\n'));
+  console.log(chalk.cyan('Bot ID:'), chalk.white(config.smsBotId));
+  console.log(chalk.cyan('Account SID:'), chalk.white((config.smsAccountSid || '').slice(0, 20) + '...'));
+  console.log(chalk.cyan('Numara:'), chalk.white(config.smsFromNumber));
+  console.log(chalk.gray('\nDisconnect with: natureco sms disconnect\n'));
+}
+
+module.exports = sms;