navada-edge-cli 3.1.0 → 3.3.0

package/docker-compose.yml

@@ -1,7 +1,7 @@
 services:
   cli:
     build: .
-    image: navada-edge-cli:3.1.0
+    image: navada-edge-cli:3.3.0
     container_name: navada-edge-cli
     restart: always
     stdin_open: true

package/lib/agent.js

@@ -1,6 +1,6 @@
 'use strict';
 
-const { execSync } = require('child_process');
+const { execSync, execFileSync } = require('child_process');
 const fs = require('fs');
 const path = require('path');
 const os = require('os');
@@ -58,10 +58,8 @@ Keep responses short. Code blocks when needed. No fluff.`,
       'Raven Terminal — security terminal',
     ],
     contact: {
-      email: 'leeakpareva@hotmail.com',
       github: 'github.com/leeakpareva',
       website: 'navada-lab.space',
-      phone: '+447935237704',
     },
   },
 };
@@ -88,8 +86,30 @@ const sessionState = {
   messages: 0,
   startTime: Date.now(),
   learningMode: null,  // 'python' | 'csharp' | 'node' | null
+  history: [],         // conversation history for context continuity
 };
 
+// Conversation history management
+function addToHistory(role, content) {
+  sessionState.history.push({ role, content });
+  // Keep last 40 turns to avoid token overflow
+  if (sessionState.history.length > 40) {
+    sessionState.history = sessionState.history.slice(-40);
+  }
+  sessionState.messages++;
+}
+
+function getConversationHistory() {
+  return sessionState.history;
+}
+
+function clearHistory() {
+  sessionState.history = [];
+  sessionState.messages = 0;
+  sessionState.tokens = { input: 0, output: 0, total: 0 };
+  sessionState.cost = 0;
+}
+
 // ---------------------------------------------------------------------------
 // Rate limit tracking (in-memory, per session)
 // ---------------------------------------------------------------------------
@@ -192,7 +212,8 @@ const localTools = {
     execute: (code) => {
       try {
         const py = process.platform === 'win32' ? 'python' : 'python3';
-        const output = execSync(`${py} -c "${code.replace(/"/g, '\\"')}"`, {
+        // Safe: use execFileSync with -c flag — no shell interpolation
+        const output = execFileSync(py, ['-c', code], {
           timeout: 30000, encoding: 'utf-8', stdio: ['pipe', 'pipe', 'pipe'],
         });
         return output.trim();
@@ -206,8 +227,12 @@ const localTools = {
     description: 'Install a Python package',
     execute: (pkg) => {
       try {
+        // Validate package name — alphanumeric, hyphens, underscores, dots, brackets, version specifiers
+        if (!/^[a-zA-Z0-9._\-\[\],>=<! ]+$/.test(pkg)) {
+          return 'Error: Invalid package name';
+        }
         const py = process.platform === 'win32' ? 'python' : 'python3';
-        const output = execSync(`${py} -m pip install ${pkg}`, {
+        const output = execFileSync(py, ['-m', 'pip', 'install', ...pkg.split(/\s+/)], {
           timeout: 60000, encoding: 'utf-8', stdio: ['pipe', 'pipe', 'pipe'],
         });
         return output.trim().split('\n').slice(-3).join('\n');
@@ -221,10 +246,12 @@ const localTools = {
     description: 'Run a Python script file',
     execute: (scriptPath) => {
       try {
+        const resolved = path.resolve(scriptPath);
+        if (!fs.existsSync(resolved)) return `Error: File not found: ${resolved}`;
         const py = process.platform === 'win32' ? 'python' : 'python3';
-        const output = execSync(`${py} "${path.resolve(scriptPath)}"`, {
+        const output = execFileSync(py, [resolved], {
           timeout: 60000, encoding: 'utf-8', stdio: ['pipe', 'pipe', 'pipe'],
-          cwd: path.dirname(path.resolve(scriptPath)),
+          cwd: path.dirname(resolved),
         });
         return output.trim();
       } catch (e) {
@@ -244,7 +271,6 @@ const localTools = {
 // ---------------------------------------------------------------------------
 const FREE_TIER_ENDPOINTS = [
   'https://api.navada-edge-server.uk/api/v1/chat',    // Cloudflare tunnel (public, works for all)
-  'http://100.88.118.128:7900/api/v1/chat',           // Direct Tailscale (VPN users only)
 ];
 
 async function callFreeTier(messages, stream = false) {
@@ -932,7 +958,6 @@ function getUpdateInfo() { return _updateInfo; }
 async function reportTelemetry(event, data = {}) {
   // Try dashboard first, then public tunnel
   const endpoints = [
-    'http://100.88.118.128:7900',
     'https://api.navada-edge-server.uk',
   ];
 
@@ -959,4 +984,4 @@ async function reportTelemetry(event, data = {}) {
   }
 }
 
-module.exports = { IDENTITY, chat, localTools, reportTelemetry, fallbackChat, checkForUpdate, getUpdateInfo, rateTracker, sessionState };
+module.exports = { IDENTITY, chat, localTools, reportTelemetry, fallbackChat, checkForUpdate, getUpdateInfo, rateTracker, sessionState, addToHistory, getConversationHistory, clearHistory };

package/lib/cli.js

@@ -10,6 +10,15 @@ const { execute, getCompletions } = require('./registry');
 const { loadAll } = require('./commands/index');
 const { reportTelemetry, checkForUpdate, getUpdateInfo, rateTracker } = require('./agent');
 
+// Global error safety — prevent unhandled crashes
+process.on('unhandledRejection', (err) => {
+  console.log(ui.error(`Unhandled error: ${err?.message || err}`));
+});
+process.on('uncaughtException', (err) => {
+  console.log(ui.error(`Fatal: ${err?.message || err}`));
+  process.exit(1);
+});
+
 function applyConfig() {
   const cfg = config.getAll();
   const overrides = {};

package/lib/commands/ai.js

@@ -3,13 +3,10 @@
 const navada = require('navada-edge-sdk');
 const ui = require('../ui');
 const config = require('../config');
-const { chat: agentChat, reportTelemetry, rateTracker } = require('../agent');
+const { chat: agentChat, reportTelemetry, rateTracker, addToHistory, getConversationHistory, clearHistory } = require('../agent');
 
 module.exports = function(reg) {
 
-  // Conversation history for multi-turn
-  const conversationHistory = [];
-
   reg('chat', 'Chat with NAVADA Edge AI agent', async (args) => {
     const msg = args.join(' ');
     if (!msg) { console.log(ui.dim('Just type naturally — no /command needed.')); return; }
@@ -17,24 +14,22 @@ module.exports = function(reg) {
     const hasKey = config.getApiKey() || config.get('anthropicKey') || process.env.ANTHROPIC_API_KEY;
 
     // Show a brief "thinking" indicator, then clear it when streaming starts
+    let spinner;
     if (!hasKey) {
       process.stdout.write(ui.dim('  NAVADA > '));
     } else {
       const ora = require('ora');
-      var spinner = ora({ text: '  NAVADA thinking...', color: 'white' }).start();
+      spinner = ora({ text: '  NAVADA thinking...', color: 'white' }).start();
     }
 
     try {
-      const response = await agentChat(msg, conversationHistory);
+      const response = await agentChat(msg, getConversationHistory());
 
       if (spinner) spinner.stop();
 
       // Update conversation history
-      conversationHistory.push({ role: 'user', content: msg });
-      conversationHistory.push({ role: 'assistant', content: response });
-
-      // Keep history manageable (last 20 turns)
-      while (conversationHistory.length > 40) conversationHistory.splice(0, 2);
+      addToHistory('user', msg);
+      addToHistory('assistant', response);
 
       // Only print if not already streamed
       if (!response._streamed) {
@@ -51,6 +46,14 @@ module.exports = function(reg) {
     }
   }, { category: 'AI', aliases: ['ask'] });
 
+  reg('clear', 'Clear conversation history and reset session', () => {
+    clearHistory();
+    console.clear();
+    const banner = require('../ui').banner;
+    console.log(banner());
+    console.log(ui.success('Conversation cleared — fresh session'));
+  }, { category: 'AI' });
+
   reg('qwen', 'Qwen Coder 32B (FREE via HuggingFace)', async (args) => {
     const prompt = args.join(' ');
     if (!prompt) { console.log(ui.dim('Usage: /qwen Write a function to validate UK postcodes')); return; }

package/lib/commands/edge.js

@@ -0,0 +1,186 @@
+'use strict';
+
+const ui = require('../ui');
+const config = require('../config');
+const navada = require('navada-edge-sdk');
+
+const PORTAL_URL = 'https://portal.navada-edge-server.uk';
+const VALIDATE_ENDPOINTS = [
+  'https://api.navada-edge-server.uk/api/v1/public/validate-key',
+];
+
+module.exports = function(reg) {
+
+  // /onboard — open portal in browser
+  reg('onboard', 'Open NAVADA Edge Portal to create account and get API key', async () => {
+    console.log(ui.header('NAVADA EDGE NETWORK — ONBOARDING'));
+    console.log('');
+    console.log(ui.label('Step 1', 'Create account at the Edge Portal'));
+    console.log(ui.label('Step 2', 'Generate an API key (Dashboard > API Keys)'));
+    console.log(ui.label('Step 3', 'Connect: /edge login nv_edge_your_key'));
+    console.log('');
+
+    // Try to open browser
+    const url = PORTAL_URL + '/sign-up';
+    try {
+      const { exec } = require('child_process');
+      const cmd = process.platform === 'win32' ? `start ${url}`
+        : process.platform === 'darwin' ? `open ${url}`
+        : `xdg-open ${url}`;
+      exec(cmd);
+      console.log(ui.success(`Opening ${url} in your browser...`));
+    } catch {
+      console.log(ui.dim(`Open this URL in your browser:`));
+      console.log(ui.label('Portal', url));
+    }
+
+    console.log('');
+    console.log(ui.dim('After signing up and generating a key, run:'));
+    console.log(ui.dim('  /edge login nv_edge_your_key_here'));
+  }, { category: 'EDGE', aliases: ['signup', 'register'] });
+
+  // /edge — edge network commands
+  reg('edge', 'NAVADA Edge Network commands', async (args) => {
+    const sub = args[0];
+
+    if (!sub || sub === 'help') {
+      console.log(ui.header('NAVADA EDGE NETWORK'));
+      console.log(ui.dim('Connect your CLI to the 24/7 Edge Network'));
+      console.log('');
+      console.log(ui.cmd('edge login <key>', 'Connect with your NAVADA Edge API key'));
+      console.log(ui.cmd('edge status', 'Check your Edge Network connection'));
+      console.log(ui.cmd('edge logout', 'Disconnect from Edge Network'));
+      console.log(ui.cmd('edge tier', 'Show your current tier and limits'));
+      console.log(ui.cmd('onboard', 'Create account and get API key'));
+      console.log('');
+      console.log(ui.dim('Get started: /onboard'));
+      return;
+    }
+
+    // /edge login <key>
+    if (sub === 'login') {
+      const key = args[1];
+      if (!key) {
+        console.log(ui.error('Usage: /edge login nv_edge_your_key_here'));
+        console.log(ui.dim('Get a key: /onboard'));
+        return;
+      }
+
+      if (!key.startsWith('nv_edge_') || key.length !== 56) {
+        console.log(ui.error('Invalid key format. NAVADA Edge keys start with nv_edge_ and are 56 characters.'));
+        console.log(ui.dim('Get a key: /onboard'));
+        return;
+      }
+
+      // Validate against the Edge Network
+      const ora = require('ora');
+      const spinner = ora({ text: '  Validating key with NAVADA Edge Network...', color: 'white' }).start();
+
+      let validated = false;
+      for (const endpoint of VALIDATE_ENDPOINTS) {
+        try {
+          const r = await navada.request(endpoint, {
+            method: 'POST',
+            body: { key },
+            timeout: 10000,
+          });
+
+          if (r.status === 200 && r.data?.valid) {
+            spinner.stop();
+            config.set('edgeKey', key);
+            config.set('edgeTier', r.data.tier || 'free');
+            config.set('edgeUserId', r.data.userId || '');
+            config.set('edgeConnected', true);
+
+            console.log(ui.success('Connected to NAVADA Edge Network'));
+            console.log(ui.label('Tier', (r.data.tier || 'FREE').toUpperCase()));
+            console.log(ui.label('User', r.data.name || r.data.userId || 'connected'));
+            console.log('');
+            console.log(ui.dim('You now have access to:'));
+            console.log(ui.dim('  /status   — network health'));
+            console.log(ui.dim('  /doctor   — test connections'));
+            console.log(ui.dim('  /offload  — run tasks 24/7 (coming soon)'));
+            console.log(ui.dim('  /sessions — view running tasks (coming soon)'));
+            validated = true;
+            break;
+          } else if (r.status === 401) {
+            spinner.stop();
+            console.log(ui.error('Key not recognised. Check your key or generate a new one: /onboard'));
+            validated = true;
+            break;
+          }
+        } catch {
+          continue;
+        }
+      }
+
+      if (!validated) {
+        spinner.stop();
+        // Can't reach server — store key locally anyway (offline-first)
+        config.set('edgeKey', key);
+        config.set('edgeConnected', false);
+        console.log(ui.warn('Could not reach NAVADA Edge Network to validate key.'));
+        console.log(ui.dim('Key saved locally. It will be validated when the network is reachable.'));
+        console.log(ui.dim('Check: /edge status'));
+      }
+      return;
+    }
+
+    // /edge status
+    if (sub === 'status') {
+      const key = config.get('edgeKey');
+      if (!key) {
+        console.log(ui.warn('Not connected to NAVADA Edge Network'));
+        console.log(ui.dim('Get started: /onboard'));
+        return;
+      }
+
+      console.log(ui.header('EDGE NETWORK STATUS'));
+      console.log(ui.label('Key', key.substring(0, 12) + '...' + key.slice(-4)));
+      console.log(ui.label('Tier', (config.get('edgeTier') || 'FREE').toUpperCase()));
+      console.log(ui.label('Connected', config.get('edgeConnected') ? 'yes' : 'pending validation'));
+
+      // Ping the network
+      try {
+        const r = await navada.request('https://api.navada-edge-server.uk/api/health', { timeout: 5000 });
+        console.log(ui.online('Edge Network', r.status === 200, 'api.navada-edge-server.uk'));
+      } catch {
+        console.log(ui.online('Edge Network', false, 'unreachable'));
+      }
+      return;
+    }
+
+    // /edge logout
+    if (sub === 'logout') {
+      config.set('edgeKey', '');
+      config.set('edgeTier', '');
+      config.set('edgeUserId', '');
+      config.set('edgeConnected', false);
+      console.log(ui.success('Disconnected from NAVADA Edge Network'));
+      console.log(ui.dim('Your local CLI still works. Reconnect anytime: /edge login <key>'));
+      return;
+    }
+
+    // /edge tier
+    if (sub === 'tier') {
+      const tier = (config.get('edgeTier') || 'free').toUpperCase();
+      console.log(ui.header('EDGE NETWORK TIER'));
+      console.log(ui.label('Current', tier));
+      console.log('');
+      if (tier === 'FREE') {
+        console.log(ui.dim('Free tier includes:'));
+        console.log(ui.dim('  100 requests/day'));
+        console.log(ui.dim('  50K tokens/day'));
+        console.log(ui.dim('  10 edge tasks'));
+        console.log(ui.dim('  5min max runtime per task'));
+        console.log('');
+        console.log(ui.dim('Upgrade: coming soon'));
+      }
+      return;
+    }
+
+    console.log(ui.dim('Unknown subcommand. Try /edge help'));
+
+  }, { category: 'EDGE', subs: ['login', 'status', 'logout', 'tier', 'help'] });
+
+};

package/lib/commands/index.js

@@ -3,28 +3,22 @@
 const { register } = require('../registry');
 
 // Load all command modules — each exports a function(register)
-const modules = [
-  require('./network'),
-  require('./mcp'),
-  require('./lucas'),
-  require('./docker'),
-  require('./database'),
-  require('./cloudflare'),
-  require('./ai'),
-  require('./azure'),
-  require('./agents'),
-  require('./tasks'),
-  require('./keys'),
-  require('./setup'),
-  require('./system'),
-  require('./learn'),
-  require('./sandbox'),
-  require('./nvidia'),
+const moduleNames = [
+  'network', 'mcp', 'lucas', 'docker', 'database', 'cloudflare',
+  'ai', 'azure', 'agents', 'tasks', 'keys', 'setup', 'system',
+  'learn', 'sandbox', 'nvidia', 'edge',
 ];
 
 function loadAll() {
-  for (const mod of modules) {
-    mod(register);
+  for (const name of moduleNames) {
+    try {
+      const mod = require(`./${name}`);
+      mod(register);
+    } catch (e) {
+      // Don't crash the entire CLI if one module fails to load
+      const ui = require('../ui');
+      console.log(ui.warn(`Failed to load module: ${name} — ${e.message}`));
+    }
   }
 }
 

package/lib/config.js

@@ -15,13 +15,28 @@ function ensureDir() {
 function load() {
   try {
     if (!fs.existsSync(CONFIG_FILE)) return {};
-    return JSON.parse(fs.readFileSync(CONFIG_FILE, 'utf-8'));
-  } catch { return {}; }
+    const raw = fs.readFileSync(CONFIG_FILE, 'utf-8');
+    if (!raw.trim()) return {};
+    return JSON.parse(raw);
+  } catch (e) {
+    // Back up corrupted config
+    try {
+      const backupPath = CONFIG_FILE + '.bak';
+      if (fs.existsSync(CONFIG_FILE)) fs.copyFileSync(CONFIG_FILE, backupPath);
+    } catch {}
+    return {};
+  }
 }
 
 function save(config) {
   ensureDir();
-  fs.writeFileSync(CONFIG_FILE, JSON.stringify(config, null, 2));
+  const data = JSON.stringify(config, null, 2);
+  // Write atomically via temp file
+  const tmpFile = CONFIG_FILE + '.tmp';
+  fs.writeFileSync(tmpFile, data);
+  fs.renameSync(tmpFile, CONFIG_FILE);
+  // Restrict permissions on config file (contains API keys)
+  try { fs.chmodSync(CONFIG_FILE, 0o600); } catch {}
 }
 
 function isFirstRun() { return !fs.existsSync(CONFIG_FILE); }

package/lib/serve.js

@@ -9,8 +9,10 @@ function start(port = 7800) {
   const server = http.createServer(async (req, res) => {
     const url = req.url.split('?')[0];
 
-    // CORS
-    res.setHeader('Access-Control-Allow-Origin', '*');
+    // CORS — restrict to local/Tailscale origins
+    const origin = req.headers.origin || '';
+    const allowedOrigin = (origin.includes('localhost') || origin.includes('127.0.0.1') || origin.includes('100.')) ? origin : '';
+    res.setHeader('Access-Control-Allow-Origin', allowedOrigin || `http://localhost:${port}`);
     res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS');
     res.setHeader('Access-Control-Allow-Headers', 'Content-Type');
     if (req.method === 'OPTIONS') { res.writeHead(204); return res.end(); }
@@ -24,25 +26,36 @@ function start(port = 7800) {
     // Execute command
     if (url === '/api/cmd' && req.method === 'POST') {
       let body = '';
-      req.on('data', c => body += c);
+      let bodySize = 0;
+      const MAX_BODY = 8192;
+      req.on('data', c => {
+        bodySize += c.length;
+        if (bodySize > MAX_BODY) { req.destroy(); return; }
+        body += c;
+      });
       req.on('end', async () => {
         try {
+          if (bodySize > MAX_BODY) { res.writeHead(413); return res.end(JSON.stringify({ error: 'Request too large' })); }
           const { command } = JSON.parse(body);
-          if (!command) { res.writeHead(400); return res.end(JSON.stringify({ error: 'command required' })); }
+          if (!command || typeof command !== 'string') { res.writeHead(400); return res.end(JSON.stringify({ error: 'command required (string)' })); }
+          if (command.length > 2000) { res.writeHead(400); return res.end(JSON.stringify({ error: 'command too long' })); }
 
           // Capture output
           const orig = console.log;
           const buf = [];
           console.log = (...args) => buf.push(args.join(' '));
-          await execute(command);
-          console.log = orig;
+          try {
+            await execute(command);
+          } finally {
+            console.log = orig;
+          }
 
           const output = buf.join('\n').replace(/\x1b\[[0-9;]*m/g, ''); // strip ANSI
           res.writeHead(200, { 'Content-Type': 'application/json' });
           res.end(JSON.stringify({ command, output }));
         } catch (e) {
           res.writeHead(500, { 'Content-Type': 'application/json' });
-          res.end(JSON.stringify({ error: e.message }));
+          res.end(JSON.stringify({ error: 'Internal server error' }));
         }
       });
       return;

package/lib/ui.js

@@ -90,8 +90,9 @@ function sessionPanel(width) {
     kvLine(' Model:   ', model),
     kvLine(' Tier:    ', tier),
     '',
-    sectionLine('Token Usage'),
-    kvLine(' Total:   ', String(state.tokens?.total || 0)),
+    sectionLine('Usage'),
+    kvLine(' Messages:', String(state.messages || 0)),
+    kvLine(' Tokens:  ', String(state.tokens?.total || 0)),
     kvLine(' Cost:    ', `$${(state.cost || 0).toFixed(4)}`),
     '',
     sectionLine('Configuration'),
@@ -114,15 +115,18 @@ function sessionPanel(width) {
   return lines;
 }
 
+let _pythonCache = null;
 function detectPython() {
+  if (_pythonCache !== null) return _pythonCache;
   try {
     const { execSync } = require('child_process');
     const py = process.platform === 'win32' ? 'python' : 'python3';
     const ver = execSync(`${py} --version`, { timeout: 3000, encoding: 'utf-8' }).trim();
-    return style('success', ver.replace('Python ', ''));
+    _pythonCache = style('success', ver.replace('Python ', ''));
   } catch {
-    return style('offline', 'not found');
+    _pythonCache = style('offline', 'not found');
   }
+  return _pythonCache;
 }
 
 function footerBar(width) {
@@ -178,7 +182,9 @@ function prompt() {
   try { state = require('./agent').sessionState; } catch { state = {}; }
   const mode = state?.learningMode;
   const modeTag = mode ? style('accent', `[${mode}]`) + ' ' : '';
-  return modeTag + style('dim', 'navada') + style('accent', '> ');
+  const msgCount = state?.messages || 0;
+  const countTag = msgCount > 0 ? style('dim', `(${msgCount}) `) : '';
+  return modeTag + countTag + style('dim', 'navada') + style('accent', '> ');
 }
 
 function box(title, content) {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "navada-edge-cli",
-  "version": "3.1.0",
+  "version": "3.3.0",
   "description": "Interactive CLI for the NAVADA Edge Network — explore nodes, agents, Cloudflare, AI, Docker, and MCP from your terminal",
   "main": "lib/cli.js",
   "bin": {
@@ -41,14 +41,14 @@
     "url": "git+https://github.com/Navada25/edge-sdk.git"
   },
   "dependencies": {
-    "navada-edge-sdk": "^1.1.0",
     "chalk": "^4.1.2",
     "cli-table3": "^0.6.5",
+    "navada-edge-sdk": "^1.1.0",
     "ora": "^5.4.1"
   },
   "optionalDependencies": {
-    "qrcode-terminal": "^0.12.0",
-    "nodemailer": "^6.9.0"
+    "nodemailer": "^8.0.4",
+    "qrcode-terminal": "^0.12.0"
   },
   "publishConfig": {
     "access": "public"