nothumanallowed 16.0.26 → 16.0.28

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "nothumanallowed",
-  "version": "16.0.26",
+  "version": "16.0.28",
   "description": "Local AI assistant: 80 tools (Gmail, Calendar, Drive, GitHub, Slack, browser, code, files), 38 agents, visual workflows (Studio, AWF, WebCraft). Install with `npm i -g nothumanallowed`, run with `nha ui`. Free tier built-in (Liara), no API key required. Your data stays on your PC — OAuth tokens local, no cloud. Open-source MIT.",
   "type": "module",
   "bin": {

package/src/constants.mjs

@@ -5,7 +5,7 @@ import { fileURLToPath } from 'url';
 const __filename = fileURLToPath(import.meta.url);
 const __dirname = path.dirname(__filename);
 
-export const VERSION = '16.0.26';
+export const VERSION = '16.0.28';
 export const BASE_URL = 'https://nothumanallowed.com/cli';
 export const API_BASE = 'https://nothumanallowed.com/api/v1';
 

package/src/server/routes/webcraft.mjs

@@ -142,6 +142,34 @@ class SandboxManager {
       return;
     }
 
+    // ── Phase 0: Pre-flight repair ───────────────────────────────────────
+    // Before anything else, check that package.json on disk is valid JSON.
+    // If a previous LLM generation wrote a corrupt file (e.g. an HTTP error
+    // response leaked as content), Node's package_json_reader would crash
+    // with SyntaxError before we even get to load shims. Repair in place.
+    const pkgPath = path.join(projectDir, 'package.json');
+    if (fs.existsSync(pkgPath)) {
+      const pkgRaw = fs.readFileSync(pkgPath, 'utf-8');
+      let needsRepair = false;
+      let reason = '';
+      if (_looksLikeLLMError(pkgRaw)) {
+        needsRepair = true;
+        reason = 'content looks like an LLM API error response (Access denied / Rate limit / HTML block page)';
+      } else {
+        try { JSON.parse(pkgRaw); }
+        catch (e) { needsRepair = true; reason = `invalid JSON: ${e.message}`; }
+      }
+      if (needsRepair) {
+        emit({ type: 'warn', msg: `package.json corrupt (${reason}) — auto-repairing with minimal fallback so the sandbox can boot.` });
+        const projectName = path.basename(projectDir);
+        fs.writeFileSync(pkgPath, _fallbackPackageJson(projectName), 'utf-8');
+        emit({ type: 'status', msg: `package.json repaired. Original corrupt content backed up to package.json.corrupt-${Date.now()}` });
+        try {
+          fs.writeFileSync(pkgPath + '.corrupt-' + Date.now(), pkgRaw, 'utf-8');
+        } catch {}
+      }
+    }
+
     // ── Phase 1: Shims ────────────────────────────────────────────────────
     emit({ type: 'phase', phase: 'shims', msg: 'Injecting runtime shims (pg, redis, mongoose, helmet...)' });
     const shimDir = path.join(projectDir, '.nha-shims');
@@ -155,6 +183,23 @@ class SandboxManager {
     }
     emit({ type: 'status', msg: `Entry point: ${entryFile}` });
 
+    // Pre-flight: validate entry file with acorn. If the file content was
+    // corrupted by a partial LLM stream (HTTP error leaked as code), quarantine
+    // it with a minimal stub so the sandbox can still boot. The user sees a
+    // clear "re-generate from chat" message instead of a SyntaxError crash.
+    const entryAbs = path.join(projectDir, entryFile);
+    if (fs.existsSync(entryAbs)) {
+      try {
+        const entryContent = fs.readFileSync(entryAbs, 'utf-8');
+        const sanitized = _sanitizeGeneratedFile(entryFile, entryContent, path.basename(projectDir));
+        if (sanitized !== entryContent) {
+          emit({ type: 'warn', msg: `Entry file ${entryFile} was corrupted (likely partial stream / HTTP error leaked into content). Auto-quarantined — re-generate from chat.` });
+          fs.writeFileSync(entryAbs + '.corrupt-' + Date.now(), entryContent, 'utf-8');
+          fs.writeFileSync(entryAbs, sanitized, 'utf-8');
+        }
+      } catch {}
+    }
+
     // ── Phase 2: Dependencies (pre-scan + batch install) ──────────────────
     // Pre-scan the project source files for require()/import statements and
     // diff against package.json + node_modules. Install everything missing in
@@ -647,7 +692,8 @@ const ProjectStore = {
       if (!_isSafePath(f.name)) continue;
       const abs = path.join(dir, f.name);
       ensureDir(path.dirname(abs));
-      fs.writeFileSync(abs, f.content ?? '', 'utf-8');
+      const sanitized = _sanitizeGeneratedFile(f.name, f.content ?? '', projectName);
+      fs.writeFileSync(abs, sanitized, 'utf-8');
     }
     const meta = {
       description: description ?? '',
@@ -3449,6 +3495,123 @@ function _patchEntry(projectDir, entryFile, shimDir, port) {
   return '.nha-launcher.js';
 }
 
+// Detect LLM API error responses that leaked into the file content. When the
+// LLM endpoint returns 4xx/5xx with a plaintext body (Cloudflare block, rate
+// limit, "Access temporarily denied"), the response often ends up saved as
+// file content. Those strings are short, don't start with valid syntax for
+// the file type, and contain specific marker phrases.
+const _LLM_ERROR_MARKERS = [
+  // "Access denied" / "Access temporarily denied"
+  /^\s*Access (temporarily )?denied/i,
+  // "Service Temporarily Unavailable", "Server Temporarily Unavailable",
+  // "Temporarily Unavailable" — common nginx/cloudflare/CDN 503 responses
+  /^\s*(Service |Server )?Temporarily Unavailable/i,
+  /^\s*Service Unavailable/i,
+  /^\s*Rate ?limit(ed)?/i,
+  /^\s*Internal Server Error/i,
+  /^\s*Too Many Requests/i,
+  /^\s*Bad Gateway/i,
+  /^\s*Gateway Timeout/i,
+  /^\s*Request Timeout/i,
+  /^\s*Not Found/i,
+  /^\s*Forbidden\b/i,
+  /^\s*Unauthorized\b/i,
+  /^\s*<!DOCTYPE html.*Cloudflare/is,
+  /^\s*<html.*<title>.*(Access|Forbidden|Error|Unavailable|Cloudflare)/is,
+  /^\s*\{?\s*"error"\s*:\s*"(rate.?limit|quota|unauthorized|temporarily)"/i,
+  /^\s*error code:\s*\d{3,4}/i,
+  // Standalone HTTP status phrase at the start of a code file is suspicious
+  /^\s*(HTTP\/[\d.]+\s+)?[45]\d{2}\s+/,
+];
+
+function _looksLikeLLMError(content) {
+  if (typeof content !== 'string') return false;
+  const head = content.slice(0, 500);
+  return _LLM_ERROR_MARKERS.some(re => re.test(head));
+}
+
+// Minimal package.json template — used when the LLM-generated one is corrupted.
+function _fallbackPackageJson(projectName) {
+  return JSON.stringify({
+    name: String(projectName || 'nha-project').toLowerCase().replace(/[^a-z0-9-]/g, '-'),
+    version: '1.0.0',
+    description: 'NHA-generated project (package.json auto-repaired)',
+    main: 'index.js',
+    type: 'commonjs',
+    scripts: { start: 'node index.js' },
+    dependencies: {},
+  }, null, 2);
+}
+
+// Sanitize content before writing to disk. Rejects LLM error responses,
+// repairs corrupt JSON manifests, validates JS/TS with acorn, and falls back
+// to a safe placeholder when content is unsalvageable. This is the LAST line
+// of defense between the LLM API and the user's filesystem.
+function _sanitizeGeneratedFile(name, content, projectName) {
+  const ext = (name.split('.').pop() || '').toLowerCase();
+  const isJson = ext === 'json' || name.endsWith('package.json');
+  const isPkg = name === 'package.json' || name.endsWith('/package.json');
+  const isCode = ['js', 'mjs', 'cjs', 'jsx', 'ts', 'tsx'].includes(ext);
+
+  // Layer A: detect HTTP error responses leaked as file content
+  if (_looksLikeLLMError(content)) {
+    if (isPkg) return _fallbackPackageJson(projectName);
+    if (isCode) {
+      return `// nha-webcraft: this file's content from the LLM looked like an HTTP error response\n// (status leaked into stream — likely '${_extractLLMErrorHint(content)}').\n// File quarantined to keep the sandbox bootable. Re-generate from chat.\nmodule.exports = {};\n`;
+    }
+    return '<!-- nha-webcraft: LLM error response detected, content discarded. Re-generate from chat. -->';
+  }
+
+  // Layer B: validate JSON files
+  if (isJson) {
+    try { JSON.parse(content); }
+    catch {
+      if (isPkg) return _fallbackPackageJson(projectName);
+      try {
+        const repaired = content
+          .replace(/,\s*([}\]])/g, '$1')
+          .replace(/([{,]\s*)([A-Za-z_][A-Za-z0-9_]*)\s*:/g, '$1"$2":');
+        JSON.parse(repaired);
+        return repaired;
+      } catch {
+        return '{}';
+      }
+    }
+  }
+
+  // Layer C: validate JS/JSX/TS files with acorn — catches partial streams
+  // that ended mid-token, leftover HTML/error text mixed with code, etc.
+  if (isCode && content && content.trim()) {
+    try {
+      const parser = ext === 'jsx' || ext === 'tsx' ? acorn.Parser.extend(acornJsx()) : acorn;
+      parser.parse(content, {
+        ecmaVersion: 'latest',
+        sourceType: ['mjs'].includes(ext) ? 'module' : (/\bimport\s+|\bexport\s+/.test(content) ? 'module' : 'script'),
+        allowReturnOutsideFunction: true,
+        allowAwaitOutsideFunction: true,
+        allowHashBang: true,
+      });
+    } catch (parseErr) {
+      // Only quarantine if the error is at the VERY START of the file —
+      // this signals "the whole file is junk" (HTTP error / partial stream)
+      // rather than a normal bug at line 50 that user can fix.
+      const lineMatch = parseErr.message.match(/\((\d+):(\d+)\)/);
+      const startsAtTop = !lineMatch || parseInt(lineMatch[1]) <= 2;
+      if (startsAtTop && content.length < 5000) {
+        return `// nha-webcraft: this file failed to parse near the start (${parseErr.message}).\n// Likely a partial/corrupted stream from the LLM. Quarantined to keep sandbox bootable.\n// Re-generate from chat.\nmodule.exports = {};\n`;
+      }
+      // Otherwise let it through — it's a real code bug, the user will see it
+    }
+  }
+
+  return content;
+}
+
+function _extractLLMErrorHint(content) {
+  const head = content.slice(0, 200).replace(/\n/g, ' ').replace(/\s+/g, ' ').trim();
+  return head.slice(0, 80) + (head.length > 80 ? '...' : '');
+}
+
 // Authoritative list of modules covered by our offline-safe shims.
 // Used by both the pre-scan (to skip them from npm install) and the Tier 1
 // retry (to detect "missing module" stderr that's already covered by a shim).