nubos-pilot 0.5.8 → 0.5.9

package/bin/install.js

@@ -17,6 +17,7 @@ const backupMod = require('../lib/install/backup.cjs');
 const registryMod = require('../lib/install/runtimes-registry.cjs');
 const runtimeAssetsMod = require('../lib/install/runtime-assets.cjs');
 const languageMod = require('../lib/language.cjs');
+const configDefaults = require('../lib/config-defaults.cjs');
 
 const cyan = '\x1b[36m', green = '\x1b[32m', yellow = '\x1b[33m',
       red = '\x1b[31m', blue = '\x1b[38;5;33m',
@@ -248,16 +249,11 @@ async function _runInitQuestions(detectedRuntime, askUser, flags) {
   const model_profile = (await askUser({ type: 'select', question: 'Model-Profile?',
     options: ['frontier', 'quality', 'balanced', 'budget', 'inherit'], default: 'frontier' })).value;
   const response_language = (await askUser({ type: 'input', question: 'Response language (ISO-639 code)?', default: 'en' })).value;
-  return {
+  return configDefaults.buildInstallConfig({
     runtime, runtimes, scope, mcp: !!f.mcp,
     model_profile,
     response_language,
-    commit_docs: true,
-    parallelization: true,
-    research: true,
-    plan_checker: true,
-    verifier: true,
-  };
+  });
 }
 
 function _repairCodexConfig() {

package/bin/np-tools/_commands.cjs

@@ -48,6 +48,7 @@ const COMMANDS = [
   { name: 'generate-slug',   category: 'Utility', description: 'Slugify text via lib/layout.cjs.slugify' },
   { name: 'stats',           category: 'Utility', description: 'Aggregated project stats (roadmap + STATE + git + metrics JSON shape)' },
   { name: 'detect-runtime',  category: 'Utility', description: 'Print detected runtime id (claude, codex, gemini, …) — reads config.json ∨ env ∨ default' },
+  { name: 'template-path',   category: 'Utility', description: 'Print absolute path to a package-shipped template by name (e.g. VALIDATION, milestone/CONTEXT)' },
 
   { name: 'thread',           category: 'Utility', description: 'Cross-session thread CRUD (create/resume under .nubos-pilot/threads/)' },
   { name: 'session-report',   category: 'Utility', description: 'Generate session report from metrics since .last-session pointer' },

package/bin/np-tools/commit.cjs

@@ -1,6 +1,7 @@
 const { execFileSync } = require('node:child_process');
+const fs = require('node:fs');
 const path = require('node:path');
-const { NubosPilotError } = require('../../lib/core.cjs');
+const { NubosPilotError, findProjectRoot } = require('../../lib/core.cjs');
 const { assertCommittablePaths } = require('../../lib/git.cjs');
 const { resolveCommitArtifacts } = require('../../lib/commit-policy.cjs');
 
@@ -47,19 +48,34 @@ function _parseArgs(argv) {
   return { msg, files };
 }
 
-function _validateFiles(files) {
-  for (const f of files) {
+function _realpathOrResolve(p) {
+  try { return fs.realpathSync(p); } catch { return path.resolve(p); }
+}
+
+function _normalizeFiles(files, cwd, root) {
+  const realRoot = _realpathOrResolve(root);
+  return files.map((f) => {
     if (typeof f !== 'string' || f.length === 0) {
       throw new NubosPilotError('commit-invalid-path', 'commit path must be non-empty string', { path: f });
     }
-    const segments = String(f).split(/[/\\]/);
-    for (const seg of segments) {
-      if (seg === '..') {
-        throw new NubosPilotError('commit-path-traversal', 'commit path must not contain ".." segments', { path: f });
-      }
+    const abs = path.isAbsolute(f) ? path.resolve(f) : path.resolve(cwd, f);
+    const realAbs = _realpathOrResolve(abs);
+    const rel = path.relative(realRoot, realAbs);
+    if (rel === '' || rel.startsWith('..') || path.isAbsolute(rel)) {
+      throw new NubosPilotError(
+        'commit-path-outside-project',
+        'commit path must resolve inside project root',
+        { path: f, root },
+      );
     }
-    if (path.isAbsolute(f)) {
-      throw new NubosPilotError('commit-path-absolute', 'commit path must be relative', { path: f });
+    return rel;
+  });
+}
+
+function _validateFiles(files) {
+  for (const f of files) {
+    if (typeof f !== 'string' || f.length === 0) {
+      throw new NubosPilotError('commit-invalid-path', 'commit path must be non-empty string', { path: f });
     }
   }
 }
@@ -87,13 +103,15 @@ function run(argv, ctx) {
       stdout.write(JSON.stringify({ committed: false, reason: 'commit_artifacts=false', files }) + '\n');
       return 0;
     }
-    const committable = assertCommittablePaths(files);
+    const root = findProjectRoot(cwd);
+    const normalized = _normalizeFiles(files, cwd, root);
+    const committable = assertCommittablePaths(normalized, { cwd: root });
     if (committable.length === 0) {
       throw new NubosPilotError('commit-no-paths', 'commit invoked with no committable paths', { files });
     }
-    execFileSync('git', ['add', '--', ...committable], { stdio: 'pipe' });
-    execFileSync('git', ['commit', '-m', msg, '--', ...committable], { stdio: 'pipe' });
-    const sha = execFileSync('git', ['rev-parse', '--short', 'HEAD'], { encoding: 'utf-8' }).trim();
+    execFileSync('git', ['add', '--', ...committable], { cwd: root, stdio: 'pipe' });
+    execFileSync('git', ['commit', '-m', msg, '--', ...committable], { cwd: root, stdio: 'pipe' });
+    const sha = execFileSync('git', ['rev-parse', '--short', 'HEAD'], { cwd: root, encoding: 'utf-8' }).trim();
     stdout.write(JSON.stringify({ committed: true, sha, files: committable }) + '\n');
     return 0;
   } catch (err) {

package/bin/np-tools/commit.test.cjs

@@ -57,12 +57,39 @@ test('COMMIT-1: happy path commits a single file and prints sha JSON', () => {
   assert.match(stdout.toString(), /"committed":\s*true/);
 });
 
-test('COMMIT-2: path with ".." segment rejected with commit-path-traversal', () => {
+test('COMMIT-2: path resolving outside project root rejected with commit-path-outside-project', () => {
+  const sb = makeSandbox();
+  initGit(sb);
+  const stdout = makeSink();
+  const stderr = makeSink();
+  const code = commitCli.run(['feat: x', '--files', '../outside.txt'], { cwd: sb, stdout, stderr });
+  assert.equal(code, 1);
+  assert.match(stderr.toString(), /"code":\s*"commit-path-outside-project"/);
+});
+
+test('COMMIT-2b: absolute path inside project root is accepted and normalized', () => {
+  const sb = makeSandbox();
+  initGit(sb);
+  const absFile = path.join(sb, 'note.md');
+  fs.writeFileSync(absFile, 'hi\n');
+  const stdout = makeSink();
+  const stderr = makeSink();
+  const code = commitCli.run(['docs: note', '--files', absFile], { cwd: sb, stdout, stderr });
+  assert.equal(code, 0, 'stderr=' + stderr.toString());
+  assert.match(stdout.toString(), /"committed":\s*true/);
+});
+
+test('COMMIT-2c: absolute path outside project root rejected', () => {
+  const sb = makeSandbox();
+  initGit(sb);
+  const outside = path.join(os.tmpdir(), 'np-commit-outside-' + Date.now() + '.txt');
+  fs.writeFileSync(outside, 'x');
   const stdout = makeSink();
   const stderr = makeSink();
-  const code = commitCli.run(['feat: x', '--files', '../outside.txt'], { stdout, stderr });
+  const code = commitCli.run(['docs: x', '--files', outside], { cwd: sb, stdout, stderr });
+  try { fs.unlinkSync(outside); } catch {}
   assert.equal(code, 1);
-  assert.match(stderr.toString(), /"code":\s*"commit-path-traversal"/);
+  assert.match(stderr.toString(), /"code":\s*"commit-path-outside-project"/);
 });
 
 test('COMMIT-3: empty message prints usage and exits 1', () => {

package/bin/np-tools/template-path.cjs

@@ -0,0 +1,61 @@
+'use strict';
+
+const fs = require('node:fs');
+const path = require('node:path');
+const { NubosPilotError } = require('../../lib/core.cjs');
+
+const PACKAGE_TEMPLATES_DIR = path.resolve(__dirname, '..', '..', 'templates');
+
+function _emitError(err, stderr) {
+  const code = err && err.name === 'NubosPilotError' ? err.code : 'template-path-internal-error';
+  const message = (err && err.message) || String(err);
+  const details = (err && err.details) || null;
+  stderr.write(JSON.stringify({ code, message, details }) + '\n');
+}
+
+function resolveTemplatePath(name) {
+  if (!name || typeof name !== 'string') {
+    throw new NubosPilotError('template-invalid-name', 'template name must be a non-empty string', { name });
+  }
+  const segments = name.split(/[/\\]/);
+  for (const seg of segments) {
+    if (seg === '' || seg === '..' || seg === '.') {
+      throw new NubosPilotError('template-invalid-name', 'template name segment invalid: ' + seg, { name, segment: seg });
+    }
+  }
+  const withExt = /\.[a-z0-9]+$/i.test(name) ? name : name + '.md';
+  const full = path.resolve(PACKAGE_TEMPLATES_DIR, withExt);
+  const guard = PACKAGE_TEMPLATES_DIR + path.sep;
+  if (!full.startsWith(guard)) {
+    throw new NubosPilotError('template-path-traversal', 'template name escapes templates directory', { name, resolved: full });
+  }
+  if (!fs.existsSync(full)) {
+    throw new NubosPilotError('template-not-found', 'template not found: ' + name, { name, path: full });
+  }
+  return full;
+}
+
+function run(argv, ctx) {
+  const context = ctx || {};
+  const stdout = context.stdout || process.stdout;
+  const stderr = context.stderr || process.stderr;
+  const args = Array.isArray(argv) ? argv.slice() : [];
+  if (args.length === 0 || args[0] === '--help') {
+    stderr.write('Usage: np-tools.cjs template-path <name>\n');
+    return 1;
+  }
+  try {
+    const out = resolveTemplatePath(args[0]);
+    stdout.write(out);
+    return 0;
+  } catch (err) {
+    _emitError(err, stderr);
+    return 1;
+  }
+}
+
+module.exports = { run, resolveTemplatePath, PACKAGE_TEMPLATES_DIR };
+
+if (require.main === module) {
+  process.exit(run(process.argv.slice(2)));
+}

package/bin/np-tools/template-path.test.cjs

@@ -0,0 +1,86 @@
+'use strict';
+
+const fs = require('node:fs');
+const path = require('node:path');
+const { test } = require('node:test');
+const assert = require('node:assert/strict');
+const { Writable } = require('node:stream');
+
+const cli = require('./template-path.cjs');
+const { resolveTemplatePath, PACKAGE_TEMPLATES_DIR } = cli;
+
+function makeSink() {
+  const chunks = [];
+  const w = new Writable({ write(chunk, _enc, cb) { chunks.push(chunk); cb(); } });
+  w.toString = () => Buffer.concat(chunks.map((c) => Buffer.isBuffer(c) ? c : Buffer.from(String(c)))).toString('utf-8');
+  return w;
+}
+
+test('TPL-1: resolves VALIDATION to absolute path in package templates dir', () => {
+  const out = resolveTemplatePath('VALIDATION');
+  assert.ok(path.isAbsolute(out));
+  assert.ok(out.startsWith(PACKAGE_TEMPLATES_DIR + path.sep));
+  assert.ok(fs.existsSync(out));
+});
+
+test('TPL-2: accepts nested name like milestone/CONTEXT', () => {
+  const out = resolveTemplatePath('milestone/CONTEXT');
+  assert.ok(fs.existsSync(out));
+  assert.match(out, /templates[/\\]milestone[/\\]CONTEXT\.md$/);
+});
+
+test('TPL-3: appends .md when extension absent', () => {
+  const out = resolveTemplatePath('VALIDATION');
+  assert.ok(out.endsWith('.md'));
+});
+
+test('TPL-4: keeps explicit extension', () => {
+  const out = resolveTemplatePath('VALIDATION.md');
+  assert.ok(out.endsWith('VALIDATION.md'));
+  assert.doesNotMatch(out, /\.md\.md$/);
+});
+
+test('TPL-5: rejects traversal ..', () => {
+  assert.throws(
+    () => resolveTemplatePath('../etc/passwd'),
+    (err) => err && err.code === 'template-invalid-name',
+  );
+});
+
+test('TPL-6: rejects empty segments', () => {
+  assert.throws(
+    () => resolveTemplatePath('milestone//CONTEXT'),
+    (err) => err && err.code === 'template-invalid-name',
+  );
+});
+
+test('TPL-7: rejects non-existent template with template-not-found', () => {
+  assert.throws(
+    () => resolveTemplatePath('NONEXISTENT'),
+    (err) => err && err.code === 'template-not-found',
+  );
+});
+
+test('TPL-8: CLI prints path and exits 0 for valid template', () => {
+  const stdout = makeSink();
+  const stderr = makeSink();
+  const code = cli.run(['VALIDATION'], { stdout, stderr });
+  assert.equal(code, 0, 'stderr=' + stderr.toString());
+  assert.ok(fs.existsSync(stdout.toString()));
+});
+
+test('TPL-9: CLI emits error JSON and exits 1 for missing template', () => {
+  const stdout = makeSink();
+  const stderr = makeSink();
+  const code = cli.run(['NOPE'], { stdout, stderr });
+  assert.equal(code, 1);
+  assert.match(stderr.toString(), /"code":\s*"template-not-found"/);
+});
+
+test('TPL-10: CLI with no args prints usage to stderr and exits 1', () => {
+  const stdout = makeSink();
+  const stderr = makeSink();
+  const code = cli.run([], { stdout, stderr });
+  assert.equal(code, 1);
+  assert.match(stderr.toString(), /Usage:/);
+});

package/lib/config-defaults.cjs

@@ -0,0 +1,40 @@
+'use strict';
+
+const DEFAULT_WORKFLOW = Object.freeze({
+  commit_docs: true,
+  commit_artifacts: true,
+});
+
+const DEFAULT_AGENTS = Object.freeze({
+  parallelization: true,
+  research: true,
+  plan_checker: true,
+  verifier: true,
+});
+
+const DEFAULT_MODEL_PROFILE = 'frontier';
+const DEFAULT_SCOPE = 'local';
+const DEFAULT_RESPONSE_LANGUAGE = 'en';
+
+function buildInstallConfig(answers) {
+  const a = answers || {};
+  return {
+    runtime: a.runtime || null,
+    runtimes: Array.isArray(a.runtimes) ? a.runtimes.slice() : (a.runtime ? [a.runtime] : []),
+    scope: a.scope || DEFAULT_SCOPE,
+    mcp: !!a.mcp,
+    model_profile: a.model_profile || DEFAULT_MODEL_PROFILE,
+    response_language: a.response_language || DEFAULT_RESPONSE_LANGUAGE,
+    workflow: { ...DEFAULT_WORKFLOW },
+    agents: { ...DEFAULT_AGENTS },
+  };
+}
+
+module.exports = {
+  DEFAULT_WORKFLOW,
+  DEFAULT_AGENTS,
+  DEFAULT_MODEL_PROFILE,
+  DEFAULT_SCOPE,
+  DEFAULT_RESPONSE_LANGUAGE,
+  buildInstallConfig,
+};

package/lib/git.cjs

@@ -8,12 +8,14 @@ function _isFatalCheckIgnore(err) {
   return err && err.status !== 1;
 }
 
-function isPathIgnored(p) {
+function isPathIgnored(p, opts) {
+  const spawnOpts = { stdio: 'pipe' };
+  if (opts && opts.cwd) spawnOpts.cwd = opts.cwd;
   try {
-    execFileSync('git', ['check-ignore', '--quiet', '--', p], { stdio: 'pipe' });
-    return true; 
+    execFileSync('git', ['check-ignore', '--quiet', '--', p], spawnOpts);
+    return true;
   } catch (err) {
-    if (err && err.status === 1) return false; 
+    if (err && err.status === 1) return false;
     if (err && err.status === 128) {
 
       throw err;
@@ -22,7 +24,7 @@ function isPathIgnored(p) {
   }
 }
 
-function assertCommittablePaths(paths) {
+function assertCommittablePaths(paths, opts) {
   if (!Array.isArray(paths)) {
     throw new NubosPilotError(
       'commit-paths-invalid',
@@ -30,11 +32,13 @@ function assertCommittablePaths(paths) {
       { got: typeof paths },
     );
   }
+  const spawnOpts = { stdio: 'pipe' };
+  if (opts && opts.cwd) spawnOpts.cwd = opts.cwd;
   const ignored = [];
   for (const p of paths) {
     try {
-      execFileSync('git', ['check-ignore', '--quiet', '--', p], { stdio: 'pipe' });
-      ignored.push(p); 
+      execFileSync('git', ['check-ignore', '--quiet', '--', p], spawnOpts);
+      ignored.push(p);
     } catch (err) {
       if (_isFatalCheckIgnore(err)) {
         if (err.status === 128) throw err;

package/np-tools.cjs

@@ -48,6 +48,7 @@ const topLevelCommands = {
   'lang-directive': require('./bin/np-tools/lang-directive.cjs'),
   'text-mode':      require('./bin/np-tools/text-mode.cjs'),
   'detect-runtime': require('./bin/np-tools/detect-runtime.cjs'),
+  'template-path':  require('./bin/np-tools/template-path.cjs'),
 };
 
 const THRESHOLD = 16 * 1024;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "nubos-pilot",
-  "version": "0.5.8",
+  "version": "0.5.9",
   "description": "AI-driven planning and execution tool for code projects",
   "homepage": "https://github.com/Nubos-AI/nubos-pilot",
   "repository": {

package/workflows/discuss-phase.md

@@ -356,13 +356,14 @@ CONTEXT_PATH=$(echo "$INIT" | node -e 'let d="";process.stdin.on("data",c=>d+=c)
 mkdir -p "$MILESTONE_DIR"
 mkdir -p "$MILESTONE_DIR/slices"
 
+TPL_PATH=$(node .nubos-pilot/bin/np-tools.cjs template-path milestone/CONTEXT)
 node -e '
   const { render } = require("./lib/template.cjs");
   const fs = require("node:fs");
-  const tpl = fs.readFileSync("templates/milestone/CONTEXT.md", "utf-8");
-  const vars = JSON.parse(process.argv[1]);
+  const tpl = fs.readFileSync(process.argv[1], "utf-8");
+  const vars = JSON.parse(process.argv[2]);
   process.stdout.write(render(tpl, vars));
-' "$VARS_JSON" > "$CONTEXT_PATH"
+' "$TPL_PATH" "$VARS_JSON" > "$CONTEXT_PATH"
 ```
 
 `$VARS_JSON` is the JSON-serialised accumulator from Steps 2–5 (keys map to

package/workflows/validate-phase.md

@@ -42,7 +42,7 @@ the main chat. Auto-enabled in Claude Code (CLAUDECODE=1); opt-in via
 MILESTONE_ID=$(echo "$INIT" | jq -r '.milestone_id')
 MILESTONE_DIR=$(echo "$INIT" | jq -r '.milestone_dir')
 VALIDATION_PATH="${MILESTONE_DIR}/${MILESTONE_ID}-VALIDATION.md"
-TEMPLATE_PATH="templates/VALIDATION.md"
+TEMPLATE_PATH=$(node .nubos-pilot/bin/np-tools.cjs template-path VALIDATION)
 REQS_PATH=".nubos-pilot/REQUIREMENTS.md"
 PLAN_ID="${MILESTONE_ID}-validate"
 TASK_ID="${MILESTONE_ID}-validate"
@@ -93,9 +93,9 @@ fi
 ### Gate 3 — Template present
 
 ```bash
-if [[ ! -f "$TEMPLATE_PATH" ]]; then
-  echo "Error: $TEMPLATE_PATH missing." >&2
-  echo "Re-run 'npx nubos-pilot install' or restore templates/VALIDATION.md from source." >&2
+if [[ -z "$TEMPLATE_PATH" || ! -f "$TEMPLATE_PATH" ]]; then
+  echo "Error: VALIDATION template not resolvable via np-tools.cjs template-path." >&2
+  echo "Re-run 'npx nubos-pilot install' or check the package's templates/ dir." >&2
   exit 1
 fi
 ```