obsidian-tc 1.0.1 → 1.0.2

package/dist/cli.js

@@ -30672,7 +30672,7 @@ var MUTATING_FAMILIES = ["write", "delete", "bulk", "execute"];
 function isMutatingScope(scope) {
   return MUTATING_FAMILIES.includes(parseScope(scope).family);
 }
-var SCOPE_CLASS_PRECEDENCE = ["bulk", "execute", "admin", "write", "read"];
+var SCOPE_CLASS_PRECEDENCE = ["bulk", "execute", "admin", "delete", "write", "read"];
 function scopeClassOf(requiredScopes) {
   const families = new Set(requiredScopes.map((s) => parseScope(s).family));
   for (const cls of SCOPE_CLASS_PRECEDENCE)
@@ -34653,6 +34653,29 @@ var coerce = {
   date: (arg) => ZodDate.create({ ...arg, coerce: true })
 };
 var NEVER = INVALID;
+// ../shared/src/net-host.ts
+function normalizeHostForBind(host) {
+  return host.trim().toLowerCase().replace(/^\[/, "").replace(/\]$/, "");
+}
+function isStrictIpv4(h) {
+  const m = /^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/.exec(h);
+  if (!m)
+    return false;
+  return m.slice(1).every((octet) => Number(octet) <= 255);
+}
+function isLoopbackHost(host) {
+  const h = normalizeHostForBind(host);
+  if (h === "localhost" || h === "::1")
+    return true;
+  if (isStrictIpv4(h))
+    return h.startsWith("127.");
+  if (h.startsWith("::ffff:")) {
+    const v4 = h.slice("::ffff:".length);
+    return isStrictIpv4(v4) && v4.startsWith("127.");
+  }
+  return false;
+}
+
 // ../shared/src/config.schema.ts
 var VaultBridgesConfigSchema = exports_external.object({
   timeoutMs: exports_external.number().int().positive().default(5000),
@@ -34688,7 +34711,7 @@ var VaultConfigSchema = exports_external.object({
   workspace: VaultWorkspaceConfigSchema.optional()
 });
 var AuthConfigSchema = exports_external.object({
-  mode: exports_external.enum(["none", "jwt", "oauth"]).default("none"),
+  mode: exports_external.enum(["none", "jwt"]).default("none"),
   jwtSecret: exports_external.string().min(32).optional(),
   tokenTtlSeconds: exports_external.number().int().positive().default(86400)
 }).refine((c) => c.mode !== "jwt" || !!c.jwtSecret, {
@@ -34770,7 +34793,7 @@ var PlurConfigSchema = exports_external.object({
   apiPrefix: exports_external.string().default(""),
   timeoutMs: exports_external.number().int().positive().default(5000)
 });
-var ServerConfigSchema = exports_external.object({
+var ServerConfigObject = exports_external.object({
   cacheDir: exports_external.string().default(".obsidian-tc"),
   vaults: exports_external.array(VaultConfigSchema).min(1),
   plur: PlurConfigSchema.optional(),
@@ -34784,6 +34807,16 @@ var ServerConfigSchema = exports_external.object({
   idempotencyTtlSeconds: exports_external.number().int().positive().default(86400),
   elicitTtlSeconds: exports_external.number().int().positive().default(300)
 });
+var ServerConfigSchema = ServerConfigObject.superRefine((cfg, ctx) => {
+  const http = cfg.transports.http;
+  if (http.enabled && cfg.auth.mode === "none" && !isLoopbackHost(http.host)) {
+    ctx.addIssue({
+      code: exports_external.ZodIssueCode.custom,
+      path: ["transports", "http", "host"],
+      message: `refusing to expose an unauthenticated server: transports.http.enabled is true with host "${http.host}" (non-loopback) while auth.mode is "none". Set auth.mode to "jwt" (with jwtSecret) or bind transports.http.host to a loopback address (127.0.0.1, ::1, localhost).`
+    });
+  }
+});
 // ../shared/src/morgiana.schema.ts
 var MORGIANA_EVENT_TYPES = [
   "tc.tool.call.completed",
@@ -35241,10 +35274,12 @@ function jsBm25Score(tf, docLen, avgDocLen, docFreq, docCount) {
   const denom = tf + k1 * (1 - b + b * (docLen / Math.max(avgDocLen, 1)));
   return idf * (tf * (k1 + 1)) / denom;
 }
-function loadNative() {
-  const pkg = ["@the-40-thieves", "obsidian-tc-native"].join("/");
+var NATIVE_PKG = ["@the-40-thieves", "obsidian-tc-native"].join("/");
+function loadNative(env = process.env, requireFn = createRequire2(import.meta.url)) {
+  if (env.OBSIDIAN_TC_FORCE_JS_FALLBACK === "1")
+    return null;
   try {
-    const mod = createRequire2(import.meta.url)(pkg);
+    const mod = requireFn(NATIVE_PKG);
     if (typeof mod.cosineSimilarity === "function" && typeof mod.tokenize === "function" && typeof mod.bm25Score === "function") {
       return mod;
     }
@@ -35387,6 +35422,7 @@ class TokenBucket {
 var DEFAULT_THROTTLE_TIERS = {
   read: { perMinute: 600, burst: 100 },
   write: { perMinute: 60, burst: 20 },
+  delete: { perMinute: 60, burst: 20 },
   bulk: { perMinute: 10, burst: 3 },
   execute: { perMinute: 5, burst: 1 },
   admin: { perMinute: 5, burst: 1 }
@@ -35397,8 +35433,15 @@ class RateLimiter {
   tiers;
   buckets = new Map;
   hits = new Map;
-  constructor(tiers = DEFAULT_THROTTLE_TIERS) {
+  idleTtlMs;
+  maxBuckets;
+  sweepIntervalMs;
+  lastSweepMs = null;
+  constructor(tiers = DEFAULT_THROTTLE_TIERS, opts = {}) {
     this.tiers = tiers;
+    this.idleTtlMs = opts.idleTtlMs ?? 600000;
+    this.maxBuckets = opts.maxBuckets ?? 1e4;
+    this.sweepIntervalMs = opts.sweepIntervalMs ?? 60000;
   }
   check(callerHashValue, scopeClass, vaultId, nowMs, n = 1) {
     const tier = this.tiers[scopeClass];
@@ -35406,20 +35449,26 @@ class RateLimiter {
       return { ok: true, scopeClass, retryAfterSeconds: 0, currentBurst: -1, currentRate: -1 };
     }
     const key = `${callerHashValue}|${scopeClass}|${vaultId}`;
-    let bucket = this.buckets.get(key);
-    if (!bucket) {
-      bucket = new TokenBucket({
-        capacity: tier.burst,
-        refillTokens: tier.perMinute,
-        intervalMs: INTERVAL_MS
-      });
-      this.buckets.set(key, bucket);
+    let entry = this.buckets.get(key);
+    if (!entry) {
+      entry = {
+        bucket: new TokenBucket({
+          capacity: tier.burst,
+          refillTokens: tier.perMinute,
+          intervalMs: INTERVAL_MS
+        }),
+        fullRefillMs: tier.perMinute > 0 ? Math.ceil(tier.burst * INTERVAL_MS / tier.perMinute) : 0,
+        lastSeenMs: nowMs
+      };
+      this.buckets.set(key, entry);
     }
-    const res = bucket.tryRemove(n, nowMs);
+    entry.lastSeenMs = nowMs;
+    const res = entry.bucket.tryRemove(n, nowMs);
     if (!res.ok) {
       const hk = `${vaultId}|${scopeClass}`;
       this.hits.set(hk, (this.hits.get(hk) ?? 0) + 1);
     }
+    this.sweep(nowMs);
     return {
       ok: res.ok,
       scopeClass,
@@ -35428,6 +35477,26 @@ class RateLimiter {
       currentRate: tier.perMinute
     };
   }
+  sweep(nowMs) {
+    if (this.lastSweepMs !== null && nowMs - this.lastSweepMs < this.sweepIntervalMs)
+      return;
+    this.lastSweepMs = nowMs;
+    for (const [key, e] of this.buckets) {
+      if (nowMs - e.lastSeenMs >= this.idleTtlMs)
+        this.buckets.delete(key);
+    }
+    if (this.buckets.size <= this.maxBuckets)
+      return;
+    const evictable = [...this.buckets.entries()].filter(([, e]) => nowMs - e.lastSeenMs >= e.fullRefillMs).sort((a, b) => a[1].lastSeenMs - b[1].lastSeenMs);
+    for (const [key] of evictable) {
+      if (this.buckets.size <= this.maxBuckets)
+        break;
+      this.buckets.delete(key);
+    }
+  }
+  get bucketCount() {
+    return this.buckets.size;
+  }
   snapshot() {
     return [...this.hits.entries()].map(([k, hits]) => {
       const sep = k.indexOf("|");
@@ -35444,6 +35513,7 @@ function callStatusForError(code) {
   switch (code) {
     case "unauthorized":
     case "forbidden":
+    case "acl_denied":
     case "elicit_required":
     case "throttled":
       return "denied";
@@ -35525,6 +35595,7 @@ class ToolRegistry {
     }
     switch (result2.error.code) {
       case "forbidden":
+      case "acl_denied":
         this.relay(ctx.vaultId, "tc.acl.denied", data);
         break;
       case "overflow":
@@ -35672,7 +35743,7 @@ class ToolRegistry {
       const duration = Math.max(0, now() - start);
       audit("error", duration, 0, error.code);
       this.meter((m) => {
-        if (error.code === "forbidden")
+        if (error.code === "forbidden" || error.code === "acl_denied")
           m.incAclDenied(ctx.vaultId, scopeClass, error.code);
         m.observeToolCall(ctx.vaultId, name, callStatusForError(error.code), duration / 1000, 0);
       });
@@ -56891,20 +56962,17 @@ async function resolveAuth(header, auth) {
   if (auth.mode === "none") {
     return { ok: true, caller: "http-local", scopes: new Set(["*"]) };
   }
-  if (auth.mode === "jwt") {
-    const token = bearer2(header);
-    if (!token)
-      return { ok: false, status: 401, reason: "missing bearer token" };
-    if (!auth.jwtSecret)
-      return { ok: false, status: 500, reason: "jwt mode misconfigured: no secret" };
-    try {
-      const id = await verifyJwt(token, auth.jwtSecret);
-      return { ok: true, caller: id.caller, scopes: id.scopes };
-    } catch {
-      return { ok: false, status: 401, reason: "invalid or expired token" };
-    }
+  const token = bearer2(header);
+  if (!token)
+    return { ok: false, status: 401, reason: "missing bearer token" };
+  if (!auth.jwtSecret)
+    return { ok: false, status: 500, reason: "jwt mode misconfigured: no secret" };
+  try {
+    const id = await verifyJwt(token, auth.jwtSecret);
+    return { ok: true, caller: id.caller, scopes: id.scopes };
+  } catch {
+    return { ok: false, status: 401, reason: "invalid or expired token" };
   }
-  return { ok: false, status: 501, reason: `auth mode '${auth.mode}' is not implemented` };
 }
 function createHttpApp(opts) {
   const app = new Hono2;
@@ -56956,7 +57024,7 @@ function createHttpApp(opts) {
 function startHttp(opts) {
   const app = createHttpApp(opts);
   return new Promise((resolve2) => {
-    const server = serve({ fetch: app.fetch, hostname: opts.host, port: opts.port }, (info) => {
+    const server = serve({ fetch: app.fetch, hostname: normalizeHostForBind(opts.host), port: opts.port }, (info) => {
       resolve2({
         port: info.port,
         close: () => new Promise((done) => {

package/dist/index.js

@@ -20730,7 +20730,7 @@ var MUTATING_FAMILIES = ["write", "delete", "bulk", "execute"];
 function isMutatingScope(scope) {
   return MUTATING_FAMILIES.includes(parseScope(scope).family);
 }
-var SCOPE_CLASS_PRECEDENCE = ["bulk", "execute", "admin", "write", "read"];
+var SCOPE_CLASS_PRECEDENCE = ["bulk", "execute", "admin", "delete", "write", "read"];
 function scopeClassOf(requiredScopes) {
   const families = new Set(requiredScopes.map((s) => parseScope(s).family));
   for (const cls of SCOPE_CLASS_PRECEDENCE)
@@ -24711,6 +24711,29 @@ var coerce = {
   date: (arg) => ZodDate.create({ ...arg, coerce: true })
 };
 var NEVER = INVALID;
+// ../shared/src/net-host.ts
+function normalizeHostForBind(host) {
+  return host.trim().toLowerCase().replace(/^\[/, "").replace(/\]$/, "");
+}
+function isStrictIpv4(h) {
+  const m = /^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/.exec(h);
+  if (!m)
+    return false;
+  return m.slice(1).every((octet) => Number(octet) <= 255);
+}
+function isLoopbackHost(host) {
+  const h = normalizeHostForBind(host);
+  if (h === "localhost" || h === "::1")
+    return true;
+  if (isStrictIpv4(h))
+    return h.startsWith("127.");
+  if (h.startsWith("::ffff:")) {
+    const v4 = h.slice("::ffff:".length);
+    return isStrictIpv4(v4) && v4.startsWith("127.");
+  }
+  return false;
+}
+
 // ../shared/src/config.schema.ts
 var VaultBridgesConfigSchema = exports_external.object({
   timeoutMs: exports_external.number().int().positive().default(5000),
@@ -24746,7 +24769,7 @@ var VaultConfigSchema = exports_external.object({
   workspace: VaultWorkspaceConfigSchema.optional()
 });
 var AuthConfigSchema = exports_external.object({
-  mode: exports_external.enum(["none", "jwt", "oauth"]).default("none"),
+  mode: exports_external.enum(["none", "jwt"]).default("none"),
   jwtSecret: exports_external.string().min(32).optional(),
   tokenTtlSeconds: exports_external.number().int().positive().default(86400)
 }).refine((c) => c.mode !== "jwt" || !!c.jwtSecret, {
@@ -24828,7 +24851,7 @@ var PlurConfigSchema = exports_external.object({
   apiPrefix: exports_external.string().default(""),
   timeoutMs: exports_external.number().int().positive().default(5000)
 });
-var ServerConfigSchema = exports_external.object({
+var ServerConfigObject = exports_external.object({
   cacheDir: exports_external.string().default(".obsidian-tc"),
   vaults: exports_external.array(VaultConfigSchema).min(1),
   plur: PlurConfigSchema.optional(),
@@ -24842,6 +24865,16 @@ var ServerConfigSchema = exports_external.object({
   idempotencyTtlSeconds: exports_external.number().int().positive().default(86400),
   elicitTtlSeconds: exports_external.number().int().positive().default(300)
 });
+var ServerConfigSchema = ServerConfigObject.superRefine((cfg, ctx) => {
+  const http = cfg.transports.http;
+  if (http.enabled && cfg.auth.mode === "none" && !isLoopbackHost(http.host)) {
+    ctx.addIssue({
+      code: exports_external.ZodIssueCode.custom,
+      path: ["transports", "http", "host"],
+      message: `refusing to expose an unauthenticated server: transports.http.enabled is true with host "${http.host}" (non-loopback) while auth.mode is "none". Set auth.mode to "jwt" (with jwtSecret) or bind transports.http.host to a loopback address (127.0.0.1, ::1, localhost).`
+    });
+  }
+});
 // ../shared/src/morgiana.schema.ts
 var MORGIANA_EVENT_TYPES = [
   "tc.tool.call.completed",
@@ -25124,6 +25157,7 @@ class TokenBucket {
 var DEFAULT_THROTTLE_TIERS = {
   read: { perMinute: 600, burst: 100 },
   write: { perMinute: 60, burst: 20 },
+  delete: { perMinute: 60, burst: 20 },
   bulk: { perMinute: 10, burst: 3 },
   execute: { perMinute: 5, burst: 1 },
   admin: { perMinute: 5, burst: 1 }
@@ -25134,8 +25168,15 @@ class RateLimiter {
   tiers;
   buckets = new Map;
   hits = new Map;
-  constructor(tiers = DEFAULT_THROTTLE_TIERS) {
+  idleTtlMs;
+  maxBuckets;
+  sweepIntervalMs;
+  lastSweepMs = null;
+  constructor(tiers = DEFAULT_THROTTLE_TIERS, opts = {}) {
     this.tiers = tiers;
+    this.idleTtlMs = opts.idleTtlMs ?? 600000;
+    this.maxBuckets = opts.maxBuckets ?? 1e4;
+    this.sweepIntervalMs = opts.sweepIntervalMs ?? 60000;
   }
   check(callerHashValue, scopeClass, vaultId, nowMs, n = 1) {
     const tier = this.tiers[scopeClass];
@@ -25143,20 +25184,26 @@ class RateLimiter {
       return { ok: true, scopeClass, retryAfterSeconds: 0, currentBurst: -1, currentRate: -1 };
     }
     const key = `${callerHashValue}|${scopeClass}|${vaultId}`;
-    let bucket = this.buckets.get(key);
-    if (!bucket) {
-      bucket = new TokenBucket({
-        capacity: tier.burst,
-        refillTokens: tier.perMinute,
-        intervalMs: INTERVAL_MS
-      });
-      this.buckets.set(key, bucket);
+    let entry = this.buckets.get(key);
+    if (!entry) {
+      entry = {
+        bucket: new TokenBucket({
+          capacity: tier.burst,
+          refillTokens: tier.perMinute,
+          intervalMs: INTERVAL_MS
+        }),
+        fullRefillMs: tier.perMinute > 0 ? Math.ceil(tier.burst * INTERVAL_MS / tier.perMinute) : 0,
+        lastSeenMs: nowMs
+      };
+      this.buckets.set(key, entry);
     }
-    const res = bucket.tryRemove(n, nowMs);
+    entry.lastSeenMs = nowMs;
+    const res = entry.bucket.tryRemove(n, nowMs);
     if (!res.ok) {
       const hk = `${vaultId}|${scopeClass}`;
       this.hits.set(hk, (this.hits.get(hk) ?? 0) + 1);
     }
+    this.sweep(nowMs);
     return {
       ok: res.ok,
       scopeClass,
@@ -25165,6 +25212,26 @@ class RateLimiter {
       currentRate: tier.perMinute
     };
   }
+  sweep(nowMs) {
+    if (this.lastSweepMs !== null && nowMs - this.lastSweepMs < this.sweepIntervalMs)
+      return;
+    this.lastSweepMs = nowMs;
+    for (const [key, e] of this.buckets) {
+      if (nowMs - e.lastSeenMs >= this.idleTtlMs)
+        this.buckets.delete(key);
+    }
+    if (this.buckets.size <= this.maxBuckets)
+      return;
+    const evictable = [...this.buckets.entries()].filter(([, e]) => nowMs - e.lastSeenMs >= e.fullRefillMs).sort((a, b) => a[1].lastSeenMs - b[1].lastSeenMs);
+    for (const [key] of evictable) {
+      if (this.buckets.size <= this.maxBuckets)
+        break;
+      this.buckets.delete(key);
+    }
+  }
+  get bucketCount() {
+    return this.buckets.size;
+  }
   snapshot() {
     return [...this.hits.entries()].map(([k, hits]) => {
       const sep = k.indexOf("|");
@@ -25181,6 +25248,7 @@ function callStatusForError(code) {
   switch (code) {
     case "unauthorized":
     case "forbidden":
+    case "acl_denied":
     case "elicit_required":
     case "throttled":
       return "denied";
@@ -25262,6 +25330,7 @@ class ToolRegistry {
     }
     switch (result2.error.code) {
       case "forbidden":
+      case "acl_denied":
         this.relay(ctx.vaultId, "tc.acl.denied", data);
         break;
       case "overflow":
@@ -25409,7 +25478,7 @@ class ToolRegistry {
       const duration = Math.max(0, now() - start);
       audit("error", duration, 0, error.code);
       this.meter((m) => {
-        if (error.code === "forbidden")
+        if (error.code === "forbidden" || error.code === "acl_denied")
           m.incAclDenied(ctx.vaultId, scopeClass, error.code);
         m.observeToolCall(ctx.vaultId, name, callStatusForError(error.code), duration / 1000, 0);
       });
@@ -39712,20 +39781,17 @@ async function resolveAuth(header, auth) {
   if (auth.mode === "none") {
     return { ok: true, caller: "http-local", scopes: new Set(["*"]) };
   }
-  if (auth.mode === "jwt") {
-    const token = bearer(header);
-    if (!token)
-      return { ok: false, status: 401, reason: "missing bearer token" };
-    if (!auth.jwtSecret)
-      return { ok: false, status: 500, reason: "jwt mode misconfigured: no secret" };
-    try {
-      const id = await verifyJwt(token, auth.jwtSecret);
-      return { ok: true, caller: id.caller, scopes: id.scopes };
-    } catch {
-      return { ok: false, status: 401, reason: "invalid or expired token" };
-    }
+  const token = bearer(header);
+  if (!token)
+    return { ok: false, status: 401, reason: "missing bearer token" };
+  if (!auth.jwtSecret)
+    return { ok: false, status: 500, reason: "jwt mode misconfigured: no secret" };
+  try {
+    const id = await verifyJwt(token, auth.jwtSecret);
+    return { ok: true, caller: id.caller, scopes: id.scopes };
+  } catch {
+    return { ok: false, status: 401, reason: "invalid or expired token" };
   }
-  return { ok: false, status: 501, reason: `auth mode '${auth.mode}' is not implemented` };
 }
 function createHttpApp(opts) {
   const app = new Hono2;
@@ -39777,7 +39843,7 @@ function createHttpApp(opts) {
 function startHttp(opts) {
   const app = createHttpApp(opts);
   return new Promise((resolve) => {
-    const server = serve({ fetch: app.fetch, hostname: opts.host, port: opts.port }, (info) => {
+    const server = serve({ fetch: app.fetch, hostname: normalizeHostForBind(opts.host), port: opts.port }, (info) => {
       resolve({
         port: info.port,
         close: () => new Promise((done) => {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "obsidian-tc",
-  "version": "1.0.1",
+  "version": "1.0.2",
   "description": "MCP server for Obsidian — comprehensive tool surface for humans and autonomous agents",
   "license": "Apache-2.0",
   "type": "module",
@@ -19,8 +19,8 @@
   "dependencies": {
     "@hono/node-server": "^2.0.5",
     "@modelcontextprotocol/sdk": "^1.0.0",
-    "@the-40-thieves/obsidian-tc-native": "1.0.1",
-    "@the-40-thieves/obsidian-tc-shared": "1.0.1",
+    "@the-40-thieves/obsidian-tc-native": "1.0.2",
+    "@the-40-thieves/obsidian-tc-shared": "1.0.2",
     "@opentelemetry/api": "^1.9.1",
     "@opentelemetry/exporter-trace-otlp-http": "^0.219.0",
     "@opentelemetry/resources": "^2.8.0",