ocpipe 0.3.0 → 0.3.1

package/src/parsing.ts

@@ -1,5 +1,5 @@
 /**
- * DSTS SDK response parsing.
+ * ocpipe response parsing.
  *
  * Extracts and validates LLM responses using JSON or field marker formats.
  */
@@ -507,13 +507,13 @@ export function applyJqPatch(
     /\binput\b/,
     /\binputs\b/,
     /\bsystem\b/,
-    /\@base64d/,
-    /\@uri/,
-    /\@csv/,
-    /\@tsv/,
-    /\@json/,
-    /\@text/,
-    /\@sh/,
+    /@base64d/,
+    /@uri/,
+    /@csv/,
+    /@tsv/,
+    /@json/,
+    /@text/,
+    /@sh/,
     /`[^`]*`/, // Backtick string interpolation
     /\bimport\b/,
     /\binclude\b/,
@@ -532,7 +532,7 @@ export function applyJqPatch(
 
   // Only allow patches that look like field operations
   // Valid: .foo = "bar", .items[0].name = .items[0].title, del(.foo) | .bar = 1
-  const safePattern = /^[\s\w\[\]."'=|,:\-{}]*$/
+  const safePattern = /^[\s\w[\]."'=|,:\-{}]*$/
   if (!safePattern.test(patch)) {
     console.error(`  Invalid characters in patch, skipping: ${patch}`)
     return obj
@@ -648,44 +648,63 @@ export function buildBatchJsonPatchPrompt(
   return lines.join('\n')
 }
 
-/** extractJsonPatch extracts a JSON Patch array from an LLM response. */
-export function extractJsonPatch(response: string): JsonPatchOperation[] {
-  // Try to find JSON array in code blocks first
-  const codeBlockMatch = response.match(
-    /```(?:json)?\s*(\[[\s\S]*?\])[\s\S]*?```/,
-  )
-  if (codeBlockMatch?.[1]) {
-    try {
-      return JSON.parse(codeBlockMatch[1]) as JsonPatchOperation[]
-    } catch {
-      // Continue to try other methods
+/**
+ * extractBalancedArray extracts a balanced JSON array from a string starting at startIdx.
+ * Returns the array substring or null if not found/unbalanced.
+ */
+function extractBalancedArray(text: string, startIdx: number): string | null {
+  if (startIdx === -1 || startIdx >= text.length) return null
+
+  let bracketCount = 0
+  let endIdx = startIdx
+  for (let i = startIdx; i < text.length; i++) {
+    if (text[i] === '[') bracketCount++
+    else if (text[i] === ']') {
+      bracketCount--
+      if (bracketCount === 0) {
+        endIdx = i + 1
+        break
+      }
     }
   }
 
-  // Try to find raw JSON array by counting brackets
-  const startIdx = response.indexOf('[')
-  if (startIdx !== -1) {
-    let bracketCount = 0
-    let endIdx = startIdx
-    for (let i = startIdx; i < response.length; i++) {
-      if (response[i] === '[') bracketCount++
-      else if (response[i] === ']') {
-        bracketCount--
-        if (bracketCount === 0) {
-          endIdx = i + 1
-          break
+  if (endIdx > startIdx && bracketCount === 0) {
+    return text.slice(startIdx, endIdx)
+  }
+  return null
+}
+
+/** extractJsonPatch extracts a JSON Patch array from an LLM response. */
+export function extractJsonPatch(response: string): JsonPatchOperation[] {
+  // Try to find JSON array in code blocks first
+  // Use indexOf to find code block boundaries to avoid ReDoS vulnerabilities
+  const codeBlockStart = response.indexOf('```')
+  if (codeBlockStart !== -1) {
+    const codeBlockEnd = response.indexOf('```', codeBlockStart + 3)
+    if (codeBlockEnd !== -1) {
+      const codeBlockContent = response.slice(codeBlockStart + 3, codeBlockEnd)
+      // Skip optional "json" language identifier and whitespace
+      const arrayStart = codeBlockContent.indexOf('[')
+      if (arrayStart !== -1) {
+        const arrayJson = extractBalancedArray(codeBlockContent, arrayStart)
+        if (arrayJson) {
+          try {
+            return JSON.parse(arrayJson) as JsonPatchOperation[]
+          } catch {
+            // Continue to try other methods
+          }
         }
       }
     }
+  }
 
-    if (endIdx > startIdx) {
-      try {
-        return JSON.parse(
-          response.slice(startIdx, endIdx),
-        ) as JsonPatchOperation[]
-      } catch {
-        // Fall through to empty array
-      }
+  // Try to find raw JSON array by counting brackets
+  const arrayJson = extractBalancedArray(response, response.indexOf('['))
+  if (arrayJson) {
+    try {
+      return JSON.parse(arrayJson) as JsonPatchOperation[]
+    } catch {
+      // Fall through to empty array
     }
   }
 
@@ -775,6 +794,37 @@ export function applyJsonPatch(
   return result
 }
 
+/** Keys that could be used for prototype pollution attacks. */
+const UNSAFE_KEYS = new Set(['__proto__', 'constructor', 'prototype'])
+
+function isUnsafeKey(key: string): boolean {
+  return UNSAFE_KEYS.has(key)
+}
+
+/**
+ * Unescape a single JSON Pointer path segment according to RFC 6901.
+ * This ensures that checks for dangerous keys are applied to the
+ * effective property name, not the escaped form.
+ */
+function unescapeJsonPointerSegment(segment: string): string {
+  return segment.replace(/~1/g, '/').replace(/~0/g, '~')
+}
+
+/**
+ * isSafePathSegment determines whether a JSON Pointer path segment is safe to use
+ * as a property key on an object. It rejects keys that are known to enable
+ * prototype pollution or that contain characters commonly used in special
+ * property notations.
+ */
+function isSafePathSegment(segment: string): boolean {
+  // Normalize the segment as it will appear as a property key.
+  const normalized = unescapeJsonPointerSegment(String(segment))
+  if (isUnsafeKey(normalized)) return false
+  // Disallow bracket notation-style segments to avoid unexpected coercions.
+  if (normalized.includes('[') || normalized.includes(']')) return false
+  return true
+}
+
 /** getValueAtPath retrieves a value at a JSON Pointer path. */
 function getValueAtPath(
   obj: Record<string, unknown>,
@@ -782,6 +832,15 @@ function getValueAtPath(
 ): unknown {
   let current: unknown = obj
   for (const part of parts) {
+    // Block prototype-pollution: reject __proto__, constructor, prototype
+    if (
+      part === '__proto__' ||
+      part === 'constructor' ||
+      part === 'prototype'
+    ) {
+      return undefined
+    }
+    if (!isSafePathSegment(part)) return undefined
     if (current === null || current === undefined) return undefined
     if (Array.isArray(current)) {
       const idx = parseInt(part, 10)
@@ -806,25 +865,49 @@ function setValueAtPath(
   let current: unknown = obj
   for (let i = 0; i < parts.length - 1; i++) {
     const part = parts[i]!
+    // Block prototype-pollution: reject __proto__, constructor, prototype
+    if (
+      part === '__proto__' ||
+      part === 'constructor' ||
+      part === 'prototype'
+    ) {
+      return
+    }
+    if (!isSafePathSegment(part)) {
+      // Avoid writing to dangerous or malformed prototype-related properties
+      return
+    }
     if (Array.isArray(current)) {
       const idx = parseInt(part, 10)
       if (current[idx] === undefined) {
         // Create intermediate object or array
         const nextPart = parts[i + 1]!
-        current[idx] = /^\d+$/.test(nextPart) ? [] : {}
+        current[idx] = /^\d+$/.test(nextPart) ? [] : Object.create(null)
       }
       current = current[idx]
     } else if (typeof current === 'object' && current !== null) {
       const rec = current as Record<string, unknown>
       if (rec[part] === undefined) {
         const nextPart = parts[i + 1]!
-        rec[part] = /^\d+$/.test(nextPart) ? [] : {}
+        rec[part] = /^\d+$/.test(nextPart) ? [] : Object.create(null)
       }
       current = rec[part]
     }
   }
 
   const lastPart = parts[parts.length - 1]!
+  // Block prototype-pollution: reject __proto__, constructor, prototype
+  if (
+    lastPart === '__proto__' ||
+    lastPart === 'constructor' ||
+    lastPart === 'prototype'
+  ) {
+    return
+  }
+  if (!isSafePathSegment(lastPart)) {
+    // Avoid writing to dangerous or malformed prototype-related properties
+    return
+  }
   if (Array.isArray(current)) {
     const idx = parseInt(lastPart, 10)
     current[idx] = value
@@ -843,6 +926,18 @@ function removeValueAtPath(
   let current: unknown = obj
   for (let i = 0; i < parts.length - 1; i++) {
     const part = parts[i]!
+    // Block prototype-pollution: reject __proto__, constructor, prototype
+    if (
+      part === '__proto__' ||
+      part === 'constructor' ||
+      part === 'prototype'
+    ) {
+      return
+    }
+    if (!isSafePathSegment(part)) {
+      // Avoid accessing dangerous prototype-related properties
+      return
+    }
     if (Array.isArray(current)) {
       current = current[parseInt(part, 10)]
     } else if (typeof current === 'object' && current !== null) {
@@ -853,6 +948,18 @@ function removeValueAtPath(
   }
 
   const lastPart = parts[parts.length - 1]!
+  // Block prototype-pollution: reject __proto__, constructor, prototype
+  if (
+    lastPart === '__proto__' ||
+    lastPart === 'constructor' ||
+    lastPart === 'prototype'
+  ) {
+    return
+  }
+  if (!isSafePathSegment(lastPart)) {
+    // Avoid deleting dangerous or malformed properties
+    return
+  }
   if (Array.isArray(current)) {
     const idx = parseInt(lastPart, 10)
     current.splice(idx, 1)

package/src/pipeline.ts

@@ -1,5 +1,5 @@
 /**
- * DSTS SDK Pipeline orchestrator.
+ * ocpipe Pipeline orchestrator.
  *
  * Manages execution context, state, checkpointing, logging, retry logic, and sub-pipelines.
  */

package/src/predict.ts

@@ -1,5 +1,5 @@
 /**
- * DSTS SDK Predict class.
+ * ocpipe Predict class.
  *
  * Executes a signature by generating a prompt, calling OpenCode, and parsing the response.
  */
@@ -47,8 +47,13 @@ export interface PredictConfig {
   correction?: CorrectionConfig | false
 }
 
+type AnySignature = SignatureDef<
+  Record<string, FieldConfig>,
+  Record<string, FieldConfig>
+>
+
 /** Predict executes a signature by calling an LLM and parsing the response. */
-export class Predict<S extends SignatureDef<any, any>> {
+export class Predict<S extends AnySignature> {
   constructor(
     public readonly sig: S,
     public readonly config: PredictConfig = {},
@@ -239,7 +244,7 @@ export class Predict<S extends SignatureDef<any, any>> {
 
     // Input fields as JSON
     const inputsWithDescriptions: Record<string, unknown> = {}
-    for (const [name, config] of Object.entries(this.sig.inputs) as [
+    for (const [name] of Object.entries(this.sig.inputs) as [
       string,
       FieldConfig,
     ][]) {

package/src/signature.ts

@@ -1,5 +1,5 @@
 /**
- * DSTS SDK signature definition.
+ * ocpipe signature definition.
  *
  * Signatures declare input/output contracts for LLM interactions using Zod for validation.
  */

package/src/state.ts

@@ -1,5 +1,5 @@
 /**
- * DSTS SDK state management.
+ * ocpipe state management.
  *
  * Provides base state types and helpers for checkpointable workflow state.
  */

package/src/testing.ts

@@ -1,7 +1,7 @@
 /**
- * DSTS SDK testing utilities.
+ * ocpipe testing utilities.
  *
- * Provides mock backends and test helpers for unit testing DSTS components.
+ * Provides mock backends and test helpers for unit testing ocpipe components.
  */
 
 import type { RunAgentOptions, RunAgentResult, FieldConfig } from './types.js'
@@ -175,11 +175,12 @@ export function generateMockOutputs(
       case 'ZodObject':
         result[name] = {}
         break
-      case 'ZodEnum':
+      case 'ZodEnum': {
         // Get first enum value via options property
         const enumType = config.type as { options?: readonly string[] }
         result[name] = enumType.options?.[0] ?? 'unknown'
         break
+      }
       default:
         result[name] = null
     }

package/src/types.ts

@@ -1,7 +1,5 @@
 /**
- * DSTS SDK shared types.
- *
- * Core type definitions for the Declarative Self-Improving TypeScript SDK.
+ * ocpipe shared types.
  */
 
 import type { z } from 'zod/v4'
@@ -131,14 +129,24 @@ export interface SignatureDef<
 }
 
 /** Infer the input type from a signature definition. */
-export type InferInputs<S extends SignatureDef<any, any>> =
-  S extends SignatureDef<infer I, any> ?
+export type InferInputs<
+  S extends SignatureDef<
+    Record<string, FieldConfig>,
+    Record<string, FieldConfig>
+  >,
+> =
+  S extends SignatureDef<infer I, Record<string, FieldConfig>> ?
     { [K in keyof I]: z.infer<I[K]['type']> }
   : never
 
 /** Infer the output type from a signature definition. */
-export type InferOutputs<S extends SignatureDef<any, any>> =
-  S extends SignatureDef<any, infer O> ?
+export type InferOutputs<
+  S extends SignatureDef<
+    Record<string, FieldConfig>,
+    Record<string, FieldConfig>
+  >,
+> =
+  S extends SignatureDef<Record<string, FieldConfig>, infer O> ?
     { [K in keyof O]: z.infer<O[K]['type']> }
   : never