oh-my-adhd 0.2.12 → 0.2.14

package/dist/mcp/lib/brain.js

@@ -11,6 +11,7 @@ const MANIFEST_LOCK_TTL_MS = 10000;
 const LOG_FILE = path.join(BRAIN_DIR, "logs", "brain.log");
 const VERSION_FILE = path.join(BRAIN_DIR, "VERSION");
 export const SCHEMA_VERSION = 1;
+export const UUID_RE = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i;
 async function appendLog(level, msg) {
     try {
         const entry = `${new Date().toISOString()} [${level}] ${msg}\n`;
@@ -169,7 +170,7 @@ export async function saveCapture(content, threadId) {
     const captureId = randomUUID();
     const timestamp = new Date().toISOString();
     const tid = threadId ?? captureId;
-    if (!/^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i.test(tid)) {
+    if (!UUID_RE.test(tid)) {
         throw new Error(`Invalid threadId: ${tid}`);
     }
     const threadFile = path.join(THREADS_DIR, `${tid}.md`);
@@ -287,7 +288,7 @@ export async function getThreads() {
     return sorted;
 }
 export async function getThread(threadId) {
-    if (!threadId || !/^[a-zA-Z0-9_-]+$/.test(threadId))
+    if (!threadId || !UUID_RE.test(threadId))
         return null;
     try {
         return await fs.readFile(path.join(THREADS_DIR, `${threadId}.md`), "utf-8");
@@ -351,7 +352,6 @@ export async function savePage(slug, content) {
     await fs.writeFile(tmpPage, content, "utf-8");
     await fs.rename(tmpPage, pageFile);
 }
-const UUID_RE = /^[a-zA-Z0-9_-]+$/;
 const TRASH_DIR = path.join(BRAIN_DIR, ".trash");
 export async function deleteThread(threadId) {
     if (!UUID_RE.test(threadId)) {

package/dist/mcp/mcp/tools/wiki-export.js

@@ -23,13 +23,30 @@ export function registerWikiExport(server) {
             const date = new Date().toISOString().slice(0, 10);
             const defaultPath = path.join(os.homedir(), `oh-my-adhd-export-${date}.json`);
             const resolved = outputPath ? path.resolve(outputPath) : defaultPath;
-            // Require .json extension — prevents LLM-controlled path from clobbering arbitrary config files
+            // Require .json extension — prevents LLM-controlled path from clobbering non-JSON config files
             if (!resolved.endsWith(".json")) {
                 return {
                     content: [{ type: "text", text: "오류: outputPath는 .json 확장자로 끝나야 합니다." }],
                     isError: true,
                 };
             }
+            // Block writes into known sensitive dirs — use realpath for symlink safety
+            const SENSITIVE_DIRS = [".ssh", ".aws", ".gnupg", ".kube", ".docker",
+                path.join(".config", "git"), path.join(".config", "gh")];
+            const homeDir = os.homedir();
+            let realResolved = resolved;
+            try {
+                realResolved = await fs.realpath(path.dirname(resolved));
+            }
+            catch { /* dir may not exist yet */ }
+            const realHome = await fs.realpath(homeDir).catch(() => homeDir);
+            const relDir = path.relative(realHome, realResolved).toLowerCase();
+            if (SENSITIVE_DIRS.some(d => relDir === d.toLowerCase() || relDir.startsWith(d.toLowerCase() + path.sep))) {
+                return {
+                    content: [{ type: "text", text: "오류: 보안상 해당 경로에는 내보낼 수 없습니다." }],
+                    isError: true,
+                };
+            }
             const filePath = resolved;
             const tmp = filePath + ".tmp";
             await fs.writeFile(tmp, JSON.stringify(exportData, null, 2), "utf-8");
@@ -43,7 +60,7 @@ export function registerWikiExport(server) {
                             `경로: ${filePath}`,
                             `스레드: ${threads.length}개 | 페이지: ${pages.length}개 | ${sizeKB}KB`,
                             "",
-                            "복원하려면: wiki_export 결과 JSON을 ~/.oh-my-adhd/로 수동 복사",
+                            "복원하려면: wiki_import({ inputPath: \"<이 경로>\" }) 호출",
                         ].join("\n"),
                     }],
             };

package/dist/mcp/mcp/tools/wiki-import.js

@@ -1,10 +1,10 @@
 import { z } from "zod";
-import { ensureBrainDirs, BRAIN_DIR, SCHEMA_VERSION, withBrainLock } from "../../lib/brain.js";
+import { ensureBrainDirs, BRAIN_DIR, SCHEMA_VERSION, UUID_RE, withBrainLock } from "../../lib/brain.js";
 import fs from "fs/promises";
 import path from "path";
-const UUID_RE = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i;
 const SLUG_RE = /^[a-z0-9가-힣][a-z0-9가-힣_-]{0,127}$/;
 const MAX_CONTENT_BYTES = 5 * 1024 * 1024; // 5MB per thread
+const MAX_ITEMS = 10000; // max threads or pages per import
 export function registerWikiImport(server) {
     server.tool("wiki_import", "wiki_export로 내보낸 JSON 백업 파일을 가져온다. 기존 데이터와 병합(merge)하며 중복 thread ID는 덮어쓴다.", {
         inputPath: z.string().describe("가져올 .json 파일 경로 (wiki_export로 생성된 파일)"),
@@ -18,9 +18,15 @@ export function registerWikiImport(server) {
                     isError: true,
                 };
             }
-            let raw;
+            // Check file size before reading into memory
             try {
-                raw = await fs.readFile(resolved, "utf-8");
+                const stat = await fs.stat(resolved);
+                if (stat.size > 100 * 1024 * 1024) {
+                    return {
+                        content: [{ type: "text", text: "오류: 파일이 너무 큽니다 (100MB 초과)." }],
+                        isError: true,
+                    };
+                }
             }
             catch {
                 return {
@@ -28,9 +34,13 @@ export function registerWikiImport(server) {
                     isError: true,
                 };
             }
-            if (Buffer.byteLength(raw, "utf-8") > 100 * 1024 * 1024) {
+            let raw;
+            try {
+                raw = await fs.readFile(resolved, "utf-8");
+            }
+            catch {
                 return {
-                    content: [{ type: "text", text: "오류: 파일이 너무 큽니다 (100MB 초과)." }],
+                    content: [{ type: "text", text: `오류: 파일을 읽을 수 없습니다: ${resolved}` }],
                     isError: true,
                 };
             }
@@ -50,6 +60,12 @@ export function registerWikiImport(server) {
                     isError: true,
                 };
             }
+            if (exportData.threads.length > MAX_ITEMS || (exportData.pages?.length ?? 0) > MAX_ITEMS) {
+                return {
+                    content: [{ type: "text", text: `오류: 항목이 너무 많습니다 (최대 ${MAX_ITEMS}개).` }],
+                    isError: true,
+                };
+            }
             if (exportData.schemaVersion !== undefined && exportData.schemaVersion !== SCHEMA_VERSION) {
                 return {
                     content: [{ type: "text", text: `오류: 스키마 버전 불일치 (파일: ${exportData.schemaVersion}, 현재: ${SCHEMA_VERSION})` }],
@@ -122,24 +138,24 @@ export function registerWikiImport(server) {
                 const tmp = manifestFile + ".tmp";
                 await fs.writeFile(tmp, JSON.stringify(manifest, null, 2), "utf-8");
                 await fs.rename(tmp, manifestFile);
-            });
-            // Import pages (not manifest-managed, no lock needed)
-            if (exportData.pages && Array.isArray(exportData.pages)) {
-                for (const rawPage of exportData.pages) {
-                    if (typeof rawPage !== "object" || rawPage === null)
-                        continue;
-                    const page = rawPage;
-                    const slug = typeof page.slug === "string" ? page.slug : "";
-                    const content = typeof page.content === "string" ? page.content : "";
-                    if (!SLUG_RE.test(slug) || !content)
-                        continue;
-                    const pageFile = path.join(pagesDir, `${slug}.md`);
-                    const tmp = pageFile + ".tmp";
-                    await fs.writeFile(tmp, content, "utf-8");
-                    await fs.rename(tmp, pageFile);
-                    importedPages++;
+                // Import pages inside lock for consistency with concurrent dump+import
+                if (exportData.pages && Array.isArray(exportData.pages)) {
+                    for (const rawPage of exportData.pages) {
+                        if (typeof rawPage !== "object" || rawPage === null)
+                            continue;
+                        const page = rawPage;
+                        const slug = typeof page.slug === "string" ? page.slug : "";
+                        const content = typeof page.content === "string" ? page.content : "";
+                        if (!SLUG_RE.test(slug) || !content)
+                            continue;
+                        const pageFile = path.join(pagesDir, `${slug}.md`);
+                        const pageTmp = pageFile + ".tmp";
+                        await fs.writeFile(pageTmp, content, "utf-8");
+                        await fs.rename(pageTmp, pageFile);
+                        importedPages++;
+                    }
                 }
-            }
+            });
             return {
                 content: [{
                         type: "text",

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "oh-my-adhd",
-  "version": "0.2.12",
+  "version": "0.2.14",
   "description": "ADHD second brain — zero-friction capture, auto context restore, unstick. MCP-native Claude Code plugin.",
   "author": "Yeachan Heo",
   "repository": {

package/scripts/session-recall.mjs

@@ -8,13 +8,15 @@ const BRAIN_DIR = process.env.OH_MY_ADHD_DIR ?? join(homedir(), ".oh-my-adhd");
 const MANIFEST = join(BRAIN_DIR, "threads", ".manifest.json");
 
 // Use parent PID (= Claude Code instance) as session discriminator — no singleton file needed
-const ppid = process.ppid ?? 0;
+const ppid = process.ppid;
 
-// Write per-session start marker
-try {
-  mkdirSync(BRAIN_DIR, { recursive: true });
-  writeFileSync(join(BRAIN_DIR, `.session-start-${ppid}`), String(Date.now()));
-} catch { /* non-fatal */ }
+// Write per-session start marker (skip if ppid is unavailable — avoids shared .session-start-0)
+if (ppid) {
+  try {
+    mkdirSync(BRAIN_DIR, { recursive: true });
+    writeFileSync(join(BRAIN_DIR, `.session-start-${ppid}`), String(Date.now()));
+  } catch { /* non-fatal */ }
+}
 
 // GC stale session files older than 24h (runs on every new session)
 try {
@@ -46,10 +48,12 @@ try {
   const openThreads = manifest.filter(t => t.is_open).slice(0, 4);
   if (openThreads.length === 0) process.exit(0);
 
+  // Strip control chars only — preserves emoji, Korean, CJK, etc.
   const sanitize = (s, max) => String(s ?? "")
-    .replace(/[^ -~가-힣㄰-㆏ᄀ-ᇿ]/g, " ")
+    .replace(/[\x00-\x1F\x7F]/g, " ")
     .replace(/[`$<>]/g, "")
-    .replace(/\bignore (all|previous)\b/gi, "[redacted]")
+    .replace(/\b(ignore|disregard)\s+(all|previous|prior)\b/gi, "[redacted]")
+    .replace(/(이전|앞의|위의|모든)\s*(지시|명령|규칙)\s*(무시|잊어|버려)/g, "[redacted]")
     .slice(0, max);
 
   const lines = [

package/scripts/stop-hook.mjs

@@ -11,7 +11,9 @@ const BRAIN_DIR = process.env.OH_MY_ADHD_DIR ?? join(homedir(), ".oh-my-adhd");
 const MANIFEST = join(BRAIN_DIR, "threads", ".manifest.json");
 
 // Use parent PID (= Claude Code instance) as session discriminator
-const ppid = process.ppid ?? 0;
+const ppid = process.ppid;
+// If ppid is unavailable, skip protection rather than risk a shared-file collision
+if (!ppid) process.exit(0);
 const SESSION_START_FILE = join(BRAIN_DIR, `.session-start-${ppid}`);
 const LAST_DUMP_FILE = join(BRAIN_DIR, `.last-dump-${ppid}`);
 
@@ -36,10 +38,12 @@ try {
   const openThreads = manifest.filter(t => t.is_open);
   if (openThreads.length > 0) {
     const top = openThreads[0];
+    // Strip control chars only — preserves emoji, Korean, CJK, etc.
     const sanitize = (s, max) => String(s ?? "")
-      .replace(/[^ -~가-힣㄰-㆏ᄀ-ᇿ]/g, " ")
+      .replace(/[\x00-\x1F\x7F]/g, " ")
       .replace(/[`$<>]/g, "")
-      .replace(/\bignore (all|previous)\b/gi, "[redacted]")
+      .replace(/\b(ignore|disregard)\s+(all|previous|prior)\b/gi, "[redacted]")
+      .replace(/(이전|앞의|위의|모든)\s*(지시|명령|규칙)\s*(무시|잊어|버려)/g, "[redacted]")
       .slice(0, max);
     const title = sanitize(top.title ?? "진행중인 작업", 40);
     const nextHint = top.next_action ? `\n→ 다음할것: ${sanitize(top.next_action, 60)}` : "";