omniwire 3.1.3 → 3.1.5

package/.omniwire-state/update-state.json

@@ -1,7 +1,7 @@
 {
-  "lastCheck": 1774750607929,
+  "lastCheck": 1774756238937,
   "lastVersion": "3.0.1",
-  "autoUpdateEnabled": false,
+  "autoUpdateEnabled": true,
   "source": "auto",
   "checkIntervalMs": 3600000
 }

package/README.md

@@ -683,6 +683,24 @@ omniwire/
 
 ---
 
+## Changelog
+
+| Version | Date | Changes |
+|---------|------|---------|
+| **v3.1.5** | 2026-03-29 | Fix: skip auto-audit batch entries from Obsidian vault + Canvas sync to prevent junk files |
+| **v3.1.4** | 2026-03-29 | Auto-sync CyberBase writes to Obsidian vault + Canvas mindmap, collision-avoidance grid placement, `sync-obsidian` / `sync-canvas` actions in knowledge tool |
+| **v3.1.3** | 2026-03-29 | OmniMesh WireGuard mesh manager, event bus (Webhook/WS/SSE), knowledge tool (12 actions), auto-update system, CDP rewrite (persistent Docker container, 18 actions), mesh expose/gateway, CyberBase circuit breaker + SQL hardening |
+| **v3.1.2** | 2026-03-28 | Collapsible tool sections in README, npm README sync |
+| **v3.1.1** | 2026-03-28 | Bug fixes, improved error handling in CDP tool |
+| **v3.1.0** | 2026-03-27 | OmniMesh VPN, 81 MCP tools, A2A protocol, event system, background dispatch |
+| **v3.0.0** | 2026-03-25 | Major rewrite: CyberSync, pipeline DAGs, blackboard, task queues, LZ4 transfers, AES-128-GCM encryption |
+| **v2.6.1** | 2026-03-20 | VPN routing (Mullvad/OpenVPN/WG/Tailscale), multi-hop, DAITA, quantum tunnels |
+| **v2.5.0** | 2026-03-15 | Firewall management (nftables), cert management, deploy tool |
+| **v2.0.0** | 2026-03-10 | CDP browser automation, cookie sync, 1Password integration |
+| **v1.0.0** | 2026-03-01 | Initial release — SSH exec, file transfer, node management |
+
+---
+
 <br/>
 
 <p align="center">

package/dist/mcp/server.js

@@ -6,6 +6,8 @@
 // authenticated, encrypted SSH channels. The "exec" references below are SSH2 methods.
 import { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
 import { z } from 'zod';
+import { readFileSync, writeFileSync, mkdirSync, existsSync } from 'node:fs';
+import { join } from 'node:path';
 import { ShellManager, kernelExec } from '../nodes/shell.js';
 import { RealtimeChannel } from '../nodes/realtime.js';
 import { TunnelManager } from '../nodes/tunnel.js';
@@ -199,8 +201,13 @@ function cbRecordFail(err) { cbFailCount++; cbLastError = err; }
 function sqlEscape(val) {
     return val.replace(/'/g, "''").replace(/\\/g, '\\\\').replace(/\0/g, '');
 }
-/** Fire-and-forget write to CyberBase. Never blocks, never throws. */
+/** Fire-and-forget write to CyberBase + Obsidian vault + Canvas. Never blocks, never throws. */
 function cb(category, key, value) {
+    // Sync to Obsidian vault + Canvas mindmap (local, synchronous, best-effort)
+    // Skip auto-audit batch entries — they pollute vault/canvas with junk
+    if (!key.startsWith('batch-'))
+        syncVault(category, key, value);
+    // Sync to CyberBase PostgreSQL (remote, async, queued)
     if (!cbManager || cbCircuitOpen())
         return;
     const valEsc = sqlEscape(value).slice(0, 50000);
@@ -239,6 +246,199 @@ async function drainCb() {
     else
         cbDraining = false;
 }
+// -- Obsidian + Canvas auto-sync ------------------------------------------------
+// Mirrors CyberBase writes to local Obsidian vault + Canvas mindmap.
+// Vault path is resolved at startup; if it doesn't exist, sync is silently skipped.
+const VAULT_ROOT = join(process.env.USERPROFILE ?? process.env.HOME ?? '', 'Documents', 'BuisnessProjects', 'CyberBase');
+const CANVAS_PATH = join(VAULT_ROOT, 'CyberBase MindMap.canvas');
+const vaultExists = existsSync(VAULT_ROOT);
+/** Map CyberBase category → Obsidian vault subfolder */
+function vaultFolder(category) {
+    const cat = category.toLowerCase();
+    if (cat.startsWith('project'))
+        return 'projects';
+    if (cat.startsWith('infra') || cat.startsWith('tool') || cat.startsWith('mesh'))
+        return 'infrastructure';
+    if (cat.startsWith('vuln') || cat.startsWith('security') || cat.startsWith('cve'))
+        return 'knowledge/security-kb';
+    if (cat.startsWith('cred'))
+        return 'credentials';
+    if (cat.startsWith('system') || cat.startsWith('rule'))
+        return 'system';
+    if (cat.startsWith('log'))
+        return 'logs';
+    if (cat.startsWith('sync'))
+        return 'sync';
+    if (cat.startsWith('note') || cat.startsWith('memo'))
+        return 'memory';
+    return 'knowledge';
+}
+/** Sanitize a key into a valid filename */
+function sanitizeFilename(key) {
+    return key.replace(/[<>:"/\\|?*]/g, '-').replace(/^\.+/, '').slice(0, 120);
+}
+/** Auto-sync a knowledge entry to Obsidian vault as a .md file */
+function syncObsidian(category, key, value) {
+    if (!vaultExists)
+        return;
+    try {
+        const folder = join(VAULT_ROOT, vaultFolder(category));
+        if (!existsSync(folder))
+            mkdirSync(folder, { recursive: true });
+        const filename = sanitizeFilename(key) + '.md';
+        const filepath = join(folder, filename);
+        const frontmatter = `---\nsource: omniwire\ncategory: ${category}\nkey: ${key}\nupdated: ${new Date().toISOString()}\n---\n\n`;
+        // If value looks like markdown, write as-is; otherwise wrap in code block
+        const body = value.includes('\n') && (value.includes('#') || value.includes('|') || value.includes('- '))
+            ? value
+            : `\`\`\`\n${value}\n\`\`\``;
+        writeFileSync(filepath, frontmatter + body, 'utf-8');
+    }
+    catch { /* vault sync is best-effort */ }
+}
+/** Find a non-overlapping position for a new canvas node using grid placement */
+function findFreeCanvasPosition(existingNodes, width, height) {
+    const GRID_X = 500; // horizontal spacing
+    const GRID_Y = 400; // vertical spacing
+    const PADDING = 80; // minimum gap between nodes
+    const MAX_COLS = 6;
+    // Check if a position collides with any existing node
+    const collides = (x, y) => {
+        for (const n of existingNodes) {
+            const overlap = x < n.x + n.w + PADDING &&
+                x + width + PADDING > n.x &&
+                y < n.y + n.h + PADDING &&
+                y + height + PADDING > n.y;
+            if (overlap)
+                return true;
+        }
+        return false;
+    };
+    // Find center of existing nodes to place new ones nearby
+    let cx = 0;
+    let cy = 0;
+    if (existingNodes.length > 0) {
+        for (const n of existingNodes) {
+            cx += n.x;
+            cy += n.y;
+        }
+        cx = Math.round(cx / existingNodes.length);
+        cy = Math.round(cy / existingNodes.length);
+    }
+    // Spiral outward from center to find free spot
+    for (let ring = 0; ring < 20; ring++) {
+        for (let col = -ring; col <= ring; col++) {
+            for (let row = -ring; row <= ring; row++) {
+                if (Math.abs(col) !== ring && Math.abs(row) !== ring)
+                    continue; // only edges of ring
+                const x = cx + col * GRID_X;
+                const y = cy + row * GRID_Y;
+                if (!collides(x, y))
+                    return { x, y };
+            }
+        }
+    }
+    // Fallback: far right of canvas
+    const maxX = existingNodes.reduce((m, n) => Math.max(m, n.x + n.w), 0);
+    return { x: maxX + GRID_X, y: 0 };
+}
+/** Map a CyberBase category to a canvas node color (Obsidian canvas colors 1-6) */
+function canvasColor(category) {
+    const cat = category.toLowerCase();
+    if (cat.startsWith('project'))
+        return '2'; // green
+    if (cat.startsWith('infra') || cat.startsWith('tool') || cat.startsWith('mesh'))
+        return '4'; // purple
+    if (cat.startsWith('vuln') || cat.startsWith('security'))
+        return '5'; // cyan
+    if (cat.startsWith('rule') || cat.startsWith('system'))
+        return '1'; // red
+    if (cat.startsWith('cred'))
+        return '3'; // yellow
+    return '6'; // default
+}
+/** Auto-sync a knowledge entry to the Canvas mindmap — adds or updates a node */
+function syncCanvas(category, key, value) {
+    if (!vaultExists || !existsSync(CANVAS_PATH))
+        return;
+    try {
+        const raw = readFileSync(CANVAS_PATH, 'utf-8');
+        const canvas = JSON.parse(raw);
+        const nodeId = `auto_${sanitizeFilename(category)}_${sanitizeFilename(key)}`.slice(0, 60);
+        const title = `## ${category}: ${key}`;
+        const textContent = `${title}\n${value.slice(0, 500)}`;
+        const nodeWidth = 280;
+        const nodeHeight = Math.min(180, 80 + Math.ceil(value.length / 50) * 18);
+        const color = canvasColor(category);
+        // Find existing node by id
+        const existingIdx = canvas.nodes.findIndex(n => n.id === nodeId);
+        if (existingIdx >= 0) {
+            // Update in place — keep position
+            canvas.nodes[existingIdx] = {
+                ...canvas.nodes[existingIdx],
+                text: textContent,
+                height: nodeHeight,
+                color,
+            };
+        }
+        else {
+            // Find free position
+            const boxes = canvas.nodes.map(n => ({
+                x: n.x, y: n.y, w: n.width, h: n.height,
+            }));
+            const pos = findFreeCanvasPosition(boxes, nodeWidth, nodeHeight);
+            canvas.nodes.push({
+                id: nodeId,
+                type: 'text',
+                text: textContent,
+                x: pos.x,
+                y: pos.y,
+                width: nodeWidth,
+                height: nodeHeight,
+                color,
+            });
+            // Auto-connect to relevant parent node
+            const parentId = findCanvasParent(category, canvas.nodes);
+            if (parentId) {
+                canvas.edges.push({
+                    id: `e_auto_${nodeId}`,
+                    fromNode: parentId,
+                    fromSide: 'bottom',
+                    toNode: nodeId,
+                    toSide: 'top',
+                    label: category,
+                });
+            }
+        }
+        writeFileSync(CANVAS_PATH, JSON.stringify(canvas, null, '\t'), 'utf-8');
+    }
+    catch { /* canvas sync is best-effort */ }
+}
+/** Find the best parent node in the canvas to connect a new entry to */
+function findCanvasParent(category, nodes) {
+    const cat = category.toLowerCase();
+    // Map categories to known canvas node IDs
+    if (cat.startsWith('project'))
+        return nodes.find(n => n.id === 'core')?.id ?? null;
+    if (cat.startsWith('infra') || cat.startsWith('mesh') || cat.startsWith('tool'))
+        return nodes.find(n => n.id === 'omniwire' || n.id === 'infra')?.id ?? null;
+    if (cat.startsWith('vuln') || cat.startsWith('security') || cat.startsWith('cve'))
+        return nodes.find(n => n.id === 'securitykb')?.id ?? null;
+    if (cat.startsWith('cred'))
+        return nodes.find(n => n.id === '1password' || n.id === 'db')?.id ?? null;
+    if (cat.startsWith('rule') || cat.startsWith('system'))
+        return nodes.find(n => n.id === 'rules')?.id ?? null;
+    if (cat.startsWith('note') || cat.startsWith('memo'))
+        return nodes.find(n => n.id === 'vault')?.id ?? null;
+    return nodes.find(n => n.id === 'core')?.id ?? null;
+}
+/** Sync entry to both Obsidian + Canvas (fire-and-forget, called from cb()) */
+function syncVault(category, key, value) {
+    syncObsidian(category, key, value);
+    // Only add significant entries to canvas (skip tiny store values)
+    if (value.length > 50)
+        syncCanvas(category, key, value);
+}
 /** Get CyberBase health status */
 function getCbHealth() {
     return { healthy: cbHealthy, failCount: cbFailCount, lastError: cbLastError, queueSize: CB_QUEUE.length };
@@ -3461,8 +3661,8 @@ echo "port-knock configured: ${ports.join(' -> ')} -> port ${target}"`;
         return fail('invalid action');
     });
     // --- Tool 53: omniwire_knowledge ---
-    server.tool('omniwire_knowledge', 'CyberBase knowledge base — CRUD, search, and health management for the unified PostgreSQL knowledge store. Supports text search, semantic/vector search, categories, and bulk operations.', {
-        action: z.enum(['get', 'set', 'delete', 'search', 'semantic-search', 'list', 'stats', 'health', 'categories', 'bulk-set', 'export', 'vacuum']).describe('Action'),
+    server.tool('omniwire_knowledge', 'CyberBase knowledge base — CRUD, search, and health management for the unified PostgreSQL knowledge store. Auto-syncs all writes to Obsidian vault + Canvas mindmap. Supports text search, semantic/vector search, categories, bulk operations, and explicit sync-obsidian/sync-canvas actions.', {
+        action: z.enum(['get', 'set', 'delete', 'search', 'semantic-search', 'list', 'stats', 'health', 'categories', 'bulk-set', 'export', 'vacuum', 'sync-obsidian', 'sync-canvas']).describe('Action'),
         category: z.string().optional().describe('Knowledge category (e.g., tools, vulns, infra, notes)'),
         key: z.string().optional().describe('Knowledge key (for get/set/delete)'),
         value: z.string().optional().describe('Value to store (for set)'),
@@ -3560,6 +3760,25 @@ echo "port-knock configured: ${ports.join(' -> ')} -> port ${target}"`;
             const r = await cbManager.exec('contabo', pgExec("DELETE FROM knowledge WHERE value IS NULL OR value::text = 'null' OR key = ''; VACUUM ANALYZE knowledge;"));
             return okBrief(`vacuum complete:\n${r.stdout.trim()}`);
         }
+        if (action === 'sync-obsidian') {
+            if (!key || !value)
+                return fail('key and value required');
+            if (!vaultExists)
+                return fail(`Obsidian vault not found at ${VAULT_ROOT}`);
+            const cat = category ?? 'general';
+            syncObsidian(cat, key, value);
+            const folder = vaultFolder(cat);
+            return okBrief(`synced to Obsidian: ${folder}/${sanitizeFilename(key)}.md (${value.length} chars)`);
+        }
+        if (action === 'sync-canvas') {
+            if (!key || !value)
+                return fail('key and value required');
+            if (!vaultExists || !existsSync(CANVAS_PATH))
+                return fail(`Canvas not found at ${CANVAS_PATH}`);
+            const cat = category ?? 'general';
+            syncCanvas(cat, key, value);
+            return okBrief(`synced to Canvas: node auto_${sanitizeFilename(cat)}_${sanitizeFilename(key)} added/updated`);
+        }
         return fail('invalid action');
     });
     // --- Tool 54: omniwire_omnimesh ---