npm - opc-agent - Versions diffs - 0.9.0 → 1.1.0 - Mend

opc-agent 0.9.0 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (33) hide show

package/CHANGELOG.md +7 -0
package/README.md +145 -144
package/dist/channels/discord.d.ts +44 -0
package/dist/channels/discord.js +189 -0
package/dist/channels/feishu.d.ts +47 -0
package/dist/channels/feishu.js +221 -0
package/dist/channels/web.js +118 -39
package/dist/cli.js +109 -1
package/dist/core/errors.d.ts +68 -0
package/dist/core/errors.js +149 -0
package/dist/core/security.d.ts +48 -0
package/dist/core/security.js +146 -0
package/dist/core/watch.d.ts +73 -0
package/dist/core/watch.js +106 -0
package/dist/index.d.ts +11 -0
package/dist/index.js +32 -1
package/dist/plugins/index.d.ts +24 -3
package/dist/plugins/index.js +109 -4
package/dist/schema/oad.d.ts +54 -0
package/dist/schema/oad.js +6 -1
package/package.json +1 -1
package/src/channels/discord.ts +192 -0
package/src/channels/feishu.ts +236 -0
package/src/channels/web.ts +118 -39
package/src/cli.ts +108 -1
package/src/core/errors.ts +148 -0
package/src/core/security.ts +171 -0
package/src/core/watch.ts +178 -0
package/src/index.ts +15 -0
package/src/plugins/index.ts +128 -7
package/src/schema/oad.ts +6 -0
package/tests/errors.test.ts +83 -0
package/tests/security.test.ts +60 -0

package/src/schema/oad.ts CHANGED Viewed

@@ -48,6 +48,11 @@ export const HITLSchema = z.object({
   defaultAction: z.enum(['approve', 'deny']).default('deny'),
 });
+export const PluginRefSchema = z.object({
+  name: z.string(),
+  config: z.record(z.unknown()).optional(),
+});
 export const AuthSchema = z.object({
   enabled: z.boolean().default(false),
   apiKeys: z.array(z.string()).default([]),
@@ -131,6 +136,7 @@ export const SpecSchema = z.object({
   webhook: WebhookSchema.optional(),
   hitl: HITLSchema.optional(),
   auth: AuthSchema.optional(),
+  plugins: z.array(PluginRefSchema).optional(),
 });
 export const OADSchema = z.object({

package/tests/errors.test.ts ADDED Viewed

@@ -0,0 +1,83 @@
+import { describe, it, expect } from 'vitest';
+import { OPCError, ProviderError, ValidationError, ConfigError, ChannelError, PluginError, RateLimitError, SecurityError, TimeoutError, wrapError, formatErrorForUser } from '../src/core/errors';
+describe('Error Hierarchy', () => {
+  it('OPCError has code, hint, timestamp', () => {
+    const err = new OPCError('boom', { code: 'TEST', hint: 'try again' });
+    expect(err.message).toBe('boom');
+    expect(err.code).toBe('TEST');
+    expect(err.hint).toBe('try again');
+    expect(err.timestamp).toBeGreaterThan(0);
+    expect(err.toUserMessage()).toContain('try again');
+  });
+  it('toJSON serializes correctly', () => {
+    const err = new OPCError('test', { code: 'T1' });
+    const json = err.toJSON();
+    expect(json.name).toBe('OPCError');
+    expect(json.code).toBe('T1');
+  });
+  it('ProviderError includes provider', () => {
+    const err = new ProviderError('openai', 'API key invalid', { statusCode: 401 });
+    expect(err.provider).toBe('openai');
+    expect(err.statusCode).toBe(401);
+    expect(err.code).toBe('OPC_PROVIDER_ERROR');
+    expect(err instanceof OPCError).toBe(true);
+  });
+  it('ValidationError includes errors array', () => {
+    const err = new ValidationError('Invalid config', ['missing name', 'bad version'], 'metadata');
+    expect(err.errors).toEqual(['missing name', 'bad version']);
+    expect(err.field).toBe('metadata');
+  });
+  it('ConfigError', () => {
+    const err = new ConfigError('Missing oad.yaml');
+    expect(err.code).toBe('OPC_CONFIG_ERROR');
+  });
+  it('ChannelError', () => {
+    const err = new ChannelError('web', 'Port in use');
+    expect(err.channelType).toBe('web');
+  });
+  it('PluginError', () => {
+    const err = new PluginError('my-plugin', 'Init failed');
+    expect(err.pluginName).toBe('my-plugin');
+  });
+  it('RateLimitError', () => {
+    const err = new RateLimitError(undefined, 5000);
+    expect(err.retryAfterMs).toBe(5000);
+    expect(err.toUserMessage()).toContain('5 seconds');
+  });
+  it('SecurityError', () => {
+    const err = new SecurityError('Blocked');
+    expect(err.code).toBe('OPC_SECURITY_ERROR');
+  });
+  it('TimeoutError', () => {
+    const err = new TimeoutError('llm-call', 30000);
+    expect(err.message).toContain('30000ms');
+  });
+  it('wrapError wraps unknown errors', () => {
+    const wrapped = wrapError('string error');
+    expect(wrapped instanceof OPCError).toBe(true);
+    expect(wrapped.message).toBe('string error');
+    const native = wrapError(new Error('native'));
+    expect(native.message).toBe('native');
+    const existing = new ProviderError('x', 'y');
+    expect(wrapError(existing)).toBe(existing);
+  });
+  it('formatErrorForUser returns clean message', () => {
+    expect(formatErrorForUser(new RateLimitError())).toContain('Rate limit');
+    expect(formatErrorForUser(new Error('raw'))).toBe('raw');
+    expect(formatErrorForUser('string')).toBe('string');
+  });
+});

package/tests/security.test.ts ADDED Viewed

@@ -0,0 +1,60 @@
+import { describe, it, expect } from 'vitest';
+import { sanitizeInput, detectInjection, APIKeyManager } from '../src/core/security';
+describe('Security', () => {
+  describe('sanitizeInput', () => {
+    it('strips script tags', () => {
+      expect(sanitizeInput('<script>alert(1)</script>hello')).not.toContain('<script');
+    });
+    it('encodes HTML entities', () => {
+      const result = sanitizeInput('a < b & c > d');
+      expect(result).toContain('&lt;');
+      expect(result).toContain('&amp;');
+      expect(result).toContain('&gt;');
+    });
+  });
+  describe('detectInjection', () => {
+    it('detects XSS', () => {
+      const r = detectInjection('<script>alert(1)</script>');
+      expect(r.safe).toBe(false);
+      expect(r.threats).toContain('xss');
+    });
+    it('passes clean input', () => {
+      expect(detectInjection('Hello world')).toEqual({ safe: true, threats: [] });
+    });
+  });
+  describe('APIKeyManager', () => {
+    it('add, validate, revoke', () => {
+      const mgr = new APIKeyManager();
+      mgr.addKey('key1', { label: 'test' });
+      expect(mgr.isValid('key1')).toBe(true);
+      expect(mgr.isValid('key2')).toBe(false);
+      mgr.revokeKey('key1');
+      expect(mgr.isValid('key1')).toBe(false);
+    });
+    it('rotate key', () => {
+      const mgr = new APIKeyManager();
+      mgr.addKey('old');
+      expect(mgr.rotateKey('old', 'new')).toBe(true);
+      expect(mgr.isValid('old')).toBe(false);
+      expect(mgr.isValid('new')).toBe(true);
+    });
+    it('expires keys', () => {
+      const mgr = new APIKeyManager();
+      mgr.addKey('expired', { expiresAt: Date.now() - 1000 });
+      expect(mgr.isValid('expired')).toBe(false);
+    });
+    it('listActive filters', () => {
+      const mgr = new APIKeyManager();
+      mgr.addKey('a');
+      mgr.addKey('b');
+      mgr.revokeKey('b');
+      expect(mgr.listActive().length).toBe(1);
+    });
+  });
+});