paper-search-cli 0.1.0

package/dist/utils/SecurityUtils.d.ts

@@ -0,0 +1,80 @@
+/**
+ * Security utilities for sanitizing and validating data
+ * Provides comprehensive protection against security vulnerabilities
+ */
+/**
+ * Comprehensive request sanitization to remove sensitive data
+ * @param config - Axios request configuration
+ * @returns Sanitized configuration copy
+ */
+export declare function sanitizeRequest(config: any): any;
+/**
+ * Sanitize headers to remove sensitive information
+ */
+export declare function sanitizeHeaders(headers: Record<string, any>): Record<string, any>;
+/**
+ * Sanitize URL parameters
+ */
+export declare function sanitizeParams(params: Record<string, any>): Record<string, any>;
+/**
+ * Sanitize request body
+ */
+export declare function sanitizeBody(body: any): any;
+/**
+ * Sanitize URL to remove sensitive query parameters
+ */
+export declare function sanitizeUrl(url: string): string;
+/**
+ * Validate and sanitize a DOI string
+ */
+export declare function sanitizeDoi(doi: string): {
+    valid: boolean;
+    sanitized: string;
+    error?: string;
+};
+/**
+ * Escape query value for different contexts
+ */
+export declare function escapeQueryValue(value: string, context?: 'springer' | 'wos' | 'general'): string;
+/**
+ * Validate query complexity to prevent DoS
+ */
+export declare function validateQueryComplexity(query: string, options?: {
+    maxLength?: number;
+    maxBooleanOperators?: number;
+}): {
+    valid: boolean;
+    error?: string;
+};
+/**
+ * Create a timeout wrapper for promises
+ */
+export declare function withTimeout<T>(promise: Promise<T>, ms: number, message?: string): Promise<T>;
+/**
+ * Generate a correlation ID for request tracking
+ */
+export declare function generateCorrelationId(): string;
+/**
+ * Mask sensitive data in strings
+ */
+export declare function maskSensitiveData(str: string): string;
+/**
+ * Check if a string looks like an API key or token
+ */
+export declare function looksLikeToken(str: string): boolean;
+declare const _default: {
+    sanitizeRequest: typeof sanitizeRequest;
+    sanitizeHeaders: typeof sanitizeHeaders;
+    sanitizeParams: typeof sanitizeParams;
+    sanitizeBody: typeof sanitizeBody;
+    sanitizeUrl: typeof sanitizeUrl;
+    sanitizeDoi: typeof sanitizeDoi;
+    escapeQueryValue: typeof escapeQueryValue;
+    validateQueryComplexity: typeof validateQueryComplexity;
+    withTimeout: typeof withTimeout;
+    generateCorrelationId: typeof generateCorrelationId;
+    maskSensitiveData: typeof maskSensitiveData;
+    looksLikeToken: typeof looksLikeToken;
+};
+export default _default;
+//# sourceMappingURL=SecurityUtils.d.ts.map

package/dist/utils/SecurityUtils.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"SecurityUtils.d.ts","sourceRoot":"","sources":["../../src/utils/SecurityUtils.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH;;;;GAIG;AACH,wBAAgB,eAAe,CAAC,MAAM,EAAE,GAAG,GAAG,GAAG,CAiChD;AAED;;GAEG;AACH,wBAAgB,eAAe,CAAC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CA0CjF;AAED;;GAEG;AACH,wBAAgB,cAAc,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CA2B/E;AAED;;GAEG;AACH,wBAAgB,YAAY,CAAC,IAAI,EAAE,GAAG,GAAG,GAAG,CAwC3C;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CA2B/C;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,GAAG,EAAE,MAAM,GAAG;IAAE,KAAK,EAAE,OAAO,CAAC;IAAC,SAAS,EAAE,MAAM,CAAC;IAAC,KAAK,CAAC,EAAE,MAAM,CAAA;CAAE,CA6C9F;AAED;;GAEG;AACH,wBAAgB,gBAAgB,CAC9B,KAAK,EAAE,MAAM,EACb,OAAO,GAAE,UAAU,GAAG,KAAK,GAAG,SAAqB,GAClD,MAAM,CAsCR;AAED;;GAEG;AACH,wBAAgB,uBAAuB,CACrC,KAAK,EAAE,MAAM,EACb,OAAO,GAAE;IAAE,SAAS,CAAC,EAAE,MAAM,CAAC;IAAC,mBAAmB,CAAC,EAAE,MAAM,CAAA;CAAO,GACjE;IAAE,KAAK,EAAE,OAAO,CAAC;IAAC,KAAK,CAAC,EAAE,MAAM,CAAA;CAAE,CA0CpC;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,CAAC,EAC3B,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC,EACnB,EAAE,EAAE,MAAM,EACV,OAAO,CAAC,EAAE,MAAM,GACf,OAAO,CAAC,CAAC,CAAC,CASZ;AAED;;GAEG;AACH,wBAAgB,qBAAqB,IAAI,MAAM,CAE9C;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAOrD;AAED;;GAEG;AACH,wBAAgB,cAAc,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAanD;;;;;;;;;;;;;;;AAED,wBAaE"}

package/dist/utils/SecurityUtils.js

@@ -0,0 +1,357 @@
+/**
+ * Security utilities for sanitizing and validating data
+ * Provides comprehensive protection against security vulnerabilities
+ */
+/**
+ * Comprehensive request sanitization to remove sensitive data
+ * @param config - Axios request configuration
+ * @returns Sanitized configuration copy
+ */
+export function sanitizeRequest(config) {
+    if (!config)
+        return config;
+    // Deep clone to avoid mutating original
+    let sanitized;
+    try {
+        sanitized = JSON.parse(JSON.stringify(config));
+    }
+    catch {
+        // If JSON serialization fails, return redacted version
+        return { __redacted: 'Failed to sanitize - potentially circular reference' };
+    }
+    // Sanitize headers
+    if (sanitized.headers) {
+        sanitized.headers = sanitizeHeaders(sanitized.headers);
+    }
+    // Sanitize URL parameters
+    if (sanitized.params) {
+        sanitized.params = sanitizeParams(sanitized.params);
+    }
+    // Sanitize request body
+    if (sanitized.data) {
+        sanitized.data = sanitizeBody(sanitized.data);
+    }
+    // Sanitize URL
+    if (sanitized.url) {
+        sanitized.url = sanitizeUrl(sanitized.url);
+    }
+    return sanitized;
+}
+/**
+ * Sanitize headers to remove sensitive information
+ */
+export function sanitizeHeaders(headers) {
+    if (!headers)
+        return headers;
+    const sanitized = { ...headers };
+    // Patterns for sensitive headers (case-insensitive)
+    const sensitivePatterns = [
+        /^api[-_]?key$/i,
+        /^x[-_]api[-_]key$/i,
+        /^authorization$/i,
+        /^x[-_]apikey$/i,
+        /^access[-_]token$/i,
+        /^bearer$/i,
+        /^x[-_]auth[-_]token$/i,
+        /^cookie$/i,
+        /^set[-_]cookie$/i,
+        /^x[-_]csrf[-_]token$/i,
+        /^x[-_]forwarded[-_]for$/i, // May contain IP
+        /^referer$/i, // May contain sensitive URLs
+        /^user[-_]agent$/i // May contain system info
+    ];
+    Object.keys(sanitized).forEach(key => {
+        const lowerKey = key.toLowerCase();
+        // Check against patterns
+        if (sensitivePatterns.some(pattern => pattern.test(key))) {
+            sanitized[key] = '***REDACTED***';
+        }
+        // Also check values that might contain tokens
+        if (typeof sanitized[key] === 'string') {
+            if (sanitized[key].match(/^(Bearer|Basic)\s+/i) ||
+                sanitized[key].match(/^[a-zA-Z0-9_-]{20,}$/) || // Likely token
+                sanitized[key].includes('session=') ||
+                sanitized[key].includes('token=')) {
+                sanitized[key] = '***REDACTED***';
+            }
+        }
+    });
+    return sanitized;
+}
+/**
+ * Sanitize URL parameters
+ */
+export function sanitizeParams(params) {
+    if (!params)
+        return params;
+    const sanitized = { ...params };
+    Object.keys(sanitized).forEach(key => {
+        const lowerKey = key.toLowerCase();
+        // Check for common sensitive parameter names
+        if (lowerKey.includes('api_key') ||
+            lowerKey.includes('apikey') ||
+            lowerKey.includes('token') ||
+            lowerKey.includes('secret') ||
+            lowerKey.includes('password') ||
+            lowerKey.includes('private') ||
+            lowerKey.includes('auth')) {
+            sanitized[key] = '***REDACTED***';
+        }
+        // Mask values that look like tokens
+        if (typeof sanitized[key] === 'string' &&
+            sanitized[key].match(/^[a-zA-Z0-9_-]{16,}$/)) {
+            sanitized[key] = sanitized[key].substring(0, 4) + '***';
+        }
+    });
+    return sanitized;
+}
+/**
+ * Sanitize request body
+ */
+export function sanitizeBody(body) {
+    if (!body)
+        return body;
+    // For objects, recursively sanitize
+    if (typeof body === 'object' && body !== null) {
+        // Handle arrays
+        if (Array.isArray(body)) {
+            return body.map(item => sanitizeBody(item));
+        }
+        // Handle objects
+        const sanitized = {};
+        for (const [key, value] of Object.entries(body)) {
+            const lowerKey = key.toLowerCase();
+            // Check for sensitive keys
+            if (lowerKey.includes('password') ||
+                lowerKey.includes('secret') ||
+                lowerKey.includes('token') ||
+                lowerKey.includes('api_key') ||
+                lowerKey.includes('private')) {
+                sanitized[key] = '***REDACTED***';
+            }
+            else {
+                sanitized[key] = sanitizeBody(value);
+            }
+        }
+        return sanitized;
+    }
+    // For strings, check if it looks like a token
+    if (typeof body === 'string') {
+        if (body.match(/^(Bearer|Basic)\s+/i)) {
+            return body.replace(/\s+\S+/, ' ***REDACTED***');
+        }
+        if (body.match(/^[a-zA-Z0-9_-]{32,}$/)) {
+            return body.substring(0, 8) + '***';
+        }
+    }
+    return body;
+}
+/**
+ * Sanitize URL to remove sensitive query parameters
+ */
+export function sanitizeUrl(url) {
+    if (!url)
+        return url;
+    try {
+        const urlObj = new URL(url);
+        // Remove sensitive query parameters
+        const sensitiveParams = ['api_key', 'apikey', 'token', 'secret', 'auth'];
+        let hasSensitiveParams = false;
+        sensitiveParams.forEach(param => {
+            if (urlObj.searchParams.has(param)) {
+                urlObj.searchParams.set(param, '***REDACTED***');
+                hasSensitiveParams = true;
+            }
+        });
+        // If we modified parameters, add indicator
+        if (hasSensitiveParams) {
+            return urlObj.toString() + '#sanitized';
+        }
+        return url;
+    }
+    catch {
+        // If URL parsing fails, mask the entire URL
+        return '***REDACTED_URL***';
+    }
+}
+/**
+ * Validate and sanitize a DOI string
+ */
+export function sanitizeDoi(doi) {
+    if (!doi || typeof doi !== 'string') {
+        return { valid: false, sanitized: '', error: 'DOI must be a non-empty string' };
+    }
+    // Remove whitespace and common prefixes
+    let sanitized = doi.trim();
+    // Remove common DOI URL prefixes
+    const prefixes = [
+        'https://doi.org/',
+        'http://doi.org/',
+        'https://dx.doi.org/',
+        'http://dx.doi.org/',
+        'doi:',
+        'DOI:'
+    ];
+    for (const prefix of prefixes) {
+        if (sanitized.toLowerCase().startsWith(prefix.toLowerCase())) {
+            sanitized = sanitized.substring(prefix.length);
+            break;
+        }
+    }
+    // Basic DOI format validation
+    // DOI should start with "10." followed by digits and then any characters
+    const doiPattern = /^10\.\d{4,}(\.\d+)*\/\S+$/;
+    if (!doiPattern.test(sanitized)) {
+        return { valid: false, sanitized: '', error: 'Invalid DOI format' };
+    }
+    // Additional safety checks
+    if (sanitized.length > 256) {
+        return { valid: false, sanitized: '', error: 'DOI too long (max 256 characters)' };
+    }
+    // Check for suspicious patterns
+    if (sanitized.includes('<') || sanitized.includes('>') ||
+        sanitized.includes('"') || sanitized.includes("'")) {
+        return { valid: false, sanitized: '', error: 'DOI contains invalid characters' };
+    }
+    return { valid: true, sanitized: sanitized };
+}
+/**
+ * Escape query value for different contexts
+ */
+export function escapeQueryValue(value, context = 'general') {
+    if (!value)
+        return '';
+    // Remove null bytes and control characters
+    let escaped = value.replace(/[\x00-\x1F\x7F]/g, '');
+    switch (context) {
+        case 'springer':
+            escaped = escaped
+                .replace(/"/g, '\\"') // Escape quotes
+                .replace(/[()]/g, '') // Remove parentheses
+                .replace(/;/g, '') // Remove semicolons
+                .replace(/\/\*/g, '') // Remove SQL comment start
+                .replace(/\*\//g, ''); // Remove SQL comment end
+            break;
+        case 'wos':
+            // For WoS, only remove quotes and parentheses if not user-provided field query
+            if (!escaped.includes('TS=') && !escaped.includes('TI=') &&
+                !escaped.includes('AU=') && !escaped.includes('SO=')) {
+                escaped = escaped
+                    .replace(/"/g, '') // Remove quotes
+                    .replace(/[()]/g, '') // Remove parentheses
+                    .trim();
+            }
+            break;
+        default:
+            escaped = escaped
+                .replace(/["<>]/g, '') // Remove quotes and angle brackets
+                .replace(/\/\/+/g, '') // Remove multiple slashes
+                .trim();
+    }
+    // Length limit to prevent DoS
+    if (escaped.length > 200) {
+        escaped = escaped.substring(0, 200);
+    }
+    return escaped.trim();
+}
+/**
+ * Validate query complexity to prevent DoS
+ */
+export function validateQueryComplexity(query, options = {}) {
+    const maxLength = options.maxLength || 1000;
+    const maxBooleanOperators = options.maxBooleanOperators || 10;
+    if (!query)
+        return { valid: true };
+    // Check length
+    if (query.length > maxLength) {
+        return {
+            valid: false,
+            error: `Query too long (max ${maxLength} characters)`
+        };
+    }
+    // Count boolean operators
+    const booleanOperators = query.match(/\b(AND|OR|NOT)\b/gi) || [];
+    if (booleanOperators.length > maxBooleanOperators) {
+        return {
+            valid: false,
+            error: `Query too complex (max ${maxBooleanOperators} boolean operators)`
+        };
+    }
+    // Check for potential injection patterns
+    const injectionPatterns = [
+        /;\s*(drop|delete|update|insert|exec|union)/i,
+        /\/\*.*\*\//s, // SQL comments
+        /\/\/.*/, // Line comments
+        /\b(select|insert|update|delete|drop|create|alter|exec|execute|union)\b.*\b(from|where|and|or)\b/i,
+        /[\x00-\x08\x0B\x0C\x0E-\x1F\x7F]/ // Control characters
+    ];
+    for (const pattern of injectionPatterns) {
+        if (pattern.test(query)) {
+            return {
+                valid: false,
+                error: 'Query contains potentially dangerous patterns'
+            };
+        }
+    }
+    return { valid: true };
+}
+/**
+ * Create a timeout wrapper for promises
+ */
+export function withTimeout(promise, ms, message) {
+    let timer;
+    const timeout = new Promise((_, reject) => {
+        timer = setTimeout(() => {
+            reject(new Error(message || `Operation timed out after ${ms}ms`));
+        }, ms);
+    });
+    return Promise.race([promise, timeout]).finally(() => clearTimeout(timer));
+}
+/**
+ * Generate a correlation ID for request tracking
+ */
+export function generateCorrelationId() {
+    return `${Date.now()}-${Math.random().toString(36).substring(2, 15)}`;
+}
+/**
+ * Mask sensitive data in strings
+ */
+export function maskSensitiveData(str) {
+    if (!str || str.length < 8)
+        return '***';
+    const visibleChars = Math.min(4, Math.floor(str.length / 4));
+    return str.substring(0, visibleChars) +
+        '*'.repeat(str.length - visibleChars * 2) +
+        str.substring(str.length - visibleChars);
+}
+/**
+ * Check if a string looks like an API key or token
+ */
+export function looksLikeToken(str) {
+    if (!str || typeof str !== 'string')
+        return false;
+    // Common token patterns
+    const tokenPatterns = [
+        /^[a-zA-Z0-9_-]{20,}$/, // Long alphanumeric
+        /^Bearer\s+[a-zA-Z0-9_-]+$/, // Bearer token
+        /^Basic\s+[A-Za-z0-9+/=]+$/, // Basic auth
+        /^[0-9a-f]{32,}$/i, // Hex token
+        /^[A-Za-z0-9+/]{20,}={0,2}$/ // Base64-like
+    ];
+    return tokenPatterns.some(pattern => pattern.test(str));
+}
+export default {
+    sanitizeRequest,
+    sanitizeHeaders,
+    sanitizeParams,
+    sanitizeBody,
+    sanitizeUrl,
+    sanitizeDoi,
+    escapeQueryValue,
+    validateQueryComplexity,
+    withTimeout,
+    generateCorrelationId,
+    maskSensitiveData,
+    looksLikeToken
+};
+//# sourceMappingURL=SecurityUtils.js.map

package/dist/utils/SecurityUtils.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"SecurityUtils.js","sourceRoot":"","sources":["../../src/utils/SecurityUtils.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH;;;;GAIG;AACH,MAAM,UAAU,eAAe,CAAC,MAAW;IACzC,IAAI,CAAC,MAAM;QAAE,OAAO,MAAM,CAAC;IAE3B,wCAAwC;IACxC,IAAI,SAAc,CAAC;IACnB,IAAI,CAAC;QACH,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC;IACjD,CAAC;IAAC,MAAM,CAAC;QACP,uDAAuD;QACvD,OAAO,EAAE,UAAU,EAAE,qDAAqD,EAAE,CAAC;IAC/E,CAAC;IAED,mBAAmB;IACnB,IAAI,SAAS,CAAC,OAAO,EAAE,CAAC;QACtB,SAAS,CAAC,OAAO,GAAG,eAAe,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;IACzD,CAAC;IAED,0BAA0B;IAC1B,IAAI,SAAS,CAAC,MAAM,EAAE,CAAC;QACrB,SAAS,CAAC,MAAM,GAAG,cAAc,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;IACtD,CAAC;IAED,wBAAwB;IACxB,IAAI,SAAS,CAAC,IAAI,EAAE,CAAC;QACnB,SAAS,CAAC,IAAI,GAAG,YAAY,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;IAChD,CAAC;IAED,eAAe;IACf,IAAI,SAAS,CAAC,GAAG,EAAE,CAAC;QAClB,SAAS,CAAC,GAAG,GAAG,WAAW,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;IAC7C,CAAC;IAED,OAAO,SAAS,CAAC;AACnB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,eAAe,CAAC,OAA4B;IAC1D,IAAI,CAAC,OAAO;QAAE,OAAO,OAAO,CAAC;IAE7B,MAAM,SAAS,GAAG,EAAE,GAAG,OAAO,EAAE,CAAC;IAEjC,oDAAoD;IACpD,MAAM,iBAAiB,GAAG;QACxB,gBAAgB;QAChB,oBAAoB;QACpB,kBAAkB;QAClB,gBAAgB;QAChB,oBAAoB;QACpB,WAAW;QACX,uBAAuB;QACvB,WAAW;QACX,kBAAkB;QAClB,uBAAuB;QACvB,0BAA0B,EAAE,iBAAiB;QAC7C,YAAY,EAAE,6BAA6B;QAC3C,kBAAkB,CAAC,0BAA0B;KAC9C,CAAC;IAEF,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE;QACnC,MAAM,QAAQ,GAAG,GAAG,CAAC,WAAW,EAAE,CAAC;QAEnC,yBAAyB;QACzB,IAAI,iBAAiB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;YACzD,SAAS,CAAC,GAAG,CAAC,GAAG,gBAAgB,CAAC;QACpC,CAAC;QAED,8CAA8C;QAC9C,IAAI,OAAO,SAAS,CAAC,GAAG,CAAC,KAAK,QAAQ,EAAE,CAAC;YACvC,IAAI,SAAS,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,qBAAqB,CAAC;gBAC3C,SAAS,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,sBAAsB,CAAC,IAAI,eAAe;gBAC/D,SAAS,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC;gBACnC,SAAS,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;gBACtC,SAAS,CAAC,GAAG,CAAC,GAAG,gBAAgB,CAAC;YACpC,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,OAAO,SAAS,CAAC;AACnB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,cAAc,CAAC,MAA2B;IACxD,IAAI,CAAC,MAAM;QAAE,OAAO,MAAM,CAAC;IAE3B,MAAM,SAAS,GAAG,EAAE,GAAG,MAAM,EAAE,CAAC;IAEhC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE;QACnC,MAAM,QAAQ,GAAG,GAAG,CAAC,WAAW,EAAE,CAAC;QAEnC,6CAA6C;QAC7C,IAAI,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC;YAC5B,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC;YAC3B,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC;YAC1B,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC;YAC3B,QAAQ,CAAC,QAAQ,CAAC,UAAU,CAAC;YAC7B,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC;YAC5B,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;YAC9B,SAAS,CAAC,GAAG,CAAC,GAAG,gBAAgB,CAAC;QACpC,CAAC;QAED,oCAAoC;QACpC,IAAI,OAAO,SAAS,CAAC,GAAG,CAAC,KAAK,QAAQ;YAClC,SAAS,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,sBAAsB,CAAC,EAAE,CAAC;YACjD,SAAS,CAAC,GAAG,CAAC,GAAG,SAAS,CAAC,GAAG,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,KAAK,CAAC;QAC1D,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,OAAO,SAAS,CAAC;AACnB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,YAAY,CAAC,IAAS;IACpC,IAAI,CAAC,IAAI;QAAE,OAAO,IAAI,CAAC;IAEvB,oCAAoC;IACpC,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,KAAK,IAAI,EAAE,CAAC;QAC9C,gBAAgB;QAChB,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;YACxB,OAAO,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC;QAC9C,CAAC;QAED,iBAAiB;QACjB,MAAM,SAAS,GAAQ,EAAE,CAAC;QAC1B,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;YAChD,MAAM,QAAQ,GAAG,GAAG,CAAC,WAAW,EAAE,CAAC;YAEnC,2BAA2B;YAC3B,IAAI,QAAQ,CAAC,QAAQ,CAAC,UAAU,CAAC;gBAC7B,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC;gBAC3B,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC;gBAC1B,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC;gBAC5B,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;gBACjC,SAAS,CAAC,GAAG,CAAC,GAAG,gBAAgB,CAAC;YACpC,CAAC;iBAAM,CAAC;gBACN,SAAS,CAAC,GAAG,CAAC,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC;YACvC,CAAC;QACH,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,8CAA8C;IAC9C,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;QAC7B,IAAI,IAAI,CAAC,KAAK,CAAC,qBAAqB,CAAC,EAAE,CAAC;YACtC,OAAO,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,iBAAiB,CAAC,CAAC;QACnD,CAAC;QACD,IAAI,IAAI,CAAC,KAAK,CAAC,sBAAsB,CAAC,EAAE,CAAC;YACvC,OAAO,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,KAAK,CAAC;QACtC,CAAC;IACH,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,WAAW,CAAC,GAAW;IACrC,IAAI,CAAC,GAAG;QAAE,OAAO,GAAG,CAAC;IAErB,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;QAE5B,oCAAoC;QACpC,MAAM,eAAe,GAAG,CAAC,SAAS,EAAE,QAAQ,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC;QACzE,IAAI,kBAAkB,GAAG,KAAK,CAAC;QAE/B,eAAe,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE;YAC9B,IAAI,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;gBACnC,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,KAAK,EAAE,gBAAgB,CAAC,CAAC;gBACjD,kBAAkB,GAAG,IAAI,CAAC;YAC5B,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,2CAA2C;QAC3C,IAAI,kBAAkB,EAAE,CAAC;YACvB,OAAO,MAAM,CAAC,QAAQ,EAAE,GAAG,YAAY,CAAC;QAC1C,CAAC;QAED,OAAO,GAAG,CAAC;IACb,CAAC;IAAC,MAAM,CAAC;QACP,4CAA4C;QAC5C,OAAO,oBAAoB,CAAC;IAC9B,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,WAAW,CAAC,GAAW;IACrC,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;QACpC,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,SAAS,EAAE,EAAE,EAAE,KAAK,EAAE,gCAAgC,EAAE,CAAC;IAClF,CAAC;IAED,wCAAwC;IACxC,IAAI,SAAS,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC;IAE3B,iCAAiC;IACjC,MAAM,QAAQ,GAAG;QACf,kBAAkB;QAClB,iBAAiB;QACjB,qBAAqB;QACrB,oBAAoB;QACpB,MAAM;QACN,MAAM;KACP,CAAC;IAEF,KAAK,MAAM,MAAM,IAAI,QAAQ,EAAE,CAAC;QAC9B,IAAI,SAAS,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;YAC7D,SAAS,GAAG,SAAS,CAAC,SAAS,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;YAC/C,MAAM;QACR,CAAC;IACH,CAAC;IAED,8BAA8B;IAC9B,yEAAyE;IACzE,MAAM,UAAU,GAAG,2BAA2B,CAAC;IAE/C,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC;QAChC,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,SAAS,EAAE,EAAE,EAAE,KAAK,EAAE,oBAAoB,EAAE,CAAC;IACtE,CAAC;IAED,2BAA2B;IAC3B,IAAI,SAAS,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;QAC3B,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,SAAS,EAAE,EAAE,EAAE,KAAK,EAAE,mCAAmC,EAAE,CAAC;IACrF,CAAC;IAED,gCAAgC;IAChC,IAAI,SAAS,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,SAAS,CAAC,QAAQ,CAAC,GAAG,CAAC;QAClD,SAAS,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,SAAS,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QACvD,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,SAAS,EAAE,EAAE,EAAE,KAAK,EAAE,iCAAiC,EAAE,CAAC;IACnF,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,SAAS,EAAE,SAAS,EAAE,CAAC;AAC/C,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAC9B,KAAa,EACb,UAA0C,SAAS;IAEnD,IAAI,CAAC,KAAK;QAAE,OAAO,EAAE,CAAC;IAEtB,2CAA2C;IAC3C,IAAI,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,kBAAkB,EAAE,EAAE,CAAC,CAAC;IAEpD,QAAQ,OAAO,EAAE,CAAC;QAChB,KAAK,UAAU;YACb,OAAO,GAAG,OAAO;iBACd,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,CAAE,gBAAgB;iBACtC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAG,qBAAqB;iBAC5C,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAM,oBAAoB;iBAC3C,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAG,2BAA2B;iBAClD,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,CAAE,yBAAyB;YACnD,MAAM;QACR,KAAK,KAAK;YACR,+EAA+E;YAC/E,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC;gBACpD,CAAC,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;gBACzD,OAAO,GAAG,OAAO;qBACd,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAK,gBAAgB;qBACtC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAE,qBAAqB;qBAC3C,IAAI,EAAE,CAAC;YACZ,CAAC;YACD,MAAM;QACR;YACE,OAAO,GAAG,OAAO;iBACd,OAAO,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAE,mCAAmC;iBAC1D,OAAO,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAE,0BAA0B;iBACjD,IAAI,EAAE,CAAC;IACd,CAAC;IAED,8BAA8B;IAC9B,IAAI,OAAO,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;QACzB,OAAO,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;IACtC,CAAC;IAED,OAAO,OAAO,CAAC,IAAI,EAAE,CAAC;AACxB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,uBAAuB,CACrC,KAAa,EACb,UAAgE,EAAE;IAElE,MAAM,SAAS,GAAG,OAAO,CAAC,SAAS,IAAI,IAAI,CAAC;IAC5C,MAAM,mBAAmB,GAAG,OAAO,CAAC,mBAAmB,IAAI,EAAE,CAAC;IAE9D,IAAI,CAAC,KAAK;QAAE,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;IAEnC,eAAe;IACf,IAAI,KAAK,CAAC,MAAM,GAAG,SAAS,EAAE,CAAC;QAC7B,OAAO;YACL,KAAK,EAAE,KAAK;YACZ,KAAK,EAAE,uBAAuB,SAAS,cAAc;SACtD,CAAC;IACJ,CAAC;IAED,0BAA0B;IAC1B,MAAM,gBAAgB,GAAG,KAAK,CAAC,KAAK,CAAC,oBAAoB,CAAC,IAAI,EAAE,CAAC;IACjE,IAAI,gBAAgB,CAAC,MAAM,GAAG,mBAAmB,EAAE,CAAC;QAClD,OAAO;YACL,KAAK,EAAE,KAAK;YACZ,KAAK,EAAE,0BAA0B,mBAAmB,qBAAqB;SAC1E,CAAC;IACJ,CAAC;IAED,yCAAyC;IACzC,MAAM,iBAAiB,GAAG;QACxB,6CAA6C;QAC7C,aAAa,EAAG,eAAe;QAC/B,QAAQ,EAAQ,gBAAgB;QAChC,kGAAkG;QAClG,kCAAkC,CAAE,qBAAqB;KAC1D,CAAC;IAEF,KAAK,MAAM,OAAO,IAAI,iBAAiB,EAAE,CAAC;QACxC,IAAI,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;YACxB,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,KAAK,EAAE,+CAA+C;aACvD,CAAC;QACJ,CAAC;IACH,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;AACzB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,WAAW,CACzB,OAAmB,EACnB,EAAU,EACV,OAAgB;IAEhB,IAAI,KAAoC,CAAC;IACzC,MAAM,OAAO,GAAG,IAAI,OAAO,CAAQ,CAAC,CAAC,EAAE,MAAM,EAAE,EAAE;QAC/C,KAAK,GAAG,UAAU,CAAC,GAAG,EAAE;YACtB,MAAM,CAAC,IAAI,KAAK,CAAC,OAAO,IAAI,6BAA6B,EAAE,IAAI,CAAC,CAAC,CAAC;QACpE,CAAC,EAAE,EAAE,CAAC,CAAC;IACT,CAAC,CAAC,CAAC;IAEH,OAAO,OAAO,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC,CAAC;AAC7E,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,qBAAqB;IACnC,OAAO,GAAG,IAAI,CAAC,GAAG,EAAE,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC;AACxE,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,iBAAiB,CAAC,GAAW;IAC3C,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC;QAAE,OAAO,KAAK,CAAC;IAEzC,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC;IAC7D,OAAO,GAAG,CAAC,SAAS,CAAC,CAAC,EAAE,YAAY,CAAC;QAC9B,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,GAAG,YAAY,GAAG,CAAC,CAAC;QACzC,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,MAAM,GAAG,YAAY,CAAC,CAAC;AAClD,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,cAAc,CAAC,GAAW;IACxC,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC;IAElD,wBAAwB;IACxB,MAAM,aAAa,GAAG;QACpB,sBAAsB,EAAY,oBAAoB;QACtD,2BAA2B,EAAO,eAAe;QACjD,2BAA2B,EAAO,aAAa;QAC/C,kBAAkB,EAAiB,YAAY;QAC/C,4BAA4B,CAAO,cAAc;KAClD,CAAC;IAEF,OAAO,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;AAC1D,CAAC;AAED,eAAe;IACb,eAAe;IACf,eAAe;IACf,cAAc;IACd,YAAY;IACZ,WAAW;IACX,WAAW;IACX,gBAAgB;IAChB,uBAAuB;IACvB,WAAW;IACX,qBAAqB;IACrB,iBAAiB;IACjB,cAAc;CACf,CAAC"}

package/package.json

@@ -0,0 +1,111 @@
+{
+  "name": "paper-search-cli",
+  "version": "0.1.0",
+  "description": "Agent-friendly CLI for searching and downloading academic papers from multiple sources.",
+  "main": "dist/cli.js",
+  "type": "module",
+  "bin": {
+    "paper-search": "dist/cli.js"
+  },
+  "scripts": {
+    "clean": "node -e \"require('fs').rmSync('dist',{recursive:true,force:true})\"",
+    "build": "npm run clean && tsc && node -e \"require('fs').chmodSync('dist/cli.js',0o755)\"",
+    "start": "node dist/cli.js",
+    "start:cli": "tsx src/cli.ts",
+    "dev": "tsx src/cli.ts",
+    "test": "jest",
+    "lint": "eslint src/**/*.ts",
+    "format": "prettier --write src/**/*.ts",
+    "prepublishOnly": "npm test -- --runInBand && npm run build"
+  },
+  "files": [
+    "dist/",
+    "README.md",
+    "README-sc.md",
+    "skills/",
+    "LICENSE",
+    ".env.example"
+  ],
+  "keywords": [
+    "cli",
+    "academic-papers",
+    "research",
+    "arxiv",
+    "pubmed",
+    "web-of-science",
+    "nodejs",
+    "typescript"
+  ],
+  "author": "dianel; CLI adaptation by dr-dumpling",
+  "license": "MIT",
+  "dependencies": {
+    "@types/cheerio": "^0.22.35",
+    "axios": "^1.7.2",
+    "cheerio": "^1.1.2",
+    "dotenv": "^16.4.5",
+    "lru-cache": "^11.2.5",
+    "pdf-parse": "^1.1.4",
+    "xml2js": "^0.6.2",
+    "zod": "^3.23.8"
+  },
+  "devDependencies": {
+    "@types/jest": "^29.5.14",
+    "@types/lru-cache": "^7.10.9",
+    "@types/node": "^20.14.10",
+    "@types/xml2js": "^0.4.14",
+    "@typescript-eslint/eslint-plugin": "^7.16.0",
+    "@typescript-eslint/parser": "^7.16.0",
+    "eslint": "^8.57.0",
+    "jest": "^29.7.0",
+    "prettier": "^3.3.2",
+    "ts-jest": "^29.2.5",
+    "tsx": "^4.16.2",
+    "typescript": "^5.5.3"
+  },
+  "jest": {
+    "preset": "ts-jest/presets/default-esm",
+    "testEnvironment": "node",
+    "extensionsToTreatAsEsm": [
+      ".ts"
+    ],
+    "transformIgnorePatterns": [
+      "node_modules/(?!(p-limit|yocto-queue)/)"
+    ],
+    "moduleNameMapper": {
+      "^(\\.{1,2}/.*)\\.js$": "$1"
+    },
+    "transform": {
+      "^.+\\.tsx?$": [
+        "ts-jest",
+        {
+          "useESM": true
+        }
+      ]
+    },
+    "testMatch": [
+      "**/tests/**/*.test.ts",
+      "**/__tests__/**/*.test.ts"
+    ],
+    "setupFilesAfterEnv": [
+      "<rootDir>/tests/setup.ts"
+    ],
+    "collectCoverageFrom": [
+      "src/**/*.ts",
+      "!src/**/*.d.ts"
+    ]
+  },
+  "overrides": {
+    "entities": "^6.0.0"
+  },
+  "engines": {
+    "node": ">=18.0.0"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/dr-dumpling/paper-search-cli.git"
+  },
+  "homepage": "https://github.com/dr-dumpling/paper-search-cli#readme",
+  "bugs": {
+    "url": "https://github.com/dr-dumpling/paper-search-cli/issues"
+  }
+}