npm - pentesting - Versions diffs - 0.73.12 → 0.73.14 - Mend

pentesting 0.73.12 → 0.73.14

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/README.md +5 -0
package/dist/{agent-tool-RTF2W3GB.js → agent-tool-MMDCBQ74.js} +3 -3
package/dist/{chunk-4DUF6JX2.js → chunk-4KLVUP3C.js} +118 -67
package/dist/{chunk-5JXATHQ3.js → chunk-AEQNELCQ.js} +272 -85
package/dist/{chunk-S5ZMXFHR.js → chunk-YZNPWDNS.js} +12 -8
package/dist/main.js +319 -206
package/dist/{persistence-DC6QI7XQ.js → persistence-IGAKJZJ3.js} +2 -2
package/dist/{process-registry-4Y3HB4YQ.js → process-registry-DNEZX4S5.js} +1 -1
package/package.json +1 -1

package/README.md CHANGED Viewed

@@ -44,9 +44,14 @@ docker run -it --rm \
   -e PENTEST_API_KEY="your_key" \
   -e PENTEST_BASE_URL="https://api.z.ai/api/anthropic" \
   -e PENTEST_MODEL="glm-4.7" \
+  -v pentesting-data:/tmp/.pentesting \
   agnusdei1207/pentesting
 ```
+Docker stores workspace state under `/tmp/.pentesting` inside the container.
+The entrypoint resets that directory on each fresh container start to avoid mixing stale state into a new run.
+Mount that path if you want access to `.pentesting/turns`, `.pentesting/sessions`, `.pentesting/memory`, and workspace artifacts after an OOM or while the same container is still alive.
 ### 🐉 Kali Linux (Native)
 ```bash

package/dist/{agent-tool-RTF2W3GB.js → agent-tool-MMDCBQ74.js} RENAMED Viewed

@@ -5,7 +5,7 @@ import {
   createContextExtractor,
   getLLMClient,
   getShellSupervisorLifecycleSnapshot
-} from "./chunk-4DUF6JX2.js";
+} from "./chunk-4KLVUP3C.js";
 import {
   AGENT_ROLES,
   EVENT_TYPES,
@@ -13,14 +13,14 @@ import {
   TOOL_NAMES,
   getProcessOutput,
   listBackgroundProcesses
-} from "./chunk-5JXATHQ3.js";
+} from "./chunk-AEQNELCQ.js";
 import {
   DETECTION_PATTERNS,
   PROCESS_EVENTS,
   PROCESS_ROLES,
   getActiveProcessSummary,
   getProcessEventLog
-} from "./chunk-S5ZMXFHR.js";
+} from "./chunk-YZNPWDNS.js";
 // src/engine/agent-tool/completion-box.ts
 function createCompletionBox() {

package/dist/{chunk-4DUF6JX2.js → chunk-4KLVUP3C.js} RENAMED Viewed

@@ -10,6 +10,7 @@ import {
   DANGER_LEVELS,
   DANGER_LEVEL_MAP,
   DEFAULTS,
+  DEFAULT_MODEL,
   DISPLAY_LIMITS,
   DynamicTechniqueLibrary,
   EVENT_TYPES,
@@ -52,11 +53,19 @@ import {
   generateId,
   generatePrefixedId,
   getActiveSessionRuntime,
+  getApiKey,
+  getBaseUrl,
   getErrorMessage,
+  getModel,
   getProcessOutput,
+  getSearchApiKey,
+  getSearchApiUrl,
+  getThinkingBudget,
   getTorBrowserArgs,
   getUsedPorts,
   isBranchMemoryEnabled,
+  isThinkingEnabled,
+  isZaiProvider,
   listBackgroundProcesses,
   llmNodeCooldownPolicy,
   llmNodeOutputParsing,
@@ -69,7 +78,7 @@ import {
   startBackgroundProcess,
   stopBackgroundProcess,
   writeFileContent
-} from "./chunk-5JXATHQ3.js";
+} from "./chunk-AEQNELCQ.js";
 import {
   DETECTION_PATTERNS,
   HEALTH_CONFIG,
@@ -83,59 +92,7 @@ import {
   __require,
   getProcessEventLog,
   logEvent
-} from "./chunk-S5ZMXFHR.js";
-// src/shared/utils/config/env.ts
-var ENV_KEYS = {
-  API_KEY: "PENTEST_API_KEY",
-  BASE_URL: "PENTEST_BASE_URL",
-  MODEL: "PENTEST_MODEL",
-  SEARCH_API_KEY: "SEARCH_API_KEY",
-  SEARCH_API_URL: "SEARCH_API_URL",
-  THINKING: "PENTEST_THINKING",
-  THINKING_BUDGET: "PENTEST_THINKING_BUDGET",
-  SCOPE_MODE: "PENTEST_SCOPE_MODE",
-  APPROVAL_MODE: "PENTEST_APPROVAL_MODE",
-  CONTAINERIZED: "PENTEST_CONTAINERIZED",
-  APP_VERSION: "PENTESTING_VERSION"
-};
-var DEFAULT_THINKING_BUDGET = 8e3;
-var DEFAULT_SEARCH_API_URL = "https://api.search.brave.com/res/v1/web/search";
-var DEFAULT_MODEL = "glm-4.7";
-function getApiKey() {
-  return process.env[ENV_KEYS.API_KEY] || "";
-}
-function getOptionalEnv(key) {
-  const value = process.env[key];
-  return value && value !== "" ? value : void 0;
-}
-function getBaseUrl() {
-  return getOptionalEnv(ENV_KEYS.BASE_URL);
-}
-function getModel() {
-  return process.env[ENV_KEYS.MODEL] || "";
-}
-function getSearchApiKey() {
-  const explicitKey = getOptionalEnv(ENV_KEYS.SEARCH_API_KEY);
-  if (explicitKey) {
-    return explicitKey;
-  }
-  return getOptionalEnv(ENV_KEYS.API_KEY);
-}
-function getSearchApiUrl() {
-  return process.env[ENV_KEYS.SEARCH_API_URL] || DEFAULT_SEARCH_API_URL;
-}
-function isZaiProvider() {
-  const baseUrl = getBaseUrl() || "";
-  return baseUrl.includes("z.ai");
-}
-function isThinkingEnabled() {
-  return process.env[ENV_KEYS.THINKING] !== "false";
-}
-function getThinkingBudget() {
-  const val = parseInt(process.env[ENV_KEYS.THINKING_BUDGET] || "", 10);
-  return isNaN(val) ? DEFAULT_THINKING_BUDGET : Math.max(1024, val);
-}
+} from "./chunk-YZNPWDNS.js";
 // src/shared/constants/llm/api.ts
 var LLM_API = {
@@ -558,14 +515,42 @@ var LLMClient = class {
     const currentBlockRef = { value: null };
     const toolCallsMap = /* @__PURE__ */ new Map();
     let totalChars = 0;
+    let storedContentChars = 0;
+    let storedReasoningChars = 0;
+    let contentWasTruncated = false;
+    let reasoningWasTruncated = false;
     let wasAborted = false;
     context.onContent = (text) => {
-      contentChunks.push(text);
       totalChars += text.length;
+      const remaining = LLM_LIMITS.streamStoredContentChars - storedContentChars;
+      if (remaining <= 0) {
+        contentWasTruncated = true;
+        return;
+      }
+      const slice = text.slice(0, remaining);
+      if (slice) {
+        contentChunks.push(slice);
+        storedContentChars += slice.length;
+      }
+      if (slice.length < text.length) {
+        contentWasTruncated = true;
+      }
     };
     context.onReasoning = (text) => {
-      reasoningChunks.push(text);
       totalChars += text.length;
+      const remaining = LLM_LIMITS.streamStoredReasoningChars - storedReasoningChars;
+      if (remaining <= 0) {
+        reasoningWasTruncated = true;
+        return;
+      }
+      const slice = text.slice(0, remaining);
+      if (slice) {
+        reasoningChunks.push(slice);
+        storedReasoningChars += slice.length;
+      }
+      if (slice.length < text.length) {
+        reasoningWasTruncated = true;
+      }
     };
     context.onUsage = (u) => {
       usage = u;
@@ -578,7 +563,13 @@ var LLMClient = class {
       throw new DOMException("Aborted string generation", "AbortError");
     }
     const toolCalls = resolveToolCalls(toolCallsMap);
-    const stripped = stripThinkTags(contentChunks.join(""), reasoningChunks.join(""));
+    const truncatedContent = contentWasTruncated ? `${contentChunks.join("")}
+...[assistant output truncated for memory safety]` : contentChunks.join("");
+    const truncatedReasoning = reasoningWasTruncated ? `${reasoningChunks.join("")}
+...[reasoning truncated for memory safety]` : reasoningChunks.join("");
+    const stripped = stripThinkTags(truncatedContent, truncatedReasoning);
     if (usage.input_tokens > 0 || usage.output_tokens > 0) {
       addGlobalTokenUsage(usage);
     }
@@ -2015,8 +2006,8 @@ var PASSTHROUGH_THRESHOLD = 2e3;
 var PREPROCESS_THRESHOLD = 3e3;
 var MAX_PREPROCESSED_LINES = 800;
 var MAX_DUPLICATE_DISPLAY = 3;
-var ANALYST_MAX_INPUT_CHARS = 8e4;
-var FALLBACK_MAX_CHARS = 3e4;
+var ANALYST_MAX_INPUT_CHARS = 4e4;
+var FALLBACK_MAX_CHARS = 15e3;
 var NOISE_PATTERNS = [
   /^\s*$/,
   // blank lines
@@ -2345,6 +2336,8 @@ function getAnalystSystemPrompt() {
 }
 function createLLMDigestFn(llmClient) {
   return async (text, context) => {
+    const cappedText = text.length > ANALYST_MAX_INPUT_CHARS ? `${text.slice(0, ANALYST_MAX_INPUT_CHARS)}
+... [truncated at ${ANALYST_MAX_INPUT_CHARS} chars before Analyst request]` : text;
     const messages = [{
       role: LLM_ROLES.USER,
       content: `Analyze this pentesting tool output and extract actionable intelligence.
@@ -2352,7 +2345,7 @@ function createLLMDigestFn(llmClient) {
 Context: ${context}
 --- OUTPUT START ---
-${text}
+${cappedText}
 --- OUTPUT END ---`
     }];
     const response = await llmClient.generateResponse(
@@ -3751,15 +3744,18 @@ var HealthMonitor = class {
   check() {
     const processes = this.checkProcesses();
     const ports = this.checkPorts();
-    const recommendations = this.generateRecommendations();
+    const memory = this.checkMemory();
+    const recommendations = this.generateRecommendations(memory);
     const overall = this.calculateOverall({
       zombies: processes.zombies,
+      memoryStatus: memory.status,
       recommendations
     });
     return {
       overall,
       processes,
       ports,
+      memory,
       recommendations
     };
   }
@@ -3795,10 +3791,42 @@ var HealthMonitor = class {
     }
     return { inUse, conflicts };
   }
+  /**
+   * Check Node.js process memory health.
+   */
+  checkMemory() {
+    const usage = process.memoryUsage();
+    const heapUsedRatio = usage.heapTotal > 0 ? usage.heapUsed / usage.heapTotal : 0;
+    if (heapUsedRatio >= HEALTH_CONFIG.MEMORY_CRITICAL_HEAP_RATIO || usage.rss >= HEALTH_CONFIG.MEMORY_CRITICAL_RSS_BYTES) {
+      return {
+        rssBytes: usage.rss,
+        heapUsedBytes: usage.heapUsed,
+        heapTotalBytes: usage.heapTotal,
+        heapUsedRatio,
+        status: HEALTH_STATUS.CRITICAL
+      };
+    }
+    if (heapUsedRatio >= HEALTH_CONFIG.MEMORY_WARNING_HEAP_RATIO || usage.rss >= HEALTH_CONFIG.MEMORY_WARNING_RSS_BYTES) {
+      return {
+        rssBytes: usage.rss,
+        heapUsedBytes: usage.heapUsed,
+        heapTotalBytes: usage.heapTotal,
+        heapUsedRatio,
+        status: HEALTH_STATUS.WARNING
+      };
+    }
+    return {
+      rssBytes: usage.rss,
+      heapUsedBytes: usage.heapUsed,
+      heapTotalBytes: usage.heapTotal,
+      heapUsedRatio,
+      status: HEALTH_STATUS.HEALTHY
+    };
+  }
   /**
    * Generate recommendations based on current state
    */
-  generateRecommendations() {
+  generateRecommendations(memory) {
     const recs = [];
     const procs = listBackgroundProcesses();
     for (const proc of procs) {
@@ -3810,6 +3838,15 @@ var HealthMonitor = class {
         recs.push(`[${proc.id}] ${proc.role} running for ${durMin}min`);
       }
     }
+    if (memory.status === HEALTH_STATUS.CRITICAL) {
+      recs.push(
+        `Memory critical: heap ${(memory.heapUsedRatio * 100).toFixed(0)}% (${this.formatBytes(memory.heapUsedBytes)}/${this.formatBytes(memory.heapTotalBytes)}), rss ${this.formatBytes(memory.rssBytes)} - reduce prompt/output volume immediately`
+      );
+    } else if (memory.status === HEALTH_STATUS.WARNING) {
+      recs.push(
+        `Memory warning: heap ${(memory.heapUsedRatio * 100).toFixed(0)}% (${this.formatBytes(memory.heapUsedBytes)}/${this.formatBytes(memory.heapTotalBytes)}), rss ${this.formatBytes(memory.rssBytes)}`
+      );
+    }
     return recs;
   }
   /**
@@ -3817,9 +3854,21 @@ var HealthMonitor = class {
    */
   calculateOverall(data) {
     if (data.zombies > 0) return HEALTH_STATUS.CRITICAL;
+    if (data.memoryStatus === HEALTH_STATUS.CRITICAL) return HEALTH_STATUS.CRITICAL;
+    if (data.memoryStatus === HEALTH_STATUS.WARNING) return HEALTH_STATUS.WARNING;
     if (data.recommendations.length > HEALTH_CONFIG.MAX_RECOMMENDATIONS_FOR_HEALTHY) return HEALTH_STATUS.WARNING;
     return HEALTH_STATUS.HEALTHY;
   }
+  formatBytes(bytes) {
+    const units = ["B", "KB", "MB", "GB"];
+    let value = bytes;
+    let unitIndex = 0;
+    while (value >= 1024 && unitIndex < units.length - 1) {
+      value /= 1024;
+      unitIndex++;
+    }
+    return `${value.toFixed(unitIndex === 0 ? 0 : 1)}${units[unitIndex]}`;
+  }
 };
 // src/engine/resource/zombie-hunter.ts
@@ -3905,6 +3954,9 @@ async function executeBgStatus() {
   }
   lines.push(`
 ## Health: ${health.overall.toUpperCase()}`);
+  lines.push(
+    `Memory: ${health.memory.status.toUpperCase()} heap=${(health.memory.heapUsedRatio * 100).toFixed(0)}% (${Math.round(health.memory.heapUsedBytes / 1024 / 1024)}MB/${Math.round(health.memory.heapTotalBytes / 1024 / 1024)}MB) rss=${Math.round(health.memory.rssBytes / 1024 / 1024)}MB`
+  );
   if (health.recommendations.length > 0) {
     lines.push("Recommendations:");
     for (const r of health.recommendations) {
@@ -3976,6 +4028,9 @@ async function executeHealthCheck() {
   const lines = [];
   lines.push(`Health: ${status.overall.toUpperCase()}`);
   lines.push(`Processes: ${status.processes.running}/${status.processes.total} running`);
+  lines.push(
+    `Memory: ${status.memory.status.toUpperCase()} heap=${(status.memory.heapUsedRatio * 100).toFixed(0)}% (${Math.round(status.memory.heapUsedBytes / 1024 / 1024)}MB/${Math.round(status.memory.heapTotalBytes / 1024 / 1024)}MB) rss=${Math.round(status.memory.rssBytes / 1024 / 1024)}MB`
+  );
   if (status.ports.inUse.length > 0) {
     lines.push(`Ports in use: ${status.ports.inUse.join(", ")}`);
   }
@@ -11084,7 +11139,7 @@ After completion: record key loot/findings from the sub-agent output to canonica
           rootTaskId: activeExecution.rootTaskId
         }
       });
-      const { AgentTool } = await import("./agent-tool-RTF2W3GB.js");
+      const { AgentTool } = await import("./agent-tool-MMDCBQ74.js");
       const executor = new AgentTool(state, events, scopeGuard, approvalGate);
       try {
         const result = await executor.execute(input);
@@ -11363,10 +11418,6 @@ function buildShellSupervisorLifecycleSection() {
 }
 export {
-  ENV_KEYS,
-  DEFAULT_MODEL,
-  getApiKey,
-  getModel,
   getTimeAdaptiveStrategy,
   SharedState,
   HealthMonitor,