npm - xmemory-cli - Versions diffs - 0.1.0 - Mend

xmemory-cli 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (16) hide show

package/src/config/index.ts ADDED Viewed

@@ -0,0 +1,179 @@
+const ALLOWED_SCHEMES = ["http", "https"];
+const BLOCKED_HOSTS = [
+  "169.254.169.254",
+  "metadata.google.internal",
+  "100.100.100.200",
+  "localhost",
+  "127.0.0.1",
+];
+function isPrivateOrLoopbackIP(hostname: string): boolean {
+  const net = require("net");
+  const normalized = hostname.replace(/^\[|\]$/g, "");
+  const ipVersion = net.isIP(normalized);
+  if (ipVersion === 4) {
+    return (
+      normalized === "127.0.0.1" ||
+      normalized === "0.0.0.0" ||
+      normalized.startsWith("10.") ||
+      normalized.startsWith("192.168.") ||
+      normalized.startsWith("172.16.") ||
+      (normalized.startsWith("172.") &&
+        [
+          "172.16.",
+          "172.17.",
+          "172.18.",
+          "172.19.",
+          "172.20.",
+          "172.21.",
+          "172.22.",
+          "172.23.",
+          "172.24.",
+          "172.25.",
+          "172.26.",
+          "172.27.",
+          "172.28.",
+          "172.29.",
+          "172.30.",
+          "172.31.",
+        ].some((b) => normalized.startsWith(b)))
+    );
+  }
+  if (ipVersion === 6) {
+    return (
+      normalized === "::1" ||
+      normalized === "::" ||
+      normalized === "0::1" ||
+      normalized === "::ffff:127.0.0.1" ||
+      normalized.startsWith("fc") ||
+      normalized.startsWith("fe80:") ||
+      normalized.startsWith("::ffff:0:")
+    );
+  }
+  return false;
+}
+export interface Config {
+  apiBaseUrl: string;
+  defaultSpace?: string;
+  apiKey: string;
+}
+function isUrlAllowed(urlString: string): boolean {
+  try {
+    const url = new URL(urlString);
+    if (!ALLOWED_SCHEMES.includes(url.protocol.replace(/:$/, ""))) {
+      return false;
+    }
+    const hostname = url.hostname.toLowerCase();
+    if (
+      BLOCKED_HOSTS.some((h) => hostname === h || hostname.endsWith(`.${h}`))
+    ) {
+      return false;
+    }
+    if (isPrivateOrLoopbackIP(hostname)) {
+      return false;
+    }
+    return true;
+  } catch {
+    return false;
+  }
+}
+function sanitizePath(filePath: string): string | null {
+  // Prevent reading sensitive files
+  const blocked = ["/etc/", "/root/", "/home/", "~", "/.ssh/", "/.aws/"];
+  const normalized = filePath.replace(/^~/, process.env.HOME || "");
+  if (blocked.some((b) => normalized.startsWith(b))) {
+    return null;
+  }
+  return normalized;
+}
+const DEFAULT_CONFIG: Partial<Config> = {
+  apiBaseUrl: process.env.API_BASE_URL || "http://localhost:50505/api",
+  defaultSpace: process.env.DEFAULT_SPACE || process.env.XMEMORY_SPACE_ID,
+  apiKey: process.env.XMEMORY_API_KEY || "",
+};
+function findConfigFile(): string | null {
+  const searchPaths = [
+    ".xmemory.json",
+    "./.xmemory.json",
+    `${process.env.HOME || ""}/.xmemory.json`,
+    `${process.env.USERPROFILE || ""}/.xmemory.json`,
+  ].filter(Boolean);
+  try {
+    const fs = require("fs");
+    for (const p of searchPaths) {
+      if (fs.existsSync(p)) {
+        return p;
+      }
+    }
+  } catch {
+    // ignore
+  }
+  return null;
+}
+function loadConfigFile(): Partial<Config> {
+  const configPath = findConfigFile();
+  if (!configPath) {
+    return {};
+  }
+  const sanitized = sanitizePath(configPath);
+  if (!sanitized) {
+    console.error(`Blocked config path: ${configPath}`);
+    return {};
+  }
+  try {
+    const fs = require("fs");
+    const stat = fs.statSync(sanitized);
+    if ((stat.mode & 0o077) !== 0) {
+      console.warn(
+        `Warning: config file ${configPath} is readable by others. Run: chmod 600 ${configPath}`,
+      );
+    }
+    const content = fs.readFileSync(sanitized, "utf-8");
+    return JSON.parse(content);
+  } catch (e) {
+    console.error(`Failed to load config from ${configPath}:`, e);
+    return {};
+  }
+}
+export function loadConfig(cliOverrides?: {
+  apiBaseUrl?: string;
+  apiKey?: string;
+  defaultSpace?: string;
+}): Config {
+  const fileConfig = loadConfigFile();
+  const baseUrl =
+    cliOverrides?.apiBaseUrl ||
+    fileConfig.apiBaseUrl ||
+    DEFAULT_CONFIG.apiBaseUrl ||
+    "http://localhost:50505/api";
+  if (!isUrlAllowed(baseUrl)) {
+    console.error(`Blocked API base URL: ${baseUrl}`);
+    process.exit(1);
+  }
+  const apiKey =
+    cliOverrides?.apiKey || DEFAULT_CONFIG.apiKey || fileConfig.apiKey || "";
+  if (!apiKey) {
+    console.error(
+      "Error: XMEMORY_API_KEY is not set. Set the environment variable or apiKey in config.",
+    );
+    process.exit(1);
+  }
+  return {
+    apiBaseUrl: baseUrl,
+    defaultSpace:
+      cliOverrides?.defaultSpace ||
+      DEFAULT_CONFIG.defaultSpace ||
+      fileConfig.defaultSpace,
+    apiKey,
+  };
+}

package/src/index.ts ADDED Viewed

@@ -0,0 +1,31 @@
+import { Client } from "./api/client.js";
+import { Config, loadConfig } from "./config/index.js";
+import { SearchCommand } from "./commands/search.js";
+import { AddCommand } from "./commands/add.js";
+import { ListCommand } from "./commands/list.js";
+import { DeleteCommand } from "./commands/delete.js";
+import { GetCommand } from "./commands/get.js";
+import { SpacesCommand } from "./commands/spaces.js";
+import { TagsCommand } from "./commands/tags.js";
+import { GraphCommand } from "./commands/graph.js";
+export interface GlobalOptions {
+  config?: string;
+  apiKey?: string;
+  apiBaseUrl?: string;
+  space?: string;
+  output?: "json" | "text";
+}
+export { Config, loadConfig };
+export { Client };
+export {
+  SearchCommand,
+  AddCommand,
+  ListCommand,
+  DeleteCommand,
+  GetCommand,
+  SpacesCommand,
+  TagsCommand,
+  GraphCommand,
+};