TypeScript SDK Examples #46
Conversation
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
There was a problem hiding this comment.
I've reviewed the TypeScript SDK examples. The code demonstrates the SDK functionality well with clear examples. I found one potential security concern regarding path validation in the server examples.
🤖 Automated review complete. Please react with 👍 or 👎 on the individual review comments to provide feedback on their usefulness.
|
|
||
| // Start server | ||
| async function main() { | ||
| const directory = process.argv[2] || process.cwd(); |
There was a problem hiding this comment.
The directory parameter from command-line arguments is passed directly to initializeContext without validation. This could allow an attacker to read arbitrary directories on the system if they can control the command-line arguments.
Consider adding path validation to ensure the directory is within expected bounds:
import { resolve } from 'path';
async function main() {
const directory = process.argv[2] || process.cwd();
const resolvedDir = resolve(directory);
// Validate the directory exists and is accessible
try {
const stat = statSync(resolvedDir);
if (!stat.isDirectory()) {
throw new Error('Path is not a directory');
}
} catch (error) {
console.error('Invalid directory:', error);
process.exit(1);
}
console.log('Starting File Search Server...');
await initializeContext(resolvedDir);
// ...
}|
|
||
| // Start server | ||
| async function main() { | ||
| const directory = process.argv[2] || process.cwd(); |
There was a problem hiding this comment.
The directory parameter from command-line arguments is passed directly to initializeContext without validation. This could allow an attacker to read arbitrary directories on the system if they can control the command-line arguments.
Consider adding path validation to ensure the directory is within expected bounds:
import { resolve } from 'path';
async function main() {
const directory = process.argv[2] || process.cwd();
const resolvedDir = resolve(directory);
// Validate the directory exists and is accessible
try {
const stat = statSync(resolvedDir);
if (!stat.isDirectory()) {
throw new Error('Path is not a directory');
}
} catch (error) {
console.error('Invalid directory:', error);
process.exit(1);
}
console.log('Starting Prompt Enhancer Server...');
await initializeContext(resolvedDir);
// ...
}
igor0
force-pushed
the
context-sdk-examples
branch
from
c4990f2 to
e457946
Compare
|
augment review |
igor0
force-pushed
the
context-sdk-examples
branch
from
15a82ce to
fb57058
Compare
Add comprehensive TypeScript SDK context examples demonstrating core functionality
This PR introduces four practical examples showcasing different use cases of the Auggie TypeScript SDK's context capabilities:
direct-context/index.ts) - Demonstrates basic usage patterns including simple file indexing, persistent index management across sessions, batch upload optimization, and external LLM integrationfile-search-server/index.ts) - Implements a REST API server providing semantic file search with AI-powered summarization, including/searchand/askendpointsfilesystem-context/index.ts) - Shows automatic file discovery and indexing from local directories using the MCP protocolprompt-enhancer-server/index.ts) - Provides an HTTP server that automatically enriches user prompts with relevant codebase context via/enhanceand/enhance-and-askendpointsThese examples provide developers with ready-to-use patterns for integrating semantic code search, context-aware AI interactions, and codebase indexing into their applications.
🤖 This description was generated automatically. Please react with 👍 if it's helpful or 👎 if it needs improvement.