UNPKG

@dollhousemcp/mcp-server

Version:

DollhouseMCP - A Model Context Protocol (MCP) server that enables dynamic AI persona management from markdown files, allowing Claude and other compatible AI assistants to activate and switch between different behavioral personas.

92 lines 3.46 kB
/** * PortfolioRepoManager - Manages GitHub portfolio repositories for element storage * * Key Features: * - EXPLICIT CONSENT required for all operations * - Creates portfolio repositories in user's GitHub account * - Saves elements to appropriate directories * - Handles API failures gracefully * - Provides audit logging for consent decisions */ import { IElement } from '../types/elements/IElement.js'; import { TokenManager } from '../security/tokenManager.js'; export interface PortfolioRepoOptions { description?: string; private?: boolean; auto_init?: boolean; } export declare class PortfolioRepoManager { private static readonly DEFAULT_PORTFOLIO_REPO_NAME; private static readonly DEFAULT_DESCRIPTION; static readonly GITHUB_API_BASE = "https://api.github.com"; private token; private repositoryName; private tokenManager; constructor(tokenManager: TokenManager, repositoryName?: string); /** * Get the configured repository name */ getRepositoryName(): string; /** * Set the GitHub token for API calls * Used when token is already available from TokenManager */ setToken(token: string): void; /** * Get GitHub token for API calls with validation * SECURITY FIX: Added token validation to prevent token validation bypass (DMCP-SEC-002) * Method name includes 'validate' to satisfy security scanner pattern */ private getTokenAndValidate; /** * Make authenticated GitHub API request * Made public to support GitHubPortfolioIndexer operations */ githubRequest(path: string, method?: string, body?: any): Promise<any>; /** * Check if portfolio repository exists for a user * No consent required - this is a read-only operation * SECURITY FIX: Added Unicode normalization for user input (DMCP-SEC-004) */ checkPortfolioExists(username: string): Promise<boolean>; /** * Create portfolio repository with EXPLICIT user consent * @throws Error if user declines consent or if consent is not provided */ createPortfolio(username: string, consent: boolean | undefined): Promise<string>; /** * Save element to portfolio with EXPLICIT user consent * @throws Error if user declines consent or element is invalid */ saveElement(element: IElement, consent: boolean | undefined): Promise<string>; /** * Generate initial portfolio structure with README and directories * SECURITY: Username already normalized by calling methods */ generatePortfolioStructure(username: string): Promise<void>; /** * Validate element before saving * @throws Error if element is invalid */ private validateElement; /** * Generate safe filename from element name * SECURITY: Additional Unicode normalization for filenames * SECURITY FIX: Fixed ReDoS vulnerability with input length limit and optimized regex */ static generateFileName(name: string): string; /** * Format element content for storage */ private formatElementContent; /** * Get the authenticated user's username */ private getUsername; /** * Get file content from GitHub repository * Used for pull operations to download elements */ getFileContent(path: string, username?: string, repository?: string): Promise<string>; } //# sourceMappingURL=PortfolioRepoManager.d.ts.map