Nicolas Cantu
255acbaf97
Initial state: - claw-harness-proxy accepted absolute-form / scheme-relative request targets, allowing proxying to arbitrary hosts. - claw-harness-proxy forwarded client Authorization headers upstream. - @4nk/smart-ide-http-utils did not provide helpers for Node http.request-based proxies. - docs/repo/ia-dev-smart-ide-integration.md still documented the old IA_DEV_ROOT default resolution order. Motivation: - Ensure safe proxy behavior for every HTTP relay in the monorepo. - Keep the IA_DEV_ROOT contract consistent across code and docs. Resolution: - Extend @4nk/smart-ide-http-utils with copyOutgoingHeadersForProxy() for http.request. - Harden claw-harness-proxy: reject absolute URLs and '//' targets, validate safe proxy paths, avoid forwarding Authorization, and avoid leaking internal error details. - Align ia-dev-smart-ide-integration doc default order to ./services/ia_dev then ./ia_dev. Root cause: - Proxy implementation treated req.url as a URL to be resolved and allowed absolute inputs. - Cross-proxy utilities were only implemented for fetch-based proxies. Impacted features: - claw-harness-proxy HTTP forwarding. - shared HTTP utility package. - IA_DEV_ROOT documentation. Code modified: - packages/smart-ide-http-utils/src/* + dist/* - services/claw-harness-api/proxy/src/server.ts Documentation modified: - docs/repo/ia-dev-smart-ide-integration.md - CHANGELOG.md Configurations modified: - services/claw-harness-api/proxy/package.json Files in deploy modified: - None Files in logs impacted: - None Databases and other sources modified: - None Off-project modifications: - None Files in .smartIde modified: - None Files in .secrets modified: - None New patch version in VERSION: - 0.0.7 CHANGELOG.md updated: - yes
Documentation du dépôt (docs/repo/)
Toute la documentation opérationnelle qui vivait auparavant sous des README.md à la racine ou dans cron/, systemd/, projects/, logs/, services/*/, etc. est centralisée ici. Les fichiers README.md restants à ces emplacements ne font que renvoyer vers ces pages pour éviter les doublons.
Convention
- Canonique : fichiers sous
docs/(dontdocs/repo/,docs/features/,docs/API/). - Arbre de code :
README.mdcourts (souvent une ligne + lien) pour les outils qui ouvrent encore le dossier source. - Règles / agents IDE : répertoires
.smartIde/(voir smartide-config-directory.md). - Miroir doc Enso (docv) : l’arborescence volumineuse
services/docv/enso-docs/reste sur le disque sous ce chemin (copie depuis le dépôt enso) ; l’explication du flux de mise à jour est dans docv-enso-docs-mirror.md. Les fichiers enso-docs peuvent encore mentionner.cursor/(doc amont enso).
Index
| Document | Contenu |
|---|---|
| smartide-config-directory.md | Rôle de .smartIde/ (agents, règles, gateway) |
| smart-ide-overview.md | Vision produit, stack IA, monorepo, liens vers l’architecture |
| projects-directory.md | projects/<id>/conf.json, clones vs confs, active-project.json, cron |
| cron-git-pull.md | Pull planifié des clones, config.env, systemd user, alternative cron |
| systemd-units.md | Ollama, AnythingLLM, timer git-pull-project-clones |
| logs-directory.md | Fichiers journaux locaux, .gitignore, origine des logs |
| docv-services-directory.md | Répertoire services/docv/ : contrat d’intégration, chemins données |
| docv-enso-docs-mirror.md | Miroir enso-docs/, commande de resynchronisation |
| ia-dev-smart-ide-integration.md | Module ia_dev dans smart_ide, journaux, liens architecture |
| ia-dev-repository-overview.md | Dépôt ia_dev : agents, scripts deploy, usage standalone |
| ia-dev-project-conf-schema.md | Schéma projects/<id>/conf.json, résolution du projet, règles agents |
| ia-dev-deploy-lib.md | Bibliothèques partagées IA_DEV_ROOT/deploy/lib/ |
| ia-dev-shared-lib.md | IA_DEV_ROOT/lib/project_config.sh et résolution projet |
| Services HTTP (exploitation) | |
| service-repos-devtools.md | Clone / liste / load Git sous racine contrôlée |
| service-anythingllm-devtools.md | AnythingLLM + repos-devtools + RAG initial (HTTP) |
| service-local-office.md | API Office (docx, …) |
| service-smart-ide-orchestrator.md | Routeur d’intentions HTTP |
| service-ia-dev-gateway.md | Gateway ia_dev (agents, runs, SSE) |
| service-agent-regex-search.md | Recherche regex via ripgrep |
| service-claw-harness.md | claw-code, proxy local |
| service-langextract.md | Wrapper LangExtract |
| Scripts et extensions | |
| script-anythingllm-pull-sync.md | Hook post-merge → upload AnythingLLM |
| script-remote-data-ssh-sync.md | SSH pull deployed data → local mirror → optional AnythingLLM ingest |
| service-carbonyl.md | Carbonyl (navigateur terminal), sous-module amont |
| service-pageindex.md | PageIndex (index sémantique vectorless), sous-module amont |
| service-chandra.md | Chandra OCR, sous-module amont |
| service-smart-ide-tools-bridge.md | Pont HTTP IDE + outils sous-modules |
| service-smart-ide-global-api.md | API HTTP interne : proxy vers micro-services (Bearer partagé avec SSO) |
| service-smart-ide-sso-gateway.md | Passerelle OIDC utilisateur → API globale → micro-services |
| ../packages/smart-ide-upstreams/README.md | Paquet @4nk/smart-ide-upstreams : liste des clés et résolution des URL / jetons |
| ../packages/smart-ide-http-utils/README.md | Paquet @4nk/smart-ide-http-utils : helpers HTTP partagés (proxy, headers, safe path) |
| extension-anythingllm-workspaces.md | Extension AnythingLLM IDE (supprimée ; anythingllm-devtools) |
Les spécifications détaillées (contrats HTTP, sécurité, orchestration) restent dans ../API/README.md et ../features/.