Skip to main content

Devlog Jan 1: Module System Foundation & TUI

· 5 min read
Eduardez
Eduardez
MoLOS Lead Developer

This week marked significant progress in implementing the module system foundation, including a new TUI for module management and comprehensive security improvements.

Major Accomplishments

Blessed-Based TUI for Module Management

We introduced a terminal-based user interface (TUI) built with the blessed library, providing a powerful tool for managing external modules directly from the command line.

Key Features:

  • Install modules from Git repositories
  • List installed and available modules
  • Manage module status (enable/disable)
  • View module information and dependencies

Implementation Details:

// TUI Module Management
import blessed from 'blessed';
import { ModuleManager } from '../modules/ModuleManager';

const screen = blessed.screen({
  smartCSR: true,
  title: 'MoLOS Module Manager'
});

const moduleList = blessed.list({
  parent: screen,
  label: 'Installed Modules',
  border: { type: 'line' },
  style: {
    fg: 'white',
    bg: 'blue',
    border: { fg: '#f0f0f0' }
  }
});

The TUI provides an intuitive interface for developers and power users who prefer terminal-based workflows. Check out commit 1746936 for the complete implementation.

Module System Refactoring

We performed a comprehensive refactoring of the module system to improve maintainability and extensibility:

Changes in 355969e:

  • Consolidated module management logic
  • Improved error handling for module operations
  • Better separation of concerns between core and module code
  • Enhanced module discovery mechanism
// New ModuleManager Structure
export class ModuleManager {
  private modules: Map<string, Module> = new Map();
  private db: PrismaClient;
  private config: MoLOSConfig;

  async installModule(gitUrl: string): Promise<Module> {
    // Clone repository
    // Validate module structure
    // Install dependencies
    // Register module in database
  }

  async loadModules(): Promise<void> {
    // Discover modules
    // Load module configurations
    // Initialize module APIs
  }
}

Security Enhancements

This week we focused heavily on security, implementing multiple layers of protection:

SQL Validation and Injection Prevention

Commit 4f938d9 added comprehensive SQL security validation:

// SQL Security Validator
export function validateSQL(query: string, allowedPrefixes: string[]): boolean {
  const normalizedQuery = query.trim().toLowerCase();
  
  // Check for dangerous keywords
  const dangerousKeywords = [
    'drop', 'truncate', 'delete', 'update', 'insert'
  ];
  
  for (const keyword of dangerousKeywords) {
    if (normalizedQuery.includes(keyword)) {
      throw new SecurityError(`Unauthorized SQL keyword: ${keyword}`);
    }
  }
  
  // Ensure query uses allowed module prefixes
  const prefixMatch = normalizedQuery.match(/from\s+(\w+)/i);
  if (prefixMatch) {
    const tableName = prefixMatch[1];
    if (!allowedPrefixes.some(prefix => tableName.startsWith(prefix))) {
      throw new SecurityError(`Unauthorized table access: ${tableName}`);
    }
  }
  
  return true;
}

Filesystem Security

Commit 1a26d87 enforced security on module installation and filesystem access:

// Filesystem Security Manager
export class FilesystemSecurityManager {
  private readonly allowedPaths: string[];
  
  constructor(allowedPaths: string[]) {
    this.allowedPaths = allowedPaths.map(p => path.resolve(p));
  }
  
  validatePath(filePath: string): boolean {
    const resolvedPath = path.resolve(filePath);
    
    for (const allowedPath of this.allowedPaths) {
      if (resolvedPath.startsWith(allowedPath)) {
        return true;
      }
    }
    
    throw new SecurityError(`Path access denied: ${filePath}`);
  }
  
  sanitizeFilename(filename: string): string {
    // Remove path traversal attempts
    const sanitized = filename.replace(/\.\./g, '').replace(/\//g, '');
    if (sanitized.length === 0) {
      throw new SecurityError('Invalid filename');
    }
    return sanitized;
  }
}

Auth Secret Handling

Commit a8713fd improved authentication secret handling with file-based loading:

// Auth Secret Manager
export class AuthSecretManager {
  private secret?: string;
  
  loadSecret(envVar: string, fileEnvVar?: string): string {
    // Try environment variable first
    if (process.env[envVar]) {
      this.secret = process.env[envVar];
      return this.secret;
    }
    
    // Try file-based secret
    if (fileEnvVar && process.env[fileEnvVar]) {
      const filePath = process.env[fileEnvVar];
      try {
        const secret = fs.readFileSync(filePath, 'utf-8').trim();
        this.secret = secret;
        return secret;
      } catch (error) {
        throw new Error(`Failed to read secret from file: ${filePath}`);
      }
    }
    
    throw new Error('Authentication secret not found');
  }
}

AI Tools Integration

We made significant progress on AI tools integration for modules:

Key Features:

  • Auto-discovery of AI tools from modules
  • Tools registration in the database
  • Dynamic tool loading and execution

Commit 37426f5: Completed AI implementation for modules with automatic tool discovery:

// AI Tools Auto-Discovery
export async function discoverAITools(module: Module): Promise<AITool[]> {
  const tools: AITool[] = [];
  
  // Scan module directory for AI tool definitions
  const toolFiles = await glob('**/*.{tool,ttool}.ts', {
    cwd: module.path
  });
  
  for (const toolFile of toolFiles) {
    const toolPath = path.join(module.path, toolFile);
    const toolDefinition = await loadToolDefinition(toolPath);
    tools.push(toolDefinition);
  }
  
  // Register tools in database
  await prisma.aITool.createMany({
    data: tools.map(tool => ({
      name: tool.name,
      description: tool.description,
      moduleId: module.id,
      config: tool.config
    }))
  });
  
  return tools;
}

Module Synchronization

Improved module synchronization with commit 828125c:

// Module Synchronization
export async function syncModules() {
  const installedModules = await prisma.module.findMany({
    where: { installed: true }
  });
  
  for (const module of installedModules) {
    const modulePath = getModulePath(module);
    
    // Check if module exists
    if (!fs.existsSync(modulePath)) {
      // Mark for deletion
      await prisma.module.update({
        where: { id: module.id },
        data: { delete: true }
      });
      continue;
    }
    
    // Check for updates
    const remoteVersion = await getLatestModuleVersion(module.gitUrl);
    if (remoteVersion !== module.version) {
      await updateModule(module, remoteVersion);
    }
  }
}

Bug Fixes

  • Fixed external module installation from Git repositories (f164119)
  • Resolved module sync marking freshly installed modules for deletion (828125c)
  • Fixed AI model loading and symlinking issues (2d77129)
  • Corrected path handling for external modules (34ab476)

Technical Debt

  • Removed diagnostic server.ts code (534180f)
  • Cleaned up scripts directory (e822f67)

What's Next

Next week we'll focus on:

  • Module System Refinement: Further improvements to module management
  • Error Handling: Comprehensive error API for modules
  • Module Error Endpoints: API endpoints for reporting module errors
  • External Module Installation: Enhanced installation from external sources

The foundation is solid, and we're building towards a robust, secure, and extensible module system. Stay tuned for more updates!

Related Commits:

  • 1746936 - Renewed TUI with blessed-based terminal UI
  • 4f938d9 - Database security improvements
  • 1a26d87 - Enforced security on module installation
  • a8713fd - Improved auth secret handling
  • 37426f5 - Finished AI implementation for modules
  • 355969e - Refactor module management