dannystocker/re-voice
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
re-voice/site/red-team-shadow-dossiers/server/server.mjs

1666 lines
74 KiB
JavaScript
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

import crypto from "node:crypto";
import fs from "node:fs";
import path from "node:path";
import url from "node:url";
import { spawn } from "node:child_process";
import MarkdownIt from "markdown-it";
import express from "express";
import multer from "multer";
/*
Public, no-login receipt surface (IF.TRACE / T3)
------------------------------------------------
This server exposes Shadow Dossiers and their "receipt" artifacts via two parallel
representations:
- Raw (download-friendly): `*.md` (and tarballs elsewhere)
- HTML views: same path without the `.md` suffix
Rationale: some external review environments (including certain LLM "web fetchers")
reliably load `text/html` but may reject "downloadable" assets like `.md/.py/.tar.gz`.
Keeping both surfaces makes the governance/receipt premise reviewable by humans *and*
restricted sandboxes.
Deployment detail: the stable public aliases live under `/static/*` on the public
domain and are reverse-proxied here (see operator docs: `/root/docs/17-ifttt-public-receipt-surface.md`).
Naming (avoid drift):
- Public governance brand: IF.TRACE / T3
- Internal legacy implementation name: IF.TTT
*/
const __filename = url.fileURLToPath(import.meta.url);
const __dirname = path.dirname(__filename);
const projectRoot = path.resolve(__dirname, "..");
const distDir = path.join(projectRoot, "dist");
const indexHtmlPath = path.join(distDir, "index.html");
const privateUploadToken = process.env.PRIVATE_UPLOAD_TOKEN || "";
const privateUploadMaxBytes = Number(process.env.PRIVATE_UPLOAD_MAX_BYTES || 25 * 1024 * 1024);
const privateUploadStyle = process.env.PRIVATE_UPLOAD_STYLE || "if.dave.v1.2";
const privateUploadActionPack = String(process.env.PRIVATE_UPLOAD_ACTION_PACK || "")
.trim()
.toLowerCase();
const revoiceRepoRoot = path.resolve(projectRoot, "..", "..");
function normalizeBaseUrl(value) {
return String(value || "")
.trim()
.replace(/\/+$/g, "");
}
function uniqBaseUrls(values) {
const out = [];
const seen = new Set();
for (const v of values || []) {
const base = normalizeBaseUrl(v);
if (!base) continue;
if (seen.has(base)) continue;
seen.add(base);
out.push(base);
}
return out;
}
function staticMirrorBaseUrls(primaryBaseUrl, publicBaseUrl) {
const env = String(process.env.STATIC_MIRROR_PUBLIC_BASE_URLS || "").trim();
const defaults = ["https://git.infrafabric.io"];
const configured = env ? env.split(",") : defaults;
return uniqBaseUrls([primaryBaseUrl, ...configured, publicBaseUrl]);
}
function escapeHtml(value) {
return String(value || "")
.replaceAll("&", "&")
.replaceAll("<", "&lt;")
.replaceAll(">", "&gt;")
.replaceAll('"', "&quot;")
.replaceAll("'", "&#39;");
}
function ensureDir(dirPath) {
fs.mkdirSync(dirPath, { recursive: true });
}
const markdown = new MarkdownIt({
html: false,
linkify: true,
breaks: false,
});
const defaultFence = markdown.renderer.rules.fence;
markdown.renderer.rules.fence = (tokens, idx, options, env, self) => {
const token = tokens[idx];
const info = String(token.info || "")
.trim()
.split(/\s+/g)[0]
.toLowerCase();
if (info === "mermaid") {
return `<pre class="mermaid">${escapeHtml(token.content)}</pre>\n`;
}
if (typeof defaultFence === "function") return defaultFence(tokens, idx, options, env, self);
return self.renderToken(tokens, idx, options);
};
function renderMarkdownPage({ title, headerHtml, html, topLinksHtml }) {
return [
"<!doctype html>",
"<html><head>",
"<meta charset='utf-8'/>",
"<meta name='viewport' content='width=device-width, initial-scale=1'/>",
"<meta name='robots' content='noindex,nofollow'/>",
`<title>${escapeHtml(title || "Shadow Dossier")}</title>`,
"<style>",
"body{font-family:system-ui,-apple-system,Segoe UI,Roboto,Arial,sans-serif;max-width:980px;margin:40px auto;padding:0 18px;line-height:1.55;color:#111}",
"a{color:#0b5fff;text-decoration:none}a:hover{text-decoration:underline}",
"h1,h2,h3{line-height:1.2;margin-top:1.6em}h1{margin-top:0}",
"pre,code{font-family:ui-monospace,SFMono-Regular,Menlo,Monaco,Consolas,monospace}",
"pre{background:#f7f7f7;border:1px solid #eee;border-radius:10px;padding:12px;overflow:auto}",
"code{background:#f7f7f7;border-radius:6px;padding:2px 5px}",
"blockquote{border-left:4px solid #ddd;margin:16px 0;padding:2px 14px;color:#444}",
"table{border-collapse:collapse;width:100%;margin:14px 0}",
"th,td{border:1px solid #ddd;padding:8px;vertical-align:top}",
".page-header{margin:0 0 18px 0}",
".topbar{display:flex;gap:14px;flex-wrap:wrap;margin:0 0 18px 0;font-size:14px}",
".topbar code{padding:2px 6px}",
".badge{display:inline-flex;align-items:center;gap:8px;padding:6px 10px;border-radius:999px;border:1px solid transparent;font-weight:700;letter-spacing:.02em}",
".badge small{font-weight:600;opacity:.85}",
".badge.ok{background:#e6f4ea;border-color:#b7dfc1;color:#137333}",
".badge.warn{background:#fff7e0;border-color:#ffe0a3;color:#8b5a00}",
".badge.fail{background:#fce8e6;border-color:#f6b8b6;color:#a50e0e}",
".trace-header{display:flex;flex-direction:column;gap:10px;margin:0 0 18px 0;padding:14px 14px;border:1px solid #eee;border-radius:14px;background:#fff}",
".trace-header-title{display:flex;align-items:center;gap:12px;flex-wrap:wrap}",
".trace-header-title h1{margin:0;font-size:24px}",
".trace-meta{display:flex;flex-wrap:wrap;gap:10px;font-size:14px;color:#333}",
".trace-meta code{padding:2px 6px}",
".trace-checks{margin:0;padding-left:18px;color:#333;font-size:14px}",
".trace-checks li{margin:2px 0}",
"</style>",
"</head><body>",
headerHtml ? `<header class="page-header">${headerHtml}</header>` : "",
topLinksHtml ? `<div class="topbar">${topLinksHtml}</div>` : "",
`<main class="markdown-body">${html}</main>`,
"<script type='module'>",
'import mermaid from "https://cdn.jsdelivr.net/npm/mermaid@10/dist/mermaid.esm.min.mjs";',
"mermaid.initialize({ startOnLoad: true, securityLevel: 'strict' });",
"</script>",
"</body></html>",
].join("");
}
function renderVerificationBadgeHtml(verification) {
const status = String(verification?.status || "").toLowerCase();
const label = String(verification?.label || "").trim();
const detail = String(verification?.detail || "").trim();
if (!status) return "";
const cls = status === "verified" ? "ok" : status === "warning" ? "warn" : "fail";
const safeLabel = escapeHtml(label || status.toUpperCase());
const safeDetail = escapeHtml(detail);
return `<span class="badge ${cls}">${safeLabel}${safeDetail ? ` <small>${safeDetail}</small>` : ""}</span>`;
}
function renderTraceHeaderHtml({ verification, job }) {
const badge = renderVerificationBadgeHtml(verification);
const createdAt = job?.createdAt ? String(job.createdAt) : "";
const traceId = String(job?.id || "");
const style = String(job?.style || "");
const ttt = job?._ttt_trace_receipt || null;
const checks = verification?.checks || {};
const outputOk = checks.outputOk === true;
const sourceOk = checks.sourceOk;
const warningsPresent = checks.warningsPresent === true;
const outputLabel = outputOk ? "PASS" : "FAIL";
const sourceLabel = sourceOk === true ? "PASS" : sourceOk === false ? "FAIL" : "UNKNOWN";
const quantumReady = Boolean(ttt && ttt.quantum_ready === true);
const pqAlgo = ttt && ttt.pq_algo ? String(ttt.pq_algo) : "";
const pqStatus = ttt && ttt.pq_status ? String(ttt.pq_status) : "";
const pqLabel = quantumReady ? `READY${pqAlgo ? ` (${pqAlgo})` : ""}` : ttt ? "ABSENT" : "UNKNOWN";
const safeCreatedAt = createdAt ? escapeHtml(createdAt) : "";
const safeTraceId = traceId ? escapeHtml(traceId) : "";
const safeStyle = style ? escapeHtml(style) : "";
const metaParts = [
safeCreatedAt ? `<span>Generated (UTC): <code>${safeCreatedAt}</code></span>` : "",
safeTraceId ? `<span>Trace ID: <code>${safeTraceId}</code></span>` : "",
safeStyle ? `<span>Style: <code>${safeStyle}</code></span>` : "",
].filter(Boolean);
return [
`<div class="trace-header">`,
` <div class="trace-header-title">${badge}<h1>IF.TRACE receipt (T3)</h1></div>`,
metaParts.length ? ` <div class="trace-meta">${metaParts.join(" · ")}</div>` : "",
` <ul class="trace-checks">`,
` <li>Output hash check: <strong>${escapeHtml(outputLabel)}</strong></li>`,
` <li>Source hash check: <strong>${escapeHtml(sourceLabel)}</strong></li>`,
` <li>Quantum-ready receipt: <strong>${escapeHtml(pqLabel)}</strong>${pqStatus ? ` <small>(${escapeHtml(pqStatus)})</small>` : ""}</li>`,
` <li>Quality warnings: <strong>${warningsPresent ? "present" : "none recorded"}</strong></li>`,
` </ul>`,
`</div>`,
]
.filter(Boolean)
.join("");
}
async function computeVerificationStatus({ job, projectRoot, outputsDir, uploadsDir }) {
const expectedOutput = String(job?.outputSha256 || "").trim();
const expectedSource = String(job?.sourceSha256 || "").trim();
const warningsPresent = Boolean(job?.warnings && String(job.warnings).trim());
const status = String(job?.status || "").trim();
const outputPathRel = String(job?.outputPath || "").trim();
const outputAbs = outputPathRel ? path.resolve(projectRoot, outputPathRel) : "";
let outputOk = false;
if (expectedOutput && outputAbs && outputAbs.startsWith(outputsDir + path.sep) && fs.existsSync(outputAbs)) {
try {
const actual = await sha256File(outputAbs);
outputOk = actual === expectedOutput;
} catch {
outputOk = false;
}
}
const sourcePathRel = String(job?.sourcePath || "").trim();
const sourceAbs = sourcePathRel ? path.resolve(projectRoot, sourcePathRel) : "";
let sourceOk = false;
let sourceCheckKnown = false;
if (expectedSource && sourceAbs && sourceAbs.startsWith(uploadsDir + path.sep) && fs.existsSync(sourceAbs)) {
sourceCheckKnown = true;
try {
const actual = await sha256File(sourceAbs);
sourceOk = actual === expectedSource;
} catch {
sourceOk = false;
}
} else if (expectedSource) {
sourceCheckKnown = false;
}
if (!outputOk) {
return {
status: "fail",
label: "FAIL",
detail: "hash mismatch",
checks: { outputOk, sourceOk: sourceCheckKnown ? sourceOk : null, warningsPresent, jobStatus: status },
};
}
if (sourceCheckKnown && !sourceOk) {
return {
status: "fail",
label: "FAIL",
detail: "source mismatch",
checks: { outputOk, sourceOk, warningsPresent, jobStatus: status },
};
}
if (warningsPresent || status === "done_with_warnings" || !sourceCheckKnown) {
const detail = warningsPresent ? "warnings" : !sourceCheckKnown ? "source not locally verifiable" : "check details";
return {
status: "warning",
label: "WARNING",
detail,
checks: { outputOk, sourceOk: sourceCheckKnown ? sourceOk : null, warningsPresent, jobStatus: status },
};
}
return {
status: "verified",
label: "VERIFIED",
detail: "all checks passed",
checks: { outputOk, sourceOk, warningsPresent, jobStatus: status },
};
}
function renderTraceMarkdown({ shareId, job, publicBaseUrl, staticPublicBaseUrl }) {
const primaryBase = normalizeBaseUrl(staticPublicBaseUrl || publicBaseUrl);
const bases = staticMirrorBaseUrls(primaryBase, publicBaseUrl);
const mirrorBase = bases.find((b) => b !== primaryBase) || "";
const createdAt = job?.createdAt ? String(job.createdAt) : "";
const status = job?.status ? String(job.status) : "";
const warningsPresent = Boolean(job?.warnings && String(job.warnings).trim());
const ttt = job?._ttt_trace_receipt || job?.tttTraceReceipt || null;
const tttId = ttt && ttt.id ? String(ttt.id) : "";
const tttHash = ttt && ttt.content_hash ? String(ttt.content_hash) : "";
const pqReady = Boolean(ttt && ttt.quantum_ready === true);
const pqAlgo = ttt && ttt.pq_algo ? String(ttt.pq_algo) : "";
const pqStatus = ttt && ttt.pq_status ? String(ttt.pq_status) : "";
const traceId = String(job?.id || "").trim();
const tracePrefixRaw = traceId ? traceId.split("-")[0] : "";
const tracePrefix = /^[0-9a-f]{8}$/i.test(tracePrefixRaw) ? tracePrefixRaw.toLowerCase() : "";
const triageSelectorUrl = tracePrefix
? `${primaryBase}/static/hosted/review/trace-bundles/${encodeURIComponent(tracePrefix)}/index.html`
: "";
const triageSelectorUrlRaw = tracePrefix
? `${primaryBase}/static/hosted/review/trace-bundles/${encodeURIComponent(tracePrefix)}/index.md`
: "";
const dossierUrl = `${primaryBase}/static/dossier/${encodeURIComponent(shareId)}`;
const traceUrl = `${primaryBase}/static/trace/${encodeURIComponent(shareId)}`;
const downloadUrl = `${primaryBase}/static/dossier/${encodeURIComponent(shareId)}/download`;
const packUrl = `${primaryBase}/static/pack/${encodeURIComponent(shareId)}.md`;
const packHtmlUrl = `${primaryBase}/static/pack/${encodeURIComponent(shareId)}`;
const reviewHtmlUrl = `${primaryBase}/static/review/${encodeURIComponent(shareId)}`;
const marketingHtmlUrl = `${primaryBase}/static/marketing/${encodeURIComponent(shareId)}`;
const sourceUrl = job?.sourceSha256
? `${primaryBase}/static/source/${job.sourceSha256}${path.extname(job.sourcePath || "").toLowerCase()}`
: "";
const directBase = primaryBase; // Caddy exposes /r/* on infrafabric.io and git.infrafabric.io too.
const directDossierUrl = `${directBase}/r/${encodeURIComponent(shareId)}`;
const directTraceUrl = `${directBase}/r/${encodeURIComponent(shareId)}/trace`;
const directDownloadUrl = `${directBase}/r/${encodeURIComponent(shareId)}/download`;
const directPackUrl = `${directBase}/r/${encodeURIComponent(shareId)}/pack.md`;
const directPackHtmlUrl = `${directBase}/r/${encodeURIComponent(shareId)}/pack`;
const directReviewHtmlUrl = `${directBase}/r/${encodeURIComponent(shareId)}/review-pack`;
const directMarketingHtmlUrl = `${directBase}/r/${encodeURIComponent(shareId)}/marketing`;
const lastResortBase = normalizeBaseUrl(publicBaseUrl);
const lastResortDossierUrl = lastResortBase ? `${lastResortBase}/r/${encodeURIComponent(shareId)}` : "";
const lastResortTraceUrl = lastResortBase ? `${lastResortBase}/r/${encodeURIComponent(shareId)}/trace` : "";
const lastResortDownloadUrl = lastResortBase ? `${lastResortBase}/r/${encodeURIComponent(shareId)}/download` : "";
const lines = [
"## IF.TRACE receipt (public evidence view)",
"",
"IF.TRACE (T3: Traceable, Transparent, Trustworthy) is InfraFabrics chain-of-custody protocol: it binds the **source fingerprint** to the **generated output fingerprint**, so a skeptical reader can verify what was produced and from which input, without needing access to internal systems.",
"This page is intentionally scoped to **one dossier only** (no index, no directory listing).",
"",
"## What this trace proves",
"",
"- You can independently verify the downloaded dossier Markdown by hashing it and comparing to `Output sha256` below.",
"- You can independently verify the hosted source file (if present) by hashing it and comparing to `Source sha256` below.",
"- This page binds those two fingerprints together as a single public evidence record.",
pqReady
? `- This trace also has a **Quantum-ready** signed receipt record (${pqAlgo || "PQ"}; ${pqStatus || "hybrid"}).`
: "- This trace does not claim any post-quantum proof unless the header says QUANTUM READY.",
"",
"## What this trace does not prove",
"",
"- It does not validate the truth of the sources claims.",
"- It does not attest to correctness of any commentary or recommendations in the dossier.",
"- It does not expose internal prompts, intermediate steps, or private systems.",
"",
"## Links",
"",
`- Dossier (rendered): ${dossierUrl}`,
`- Dossier (download Markdown): ${downloadUrl}`,
`- Single-file pack (review + dossier + trace): ${packUrl}`,
`- Pack (HTML view; for restrictive sandboxes): ${packHtmlUrl}`,
`- Review pack (HTML view; links-only): ${reviewHtmlUrl}`,
`- Marketing excerpt (HTML view): ${marketingHtmlUrl}`,
triageSelectorUrl ? `- Offline bundles (triage selector): ${triageSelectorUrl}` : null,
triageSelectorUrlRaw ? `- Offline bundles (raw Markdown): ${triageSelectorUrlRaw}` : null,
sourceUrl ? `- Source (PDF): ${sourceUrl}` : null,
`- This trace page: ${traceUrl}`,
mirrorBase ? "" : null,
mirrorBase ? "## Mirror host (same paths)" : null,
mirrorBase ? "" : null,
mirrorBase ? `- Dossier: ${mirrorBase}/static/dossier/${encodeURIComponent(shareId)}` : null,
mirrorBase ? `- Pack: ${mirrorBase}/static/pack/${encodeURIComponent(shareId)}.md` : null,
mirrorBase ? `- Pack (HTML view): ${mirrorBase}/static/pack/${encodeURIComponent(shareId)}` : null,
mirrorBase ? `- Trace: ${mirrorBase}/static/trace/${encodeURIComponent(shareId)}` : null,
mirrorBase && sourceUrl ? `- Source: ${mirrorBase}/static/source/${job.sourceSha256}${path.extname(job.sourcePath || "").toLowerCase()}` : null,
"",
"## Fallback links (direct)",
"",
`- Dossier: ${directDossierUrl}`,
`- Download: ${directDownloadUrl}`,
`- Pack: ${directPackUrl}`,
`- Pack (HTML view): ${directPackHtmlUrl}`,
`- Review pack (HTML view): ${directReviewHtmlUrl}`,
`- Marketing excerpt (HTML view): ${directMarketingHtmlUrl}`,
`- Trace: ${directTraceUrl}`,
lastResortBase && lastResortBase !== directBase ? "" : null,
lastResortBase && lastResortBase !== directBase ? "## Last resort (alternate host)" : null,
lastResortBase && lastResortBase !== directBase ? "" : null,
lastResortBase && lastResortBase !== directBase ? `- Dossier: ${lastResortDossierUrl}` : null,
lastResortBase && lastResortBase !== directBase ? `- Download: ${lastResortDownloadUrl}` : null,
lastResortBase && lastResortBase !== directBase ? `- Trace: ${lastResortTraceUrl}` : null,
"",
"## Generation context",
"",
createdAt ? `- Generated at (UTC): \`${createdAt}\`` : null,
status ? `- Status: \`${status}\`` : null,
`- Quality warnings: ${warningsPresent ? "present (see pack trace JSON)" : "none recorded"}`,
"",
"## Verifiability",
"",
`- Trace ID: \`${job.id || ""}\``,
`- Dossier: \`${job.originalFilename || ""}\``,
`- Output sha256: \`${job.outputSha256 || ""}\``,
`- Source sha256: \`${job.sourceSha256 || ""}\``,
`- Style: \`${job.style || ""}\``,
`- Source bytes: \`${String(job.sourceBytes ?? "")}\``,
tttId ? `- Signed trace receipt ID: \`${tttId}\`` : null,
tttHash ? `- Signed trace receipt hash: \`${tttHash}\`` : null,
pqStatus ? `- PQ status: \`${pqStatus}\`` : null,
"",
"## How to verify (locally)",
"",
"1) Download the dossier Markdown.",
"2) Compute its hash and compare to `Output sha256` above:",
"",
"```bash",
"sha256sum <downloaded-file>.md",
"```",
"",
sourceUrl ? "3) Optionally, download the source and verify its hash matches `Source sha256` above:" : null,
sourceUrl ? "" : null,
sourceUrl
? "```bash\nsha256sum <downloaded-source>\n```"
: null,
];
return lines.filter(Boolean).join("\n");
}
function renderReviewPackMarkdown({ shareId, job, publicBaseUrl, externalReviewUrl, staticSourceUrl, staticPublicBaseUrl }) {
const primaryBase = normalizeBaseUrl(staticPublicBaseUrl || publicBaseUrl);
const bases = staticMirrorBaseUrls(primaryBase, publicBaseUrl);
const mirrorBase = bases.find((b) => b !== primaryBase) || "";
const dossierUrl = `${primaryBase}/static/dossier/${encodeURIComponent(shareId)}`;
const traceUrl = `${primaryBase}/static/trace/${encodeURIComponent(shareId)}`;
const downloadUrl = `${primaryBase}/static/dossier/${encodeURIComponent(shareId)}/download`;
const packUrl = `${primaryBase}/static/pack/${encodeURIComponent(shareId)}.md`;
const directBase = primaryBase; // Caddy exposes /r/* on infrafabric.io and git.infrafabric.io too.
const directDossierUrl = `${directBase}/r/${encodeURIComponent(shareId)}`;
const directTraceUrl = `${directBase}/r/${encodeURIComponent(shareId)}/trace`;
const directDownloadUrl = `${directBase}/r/${encodeURIComponent(shareId)}/download`;
const directPackUrl = `${directBase}/r/${encodeURIComponent(shareId)}/pack.md`;
const lastResortBase = normalizeBaseUrl(publicBaseUrl);
const lastResortDossierUrl = lastResortBase ? `${lastResortBase}/r/${encodeURIComponent(shareId)}` : "";
const lastResortTraceUrl = lastResortBase ? `${lastResortBase}/r/${encodeURIComponent(shareId)}/trace` : "";
const lastResortDownloadUrl = lastResortBase ? `${lastResortBase}/r/${encodeURIComponent(shareId)}/download` : "";
const lastResortPackUrl = lastResortBase ? `${lastResortBase}/r/${encodeURIComponent(shareId)}/pack.md` : "";
const lines = [
"# InfraFabric External Review Pack — Shadow Dossier + IF.TRACE receipt",
"",
"Please review the dossier and the trace receipt page. Provide constructive criticism and patch-style suggestions.",
"",
"## Assets",
"",
`- Dossier (rendered): ${dossierUrl}`,
`- Dossier (download Markdown): ${downloadUrl}`,
`- Single-file pack (review + dossier + trace): ${packUrl}`,
staticSourceUrl ? `- Source (download): ${staticSourceUrl}` : null,
`- IF.TRACE receipt page: ${traceUrl}`,
externalReviewUrl ? `- Feedback intake (login): ${externalReviewUrl}` : null,
mirrorBase ? "" : null,
mirrorBase ? "## Alternate host mirror (same paths)" : null,
mirrorBase ? "" : null,
mirrorBase ? `- Dossier (rendered): ${mirrorBase}/static/dossier/${encodeURIComponent(shareId)}` : null,
mirrorBase ? `- Dossier (download Markdown): ${mirrorBase}/static/dossier/${encodeURIComponent(shareId)}/download` : null,
mirrorBase ? `- Single-file pack: ${mirrorBase}/static/pack/${encodeURIComponent(shareId)}.md` : null,
mirrorBase ? `- IF.TRACE receipt page: ${mirrorBase}/static/trace/${encodeURIComponent(shareId)}` : null,
"",
"## Fallback links (direct)",
"",
"- These may be blocked by some scanners/LLM sandboxes; use only if the `infrafabric.io/static/*` links fail.",
"",
`- Dossier (rendered): ${directDossierUrl}`,
`- Dossier (download Markdown): ${directDownloadUrl}`,
`- Single-file pack (review + dossier + trace): ${directPackUrl}`,
`- IF.TRACE receipt page: ${directTraceUrl}`,
lastResortBase && lastResortBase !== directBase ? "" : null,
lastResortBase && lastResortBase !== directBase ? "## Last resort (alternate host)" : null,
lastResortBase && lastResortBase !== directBase ? "" : null,
lastResortBase && lastResortBase !== directBase ? `- Dossier (rendered): ${lastResortDossierUrl}` : null,
lastResortBase && lastResortBase !== directBase ? `- Dossier (download): ${lastResortDownloadUrl}` : null,
lastResortBase && lastResortBase !== directBase ? `- Pack: ${lastResortPackUrl}` : null,
lastResortBase && lastResortBase !== directBase ? `- Trace: ${lastResortTraceUrl}` : null,
"",
"## Response metadata (required)",
"",
"- `llm_name`: provider + model name/version (exact string)",
"- `probable_model`: if `llm_name` is ambiguous, your best guess",
"- `cutoff_date`: training data cutoff (YYYY-MM, or “unknown”)",
"- `response_date_utc`: current date/time in UTC",
"- `web_access_used`: `yes`/`no` (if yes, list URLs relied on)",
"",
"## Executive read (fast)",
"",
"- 510 bullets: what works / what doesnt",
"- 3 bullets: who this will land with vs who will reject it",
"",
"## Scorecard (05 each)",
"",
"- Mirror integrity (section order, headings, high-signal numbers/dates, lists/tables)",
"- Layout fidelity (does it “feel” like the source?)",
"- Humor discipline (sharp without being template-y)",
"- Mermaid value (valid syntax; clarifies, not decorates)",
"- IF.TRACE demo value (understandable + credible + worth clicking)",
"- Call-to-action stealth (curious about governance stack without feeling spammed)",
"",
"## Patch suggestions (actionable)",
"",
"Provide 515 patch suggestions. Use this format per item:",
"",
"- `target`: dossier / trace page / “generator rules” / site UX",
"- `problem`: 1 sentence",
"- `change`: proposed text or behavior (copy/pasteable if possible)",
"- `why`: 1 sentence",
"- `priority`: P0 / P1 / P2",
"- `confidence`: high / medium / low",
"",
"## Plan iteration (debug our plan)",
"",
"Propose a revised 58 step plan for improving the system. Prioritize steps that:",
"",
"- reduce repeatable/template patterns",
"- strengthen mirror fidelity (numbers/tables/caveats)",
"- make Mermaid + output correct-by-construction",
"- make IF.TRACE feel like real chain-of-custody (not just “we printed a hash”)",
"",
"## Fact checking guidance (important)",
"",
"Default posture: dont assume stats are true.",
"",
"- If you did not verify a number externally, refer to it as “the source claims …”",
"- If you did verify, cite URLs and state confirmed/disputed/unclear",
"- If a stat cannot be confirmed, recommend either: keep it attributed (“source claims”) or remove it from commentary",
"",
"## Notes",
"",
`- Dossier ID: \`${job.id || ""}\``,
`- Style: \`${job.style || ""}\``,
]
.filter((line) => line !== null)
.join("\n");
return lines;
}
function renderSingleFilePackMarkdown({ shareId, job, publicBaseUrl, externalReviewUrl, staticSourceUrl, staticPublicBaseUrl, dossierMarkdown }) {
const primaryBase = normalizeBaseUrl(staticPublicBaseUrl || publicBaseUrl);
const bases = staticMirrorBaseUrls(primaryBase, publicBaseUrl);
const mirrorBase = bases.find((b) => b !== primaryBase) || "";
const dossierUrl = `${primaryBase}/static/dossier/${encodeURIComponent(shareId)}`;
const traceUrl = `${primaryBase}/static/trace/${encodeURIComponent(shareId)}`;
const downloadUrl = `${primaryBase}/static/dossier/${encodeURIComponent(shareId)}/download`;
const reviewUrl = `${primaryBase}/static/review/${encodeURIComponent(shareId)}.md`;
const packUrl = `${primaryBase}/static/pack/${encodeURIComponent(shareId)}.md`;
const jobSlim = {
id: job?.id || "",
status: job?.status || "",
createdAt: job?.createdAt || "",
originalFilename: job?.originalFilename || "",
style: job?.style || "",
sourceSha256: job?.sourceSha256 || "",
outputSha256: job?.outputSha256 || "",
warnings: job?.warnings || "",
};
const lines = [
"# InfraFabric External Review Pack — Single File",
"",
"This is a single-file bundle intended for review environments that cannot reliably fetch multiple URLs.",
"",
"## Links",
"",
`- Pack (this file): ${packUrl}`,
`- Review pack (links only): ${reviewUrl}`,
`- Dossier (rendered): ${dossierUrl}`,
`- Dossier (download Markdown): ${downloadUrl}`,
`- IF.TRACE receipt page: ${traceUrl}`,
staticSourceUrl ? `- Source (download): ${staticSourceUrl}` : null,
externalReviewUrl ? `- Feedback intake (login): ${externalReviewUrl}` : null,
mirrorBase ? "" : null,
mirrorBase ? "## Alternate host mirror (same paths)" : null,
mirrorBase ? "" : null,
mirrorBase ? `- Pack (this file): ${mirrorBase}/static/pack/${encodeURIComponent(shareId)}.md` : null,
mirrorBase ? `- Review pack: ${mirrorBase}/static/review/${encodeURIComponent(shareId)}.md` : null,
mirrorBase ? `- Dossier: ${mirrorBase}/static/dossier/${encodeURIComponent(shareId)}` : null,
mirrorBase ? `- Trace: ${mirrorBase}/static/trace/${encodeURIComponent(shareId)}` : null,
"",
"## Review instructions (portable)",
"",
"Hard rules:",
"1) 100% factual: every non-trivial claim must be tagged [SOURCE]/[DOSSIER]/[TRACE]/[INFERENCE]. If unverified, say “unverified” and stop.",
"2) Vendor-neutral: critique deployment conditions + org behaviors, not vendor intent/competence.",
"3) Mirror discipline: follow the dossiers section order; do not invent a new structure.",
"",
"Deliverables:",
"A) 510 bullets: what works / what doesnt (tag each)",
"B) Scorecard (05): mirror integrity, layout fidelity, humor discipline, mermaid value, IF.TRACE demo value, CTA stealth",
"C) Section-by-section critique (mirror headings): whats mirrored, whats missing, what feels templated/repeated",
"D) Vendor-safe conclusion rewrite: success conditions / traps / questions-to-ask-vendor",
"E) Unified diff patches against the current Dave bible (e.g., `IF_DAVE_BIBLE_v2.0.md`) and generator rules",
"",
"## IF.TRACE receipt (portable extract)",
"",
"```json",
JSON.stringify(jobSlim, null, 2),
"```",
"",
"## Shadow dossier (Markdown)",
"",
"```markdown",
String(dossierMarkdown || "").trim(),
"```",
"",
];
return lines.filter((line) => line !== null && line !== undefined).join("\n");
}
function extractSection(markdownText, sectionMatcher) {
const text = String(markdownText || "");
if (!text.trim()) return "";
const lines = text.split("\n");
const headingRe = /^##\s+/;
let start = -1;
for (let i = 0; i < lines.length; i++) {
if (!headingRe.test(lines[i])) continue;
const title = lines[i].replace(/^##\s+/, "").trim();
if (sectionMatcher && sectionMatcher.test(title)) {
start = i;
break;
}
}
if (start === -1) return "";
let end = lines.length;
for (let i = start + 1; i < lines.length; i++) {
if (headingRe.test(lines[i])) {
end = i;
break;
}
}
return lines.slice(start, end).join("\n").trim();
}
function extractFirstMermaid(markdownText) {
const text = String(markdownText || "");
const m = text.match(/```mermaid\s+([\s\S]*?)```/m);
return m ? String(m[1] || "").trim() : "";
}
function extractHeroMermaid(dossierMarkdown) {
// Prefer the section that usually produces the most "hero" marketing loop for this dossier: audits.
const sec02 = extractSection(dossierMarkdown, /^02\b/);
const sec02Diagram = extractFirstMermaid(sec02);
if (sec02Diagram) return { label: "Audit theater loop", diagram: sec02Diagram };
const any = extractFirstMermaid(dossierMarkdown);
if (any) return { label: "Incentive loop (inferred)", diagram: any };
return { label: "", diagram: "" };
}
function renderMarketingPackMarkdown({ shareId, job, publicBaseUrl, staticPublicBaseUrl, staticSourceUrl, dossierMarkdown }) {
const primaryBase = normalizeBaseUrl(staticPublicBaseUrl || publicBaseUrl);
const bases = staticMirrorBaseUrls(primaryBase, publicBaseUrl);
const mirrorBase = bases.find((b) => b !== primaryBase) || "";
const marketingUrl = `${primaryBase}/static/marketing/${encodeURIComponent(shareId)}.md`;
const dossierUrl = `${primaryBase}/static/dossier/${encodeURIComponent(shareId)}`;
const traceUrl = `${primaryBase}/static/trace/${encodeURIComponent(shareId)}`;
const packUrl = `${primaryBase}/static/pack/${encodeURIComponent(shareId)}.md`;
const hero = extractHeroMermaid(dossierMarkdown);
const lines = [
"# InfraFabric Red Team — Marketing-safe excerpt",
"",
"This is a **marketing-safe surface** for sharing a Shadow Dossier without rewriting it into “features”.",
"",
"## One sentence (blessed)",
"",
"> InfraFabric shows why AI controls fail in practice and what must be true for them to hold.",
"",
"## Hero asset (blessed)",
"",
hero.diagram ? `### ${hero.label}` : "### (No diagram available)",
"",
hero.diagram ? "```mermaid" : null,
hero.diagram ? hero.diagram : null,
hero.diagram ? "```" : null,
"",
"## Allowed pulls (blessed)",
"",
"- Section titles",
"- “Dave Factor” blocks (verbatim)",
"- Mermaid diagrams (unchanged)",
"- Red Team Conclusion questions (verbatim)",
"",
"## Forbidden moves (do not do this)",
"",
"- Rewriting countermeasures as product capabilities",
"- Adding adjectives that imply guarantees (\"proven\", \"complete\", \"bulletproof\")",
"- Removing the “problem isnt X” framing (its the vendor-safe contract)",
"- Inventing stats, timelines, or customer claims",
"",
"## CTAs (safe buttons)",
"",
"- Run this against your own rollout",
"- See the trace behind this critique",
"- Ask these questions internally",
"",
"## Links",
"",
`- Marketing excerpt (this file): ${marketingUrl}`,
`- Full dossier (rendered): ${dossierUrl}`,
`- Single-file pack (review + dossier + trace): ${packUrl}`,
`- IF.TRACE receipt: ${traceUrl}`,
staticSourceUrl ? `- Source (PDF): ${staticSourceUrl}` : null,
mirrorBase ? "" : null,
mirrorBase ? "## Mirror host (same paths)" : null,
mirrorBase ? "" : null,
mirrorBase ? `- Marketing excerpt: ${mirrorBase}/static/marketing/${encodeURIComponent(shareId)}.md` : null,
mirrorBase ? `- Full dossier: ${mirrorBase}/static/dossier/${encodeURIComponent(shareId)}` : null,
mirrorBase ? `- Pack: ${mirrorBase}/static/pack/${encodeURIComponent(shareId)}.md` : null,
mirrorBase ? `- Trace: ${mirrorBase}/static/trace/${encodeURIComponent(shareId)}` : null,
].filter((l) => l !== null);
return lines.join("\n");
}
function ensureStaticSourceFile({ job, uploadsDir, staticSourceDir, projectRoot }) {
if (!job?.sourcePath) return null;
if (!job?.sourceSha256) return null;
const ext = path.extname(String(job.sourcePath || "")).slice(0, 12).toLowerCase() || ".bin";
const fileName = `${job.sourceSha256}${ext}`;
const destAbs = path.join(staticSourceDir, fileName);
if (fs.existsSync(destAbs)) return { fileName, destAbs, urlPath: `/static/source/${fileName}` };
const srcAbs = path.resolve(projectRoot, job.sourcePath);
if (!srcAbs.startsWith(uploadsDir + path.sep)) return null;
if (!fs.existsSync(srcAbs)) return null;
ensureDir(staticSourceDir);
fs.copyFileSync(srcAbs, destAbs);
return { fileName, destAbs, urlPath: `/static/source/${fileName}` };
}
function buildExternalReviewUrl(baseUrl, sheetId) {
const base = String(baseUrl || "").trim();
const id = String(sheetId || "").trim();
if (!base || !id) return "";
try {
const u = new URL(base);
u.searchParams.set("sheet", id);
return u.toString();
} catch {
return base.includes("?") ? `${base}&sheet=${encodeURIComponent(id)}` : `${base}?sheet=${encodeURIComponent(id)}`;
}
}
function publicBaseFromRequest(req, fallbackHost) {
const host = req.get("host") || fallbackHost || "red-team.infrafabric.io";
const protocol = req.protocol || "https";
return `${protocol}://${host}`.replace(/\/+$/g, "");
}
function staticPublicBaseUrlForRequest(req, fallbackPublicBaseUrl) {
const explicit = String(process.env.STATIC_SOURCE_PUBLIC_BASE_URL || "").trim();
if (explicit) return explicit.replace(/\/+$/g, "");
return publicBaseFromRequest(req, fallbackPublicBaseUrl);
}
function tttRegistryBaseUrl() {
const explicit = String(process.env.TTT_REGISTRY_BASE_URL || "").trim();
return explicit ? explicit.replace(/\/+$/g, "") : "";
}
function tttRegistryApiToken() {
return String(process.env.TTT_API_TOKEN || "").trim();
}
async function fetchJson(url, { method = "GET", headers, body, timeoutMs = 4500 } = {}) {
const controller = new AbortController();
const t = setTimeout(() => controller.abort(), timeoutMs);
try {
const resp = await fetch(url, { method, headers, body, signal: controller.signal });
const text = await resp.text();
let data = null;
try {
data = JSON.parse(text);
} catch {
data = { raw: text };
}
return { ok: resp.ok, status: resp.status, data };
} finally {
clearTimeout(t);
}
}
function traceReceiptRecordId(traceId) {
const id = String(traceId || "").trim();
if (!looksLikeUuid(id)) return "";
return `if://trace/${id}/v1`;
}
function buildTraceReceiptEvidence({ job, shareId, staticPublicBaseUrl }) {
const base = normalizeBaseUrl(staticPublicBaseUrl || process.env.STATIC_SOURCE_PUBLIC_BASE_URL || "https://infrafabric.io");
const sid = String(shareId || "").trim();
const traceId = String(job?.id || "").trim();
const sourceExt = String(job?.sourcePath ? path.extname(job.sourcePath) : "").toLowerCase() || ".pdf";
const sourceUrl = job?.sourceSha256 ? `${base}/static/source/${job.sourceSha256}${sourceExt}` : "";
return {
share_id: sid,
trace_id: traceId,
created_at: job?.createdAt || "",
style: job?.style || "",
source_sha256: job?.sourceSha256 || "",
output_sha256: job?.outputSha256 || "",
urls: {
pack_md: `${base}/static/pack/${encodeURIComponent(sid)}.md`,
pack_html: `${base}/static/pack/${encodeURIComponent(sid)}`,
review_html: `${base}/static/review/${encodeURIComponent(sid)}`,
marketing_html: `${base}/static/marketing/${encodeURIComponent(sid)}`,
dossier_html: `${base}/static/dossier/${encodeURIComponent(sid)}`,
dossier_md: `${base}/static/dossier/${encodeURIComponent(sid)}/download`,
trace_html: `${base}/static/trace/${encodeURIComponent(sid)}`,
source_pdf: sourceUrl,
},
};
}
function summarizeTttRecord(record) {
const rec = record && typeof record === "object" ? record : null;
if (!rec) return null;
const pqStatus = String(rec.pq_status || "").trim();
const pqAlgo = String(rec.pq_algo || "").trim();
const signaturePqPresent = Boolean(rec.signature_pq);
return {
id: String(rec.id || "").trim(),
content_hash: String(rec.content_hash || "").trim(),
signer: String(rec.signer || "").trim(),
pq_status: pqStatus,
pq_algo: pqAlgo,
pq_signature_present: signaturePqPresent,
quantum_ready: signaturePqPresent && pqStatus !== "classical-only",
};
}
async function fetchTttRecordById(recordId) {
const base = tttRegistryBaseUrl();
if (!base || !recordId) return { ok: false, status: 0, record: null };
const u = `${base}/v1/citation?id=${encodeURIComponent(recordId)}`;
try {
const { ok, status, data } = await fetchJson(u, { method: "GET" });
const verified = Boolean(data && data.verified === true);
const record = verified && data && data.record ? data.record : null;
return { ok: ok && verified, status, record };
} catch {
return { ok: false, status: 0, record: null };
}
}
async function upsertTttTraceReceipt({ job, shareId, staticPublicBaseUrl }) {
const base = tttRegistryBaseUrl();
if (!base) return { ok: false, status: 0, record: null, mode: "disabled" };
const rid = traceReceiptRecordId(job?.id);
if (!rid) return { ok: false, status: 0, record: null, mode: "invalid_trace_id" };
// Best effort: read-only GET first (no token required).
const existing = await fetchTttRecordById(rid);
if (existing.ok && existing.record) return { ok: true, status: 200, record: existing.record, mode: "found" };
const token = tttRegistryApiToken();
if (!token) return { ok: false, status: 0, record: null, mode: "no_token" };
const evidence = buildTraceReceiptEvidence({ job, shareId, staticPublicBaseUrl });
const claim = `IF.TRACE receipt (T3) for shareId=${shareId} trace_id=${job.id}`;
const payload = {
id: rid,
claim,
evidence,
timestamp: job?.createdAt || undefined,
};
const url = `${base}/v1/citation`;
try {
const { ok, status, data } = await fetchJson(url, {
method: "POST",
headers: {
Authorization: `Bearer ${token}`,
"Content-Type": "application/json; charset=utf-8",
},
body: JSON.stringify(payload),
timeoutMs: 6500,
});
if (!ok || !data || !data.record) return { ok: false, status, record: null, mode: "create_failed" };
return { ok: true, status, record: data.record, mode: "created" };
} catch {
return { ok: false, status: 0, record: null, mode: "create_failed" };
}
}
function looksLikeUuid(value) {
return /^[0-9a-f]{8}-[0-9a-f]{4}-[1-5][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$/i.test(String(value || ""));
}
function jobJsonPath(jobsDir, jobId) {
return path.join(jobsDir, `${jobId}.json`);
}
function readJob(jobsDir, jobId) {
const p = jobJsonPath(jobsDir, jobId);
if (!fs.existsSync(p)) return null;
try {
return JSON.parse(fs.readFileSync(p, "utf8"));
} catch {
return null;
}
}
function writeJob(jobsDir, job) {
const p = jobJsonPath(jobsDir, job.id);
fs.writeFileSync(p, JSON.stringify(job, null, 2) + "\n", "utf8");
}
function shareJsonPath(sharesDir, shareId) {
return path.join(sharesDir, `${shareId}.json`);
}
function writeShare(sharesDir, shareId, data) {
const p = shareJsonPath(sharesDir, shareId);
fs.writeFileSync(p, JSON.stringify(data, null, 2) + "\n", "utf8");
}
function readShare(sharesDir, shareId) {
const p = shareJsonPath(sharesDir, shareId);
if (!fs.existsSync(p)) return null;
try {
return JSON.parse(fs.readFileSync(p, "utf8"));
} catch {
return null;
}
}
async function sha256File(filePath) {
return await new Promise((resolve, reject) => {
const h = crypto.createHash("sha256");
const s = fs.createReadStream(filePath);
s.on("error", reject);
s.on("data", (chunk) => h.update(chunk));
s.on("end", () => resolve(h.digest("hex")));
});
}
function runProcess(command, args, { cwd, env }) {
return new Promise((resolve) => {
const child = spawn(command, args, {
cwd,
env,
stdio: ["ignore", "pipe", "pipe"],
});
let stdout = "";
let stderr = "";
child.stdout.on("data", (d) => {
stdout += d.toString("utf8");
if (stdout.length > 256_000) stdout = stdout.slice(-256_000);
});
child.stderr.on("data", (d) => {
stderr += d.toString("utf8");
if (stderr.length > 256_000) stderr = stderr.slice(-256_000);
});
child.on("error", (err) => {
const msg = err?.message ? String(err.message) : String(err);
resolve({ code: 127, stdout, stderr: (stderr ? `${stderr}\n` : "") + msg });
});
child.on("close", (code) => resolve({ code: code ?? 0, stdout, stderr }));
});
}
async function generateShadowDossier({ inputPath, outputPath }) {
const revoiceModule = path.join(revoiceRepoRoot, "src", "revoice");
if (!fs.existsSync(revoiceModule)) {
throw new Error(`Missing revoice pipeline at ${revoiceModule}`);
}
const baseEnv = {
...process.env,
PYTHONPATH: path.join(revoiceRepoRoot, "src"),
};
const genArgs = ["-m", "revoice", "generate", "--style", privateUploadStyle];
if (["1", "true", "yes", "on"].includes(privateUploadActionPack)) genArgs.push("--action-pack");
genArgs.push("--input", inputPath, "--output", outputPath);
const gen = await runProcess(
"python3",
genArgs,
{ cwd: revoiceRepoRoot, env: baseEnv }
);
if (gen.code !== 0) {
throw new Error(`revoice generate failed (code ${gen.code}): ${gen.stderr || gen.stdout}`);
}
const preflight = await runProcess(
"python3",
["-m", "revoice", "preflight", "--style", privateUploadStyle, "--input", outputPath, "--source", inputPath],
{ cwd: revoiceRepoRoot, env: baseEnv }
);
const warnings = preflight.code === 0 ? "" : preflight.stderr || preflight.stdout;
if (preflight.code !== 0 && preflight.code !== 2) {
throw new Error(`revoice preflight failed (code ${preflight.code}): ${preflight.stderr || preflight.stdout}`);
}
return { warnings };
}
function pickPhrases(input) {
const text = String(input || "").replace(/\r\n?/g, "\n");
const lines = text
.split("\n")
.map((l) => l.trim())
.filter(Boolean)
.slice(0, 200);
const interesting = [];
const needles = ["must", "should", "require", "required", "ensure", "enforce", "policy", "control", "audit", "compliance"];
for (const line of lines) {
const lower = line.toLowerCase();
if (needles.some((n) => lower.includes(n))) interesting.push(line);
if (interesting.length >= 4) break;
}
if (interesting.length) return interesting;
return lines.slice(0, 3);
}
function generateRoastText(content) {
const trimmed = String(content || "").trim();
const phrases = pickPhrases(trimmed);
const bullets = phrases.map((p) => `- ${p.length > 120 ? `${p.slice(0, 117)}` : p}`).join("\n");
return [
"We love the ambition here and are directionally aligned with the idea of \"secure rollout\" as long as we define secure as \"documented\" and rollout as \"phased.\"",
"",
"Key risk: this reads like a control narrative optimized for sign-off, not for the Friday-afternoon pull request that actually ships the code.",
"",
"Observed control theater (excerpt):",
bullets ? bullets : "- (no extractable claims detected)",
"",
"Recommendation: convert every \"should\" into an owner, a gate (PR/CI/access), and a stop condition. Otherwise this becomes an alignment session that reproduces itself indefinitely.",
].join("\n");
}
function main() {
const port = Number(process.env.PORT || 8080);
const app = express();
app.set("trust proxy", true);
const configuredDataDir = String(process.env.RED_TEAM_DATA_DIR || "").trim();
const dataDir = configuredDataDir ? path.resolve(configuredDataDir) : path.join(projectRoot, "data");
const uploadsDir = path.join(dataDir, "uploads");
const outputsDir = path.join(dataDir, "outputs");
const jobsDir = path.join(dataDir, "jobs");
const sharesDir = path.join(dataDir, "shares");
const staticDir = path.join(dataDir, "static");
const staticSourceDir = path.join(staticDir, "source");
ensureDir(uploadsDir);
ensureDir(outputsDir);
ensureDir(jobsDir);
ensureDir(sharesDir);
ensureDir(staticDir);
ensureDir(staticSourceDir);
app.disable("x-powered-by");
app.use(express.json({ limit: "256kb" }));
app.use("/static", express.static(staticDir, { fallthrough: false, etag: true, maxAge: "30d" }));
app.get("/healthz", (_req, res) => {
res.status(200).json({ ok: true });
});
app.post("/api/roast", (req, res) => {
const content = String(req.body?.content ?? "");
if (!content.trim()) return res.status(400).json({ text: "Missing content" });
if (content.length > 20_000) return res.status(413).json({ text: "Content too large" });
return res.status(200).json({ text: generateRoastText(content) });
});
const privateUploadEnabled = Boolean(privateUploadToken.trim());
const privateGuard = (req, res, next) => {
if (!privateUploadEnabled) return res.status(404).type("text/plain").send("Not found");
if (req.params?.token !== privateUploadToken) return res.status(404).type("text/plain").send("Not found");
return next();
};
const upload = multer({
storage: multer.diskStorage({
destination: (_req, _file, cb) => cb(null, uploadsDir),
filename: (req, file, cb) => {
const id = crypto.randomUUID();
req._jobId = id;
const ext = path.extname(file.originalname || "").slice(0, 12).toLowerCase();
cb(null, `${id}${ext}`);
},
}),
limits: { fileSize: privateUploadMaxBytes, files: 1 },
});
app.get("/private/:token", privateGuard, (req, res) => {
const token = req.params.token;
res
.status(200)
.type("text/html; charset=utf-8")
.send(
[
"<!doctype html>",
"<html><head>",
"<meta charset='utf-8'/>",
"<meta name='viewport' content='width=device-width, initial-scale=1'/>",
"<title>Private Upload · Shadow Dossier</title>",
"<style>body{font-family:system-ui,-apple-system,Segoe UI,Roboto,Arial,sans-serif;max-width:900px;margin:40px auto;padding:0 18px;line-height:1.45}code,pre{font-family:ui-monospace,SFMono-Regular,Menlo,Monaco,Consolas,monospace}fieldset{border:1px solid #ddd;border-radius:10px;padding:16px}input,button{font-size:16px}button{padding:10px 14px}small{color:#666}</style>",
"</head><body>",
"<h1>Private dossier upload</h1>",
`<p><small>Style: <code>${escapeHtml(privateUploadStyle)}</code> · Max: <code>${escapeHtml(
String(privateUploadMaxBytes)
)}</code> bytes</small></p>`,
"<fieldset>",
"<form method='post' enctype='multipart/form-data' action='" +
`/api/private/${encodeURIComponent(token)}/upload` +
"'>",
"<p><input type='file' name='file' required accept='.pdf,.md,.txt' /></p>",
"<p><button type='submit'>Upload & generate</button></p>",
"<p><small>Supported: PDF/MD/TXT. Output: Markdown shadow dossier.</small></p>",
"</form>",
"</fieldset>",
"</body></html>",
].join("")
);
});
app.get("/private/:token/job/:jobId", privateGuard, (req, res) => {
const jobId = String(req.params.jobId || "");
if (!looksLikeUuid(jobId)) return res.status(404).type("text/plain").send("Not found");
const job = readJob(jobsDir, jobId);
if (!job) return res.status(404).type("text/plain").send("Not found");
const status = String(job.status || "unknown");
const isDone = status === "done" || status === "done_with_warnings";
const isError = status === "error";
const token = req.params.token;
const refresh = isDone || isError ? "" : "<meta http-equiv='refresh' content='2'/>";
const downloadLink = isDone
? `<p><a href="/private/${encodeURIComponent(token)}/download/${encodeURIComponent(jobId)}">Download Markdown</a></p>`
: "";
const viewLink = isDone
? `<p><a href="/private/${encodeURIComponent(token)}/view/${encodeURIComponent(jobId)}">View rendered dossier</a></p>`
: "";
const shareLinks = isDone && job.shareId
? [
"<p><strong>Share links</strong> (no repo):</p>",
`<p><a href="/r/${encodeURIComponent(job.shareId)}">Public view</a> · <a href="/r/${encodeURIComponent(job.shareId)}/download">Public download</a></p>`,
].join("")
: "";
const sourceLink = job.sourcePath
? `<p><a href="/private/${encodeURIComponent(token)}/source/${encodeURIComponent(jobId)}">Download source</a></p>`
: "";
const warnings = job.warnings ? `<pre>${escapeHtml(job.warnings)}</pre>` : "";
const error = job.error ? `<pre>${escapeHtml(job.error)}</pre>` : "";
res
.status(200)
.type("text/html; charset=utf-8")
.send(
[
"<!doctype html>",
"<html><head>",
"<meta charset='utf-8'/>",
"<meta name='viewport' content='width=device-width, initial-scale=1'/>",
refresh,
"<title>Job · Shadow Dossier</title>",
"<style>body{font-family:system-ui,-apple-system,Segoe UI,Roboto,Arial,sans-serif;max-width:900px;margin:40px auto;padding:0 18px;line-height:1.45}code,pre{font-family:ui-monospace,SFMono-Regular,Menlo,Monaco,Consolas,monospace}pre{background:#f7f7f7;border:1px solid #eee;border-radius:10px;padding:12px;overflow:auto}</style>",
"</head><body>",
"<h1>Shadow dossier job</h1>",
`<p>Status: <code>${escapeHtml(status)}</code></p>`,
`<p>Job ID: <code>${escapeHtml(jobId)}</code></p>`,
job.originalFilename ? `<p>Source: <code>${escapeHtml(job.originalFilename)}</code></p>` : "",
job.sourceSha256 ? `<p>Source sha256: <code>${escapeHtml(job.sourceSha256)}</code></p>` : "",
job.outputSha256 ? `<p>Output sha256: <code>${escapeHtml(job.outputSha256)}</code></p>` : "",
job.shareId ? `<p>Share ID: <code>${escapeHtml(job.shareId)}</code></p>` : "",
downloadLink,
viewLink,
sourceLink,
shareLinks,
warnings ? "<h2>Warnings</h2>" + warnings : "",
isError ? "<h2>Error</h2>" + error : "",
`<p><a href="/private/${encodeURIComponent(token)}">Back to upload</a></p>`,
"</body></html>",
].join("")
);
});
app.get("/private/:token/view/:jobId", privateGuard, (req, res) => {
const jobId = String(req.params.jobId || "");
if (!looksLikeUuid(jobId)) return res.status(404).type("text/plain").send("Not found");
const job = readJob(jobsDir, jobId);
if (!job) return res.status(404).type("text/plain").send("Not found");
if (!job.outputPath) return res.status(409).type("text/plain").send("Not ready");
const abs = path.resolve(projectRoot, job.outputPath);
if (!abs.startsWith(outputsDir + path.sep)) return res.status(400).type("text/plain").send("Bad path");
if (!fs.existsSync(abs)) return res.status(404).type("text/plain").send("Not found");
const mdText = fs.readFileSync(abs, "utf8");
const html = markdown.render(mdText);
const token = req.params.token;
const topLinks = [
`<a href="/private/${encodeURIComponent(token)}/download/${encodeURIComponent(jobId)}">Download Markdown</a>`,
job.sourcePath ? `<a href="/private/${encodeURIComponent(token)}/source/${encodeURIComponent(jobId)}">Download source</a>` : "",
job.shareId ? `<a href="/r/${encodeURIComponent(job.shareId)}">Share view</a>` : "",
]
.filter(Boolean)
.join(" · ");
res.status(200).type("text/html; charset=utf-8").send(renderMarkdownPage({ title: job.originalFilename || "Shadow dossier", html, topLinksHtml: topLinks }));
});
app.get("/r/:shareId/trace", async (req, res) => {
const shareId = String(req.params.shareId || "").trim();
if (!shareId) return res.status(404).type("text/plain").send("Not found");
const share = readShare(sharesDir, shareId);
if (!share?.jobId || !looksLikeUuid(share.jobId)) return res.status(404).type("text/plain").send("Not found");
const job = readJob(jobsDir, share.jobId);
if (!job?.outputPath) return res.status(404).type("text/plain").send("Not found");
const publicBaseUrl = publicBaseFromRequest(req, "red-team.infrafabric.io");
const staticPublicBaseUrl = staticPublicBaseUrlForRequest(req, publicBaseUrl);
// Best-effort: attach a registry-signed trace receipt record so we can render
// black/white “QUANTUM READY” without over-claiming. If the registry is
// unreachable, we still render the classic hash receipt.
let tttTraceReceipt = job.tttTraceReceipt || null;
if (!tttTraceReceipt || !tttTraceReceipt.id || !tttTraceReceipt.content_hash) {
const ttt = await upsertTttTraceReceipt({ job, shareId, staticPublicBaseUrl });
if (ttt.ok && ttt.record) {
tttTraceReceipt = summarizeTttRecord(ttt.record);
if (tttTraceReceipt) {
job.tttTraceReceipt = tttTraceReceipt;
writeJob(jobsDir, job);
}
}
}
const verification = await computeVerificationStatus({ job, projectRoot, outputsDir, uploadsDir });
const jobForRender = { ...job, _verification: verification, _ttt_trace_receipt: tttTraceReceipt };
const md = renderTraceMarkdown({ shareId, job: jobForRender, publicBaseUrl, staticPublicBaseUrl });
const html = markdown.render(md);
const headerHtml = renderTraceHeaderHtml({ verification, job: jobForRender });
const topLinks = [
`<a href="/r/${encodeURIComponent(shareId)}">Back to dossier</a>`,
`<a href="/r/${encodeURIComponent(shareId)}/download">Download Markdown</a>`,
job.sourcePath ? `<a href="/r/${encodeURIComponent(shareId)}/source">Download source</a>` : "",
`<a href="/r/${encodeURIComponent(shareId)}/review-pack">Review pack (HTML)</a>`,
`<a href="/r/${encodeURIComponent(shareId)}/review-pack.md">Review pack (MD)</a>`,
`<a href="/r/${encodeURIComponent(shareId)}/pack">Single-file pack (HTML)</a>`,
`<a href="/r/${encodeURIComponent(shareId)}/pack.md">Single-file pack (MD)</a>`,
]
.filter(Boolean)
.join(" · ");
res
.status(200)
.type("text/html; charset=utf-8")
.send(renderMarkdownPage({ title: "IF.TRACE receipt (T3)", headerHtml, html, topLinksHtml: topLinks }));
});
app.get("/r/:shareId/source", (req, res) => {
const shareId = String(req.params.shareId || "").trim();
if (!shareId) return res.status(404).type("text/plain").send("Not found");
const share = readShare(sharesDir, shareId);
if (!share?.jobId || !looksLikeUuid(share.jobId)) return res.status(404).type("text/plain").send("Not found");
const job = readJob(jobsDir, share.jobId);
if (!job?.sourcePath) return res.status(404).type("text/plain").send("Not found");
const staticFile = ensureStaticSourceFile({ job, uploadsDir, staticSourceDir, projectRoot });
if (!staticFile) return res.status(404).type("text/plain").send("Not found");
res.redirect(302, staticFile.urlPath);
});
// NOTE: These routes intentionally come in pairs:
// - `*.md` is the raw, download-friendly artifact
// - same path without `.md` is the HTML view (for HTML-only sandboxes)
app.get("/r/:shareId/review-pack.md", (req, res) => {
const shareId = String(req.params.shareId || "").trim();
if (!shareId) return res.status(404).type("text/plain").send("Not found");
const share = readShare(sharesDir, shareId);
if (!share?.jobId || !looksLikeUuid(share.jobId)) return res.status(404).type("text/plain").send("Not found");
const job = readJob(jobsDir, share.jobId);
if (!job?.outputPath) return res.status(404).type("text/plain").send("Not found");
const staticSource = ensureStaticSourceFile({ job, uploadsDir, staticSourceDir, projectRoot });
const externalReviewBaseUrl = String(process.env.EXTERNAL_REVIEW_BASE_URL || "https://emo-social.infrafabric.io/external-review.html");
const externalReviewUrl = buildExternalReviewUrl(externalReviewBaseUrl, share.reviewSheetId);
const publicBaseUrl = publicBaseFromRequest(req, "red-team.infrafabric.io");
const staticPublicBaseUrl = staticPublicBaseUrlForRequest(req, publicBaseUrl);
const staticSourceUrl = staticSource ? `${staticPublicBaseUrl}${staticSource.urlPath}` : "";
const md = renderReviewPackMarkdown({ shareId, job, publicBaseUrl, externalReviewUrl, staticSourceUrl, staticPublicBaseUrl });
const baseName = (job.originalFilename || "dossier").replace(/[^A-Za-z0-9._-]+/g, "-").slice(0, 60);
res
.status(200)
.type("text/markdown; charset=utf-8")
.send(md);
});
app.get("/r/:shareId/review-pack", (req, res) => {
const shareId = String(req.params.shareId || "").trim();
if (!shareId) return res.status(404).type("text/plain").send("Not found");
const share = readShare(sharesDir, shareId);
if (!share?.jobId || !looksLikeUuid(share.jobId)) return res.status(404).type("text/plain").send("Not found");
const job = readJob(jobsDir, share.jobId);
if (!job?.outputPath) return res.status(404).type("text/plain").send("Not found");
const staticSource = ensureStaticSourceFile({ job, uploadsDir, staticSourceDir, projectRoot });
const externalReviewBaseUrl = String(process.env.EXTERNAL_REVIEW_BASE_URL || "https://emo-social.infrafabric.io/external-review.html");
const externalReviewUrl = buildExternalReviewUrl(externalReviewBaseUrl, share.reviewSheetId);
const publicBaseUrl = publicBaseFromRequest(req, "red-team.infrafabric.io");
const staticPublicBaseUrl = staticPublicBaseUrlForRequest(req, publicBaseUrl);
const staticSourceUrl = staticSource ? `${staticPublicBaseUrl}${staticSource.urlPath}` : "";
const md = renderReviewPackMarkdown({ shareId, job, publicBaseUrl, externalReviewUrl, staticSourceUrl, staticPublicBaseUrl });
const html = markdown.render(md);
const topLinks = [
`<a href="/r/${encodeURIComponent(shareId)}">Back to dossier</a>`,
`<a href="/r/${encodeURIComponent(shareId)}/review-pack.md">Raw Markdown</a>`,
`<a href="/r/${encodeURIComponent(shareId)}/pack">Single-file pack (HTML)</a>`,
]
.filter(Boolean)
.join(" · ");
res.status(200).type("text/html; charset=utf-8").send(renderMarkdownPage({ title: "Review pack", html, topLinksHtml: topLinks }));
});
app.get("/r/:shareId/pack.md", (req, res) => {
const shareId = String(req.params.shareId || "").trim();
if (!shareId) return res.status(404).type("text/plain").send("Not found");
const share = readShare(sharesDir, shareId);
if (!share?.jobId || !looksLikeUuid(share.jobId)) return res.status(404).type("text/plain").send("Not found");
const job = readJob(jobsDir, share.jobId);
if (!job?.outputPath) return res.status(404).type("text/plain").send("Not found");
const abs = path.resolve(projectRoot, job.outputPath);
if (!abs.startsWith(outputsDir + path.sep)) return res.status(400).type("text/plain").send("Bad path");
if (!fs.existsSync(abs)) return res.status(404).type("text/plain").send("Not found");
const dossierMarkdown = fs.readFileSync(abs, "utf8");
const staticSource = ensureStaticSourceFile({ job, uploadsDir, staticSourceDir, projectRoot });
const externalReviewBaseUrl = String(process.env.EXTERNAL_REVIEW_BASE_URL || "https://emo-social.infrafabric.io/external-review.html");
const externalReviewUrl = buildExternalReviewUrl(externalReviewBaseUrl, share.reviewSheetId);
const publicBaseUrl = publicBaseFromRequest(req, "red-team.infrafabric.io");
const staticPublicBaseUrl = staticPublicBaseUrlForRequest(req, publicBaseUrl);
const staticSourceUrl = staticSource ? `${staticPublicBaseUrl}${staticSource.urlPath}` : "";
const md = renderSingleFilePackMarkdown({
shareId,
job,
publicBaseUrl,
externalReviewUrl,
staticSourceUrl,
staticPublicBaseUrl,
dossierMarkdown,
});
res.status(200).type("text/markdown; charset=utf-8").send(md);
});
app.get("/r/:shareId/pack", (req, res) => {
const shareId = String(req.params.shareId || "").trim();
if (!shareId) return res.status(404).type("text/plain").send("Not found");
const share = readShare(sharesDir, shareId);
if (!share?.jobId || !looksLikeUuid(share.jobId)) return res.status(404).type("text/plain").send("Not found");
const job = readJob(jobsDir, share.jobId);
if (!job?.outputPath) return res.status(404).type("text/plain").send("Not found");
const abs = path.resolve(projectRoot, job.outputPath);
if (!abs.startsWith(outputsDir + path.sep)) return res.status(400).type("text/plain").send("Bad path");
if (!fs.existsSync(abs)) return res.status(404).type("text/plain").send("Not found");
const dossierMarkdown = fs.readFileSync(abs, "utf8");
const staticSource = ensureStaticSourceFile({ job, uploadsDir, staticSourceDir, projectRoot });
const externalReviewBaseUrl = String(process.env.EXTERNAL_REVIEW_BASE_URL || "https://emo-social.infrafabric.io/external-review.html");
const externalReviewUrl = buildExternalReviewUrl(externalReviewBaseUrl, share.reviewSheetId);
const publicBaseUrl = publicBaseFromRequest(req, "red-team.infrafabric.io");
const staticPublicBaseUrl = staticPublicBaseUrlForRequest(req, publicBaseUrl);
const staticSourceUrl = staticSource ? `${staticPublicBaseUrl}${staticSource.urlPath}` : "";
const md = renderSingleFilePackMarkdown({
shareId,
job,
publicBaseUrl,
externalReviewUrl,
staticSourceUrl,
staticPublicBaseUrl,
dossierMarkdown,
});
const html = markdown.render(md);
const topLinks = [
`<a href="/r/${encodeURIComponent(shareId)}">Back to dossier</a>`,
`<a href="/r/${encodeURIComponent(shareId)}/pack.md">Raw Markdown</a>`,
`<a href="/r/${encodeURIComponent(shareId)}/review-pack">Review pack (HTML)</a>`,
]
.filter(Boolean)
.join(" · ");
res.status(200).type("text/html; charset=utf-8").send(renderMarkdownPage({ title: "Single-file pack", html, topLinksHtml: topLinks }));
});
app.get("/r/:shareId/marketing.md", (req, res) => {
const shareId = String(req.params.shareId || "").trim();
if (!shareId) return res.status(404).type("text/plain").send("Not found");
const share = readShare(sharesDir, shareId);
if (!share?.jobId || !looksLikeUuid(share.jobId)) return res.status(404).type("text/plain").send("Not found");
const job = readJob(jobsDir, share.jobId);
if (!job?.outputPath) return res.status(404).type("text/plain").send("Not found");
const abs = path.resolve(projectRoot, job.outputPath);
if (!abs.startsWith(outputsDir + path.sep)) return res.status(400).type("text/plain").send("Bad path");
if (!fs.existsSync(abs)) return res.status(404).type("text/plain").send("Not found");
const dossierMarkdown = fs.readFileSync(abs, "utf8");
const staticSource = ensureStaticSourceFile({ job, uploadsDir, staticSourceDir, projectRoot });
const publicBaseUrl = publicBaseFromRequest(req, "red-team.infrafabric.io");
const staticPublicBaseUrl = staticPublicBaseUrlForRequest(req, publicBaseUrl);
const staticSourceUrl = staticSource ? `${staticPublicBaseUrl}${staticSource.urlPath}` : "";
const md = renderMarketingPackMarkdown({
shareId,
job,
publicBaseUrl,
staticPublicBaseUrl,
staticSourceUrl,
dossierMarkdown,
});
res.status(200).type("text/markdown; charset=utf-8").send(md);
});
app.get("/r/:shareId/marketing", (req, res) => {
const shareId = String(req.params.shareId || "").trim();
if (!shareId) return res.status(404).type("text/plain").send("Not found");
const share = readShare(sharesDir, shareId);
if (!share?.jobId || !looksLikeUuid(share.jobId)) return res.status(404).type("text/plain").send("Not found");
const job = readJob(jobsDir, share.jobId);
if (!job?.outputPath) return res.status(404).type("text/plain").send("Not found");
const abs = path.resolve(projectRoot, job.outputPath);
if (!abs.startsWith(outputsDir + path.sep)) return res.status(400).type("text/plain").send("Bad path");
if (!fs.existsSync(abs)) return res.status(404).type("text/plain").send("Not found");
const dossierMarkdown = fs.readFileSync(abs, "utf8");
const staticSource = ensureStaticSourceFile({ job, uploadsDir, staticSourceDir, projectRoot });
const publicBaseUrl = publicBaseFromRequest(req, "red-team.infrafabric.io");
const staticPublicBaseUrl = staticPublicBaseUrlForRequest(req, publicBaseUrl);
const staticSourceUrl = staticSource ? `${staticPublicBaseUrl}${staticSource.urlPath}` : "";
const md = renderMarketingPackMarkdown({
shareId,
job,
publicBaseUrl,
staticPublicBaseUrl,
staticSourceUrl,
dossierMarkdown,
});
const html = markdown.render(md);
const topLinks = [
`<a href="/r/${encodeURIComponent(shareId)}">Back to dossier</a>`,
`<a href="/r/${encodeURIComponent(shareId)}/marketing.md">Raw Markdown</a>`,
`<a href="/r/${encodeURIComponent(shareId)}/pack">Single-file pack (HTML)</a>`,
]
.filter(Boolean)
.join(" · ");
res.status(200).type("text/html; charset=utf-8").send(renderMarkdownPage({ title: "Marketing excerpt", html, topLinksHtml: topLinks }));
});
app.get("/r/:shareId", (req, res) => {
const shareId = String(req.params.shareId || "").trim();
if (!shareId) return res.status(404).type("text/plain").send("Not found");
const share = readShare(sharesDir, shareId);
if (!share?.jobId || !looksLikeUuid(share.jobId)) return res.status(404).type("text/plain").send("Not found");
const job = readJob(jobsDir, share.jobId);
if (!job?.outputPath) return res.status(404).type("text/plain").send("Not found");
const abs = path.resolve(projectRoot, job.outputPath);
if (!abs.startsWith(outputsDir + path.sep)) return res.status(400).type("text/plain").send("Bad path");
if (!fs.existsSync(abs)) return res.status(404).type("text/plain").send("Not found");
const mdText = fs.readFileSync(abs, "utf8");
const html = markdown.render(mdText);
const externalReviewBaseUrl = String(process.env.EXTERNAL_REVIEW_BASE_URL || "https://emo-social.infrafabric.io/external-review.html");
const externalReviewUrl = buildExternalReviewUrl(externalReviewBaseUrl, share.reviewSheetId);
const topLinks = [
`<a href="/r/${encodeURIComponent(shareId)}/download">Download Markdown</a>`,
job.sourcePath ? `<a href="/r/${encodeURIComponent(shareId)}/source">Download source</a>` : "",
`<a href="/r/${encodeURIComponent(shareId)}/trace">IF.TRACE receipt</a>`,
`<a href="/r/${encodeURIComponent(shareId)}/review-pack">Review pack (HTML)</a>`,
`<a href="/r/${encodeURIComponent(shareId)}/review-pack.md">Review pack (MD)</a>`,
`<a href="/r/${encodeURIComponent(shareId)}/pack">Single-file pack (HTML)</a>`,
`<a href="/r/${encodeURIComponent(shareId)}/pack.md">Single-file pack (MD)</a>`,
`<a href="/r/${encodeURIComponent(shareId)}/marketing">Marketing excerpt (HTML)</a>`,
`<a href="/r/${encodeURIComponent(shareId)}/marketing.md">Marketing excerpt (MD)</a>`,
externalReviewUrl ? `<a href="${escapeHtml(externalReviewUrl)}" target="_blank" rel="noreferrer">Feedback intake (login)</a>` : "",
]
.filter(Boolean)
.join(" · ");
res.status(200).type("text/html; charset=utf-8").send(renderMarkdownPage({ title: job.originalFilename || "Shadow dossier", html, topLinksHtml: topLinks }));
});
app.get("/r/:shareId/download", (req, res) => {
const shareId = String(req.params.shareId || "").trim();
if (!shareId) return res.status(404).type("text/plain").send("Not found");
const share = readShare(sharesDir, shareId);
if (!share?.jobId || !looksLikeUuid(share.jobId)) return res.status(404).type("text/plain").send("Not found");
const job = readJob(jobsDir, share.jobId);
if (!job?.outputPath) return res.status(404).type("text/plain").send("Not found");
const abs = path.resolve(projectRoot, job.outputPath);
if (!abs.startsWith(outputsDir + path.sep)) return res.status(400).type("text/plain").send("Bad path");
if (!fs.existsSync(abs)) return res.status(404).type("text/plain").send("Not found");
const baseName = (job.originalFilename || "dossier").replace(/[^A-Za-z0-9._-]+/g, "-").slice(0, 60);
res.download(abs, `${baseName}.shadow.dave.md`);
});
app.get("/private/:token/download/:jobId", privateGuard, (req, res) => {
const jobId = String(req.params.jobId || "");
if (!looksLikeUuid(jobId)) return res.status(404).type("text/plain").send("Not found");
const job = readJob(jobsDir, jobId);
if (!job) return res.status(404).type("text/plain").send("Not found");
if (!job.outputPath) return res.status(409).type("text/plain").send("Not ready");
const abs = path.resolve(projectRoot, job.outputPath);
if (!abs.startsWith(outputsDir + path.sep)) return res.status(400).type("text/plain").send("Bad path");
if (!fs.existsSync(abs)) return res.status(404).type("text/plain").send("Not found");
const baseName = (job.originalFilename || "dossier").replace(/[^A-Za-z0-9._-]+/g, "-").slice(0, 60);
res.download(abs, `${baseName}.shadow.dave.md`);
});
app.get("/private/:token/source/:jobId", privateGuard, (req, res) => {
const jobId = String(req.params.jobId || "");
if (!looksLikeUuid(jobId)) return res.status(404).type("text/plain").send("Not found");
const job = readJob(jobsDir, jobId);
if (!job) return res.status(404).type("text/plain").send("Not found");
if (!job.sourcePath) return res.status(404).type("text/plain").send("Not found");
const abs = path.resolve(projectRoot, job.sourcePath);
if (!abs.startsWith(uploadsDir + path.sep)) return res.status(400).type("text/plain").send("Bad path");
if (!fs.existsSync(abs)) return res.status(404).type("text/plain").send("Not found");
const baseName = (job.originalFilename || "source").replace(/[^A-Za-z0-9._-]+/g, "-").slice(0, 80);
res.download(abs, baseName);
});
app.post("/api/private/:token/upload", privateGuard, upload.single("file"), async (req, res) => {
const jobId = req._jobId || crypto.randomUUID();
const file = req.file;
if (!file?.path) return res.status(400).type("text/plain").send("Missing file");
const relSourcePath = path.relative(projectRoot, file.path);
const absOutputPath = path.join(outputsDir, `${jobId}.shadow.dave.md`);
const relOutputPath = path.relative(projectRoot, absOutputPath);
const shareId = crypto.randomBytes(18).toString("base64url");
const now = new Date().toISOString();
const job = {
id: jobId,
status: "processing",
createdAt: now,
originalFilename: file.originalname || "",
sourcePath: relSourcePath,
outputPath: relOutputPath,
shareId,
style: privateUploadStyle,
sourceBytes: Number(file.size || 0),
sourceSha256: "",
outputSha256: "",
warnings: "",
error: "",
};
try {
job.sourceSha256 = await sha256File(file.path);
} catch (e) {
job.status = "error";
job.error = String(e?.message || e || "hash_failed");
writeJob(jobsDir, job);
return res.status(500).type("text/plain").send("Failed to hash upload");
}
writeJob(jobsDir, job);
writeShare(sharesDir, shareId, { shareId, jobId, createdAt: now });
void (async () => {
try {
const { warnings } = await generateShadowDossier({ inputPath: file.path, outputPath: absOutputPath });
job.warnings = warnings ? warnings.trim() : "";
job.outputSha256 = await sha256File(absOutputPath);
job.status = job.warnings ? "done_with_warnings" : "done";
// Best-effort: create a registry-signed trace receipt record (PQ-capable).
// This must never block publishing; failures degrade gracefully.
try {
const staticPublicBaseUrl = normalizeBaseUrl(process.env.STATIC_SOURCE_PUBLIC_BASE_URL || "https://infrafabric.io");
const ttt = await upsertTttTraceReceipt({ job, shareId, staticPublicBaseUrl });
if (ttt.ok && ttt.record) {
const summary = summarizeTttRecord(ttt.record);
if (summary) job.tttTraceReceipt = summary;
}
} catch {
// ignore
}
writeJob(jobsDir, job);
} catch (e) {
job.status = "error";
job.error = String(e?.message || e || "generation_failed");
writeJob(jobsDir, job);
}
})();
res.redirect(303, `/private/${encodeURIComponent(req.params.token)}/job/${encodeURIComponent(jobId)}`);
});
if (fs.existsSync(distDir) && fs.existsSync(indexHtmlPath)) {
app.use(express.static(distDir, { fallthrough: true }));
app.get("*", (_req, res) => {
res.setHeader("Content-Type", "text/html; charset=utf-8");
res.status(200).sendFile(indexHtmlPath);
});
} else {
app.get("*", (_req, res) => {
res
.status(503)
.type("text/plain")
.send("red-team site is not built yet. Run `npm install` then `npm run build`.");
});
}
app.listen(port, "0.0.0.0", () => {
// eslint-disable-next-line no-console
console.log(`red-team site listening on http://0.0.0.0:${port}`);
});
}
main();
Reference in a new issue View git blame Copy permalink