Skip to content

feat: add --project option to specify project for supermemory #26

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Aug 28, 2025
Merged

feat: add --project option to specify project for supermemory #26

merged 2 commits into from
Aug 28, 2025

Conversation

@alexf37
Copy link
Contributor

@alexf37 alexf37 commented Aug 27, 2025
edited
Loading

  • Add a new CLI option --project that only applies when installing a URL on https://api.supermemory.ai/*.
  • Behavior:
    • If --project is provided, it is validated (no spaces) and added as a header: x-sm-project: <value>.
    • If --project is omitted for Supermemory URLs, the installer prompts for a project. Empty input defaults to default (users can still override per LLM session).
    • The header is appended alongside any --header flags.
    • Works for both regular installs and Warp output (included in args as --header "x-sm-project: <value>").
  • Does not affect non-URL installs or non-Supermemory URLs.

Docs:

  • Update README with a new “Supermemory project support” section explaining:
    • When the flag applies
    • Validation rules
    • Prompting and default behavior
    • Examples and Warp notes

@claude
Copy link
Contributor

claude bot commented Aug 27, 2025
edited
Loading

Claude finished @alexf37's task —— View job

Code Review Complete ✅

Reviewing PR #26: feat: add --project option to specify project for supermemory

Todo List:

  • Read and analyze changed files
  • Review code quality and best practices
  • Check for potential bugs or issues
  • Assess security concerns with header injection
  • Evaluate performance considerations
  • Review test coverage needs
  • Provide constructive feedback

Overall Assessment

This is a well-implemented feature that adds targeted Supermemory project support. The implementation is clean, follows existing patterns, and includes comprehensive documentation.

✅ Positive Aspects

Code Quality

  • Clean implementation: The feature is well-contained and follows the existing codebase patterns
  • Good separation of concerns: Supermemory-specific logic is properly isolated with isSupermemoryUrl() helper
  • Consistent error handling: Proper validation and user-friendly error messages
  • Good UX: Thoughtful prompting behavior with sensible defaults

Documentation

  • Comprehensive README updates: Clear explanation of when and how to use the feature
  • Good examples: Both explicit usage and prompting scenarios are covered
  • Warp integration: Properly documented how the feature works with Warp's manual config

🔍 Code Review Findings

Minor Issues & Suggestions

1. Header Format Inconsistency (Line 219)

projectHeader = `x-sm-project:${project}`

Issue: Missing space after the colon, while other headers typically use "Header: value" format.
Suggestion: Consider using x-sm-project: ${project} for consistency.

2. Input Validation Edge Cases (Lines 208-218)

if (!project || project.trim() === '') {
  const input = (await logger.prompt(/* ... */)) as string
  project = (input || '').trim() || 'default'
}

Good: Handles empty input well, but consider edge cases:

  • What if project contains only whitespace characters?
  • The current logic project.trim() === '' vs (input || '').trim() is slightly inconsistent

Suggestion: Normalize both paths:

project = project?.trim() || undefined
if (!project) {
  const input = (await logger.prompt(/* ... */)) as string
  project = input?.trim() || 'default'
}

3. Validation Message Clarity (Line 216)

logger.error('Project must not contain spaces. Use hyphens or underscores instead.')

Good: Clear error message, but could be more specific about what characters are allowed.

🛡️ Security Analysis

✅ Security Looks Good

  • Input validation: Proper space validation prevents header injection issues
  • No arbitrary code execution: The project value is safely passed as a header argument
  • Scope limitation: Only affects Supermemory URLs, reducing attack surface
  • Header injection protection: The space validation prevents multi-line header injection

Header Injection Protection

The regex /\s/.test(project) correctly prevents header injection by blocking all whitespace characters, which would prevent attacks like:

myproject\nMalicious-Header: evil-value

📊 Performance Considerations

✅ Minimal Performance Impact

  • URL checking: isSupermemoryUrl() is only called for URL targets
  • Validation: Simple regex check is fast
  • Prompting: Only prompts when necessary for Supermemory URLs
  • No breaking changes: Feature doesn't affect existing functionality

🧪 Test Coverage Assessment

❌ Missing Test Coverage

This is the main area for improvement. The new functionality lacks test coverage:

Missing Tests:

  1. Supermemory URL detection: Test isSupermemoryUrl() with various URLs
  2. Project validation: Test space detection and error handling
  3. Project prompting: Test default behavior when project is omitted
  4. Header injection: Test that x-sm-project header is properly added
  5. Warp integration: Test that project header appears in Warp output
  6. Edge cases: Empty strings, whitespace-only input, special characters

Suggested test additions in install.test.ts:

describe('Supermemory project support', () => {
  it('should detect supermemory URLs correctly', () => {
    expect(isSupermemoryUrl('https://api.supermemory.ai/server')).toBe(true)
    expect(isSupermemoryUrl('https://other-api.com')).toBe(false)
  })

  it('should validate project names (no spaces)', async () => {
    const argv = {
      client: 'claude',
      target: 'https://api.supermemory.ai/server',
      project: 'my project', // Contains space
      yes: true,
    }
    
    await handler(argv)
    expect(mockLogger.error).toHaveBeenCalledWith(
      expect.stringContaining('Project must not contain spaces')
    )
  })

  it('should prompt for project when omitted for supermemory URLs', async () => {
    // Test prompting behavior and default handling
  })
  
  it('should inject x-sm-project header for supermemory URLs', async () => {
    // Test header injection in args
  })
})

🔧 Recommendations

High Priority

  1. Add test coverage for the new Supermemory functionality
  2. Consider header format consistency (space after colon)

Medium Priority

  1. Enhance input validation edge case handling
  2. Consider validation message improvements for better UX

Low Priority

  1. Code organization: Consider extracting Supermemory logic to a separate function if more features are planned

✅ Approval Recommendation

This PR is ready for merge after addressing the test coverage gap. The implementation is solid, secure, and well-documented. The missing tests are the only significant concern.

@Dhravya Dhravya merged commit 1cd825d into main Aug 28, 2025
2 checks passed
@github-actions
Copy link

github-actions bot commented Aug 28, 2025

🎉 This PR is included in version 1.9.0 🎉

The release is available on:

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Dhravya Dhravya Dhravya approved these changes

@CodeWithShreyans CodeWithShreyans Awaiting requested review from CodeWithShreyans

Assignees

No one assigned

Labels

released

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@alexf37 @Dhravya