@aliou/pi-guardrails 0.4.0 → 0.4.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/config.ts +16 -11
- package/package.json +1 -1
- package/settings-command.ts +47 -37
package/config.ts
CHANGED
|
@@ -98,20 +98,25 @@ class ConfigLoader {
|
|
|
98
98
|
return merged;
|
|
99
99
|
}
|
|
100
100
|
|
|
101
|
-
|
|
102
|
-
|
|
103
|
-
|
|
104
|
-
|
|
101
|
+
private mergeInto<TTarget extends object, TSource extends object>(
|
|
102
|
+
target: TTarget,
|
|
103
|
+
source: TSource,
|
|
104
|
+
): void {
|
|
105
|
+
const t = target as Record<string, unknown>;
|
|
106
|
+
const s = source as Record<string, unknown>;
|
|
107
|
+
|
|
108
|
+
for (const key in s) {
|
|
109
|
+
if (s[key] === undefined) continue;
|
|
105
110
|
|
|
106
111
|
if (
|
|
107
|
-
typeof
|
|
108
|
-
!Array.isArray(
|
|
109
|
-
|
|
112
|
+
typeof s[key] === "object" &&
|
|
113
|
+
!Array.isArray(s[key]) &&
|
|
114
|
+
s[key] !== null
|
|
110
115
|
) {
|
|
111
|
-
if (!
|
|
112
|
-
this.mergeInto(
|
|
116
|
+
if (!t[key]) t[key] = {};
|
|
117
|
+
this.mergeInto(t[key] as object, s[key] as object);
|
|
113
118
|
} else {
|
|
114
|
-
|
|
119
|
+
t[key] = s[key];
|
|
115
120
|
}
|
|
116
121
|
}
|
|
117
122
|
}
|
|
@@ -138,7 +143,7 @@ class ConfigLoader {
|
|
|
138
143
|
config: GuardrailsConfig,
|
|
139
144
|
): Promise<void> {
|
|
140
145
|
await mkdir(dirname(path), { recursive: true });
|
|
141
|
-
await writeFile(path, JSON.stringify(config, null, 2)
|
|
146
|
+
await writeFile(path, `${JSON.stringify(config, null, 2)}\n`, "utf-8");
|
|
142
147
|
}
|
|
143
148
|
|
|
144
149
|
hasGlobalConfig(): boolean {
|
package/package.json
CHANGED
package/settings-command.ts
CHANGED
|
@@ -3,12 +3,41 @@ import { getSettingsListTheme } from "@mariozechner/pi-coding-agent";
|
|
|
3
3
|
import { Key, matchesKey } from "@mariozechner/pi-tui";
|
|
4
4
|
import { ArrayEditor } from "./array-editor";
|
|
5
5
|
import { configLoader } from "./config";
|
|
6
|
-
import type { GuardrailsConfig } from "./config-schema";
|
|
6
|
+
import type { GuardrailsConfig, ResolvedConfig } from "./config-schema";
|
|
7
7
|
import { PatternEditor } from "./pattern-editor";
|
|
8
8
|
import { SectionedSettings, type SettingsSection } from "./sectioned-settings";
|
|
9
9
|
|
|
10
10
|
type Tab = "local" | "global";
|
|
11
11
|
|
|
12
|
+
// Typed feature UI definitions. Adding a key to ResolvedConfig.features
|
|
13
|
+
// without adding it here will cause a type error.
|
|
14
|
+
type FeatureKey = keyof ResolvedConfig["features"];
|
|
15
|
+
|
|
16
|
+
interface FeatureUiDef {
|
|
17
|
+
label: string;
|
|
18
|
+
description: string;
|
|
19
|
+
}
|
|
20
|
+
|
|
21
|
+
const FEATURE_UI: Record<FeatureKey, FeatureUiDef> = {
|
|
22
|
+
preventBrew: {
|
|
23
|
+
label: "Prevent Homebrew",
|
|
24
|
+
description: "Block brew commands",
|
|
25
|
+
},
|
|
26
|
+
preventPython: {
|
|
27
|
+
label: "Prevent Python",
|
|
28
|
+
description: "Block python/pip/poetry commands. Use uv instead.",
|
|
29
|
+
},
|
|
30
|
+
protectEnvFiles: {
|
|
31
|
+
label: "Protect .env files",
|
|
32
|
+
description: "Block access to .env files containing secrets",
|
|
33
|
+
},
|
|
34
|
+
permissionGate: {
|
|
35
|
+
label: "Permission gate",
|
|
36
|
+
description:
|
|
37
|
+
"Prompt for confirmation on dangerous commands (rm -rf, sudo, etc.)",
|
|
38
|
+
},
|
|
39
|
+
};
|
|
40
|
+
|
|
12
41
|
export function registerSettingsCommand(pi: ExtensionAPI): void {
|
|
13
42
|
pi.registerCommand("guardrails:settings", {
|
|
14
43
|
description: "Configure guardrails (local/global)",
|
|
@@ -168,45 +197,26 @@ export function registerSettingsCommand(pi: ExtensionAPI): void {
|
|
|
168
197
|
: configLoader.getGlobalConfig();
|
|
169
198
|
const resolved = configLoader.getConfig();
|
|
170
199
|
|
|
200
|
+
const featureItems = (Object.keys(FEATURE_UI) as FeatureKey[]).map(
|
|
201
|
+
(key) => {
|
|
202
|
+
const def = FEATURE_UI[key];
|
|
203
|
+
return {
|
|
204
|
+
id: `features.${key}`,
|
|
205
|
+
label: def.label,
|
|
206
|
+
description: def.description,
|
|
207
|
+
currentValue:
|
|
208
|
+
(config.features?.[key] ?? resolved.features[key])
|
|
209
|
+
? "enabled"
|
|
210
|
+
: "disabled",
|
|
211
|
+
values: ["enabled", "disabled"],
|
|
212
|
+
};
|
|
213
|
+
},
|
|
214
|
+
);
|
|
215
|
+
|
|
171
216
|
const sections: SettingsSection[] = [
|
|
172
217
|
{
|
|
173
218
|
label: "Features",
|
|
174
|
-
items:
|
|
175
|
-
{
|
|
176
|
-
id: "features.preventBrew",
|
|
177
|
-
label: "Prevent Homebrew",
|
|
178
|
-
description: "Block brew commands",
|
|
179
|
-
currentValue:
|
|
180
|
-
(config.features?.preventBrew ??
|
|
181
|
-
resolved.features.preventBrew)
|
|
182
|
-
? "enabled"
|
|
183
|
-
: "disabled",
|
|
184
|
-
values: ["enabled", "disabled"],
|
|
185
|
-
},
|
|
186
|
-
{
|
|
187
|
-
id: "features.protectEnvFiles",
|
|
188
|
-
label: "Protect .env files",
|
|
189
|
-
description: "Block access to .env files containing secrets",
|
|
190
|
-
currentValue:
|
|
191
|
-
(config.features?.protectEnvFiles ??
|
|
192
|
-
resolved.features.protectEnvFiles)
|
|
193
|
-
? "enabled"
|
|
194
|
-
: "disabled",
|
|
195
|
-
values: ["enabled", "disabled"],
|
|
196
|
-
},
|
|
197
|
-
{
|
|
198
|
-
id: "features.permissionGate",
|
|
199
|
-
label: "Permission gate",
|
|
200
|
-
description:
|
|
201
|
-
"Prompt for confirmation on dangerous commands (rm -rf, sudo, etc.)",
|
|
202
|
-
currentValue:
|
|
203
|
-
(config.features?.permissionGate ??
|
|
204
|
-
resolved.features.permissionGate)
|
|
205
|
-
? "enabled"
|
|
206
|
-
: "disabled",
|
|
207
|
-
values: ["enabled", "disabled"],
|
|
208
|
-
},
|
|
209
|
-
],
|
|
219
|
+
items: featureItems,
|
|
210
220
|
},
|
|
211
221
|
{
|
|
212
222
|
label: "Env Files",
|