npm - @gotgenes/pi-permission-system - Versions diffs - 15.0.1 → 16.0.0 - Mend

@gotgenes/pi-permission-system 15.0.1 → 16.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (23) hide show

package/CHANGELOG.md +30 -0
package/README.md +11 -0
package/package.json +1 -1
package/src/async-cache.ts +21 -0
package/src/config-loader.ts +35 -0
package/src/decision-audit.ts +75 -0
package/src/handlers/gates/bash-command.ts +35 -3
package/src/handlers/gates/bash-program.ts +5 -6
package/src/handlers/lifecycle.ts +4 -0
package/src/handlers/permission-gate-handler.ts +4 -7
package/src/handlers/tool-call-boundary.ts +91 -0
package/src/index.ts +13 -1
package/test/async-cache.test.ts +48 -0
package/test/config-loader.test.ts +22 -1
package/test/decision-audit.test.ts +72 -0
package/test/detect-permissive-bash-fallback.test.ts +56 -0
package/test/handlers/external-directory-integration.test.ts +24 -20
package/test/handlers/external-directory-session-dedup.test.ts +4 -4
package/test/handlers/gates/bash-command-metamorphic.test.ts +83 -0
package/test/handlers/gates/bash-command.test.ts +33 -6
package/test/handlers/lifecycle.test.ts +9 -0
package/test/handlers/tool-call-boundary.test.ts +145 -0
package/test/handlers/tool-call.test.ts +18 -18

package/test/handlers/tool-call.test.ts CHANGED Viewed

@@ -62,7 +62,7 @@ describe("handleToolCall", () => {
       makeCtx(),
     );
     expect(result).toEqual({
-      block: true,
+      action: "block",
       reason: expect.stringContaining("tool"),
     });
   });
@@ -73,7 +73,7 @@ describe("handleToolCall", () => {
       makeToolCallEvent("unknown-tool"),
       makeCtx(),
     );
-    expect(result).toMatchObject({ block: true });
+    expect(result).toMatchObject({ action: "block" });
   });
   it("returns empty object when tool is allowed", async () => {
@@ -82,7 +82,7 @@ describe("handleToolCall", () => {
       makeToolCallEvent("read"),
       makeCtx(),
     );
-    expect(result).toEqual({});
+    expect(result).toEqual({ action: "allow" });
   });
   it("blocks when tool is denied by policy", async () => {
@@ -97,7 +97,7 @@ describe("handleToolCall", () => {
       makeToolCallEvent("read"),
       makeCtx(),
     );
-    expect(result).toMatchObject({ block: true });
+    expect(result).toMatchObject({ action: "block" });
   });
 });
@@ -128,7 +128,7 @@ describe("handleToolCall — skill-read gate", () => {
       input: { path: "/skills/librarian/SKILL.md" },
     };
     const result = await handler.handleToolCall(event, makeCtx());
-    expect(result).toMatchObject({ block: true });
+    expect(result).toMatchObject({ action: "block" });
   });
   it("allows a read of a non-skill path even when skill entries are present", async () => {
@@ -155,7 +155,7 @@ describe("handleToolCall — skill-read gate", () => {
       input: { path: "/test/project/src/index.ts" },
     };
     const result = await handler.handleToolCall(event, makeCtx());
-    expect(result).toEqual({});
+    expect(result).toEqual({ action: "allow" });
   });
 });
@@ -175,7 +175,7 @@ describe("handleToolCall — external-directory gate", () => {
       input: { path: "/outside/project/file.ts" },
     });
     const result = await handler.handleToolCall(event, makeCtx());
-    expect(result).toMatchObject({ block: true });
+    expect(result).toMatchObject({ action: "block" });
   });
 });
@@ -195,7 +195,7 @@ describe("handleToolCall — bash external-directory gate", () => {
       input: { command: "cat /outside/project/file.ts" },
     });
     const result = await handler.handleToolCall(event, makeCtx());
-    expect(result).toMatchObject({ block: true });
+    expect(result).toMatchObject({ action: "block" });
   });
 });
@@ -213,7 +213,7 @@ describe("handleToolCall — path gate (tools)", () => {
     });
     const event = makeToolCallEvent("read", { input: { path: ".env" } });
     const result = await handler.handleToolCall(event, makeCtx());
-    expect(result).toMatchObject({ block: true });
+    expect(result).toMatchObject({ action: "block" });
   });
   it("allows a read when path surface allows", async () => {
@@ -222,7 +222,7 @@ describe("handleToolCall — path gate (tools)", () => {
       input: { path: "src/index.ts" },
     });
     const result = await handler.handleToolCall(event, makeCtx());
-    expect(result).toEqual({});
+    expect(result).toEqual({ action: "allow" });
   });
 });
@@ -240,7 +240,7 @@ describe("handleToolCall — bash path gate", () => {
     });
     const event = makeToolCallEvent("bash", { input: { command: "cat .env" } });
     const result = await handler.handleToolCall(event, makeCtx());
-    expect(result).toMatchObject({ block: true });
+    expect(result).toMatchObject({ action: "block" });
   });
 });
@@ -262,7 +262,7 @@ describe("handleToolCall — bash command chain gate", () => {
       input: { command: "echo start && npm install compromised-package" },
     });
     const result = await handler.handleToolCall(event, makeCtx());
-    expect(result).toMatchObject({ block: true });
+    expect(result).toMatchObject({ action: "block" });
   });
   it("blocks a command nested inside command substitution (#306)", async () => {
@@ -280,14 +280,14 @@ describe("handleToolCall — bash command chain gate", () => {
       input: { command: "echo $(rm -rf foo)" },
     });
     const result = await handler.handleToolCall(event, makeCtx());
-    expect(result).toMatchObject({ block: true });
+    expect(result).toMatchObject({ action: "block" });
   });
   it("allows a single non-chained bash command", async () => {
     const { handler } = makeHandler({ tools: ["bash"] });
     const event = makeToolCallEvent("bash", { input: { command: "echo hi" } });
     const result = await handler.handleToolCall(event, makeCtx());
-    expect(result).toEqual({});
+    expect(result).toEqual({ action: "allow" });
   });
 });
@@ -302,7 +302,7 @@ describe("handleToolCall — bash external-directory policy states", () => {
       input: { command: "cat src/index.ts" },
     });
     const result = await handler.handleToolCall(event, makeCtx());
-    expect(result).toEqual({});
+    expect(result).toEqual({ action: "allow" });
   });
   it("blocks bash command with external path when external_directory is ask and no UI", async () => {
@@ -325,7 +325,7 @@ describe("handleToolCall — bash external-directory policy states", () => {
       event,
       makeCtx({ hasUI: false }),
     );
-    expect(result).toMatchObject({ block: true });
+    expect(result).toMatchObject({ action: "block" });
     expect(String((result as { reason?: unknown }).reason)).toMatch(
       /no interactive UI/i,
     );
@@ -344,7 +344,7 @@ describe("handleToolCall — bash external-directory policy states", () => {
       input: { command: "cat /etc/hosts" },
     });
     const result = await handler.handleToolCall(event, makeCtx());
-    expect(result).toEqual({});
+    expect(result).toEqual({ action: "allow" });
   });
   it("applies bash pattern deny after external_directory allow", async () => {
@@ -364,7 +364,7 @@ describe("handleToolCall — bash external-directory policy states", () => {
       input: { command: "cat /etc/hosts" },
     });
     const result = await handler.handleToolCall(event, makeCtx());
-    expect(result).toMatchObject({ block: true });
+    expect(result).toMatchObject({ action: "block" });
   });
 });