npm - @harness-engineering/core - Versions diffs - 0.26.2 → 0.26.4 - Mend

@harness-engineering/core 0.26.2 → 0.26.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

package/dist/architecture/matchers.d.mts +1 -1
package/dist/architecture/matchers.d.ts +1 -1
package/dist/architecture/matchers.js +12 -2
package/dist/architecture/matchers.mjs +1 -1
package/dist/{chunk-4UI65RLE.mjs → chunk-JIOBXIVB.mjs} +12 -2
package/dist/index.d.mts +194 -194
package/dist/index.d.ts +194 -194
package/dist/index.js +17 -3
package/dist/index.mjs +6 -2
package/dist/{matchers-XHMrK1kB.d.mts → matchers-DSibUtbV.d.mts} +134 -134
package/dist/{matchers-XHMrK1kB.d.ts → matchers-DSibUtbV.d.ts} +134 -134
package/package.json +1 -1

package/dist/index.js CHANGED Viewed

@@ -524,8 +524,18 @@ async function readFileContent(path46) {
     return (0, import_types.Err)(error);
   }
 }
-async function findFiles(pattern, cwd = process.cwd()) {
-  return (0, import_glob.glob)(pattern, { cwd, absolute: true });
+var DEFAULT_FIND_FILES_IGNORE = [
+  "**/node_modules/**",
+  "**/dist/**",
+  "**/build/**",
+  "**/coverage/**"
+];
+async function findFiles(pattern, cwd = process.cwd(), extraIgnore = []) {
+  return (0, import_glob.glob)(pattern, {
+    cwd,
+    absolute: true,
+    ignore: [...DEFAULT_FIND_FILES_IGNORE, ...extraIgnore]
+  });
 }
 function relativePosix(from, to) {
   return (0, import_node_path.relative)(from, to).replaceAll("\\", "/");
@@ -14240,7 +14250,11 @@ var reRolingPatterns = [
     severity: "high",
     category: "explicit-re-roling",
     description: "Direct instruction override attempt",
-    pattern: /(?:new\s+)?(?:system\s+)?(?:instruction|directive|role|persona)\s*[:=]\s*/i
+    // Requires an override verb (new/override/replace/set/reassign/reset/switch/update/change)
+    // before the keyword so plain documentation headings like `_Agent & Persona:_` or YAML
+    // keys like `role: developer` do not trigger. Real overrides ("new system instruction:",
+    // "override directive:", "set role: admin") still match.
+    pattern: /(?:new|override|replace|set|reassign|reset|switch(?:\s+to)?|update|change)\s+(?:system\s+)?(?:instruction|directive|role|persona)s?\s*[:=]\s*/i
   }
 ];
 var permissionEscalationPatterns = [

package/dist/index.mjs CHANGED Viewed

@@ -57,7 +57,7 @@ import {
   runAll,
   validateDependencies,
   violationId
-} from "./chunk-4UI65RLE.mjs";
+} from "./chunk-JIOBXIVB.mjs";
 // src/index.ts
 export * from "@harness-engineering/types";
@@ -10963,7 +10963,11 @@ var reRolingPatterns = [
     severity: "high",
     category: "explicit-re-roling",
     description: "Direct instruction override attempt",
-    pattern: /(?:new\s+)?(?:system\s+)?(?:instruction|directive|role|persona)\s*[:=]\s*/i
+    // Requires an override verb (new/override/replace/set/reassign/reset/switch/update/change)
+    // before the keyword so plain documentation headings like `_Agent & Persona:_` or YAML
+    // keys like `role: developer` do not trigger. Real overrides ("new system instruction:",
+    // "override directive:", "set role: admin") still match.
+    pattern: /(?:new|override|replace|set|reassign|reset|switch(?:\s+to)?|update|change)\s+(?:system\s+)?(?:instruction|directive|role|persona)s?\s*[:=]\s*/i
   }
 ];
 var permissionEscalationPatterns = [