npm - @hermespilot/link - Versions diffs - 0.7.5 → 0.7.6 - Mend

@hermespilot/link 0.7.5 → 0.7.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/dist/{chunk-MVKOUAVA.js → chunk-P54DBGLE.js} +86 -8
package/dist/cli/index.js +1 -1
package/dist/http/app.js +1 -1
package/package.json +1 -1

package/dist/{chunk-MVKOUAVA.js → chunk-P54DBGLE.js} RENAMED Viewed

@@ -2314,6 +2314,9 @@ function resolveHermesProfilesDir() {
 function resolveHermesConfigPath(profileName = "default") {
   return path3.join(resolveHermesProfileDir(profileName), "config.yaml");
 }
+function resolveHermesEnvPath(profileName = "default") {
+  return path3.join(resolveHermesProfileDir(profileName), ".env");
+}
 async function readHermesSessionsDir(profileName = "default", configPath = resolveHermesConfigPath(profileName)) {
   const profileDir = resolveHermesProfileDir(profileName);
   const { config } = await readHermesConfigDocument(configPath);
@@ -2946,7 +2949,9 @@ async function readHermesProfilePermissions(profileName = "default", configPath
 }
 async function saveHermesProfilePermissions(profileName, input, configPath = resolveHermesConfigPath(profileName)) {
   const { document, config, existingRaw } = await readHermesConfigDocument(configPath);
+  let configTouched = false;
   if (input.approvals) {
+    configTouched = true;
     const approvals = ensureRecord(config, "approvals");
     if (input.approvals.mode !== void 0) {
       approvals.mode = normalizeApprovalMode(input.approvals.mode);
@@ -2962,6 +2967,7 @@ async function saveHermesProfilePermissions(profileName, input, configPath = res
     }
   }
   if (input.terminal) {
+    configTouched = true;
     const terminal = ensureRecord(config, "terminal");
     if (input.terminal.backend !== void 0) {
       terminal.backend = normalizeTerminalBackend(input.terminal.backend);
@@ -2991,7 +2997,24 @@ async function saveHermesProfilePermissions(profileName, input, configPath = res
       terminal.container_persistent = input.terminal.containerPersistent;
     }
   }
+  let envChanged = false;
+  if (input.sudo) {
+    if (input.sudo.clear) {
+      envChanged = await deleteHermesEnvValue(profileName, "SUDO_PASSWORD") || envChanged;
+      const terminal = toRecord(config.terminal);
+      if (terminal.sudo_password !== void 0) {
+        delete terminal.sudo_password;
+        configTouched = true;
+      }
+    }
+    if (input.sudo.password !== void 0) {
+      const password = normalizeSudoPassword(input.sudo.password);
+      await writeHermesEnvValue(profileName, "SUDO_PASSWORD", password);
+      envChanged = true;
+    }
+  }
   if (input.toolsets) {
+    configTouched = true;
     const env = await readHermesEnvFile(profileName);
     const currentPermissions = profilePermissionsFromConfig(
       profileName,
@@ -3019,16 +3042,16 @@ async function saveHermesProfilePermissions(profileName, input, configPath = res
     }
     platformToolsets.api_server = next;
   }
-  const backupPath = await writeHermesConfigDocument({
+  const backupPath = configTouched ? await writeHermesConfigDocument({
     configPath,
     document,
     config,
     existingRaw
-  });
+  }) : null;
   return {
     ...await readHermesProfilePermissions(profileName, configPath),
     backupPath,
-    requiresGatewayReload: true,
+    requiresGatewayReload: configTouched || envChanged,
     restartHint: PROFILE_PERMISSIONS_RESTART_HINT
   };
 }
@@ -4947,6 +4970,7 @@ function readPositiveInteger(value) {
 function profilePermissionsFromConfig(profileName, configPath, config, env) {
   const approvals = toRecord(config.approvals);
   const terminal = toRecord(config.terminal);
+  const envPath = resolveHermesEnvPath(profileName);
   const platformToolsets = toRecord(config.platform_toolsets);
   const apiServerToolsets = readStringList(platformToolsets.api_server);
   const hasExplicitToolsets = apiServerToolsets.some(
@@ -4960,6 +4984,7 @@ function profilePermissionsFromConfig(profileName, configPath, config, env) {
   return {
     profileName,
     configPath,
+    envPath,
     approvals: {
       mode: readApprovalMode(approvals.mode),
       timeout: readPositiveInteger(approvals.timeout) ?? 60,
@@ -4973,6 +4998,11 @@ function profilePermissionsFromConfig(profileName, configPath, config, env) {
       containerDisk: readPositiveInteger(terminal.container_disk) ?? null,
       containerPersistent: terminal.container_persistent !== false
     },
+    sudo: {
+      configured: isEnvValueConfigured(env.SUDO_PASSWORD) || isEnvValueConfigured(readString2(terminal.sudo_password)),
+      envKey: "SUDO_PASSWORD",
+      envPath
+    },
     toolsets: {
       items: PROFILE_PERMISSION_TOOLSETS.map((toolset) => {
         const configState = readToolsetConfigState(toolset.key, config, env);
@@ -5175,6 +5205,15 @@ function normalizeCronApprovalMode(value) {
   }
   throw new Error("approvals.cron_mode must be deny or approve");
 }
+function normalizeSudoPassword(value) {
+  if (!value) {
+    throw new Error("sudo.password must be non-empty");
+  }
+  if (value.includes("\n") || value.includes("\r") || value.includes("\0")) {
+    throw new Error("sudo.password must not contain line breaks");
+  }
+  return value;
+}
 function normalizeTerminalBackend(value) {
   const backend = value.trim().toLowerCase();
   if (TERMINAL_BACKENDS.has(backend)) {
@@ -5932,7 +5971,7 @@ async function readHermesApiServerEnvOverrides(profileName) {
   };
 }
 async function readHermesEnvFile(profileName) {
-  const envPath = path3.join(resolveHermesProfileDir(profileName), ".env");
+  const envPath = resolveHermesEnvPath(profileName);
   const raw = await readFile2(envPath, "utf8").catch((error) => {
     if (isNodeError3(error, "ENOENT")) {
       return "";
@@ -5956,7 +5995,7 @@ async function readHermesEnvFile(profileName) {
   return values;
 }
 async function writeHermesEnvValue(profileName, key, value) {
-  const envPath = path3.join(resolveHermesProfileDir(profileName), ".env");
+  const envPath = resolveHermesEnvPath(profileName);
   const existingRaw = await readFile2(envPath, "utf8").catch(
     (error) => {
       if (isNodeError3(error, "ENOENT")) {
@@ -5991,8 +6030,32 @@ async function writeHermesEnvValue(profileName, key, value) {
   }
   await atomicWriteFilePreservingMetadata(envPath, nextRaw);
 }
+async function deleteHermesEnvValue(profileName, key) {
+  const envPath = resolveHermesEnvPath(profileName);
+  const raw = await readFile2(envPath, "utf8").catch((error) => {
+    if (isNodeError3(error, "ENOENT")) {
+      return "";
+    }
+    throw error;
+  });
+  if (!raw) {
+    return false;
+  }
+  const keyPattern = new RegExp(`^(?:export\\s+)?${escapeRegExp(key)}=`, "u");
+  const lines = raw.split(/\r?\n/u);
+  const nextLines = lines.filter((line) => !keyPattern.test(line.trim()));
+  const nextRaw = nextLines.join("\n").replace(/\n*$/u, "\n");
+  if (nextRaw === raw) {
+    return false;
+  }
+  await atomicWriteFilePreservingMetadata(`${envPath}.bak.${Date.now()}`, raw, {
+    metadataSourcePath: envPath
+  });
+  await atomicWriteFilePreservingMetadata(envPath, nextRaw);
+  return true;
+}
 async function writeHermesApiServerEnv(profileName, config, options = {}) {
-  const envPath = path3.join(resolveHermesProfileDir(profileName), ".env");
+  const envPath = resolveHermesEnvPath(profileName);
   const existingRaw = await readFile2(envPath, "utf8").catch(
     (error) => {
       if (isNodeError3(error, "ENOENT")) {
@@ -6016,7 +6079,7 @@ async function writeHermesApiServerEnv(profileName, config, options = {}) {
   );
 }
 async function writeHermesEnvValues(profileName, values, existingRaw) {
-  const envPath = path3.join(resolveHermesProfileDir(profileName), ".env");
+  const envPath = resolveHermesEnvPath(profileName);
   const raw = existingRaw ?? await readFile2(envPath, "utf8").catch((error) => {
     if (isNodeError3(error, "ENOENT")) {
       return "";
@@ -6510,7 +6573,7 @@ function isConversationMissingError(error) {
 }
 // src/constants.ts
-var LINK_VERSION = "0.7.5";
+var LINK_VERSION = "0.7.6";
 var LINK_COMMAND = "hermeslink";
 var LINK_DEFAULT_PORT = 52379;
 var LINK_RUNTIME_DIR_NAME = ".hermeslink";
@@ -27375,6 +27438,17 @@ function readProfilePermissionsInput(body) {
       )
     };
   }
+  const sudo = readOptionalObject(body, "sudo");
+  if (sudo) {
+    const clear = readBoolean3(sudo.clear ?? sudo.remove ?? sudo.delete);
+    const sudoInput = {
+      password: readRawString(sudo, "password") ?? readRawString(sudo, "sudo_password") ?? readRawString(sudo, "sudoPassword") ?? void 0,
+      clear: clear === true ? true : void 0
+    };
+    if (sudoInput.password !== void 0 || sudoInput.clear !== void 0) {
+      input.sudo = sudoInput;
+    }
+  }
   const toolsets = readOptionalObject(body, "toolsets");
   if (toolsets) {
     input.toolsets = {
@@ -27408,6 +27482,10 @@ function readOptionalObject(body, key) {
   }
   return value;
 }
+function readRawString(body, key) {
+  const value = body[key];
+  return typeof value === "string" ? value : null;
+}
 function readStringListValue(value, field) {
   if (value === void 0) {
     return null;

package/dist/cli/index.js CHANGED Viewed

@@ -53,7 +53,7 @@ import {
   stopDaemonProcess,
   summarizeUsageProbeEnsure,
   translate
-} from "../chunk-MVKOUAVA.js";
+} from "../chunk-P54DBGLE.js";
 // src/cli/index.ts
 import { Command } from "commander";

package/dist/http/app.js CHANGED Viewed

@@ -1,6 +1,6 @@
 import {
   createApp
-} from "../chunk-MVKOUAVA.js";
+} from "../chunk-P54DBGLE.js";
 export {
   createApp
 };

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@hermespilot/link",
-  "version": "0.7.5",
+  "version": "0.7.6",
   "private": false,
   "description": "Hermes Link companion service and CLI for connecting hermes-agent through HermesPilot",
   "license": "MIT",