npm - @hopping-dev/hub - Versions diffs - 0.1.0 - Mend

@hopping-dev/hub 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (165) hide show

package/assets/hopping-skill/SKILL.md +221 -0
package/dist/approval/manager.d.ts +60 -0
package/dist/approval/manager.d.ts.map +1 -0
package/dist/approval/manager.js +101 -0
package/dist/approval/manager.js.map +1 -0
package/dist/approval/session-memory.d.ts +37 -0
package/dist/approval/session-memory.d.ts.map +1 -0
package/dist/approval/session-memory.js +63 -0
package/dist/approval/session-memory.js.map +1 -0
package/dist/cli/config-writer.d.ts +57 -0
package/dist/cli/config-writer.d.ts.map +1 -0
package/dist/cli/config-writer.js +318 -0
package/dist/cli/config-writer.js.map +1 -0
package/dist/cli/index.d.ts +3 -0
package/dist/cli/index.d.ts.map +1 -0
package/dist/cli/index.js +82 -0
package/dist/cli/index.js.map +1 -0
package/dist/cli/path-resolver.d.ts +48 -0
package/dist/cli/path-resolver.d.ts.map +1 -0
package/dist/cli/path-resolver.js +212 -0
package/dist/cli/path-resolver.js.map +1 -0
package/dist/cli/setup.d.ts +10 -0
package/dist/cli/setup.d.ts.map +1 -0
package/dist/cli/setup.js +268 -0
package/dist/cli/setup.js.map +1 -0
package/dist/cloud/connector.d.ts +74 -0
package/dist/cloud/connector.d.ts.map +1 -0
package/dist/cloud/connector.js +524 -0
package/dist/cloud/connector.js.map +1 -0
package/dist/cloud/index.d.ts +3 -0
package/dist/cloud/index.d.ts.map +1 -0
package/dist/cloud/index.js +6 -0
package/dist/cloud/index.js.map +1 -0
package/dist/config/manager.d.ts +76 -0
package/dist/config/manager.d.ts.map +1 -0
package/dist/config/manager.js +296 -0
package/dist/config/manager.js.map +1 -0
package/dist/dev-mode.d.ts +30 -0
package/dist/dev-mode.d.ts.map +1 -0
package/dist/dev-mode.js +53 -0
package/dist/dev-mode.js.map +1 -0
package/dist/index.d.ts +10 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +354 -0
package/dist/index.js.map +1 -0
package/dist/ipc/index.d.ts +12 -0
package/dist/ipc/index.d.ts.map +1 -0
package/dist/ipc/index.js +15 -0
package/dist/ipc/index.js.map +1 -0
package/dist/ipc/watcher.d.ts +226 -0
package/dist/ipc/watcher.d.ts.map +1 -0
package/dist/ipc/watcher.js +745 -0
package/dist/ipc/watcher.js.map +1 -0
package/dist/local/approval-dialog.d.ts +30 -0
package/dist/local/approval-dialog.d.ts.map +1 -0
package/dist/local/approval-dialog.js +214 -0
package/dist/local/approval-dialog.js.map +1 -0
package/dist/local/index.d.ts +8 -0
package/dist/local/index.d.ts.map +1 -0
package/dist/local/index.js +13 -0
package/dist/local/index.js.map +1 -0
package/dist/local/local-approval.d.ts +55 -0
package/dist/local/local-approval.d.ts.map +1 -0
package/dist/local/local-approval.js +125 -0
package/dist/local/local-approval.js.map +1 -0
package/dist/local/notifier.d.ts +19 -0
package/dist/local/notifier.d.ts.map +1 -0
package/dist/local/notifier.js +110 -0
package/dist/local/notifier.js.map +1 -0
package/dist/local/sanitize.d.ts +20 -0
package/dist/local/sanitize.d.ts.map +1 -0
package/dist/local/sanitize.js +28 -0
package/dist/local/sanitize.js.map +1 -0
package/dist/mcp/file-extractor.d.ts +11 -0
package/dist/mcp/file-extractor.d.ts.map +1 -0
package/dist/mcp/file-extractor.js +74 -0
package/dist/mcp/file-extractor.js.map +1 -0
package/dist/mcp/risk-level.d.ts +44 -0
package/dist/mcp/risk-level.d.ts.map +1 -0
package/dist/mcp/risk-level.js +127 -0
package/dist/mcp/risk-level.js.map +1 -0
package/dist/mcp/schemas.d.ts +83 -0
package/dist/mcp/schemas.d.ts.map +1 -0
package/dist/mcp/schemas.js +84 -0
package/dist/mcp/schemas.js.map +1 -0
package/dist/mcp/summary.d.ts +11 -0
package/dist/mcp/summary.d.ts.map +1 -0
package/dist/mcp/summary.js +150 -0
package/dist/mcp/summary.js.map +1 -0
package/dist/mcp/tools.d.ts +45 -0
package/dist/mcp/tools.d.ts.map +1 -0
package/dist/mcp/tools.js +1217 -0
package/dist/mcp/tools.js.map +1 -0
package/dist/pairing/auto-pairing.d.ts +37 -0
package/dist/pairing/auto-pairing.d.ts.map +1 -0
package/dist/pairing/auto-pairing.js +144 -0
package/dist/pairing/auto-pairing.js.map +1 -0
package/dist/pairing/binding-poller.d.ts +26 -0
package/dist/pairing/binding-poller.d.ts.map +1 -0
package/dist/pairing/binding-poller.js +108 -0
package/dist/pairing/binding-poller.js.map +1 -0
package/dist/pairing/pairing-server.d.ts +14 -0
package/dist/pairing/pairing-server.d.ts.map +1 -0
package/dist/pairing/pairing-server.js +277 -0
package/dist/pairing/pairing-server.js.map +1 -0
package/dist/pairing/qr-display.d.ts +14 -0
package/dist/pairing/qr-display.d.ts.map +1 -0
package/dist/pairing/qr-display.js +40 -0
package/dist/pairing/qr-display.js.map +1 -0
package/dist/policy/engine.d.ts +31 -0
package/dist/policy/engine.d.ts.map +1 -0
package/dist/policy/engine.js +187 -0
package/dist/policy/engine.js.map +1 -0
package/dist/policy/store.d.ts +26 -0
package/dist/policy/store.d.ts.map +1 -0
package/dist/policy/store.js +70 -0
package/dist/policy/store.js.map +1 -0
package/dist/policy/system-policies.d.ts +15 -0
package/dist/policy/system-policies.d.ts.map +1 -0
package/dist/policy/system-policies.js +265 -0
package/dist/policy/system-policies.js.map +1 -0
package/dist/policy/tool-mapping.d.ts +45 -0
package/dist/policy/tool-mapping.d.ts.map +1 -0
package/dist/policy/tool-mapping.js +88 -0
package/dist/policy/tool-mapping.js.map +1 -0
package/dist/policy/tool-registry.json +85 -0
package/dist/store/db.d.ts +17 -0
package/dist/store/db.d.ts.map +1 -0
package/dist/store/db.js +193 -0
package/dist/store/db.js.map +1 -0
package/dist/store/index.d.ts +4 -0
package/dist/store/index.d.ts.map +1 -0
package/dist/store/index.js +7 -0
package/dist/store/index.js.map +1 -0
package/dist/store/metadata.d.ts +31 -0
package/dist/store/metadata.d.ts.map +1 -0
package/dist/store/metadata.js +178 -0
package/dist/store/metadata.js.map +1 -0
package/dist/store/operations.d.ts +26 -0
package/dist/store/operations.d.ts.map +1 -0
package/dist/store/operations.js +171 -0
package/dist/store/operations.js.map +1 -0
package/dist/utils/json.d.ts +7 -0
package/dist/utils/json.d.ts.map +1 -0
package/dist/utils/json.js +33 -0
package/dist/utils/json.js.map +1 -0
package/dist/utils/logger.d.ts +13 -0
package/dist/utils/logger.d.ts.map +1 -0
package/dist/utils/logger.js +58 -0
package/dist/utils/logger.js.map +1 -0
package/dist/utils/open-browser.d.ts +8 -0
package/dist/utils/open-browser.d.ts.map +1 -0
package/dist/utils/open-browser.js +38 -0
package/dist/utils/open-browser.js.map +1 -0
package/node_modules/@hopping/shared/dist/types.d.ts +649 -0
package/node_modules/@hopping/shared/dist/types.js +48 -0
package/node_modules/@hopping/shared/dist/types.js.map +1 -0
package/node_modules/@hopping/shared/package.json +14 -0
package/node_modules/@hopping/shared/tsconfig.json +16 -0
package/node_modules/@hopping/shared/types.d.ts +650 -0
package/node_modules/@hopping/shared/types.d.ts.map +1 -0
package/node_modules/@hopping/shared/types.js +48 -0
package/node_modules/@hopping/shared/types.js.map +1 -0
package/node_modules/@hopping/shared/types.ts +895 -0
package/package.json +52 -0

package/assets/hopping-skill/SKILL.md ADDED Viewed

@@ -0,0 +1,221 @@
+---
+name: hopping-skill
+description: HopPing AI Agent Remote Control — call hopping.check before risky operations (shell commands, file writes, git pushes, database changes, .env access). For agents without Hook support, also call hopping.report after each significant operation.
+user-invocable: false
+---
+# HopPing — AI Agent Remote Control
+HopPing lets users approve, control, and observe AI Agent operations from their phone. When `hopping.check` is available as an MCP tool, follow these guidelines to keep users in the loop.
+---
+## When to Call `hopping.check`
+Call `hopping.check` **before** executing any of the following:
+| Risk Level   | Operations                                                                                           |
+| ------------ | ---------------------------------------------------------------------------------------------------- |
+| **Critical** | `rm -rf`, `rm -r`, `DROP TABLE`, `TRUNCATE`, accessing `.env` / credentials / secrets / private keys |
+| **High**     | `sudo`, `chmod 777`, `curl \| bash`, `wget \| bash`, production deployments                          |
+| **Medium**   | `git push --force`, `git reset --hard`, `git clean -f`, any `rm` command                             |
+| **Audit**    | All shell commands (`Bash` tool), all file writes (`Edit`, `Write` tools), all database mutations    |
+**Skip `hopping.check` for low-risk operations:**
+`Read`, `Glob`, `Grep`, `WebSearch`, `WebFetch`, `TodoRead`, `TodoWrite`
+---
+## How to Call `hopping.check`
+**Required fields:** `toolName`, `toolInput`
+**Optional but recommended:** `sessionId`, `cwd`, `context`
+```json
+{
+  "toolName": "Bash",
+  "toolInput": { "command": "rm -rf dist/" },
+  "sessionId": "session-abc123",
+  "cwd": "/Users/dev/my-project",
+  "context": {
+    "recentFiles": ["src/index.ts", "package.json"],
+    "branch": "main",
+    "project": "my-project"
+  }
+}
+```
+### Handling the Response
+```json
+{
+  "approvalId": "uuid",
+  "decision": "approved | denied | conditional | timeout | pending",
+  "riskLevel": "low | medium | high | critical",
+  "message": "human-readable explanation"
+}
+```
+| `decision`    | Action                                                                                                     |
+| ------------- | ---------------------------------------------------------------------------------------------------------- |
+| `approved`    | Proceed with the operation                                                                                 |
+| `denied`      | **Stop.** Do not execute. Tell the user: _"Operation denied by HopPing: [message]"_                        |
+| `conditional` | Read `message` carefully. Only proceed if all stated conditions are met                                    |
+| `timeout`     | User did not respond in time. For `high`/`critical` risk: do not proceed. For `low`/`medium`: use judgment |
+| `pending`     | **Ask the user for local approval.** See "Handling Pending Decisions" below                                |
+---
+## Handling Pending Decisions (`hopping.respond`)
+When `hopping.check` returns `decision="pending"`, the remote approval timed out but the operation still requires the user's explicit approval (typically `high` or `critical` risk). **Do not proceed without user confirmation.**
+### Steps
+1. **Show the pending operation to the user.** Include the tool name, risk level, and the message from `hopping.check`.
+2. **Ask the user directly:** _"This operation requires your approval. Do you want to approve or deny it?"_
+3. **Wait for the user's response.** Do not auto-approve or guess.
+4. **Call `hopping.respond`** with the user's decision:
+```json
+{
+  "approvalId": "the-approval-id-from-hopping-check",
+  "decision": "approved",
+  "reason": "User approved locally"
+}
+```
+5. **Check the response from `hopping.respond`:**
+   - `{ "success": true, "source": "local" }` → User's decision was recorded. Proceed if approved, stop if denied.
+   - `{ "success": true, "decision": "approved", "source": "remote" }` → The user already approved on their phone. Proceed.
+   - `{ "success": true, "decision": "denied", "source": "remote" }` → The user already denied on their phone. Stop.
+   - `{ "success": false, "error": "..." }` → Something went wrong. Tell the user and do not proceed.
+### Important Rules
+- **Never call `hopping.respond` without asking the user first.** The purpose of `pending` is to ensure a human makes the decision.
+- If the user says "approve all" or similar blanket statements, still ask for confirmation for each individual `pending` operation.
+- If you are unsure about the user's intent, default to `denied`.
+---
+## Using `hopping.report` (Agents Without Hook Support)
+If you are running on **Codex, Gemini CLI, or any agent without Claude Code Hooks**, call `hopping.report` after each significant operation to enable observation:
+**Required:** `toolName` only. All other fields are recommended.
+```json
+{
+  "toolName": "Bash",
+  "toolParams": { "command": "pnpm install" },
+  "result": "Successfully installed 23 packages",
+  "duration": 4521,
+  "success": true,
+  "filePaths": ["package.json", "pnpm-lock.yaml"]
+}
+```
+**When to report:**
+- After any shell command execution
+- After file writes or edits
+- After git operations
+- After database queries
+> **Agents with Claude Code Hooks (Claude Code, Cursor):** Hooks automatically observe all operations — `hopping.report` is not required unless you want to add extra context.
+---
+## Using `hopping.status`
+Check Hub connectivity at session start or when debugging:
+```json
+{ "query": "all" }
+```
+Returns: `activeSessions`, `pendingApprovals`, `todayOperations`, `hubUptime`, `connectedToCloud`.
+Call `hopping.status` when:
+- Starting a new session (verify Hub is running)
+- Debugging why approvals are not arriving on phone
+- Checking how many operations were recorded today
+---
+## Reporting Task Completion
+When you have **finished all steps of the user's task**, call `hopping.report` with `context.taskCompleted: true`. This notifies the user's phone that the agent is now idle and ready for new instructions.
+```json
+{
+  "toolName": "task_completed",
+  "result": "All requested tasks have been completed successfully.",
+  "success": true,
+  "context": {
+    "taskCompleted": true,
+    "project": "my-project"
+  }
+}
+```
+**When to send task completion:**
+- After completing all steps in the user's current prompt/task
+- When you have nothing more to do and are returning control to the user
+- Do NOT send for intermediate milestones — only when the entire task is done
+**Why this matters:** The user may be away from their computer. This notification lets them know they can return to give new instructions, or simply enjoy their coffee a bit longer.
+---
+## Examples
+### Before a destructive shell command
+```
+1. Call hopping.check: toolName="Bash", toolInput={"command": "rm -rf node_modules/"}
+2. If decision="approved" → run the Bash command
+3. If decision="denied"   → tell user: "Hub denied: [message]"
+```
+### Before writing to a sensitive file
+```
+1. Call hopping.check: toolName="Write", toolInput={"file_path": ".env", "content": "..."}
+2. Wait for decision
+3. Only write if decision="approved"
+```
+### Reporting an operation (no Hook)
+```
+1. Execute: pnpm install
+2. Call hopping.report: toolName="Bash", toolParams={"command":"pnpm install"},
+   result="installed 23 packages", success=true, duration=4521
+```
+### Pending operation (user away, returns to computer)
+```
+1. Call hopping.check: toolName="Bash", toolInput={"command": "rm -rf /var/data/old-backups"}
+2. decision="pending" (remote approval timed out, critical risk)
+3. Tell user: "⏳ A critical operation is pending your approval:
+   - Tool: Bash
+   - Command: rm -rf /var/data/old-backups
+   Do you approve or deny?"
+4. User says "approve"
+5. Call hopping.respond: approvalId="abc-123", decision="approved", reason="User approved locally"
+6. Response: { success: true, source: "local" }
+7. Proceed with the Bash command
+```
+### Session start check
+```
+1. Call hopping.status: query="all"
+2. If connectedToCloud=false → note that phone approval is unavailable
+3. Proceed normally — local policies still apply
+```

package/dist/approval/manager.d.ts ADDED Viewed

@@ -0,0 +1,60 @@
+import { Logger } from '../utils/logger';
+/**
+ * waitForApproval() 回傳的結果
+ * - timedOut=true: 超時（未收到 Mobile 回應）
+ * - timedOut=false: 正常 resolve（收到 Mobile 回應或 clearAll）
+ */
+export interface ApprovalResult {
+    approved: boolean;
+    reason?: string;
+    timedOut: boolean;
+    /** 決策來源（如 'mobile'、'local_dialog'、'local_respond'） */
+    source?: string;
+    /** Rich response: 用戶選擇的選項 ID（responseType='choice' 時） */
+    selectedOption?: string;
+    /** Rich response: 用戶輸入的自由文字（responseType='freetext' 時） */
+    freetext?: string;
+    /** Rich response: isOther 選項的自訂文字 */
+    customText?: string;
+}
+/** Rich response 欄位（從 PermissionResponsePayload 或 Mobile 回傳） */
+export interface RichResponseFields {
+    selectedOption?: string;
+    freetext?: string;
+    customText?: string;
+}
+/**
+ * Approval Manager
+ * 管理待審核請求、超時處理、決策回傳
+ */
+export declare class ApprovalManager {
+    private pending;
+    private logger;
+    private defaultTimeoutMs;
+    constructor(logger: Logger, defaultTimeoutMs?: number);
+    /**
+     * 建立新的審核請求，回傳 Promise 等待用戶決策
+     */
+    waitForApproval(requestId: string, timeoutMs?: number): Promise<ApprovalResult>;
+    /**
+     * 處理用戶的審核決策
+     */
+    resolveApproval(requestId: string, approved: boolean, reason?: string, source?: string, richResponse?: RichResponseFields): boolean;
+    /**
+     * 檢查特定請求是否仍在 pending map 中
+     */
+    isPending(requestId: string): boolean;
+    /**
+     * 取得所有待審核的請求 ID
+     */
+    getPendingIds(): string[];
+    /**
+     * 待審核數量
+     */
+    get pendingCount(): number;
+    /**
+     * 清除所有待審核（例如關閉時）
+     */
+    clearAll(): void;
+}
+//# sourceMappingURL=manager.d.ts.map

package/dist/approval/manager.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"manager.d.ts","sourceRoot":"","sources":["../../src/approval/manager.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,iBAAiB,CAAC;AAEzC;;;;GAIG;AACH,MAAM,WAAW,cAAc;IAC7B,QAAQ,EAAE,OAAO,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,OAAO,CAAC;IAClB,sDAAsD;IACtD,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,yDAAyD;IACzD,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,0DAA0D;IAC1D,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,qCAAqC;IACrC,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,gEAAgE;AAChE,MAAM,WAAW,kBAAkB;IACjC,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AASD;;;GAGG;AACH,qBAAa,eAAe;IAC1B,OAAO,CAAC,OAAO,CAA2C;IAC1D,OAAO,CAAC,MAAM,CAAS;IACvB,OAAO,CAAC,gBAAgB,CAAS;gBAErB,MAAM,EAAE,MAAM,EAAE,gBAAgB,GAAE,MAAc;IAK5D;;OAEG;IACH,eAAe,CAAC,SAAS,EAAE,MAAM,EAAE,SAAS,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,CAAC;IAyB/E;;OAEG;IACH,eAAe,CACb,SAAS,EAAE,MAAM,EACjB,QAAQ,EAAE,OAAO,EACjB,MAAM,CAAC,EAAE,MAAM,EACf,MAAM,CAAC,EAAE,MAAM,EACf,YAAY,CAAC,EAAE,kBAAkB,GAChC,OAAO;IAgCV;;OAEG;IACH,SAAS,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO;IAIrC;;OAEG;IACH,aAAa,IAAI,MAAM,EAAE;IAIzB;;OAEG;IACH,IAAI,YAAY,IAAI,MAAM,CAEzB;IAED;;OAEG;IACH,QAAQ,IAAI,IAAI;CAQjB"}

package/dist/approval/manager.js ADDED Viewed

@@ -0,0 +1,101 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ApprovalManager = void 0;
+/**
+ * Approval Manager
+ * 管理待審核請求、超時處理、決策回傳
+ */
+class ApprovalManager {
+    pending = new Map();
+    logger;
+    defaultTimeoutMs;
+    constructor(logger, defaultTimeoutMs = 60000) {
+        this.logger = logger;
+        this.defaultTimeoutMs = defaultTimeoutMs;
+    }
+    /**
+     * 建立新的審核請求，回傳 Promise 等待用戶決策
+     */
+    waitForApproval(requestId, timeoutMs) {
+        const timeout = timeoutMs ?? this.defaultTimeoutMs;
+        return new Promise((resolve) => {
+            const timer = setTimeout(() => {
+                this.logger.warn('Approval timeout', { requestId, timeoutMs: timeout });
+                this.pending.delete(requestId);
+                resolve({ approved: false, reason: 'Approval timeout', timedOut: true });
+            }, timeout);
+            this.pending.set(requestId, {
+                id: requestId,
+                resolve,
+                timeout: timer,
+                createdAt: Date.now(),
+            });
+            this.logger.info('Approval request created', {
+                requestId,
+                timeoutMs: timeout,
+                pendingCount: this.pending.size,
+            });
+        });
+    }
+    /**
+     * 處理用戶的審核決策
+     */
+    resolveApproval(requestId, approved, reason, source, richResponse) {
+        const pending = this.pending.get(requestId);
+        if (!pending) {
+            this.logger.warn('No pending approval found', { requestId });
+            return false;
+        }
+        clearTimeout(pending.timeout);
+        this.pending.delete(requestId);
+        const waitTimeMs = Date.now() - pending.createdAt;
+        this.logger.info('Approval resolved', {
+            requestId,
+            approved,
+            reason,
+            source,
+            waitTimeMs,
+        });
+        pending.resolve({
+            approved,
+            reason,
+            timedOut: false,
+            source,
+            selectedOption: richResponse?.selectedOption,
+            freetext: richResponse?.freetext,
+            customText: richResponse?.customText,
+        });
+        return true;
+    }
+    /**
+     * 檢查特定請求是否仍在 pending map 中
+     */
+    isPending(requestId) {
+        return this.pending.has(requestId);
+    }
+    /**
+     * 取得所有待審核的請求 ID
+     */
+    getPendingIds() {
+        return Array.from(this.pending.keys());
+    }
+    /**
+     * 待審核數量
+     */
+    get pendingCount() {
+        return this.pending.size;
+    }
+    /**
+     * 清除所有待審核（例如關閉時）
+     */
+    clearAll() {
+        for (const [, pending] of this.pending.entries()) {
+            clearTimeout(pending.timeout);
+            pending.resolve({ approved: false, reason: 'System shutdown', timedOut: false });
+        }
+        this.pending.clear();
+        this.logger.info('All pending approvals cleared');
+    }
+}
+exports.ApprovalManager = ApprovalManager;
+//# sourceMappingURL=manager.js.map

package/dist/approval/manager.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"manager.js","sourceRoot":"","sources":["../../src/approval/manager.ts"],"names":[],"mappings":";;;AAmCA;;;GAGG;AACH,MAAa,eAAe;IAClB,OAAO,GAAiC,IAAI,GAAG,EAAE,CAAC;IAClD,MAAM,CAAS;IACf,gBAAgB,CAAS;IAEjC,YAAY,MAAc,EAAE,mBAA2B,KAAK;QAC1D,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,gBAAgB,GAAG,gBAAgB,CAAC;IAC3C,CAAC;IAED;;OAEG;IACH,eAAe,CAAC,SAAiB,EAAE,SAAkB;QACnD,MAAM,OAAO,GAAG,SAAS,IAAI,IAAI,CAAC,gBAAgB,CAAC;QAEnD,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;YAC7B,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,EAAE;gBAC5B,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,kBAAkB,EAAE,EAAE,SAAS,EAAE,SAAS,EAAE,OAAO,EAAE,CAAC,CAAC;gBACxE,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;gBAC/B,OAAO,CAAC,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,kBAAkB,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC;YAC3E,CAAC,EAAE,OAAO,CAAC,CAAC;YAEZ,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,SAAS,EAAE;gBAC1B,EAAE,EAAE,SAAS;gBACb,OAAO;gBACP,OAAO,EAAE,KAAK;gBACd,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;aACtB,CAAC,CAAC;YAEH,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,0BAA0B,EAAE;gBAC3C,SAAS;gBACT,SAAS,EAAE,OAAO;gBAClB,YAAY,EAAE,IAAI,CAAC,OAAO,CAAC,IAAI;aAChC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACH,eAAe,CACb,SAAiB,EACjB,QAAiB,EACjB,MAAe,EACf,MAAe,EACf,YAAiC;QAEjC,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QAC5C,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,2BAA2B,EAAE,EAAE,SAAS,EAAE,CAAC,CAAC;YAC7D,OAAO,KAAK,CAAC;QACf,CAAC;QAED,YAAY,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC9B,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAE/B,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,OAAO,CAAC,SAAS,CAAC;QAElD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,mBAAmB,EAAE;YACpC,SAAS;YACT,QAAQ;YACR,MAAM;YACN,MAAM;YACN,UAAU;SACX,CAAC,CAAC;QAEH,OAAO,CAAC,OAAO,CAAC;YACd,QAAQ;YACR,MAAM;YACN,QAAQ,EAAE,KAAK;YACf,MAAM;YACN,cAAc,EAAE,YAAY,EAAE,cAAc;YAC5C,QAAQ,EAAE,YAAY,EAAE,QAAQ;YAChC,UAAU,EAAE,YAAY,EAAE,UAAU;SACrC,CAAC,CAAC;QACH,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;OAEG;IACH,SAAS,CAAC,SAAiB;QACzB,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IACrC,CAAC;IAED;;OAEG;IACH,aAAa;QACX,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;IACzC,CAAC;IAED;;OAEG;IACH,IAAI,YAAY;QACd,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC;IAC3B,CAAC;IAED;;OAEG;IACH,QAAQ;QACN,KAAK,MAAM,CAAC,EAAE,OAAO,CAAC,IAAI,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC;YACjD,YAAY,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;YAC9B,OAAO,CAAC,OAAO,CAAC,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,iBAAiB,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC,CAAC;QACnF,CAAC;QACD,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACrB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC;IACpD,CAAC;CACF;AA/GD,0CA+GC"}

package/dist/approval/session-memory.d.ts ADDED Viewed

@@ -0,0 +1,37 @@
+import type { RiskLevel } from '@hopping/shared';
+/**
+ * SessionMemory — Hub in-memory "don't ask again" store (S4-HUB-DONTASK-001).
+ *
+ * Records (toolName, riskLevel) pairs when Mobile approves with reason='dont_ask_again'.
+ * Subsequent hopping.check / IpcWatcher away-mode calls for the same tool auto-approve
+ * if the current riskLevel is less than or equal to the stored ceiling.
+ *
+ * Cleared on Hub process restart (session scope, intentionally not persisted).
+ */
+export declare class SessionMemory {
+    private readonly allowedTools;
+    /**
+     * Add a tool to the don't-ask-again list.
+     * Trust expansion: if the tool already exists with a lower riskLevel, upgrade to the higher value.
+     * Trust does NOT shrink: adding a lower riskLevel than the existing entry is a no-op.
+     */
+    add(toolName: string, riskLevel: RiskLevel): void;
+    /**
+     * Check if a tool call should be auto-approved.
+     * Returns true only if the tool is in the list AND currentRiskLevel <= storedRiskLevel.
+     */
+    has(toolName: string, currentRiskLevel: RiskLevel): boolean;
+    /** Remove a specific tool from the list. Returns true if the entry existed. */
+    remove(toolName: string): boolean;
+    /** Clear all entries (simulates Hub restart for testing). */
+    clear(): void;
+    /** Number of tools currently in the list. */
+    get size(): number;
+    /** Return all entries as an array (used by hopping.status). */
+    getAll(): Array<{
+        toolName: string;
+        riskLevel: RiskLevel;
+        addedAt: number;
+    }>;
+}
+//# sourceMappingURL=session-memory.d.ts.map

package/dist/approval/session-memory.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"session-memory.d.ts","sourceRoot":"","sources":["../../src/approval/session-memory.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAQjD;;;;;;;;GAQG;AACH,qBAAa,aAAa;IACxB,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAgE;IAE7F;;;;OAIG;IACH,GAAG,CAAC,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS,GAAG,IAAI;IAMjD;;;OAGG;IACH,GAAG,CAAC,QAAQ,EAAE,MAAM,EAAE,gBAAgB,EAAE,SAAS,GAAG,OAAO;IAM3D,+EAA+E;IAC/E,MAAM,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO;IAIjC,6DAA6D;IAC7D,KAAK,IAAI,IAAI;IAIb,6CAA6C;IAC7C,IAAI,IAAI,IAAI,MAAM,CAEjB;IAED,+DAA+D;IAC/D,MAAM,IAAI,KAAK,CAAC;QAAE,QAAQ,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,SAAS,CAAC;QAAC,OAAO,EAAE,MAAM,CAAA;KAAE,CAAC;CAO7E"}

package/dist/approval/session-memory.js ADDED Viewed

@@ -0,0 +1,63 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SessionMemory = void 0;
+/**
+ * Risk level ordering for ceiling comparison.
+ * Lower index = lower risk. has() returns true only if currentRisk <= storedRisk.
+ */
+const RISK_ORDER = { low: 0, medium: 1, high: 2, critical: 3 };
+/**
+ * SessionMemory — Hub in-memory "don't ask again" store (S4-HUB-DONTASK-001).
+ *
+ * Records (toolName, riskLevel) pairs when Mobile approves with reason='dont_ask_again'.
+ * Subsequent hopping.check / IpcWatcher away-mode calls for the same tool auto-approve
+ * if the current riskLevel is less than or equal to the stored ceiling.
+ *
+ * Cleared on Hub process restart (session scope, intentionally not persisted).
+ */
+class SessionMemory {
+    allowedTools = new Map();
+    /**
+     * Add a tool to the don't-ask-again list.
+     * Trust expansion: if the tool already exists with a lower riskLevel, upgrade to the higher value.
+     * Trust does NOT shrink: adding a lower riskLevel than the existing entry is a no-op.
+     */
+    add(toolName, riskLevel) {
+        const existing = this.allowedTools.get(toolName);
+        if (existing && RISK_ORDER[existing.riskLevel] >= RISK_ORDER[riskLevel])
+            return;
+        this.allowedTools.set(toolName, { riskLevel, addedAt: Date.now() });
+    }
+    /**
+     * Check if a tool call should be auto-approved.
+     * Returns true only if the tool is in the list AND currentRiskLevel <= storedRiskLevel.
+     */
+    has(toolName, currentRiskLevel) {
+        const entry = this.allowedTools.get(toolName);
+        if (!entry)
+            return false;
+        return RISK_ORDER[currentRiskLevel] <= RISK_ORDER[entry.riskLevel];
+    }
+    /** Remove a specific tool from the list. Returns true if the entry existed. */
+    remove(toolName) {
+        return this.allowedTools.delete(toolName);
+    }
+    /** Clear all entries (simulates Hub restart for testing). */
+    clear() {
+        this.allowedTools.clear();
+    }
+    /** Number of tools currently in the list. */
+    get size() {
+        return this.allowedTools.size;
+    }
+    /** Return all entries as an array (used by hopping.status). */
+    getAll() {
+        return Array.from(this.allowedTools.entries()).map(([toolName, { riskLevel, addedAt }]) => ({
+            toolName,
+            riskLevel,
+            addedAt,
+        }));
+    }
+}
+exports.SessionMemory = SessionMemory;
+//# sourceMappingURL=session-memory.js.map

package/dist/approval/session-memory.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"session-memory.js","sourceRoot":"","sources":["../../src/approval/session-memory.ts"],"names":[],"mappings":";;;AAEA;;;GAGG;AACH,MAAM,UAAU,GAA8B,EAAE,GAAG,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,QAAQ,EAAE,CAAC,EAAE,CAAC;AAE1F;;;;;;;;GAQG;AACH,MAAa,aAAa;IACP,YAAY,GAAG,IAAI,GAAG,EAAqD,CAAC;IAE7F;;;;OAIG;IACH,GAAG,CAAC,QAAgB,EAAE,SAAoB;QACxC,MAAM,QAAQ,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QACjD,IAAI,QAAQ,IAAI,UAAU,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,UAAU,CAAC,SAAS,CAAC;YAAE,OAAO;QAChF,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE,SAAS,EAAE,OAAO,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;IACtE,CAAC;IAED;;;OAGG;IACH,GAAG,CAAC,QAAgB,EAAE,gBAA2B;QAC/C,MAAM,KAAK,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAC9C,IAAI,CAAC,KAAK;YAAE,OAAO,KAAK,CAAC;QACzB,OAAO,UAAU,CAAC,gBAAgB,CAAC,IAAI,UAAU,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;IACrE,CAAC;IAED,+EAA+E;IAC/E,MAAM,CAAC,QAAgB;QACrB,OAAO,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IAC5C,CAAC;IAED,6DAA6D;IAC7D,KAAK;QACH,IAAI,CAAC,YAAY,CAAC,KAAK,EAAE,CAAC;IAC5B,CAAC;IAED,6CAA6C;IAC7C,IAAI,IAAI;QACN,OAAO,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC;IAChC,CAAC;IAED,+DAA+D;IAC/D,MAAM;QACJ,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,OAAO,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,EAAE,EAAE,SAAS,EAAE,OAAO,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC;YAC1F,QAAQ;YACR,SAAS;YACT,OAAO;SACR,CAAC,CAAC,CAAC;IACN,CAAC;CACF;AA/CD,sCA+CC"}

package/dist/cli/config-writer.d.ts ADDED Viewed

@@ -0,0 +1,57 @@
+import type { DetectedAgent } from './path-resolver';
+export interface McpServerEntry {
+    type?: string;
+    command: string;
+    args: string[];
+    env?: Record<string, string>;
+}
+export interface WriteResult {
+    path: string;
+    action: 'created' | 'updated';
+    backedUp: boolean;
+}
+export interface WriteOptions {
+    hubCommand: string;
+    hubArgs: string[];
+    devMode: string;
+    preHookPath: string;
+    postHookPath: string;
+    cursorAdapterPath: string;
+    scope: 'project' | 'user';
+    skipHooks: boolean;
+    dryRun: boolean;
+}
+/**
+ * 寫入 Claude Code / Cursor MCP config（JSON 格式）
+ * - Claude Code: .mcp.json（project） / ~/.claude.json（user）
+ * - Cursor: .cursor/mcp.json（project） / ~/.cursor/mcp.json（user）
+ */
+export declare function writeMcpJson(agent: DetectedAgent, options: WriteOptions): Promise<WriteResult>;
+/**
+ * 寫入 Codex MCP config（TOML 格式）
+ * - .codex/config.toml（project / user）
+ */
+export declare function writeMcpToml(agent: DetectedAgent, options: WriteOptions): Promise<WriteResult>;
+/**
+ * 寫入 MCP config（根據 agent 自動分派 JSON 或 TOML）
+ */
+export declare function writeMcpConfig(agent: DetectedAgent, options: WriteOptions): Promise<WriteResult>;
+/**
+ * 寫入 Claude Code Hooks config（.claude/settings.json，巢狀格式，PascalCase）
+ */
+export declare function writeClaudeCodeHooks(hooksConfigPath: string, options: WriteOptions): Promise<WriteResult>;
+/**
+ * 檢查 cursor-adapter.js 是否已實作（非空檔案）
+ */
+export declare function isCursorAdapterReady(adapterPath: string): boolean;
+/**
+ * 寫入 Cursor Hooks config（.cursor/hooks.json，扁平格式，camelCase，version: 1）
+ * 只有在 cursor-adapter.js 存在且已實作時才寫入
+ */
+export declare function writeCursorHooks(hooksConfigPath: string, cursorAdapterPath: string, options: WriteOptions): Promise<WriteResult | null>;
+/**
+ * 寫入 Hooks config（根據 agent 自動分派）
+ * 回傳 WriteResult（成功）、null（跳過，如 Cursor adapter 未實作）、或 'unsupported'（如 Codex）
+ */
+export declare function writeHooksConfig(agent: DetectedAgent, options: WriteOptions): Promise<WriteResult | null | 'unsupported'>;
+//# sourceMappingURL=config-writer.d.ts.map

package/dist/cli/config-writer.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"config-writer.d.ts","sourceRoot":"","sources":["../../src/cli/config-writer.ts"],"names":[],"mappings":"AAUA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAOrD,MAAM,WAAW,cAAc;IAC7B,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,MAAM,EAAE,CAAC;IACf,GAAG,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CAC9B;AAED,MAAM,WAAW,WAAW;IAC1B,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,SAAS,GAAG,SAAS,CAAC;IAC9B,QAAQ,EAAE,OAAO,CAAC;CACnB;AAED,MAAM,WAAW,YAAY;IAC3B,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,MAAM,CAAC;IACrB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,KAAK,EAAE,SAAS,GAAG,MAAM,CAAC;IAC1B,SAAS,EAAE,OAAO,CAAC;IACnB,MAAM,EAAE,OAAO,CAAC;CACjB;AA6HD;;;;GAIG;AACH,wBAAsB,YAAY,CAChC,KAAK,EAAE,aAAa,EACpB,OAAO,EAAE,YAAY,GACpB,OAAO,CAAC,WAAW,CAAC,CAStB;AAED;;;GAGG;AACH,wBAAsB,YAAY,CAChC,KAAK,EAAE,aAAa,EACpB,OAAO,EAAE,YAAY,GACpB,OAAO,CAAC,WAAW,CAAC,CAetB;AAED;;GAEG;AACH,wBAAsB,cAAc,CAClC,KAAK,EAAE,aAAa,EACpB,OAAO,EAAE,YAAY,GACpB,OAAO,CAAC,WAAW,CAAC,CAKtB;AASD;;GAEG;AACH,wBAAsB,oBAAoB,CACxC,eAAe,EAAE,MAAM,EACvB,OAAO,EAAE,YAAY,GACpB,OAAO,CAAC,WAAW,CAAC,CA+CtB;AAED;;GAEG;AACH,wBAAgB,oBAAoB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAWjE;AAED;;;GAGG;AACH,wBAAsB,gBAAgB,CACpC,eAAe,EAAE,MAAM,EACvB,iBAAiB,EAAE,MAAM,EACzB,OAAO,EAAE,YAAY,GACpB,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC,CAoC7B;AAED;;;GAGG;AACH,wBAAsB,gBAAgB,CACpC,KAAK,EAAE,aAAa,EACpB,OAAO,EAAE,YAAY,GACpB,OAAO,CAAC,WAAW,GAAG,IAAI,GAAG,aAAa,CAAC,CAuB7C"}