@lannguyensi/harness 0.27.0 → 0.28.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +30 -0
- package/README.md +17 -12
- package/dist/cli/apply/apply.js +12 -2
- package/dist/cli/apply/apply.js.map +1 -1
- package/dist/cli/doctor/format.js +32 -1
- package/dist/cli/doctor/format.js.map +1 -1
- package/dist/cli/doctor/index.d.ts +1 -1
- package/dist/cli/doctor/index.js +63 -0
- package/dist/cli/doctor/index.js.map +1 -1
- package/dist/cli/doctor/types.d.ts +56 -0
- package/dist/cli/index.js.map +1 -1
- package/dist/cli/init/composer.js +1 -1
- package/dist/cli/init/composer.js.map +1 -1
- package/dist/cli/init/dependencies.js +10 -9
- package/dist/cli/init/dependencies.js.map +1 -1
- package/dist/cli/init/profiles.d.ts +2 -2
- package/dist/cli/init/profiles.js +2 -2
- package/dist/cli/init/templates.d.ts +1 -1
- package/dist/cli/init/templates.js +1 -1
- package/dist/cli/pack/hook-codex-pre-tool-use.js +6 -3
- package/dist/cli/pack/hook-codex-pre-tool-use.js.map +1 -1
- package/dist/cli/pack/hook-pre-tool-use.js +27 -3
- package/dist/cli/pack/hook-pre-tool-use.js.map +1 -1
- package/dist/cli/pack/read-only-bash.d.ts +13 -0
- package/dist/cli/pack/read-only-bash.js +177 -0
- package/dist/cli/pack/read-only-bash.js.map +1 -0
- package/dist/cli/pack/understanding-report-schema-hint.d.ts +1 -1
- package/dist/cli/pack/understanding-report-schema-hint.js +7 -1
- package/dist/cli/pack/understanding-report-schema-hint.js.map +1 -1
- package/dist/cli/validate/checks.d.ts +1 -1
- package/dist/cli/validate/checks.js +31 -27
- package/dist/cli/validate/checks.js.map +1 -1
- package/dist/io/version-compare.d.ts +16 -5
- package/dist/io/version-compare.js +16 -5
- package/dist/io/version-compare.js.map +1 -1
- package/dist/policy-packs/builtin/branch-protection.d.ts +38 -0
- package/dist/policy-packs/builtin/branch-protection.js +17 -0
- package/dist/policy-packs/builtin/branch-protection.js.map +1 -1
- package/dist/policy-packs/builtin/understanding-before-execution.d.ts +147 -0
- package/dist/policy-packs/builtin/understanding-before-execution.js +72 -10
- package/dist/policy-packs/builtin/understanding-before-execution.js.map +1 -1
- package/dist/policy-packs/config-check.d.ts +31 -0
- package/dist/policy-packs/config-check.js +58 -0
- package/dist/policy-packs/config-check.js.map +1 -0
- package/dist/policy-packs/expand.js +5 -4
- package/dist/policy-packs/expand.js.map +1 -1
- package/dist/policy-packs/index.d.ts +4 -1
- package/dist/policy-packs/index.js +4 -1
- package/dist/policy-packs/index.js.map +1 -1
- package/dist/policy-packs/registry.d.ts +20 -0
- package/dist/policy-packs/registry.js +39 -2
- package/dist/policy-packs/registry.js.map +1 -1
- package/dist/policy-packs/source-check.d.ts +28 -0
- package/dist/policy-packs/source-check.js +49 -0
- package/dist/policy-packs/source-check.js.map +1 -0
- package/dist/policy-packs/version-check.d.ts +37 -0
- package/dist/policy-packs/version-check.js +89 -0
- package/dist/policy-packs/version-check.js.map +1 -0
- package/dist/probes/memory.d.ts +1 -1
- package/dist/schema/hooks.js +6 -1
- package/dist/schema/hooks.js.map +1 -1
- package/dist/schema/index.d.ts +9 -0
- package/dist/schema/memory.js +6 -1
- package/dist/schema/memory.js.map +1 -1
- package/dist/schema/policy-packs.d.ts +8 -0
- package/dist/schema/policy-packs.js +17 -0
- package/dist/schema/policy-packs.js.map +1 -1
- package/dist/schema/tools.js +11 -2
- package/dist/schema/tools.js.map +1 -1
- package/package.json +1 -1
|
@@ -0,0 +1,58 @@
|
|
|
1
|
+
// Per-pack `config:` shape check, used by both `harness validate` and
|
|
2
|
+
// `harness doctor`. The top-level `PolicyPackSchema` accepts
|
|
3
|
+
// `config: z.record(string, unknown)` — any key, any value — because
|
|
4
|
+
// each builtin pack owns its own config interpretation. That means a
|
|
5
|
+
// typo like `mode: "fastConfirm"` (camelCase instead of `fast_confirm`)
|
|
6
|
+
// or `permision_profile` (misspelled key) currently falls through to
|
|
7
|
+
// the runtime fallback and the operator only finds out when the hook
|
|
8
|
+
// finally fires. This helper consults the per-pack `configSchema`
|
|
9
|
+
// exported from each builtin module and surfaces every issue at
|
|
10
|
+
// lint-time.
|
|
11
|
+
//
|
|
12
|
+
// Order is deliberate: the source check (`checkPolicyPackSources`) runs
|
|
13
|
+
// first to catch unknown pack `source:` / `name:`; only packs that pass
|
|
14
|
+
// that gate carry a registered schema. Both helpers stay separate so
|
|
15
|
+
// validate can emit BOTH a "this pack does not resolve" diagnostic and
|
|
16
|
+
// the per-key config diagnostics for sibling packs in the same run.
|
|
17
|
+
import { isBuiltinPackName, resolveBuiltinConfigSchema } from "./registry.js";
|
|
18
|
+
/**
|
|
19
|
+
* Walks `manifest.policy_packs` in declared order. For each enabled
|
|
20
|
+
* builtin pack with a registered `configSchema`, runs `safeParse` and
|
|
21
|
+
* lifts every zod issue into a flat `PolicyPackConfigIssue`. Unknown
|
|
22
|
+
* pack names are skipped (their resolution gap is the
|
|
23
|
+
* `checkPolicyPackSources` helper's job); non-builtin sources are
|
|
24
|
+
* skipped (no schema to consult in v1).
|
|
25
|
+
*
|
|
26
|
+
* Output order is stable: packs in manifest order, issues in zod's
|
|
27
|
+
* native traversal order.
|
|
28
|
+
*/
|
|
29
|
+
export function checkPolicyPackConfigs(manifest) {
|
|
30
|
+
const issues = [];
|
|
31
|
+
manifest.policy_packs.forEach((pack, packIndex) => {
|
|
32
|
+
if (!pack.enabled)
|
|
33
|
+
return;
|
|
34
|
+
if (!isBuiltinPackName(pack.name))
|
|
35
|
+
return;
|
|
36
|
+
const schema = resolveBuiltinConfigSchema(pack.name);
|
|
37
|
+
if (!schema)
|
|
38
|
+
return;
|
|
39
|
+
const parsed = schema.safeParse(pack.config);
|
|
40
|
+
if (parsed.success)
|
|
41
|
+
return;
|
|
42
|
+
for (const issue of parsed.error.issues) {
|
|
43
|
+
const configPath = issue.path
|
|
44
|
+
.map((seg) => (typeof seg === "number" ? `[${seg}]` : String(seg)))
|
|
45
|
+
.join(".")
|
|
46
|
+
.replace(/\.\[/g, "[");
|
|
47
|
+
issues.push({
|
|
48
|
+
packIndex,
|
|
49
|
+
packName: pack.name,
|
|
50
|
+
configPath,
|
|
51
|
+
message: issue.message,
|
|
52
|
+
code: issue.code,
|
|
53
|
+
});
|
|
54
|
+
}
|
|
55
|
+
});
|
|
56
|
+
return issues;
|
|
57
|
+
}
|
|
58
|
+
//# sourceMappingURL=config-check.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"config-check.js","sourceRoot":"","sources":["../../src/policy-packs/config-check.ts"],"names":[],"mappings":"AAAA,sEAAsE;AACtE,6DAA6D;AAC7D,qEAAqE;AACrE,qEAAqE;AACrE,wEAAwE;AACxE,qEAAqE;AACrE,qEAAqE;AACrE,kEAAkE;AAClE,gEAAgE;AAChE,aAAa;AACb,EAAE;AACF,wEAAwE;AACxE,wEAAwE;AACxE,qEAAqE;AACrE,uEAAuE;AACvE,oEAAoE;AAGpE,OAAO,EAAE,iBAAiB,EAAE,0BAA0B,EAAE,MAAM,eAAe,CAAC;AAqB9E;;;;;;;;;;GAUG;AACH,MAAM,UAAU,sBAAsB,CACpC,QAAkB;IAElB,MAAM,MAAM,GAA4B,EAAE,CAAC;IAC3C,QAAQ,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,SAAS,EAAE,EAAE;QAChD,IAAI,CAAC,IAAI,CAAC,OAAO;YAAE,OAAO;QAC1B,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,IAAI,CAAC;YAAE,OAAO;QAC1C,MAAM,MAAM,GAAG,0BAA0B,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACrD,IAAI,CAAC,MAAM;YAAE,OAAO;QACpB,MAAM,MAAM,GAAG,MAAM,CAAC,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC7C,IAAI,MAAM,CAAC,OAAO;YAAE,OAAO;QAC3B,KAAK,MAAM,KAAK,IAAI,MAAM,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC;YACxC,MAAM,UAAU,GAAG,KAAK,CAAC,IAAI;iBAC1B,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,OAAO,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,GAAG,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;iBAClE,IAAI,CAAC,GAAG,CAAC;iBACT,OAAO,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;YACzB,MAAM,CAAC,IAAI,CAAC;gBACV,SAAS;gBACT,QAAQ,EAAE,IAAI,CAAC,IAAI;gBACnB,UAAU;gBACV,OAAO,EAAE,KAAK,CAAC,OAAO;gBACtB,IAAI,EAAE,KAAK,CAAC,IAAI;aACjB,CAAC,CAAC;QACL,CAAC;IACH,CAAC,CAAC,CAAC;IACH,OAAO,MAAM,CAAC;AAChB,CAAC"}
|
|
@@ -2,10 +2,11 @@
|
|
|
2
2
|
//
|
|
3
3
|
// Walks the manifest's enabled packs, parses each `source:` string,
|
|
4
4
|
// resolves builtin packs through the registry, and aggregates their
|
|
5
|
-
// contributions (hooks + files). Unrecognised sources
|
|
6
|
-
// names
|
|
7
|
-
//
|
|
8
|
-
//
|
|
5
|
+
// contributions (hooks + files). Unrecognised sources / unknown builtin
|
|
6
|
+
// names are caught up front by `checkPolicyPackSources` (called from
|
|
7
|
+
// both `harness apply` and `harness validate`), so the warning + skip
|
|
8
|
+
// branches below are belt-and-braces: they only trigger if a caller
|
|
9
|
+
// invokes `expandPolicyPacks` directly without the pre-check.
|
|
9
10
|
//
|
|
10
11
|
// Hook-name collision handling: pack hooks are namespaced
|
|
11
12
|
// (`policy-pack:<name>:<role>`) by the builtin definitions, so a user
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"expand.js","sourceRoot":"","sources":["../../src/policy-packs/expand.ts"],"names":[],"mappings":"AAAA,oDAAoD;AACpD,EAAE;AACF,oEAAoE;AACpE,oEAAoE;AACpE,
|
|
1
|
+
{"version":3,"file":"expand.js","sourceRoot":"","sources":["../../src/policy-packs/expand.ts"],"names":[],"mappings":"AAAA,oDAAoD;AACpD,EAAE;AACF,oEAAoE;AACpE,oEAAoE;AACpE,wEAAwE;AACxE,qEAAqE;AACrE,sEAAsE;AACtE,oEAAoE;AACpE,8DAA8D;AAC9D,EAAE;AACF,0DAA0D;AAC1D,sEAAsE;AACtE,uEAAuE;AACvE,qEAAqE;AACrE,oEAAoE;AACpE,qCAAqC;AAIrC,OAAO,EAAE,cAAc,EAAE,MAAM,eAAe,CAAC;AAC/C,OAAO,EAAE,eAAe,EAAgB,MAAM,cAAc,CAAC;AAC7D,OAAO,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAK9C,MAAM,UAAU,iBAAiB,CAC/B,QAAkB,EAClB,UAAmB,eAAe,EAClC,OAAiC,EAAE;IAEnC,MAAM,GAAG,GAAwB,EAAE,KAAK,EAAE,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,OAAO,EAAE,EAAE,EAAE,CAAC;IACrF,IAAI,QAAQ,CAAC,YAAY,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,GAAG,CAAC;IAEnD,MAAM,iBAAiB,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;IACrE,MAAM,iBAAiB,GAAG,IAAI,GAAG,EAAU,CAAC;IAC5C,MAAM,QAAQ,GAAG,IAAI,GAAG,EAAU,CAAC;IACnC,MAAM,MAAM,GAAG,IAAI,GAAG,EAAU,CAAC;IACjC,MAAM,OAAO,GAAG,IAAI,GAAG,EAAU,CAAC;IAClC,IAAI,cAAc,GAAG,KAAK,CAAC;IAE3B,KAAK,MAAM,IAAI,IAAI,QAAQ,CAAC,YAAY,EAAE,CAAC;QACzC,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;YAClB,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC5B,SAAS;QACX,CAAC;QACD,MAAM,YAAY,GAAG,eAAe,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAClD,IAAI,YAAY,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;YACpC,GAAG,CAAC,QAAQ,CAAC,IAAI,CACf,gBAAgB,IAAI,CAAC,IAAI,aAAa,IAAI,CAAC,SAAS,CAClD,IAAI,CAAC,MAAM,CACZ,+DAA+D,CACjE,CAAC;YACF,SAAS;QACX,CAAC;QACD,MAAM,QAAQ,GAAG,cAAc,CAAC,IAAI,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;QACrD,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,GAAG,CAAC,QAAQ,CAAC,IAAI,CACf,gBAAgB,IAAI,CAAC,IAAI,oFAAoF,CAC9G,CAAC;YACF,SAAS;QACX,CAAC;QACD,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC;QACxC,KAAK,MAAM,IAAI,IAAI,QAAQ,CAAC,YAAY,CAAC,KAAK,EAAE,CAAC;YAC/C,IAAI,iBAAiB,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBACrC,GAAG,CAAC,QAAQ,CAAC,IAAI,CACf,gBAAgB,IAAI,CAAC,IAAI,iBAAiB,IAAI,CAAC,IAAI,wGAAwG,CAC5J,CAAC;gBACF,SAAS;YACX,CAAC;YACD,IAAI,iBAAiB,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBACrC,GAAG,CAAC,QAAQ,CAAC,IAAI,CACf,gBAAgB,IAAI,CAAC,IAAI,iBAAiB,IAAI,CAAC,IAAI,oEAAoE,CACxH,CAAC;gBACF,SAAS;YACX,CAAC;YACD,iBAAiB,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACjC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACvB,CAAC;QACD,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,QAAQ,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC;QAC/C,IAAI,QAAQ,CAAC,YAAY,CAAC,WAAW,EAAE,CAAC;YACtC,cAAc,GAAG,IAAI,CAAC;YACtB,KAAK,MAAM,CAAC,IAAI,QAAQ,CAAC,YAAY,CAAC,WAAW,CAAC,KAAK;gBAAE,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YACzE,KAAK,MAAM,CAAC,IAAI,QAAQ,CAAC,YAAY,CAAC,WAAW,CAAC,GAAG;gBAAE,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YACrE,KAAK,MAAM,CAAC,IAAI,QAAQ,CAAC,YAAY,CAAC,WAAW,CAAC,IAAI;gBAAE,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QACzE,CAAC;IACH,CAAC;IAED,IAAI,cAAc,EAAE,CAAC;QACnB,+DAA+D;QAC/D,gEAAgE;QAChE,+DAA+D;QAC/D,kEAAkE;QAClE,cAAc;QACd,KAAK,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;YACxB,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;YACjB,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;QACrB,CAAC;QACD,KAAK,MAAM,CAAC,IAAI,MAAM,EAAE,CAAC;YACvB,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;QACrB,CAAC;QACD,MAAM,WAAW,GAAgC;YAC/C,KAAK,EAAE,CAAC,GAAG,QAAQ,CAAC,CAAC,IAAI,EAAE;YAC3B,GAAG,EAAE,CAAC,GAAG,MAAM,CAAC,CAAC,IAAI,EAAE;YACvB,IAAI,EAAE,CAAC,GAAG,OAAO,CAAC,CAAC,IAAI,EAAE;SAC1B,CAAC;QACF,GAAG,CAAC,WAAW,GAAG,WAAW,CAAC;IAChC,CAAC;IAED,OAAO,GAAG,CAAC;AACb,CAAC"}
|
|
@@ -1,5 +1,8 @@
|
|
|
1
1
|
export { expandPolicyPacks, type ExpandPolicyPacksOptions } from "./expand.js";
|
|
2
|
-
export { KNOWN_BUILTIN_PACKS, isBuiltinPackName, resolveBuiltin, type BuiltinPackName, type ResolveBuiltinResult, } from "./registry.js";
|
|
2
|
+
export { KNOWN_BUILTIN_PACKS, isBuiltinPackName, resolveBuiltin, resolveBuiltinConfigSchema, resolveBuiltinVersionCommand, type BuiltinPackName, type ResolveBuiltinResult, } from "./registry.js";
|
|
3
|
+
export { checkPolicyPackConfigs, type PolicyPackConfigIssue, } from "./config-check.js";
|
|
4
|
+
export { checkPolicyPackVersions, type PolicyPackVersionGap, type PolicyPackVersionGapKind, } from "./version-check.js";
|
|
3
5
|
export { KNOWN_RUNTIMES, DEFAULT_RUNTIME, isRuntime, parseRuntime, type Runtime, } from "./runtime.js";
|
|
4
6
|
export { parsePackSource, type PackSourceKind, type PackSourceParseResult } from "./source.js";
|
|
7
|
+
export { checkPolicyPackSources, type PolicyPackSourceIssue, type PolicyPackSourceIssueKind, } from "./source-check.js";
|
|
5
8
|
export type { PackContribution, PackContributionFile, PackExpansionResult, } from "./types.js";
|
|
@@ -1,5 +1,8 @@
|
|
|
1
1
|
export { expandPolicyPacks } from "./expand.js";
|
|
2
|
-
export { KNOWN_BUILTIN_PACKS, isBuiltinPackName, resolveBuiltin, } from "./registry.js";
|
|
2
|
+
export { KNOWN_BUILTIN_PACKS, isBuiltinPackName, resolveBuiltin, resolveBuiltinConfigSchema, resolveBuiltinVersionCommand, } from "./registry.js";
|
|
3
|
+
export { checkPolicyPackConfigs, } from "./config-check.js";
|
|
4
|
+
export { checkPolicyPackVersions, } from "./version-check.js";
|
|
3
5
|
export { KNOWN_RUNTIMES, DEFAULT_RUNTIME, isRuntime, parseRuntime, } from "./runtime.js";
|
|
4
6
|
export { parsePackSource } from "./source.js";
|
|
7
|
+
export { checkPolicyPackSources, } from "./source-check.js";
|
|
5
8
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/policy-packs/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAiC,MAAM,aAAa,CAAC;AAC/E,OAAO,EACL,mBAAmB,EACnB,iBAAiB,EACjB,cAAc,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/policy-packs/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAiC,MAAM,aAAa,CAAC;AAC/E,OAAO,EACL,mBAAmB,EACnB,iBAAiB,EACjB,cAAc,EACd,0BAA0B,EAC1B,4BAA4B,GAG7B,MAAM,eAAe,CAAC;AACvB,OAAO,EACL,sBAAsB,GAEvB,MAAM,mBAAmB,CAAC;AAC3B,OAAO,EACL,uBAAuB,GAGxB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EACL,cAAc,EACd,eAAe,EACf,SAAS,EACT,YAAY,GAEb,MAAM,cAAc,CAAC;AACtB,OAAO,EAAE,eAAe,EAAmD,MAAM,aAAa,CAAC;AAC/F,OAAO,EACL,sBAAsB,GAGvB,MAAM,mBAAmB,CAAC"}
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
import type { z } from "zod";
|
|
1
2
|
import type { PolicyPack } from "../schema/index.js";
|
|
2
3
|
import { type ResolvePackOptions } from "./builtin/understanding-before-execution.js";
|
|
3
4
|
import { type Runtime } from "./runtime.js";
|
|
@@ -10,3 +11,22 @@ export interface ResolveBuiltinResult {
|
|
|
10
11
|
warnings: string[];
|
|
11
12
|
}
|
|
12
13
|
export declare function resolveBuiltin(pack: PolicyPack, runtime?: Runtime, opts?: ResolvePackOptions): ResolveBuiltinResult | null;
|
|
14
|
+
/**
|
|
15
|
+
* Per-builtin `config:` schema lookup. Returns null when the pack name
|
|
16
|
+
* is not a builtin (caller should already have flagged that via
|
|
17
|
+
* `checkPolicyPackSources`), and a schema when one is registered.
|
|
18
|
+
* Consumed by `checkPolicyPackConfigs` so `harness validate` /
|
|
19
|
+
* `harness doctor` catch typo'd keys at lint time.
|
|
20
|
+
*/
|
|
21
|
+
export declare function resolveBuiltinConfigSchema(packName: string): z.ZodTypeAny | null;
|
|
22
|
+
/**
|
|
23
|
+
* Canonical version-probe command for a builtin pack's package-side bin.
|
|
24
|
+
* Returns `null` when the pack name is not a builtin (caller should
|
|
25
|
+
* already have flagged that via `checkPolicyPackSources`), or when the
|
|
26
|
+
* pack has no separate package-side bin (e.g. `branch-protection`'s
|
|
27
|
+
* blocker is harness itself, no external binary to probe). Consumed by
|
|
28
|
+
* `checkPolicyPackVersions` so `harness doctor` can compare the
|
|
29
|
+
* installed version against an operator-declared pack-level
|
|
30
|
+
* `min_version` floor.
|
|
31
|
+
*/
|
|
32
|
+
export declare function resolveBuiltinVersionCommand(packName: string): readonly [string, string] | null;
|
|
@@ -4,8 +4,8 @@
|
|
|
4
4
|
// builtins are added by appending to `KNOWN_BUILTIN_PACKS` and a case
|
|
5
5
|
// arm in `resolveBuiltin()`. Non-builtin sources (path/npm/git) are
|
|
6
6
|
// out of scope for v1; their resolution lands in a later sub-task.
|
|
7
|
-
import { PACK_NAME as BRANCH_PROTECTION, resolve as resolveBranchProtection, } from "./builtin/branch-protection.js";
|
|
8
|
-
import { PACK_NAME as UNDERSTANDING_BEFORE_EXECUTION, resolve as resolveUnderstandingBeforeExecution, } from "./builtin/understanding-before-execution.js";
|
|
7
|
+
import { configSchema as branchProtectionConfigSchema, PACK_NAME as BRANCH_PROTECTION, resolve as resolveBranchProtection, } from "./builtin/branch-protection.js";
|
|
8
|
+
import { configSchema as understandingBeforeExecutionConfigSchema, PACK_NAME as UNDERSTANDING_BEFORE_EXECUTION, resolve as resolveUnderstandingBeforeExecution, VERSION_COMMAND as UNDERSTANDING_BEFORE_EXECUTION_VERSION_COMMAND, } from "./builtin/understanding-before-execution.js";
|
|
9
9
|
import { DEFAULT_RUNTIME } from "./runtime.js";
|
|
10
10
|
export const KNOWN_BUILTIN_PACKS = [
|
|
11
11
|
UNDERSTANDING_BEFORE_EXECUTION,
|
|
@@ -24,4 +24,41 @@ export function resolveBuiltin(pack, runtime = DEFAULT_RUNTIME, opts = {}) {
|
|
|
24
24
|
return resolveBranchProtection(pack, runtime);
|
|
25
25
|
}
|
|
26
26
|
}
|
|
27
|
+
/**
|
|
28
|
+
* Per-builtin `config:` schema lookup. Returns null when the pack name
|
|
29
|
+
* is not a builtin (caller should already have flagged that via
|
|
30
|
+
* `checkPolicyPackSources`), and a schema when one is registered.
|
|
31
|
+
* Consumed by `checkPolicyPackConfigs` so `harness validate` /
|
|
32
|
+
* `harness doctor` catch typo'd keys at lint time.
|
|
33
|
+
*/
|
|
34
|
+
export function resolveBuiltinConfigSchema(packName) {
|
|
35
|
+
if (!isBuiltinPackName(packName))
|
|
36
|
+
return null;
|
|
37
|
+
switch (packName) {
|
|
38
|
+
case UNDERSTANDING_BEFORE_EXECUTION:
|
|
39
|
+
return understandingBeforeExecutionConfigSchema;
|
|
40
|
+
case BRANCH_PROTECTION:
|
|
41
|
+
return branchProtectionConfigSchema;
|
|
42
|
+
}
|
|
43
|
+
}
|
|
44
|
+
/**
|
|
45
|
+
* Canonical version-probe command for a builtin pack's package-side bin.
|
|
46
|
+
* Returns `null` when the pack name is not a builtin (caller should
|
|
47
|
+
* already have flagged that via `checkPolicyPackSources`), or when the
|
|
48
|
+
* pack has no separate package-side bin (e.g. `branch-protection`'s
|
|
49
|
+
* blocker is harness itself, no external binary to probe). Consumed by
|
|
50
|
+
* `checkPolicyPackVersions` so `harness doctor` can compare the
|
|
51
|
+
* installed version against an operator-declared pack-level
|
|
52
|
+
* `min_version` floor.
|
|
53
|
+
*/
|
|
54
|
+
export function resolveBuiltinVersionCommand(packName) {
|
|
55
|
+
if (!isBuiltinPackName(packName))
|
|
56
|
+
return null;
|
|
57
|
+
switch (packName) {
|
|
58
|
+
case UNDERSTANDING_BEFORE_EXECUTION:
|
|
59
|
+
return UNDERSTANDING_BEFORE_EXECUTION_VERSION_COMMAND;
|
|
60
|
+
case BRANCH_PROTECTION:
|
|
61
|
+
return null;
|
|
62
|
+
}
|
|
63
|
+
}
|
|
27
64
|
//# sourceMappingURL=registry.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"registry.js","sourceRoot":"","sources":["../../src/policy-packs/registry.ts"],"names":[],"mappings":"AAAA,yCAAyC;AACzC,EAAE;AACF,kEAAkE;AAClE,sEAAsE;AACtE,oEAAoE;AACpE,mEAAmE;
|
|
1
|
+
{"version":3,"file":"registry.js","sourceRoot":"","sources":["../../src/policy-packs/registry.ts"],"names":[],"mappings":"AAAA,yCAAyC;AACzC,EAAE;AACF,kEAAkE;AAClE,sEAAsE;AACtE,oEAAoE;AACpE,mEAAmE;AAInE,OAAO,EACL,YAAY,IAAI,4BAA4B,EAC5C,SAAS,IAAI,iBAAiB,EAC9B,OAAO,IAAI,uBAAuB,GACnC,MAAM,gCAAgC,CAAC;AACxC,OAAO,EACL,YAAY,IAAI,wCAAwC,EACxD,SAAS,IAAI,8BAA8B,EAC3C,OAAO,IAAI,mCAAmC,EAC9C,eAAe,IAAI,8CAA8C,GAElE,MAAM,6CAA6C,CAAC;AACrD,OAAO,EAAE,eAAe,EAAgB,MAAM,cAAc,CAAC;AAG7D,MAAM,CAAC,MAAM,mBAAmB,GAAG;IACjC,8BAA8B;IAC9B,iBAAiB;CACT,CAAC;AAGX,MAAM,UAAU,iBAAiB,CAAC,IAAY;IAC5C,OAAQ,mBAAyC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;AACnE,CAAC;AAOD,MAAM,UAAU,cAAc,CAC5B,IAAgB,EAChB,UAAmB,eAAe,EAClC,OAA2B,EAAE;IAE7B,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,IAAI,CAAC;QAAE,OAAO,IAAI,CAAC;IAC/C,QAAQ,IAAI,CAAC,IAAuB,EAAE,CAAC;QACrC,KAAK,8BAA8B;YACjC,OAAO,mCAAmC,CAAC,IAAI,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;QAClE,KAAK,iBAAiB;YACpB,OAAO,uBAAuB,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;IAClD,CAAC;AACH,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,0BAA0B,CACxC,QAAgB;IAEhB,IAAI,CAAC,iBAAiB,CAAC,QAAQ,CAAC;QAAE,OAAO,IAAI,CAAC;IAC9C,QAAQ,QAA2B,EAAE,CAAC;QACpC,KAAK,8BAA8B;YACjC,OAAO,wCAAwC,CAAC;QAClD,KAAK,iBAAiB;YACpB,OAAO,4BAA4B,CAAC;IACxC,CAAC;AACH,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,UAAU,4BAA4B,CAC1C,QAAgB;IAEhB,IAAI,CAAC,iBAAiB,CAAC,QAAQ,CAAC;QAAE,OAAO,IAAI,CAAC;IAC9C,QAAQ,QAA2B,EAAE,CAAC;QACpC,KAAK,8BAA8B;YACjC,OAAO,8CAA8C,CAAC;QACxD,KAAK,iBAAiB;YACpB,OAAO,IAAI,CAAC;IAChB,CAAC;AACH,CAAC"}
|
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
import type { Manifest } from "../schema/index.js";
|
|
2
|
+
export type PolicyPackSourceIssueKind = "unknown-source" | "unknown-builtin";
|
|
3
|
+
export interface PolicyPackSourceIssue {
|
|
4
|
+
packIndex: number;
|
|
5
|
+
packName: string;
|
|
6
|
+
kind: PolicyPackSourceIssueKind;
|
|
7
|
+
/** Raw `source:` string for `unknown-source`; absent for `unknown-builtin`. */
|
|
8
|
+
source?: string;
|
|
9
|
+
/**
|
|
10
|
+
* Path suffix matching the validate Diagnostic shape: `source` or `name`.
|
|
11
|
+
* Not independent of `kind` — `unknown-source` always pairs with `source`,
|
|
12
|
+
* `unknown-builtin` with `name`. Carried explicitly so call sites
|
|
13
|
+
* (apply error text, validate Diagnostic.path) don't each re-derive it.
|
|
14
|
+
*/
|
|
15
|
+
field: "source" | "name";
|
|
16
|
+
message: string;
|
|
17
|
+
}
|
|
18
|
+
/**
|
|
19
|
+
* Walks `manifest.policy_packs` in declared order and returns one issue
|
|
20
|
+
* per offending enabled pack. Output order is stable and matches the
|
|
21
|
+
* manifest array order — call sites rely on this when aggregating
|
|
22
|
+
* messages, and `tests/policy-packs/source-check.test.ts` asserts it.
|
|
23
|
+
*
|
|
24
|
+
* `enabled: false` packs are skipped on both sides: an operator who has
|
|
25
|
+
* intentionally stashed an unfinished pack reference shouldn't have
|
|
26
|
+
* apply or validate red until they re-enable it.
|
|
27
|
+
*/
|
|
28
|
+
export declare function checkPolicyPackSources(manifest: Manifest): PolicyPackSourceIssue[];
|
|
@@ -0,0 +1,49 @@
|
|
|
1
|
+
// Shared pack-source / builtin-name check, used by both
|
|
2
|
+
// `harness validate` (lint-time hard error) and `harness apply`
|
|
3
|
+
// (fail-loud before expansion). Without a single source of truth here,
|
|
4
|
+
// the two paths drifted: apply silently skipped unknown packs while
|
|
5
|
+
// validate erred — so an operator who never ran `validate` would push a
|
|
6
|
+
// broken manifest, see "apply succeeded", and only discover the pack
|
|
7
|
+
// never wired up at runtime.
|
|
8
|
+
import { isBuiltinPackName } from "./registry.js";
|
|
9
|
+
import { parsePackSource } from "./source.js";
|
|
10
|
+
/**
|
|
11
|
+
* Walks `manifest.policy_packs` in declared order and returns one issue
|
|
12
|
+
* per offending enabled pack. Output order is stable and matches the
|
|
13
|
+
* manifest array order — call sites rely on this when aggregating
|
|
14
|
+
* messages, and `tests/policy-packs/source-check.test.ts` asserts it.
|
|
15
|
+
*
|
|
16
|
+
* `enabled: false` packs are skipped on both sides: an operator who has
|
|
17
|
+
* intentionally stashed an unfinished pack reference shouldn't have
|
|
18
|
+
* apply or validate red until they re-enable it.
|
|
19
|
+
*/
|
|
20
|
+
export function checkPolicyPackSources(manifest) {
|
|
21
|
+
const issues = [];
|
|
22
|
+
manifest.policy_packs.forEach((pack, i) => {
|
|
23
|
+
if (!pack.enabled)
|
|
24
|
+
return;
|
|
25
|
+
const sourceParsed = parsePackSource(pack.source);
|
|
26
|
+
if (sourceParsed.kind === "unknown") {
|
|
27
|
+
issues.push({
|
|
28
|
+
packIndex: i,
|
|
29
|
+
packName: pack.name,
|
|
30
|
+
kind: "unknown-source",
|
|
31
|
+
source: pack.source,
|
|
32
|
+
field: "source",
|
|
33
|
+
message: `unknown source ${JSON.stringify(pack.source)}: only "builtin" resolves in v1; see docs/policy-packs/`,
|
|
34
|
+
});
|
|
35
|
+
return;
|
|
36
|
+
}
|
|
37
|
+
if (!isBuiltinPackName(pack.name)) {
|
|
38
|
+
issues.push({
|
|
39
|
+
packIndex: i,
|
|
40
|
+
packName: pack.name,
|
|
41
|
+
kind: "unknown-builtin",
|
|
42
|
+
field: "name",
|
|
43
|
+
message: `not a known builtin pack: ${JSON.stringify(pack.name)}. See docs/policy-packs/ for supported names.`,
|
|
44
|
+
});
|
|
45
|
+
}
|
|
46
|
+
});
|
|
47
|
+
return issues;
|
|
48
|
+
}
|
|
49
|
+
//# sourceMappingURL=source-check.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"source-check.js","sourceRoot":"","sources":["../../src/policy-packs/source-check.ts"],"names":[],"mappings":"AAAA,wDAAwD;AACxD,gEAAgE;AAChE,uEAAuE;AACvE,oEAAoE;AACpE,wEAAwE;AACxE,qEAAqE;AACrE,6BAA6B;AAE7B,OAAO,EAAE,iBAAiB,EAAE,MAAM,eAAe,CAAC;AAClD,OAAO,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAqB9C;;;;;;;;;GASG;AACH,MAAM,UAAU,sBAAsB,CAAC,QAAkB;IACvD,MAAM,MAAM,GAA4B,EAAE,CAAC;IAC3C,QAAQ,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;QACxC,IAAI,CAAC,IAAI,CAAC,OAAO;YAAE,OAAO;QAC1B,MAAM,YAAY,GAAG,eAAe,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAClD,IAAI,YAAY,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;YACpC,MAAM,CAAC,IAAI,CAAC;gBACV,SAAS,EAAE,CAAC;gBACZ,QAAQ,EAAE,IAAI,CAAC,IAAI;gBACnB,IAAI,EAAE,gBAAgB;gBACtB,MAAM,EAAE,IAAI,CAAC,MAAM;gBACnB,KAAK,EAAE,QAAQ;gBACf,OAAO,EAAE,kBAAkB,IAAI,CAAC,SAAS,CACvC,IAAI,CAAC,MAAM,CACZ,yDAAyD;aAC3D,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QACD,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YAClC,MAAM,CAAC,IAAI,CAAC;gBACV,SAAS,EAAE,CAAC;gBACZ,QAAQ,EAAE,IAAI,CAAC,IAAI;gBACnB,IAAI,EAAE,iBAAiB;gBACvB,KAAK,EAAE,MAAM;gBACb,OAAO,EAAE,6BAA6B,IAAI,CAAC,SAAS,CAClD,IAAI,CAAC,IAAI,CACV,+CAA+C;aACjD,CAAC,CAAC;QACL,CAAC;IACH,CAAC,CAAC,CAAC;IACH,OAAO,MAAM,CAAC;AAChB,CAAC"}
|
|
@@ -0,0 +1,37 @@
|
|
|
1
|
+
import type { Manifest } from "../schema/index.js";
|
|
2
|
+
export type PolicyPackVersionGapKind =
|
|
3
|
+
/** Pack declares min_version but no version probe is registered (warn). */
|
|
4
|
+
"no_probe_registered"
|
|
5
|
+
/** Version probe returned null (binary missing / failed to launch). */
|
|
6
|
+
| "probe_failed"
|
|
7
|
+
/** Probe stdout did not match a `digit(.digit)*` token. */
|
|
8
|
+
| "parse_failed"
|
|
9
|
+
/** Probed version is below the declared floor. */
|
|
10
|
+
| "below_floor";
|
|
11
|
+
export interface PolicyPackVersionGap {
|
|
12
|
+
packIndex: number;
|
|
13
|
+
packName: string;
|
|
14
|
+
/** The declared floor from `policy_packs[i].min_version`. */
|
|
15
|
+
declaredMinVersion: string;
|
|
16
|
+
/**
|
|
17
|
+
* The version probe command that was (or would have been) invoked.
|
|
18
|
+
* Empty array when no probe is registered for the pack.
|
|
19
|
+
*/
|
|
20
|
+
versionCommand: readonly string[];
|
|
21
|
+
/** Parsed version string when the probe succeeded; otherwise null. */
|
|
22
|
+
actualVersion: string | null;
|
|
23
|
+
kind: PolicyPackVersionGapKind;
|
|
24
|
+
message: string;
|
|
25
|
+
}
|
|
26
|
+
/**
|
|
27
|
+
* Walks `manifest.policy_packs` in declared order. For each enabled
|
|
28
|
+
* builtin pack that carries an explicit `min_version`, runs the
|
|
29
|
+
* registered probe (or flags missing-probe), parses the version, and
|
|
30
|
+
* compares against the floor. Returns one gap per offending pack;
|
|
31
|
+
* green ones produce nothing.
|
|
32
|
+
*
|
|
33
|
+
* `enabled: false` packs are skipped (consistent with the source +
|
|
34
|
+
* config helpers). Non-builtin pack names are skipped: the source
|
|
35
|
+
* check is the source of truth for "this pack does not resolve".
|
|
36
|
+
*/
|
|
37
|
+
export declare function checkPolicyPackVersions(manifest: Manifest, versionProbe: (cmd: readonly string[]) => string | null): PolicyPackVersionGap[];
|
|
@@ -0,0 +1,89 @@
|
|
|
1
|
+
// Per-pack version-floor check. Doctor uses this to surface a warning
|
|
2
|
+
// when the operator declared `policy_packs[].min_version: x.y.z` and
|
|
3
|
+
// the installed package-side bin reports below that. Mirrors the
|
|
4
|
+
// hook-level `checkHookVersion` design (see `src/cli/doctor/index.ts`):
|
|
5
|
+
// the same warning rungs, the same parse-failure fallback, so an
|
|
6
|
+
// operator reading doctor output sees a consistent shape regardless of
|
|
7
|
+
// which layer raised the gap.
|
|
8
|
+
//
|
|
9
|
+
// The split between this and the hook-level check is deliberate: a
|
|
10
|
+
// hook-level floor covers each individual hook command, this catches a
|
|
11
|
+
// pack-level config-schema mismatch (a `config:` key only the newer
|
|
12
|
+
// package honours). Both can fire in the same doctor run.
|
|
13
|
+
import { compareNumericVersions } from "../io/version-compare.js";
|
|
14
|
+
import { isBuiltinPackName, resolveBuiltinVersionCommand } from "./registry.js";
|
|
15
|
+
/**
|
|
16
|
+
* Walks `manifest.policy_packs` in declared order. For each enabled
|
|
17
|
+
* builtin pack that carries an explicit `min_version`, runs the
|
|
18
|
+
* registered probe (or flags missing-probe), parses the version, and
|
|
19
|
+
* compares against the floor. Returns one gap per offending pack;
|
|
20
|
+
* green ones produce nothing.
|
|
21
|
+
*
|
|
22
|
+
* `enabled: false` packs are skipped (consistent with the source +
|
|
23
|
+
* config helpers). Non-builtin pack names are skipped: the source
|
|
24
|
+
* check is the source of truth for "this pack does not resolve".
|
|
25
|
+
*/
|
|
26
|
+
export function checkPolicyPackVersions(manifest, versionProbe) {
|
|
27
|
+
const gaps = [];
|
|
28
|
+
manifest.policy_packs.forEach((pack, packIndex) => {
|
|
29
|
+
if (!pack.enabled)
|
|
30
|
+
return;
|
|
31
|
+
if (!isBuiltinPackName(pack.name))
|
|
32
|
+
return;
|
|
33
|
+
if (!pack.min_version)
|
|
34
|
+
return;
|
|
35
|
+
const versionCommand = resolveBuiltinVersionCommand(pack.name);
|
|
36
|
+
if (versionCommand === null) {
|
|
37
|
+
gaps.push({
|
|
38
|
+
packIndex,
|
|
39
|
+
packName: pack.name,
|
|
40
|
+
declaredMinVersion: pack.min_version,
|
|
41
|
+
versionCommand: [],
|
|
42
|
+
actualVersion: null,
|
|
43
|
+
kind: "no_probe_registered",
|
|
44
|
+
message: `no version probe registered for pack "${pack.name}"; the declared min_version cannot be enforced`,
|
|
45
|
+
});
|
|
46
|
+
return;
|
|
47
|
+
}
|
|
48
|
+
const stdout = versionProbe(versionCommand);
|
|
49
|
+
if (stdout === null) {
|
|
50
|
+
gaps.push({
|
|
51
|
+
packIndex,
|
|
52
|
+
packName: pack.name,
|
|
53
|
+
declaredMinVersion: pack.min_version,
|
|
54
|
+
versionCommand,
|
|
55
|
+
actualVersion: null,
|
|
56
|
+
kind: "probe_failed",
|
|
57
|
+
message: `version probe failed for ${versionCommand.join(" ")}`,
|
|
58
|
+
});
|
|
59
|
+
return;
|
|
60
|
+
}
|
|
61
|
+
const match = stdout.match(/(\d+(?:\.\d+){0,3})/);
|
|
62
|
+
if (!match || !match[1]) {
|
|
63
|
+
gaps.push({
|
|
64
|
+
packIndex,
|
|
65
|
+
packName: pack.name,
|
|
66
|
+
declaredMinVersion: pack.min_version,
|
|
67
|
+
versionCommand,
|
|
68
|
+
actualVersion: null,
|
|
69
|
+
kind: "parse_failed",
|
|
70
|
+
message: `could not parse a version from "${stdout.trim()}"`,
|
|
71
|
+
});
|
|
72
|
+
return;
|
|
73
|
+
}
|
|
74
|
+
const actual = match[1];
|
|
75
|
+
if (compareNumericVersions(actual, pack.min_version) < 0) {
|
|
76
|
+
gaps.push({
|
|
77
|
+
packIndex,
|
|
78
|
+
packName: pack.name,
|
|
79
|
+
declaredMinVersion: pack.min_version,
|
|
80
|
+
versionCommand,
|
|
81
|
+
actualVersion: actual,
|
|
82
|
+
kind: "below_floor",
|
|
83
|
+
message: `outdated: installed v${actual} < required ${pack.min_version}`,
|
|
84
|
+
});
|
|
85
|
+
}
|
|
86
|
+
});
|
|
87
|
+
return gaps;
|
|
88
|
+
}
|
|
89
|
+
//# sourceMappingURL=version-check.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"version-check.js","sourceRoot":"","sources":["../../src/policy-packs/version-check.ts"],"names":[],"mappings":"AAAA,sEAAsE;AACtE,qEAAqE;AACrE,iEAAiE;AACjE,wEAAwE;AACxE,iEAAiE;AACjE,uEAAuE;AACvE,8BAA8B;AAC9B,EAAE;AACF,mEAAmE;AACnE,uEAAuE;AACvE,oEAAoE;AACpE,0DAA0D;AAE1D,OAAO,EAAE,sBAAsB,EAAE,MAAM,0BAA0B,CAAC;AAClE,OAAO,EAAE,iBAAiB,EAAE,4BAA4B,EAAE,MAAM,eAAe,CAAC;AA6BhF;;;;;;;;;;GAUG;AACH,MAAM,UAAU,uBAAuB,CACrC,QAAkB,EAClB,YAAuD;IAEvD,MAAM,IAAI,GAA2B,EAAE,CAAC;IACxC,QAAQ,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,SAAS,EAAE,EAAE;QAChD,IAAI,CAAC,IAAI,CAAC,OAAO;YAAE,OAAO;QAC1B,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,IAAI,CAAC;YAAE,OAAO;QAC1C,IAAI,CAAC,IAAI,CAAC,WAAW;YAAE,OAAO;QAC9B,MAAM,cAAc,GAAG,4BAA4B,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC/D,IAAI,cAAc,KAAK,IAAI,EAAE,CAAC;YAC5B,IAAI,CAAC,IAAI,CAAC;gBACR,SAAS;gBACT,QAAQ,EAAE,IAAI,CAAC,IAAI;gBACnB,kBAAkB,EAAE,IAAI,CAAC,WAAW;gBACpC,cAAc,EAAE,EAAE;gBAClB,aAAa,EAAE,IAAI;gBACnB,IAAI,EAAE,qBAAqB;gBAC3B,OAAO,EAAE,yCAAyC,IAAI,CAAC,IAAI,gDAAgD;aAC5G,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QACD,MAAM,MAAM,GAAG,YAAY,CAAC,cAAc,CAAC,CAAC;QAC5C,IAAI,MAAM,KAAK,IAAI,EAAE,CAAC;YACpB,IAAI,CAAC,IAAI,CAAC;gBACR,SAAS;gBACT,QAAQ,EAAE,IAAI,CAAC,IAAI;gBACnB,kBAAkB,EAAE,IAAI,CAAC,WAAW;gBACpC,cAAc;gBACd,aAAa,EAAE,IAAI;gBACnB,IAAI,EAAE,cAAc;gBACpB,OAAO,EAAE,4BAA4B,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;aAChE,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QACD,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,qBAAqB,CAAC,CAAC;QAClD,IAAI,CAAC,KAAK,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;YACxB,IAAI,CAAC,IAAI,CAAC;gBACR,SAAS;gBACT,QAAQ,EAAE,IAAI,CAAC,IAAI;gBACnB,kBAAkB,EAAE,IAAI,CAAC,WAAW;gBACpC,cAAc;gBACd,aAAa,EAAE,IAAI;gBACnB,IAAI,EAAE,cAAc;gBACpB,OAAO,EAAE,mCAAmC,MAAM,CAAC,IAAI,EAAE,GAAG;aAC7D,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QACD,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACxB,IAAI,sBAAsB,CAAC,MAAM,EAAE,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,EAAE,CAAC;YACzD,IAAI,CAAC,IAAI,CAAC;gBACR,SAAS;gBACT,QAAQ,EAAE,IAAI,CAAC,IAAI;gBACnB,kBAAkB,EAAE,IAAI,CAAC,WAAW;gBACpC,cAAc;gBACd,aAAa,EAAE,MAAM;gBACrB,IAAI,EAAE,aAAa;gBACnB,OAAO,EAAE,wBAAwB,MAAM,eAAe,IAAI,CAAC,WAAW,EAAE;aACzE,CAAC,CAAC;QACL,CAAC;IACH,CAAC,CAAC,CAAC;IACH,OAAO,IAAI,CAAC;AACd,CAAC"}
|
package/dist/probes/memory.d.ts
CHANGED
|
@@ -50,6 +50,6 @@ export interface MemoryOptions {
|
|
|
50
50
|
* spawnSync probe at CLI invocation. Returning `null` is treated as
|
|
51
51
|
* "version probe failed" and emits a warn line.
|
|
52
52
|
*/
|
|
53
|
-
versionProbe?: (cmd: string[]) => string | null;
|
|
53
|
+
versionProbe?: (cmd: readonly string[]) => string | null;
|
|
54
54
|
}
|
|
55
55
|
export declare function inspectMemory(manifest: Manifest, opts?: MemoryOptions): MemoryReport;
|
package/dist/schema/hooks.js
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import { z } from "zod";
|
|
2
|
+
import { NUMERIC_VERSION_MESSAGE, NUMERIC_VERSION_PATTERN } from "../io/version-compare.js";
|
|
2
3
|
export const HookEventSchema = z.enum([
|
|
3
4
|
"SessionStart",
|
|
4
5
|
"UserPromptSubmit",
|
|
@@ -31,7 +32,11 @@ export const HookSchema = z
|
|
|
31
32
|
// `~/.claude/hooks/foo.sh`), so there is no useful default for
|
|
32
33
|
// `version_command` and a min_version-without-command is treated as a
|
|
33
34
|
// config error.
|
|
34
|
-
min_version: z
|
|
35
|
+
min_version: z
|
|
36
|
+
.string()
|
|
37
|
+
.min(1)
|
|
38
|
+
.regex(NUMERIC_VERSION_PATTERN, NUMERIC_VERSION_MESSAGE)
|
|
39
|
+
.optional(),
|
|
35
40
|
version_command: z.array(z.string().min(1)).min(1).optional(),
|
|
36
41
|
})
|
|
37
42
|
.strict()
|
package/dist/schema/hooks.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"hooks.js","sourceRoot":"","sources":["../../src/schema/hooks.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,MAAM,CAAC,MAAM,eAAe,GAAG,CAAC,CAAC,IAAI,CAAC;IACpC,cAAc;IACd,kBAAkB;IAClB,YAAY;IACZ,aAAa;IACb,MAAM;IACN,cAAc;IACd,YAAY;CACb,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAAC,CAAC,KAAK,CAAC;IACxC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC;IAChB,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC;IACjB,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC;CAClB,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,UAAU,GAAG,CAAC;KACxB,MAAM,CAAC;IACN,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IACvB,KAAK,EAAE,eAAe;IACtB,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IAC1B,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;IACnC,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;IACxC,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;IACxC,QAAQ,EAAE,kBAAkB;IAC5B,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC;IACrD,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAClC,yEAAyE;IACzE,wEAAwE;IACxE,qEAAqE;IACrE,mDAAmD;IACnD,+DAA+D;IAC/D,sEAAsE;IACtE,gBAAgB;IAChB,WAAW,EAAE,CAAC,
|
|
1
|
+
{"version":3,"file":"hooks.js","sourceRoot":"","sources":["../../src/schema/hooks.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,OAAO,EAAE,uBAAuB,EAAE,uBAAuB,EAAE,MAAM,0BAA0B,CAAC;AAE5F,MAAM,CAAC,MAAM,eAAe,GAAG,CAAC,CAAC,IAAI,CAAC;IACpC,cAAc;IACd,kBAAkB;IAClB,YAAY;IACZ,aAAa;IACb,MAAM;IACN,cAAc;IACd,YAAY;CACb,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAAC,CAAC,KAAK,CAAC;IACxC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC;IAChB,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC;IACjB,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC;CAClB,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,UAAU,GAAG,CAAC;KACxB,MAAM,CAAC;IACN,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IACvB,KAAK,EAAE,eAAe;IACtB,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IAC1B,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;IACnC,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;IACxC,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;IACxC,QAAQ,EAAE,kBAAkB;IAC5B,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC;IACrD,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAClC,yEAAyE;IACzE,wEAAwE;IACxE,qEAAqE;IACrE,mDAAmD;IACnD,+DAA+D;IAC/D,sEAAsE;IACtE,gBAAgB;IAChB,WAAW,EAAE,CAAC;SACX,MAAM,EAAE;SACR,GAAG,CAAC,CAAC,CAAC;SACN,KAAK,CAAC,uBAAuB,EAAE,uBAAuB,CAAC;SACvD,QAAQ,EAAE;IACb,eAAe,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;CAC9D,CAAC;KACD,MAAM,EAAE;KACR,MAAM,CACL,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,KAAK,SAAS,IAAI,CAAC,CAAC,eAAe,KAAK,SAAS,EACrE;IACE,OAAO,EAAE,sDAAsD;IAC/D,IAAI,EAAE,CAAC,iBAAiB,CAAC;CAC1B,CACF,CAAC;AAEJ,mEAAmE;AACnE,wEAAwE;AACxE,0EAA0E;AAC1E,wEAAwE;AACxE,uEAAuE;AACvE,EAAE;AACF,0EAA0E;AAC1E,yEAAyE;AACzE,sEAAsE;AACtE,MAAM,2BAA2B,GAA0B,CAAC,SAAS,CAAC,CAAC;AAEvE,MAAM,CAAC,MAAM,WAAW,GAAG,CAAC,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,WAAW,CAAC,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE;IACxE,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAC/B,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;QACrB,IAAI,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC;YACrB,GAAG,CAAC,QAAQ,CAAC;gBACX,IAAI,EAAE,CAAC,CAAC,YAAY,CAAC,MAAM;gBAC3B,IAAI,EAAE,CAAC,CAAC,EAAE,MAAM,CAAC;gBACjB,OAAO,EAAE,wBAAwB,CAAC,CAAC,IAAI,EAAE;aAC1C,CAAC,CAAC;QACL,CAAC;QACD,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;QACjB,KAAK,MAAM,MAAM,IAAI,2BAA2B,EAAE,CAAC;YACjD,IAAI,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;gBAC9B,GAAG,CAAC,QAAQ,CAAC;oBACX,IAAI,EAAE,CAAC,CAAC,YAAY,CAAC,MAAM;oBAC3B,IAAI,EAAE,CAAC,CAAC,EAAE,MAAM,CAAC;oBACjB,OAAO,EACL,cAAc,CAAC,CAAC,IAAI,2BAA2B,MAAM,IAAI;wBACzD,2DAA2D;wBAC3D,uDAAuD;wBACvD,8DAA8D;iBACjE,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
package/dist/schema/index.d.ts
CHANGED
|
@@ -883,15 +883,18 @@ export declare const ManifestSchema: z.ZodEffects<z.ZodObject<{
|
|
|
883
883
|
enabled: z.ZodDefault<z.ZodBoolean>;
|
|
884
884
|
description: z.ZodOptional<z.ZodString>;
|
|
885
885
|
config: z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodUnknown>>;
|
|
886
|
+
min_version: z.ZodOptional<z.ZodString>;
|
|
886
887
|
}, "strict", z.ZodTypeAny, {
|
|
887
888
|
name: string;
|
|
888
889
|
enabled: boolean;
|
|
889
890
|
source: string;
|
|
890
891
|
config: Record<string, unknown>;
|
|
891
892
|
description?: string | undefined;
|
|
893
|
+
min_version?: string | undefined;
|
|
892
894
|
}, {
|
|
893
895
|
name: string;
|
|
894
896
|
description?: string | undefined;
|
|
897
|
+
min_version?: string | undefined;
|
|
895
898
|
enabled?: boolean | undefined;
|
|
896
899
|
source?: string | undefined;
|
|
897
900
|
config?: Record<string, unknown> | undefined;
|
|
@@ -901,9 +904,11 @@ export declare const ManifestSchema: z.ZodEffects<z.ZodObject<{
|
|
|
901
904
|
source: string;
|
|
902
905
|
config: Record<string, unknown>;
|
|
903
906
|
description?: string | undefined;
|
|
907
|
+
min_version?: string | undefined;
|
|
904
908
|
}[], {
|
|
905
909
|
name: string;
|
|
906
910
|
description?: string | undefined;
|
|
911
|
+
min_version?: string | undefined;
|
|
907
912
|
enabled?: boolean | undefined;
|
|
908
913
|
source?: string | undefined;
|
|
909
914
|
config?: Record<string, unknown> | undefined;
|
|
@@ -2608,6 +2613,7 @@ export declare const ManifestSchema: z.ZodEffects<z.ZodObject<{
|
|
|
2608
2613
|
source: string;
|
|
2609
2614
|
config: Record<string, unknown>;
|
|
2610
2615
|
description?: string | undefined;
|
|
2616
|
+
min_version?: string | undefined;
|
|
2611
2617
|
}[];
|
|
2612
2618
|
risk: {
|
|
2613
2619
|
classifiers: {
|
|
@@ -2900,6 +2906,7 @@ export declare const ManifestSchema: z.ZodEffects<z.ZodObject<{
|
|
|
2900
2906
|
policy_packs?: {
|
|
2901
2907
|
name: string;
|
|
2902
2908
|
description?: string | undefined;
|
|
2909
|
+
min_version?: string | undefined;
|
|
2903
2910
|
enabled?: boolean | undefined;
|
|
2904
2911
|
source?: string | undefined;
|
|
2905
2912
|
config?: Record<string, unknown> | undefined;
|
|
@@ -3198,6 +3205,7 @@ export declare const ManifestSchema: z.ZodEffects<z.ZodObject<{
|
|
|
3198
3205
|
source: string;
|
|
3199
3206
|
config: Record<string, unknown>;
|
|
3200
3207
|
description?: string | undefined;
|
|
3208
|
+
min_version?: string | undefined;
|
|
3201
3209
|
}[];
|
|
3202
3210
|
risk: {
|
|
3203
3211
|
classifiers: {
|
|
@@ -3490,6 +3498,7 @@ export declare const ManifestSchema: z.ZodEffects<z.ZodObject<{
|
|
|
3490
3498
|
policy_packs?: {
|
|
3491
3499
|
name: string;
|
|
3492
3500
|
description?: string | undefined;
|
|
3501
|
+
min_version?: string | undefined;
|
|
3493
3502
|
enabled?: boolean | undefined;
|
|
3494
3503
|
source?: string | undefined;
|
|
3495
3504
|
config?: Record<string, unknown> | undefined;
|
package/dist/schema/memory.js
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import { z } from "zod";
|
|
2
|
+
import { NUMERIC_VERSION_MESSAGE, NUMERIC_VERSION_PATTERN } from "../io/version-compare.js";
|
|
2
3
|
export const MemoryScopeSchema = z.enum(["project", "user"]);
|
|
3
4
|
export const MemoryDirectorySchema = z
|
|
4
5
|
.object({
|
|
@@ -10,7 +11,11 @@ export const MemoryRouterSchema = z
|
|
|
10
11
|
.object({
|
|
11
12
|
command: z.array(z.string().min(1)).min(1),
|
|
12
13
|
enabled: z.boolean().default(true),
|
|
13
|
-
min_version: z
|
|
14
|
+
min_version: z
|
|
15
|
+
.string()
|
|
16
|
+
.min(1)
|
|
17
|
+
.regex(NUMERIC_VERSION_PATTERN, NUMERIC_VERSION_MESSAGE)
|
|
18
|
+
.optional(),
|
|
14
19
|
version_command: z.array(z.string().min(1)).min(1).optional(),
|
|
15
20
|
})
|
|
16
21
|
.strict();
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"memory.js","sourceRoot":"","sources":["../../src/schema/memory.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,MAAM,CAAC,MAAM,iBAAiB,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,CAAC;AAE7D,MAAM,CAAC,MAAM,qBAAqB,GAAG,CAAC;KACnC,MAAM,CAAC;IACN,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IACvB,KAAK,EAAE,iBAAiB;CACzB,CAAC;KACD,MAAM,EAAE,CAAC;AAEZ,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAAC;KAChC,MAAM,CAAC;IACN,OAAO,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IAC1C,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC;IAClC,WAAW,EAAE,CAAC,
|
|
1
|
+
{"version":3,"file":"memory.js","sourceRoot":"","sources":["../../src/schema/memory.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,OAAO,EAAE,uBAAuB,EAAE,uBAAuB,EAAE,MAAM,0BAA0B,CAAC;AAE5F,MAAM,CAAC,MAAM,iBAAiB,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,CAAC;AAE7D,MAAM,CAAC,MAAM,qBAAqB,GAAG,CAAC;KACnC,MAAM,CAAC;IACN,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IACvB,KAAK,EAAE,iBAAiB;CACzB,CAAC;KACD,MAAM,EAAE,CAAC;AAEZ,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAAC;KAChC,MAAM,CAAC;IACN,OAAO,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IAC1C,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC;IAClC,WAAW,EAAE,CAAC;SACX,MAAM,EAAE;SACR,GAAG,CAAC,CAAC,CAAC;SACN,KAAK,CAAC,uBAAuB,EAAE,uBAAuB,CAAC;SACvD,QAAQ,EAAE;IACb,eAAe,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;CAC9D,CAAC;KACD,MAAM,EAAE,CAAC;AAEZ,MAAM,CAAC,MAAM,qBAAqB,GAAG,CAAC;KACnC,MAAM,CAAC;IACN,cAAc,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC;IACxD,WAAW,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC;CACjE,CAAC;KACD,MAAM,EAAE,CAAC;AAEZ,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAAC;KAChC,MAAM,CAAC;IACN,OAAO,EAAE,iBAAiB,CAAC,OAAO,CAAC,SAAS,CAAC;IAC7C,OAAO,EAAE,CAAC,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,CAAC;CAChE,CAAC;KACD,MAAM,EAAE;KACR,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,EAAE;IAC5C,OAAO,EAAE,4DAA4D;CACtE,CAAC,CAAC;AAEL,MAAM,CAAC,MAAM,YAAY,GAAG,CAAC;KAC1B,MAAM,CAAC;IACN,WAAW,EAAE,CAAC,CAAC,KAAK,CAAC,qBAAqB,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IACvD,MAAM,EAAE,kBAAkB,CAAC,QAAQ,EAAE;IACrC,SAAS,EAAE,qBAAqB,CAAC,OAAO,CAAC,EAAE,CAAC;IAC5C,MAAM,EAAE,kBAAkB,CAAC,OAAO,CAAC,EAAE,CAAC;CACvC,CAAC;KACD,MAAM,EAAE,CAAC"}
|
|
@@ -5,15 +5,18 @@ export declare const PolicyPackSchema: z.ZodObject<{
|
|
|
5
5
|
enabled: z.ZodDefault<z.ZodBoolean>;
|
|
6
6
|
description: z.ZodOptional<z.ZodString>;
|
|
7
7
|
config: z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodUnknown>>;
|
|
8
|
+
min_version: z.ZodOptional<z.ZodString>;
|
|
8
9
|
}, "strict", z.ZodTypeAny, {
|
|
9
10
|
name: string;
|
|
10
11
|
enabled: boolean;
|
|
11
12
|
source: string;
|
|
12
13
|
config: Record<string, unknown>;
|
|
13
14
|
description?: string | undefined;
|
|
15
|
+
min_version?: string | undefined;
|
|
14
16
|
}, {
|
|
15
17
|
name: string;
|
|
16
18
|
description?: string | undefined;
|
|
19
|
+
min_version?: string | undefined;
|
|
17
20
|
enabled?: boolean | undefined;
|
|
18
21
|
source?: string | undefined;
|
|
19
22
|
config?: Record<string, unknown> | undefined;
|
|
@@ -24,15 +27,18 @@ export declare const PolicyPacksSchema: z.ZodEffects<z.ZodArray<z.ZodObject<{
|
|
|
24
27
|
enabled: z.ZodDefault<z.ZodBoolean>;
|
|
25
28
|
description: z.ZodOptional<z.ZodString>;
|
|
26
29
|
config: z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodUnknown>>;
|
|
30
|
+
min_version: z.ZodOptional<z.ZodString>;
|
|
27
31
|
}, "strict", z.ZodTypeAny, {
|
|
28
32
|
name: string;
|
|
29
33
|
enabled: boolean;
|
|
30
34
|
source: string;
|
|
31
35
|
config: Record<string, unknown>;
|
|
32
36
|
description?: string | undefined;
|
|
37
|
+
min_version?: string | undefined;
|
|
33
38
|
}, {
|
|
34
39
|
name: string;
|
|
35
40
|
description?: string | undefined;
|
|
41
|
+
min_version?: string | undefined;
|
|
36
42
|
enabled?: boolean | undefined;
|
|
37
43
|
source?: string | undefined;
|
|
38
44
|
config?: Record<string, unknown> | undefined;
|
|
@@ -42,9 +48,11 @@ export declare const PolicyPacksSchema: z.ZodEffects<z.ZodArray<z.ZodObject<{
|
|
|
42
48
|
source: string;
|
|
43
49
|
config: Record<string, unknown>;
|
|
44
50
|
description?: string | undefined;
|
|
51
|
+
min_version?: string | undefined;
|
|
45
52
|
}[], {
|
|
46
53
|
name: string;
|
|
47
54
|
description?: string | undefined;
|
|
55
|
+
min_version?: string | undefined;
|
|
48
56
|
enabled?: boolean | undefined;
|
|
49
57
|
source?: string | undefined;
|
|
50
58
|
config?: Record<string, unknown> | undefined;
|