@miller-tech/uap 1.26.2 → 1.26.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/package.json
CHANGED
|
@@ -4,21 +4,46 @@
|
|
|
4
4
|
set -euo pipefail
|
|
5
5
|
|
|
6
6
|
PAYLOAD="$(cat)"
|
|
7
|
-
|
|
8
|
-
|
|
7
|
+
HOOK_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
|
|
8
|
+
|
|
9
|
+
# Resolve two roots:
|
|
10
|
+
# CHECKOUT_ROOT — the current working tree (a worktree under .worktrees/, or the
|
|
11
|
+
# main checkout). git-based enforcers run their `git diff` here.
|
|
12
|
+
# MAIN_ROOT — the main checkout that holds RUNTIME data. policies.db and the
|
|
13
|
+
# .policy-tools/ enforcers live ONLY here (policies.db is gitignored
|
|
14
|
+
# and is never copied into worktrees).
|
|
15
|
+
# Previously the DB path was resolved against the checkout root, so when a tool ran
|
|
16
|
+
# from inside a worktree the gate found no policies.db and silently skipped ALL
|
|
17
|
+
# policy enforcement. Anchor DB + enforcer paths to MAIN_ROOT to fix that, while
|
|
18
|
+
# keeping the enforcer working directory on the actual working tree.
|
|
19
|
+
CHECKOUT_ROOT="$(git rev-parse --show-toplevel 2>/dev/null || true)"
|
|
20
|
+
[[ -z "$CHECKOUT_ROOT" ]] && CHECKOUT_ROOT="$(cd "$HOOK_DIR/../.." 2>/dev/null && pwd || pwd)"
|
|
21
|
+
MAIN_ROOT="${CHECKOUT_ROOT%%/.worktrees/*}"
|
|
22
|
+
|
|
23
|
+
# Anchor enforcers to MAIN_ROOT via _common.repo_root(). This is the project root
|
|
24
|
+
# that *contains* the worktrees, so path-relative enforcers reason correctly from
|
|
25
|
+
# any cwd — e.g. worktree-required sees an edit as ".worktrees/NNN/..." (allow)
|
|
26
|
+
# instead of, when run from inside a worktree, resolving repo_root to the worktree
|
|
27
|
+
# itself and mis-flagging a legitimate worktree edit as a root edit (false block).
|
|
28
|
+
export UAP_REPO_ROOT="$MAIN_ROOT"
|
|
29
|
+
# git-diff enforcers (test-gate, schema-diff, iac-parity) must run git against the
|
|
30
|
+
# actual WORKING TREE, not the (possibly bare) MAIN_ROOT. Expose the current checkout
|
|
31
|
+
# so _common.worktree_root() targets the worktree when an op runs from inside one.
|
|
32
|
+
export UAP_WORKTREE_ROOT="$CHECKOUT_ROOT"
|
|
33
|
+
cd "$MAIN_ROOT"
|
|
9
34
|
|
|
10
35
|
TOOL="$(printf '%s' "$PAYLOAD" | python3 -c 'import json,sys; d=json.load(sys.stdin); print(d.get("tool_name") or d.get("tool") or "")' 2>/dev/null || true)"
|
|
11
36
|
ARGS="$(printf '%s' "$PAYLOAD" | python3 -c 'import json,sys; d=json.load(sys.stdin); print(json.dumps(d.get("tool_input") or d.get("args") or {}))' 2>/dev/null || echo '{}')"
|
|
12
37
|
|
|
13
38
|
[[ -z "$TOOL" ]] && exit 0
|
|
14
39
|
|
|
15
|
-
DB="agents/data/memory/policies.db"
|
|
40
|
+
DB="$MAIN_ROOT/agents/data/memory/policies.db"
|
|
16
41
|
[[ ! -f "$DB" ]] && exit 0
|
|
17
42
|
|
|
18
43
|
# Iterate active policies with attached executable tools
|
|
19
44
|
while IFS='|' read -r pid pname tool; do
|
|
20
45
|
[[ -z "$pid" ]] && continue
|
|
21
|
-
enforcer="
|
|
46
|
+
enforcer="$MAIN_ROOT/.policy-tools/${pid}_${tool}.py"
|
|
22
47
|
[[ ! -f "$enforcer" ]] && continue
|
|
23
48
|
out="$(python3 "$enforcer" --operation "$TOOL" --args "$ARGS" 2>/dev/null || true)"
|
|
24
49
|
allowed="$(printf '%s' "$out" | python3 -c 'import json,sys;
|