@node9/proxy 1.0.3 → 1.0.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +90 -5
- package/dist/cli.js +744 -58
- package/dist/cli.mjs +744 -58
- package/dist/index.js +28 -0
- package/dist/index.mjs +28 -0
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -45,12 +45,38 @@ Node9 doesn't just "cut the wire." When a command is blocked, it injects a **Str
|
|
|
45
45
|
|
|
46
46
|
### ⏪ Shadow Git Snapshots (Auto-Undo)
|
|
47
47
|
|
|
48
|
-
Node9 takes silent, lightweight Git
|
|
48
|
+
Node9 takes a silent, lightweight Git snapshot before every AI file edit. If the AI hallucinates and breaks your code, run `node9 undo` to instantly revert — with a full diff preview before anything changes.
|
|
49
49
|
|
|
50
50
|
```bash
|
|
51
|
+
# Undo the last AI action (shows diff + asks confirmation)
|
|
51
52
|
node9 undo
|
|
53
|
+
|
|
54
|
+
# Go back N actions at once
|
|
55
|
+
node9 undo --steps 3
|
|
56
|
+
```
|
|
57
|
+
|
|
58
|
+
Example output:
|
|
59
|
+
|
|
60
|
+
```
|
|
61
|
+
⏪ Node9 Undo
|
|
62
|
+
Tool: str_replace_based_edit_tool → src/app.ts
|
|
63
|
+
When: 2m ago
|
|
64
|
+
Dir: /home/user/my-project
|
|
65
|
+
|
|
66
|
+
--- src/app.ts (snapshot)
|
|
67
|
+
+++ src/app.ts (current)
|
|
68
|
+
@@ -1,4 +1,6 @@
|
|
69
|
+
-const x = 1;
|
|
70
|
+
+const x = 99;
|
|
71
|
+
+const y = "hello";
|
|
72
|
+
|
|
73
|
+
Revert to this snapshot? [y/N]
|
|
52
74
|
```
|
|
53
75
|
|
|
76
|
+
Node9 keeps the last 10 snapshots. Snapshots are only taken for file-writing tools (`write_file`, `edit_file`, `str_replace_based_edit_tool`, `create_file`) — not for read-only or shell commands.
|
|
77
|
+
|
|
78
|
+
Node9 keeps the last 10 snapshots. Snapshots are only taken for file-writing tools (`write_file`, `edit_file`, `str_replace_based_edit_tool`, `create_file`) — not for read-only or shell commands.
|
|
79
|
+
|
|
54
80
|
### 🌊 The Resolution Waterfall
|
|
55
81
|
|
|
56
82
|
Security posture is resolved using a strict 5-tier waterfall:
|
|
@@ -69,13 +95,17 @@ Security posture is resolved using a strict 5-tier waterfall:
|
|
|
69
95
|
npm install -g @node9/proxy
|
|
70
96
|
|
|
71
97
|
# 1. Setup protection for your favorite agent
|
|
72
|
-
node9
|
|
98
|
+
node9 setup # interactive menu — picks the right agent for you
|
|
99
|
+
node9 addto claude # or wire directly
|
|
73
100
|
node9 addto gemini
|
|
74
101
|
|
|
75
102
|
# 2. Initialize your local safety net
|
|
76
103
|
node9 init
|
|
77
104
|
|
|
78
|
-
# 3.
|
|
105
|
+
# 3. Verify everything is wired correctly
|
|
106
|
+
node9 doctor
|
|
107
|
+
|
|
108
|
+
# 4. Check your status
|
|
79
109
|
node9 status
|
|
80
110
|
```
|
|
81
111
|
|
|
@@ -121,9 +151,64 @@ Rules are **merged additive**—you cannot "un-danger" a word locally if it was
|
|
|
121
151
|
|
|
122
152
|
---
|
|
123
153
|
|
|
124
|
-
|
|
154
|
+
---
|
|
155
|
+
|
|
156
|
+
## 🖥️ CLI Reference
|
|
157
|
+
|
|
158
|
+
| Command | Description |
|
|
159
|
+
| :---------------------------- | :------------------------------------------------------------------------------------ |
|
|
160
|
+
| `node9 setup` | Interactive menu — detects installed agents and wires hooks for you |
|
|
161
|
+
| `node9 addto <agent>` | Wire hooks for a specific agent (`claude`, `gemini`, `cursor`) |
|
|
162
|
+
| `node9 init` | Create default `~/.node9/config.json` |
|
|
163
|
+
| `node9 status` | Show current protection status and active rules |
|
|
164
|
+
| `node9 doctor` | Health check — verifies binaries, config, credentials, and all agent hooks |
|
|
165
|
+
| `node9 explain <tool> [args]` | Trace the policy waterfall for a given tool call (dry-run, no approval prompt) |
|
|
166
|
+
| `node9 undo [--steps N]` | Revert the last N AI file edits using shadow Git snapshots |
|
|
167
|
+
| `node9 check` | Called by agent hooks; evaluates a pending tool call and exits 0 (allow) or 1 (block) |
|
|
168
|
+
|
|
169
|
+
### `node9 doctor`
|
|
125
170
|
|
|
126
|
-
|
|
171
|
+
Runs a full self-test and exits 1 if any required check fails:
|
|
172
|
+
|
|
173
|
+
```
|
|
174
|
+
Node9 Doctor v1.2.0
|
|
175
|
+
────────────────────────────────────────
|
|
176
|
+
Binaries
|
|
177
|
+
✅ Node.js v20.11.0
|
|
178
|
+
✅ git version 2.43.0
|
|
179
|
+
|
|
180
|
+
Configuration
|
|
181
|
+
✅ ~/.node9/config.json found and valid
|
|
182
|
+
✅ ~/.node9/credentials.json — cloud credentials found
|
|
183
|
+
|
|
184
|
+
Agent Hooks
|
|
185
|
+
✅ Claude Code — PreToolUse hook active
|
|
186
|
+
⚠️ Gemini CLI — not configured (optional)
|
|
187
|
+
⚠️ Cursor — not configured (optional)
|
|
188
|
+
|
|
189
|
+
────────────────────────────────────────
|
|
190
|
+
All checks passed ✅
|
|
191
|
+
```
|
|
192
|
+
|
|
193
|
+
### `node9 explain`
|
|
194
|
+
|
|
195
|
+
Dry-runs the policy engine and prints exactly which rule (or waterfall tier) would block or allow a given tool call — useful for debugging your config:
|
|
196
|
+
|
|
197
|
+
```bash
|
|
198
|
+
node9 explain bash '{"command":"rm -rf /tmp/build"}'
|
|
199
|
+
```
|
|
200
|
+
|
|
201
|
+
```
|
|
202
|
+
Policy Waterfall for: bash
|
|
203
|
+
──────────────────────────────────────────────
|
|
204
|
+
Tier 1 · Cloud Org Policy SKIP (no org policy loaded)
|
|
205
|
+
Tier 2 · Dangerous Words BLOCK ← matched "rm -rf"
|
|
206
|
+
Tier 3 · Path Block –
|
|
207
|
+
Tier 4 · Inline Exec –
|
|
208
|
+
Tier 5 · Rule Match –
|
|
209
|
+
──────────────────────────────────────────────
|
|
210
|
+
Verdict: BLOCK (dangerous word: rm -rf)
|
|
211
|
+
```
|
|
127
212
|
|
|
128
213
|
---
|
|
129
214
|
|