npm - @node9/proxy - Versions diffs - 1.19.2 → 1.19.4 - Mend

@node9/proxy 1.19.2 → 1.19.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/dist/index.js CHANGED Viewed

@@ -3601,7 +3601,6 @@ var import_fs8 = __toESM(require("fs"));
 var import_net = __toESM(require("net"));
 var import_path8 = __toESM(require("path"));
 var import_os7 = __toESM(require("os"));
-var import_child_process = require("child_process");
 var ACTIVITY_SOCKET_PATH = process.platform === "win32" ? "\\\\.\\pipe\\node9-activity" : import_path8.default.join(import_os7.default.tmpdir(), "node9-activity.sock");
 function notifyActivitySocket(data) {
   return new Promise((resolve) => {
@@ -3674,22 +3673,9 @@ function isDaemonRunning() {
       }
       return false;
     }
-    const r = (0, import_child_process.spawnSync)("ss", ["-Htnp", `sport = :${DAEMON_PORT}`], {
-      encoding: "utf8",
-      timeout: 300
-    });
-    if (r.status === 0 && (r.stdout ?? "").includes(`:${DAEMON_PORT}`)) return true;
-    return false;
-  }
-  try {
-    const r = (0, import_child_process.spawnSync)("ss", ["-Htnp", `sport = :${DAEMON_PORT}`], {
-      encoding: "utf8",
-      timeout: 300
-    });
-    return r.status === 0 && (r.stdout ?? "").includes(`:${DAEMON_PORT}`);
-  } catch {
-    return false;
+    return true;
   }
+  return false;
 }
 async function registerDaemonEntry(toolName, args, meta, riskMetadata, activityId, cwd, recoveryCommand, skipBackgroundAuth, viewOnly, localSmartRuleMatched, socketActivitySent) {
   const base = `http://${DAEMON_HOST}:${DAEMON_PORT}`;
@@ -3745,7 +3731,7 @@ async function waitForDaemonDecision(id, signal) {
     if (signal) signal.removeEventListener("abort", onAbort);
   }
 }
-async function notifyDaemonViewer(toolName, args, meta, riskMetadata) {
+async function notifyDaemonViewer(toolName, args, meta, riskMetadata, activityId, socketActivitySent) {
   const base = `http://${DAEMON_HOST}:${DAEMON_PORT}`;
   const res = await fetch(`${base}/check`, {
     method: "POST",
@@ -3756,7 +3742,12 @@ async function notifyDaemonViewer(toolName, args, meta, riskMetadata) {
       slackDelegated: true,
       agent: meta?.agent,
       mcpServer: meta?.mcpServer,
-      ...riskMetadata && { riskMetadata }
+      ...riskMetadata && { riskMetadata },
+      // fromCLI=true tells the daemon the CLI already sent the activity
+      // event via socket. Same contract as registerDaemonEntry — without
+      // it the daemon double-emits 'activity' for cloud-enforced flows.
+      fromCLI: socketActivitySent !== false,
+      activityId
     }),
     signal: AbortSignal.timeout(3e3)
   });
@@ -3817,7 +3808,7 @@ async function resolveViaDaemon(id, decision, internalToken, source) {
 var import_crypto3 = require("crypto");
 // src/ui/native.ts
-var import_child_process2 = require("child_process");
+var import_child_process = require("child_process");
 var import_path10 = __toESM(require("path"));
 // src/context-sniper.ts
@@ -4091,7 +4082,7 @@ activate
 display dialog (item 1 of argv) with title (item 2 of argv) ${buttons}
 end tell
 end run`;
-        childProcess = (0, import_child_process2.spawn)("osascript", ["-e", script, "--", message, title]);
+        childProcess = (0, import_child_process.spawn)("osascript", ["-e", script, "--", message, title]);
       } else if (process.platform === "linux") {
         const pangoMessage = buildPangoMessage(
           toolName,
@@ -4117,12 +4108,12 @@ end run`;
           argsList.push("--cancel-label", "Block  \u238B");
           argsList.push("--extra-button", "Always Allow");
         }
-        childProcess = (0, import_child_process2.spawn)("zenity", argsList);
+        childProcess = (0, import_child_process.spawn)("zenity", argsList);
       } else if (process.platform === "win32") {
         const b64Msg = Buffer.from(message).toString("base64");
         const b64Title = Buffer.from(title).toString("base64");
         const ps = `Add-Type -AssemblyName PresentationFramework; $msg = [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String("${b64Msg}")); $title = [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String("${b64Title}")); $res = [System.Windows.MessageBox]::Show($msg, $title, "${locked ? "OK" : "YesNo"}", "Warning", "Button2", "DefaultDesktopOnly"); if ($res -eq "Yes") { exit 0 } else { exit 1 }`;
-        childProcess = (0, import_child_process2.spawn)("powershell", ["-Command", ps]);
+        childProcess = (0, import_child_process.spawn)("powershell", ["-Command", ps]);
       }
       let output = "";
       childProcess?.stdout?.on("data", (d) => output += d.toString());
@@ -4851,7 +4842,14 @@ async function _authorizeHeadlessCore(toolName, args, meta, options) {
   let daemonAllowCount = 1;
   if (approvers.terminal && isDaemonRunning() && !options?.calledFromDaemon) {
     if (cloudEnforced && cloudRequestId) {
-      const viewer = await notifyDaemonViewer(toolName, args, meta, riskMetadata).catch(() => null);
+      const viewer = await notifyDaemonViewer(
+        toolName,
+        args,
+        meta,
+        riskMetadata,
+        options?.activityId,
+        options?.socketActivitySent
+      ).catch(() => null);
       viewerId = viewer?.id ?? null;
       daemonEntryId = viewerId;
       if (viewer) daemonAllowCount = viewer.allowCount;

package/dist/index.mjs CHANGED Viewed

@@ -3571,7 +3571,6 @@ import fs8 from "fs";
 import net from "net";
 import path8 from "path";
 import os7 from "os";
-import { spawnSync } from "child_process";
 var ACTIVITY_SOCKET_PATH = process.platform === "win32" ? "\\\\.\\pipe\\node9-activity" : path8.join(os7.tmpdir(), "node9-activity.sock");
 function notifyActivitySocket(data) {
   return new Promise((resolve) => {
@@ -3644,22 +3643,9 @@ function isDaemonRunning() {
       }
       return false;
     }
-    const r = spawnSync("ss", ["-Htnp", `sport = :${DAEMON_PORT}`], {
-      encoding: "utf8",
-      timeout: 300
-    });
-    if (r.status === 0 && (r.stdout ?? "").includes(`:${DAEMON_PORT}`)) return true;
-    return false;
-  }
-  try {
-    const r = spawnSync("ss", ["-Htnp", `sport = :${DAEMON_PORT}`], {
-      encoding: "utf8",
-      timeout: 300
-    });
-    return r.status === 0 && (r.stdout ?? "").includes(`:${DAEMON_PORT}`);
-  } catch {
-    return false;
+    return true;
   }
+  return false;
 }
 async function registerDaemonEntry(toolName, args, meta, riskMetadata, activityId, cwd, recoveryCommand, skipBackgroundAuth, viewOnly, localSmartRuleMatched, socketActivitySent) {
   const base = `http://${DAEMON_HOST}:${DAEMON_PORT}`;
@@ -3715,7 +3701,7 @@ async function waitForDaemonDecision(id, signal) {
     if (signal) signal.removeEventListener("abort", onAbort);
   }
 }
-async function notifyDaemonViewer(toolName, args, meta, riskMetadata) {
+async function notifyDaemonViewer(toolName, args, meta, riskMetadata, activityId, socketActivitySent) {
   const base = `http://${DAEMON_HOST}:${DAEMON_PORT}`;
   const res = await fetch(`${base}/check`, {
     method: "POST",
@@ -3726,7 +3712,12 @@ async function notifyDaemonViewer(toolName, args, meta, riskMetadata) {
       slackDelegated: true,
       agent: meta?.agent,
       mcpServer: meta?.mcpServer,
-      ...riskMetadata && { riskMetadata }
+      ...riskMetadata && { riskMetadata },
+      // fromCLI=true tells the daemon the CLI already sent the activity
+      // event via socket. Same contract as registerDaemonEntry — without
+      // it the daemon double-emits 'activity' for cloud-enforced flows.
+      fromCLI: socketActivitySent !== false,
+      activityId
     }),
     signal: AbortSignal.timeout(3e3)
   });
@@ -4821,7 +4812,14 @@ async function _authorizeHeadlessCore(toolName, args, meta, options) {
   let daemonAllowCount = 1;
   if (approvers.terminal && isDaemonRunning() && !options?.calledFromDaemon) {
     if (cloudEnforced && cloudRequestId) {
-      const viewer = await notifyDaemonViewer(toolName, args, meta, riskMetadata).catch(() => null);
+      const viewer = await notifyDaemonViewer(
+        toolName,
+        args,
+        meta,
+        riskMetadata,
+        options?.activityId,
+        options?.socketActivitySent
+      ).catch(() => null);
       viewerId = viewer?.id ?? null;
       daemonEntryId = viewerId;
       if (viewer) daemonAllowCount = viewer.allowCount;

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@node9/proxy",
-  "version": "1.19.2",
+  "version": "1.19.4",
   "description": "The Sudo Command for AI Agents. Execution Security for Claude Code & MCP.",
   "main": "./dist/index.js",
   "module": "./dist/index.mjs",
@@ -77,8 +77,10 @@
     "chalk": "^4.1.2",
     "commander": "^14.0.3",
     "execa": "^9.6.1",
+    "ink": "^7.0.2",
     "mvdan-sh": "^0.10.1",
     "picomatch": "^4.0.3",
+    "react": "^19.2.6",
     "safe-regex2": "^5.1.0",
     "smol-toml": "^1.6.1",
     "zod": "^3.25.76"
@@ -96,6 +98,7 @@
     "@semantic-release/release-notes-generator": "^14.1.0",
     "@types/node": "^25.3.1",
     "@types/picomatch": "^4.0.2",
+    "@types/react": "^19.2.14",
     "@vitest/coverage-v8": "4.1.2",
     "cross-env": "^10.1.0",
     "prettier": "^3.4.2",