@praxis.guard/auditor-cli 0.0.19 → 0.0.20
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/approval/fingerprint.d.ts +5 -0
- package/dist/approval/fingerprint.d.ts.map +1 -0
- package/dist/approval/fingerprint.js +44 -0
- package/dist/approval/fingerprint.js.map +1 -0
- package/dist/approval/grant.d.ts.map +1 -1
- package/dist/approval/grant.js +5 -0
- package/dist/approval/grant.js.map +1 -1
- package/dist/approval/hook-inline-approval.d.ts +23 -0
- package/dist/approval/hook-inline-approval.d.ts.map +1 -0
- package/dist/approval/hook-inline-approval.js +61 -0
- package/dist/approval/hook-inline-approval.js.map +1 -0
- package/dist/approval/mcp-flow.d.ts +3 -1
- package/dist/approval/mcp-flow.d.ts.map +1 -1
- package/dist/approval/mcp-flow.js +26 -8
- package/dist/approval/mcp-flow.js.map +1 -1
- package/dist/approval/redeem.d.ts +4 -2
- package/dist/approval/redeem.d.ts.map +1 -1
- package/dist/approval/redeem.js +27 -18
- package/dist/approval/redeem.js.map +1 -1
- package/dist/approval/types.d.ts +6 -0
- package/dist/approval/types.d.ts.map +1 -1
- package/dist/bridge/execution-ticket.d.ts +4 -3
- package/dist/bridge/execution-ticket.d.ts.map +1 -1
- package/dist/bridge/execution-ticket.js +19 -8
- package/dist/bridge/execution-ticket.js.map +1 -1
- package/dist/bridge/guard-storage-root.d.ts +6 -0
- package/dist/bridge/guard-storage-root.d.ts.map +1 -0
- package/dist/bridge/guard-storage-root.js +24 -0
- package/dist/bridge/guard-storage-root.js.map +1 -0
- package/dist/bridge/pending-approval-index.d.ts +19 -0
- package/dist/bridge/pending-approval-index.d.ts.map +1 -0
- package/dist/bridge/pending-approval-index.js +29 -0
- package/dist/bridge/pending-approval-index.js.map +1 -0
- package/dist/cli/approvals.d.ts.map +1 -1
- package/dist/cli/approvals.js +17 -9
- package/dist/cli/approvals.js.map +1 -1
- package/dist/cli/main.d.ts.map +1 -1
- package/dist/cli/main.js +4 -1
- package/dist/cli/main.js.map +1 -1
- package/dist/hooks/agent-message.d.ts +5 -1
- package/dist/hooks/agent-message.d.ts.map +1 -1
- package/dist/hooks/agent-message.js +13 -7
- package/dist/hooks/agent-message.js.map +1 -1
- package/dist/hooks/run-before-mcp.d.ts.map +1 -1
- package/dist/hooks/run-before-mcp.js +42 -18
- package/dist/hooks/run-before-mcp.js.map +1 -1
- package/dist/hooks/run-before-shell.d.ts.map +1 -1
- package/dist/hooks/run-before-shell.js +33 -13
- package/dist/hooks/run-before-shell.js.map +1 -1
- package/dist/mcp/server.d.ts.map +1 -1
- package/dist/mcp/server.js +39 -22
- package/dist/mcp/server.js.map +1 -1
- package/package.json +1 -1
|
@@ -0,0 +1,5 @@
|
|
|
1
|
+
/** Stable hash for MCP tool_input JSON (sorted keys, no whitespace). */
|
|
2
|
+
export declare function toolInputSha256(toolInput: unknown): string | null;
|
|
3
|
+
/** Canonical argv for approval binding (shell + MCP). */
|
|
4
|
+
export declare function canonicalArgv(argv: readonly string[]): string[];
|
|
5
|
+
//# sourceMappingURL=fingerprint.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"fingerprint.d.ts","sourceRoot":"","sources":["../../src/approval/fingerprint.ts"],"names":[],"mappings":"AAEA,wEAAwE;AACxE,wBAAgB,eAAe,CAAC,SAAS,EAAE,OAAO,GAAG,MAAM,GAAG,IAAI,CAmBjE;AAaD,yDAAyD;AACzD,wBAAgB,aAAa,CAAC,IAAI,EAAE,SAAS,MAAM,EAAE,GAAG,MAAM,EAAE,CAE/D"}
|
|
@@ -0,0 +1,44 @@
|
|
|
1
|
+
import { createHash } from "node:crypto";
|
|
2
|
+
/** Stable hash for MCP tool_input JSON (sorted keys, no whitespace). */
|
|
3
|
+
export function toolInputSha256(toolInput) {
|
|
4
|
+
if (toolInput === undefined || toolInput === null)
|
|
5
|
+
return null;
|
|
6
|
+
let normalized;
|
|
7
|
+
if (typeof toolInput === "string") {
|
|
8
|
+
const t = toolInput.trim();
|
|
9
|
+
if (!t)
|
|
10
|
+
return null;
|
|
11
|
+
try {
|
|
12
|
+
normalized = JSON.stringify(sortJson(JSON.parse(t)));
|
|
13
|
+
}
|
|
14
|
+
catch {
|
|
15
|
+
normalized = t;
|
|
16
|
+
}
|
|
17
|
+
}
|
|
18
|
+
else {
|
|
19
|
+
try {
|
|
20
|
+
normalized = JSON.stringify(sortJson(toolInput));
|
|
21
|
+
}
|
|
22
|
+
catch {
|
|
23
|
+
return null;
|
|
24
|
+
}
|
|
25
|
+
}
|
|
26
|
+
return createHash("sha256").update(normalized, "utf8").digest("hex");
|
|
27
|
+
}
|
|
28
|
+
function sortJson(value) {
|
|
29
|
+
if (value === null || typeof value !== "object")
|
|
30
|
+
return value;
|
|
31
|
+
if (Array.isArray(value))
|
|
32
|
+
return value.map(sortJson);
|
|
33
|
+
const obj = value;
|
|
34
|
+
const sorted = {};
|
|
35
|
+
for (const key of Object.keys(obj).sort()) {
|
|
36
|
+
sorted[key] = sortJson(obj[key]);
|
|
37
|
+
}
|
|
38
|
+
return sorted;
|
|
39
|
+
}
|
|
40
|
+
/** Canonical argv for approval binding (shell + MCP). */
|
|
41
|
+
export function canonicalArgv(argv) {
|
|
42
|
+
return argv.map((t) => (typeof t === "string" ? t.trim() : String(t)));
|
|
43
|
+
}
|
|
44
|
+
//# sourceMappingURL=fingerprint.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"fingerprint.js","sourceRoot":"","sources":["../../src/approval/fingerprint.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAEzC,wEAAwE;AACxE,MAAM,UAAU,eAAe,CAAC,SAAkB;IAChD,IAAI,SAAS,KAAK,SAAS,IAAI,SAAS,KAAK,IAAI;QAAE,OAAO,IAAI,CAAC;IAC/D,IAAI,UAAkB,CAAC;IACvB,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;QAClC,MAAM,CAAC,GAAG,SAAS,CAAC,IAAI,EAAE,CAAC;QAC3B,IAAI,CAAC,CAAC;YAAE,OAAO,IAAI,CAAC;QACpB,IAAI,CAAC;YACH,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACvD,CAAC;QAAC,MAAM,CAAC;YACP,UAAU,GAAG,CAAC,CAAC;QACjB,CAAC;IACH,CAAC;SAAM,CAAC;QACN,IAAI,CAAC;YACH,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC;QACnD,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IACD,OAAO,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;AACvE,CAAC;AAED,SAAS,QAAQ,CAAC,KAAc;IAC9B,IAAI,KAAK,KAAK,IAAI,IAAI,OAAO,KAAK,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC;IAC9D,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IACrD,MAAM,GAAG,GAAG,KAAgC,CAAC;IAC7C,MAAM,MAAM,GAA4B,EAAE,CAAC;IAC3C,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC;QAC1C,MAAM,CAAC,GAAG,CAAC,GAAG,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;IACnC,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,yDAAyD;AACzD,MAAM,UAAU,aAAa,CAAC,IAAuB;IACnD,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AACzE,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"grant.d.ts","sourceRoot":"","sources":["../../src/approval/grant.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,mBAAmB,EAAE,qBAAqB,EAAE,MAAM,YAAY,CAAC;AAoB7E,yDAAyD;AACzD,wBAAgB,mBAAmB,CAAC,KAAK,EAAE,MAAM,GAAG,mBAAmB,GAAG,IAAI,CAkB7E;AAED,mFAAmF;AACnF,wBAAgB,qBAAqB,CAAC,KAAK,EAAE,MAAM,GAAG,qBAAqB,GAAG,IAAI,
|
|
1
|
+
{"version":3,"file":"grant.d.ts","sourceRoot":"","sources":["../../src/approval/grant.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,mBAAmB,EAAE,qBAAqB,EAAE,MAAM,YAAY,CAAC;AAoB7E,yDAAyD;AACzD,wBAAgB,mBAAmB,CAAC,KAAK,EAAE,MAAM,GAAG,mBAAmB,GAAG,IAAI,CAkB7E;AAED,mFAAmF;AACnF,wBAAgB,qBAAqB,CAAC,KAAK,EAAE,MAAM,GAAG,qBAAqB,GAAG,IAAI,CA4BjF"}
|
package/dist/approval/grant.js
CHANGED
|
@@ -73,6 +73,11 @@ export function verifyExecutionTicket(token) {
|
|
|
73
73
|
return null;
|
|
74
74
|
if (typeof payload.install_id !== "string" || typeof payload.jti !== "string")
|
|
75
75
|
return null;
|
|
76
|
+
if (payload.tool_input_sha256 !== undefined &&
|
|
77
|
+
payload.tool_input_sha256 !== null &&
|
|
78
|
+
typeof payload.tool_input_sha256 !== "string") {
|
|
79
|
+
return null;
|
|
80
|
+
}
|
|
76
81
|
return payload;
|
|
77
82
|
}
|
|
78
83
|
//# sourceMappingURL=grant.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"grant.js","sourceRoot":"","sources":["../../src/approval/grant.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAI1D,SAAS,mBAAmB,CAAI,OAAe;IAC7C,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;QAC/D,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAM,CAAC;IAC9B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,SAAS,iBAAiB;IACxB,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,yBAAyB,EAAE,IAAI,EAAE,CAAC;IAC9D,IAAI,OAAO;QAAE,OAAO,OAAO,CAAC;IAC5B,IAAI,OAAO,CAAC,GAAG,CAAC,uCAAuC,EAAE,IAAI,EAAE,EAAE,CAAC;QAChE,OAAO,kCAAkC,CAAC;IAC5C,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,yDAAyD;AACzD,MAAM,UAAU,mBAAmB,CAAC,KAAa;IAC/C,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC/B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IACpC,MAAM,MAAM,GAAG,iBAAiB,EAAE,CAAC;IACnC,IAAI,CAAC,MAAM;QAAE,OAAO,IAAI,CAAC;IACzB,MAAM,CAAC,MAAM,EAAE,IAAI,EAAE,GAAG,CAAC,GAAG,KAAK,CAAC;IAClC,MAAM,QAAQ,GAAG,UAAU,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC,MAAM,CAAC,GAAG,MAAM,IAAI,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;IAC9F,IAAI,CAAC;QACH,MAAM,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;QACnC,MAAM,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QACxC,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,MAAM,IAAI,CAAC,eAAe,CAAC,CAAC,EAAE,CAAC,CAAC;YAAE,OAAO,IAAI,CAAC;IACnE,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;IACD,MAAM,OAAO,GAAG,mBAAmB,CAAsB,IAAI,CAAC,CAAC;IAC/D,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,GAAG,KAAK,UAAU;QAAE,OAAO,IAAI,CAAC;IACxD,IAAI,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ,IAAI,OAAO,CAAC,GAAG,GAAG,IAAI,GAAG,IAAI,CAAC,GAAG,EAAE;QAAE,OAAO,IAAI,CAAC;IACpF,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,mFAAmF;AACnF,MAAM,UAAU,qBAAqB,CAAC,KAAa;IACjD,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC/B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IACpC,MAAM,MAAM,GAAG,iBAAiB,EAAE,CAAC;IACnC,IAAI,CAAC,MAAM;QAAE,OAAO,IAAI,CAAC;IACzB,MAAM,CAAC,MAAM,EAAE,IAAI,EAAE,GAAG,CAAC,GAAG,KAAK,CAAC;IAClC,MAAM,QAAQ,GAAG,UAAU,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC,MAAM,CAAC,GAAG,MAAM,IAAI,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;IAC9F,IAAI,CAAC;QACH,MAAM,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;QACnC,MAAM,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QACxC,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,MAAM,IAAI,CAAC,eAAe,CAAC,CAAC,EAAE,CAAC,CAAC;YAAE,OAAO,IAAI,CAAC;IACnE,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;IACD,MAAM,OAAO,GAAG,mBAAmB,CAAwB,IAAI,CAAC,CAAC;IACjE,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,GAAG,KAAK,WAAW;QAAE,OAAO,IAAI,CAAC;IACzD,IAAI,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ,IAAI,OAAO,CAAC,GAAG,GAAG,IAAI,GAAG,IAAI,CAAC,GAAG,EAAE;QAAE,OAAO,IAAI,CAAC;IACpF,IAAI,OAAO,CAAC,IAAI,KAAK,OAAO,IAAI,OAAO,CAAC,IAAI,KAAK,KAAK;QAAE,OAAO,IAAI,CAAC;IACpE,IAAI,OAAO,OAAO,CAAC,UAAU,KAAK,QAAQ,IAAI,OAAO,OAAO,CAAC,WAAW,KAAK,QAAQ;QAAE,OAAO,IAAI,CAAC;IACnG,IAAI,OAAO,OAAO,CAAC,UAAU,KAAK,QAAQ,IAAI,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ;QAAE,OAAO,IAAI,CAAC;IAC3F,OAAO,OAAO,CAAC;AACjB,CAAC"}
|
|
1
|
+
{"version":3,"file":"grant.js","sourceRoot":"","sources":["../../src/approval/grant.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAI1D,SAAS,mBAAmB,CAAI,OAAe;IAC7C,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;QAC/D,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAM,CAAC;IAC9B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,SAAS,iBAAiB;IACxB,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,yBAAyB,EAAE,IAAI,EAAE,CAAC;IAC9D,IAAI,OAAO;QAAE,OAAO,OAAO,CAAC;IAC5B,IAAI,OAAO,CAAC,GAAG,CAAC,uCAAuC,EAAE,IAAI,EAAE,EAAE,CAAC;QAChE,OAAO,kCAAkC,CAAC;IAC5C,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,yDAAyD;AACzD,MAAM,UAAU,mBAAmB,CAAC,KAAa;IAC/C,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC/B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IACpC,MAAM,MAAM,GAAG,iBAAiB,EAAE,CAAC;IACnC,IAAI,CAAC,MAAM;QAAE,OAAO,IAAI,CAAC;IACzB,MAAM,CAAC,MAAM,EAAE,IAAI,EAAE,GAAG,CAAC,GAAG,KAAK,CAAC;IAClC,MAAM,QAAQ,GAAG,UAAU,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC,MAAM,CAAC,GAAG,MAAM,IAAI,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;IAC9F,IAAI,CAAC;QACH,MAAM,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;QACnC,MAAM,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QACxC,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,MAAM,IAAI,CAAC,eAAe,CAAC,CAAC,EAAE,CAAC,CAAC;YAAE,OAAO,IAAI,CAAC;IACnE,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;IACD,MAAM,OAAO,GAAG,mBAAmB,CAAsB,IAAI,CAAC,CAAC;IAC/D,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,GAAG,KAAK,UAAU;QAAE,OAAO,IAAI,CAAC;IACxD,IAAI,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ,IAAI,OAAO,CAAC,GAAG,GAAG,IAAI,GAAG,IAAI,CAAC,GAAG,EAAE;QAAE,OAAO,IAAI,CAAC;IACpF,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,mFAAmF;AACnF,MAAM,UAAU,qBAAqB,CAAC,KAAa;IACjD,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC/B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IACpC,MAAM,MAAM,GAAG,iBAAiB,EAAE,CAAC;IACnC,IAAI,CAAC,MAAM;QAAE,OAAO,IAAI,CAAC;IACzB,MAAM,CAAC,MAAM,EAAE,IAAI,EAAE,GAAG,CAAC,GAAG,KAAK,CAAC;IAClC,MAAM,QAAQ,GAAG,UAAU,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC,MAAM,CAAC,GAAG,MAAM,IAAI,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;IAC9F,IAAI,CAAC;QACH,MAAM,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;QACnC,MAAM,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QACxC,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,MAAM,IAAI,CAAC,eAAe,CAAC,CAAC,EAAE,CAAC,CAAC;YAAE,OAAO,IAAI,CAAC;IACnE,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;IACD,MAAM,OAAO,GAAG,mBAAmB,CAAwB,IAAI,CAAC,CAAC;IACjE,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,GAAG,KAAK,WAAW;QAAE,OAAO,IAAI,CAAC;IACzD,IAAI,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ,IAAI,OAAO,CAAC,GAAG,GAAG,IAAI,GAAG,IAAI,CAAC,GAAG,EAAE;QAAE,OAAO,IAAI,CAAC;IACpF,IAAI,OAAO,CAAC,IAAI,KAAK,OAAO,IAAI,OAAO,CAAC,IAAI,KAAK,KAAK;QAAE,OAAO,IAAI,CAAC;IACpE,IAAI,OAAO,OAAO,CAAC,UAAU,KAAK,QAAQ,IAAI,OAAO,OAAO,CAAC,WAAW,KAAK,QAAQ;QAAE,OAAO,IAAI,CAAC;IACnG,IAAI,OAAO,OAAO,CAAC,UAAU,KAAK,QAAQ,IAAI,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ;QAAE,OAAO,IAAI,CAAC;IAC3F,IACE,OAAO,CAAC,iBAAiB,KAAK,SAAS;QACvC,OAAO,CAAC,iBAAiB,KAAK,IAAI;QAClC,OAAO,OAAO,CAAC,iBAAiB,KAAK,QAAQ,EAC7C,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC"}
|
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
export type HookInlineApprovalInput = {
|
|
2
|
+
argv: string[];
|
|
3
|
+
kind: "shell" | "mcp";
|
|
4
|
+
rawDisplay: string;
|
|
5
|
+
policyRevision: number | null;
|
|
6
|
+
reasons: unknown[];
|
|
7
|
+
eventId: string;
|
|
8
|
+
storageRoot?: string;
|
|
9
|
+
tool_input_sha256?: string | null;
|
|
10
|
+
sessionId?: string | null;
|
|
11
|
+
environment?: string | null;
|
|
12
|
+
};
|
|
13
|
+
export type HookInlineApprovalResult = {
|
|
14
|
+
request_id: string;
|
|
15
|
+
open_url: string;
|
|
16
|
+
expires_at: string;
|
|
17
|
+
};
|
|
18
|
+
export declare function hookInlineApprovalEnabled(): boolean;
|
|
19
|
+
/**
|
|
20
|
+
* Phase 2: on first MUTATE deny, create approval request with bounded HTTP (fail-closed on error).
|
|
21
|
+
*/
|
|
22
|
+
export declare function tryHookInlineApprovalRequest(input: HookInlineApprovalInput): Promise<HookInlineApprovalResult | null>;
|
|
23
|
+
//# sourceMappingURL=hook-inline-approval.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"hook-inline-approval.d.ts","sourceRoot":"","sources":["../../src/approval/hook-inline-approval.ts"],"names":[],"mappings":"AAOA,MAAM,MAAM,uBAAuB,GAAG;IACpC,IAAI,EAAE,MAAM,EAAE,CAAC;IACf,IAAI,EAAE,OAAO,GAAG,KAAK,CAAC;IACtB,UAAU,EAAE,MAAM,CAAC;IACnB,cAAc,EAAE,MAAM,GAAG,IAAI,CAAC;IAC9B,OAAO,EAAE,OAAO,EAAE,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,iBAAiB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAClC,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CAC7B,CAAC;AAEF,MAAM,MAAM,wBAAwB,GAAG;IACrC,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;CACpB,CAAC;AAEF,wBAAgB,yBAAyB,IAAI,OAAO,CAEnD;AAOD;;GAEG;AACH,wBAAsB,4BAA4B,CAChD,KAAK,EAAE,uBAAuB,GAC7B,OAAO,CAAC,wBAAwB,GAAG,IAAI,CAAC,CAiD1C"}
|
|
@@ -0,0 +1,61 @@
|
|
|
1
|
+
import { getInstallId } from "../cli/install-id.js";
|
|
2
|
+
import { resolveGuardToken } from "../cli/credentials.js";
|
|
3
|
+
import { createApprovalRequest } from "./client.js";
|
|
4
|
+
import { argvSha256 } from "./argv-fingerprint.js";
|
|
5
|
+
import { writePendingApprovalIndex } from "../bridge/pending-approval-index.js";
|
|
6
|
+
import { resolveGuardStorageRoot } from "../bridge/guard-storage-root.js";
|
|
7
|
+
export function hookInlineApprovalEnabled() {
|
|
8
|
+
return process.env.PRAXIS_HOOK_INLINE_APPROVAL !== "0";
|
|
9
|
+
}
|
|
10
|
+
function inlineTimeoutMs() {
|
|
11
|
+
const n = Number(process.env.PRAXIS_HOOK_INLINE_APPROVAL_TIMEOUT_MS);
|
|
12
|
+
return Number.isFinite(n) && n > 0 ? Math.min(n, 5000) : 1200;
|
|
13
|
+
}
|
|
14
|
+
/**
|
|
15
|
+
* Phase 2: on first MUTATE deny, create approval request with bounded HTTP (fail-closed on error).
|
|
16
|
+
*/
|
|
17
|
+
export async function tryHookInlineApprovalRequest(input) {
|
|
18
|
+
if (!hookInlineApprovalEnabled())
|
|
19
|
+
return null;
|
|
20
|
+
if (!resolveGuardToken())
|
|
21
|
+
return null;
|
|
22
|
+
const storageRoot = resolveGuardStorageRoot(input.storageRoot);
|
|
23
|
+
const hash = argvSha256(input.argv);
|
|
24
|
+
const timeoutMs = inlineTimeoutMs();
|
|
25
|
+
try {
|
|
26
|
+
const created = await Promise.race([
|
|
27
|
+
createApprovalRequest({
|
|
28
|
+
kind: input.kind,
|
|
29
|
+
tier: "MUTATE",
|
|
30
|
+
argv: [...input.argv],
|
|
31
|
+
install_id: getInstallId(),
|
|
32
|
+
session_id: input.sessionId ?? null,
|
|
33
|
+
environment: input.environment ?? null,
|
|
34
|
+
raw_display: input.rawDisplay,
|
|
35
|
+
event_id: input.eventId,
|
|
36
|
+
policy_revision: input.policyRevision,
|
|
37
|
+
reasons: input.reasons,
|
|
38
|
+
tool_input_sha256: input.tool_input_sha256 ?? null,
|
|
39
|
+
approval_scope: "exact",
|
|
40
|
+
}),
|
|
41
|
+
new Promise((_, reject) => setTimeout(() => reject(new Error("inline_approval_timeout")), timeoutMs)),
|
|
42
|
+
]);
|
|
43
|
+
await writePendingApprovalIndex({
|
|
44
|
+
request_id: created.request_id,
|
|
45
|
+
argv_sha256: hash,
|
|
46
|
+
argv: [...input.argv],
|
|
47
|
+
install_id: getInstallId(),
|
|
48
|
+
open_url: created.open_url,
|
|
49
|
+
expires_at: created.expires_at,
|
|
50
|
+
event_id: input.eventId,
|
|
51
|
+
tool_input_sha256: input.tool_input_sha256 ?? null,
|
|
52
|
+
kind: input.kind,
|
|
53
|
+
created_at: new Date().toISOString(),
|
|
54
|
+
}, { storageRoot });
|
|
55
|
+
return created;
|
|
56
|
+
}
|
|
57
|
+
catch {
|
|
58
|
+
return null;
|
|
59
|
+
}
|
|
60
|
+
}
|
|
61
|
+
//# sourceMappingURL=hook-inline-approval.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"hook-inline-approval.js","sourceRoot":"","sources":["../../src/approval/hook-inline-approval.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACpD,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAC1D,OAAO,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAC;AACpD,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AACnD,OAAO,EAAE,yBAAyB,EAAE,MAAM,qCAAqC,CAAC;AAChF,OAAO,EAAE,uBAAuB,EAAE,MAAM,iCAAiC,CAAC;AAqB1E,MAAM,UAAU,yBAAyB;IACvC,OAAO,OAAO,CAAC,GAAG,CAAC,2BAA2B,KAAK,GAAG,CAAC;AACzD,CAAC;AAED,SAAS,eAAe;IACtB,MAAM,CAAC,GAAG,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,sCAAsC,CAAC,CAAC;IACrE,OAAO,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;AAChE,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,4BAA4B,CAChD,KAA8B;IAE9B,IAAI,CAAC,yBAAyB,EAAE;QAAE,OAAO,IAAI,CAAC;IAC9C,IAAI,CAAC,iBAAiB,EAAE;QAAE,OAAO,IAAI,CAAC;IAEtC,MAAM,WAAW,GAAG,uBAAuB,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;IAC/D,MAAM,IAAI,GAAG,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IACpC,MAAM,SAAS,GAAG,eAAe,EAAE,CAAC;IAEpC,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,IAAI,CAAC;YACjC,qBAAqB,CAAC;gBACtB,IAAI,EAAE,KAAK,CAAC,IAAI;gBAChB,IAAI,EAAE,QAAQ;gBACd,IAAI,EAAE,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC;gBACrB,UAAU,EAAE,YAAY,EAAE;gBAC1B,UAAU,EAAE,KAAK,CAAC,SAAS,IAAI,IAAI;gBACnC,WAAW,EAAE,KAAK,CAAC,WAAW,IAAI,IAAI;gBACtC,WAAW,EAAE,KAAK,CAAC,UAAU;gBAC7B,QAAQ,EAAE,KAAK,CAAC,OAAO;gBACvB,eAAe,EAAE,KAAK,CAAC,cAAc;gBACrC,OAAO,EAAE,KAAK,CAAC,OAAO;gBACtB,iBAAiB,EAAE,KAAK,CAAC,iBAAiB,IAAI,IAAI;gBAClD,cAAc,EAAE,OAAO;aACtB,CAAC;YACF,IAAI,OAAO,CAAQ,CAAC,CAAC,EAAE,MAAM,EAAE,EAAE,CAC/B,UAAU,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC,EAAE,SAAS,CAAC,CAC1E;SACF,CAAC,CAAC;QAEH,MAAM,yBAAyB,CAC7B;YACE,UAAU,EAAE,OAAO,CAAC,UAAU;YAC9B,WAAW,EAAE,IAAI;YACjB,IAAI,EAAE,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC;YACrB,UAAU,EAAE,YAAY,EAAE;YAC1B,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,UAAU,EAAE,OAAO,CAAC,UAAU;YAC9B,QAAQ,EAAE,KAAK,CAAC,OAAO;YACvB,iBAAiB,EAAE,KAAK,CAAC,iBAAiB,IAAI,IAAI;YAClD,IAAI,EAAE,KAAK,CAAC,IAAI;YAChB,UAAU,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACrC,EACD,EAAE,WAAW,EAAE,CAChB,CAAC;QAEF,OAAO,OAAO,CAAC;IACjB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC"}
|
|
@@ -26,7 +26,8 @@ export type McpApprovalOutcome = {
|
|
|
26
26
|
export declare function resolveMutateApproval(input: {
|
|
27
27
|
argv: string[];
|
|
28
28
|
proposalKind: "shell" | "mcp";
|
|
29
|
-
|
|
29
|
+
/** Workspace root for hook credentials (resolved if omitted). */
|
|
30
|
+
storageRoot?: string;
|
|
30
31
|
rawDisplay?: string;
|
|
31
32
|
eventId: string;
|
|
32
33
|
policyRevision: number | null;
|
|
@@ -35,6 +36,7 @@ export declare function resolveMutateApproval(input: {
|
|
|
35
36
|
environment?: string | null;
|
|
36
37
|
approval?: McpApprovalContext | null;
|
|
37
38
|
waitMs?: number | null;
|
|
39
|
+
tool_input_sha256?: string | null;
|
|
38
40
|
}): Promise<McpApprovalOutcome>;
|
|
39
41
|
export declare function argvFingerprint(argv: readonly string[]): string;
|
|
40
42
|
export { argvSha256 };
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"mcp-flow.d.ts","sourceRoot":"","sources":["../../src/approval/mcp-flow.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"mcp-flow.d.ts","sourceRoot":"","sources":["../../src/approval/mcp-flow.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AASnD,MAAM,MAAM,kBAAkB,GAAG;IAC/B,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CACvB,CAAC;AAEF,MAAM,MAAM,kBAAkB,GAC1B;IACE,IAAI,EAAE,kBAAkB,CAAC;IACzB,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;CACpB,GACD;IACE,IAAI,EAAE,OAAO,CAAC;IACd,QAAQ,EAAE,OAAO,CAAC;IAClB,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,cAAc,EAAE,OAAO,CAAC;IACxB,cAAc,EAAE,OAAO,CAAC;IACxB,UAAU,EAAE,MAAM,CAAC;CACpB,GACD;IACE,IAAI,EAAE,yBAAyB,CAAC;IAChC,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC;CACjB,GACD;IAAE,IAAI,EAAE,qBAAqB,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,CAAC;AAMrD,wBAAsB,qBAAqB,CAAC,KAAK,EAAE;IACjD,IAAI,EAAE,MAAM,EAAE,CAAC;IACf,YAAY,EAAE,OAAO,GAAG,KAAK,CAAC;IAC9B,iEAAiE;IACjE,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;IAChB,cAAc,EAAE,MAAM,GAAG,IAAI,CAAC;IAC9B,OAAO,EAAE,OAAO,EAAE,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,QAAQ,CAAC,EAAE,kBAAkB,GAAG,IAAI,CAAC;IACrC,MAAM,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACvB,iBAAiB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CACnC,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAqI9B;AAED,wBAAgB,eAAe,CAAC,IAAI,EAAE,SAAS,MAAM,EAAE,GAAG,MAAM,CAE/D;AAED,OAAO,EAAE,UAAU,EAAE,CAAC"}
|
|
@@ -1,4 +1,6 @@
|
|
|
1
1
|
import { getInstallId } from "../cli/install-id.js";
|
|
2
|
+
import { resolveGuardStorageRoot } from "../bridge/guard-storage-root.js";
|
|
3
|
+
import { writePendingApprovalIndex } from "../bridge/pending-approval-index.js";
|
|
2
4
|
import { argvSha256 } from "./argv-fingerprint.js";
|
|
3
5
|
import { createApprovalRequest, getApprovalRequest, pollUntilApproved, } from "./client.js";
|
|
4
6
|
import { redeemApprovalAndRecordBridge } from "./redeem.js";
|
|
@@ -8,6 +10,7 @@ function defaultAppUrl() {
|
|
|
8
10
|
}
|
|
9
11
|
export async function resolveMutateApproval(input) {
|
|
10
12
|
const installId = getInstallId();
|
|
13
|
+
const storageRoot = resolveGuardStorageRoot(input.storageRoot);
|
|
11
14
|
const requestId = input.approval?.request_id?.trim() || null;
|
|
12
15
|
const grant = input.approval?.grant?.trim() || null;
|
|
13
16
|
try {
|
|
@@ -38,23 +41,23 @@ export async function resolveMutateApproval(input) {
|
|
|
38
41
|
request_id: requestId,
|
|
39
42
|
argv: input.argv,
|
|
40
43
|
kind: input.proposalKind,
|
|
41
|
-
|
|
44
|
+
storageRoot,
|
|
42
45
|
grant,
|
|
43
46
|
environment: input.environment,
|
|
44
47
|
session_id: input.sessionId,
|
|
45
48
|
});
|
|
46
|
-
if (!redeem.
|
|
49
|
+
if (!redeem.ticketRecorded) {
|
|
47
50
|
return {
|
|
48
51
|
kind: "credential_not_recorded",
|
|
49
52
|
request_id: requestId,
|
|
50
|
-
message: "Approval redeemed but no
|
|
53
|
+
message: "Approval redeemed but no execution ticket was written for hooks. Check workspace permissions under .cursor/guard/tickets.",
|
|
51
54
|
};
|
|
52
55
|
}
|
|
53
56
|
return {
|
|
54
57
|
kind: "allow",
|
|
55
58
|
redeemed: redeem.redeemed,
|
|
56
59
|
approved_by: redeem.approved_by,
|
|
57
|
-
bridgeRecorded:
|
|
60
|
+
bridgeRecorded: false,
|
|
58
61
|
ticketRecorded: redeem.ticketRecorded,
|
|
59
62
|
request_id: requestId,
|
|
60
63
|
};
|
|
@@ -70,6 +73,8 @@ export async function resolveMutateApproval(input) {
|
|
|
70
73
|
event_id: input.eventId,
|
|
71
74
|
policy_revision: input.policyRevision,
|
|
72
75
|
reasons: input.reasons,
|
|
76
|
+
tool_input_sha256: input.tool_input_sha256 ?? null,
|
|
77
|
+
approval_scope: "exact",
|
|
73
78
|
});
|
|
74
79
|
if (input.waitMs && input.waitMs > 0) {
|
|
75
80
|
await pollUntilApproved(created.request_id, { timeoutMs: input.waitMs });
|
|
@@ -77,26 +82,39 @@ export async function resolveMutateApproval(input) {
|
|
|
77
82
|
request_id: created.request_id,
|
|
78
83
|
argv: input.argv,
|
|
79
84
|
kind: input.proposalKind,
|
|
80
|
-
|
|
85
|
+
storageRoot,
|
|
81
86
|
environment: input.environment,
|
|
82
87
|
session_id: input.sessionId,
|
|
83
88
|
});
|
|
84
|
-
if (!redeem.
|
|
89
|
+
if (!redeem.ticketRecorded) {
|
|
85
90
|
return {
|
|
86
91
|
kind: "credential_not_recorded",
|
|
87
92
|
request_id: created.request_id,
|
|
88
|
-
message: "Approval redeemed but no
|
|
93
|
+
message: "Approval redeemed but no execution ticket was written for hooks. Check workspace permissions under .cursor/guard/tickets.",
|
|
89
94
|
};
|
|
90
95
|
}
|
|
91
96
|
return {
|
|
92
97
|
kind: "allow",
|
|
93
98
|
redeemed: redeem.redeemed,
|
|
94
99
|
approved_by: redeem.approved_by,
|
|
95
|
-
bridgeRecorded:
|
|
100
|
+
bridgeRecorded: false,
|
|
96
101
|
ticketRecorded: redeem.ticketRecorded,
|
|
97
102
|
request_id: created.request_id,
|
|
98
103
|
};
|
|
99
104
|
}
|
|
105
|
+
const hash = argvSha256(input.argv);
|
|
106
|
+
await writePendingApprovalIndex({
|
|
107
|
+
request_id: created.request_id,
|
|
108
|
+
argv_sha256: hash,
|
|
109
|
+
argv: [...input.argv],
|
|
110
|
+
install_id: installId,
|
|
111
|
+
open_url: created.open_url,
|
|
112
|
+
expires_at: created.expires_at,
|
|
113
|
+
event_id: input.eventId,
|
|
114
|
+
tool_input_sha256: input.tool_input_sha256 ?? null,
|
|
115
|
+
kind: input.proposalKind,
|
|
116
|
+
created_at: new Date().toISOString(),
|
|
117
|
+
}, { storageRoot });
|
|
100
118
|
return {
|
|
101
119
|
kind: "require_approval",
|
|
102
120
|
request_id: created.request_id,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"mcp-flow.js","sourceRoot":"","sources":["../../src/approval/mcp-flow.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACpD,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AACnD,OAAO,EACL,qBAAqB,EACrB,kBAAkB,EAClB,iBAAiB,GAClB,MAAM,aAAa,CAAC;AACrB,OAAO,EAAE,6BAA6B,EAAE,MAAM,aAAa,CAAC;AAC5D,OAAO,EAAE,mBAAmB,EAAE,MAAM,YAAY,CAAC;AA6BjD,SAAS,aAAa;IACpB,OAAO,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,IAAI,EAAE,IAAI,4BAA4B,CAAC;AAC5E,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,qBAAqB,CAAC,
|
|
1
|
+
{"version":3,"file":"mcp-flow.js","sourceRoot":"","sources":["../../src/approval/mcp-flow.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACpD,OAAO,EAAE,uBAAuB,EAAE,MAAM,iCAAiC,CAAC;AAC1E,OAAO,EAAE,yBAAyB,EAAE,MAAM,qCAAqC,CAAC;AAChF,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AACnD,OAAO,EACL,qBAAqB,EACrB,kBAAkB,EAClB,iBAAiB,GAClB,MAAM,aAAa,CAAC;AACrB,OAAO,EAAE,6BAA6B,EAAE,MAAM,aAAa,CAAC;AAC5D,OAAO,EAAE,mBAAmB,EAAE,MAAM,YAAY,CAAC;AA6BjD,SAAS,aAAa;IACpB,OAAO,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,IAAI,EAAE,IAAI,4BAA4B,CAAC;AAC5E,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,qBAAqB,CAAC,KAc3C;IACC,MAAM,SAAS,GAAG,YAAY,EAAE,CAAC;IACjC,MAAM,WAAW,GAAG,uBAAuB,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;IAC/D,MAAM,SAAS,GAAG,KAAK,CAAC,QAAQ,EAAE,UAAU,EAAE,IAAI,EAAE,IAAI,IAAI,CAAC;IAC7D,MAAM,KAAK,GAAG,KAAK,CAAC,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,IAAI,IAAI,CAAC;IAEpD,IAAI,CAAC;QACH,IAAI,SAAS,EAAE,CAAC;YACd,IAAI,KAAK,EAAE,CAAC;gBACV,MAAM,MAAM,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAC;gBAC1C,IAAI,CAAC,MAAM,IAAI,MAAM,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;oBAC/C,OAAO,EAAE,IAAI,EAAE,qBAAqB,EAAE,OAAO,EAAE,eAAe,EAAE,CAAC;gBACnE,CAAC;YACH,CAAC;YAED,MAAM,GAAG,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,kBAAkB,CAAC,SAAS,CAAC,CAAC;YAC/D,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,GAAG,EAAE,MAAM,CAAC;YAEhD,IAAI,MAAM,KAAK,SAAS,IAAI,KAAK,CAAC,MAAM,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC7D,MAAM,iBAAiB,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;YAClE,CAAC;iBAAM,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;gBAChC,OAAO;oBACL,IAAI,EAAE,kBAAkB;oBACxB,UAAU,EAAE,SAAS;oBACrB,QAAQ,EAAE,GAAG,EAAE,QAAQ,IAAI,GAAG,aAAa,EAAE,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,kBAAkB,SAAS,EAAE;oBAC7F,UAAU,EAAE,GAAG,EAAE,UAAU,IAAI,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE;iBACnF,CAAC;YACJ,CAAC;YAED,IAAI,MAAM,KAAK,QAAQ,EAAE,CAAC;gBACxB,OAAO,EAAE,IAAI,EAAE,qBAAqB,EAAE,OAAO,EAAE,iBAAiB,EAAE,CAAC;YACrE,CAAC;YAED,MAAM,MAAM,GAAG,MAAM,6BAA6B,CAAC;gBACjD,UAAU,EAAE,SAAS;gBACrB,IAAI,EAAE,KAAK,CAAC,IAAI;gBAChB,IAAI,EAAE,KAAK,CAAC,YAAY;gBACxB,WAAW;gBACX,KAAK;gBACL,WAAW,EAAE,KAAK,CAAC,WAAW;gBAC9B,UAAU,EAAE,KAAK,CAAC,SAAS;aAC5B,CAAC,CAAC;YAEH,IAAI,CAAC,MAAM,CAAC,cAAc,EAAE,CAAC;gBAC3B,OAAO;oBACL,IAAI,EAAE,yBAAyB;oBAC/B,UAAU,EAAE,SAAS;oBACrB,OAAO,EACL,2HAA2H;iBAC9H,CAAC;YACJ,CAAC;YAED,OAAO;gBACL,IAAI,EAAE,OAAO;gBACb,QAAQ,EAAE,MAAM,CAAC,QAAQ;gBACzB,WAAW,EAAE,MAAM,CAAC,WAAW;gBAC/B,cAAc,EAAE,KAAK;gBACrB,cAAc,EAAE,MAAM,CAAC,cAAc;gBACrC,UAAU,EAAE,SAAS;aACtB,CAAC;QACJ,CAAC;QAED,MAAM,OAAO,GAAG,MAAM,qBAAqB,CAAC;YAC1C,IAAI,EAAE,KAAK,CAAC,YAAY;YACxB,IAAI,EAAE,QAAQ;YACd,IAAI,EAAE,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC;YACrB,UAAU,EAAE,SAAS;YACrB,UAAU,EAAE,KAAK,CAAC,SAAS,IAAI,IAAI;YACnC,WAAW,EAAE,KAAK,CAAC,WAAW,IAAI,IAAI;YACtC,WAAW,EAAE,KAAK,CAAC,UAAU,IAAI,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC;YACrD,QAAQ,EAAE,KAAK,CAAC,OAAO;YACvB,eAAe,EAAE,KAAK,CAAC,cAAc;YACrC,OAAO,EAAE,KAAK,CAAC,OAAO;YACtB,iBAAiB,EAAE,KAAK,CAAC,iBAAiB,IAAI,IAAI;YAClD,cAAc,EAAE,OAAO;SACxB,CAAC,CAAC;QAEH,IAAI,KAAK,CAAC,MAAM,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACrC,MAAM,iBAAiB,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,SAAS,EAAE,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;YACzE,MAAM,MAAM,GAAG,MAAM,6BAA6B,CAAC;gBACjD,UAAU,EAAE,OAAO,CAAC,UAAU;gBAC9B,IAAI,EAAE,KAAK,CAAC,IAAI;gBAChB,IAAI,EAAE,KAAK,CAAC,YAAY;gBACxB,WAAW;gBACX,WAAW,EAAE,KAAK,CAAC,WAAW;gBAC9B,UAAU,EAAE,KAAK,CAAC,SAAS;aAC5B,CAAC,CAAC;YACH,IAAI,CAAC,MAAM,CAAC,cAAc,EAAE,CAAC;gBAC3B,OAAO;oBACL,IAAI,EAAE,yBAAyB;oBAC/B,UAAU,EAAE,OAAO,CAAC,UAAU;oBAC9B,OAAO,EACL,2HAA2H;iBAC9H,CAAC;YACJ,CAAC;YAED,OAAO;gBACL,IAAI,EAAE,OAAO;gBACb,QAAQ,EAAE,MAAM,CAAC,QAAQ;gBACzB,WAAW,EAAE,MAAM,CAAC,WAAW;gBAC/B,cAAc,EAAE,KAAK;gBACrB,cAAc,EAAE,MAAM,CAAC,cAAc;gBACrC,UAAU,EAAE,OAAO,CAAC,UAAU;aAC/B,CAAC;QACJ,CAAC;QAED,MAAM,IAAI,GAAG,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QACpC,MAAM,yBAAyB,CAC7B;YACE,UAAU,EAAE,OAAO,CAAC,UAAU;YAC9B,WAAW,EAAE,IAAI;YACjB,IAAI,EAAE,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC;YACrB,UAAU,EAAE,SAAS;YACrB,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,UAAU,EAAE,OAAO,CAAC,UAAU;YAC9B,QAAQ,EAAE,KAAK,CAAC,OAAO;YACvB,iBAAiB,EAAE,KAAK,CAAC,iBAAiB,IAAI,IAAI;YAClD,IAAI,EAAE,KAAK,CAAC,YAAY;YACxB,UAAU,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACrC,EACD,EAAE,WAAW,EAAE,CAChB,CAAC;QAEF,OAAO;YACL,IAAI,EAAE,kBAAkB;YACxB,UAAU,EAAE,OAAO,CAAC,UAAU;YAC9B,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,UAAU,EAAE,OAAO,CAAC,UAAU;SAC/B,CAAC;IACJ,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,MAAM,GAAG,GAAG,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;QACvD,OAAO,EAAE,IAAI,EAAE,qBAAqB,EAAE,OAAO,EAAE,GAAG,EAAE,CAAC;IACvD,CAAC;AACH,CAAC;AAED,MAAM,UAAU,eAAe,CAAC,IAAuB;IACrD,OAAO,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;AAC9B,CAAC;AAED,OAAO,EAAE,UAAU,EAAE,CAAC"}
|
|
@@ -2,7 +2,8 @@ export type RedeemAndBridgeInput = {
|
|
|
2
2
|
request_id: string;
|
|
3
3
|
argv: string[];
|
|
4
4
|
kind: "shell" | "mcp";
|
|
5
|
-
cwd
|
|
5
|
+
/** Workspace / hook storage root (not subprocess cwd). */
|
|
6
|
+
storageRoot?: string;
|
|
6
7
|
grant?: string | null;
|
|
7
8
|
environment?: string | null;
|
|
8
9
|
session_id?: string | null;
|
|
@@ -10,12 +11,13 @@ export type RedeemAndBridgeInput = {
|
|
|
10
11
|
export type RedeemAndBridgeResult = {
|
|
11
12
|
redeemed: boolean;
|
|
12
13
|
approved_by: string | null;
|
|
14
|
+
/** @deprecated Phase 5 — bridge removed; always false. */
|
|
13
15
|
bridgeRecorded: boolean;
|
|
14
16
|
ticketRecorded: boolean;
|
|
15
17
|
execution_ticket: string | null;
|
|
16
18
|
};
|
|
17
19
|
/**
|
|
18
|
-
* After backend status is `approved`, redeem the one-shot grant and record
|
|
20
|
+
* After backend status is `approved`, redeem the one-shot grant and record execution ticket for hooks.
|
|
19
21
|
*/
|
|
20
22
|
export declare function redeemApprovalAndRecordBridge(input: RedeemAndBridgeInput): Promise<RedeemAndBridgeResult>;
|
|
21
23
|
//# sourceMappingURL=redeem.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"redeem.d.ts","sourceRoot":"","sources":["../../src/approval/redeem.ts"],"names":[],"mappings":"AAOA,MAAM,MAAM,oBAAoB,GAAG;IACjC,UAAU,EAAE,MAAM,CAAC;IACnB,IAAI,EAAE,MAAM,EAAE,CAAC;IACf,IAAI,EAAE,OAAO,GAAG,KAAK,CAAC;IACtB,
|
|
1
|
+
{"version":3,"file":"redeem.d.ts","sourceRoot":"","sources":["../../src/approval/redeem.ts"],"names":[],"mappings":"AAOA,MAAM,MAAM,oBAAoB,GAAG;IACjC,UAAU,EAAE,MAAM,CAAC;IACnB,IAAI,EAAE,MAAM,EAAE,CAAC;IACf,IAAI,EAAE,OAAO,GAAG,KAAK,CAAC;IACtB,0DAA0D;IAC1D,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACtB,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CAC5B,CAAC;AAEF,MAAM,MAAM,qBAAqB,GAAG;IAClC,QAAQ,EAAE,OAAO,CAAC;IAClB,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,0DAA0D;IAC1D,cAAc,EAAE,OAAO,CAAC;IACxB,cAAc,EAAE,OAAO,CAAC;IACxB,gBAAgB,EAAE,MAAM,GAAG,IAAI,CAAC;CACjC,CAAC;AAEF;;GAEG;AACH,wBAAsB,6BAA6B,CACjD,KAAK,EAAE,oBAAoB,GAC1B,OAAO,CAAC,qBAAqB,CAAC,CA8DhC"}
|
package/dist/approval/redeem.js
CHANGED
|
@@ -1,15 +1,16 @@
|
|
|
1
1
|
import { getInstallId } from "../cli/install-id.js";
|
|
2
|
+
import { resolveGuardStorageRoot } from "../bridge/guard-storage-root.js";
|
|
2
3
|
import { recordExecutionTicket } from "../bridge/execution-ticket.js";
|
|
3
|
-
import { recordShellApprovalBridge } from "../bridge/shell-approval-bridge.js";
|
|
4
4
|
import { argvSha256 } from "./argv-fingerprint.js";
|
|
5
5
|
import { getApprovalRequest, redeemApprovalGrant } from "./client.js";
|
|
6
6
|
import { verifyApprovalGrant } from "./grant.js";
|
|
7
7
|
/**
|
|
8
|
-
* After backend status is `approved`, redeem the one-shot grant and record
|
|
8
|
+
* After backend status is `approved`, redeem the one-shot grant and record execution ticket for hooks.
|
|
9
9
|
*/
|
|
10
10
|
export async function redeemApprovalAndRecordBridge(input) {
|
|
11
11
|
const installId = getInstallId();
|
|
12
12
|
const hash = argvSha256(input.argv);
|
|
13
|
+
const storageRoot = resolveGuardStorageRoot(input.storageRoot);
|
|
13
14
|
let grant = input.grant?.trim() || null;
|
|
14
15
|
if (grant) {
|
|
15
16
|
const claims = verifyApprovalGrant(grant);
|
|
@@ -28,19 +29,34 @@ export async function redeemApprovalAndRecordBridge(input) {
|
|
|
28
29
|
throw new Error(`approval_not_ready:${row.status}`);
|
|
29
30
|
}
|
|
30
31
|
}
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
32
|
+
let redeem;
|
|
33
|
+
try {
|
|
34
|
+
redeem = await redeemApprovalGrant({
|
|
35
|
+
request_id: input.request_id,
|
|
36
|
+
grant: grant ?? "pending",
|
|
37
|
+
install_id: installId,
|
|
38
|
+
argv: [...input.argv],
|
|
39
|
+
});
|
|
40
|
+
}
|
|
41
|
+
catch (e) {
|
|
42
|
+
const msg = e instanceof Error ? e.message : String(e);
|
|
43
|
+
if (msg.includes("already_redeemed") || msg.includes("409")) {
|
|
44
|
+
redeem = {
|
|
45
|
+
redeemed: true,
|
|
46
|
+
approved_by: null,
|
|
47
|
+
execution_ticket: null,
|
|
48
|
+
};
|
|
49
|
+
}
|
|
50
|
+
else {
|
|
51
|
+
throw e;
|
|
52
|
+
}
|
|
53
|
+
}
|
|
38
54
|
let ticketRecorded = false;
|
|
39
55
|
const executionTicket = redeem.execution_ticket;
|
|
40
56
|
if (executionTicket) {
|
|
41
57
|
try {
|
|
42
58
|
await recordExecutionTicket(executionTicket, input.argv, {
|
|
43
|
-
|
|
59
|
+
storageRoot,
|
|
44
60
|
kind: input.kind,
|
|
45
61
|
});
|
|
46
62
|
ticketRecorded = true;
|
|
@@ -49,17 +65,10 @@ export async function redeemApprovalAndRecordBridge(input) {
|
|
|
49
65
|
ticketRecorded = false;
|
|
50
66
|
}
|
|
51
67
|
}
|
|
52
|
-
try {
|
|
53
|
-
await recordShellApprovalBridge(input.argv, { cwd: input.cwd });
|
|
54
|
-
bridgeRecorded = true;
|
|
55
|
-
}
|
|
56
|
-
catch {
|
|
57
|
-
bridgeRecorded = false;
|
|
58
|
-
}
|
|
59
68
|
return {
|
|
60
69
|
redeemed: redeem.redeemed,
|
|
61
70
|
approved_by: redeem.approved_by,
|
|
62
|
-
bridgeRecorded,
|
|
71
|
+
bridgeRecorded: false,
|
|
63
72
|
ticketRecorded,
|
|
64
73
|
execution_ticket: executionTicket,
|
|
65
74
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"redeem.js","sourceRoot":"","sources":["../../src/approval/redeem.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACpD,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"redeem.js","sourceRoot":"","sources":["../../src/approval/redeem.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACpD,OAAO,EAAE,uBAAuB,EAAE,MAAM,iCAAiC,CAAC;AAC1E,OAAO,EAAE,qBAAqB,EAAE,MAAM,+BAA+B,CAAC;AACtE,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AACnD,OAAO,EAAE,kBAAkB,EAAE,mBAAmB,EAAE,MAAM,aAAa,CAAC;AACtE,OAAO,EAAE,mBAAmB,EAAE,MAAM,YAAY,CAAC;AAsBjD;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,6BAA6B,CACjD,KAA2B;IAE3B,MAAM,SAAS,GAAG,YAAY,EAAE,CAAC;IACjC,MAAM,IAAI,GAAG,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IACpC,MAAM,WAAW,GAAG,uBAAuB,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;IAC/D,IAAI,KAAK,GAAG,KAAK,CAAC,KAAK,EAAE,IAAI,EAAE,IAAI,IAAI,CAAC;IAExC,IAAI,KAAK,EAAE,CAAC;QACV,MAAM,MAAM,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAC;QAC1C,IAAI,CAAC,MAAM;YAAE,MAAM,IAAI,KAAK,CAAC,eAAe,CAAC,CAAC;QAC9C,IAAI,MAAM,CAAC,UAAU,KAAK,KAAK,CAAC,UAAU;YAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;QACnF,IAAI,MAAM,CAAC,WAAW,KAAK,IAAI;YAAE,MAAM,IAAI,KAAK,CAAC,eAAe,CAAC,CAAC;QAClE,IAAI,MAAM,CAAC,UAAU,KAAK,SAAS;YAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;IAC9E,CAAC;SAAM,CAAC;QACN,MAAM,GAAG,GAAG,MAAM,kBAAkB,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;QACvD,IAAI,GAAG,CAAC,MAAM,KAAK,UAAU,EAAE,CAAC;YAC9B,MAAM,IAAI,KAAK,CAAC,sBAAsB,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC;QACtD,CAAC;IACH,CAAC;IAED,IAAI,MAA0F,CAAC;IAC/F,IAAI,CAAC;QACH,MAAM,GAAG,MAAM,mBAAmB,CAAC;YACjC,UAAU,EAAE,KAAK,CAAC,UAAU;YAC5B,KAAK,EAAE,KAAK,IAAI,SAAS;YACzB,UAAU,EAAE,SAAS;YACrB,IAAI,EAAE,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC;SACtB,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,MAAM,GAAG,GAAG,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;QACvD,IAAI,GAAG,CAAC,QAAQ,CAAC,kBAAkB,CAAC,IAAI,GAAG,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;YAC5D,MAAM,GAAG;gBACP,QAAQ,EAAE,IAAI;gBACd,WAAW,EAAE,IAAI;gBACjB,gBAAgB,EAAE,IAAI;aACvB,CAAC;QACJ,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,CAAC;QACV,CAAC;IACH,CAAC;IAED,IAAI,cAAc,GAAG,KAAK,CAAC;IAC3B,MAAM,eAAe,GAAG,MAAM,CAAC,gBAAgB,CAAC;IAEhD,IAAI,eAAe,EAAE,CAAC;QACpB,IAAI,CAAC;YACH,MAAM,qBAAqB,CAAC,eAAe,EAAE,KAAK,CAAC,IAAI,EAAE;gBACvD,WAAW;gBACX,IAAI,EAAE,KAAK,CAAC,IAAI;aACjB,CAAC,CAAC;YACH,cAAc,GAAG,IAAI,CAAC;QACxB,CAAC;QAAC,MAAM,CAAC;YACP,cAAc,GAAG,KAAK,CAAC;QACzB,CAAC;IACH,CAAC;IAED,OAAO;QACL,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,WAAW,EAAE,MAAM,CAAC,WAAW;QAC/B,cAAc,EAAE,KAAK;QACrB,cAAc;QACd,gBAAgB,EAAE,eAAe;KAClC,CAAC;AACJ,CAAC"}
|
package/dist/approval/types.d.ts
CHANGED
|
@@ -6,6 +6,8 @@ export type ApprovalRequestRecord = {
|
|
|
6
6
|
kind?: string | null;
|
|
7
7
|
argv?: string[] | null;
|
|
8
8
|
argv_sha256?: string | null;
|
|
9
|
+
tool_input_sha256?: string | null;
|
|
10
|
+
approval_scope?: string | null;
|
|
9
11
|
raw_display?: string | null;
|
|
10
12
|
install_id?: string | null;
|
|
11
13
|
session_id?: string | null;
|
|
@@ -16,6 +18,7 @@ export type ApprovalRequestRecord = {
|
|
|
16
18
|
open_url?: string | null;
|
|
17
19
|
event_id?: string | null;
|
|
18
20
|
};
|
|
21
|
+
export type ApprovalScope = "exact";
|
|
19
22
|
export type CreateApprovalRequestInput = {
|
|
20
23
|
kind: "shell" | "mcp";
|
|
21
24
|
tier: string;
|
|
@@ -27,6 +30,8 @@ export type CreateApprovalRequestInput = {
|
|
|
27
30
|
event_id?: string;
|
|
28
31
|
policy_revision?: number | null;
|
|
29
32
|
reasons?: unknown;
|
|
33
|
+
tool_input_sha256?: string | null;
|
|
34
|
+
approval_scope?: ApprovalScope;
|
|
30
35
|
};
|
|
31
36
|
export type ApprovalGrantClaims = {
|
|
32
37
|
typ: "approval";
|
|
@@ -49,5 +54,6 @@ export type ExecutionTicketClaims = {
|
|
|
49
54
|
jti: string;
|
|
50
55
|
exp: number;
|
|
51
56
|
env: string | null;
|
|
57
|
+
tool_input_sha256?: string | null;
|
|
52
58
|
};
|
|
53
59
|
//# sourceMappingURL=types.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/approval/types.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,qBAAqB,GAAG,SAAS,GAAG,UAAU,GAAG,QAAQ,GAAG,SAAS,CAAC;AAElF,MAAM,MAAM,qBAAqB,GAAG;IAClC,UAAU,EAAE,MAAM,CAAC;IACnB,MAAM,EAAE,qBAAqB,CAAC;IAC9B,IAAI,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,IAAI,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,IAAI,CAAC,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC;IACvB,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,QAAQ,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,QAAQ,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CAC1B,CAAC;AAEF,MAAM,MAAM,0BAA0B,GAAG;IACvC,IAAI,EAAE,OAAO,GAAG,KAAK,CAAC;IACtB,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,EAAE,CAAC;IACf,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,eAAe,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAChC,OAAO,CAAC,EAAE,OAAO,CAAC;
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/approval/types.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,qBAAqB,GAAG,SAAS,GAAG,UAAU,GAAG,QAAQ,GAAG,SAAS,CAAC;AAElF,MAAM,MAAM,qBAAqB,GAAG;IAClC,UAAU,EAAE,MAAM,CAAC;IACnB,MAAM,EAAE,qBAAqB,CAAC;IAC9B,IAAI,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,IAAI,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,IAAI,CAAC,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC;IACvB,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,iBAAiB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAClC,cAAc,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC/B,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,QAAQ,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,QAAQ,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CAC1B,CAAC;AAEF,MAAM,MAAM,aAAa,GAAG,OAAO,CAAC;AAEpC,MAAM,MAAM,0BAA0B,GAAG;IACvC,IAAI,EAAE,OAAO,GAAG,KAAK,CAAC;IACtB,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,EAAE,CAAC;IACf,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,eAAe,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAChC,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,iBAAiB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAClC,cAAc,CAAC,EAAE,aAAa,CAAC;CAChC,CAAC;AAEF,MAAM,MAAM,mBAAmB,GAAG;IAChC,GAAG,EAAE,UAAU,CAAC;IAChB,GAAG,EAAE,MAAM,CAAC;IACZ,WAAW,EAAE,MAAM,CAAC;IACpB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,GAAG,EAAE,MAAM,GAAG,IAAI,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;CACb,CAAC;AAEF,gGAAgG;AAChG,MAAM,MAAM,qBAAqB,GAAG;IAClC,GAAG,EAAE,WAAW,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,WAAW,EAAE,MAAM,CAAC;IACpB,UAAU,EAAE,MAAM,CAAC;IACnB,IAAI,EAAE,OAAO,GAAG,KAAK,CAAC;IACtB,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,GAAG,IAAI,CAAC;IACnB,iBAAiB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CACnC,CAAC"}
|
|
@@ -1,17 +1,18 @@
|
|
|
1
1
|
export declare const EXECUTION_TICKET_ENV = "PRAXIS_GUARD_EXECUTION_TICKET";
|
|
2
|
-
export declare function executionTicketDir(
|
|
2
|
+
export declare function executionTicketDir(storageRoot?: string): string;
|
|
3
3
|
/**
|
|
4
4
|
* After redeem, persist a signed execution ticket for hook verification (dual-write with bridge).
|
|
5
5
|
*/
|
|
6
6
|
export declare function recordExecutionTicket(ticket: string, argv: readonly string[], opts?: {
|
|
7
|
-
|
|
7
|
+
storageRoot?: string;
|
|
8
8
|
kind?: "shell" | "mcp";
|
|
9
9
|
}): Promise<void>;
|
|
10
10
|
/**
|
|
11
11
|
* Verify a signed execution ticket locally and consume it once (env var or ticket files).
|
|
12
12
|
*/
|
|
13
13
|
export declare function tryConsumeExecutionTicket(argv: readonly string[], opts?: {
|
|
14
|
-
|
|
14
|
+
storageRoot?: string;
|
|
15
15
|
kind?: "shell" | "mcp";
|
|
16
|
+
tool_input_sha256?: string | null;
|
|
16
17
|
}): Promise<boolean>;
|
|
17
18
|
//# sourceMappingURL=execution-ticket.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"execution-ticket.d.ts","sourceRoot":"","sources":["../../src/bridge/execution-ticket.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"execution-ticket.d.ts","sourceRoot":"","sources":["../../src/bridge/execution-ticket.ts"],"names":[],"mappings":"AASA,eAAO,MAAM,oBAAoB,kCAAkC,CAAC;AAEpE,wBAAgB,kBAAkB,CAAC,WAAW,CAAC,EAAE,MAAM,GAAG,MAAM,CAE/D;AAOD;;GAEG;AACH,wBAAsB,qBAAqB,CACzC,MAAM,EAAE,MAAM,EACd,IAAI,EAAE,SAAS,MAAM,EAAE,EACvB,IAAI,CAAC,EAAE;IAAE,WAAW,CAAC,EAAE,MAAM,CAAC;IAAC,IAAI,CAAC,EAAE,OAAO,GAAG,KAAK,CAAA;CAAE,GACtD,OAAO,CAAC,IAAI,CAAC,CAiBf;AAED;;GAEG;AACH,wBAAsB,yBAAyB,CAC7C,IAAI,EAAE,SAAS,MAAM,EAAE,EACvB,IAAI,CAAC,EAAE;IACL,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,IAAI,CAAC,EAAE,OAAO,GAAG,KAAK,CAAC;IACvB,iBAAiB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CACnC,GACA,OAAO,CAAC,OAAO,CAAC,CAoDlB"}
|
|
@@ -3,10 +3,11 @@ import { mkdir, readdir, readFile, unlink, writeFile } from "node:fs/promises";
|
|
|
3
3
|
import path from "node:path";
|
|
4
4
|
import { getInstallId } from "../cli/install-id.js";
|
|
5
5
|
import { verifyExecutionTicket } from "../approval/grant.js";
|
|
6
|
+
import { resolveGuardStorageRoot } from "./guard-storage-root.js";
|
|
6
7
|
import { shellArgvApprovalId } from "./shell-approval-bridge.js";
|
|
7
8
|
export const EXECUTION_TICKET_ENV = "PRAXIS_GUARD_EXECUTION_TICKET";
|
|
8
|
-
export function executionTicketDir(
|
|
9
|
-
return path.
|
|
9
|
+
export function executionTicketDir(storageRoot) {
|
|
10
|
+
return path.join(resolveGuardStorageRoot(storageRoot), ".cursor/guard/tickets");
|
|
10
11
|
}
|
|
11
12
|
function argvDeepEqual(stored, requested) {
|
|
12
13
|
if (!Array.isArray(stored) || stored.length !== requested.length)
|
|
@@ -18,7 +19,7 @@ function argvDeepEqual(stored, requested) {
|
|
|
18
19
|
*/
|
|
19
20
|
export async function recordExecutionTicket(ticket, argv, opts) {
|
|
20
21
|
const id = shellArgvApprovalId(argv);
|
|
21
|
-
const dir = executionTicketDir(opts?.
|
|
22
|
+
const dir = executionTicketDir(opts?.storageRoot);
|
|
22
23
|
await mkdir(dir, { recursive: true });
|
|
23
24
|
const claims = verifyExecutionTicket(ticket);
|
|
24
25
|
const expMs = claims ? claims.exp * 1000 : Date.now() + 10 * 60 * 1000;
|
|
@@ -35,11 +36,11 @@ export async function recordExecutionTicket(ticket, argv, opts) {
|
|
|
35
36
|
*/
|
|
36
37
|
export async function tryConsumeExecutionTicket(argv, opts) {
|
|
37
38
|
const fromEnv = process.env[EXECUTION_TICKET_ENV]?.trim();
|
|
38
|
-
if (fromEnv && tryConsumeTicketToken(fromEnv, argv, opts
|
|
39
|
+
if (fromEnv && tryConsumeTicketToken(fromEnv, argv, opts)) {
|
|
39
40
|
return true;
|
|
40
41
|
}
|
|
41
42
|
const id = shellArgvApprovalId(argv);
|
|
42
|
-
const dir = executionTicketDir(opts?.
|
|
43
|
+
const dir = executionTicketDir(opts?.storageRoot);
|
|
43
44
|
let names = [];
|
|
44
45
|
try {
|
|
45
46
|
names = await readdir(dir);
|
|
@@ -62,7 +63,11 @@ export async function tryConsumeExecutionTicket(argv, opts) {
|
|
|
62
63
|
if (!argvDeepEqual(row.argv, argv))
|
|
63
64
|
continue;
|
|
64
65
|
const ticket = typeof row.ticket === "string" ? row.ticket : "";
|
|
65
|
-
if (!ticket ||
|
|
66
|
+
if (!ticket ||
|
|
67
|
+
!tryConsumeTicketToken(ticket, argv, {
|
|
68
|
+
kind: opts?.kind ?? row.kind,
|
|
69
|
+
tool_input_sha256: opts?.tool_input_sha256,
|
|
70
|
+
})) {
|
|
66
71
|
continue;
|
|
67
72
|
}
|
|
68
73
|
if (row.kind && opts?.kind && row.kind !== opts.kind)
|
|
@@ -76,7 +81,7 @@ export async function tryConsumeExecutionTicket(argv, opts) {
|
|
|
76
81
|
}
|
|
77
82
|
return false;
|
|
78
83
|
}
|
|
79
|
-
function tryConsumeTicketToken(ticket, argv,
|
|
84
|
+
function tryConsumeTicketToken(ticket, argv, opts) {
|
|
80
85
|
const claims = verifyExecutionTicket(ticket);
|
|
81
86
|
if (!claims)
|
|
82
87
|
return false;
|
|
@@ -84,7 +89,13 @@ function tryConsumeTicketToken(ticket, argv, kind) {
|
|
|
84
89
|
return false;
|
|
85
90
|
if (claims.install_id !== getInstallId())
|
|
86
91
|
return false;
|
|
87
|
-
if (kind && claims.kind !== kind)
|
|
92
|
+
if (opts?.kind && claims.kind !== opts.kind)
|
|
93
|
+
return false;
|
|
94
|
+
const expectedToolHash = opts?.tool_input_sha256?.trim() || null;
|
|
95
|
+
const claimToolHash = typeof claims.tool_input_sha256 === "string" ? claims.tool_input_sha256.trim() : null;
|
|
96
|
+
if (claimToolHash && expectedToolHash && claimToolHash !== expectedToolHash)
|
|
97
|
+
return false;
|
|
98
|
+
if (claimToolHash && !expectedToolHash)
|
|
88
99
|
return false;
|
|
89
100
|
return true;
|
|
90
101
|
}
|