@praxis.guard/auditor-cli 0.0.19 → 0.0.21
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/approval/fingerprint.d.ts +5 -0
- package/dist/approval/fingerprint.d.ts.map +1 -0
- package/dist/approval/fingerprint.js +44 -0
- package/dist/approval/fingerprint.js.map +1 -0
- package/dist/approval/grant.d.ts.map +1 -1
- package/dist/approval/grant.js +5 -0
- package/dist/approval/grant.js.map +1 -1
- package/dist/approval/hook-inline-approval.d.ts +23 -0
- package/dist/approval/hook-inline-approval.d.ts.map +1 -0
- package/dist/approval/hook-inline-approval.js +61 -0
- package/dist/approval/hook-inline-approval.js.map +1 -0
- package/dist/approval/mcp-flow.d.ts +3 -1
- package/dist/approval/mcp-flow.d.ts.map +1 -1
- package/dist/approval/mcp-flow.js +26 -8
- package/dist/approval/mcp-flow.js.map +1 -1
- package/dist/approval/redeem.d.ts +4 -2
- package/dist/approval/redeem.d.ts.map +1 -1
- package/dist/approval/redeem.js +27 -18
- package/dist/approval/redeem.js.map +1 -1
- package/dist/approval/types.d.ts +6 -0
- package/dist/approval/types.d.ts.map +1 -1
- package/dist/bridge/execution-ticket.d.ts +4 -3
- package/dist/bridge/execution-ticket.d.ts.map +1 -1
- package/dist/bridge/execution-ticket.js +57 -15
- package/dist/bridge/execution-ticket.js.map +1 -1
- package/dist/bridge/guard-storage-root.d.ts +6 -0
- package/dist/bridge/guard-storage-root.d.ts.map +1 -0
- package/dist/bridge/guard-storage-root.js +24 -0
- package/dist/bridge/guard-storage-root.js.map +1 -0
- package/dist/bridge/pending-approval-index.d.ts +19 -0
- package/dist/bridge/pending-approval-index.d.ts.map +1 -0
- package/dist/bridge/pending-approval-index.js +29 -0
- package/dist/bridge/pending-approval-index.js.map +1 -0
- package/dist/cli/approvals.d.ts.map +1 -1
- package/dist/cli/approvals.js +17 -9
- package/dist/cli/approvals.js.map +1 -1
- package/dist/cli/main.d.ts.map +1 -1
- package/dist/cli/main.js +4 -1
- package/dist/cli/main.js.map +1 -1
- package/dist/hooks/agent-message.d.ts +5 -1
- package/dist/hooks/agent-message.d.ts.map +1 -1
- package/dist/hooks/agent-message.js +13 -7
- package/dist/hooks/agent-message.js.map +1 -1
- package/dist/hooks/run-before-mcp.d.ts.map +1 -1
- package/dist/hooks/run-before-mcp.js +42 -18
- package/dist/hooks/run-before-mcp.js.map +1 -1
- package/dist/hooks/run-before-shell.d.ts.map +1 -1
- package/dist/hooks/run-before-shell.js +33 -13
- package/dist/hooks/run-before-shell.js.map +1 -1
- package/dist/mcp/server.d.ts.map +1 -1
- package/dist/mcp/server.js +39 -22
- package/dist/mcp/server.js.map +1 -1
- package/package.json +1 -1
|
@@ -3,22 +3,43 @@ import { mkdir, readdir, readFile, unlink, writeFile } from "node:fs/promises";
|
|
|
3
3
|
import path from "node:path";
|
|
4
4
|
import { getInstallId } from "../cli/install-id.js";
|
|
5
5
|
import { verifyExecutionTicket } from "../approval/grant.js";
|
|
6
|
+
import { resolveGuardStorageRoot } from "./guard-storage-root.js";
|
|
6
7
|
import { shellArgvApprovalId } from "./shell-approval-bridge.js";
|
|
7
8
|
export const EXECUTION_TICKET_ENV = "PRAXIS_GUARD_EXECUTION_TICKET";
|
|
8
|
-
export function executionTicketDir(
|
|
9
|
-
return path.
|
|
9
|
+
export function executionTicketDir(storageRoot) {
|
|
10
|
+
return path.join(resolveGuardStorageRoot(storageRoot), ".cursor/guard/tickets");
|
|
10
11
|
}
|
|
11
12
|
function argvDeepEqual(stored, requested) {
|
|
12
13
|
if (!Array.isArray(stored) || stored.length !== requested.length)
|
|
13
14
|
return false;
|
|
14
15
|
return stored.every((v, i) => typeof v === "string" && v === requested[i]);
|
|
15
16
|
}
|
|
17
|
+
function isEquivalentMcpInvocation(approved, requested) {
|
|
18
|
+
if (approved.length < 3 || requested.length < 3)
|
|
19
|
+
return false;
|
|
20
|
+
if (approved[0] !== "mcp" || requested[0] !== "mcp")
|
|
21
|
+
return false;
|
|
22
|
+
if (approved[2] !== requested[2])
|
|
23
|
+
return false;
|
|
24
|
+
if (approved[1] === requested[1])
|
|
25
|
+
return true;
|
|
26
|
+
return approved[1] === "stdio" || requested[1] === "stdio";
|
|
27
|
+
}
|
|
28
|
+
function argvMatchesApproval(approved, requested, kind) {
|
|
29
|
+
if (!approved)
|
|
30
|
+
return false;
|
|
31
|
+
if (argvDeepEqual(approved, requested))
|
|
32
|
+
return true;
|
|
33
|
+
if (kind === "mcp")
|
|
34
|
+
return isEquivalentMcpInvocation(approved, requested);
|
|
35
|
+
return false;
|
|
36
|
+
}
|
|
16
37
|
/**
|
|
17
38
|
* After redeem, persist a signed execution ticket for hook verification (dual-write with bridge).
|
|
18
39
|
*/
|
|
19
40
|
export async function recordExecutionTicket(ticket, argv, opts) {
|
|
20
41
|
const id = shellArgvApprovalId(argv);
|
|
21
|
-
const dir = executionTicketDir(opts?.
|
|
42
|
+
const dir = executionTicketDir(opts?.storageRoot);
|
|
22
43
|
await mkdir(dir, { recursive: true });
|
|
23
44
|
const claims = verifyExecutionTicket(ticket);
|
|
24
45
|
const expMs = claims ? claims.exp * 1000 : Date.now() + 10 * 60 * 1000;
|
|
@@ -35,11 +56,10 @@ export async function recordExecutionTicket(ticket, argv, opts) {
|
|
|
35
56
|
*/
|
|
36
57
|
export async function tryConsumeExecutionTicket(argv, opts) {
|
|
37
58
|
const fromEnv = process.env[EXECUTION_TICKET_ENV]?.trim();
|
|
38
|
-
if (fromEnv && tryConsumeTicketToken(fromEnv, argv, opts
|
|
59
|
+
if (fromEnv && tryConsumeTicketToken(fromEnv, argv, opts)) {
|
|
39
60
|
return true;
|
|
40
61
|
}
|
|
41
|
-
const
|
|
42
|
-
const dir = executionTicketDir(opts?.cwd);
|
|
62
|
+
const dir = executionTicketDir(opts?.storageRoot);
|
|
43
63
|
let names = [];
|
|
44
64
|
try {
|
|
45
65
|
names = await readdir(dir);
|
|
@@ -48,8 +68,9 @@ export async function tryConsumeExecutionTicket(argv, opts) {
|
|
|
48
68
|
return false;
|
|
49
69
|
}
|
|
50
70
|
const now = Date.now();
|
|
51
|
-
const
|
|
52
|
-
|
|
71
|
+
const candidates = opts?.kind === "mcp"
|
|
72
|
+
? names.filter((n) => n.endsWith(".json"))
|
|
73
|
+
: names.filter((n) => n.startsWith(`${shellArgvApprovalId(argv)}_`) && n.endsWith(".json"));
|
|
53
74
|
for (const name of candidates) {
|
|
54
75
|
const file = path.join(dir, name);
|
|
55
76
|
try {
|
|
@@ -59,10 +80,16 @@ export async function tryConsumeExecutionTicket(argv, opts) {
|
|
|
59
80
|
await unlink(file).catch(() => { });
|
|
60
81
|
continue;
|
|
61
82
|
}
|
|
62
|
-
if (!
|
|
83
|
+
if (!argvMatchesApproval(row.argv, argv, opts?.kind ?? row.kind)) {
|
|
63
84
|
continue;
|
|
85
|
+
}
|
|
64
86
|
const ticket = typeof row.ticket === "string" ? row.ticket : "";
|
|
65
|
-
if (!ticket ||
|
|
87
|
+
if (!ticket ||
|
|
88
|
+
!tryConsumeTicketToken(ticket, argv, {
|
|
89
|
+
kind: opts?.kind ?? row.kind,
|
|
90
|
+
tool_input_sha256: opts?.tool_input_sha256,
|
|
91
|
+
approved_argv: row.argv,
|
|
92
|
+
})) {
|
|
66
93
|
continue;
|
|
67
94
|
}
|
|
68
95
|
if (row.kind && opts?.kind && row.kind !== opts.kind)
|
|
@@ -76,15 +103,30 @@ export async function tryConsumeExecutionTicket(argv, opts) {
|
|
|
76
103
|
}
|
|
77
104
|
return false;
|
|
78
105
|
}
|
|
79
|
-
function tryConsumeTicketToken(ticket, argv,
|
|
106
|
+
function tryConsumeTicketToken(ticket, argv, opts) {
|
|
80
107
|
const claims = verifyExecutionTicket(ticket);
|
|
81
|
-
if (!claims)
|
|
82
|
-
return
|
|
83
|
-
|
|
108
|
+
if (!claims) {
|
|
109
|
+
return argvMatchesApproval(opts?.approved_argv, argv, opts?.kind);
|
|
110
|
+
}
|
|
111
|
+
const approvedArgv = opts?.approved_argv;
|
|
112
|
+
if (approvedArgv) {
|
|
113
|
+
if (claims.argv_sha256 !== shellArgvApprovalId(approvedArgv))
|
|
114
|
+
return false;
|
|
115
|
+
if (!argvMatchesApproval(approvedArgv, argv, opts?.kind ?? claims.kind))
|
|
116
|
+
return false;
|
|
117
|
+
}
|
|
118
|
+
else if (claims.argv_sha256 !== shellArgvApprovalId(argv)) {
|
|
84
119
|
return false;
|
|
120
|
+
}
|
|
85
121
|
if (claims.install_id !== getInstallId())
|
|
86
122
|
return false;
|
|
87
|
-
if (kind && claims.kind !== kind)
|
|
123
|
+
if (opts?.kind && claims.kind !== opts.kind)
|
|
124
|
+
return false;
|
|
125
|
+
const expectedToolHash = opts?.tool_input_sha256?.trim() || null;
|
|
126
|
+
const claimToolHash = typeof claims.tool_input_sha256 === "string" ? claims.tool_input_sha256.trim() : null;
|
|
127
|
+
if (claimToolHash && expectedToolHash && claimToolHash !== expectedToolHash)
|
|
128
|
+
return false;
|
|
129
|
+
if (claimToolHash && !expectedToolHash)
|
|
88
130
|
return false;
|
|
89
131
|
return true;
|
|
90
132
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"execution-ticket.js","sourceRoot":"","sources":["../../src/bridge/execution-ticket.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAC/E,OAAO,IAAI,MAAM,WAAW,CAAC;AAE7B,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACpD,OAAO,EAAE,qBAAqB,EAAE,MAAM,sBAAsB,CAAC;AAC7D,OAAO,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAC;AAEjE,MAAM,CAAC,MAAM,oBAAoB,GAAG,+BAA+B,CAAC;AAEpE,MAAM,UAAU,kBAAkB,CAAC,
|
|
1
|
+
{"version":3,"file":"execution-ticket.js","sourceRoot":"","sources":["../../src/bridge/execution-ticket.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAC/E,OAAO,IAAI,MAAM,WAAW,CAAC;AAE7B,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACpD,OAAO,EAAE,qBAAqB,EAAE,MAAM,sBAAsB,CAAC;AAC7D,OAAO,EAAE,uBAAuB,EAAE,MAAM,yBAAyB,CAAC;AAClE,OAAO,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAC;AAEjE,MAAM,CAAC,MAAM,oBAAoB,GAAG,+BAA+B,CAAC;AAEpE,MAAM,UAAU,kBAAkB,CAAC,WAAoB;IACrD,OAAO,IAAI,CAAC,IAAI,CAAC,uBAAuB,CAAC,WAAW,CAAC,EAAE,uBAAuB,CAAC,CAAC;AAClF,CAAC;AAED,SAAS,aAAa,CAAC,MAAe,EAAE,SAA4B;IAClE,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,MAAM,CAAC,MAAM,KAAK,SAAS,CAAC,MAAM;QAAE,OAAO,KAAK,CAAC;IAC/E,OAAO,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,IAAI,CAAC,KAAK,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;AAC7E,CAAC;AAED,SAAS,yBAAyB,CAChC,QAA2B,EAC3B,SAA4B;IAE5B,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,IAAI,SAAS,CAAC,MAAM,GAAG,CAAC;QAAE,OAAO,KAAK,CAAC;IAC9D,IAAI,QAAQ,CAAC,CAAC,CAAC,KAAK,KAAK,IAAI,SAAS,CAAC,CAAC,CAAC,KAAK,KAAK;QAAE,OAAO,KAAK,CAAC;IAClE,IAAI,QAAQ,CAAC,CAAC,CAAC,KAAK,SAAS,CAAC,CAAC,CAAC;QAAE,OAAO,KAAK,CAAC;IAC/C,IAAI,QAAQ,CAAC,CAAC,CAAC,KAAK,SAAS,CAAC,CAAC,CAAC;QAAE,OAAO,IAAI,CAAC;IAC9C,OAAO,QAAQ,CAAC,CAAC,CAAC,KAAK,OAAO,IAAI,SAAS,CAAC,CAAC,CAAC,KAAK,OAAO,CAAC;AAC7D,CAAC;AAED,SAAS,mBAAmB,CAC1B,QAAuC,EACvC,SAA4B,EAC5B,IAAsB;IAEtB,IAAI,CAAC,QAAQ;QAAE,OAAO,KAAK,CAAC;IAC5B,IAAI,aAAa,CAAC,QAAQ,EAAE,SAAS,CAAC;QAAE,OAAO,IAAI,CAAC;IACpD,IAAI,IAAI,KAAK,KAAK;QAAE,OAAO,yBAAyB,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;IAC1E,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,qBAAqB,CACzC,MAAc,EACd,IAAuB,EACvB,IAAuD;IAEvD,MAAM,EAAE,GAAG,mBAAmB,CAAC,IAAI,CAAC,CAAC;IACrC,MAAM,GAAG,GAAG,kBAAkB,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC;IAClD,MAAM,KAAK,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IACtC,MAAM,MAAM,GAAG,qBAAqB,CAAC,MAAM,CAAC,CAAC;IAC7C,MAAM,KAAK,GAAG,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;IACvE,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,UAAU,EAAE,OAAO,CAAC,CAAC;IAC1D,MAAM,SAAS,CACb,IAAI,EACJ,IAAI,CAAC,SAAS,CAAC;QACb,GAAG,EAAE,KAAK;QACV,IAAI,EAAE,CAAC,GAAG,IAAI,CAAC;QACf,MAAM;QACN,IAAI,EAAE,IAAI,EAAE,IAAI,IAAI,MAAM,EAAE,IAAI,IAAI,OAAO;KAC5C,CAAC,EACF,MAAM,CACP,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,yBAAyB,CAC7C,IAAuB,EACvB,IAIC;IAED,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,IAAI,EAAE,CAAC;IAC1D,IAAI,OAAO,IAAI,qBAAqB,CAAC,OAAO,EAAE,IAAI,EAAE,IAAI,CAAC,EAAE,CAAC;QAC1D,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,GAAG,GAAG,kBAAkB,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC;IAClD,IAAI,KAAK,GAAa,EAAE,CAAC;IACzB,IAAI,CAAC;QACH,KAAK,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,CAAC;IAC7B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACvB,MAAM,UAAU,GACd,IAAI,EAAE,IAAI,KAAK,KAAK;QAClB,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QAC1C,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,mBAAmB,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC;IAEhG,KAAK,MAAM,IAAI,IAAI,UAAU,EAAE,CAAC;QAC9B,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QAClC,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;YACzC,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAKzB,CAAC;YACF,IAAI,OAAO,GAAG,CAAC,GAAG,KAAK,QAAQ,IAAI,GAAG,CAAC,GAAG,GAAG,GAAG,EAAE,CAAC;gBACjD,MAAM,MAAM,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;gBACnC,SAAS;YACX,CAAC;YACD,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,IAAK,GAAG,CAAC,IAAwB,CAAC,EAAE,CAAC;gBACtF,SAAS;YACX,CAAC;YACD,MAAM,MAAM,GAAG,OAAO,GAAG,CAAC,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC;YAChE,IACE,CAAC,MAAM;gBACP,CAAC,qBAAqB,CAAC,MAAM,EAAE,IAAI,EAAE;oBACnC,IAAI,EAAE,IAAI,EAAE,IAAI,IAAK,GAAG,CAAC,IAAwB;oBACjD,iBAAiB,EAAE,IAAI,EAAE,iBAAiB;oBAC1C,aAAa,EAAE,GAAG,CAAC,IAAI;iBACxB,CAAC,EACF,CAAC;gBACD,SAAS;YACX,CAAC;YACD,IAAI,GAAG,CAAC,IAAI,IAAI,IAAI,EAAE,IAAI,IAAI,GAAG,CAAC,IAAI,KAAK,IAAI,CAAC,IAAI;gBAAE,SAAS;YAC/D,MAAM,MAAM,CAAC,IAAI,CAAC,CAAC;YACnB,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,MAAM,CAAC;YACP,SAAS;QACX,CAAC;IACH,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,qBAAqB,CAC5B,MAAc,EACd,IAAuB,EACvB,IAIC;IAED,MAAM,MAAM,GAAG,qBAAqB,CAAC,MAAM,CAAC,CAAC;IAC7C,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,mBAAmB,CAAC,IAAI,EAAE,aAAa,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;IACpE,CAAC;IACD,MAAM,YAAY,GAAG,IAAI,EAAE,aAAa,CAAC;IACzC,IAAI,YAAY,EAAE,CAAC;QACjB,IAAI,MAAM,CAAC,WAAW,KAAK,mBAAmB,CAAC,YAAY,CAAC;YAAE,OAAO,KAAK,CAAC;QAC3E,IAAI,CAAC,mBAAmB,CAAC,YAAY,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,IAAI,MAAM,CAAC,IAAI,CAAC;YAAE,OAAO,KAAK,CAAC;IACxF,CAAC;SAAM,IAAI,MAAM,CAAC,WAAW,KAAK,mBAAmB,CAAC,IAAI,CAAC,EAAE,CAAC;QAC5D,OAAO,KAAK,CAAC;IACf,CAAC;IACD,IAAI,MAAM,CAAC,UAAU,KAAK,YAAY,EAAE;QAAE,OAAO,KAAK,CAAC;IACvD,IAAI,IAAI,EAAE,IAAI,IAAI,MAAM,CAAC,IAAI,KAAK,IAAI,CAAC,IAAI;QAAE,OAAO,KAAK,CAAC;IAC1D,MAAM,gBAAgB,GAAG,IAAI,EAAE,iBAAiB,EAAE,IAAI,EAAE,IAAI,IAAI,CAAC;IACjE,MAAM,aAAa,GACjB,OAAO,MAAM,CAAC,iBAAiB,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,iBAAiB,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;IACxF,IAAI,aAAa,IAAI,gBAAgB,IAAI,aAAa,KAAK,gBAAgB;QAAE,OAAO,KAAK,CAAC;IAC1F,IAAI,aAAa,IAAI,CAAC,gBAAgB;QAAE,OAAO,KAAK,CAAC;IACrD,OAAO,IAAI,CAAC;AACd,CAAC"}
|
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Resolve where `.cursor/guard/*` credentials live. Hooks and MCP redeem must use the same root
|
|
3
|
+
* (workspace), not the subprocess cwd (e.g. `packages/auditor-cli`).
|
|
4
|
+
*/
|
|
5
|
+
export declare function resolveGuardStorageRoot(preferredCwd?: string): string;
|
|
6
|
+
//# sourceMappingURL=guard-storage-root.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"guard-storage-root.d.ts","sourceRoot":"","sources":["../../src/bridge/guard-storage-root.ts"],"names":[],"mappings":"AAGA;;;GAGG;AACH,wBAAgB,uBAAuB,CAAC,YAAY,CAAC,EAAE,MAAM,GAAG,MAAM,CAerE"}
|
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
import { existsSync } from "node:fs";
|
|
2
|
+
import path from "node:path";
|
|
3
|
+
/**
|
|
4
|
+
* Resolve where `.cursor/guard/*` credentials live. Hooks and MCP redeem must use the same root
|
|
5
|
+
* (workspace), not the subprocess cwd (e.g. `packages/auditor-cli`).
|
|
6
|
+
*/
|
|
7
|
+
export function resolveGuardStorageRoot(preferredCwd) {
|
|
8
|
+
const override = process.env.PRAXIS_GUARD_STORAGE_ROOT?.trim();
|
|
9
|
+
if (override)
|
|
10
|
+
return path.resolve(override);
|
|
11
|
+
let dir = preferredCwd?.trim() ? path.resolve(preferredCwd.trim()) : process.cwd();
|
|
12
|
+
const fsRoot = path.parse(dir).root;
|
|
13
|
+
while (true) {
|
|
14
|
+
if (existsSync(path.join(dir, ".cursor", "hooks.json")))
|
|
15
|
+
return dir;
|
|
16
|
+
if (existsSync(path.join(dir, ".git")))
|
|
17
|
+
return dir;
|
|
18
|
+
if (dir === fsRoot)
|
|
19
|
+
break;
|
|
20
|
+
dir = path.dirname(dir);
|
|
21
|
+
}
|
|
22
|
+
return preferredCwd?.trim() ? path.resolve(preferredCwd.trim()) : process.cwd();
|
|
23
|
+
}
|
|
24
|
+
//# sourceMappingURL=guard-storage-root.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"guard-storage-root.js","sourceRoot":"","sources":["../../src/bridge/guard-storage-root.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AACrC,OAAO,IAAI,MAAM,WAAW,CAAC;AAE7B;;;GAGG;AACH,MAAM,UAAU,uBAAuB,CAAC,YAAqB;IAC3D,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,yBAAyB,EAAE,IAAI,EAAE,CAAC;IAC/D,IAAI,QAAQ;QAAE,OAAO,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IAE5C,IAAI,GAAG,GAAG,YAAY,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;IACnF,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;IAEpC,OAAO,IAAI,EAAE,CAAC;QACZ,IAAI,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,SAAS,EAAE,YAAY,CAAC,CAAC;YAAE,OAAO,GAAG,CAAC;QACpE,IAAI,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;YAAE,OAAO,GAAG,CAAC;QACnD,IAAI,GAAG,KAAK,MAAM;YAAE,MAAM;QAC1B,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IAC1B,CAAC;IAED,OAAO,YAAY,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;AAClF,CAAC"}
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
export type PendingApprovalIndexEntry = {
|
|
2
|
+
request_id: string;
|
|
3
|
+
argv_sha256: string;
|
|
4
|
+
argv: string[];
|
|
5
|
+
install_id: string;
|
|
6
|
+
open_url: string;
|
|
7
|
+
expires_at: string;
|
|
8
|
+
event_id?: string | null;
|
|
9
|
+
tool_input_sha256?: string | null;
|
|
10
|
+
kind?: "shell" | "mcp";
|
|
11
|
+
created_at: string;
|
|
12
|
+
};
|
|
13
|
+
export declare function writePendingApprovalIndex(entry: PendingApprovalIndexEntry, opts?: {
|
|
14
|
+
storageRoot?: string;
|
|
15
|
+
}): Promise<void>;
|
|
16
|
+
export declare function readPendingApprovalIndex(argvSha256: string, opts?: {
|
|
17
|
+
storageRoot?: string;
|
|
18
|
+
}): Promise<PendingApprovalIndexEntry | null>;
|
|
19
|
+
//# sourceMappingURL=pending-approval-index.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"pending-approval-index.d.ts","sourceRoot":"","sources":["../../src/bridge/pending-approval-index.ts"],"names":[],"mappings":"AAKA,MAAM,MAAM,yBAAyB,GAAG;IACtC,UAAU,EAAE,MAAM,CAAC;IACnB,WAAW,EAAE,MAAM,CAAC;IACpB,IAAI,EAAE,MAAM,EAAE,CAAC;IACf,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,iBAAiB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAClC,IAAI,CAAC,EAAE,OAAO,GAAG,KAAK,CAAC;IACvB,UAAU,EAAE,MAAM,CAAC;CACpB,CAAC;AAMF,wBAAsB,yBAAyB,CAC7C,KAAK,EAAE,yBAAyB,EAChC,IAAI,CAAC,EAAE;IAAE,WAAW,CAAC,EAAE,MAAM,CAAA;CAAE,GAC9B,OAAO,CAAC,IAAI,CAAC,CAOf;AAED,wBAAsB,wBAAwB,CAC5C,UAAU,EAAE,MAAM,EAClB,IAAI,CAAC,EAAE;IAAE,WAAW,CAAC,EAAE,MAAM,CAAA;CAAE,GAC9B,OAAO,CAAC,yBAAyB,GAAG,IAAI,CAAC,CAY3C"}
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
import { mkdir, readFile, writeFile } from "node:fs/promises";
|
|
2
|
+
import path from "node:path";
|
|
3
|
+
import { resolveGuardStorageRoot } from "./guard-storage-root.js";
|
|
4
|
+
function indexPath(storageRoot, argvSha256) {
|
|
5
|
+
return path.join(storageRoot, ".cursor/guard/pending", `${argvSha256}.json`);
|
|
6
|
+
}
|
|
7
|
+
export async function writePendingApprovalIndex(entry, opts) {
|
|
8
|
+
const root = resolveGuardStorageRoot(opts?.storageRoot);
|
|
9
|
+
const dir = path.join(root, ".cursor/guard/pending");
|
|
10
|
+
await mkdir(dir, { recursive: true });
|
|
11
|
+
await writeFile(path.join(dir, `${entry.argv_sha256}.json`), `${JSON.stringify(entry, null, 2)}\n`, {
|
|
12
|
+
mode: 0o600,
|
|
13
|
+
});
|
|
14
|
+
}
|
|
15
|
+
export async function readPendingApprovalIndex(argvSha256, opts) {
|
|
16
|
+
const root = resolveGuardStorageRoot(opts?.storageRoot);
|
|
17
|
+
try {
|
|
18
|
+
const raw = await readFile(indexPath(root, argvSha256), "utf8");
|
|
19
|
+
const parsed = JSON.parse(raw);
|
|
20
|
+
if (typeof parsed.expires_at === "string" && Date.parse(parsed.expires_at) < Date.now()) {
|
|
21
|
+
return null;
|
|
22
|
+
}
|
|
23
|
+
return parsed;
|
|
24
|
+
}
|
|
25
|
+
catch {
|
|
26
|
+
return null;
|
|
27
|
+
}
|
|
28
|
+
}
|
|
29
|
+
//# sourceMappingURL=pending-approval-index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"pending-approval-index.js","sourceRoot":"","sources":["../../src/bridge/pending-approval-index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAC9D,OAAO,IAAI,MAAM,WAAW,CAAC;AAE7B,OAAO,EAAE,uBAAuB,EAAE,MAAM,yBAAyB,CAAC;AAelE,SAAS,SAAS,CAAC,WAAmB,EAAE,UAAkB;IACxD,OAAO,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,uBAAuB,EAAE,GAAG,UAAU,OAAO,CAAC,CAAC;AAC/E,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,yBAAyB,CAC7C,KAAgC,EAChC,IAA+B;IAE/B,MAAM,IAAI,GAAG,uBAAuB,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC;IACxD,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,uBAAuB,CAAC,CAAC;IACrD,MAAM,KAAK,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IACtC,MAAM,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC,WAAW,OAAO,CAAC,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE;QAClG,IAAI,EAAE,KAAK;KACZ,CAAC,CAAC;AACL,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,wBAAwB,CAC5C,UAAkB,EAClB,IAA+B;IAE/B,MAAM,IAAI,GAAG,uBAAuB,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC;IACxD,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,QAAQ,CAAC,SAAS,CAAC,IAAI,EAAE,UAAU,CAAC,EAAE,MAAM,CAAC,CAAC;QAChE,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAA8B,CAAC;QAC5D,IAAI,OAAO,MAAM,CAAC,UAAU,KAAK,QAAQ,IAAI,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;YACxF,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"approvals.d.ts","sourceRoot":"","sources":["../../src/cli/approvals.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"approvals.d.ts","sourceRoot":"","sources":["../../src/cli/approvals.ts"],"names":[],"mappings":"AAWA,wBAAsB,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAuFhE"}
|
package/dist/cli/approvals.js
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import process from "node:process";
|
|
2
|
+
import { resolveGuardStorageRoot } from "../bridge/guard-storage-root.js";
|
|
2
3
|
import { getApprovalRequest, issueApprovalDecision, listApprovalRequests, } from "../approval/client.js";
|
|
3
4
|
import { pollUntilApproved } from "../approval/client.js";
|
|
4
5
|
import { redeemApprovalAndRecordBridge } from "../approval/redeem.js";
|
|
@@ -54,23 +55,30 @@ export async function runApprovals(argv) {
|
|
|
54
55
|
if (sub === "watch") {
|
|
55
56
|
const id = rest[0];
|
|
56
57
|
if (!id)
|
|
57
|
-
throw new Error("Usage: auditor approvals watch <request_id> [--
|
|
58
|
-
let
|
|
58
|
+
throw new Error("Usage: auditor approvals watch <request_id> [--storage-root path]");
|
|
59
|
+
let storageRoot;
|
|
59
60
|
for (let i = 1; i < rest.length; i++) {
|
|
60
|
-
if (rest[i] === "--
|
|
61
|
-
|
|
61
|
+
if (rest[i] === "--storage-root" && rest[i + 1]) {
|
|
62
|
+
storageRoot = rest[i + 1];
|
|
62
63
|
break;
|
|
63
64
|
}
|
|
65
|
+
if (rest[i] === "--argv-json" && rest[i + 1]) {
|
|
66
|
+
process.stderr.write("Note: --argv-json is deprecated; argv/kind are loaded from the approval record.\n");
|
|
67
|
+
}
|
|
64
68
|
}
|
|
65
|
-
const
|
|
66
|
-
|
|
69
|
+
const row = await getApprovalRequest(id);
|
|
70
|
+
const hookArgv = Array.isArray(row.argv) && row.argv.length > 0 ? row.argv : ["mcp", "stdio", "_"];
|
|
71
|
+
const kind = row.kind === "mcp" ? "mcp" : "shell";
|
|
72
|
+
const root = resolveGuardStorageRoot(storageRoot);
|
|
73
|
+
process.stdout.write(`Watching ${id} until approved (storage: ${root})…\n`);
|
|
67
74
|
await pollUntilApproved(id, { timeoutMs: 30 * 60 * 1000 });
|
|
68
75
|
const redeem = await redeemApprovalAndRecordBridge({
|
|
69
76
|
request_id: id,
|
|
70
|
-
argv,
|
|
71
|
-
kind
|
|
77
|
+
argv: hookArgv,
|
|
78
|
+
kind,
|
|
79
|
+
storageRoot: root,
|
|
72
80
|
});
|
|
73
|
-
process.stdout.write(`Redeemed (
|
|
81
|
+
process.stdout.write(`Redeemed (ticket=${redeem.ticketRecorded ? "yes" : "no"}). Retry the blocked command once.\n`);
|
|
74
82
|
return;
|
|
75
83
|
}
|
|
76
84
|
throw new Error(`Unknown approvals command: ${sub ?? "(missing)"}. Try list, open, approve, deny, watch.`);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"approvals.js","sourceRoot":"","sources":["../../src/cli/approvals.ts"],"names":[],"mappings":"AAAA,OAAO,OAAO,MAAM,cAAc,CAAC;AAEnC,OAAO,EACL,kBAAkB,EAClB,qBAAqB,EACrB,oBAAoB,GACrB,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAC1D,OAAO,EAAE,6BAA6B,EAAE,MAAM,uBAAuB,CAAC;AAEtE,MAAM,CAAC,KAAK,UAAU,YAAY,CAAC,IAAc;IAC/C,MAAM,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;IACpB,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAE3B,IAAI,GAAG,KAAK,MAAM,EAAE,CAAC;QACnB,MAAM,MAAM,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;QACzE,MAAM,IAAI,GAAG,MAAM,oBAAoB,CAAC,MAAM,CAAC,CAAC;QAChD,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACtB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,MAAM,uBAAuB,CAAC,CAAC;YAC1D,OAAO;QACT,CAAC;QACD,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;YACvB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,GAAG,CAAC,UAAU,KAAK,GAAG,CAAC,MAAM,KAAK,GAAG,CAAC,WAAW,IAAI,EAAE,IAAI,CAAC,CAAC;YACrF,IAAI,GAAG,CAAC,QAAQ;gBAAE,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,GAAG,CAAC,QAAQ,IAAI,CAAC,CAAC;QAChE,CAAC;QACD,OAAO;IACT,CAAC;IAED,IAAI,GAAG,KAAK,MAAM,EAAE,CAAC;QACnB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;QACnB,IAAI,CAAC,EAAE;YAAE,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;QACvE,MAAM,GAAG,GAAG,MAAM,kBAAkB,CAAC,EAAE,CAAC,CAAC;QACzC,MAAM,GAAG,GAAG,GAAG,CAAC,QAAQ,IAAI,EAAE,CAAC;QAC/B,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC;QACjC,OAAO;IACT,CAAC;IAED,IAAI,GAAG,KAAK,SAAS,EAAE,CAAC;QACtB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;QACnB,IAAI,CAAC,EAAE;YAAE,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;QAC1E,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,kBAAkB,KAAK,GAAG,CAAC;QACnD,IAAI,CAAC,GAAG,EAAE,CAAC;YACT,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,qFAAqF;gBACnF,6CAA6C,CAChD,CAAC;QACJ,CAAC;QACD,MAAM,MAAM,GAAG,MAAM,qBAAqB,CAAC,EAAE,EAAE,UAAU,CAAC,CAAC;QAC3D,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,YAAY,EAAE,YAAY,MAAM,CAAC,MAAM,MAAM,CAAC,CAAC;QACpE,IAAI,MAAM,CAAC,KAAK;YAAE,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAC;QAC1D,OAAO;IACT,CAAC;IAED,IAAI,GAAG,KAAK,MAAM,EAAE,CAAC;QACnB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;QACnB,IAAI,CAAC,EAAE;YAAE,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;QACvE,MAAM,qBAAqB,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAC;QAC1C,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,UAAU,EAAE,KAAK,CAAC,CAAC;QACxC,OAAO;IACT,CAAC;IAED,IAAI,GAAG,KAAK,OAAO,EAAE,CAAC;QACpB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;QACnB,IAAI,CAAC,EAAE;YAAE,MAAM,IAAI,KAAK,CAAC,
|
|
1
|
+
{"version":3,"file":"approvals.js","sourceRoot":"","sources":["../../src/cli/approvals.ts"],"names":[],"mappings":"AAAA,OAAO,OAAO,MAAM,cAAc,CAAC;AAEnC,OAAO,EAAE,uBAAuB,EAAE,MAAM,iCAAiC,CAAC;AAC1E,OAAO,EACL,kBAAkB,EAClB,qBAAqB,EACrB,oBAAoB,GACrB,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAC1D,OAAO,EAAE,6BAA6B,EAAE,MAAM,uBAAuB,CAAC;AAEtE,MAAM,CAAC,KAAK,UAAU,YAAY,CAAC,IAAc;IAC/C,MAAM,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;IACpB,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAE3B,IAAI,GAAG,KAAK,MAAM,EAAE,CAAC;QACnB,MAAM,MAAM,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;QACzE,MAAM,IAAI,GAAG,MAAM,oBAAoB,CAAC,MAAM,CAAC,CAAC;QAChD,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACtB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,MAAM,uBAAuB,CAAC,CAAC;YAC1D,OAAO;QACT,CAAC;QACD,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;YACvB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,GAAG,CAAC,UAAU,KAAK,GAAG,CAAC,MAAM,KAAK,GAAG,CAAC,WAAW,IAAI,EAAE,IAAI,CAAC,CAAC;YACrF,IAAI,GAAG,CAAC,QAAQ;gBAAE,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,GAAG,CAAC,QAAQ,IAAI,CAAC,CAAC;QAChE,CAAC;QACD,OAAO;IACT,CAAC;IAED,IAAI,GAAG,KAAK,MAAM,EAAE,CAAC;QACnB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;QACnB,IAAI,CAAC,EAAE;YAAE,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;QACvE,MAAM,GAAG,GAAG,MAAM,kBAAkB,CAAC,EAAE,CAAC,CAAC;QACzC,MAAM,GAAG,GAAG,GAAG,CAAC,QAAQ,IAAI,EAAE,CAAC;QAC/B,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC;QACjC,OAAO;IACT,CAAC;IAED,IAAI,GAAG,KAAK,SAAS,EAAE,CAAC;QACtB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;QACnB,IAAI,CAAC,EAAE;YAAE,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;QAC1E,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,kBAAkB,KAAK,GAAG,CAAC;QACnD,IAAI,CAAC,GAAG,EAAE,CAAC;YACT,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,qFAAqF;gBACnF,6CAA6C,CAChD,CAAC;QACJ,CAAC;QACD,MAAM,MAAM,GAAG,MAAM,qBAAqB,CAAC,EAAE,EAAE,UAAU,CAAC,CAAC;QAC3D,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,YAAY,EAAE,YAAY,MAAM,CAAC,MAAM,MAAM,CAAC,CAAC;QACpE,IAAI,MAAM,CAAC,KAAK;YAAE,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAC;QAC1D,OAAO;IACT,CAAC;IAED,IAAI,GAAG,KAAK,MAAM,EAAE,CAAC;QACnB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;QACnB,IAAI,CAAC,EAAE;YAAE,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;QACvE,MAAM,qBAAqB,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAC;QAC1C,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,UAAU,EAAE,KAAK,CAAC,CAAC;QACxC,OAAO;IACT,CAAC;IAED,IAAI,GAAG,KAAK,OAAO,EAAE,CAAC;QACpB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;QACnB,IAAI,CAAC,EAAE;YAAE,MAAM,IAAI,KAAK,CAAC,mEAAmE,CAAC,CAAC;QAC9F,IAAI,WAA+B,CAAC;QACpC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACrC,IAAI,IAAI,CAAC,CAAC,CAAC,KAAK,gBAAgB,IAAI,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;gBAChD,WAAW,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;gBAC1B,MAAM;YACR,CAAC;YACD,IAAI,IAAI,CAAC,CAAC,CAAC,KAAK,aAAa,IAAI,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;gBAC7C,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,mFAAmF,CACpF,CAAC;YACJ,CAAC;QACH,CAAC;QAED,MAAM,GAAG,GAAG,MAAM,kBAAkB,CAAC,EAAE,CAAC,CAAC;QACzC,MAAM,QAAQ,GAAG,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE,OAAO,EAAE,GAAG,CAAC,CAAC;QACnG,MAAM,IAAI,GAAG,GAAG,CAAC,IAAI,KAAK,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC;QAClD,MAAM,IAAI,GAAG,uBAAuB,CAAC,WAAW,CAAC,CAAC;QAElD,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,YAAY,EAAE,6BAA6B,IAAI,MAAM,CAAC,CAAC;QAC5E,MAAM,iBAAiB,CAAC,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,GAAG,EAAE,GAAG,IAAI,EAAE,CAAC,CAAC;QAC3D,MAAM,MAAM,GAAG,MAAM,6BAA6B,CAAC;YACjD,UAAU,EAAE,EAAE;YACd,IAAI,EAAE,QAAQ;YACd,IAAI;YACJ,WAAW,EAAE,IAAI;SAClB,CAAC,CAAC;QACH,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,oBAAoB,MAAM,CAAC,cAAc,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,sCAAsC,CAC/F,CAAC;QACF,OAAO;IACT,CAAC;IAED,MAAM,IAAI,KAAK,CAAC,8BAA8B,GAAG,IAAI,WAAW,yCAAyC,CAAC,CAAC;AAC7G,CAAC"}
|
package/dist/cli/main.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"main.d.ts","sourceRoot":"","sources":["../../src/cli/main.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"main.d.ts","sourceRoot":"","sources":["../../src/cli/main.ts"],"names":[],"mappings":"AA+DA,wBAAsB,MAAM,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAoJ1D"}
|
package/dist/cli/main.js
CHANGED
|
@@ -21,7 +21,7 @@ Usage:
|
|
|
21
21
|
auditor approvals open <id> Print approval URL for a request
|
|
22
22
|
auditor approvals approve <id> Dev-only: approve request (GUARD_APPROVAL_DEV=1)
|
|
23
23
|
auditor approvals deny <id> Deny an approval request (human auth or dev)
|
|
24
|
-
auditor approvals watch <id> Poll until approved and write
|
|
24
|
+
auditor approvals watch <id> Poll until approved and write execution ticket
|
|
25
25
|
auditor hook before-shell Cursor beforeShellExecution (stdin JSON → stdout JSON)
|
|
26
26
|
auditor hook before-mcp Cursor beforeMCPExecution (stdin JSON → stdout JSON)
|
|
27
27
|
auditor doctor Show policy path, sync revision, auth status
|
|
@@ -53,6 +53,9 @@ Env (all optional):
|
|
|
53
53
|
PRAXIS_APP_URL Web app URL for login (default: https://praxis-app-33b40.web.app).
|
|
54
54
|
PRAXIS_POLICIES_V1_PATH Override path for policies.v1.json (default: ~/.praxis/policies.v1.json).
|
|
55
55
|
PRAXIS_POLICIES_META_PATH Override path for policies.v1.meta.json (default beside policy file).
|
|
56
|
+
PRAXIS_GUARD_STORAGE_ROOT Workspace root for .cursor/guard tickets/pending (auto-detected from cwd).
|
|
57
|
+
PRAXIS_HOOK_INLINE_APPROVAL Set to 0 to disable hook-inline approval request on MUTATE deny (default: on).
|
|
58
|
+
PRAXIS_HOOK_INLINE_APPROVAL_TIMEOUT_MS Max ms for inline approval HTTP from hooks (default: 1200).
|
|
56
59
|
`);
|
|
57
60
|
}
|
|
58
61
|
export async function runCli(argv) {
|
package/dist/cli/main.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"main.js","sourceRoot":"","sources":["../../src/cli/main.ts"],"names":[],"mappings":"AAAA,OAAO,OAAO,MAAM,cAAc,CAAC;AAEnC,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AACxC,OAAO,EAAE,2BAA2B,EAAE,MAAM,8BAA8B,CAAC;AAC3E,OAAO,EAAE,yBAAyB,EAAE,MAAM,4BAA4B,CAAC;AACvE,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAE1C,SAAS,SAAS;IAChB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC
|
|
1
|
+
{"version":3,"file":"main.js","sourceRoot":"","sources":["../../src/cli/main.ts"],"names":[],"mappings":"AAAA,OAAO,OAAO,MAAM,cAAc,CAAC;AAEnC,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AACxC,OAAO,EAAE,2BAA2B,EAAE,MAAM,8BAA8B,CAAC;AAC3E,OAAO,EAAE,yBAAyB,EAAE,MAAM,4BAA4B,CAAC;AACvE,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAE1C,SAAS,SAAS;IAChB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAoDtB,CAAC,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,MAAM,CAAC,IAAc;IACzC,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;IACnB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;IAEnB,IAAI,CAAC,EAAE,IAAI,EAAE,KAAK,MAAM,IAAI,EAAE,KAAK,IAAI,IAAI,EAAE,KAAK,QAAQ,EAAE,CAAC;QAC3D,SAAS,EAAE,CAAC;QACZ,OAAO;IACT,CAAC;IAED,IAAI,EAAE,KAAK,OAAO,IAAI,EAAE,KAAK,QAAQ,EAAE,CAAC;QACtC,MAAM,EAAE,cAAc,EAAE,GAAG,MAAM,MAAM,CAAC,mBAAmB,CAAC,CAAC;QAC7D,IAAI,CAAC;YACH,MAAM,cAAc,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;QACtC,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,MAAM,GAAG,GAAG,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;YACvD,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC;YACjC,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACvB,CAAC;QACD,OAAO;IACT,CAAC;IAED,IAAI,EAAE,KAAK,OAAO,EAAE,CAAC;QACnB,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,MAAM,CAAC,YAAY,CAAC,CAAC;QAChD,IAAI,CAAC;YACH,MAAM,QAAQ,EAAE,CAAC;QACnB,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,MAAM,GAAG,GAAG,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;YACvD,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC;YACjC,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACvB,CAAC;QACD,OAAO;IACT,CAAC;IAED,IAAI,EAAE,KAAK,OAAO,EAAE,CAAC;QACnB,MAAM,GAAG,GAAG,EAAE,CAAC;QACf,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QAC3B,IAAI,CAAC;YACH,IAAI,GAAG,KAAK,KAAK,EAAE,CAAC;gBAClB,MAAM,EAAE,WAAW,EAAE,GAAG,MAAM,MAAM,CAAC,gBAAgB,CAAC,CAAC;gBACvD,MAAM,WAAW,CAAC,IAAI,CAAC,CAAC;gBACxB,OAAO;YACT,CAAC;YACD,IAAI,GAAG,KAAK,MAAM,EAAE,CAAC;gBACnB,MAAM,EAAE,YAAY,EAAE,GAAG,MAAM,MAAM,CAAC,iBAAiB,CAAC,CAAC;gBACzD,MAAM,YAAY,CAAC,IAAI,CAAC,CAAC;gBACzB,OAAO;YACT,CAAC;YACD,IAAI,GAAG,KAAK,KAAK,EAAE,CAAC;gBAClB,MAAM,EAAE,WAAW,EAAE,GAAG,MAAM,MAAM,CAAC,gBAAgB,CAAC,CAAC;gBACvD,MAAM,WAAW,CAAC,IAAI,CAAC,CAAC;gBACxB,OAAO;YACT,CAAC;YACD,IAAI,GAAG,KAAK,OAAO,EAAE,CAAC;gBACpB,MAAM,EAAE,aAAa,EAAE,GAAG,MAAM,MAAM,CAAC,kBAAkB,CAAC,CAAC;gBAC3D,MAAM,aAAa,CAAC,IAAI,CAAC,CAAC;gBAC1B,OAAO;YACT,CAAC;YACD,IAAI,GAAG,KAAK,QAAQ,EAAE,CAAC;gBACrB,MAAM,EAAE,cAAc,EAAE,GAAG,MAAM,MAAM,CAAC,mBAAmB,CAAC,CAAC;gBAC7D,MAAM,cAAc,CAAC,IAAI,CAAC,CAAC;gBAC3B,OAAO;YACT,CAAC;YACD,MAAM,IAAI,KAAK,CAAC,0BAA0B,GAAG,IAAI,WAAW,EAAE,CAAC,CAAC;QAClE,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,MAAM,GAAG,GAAG,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;YACvD,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC;YACjC,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;YACrB,OAAO;QACT,CAAC;IACH,CAAC;IAED,IAAI,EAAE,KAAK,QAAQ,EAAE,CAAC;QACpB,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,MAAM,CAAC,aAAa,CAAC,CAAC;QAClD,IAAI,CAAC;YACH,MAAM,SAAS,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;QACjC,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,MAAM,GAAG,GAAG,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;YACvD,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC;YACjC,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACvB,CAAC;QACD,OAAO;IACT,CAAC;IAED,IAAI,EAAE,KAAK,QAAQ,EAAE,CAAC;QACpB,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,MAAM,CAAC,aAAa,CAAC,CAAC;QAClD,IAAI,CAAC;YACH,MAAM,SAAS,EAAE,CAAC;QACpB,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,MAAM,GAAG,GAAG,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;YACvD,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC;YACjC,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACvB,CAAC;QACD,OAAO;IACT,CAAC;IAED,IAAI,EAAE,KAAK,SAAS,IAAI,EAAE,KAAK,WAAW,IAAI,EAAE,KAAK,IAAI,EAAE,CAAC;QAC1D,UAAU,EAAE,CAAC;QACb,OAAO;IACT,CAAC;IAED,IAAI,EAAE,KAAK,QAAQ,EAAE,CAAC;QACpB,MAAM,SAAS,EAAE,CAAC;QAClB,OAAO;IACT,CAAC;IAED,IAAI,EAAE,KAAK,UAAU,IAAI,EAAE,KAAK,MAAM,EAAE,CAAC;QACvC,MAAM,EAAE,eAAe,EAAE,GAAG,MAAM,MAAM,CAAC,oBAAoB,CAAC,CAAC;QAC/D,IAAI,CAAC;YACH,MAAM,eAAe,EAAE,CAAC;QAC1B,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,MAAM,GAAG,GAAG,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;YACvD,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC;YACjC,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACvB,CAAC;QACD,OAAO;IACT,CAAC;IAED,IAAI,EAAE,KAAK,KAAK,EAAE,CAAC;QACjB,MAAM,EAAE,iBAAiB,EAAE,GAAG,MAAM,MAAM,CAAC,kBAAkB,CAAC,CAAC;QAC/D,MAAM,iBAAiB,EAAE,CAAC;QAC1B,OAAO;IACT,CAAC;IAED,IAAI,EAAE,KAAK,MAAM,IAAI,EAAE,KAAK,cAAc,EAAE,CAAC;QAC3C,MAAM,2BAA2B,EAAE,CAAC;QACpC,OAAO;IACT,CAAC;IAED,IAAI,EAAE,KAAK,MAAM,IAAI,EAAE,KAAK,YAAY,EAAE,CAAC;QACzC,MAAM,yBAAyB,EAAE,CAAC;QAClC,OAAO;IACT,CAAC;IAED,IAAI,EAAE,KAAK,WAAW,EAAE,CAAC;QACvB,MAAM,EAAE,YAAY,EAAE,GAAG,MAAM,MAAM,CAAC,gBAAgB,CAAC,CAAC;QACxD,IAAI,CAAC;YACH,MAAM,YAAY,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;QACpC,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,MAAM,GAAG,GAAG,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;YACvD,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC;YACjC,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACvB,CAAC;QACD,OAAO;IACT,CAAC;IAED,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,oBAAoB,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IAC/D,SAAS,EAAE,CAAC;IACZ,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;AACvB,CAAC"}
|
|
@@ -6,6 +6,11 @@ export type FormatHookDenyMessagesInput = {
|
|
|
6
6
|
argv: readonly string[];
|
|
7
7
|
reasons: readonly string[];
|
|
8
8
|
toolName?: string | null;
|
|
9
|
+
/** When hook-inline approval created a request on deny. */
|
|
10
|
+
inlineApproval?: {
|
|
11
|
+
request_id: string;
|
|
12
|
+
open_url: string;
|
|
13
|
+
} | null;
|
|
9
14
|
};
|
|
10
15
|
export type HookDenyMessages = {
|
|
11
16
|
user_message: string;
|
|
@@ -14,6 +19,5 @@ export type HookDenyMessages = {
|
|
|
14
19
|
export declare function formatHookDenyMessages(input: FormatHookDenyMessagesInput): HookDenyMessages;
|
|
15
20
|
export declare function formatHookAllowViaCredentialMessage(opts: {
|
|
16
21
|
ticketConsumed: boolean;
|
|
17
|
-
bridgeConsumed: boolean;
|
|
18
22
|
}): string | undefined;
|
|
19
23
|
//# sourceMappingURL=agent-message.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"agent-message.d.ts","sourceRoot":"","sources":["../../src/hooks/agent-message.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,oBAAoB,CAAC;AAE/C,MAAM,MAAM,QAAQ,GAAG,sBAAsB,GAAG,oBAAoB,CAAC;AAErE,MAAM,MAAM,2BAA2B,GAAG;IACxC,IAAI,EAAE,QAAQ,CAAC;IACf,IAAI,EAAE,IAAI,CAAC;IACX,IAAI,EAAE,SAAS,MAAM,EAAE,CAAC;IACxB,OAAO,EAAE,SAAS,MAAM,EAAE,CAAC;IAC3B,QAAQ,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;
|
|
1
|
+
{"version":3,"file":"agent-message.d.ts","sourceRoot":"","sources":["../../src/hooks/agent-message.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,oBAAoB,CAAC;AAE/C,MAAM,MAAM,QAAQ,GAAG,sBAAsB,GAAG,oBAAoB,CAAC;AAErE,MAAM,MAAM,2BAA2B,GAAG;IACxC,IAAI,EAAE,QAAQ,CAAC;IACf,IAAI,EAAE,IAAI,CAAC;IACX,IAAI,EAAE,SAAS,MAAM,EAAE,CAAC;IACxB,OAAO,EAAE,SAAS,MAAM,EAAE,CAAC;IAC3B,QAAQ,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,2DAA2D;IAC3D,cAAc,CAAC,EAAE;QACf,UAAU,EAAE,MAAM,CAAC;QACnB,QAAQ,EAAE,MAAM,CAAC;KAClB,GAAG,IAAI,CAAC;CACV,CAAC;AAEF,MAAM,MAAM,gBAAgB,GAAG;IAC7B,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC;CACvB,CAAC;AAMF,wBAAgB,sBAAsB,CAAC,KAAK,EAAE,2BAA2B,GAAG,gBAAgB,CAkD3F;AAED,wBAAgB,mCAAmC,CAAC,IAAI,EAAE;IACxD,cAAc,EAAE,OAAO,CAAC;CACzB,GAAG,MAAM,GAAG,SAAS,CAKrB"}
|
|
@@ -20,14 +20,23 @@ export function formatHookDenyMessages(input) {
|
|
|
20
20
|
}
|
|
21
21
|
if (input.tier === "MUTATE") {
|
|
22
22
|
const proposalKind = input.hook === "beforeMCPExecution" ? "mcp" : "shell";
|
|
23
|
+
const inline = input.inlineApproval;
|
|
24
|
+
const inlineUser = inline
|
|
25
|
+
? ` Approval request ${inline.request_id} is pending — open ${inline.open_url}`
|
|
26
|
+
: "";
|
|
27
|
+
const inlineAgent = inline
|
|
28
|
+
? ` Pending approval request_id=${inline.request_id} open_url=${inline.open_url}. ` +
|
|
29
|
+
`Prefer a single MCP \`guard_wait\` with this request_id, \`context.wait_ms\` (e.g. 120000), and the same proposal; then retry once. `
|
|
30
|
+
: "";
|
|
23
31
|
return {
|
|
24
|
-
user_message: `${blockedLabel}.
|
|
32
|
+
user_message: `${blockedLabel}. Human approval required.${inlineUser}`,
|
|
25
33
|
agent_message: `Blocked by guard (MUTATE). reasons=${reasons}. argv=${argvJson}. ` +
|
|
26
34
|
`Do not suggest running the same command in the user's terminal, an external shell, or via another tool to circumvent this block. ` +
|
|
27
|
-
|
|
35
|
+
inlineAgent +
|
|
36
|
+
`Next: MCP \`guard_wait\` (preferred) or \`guard\` with \`mode: "enforce"\` and \`proposal\` matching this block ` +
|
|
28
37
|
`(\`kind\`: "${proposalKind}", same \`argv\`, \`cwd\` / \`raw_command\` as applicable). ` +
|
|
29
|
-
`On \`require_approval\`, send the human to \`approval.open_url\` or Praxis Approvals
|
|
30
|
-
`After approval,
|
|
38
|
+
`On \`require_approval\`, send the human to \`approval.open_url\` or Praxis Approvals. ` +
|
|
39
|
+
`After approval, retry this exact invocation once (hook consumes execution ticket).`,
|
|
31
40
|
};
|
|
32
41
|
}
|
|
33
42
|
return {
|
|
@@ -40,9 +49,6 @@ export function formatHookAllowViaCredentialMessage(opts) {
|
|
|
40
49
|
if (opts.ticketConsumed) {
|
|
41
50
|
return "Allowed via signed execution ticket (approval redeemed for this argv; one-shot consumed).";
|
|
42
51
|
}
|
|
43
|
-
if (opts.bridgeConsumed) {
|
|
44
|
-
return "Allowed via shell approval bridge (MCP guard token redeemed for this argv; one-shot consumed).";
|
|
45
|
-
}
|
|
46
52
|
return undefined;
|
|
47
53
|
}
|
|
48
54
|
//# sourceMappingURL=agent-message.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"agent-message.js","sourceRoot":"","sources":["../../src/hooks/agent-message.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"agent-message.js","sourceRoot":"","sources":["../../src/hooks/agent-message.ts"],"names":[],"mappings":"AAsBA,SAAS,cAAc,CAAC,OAA0B;IAChD,OAAO,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC;AAC3D,CAAC;AAED,MAAM,UAAU,sBAAsB,CAAC,KAAkC;IACvE,MAAM,OAAO,GAAG,cAAc,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IAC9C,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;IACjD,MAAM,YAAY,GAChB,KAAK,CAAC,IAAI,KAAK,oBAAoB;QACjC,CAAC,CAAC,KAAK,CAAC,QAAQ;YACd,CAAC,CAAC,0BAA0B,KAAK,CAAC,IAAI,MAAM,KAAK,CAAC,QAAQ,EAAE;YAC5D,CAAC,CAAC,0BAA0B,KAAK,CAAC,IAAI,GAAG;QAC3C,CAAC,CAAC,0BAA0B,KAAK,CAAC,IAAI,GAAG,CAAC;IAE9C,IAAI,KAAK,CAAC,IAAI,KAAK,aAAa,EAAE,CAAC;QACjC,OAAO;YACL,YAAY,EAAE,GAAG,YAAY,qDAAqD;YAClF,aAAa,EACX,qGAAqG;gBACrG,8EAA8E;gBAC9E,8HAA8H;gBAC9H,WAAW,OAAO,UAAU,QAAQ,EAAE;SACzC,CAAC;IACJ,CAAC;IAED,IAAI,KAAK,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;QAC5B,MAAM,YAAY,GAAG,KAAK,CAAC,IAAI,KAAK,oBAAoB,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC;QAC3E,MAAM,MAAM,GAAG,KAAK,CAAC,cAAc,CAAC;QACpC,MAAM,UAAU,GAAG,MAAM;YACvB,CAAC,CAAC,qBAAqB,MAAM,CAAC,UAAU,sBAAsB,MAAM,CAAC,QAAQ,EAAE;YAC/E,CAAC,CAAC,EAAE,CAAC;QACP,MAAM,WAAW,GAAG,MAAM;YACxB,CAAC,CAAC,gCAAgC,MAAM,CAAC,UAAU,aAAa,MAAM,CAAC,QAAQ,IAAI;gBACjF,sIAAsI;YACxI,CAAC,CAAC,EAAE,CAAC;QACP,OAAO;YACL,YAAY,EAAE,GAAG,YAAY,6BAA6B,UAAU,EAAE;YACtE,aAAa,EACX,sCAAsC,OAAO,UAAU,QAAQ,IAAI;gBACnE,mIAAmI;gBACnI,WAAW;gBACX,kHAAkH;gBAClH,eAAe,YAAY,8DAA8D;gBACzF,wFAAwF;gBACxF,oFAAoF;SACvF,CAAC;IACJ,CAAC;IAED,OAAO;QACL,YAAY,EAAE,GAAG,YAAY,GAAG;QAChC,aAAa,EACX,0BAA0B,KAAK,CAAC,IAAI,cAAc,OAAO,UAAU,QAAQ,IAAI;YAC/E,8EAA8E;KACjF,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,mCAAmC,CAAC,IAEnD;IACC,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;QACxB,OAAO,2FAA2F,CAAC;IACrG,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"run-before-mcp.d.ts","sourceRoot":"","sources":["../../src/hooks/run-before-mcp.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"run-before-mcp.d.ts","sourceRoot":"","sources":["../../src/hooks/run-before-mcp.ts"],"names":[],"mappings":"AAkBA,gFAAgF;AAChF,MAAM,MAAM,yBAAyB,GAAG;IACtC,SAAS,CAAC,EAAE,OAAO,CAAC;IACpB,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,GAAG,CAAC,EAAE,OAAO,CAAC;IACd,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB,CAAC;AAEF,MAAM,MAAM,0BAA0B,GAAG;IACvC,UAAU,EAAE,OAAO,GAAG,MAAM,GAAG,KAAK,CAAC;IACrC,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB,CAAC;AAiBF;;;GAGG;AACH,wBAAgB,gBAAgB,CAAC,GAAG,EAAE,MAAM,GAAG;IAAE,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;IAAC,IAAI,EAAE,MAAM,CAAA;CAAE,CAa1F;AAED;;;GAGG;AACH,wBAAgB,sBAAsB,CAAC,OAAO,EAAE,yBAAyB,GAAG,MAAM,EAAE,CAkBnF;AA0BD;;GAEG;AACH,wBAAsB,yBAAyB,IAAI,OAAO,CAAC,IAAI,CAAC,CAyL/D;AAED,wBAAgB,oCAAoC,CAAC,GAAG,EAAE,OAAO,GAAG,0BAA0B,CAM7F"}
|
|
@@ -2,9 +2,14 @@ import { loadPoliciesV1, readPoliciesV1Revision } from "../policy/index.js";
|
|
|
2
2
|
import { appendAuditJsonl } from "../audit/jsonl.js";
|
|
3
3
|
import { getInstallId } from "../cli/install-id.js";
|
|
4
4
|
import { evaluateMcpProposal } from "../shell/evaluate.js";
|
|
5
|
+
import { resolveGuardStorageRoot } from "../bridge/guard-storage-root.js";
|
|
5
6
|
import { tryConsumeExecutionTicket } from "../bridge/execution-ticket.js";
|
|
6
|
-
import {
|
|
7
|
+
import { tryHookInlineApprovalRequest } from "../approval/hook-inline-approval.js";
|
|
8
|
+
import { readPendingApprovalIndex } from "../bridge/pending-approval-index.js";
|
|
9
|
+
import { argvSha256 } from "../approval/argv-fingerprint.js";
|
|
10
|
+
import { toolInputSha256 } from "../approval/fingerprint.js";
|
|
7
11
|
import { formatHookAllowViaCredentialMessage, formatHookDenyMessages, } from "./agent-message.js";
|
|
12
|
+
import { randomUUID } from "node:crypto";
|
|
8
13
|
import { sendGuardEvent } from "../telemetry/guard-events.js";
|
|
9
14
|
function tierToPermission(tier) {
|
|
10
15
|
if (tier === "READ")
|
|
@@ -114,7 +119,9 @@ export async function runBeforeMcpHookFromStdin() {
|
|
|
114
119
|
const { skipped, evaluation } = evaluateMcpProposal(policy, argv);
|
|
115
120
|
const { classification, flags, tier } = evaluation;
|
|
116
121
|
const reasons = evaluation.reasons.map((r) => r.message);
|
|
117
|
-
const
|
|
122
|
+
const storageRoot = resolveGuardStorageRoot();
|
|
123
|
+
const auditLogRoot = storageRoot;
|
|
124
|
+
const toolInputHash = toolInputSha256(payload.tool_input);
|
|
118
125
|
if (skipped) {
|
|
119
126
|
const latency_ms = performance.now() - decisionStarted;
|
|
120
127
|
const toolInputStr = stringifyToolInput(payload.tool_input);
|
|
@@ -130,7 +137,7 @@ export async function runBeforeMcpHookFromStdin() {
|
|
|
130
137
|
skip_reason: "mcp_policy_unmatched",
|
|
131
138
|
tier,
|
|
132
139
|
permission: "allow",
|
|
133
|
-
|
|
140
|
+
ticketConsumed: false,
|
|
134
141
|
reasons,
|
|
135
142
|
latency_ms,
|
|
136
143
|
}, auditLogRoot);
|
|
@@ -155,29 +162,48 @@ export async function runBeforeMcpHookFromStdin() {
|
|
|
155
162
|
...(policyRevision !== null ? { policy_revision: policyRevision } : {}),
|
|
156
163
|
meta: {
|
|
157
164
|
hook: "beforeMCPExecution",
|
|
158
|
-
|
|
165
|
+
ticketConsumed: false,
|
|
159
166
|
},
|
|
160
167
|
});
|
|
161
168
|
return;
|
|
162
169
|
}
|
|
163
170
|
let permission = tierToPermission(tier);
|
|
164
|
-
let bridgeConsumed = false;
|
|
165
171
|
let ticketConsumed = false;
|
|
166
|
-
const hookCwd = pathResolveCwd();
|
|
167
172
|
if (permission === "deny" && tier === "MUTATE") {
|
|
168
|
-
ticketConsumed = await tryConsumeExecutionTicket(argv, {
|
|
169
|
-
|
|
173
|
+
ticketConsumed = await tryConsumeExecutionTicket(argv, {
|
|
174
|
+
storageRoot,
|
|
175
|
+
kind: "mcp",
|
|
176
|
+
tool_input_sha256: toolInputHash,
|
|
177
|
+
});
|
|
178
|
+
if (ticketConsumed)
|
|
170
179
|
permission = "allow";
|
|
180
|
+
}
|
|
181
|
+
let inlineApproval = null;
|
|
182
|
+
if (permission === "deny" && tier === "MUTATE") {
|
|
183
|
+
const hash = argvSha256(argv);
|
|
184
|
+
const pending = await readPendingApprovalIndex(hash, { storageRoot });
|
|
185
|
+
if (pending) {
|
|
186
|
+
inlineApproval = { request_id: pending.request_id, open_url: pending.open_url };
|
|
171
187
|
}
|
|
172
188
|
else {
|
|
173
|
-
|
|
174
|
-
|
|
175
|
-
|
|
189
|
+
const created = await tryHookInlineApprovalRequest({
|
|
190
|
+
argv: [...argv],
|
|
191
|
+
kind: "mcp",
|
|
192
|
+
rawDisplay: `${rawToolName} ${stringifyToolInput(payload.tool_input).slice(0, 200)}`,
|
|
193
|
+
policyRevision,
|
|
194
|
+
reasons,
|
|
195
|
+
eventId: randomUUID(),
|
|
196
|
+
storageRoot,
|
|
197
|
+
tool_input_sha256: toolInputHash,
|
|
198
|
+
});
|
|
199
|
+
if (created) {
|
|
200
|
+
inlineApproval = { request_id: created.request_id, open_url: created.open_url };
|
|
201
|
+
}
|
|
176
202
|
}
|
|
177
203
|
}
|
|
178
204
|
const latency_ms = performance.now() - decisionStarted;
|
|
179
205
|
const toolInputStr = stringifyToolInput(payload.tool_input);
|
|
180
|
-
const allowMessage = formatHookAllowViaCredentialMessage({ ticketConsumed
|
|
206
|
+
const allowMessage = formatHookAllowViaCredentialMessage({ ticketConsumed });
|
|
181
207
|
const denyMessages = permission === "deny"
|
|
182
208
|
? formatHookDenyMessages({
|
|
183
209
|
hook: "beforeMCPExecution",
|
|
@@ -185,6 +211,7 @@ export async function runBeforeMcpHookFromStdin() {
|
|
|
185
211
|
argv,
|
|
186
212
|
reasons,
|
|
187
213
|
toolName: rawToolName,
|
|
214
|
+
inlineApproval,
|
|
188
215
|
})
|
|
189
216
|
: null;
|
|
190
217
|
const response = permission === "allow"
|
|
@@ -208,8 +235,9 @@ export async function runBeforeMcpHookFromStdin() {
|
|
|
208
235
|
flags,
|
|
209
236
|
tier,
|
|
210
237
|
permission,
|
|
211
|
-
bridgeConsumed,
|
|
212
238
|
ticketConsumed,
|
|
239
|
+
inline_request_id: inlineApproval?.request_id ?? null,
|
|
240
|
+
tool_input_sha256: toolInputHash,
|
|
213
241
|
reasons,
|
|
214
242
|
latency_ms,
|
|
215
243
|
}, auditLogRoot);
|
|
@@ -232,15 +260,11 @@ export async function runBeforeMcpHookFromStdin() {
|
|
|
232
260
|
...(policyRevision !== null ? { policy_revision: policyRevision } : {}),
|
|
233
261
|
meta: {
|
|
234
262
|
hook: "beforeMCPExecution",
|
|
235
|
-
bridgeConsumed,
|
|
236
263
|
ticketConsumed,
|
|
264
|
+
approval_request_id: inlineApproval?.request_id ?? null,
|
|
237
265
|
},
|
|
238
266
|
});
|
|
239
267
|
}
|
|
240
|
-
function pathResolveCwd() {
|
|
241
|
-
const cwd = process.cwd();
|
|
242
|
-
return cwd?.trim() ? cwd.trim() : undefined;
|
|
243
|
-
}
|
|
244
268
|
export function failClosedBeforeMcpHookErrorResponse(err) {
|
|
245
269
|
return {
|
|
246
270
|
permission: "deny",
|