@probelabs/visor 0.1.137 → 0.1.138
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cli-main.d.ts.map +1 -1
- package/dist/cli.d.ts.map +1 -1
- package/dist/docs/action-reference.md +14 -0
- package/dist/docs/ci-cli-mode.md +51 -2
- package/dist/docs/commands.md +8 -0
- package/dist/docs/github-auth.md +326 -0
- package/dist/docs/github-ops.md +6 -2
- package/dist/docs/index.md +1 -0
- package/dist/docs/security.md +11 -1
- package/dist/github-auth.d.ts +61 -0
- package/dist/github-auth.d.ts.map +1 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +594 -277
- package/dist/output/traces/{run-2026-02-23T08-59-32-321Z.ndjson → run-2026-02-23T15-25-03-052Z.ndjson} +84 -84
- package/dist/{traces/run-2026-02-23T09-00-20-148Z.ndjson → output/traces/run-2026-02-23T15-25-53-483Z.ndjson} +1103 -1103
- package/dist/sdk/{check-provider-registry-SA2WHPLO.mjs → check-provider-registry-JX7FK3MS.mjs} +5 -5
- package/dist/sdk/{check-provider-registry-SCL4KP55.mjs → check-provider-registry-XRD3J74K.mjs} +5 -5
- package/dist/sdk/{check-provider-registry-BCGP62RY.mjs → check-provider-registry-ZVPNBYEA.mjs} +5 -5
- package/dist/sdk/{chunk-F4K5WFSM.mjs → chunk-3CREE2RR.mjs} +14 -14
- package/dist/sdk/{chunk-UMFEBYCN.mjs → chunk-G3W5KQL7.mjs} +3 -3
- package/dist/sdk/{chunk-ALB3N4ZQ.mjs → chunk-GIGTDZHF.mjs} +3 -3
- package/dist/sdk/{chunk-ALB3N4ZQ.mjs.map → chunk-GIGTDZHF.mjs.map} +1 -1
- package/dist/sdk/{chunk-BRD36I43.mjs → chunk-GIPTKOXT.mjs} +2 -2
- package/dist/sdk/{chunk-DFKP7LY6.mjs → chunk-HIRALSSN.mjs} +14 -14
- package/dist/sdk/{chunk-E2N3U5HU.mjs → chunk-K7O7DMJU.mjs} +3 -3
- package/dist/sdk/{chunk-J6F5K5EG.mjs → chunk-QSB2P6VY.mjs} +14 -14
- package/dist/sdk/{chunk-YTAGJZHN.mjs → chunk-ROCFDJFL.mjs} +2 -2
- package/dist/sdk/{chunk-QUEWQWDX.mjs → chunk-RR2KJCQS.mjs} +2 -2
- package/dist/sdk/{chunk-QUEWQWDX.mjs.map → chunk-RR2KJCQS.mjs.map} +1 -1
- package/dist/sdk/{failure-condition-evaluator-B5JJFYKU.mjs → failure-condition-evaluator-D5XXOVV2.mjs} +3 -3
- package/dist/sdk/{failure-condition-evaluator-3B3G5NYW.mjs → failure-condition-evaluator-DPLWUGYG.mjs} +3 -3
- package/dist/sdk/{github-frontend-VAWVSCNX.mjs → github-frontend-LGS6PO5Y.mjs} +3 -3
- package/dist/sdk/{github-frontend-ZOVXPPHQ.mjs → github-frontend-QSMW366Z.mjs} +3 -3
- package/dist/sdk/{host-LOQWBHWT.mjs → host-FISPPQTH.mjs} +2 -2
- package/dist/sdk/{host-TEQ7HKKH.mjs → host-YDQC5HZQ.mjs} +2 -2
- package/dist/sdk/{routing-HR6N43RQ.mjs → routing-6YONAZI2.mjs} +4 -4
- package/dist/sdk/{routing-SEQYM4N6.mjs → routing-7QCNYAVE.mjs} +4 -4
- package/dist/sdk/{schedule-tool-handler-OXGTPLST.mjs → schedule-tool-handler-LBSAGK6P.mjs} +5 -5
- package/dist/sdk/{schedule-tool-handler-Y2UABBXN.mjs → schedule-tool-handler-RU76H4W5.mjs} +5 -5
- package/dist/sdk/{schedule-tool-handler-5BDMLHS5.mjs → schedule-tool-handler-WHB5AGLT.mjs} +5 -5
- package/dist/sdk/sdk.js +2 -2
- package/dist/sdk/sdk.js.map +1 -1
- package/dist/sdk/sdk.mjs +4 -4
- package/dist/sdk/{trace-helpers-FAAGLXBI.mjs → trace-helpers-2ADE6X4I.mjs} +2 -2
- package/dist/sdk/{trace-helpers-IGMH7ZPP.mjs → trace-helpers-LSOZHDYF.mjs} +2 -2
- package/dist/sdk/{workflow-check-provider-L2ZUOMJR.mjs → workflow-check-provider-I3SB5RG7.mjs} +5 -5
- package/dist/sdk/{workflow-check-provider-WLA7LO56.mjs → workflow-check-provider-MIFPOENL.mjs} +5 -5
- package/dist/sdk/{workflow-check-provider-7SR7ZWSV.mjs → workflow-check-provider-YDA7DL3O.mjs} +5 -5
- package/dist/traces/{run-2026-02-23T08-59-32-321Z.ndjson → run-2026-02-23T15-25-03-052Z.ndjson} +84 -84
- package/dist/{output/traces/run-2026-02-23T09-00-20-148Z.ndjson → traces/run-2026-02-23T15-25-53-483Z.ndjson} +1103 -1103
- package/dist/types/cli.d.ts +8 -0
- package/dist/types/cli.d.ts.map +1 -1
- package/package.json +2 -2
- /package/dist/sdk/{check-provider-registry-BCGP62RY.mjs.map → check-provider-registry-JX7FK3MS.mjs.map} +0 -0
- /package/dist/sdk/{check-provider-registry-SA2WHPLO.mjs.map → check-provider-registry-XRD3J74K.mjs.map} +0 -0
- /package/dist/sdk/{check-provider-registry-SCL4KP55.mjs.map → check-provider-registry-ZVPNBYEA.mjs.map} +0 -0
- /package/dist/sdk/{chunk-F4K5WFSM.mjs.map → chunk-3CREE2RR.mjs.map} +0 -0
- /package/dist/sdk/{chunk-E2N3U5HU.mjs.map → chunk-G3W5KQL7.mjs.map} +0 -0
- /package/dist/sdk/{chunk-BRD36I43.mjs.map → chunk-GIPTKOXT.mjs.map} +0 -0
- /package/dist/sdk/{chunk-DFKP7LY6.mjs.map → chunk-HIRALSSN.mjs.map} +0 -0
- /package/dist/sdk/{chunk-UMFEBYCN.mjs.map → chunk-K7O7DMJU.mjs.map} +0 -0
- /package/dist/sdk/{chunk-J6F5K5EG.mjs.map → chunk-QSB2P6VY.mjs.map} +0 -0
- /package/dist/sdk/{chunk-YTAGJZHN.mjs.map → chunk-ROCFDJFL.mjs.map} +0 -0
- /package/dist/sdk/{failure-condition-evaluator-3B3G5NYW.mjs.map → failure-condition-evaluator-D5XXOVV2.mjs.map} +0 -0
- /package/dist/sdk/{failure-condition-evaluator-B5JJFYKU.mjs.map → failure-condition-evaluator-DPLWUGYG.mjs.map} +0 -0
- /package/dist/sdk/{github-frontend-VAWVSCNX.mjs.map → github-frontend-LGS6PO5Y.mjs.map} +0 -0
- /package/dist/sdk/{github-frontend-ZOVXPPHQ.mjs.map → github-frontend-QSMW366Z.mjs.map} +0 -0
- /package/dist/sdk/{host-LOQWBHWT.mjs.map → host-FISPPQTH.mjs.map} +0 -0
- /package/dist/sdk/{host-TEQ7HKKH.mjs.map → host-YDQC5HZQ.mjs.map} +0 -0
- /package/dist/sdk/{routing-HR6N43RQ.mjs.map → routing-6YONAZI2.mjs.map} +0 -0
- /package/dist/sdk/{routing-SEQYM4N6.mjs.map → routing-7QCNYAVE.mjs.map} +0 -0
- /package/dist/sdk/{schedule-tool-handler-5BDMLHS5.mjs.map → schedule-tool-handler-LBSAGK6P.mjs.map} +0 -0
- /package/dist/sdk/{schedule-tool-handler-OXGTPLST.mjs.map → schedule-tool-handler-RU76H4W5.mjs.map} +0 -0
- /package/dist/sdk/{schedule-tool-handler-Y2UABBXN.mjs.map → schedule-tool-handler-WHB5AGLT.mjs.map} +0 -0
- /package/dist/sdk/{trace-helpers-FAAGLXBI.mjs.map → trace-helpers-2ADE6X4I.mjs.map} +0 -0
- /package/dist/sdk/{trace-helpers-IGMH7ZPP.mjs.map → trace-helpers-LSOZHDYF.mjs.map} +0 -0
- /package/dist/sdk/{workflow-check-provider-7SR7ZWSV.mjs.map → workflow-check-provider-I3SB5RG7.mjs.map} +0 -0
- /package/dist/sdk/{workflow-check-provider-L2ZUOMJR.mjs.map → workflow-check-provider-MIFPOENL.mjs.map} +0 -0
- /package/dist/sdk/{workflow-check-provider-WLA7LO56.mjs.map → workflow-check-provider-YDA7DL3O.mjs.map} +0 -0
package/dist/index.js
CHANGED
|
@@ -1,8 +1,8 @@
|
|
|
1
1
|
#!/usr/bin/env node
|
|
2
|
-
process.env.VISOR_VERSION = '0.1.
|
|
3
|
-
process.env.PROBE_VERSION = '0.6.0-
|
|
4
|
-
process.env.VISOR_COMMIT_SHA = '
|
|
5
|
-
process.env.VISOR_COMMIT_SHORT = '
|
|
2
|
+
process.env.VISOR_VERSION = '0.1.138';
|
|
3
|
+
process.env.PROBE_VERSION = '0.6.0-rc257';
|
|
4
|
+
process.env.VISOR_COMMIT_SHA = '0fe252c4d2e04567b4f5d72d73796d0abc3a88f7';
|
|
5
|
+
process.env.VISOR_COMMIT_SHORT = '0fe252c';
|
|
6
6
|
/******/ (() => { // webpackBootstrap
|
|
7
7
|
/******/ var __webpack_modules__ = ({
|
|
8
8
|
|
|
@@ -160950,6 +160950,7 @@ const fallback_ndjson_1 = __nccwpck_require__(35938);
|
|
|
160950
160950
|
const trace_helpers_1 = __nccwpck_require__(75338);
|
|
160951
160951
|
const ws_server_1 = __nccwpck_require__(82620);
|
|
160952
160952
|
const open_1 = __importDefault(__nccwpck_require__(19106));
|
|
160953
|
+
const github_auth_1 = __nccwpck_require__(11347);
|
|
160953
160954
|
/**
|
|
160954
160955
|
* Execute a single check in sandbox mode (--run-check).
|
|
160955
160956
|
* Reads CheckRunPayload from argument or stdin, executes one check,
|
|
@@ -161872,6 +161873,36 @@ async function main() {
|
|
|
161872
161873
|
: null;
|
|
161873
161874
|
// Build execution context for providers
|
|
161874
161875
|
const executionContext = {};
|
|
161876
|
+
// Set up GitHub authentication (optional in CLI mode)
|
|
161877
|
+
// Resolves from CLI flags first, then environment variables
|
|
161878
|
+
{
|
|
161879
|
+
const authOpts = {
|
|
161880
|
+
token: options.githubToken,
|
|
161881
|
+
appId: options.githubAppId,
|
|
161882
|
+
privateKey: options.githubPrivateKey,
|
|
161883
|
+
installationId: options.githubInstallationId,
|
|
161884
|
+
};
|
|
161885
|
+
// Fall back to environment variables if no explicit CLI flags
|
|
161886
|
+
if (!authOpts.token && !authOpts.appId) {
|
|
161887
|
+
Object.assign(authOpts, (0, github_auth_1.resolveAuthFromEnvironment)());
|
|
161888
|
+
}
|
|
161889
|
+
if (authOpts.token || authOpts.appId) {
|
|
161890
|
+
try {
|
|
161891
|
+
const authResult = await (0, github_auth_1.createAuthenticatedOctokit)(authOpts);
|
|
161892
|
+
if (authResult) {
|
|
161893
|
+
// Inject token + git credentials into process.env for child processes
|
|
161894
|
+
(0, github_auth_1.injectGitHubCredentials)(authResult.token);
|
|
161895
|
+
// Set Octokit on execution context for in-process API calls
|
|
161896
|
+
executionContext.octokit = authResult.octokit;
|
|
161897
|
+
logger_1.logger.info(`🔑 GitHub auth: ${authResult.authType}`);
|
|
161898
|
+
}
|
|
161899
|
+
}
|
|
161900
|
+
catch (err) {
|
|
161901
|
+
logger_1.logger.warn(`⚠️ GitHub auth failed: ${err instanceof Error ? err.message : String(err)}`);
|
|
161902
|
+
logger_1.logger.warn('Continuing without GitHub API access');
|
|
161903
|
+
}
|
|
161904
|
+
}
|
|
161905
|
+
}
|
|
161875
161906
|
// Set CLI message for human-input checks if provided
|
|
161876
161907
|
if (options.message !== undefined) {
|
|
161877
161908
|
executionContext.cliMessage = options.message;
|
|
@@ -163095,6 +163126,10 @@ class CLI {
|
|
|
163095
163126
|
.option('--workspace-name <name>', 'Workspace directory name (overrides VISOR_WORKSPACE_NAME)')
|
|
163096
163127
|
.option('--workspace-project-name <name>', 'Main project folder name inside workspace (overrides VISOR_WORKSPACE_PROJECT)')
|
|
163097
163128
|
.option('--watch', 'Watch config file for changes and reload automatically (requires --config)')
|
|
163129
|
+
.option('--github-token <token>', 'GitHub token for API operations (env: GITHUB_TOKEN)')
|
|
163130
|
+
.option('--github-app-id <id>', 'GitHub App ID (env: GITHUB_APP_ID)')
|
|
163131
|
+
.option('--github-private-key <key>', 'GitHub App private key, PEM content or file path (env: GITHUB_APP_PRIVATE_KEY)')
|
|
163132
|
+
.option('--github-installation-id <id>', 'GitHub App installation ID, auto-detected if omitted')
|
|
163098
163133
|
.addHelpText('after', this.getExamplesText())
|
|
163099
163134
|
.exitOverride(); // Prevent automatic process.exit for better error handling
|
|
163100
163135
|
// Add validation for options
|
|
@@ -163151,6 +163186,10 @@ class CLI {
|
|
|
163151
163186
|
.option('--workspace-name <name>', 'Workspace directory name (overrides VISOR_WORKSPACE_NAME)')
|
|
163152
163187
|
.option('--workspace-project-name <name>', 'Main project folder name inside workspace (overrides VISOR_WORKSPACE_PROJECT)')
|
|
163153
163188
|
.option('--watch', 'Watch config file for changes and reload automatically (requires --config)')
|
|
163189
|
+
.option('--github-token <token>', 'GitHub token for API operations (env: GITHUB_TOKEN)')
|
|
163190
|
+
.option('--github-app-id <id>', 'GitHub App ID (env: GITHUB_APP_ID)')
|
|
163191
|
+
.option('--github-private-key <key>', 'GitHub App private key, PEM content or file path (env: GITHUB_APP_PRIVATE_KEY)')
|
|
163192
|
+
.option('--github-installation-id <id>', 'GitHub App installation ID, auto-detected if omitted')
|
|
163154
163193
|
.allowUnknownOption(false)
|
|
163155
163194
|
.allowExcessArguments(false) // Don't allow positional arguments
|
|
163156
163195
|
.addHelpText('after', this.getExamplesText())
|
|
@@ -163220,6 +163259,10 @@ class CLI {
|
|
|
163220
163259
|
workspaceName: options.workspaceName,
|
|
163221
163260
|
workspaceProjectName: options.workspaceProjectName,
|
|
163222
163261
|
watch: Boolean(options.watch),
|
|
163262
|
+
githubToken: options.githubToken,
|
|
163263
|
+
githubAppId: options.githubAppId,
|
|
163264
|
+
githubPrivateKey: options.githubPrivateKey,
|
|
163265
|
+
githubInstallationId: options.githubInstallationId,
|
|
163223
163266
|
};
|
|
163224
163267
|
}
|
|
163225
163268
|
catch (error) {
|
|
@@ -172427,6 +172470,182 @@ class GitRepositoryAnalyzer {
|
|
|
172427
172470
|
exports.GitRepositoryAnalyzer = GitRepositoryAnalyzer;
|
|
172428
172471
|
|
|
172429
172472
|
|
|
172473
|
+
/***/ }),
|
|
172474
|
+
|
|
172475
|
+
/***/ 11347:
|
|
172476
|
+
/***/ (function(__unused_webpack_module, exports, __nccwpck_require__) {
|
|
172477
|
+
|
|
172478
|
+
"use strict";
|
|
172479
|
+
|
|
172480
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
172481
|
+
if (k2 === undefined) k2 = k;
|
|
172482
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
172483
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
172484
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
172485
|
+
}
|
|
172486
|
+
Object.defineProperty(o, k2, desc);
|
|
172487
|
+
}) : (function(o, m, k, k2) {
|
|
172488
|
+
if (k2 === undefined) k2 = k;
|
|
172489
|
+
o[k2] = m[k];
|
|
172490
|
+
}));
|
|
172491
|
+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
172492
|
+
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
172493
|
+
}) : function(o, v) {
|
|
172494
|
+
o["default"] = v;
|
|
172495
|
+
});
|
|
172496
|
+
var __importStar = (this && this.__importStar) || (function () {
|
|
172497
|
+
var ownKeys = function(o) {
|
|
172498
|
+
ownKeys = Object.getOwnPropertyNames || function (o) {
|
|
172499
|
+
var ar = [];
|
|
172500
|
+
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
|
|
172501
|
+
return ar;
|
|
172502
|
+
};
|
|
172503
|
+
return ownKeys(o);
|
|
172504
|
+
};
|
|
172505
|
+
return function (mod) {
|
|
172506
|
+
if (mod && mod.__esModule) return mod;
|
|
172507
|
+
var result = {};
|
|
172508
|
+
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
|
|
172509
|
+
__setModuleDefault(result, mod);
|
|
172510
|
+
return result;
|
|
172511
|
+
};
|
|
172512
|
+
})();
|
|
172513
|
+
Object.defineProperty(exports, "__esModule", ({ value: true }));
|
|
172514
|
+
exports.createAuthenticatedOctokit = createAuthenticatedOctokit;
|
|
172515
|
+
exports.resolveAuthFromEnvironment = resolveAuthFromEnvironment;
|
|
172516
|
+
exports.resolvePrivateKey = resolvePrivateKey;
|
|
172517
|
+
exports.injectGitHubCredentials = injectGitHubCredentials;
|
|
172518
|
+
const rest_1 = __nccwpck_require__(47432);
|
|
172519
|
+
const fs = __importStar(__nccwpck_require__(79896));
|
|
172520
|
+
const path = __importStar(__nccwpck_require__(16928));
|
|
172521
|
+
/**
|
|
172522
|
+
* Create an authenticated Octokit instance.
|
|
172523
|
+
* Returns undefined if no credentials are provided (auth is optional in CLI mode).
|
|
172524
|
+
*
|
|
172525
|
+
* For token auth: uses the token directly.
|
|
172526
|
+
* For GitHub App auth: creates JWT-authenticated client, resolves installation ID,
|
|
172527
|
+
* then extracts an installation access token for environment propagation.
|
|
172528
|
+
*/
|
|
172529
|
+
async function createAuthenticatedOctokit(options) {
|
|
172530
|
+
const { token, appId, installationId, owner, repo } = options;
|
|
172531
|
+
const privateKey = options.privateKey ? resolvePrivateKey(options.privateKey) : undefined;
|
|
172532
|
+
// Prefer GitHub App authentication if app credentials are provided
|
|
172533
|
+
if (appId && privateKey) {
|
|
172534
|
+
const { createAppAuth } = await Promise.resolve().then(() => __importStar(__nccwpck_require__(76479)));
|
|
172535
|
+
let finalInstallationId;
|
|
172536
|
+
if (installationId) {
|
|
172537
|
+
finalInstallationId = parseInt(installationId, 10);
|
|
172538
|
+
if (isNaN(finalInstallationId) || finalInstallationId <= 0) {
|
|
172539
|
+
throw new Error('Invalid installation-id. It must be a positive integer.');
|
|
172540
|
+
}
|
|
172541
|
+
}
|
|
172542
|
+
// Auto-detect installation ID if not provided
|
|
172543
|
+
if (!finalInstallationId && owner && repo) {
|
|
172544
|
+
const appOctokit = new rest_1.Octokit({
|
|
172545
|
+
authStrategy: createAppAuth,
|
|
172546
|
+
auth: { appId, privateKey },
|
|
172547
|
+
});
|
|
172548
|
+
try {
|
|
172549
|
+
const { data: installation } = await appOctokit.rest.apps.getRepoInstallation({
|
|
172550
|
+
owner,
|
|
172551
|
+
repo,
|
|
172552
|
+
});
|
|
172553
|
+
finalInstallationId = installation.id;
|
|
172554
|
+
}
|
|
172555
|
+
catch {
|
|
172556
|
+
throw new Error('GitHub App installation ID could not be auto-detected. ' +
|
|
172557
|
+
'Provide --github-installation-id or ensure the app is installed on the repository.');
|
|
172558
|
+
}
|
|
172559
|
+
}
|
|
172560
|
+
if (!finalInstallationId) {
|
|
172561
|
+
throw new Error('GitHub App installation ID is required. Provide --github-installation-id or set owner/repo for auto-detection.');
|
|
172562
|
+
}
|
|
172563
|
+
// Create the authenticated Octokit instance
|
|
172564
|
+
const octokit = new rest_1.Octokit({
|
|
172565
|
+
authStrategy: createAppAuth,
|
|
172566
|
+
auth: {
|
|
172567
|
+
appId,
|
|
172568
|
+
privateKey,
|
|
172569
|
+
installationId: finalInstallationId,
|
|
172570
|
+
},
|
|
172571
|
+
});
|
|
172572
|
+
// Extract the installation access token for environment propagation
|
|
172573
|
+
const authResult = (await octokit.auth({ type: 'installation' }));
|
|
172574
|
+
return {
|
|
172575
|
+
octokit,
|
|
172576
|
+
authType: 'github-app',
|
|
172577
|
+
token: authResult.token,
|
|
172578
|
+
};
|
|
172579
|
+
}
|
|
172580
|
+
// Fall back to token authentication
|
|
172581
|
+
if (token) {
|
|
172582
|
+
return {
|
|
172583
|
+
octokit: new rest_1.Octokit({ auth: token }),
|
|
172584
|
+
authType: 'token',
|
|
172585
|
+
token,
|
|
172586
|
+
};
|
|
172587
|
+
}
|
|
172588
|
+
// No credentials provided
|
|
172589
|
+
return undefined;
|
|
172590
|
+
}
|
|
172591
|
+
/**
|
|
172592
|
+
* Resolve GitHub auth options from environment variables.
|
|
172593
|
+
* Used as fallback when no explicit CLI arguments are provided.
|
|
172594
|
+
*/
|
|
172595
|
+
function resolveAuthFromEnvironment() {
|
|
172596
|
+
return {
|
|
172597
|
+
token: process.env.GITHUB_TOKEN || process.env.GH_TOKEN,
|
|
172598
|
+
appId: process.env.GITHUB_APP_ID,
|
|
172599
|
+
privateKey: process.env.GITHUB_APP_PRIVATE_KEY,
|
|
172600
|
+
installationId: process.env.GITHUB_APP_INSTALLATION_ID,
|
|
172601
|
+
owner: process.env.GITHUB_REPOSITORY_OWNER || process.env.GITHUB_REPOSITORY?.split('/')[0],
|
|
172602
|
+
repo: process.env.GITHUB_REPOSITORY?.split('/')[1],
|
|
172603
|
+
};
|
|
172604
|
+
}
|
|
172605
|
+
/**
|
|
172606
|
+
* Resolve private key — supports both inline PEM content and file paths.
|
|
172607
|
+
*/
|
|
172608
|
+
function resolvePrivateKey(keyOrPath) {
|
|
172609
|
+
if (keyOrPath.includes('-----BEGIN')) {
|
|
172610
|
+
return keyOrPath;
|
|
172611
|
+
}
|
|
172612
|
+
const resolved = path.resolve(keyOrPath);
|
|
172613
|
+
if (fs.existsSync(resolved)) {
|
|
172614
|
+
return fs.readFileSync(resolved, 'utf8');
|
|
172615
|
+
}
|
|
172616
|
+
// Return as-is and let the auth library handle errors
|
|
172617
|
+
return keyOrPath;
|
|
172618
|
+
}
|
|
172619
|
+
/**
|
|
172620
|
+
* Inject GitHub credentials into process.env for child processes.
|
|
172621
|
+
*
|
|
172622
|
+
* Sets GITHUB_TOKEN/GH_TOKEN for gh CLI, and configures git HTTPS auth
|
|
172623
|
+
* via GIT_CONFIG_COUNT/KEY/VALUE env vars so `git clone`, `git push`, etc.
|
|
172624
|
+
* work automatically against github.com without any local git config.
|
|
172625
|
+
*
|
|
172626
|
+
* Uses git's GIT_CONFIG_COUNT mechanism (git 2.31+, March 2021):
|
|
172627
|
+
* - No temp files or global config mutation
|
|
172628
|
+
* - Inherited by all child processes automatically
|
|
172629
|
+
* - Works regardless of local git configuration
|
|
172630
|
+
*/
|
|
172631
|
+
function injectGitHubCredentials(token) {
|
|
172632
|
+
// Set for gh CLI and general GitHub API usage
|
|
172633
|
+
process.env.GITHUB_TOKEN = token;
|
|
172634
|
+
process.env.GH_TOKEN = token;
|
|
172635
|
+
// Configure git HTTPS auth via url.<base>.insteadOf
|
|
172636
|
+
// This rewrites all github.com URLs to include the access token
|
|
172637
|
+
const existingCount = parseInt(process.env.GIT_CONFIG_COUNT || '0', 10);
|
|
172638
|
+
const authUrl = `https://x-access-token:${token}@github.com/`;
|
|
172639
|
+
// Rewrite HTTPS URLs
|
|
172640
|
+
process.env[`GIT_CONFIG_KEY_${existingCount}`] = `url.${authUrl}.insteadOf`;
|
|
172641
|
+
process.env[`GIT_CONFIG_VALUE_${existingCount}`] = 'https://github.com/';
|
|
172642
|
+
// Rewrite SSH-style URLs (git@github.com:org/repo)
|
|
172643
|
+
process.env[`GIT_CONFIG_KEY_${existingCount + 1}`] = `url.${authUrl}.insteadOf`;
|
|
172644
|
+
process.env[`GIT_CONFIG_VALUE_${existingCount + 1}`] = 'git@github.com:';
|
|
172645
|
+
process.env.GIT_CONFIG_COUNT = String(existingCount + 2);
|
|
172646
|
+
}
|
|
172647
|
+
|
|
172648
|
+
|
|
172430
172649
|
/***/ }),
|
|
172431
172650
|
|
|
172432
172651
|
/***/ 21367:
|
|
@@ -173364,8 +173583,6 @@ exports.run = run;
|
|
|
173364
173583
|
// Load environment variables from .env file (override existing to allow .env to take precedence)
|
|
173365
173584
|
const dotenv = __importStar(__nccwpck_require__(18889));
|
|
173366
173585
|
dotenv.config({ override: true, quiet: true });
|
|
173367
|
-
const rest_1 = __nccwpck_require__(47432);
|
|
173368
|
-
const auth_app_1 = __nccwpck_require__(76479);
|
|
173369
173586
|
const core_1 = __nccwpck_require__(37484);
|
|
173370
173587
|
const commands_1 = __nccwpck_require__(99153);
|
|
173371
173588
|
const pr_analyzer_1 = __nccwpck_require__(80100);
|
|
@@ -173376,79 +173593,39 @@ const config_1 = __nccwpck_require__(22973);
|
|
|
173376
173593
|
const github_reactions_1 = __nccwpck_require__(67997);
|
|
173377
173594
|
const footer_1 = __nccwpck_require__(6924);
|
|
173378
173595
|
const json_text_extractor_1 = __nccwpck_require__(49022);
|
|
173596
|
+
const github_auth_1 = __nccwpck_require__(11347);
|
|
173379
173597
|
/**
|
|
173380
|
-
* Create an authenticated Octokit instance using either GitHub App
|
|
173598
|
+
* Create an authenticated Octokit instance using either GitHub App or token authentication.
|
|
173599
|
+
* Delegates to the shared github-auth module and injects credentials into process.env
|
|
173600
|
+
* so child processes (git, gh CLI, Claude Code agents) can authenticate automatically.
|
|
173381
173601
|
*/
|
|
173382
173602
|
async function createAuthenticatedOctokit() {
|
|
173383
|
-
const
|
|
173384
|
-
|
|
173385
|
-
|
|
173386
|
-
|
|
173387
|
-
|
|
173388
|
-
|
|
173389
|
-
|
|
173390
|
-
|
|
173391
|
-
|
|
173392
|
-
|
|
173393
|
-
|
|
173394
|
-
|
|
173395
|
-
if (installationId) {
|
|
173396
|
-
finalInstallationId = parseInt(installationId, 10);
|
|
173397
|
-
if (isNaN(finalInstallationId) || finalInstallationId <= 0) {
|
|
173398
|
-
throw new Error('Invalid installation-id provided. It must be a positive integer.');
|
|
173399
|
-
}
|
|
173400
|
-
}
|
|
173401
|
-
if (!finalInstallationId) {
|
|
173402
|
-
const owner = (0, core_1.getInput)('owner') || process.env.GITHUB_REPOSITORY_OWNER;
|
|
173403
|
-
const repo = (0, core_1.getInput)('repo') || process.env.GITHUB_REPOSITORY?.split('/')[1];
|
|
173404
|
-
if (owner && repo) {
|
|
173405
|
-
// Create a temporary JWT-authenticated client to find the installation
|
|
173406
|
-
const appOctokit = new rest_1.Octokit({
|
|
173407
|
-
authStrategy: auth_app_1.createAppAuth,
|
|
173408
|
-
auth: {
|
|
173409
|
-
appId,
|
|
173410
|
-
privateKey,
|
|
173411
|
-
},
|
|
173412
|
-
});
|
|
173413
|
-
try {
|
|
173414
|
-
const { data: installation } = await appOctokit.rest.apps.getRepoInstallation({
|
|
173415
|
-
owner,
|
|
173416
|
-
repo,
|
|
173417
|
-
});
|
|
173418
|
-
finalInstallationId = installation.id;
|
|
173419
|
-
console.log(`✅ Auto-detected installation ID: ${finalInstallationId}`);
|
|
173420
|
-
}
|
|
173421
|
-
catch {
|
|
173422
|
-
console.warn('⚠️ Could not auto-detect installation ID. Please check app permissions && installation status.');
|
|
173423
|
-
throw new Error('GitHub App installation ID is required but could not be auto-detected. Please ensure the app is installed on this repository || provide the `installation-id` manually.');
|
|
173424
|
-
}
|
|
173425
|
-
}
|
|
173426
|
-
}
|
|
173427
|
-
// Create the authenticated Octokit instance
|
|
173428
|
-
const octokit = new rest_1.Octokit({
|
|
173429
|
-
authStrategy: auth_app_1.createAppAuth,
|
|
173430
|
-
auth: {
|
|
173431
|
-
appId,
|
|
173432
|
-
privateKey,
|
|
173433
|
-
installationId: finalInstallationId,
|
|
173434
|
-
},
|
|
173435
|
-
});
|
|
173436
|
-
return { octokit, authType: 'github-app' };
|
|
173437
|
-
}
|
|
173438
|
-
catch (error) {
|
|
173439
|
-
console.error('❌ GitHub App authentication failed. Please check your App ID, Private Key, && installation permissions.');
|
|
173440
|
-
throw new Error(`GitHub App authentication failed`, { cause: error });
|
|
173603
|
+
const options = {
|
|
173604
|
+
token: (0, core_1.getInput)('github-token'),
|
|
173605
|
+
appId: (0, core_1.getInput)('app-id'),
|
|
173606
|
+
privateKey: (0, core_1.getInput)('private-key'),
|
|
173607
|
+
installationId: (0, core_1.getInput)('installation-id'),
|
|
173608
|
+
owner: (0, core_1.getInput)('owner') || process.env.GITHUB_REPOSITORY_OWNER,
|
|
173609
|
+
repo: (0, core_1.getInput)('repo') || process.env.GITHUB_REPOSITORY?.split('/')[1],
|
|
173610
|
+
};
|
|
173611
|
+
try {
|
|
173612
|
+
const result = await (0, github_auth_1.createAuthenticatedOctokit)(options);
|
|
173613
|
+
if (!result) {
|
|
173614
|
+
throw new Error('Either github-token or app-id/private-key must be provided for authentication');
|
|
173441
173615
|
}
|
|
173616
|
+
console.log(result.authType === 'github-app'
|
|
173617
|
+
? '🔐 Using GitHub App authentication'
|
|
173618
|
+
: '🔑 Using GitHub token authentication');
|
|
173619
|
+
// Inject credentials for child processes (git, gh, Claude Code agents)
|
|
173620
|
+
(0, github_auth_1.injectGitHubCredentials)(result.token);
|
|
173621
|
+
return result;
|
|
173442
173622
|
}
|
|
173443
|
-
|
|
173444
|
-
|
|
173445
|
-
|
|
173446
|
-
|
|
173447
|
-
|
|
173448
|
-
authType: 'token',
|
|
173449
|
-
};
|
|
173623
|
+
catch (error) {
|
|
173624
|
+
if (options.appId && options.privateKey) {
|
|
173625
|
+
console.error('❌ GitHub App authentication failed. Please check your App ID, Private Key, and installation permissions.');
|
|
173626
|
+
}
|
|
173627
|
+
throw error;
|
|
173450
173628
|
}
|
|
173451
|
-
throw new Error('Either github-token || app-id/private-key must be provided for authentication');
|
|
173452
173629
|
}
|
|
173453
173630
|
async function run() {
|
|
173454
173631
|
try {
|
|
@@ -247986,6 +248163,7 @@ var require_ChecksumStream = __commonJS({
|
|
|
247986
248163
|
checksum;
|
|
247987
248164
|
source;
|
|
247988
248165
|
base64Encoder;
|
|
248166
|
+
pendingCallback = null;
|
|
247989
248167
|
constructor({ expectedChecksum, checksum, source, checksumSourceLocation, base64Encoder }) {
|
|
247990
248168
|
super();
|
|
247991
248169
|
if (typeof source.pipe === "function") {
|
|
@@ -248000,11 +248178,20 @@ var require_ChecksumStream = __commonJS({
|
|
|
248000
248178
|
this.source.pipe(this);
|
|
248001
248179
|
}
|
|
248002
248180
|
_read(size) {
|
|
248181
|
+
if (this.pendingCallback) {
|
|
248182
|
+
const callback = this.pendingCallback;
|
|
248183
|
+
this.pendingCallback = null;
|
|
248184
|
+
callback();
|
|
248185
|
+
}
|
|
248003
248186
|
}
|
|
248004
248187
|
_write(chunk, encoding, callback) {
|
|
248005
248188
|
try {
|
|
248006
248189
|
this.checksum.update(chunk);
|
|
248007
|
-
this.push(chunk);
|
|
248190
|
+
const canPushMore = this.push(chunk);
|
|
248191
|
+
if (!canPushMore) {
|
|
248192
|
+
this.pendingCallback = callback;
|
|
248193
|
+
return;
|
|
248194
|
+
}
|
|
248008
248195
|
} catch (e5) {
|
|
248009
248196
|
return callback(e5);
|
|
248010
248197
|
}
|
|
@@ -283300,6 +283487,10 @@ function getValidParamsForTool(toolName) {
|
|
|
283300
283487
|
}
|
|
283301
283488
|
return [];
|
|
283302
283489
|
}
|
|
283490
|
+
function unescapeXmlEntities(str) {
|
|
283491
|
+
if (typeof str !== "string") return str;
|
|
283492
|
+
return str.replace(/</g, "<").replace(/>/g, ">").replace(/"/g, '"').replace(/'/g, "'").replace(/&/g, "&");
|
|
283493
|
+
}
|
|
283303
283494
|
function parseXmlToolCall(xmlString, validTools = DEFAULT_VALID_TOOLS) {
|
|
283304
283495
|
let earliestToolName = null;
|
|
283305
283496
|
let earliestOpenIndex = Infinity;
|
|
@@ -283356,10 +283547,10 @@ function parseXmlToolCall(xmlString, validTools = DEFAULT_VALID_TOOLS) {
|
|
|
283356
283547
|
}
|
|
283357
283548
|
paramCloseIndex = nextTagIndex;
|
|
283358
283549
|
}
|
|
283359
|
-
let paramValue = innerContent.substring(
|
|
283550
|
+
let paramValue = unescapeXmlEntities(innerContent.substring(
|
|
283360
283551
|
paramOpenIndex + paramOpenTag.length,
|
|
283361
283552
|
paramCloseIndex
|
|
283362
|
-
).trim();
|
|
283553
|
+
).trim());
|
|
283363
283554
|
if (paramValue.toLowerCase() === "true") {
|
|
283364
283555
|
paramValue = true;
|
|
283365
283556
|
} else if (paramValue.toLowerCase() === "false") {
|
|
@@ -283373,7 +283564,7 @@ function parseXmlToolCall(xmlString, validTools = DEFAULT_VALID_TOOLS) {
|
|
|
283373
283564
|
params[paramName] = paramValue;
|
|
283374
283565
|
}
|
|
283375
283566
|
if (toolName === "attempt_completion") {
|
|
283376
|
-
params["result"] = innerContent.trim();
|
|
283567
|
+
params["result"] = unescapeXmlEntities(innerContent.trim());
|
|
283377
283568
|
if (params.command) {
|
|
283378
283569
|
delete params.command;
|
|
283379
283570
|
}
|
|
@@ -328752,6 +328943,7 @@ __export(schemaUtils_exports, {
|
|
|
328752
328943
|
replaceMermaidDiagramsInMarkdown: () => replaceMermaidDiagramsInMarkdown,
|
|
328753
328944
|
sanitizeMarkdownEscapesInJson: () => sanitizeMarkdownEscapesInJson,
|
|
328754
328945
|
tryAutoWrapForSimpleSchema: () => tryAutoWrapForSimpleSchema,
|
|
328946
|
+
tryExtractValidJsonPrefix: () => tryExtractValidJsonPrefix,
|
|
328755
328947
|
tryMaidAutoFix: () => tryMaidAutoFix,
|
|
328756
328948
|
validateAndFixMermaidResponse: () => validateAndFixMermaidResponse,
|
|
328757
328949
|
validateJsonResponse: () => validateJsonResponse,
|
|
@@ -329138,6 +329330,13 @@ function validateJsonResponse(response, options = {}) {
|
|
|
329138
329330
|
errorPosition = response.indexOf(problematicToken);
|
|
329139
329331
|
}
|
|
329140
329332
|
}
|
|
329333
|
+
const prefixResult = tryExtractValidJsonPrefix(responseToValidate, { schema, debug });
|
|
329334
|
+
if (prefixResult && prefixResult.isValid) {
|
|
329335
|
+
if (debug) {
|
|
329336
|
+
console.log(`[DEBUG] JSON validation: Recovered valid JSON prefix (${prefixResult.extracted.length} chars) from response with trailing content`);
|
|
329337
|
+
}
|
|
329338
|
+
return { isValid: true, parsed: prefixResult.parsed };
|
|
329339
|
+
}
|
|
329141
329340
|
let enhancedError = error2.message;
|
|
329142
329341
|
let errorContext = null;
|
|
329143
329342
|
if (errorPosition !== null && errorPosition >= 0 && response && response.length > 0) {
|
|
@@ -329188,6 +329387,84 @@ ${errorContext.pointer}`);
|
|
|
329188
329387
|
};
|
|
329189
329388
|
}
|
|
329190
329389
|
}
|
|
329390
|
+
function tryExtractValidJsonPrefix(response, options = {}) {
|
|
329391
|
+
const { schema = null, debug = false } = options;
|
|
329392
|
+
if (!response || typeof response !== "string") {
|
|
329393
|
+
return null;
|
|
329394
|
+
}
|
|
329395
|
+
const trimmed = response.trim();
|
|
329396
|
+
if (trimmed.length === 0) {
|
|
329397
|
+
return null;
|
|
329398
|
+
}
|
|
329399
|
+
const firstChar = trimmed[0];
|
|
329400
|
+
if (firstChar !== "{" && firstChar !== "[") {
|
|
329401
|
+
return null;
|
|
329402
|
+
}
|
|
329403
|
+
try {
|
|
329404
|
+
JSON.parse(trimmed);
|
|
329405
|
+
return null;
|
|
329406
|
+
} catch {
|
|
329407
|
+
}
|
|
329408
|
+
const openChar = firstChar;
|
|
329409
|
+
const closeChar = openChar === "{" ? "}" : "]";
|
|
329410
|
+
let depth = 0;
|
|
329411
|
+
let inString = false;
|
|
329412
|
+
let escapeNext = false;
|
|
329413
|
+
let endPos = -1;
|
|
329414
|
+
for (let i5 = 0; i5 < trimmed.length; i5++) {
|
|
329415
|
+
const char = trimmed[i5];
|
|
329416
|
+
if (escapeNext) {
|
|
329417
|
+
escapeNext = false;
|
|
329418
|
+
continue;
|
|
329419
|
+
}
|
|
329420
|
+
if (char === "\\" && inString) {
|
|
329421
|
+
escapeNext = true;
|
|
329422
|
+
continue;
|
|
329423
|
+
}
|
|
329424
|
+
if (char === '"') {
|
|
329425
|
+
inString = !inString;
|
|
329426
|
+
continue;
|
|
329427
|
+
}
|
|
329428
|
+
if (inString) {
|
|
329429
|
+
continue;
|
|
329430
|
+
}
|
|
329431
|
+
if (char === openChar) {
|
|
329432
|
+
depth++;
|
|
329433
|
+
} else if (char === closeChar) {
|
|
329434
|
+
depth--;
|
|
329435
|
+
if (depth === 0) {
|
|
329436
|
+
endPos = i5 + 1;
|
|
329437
|
+
break;
|
|
329438
|
+
}
|
|
329439
|
+
}
|
|
329440
|
+
}
|
|
329441
|
+
if (endPos <= 0 || endPos >= trimmed.length) {
|
|
329442
|
+
return null;
|
|
329443
|
+
}
|
|
329444
|
+
const remainder = trimmed.substring(endPos).trim();
|
|
329445
|
+
if (remainder.length === 0) {
|
|
329446
|
+
return null;
|
|
329447
|
+
}
|
|
329448
|
+
const prefix = trimmed.substring(0, endPos);
|
|
329449
|
+
try {
|
|
329450
|
+
const parsed = JSON.parse(prefix);
|
|
329451
|
+
if (debug) {
|
|
329452
|
+
console.log(`[DEBUG] tryExtractValidJsonPrefix: Extracted valid JSON prefix (${prefix.length} chars), stripped trailing content (${remainder.length} chars)`);
|
|
329453
|
+
}
|
|
329454
|
+
if (schema) {
|
|
329455
|
+
const schemaValidation = validateJsonResponse(prefix, { debug, schema });
|
|
329456
|
+
if (!schemaValidation.isValid) {
|
|
329457
|
+
if (debug) {
|
|
329458
|
+
console.log(`[DEBUG] tryExtractValidJsonPrefix: Prefix is valid JSON but fails schema validation: ${schemaValidation.error}`);
|
|
329459
|
+
}
|
|
329460
|
+
return null;
|
|
329461
|
+
}
|
|
329462
|
+
}
|
|
329463
|
+
return { isValid: true, parsed, extracted: prefix };
|
|
329464
|
+
} catch {
|
|
329465
|
+
return null;
|
|
329466
|
+
}
|
|
329467
|
+
}
|
|
329191
329468
|
function validateXmlResponse(response) {
|
|
329192
329469
|
const xmlPattern = /<\/?[\w\s="'.-]+>/g;
|
|
329193
329470
|
const tags = response.match(xmlPattern);
|
|
@@ -331289,7 +331566,7 @@ function parseXmlMcpToolCall(xmlString, mcpToolNames = []) {
|
|
|
331289
331566
|
let match2;
|
|
331290
331567
|
while ((match2 = paramPattern.exec(content)) !== null) {
|
|
331291
331568
|
const [, paramName, paramValue] = match2;
|
|
331292
|
-
params[paramName] = paramValue.trim();
|
|
331569
|
+
params[paramName] = unescapeXmlEntities(paramValue.trim());
|
|
331293
331570
|
}
|
|
331294
331571
|
}
|
|
331295
331572
|
return { toolName, params };
|
|
@@ -331339,7 +331616,7 @@ function parseNativeXmlTool(xmlString, toolName) {
|
|
|
331339
331616
|
while ((match2 = paramPattern.exec(content)) !== null) {
|
|
331340
331617
|
const [, paramName, paramValue] = match2;
|
|
331341
331618
|
if (paramName !== "params") {
|
|
331342
|
-
params[paramName] = paramValue.trim();
|
|
331619
|
+
params[paramName] = unescapeXmlEntities(paramValue.trim());
|
|
331343
331620
|
}
|
|
331344
331621
|
}
|
|
331345
331622
|
if (Object.keys(params).length > 0) {
|
|
@@ -331354,6 +331631,7 @@ var init_xmlBridge = __esm({
|
|
|
331354
331631
|
init_client2();
|
|
331355
331632
|
init_config();
|
|
331356
331633
|
init_xmlParsingUtils();
|
|
331634
|
+
init_common2();
|
|
331357
331635
|
MCPXmlBridge = class {
|
|
331358
331636
|
constructor(options = {}) {
|
|
331359
331637
|
this.debug = options.debug || false;
|
|
@@ -339567,10 +339845,10 @@ var init_FallbackManager = __esm({
|
|
|
339567
339845
|
// Use custom provider list
|
|
339568
339846
|
};
|
|
339569
339847
|
DEFAULT_MODELS = {
|
|
339570
|
-
anthropic: "claude-sonnet-4-
|
|
339571
|
-
openai: "gpt-
|
|
339572
|
-
google: "gemini-2.
|
|
339573
|
-
bedrock: "anthropic.claude-sonnet-4-
|
|
339848
|
+
anthropic: "claude-sonnet-4-6",
|
|
339849
|
+
openai: "gpt-5.2",
|
|
339850
|
+
google: "gemini-2.5-flash",
|
|
339851
|
+
bedrock: "anthropic.claude-sonnet-4-6"
|
|
339574
339852
|
};
|
|
339575
339853
|
FallbackManager = class {
|
|
339576
339854
|
/**
|
|
@@ -349987,95 +350265,102 @@ var init_bashDefaults = __esm({
|
|
|
349987
350265
|
"dir",
|
|
349988
350266
|
"pwd",
|
|
349989
350267
|
"cd",
|
|
349990
|
-
"cd:*",
|
|
349991
350268
|
// File reading commands
|
|
349992
350269
|
"cat",
|
|
349993
|
-
"cat:*",
|
|
349994
350270
|
"head",
|
|
349995
|
-
"head:*",
|
|
349996
350271
|
"tail",
|
|
349997
|
-
"tail:*",
|
|
349998
350272
|
"less",
|
|
349999
350273
|
"more",
|
|
350000
350274
|
"view",
|
|
350001
350275
|
// File information and metadata
|
|
350002
350276
|
"file",
|
|
350003
|
-
"file:*",
|
|
350004
350277
|
"stat",
|
|
350005
|
-
"stat:*",
|
|
350006
350278
|
"wc",
|
|
350007
|
-
"wc:*",
|
|
350008
350279
|
"du",
|
|
350009
|
-
"du:*",
|
|
350010
350280
|
"df",
|
|
350011
|
-
"df:*",
|
|
350012
350281
|
"realpath",
|
|
350013
|
-
|
|
350014
|
-
//
|
|
350282
|
+
// Search and find commands (read-only)
|
|
350283
|
+
// Note: bare 'find' allows all find variants; dangerous ones (find -exec) are blocked by deny list
|
|
350015
350284
|
"find",
|
|
350016
|
-
"find:-name:*",
|
|
350017
|
-
"find:-type:*",
|
|
350018
|
-
"find:-size:*",
|
|
350019
|
-
"find:-mtime:*",
|
|
350020
|
-
"find:-newer:*",
|
|
350021
|
-
"find:-path:*",
|
|
350022
|
-
"find:-iname:*",
|
|
350023
|
-
"find:-maxdepth:*",
|
|
350024
|
-
"find:-mindepth:*",
|
|
350025
|
-
"find:-print",
|
|
350026
350285
|
"grep",
|
|
350027
|
-
"grep:*",
|
|
350028
350286
|
"egrep",
|
|
350029
|
-
"egrep:*",
|
|
350030
350287
|
"fgrep",
|
|
350031
|
-
"fgrep:*",
|
|
350032
350288
|
"rg",
|
|
350033
|
-
"rg:*",
|
|
350034
350289
|
"ag",
|
|
350035
|
-
"ag:*",
|
|
350036
350290
|
"ack",
|
|
350037
|
-
"ack:*",
|
|
350038
350291
|
"which",
|
|
350039
|
-
"which:*",
|
|
350040
350292
|
"whereis",
|
|
350041
|
-
"whereis:*",
|
|
350042
350293
|
"locate",
|
|
350043
|
-
"locate:*",
|
|
350044
350294
|
"type",
|
|
350045
|
-
"type:*",
|
|
350046
350295
|
"command",
|
|
350047
|
-
"command:*",
|
|
350048
350296
|
// Tree and structure visualization
|
|
350049
350297
|
"tree",
|
|
350050
|
-
"tree:*",
|
|
350051
350298
|
// Git read-only operations
|
|
350052
350299
|
"git:status",
|
|
350053
350300
|
"git:log",
|
|
350054
|
-
"git:log:*",
|
|
350055
350301
|
"git:diff",
|
|
350056
|
-
"git:diff:*",
|
|
350057
350302
|
"git:show",
|
|
350058
|
-
"git:show:*",
|
|
350059
350303
|
"git:branch",
|
|
350060
|
-
"git:branch:*",
|
|
350061
350304
|
"git:tag",
|
|
350062
|
-
"git:tag:*",
|
|
350063
350305
|
"git:describe",
|
|
350064
|
-
"git:describe:*",
|
|
350065
350306
|
"git:remote",
|
|
350066
|
-
"git:
|
|
350067
|
-
"git:config:*",
|
|
350307
|
+
"git:config",
|
|
350068
350308
|
"git:blame",
|
|
350069
|
-
"git:blame:*",
|
|
350070
350309
|
"git:shortlog",
|
|
350071
350310
|
"git:reflog",
|
|
350072
350311
|
"git:ls-files",
|
|
350073
350312
|
"git:ls-tree",
|
|
350313
|
+
"git:ls-remote",
|
|
350074
350314
|
"git:rev-parse",
|
|
350075
350315
|
"git:rev-list",
|
|
350316
|
+
"git:cat-file",
|
|
350317
|
+
"git:diff-tree",
|
|
350318
|
+
"git:diff-files",
|
|
350319
|
+
"git:diff-index",
|
|
350320
|
+
"git:for-each-ref",
|
|
350321
|
+
"git:merge-base",
|
|
350322
|
+
"git:name-rev",
|
|
350323
|
+
"git:count-objects",
|
|
350324
|
+
"git:verify-commit",
|
|
350325
|
+
"git:verify-tag",
|
|
350326
|
+
"git:check-ignore",
|
|
350327
|
+
"git:check-attr",
|
|
350328
|
+
"git:stash:list",
|
|
350329
|
+
"git:stash:show",
|
|
350330
|
+
"git:worktree:list",
|
|
350331
|
+
"git:notes:list",
|
|
350332
|
+
"git:notes:show",
|
|
350076
350333
|
"git:--version",
|
|
350077
350334
|
"git:help",
|
|
350078
|
-
|
|
350335
|
+
// GitHub CLI (gh) read-only operations
|
|
350336
|
+
"gh:--version",
|
|
350337
|
+
"gh:help",
|
|
350338
|
+
"gh:status",
|
|
350339
|
+
"gh:auth:status",
|
|
350340
|
+
"gh:issue:list",
|
|
350341
|
+
"gh:issue:view",
|
|
350342
|
+
"gh:issue:status",
|
|
350343
|
+
"gh:pr:list",
|
|
350344
|
+
"gh:pr:view",
|
|
350345
|
+
"gh:pr:status",
|
|
350346
|
+
"gh:pr:diff",
|
|
350347
|
+
"gh:pr:checks",
|
|
350348
|
+
"gh:repo:list",
|
|
350349
|
+
"gh:repo:view",
|
|
350350
|
+
"gh:release:list",
|
|
350351
|
+
"gh:release:view",
|
|
350352
|
+
"gh:run:list",
|
|
350353
|
+
"gh:run:view",
|
|
350354
|
+
"gh:workflow:list",
|
|
350355
|
+
"gh:workflow:view",
|
|
350356
|
+
"gh:gist:list",
|
|
350357
|
+
"gh:gist:view",
|
|
350358
|
+
"gh:search:issues",
|
|
350359
|
+
"gh:search:prs",
|
|
350360
|
+
"gh:search:repos",
|
|
350361
|
+
"gh:search:code",
|
|
350362
|
+
"gh:search:commits",
|
|
350363
|
+
"gh:api",
|
|
350079
350364
|
// Package managers (information only)
|
|
350080
350365
|
"npm:list",
|
|
350081
350366
|
"npm:ls",
|
|
@@ -350136,7 +350421,6 @@ var init_bashDefaults = __esm({
|
|
|
350136
350421
|
"sqlite3:--version",
|
|
350137
350422
|
// System information
|
|
350138
350423
|
"uname",
|
|
350139
|
-
"uname:*",
|
|
350140
350424
|
"hostname",
|
|
350141
350425
|
"whoami",
|
|
350142
350426
|
"id",
|
|
@@ -350147,23 +350431,17 @@ var init_bashDefaults = __esm({
|
|
|
350147
350431
|
"w",
|
|
350148
350432
|
"users",
|
|
350149
350433
|
"sleep",
|
|
350150
|
-
"sleep:*",
|
|
350151
350434
|
// Environment and shell
|
|
350152
350435
|
"env",
|
|
350153
350436
|
"printenv",
|
|
350154
350437
|
"echo",
|
|
350155
|
-
"echo:*",
|
|
350156
350438
|
"printf",
|
|
350157
|
-
"printf:*",
|
|
350158
350439
|
"export",
|
|
350159
|
-
"export:*",
|
|
350160
350440
|
"set",
|
|
350161
350441
|
"unset",
|
|
350162
350442
|
// Process information (read-only)
|
|
350163
350443
|
"ps",
|
|
350164
|
-
"ps:*",
|
|
350165
350444
|
"pgrep",
|
|
350166
|
-
"pgrep:*",
|
|
350167
350445
|
"jobs",
|
|
350168
350446
|
"top:-n:1",
|
|
350169
350447
|
// Network information (read-only)
|
|
@@ -350178,39 +350456,24 @@ var init_bashDefaults = __esm({
|
|
|
350178
350456
|
// Text processing and utilities (awk removed - too powerful)
|
|
350179
350457
|
"sed:-n:*",
|
|
350180
350458
|
"cut",
|
|
350181
|
-
"cut:*",
|
|
350182
350459
|
"sort",
|
|
350183
|
-
"sort:*",
|
|
350184
350460
|
"uniq",
|
|
350185
|
-
"uniq:*",
|
|
350186
350461
|
"tr",
|
|
350187
|
-
"tr:*",
|
|
350188
350462
|
"column",
|
|
350189
|
-
"column:*",
|
|
350190
350463
|
"paste",
|
|
350191
|
-
"paste:*",
|
|
350192
350464
|
"join",
|
|
350193
|
-
"join:*",
|
|
350194
350465
|
"comm",
|
|
350195
|
-
"comm:*",
|
|
350196
350466
|
"diff",
|
|
350197
|
-
"diff:*",
|
|
350198
350467
|
"cmp",
|
|
350199
|
-
"cmp:*",
|
|
350200
350468
|
"patch:--dry-run:*",
|
|
350201
350469
|
// Hashing and encoding (read-only)
|
|
350202
350470
|
"md5sum",
|
|
350203
|
-
"md5sum:*",
|
|
350204
350471
|
"sha1sum",
|
|
350205
|
-
"sha1sum:*",
|
|
350206
350472
|
"sha256sum",
|
|
350207
|
-
"sha256sum:*",
|
|
350208
350473
|
"base64",
|
|
350209
350474
|
"base64:-d",
|
|
350210
350475
|
"od",
|
|
350211
|
-
"od:*",
|
|
350212
350476
|
"hexdump",
|
|
350213
|
-
"hexdump:*",
|
|
350214
350477
|
// Archive and compression (list/view only)
|
|
350215
350478
|
"tar:-tf:*",
|
|
350216
350479
|
"tar:-tzf:*",
|
|
@@ -350220,15 +350483,11 @@ var init_bashDefaults = __esm({
|
|
|
350220
350483
|
"gunzip:-l:*",
|
|
350221
350484
|
// Help and documentation
|
|
350222
350485
|
"man",
|
|
350223
|
-
"man:*",
|
|
350224
350486
|
"--help",
|
|
350225
350487
|
"help",
|
|
350226
350488
|
"info",
|
|
350227
|
-
"info:*",
|
|
350228
350489
|
"whatis",
|
|
350229
|
-
"whatis:*",
|
|
350230
350490
|
"apropos",
|
|
350231
|
-
"apropos:*",
|
|
350232
350491
|
// Make (dry run and info)
|
|
350233
350492
|
"make:-n",
|
|
350234
350493
|
"make:--dry-run",
|
|
@@ -350251,36 +350510,30 @@ var init_bashDefaults = __esm({
|
|
|
350251
350510
|
"rm:-rf",
|
|
350252
350511
|
"rm:-f:/",
|
|
350253
350512
|
"rm:/",
|
|
350254
|
-
"rm:-rf:*",
|
|
350255
350513
|
"rmdir",
|
|
350256
350514
|
"chmod:777",
|
|
350257
350515
|
"chmod:-R:777",
|
|
350258
350516
|
"chown",
|
|
350259
350517
|
"chgrp",
|
|
350260
350518
|
"dd",
|
|
350261
|
-
"dd:*",
|
|
350262
350519
|
"shred",
|
|
350263
|
-
"shred:*",
|
|
350264
350520
|
// Dangerous find operations that can execute arbitrary commands
|
|
350265
|
-
"find:-exec
|
|
350266
|
-
"find:*:-exec
|
|
350267
|
-
"find:-execdir
|
|
350268
|
-
"find:*:-execdir
|
|
350269
|
-
"find:-ok
|
|
350270
|
-
"find:*:-ok
|
|
350271
|
-
"find:-okdir
|
|
350272
|
-
"find:*:-okdir
|
|
350521
|
+
"find:-exec",
|
|
350522
|
+
"find:*:-exec",
|
|
350523
|
+
"find:-execdir",
|
|
350524
|
+
"find:*:-execdir",
|
|
350525
|
+
"find:-ok",
|
|
350526
|
+
"find:*:-ok",
|
|
350527
|
+
"find:-okdir",
|
|
350528
|
+
"find:*:-okdir",
|
|
350273
350529
|
// Powerful scripting tools that can execute arbitrary commands
|
|
350274
350530
|
"awk",
|
|
350275
|
-
"awk:*",
|
|
350276
350531
|
"perl",
|
|
350277
|
-
"perl:*",
|
|
350278
350532
|
"python:-c:*",
|
|
350279
350533
|
"node:-e:*",
|
|
350280
350534
|
// System administration and modification
|
|
350281
|
-
"sudo
|
|
350535
|
+
"sudo",
|
|
350282
350536
|
"su",
|
|
350283
|
-
"su:*",
|
|
350284
350537
|
"passwd",
|
|
350285
350538
|
"adduser",
|
|
350286
350539
|
"useradd",
|
|
@@ -350318,11 +350571,11 @@ var init_bashDefaults = __esm({
|
|
|
350318
350571
|
"composer:install",
|
|
350319
350572
|
"composer:update",
|
|
350320
350573
|
"composer:remove",
|
|
350321
|
-
"apt
|
|
350322
|
-
"apt-get
|
|
350323
|
-
"yum
|
|
350324
|
-
"dnf
|
|
350325
|
-
"zypper
|
|
350574
|
+
"apt",
|
|
350575
|
+
"apt-get",
|
|
350576
|
+
"yum",
|
|
350577
|
+
"dnf",
|
|
350578
|
+
"zypper",
|
|
350326
350579
|
"brew:install",
|
|
350327
350580
|
"brew:uninstall",
|
|
350328
350581
|
"brew:upgrade",
|
|
@@ -350330,11 +350583,11 @@ var init_bashDefaults = __esm({
|
|
|
350330
350583
|
"conda:remove",
|
|
350331
350584
|
"conda:update",
|
|
350332
350585
|
// Service and system control
|
|
350333
|
-
"systemctl
|
|
350334
|
-
"service
|
|
350335
|
-
"chkconfig
|
|
350336
|
-
"initctl
|
|
350337
|
-
"upstart
|
|
350586
|
+
"systemctl",
|
|
350587
|
+
"service",
|
|
350588
|
+
"chkconfig",
|
|
350589
|
+
"initctl",
|
|
350590
|
+
"upstart",
|
|
350338
350591
|
// Network operations that could be dangerous
|
|
350339
350592
|
"curl:-d:*",
|
|
350340
350593
|
"curl:--data:*",
|
|
@@ -350343,32 +350596,21 @@ var init_bashDefaults = __esm({
|
|
|
350343
350596
|
"wget:-O:/",
|
|
350344
350597
|
"wget:--post-data:*",
|
|
350345
350598
|
"ssh",
|
|
350346
|
-
"ssh:*",
|
|
350347
350599
|
"scp",
|
|
350348
|
-
"scp:*",
|
|
350349
350600
|
"sftp",
|
|
350350
|
-
"
|
|
350351
|
-
"rsync:*",
|
|
350601
|
+
"rsync",
|
|
350352
350602
|
"nc",
|
|
350353
|
-
"nc:*",
|
|
350354
350603
|
"netcat",
|
|
350355
|
-
"netcat:*",
|
|
350356
350604
|
"telnet",
|
|
350357
|
-
"telnet:*",
|
|
350358
350605
|
"ftp",
|
|
350359
|
-
"ftp:*",
|
|
350360
350606
|
// Process control and termination
|
|
350361
350607
|
"kill",
|
|
350362
|
-
"kill:*",
|
|
350363
350608
|
"killall",
|
|
350364
|
-
"killall:*",
|
|
350365
350609
|
"pkill",
|
|
350366
|
-
"
|
|
350367
|
-
"
|
|
350368
|
-
"disown:*",
|
|
350610
|
+
"nohup",
|
|
350611
|
+
"disown",
|
|
350369
350612
|
// System control and shutdown
|
|
350370
350613
|
"shutdown",
|
|
350371
|
-
"shutdown:*",
|
|
350372
350614
|
"reboot",
|
|
350373
350615
|
"halt",
|
|
350374
350616
|
"poweroff",
|
|
@@ -350376,50 +350618,92 @@ var init_bashDefaults = __esm({
|
|
|
350376
350618
|
"telinit",
|
|
350377
350619
|
// Kernel and module operations
|
|
350378
350620
|
"insmod",
|
|
350379
|
-
"insmod:*",
|
|
350380
350621
|
"rmmod",
|
|
350381
|
-
"rmmod:*",
|
|
350382
350622
|
"modprobe",
|
|
350383
|
-
"modprobe:*",
|
|
350384
350623
|
"sysctl:-w:*",
|
|
350385
350624
|
// Dangerous git operations
|
|
350386
350625
|
"git:push",
|
|
350387
|
-
"git:push:*",
|
|
350388
350626
|
"git:force",
|
|
350389
|
-
"git:reset
|
|
350390
|
-
"git:clean
|
|
350391
|
-
"git:rm
|
|
350627
|
+
"git:reset",
|
|
350628
|
+
"git:clean",
|
|
350629
|
+
"git:rm",
|
|
350392
350630
|
"git:commit",
|
|
350393
350631
|
"git:merge",
|
|
350394
350632
|
"git:rebase",
|
|
350395
350633
|
"git:cherry-pick",
|
|
350396
350634
|
"git:stash:drop",
|
|
350635
|
+
"git:stash:pop",
|
|
350636
|
+
"git:stash:push",
|
|
350637
|
+
"git:stash:clear",
|
|
350638
|
+
"git:branch:-d",
|
|
350639
|
+
"git:branch:-D",
|
|
350640
|
+
"git:branch:--delete",
|
|
350641
|
+
"git:tag:-d",
|
|
350642
|
+
"git:tag:--delete",
|
|
350643
|
+
"git:remote:remove",
|
|
350644
|
+
"git:remote:rm",
|
|
350645
|
+
"git:checkout:--force",
|
|
350646
|
+
"git:checkout:-f",
|
|
350647
|
+
"git:submodule:deinit",
|
|
350648
|
+
"git:notes:add",
|
|
350649
|
+
"git:notes:remove",
|
|
350650
|
+
"git:worktree:add",
|
|
350651
|
+
"git:worktree:remove",
|
|
350652
|
+
// Dangerous GitHub CLI (gh) write operations
|
|
350653
|
+
"gh:issue:create",
|
|
350654
|
+
"gh:issue:close",
|
|
350655
|
+
"gh:issue:delete",
|
|
350656
|
+
"gh:issue:edit",
|
|
350657
|
+
"gh:issue:reopen",
|
|
350658
|
+
"gh:issue:comment",
|
|
350659
|
+
"gh:pr:create",
|
|
350660
|
+
"gh:pr:close",
|
|
350661
|
+
"gh:pr:merge",
|
|
350662
|
+
"gh:pr:edit",
|
|
350663
|
+
"gh:pr:reopen",
|
|
350664
|
+
"gh:pr:review",
|
|
350665
|
+
"gh:pr:comment",
|
|
350666
|
+
"gh:repo:create",
|
|
350667
|
+
"gh:repo:delete",
|
|
350668
|
+
"gh:repo:fork",
|
|
350669
|
+
"gh:repo:rename",
|
|
350670
|
+
"gh:repo:archive",
|
|
350671
|
+
"gh:repo:clone",
|
|
350672
|
+
"gh:release:create",
|
|
350673
|
+
"gh:release:delete",
|
|
350674
|
+
"gh:release:edit",
|
|
350675
|
+
"gh:run:cancel",
|
|
350676
|
+
"gh:run:rerun",
|
|
350677
|
+
"gh:workflow:run",
|
|
350678
|
+
"gh:workflow:enable",
|
|
350679
|
+
"gh:workflow:disable",
|
|
350680
|
+
"gh:gist:create",
|
|
350681
|
+
"gh:gist:delete",
|
|
350682
|
+
"gh:gist:edit",
|
|
350683
|
+
"gh:secret:set",
|
|
350684
|
+
"gh:secret:delete",
|
|
350685
|
+
"gh:variable:set",
|
|
350686
|
+
"gh:variable:delete",
|
|
350687
|
+
"gh:label:create",
|
|
350688
|
+
"gh:label:delete",
|
|
350689
|
+
"gh:ssh-key:add",
|
|
350690
|
+
"gh:ssh-key:delete",
|
|
350397
350691
|
// File system mounting and partitioning
|
|
350398
350692
|
"mount",
|
|
350399
|
-
"mount:*",
|
|
350400
350693
|
"umount",
|
|
350401
|
-
"umount:*",
|
|
350402
350694
|
"fdisk",
|
|
350403
|
-
"fdisk:*",
|
|
350404
350695
|
"parted",
|
|
350405
|
-
"parted:*",
|
|
350406
350696
|
"mkfs",
|
|
350407
|
-
"mkfs:*",
|
|
350408
350697
|
"fsck",
|
|
350409
|
-
"fsck:*",
|
|
350410
350698
|
// Cron and scheduling
|
|
350411
350699
|
"crontab",
|
|
350412
|
-
"crontab:*",
|
|
350413
350700
|
"at",
|
|
350414
|
-
"at:*",
|
|
350415
350701
|
"batch",
|
|
350416
|
-
"batch:*",
|
|
350417
350702
|
// Compression with potential overwrite
|
|
350418
350703
|
"tar:-xf:*",
|
|
350419
350704
|
"unzip",
|
|
350420
|
-
"
|
|
350421
|
-
"
|
|
350422
|
-
"gunzip:*",
|
|
350705
|
+
"gzip",
|
|
350706
|
+
"gunzip",
|
|
350423
350707
|
// Build and compilation that might modify files
|
|
350424
350708
|
"make",
|
|
350425
350709
|
"make:install",
|
|
@@ -350432,11 +350716,8 @@ var init_bashDefaults = __esm({
|
|
|
350432
350716
|
"gradle:build",
|
|
350433
350717
|
// Docker operations that could modify state
|
|
350434
350718
|
"docker:run",
|
|
350435
|
-
"docker:run:*",
|
|
350436
350719
|
"docker:exec",
|
|
350437
|
-
"docker:exec:*",
|
|
350438
350720
|
"docker:build",
|
|
350439
|
-
"docker:build:*",
|
|
350440
350721
|
"docker:pull",
|
|
350441
350722
|
"docker:push",
|
|
350442
350723
|
"docker:rm",
|
|
@@ -350450,22 +350731,15 @@ var init_bashDefaults = __esm({
|
|
|
350450
350731
|
"mongo:--eval:*",
|
|
350451
350732
|
// Text editors that could modify files
|
|
350452
350733
|
"vi",
|
|
350453
|
-
"vi:*",
|
|
350454
350734
|
"vim",
|
|
350455
|
-
"vim:*",
|
|
350456
350735
|
"nano",
|
|
350457
|
-
"nano:*",
|
|
350458
350736
|
"emacs",
|
|
350459
|
-
"emacs:*",
|
|
350460
350737
|
"sed:-i:*",
|
|
350461
350738
|
"perl:-i:*",
|
|
350462
350739
|
// Potentially dangerous utilities
|
|
350463
350740
|
"eval",
|
|
350464
|
-
"eval:*",
|
|
350465
350741
|
"exec",
|
|
350466
|
-
"exec:*",
|
|
350467
350742
|
"source",
|
|
350468
|
-
"source:*",
|
|
350469
350743
|
"bash:-c:*",
|
|
350470
350744
|
"sh:-c:*",
|
|
350471
350745
|
"zsh:-c:*"
|
|
@@ -350744,9 +351018,19 @@ var init_bashPermissions = __esm({
|
|
|
350744
351018
|
BashPermissionChecker = class {
|
|
350745
351019
|
/**
|
|
350746
351020
|
* Create a permission checker
|
|
351021
|
+
*
|
|
351022
|
+
* Priority order (highest to lowest):
|
|
351023
|
+
* 1. Custom deny — always blocks (user explicitly blocked it)
|
|
351024
|
+
* 2. Custom allow — overrides default deny (user explicitly allowed it)
|
|
351025
|
+
* 3. Default deny — blocks by default
|
|
351026
|
+
* 4. Allow list — allows recognized safe commands
|
|
351027
|
+
*
|
|
351028
|
+
* This means `--bash-allow "git:push"` overrides the default deny for git:push
|
|
351029
|
+
* without requiring `--no-default-bash-deny`.
|
|
351030
|
+
*
|
|
350747
351031
|
* @param {Object} config - Configuration options
|
|
350748
|
-
* @param {string[]} [config.allow] - Additional allow patterns
|
|
350749
|
-
* @param {string[]} [config.deny] - Additional deny patterns
|
|
351032
|
+
* @param {string[]} [config.allow] - Additional allow patterns (override default deny)
|
|
351033
|
+
* @param {string[]} [config.deny] - Additional deny patterns (always win)
|
|
350750
351034
|
* @param {boolean} [config.disableDefaultAllow] - Disable default allow list
|
|
350751
351035
|
* @param {boolean} [config.disableDefaultDeny] - Disable default deny list
|
|
350752
351036
|
* @param {boolean} [config.debug] - Enable debug logging
|
|
@@ -350755,40 +351039,22 @@ var init_bashPermissions = __esm({
|
|
|
350755
351039
|
constructor(config = {}) {
|
|
350756
351040
|
this.debug = config.debug || false;
|
|
350757
351041
|
this.tracer = config.tracer || null;
|
|
350758
|
-
this.
|
|
350759
|
-
|
|
350760
|
-
|
|
350761
|
-
|
|
350762
|
-
|
|
350763
|
-
|
|
350764
|
-
}
|
|
350765
|
-
if (config.allow && Array.isArray(config.allow)) {
|
|
350766
|
-
this.allowPatterns.push(...config.allow);
|
|
350767
|
-
if (this.debug) {
|
|
350768
|
-
console.log(`[BashPermissions] Added ${config.allow.length} custom allow patterns:`, config.allow);
|
|
350769
|
-
}
|
|
350770
|
-
}
|
|
350771
|
-
this.denyPatterns = [];
|
|
350772
|
-
if (!config.disableDefaultDeny) {
|
|
350773
|
-
this.denyPatterns.push(...DEFAULT_DENY_PATTERNS);
|
|
350774
|
-
if (this.debug) {
|
|
350775
|
-
console.log(`[BashPermissions] Added ${DEFAULT_DENY_PATTERNS.length} default deny patterns`);
|
|
350776
|
-
}
|
|
350777
|
-
}
|
|
350778
|
-
if (config.deny && Array.isArray(config.deny)) {
|
|
350779
|
-
this.denyPatterns.push(...config.deny);
|
|
350780
|
-
if (this.debug) {
|
|
350781
|
-
console.log(`[BashPermissions] Added ${config.deny.length} custom deny patterns:`, config.deny);
|
|
350782
|
-
}
|
|
350783
|
-
}
|
|
351042
|
+
this.defaultAllowPatterns = config.disableDefaultAllow ? [] : [...DEFAULT_ALLOW_PATTERNS];
|
|
351043
|
+
this.customAllowPatterns = config.allow && Array.isArray(config.allow) ? [...config.allow] : [];
|
|
351044
|
+
this.allowPatterns = [...this.defaultAllowPatterns, ...this.customAllowPatterns];
|
|
351045
|
+
this.defaultDenyPatterns = config.disableDefaultDeny ? [] : [...DEFAULT_DENY_PATTERNS];
|
|
351046
|
+
this.customDenyPatterns = config.deny && Array.isArray(config.deny) ? [...config.deny] : [];
|
|
351047
|
+
this.denyPatterns = [...this.defaultDenyPatterns, ...this.customDenyPatterns];
|
|
350784
351048
|
if (this.debug) {
|
|
351049
|
+
console.log(`[BashPermissions] Default allow: ${this.defaultAllowPatterns.length}, Custom allow: ${this.customAllowPatterns.length}`);
|
|
351050
|
+
console.log(`[BashPermissions] Default deny: ${this.defaultDenyPatterns.length}, Custom deny: ${this.customDenyPatterns.length}`);
|
|
350785
351051
|
console.log(`[BashPermissions] Total patterns - Allow: ${this.allowPatterns.length}, Deny: ${this.denyPatterns.length}`);
|
|
350786
351052
|
}
|
|
350787
351053
|
this.recordBashEvent("permissions.initialized", {
|
|
350788
351054
|
allowPatternCount: this.allowPatterns.length,
|
|
350789
351055
|
denyPatternCount: this.denyPatterns.length,
|
|
350790
|
-
hasCustomAllowPatterns:
|
|
350791
|
-
hasCustomDenyPatterns:
|
|
351056
|
+
hasCustomAllowPatterns: this.customAllowPatterns.length > 0,
|
|
351057
|
+
hasCustomDenyPatterns: this.customDenyPatterns.length > 0,
|
|
350792
351058
|
disableDefaultAllow: !!config.disableDefaultAllow,
|
|
350793
351059
|
disableDefaultDeny: !!config.disableDefaultDeny
|
|
350794
351060
|
});
|
|
@@ -350858,8 +351124,11 @@ var init_bashPermissions = __esm({
|
|
|
350858
351124
|
console.log(`[BashPermissions] Checking simple command: "${command}"`);
|
|
350859
351125
|
console.log(`[BashPermissions] Parsed: ${parsed.command} with args: [${parsed.args.join(", ")}]`);
|
|
350860
351126
|
}
|
|
350861
|
-
if (matchesAnyPattern(parsed, this.
|
|
350862
|
-
const matchedPatterns = this.
|
|
351127
|
+
if (matchesAnyPattern(parsed, this.customDenyPatterns)) {
|
|
351128
|
+
const matchedPatterns = this.customDenyPatterns.filter((pattern) => matchesPattern(parsed, pattern));
|
|
351129
|
+
if (this.debug) {
|
|
351130
|
+
console.log(`[BashPermissions] DENIED - matches custom deny pattern: ${matchedPatterns[0]}`);
|
|
351131
|
+
}
|
|
350863
351132
|
const result2 = {
|
|
350864
351133
|
allowed: false,
|
|
350865
351134
|
reason: `Command matches deny pattern: ${matchedPatterns[0]}`,
|
|
@@ -350872,7 +351141,31 @@ var init_bashPermissions = __esm({
|
|
|
350872
351141
|
parsedCommand: parsed.command,
|
|
350873
351142
|
reason: "matches_deny_pattern",
|
|
350874
351143
|
matchedPattern: matchedPatterns[0],
|
|
350875
|
-
isComplex: false
|
|
351144
|
+
isComplex: false,
|
|
351145
|
+
isCustomDeny: true
|
|
351146
|
+
});
|
|
351147
|
+
return result2;
|
|
351148
|
+
}
|
|
351149
|
+
const matchesCustomAllow = matchesAnyPattern(parsed, this.customAllowPatterns);
|
|
351150
|
+
if (!matchesCustomAllow && matchesAnyPattern(parsed, this.defaultDenyPatterns)) {
|
|
351151
|
+
const matchedPatterns = this.defaultDenyPatterns.filter((pattern) => matchesPattern(parsed, pattern));
|
|
351152
|
+
if (this.debug) {
|
|
351153
|
+
console.log(`[BashPermissions] DENIED - matches default deny pattern: ${matchedPatterns[0]}`);
|
|
351154
|
+
}
|
|
351155
|
+
const result2 = {
|
|
351156
|
+
allowed: false,
|
|
351157
|
+
reason: `Command matches deny pattern: ${matchedPatterns[0]}`,
|
|
351158
|
+
command,
|
|
351159
|
+
parsed,
|
|
351160
|
+
matchedPatterns
|
|
351161
|
+
};
|
|
351162
|
+
this.recordBashEvent("permission.denied", {
|
|
351163
|
+
command,
|
|
351164
|
+
parsedCommand: parsed.command,
|
|
351165
|
+
reason: "matches_deny_pattern",
|
|
351166
|
+
matchedPattern: matchedPatterns[0],
|
|
351167
|
+
isComplex: false,
|
|
351168
|
+
isCustomDeny: false
|
|
350876
351169
|
});
|
|
350877
351170
|
return result2;
|
|
350878
351171
|
}
|
|
@@ -350897,15 +351190,21 @@ var init_bashPermissions = __esm({
|
|
|
350897
351190
|
allowed: true,
|
|
350898
351191
|
command,
|
|
350899
351192
|
parsed,
|
|
350900
|
-
isComplex: false
|
|
351193
|
+
isComplex: false,
|
|
351194
|
+
overriddenDeny: matchesCustomAllow && matchesAnyPattern(parsed, this.defaultDenyPatterns)
|
|
350901
351195
|
};
|
|
350902
351196
|
if (this.debug) {
|
|
350903
|
-
|
|
351197
|
+
if (result.overriddenDeny) {
|
|
351198
|
+
console.log(`[BashPermissions] ALLOWED - custom allow overrides default deny`);
|
|
351199
|
+
} else {
|
|
351200
|
+
console.log(`[BashPermissions] ALLOWED - command passed all checks`);
|
|
351201
|
+
}
|
|
350904
351202
|
}
|
|
350905
351203
|
this.recordBashEvent("permission.allowed", {
|
|
350906
351204
|
command,
|
|
350907
351205
|
parsedCommand: parsed.command,
|
|
350908
|
-
isComplex: false
|
|
351206
|
+
isComplex: false,
|
|
351207
|
+
overriddenDeny: result.overriddenDeny || false
|
|
350909
351208
|
});
|
|
350910
351209
|
return result;
|
|
350911
351210
|
}
|
|
@@ -351074,9 +351373,19 @@ var init_bashPermissions = __esm({
|
|
|
351074
351373
|
deniedReason = parsed.error || "Component contains nested complex constructs";
|
|
351075
351374
|
break;
|
|
351076
351375
|
}
|
|
351077
|
-
if (matchesAnyPattern(parsed, this.
|
|
351376
|
+
if (matchesAnyPattern(parsed, this.customDenyPatterns)) {
|
|
351377
|
+
if (this.debug) {
|
|
351378
|
+
console.log(`[BashPermissions] Component "${component}" matches custom deny pattern`);
|
|
351379
|
+
}
|
|
351380
|
+
allAllowed = false;
|
|
351381
|
+
deniedComponent = component;
|
|
351382
|
+
deniedReason = "Component matches deny pattern";
|
|
351383
|
+
break;
|
|
351384
|
+
}
|
|
351385
|
+
const componentMatchesCustomAllow = matchesAnyPattern(parsed, this.customAllowPatterns);
|
|
351386
|
+
if (!componentMatchesCustomAllow && matchesAnyPattern(parsed, this.defaultDenyPatterns)) {
|
|
351078
351387
|
if (this.debug) {
|
|
351079
|
-
console.log(`[BashPermissions] Component "${component}" matches deny pattern`);
|
|
351388
|
+
console.log(`[BashPermissions] Component "${component}" matches default deny pattern`);
|
|
351080
351389
|
}
|
|
351081
351390
|
allAllowed = false;
|
|
351082
351391
|
deniedComponent = component;
|
|
@@ -351156,6 +351465,10 @@ var init_bashPermissions = __esm({
|
|
|
351156
351465
|
return {
|
|
351157
351466
|
allowPatterns: this.allowPatterns.length,
|
|
351158
351467
|
denyPatterns: this.denyPatterns.length,
|
|
351468
|
+
customAllowPatterns: this.customAllowPatterns.length,
|
|
351469
|
+
customDenyPatterns: this.customDenyPatterns.length,
|
|
351470
|
+
defaultAllowPatterns: this.defaultAllowPatterns.length,
|
|
351471
|
+
defaultDenyPatterns: this.defaultDenyPatterns.length,
|
|
351159
351472
|
totalPatterns: this.allowPatterns.length + this.denyPatterns.length
|
|
351160
351473
|
};
|
|
351161
351474
|
}
|
|
@@ -351538,8 +351851,8 @@ Common reasons:
|
|
|
351538
351851
|
2. The command is not in the allow list (not a recognized safe command)
|
|
351539
351852
|
|
|
351540
351853
|
If you believe this command should be allowed, you can:
|
|
351541
|
-
- Use the --bash-allow option to add specific patterns
|
|
351542
|
-
|
|
351854
|
+
- Use the --bash-allow option to add specific patterns (overrides default deny list)
|
|
351855
|
+
Example: --bash-allow "git:push" allows git push while keeping all other deny rules
|
|
351543
351856
|
|
|
351544
351857
|
For code exploration, try these safe alternatives:
|
|
351545
351858
|
- ls, cat, head, tail for file operations
|
|
@@ -354563,7 +354876,7 @@ var init_ProbeAgent = __esm({
|
|
|
354563
354876
|
}
|
|
354564
354877
|
this.clientApiProvider = "claude-code";
|
|
354565
354878
|
this.provider = null;
|
|
354566
|
-
this.model = this.clientApiModel || "claude-
|
|
354879
|
+
this.model = this.clientApiModel || "claude-sonnet-4-6";
|
|
354567
354880
|
this.apiType = "claude-code";
|
|
354568
354881
|
} else if (codexAvailable) {
|
|
354569
354882
|
if (this.debug) {
|
|
@@ -354572,7 +354885,7 @@ var init_ProbeAgent = __esm({
|
|
|
354572
354885
|
}
|
|
354573
354886
|
this.clientApiProvider = "codex";
|
|
354574
354887
|
this.provider = null;
|
|
354575
|
-
this.model = this.clientApiModel || "gpt-
|
|
354888
|
+
this.model = this.clientApiModel || "gpt-5.2";
|
|
354576
354889
|
this.apiType = "codex";
|
|
354577
354890
|
} else {
|
|
354578
354891
|
throw new Error("No API key provided and neither claude nor codex command found. Please either:\n1. Set an API key: ANTHROPIC_API_KEY, OPENAI_API_KEY, GOOGLE_GENERATIVE_AI_API_KEY, or AWS credentials\n2. Install claude command from https://docs.claude.com/en/docs/claude-code\n3. Install codex command from https://openai.com/codex");
|
|
@@ -354810,7 +355123,7 @@ var init_ProbeAgent = __esm({
|
|
|
354810
355123
|
}
|
|
354811
355124
|
if (this.clientApiProvider === "claude-code" || process.env.USE_CLAUDE_CODE === "true") {
|
|
354812
355125
|
this.provider = null;
|
|
354813
|
-
this.model = modelName || "claude-
|
|
355126
|
+
this.model = modelName || "claude-sonnet-4-6";
|
|
354814
355127
|
this.apiType = "claude-code";
|
|
354815
355128
|
if (this.debug) {
|
|
354816
355129
|
console.log("[DEBUG] Claude Code engine selected - will use built-in access if available");
|
|
@@ -355177,7 +355490,7 @@ var init_ProbeAgent = __esm({
|
|
|
355177
355490
|
apiKey,
|
|
355178
355491
|
...apiUrl && { baseURL: apiUrl }
|
|
355179
355492
|
});
|
|
355180
|
-
this.model = modelName || "claude-sonnet-4-
|
|
355493
|
+
this.model = modelName || "claude-sonnet-4-6";
|
|
355181
355494
|
this.apiType = "anthropic";
|
|
355182
355495
|
if (this.debug) {
|
|
355183
355496
|
console.log(`Using Anthropic API with model: ${this.model}${apiUrl ? ` (URL: ${apiUrl})` : ""}`);
|
|
@@ -355192,7 +355505,7 @@ var init_ProbeAgent = __esm({
|
|
|
355192
355505
|
apiKey,
|
|
355193
355506
|
...apiUrl && { baseURL: apiUrl }
|
|
355194
355507
|
});
|
|
355195
|
-
this.model = modelName || "gpt-5
|
|
355508
|
+
this.model = modelName || "gpt-5.2";
|
|
355196
355509
|
this.apiType = "openai";
|
|
355197
355510
|
if (this.debug) {
|
|
355198
355511
|
console.log(`Using OpenAI API with model: ${this.model}${apiUrl ? ` (URL: ${apiUrl})` : ""}`);
|
|
@@ -355296,7 +355609,7 @@ var init_ProbeAgent = __esm({
|
|
|
355296
355609
|
config.baseURL = baseURL;
|
|
355297
355610
|
}
|
|
355298
355611
|
this.provider = createAmazonBedrock(config);
|
|
355299
|
-
this.model = modelName || "anthropic.claude-sonnet-4-
|
|
355612
|
+
this.model = modelName || "anthropic.claude-sonnet-4-6";
|
|
355300
355613
|
this.apiType = "bedrock";
|
|
355301
355614
|
if (this.debug) {
|
|
355302
355615
|
const authMethod = apiKey ? "API Key" : "AWS Credentials";
|
|
@@ -355355,7 +355668,7 @@ var init_ProbeAgent = __esm({
|
|
|
355355
355668
|
allowedTools: this.allowedTools,
|
|
355356
355669
|
// Pass tool filtering configuration
|
|
355357
355670
|
model: this.model
|
|
355358
|
-
// Pass model name (e.g., gpt-
|
|
355671
|
+
// Pass model name (e.g., gpt-5.2, o3, etc.)
|
|
355359
355672
|
});
|
|
355360
355673
|
if (this.debug) {
|
|
355361
355674
|
console.log("[DEBUG] Using Codex CLI engine with Probe tools");
|
|
@@ -356451,8 +356764,8 @@ You are working with a workspace. Available paths: ${workspaceDesc}
|
|
|
356451
356764
|
let currentIteration = 0;
|
|
356452
356765
|
let completionAttempted = false;
|
|
356453
356766
|
let finalResult = "I was unable to complete your request due to reaching the maximum number of tool iterations.";
|
|
356454
|
-
const baseMaxIterations = this.maxIterations || MAX_TOOL_ITERATIONS;
|
|
356455
|
-
const maxIterations = options.schema ? baseMaxIterations + 4 : baseMaxIterations;
|
|
356767
|
+
const baseMaxIterations = options._maxIterationsOverride || this.maxIterations || MAX_TOOL_ITERATIONS;
|
|
356768
|
+
const maxIterations = options._maxIterationsOverride ? baseMaxIterations : options.schema ? baseMaxIterations + 4 : baseMaxIterations;
|
|
356456
356769
|
const isClaudeCode = this.clientApiProvider === "claude-code" || process.env.USE_CLAUDE_CODE === "true";
|
|
356457
356770
|
const isCodex = this.clientApiProvider === "codex" || process.env.USE_CODEX === "true";
|
|
356458
356771
|
if (isClaudeCode) {
|
|
@@ -356610,9 +356923,7 @@ You are working with a workspace. Available paths: ${workspaceDesc}
|
|
|
356610
356923
|
let maxResponseTokens = this.maxResponseTokens;
|
|
356611
356924
|
if (!maxResponseTokens) {
|
|
356612
356925
|
maxResponseTokens = 4e3;
|
|
356613
|
-
if (this.model && this.model.includes("opus") || this.model && this.model.includes("sonnet") || this.model && this.model.startsWith("gpt-4-")) {
|
|
356614
|
-
maxResponseTokens = 8192;
|
|
356615
|
-
} else if (this.model && this.model.startsWith("gpt-4o")) {
|
|
356926
|
+
if (this.model && this.model.includes("opus") || this.model && this.model.includes("sonnet") || this.model && this.model.startsWith("gpt-4") || this.model && this.model.startsWith("gpt-5")) {
|
|
356616
356927
|
maxResponseTokens = 8192;
|
|
356617
356928
|
} else if (this.model && this.model.startsWith("gemini")) {
|
|
356618
356929
|
maxResponseTokens = 32e3;
|
|
@@ -357689,13 +358000,16 @@ Convert your previous response content into actual JSON data that follows this s
|
|
|
357689
358000
|
options.schema,
|
|
357690
358001
|
0
|
|
357691
358002
|
);
|
|
358003
|
+
const { schema: _unusedSchema1, ...schemaDefCorrectionOptions } = options;
|
|
357692
358004
|
finalResult = await this.answer(schemaDefinitionPrompt, [], {
|
|
357693
|
-
...
|
|
358005
|
+
...schemaDefCorrectionOptions,
|
|
357694
358006
|
_schemaFormatted: true,
|
|
357695
358007
|
_skipValidation: true,
|
|
357696
358008
|
// Skip validation in recursive correction calls to prevent loops
|
|
357697
|
-
_completionPromptProcessed: true
|
|
358009
|
+
_completionPromptProcessed: true,
|
|
357698
358010
|
// Prevent cascading completion prompts in retry calls
|
|
358011
|
+
_maxIterationsOverride: 3
|
|
358012
|
+
// Correction should complete in 1-2 iterations (issue #447)
|
|
357699
358013
|
});
|
|
357700
358014
|
finalResult = cleanSchemaResponse(finalResult);
|
|
357701
358015
|
validation = validateJsonResponse(finalResult);
|
|
@@ -357743,15 +358057,18 @@ Convert your previous response content into actual JSON data that follows this s
|
|
|
357743
358057
|
retryCount
|
|
357744
358058
|
);
|
|
357745
358059
|
}
|
|
358060
|
+
const { schema: _unusedSchema2, ...correctionOptions } = options;
|
|
357746
358061
|
finalResult = await this.answer(correctionPrompt, [], {
|
|
357747
|
-
...
|
|
358062
|
+
...correctionOptions,
|
|
357748
358063
|
_schemaFormatted: true,
|
|
357749
358064
|
_skipValidation: true,
|
|
357750
358065
|
// Skip validation in recursive correction calls to prevent loops
|
|
357751
358066
|
_disableTools: true,
|
|
357752
358067
|
// Only allow attempt_completion - prevent AI from using search/query tools
|
|
357753
|
-
_completionPromptProcessed: true
|
|
358068
|
+
_completionPromptProcessed: true,
|
|
357754
358069
|
// Prevent cascading completion prompts in retry calls
|
|
358070
|
+
_maxIterationsOverride: 3
|
|
358071
|
+
// Correction should complete in 1-2 iterations (issue #447)
|
|
357755
358072
|
});
|
|
357756
358073
|
finalResult = cleanSchemaResponse(finalResult);
|
|
357757
358074
|
validation = validateJsonResponse(finalResult, { debug: this.debug });
|
|
@@ -395790,7 +396107,7 @@ module.exports = /*#__PURE__*/JSON.parse('{"100":"Continue","101":"Switching Pro
|
|
|
395790
396107
|
/***/ ((module) => {
|
|
395791
396108
|
|
|
395792
396109
|
"use strict";
|
|
395793
|
-
module.exports = /*#__PURE__*/JSON.parse('{"name":"@probelabs/visor","version":"0.1.
|
|
396110
|
+
module.exports = /*#__PURE__*/JSON.parse('{"name":"@probelabs/visor","version":"0.1.138","main":"dist/index.js","bin":{"visor":"./dist/index.js"},"exports":{".":{"require":"./dist/index.js","import":"./dist/index.js"},"./sdk":{"types":"./dist/sdk/sdk.d.ts","import":"./dist/sdk/sdk.mjs","require":"./dist/sdk/sdk.js"},"./cli":{"require":"./dist/index.js"}},"files":["dist/","defaults/","action.yml","README.md","LICENSE"],"publishConfig":{"access":"public","registry":"https://registry.npmjs.org/"},"scripts":{"build:cli":"ncc build src/index.ts -o dist && cp -r defaults dist/ && cp -r output dist/ && cp -r docs dist/ && cp -r examples dist/ && cp -r src/debug-visualizer/ui dist/debug-visualizer/ && node scripts/inject-version.js && echo \'#!/usr/bin/env node\' | cat - dist/index.js > temp && mv temp dist/index.js && chmod +x dist/index.js","build:sdk":"tsup src/sdk.ts --dts --sourcemap --format esm,cjs --out-dir dist/sdk","build":"./scripts/build-oss.sh","build:ee":"npm run build:cli && npm run build:sdk","test":"jest && npm run test:yaml","test:unit":"jest","prepublishOnly":"npm run build","test:watch":"jest --watch","test:coverage":"jest --coverage","test:ee":"jest --testPathPatterns=\'tests/ee\' --testPathIgnorePatterns=\'/node_modules/\' --no-coverage","test:manual:bash":"RUN_MANUAL_TESTS=true jest tests/manual/bash-config-manual.test.ts","lint":"eslint src tests --ext .ts","lint:fix":"eslint src tests --ext .ts --fix","format":"prettier --write src tests","format:check":"prettier --check src tests","clean":"","clean:traces":"node scripts/clean-traces.js","prebuild":"npm run clean && node scripts/generate-config-schema.js","pretest":"npm run clean:traces && node scripts/generate-config-schema.js && npm run build:cli","pretest:unit":"npm run clean:traces && node scripts/generate-config-schema.js && npm run build:cli","test:with-build":"npm run build:cli && jest","test:yaml":"node dist/index.js test --progress compact","test:yaml:parallel":"node dist/index.js test --progress compact --max-parallel 4","prepare":"husky","pre-commit":"lint-staged","deploy:site":"cd site && npx wrangler pages deploy . --project-name=visor-site --commit-dirty=true","deploy:worker":"npx wrangler deploy","deploy":"npm run deploy:site && npm run deploy:worker","publish:ee":"./scripts/publish-ee.sh","release":"./scripts/release.sh","release:patch":"./scripts/release.sh patch","release:minor":"./scripts/release.sh minor","release:major":"./scripts/release.sh major","release:prerelease":"./scripts/release.sh prerelease","docs:validate":"node scripts/validate-readme-links.js","workshop:setup":"npm install -D reveal-md@6.1.2","workshop:serve":"cd workshop && reveal-md slides.md -w","workshop:export":"reveal-md workshop/slides.md --static workshop/build","workshop:pdf":"reveal-md workshop/slides.md --print workshop/Visor-Workshop.pdf --print-size letter","workshop:pdf:ci":"reveal-md workshop/slides.md --print workshop/Visor-Workshop.pdf --print-size letter --puppeteer-launch-args=\\"--no-sandbox --disable-dev-shm-usage\\"","workshop:pdf:a4":"reveal-md workshop/slides.md --print workshop/Visor-Workshop-A4.pdf --print-size A4","workshop:build":"npm run workshop:export && npm run workshop:pdf","simulate:issue":"TS_NODE_TRANSPILE_ONLY=1 ts-node scripts/simulate-gh-run.ts --event issues --action opened --debug","simulate:comment":"TS_NODE_TRANSPILE_ONLY=1 ts-node scripts/simulate-gh-run.ts --event issue_comment --action created --debug"},"keywords":["code-review","ai","github-action","cli","pr-review","visor"],"author":"Probe Labs","license":"MIT","description":"AI workflow engine for code review, assistants, and automation — orchestrate checks, MCP tools, and AI providers with YAML-driven pipelines","repository":{"type":"git","url":"git+https://github.com/probelabs/visor.git"},"bugs":{"url":"https://github.com/probelabs/visor/issues"},"homepage":"https://github.com/probelabs/visor#readme","dependencies":{"@actions/core":"^1.11.1","@apidevtools/swagger-parser":"^12.1.0","@modelcontextprotocol/sdk":"^1.25.3","@nyariv/sandboxjs":"github:probelabs/SandboxJS#f1c13b8eee98734a8ea024061eada4aa9a9ff2e9","@octokit/action":"^8.0.2","@octokit/auth-app":"^8.1.0","@octokit/core":"^7.0.3","@octokit/rest":"^22.0.0","@probelabs/probe":"^0.6.0-rc257","@types/commander":"^2.12.0","@types/uuid":"^10.0.0","acorn":"^8.16.0","acorn-walk":"^8.3.5","ajv":"^8.17.1","ajv-formats":"^3.0.1","better-sqlite3":"^11.0.0","blessed":"^0.1.81","cli-table3":"^0.6.5","commander":"^14.0.0","deepmerge":"^4.3.1","dotenv":"^17.2.3","ignore":"^7.0.5","js-yaml":"^4.1.0","jsonpath-plus":"^10.4.0","liquidjs":"^10.21.1","minimatch":"^10.2.2","node-cron":"^3.0.3","open":"^9.1.0","simple-git":"^3.28.0","uuid":"^11.1.0","ws":"^8.18.3"},"optionalDependencies":{"@anthropic/claude-code-sdk":"npm:null@*","@open-policy-agent/opa-wasm":"^1.10.0","@opentelemetry/api":"^1.9.0","@opentelemetry/core":"^1.30.1","@opentelemetry/exporter-trace-otlp-grpc":"^0.203.0","@opentelemetry/exporter-trace-otlp-http":"^0.203.0","@opentelemetry/instrumentation":"^0.203.0","@opentelemetry/resources":"^1.30.1","@opentelemetry/sdk-metrics":"^1.30.1","@opentelemetry/sdk-node":"^0.203.0","@opentelemetry/sdk-trace-base":"^1.30.1","@opentelemetry/semantic-conventions":"^1.30.1","knex":"^3.1.0","mysql2":"^3.11.0","pg":"^8.13.0","tedious":"^19.0.0"},"devDependencies":{"@eslint/js":"^9.34.0","@kie/act-js":"^2.6.2","@kie/mock-github":"^2.0.1","@swc/core":"^1.13.2","@swc/jest":"^0.2.37","@types/better-sqlite3":"^7.6.0","@types/blessed":"^0.1.27","@types/jest":"^30.0.0","@types/js-yaml":"^4.0.9","@types/node":"^24.3.0","@types/node-cron":"^3.0.11","@types/ws":"^8.18.1","@typescript-eslint/eslint-plugin":"^8.42.0","@typescript-eslint/parser":"^8.42.0","@vercel/ncc":"^0.38.4","eslint":"^9.34.0","eslint-config-prettier":"^10.1.8","eslint-plugin-prettier":"^5.5.4","husky":"^9.1.7","jest":"^30.1.3","lint-staged":"^16.1.6","prettier":"^3.6.2","reveal-md":"^6.1.2","ts-json-schema-generator":"^1.5.1","ts-node":"^10.9.2","tsup":"^8.5.0","typescript":"^5.9.2","wrangler":"^3.0.0"},"peerDependenciesMeta":{"@anthropic/claude-code-sdk":{"optional":true}},"directories":{"test":"tests"},"lint-staged":{"src/**/*.{ts,js}":["eslint --fix","prettier --write"],"tests/**/*.{ts,js}":["eslint --fix","prettier --write"],"*.{json,md,yml,yaml}":["prettier --write"]}}');
|
|
395794
396111
|
|
|
395795
396112
|
/***/ })
|
|
395796
396113
|
|