@pushary/agent-hooks 0.12.0 → 0.14.0

package/dist/bin/pushary-stop-hook.js

@@ -1,8 +1,9 @@
 #!/usr/bin/env node
 import {
   handleStop
-} from "../chunk-AB4KX4XT.js";
-import "../chunk-OF5WIOYS.js";
+} from "../chunk-SH26ZOHU.js";
+import "../chunk-QRXWPZKN.js";
+import "../chunk-22CV7V7A.js";
 import "../chunk-3MIR7ODJ.js";
 import "../chunk-VUNL35KE.js";
 

package/dist/chunk-22CV7V7A.js

@@ -0,0 +1,38 @@
+// ../contracts/src/index.ts
+var APPROVAL_MODES = ["push_only", "terminal_only", "push_first", "notify_only"];
+var isApprovalMode = (value) => typeof value === "string" && APPROVAL_MODES.includes(value);
+var MATCH_RANKS = ["none", "tool", "prefix", "exact"];
+var matchRankWeight = (rank) => MATCH_RANKS.indexOf(rank);
+var matchToolPattern = (pattern, toolName, arg) => {
+  const open = pattern.indexOf("(");
+  if (open === -1 || !pattern.endsWith(")")) {
+    return pattern === toolName ? "tool" : "none";
+  }
+  if (pattern.slice(0, open) !== toolName || arg === void 0) return "none";
+  const inner = pattern.slice(open + 1, -1);
+  if (inner.endsWith(":*")) {
+    return arg.startsWith(inner.slice(0, -2)) ? "prefix" : "none";
+  }
+  return arg === inner ? "exact" : "none";
+};
+var POLICY_ARG_KEYS = {
+  Bash: "command",
+  Edit: "file_path",
+  Write: "file_path"
+};
+var extractPolicyArg = (toolName, toolInput) => {
+  const key = POLICY_ARG_KEYS[toolName];
+  if (!key) return void 0;
+  const value = toolInput[key];
+  return typeof value === "string" ? value : void 0;
+};
+var API_KEY_PATTERN = /^pk_[a-f0-9]+\.[a-f0-9]+$/;
+var isValidApiKey = (value) => API_KEY_PATTERN.test(value);
+
+export {
+  isApprovalMode,
+  matchRankWeight,
+  matchToolPattern,
+  extractPolicyArg,
+  isValidApiKey
+};

package/dist/chunk-2HMNOZPY.js

@@ -0,0 +1,109 @@
+// src/codex-config.ts
+var CODEX_HOOK_BINARY = "pushary-codex-hook";
+var CODEX_HOOK_EVENTS = [
+  { event: "PermissionRequest", matcher: "Bash|apply_patch", timeout: 180, statusMessage: "Waiting for your phone" },
+  { event: "PreToolUse", matcher: "Bash|apply_patch", timeout: 180, statusMessage: "Checking Pushary policy" },
+  { event: "PostToolUse", matcher: "Bash|apply_patch", timeout: 10 },
+  { event: "UserPromptSubmit", timeout: 10 },
+  { event: "Stop", timeout: 10 },
+  { event: "SessionStart", matcher: "startup|resume", timeout: 10 }
+];
+var asRecord = (value) => value && typeof value === "object" && !Array.isArray(value) ? value : void 0;
+var ensureRecord = (target, key) => {
+  const existing = asRecord(target[key]);
+  if (existing) return existing;
+  const created = {};
+  target[key] = created;
+  return created;
+};
+var isPusharyCodexHook = (entry) => {
+  const hooks = asRecord(entry)?.hooks;
+  if (!Array.isArray(hooks)) return false;
+  return hooks.some((hook) => String(asRecord(hook)?.command ?? "").includes(CODEX_HOOK_BINARY));
+};
+var addCodexHooks = (config, command) => {
+  const hooks = ensureRecord(config, "hooks");
+  for (const definition of CODEX_HOOK_EVENTS) {
+    const existing = Array.isArray(hooks[definition.event]) ? hooks[definition.event] : [];
+    const entries = existing.filter((entry) => !isPusharyCodexHook(entry));
+    entries.push({
+      ...definition.matcher ? { matcher: definition.matcher } : {},
+      hooks: [{
+        type: "command",
+        command,
+        timeout: definition.timeout,
+        ...definition.statusMessage ? { statusMessage: definition.statusMessage } : {}
+      }]
+    });
+    hooks[definition.event] = entries;
+  }
+};
+var removeCodexHooks = (config) => {
+  const hooks = asRecord(config.hooks);
+  if (!hooks) return false;
+  let changed = false;
+  for (const definition of CODEX_HOOK_EVENTS) {
+    const entries = hooks[definition.event];
+    if (!Array.isArray(entries)) continue;
+    const filtered = entries.filter((entry) => !isPusharyCodexHook(entry));
+    if (filtered.length !== entries.length) {
+      if (filtered.length === 0) {
+        delete hooks[definition.event];
+      } else {
+        hooks[definition.event] = filtered;
+      }
+      changed = true;
+    }
+  }
+  if (Object.keys(hooks).length === 0) delete config.hooks;
+  return changed;
+};
+var hasCodexHooks = (config) => {
+  const hooks = asRecord(config.hooks);
+  if (!hooks) return false;
+  return CODEX_HOOK_EVENTS.some((definition) => {
+    const entries = hooks[definition.event];
+    return Array.isArray(entries) && entries.some(isPusharyCodexHook);
+  });
+};
+var missingCodexHookEvents = (config) => {
+  const hooks = asRecord(config.hooks);
+  return CODEX_HOOK_EVENTS.filter((definition) => {
+    const entries = hooks?.[definition.event];
+    return !Array.isArray(entries) || !entries.some(isPusharyCodexHook);
+  }).map((definition) => definition.event);
+};
+
+// src/npm.ts
+import { execSync } from "child_process";
+var cleanNpmEnv = () => {
+  const env = {};
+  for (const [key, value] of Object.entries(process.env)) {
+    if (key.toLowerCase().startsWith("npm_config_workspace")) continue;
+    env[key] = value;
+  }
+  return env;
+};
+var npmErrorMessage = (err) => {
+  const e = err;
+  const text = [e?.stderr, e?.stdout].map((part) => part ? part.toString() : "").join("\n");
+  const line = text.split("\n").map((l) => l.replace(/^npm error\s*/i, "").trim()).find((l) => l && !l.startsWith("A complete log") && !/^code\s/i.test(l));
+  return line || e?.message || String(err);
+};
+var execNpm = (args, options = {}) => {
+  return execSync(`npm ${args}`, {
+    timeout: 12e4,
+    stdio: "pipe",
+    ...options,
+    env: { ...cleanNpmEnv(), ...options.env ?? {} }
+  });
+};
+
+export {
+  addCodexHooks,
+  removeCodexHooks,
+  hasCodexHooks,
+  missingCodexHookEvents,
+  npmErrorMessage,
+  execNpm
+};

package/dist/chunk-5MA3CPZB.js

@@ -0,0 +1,141 @@
+// src/claude-config.ts
+import { join } from "path";
+var PUSHARY_MCP_URL = "https://pushary.com/api/mcp/mcp";
+var PUSHARY_PERMISSION_RULE = "mcp__pushary__*";
+var asRecord = (value) => value && typeof value === "object" && !Array.isArray(value) ? value : void 0;
+var ensureRecord = (target, key) => {
+  const existing = asRecord(target[key]);
+  if (existing) return existing;
+  const created = {};
+  target[key] = created;
+  return created;
+};
+var isPusharyPermission = (rule) => typeof rule === "string" && (rule.includes("pushary") || rule.includes("MCP(pushary"));
+var isPusharyHook = (entry) => {
+  const hooks = asRecord(entry)?.hooks;
+  if (!Array.isArray(hooks)) return false;
+  return hooks.some((hook) => {
+    const command = String(asRecord(hook)?.command ?? "");
+    return command.includes("pushary-hook") || command.includes("pushary-post-hook") || command.includes("pushary-stop-hook") || command.includes("pushary-prompt-hook");
+  });
+};
+var addClaudeMcpServer = (config, apiKey) => {
+  const mcpServers = ensureRecord(config, "mcpServers");
+  mcpServers.pushary = {
+    type: "http",
+    url: PUSHARY_MCP_URL,
+    headers: { Authorization: `Bearer ${apiKey}` }
+  };
+};
+var removeClaudeMcpServers = (config) => {
+  let changed = false;
+  const removeFrom = (target) => {
+    const mcpServers = asRecord(target.mcpServers);
+    if (!mcpServers?.pushary) return;
+    delete mcpServers.pushary;
+    if (Object.keys(mcpServers).length === 0) delete target.mcpServers;
+    changed = true;
+  };
+  removeFrom(config);
+  const projects = asRecord(config.projects);
+  if (projects) {
+    for (const project of Object.values(projects)) {
+      const projectConfig = asRecord(project);
+      if (projectConfig) removeFrom(projectConfig);
+    }
+  }
+  return changed;
+};
+var addPusharyToolPermissions = (settings) => {
+  const permissions = ensureRecord(settings, "permissions");
+  const allow = Array.isArray(permissions.allow) ? permissions.allow : [];
+  const filtered = allow.filter((rule) => !isPusharyPermission(rule));
+  if (!filtered.includes(PUSHARY_PERMISSION_RULE)) {
+    filtered.push(PUSHARY_PERMISSION_RULE);
+  }
+  permissions.allow = filtered;
+};
+var addPusharyHooks = (settings, binDir) => {
+  const resolve = (name) => binDir ? join(binDir, name) : name;
+  const hooks = ensureRecord(settings, "hooks");
+  const preToolUse = (Array.isArray(hooks.PreToolUse) ? hooks.PreToolUse : []).filter((entry) => !isPusharyHook(entry));
+  preToolUse.push({
+    matcher: "Bash|Write|Edit",
+    hooks: [{
+      type: "command",
+      command: resolve("pushary-hook"),
+      timeout: 120
+    }]
+  });
+  hooks.PreToolUse = preToolUse;
+  const postToolUse = (Array.isArray(hooks.PostToolUse) ? hooks.PostToolUse : []).filter((entry) => !isPusharyHook(entry));
+  postToolUse.push({
+    matcher: "Bash|Write|Edit",
+    hooks: [{
+      type: "command",
+      command: resolve("pushary-post-hook"),
+      timeout: 10
+    }]
+  });
+  hooks.PostToolUse = postToolUse;
+  const stop = (Array.isArray(hooks.Stop) ? hooks.Stop : []).filter((entry) => !isPusharyHook(entry));
+  stop.push({
+    hooks: [{
+      type: "command",
+      command: resolve("pushary-stop-hook"),
+      timeout: 10
+    }]
+  });
+  hooks.Stop = stop;
+  const userPromptSubmit = (Array.isArray(hooks.UserPromptSubmit) ? hooks.UserPromptSubmit : []).filter((entry) => !isPusharyHook(entry));
+  userPromptSubmit.push({
+    hooks: [{
+      type: "command",
+      command: resolve("pushary-prompt-hook"),
+      timeout: 10
+    }]
+  });
+  hooks.UserPromptSubmit = userPromptSubmit;
+};
+var removePusharySettings = (settings) => {
+  let changed = removeClaudeMcpServers(settings);
+  const permissions = asRecord(settings.permissions);
+  if (permissions && Array.isArray(permissions.allow)) {
+    const filtered = permissions.allow.filter((rule) => !isPusharyPermission(rule));
+    if (filtered.length !== permissions.allow.length) {
+      if (filtered.length === 0) {
+        delete permissions.allow;
+      } else {
+        permissions.allow = filtered;
+      }
+      if (Object.keys(permissions).length === 0) delete settings.permissions;
+      changed = true;
+    }
+  }
+  const hooks = asRecord(settings.hooks);
+  if (hooks) {
+    for (const key of ["PreToolUse", "PostToolUse", "Stop", "UserPromptSubmit"]) {
+      const entries = hooks[key];
+      if (!Array.isArray(entries)) continue;
+      const filtered = entries.filter((entry) => !isPusharyHook(entry));
+      if (filtered.length !== entries.length) {
+        if (filtered.length === 0) {
+          delete hooks[key];
+        } else {
+          hooks[key] = filtered;
+        }
+        changed = true;
+      }
+    }
+    if (Object.keys(hooks).length === 0) delete settings.hooks;
+  }
+  return changed;
+};
+
+export {
+  addClaudeMcpServer,
+  removeClaudeMcpServers,
+  addPusharyToolPermissions,
+  addPusharyHooks,
+  removePusharySettings
+};

package/dist/chunk-CH53PBQN.js

@@ -0,0 +1,265 @@
+import {
+  callMcpTool,
+  withRetry
+} from "./chunk-3MIR7ODJ.js";
+import {
+  getBaseUrl
+} from "./chunk-VUNL35KE.js";
+import {
+  extractPolicyArg,
+  isApprovalMode,
+  matchRankWeight,
+  matchToolPattern
+} from "./chunk-22CV7V7A.js";
+
+// src/validate.ts
+var isPolicyConfig = (data) => {
+  if (!data || typeof data !== "object") return false;
+  const d = data;
+  return Array.isArray(d.policies) && typeof d.defaultTimeoutSeconds === "number" && typeof d.defaultTimeoutAction === "string";
+};
+var isAskUserResponse = (data) => {
+  if (!data || typeof data !== "object") return false;
+  const d = data;
+  return typeof d.correlationId === "string" && typeof d.status === "string";
+};
+var isWaitForAnswerResponse = (data) => {
+  if (!data || typeof data !== "object") return false;
+  const d = data;
+  return typeof d.answered === "boolean";
+};
+
+// src/api.ts
+var askUser = async (apiKey, params) => {
+  const result = await callMcpTool(apiKey, "ask_user", { ...params, wait: false }, { maxRetries: 3 });
+  if (!isAskUserResponse(result)) throw new Error("Invalid ask_user response");
+  return result;
+};
+var waitForAnswer = async (apiKey, correlationId, timeoutMs = 3e4) => {
+  const result = await callMcpTool(apiKey, "wait_for_answer", {
+    correlationId,
+    timeoutMs
+  });
+  if (!isWaitForAnswerResponse(result)) throw new Error("Invalid wait_for_answer response");
+  return result;
+};
+var cancelQuestion = async (apiKey, correlationId) => {
+  await callMcpTool(apiKey, "cancel_question", { correlationId });
+};
+var sendNotification = async (apiKey, params) => {
+  await callMcpTool(apiKey, "send_notification", { ...params }, { maxRetries: 3 });
+};
+
+// src/identity.ts
+import { createHash } from "crypto";
+import { hostname } from "os";
+var deriveMachineId = (host) => createHash("sha256").update(host).digest("hex").slice(0, 8);
+var getMachineId = () => deriveMachineId(hostname());
+
+// src/policy.ts
+import { createHash as createHash2 } from "crypto";
+import { existsSync, readFileSync, writeFileSync } from "fs";
+import { join } from "path";
+import { tmpdir } from "os";
+var CACHE_TTL_MS = 5 * 60 * 1e3;
+var cacheFile = (apiKey) => {
+  const hash = createHash2("sha256").update(apiKey).digest("hex").slice(0, 12);
+  return join(tmpdir(), `pushary-policy-${hash}.json`);
+};
+var fetchPolicy = async (apiKey) => {
+  return withRetry(async () => {
+    const baseUrl = getBaseUrl();
+    const response = await fetch(`${baseUrl}/api/mcp/policy`, {
+      headers: { "Authorization": `Bearer ${apiKey}` },
+      signal: AbortSignal.timeout(1e4)
+    });
+    if (!response.ok) {
+      throw new Error(`Failed to fetch policy: ${response.status}`);
+    }
+    const raw = await response.json();
+    if (!isPolicyConfig(raw)) throw new Error("Invalid policy response");
+    return raw;
+  }, { maxAttempts: 2 });
+};
+var getPolicy = async (apiKey) => {
+  const path = cacheFile(apiKey);
+  let staleCache = null;
+  if (existsSync(path)) {
+    try {
+      const stat = readFileSync(path, "utf-8");
+      const cached = JSON.parse(stat);
+      if (!isPolicyConfig(cached)) throw new Error("Corrupted cache");
+      if (!cached._cachedAt || Date.now() - cached._cachedAt < CACHE_TTL_MS) {
+        return cached;
+      }
+      staleCache = cached;
+    } catch {
+    }
+  }
+  try {
+    const policy = await fetchPolicy(apiKey);
+    try {
+      writeFileSync(path, JSON.stringify({ ...policy, _cachedAt: Date.now() }), "utf-8");
+    } catch {
+    }
+    return policy;
+  } catch {
+    if (staleCache) return staleCache;
+    throw new Error("Failed to fetch policy and no cached policy available");
+  }
+};
+var findBestMatch = (policies, toolName, arg) => {
+  let best;
+  let bestWeight = 0;
+  let bestLength = -1;
+  for (const candidate of policies) {
+    const rank = matchToolPattern(candidate.tool, toolName, arg);
+    if (rank === "none") continue;
+    const weight = matchRankWeight(rank);
+    const length = rank === "prefix" ? candidate.tool.length : -1;
+    if (weight > bestWeight || weight === bestWeight && length > bestLength) {
+      best = candidate;
+      bestWeight = weight;
+      bestLength = length;
+    }
+  }
+  return best;
+};
+var resolvePolicy = (config, toolName, modeOverride, toolInput) => {
+  const arg = toolInput ? extractPolicyArg(toolName, toolInput) : void 0;
+  const base = findBestMatch(config.policies, toolName, arg) ?? config.policies.find((p) => p.tool === "*") ?? {
+    tool: toolName,
+    timeoutSeconds: config.defaultTimeoutSeconds,
+    timeoutAction: config.defaultTimeoutAction,
+    mode: config.defaultMode ?? "push_first",
+    pushFirstSeconds: config.defaultPushFirstSeconds ?? 20
+  };
+  const effectiveOverride = modeOverride ?? config.modeOverride;
+  if (effectiveOverride) {
+    return { ...base, mode: effectiveOverride };
+  }
+  return base;
+};
+var fetchModeState = async (apiKey, sessionId) => {
+  try {
+    const baseUrl = getBaseUrl();
+    const url = sessionId ? `${baseUrl}/api/mcp/mode?session=${encodeURIComponent(sessionId)}` : `${baseUrl}/api/mcp/mode`;
+    const response = await fetch(url, {
+      headers: { "Authorization": `Bearer ${apiKey}` },
+      signal: AbortSignal.timeout(3e3)
+    });
+    if (!response.ok) return { mode: null, kill: false };
+    const data = await response.json();
+    const mode = data.override?.mode;
+    return { mode: isApprovalMode(mode) ? mode : null, kill: data.kill === true };
+  } catch {
+    return { mode: null, kill: false };
+  }
+};
+var fetchModeOverride = async (apiKey) => (await fetchModeState(apiKey)).mode;
+
+// src/describe.ts
+var hookPrefixes = {
+  Bash: (input) => `bash: ${input.command ?? "(no command)"}`,
+  Write: (input) => `write file: ${input.file_path ?? "(unknown path)"}`,
+  Edit: (input) => `edit file: ${input.file_path ?? "(unknown path)"}`,
+  Read: (input) => `read file: ${input.file_path ?? "(unknown path)"}`
+};
+var eventPrefixes = {
+  Bash: (input) => `ran: ${String(input.command ?? "").slice(0, 120)}`,
+  Write: (input) => `wrote: ${input.file_path ?? "unknown"}`,
+  Edit: (input) => `edited: ${input.file_path ?? "unknown"}`,
+  Read: (input) => `read: ${input.file_path ?? "unknown"}`
+};
+var describeToolCall = (toolName, toolInput, format = "hook") => {
+  const prefixes = format === "hook" ? hookPrefixes : eventPrefixes;
+  const builder = prefixes[toolName];
+  if (builder) return builder(toolInput);
+  return format === "hook" ? `${toolName}: ${JSON.stringify(toolInput).slice(0, 200)}` : `${toolName}: done`;
+};
+var TOOL_TARGET_MAX_LENGTH = 80;
+var deriveToolTarget = (toolName, toolInput) => {
+  if (toolName === "Bash") {
+    const command = toolInput.command;
+    if (typeof command !== "string") return void 0;
+    const head = command.trim().split(/\s+/).slice(0, 2).join(" ");
+    return head ? head.slice(0, TOOL_TARGET_MAX_LENGTH) : void 0;
+  }
+  if (toolName === "Edit" || toolName === "Write") {
+    const filePath = toolInput.file_path;
+    if (typeof filePath !== "string") return void 0;
+    const separator = Math.max(filePath.lastIndexOf("/"), filePath.lastIndexOf("\\"));
+    const base = filePath.slice(separator + 1);
+    const dot = base.lastIndexOf(".");
+    if (dot <= 0) return void 0;
+    return base.slice(dot).slice(0, TOOL_TARGET_MAX_LENGTH);
+  }
+  return void 0;
+};
+
+// src/pending.ts
+import { join as join2 } from "path";
+import { tmpdir as tmpdir2 } from "os";
+import { existsSync as existsSync2, mkdirSync, writeFileSync as writeFileSync2, readdirSync, unlinkSync, rmSync, statSync } from "fs";
+var PENDING_DIR = join2(tmpdir2(), "pushary-pending");
+var DEFAULT_SESSION = "_no_session";
+var GRACE_MS = 10 * 60 * 1e3;
+var sanitize = (sessionId) => sessionId.replace(/[^A-Za-z0-9_-]/g, "_").slice(0, 128) || DEFAULT_SESSION;
+var dirFor = (sessionId) => join2(PENDING_DIR, sanitize(sessionId));
+var isDefaultSession = (sessionId) => sanitize(sessionId) === DEFAULT_SESSION;
+var savePendingQuestion = (sessionId, correlationId) => {
+  const dir = dirFor(sessionId);
+  if (!existsSync2(dir)) mkdirSync(dir, { recursive: true });
+  writeFileSync2(join2(dir, correlationId), "", "utf-8");
+};
+var listPendingQuestions = (sessionId) => {
+  const dir = dirFor(sessionId);
+  let files;
+  try {
+    files = readdirSync(dir);
+  } catch {
+    return [];
+  }
+  if (!isDefaultSession(sessionId)) return files;
+  const cutoff = Date.now() - GRACE_MS;
+  return files.filter((name) => {
+    try {
+      return statSync(join2(dir, name)).mtimeMs < cutoff;
+    } catch {
+      return false;
+    }
+  });
+};
+var removePendingQuestion = (sessionId, correlationId) => {
+  try {
+    unlinkSync(join2(dirFor(sessionId), correlationId));
+  } catch {
+  }
+};
+var removePendingSession = (sessionId) => {
+  try {
+    rmSync(dirFor(sessionId), { recursive: true, force: true });
+  } catch {
+  }
+};
+
+export {
+  isPolicyConfig,
+  askUser,
+  waitForAnswer,
+  cancelQuestion,
+  sendNotification,
+  describeToolCall,
+  deriveToolTarget,
+  DEFAULT_SESSION,
+  isDefaultSession,
+  savePendingQuestion,
+  listPendingQuestions,
+  removePendingQuestion,
+  removePendingSession,
+  getMachineId,
+  getPolicy,
+  resolvePolicy,
+  fetchModeState,
+  fetchModeOverride
+};