@pushary/agent-hooks 0.4.6 → 0.5.1

package/dist/bin/pushary-clean.js

@@ -98,11 +98,11 @@ var main = async () => {
       const cleaned = [];
       let skipping = false;
       for (const line of lines) {
-        if (line.trim() === "[mcp_servers.pushary]") {
+        if (/^\[mcp_servers\.pushary(?:\.|]$)/.test(line.trim())) {
           skipping = true;
           continue;
         }
-        if (skipping && (line.startsWith("[") || line.trim() === "")) {
+        if (skipping && line.startsWith("[") && !/^\[mcp_servers\.pushary/.test(line.trim())) {
           skipping = false;
         }
         if (skipping) continue;

package/dist/bin/pushary-codex.js

@@ -1,15 +1,14 @@
 #!/usr/bin/env node
+import {
+  reportEvent
+} from "../chunk-P4JH2Q7Z.js";
 import {
   askUser,
   waitForAnswer
-} from "../chunk-M5SRSBLS.js";
-import "../chunk-RJKW6LLC.js";
-import {
-  reportEvent
-} from "../chunk-EQE6Z4YQ.js";
+} from "../chunk-KTP2EPVB.js";
 import {
   getApiKey
-} from "../chunk-VUNL35KE.js";
+} from "../chunk-VIST7ACL.js";
 
 // bin/pushary-codex.ts
 import { hostname } from "os";

package/dist/bin/pushary-doctor.js

@@ -2,8 +2,7 @@
 import {
   callMcpTool,
   sendMcpRequest
-} from "../chunk-RJKW6LLC.js";
-import "../chunk-VUNL35KE.js";
+} from "../chunk-VIST7ACL.js";
 
 // bin/pushary-doctor.ts
 import { existsSync, readFileSync } from "fs";
@@ -69,6 +68,23 @@ var main = async () => {
   } else {
     check(false, "Claude Code: settings.json", "not found");
   }
+  const codexConfigPath = join(homedir(), ".codex", "config.toml");
+  if (existsSync(codexConfigPath)) {
+    const codexConfig = readFileSync(codexConfigPath, "utf-8");
+    const hasPusharyMcp = codexConfig.includes("[mcp_servers.pushary]");
+    check(hasPusharyMcp, "Codex: MCP server configured");
+    if (hasPusharyMcp) {
+      const hasAutoApprove = codexConfig.includes('default_tools_approval_mode = "approve"');
+      check(hasAutoApprove, "Codex: tools auto-allowed", hasAutoApprove ? 'default_tools_approval_mode = "approve"' : "missing \u2014 MCP calls will prompt for approval");
+      const hasPerToolOverrides = /\[mcp_servers\.pushary\.tools\./.test(codexConfig);
+      if (hasPerToolOverrides) {
+        console.log(`  ${warn} Codex: per-tool approval overrides detected ${dim("(redundant with default_tools_approval_mode)")}`);
+      }
+    }
+    check(codexConfig.includes("pushary-codex"), "Codex: notify handler configured");
+    const codexSkillPath = join(homedir(), ".codex", "skills", "pushary", "SKILL.md");
+    check(existsSync(codexSkillPath), "Codex: skill installed");
+  }
   check(existsSync(SKILL_PATH), "Skill installed", existsSync(SKILL_PATH) ? SKILL_PATH : "not found");
   let globalVersion = "";
   try {

package/dist/bin/pushary-hook.js

@@ -1,10 +1,9 @@
 #!/usr/bin/env node
 import {
   handlePreToolUse
-} from "../chunk-4TQW4K6T.js";
-import "../chunk-M5SRSBLS.js";
-import "../chunk-RJKW6LLC.js";
-import "../chunk-VUNL35KE.js";
+} from "../chunk-DF3BM6BF.js";
+import "../chunk-KTP2EPVB.js";
+import "../chunk-VIST7ACL.js";
 
 // bin/pushary-hook.ts
 var main = async () => {

package/dist/bin/pushary-post-hook.js

@@ -1,8 +1,9 @@
 #!/usr/bin/env node
 import {
   handlePostToolUse
-} from "../chunk-EQE6Z4YQ.js";
-import "../chunk-VUNL35KE.js";
+} from "../chunk-P4JH2Q7Z.js";
+import "../chunk-KTP2EPVB.js";
+import "../chunk-VIST7ACL.js";
 
 // bin/pushary-post-hook.ts
 var main = async () => {

package/dist/bin/pushary-setup.js

@@ -146,29 +146,86 @@ var setupClaudeCode = async (apiKey) => {
   console.log(`  ${dim("\u2022")} Hooks: route permission approvals through push notifications`);
   console.log(`  ${dim("\u2022")} Auto-allowed tools: no permission prompts for Pushary MCP calls`);
 };
+var findPython310Plus = () => {
+  const candidates = ["python3.13", "python3.12", "python3.11", "python3.10", "python3", "python"];
+  for (const py of candidates) {
+    try {
+      const version = execSync(`${py} --version 2>&1`, { encoding: "utf-8", stdio: "pipe" }).trim();
+      const match = version.match(/Python (\d+)\.(\d+)/);
+      if (match && (Number(match[1]) > 3 || Number(match[1]) === 3 && Number(match[2]) >= 10)) {
+        return py;
+      }
+    } catch {
+    }
+  }
+  return null;
+};
+var installPythonPlugin = (pythonBin) => {
+  execSync(`${pythonBin} -m pip install --upgrade hermes-plugin-pushary`, { stdio: "pipe" });
+};
 var setupHermes = async (_apiKey) => {
   console.log(`
   ${bold("Setting up Hermes Agent")}
 `);
-  let pipInstalled = false;
+  const whichCmd = process.platform === "win32" ? "where" : "which";
+  const hasHermes = (() => {
+    try {
+      execSync(`${whichCmd} hermes`, { stdio: "ignore" });
+      return true;
+    } catch {
+      return false;
+    }
+  })();
+  if (!hasHermes) {
+    console.log(`  ${yellow("!")} Hermes CLI not found. Skipping.`);
+    console.log(`  ${dim("Install Hermes and re-run setup to configure.")}`);
+    return;
+  }
   await spinner("Installing hermes-plugin-pushary", async () => {
+    try {
+      execSync("uv pip install hermes-plugin-pushary", { stdio: "pipe" });
+      return;
+    } catch {
+    }
+    let python = findPython310Plus();
+    if (!python) {
+      if (process.platform === "darwin") {
+        try {
+          execSync("which brew", { stdio: "ignore" });
+          execSync("brew install python@3.12", { stdio: "pipe" });
+          python = findPython310Plus();
+        } catch {
+        }
+      } else if (process.platform === "linux") {
+        for (const [check2, install] of [
+          ["which apt-get", "sudo apt-get update -qq && sudo apt-get install -y -qq python3 python3-pip"],
+          ["which dnf", "sudo dnf install -y -q python3 python3-pip"],
+          ["which yum", "sudo yum install -y -q python3 python3-pip"],
+          ["which pacman", "sudo pacman -S --noconfirm python python-pip"]
+        ]) {
+          try {
+            execSync(check2, { stdio: "ignore" });
+            execSync(install, { stdio: "pipe" });
+            python = findPython310Plus();
+            if (python) break;
+          } catch {
+          }
+        }
+      }
+    }
+    if (python) {
+      installPythonPlugin(python);
+      return;
+    }
     for (const pip of ["pip3", "pip"]) {
       try {
         execSync(`${pip} install hermes-plugin-pushary`, { stdio: "pipe" });
-        pipInstalled = true;
         return;
-      } catch (err) {
-        const msg = err instanceof Error ? err.stderr?.toString() ?? "" : "";
-        if (msg.includes("No matching distribution")) {
-          throw new Error("requires Python 3.10+ (your pip uses an older version)");
-        }
+      } catch {
       }
     }
-    throw new Error("pip not found");
+    throw new Error("Python 3.10+ not found and could not be installed");
   });
-  if (!pipInstalled) {
-    console.log(`  ${dim("  Install Python 3.10+ and re-run setup to fix.")}`);
-  }
   await spinner("Enabling plugin", async () => {
     execSync("hermes plugins enable pushary", { stdio: "ignore" });
   });
@@ -181,9 +238,10 @@ var setupCodex = async (_apiKey) => {
   console.log(`
   ${bold("Setting up Codex")}
 `);
+  const whichCmd = process.platform === "win32" ? "where" : "which";
   const hasCodex = (() => {
     try {
-      execSync("which codex", { stdio: "ignore" });
+      execSync(`${whichCmd} codex`, { stdio: "ignore" });
       return true;
     } catch {
       return false;
@@ -195,6 +253,7 @@ var setupCodex = async (_apiKey) => {
     return;
   }
   await installGlobally();
+  const codexConfig = join(homedir(), ".codex", "config.toml");
   await spinner("Adding Pushary MCP server to Codex", async () => {
     try {
       execSync(
@@ -204,7 +263,42 @@ var setupCodex = async (_apiKey) => {
     } catch {
     }
   });
-  const codexConfig = join(homedir(), ".codex", "config.toml");
+  await spinner("Auto-allowing all Pushary tools", async () => {
+    let config = "";
+    try {
+      config = readFileSync(codexConfig, "utf-8");
+    } catch {
+    }
+    const lines = config.split("\n");
+    const cleaned = [];
+    let skippingToolSection = false;
+    for (const line of lines) {
+      if (/^\[mcp_servers\.pushary\.tools\./.test(line.trim())) {
+        skippingToolSection = true;
+        continue;
+      }
+      if (skippingToolSection) {
+        if (line.startsWith("[") || line.trim() === "") {
+          skippingToolSection = false;
+          if (line.startsWith("[")) {
+            cleaned.push(line);
+            continue;
+          }
+        } else {
+          continue;
+        }
+      }
+      cleaned.push(line);
+    }
+    config = cleaned.join("\n");
+    if (!config.includes("default_tools_approval_mode")) {
+      config = config.replace(
+        /(\[mcp_servers\.pushary\]\n)/,
+        '$1default_tools_approval_mode = "approve"\n'
+      );
+    }
+    writeFileSync(codexConfig, config, "utf-8");
+  });
   await spinner("Adding notify handler for Codex events", async () => {
     const globalPrefix = execSync("npm prefix -g", { encoding: "utf-8" }).trim();
     const pusharyCodexPath = join(globalPrefix, "bin", "pushary-codex");
@@ -225,6 +319,7 @@ notify = ["${pusharyCodexPath}"]
   console.log();
   console.log(`  ${dim("What this configured:")}`);
   console.log(`  ${dim("\u2022")} MCP server: Codex can send notifications and ask questions`);
+  console.log(`  ${dim("\u2022")} Auto-allowed tools: no permission prompts for Pushary MCP calls`);
   console.log(`  ${dim("\u2022")} Notify handler: captures turn completions and approval requests`);
 };
 var setupCursor = async (apiKey) => {
@@ -324,7 +419,7 @@ var main = async () => {
     message: "Which agents do you use? " + dim("(space = toggle, enter = confirm)"),
     choices: [
       { name: `Claude Code  ${dim("MCP + hooks + auto-allowed tools")}`, value: "claude_code" },
-      { name: `Codex        ${dim("MCP server via codex mcp add")}`, value: "codex" },
+      { name: `Codex        ${dim("MCP + notify handler + auto-allowed tools")}`, value: "codex" },
       { name: `Hermes       ${dim("native plugin + auto-error notifications")}`, value: "hermes" },
       { name: `Cursor       ${dim("MCP server")}`, value: "cursor" }
     ]
@@ -334,8 +429,19 @@ var main = async () => {
     console.log(`
   ${dim("No agents selected. API key saved.")}`);
   } else {
+    const failed = [];
     for (const agent of agents) {
-      await AGENT_SETUP[agent](trimmedKey);
+      try {
+        await AGENT_SETUP[agent](trimmedKey);
+      } catch (err) {
+        failed.push(agent.replace("_", " "));
+        console.log(`  ${yellow("!")} ${agent.replace("_", " ")} setup failed: ${formatError(err)}`);
+        console.log(`  ${dim("Other agents will continue. Re-run setup to retry.")}`);
+      }
+    }
+    if (failed.length > 0) {
+      console.log();
+      console.log(`  ${yellow("!")} Failed: ${failed.join(", ")} ${dim("(others completed successfully)")}`);
     }
   }
   const sendTest = await confirm({ message: "Send a test notification?", default: true });

package/dist/bin/pushary-stop-hook.js

@@ -1,8 +1,9 @@
 #!/usr/bin/env node
 import {
   handleStop
-} from "../chunk-EQE6Z4YQ.js";
-import "../chunk-VUNL35KE.js";
+} from "../chunk-P4JH2Q7Z.js";
+import "../chunk-KTP2EPVB.js";
+import "../chunk-VIST7ACL.js";
 
 // bin/pushary-stop-hook.ts
 var main = async () => {

package/dist/chunk-DF3BM6BF.js

@@ -0,0 +1,195 @@
+import {
+  askUser,
+  sendNotification,
+  waitForAnswer
+} from "./chunk-KTP2EPVB.js";
+import {
+  getApiKey,
+  getBaseUrl
+} from "./chunk-VIST7ACL.js";
+
+// src/policy.ts
+import { createHash } from "crypto";
+import { existsSync, readFileSync, writeFileSync } from "fs";
+import { join } from "path";
+import { tmpdir } from "os";
+var CACHE_TTL_MS = 5 * 60 * 1e3;
+var cacheFile = (apiKey) => {
+  const hash = createHash("sha256").update(apiKey).digest("hex").slice(0, 12);
+  return join(tmpdir(), `pushary-policy-${hash}.json`);
+};
+var fetchPolicy = async (apiKey) => {
+  const baseUrl = getBaseUrl();
+  const response = await fetch(`${baseUrl}/api/mcp/policy`, {
+    headers: { "Authorization": `Bearer ${apiKey}` },
+    signal: AbortSignal.timeout(1e4)
+  });
+  if (!response.ok) {
+    throw new Error(`Failed to fetch policy: ${response.status}`);
+  }
+  return response.json();
+};
+var getPolicy = async (apiKey) => {
+  const path = cacheFile(apiKey);
+  if (existsSync(path)) {
+    try {
+      const stat = readFileSync(path, "utf-8");
+      const cached = JSON.parse(stat);
+      if (!cached._cachedAt || Date.now() - cached._cachedAt < CACHE_TTL_MS) {
+        return cached;
+      }
+    } catch {
+    }
+  }
+  const policy = await fetchPolicy(apiKey);
+  writeFileSync(path, JSON.stringify({ ...policy, _cachedAt: Date.now() }), "utf-8");
+  return policy;
+};
+var resolvePolicy = (config, toolName) => {
+  const exact = config.policies.find((p) => p.tool === toolName);
+  if (exact) return exact;
+  const wildcard = config.policies.find((p) => p.tool === "*");
+  if (wildcard) return wildcard;
+  return {
+    tool: toolName,
+    timeoutSeconds: config.defaultTimeoutSeconds,
+    timeoutAction: config.defaultTimeoutAction,
+    mode: config.defaultMode ?? "push_first",
+    pushFirstSeconds: config.defaultPushFirstSeconds ?? 10
+  };
+};
+
+// src/hook.ts
+import { basename } from "path";
+import { writeFileSync as writeFileSync2, mkdirSync, existsSync as existsSync2 } from "fs";
+import { join as join2 } from "path";
+import { tmpdir as tmpdir2 } from "os";
+var describeToolCall = (input) => {
+  const { tool_name, tool_input } = input;
+  switch (tool_name) {
+    case "Bash":
+      return `bash: ${tool_input.command ?? "(no command)"}`;
+    case "Write":
+      return `write file: ${tool_input.file_path ?? "(unknown path)"}`;
+    case "Edit":
+      return `edit file: ${tool_input.file_path ?? "(unknown path)"}`;
+    case "Read":
+      return `read file: ${tool_input.file_path ?? "(unknown path)"}`;
+    default:
+      return `${tool_name}: ${JSON.stringify(tool_input).slice(0, 200)}`;
+  }
+};
+var sleep = (ms) => new Promise((resolve) => setTimeout(resolve, ms));
+var allow = () => ({
+  hookSpecificOutput: {
+    hookEventName: "PreToolUse",
+    permissionDecision: "allow"
+  }
+});
+var deny = (reason) => ({
+  hookSpecificOutput: {
+    hookEventName: "PreToolUse",
+    permissionDecision: "deny",
+    permissionDecisionReason: reason
+  }
+});
+var ask = (reason) => ({
+  hookSpecificOutput: {
+    hookEventName: "PreToolUse",
+    permissionDecision: "ask",
+    ...reason ? { permissionDecisionReason: reason } : {}
+  }
+});
+var PENDING_DIR = join2(tmpdir2(), "pushary-pending");
+var savePendingQuestion = (correlationId) => {
+  if (!existsSync2(PENDING_DIR)) mkdirSync(PENDING_DIR, { recursive: true });
+  writeFileSync2(join2(PENDING_DIR, correlationId), "", "utf-8");
+};
+var pollForAnswer = async (apiKey, correlationId, deadlineMs, pollInterval = 2e3) => {
+  while (Date.now() < deadlineMs) {
+    const remaining = Math.min(Math.max(deadlineMs - Date.now(), 1e3), 3e4);
+    const answer = await waitForAnswer(apiKey, correlationId, remaining);
+    if (answer.answered) return answer;
+    if (Date.now() + pollInterval >= deadlineMs) break;
+    await sleep(pollInterval);
+  }
+  return { answered: false };
+};
+var handlePushOnly = async (apiKey, description, projectName, timeoutSeconds, timeoutAction) => {
+  const result = await askUser(apiKey, {
+    question: `Allow ${description}?`,
+    type: "confirm",
+    context: `Agent wants to run this in ${projectName}`,
+    agentName: `Claude Code - ${projectName}`
+  });
+  const deadline = Date.now() + timeoutSeconds * 1e3;
+  const answer = await pollForAnswer(apiKey, result.correlationId, deadline);
+  if (answer.answered) {
+    return answer.value === "yes" ? allow() : deny("Denied via push notification");
+  }
+  switch (timeoutAction) {
+    case "approve":
+      return allow();
+    case "deny":
+      return deny("No response within timeout");
+    default:
+      return ask("No push response, asking in terminal");
+  }
+};
+var handleTerminalOnly = () => {
+  return ask();
+};
+var handlePushFirst = async (apiKey, description, projectName, pushFirstSeconds) => {
+  const result = await askUser(apiKey, {
+    question: `Allow ${description}?`,
+    type: "confirm",
+    context: `Agent wants to run this in ${projectName}`,
+    agentName: `Claude Code - ${projectName}`
+  });
+  const deadline = Date.now() + pushFirstSeconds * 1e3;
+  const answer = await pollForAnswer(apiKey, result.correlationId, deadline, 1500);
+  if (answer.answered) {
+    return answer.value === "yes" ? allow() : deny("Denied via push notification");
+  }
+  savePendingQuestion(result.correlationId);
+  return ask("Sent as push notification. You can also approve here.");
+};
+var handleNotifyOnly = async (apiKey, description, projectName) => {
+  try {
+    await sendNotification(apiKey, {
+      title: "Agent needs approval",
+      body: description,
+      agentName: `Claude Code - ${projectName}`
+    });
+  } catch {
+  }
+  return ask();
+};
+var handlePreToolUse = async (input) => {
+  const apiKey = getApiKey();
+  const policy = await getPolicy(apiKey);
+  const toolPolicy = resolvePolicy(policy, input.tool_name);
+  if (toolPolicy.timeoutSeconds === 0 && toolPolicy.timeoutAction === "approve") {
+    return allow();
+  }
+  const description = describeToolCall(input);
+  const projectName = basename(input.cwd ?? process.cwd());
+  switch (toolPolicy.mode) {
+    case "push_only":
+      return handlePushOnly(apiKey, description, projectName, toolPolicy.timeoutSeconds, toolPolicy.timeoutAction);
+    case "terminal_only":
+      return handleTerminalOnly();
+    case "push_first":
+      return handlePushFirst(apiKey, description, projectName, toolPolicy.pushFirstSeconds);
+    case "notify_only":
+      return handleNotifyOnly(apiKey, description, projectName);
+    default:
+      return handlePushFirst(apiKey, description, projectName, toolPolicy.pushFirstSeconds);
+  }
+};
+
+export {
+  getPolicy,
+  resolvePolicy,
+  handlePreToolUse
+};

package/dist/{chunk-M5SRSBLS.js → chunk-KTP2EPVB.js}

@@ -1,6 +1,6 @@
 import {
   callMcpTool
-} from "./chunk-RJKW6LLC.js";
+} from "./chunk-VIST7ACL.js";
 
 // src/api.ts
 var askUser = async (apiKey, params) => {
@@ -15,9 +15,13 @@ var waitForAnswer = async (apiKey, correlationId, timeoutMs = 3e4) => {
 var cancelQuestion = async (apiKey, correlationId) => {
   await callMcpTool(apiKey, "cancel_question", { correlationId });
 };
+var sendNotification = async (apiKey, params) => {
+  await callMcpTool(apiKey, "send_notification", { ...params });
+};
 
 export {
   askUser,
   waitForAnswer,
-  cancelQuestion
+  cancelQuestion,
+  sendNotification
 };

package/dist/{chunk-EQE6Z4YQ.js → chunk-P4JH2Q7Z.js}

@@ -1,11 +1,35 @@
+import {
+  cancelQuestion
+} from "./chunk-KTP2EPVB.js";
 import {
   getApiKey,
   getBaseUrl
-} from "./chunk-VUNL35KE.js";
+} from "./chunk-VIST7ACL.js";
 
 // src/events.ts
 import { hostname } from "os";
 import { basename } from "path";
+import { readdirSync, unlinkSync } from "fs";
+import { join } from "path";
+import { tmpdir } from "os";
+var PENDING_DIR = join(tmpdir(), "pushary-pending");
+var cleanupPendingQuestions = async () => {
+  try {
+    const files = readdirSync(PENDING_DIR);
+    const apiKey = getApiKey();
+    for (const correlationId of files) {
+      try {
+        await cancelQuestion(apiKey, correlationId);
+      } catch {
+      }
+      try {
+        unlinkSync(join(PENDING_DIR, correlationId));
+      } catch {
+      }
+    }
+  } catch {
+  }
+};
 var reportEvent = async (event) => {
   const apiKey = getApiKey();
   const baseUrl = getBaseUrl();
@@ -40,6 +64,7 @@ var handlePostToolUse = async (input) => {
     default:
       action = `${input.tool_name}: done`;
   }
+  await cleanupPendingQuestions();
   const isError = input.tool_result && ("error" in input.tool_result || "is_error" in input.tool_result);
   await reportEvent({
     event: isError ? "tool_error" : "tool_complete",

package/dist/{chunk-RJKW6LLC.js → chunk-VIST7ACL.js}

@@ -1,6 +1,14 @@
-import {
-  getBaseUrl
-} from "./chunk-VUNL35KE.js";
+// src/config.ts
+var getApiKey = () => {
+  const key = process.env.PUSHARY_API_KEY;
+  if (!key) {
+    throw new Error(
+      "PUSHARY_API_KEY environment variable is not set. Get your API key at https://pushary.com/sign-up?from=ai-coding"
+    );
+  }
+  return key;
+};
+var getBaseUrl = () => process.env.PUSHARY_BASE_URL ?? "https://pushary.com";
 
 // src/mcp-http.ts
 var parseSseJson = (body) => {
@@ -73,6 +81,8 @@ var callMcpTool = async (apiKey, toolName, params, options = {}) => {
 };
 
 export {
+  getApiKey,
+  getBaseUrl,
   sendMcpRequest,
   callMcpTool
 };

package/dist/src/index.d.ts

@@ -61,15 +61,20 @@ declare const askUser: (apiKey: string, params: AskUserParams) => Promise<AskUse
 declare const waitForAnswer: (apiKey: string, correlationId: string, timeoutMs?: number) => Promise<WaitForAnswerResponse>;
 declare const cancelQuestion: (apiKey: string, correlationId: string) => Promise<void>;
 
+type ApprovalMode = 'push_only' | 'terminal_only' | 'push_first' | 'notify_only';
 interface ToolPolicy {
     tool: string;
     timeoutSeconds: number;
     timeoutAction: 'approve' | 'deny' | 'escalate';
+    mode: ApprovalMode;
+    pushFirstSeconds: number;
 }
 interface PolicyConfig {
     policies: ToolPolicy[];
     defaultTimeoutSeconds: number;
     defaultTimeoutAction: 'approve' | 'deny' | 'escalate';
+    defaultMode: ApprovalMode;
+    defaultPushFirstSeconds: number;
 }
 declare const getPolicy: (apiKey: string) => Promise<PolicyConfig>;
 declare const resolvePolicy: (config: PolicyConfig, toolName: string) => ToolPolicy;

package/dist/src/index.js

@@ -2,23 +2,22 @@ import {
   getPolicy,
   handlePreToolUse,
   resolvePolicy
-} from "../chunk-4TQW4K6T.js";
-import {
-  askUser,
-  cancelQuestion,
-  waitForAnswer
-} from "../chunk-M5SRSBLS.js";
-import "../chunk-RJKW6LLC.js";
+} from "../chunk-DF3BM6BF.js";
 import {
   handleNotification,
   handlePostToolUse,
   handleStop,
   reportEvent
-} from "../chunk-EQE6Z4YQ.js";
+} from "../chunk-P4JH2Q7Z.js";
+import {
+  askUser,
+  cancelQuestion,
+  waitForAnswer
+} from "../chunk-KTP2EPVB.js";
 import {
   getApiKey,
   getBaseUrl
-} from "../chunk-VUNL35KE.js";
+} from "../chunk-VIST7ACL.js";
 export {
   askUser,
   cancelQuestion,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@pushary/agent-hooks",
-  "version": "0.4.6",
+  "version": "0.5.1",
   "description": "Permission hooks for AI coding agents: route tool approvals through Pushary push notifications",
   "author": "Pushary <business@pushary.com>",
   "homepage": "https://pushary.com",

package/dist/chunk-4TQW4K6T.js

@@ -1,136 +0,0 @@
-import {
-  askUser,
-  waitForAnswer
-} from "./chunk-M5SRSBLS.js";
-import {
-  getApiKey,
-  getBaseUrl
-} from "./chunk-VUNL35KE.js";
-
-// src/policy.ts
-import { createHash } from "crypto";
-import { existsSync, readFileSync, writeFileSync } from "fs";
-import { join } from "path";
-import { tmpdir } from "os";
-var cacheFile = (apiKey) => {
-  const hash = createHash("sha256").update(apiKey).digest("hex").slice(0, 12);
-  return join(tmpdir(), `pushary-policy-${hash}.json`);
-};
-var fetchPolicy = async (apiKey) => {
-  const baseUrl = getBaseUrl();
-  const response = await fetch(`${baseUrl}/api/mcp/policy`, {
-    headers: { "Authorization": `Bearer ${apiKey}` },
-    signal: AbortSignal.timeout(1e4)
-  });
-  if (!response.ok) {
-    throw new Error(`Failed to fetch policy: ${response.status}`);
-  }
-  return response.json();
-};
-var getPolicy = async (apiKey) => {
-  const path = cacheFile(apiKey);
-  if (existsSync(path)) {
-    try {
-      return JSON.parse(readFileSync(path, "utf-8"));
-    } catch {
-    }
-  }
-  const policy = await fetchPolicy(apiKey);
-  writeFileSync(path, JSON.stringify(policy), "utf-8");
-  return policy;
-};
-var resolvePolicy = (config, toolName) => {
-  const exact = config.policies.find((p) => p.tool === toolName);
-  if (exact) return exact;
-  const wildcard = config.policies.find((p) => p.tool === "*");
-  if (wildcard) return wildcard;
-  return {
-    tool: toolName,
-    timeoutSeconds: config.defaultTimeoutSeconds,
-    timeoutAction: config.defaultTimeoutAction
-  };
-};
-
-// src/hook.ts
-import { basename } from "path";
-var describeToolCall = (input) => {
-  const { tool_name, tool_input } = input;
-  switch (tool_name) {
-    case "Bash":
-      return `bash: ${tool_input.command ?? "(no command)"}`;
-    case "Write":
-      return `write file: ${tool_input.file_path ?? "(unknown path)"}`;
-    case "Edit":
-      return `edit file: ${tool_input.file_path ?? "(unknown path)"}`;
-    case "Read":
-      return `read file: ${tool_input.file_path ?? "(unknown path)"}`;
-    default:
-      return `${tool_name}: ${JSON.stringify(tool_input).slice(0, 200)}`;
-  }
-};
-var sleep = (ms) => new Promise((resolve) => setTimeout(resolve, ms));
-var allow = () => ({
-  hookSpecificOutput: {
-    hookEventName: "PreToolUse",
-    permissionDecision: "allow"
-  }
-});
-var deny = (reason) => ({
-  hookSpecificOutput: {
-    hookEventName: "PreToolUse",
-    permissionDecision: "deny",
-    permissionDecisionReason: reason
-  }
-});
-var ask = (reason) => ({
-  hookSpecificOutput: {
-    hookEventName: "PreToolUse",
-    permissionDecision: "ask",
-    permissionDecisionReason: reason
-  }
-});
-var handlePreToolUse = async (input) => {
-  const apiKey = getApiKey();
-  const policy = await getPolicy(apiKey);
-  const toolPolicy = resolvePolicy(policy, input.tool_name);
-  if (toolPolicy.timeoutSeconds === 0 && toolPolicy.timeoutAction === "approve") {
-    return allow();
-  }
-  const description = describeToolCall(input);
-  const projectName = basename(input.cwd ?? process.cwd());
-  const result = await askUser(apiKey, {
-    question: `Allow ${description}?`,
-    type: "confirm",
-    context: `Agent wants to run this in ${projectName}`,
-    agentName: `Claude Code - ${projectName}`
-  });
-  const deadline = Date.now() + toolPolicy.timeoutSeconds * 1e3;
-  const pollInterval = 2e3;
-  while (Date.now() < deadline) {
-    const remaining = Math.min(
-      Math.max(deadline - Date.now(), 1e3),
-      3e4
-    );
-    const answer = await waitForAnswer(apiKey, result.correlationId, remaining);
-    if (answer.answered) {
-      return answer.value === "yes" ? allow() : deny("Denied via Pushary push notification");
-    }
-    if (Date.now() + pollInterval >= deadline) break;
-    await sleep(pollInterval);
-  }
-  switch (toolPolicy.timeoutAction) {
-    case "approve":
-      return allow();
-    case "deny":
-      return deny("No response within timeout");
-    case "escalate":
-    default:
-      return ask("Pushary: no response, asking in terminal");
-  }
-};
-
-export {
-  getPolicy,
-  resolvePolicy,
-  handlePreToolUse
-};

package/dist/chunk-VUNL35KE.js

@@ -1,16 +0,0 @@
-// src/config.ts
-var getApiKey = () => {
-  const key = process.env.PUSHARY_API_KEY;
-  if (!key) {
-    throw new Error(
-      "PUSHARY_API_KEY environment variable is not set. Get your API key at https://pushary.com/sign-up?from=ai-coding"
-    );
-  }
-  return key;
-};
-var getBaseUrl = () => process.env.PUSHARY_BASE_URL ?? "https://pushary.com";
-
-export {
-  getApiKey,
-  getBaseUrl
-};