@saferun/cli 0.5.26 → 0.5.28

package/dist/utils/credentials.d.ts

@@ -0,0 +1,48 @@
+/**
+ * Global credentials management for SafeRun
+ * Stores API key in ~/.saferun/credentials with secure permissions
+ */
+export interface GlobalCredentials {
+    api_key?: string;
+    created_at?: string;
+    updated_at?: string;
+}
+/**
+ * Ensure global config directory exists with secure permissions
+ */
+export declare function ensureGlobalConfigDir(): Promise<void>;
+/**
+ * Load credentials from global config
+ */
+export declare function loadGlobalCredentials(): Promise<GlobalCredentials>;
+/**
+ * Save credentials to global config with secure permissions
+ */
+export declare function saveGlobalCredentials(credentials: GlobalCredentials): Promise<void>;
+/**
+ * Get API key from (in order of priority):
+ * 1. Environment variable SAFERUN_API_KEY
+ * 2. Global credentials file ~/.saferun/credentials
+ * 3. Local config file .saferun/config.yml
+ */
+export declare function resolveApiKey(localApiKey?: string): Promise<string | undefined>;
+/**
+ * Check if API key is configured anywhere
+ */
+export declare function hasApiKey(): Promise<boolean>;
+/**
+ * Validate API key format
+ */
+export declare function isValidApiKeyFormat(key: string): boolean;
+/**
+ * Mask API key for display (show first 8 and last 4 chars)
+ */
+export declare function maskApiKey(key: string): string;
+/**
+ * Get global config directory path
+ */
+export declare function getGlobalConfigDir(): string;
+/**
+ * Get credentials file path
+ */
+export declare function getCredentialsPath(): string;

package/dist/utils/credentials.js

@@ -0,0 +1,143 @@
+"use strict";
+/**
+ * Global credentials management for SafeRun
+ * Stores API key in ~/.saferun/credentials with secure permissions
+ */
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ensureGlobalConfigDir = ensureGlobalConfigDir;
+exports.loadGlobalCredentials = loadGlobalCredentials;
+exports.saveGlobalCredentials = saveGlobalCredentials;
+exports.resolveApiKey = resolveApiKey;
+exports.hasApiKey = hasApiKey;
+exports.isValidApiKeyFormat = isValidApiKeyFormat;
+exports.maskApiKey = maskApiKey;
+exports.getGlobalConfigDir = getGlobalConfigDir;
+exports.getCredentialsPath = getCredentialsPath;
+const fs_1 = __importDefault(require("fs"));
+const path_1 = __importDefault(require("path"));
+const os_1 = __importDefault(require("os"));
+const GLOBAL_CONFIG_DIR = path_1.default.join(os_1.default.homedir(), '.saferun');
+const CREDENTIALS_FILE = path_1.default.join(GLOBAL_CONFIG_DIR, 'credentials');
+const GLOBAL_CONFIG_FILE = path_1.default.join(GLOBAL_CONFIG_DIR, 'config.yml');
+/**
+ * Ensure global config directory exists with secure permissions
+ */
+async function ensureGlobalConfigDir() {
+    if (!fs_1.default.existsSync(GLOBAL_CONFIG_DIR)) {
+        await fs_1.default.promises.mkdir(GLOBAL_CONFIG_DIR, { mode: 0o700, recursive: true });
+    }
+}
+/**
+ * Load credentials from global config
+ */
+async function loadGlobalCredentials() {
+    try {
+        await ensureGlobalConfigDir();
+        if (!fs_1.default.existsSync(CREDENTIALS_FILE)) {
+            return {};
+        }
+        const content = await fs_1.default.promises.readFile(CREDENTIALS_FILE, 'utf-8');
+        const credentials = {};
+        // Simple key=value format (not YAML to avoid dependencies)
+        for (const line of content.split('\n')) {
+            const trimmed = line.trim();
+            if (!trimmed || trimmed.startsWith('#'))
+                continue;
+            const [key, ...valueParts] = trimmed.split('=');
+            const value = valueParts.join('=').trim();
+            if (key === 'api_key' || key === 'SAFERUN_API_KEY') {
+                credentials.api_key = value;
+            }
+            else if (key === 'created_at') {
+                credentials.created_at = value;
+            }
+            else if (key === 'updated_at') {
+                credentials.updated_at = value;
+            }
+        }
+        return credentials;
+    }
+    catch {
+        return {};
+    }
+}
+/**
+ * Save credentials to global config with secure permissions
+ */
+async function saveGlobalCredentials(credentials) {
+    await ensureGlobalConfigDir();
+    const now = new Date().toISOString();
+    const existing = await loadGlobalCredentials();
+    const content = [
+        '# SafeRun Global Credentials',
+        '# This file contains sensitive data - DO NOT COMMIT',
+        `# Created: ${existing.created_at || now}`,
+        `# Updated: ${now}`,
+        '',
+        `api_key=${credentials.api_key || ''}`,
+        `created_at=${existing.created_at || now}`,
+        `updated_at=${now}`,
+        '',
+    ].join('\n');
+    await fs_1.default.promises.writeFile(CREDENTIALS_FILE, content, { mode: 0o600 });
+}
+/**
+ * Get API key from (in order of priority):
+ * 1. Environment variable SAFERUN_API_KEY
+ * 2. Global credentials file ~/.saferun/credentials
+ * 3. Local config file .saferun/config.yml
+ */
+async function resolveApiKey(localApiKey) {
+    // 1. Environment variable has highest priority
+    if (process.env.SAFERUN_API_KEY) {
+        return process.env.SAFERUN_API_KEY;
+    }
+    // 2. Global credentials
+    const globalCreds = await loadGlobalCredentials();
+    if (globalCreds.api_key) {
+        return globalCreds.api_key;
+    }
+    // 3. Local config (passed in)
+    if (localApiKey) {
+        return localApiKey;
+    }
+    return undefined;
+}
+/**
+ * Check if API key is configured anywhere
+ */
+async function hasApiKey() {
+    const key = await resolveApiKey();
+    return !!key;
+}
+/**
+ * Validate API key format
+ */
+function isValidApiKeyFormat(key) {
+    // SafeRun API keys start with 'sr_' and are at least 20 chars
+    return key.startsWith('sr_') && key.length >= 20;
+}
+/**
+ * Mask API key for display (show first 8 and last 4 chars)
+ */
+function maskApiKey(key) {
+    if (key.length < 16)
+        return '***';
+    return `${key.substring(0, 8)}...${key.substring(key.length - 4)}`;
+}
+/**
+ * Get global config directory path
+ */
+function getGlobalConfigDir() {
+    return GLOBAL_CONFIG_DIR;
+}
+/**
+ * Get credentials file path
+ */
+function getCredentialsPath() {
+    return CREDENTIALS_FILE;
+}
+//# sourceMappingURL=credentials.js.map

package/dist/utils/credentials.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"credentials.js","sourceRoot":"","sources":["../../src/utils/credentials.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;;;AAmBH,sDAIC;AAKD,sDAgCC;AAKD,sDAmBC;AAQD,sCAkBC;AAKD,8BAGC;AAKD,kDAGC;AAKD,gCAGC;AAKD,gDAEC;AAKD,gDAEC;AAlJD,4CAAoB;AACpB,gDAAwB;AACxB,4CAAoB;AAEpB,MAAM,iBAAiB,GAAG,cAAI,CAAC,IAAI,CAAC,YAAE,CAAC,OAAO,EAAE,EAAE,UAAU,CAAC,CAAC;AAC9D,MAAM,gBAAgB,GAAG,cAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,aAAa,CAAC,CAAC;AACrE,MAAM,kBAAkB,GAAG,cAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,YAAY,CAAC,CAAC;AAQtE;;GAEG;AACI,KAAK,UAAU,qBAAqB;IACzC,IAAI,CAAC,YAAE,CAAC,UAAU,CAAC,iBAAiB,CAAC,EAAE,CAAC;QACtC,MAAM,YAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,iBAAiB,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAC/E,CAAC;AACH,CAAC;AAED;;GAEG;AACI,KAAK,UAAU,qBAAqB;IACzC,IAAI,CAAC;QACH,MAAM,qBAAqB,EAAE,CAAC;QAE9B,IAAI,CAAC,YAAE,CAAC,UAAU,CAAC,gBAAgB,CAAC,EAAE,CAAC;YACrC,OAAO,EAAE,CAAC;QACZ,CAAC;QAED,MAAM,OAAO,GAAG,MAAM,YAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,gBAAgB,EAAE,OAAO,CAAC,CAAC;QACtE,MAAM,WAAW,GAAsB,EAAE,CAAC;QAE1C,2DAA2D;QAC3D,KAAK,MAAM,IAAI,IAAI,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;YACvC,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;YAC5B,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC;gBAAE,SAAS;YAElD,MAAM,CAAC,GAAG,EAAE,GAAG,UAAU,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAChD,MAAM,KAAK,GAAG,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;YAE1C,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,iBAAiB,EAAE,CAAC;gBACnD,WAAW,CAAC,OAAO,GAAG,KAAK,CAAC;YAC9B,CAAC;iBAAM,IAAI,GAAG,KAAK,YAAY,EAAE,CAAC;gBAChC,WAAW,CAAC,UAAU,GAAG,KAAK,CAAC;YACjC,CAAC;iBAAM,IAAI,GAAG,KAAK,YAAY,EAAE,CAAC;gBAChC,WAAW,CAAC,UAAU,GAAG,KAAK,CAAC;YACjC,CAAC;QACH,CAAC;QAED,OAAO,WAAW,CAAC;IACrB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,CAAC;IACZ,CAAC;AACH,CAAC;AAED;;GAEG;AACI,KAAK,UAAU,qBAAqB,CAAC,WAA8B;IACxE,MAAM,qBAAqB,EAAE,CAAC;IAE9B,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IACrC,MAAM,QAAQ,GAAG,MAAM,qBAAqB,EAAE,CAAC;IAE/C,MAAM,OAAO,GAAG;QACd,8BAA8B;QAC9B,qDAAqD;QACrD,cAAc,QAAQ,CAAC,UAAU,IAAI,GAAG,EAAE;QAC1C,cAAc,GAAG,EAAE;QACnB,EAAE;QACF,WAAW,WAAW,CAAC,OAAO,IAAI,EAAE,EAAE;QACtC,cAAc,QAAQ,CAAC,UAAU,IAAI,GAAG,EAAE;QAC1C,cAAc,GAAG,EAAE;QACnB,EAAE;KACH,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAEb,MAAM,YAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,gBAAgB,EAAE,OAAO,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;AAC1E,CAAC;AAED;;;;;GAKG;AACI,KAAK,UAAU,aAAa,CAAC,WAAoB;IACtD,+CAA+C;IAC/C,IAAI,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,CAAC;QAChC,OAAO,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC;IACrC,CAAC;IAED,wBAAwB;IACxB,MAAM,WAAW,GAAG,MAAM,qBAAqB,EAAE,CAAC;IAClD,IAAI,WAAW,CAAC,OAAO,EAAE,CAAC;QACxB,OAAO,WAAW,CAAC,OAAO,CAAC;IAC7B,CAAC;IAED,8BAA8B;IAC9B,IAAI,WAAW,EAAE,CAAC;QAChB,OAAO,WAAW,CAAC;IACrB,CAAC;IAED,OAAO,SAAS,CAAC;AACnB,CAAC;AAED;;GAEG;AACI,KAAK,UAAU,SAAS;IAC7B,MAAM,GAAG,GAAG,MAAM,aAAa,EAAE,CAAC;IAClC,OAAO,CAAC,CAAC,GAAG,CAAC;AACf,CAAC;AAED;;GAEG;AACH,SAAgB,mBAAmB,CAAC,GAAW;IAC7C,8DAA8D;IAC9D,OAAO,GAAG,CAAC,UAAU,CAAC,KAAK,CAAC,IAAI,GAAG,CAAC,MAAM,IAAI,EAAE,CAAC;AACnD,CAAC;AAED;;GAEG;AACH,SAAgB,UAAU,CAAC,GAAW;IACpC,IAAI,GAAG,CAAC,MAAM,GAAG,EAAE;QAAE,OAAO,KAAK,CAAC;IAClC,OAAO,GAAG,GAAG,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,MAAM,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,EAAE,CAAC;AACrE,CAAC;AAED;;GAEG;AACH,SAAgB,kBAAkB;IAChC,OAAO,iBAAiB,CAAC;AAC3B,CAAC;AAED;;GAEG;AACH,SAAgB,kBAAkB;IAChC,OAAO,gBAAgB,CAAC;AAC1B,CAAC"}

package/dist/utils/gitignore.d.ts

@@ -0,0 +1,22 @@
+/**
+ * .gitignore management for SafeRun
+ * Ensures sensitive files are never committed
+ */
+export interface GitignoreCheckResult {
+    exists: boolean;
+    hasSaferunEntries: boolean;
+    missingEntries: string[];
+    path: string;
+}
+/**
+ * Check if .gitignore exists and has SafeRun entries
+ */
+export declare function checkGitignore(repoRoot: string): Promise<GitignoreCheckResult>;
+/**
+ * Add SafeRun entries to .gitignore
+ */
+export declare function addToGitignore(repoRoot: string): Promise<void>;
+/**
+ * Get the entries that would be added to .gitignore
+ */
+export declare function getSaferunGitignoreEntries(): string[];

package/dist/utils/gitignore.js

@@ -0,0 +1,105 @@
+"use strict";
+/**
+ * .gitignore management for SafeRun
+ * Ensures sensitive files are never committed
+ */
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.checkGitignore = checkGitignore;
+exports.addToGitignore = addToGitignore;
+exports.getSaferunGitignoreEntries = getSaferunGitignoreEntries;
+const fs_1 = __importDefault(require("fs"));
+const path_1 = __importDefault(require("path"));
+const SAFERUN_GITIGNORE_ENTRIES = [
+    '',
+    '# SafeRun - security (never commit credentials)',
+    '.saferun/credentials',
+    '.saferun/secrets/',
+    '',
+    '# SafeRun - local cache and logs',
+    '.saferun/cache/',
+    '.saferun/*.log',
+    '.saferun/logs/',
+];
+const REQUIRED_ENTRIES = [
+    '.saferun/credentials',
+    '.saferun/secrets/',
+    '.saferun/cache/',
+    '.saferun/*.log',
+];
+/**
+ * Check if .gitignore exists and has SafeRun entries
+ */
+async function checkGitignore(repoRoot) {
+    const gitignorePath = path_1.default.join(repoRoot, '.gitignore');
+    const result = {
+        exists: false,
+        hasSaferunEntries: false,
+        missingEntries: [],
+        path: gitignorePath,
+    };
+    if (!fs_1.default.existsSync(gitignorePath)) {
+        result.missingEntries = [...REQUIRED_ENTRIES];
+        return result;
+    }
+    result.exists = true;
+    try {
+        const content = await fs_1.default.promises.readFile(gitignorePath, 'utf-8');
+        const lines = content.split('\n').map(l => l.trim());
+        // Check each required entry
+        for (const entry of REQUIRED_ENTRIES) {
+            const found = lines.some(line => {
+                // Exact match or pattern match
+                if (line === entry)
+                    return true;
+                // Check if .saferun/ is ignored entirely
+                if (line === '.saferun/' || line === '.saferun')
+                    return true;
+                // Check glob patterns
+                if (entry.includes('*') && line === entry)
+                    return true;
+                return false;
+            });
+            if (!found) {
+                result.missingEntries.push(entry);
+            }
+        }
+        result.hasSaferunEntries = result.missingEntries.length === 0;
+        // Also check if entire .saferun is ignored (that's fine too)
+        if (lines.includes('.saferun/') || lines.includes('.saferun')) {
+            result.hasSaferunEntries = true;
+            result.missingEntries = [];
+        }
+    }
+    catch {
+        result.missingEntries = [...REQUIRED_ENTRIES];
+    }
+    return result;
+}
+/**
+ * Add SafeRun entries to .gitignore
+ */
+async function addToGitignore(repoRoot) {
+    const gitignorePath = path_1.default.join(repoRoot, '.gitignore');
+    let content = '';
+    if (fs_1.default.existsSync(gitignorePath)) {
+        content = await fs_1.default.promises.readFile(gitignorePath, 'utf-8');
+        // Ensure file ends with newline
+        if (!content.endsWith('\n')) {
+            content += '\n';
+        }
+    }
+    // Add SafeRun section
+    content += SAFERUN_GITIGNORE_ENTRIES.join('\n');
+    content += '\n';
+    await fs_1.default.promises.writeFile(gitignorePath, content);
+}
+/**
+ * Get the entries that would be added to .gitignore
+ */
+function getSaferunGitignoreEntries() {
+    return [...SAFERUN_GITIGNORE_ENTRIES];
+}
+//# sourceMappingURL=gitignore.js.map

package/dist/utils/gitignore.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"gitignore.js","sourceRoot":"","sources":["../../src/utils/gitignore.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;;;AAkCH,wCAmDC;AAKD,wCAkBC;AAKD,gEAEC;AAjHD,4CAAoB;AACpB,gDAAwB;AAExB,MAAM,yBAAyB,GAAG;IAChC,EAAE;IACF,iDAAiD;IACjD,sBAAsB;IACtB,mBAAmB;IACnB,EAAE;IACF,kCAAkC;IAClC,iBAAiB;IACjB,gBAAgB;IAChB,gBAAgB;CACjB,CAAC;AAEF,MAAM,gBAAgB,GAAG;IACvB,sBAAsB;IACtB,mBAAmB;IACnB,iBAAiB;IACjB,gBAAgB;CACjB,CAAC;AASF;;GAEG;AACI,KAAK,UAAU,cAAc,CAAC,QAAgB;IACnD,MAAM,aAAa,GAAG,cAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;IAExD,MAAM,MAAM,GAAyB;QACnC,MAAM,EAAE,KAAK;QACb,iBAAiB,EAAE,KAAK;QACxB,cAAc,EAAE,EAAE;QAClB,IAAI,EAAE,aAAa;KACpB,CAAC;IAEF,IAAI,CAAC,YAAE,CAAC,UAAU,CAAC,aAAa,CAAC,EAAE,CAAC;QAClC,MAAM,CAAC,cAAc,GAAG,CAAC,GAAG,gBAAgB,CAAC,CAAC;QAC9C,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,MAAM,CAAC,MAAM,GAAG,IAAI,CAAC;IAErB,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,YAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;QACnE,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAErD,4BAA4B;QAC5B,KAAK,MAAM,KAAK,IAAI,gBAAgB,EAAE,CAAC;YACrC,MAAM,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;gBAC9B,+BAA+B;gBAC/B,IAAI,IAAI,KAAK,KAAK;oBAAE,OAAO,IAAI,CAAC;gBAChC,yCAAyC;gBACzC,IAAI,IAAI,KAAK,WAAW,IAAI,IAAI,KAAK,UAAU;oBAAE,OAAO,IAAI,CAAC;gBAC7D,sBAAsB;gBACtB,IAAI,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,IAAI,KAAK,KAAK;oBAAE,OAAO,IAAI,CAAC;gBACvD,OAAO,KAAK,CAAC;YACf,CAAC,CAAC,CAAC;YAEH,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,MAAM,CAAC,cAAc,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YACpC,CAAC;QACH,CAAC;QAED,MAAM,CAAC,iBAAiB,GAAG,MAAM,CAAC,cAAc,CAAC,MAAM,KAAK,CAAC,CAAC;QAE9D,6DAA6D;QAC7D,IAAI,KAAK,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,KAAK,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;YAC9D,MAAM,CAAC,iBAAiB,GAAG,IAAI,CAAC;YAChC,MAAM,CAAC,cAAc,GAAG,EAAE,CAAC;QAC7B,CAAC;IAEH,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,CAAC,cAAc,GAAG,CAAC,GAAG,gBAAgB,CAAC,CAAC;IAChD,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACI,KAAK,UAAU,cAAc,CAAC,QAAgB;IACnD,MAAM,aAAa,GAAG,cAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;IAExD,IAAI,OAAO,GAAG,EAAE,CAAC;IAEjB,IAAI,YAAE,CAAC,UAAU,CAAC,aAAa,CAAC,EAAE,CAAC;QACjC,OAAO,GAAG,MAAM,YAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;QAC7D,gCAAgC;QAChC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;YAC5B,OAAO,IAAI,IAAI,CAAC;QAClB,CAAC;IACH,CAAC;IAED,sBAAsB;IACtB,OAAO,IAAI,yBAAyB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAChD,OAAO,IAAI,IAAI,CAAC;IAEhB,MAAM,YAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;AACtD,CAAC;AAED;;GAEG;AACH,SAAgB,0BAA0B;IACxC,OAAO,CAAC,GAAG,yBAAyB,CAAC,CAAC;AACxC,CAAC"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@saferun/cli",
-  "version": "0.5.26",
+  "version": "0.5.28",
   "description": "AI Safety Middleware - Protect your Git workflows from dangerous AI agent operations",
   "author": "SafeRun Team",
   "license": "MIT",