@savvy-web/silk-effects 1.2.0 → 1.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -33,14 +33,10 @@ const PostToolUseEnvelope = Schema.Struct({
33
33
  stderr: Schema.optional(Schema.String)
34
34
  })
35
35
  });
36
- const UserPromptSubmitEnvelope = Schema.Struct({
37
- hook_event_name: Schema.Literal("UserPromptSubmit"),
38
- prompt: Schema.String
39
- });
40
36
  const SessionStartEnvelope = Schema.Struct({
41
37
  hook_event_name: Schema.Literal("SessionStart"),
42
38
  source: Schema.optional(Schema.String)
43
39
  });
44
40
 
45
41
  //#endregion
46
- export { PostToolUseEnvelope, PreToolUseEnvelope, SessionStartEnvelope, UserPromptSubmitEnvelope };
42
+ export { PostToolUseEnvelope, PreToolUseEnvelope, SessionStartEnvelope };
@@ -34,12 +34,6 @@ function postToolUseAdvise(message) {
34
34
  additionalContext: message
35
35
  } };
36
36
  }
37
- function userPromptSubmitContext(message) {
38
- return { hookSpecificOutput: {
39
- hookEventName: "UserPromptSubmit",
40
- additionalContext: message
41
- } };
42
- }
43
37
 
44
38
  //#endregion
45
- export { postToolUseAdvise, preToolUseAdvise, preToolUseAllow, preToolUseDeny, preToolUseSilent, sessionStartContext, userPromptSubmitContext };
39
+ export { postToolUseAdvise, preToolUseAdvise, preToolUseAllow, preToolUseDeny, preToolUseSilent, sessionStartContext };
@@ -10,8 +10,8 @@ import { ERROR_EXPLANATIONS, ERROR_SUGGESTIONS, getExplanation, getSuggestion }
10
10
  import { format } from "./formatter/format.js";
11
11
  import { prompter } from "./prompt/prompter.js";
12
12
  import { detectScopes } from "./detection/scopes.js";
13
- import { PostToolUseEnvelope, PreToolUseEnvelope, SessionStartEnvelope, UserPromptSubmitEnvelope } from "./hook/envelope.js";
14
- import { postToolUseAdvise, preToolUseAdvise, preToolUseAllow, preToolUseDeny, preToolUseSilent, sessionStartContext, userPromptSubmitContext } from "./hook/output.js";
13
+ import { PostToolUseEnvelope, PreToolUseEnvelope, SessionStartEnvelope } from "./hook/envelope.js";
14
+ import { postToolUseAdvise, preToolUseAdvise, preToolUseAllow, preToolUseDeny, preToolUseSilent, sessionStartContext } from "./hook/output.js";
15
15
  import { parseBashCommand } from "./hook/parse-bash-command.js";
16
16
  import { HookSilencer } from "./hook/silence-logger.js";
17
17
  import { inferTicketId, readBranchInfo } from "./hook/diagnostics/branch.js";
@@ -61,7 +61,6 @@ var commitlint_exports = /* @__PURE__ */ __exportAll({
61
61
  TDD_STATES: () => TDD_STATES,
62
62
  TYPE_EMOJIS: () => TYPE_EMOJIS,
63
63
  TYPE_EMOJIS_UNICODE: () => TYPE_EMOJIS_UNICODE,
64
- UserPromptSubmitEnvelope: () => UserPromptSubmitEnvelope,
65
64
  VERBOSITY_LINE_THRESHOLD: () => 25,
66
65
  VERBOSITY_WORD_THRESHOLD: () => 400,
67
66
  buildSigningDiagnostic: () => buildSigningDiagnostic,
@@ -105,7 +104,6 @@ var commitlint_exports = /* @__PURE__ */ __exportAll({
105
104
  signingFlagConflictRule: () => signingFlagConflictRule,
106
105
  softWrapRule: () => softWrapRule,
107
106
  staticConfig: () => staticConfig,
108
- userPromptSubmitContext: () => userPromptSubmitContext,
109
107
  verbosityRule: () => verbosityRule,
110
108
  writeCache: () => writeCache
111
109
  });
package/index.d.ts CHANGED
@@ -5810,11 +5810,6 @@ declare const PostToolUseEnvelope: Schema.Struct<{
5810
5810
  }>;
5811
5811
  }>;
5812
5812
  type PostToolUseEnvelope = Schema.Schema.Type<typeof PostToolUseEnvelope>;
5813
- declare const UserPromptSubmitEnvelope: Schema.Struct<{
5814
- hook_event_name: Schema.Literal<["UserPromptSubmit"]>;
5815
- prompt: typeof Schema.String;
5816
- }>;
5817
- type UserPromptSubmitEnvelope = Schema.Schema.Type<typeof UserPromptSubmitEnvelope>;
5818
5813
  declare const SessionStartEnvelope: Schema.Struct<{
5819
5814
  hook_event_name: Schema.Literal<["SessionStart"]>;
5820
5815
  source: Schema.optional<typeof Schema.String>;
@@ -5834,7 +5829,6 @@ declare function preToolUseAdvise(message: string): HookOutput;
5834
5829
  declare function preToolUseSilent(): HookOutput;
5835
5830
  declare function sessionStartContext(message: string): HookOutput;
5836
5831
  declare function postToolUseAdvise(message: string): HookOutput;
5837
- declare function userPromptSubmitContext(message: string): HookOutput;
5838
5832
  //#endregion
5839
5833
  //#region src/commitlint/hook/parse-bash-command.d.ts
5840
5834
  type ParsedKind = "git-commit" | "git-commit-amend" | "gh-pr-create" | "gh-pr-edit" | "unknown";
@@ -5981,7 +5975,7 @@ declare const VERBOSITY_LINE_THRESHOLD = 25;
5981
5975
  declare const VERBOSITY_WORD_THRESHOLD = 400;
5982
5976
  declare const verbosityRule: Rule<VerbosityInput, never>;
5983
5977
  declare namespace index_d_exports$1 {
5984
- export { BranchInfo, COMMIT_TYPES, COMMIT_TYPE_DEFINITIONS, ClosesTrailerCtx, ClosesTrailerInput, CommitType, CommitTypeDefinition, CommitlintConfig, CommitlintPlugin, CommitlintUserConfig, ConfigOptions, DCO_SIGNOFF_TEXT, DEFAULT_BODY_MAX_LINE_LENGTH, ERROR_EXPLANATIONS, ERROR_SUGGESTIONS, ForbiddenContentInput, FormatterResult, HookOutput, RuleSeverity as HookRuleSeverity, HookSilencer, ISSUES_CACHE_RELATIVE_PATH, ISSUES_CACHE_TTL_SECONDS, Inquirer, LintOutcome, LockfilePresence, OpenIssue, PackageManager$1 as PackageManager, ParsedCommit, ParsedKind, PlanLeakageInput, PostToolUseEnvelope, PostToolUseEnvelope as PostToolUseEnvelopeType, PreToolUseEnvelope, PreToolUseEnvelope as PreToolUseEnvelopeType, PromptConfig, PromptConfigOptions, PromptQuestion, PromptSettings, PrompterOptions, Question, RawSigningInputs, ReleaseFormat, ResolvedPromptConfig, Rule, RuleApplicability, RuleConfigTuple, RuleHit, RuleResult, RuleSeverity$1 as RuleSeverity, RulesConfig, SessionStartEnvelope, SessionStartEnvelope as SessionStartEnvelopeType, SigningDiagnostic, SigningFlagCtx, SigningFlagInput, SoftWrapInput, TDD_SCOPE_PATTERN, TDD_STATES, TYPE_EMOJIS, TYPE_EMOJIS_UNICODE, TypeEnumEntry, UserPromptSubmitEnvelope, UserPromptSubmitEnvelope as UserPromptSubmitEnvelopeType, VERBOSITY_LINE_THRESHOLD, VERBOSITY_WORD_THRESHOLD, VerbosityInput, buildSigningDiagnostic, closesTrailerRule, createPromptConfig, createTypeEnum, CommitlintConfig as default, defaultPromptConfig, detectDCO, detectFromLockfiles, detectPackageManager, detectScopes, emojiPromptConfig, fetchAndCacheOpenIssues, forbiddenContentRule, format, getExplanation, getSuggestion, getTypeEmoji, hasClosingTrailer, inferTicketId, parseBashCommand, parseGpgKeyExpiry, parseHuskyConfigPath, parsePackageManagerField, partitionHits, planLeakageRule, postToolUseAdvise, preToolUseAdvise, preToolUseAllow, preToolUseDeny, preToolUseSilent, prompter, readBranchInfo, readCache, readCommitlintConfigPath, readOpenIssuesFromCache, readOrFetchOpenIssues, readSigningDiagnostic, sessionStartContext, signingFlagConflictRule, softWrapRule, staticConfig, userPromptSubmitContext, verbosityRule, writeCache };
5978
+ export { BranchInfo, COMMIT_TYPES, COMMIT_TYPE_DEFINITIONS, ClosesTrailerCtx, ClosesTrailerInput, CommitType, CommitTypeDefinition, CommitlintConfig, CommitlintPlugin, CommitlintUserConfig, ConfigOptions, DCO_SIGNOFF_TEXT, DEFAULT_BODY_MAX_LINE_LENGTH, ERROR_EXPLANATIONS, ERROR_SUGGESTIONS, ForbiddenContentInput, FormatterResult, HookOutput, RuleSeverity as HookRuleSeverity, HookSilencer, ISSUES_CACHE_RELATIVE_PATH, ISSUES_CACHE_TTL_SECONDS, Inquirer, LintOutcome, LockfilePresence, OpenIssue, PackageManager$1 as PackageManager, ParsedCommit, ParsedKind, PlanLeakageInput, PostToolUseEnvelope, PostToolUseEnvelope as PostToolUseEnvelopeType, PreToolUseEnvelope, PreToolUseEnvelope as PreToolUseEnvelopeType, PromptConfig, PromptConfigOptions, PromptQuestion, PromptSettings, PrompterOptions, Question, RawSigningInputs, ReleaseFormat, ResolvedPromptConfig, Rule, RuleApplicability, RuleConfigTuple, RuleHit, RuleResult, RuleSeverity$1 as RuleSeverity, RulesConfig, SessionStartEnvelope, SessionStartEnvelope as SessionStartEnvelopeType, SigningDiagnostic, SigningFlagCtx, SigningFlagInput, SoftWrapInput, TDD_SCOPE_PATTERN, TDD_STATES, TYPE_EMOJIS, TYPE_EMOJIS_UNICODE, TypeEnumEntry, VERBOSITY_LINE_THRESHOLD, VERBOSITY_WORD_THRESHOLD, VerbosityInput, buildSigningDiagnostic, closesTrailerRule, createPromptConfig, createTypeEnum, CommitlintConfig as default, defaultPromptConfig, detectDCO, detectFromLockfiles, detectPackageManager, detectScopes, emojiPromptConfig, fetchAndCacheOpenIssues, forbiddenContentRule, format, getExplanation, getSuggestion, getTypeEmoji, hasClosingTrailer, inferTicketId, parseBashCommand, parseGpgKeyExpiry, parseHuskyConfigPath, parsePackageManagerField, partitionHits, planLeakageRule, postToolUseAdvise, preToolUseAdvise, preToolUseAllow, preToolUseDeny, preToolUseSilent, prompter, readBranchInfo, readCache, readCommitlintConfigPath, readOpenIssuesFromCache, readOrFetchOpenIssues, readSigningDiagnostic, sessionStartContext, signingFlagConflictRule, softWrapRule, staticConfig, verbosityRule, writeCache };
5985
5979
  }
5986
5980
  /**
5987
5981
  * Dynamic commitlint configuration factory.
@@ -7906,7 +7900,7 @@ declare const MARKDOWNLINT_TEMPLATE: {
7906
7900
  readonly fix: true;
7907
7901
  readonly gitignore: true;
7908
7902
  readonly noBanner: true;
7909
- readonly ignores: readonly ["**/node_modules", "**/.cache", "**/coverage", "**/.coverage", "**/dist", "**/CHANGELOG.md", "**/.claude/plans", "**/docs/superpowers", "**/__test__/**/fixtures/**", "**/__fixtures__/**"];
7903
+ readonly ignores: readonly ["**/.git", "**/node_modules", "**/.cache", "**/coverage", "**/.coverage", "**/dist", "**/CHANGELOG.md", "**/.claude/plans", "**/docs/superpowers", "**/__test__/**/fixtures/**", "**/__fixtures__/**"];
7910
7904
  readonly customRules: readonly ["@savvy-web/silk/changesets/markdownlint"];
7911
7905
  readonly config: {
7912
7906
  readonly default: true;
@@ -16,6 +16,7 @@ const MARKDOWNLINT_TEMPLATE = {
16
16
  gitignore: true,
17
17
  noBanner: true,
18
18
  ignores: [
19
+ "**/.git",
19
20
  "**/node_modules",
20
21
  "**/.cache",
21
22
  "**/coverage",
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@savvy-web/silk-effects",
3
- "version": "1.2.0",
3
+ "version": "1.3.1",
4
4
  "private": false,
5
5
  "description": "Shared Effect library for Silk Suite conventions",
6
6
  "homepage": "https://github.com/savvy-web/systems/tree/main/packages/silk-effects",
@@ -16,6 +16,26 @@ const DEFAULT_REGISTRIES = {
16
16
  github: "https://npm.pkg.github.com"
17
17
  };
18
18
  /**
19
+ * Whether a registry endpoint participates in npm-style SLSA provenance.
20
+ *
21
+ * @remarks
22
+ * The npm public registry and GitHub Packages both accept provenance attestations through the
23
+ * Sigstore/OIDC trusted-publishing flow, so a {@link PublishTarget} bound to either is marked
24
+ * `provenance: true` by default — this is what gates the release action's attestation step. JSR
25
+ * and custom registries do not participate and resolve to `false`. Matching is endpoint-based
26
+ * (not target-key based) so a custom key pointed at one of these registries still opts in.
27
+ */
28
+ const provenanceForRegistry = (registry) => {
29
+ const normalized = /^[a-z]+:\/\//i.test(registry) ? registry : `https://${registry}`;
30
+ let hostname;
31
+ try {
32
+ hostname = new URL(normalized).hostname.toLowerCase();
33
+ } catch {
34
+ return false;
35
+ }
36
+ return hostname === "registry.npmjs.org" || hostname === "npm.pkg.github.com";
37
+ };
38
+ /**
19
39
  * Silk publishability rules over `workspaces-effect`'s {@link PublishTarget}.
20
40
  *
21
41
  * @remarks
@@ -57,28 +77,41 @@ var SilkPublishability = class {
57
77
  name: t.name,
58
78
  registry: t.registry,
59
79
  directory: dirByGroup.get(t.group) ?? `dist/prod/${t.group}/pkg`,
60
- access
80
+ access,
81
+ provenance: provenanceForRegistry(t.registry)
61
82
  }));
62
83
  }
63
- return Object.keys(targets).map((id) => new PublishTarget({
84
+ return Object.entries(targets).map(([id, target]) => {
85
+ const registry = typeof target === "object" && target !== null && typeof target.registry === "string" ? target.registry : DEFAULT_REGISTRIES[id] ?? pc?.registry ?? NPM_DEFAULT;
86
+ return new PublishTarget({
87
+ name: pkgName,
88
+ registry,
89
+ directory: `dist/prod/${id}/pkg`,
90
+ access,
91
+ provenance: provenanceForRegistry(registry)
92
+ });
93
+ });
94
+ }
95
+ if (pc && (pc.access === "public" || pc.access === "restricted")) {
96
+ const registry = pc.registry ?? NPM_DEFAULT;
97
+ return [new PublishTarget({
98
+ name: pkgName,
99
+ registry,
100
+ directory: pc.directory ?? ".",
101
+ access: pc.access,
102
+ provenance: provenanceForRegistry(registry)
103
+ })];
104
+ }
105
+ if (raw.private !== true) {
106
+ const registry = pc?.registry ?? NPM_DEFAULT;
107
+ return [new PublishTarget({
64
108
  name: pkgName,
65
- registry: DEFAULT_REGISTRIES[id] ?? pc?.registry ?? NPM_DEFAULT,
66
- directory: `dist/prod/${id}/pkg`,
67
- access
68
- }));
109
+ registry,
110
+ directory: pc?.directory ?? ".",
111
+ access: pc?.access ?? "public",
112
+ provenance: provenanceForRegistry(registry)
113
+ })];
69
114
  }
70
- if (pc && (pc.access === "public" || pc.access === "restricted")) return [new PublishTarget({
71
- name: pkgName,
72
- registry: pc.registry ?? NPM_DEFAULT,
73
- directory: pc.directory ?? ".",
74
- access: pc.access
75
- })];
76
- if (raw.private !== true) return [new PublishTarget({
77
- name: pkgName,
78
- registry: pc?.registry ?? NPM_DEFAULT,
79
- directory: pc?.directory ?? ".",
80
- access: pc?.access ?? "public"
81
- })];
82
115
  return [];
83
116
  }
84
117
  /**