@soulbatical/tetra-dev-toolkit 1.20.7 → 1.20.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/bin/tetra-security-gate.js +28 -17
- package/package.json +1 -1
|
@@ -217,9 +217,10 @@ program
|
|
|
217
217
|
|
|
218
218
|
if (!resp.ok) {
|
|
219
219
|
const body = await resp.text()
|
|
220
|
-
console.error(chalk.
|
|
221
|
-
console.
|
|
222
|
-
|
|
220
|
+
console.error(chalk.red.bold(`\n PUSH BLOCKED — Ralph Manager returned ${resp.status}`))
|
|
221
|
+
console.error(chalk.red(` ${body}`))
|
|
222
|
+
console.error(chalk.red(` Security-sensitive files detected but review failed.\n`))
|
|
223
|
+
process.exit(1)
|
|
223
224
|
}
|
|
224
225
|
|
|
225
226
|
const { data } = await resp.json()
|
|
@@ -236,10 +237,13 @@ program
|
|
|
236
237
|
process.exit(1)
|
|
237
238
|
}
|
|
238
239
|
} catch (err) {
|
|
239
|
-
// Ralph-manager offline —
|
|
240
|
-
console.
|
|
241
|
-
console.
|
|
242
|
-
|
|
240
|
+
// Ralph-manager offline — block the push (security files need review)
|
|
241
|
+
console.error(chalk.red.bold(`\n PUSH BLOCKED — Cannot reach ralph-manager at ${baseUrl}`))
|
|
242
|
+
console.error(chalk.red(` Security-sensitive files detected but review server unreachable.`))
|
|
243
|
+
console.error(chalk.yellow(`\n Options:`))
|
|
244
|
+
console.error(chalk.yellow(` 1. Start ralph-manager: npm run dev:backend`))
|
|
245
|
+
console.error(chalk.yellow(` 2. Check if backend is running on port 3005\n`))
|
|
246
|
+
process.exit(1)
|
|
243
247
|
}
|
|
244
248
|
|
|
245
249
|
// Step 4: Poll for verdict
|
|
@@ -273,20 +277,27 @@ program
|
|
|
273
277
|
}
|
|
274
278
|
|
|
275
279
|
if (result.status === 'timeout') {
|
|
276
|
-
console.
|
|
277
|
-
console.
|
|
278
|
-
|
|
280
|
+
console.error(chalk.red.bold(`\n ════════════════════════════════════════════════════════════`))
|
|
281
|
+
console.error(chalk.red.bold(` PUSH BLOCKED — Security Gate TIMEOUT`))
|
|
282
|
+
console.error(chalk.red.bold(` ════════════════════════════════════════════════════════════`))
|
|
283
|
+
console.error(chalk.red(`\n Agent did not respond within ${timeout}s.`))
|
|
284
|
+
console.error(chalk.red(` Security-sensitive files detected but not reviewed.`))
|
|
285
|
+
console.error(chalk.yellow(`\n Options:`))
|
|
286
|
+
console.error(chalk.yellow(` 1. Ensure ralph-manager backend is running (port 3005)`))
|
|
287
|
+
console.error(chalk.yellow(` 2. Increase timeout: tetra-security-gate --timeout 300`))
|
|
288
|
+
console.error(chalk.yellow(` 3. Dry-run to see what's being reviewed: tetra-security-gate --dry-run\n`))
|
|
289
|
+
process.exit(1)
|
|
279
290
|
}
|
|
280
291
|
|
|
281
|
-
// Unknown status —
|
|
282
|
-
console.
|
|
283
|
-
console.
|
|
284
|
-
process.exit(
|
|
292
|
+
// Unknown status — block (security files were detected but not reviewed)
|
|
293
|
+
console.error(chalk.red.bold(`\n PUSH BLOCKED — Unexpected verdict status: ${result.status}`))
|
|
294
|
+
console.error(chalk.red(` Security-sensitive files detected but review inconclusive.\n`))
|
|
295
|
+
process.exit(1)
|
|
285
296
|
|
|
286
297
|
} catch (err) {
|
|
287
|
-
console.error(chalk.red(`\n
|
|
288
|
-
|
|
289
|
-
process.exit(
|
|
298
|
+
console.error(chalk.red.bold(`\n PUSH BLOCKED — Security gate error: ${err.message}`))
|
|
299
|
+
console.error(chalk.red(` Security-sensitive files detected but review failed.\n`))
|
|
300
|
+
process.exit(1)
|
|
290
301
|
}
|
|
291
302
|
})
|
|
292
303
|
|