npm - @staff0rd/assist - Versions diffs - 0.158.2 → 0.159.0 - Mend

@staff0rd/assist 0.158.2 → 0.159.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/claude/settings.json CHANGED Viewed

@@ -8,6 +8,10 @@
 			{
 				"matcher": "Bash",
 				"hooks": [{ "type": "command", "command": "assist cli-hook" }]
+			},
+			{
+				"matcher": "PowerShell",
+				"hooks": [{ "type": "command", "command": "assist cli-hook" }]
 			}
 		],
 		"Notification": [
@@ -103,6 +107,8 @@
 			"SlashCommand(/test-review)",
 			"WebFetch(domain:staffordwilliams.com)"
 		],
-		"deny": ["Bash(git commit:*)", "Bash(npm run:*)", "Bash(npx assist:*)"]
+		"deny": [
+			"Bash(git commit:*)", "Bash(npm run:*)", "Bash(npx assist:*)"
+		]
 	}
 }

package/dist/index.js CHANGED Viewed

@@ -6,7 +6,7 @@ import { Command } from "commander";
 // package.json
 var package_default = {
   name: "@staff0rd/assist",
-  version: "0.158.2",
+  version: "0.159.0",
   type: "module",
   main: "dist/index.js",
   bin: {
@@ -3666,23 +3666,39 @@ function findCliRead(command) {
   return candidates.sort((a, b) => b.length - a.length).find((rc) => command === rc || command.startsWith(`${rc} `));
 }
-// src/shared/matchesBashAllow.ts
+// src/shared/matchesAllow.ts
 import { existsSync as existsSync21, readFileSync as readFileSync16 } from "fs";
 import { homedir as homedir3 } from "os";
 import { join as join13 } from "path";
-var cached;
-function loadBashAllowPrefixes() {
-  if (cached) return cached;
-  cached = parsePrefixes(collectAllowEntries());
-  return cached;
-}
-function matchesBashAllow(command) {
-  const prefixes = loadBashAllowPrefixes();
+var allowCache;
+var denyCache;
+var TOOL_RE = /^(Bash|PowerShell)\((.+?)(?::.*)\)$/;
+function loadPrefixes(key) {
+  const entries = collectEntries(key);
+  return parsePrefixes(entries);
+}
+var SHELL_TOOLS = ["Bash", "PowerShell"];
+function shellPrefixes(map, toolName) {
+  if (SHELL_TOOLS.includes(toolName)) {
+    return SHELL_TOOLS.flatMap((t) => map.get(t) ?? []);
+  }
+  return map.get(toolName) ?? [];
+}
+function matchesAllow(toolName, command) {
+  if (!allowCache) allowCache = loadPrefixes("allow");
+  const prefixes = shellPrefixes(allowCache, toolName);
   return prefixes.find(
     (pfx) => command === pfx || command.startsWith(`${pfx} `)
   );
 }
-function collectAllowEntries() {
+function matchesDeny(toolName, command) {
+  if (!denyCache) denyCache = loadPrefixes("deny");
+  const prefixes = shellPrefixes(denyCache, toolName);
+  return prefixes.find(
+    (pfx) => command === pfx || command.startsWith(`${pfx} `)
+  );
+}
+function collectEntries(key) {
   const paths = [
     join13(homedir3(), ".claude", "settings.json"),
     join13(process.cwd(), ".claude", "settings.json"),
@@ -3690,37 +3706,42 @@ function collectAllowEntries() {
   ];
   const entries = [];
   for (const p of paths) {
-    entries.push(...readAllowArray(p));
+    entries.push(...readPermissionArray(p, key));
   }
   return entries;
 }
-function readAllowArray(filePath) {
+function readPermissionArray(filePath, key) {
   if (!existsSync21(filePath)) return [];
   try {
     const data = JSON.parse(readFileSync16(filePath, "utf-8"));
-    const allow = data?.permissions?.allow;
-    return Array.isArray(allow) ? allow.filter((e) => typeof e === "string") : [];
+    const arr = data?.permissions?.[key];
+    return Array.isArray(arr) ? arr.filter((e) => typeof e === "string") : [];
   } catch {
     return [];
   }
 }
 function parsePrefixes(entries) {
-  const re = /^Bash\((.+?)(?::.*)\)$/;
-  const prefixes = [];
+  const map = /* @__PURE__ */ new Map();
   for (const entry of entries) {
-    const m = entry.match(re);
-    if (m) prefixes.push(m[1]);
+    const m = entry.match(TOOL_RE);
+    if (m) {
+      const tool = m[1];
+      const prefix2 = m[2];
+      const list4 = map.get(tool) ?? [];
+      list4.push(prefix2);
+      map.set(tool, list4);
+    }
   }
-  return prefixes;
+  return map;
 }
 // src/shared/isApprovedRead.ts
-function isApprovedRead(command) {
+function isApprovedRead(command, toolName = "Bash") {
   if (isCdToCwd(command)) return "cd to current directory";
   const matched = findCliRead(command);
   if (matched) return `Read-only CLI command: ${matched}`;
   if (isGhApiRead(command)) return "Read-only gh api command";
-  const allowMatch = matchesBashAllow(command);
+  const allowMatch = matchesAllow(toolName, command);
   if (allowMatch) return `Allowed by settings: ${allowMatch}`;
   return void 0;
 }
@@ -3792,6 +3813,28 @@ function stripEnvPrefix(parts) {
 }
 // src/commands/cliHook/index.ts
+var SUPPORTED_TOOLS = /* @__PURE__ */ new Set(["Bash", "PowerShell"]);
+function resolvePermission(toolName, parts) {
+  for (const part of parts) {
+    const denied = matchesDeny(toolName, part);
+    if (denied) {
+      return {
+        permissionDecision: "deny",
+        permissionDecisionReason: `Denied by settings: ${denied}`
+      };
+    }
+  }
+  const reasons = [];
+  for (const part of parts) {
+    const reason = isApprovedRead(part, toolName);
+    if (!reason) return void 0;
+    reasons.push(reason);
+  }
+  return {
+    permissionDecision: "allow",
+    permissionDecisionReason: reasons.join("; ")
+  };
+}
 async function cliHook() {
   const inputData = await readStdin2();
   let data;
@@ -3800,24 +3843,18 @@ async function cliHook() {
   } catch {
     return;
   }
-  if (data.tool_name !== "Bash" || !data.tool_input?.command) {
+  if (!SUPPORTED_TOOLS.has(data.tool_name) || !data.tool_input?.command) {
     return;
   }
-  const command = data.tool_input.command.trim();
-  const parts = splitCompound(command);
+  const parts = splitCompound(data.tool_input.command.trim());
   if (!parts) return;
-  const reasons = [];
-  for (const part of parts) {
-    const reason = isApprovedRead(part);
-    if (!reason) return;
-    reasons.push(reason);
-  }
+  const decision = resolvePermission(data.tool_name, parts);
+  if (!decision) return;
   console.log(
     JSON.stringify({
       hookSpecificOutput: {
         hookEventName: "PreToolUse",
-        permissionDecision: "allow",
-        permissionDecisionReason: reasons.join("; ")
+        ...decision
       }
     })
   );
@@ -4123,10 +4160,10 @@ function formatHuman(cli, commands) {
 }
 // src/commands/permitCliReads/parseCached.ts
-function parseCached(cli, cached2) {
+function parseCached(cli, cached) {
   const prefix2 = `${cli} `;
   const commands = [];
-  for (const line of cached2.split("\n")) {
+  for (const line of cached.split("\n")) {
     const trimmed = line.replace(/^ [RW?] {2}/, "").trim();
     if (!trimmed.startsWith(prefix2)) continue;
     const rest = trimmed.slice(prefix2.length);
@@ -4179,10 +4216,10 @@ async function permitCliReads(cli, options2 = { noCache: false }) {
   const binary = parts[0];
   const prefixPath = parts.slice(1);
   if (!options2.noCache) {
-    const cached2 = readCache(cli);
-    if (cached2) {
-      console.log(colorize(cached2));
-      updateSettings(binary, parseCached(binary, cached2));
+    const cached = readCache(cli);
+    if (cached) {
+      console.log(colorize(cached));
+      updateSettings(binary, parseCached(binary, cached));
       return;
     }
   }
@@ -7116,9 +7153,9 @@ function clearCachedToken(apiKey) {
 }
 async function getAccessToken(apiKey) {
   const now = Date.now();
-  const cached2 = tokenCache.get(apiKey);
-  if (cached2 && now < cached2.expiry) {
-    return cached2.token;
+  const cached = tokenCache.get(apiKey);
+  if (cached && now < cached.expiry) {
+    return cached.token;
   }
   const response = await fetch(OAUTH_URL, {
     method: "GET",

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
 	"name": "@staff0rd/assist",
-	"version": "0.158.2",
+	"version": "0.159.0",
 	"type": "module",
 	"main": "dist/index.js",
 	"bin": {