@synergenius/flow-weaver 0.25.1 → 0.26.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/agent/cli-session.js +5 -1
- package/dist/agent/cli-spawn-config.d.ts +40 -0
- package/dist/agent/cli-spawn-config.js +65 -0
- package/dist/agent/index.d.ts +1 -0
- package/dist/agent/index.js +2 -0
- package/dist/agent/types.d.ts +2 -0
- package/dist/cli/flow-weaver.mjs +2 -2
- package/dist/generated-version.d.ts +1 -1
- package/dist/generated-version.js +1 -1
- package/package.json +1 -1
|
@@ -96,7 +96,10 @@ export class CliSession {
|
|
|
96
96
|
model,
|
|
97
97
|
];
|
|
98
98
|
if (mcpConfigPath) {
|
|
99
|
-
args.push('--mcp-config', mcpConfigPath
|
|
99
|
+
args.push('--mcp-config', mcpConfigPath);
|
|
100
|
+
}
|
|
101
|
+
if (this.opts.strictMcpConfig || mcpConfigPath) {
|
|
102
|
+
args.push('--strict-mcp-config');
|
|
100
103
|
}
|
|
101
104
|
const { disallowedTools, tools, systemPrompt, appendSystemPrompt } = this.opts;
|
|
102
105
|
if (disallowedTools && disallowedTools.length > 0) {
|
|
@@ -276,6 +279,7 @@ export class CliSession {
|
|
|
276
279
|
return JSON.stringify({
|
|
277
280
|
model: options.model,
|
|
278
281
|
mcpConfigPath: options.mcpConfigPath,
|
|
282
|
+
strictMcpConfig: options.strictMcpConfig,
|
|
279
283
|
disallowedTools: options.disallowedTools,
|
|
280
284
|
tools: options.tools,
|
|
281
285
|
systemPrompt: options.systemPrompt,
|
|
@@ -0,0 +1,40 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Centralized CLI spawn configuration — single source of truth for all
|
|
3
|
+
* Claude CLI invocations in automation contexts.
|
|
4
|
+
*
|
|
5
|
+
* RULE: Every automated CLI spawn MUST use getCliBaseArgs() or getCliSessionConfig().
|
|
6
|
+
* Never construct CLI args manually. This ensures:
|
|
7
|
+
* - --tools "" (disable all built-in tools)
|
|
8
|
+
* - --strict-mcp-config (prevent user MCP server leakage)
|
|
9
|
+
* - --dangerously-skip-permissions (no permission prompts in automation)
|
|
10
|
+
*
|
|
11
|
+
* Interactive user sessions (e.g., fw init) are exempt — they're the user's
|
|
12
|
+
* own Claude session, not automated workers.
|
|
13
|
+
*/
|
|
14
|
+
import type { CliSessionOptions } from './types.js';
|
|
15
|
+
/**
|
|
16
|
+
* Base CLI args for ALL automated Claude CLI invocations (one-shot and session).
|
|
17
|
+
* Enforces tool isolation and MCP lockdown.
|
|
18
|
+
*/
|
|
19
|
+
export declare function getCliBaseArgs(options?: {
|
|
20
|
+
model?: string;
|
|
21
|
+
systemPrompt?: string;
|
|
22
|
+
appendSystemPrompt?: string;
|
|
23
|
+
outputFormat?: 'stream-json' | 'json' | 'text';
|
|
24
|
+
includePartialMessages?: boolean;
|
|
25
|
+
jsonSchema?: string;
|
|
26
|
+
}): string[];
|
|
27
|
+
/**
|
|
28
|
+
* CLI session options for persistent sessions.
|
|
29
|
+
* Merges caller options with mandatory lockdown config.
|
|
30
|
+
*/
|
|
31
|
+
export declare function getCliSessionConfig(options: {
|
|
32
|
+
binPath?: string;
|
|
33
|
+
cwd: string;
|
|
34
|
+
model: string;
|
|
35
|
+
mcpConfigPath?: string;
|
|
36
|
+
disallowedTools?: string[];
|
|
37
|
+
appendSystemPrompt?: string;
|
|
38
|
+
systemPrompt?: string;
|
|
39
|
+
}): CliSessionOptions;
|
|
40
|
+
//# sourceMappingURL=cli-spawn-config.d.ts.map
|
|
@@ -0,0 +1,65 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Centralized CLI spawn configuration — single source of truth for all
|
|
3
|
+
* Claude CLI invocations in automation contexts.
|
|
4
|
+
*
|
|
5
|
+
* RULE: Every automated CLI spawn MUST use getCliBaseArgs() or getCliSessionConfig().
|
|
6
|
+
* Never construct CLI args manually. This ensures:
|
|
7
|
+
* - --tools "" (disable all built-in tools)
|
|
8
|
+
* - --strict-mcp-config (prevent user MCP server leakage)
|
|
9
|
+
* - --dangerously-skip-permissions (no permission prompts in automation)
|
|
10
|
+
*
|
|
11
|
+
* Interactive user sessions (e.g., fw init) are exempt — they're the user's
|
|
12
|
+
* own Claude session, not automated workers.
|
|
13
|
+
*/
|
|
14
|
+
/**
|
|
15
|
+
* Base CLI args for ALL automated Claude CLI invocations (one-shot and session).
|
|
16
|
+
* Enforces tool isolation and MCP lockdown.
|
|
17
|
+
*/
|
|
18
|
+
export function getCliBaseArgs(options) {
|
|
19
|
+
const args = [
|
|
20
|
+
'-p',
|
|
21
|
+
'--dangerously-skip-permissions',
|
|
22
|
+
// Disable ALL built-in tools — only pack/MCP tools visible to model
|
|
23
|
+
'--tools', '',
|
|
24
|
+
// Prevent user/project MCP servers from leaking into sessions
|
|
25
|
+
'--strict-mcp-config',
|
|
26
|
+
];
|
|
27
|
+
if (options?.outputFormat) {
|
|
28
|
+
args.push('--output-format', options.outputFormat);
|
|
29
|
+
}
|
|
30
|
+
if (options?.includePartialMessages) {
|
|
31
|
+
args.push('--include-partial-messages');
|
|
32
|
+
}
|
|
33
|
+
if (options?.model) {
|
|
34
|
+
args.push('--model', options.model);
|
|
35
|
+
}
|
|
36
|
+
if (options?.systemPrompt) {
|
|
37
|
+
args.push('--system-prompt', options.systemPrompt);
|
|
38
|
+
}
|
|
39
|
+
if (options?.appendSystemPrompt) {
|
|
40
|
+
args.push('--append-system-prompt', options.appendSystemPrompt);
|
|
41
|
+
}
|
|
42
|
+
if (options?.jsonSchema) {
|
|
43
|
+
args.push('--json-schema', options.jsonSchema);
|
|
44
|
+
}
|
|
45
|
+
return args;
|
|
46
|
+
}
|
|
47
|
+
/**
|
|
48
|
+
* CLI session options for persistent sessions.
|
|
49
|
+
* Merges caller options with mandatory lockdown config.
|
|
50
|
+
*/
|
|
51
|
+
export function getCliSessionConfig(options) {
|
|
52
|
+
return {
|
|
53
|
+
binPath: options.binPath ?? 'claude',
|
|
54
|
+
cwd: options.cwd,
|
|
55
|
+
model: options.model,
|
|
56
|
+
mcpConfigPath: options.mcpConfigPath,
|
|
57
|
+
disallowedTools: options.disallowedTools,
|
|
58
|
+
// Mandatory lockdown — cannot be overridden by callers
|
|
59
|
+
tools: '',
|
|
60
|
+
strictMcpConfig: true,
|
|
61
|
+
appendSystemPrompt: options.appendSystemPrompt,
|
|
62
|
+
systemPrompt: options.systemPrompt,
|
|
63
|
+
};
|
|
64
|
+
}
|
|
65
|
+
//# sourceMappingURL=cli-spawn-config.js.map
|
package/dist/agent/index.d.ts
CHANGED
|
@@ -16,6 +16,7 @@ export { PlatformProvider, createPlatformProvider } from './providers/platform.j
|
|
|
16
16
|
export type { PlatformProviderOptions } from './providers/platform.js';
|
|
17
17
|
export { createMcpBridge } from './mcp-bridge.js';
|
|
18
18
|
export { CliSession, getOrCreateCliSession, killCliSession, killAllCliSessions, } from './cli-session.js';
|
|
19
|
+
export { getCliBaseArgs, getCliSessionConfig } from './cli-spawn-config.js';
|
|
19
20
|
export { buildSafeEnv, buildSafeSpawnOpts, MINIMAL_PATH, ENV_ALLOWLIST } from './env-allowlist.js';
|
|
20
21
|
export { StreamJsonParser } from './streaming.js';
|
|
21
22
|
export { DeviceConnection } from './device-connection.js';
|
package/dist/agent/index.js
CHANGED
|
@@ -17,6 +17,8 @@ export { PlatformProvider, createPlatformProvider } from './providers/platform.j
|
|
|
17
17
|
export { createMcpBridge } from './mcp-bridge.js';
|
|
18
18
|
// CLI session (warm persistent sessions)
|
|
19
19
|
export { CliSession, getOrCreateCliSession, killCliSession, killAllCliSessions, } from './cli-session.js';
|
|
20
|
+
// CLI spawn configuration (centralized lockdown for automated sessions)
|
|
21
|
+
export { getCliBaseArgs, getCliSessionConfig } from './cli-spawn-config.js';
|
|
20
22
|
// Env utilities
|
|
21
23
|
export { buildSafeEnv, buildSafeSpawnOpts, MINIMAL_PATH, ENV_ALLOWLIST } from './env-allowlist.js';
|
|
22
24
|
// Stream parser (for custom providers)
|
package/dist/agent/types.d.ts
CHANGED
|
@@ -189,6 +189,8 @@ export interface CliSessionOptions {
|
|
|
189
189
|
model: string;
|
|
190
190
|
/** Pre-configured MCP config path. */
|
|
191
191
|
mcpConfigPath?: string;
|
|
192
|
+
/** When true, ignore user/project MCP servers — only use --mcp-config if provided. */
|
|
193
|
+
strictMcpConfig?: boolean;
|
|
192
194
|
/** Disable specific built-in tools (e.g. ['Read', 'Edit', 'Write', 'Bash'] to force MCP tools). */
|
|
193
195
|
disallowedTools?: string[];
|
|
194
196
|
/**
|
package/dist/cli/flow-weaver.mjs
CHANGED
|
@@ -9886,7 +9886,7 @@ var VERSION;
|
|
|
9886
9886
|
var init_generated_version = __esm({
|
|
9887
9887
|
"src/generated-version.ts"() {
|
|
9888
9888
|
"use strict";
|
|
9889
|
-
VERSION = "0.
|
|
9889
|
+
VERSION = "0.26.0";
|
|
9890
9890
|
}
|
|
9891
9891
|
});
|
|
9892
9892
|
|
|
@@ -95973,7 +95973,7 @@ function parseIntStrict(value) {
|
|
|
95973
95973
|
// src/cli/index.ts
|
|
95974
95974
|
init_logger();
|
|
95975
95975
|
init_error_utils();
|
|
95976
|
-
var version2 = true ? "0.
|
|
95976
|
+
var version2 = true ? "0.26.0" : "0.0.0-dev";
|
|
95977
95977
|
var program2 = new Command();
|
|
95978
95978
|
program2.name("fw").description("Flow Weaver Annotations - Compile and validate workflow files").option("-v, --version", "Output the current version").option("--no-color", "Disable colors").option("--color", "Force colors").on("option:version", () => {
|
|
95979
95979
|
logger.banner(version2);
|
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
export declare const VERSION = "0.
|
|
1
|
+
export declare const VERSION = "0.26.0";
|
|
2
2
|
//# sourceMappingURL=generated-version.d.ts.map
|
package/package.json
CHANGED