@synkro-sh/cli 1.3.29 → 1.3.30

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/dist/bootstrap.js +23 -2
  2. package/dist/bootstrap.js.map +1 -1
  3. package/package.json +1 -1
package/dist/bootstrap.js CHANGED
@@ -670,6 +670,20 @@ VERDICT_KIND=$(echo "$VERDICT" | jq -r '.verdict // "warn"' 2>/dev/null)
670
670
  REASONING=$(echo "$VERDICT" | jq -r '.reasoning // "matched dangerous-verb regex"' 2>/dev/null)
671
671
  ALTERNATIVE=$(echo "$VERDICT" | jq -r '.alternative // ""' 2>/dev/null)
672
672
  CATEGORY=$(echo "$VERDICT" | jq -r '.category // "destructive_command"' 2>/dev/null)
673
+ RISK_LEVEL=$(echo "$VERDICT" | jq -r '.risk_level // empty' 2>/dev/null)
674
+
675
+ # Backwards-compat: if severity isn't block/audit, derive it from verdict_kind
676
+ # and treat the original severity as the risk_level.
677
+ case "$SEVERITY" in
678
+ block|audit) ;;
679
+ low|medium|high|critical)
680
+ [ -z "$RISK_LEVEL" ] && RISK_LEVEL="$SEVERITY"
681
+ if [ "$VERDICT_KIND" = "allow" ]; then SEVERITY="audit"; else SEVERITY="block"; fi
682
+ ;;
683
+ *)
684
+ if [ "$VERDICT_KIND" = "allow" ]; then SEVERITY="audit"; else SEVERITY="block"; fi
685
+ ;;
686
+ esac
673
687
 
674
688
  # Severity-driven surfacing:
675
689
  # block \u2192 permissionDecision: "ask" (interactive) or "deny" (headless)
@@ -735,6 +749,7 @@ if [ "$SYNKRO_CAPTURE_DEPTH" = "local_only" ] && [ -n "$VERDICT_KIND" ]; then
735
749
  --arg hook_type "bash" \\
736
750
  --arg verdict "$VERDICT_KIND" \\
737
751
  --arg severity "$SEVERITY" \\
752
+ --arg risk_level "\${RISK_LEVEL:-low}" \\
738
753
  --arg category "$CATEGORY" \\
739
754
  --arg model "\${CC_MODEL:-claude-sonnet-4-6}" \\
740
755
  --arg tool_name "$TOOL_NAME" \\
@@ -744,6 +759,7 @@ if [ "$SYNKRO_CAPTURE_DEPTH" = "local_only" ] && [ -n "$VERDICT_KIND" ]; then
744
759
  hook_type: $hook_type,
745
760
  verdict: $verdict,
746
761
  severity: $severity,
762
+ risk_level: $risk_level,
747
763
  category: $category,
748
764
  model: $model,
749
765
  tool_name: $tool_name
@@ -2199,7 +2215,12 @@ OUTPUT RULES \u2014 strictest possible, no exceptions:
2199
2215
 
2200
2216
  1. NO reasoning. NO preamble. NO commentary.
2201
2217
  2. Your reply is exactly one <synkro-verdict>JSON</synkro-verdict> block. Nothing else.
2202
- 3. JSON shape: {"verdict": "warn"|"allow", "severity": "low|medium|high|critical", "category": "snake_case", "reasoning": "<= 25 words, cites intent + match/mismatch", "alternative": "safer command or null"}
2218
+ 3. JSON shape: {"verdict": "warn"|"allow", "severity": "block"|"audit", "risk_level": "low"|"medium"|"high"|"critical", "category": "snake_case", "reasoning": "<= 25 words, cites intent + match/mismatch", "alternative": "safer command or null"}
2219
+
2220
+ SEVERITY MAPPING (strict):
2221
+ - verdict="warn" \u2192 severity="block"
2222
+ - verdict="allow" \u2192 severity="audit"
2223
+ risk_level always reflects the underlying danger level (low/medium/high/critical), independent of the routing decision.
2203
2224
 
2204
2225
  Rules:
2205
2226
  - WARN if destructive/irreversible AND not aligned with user intent, OR has wildly disproportionate blast radius vs the request.
@@ -3470,7 +3491,7 @@ function writeConfigEnv(opts) {
3470
3491
  `SYNKRO_CREDENTIALS_PATH=${shellQuoteSingle(credsPath)}`,
3471
3492
  `SYNKRO_TIER=${shellQuoteSingle(safeTier)}`,
3472
3493
  `SYNKRO_INFERENCE=${shellQuoteSingle(safeInference)}`,
3473
- `SYNKRO_VERSION=${shellQuoteSingle("1.3.29")}`
3494
+ `SYNKRO_VERSION=${shellQuoteSingle("1.3.30")}`
3474
3495
  ];
3475
3496
  if (safeUserId) lines.push(`SYNKRO_USER_ID=${shellQuoteSingle(safeUserId)}`);
3476
3497
  if (safeOrgId) lines.push(`SYNKRO_ORG_ID=${shellQuoteSingle(safeOrgId)}`);