@synkro-sh/cli 1.4.16 → 1.4.17

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/dist/bootstrap.js +10 -9
  2. package/dist/bootstrap.js.map +1 -1
  3. package/package.json +1 -1
package/dist/bootstrap.js CHANGED
@@ -503,7 +503,7 @@ synkro_channel_up() {
503
503
  synkro_load_config() {
504
504
  local cache="$HOME/.synkro/.hook-config-cache"
505
505
  if [ -f "$cache" ] && find "$cache" -mmin -5 2>/dev/null | grep -q .; then
506
- eval "$(cat "$cache" 2>/dev/null)"
506
+ . "$cache" 2>/dev/null
507
507
  return
508
508
  fi
509
509
  local resp
@@ -546,11 +546,12 @@ synkro_parse_local_verdict() {
546
546
  local ok_tag
547
547
  ok_tag=$(printf '%s' "$inner" | sed -nE 's|.*<ok>(.*)</ok>.*|\\1|p' | head -1)
548
548
  [ -n "$ok_tag" ] && LOCAL_OK="$ok_tag"
549
+ LOCAL_REASON=$(printf '%s' "$inner" | sed -nE 's|.*<reason>(.*)</reason>.*|\\1|p' | head -1)
549
550
  if [ "$LOCAL_OK" = "false" ]; then
550
551
  local fv
551
552
  fv=$(printf '%s' "$inner" | awk -v RS='</violation>' '/<violation>/{print; exit}')
552
553
  LOCAL_RULE_ID=$(printf '%s' "$fv" | sed -nE 's|.*<rule_id>(.*)</rule_id>.*|\\1|p' | head -1)
553
- LOCAL_REASON=$(printf '%s' "$fv" | sed -nE 's|.*<reason>(.*)</reason>.*|\\1|p' | head -1)
554
+ [ -z "$LOCAL_REASON" ] && LOCAL_REASON=$(printf '%s' "$fv" | sed -nE 's|.*<reason>(.*)</reason>.*|\\1|p' | head -1)
554
555
  LOCAL_SEV=$(printf '%s' "$fv" | sed -nE 's|.*<severity>(.*)</severity>.*|\\1|p' | head -1)
555
556
  LOCAL_CAT=$(printf '%s' "$fv" | sed -nE 's|.*<category>(.*)</category>.*|\\1|p' | head -1)
556
557
  LOCAL_SEV="\${LOCAL_SEV:-high}"; LOCAL_CAT="\${LOCAL_CAT:-policy_violation}"
@@ -650,12 +651,12 @@ if [ "$ROUTE" = "local" ]; then
650
651
 
651
652
  if [ "$LOCAL_OK" = "false" ]; then
652
653
  if [ "$IS_HEADLESS" = "1" ]; then DEC="deny"; else DEC="ask"; fi
653
- REASON="[synkro:local] \${LOCAL_RULE_ID:+$LOCAL_RULE_ID: }\${LOCAL_REASON:-policy violation}"
654
+ REASON="[synkro:local] bashGuard \u2192 block\${LOCAL_RULE_ID:+ ($LOCAL_RULE_ID)}: \${LOCAL_REASON:-policy violation}"
654
655
  jq -n --arg dec "$DEC" --arg reason "$REASON" --arg ctx "$REASON" \\
655
656
  '{hookSpecificOutput:{hookEventName:"PreToolUse",permissionDecision:$dec,permissionDecisionReason:$reason,additionalContext:$ctx}}'
656
- synkro_capture_local "bash" "warn" "\${LOCAL_SEV}" "\${LOCAL_CAT}" "$TOOL_NAME" "$GIT_REPO" "$SESSION_ID"
657
+ synkro_capture_local "bash" "block" "\${LOCAL_SEV}" "\${LOCAL_CAT}" "$TOOL_NAME" "$GIT_REPO" "$SESSION_ID"
657
658
  else
658
- jq -n --arg m "[synkro:local] bashGuard \u2192 pass" '{systemMessage: $m}'
659
+ jq -n --arg m "[synkro:local] bashGuard \u2192 pass: \${LOCAL_REASON:-no policy violations detected}" '{systemMessage: $m}'
659
660
  synkro_capture_local "bash" "allow" "audit" "\${LOCAL_CAT:-trivial_utility}" "$TOOL_NAME" "$GIT_REPO" "$SESSION_ID"
660
661
  fi
661
662
  exit 0
@@ -822,12 +823,12 @@ if [ "$ROUTE" = "local" ]; then
822
823
 
823
824
  if [ "$LOCAL_OK" = "false" ]; then
824
825
  if [ "$IS_HEADLESS" = "1" ]; then DEC="deny"; else DEC="ask"; fi
825
- REASON="[synkro:local] \${LOCAL_RULE_ID:+$LOCAL_RULE_ID: }\${LOCAL_REASON:-policy violation}"
826
+ REASON="[synkro:local] editGuard $FILE_SHORT \u2192 block\${LOCAL_RULE_ID:+ ($LOCAL_RULE_ID)}: \${LOCAL_REASON:-policy violation}"
826
827
  jq -n --arg dec "$DEC" --arg reason "$REASON" --arg ctx "$REASON" \\
827
828
  '{hookSpecificOutput:{hookEventName:"PreToolUse",permissionDecision:$dec,permissionDecisionReason:$reason,additionalContext:$ctx}}'
828
829
  synkro_capture_local "edit" "block" "\${LOCAL_SEV}" "\${LOCAL_CAT}" "$TOOL_NAME" "$GIT_REPO" "$SESSION_ID"
829
830
  else
830
- jq -n --arg m "[synkro:local] editGuard $FILE_SHORT \u2192 pass" '{systemMessage: $m}'
831
+ jq -n --arg m "[synkro:local] editGuard $FILE_SHORT \u2192 pass: \${LOCAL_REASON:-no policy violations detected}" '{systemMessage: $m}'
831
832
  synkro_capture_local "edit" "pass" "audit" "\${LOCAL_CAT:-trivial_edit}" "$TOOL_NAME" "$GIT_REPO" "$SESSION_ID"
832
833
  fi
833
834
  exit 0
@@ -967,7 +968,7 @@ if [ "$ROUTE" = "local" ]; then
967
968
  jq -n --arg m "$REASON" '{systemMessage: $m, additionalContext: $m}'
968
969
  synkro_capture_local "edit_scan" "block" "\${LOCAL_SEV}" "\${LOCAL_CAT}" "$TOOL_NAME" "$GIT_REPO" "$SESSION_ID"
969
970
  else
970
- jq -n --arg m "[synkro:local] editScan $BASENAME \u2192 pass" '{systemMessage: $m}'
971
+ jq -n --arg m "[synkro:local] editScan $BASENAME \u2192 pass: \${LOCAL_REASON:-no policy violations detected}" '{systemMessage: $m}'
971
972
  synkro_capture_local "edit_scan" "pass" "audit" "\${LOCAL_CAT:-trivial_edit}" "$TOOL_NAME" "$GIT_REPO" "$SESSION_ID"
972
973
  fi
973
974
  exit 0
@@ -3600,7 +3601,7 @@ function writeConfigEnv(opts) {
3600
3601
  `SYNKRO_CREDENTIALS_PATH=${shellQuoteSingle(credsPath)}`,
3601
3602
  `SYNKRO_TIER=${shellQuoteSingle(safeTier)}`,
3602
3603
  `SYNKRO_INFERENCE=${shellQuoteSingle(safeInference)}`,
3603
- `SYNKRO_VERSION=${shellQuoteSingle("1.4.16")}`
3604
+ `SYNKRO_VERSION=${shellQuoteSingle("1.4.17")}`
3604
3605
  ];
3605
3606
  if (safeSynkroBin) lines.push(`SYNKRO_CLI_BIN=${shellQuoteSingle(safeSynkroBin)}`);
3606
3607
  if (safeUserId) lines.push(`SYNKRO_USER_ID=${shellQuoteSingle(safeUserId)}`);