@synkro-sh/cli 1.4.16 → 1.4.18

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/dist/bootstrap.js +11 -9
  2. package/dist/bootstrap.js.map +1 -1
  3. package/package.json +1 -1
package/dist/bootstrap.js CHANGED
@@ -503,7 +503,7 @@ synkro_channel_up() {
503
503
  synkro_load_config() {
504
504
  local cache="$HOME/.synkro/.hook-config-cache"
505
505
  if [ -f "$cache" ] && find "$cache" -mmin -5 2>/dev/null | grep -q .; then
506
- eval "$(cat "$cache" 2>/dev/null)"
506
+ . "$cache" 2>/dev/null
507
507
  return
508
508
  fi
509
509
  local resp
@@ -546,11 +546,13 @@ synkro_parse_local_verdict() {
546
546
  local ok_tag
547
547
  ok_tag=$(printf '%s' "$inner" | sed -nE 's|.*<ok>(.*)</ok>.*|\\1|p' | head -1)
548
548
  [ -n "$ok_tag" ] && LOCAL_OK="$ok_tag"
549
+ LOCAL_REASON=$(printf '%s' "$inner" | sed -nE 's|.*<reason>(.*)</reason>.*|\\1|p' | head -1)
550
+ [ -z "$LOCAL_REASON" ] && LOCAL_REASON=$(printf '%s' "$inner" | sed -nE 's|.*<reasoning>(.*)</reasoning>.*|\\1|p' | head -1)
549
551
  if [ "$LOCAL_OK" = "false" ]; then
550
552
  local fv
551
553
  fv=$(printf '%s' "$inner" | awk -v RS='</violation>' '/<violation>/{print; exit}')
552
554
  LOCAL_RULE_ID=$(printf '%s' "$fv" | sed -nE 's|.*<rule_id>(.*)</rule_id>.*|\\1|p' | head -1)
553
- LOCAL_REASON=$(printf '%s' "$fv" | sed -nE 's|.*<reason>(.*)</reason>.*|\\1|p' | head -1)
555
+ [ -z "$LOCAL_REASON" ] && LOCAL_REASON=$(printf '%s' "$fv" | sed -nE 's|.*<reason>(.*)</reason>.*|\\1|p' | head -1)
554
556
  LOCAL_SEV=$(printf '%s' "$fv" | sed -nE 's|.*<severity>(.*)</severity>.*|\\1|p' | head -1)
555
557
  LOCAL_CAT=$(printf '%s' "$fv" | sed -nE 's|.*<category>(.*)</category>.*|\\1|p' | head -1)
556
558
  LOCAL_SEV="\${LOCAL_SEV:-high}"; LOCAL_CAT="\${LOCAL_CAT:-policy_violation}"
@@ -650,12 +652,12 @@ if [ "$ROUTE" = "local" ]; then
650
652
 
651
653
  if [ "$LOCAL_OK" = "false" ]; then
652
654
  if [ "$IS_HEADLESS" = "1" ]; then DEC="deny"; else DEC="ask"; fi
653
- REASON="[synkro:local] \${LOCAL_RULE_ID:+$LOCAL_RULE_ID: }\${LOCAL_REASON:-policy violation}"
655
+ REASON="[synkro:local] bashGuard \u2192 block\${LOCAL_RULE_ID:+ ($LOCAL_RULE_ID)}: \${LOCAL_REASON:-policy violation}"
654
656
  jq -n --arg dec "$DEC" --arg reason "$REASON" --arg ctx "$REASON" \\
655
657
  '{hookSpecificOutput:{hookEventName:"PreToolUse",permissionDecision:$dec,permissionDecisionReason:$reason,additionalContext:$ctx}}'
656
- synkro_capture_local "bash" "warn" "\${LOCAL_SEV}" "\${LOCAL_CAT}" "$TOOL_NAME" "$GIT_REPO" "$SESSION_ID"
658
+ synkro_capture_local "bash" "block" "\${LOCAL_SEV}" "\${LOCAL_CAT}" "$TOOL_NAME" "$GIT_REPO" "$SESSION_ID"
657
659
  else
658
- jq -n --arg m "[synkro:local] bashGuard \u2192 pass" '{systemMessage: $m}'
660
+ jq -n --arg m "[synkro:local] bashGuard \u2192 pass: \${LOCAL_REASON:-no policy violations detected}" '{systemMessage: $m}'
659
661
  synkro_capture_local "bash" "allow" "audit" "\${LOCAL_CAT:-trivial_utility}" "$TOOL_NAME" "$GIT_REPO" "$SESSION_ID"
660
662
  fi
661
663
  exit 0
@@ -822,12 +824,12 @@ if [ "$ROUTE" = "local" ]; then
822
824
 
823
825
  if [ "$LOCAL_OK" = "false" ]; then
824
826
  if [ "$IS_HEADLESS" = "1" ]; then DEC="deny"; else DEC="ask"; fi
825
- REASON="[synkro:local] \${LOCAL_RULE_ID:+$LOCAL_RULE_ID: }\${LOCAL_REASON:-policy violation}"
827
+ REASON="[synkro:local] editGuard $FILE_SHORT \u2192 block\${LOCAL_RULE_ID:+ ($LOCAL_RULE_ID)}: \${LOCAL_REASON:-policy violation}"
826
828
  jq -n --arg dec "$DEC" --arg reason "$REASON" --arg ctx "$REASON" \\
827
829
  '{hookSpecificOutput:{hookEventName:"PreToolUse",permissionDecision:$dec,permissionDecisionReason:$reason,additionalContext:$ctx}}'
828
830
  synkro_capture_local "edit" "block" "\${LOCAL_SEV}" "\${LOCAL_CAT}" "$TOOL_NAME" "$GIT_REPO" "$SESSION_ID"
829
831
  else
830
- jq -n --arg m "[synkro:local] editGuard $FILE_SHORT \u2192 pass" '{systemMessage: $m}'
832
+ jq -n --arg m "[synkro:local] editGuard $FILE_SHORT \u2192 pass: \${LOCAL_REASON:-no policy violations detected}" '{systemMessage: $m}'
831
833
  synkro_capture_local "edit" "pass" "audit" "\${LOCAL_CAT:-trivial_edit}" "$TOOL_NAME" "$GIT_REPO" "$SESSION_ID"
832
834
  fi
833
835
  exit 0
@@ -967,7 +969,7 @@ if [ "$ROUTE" = "local" ]; then
967
969
  jq -n --arg m "$REASON" '{systemMessage: $m, additionalContext: $m}'
968
970
  synkro_capture_local "edit_scan" "block" "\${LOCAL_SEV}" "\${LOCAL_CAT}" "$TOOL_NAME" "$GIT_REPO" "$SESSION_ID"
969
971
  else
970
- jq -n --arg m "[synkro:local] editScan $BASENAME \u2192 pass" '{systemMessage: $m}'
972
+ jq -n --arg m "[synkro:local] editScan $BASENAME \u2192 pass: \${LOCAL_REASON:-no policy violations detected}" '{systemMessage: $m}'
971
973
  synkro_capture_local "edit_scan" "pass" "audit" "\${LOCAL_CAT:-trivial_edit}" "$TOOL_NAME" "$GIT_REPO" "$SESSION_ID"
972
974
  fi
973
975
  exit 0
@@ -3600,7 +3602,7 @@ function writeConfigEnv(opts) {
3600
3602
  `SYNKRO_CREDENTIALS_PATH=${shellQuoteSingle(credsPath)}`,
3601
3603
  `SYNKRO_TIER=${shellQuoteSingle(safeTier)}`,
3602
3604
  `SYNKRO_INFERENCE=${shellQuoteSingle(safeInference)}`,
3603
- `SYNKRO_VERSION=${shellQuoteSingle("1.4.16")}`
3605
+ `SYNKRO_VERSION=${shellQuoteSingle("1.4.18")}`
3604
3606
  ];
3605
3607
  if (safeSynkroBin) lines.push(`SYNKRO_CLI_BIN=${shellQuoteSingle(safeSynkroBin)}`);
3606
3608
  if (safeUserId) lines.push(`SYNKRO_USER_ID=${shellQuoteSingle(safeUserId)}`);