@synkro-sh/cli 1.4.52 → 1.4.54

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/dist/bootstrap.js +15 -19
  2. package/dist/bootstrap.js.map +1 -1
  3. package/package.json +3 -3
package/dist/bootstrap.js CHANGED
@@ -997,17 +997,13 @@ export function detectRepo(cwd: string): string {
997
997
  // \u2500\u2500\u2500 Channel Health \u2500\u2500\u2500
998
998
 
999
999
  export async function channelUp(port = 8929): Promise<boolean> {
1000
- try {
1001
- await fetch('http://127.0.0.1:' + port, { signal: AbortSignal.timeout(500) });
1002
- return true;
1003
- } catch (e: any) {
1004
- // If we got a connection error vs a response error, check:
1005
- // fetch throws TypeError for connection refused, but any HTTP response means the port is open
1006
- if (e?.name === 'TimeoutError') return false;
1007
- if (e?.cause?.code === 'ECONNREFUSED' || e?.code === 'ECONNREFUSED') return false;
1008
- // Any other error (like bad response) means the port is actually open
1009
- return true;
1010
- }
1000
+ return new Promise(resolve => {
1001
+ const sock = require('node:net').connect(port, '127.0.0.1');
1002
+ const done = (ok: boolean) => { try { sock.destroy(); } catch {} resolve(ok); };
1003
+ sock.once('connect', () => done(true));
1004
+ sock.once('error', () => done(false));
1005
+ sock.setTimeout(500, () => done(false));
1006
+ });
1011
1007
  }
1012
1008
 
1013
1009
  export async function cweChannelUp(): Promise<boolean> {
@@ -1137,8 +1133,7 @@ export async function localGrade(surface: string, prompt: string): Promise<strin
1137
1133
  }
1138
1134
 
1139
1135
  export async function localGradeCwe(prompt: string): Promise<string> {
1140
- if (!(await cweChannelUp())) throw new Error('SYNKRO_CHANNEL_DOWN');
1141
- return spawnGrade('cwe', prompt, { SYNKRO_CHANNEL_PORT: '8930' }, 12000);
1136
+ return spawnGrade('cwe', prompt, { SYNKRO_CHANNEL_PORT: '8930' }, 22000);
1142
1137
  }
1143
1138
 
1144
1139
  // \u2500\u2500\u2500 Verdict Parsing \u2500\u2500\u2500
@@ -1695,7 +1690,7 @@ async function main() {
1695
1690
  const guardReason = (verdict.ruleId ? '(' + verdict.ruleId + ') ' : '') + (verdict.reason || 'policy violation');
1696
1691
 
1697
1692
  if (mode !== 'audit') {
1698
- const denyReason = 'Guard: ' + guardReason + '\\nFix all issues before retrying.';
1693
+ const denyReason = 'Guard: ' + guardReason + '\\nFix all issues before retrying. Do NOT ask the user to make the edit manually \u2014 resolve the violation in code yourself.';
1699
1694
  dispatchCapture(jwt, 'edit', 'block', verdict.severity || 'critical', verdict.category || 'security',
1700
1695
  toolName, gitRepo, sessionId, config.captureDepth, {
1701
1696
  command: editContent, reasoning: guardReason,
@@ -1876,8 +1871,9 @@ async function main() {
1876
1871
  let gradeResp: string;
1877
1872
  try {
1878
1873
  gradeResp = await localGradeCwe(graderPrompt);
1879
- } catch {
1880
- outputJson({ systemMessage: cweTag + ' ' + fileShort + ' \\u2192 grader unavailable, skipped' });
1874
+ } catch (gradeErr: any) {
1875
+ const reason = gradeErr?.message || String(gradeErr);
1876
+ outputJson({ systemMessage: cweTag + ' ' + fileShort + ' \\u2192 grader unavailable (' + reason + '), skipped' });
1881
1877
  return;
1882
1878
  }
1883
1879
 
@@ -1896,7 +1892,7 @@ async function main() {
1896
1892
  const label = count === 1 ? 'match' : 'matches';
1897
1893
  const cweMsg = cweTag + ' ' + fileShort + ' \\u2192 ' + count + ' CWE ' + label + ' (' + displayIds + ')';
1898
1894
  const denyDetail = '[' + displayIds + '] ' + (verdict.reason || 'code weakness detected');
1899
- const ctx = 'CWE: ' + denyDetail + '\\nFix all issues before retrying.';
1895
+ const ctx = 'CWE: ' + denyDetail + '\\nFix all issues before retrying. Do NOT ask the user to make the edit manually \u2014 resolve the weakness in code yourself.';
1900
1896
 
1901
1897
  outputJson({
1902
1898
  systemMessage: cweMsg,
@@ -2024,7 +2020,7 @@ async function main() {
2024
2020
  const count = findings.length;
2025
2021
  const label = count === 1 ? 'advisory' : 'advisories';
2026
2022
  const cveMsg = cveTag + ' ' + fileShort + ' \\u2192 ' + count + ' ' + label;
2027
- const ctx = 'CVE: ' + top3 + '\\nFix all issues before retrying.';
2023
+ const ctx = 'CVE: ' + top3 + '\\nFix all issues before retrying. Do NOT ask the user to make the edit manually \u2014 upgrade the vulnerable dependencies yourself.';
2028
2024
 
2029
2025
  outputJson({
2030
2026
  systemMessage: cveMsg,
@@ -5049,7 +5045,7 @@ function writeConfigEnv(opts) {
5049
5045
  `SYNKRO_CREDENTIALS_PATH=${shellQuoteSingle(credsPath)}`,
5050
5046
  `SYNKRO_TIER=${shellQuoteSingle(safeTier)}`,
5051
5047
  `SYNKRO_INFERENCE=${shellQuoteSingle(safeInference)}`,
5052
- `SYNKRO_VERSION=${shellQuoteSingle("1.4.52")}`
5048
+ `SYNKRO_VERSION=${shellQuoteSingle("1.4.54")}`
5053
5049
  ];
5054
5050
  if (safeSynkroBin) lines.push(`SYNKRO_CLI_BIN=${shellQuoteSingle(safeSynkroBin)}`);
5055
5051
  if (safeUserId) lines.push(`SYNKRO_USER_ID=${shellQuoteSingle(safeUserId)}`);