@synkro-sh/cli 1.4.82 → 1.4.83

package/dist/bootstrap.js

@@ -2698,7 +2698,7 @@ async function main() {
 
 main();
 `;
-    BASH_JUDGE_TS = `#!/usr/bin/env bun
+    BASH_JUDGE_TS = String.raw`#!/usr/bin/env bun
 import process from 'node:process';
 import {
   loadJwt, ensureFreshJwt, detectRepo, loadConfig, route, tag, localGrade,
@@ -2751,17 +2751,17 @@ async function main() {
     if (!jwt) { outputEmpty(); return; }
     jwt = await ensureFreshJwt(jwt);
 
-    // \u2500\u2500\u2500 Install protection: server-side pkg-scan (CVE + typosquat + tarball + reputation) \u2500\u2500\u2500
+    // ─── Install protection: server-side pkg-scan (CVE + typosquat + tarball + reputation) ───
     let installScanMsg = '';
     if (toolName === 'Bash') {
       const pkgInstallMatch = command.match(
-        /^(?:.*&&s*|.*;s*)?(?:npms+(?:install|i|add)|pnpms+(?:add|install|i)|yarns+add|buns+(?:add|install|i)|(?:uvs+)?pip3?s+install|gos+get|cargos+add|gems+install|composers+require)s+([^|;&><]+)/
+        /^(?:.*&&\s*|.*;\s*)?(?:npm\s+(?:install|i|add)|pnpm\s+(?:add|install|i)|yarn\s+add|bun\s+(?:add|install|i)|(?:uv\s+)?pip3?\s+install|go\s+get|cargo\s+add|gem\s+install|composer\s+require)\s+([^|;&><]+)/
       );
-      const isPip = /(?:uvs+)?pip3?s+install/.test(command);
+      const isPip = /(?:uv\s+)?pip3?\s+install/.test(command);
       if (pkgInstallMatch) {
         const rawArgs = pkgInstallMatch[1];
         const packages: Array<{ name: string; version: string; ecosystem: string }> = [];
-        const tokens = rawArgs.split(/s+/);
+        const tokens = rawArgs.split(/\s+/);
         let skipNext = false;
         for (const token of tokens) {
           if (skipNext) { skipNext = false; continue; }
@@ -2803,11 +2803,9 @@ async function main() {
               const blockSignals = pkgResults
                 .flatMap((p: any) => (p.signals || []).filter((s: any) => s.severity === 'critical' || s.severity === 'high'))
                 .slice(0, 5);
-              const scanMsg = '[synkro:installScan] ' + cmdShort + ' \u2192 blocked';
-              const details = blockSignals.map((s: any) => s.detail).join('
-');
-              const ctx = details + '
-Do NOT install packages with security risks. Use a patched version or a different package.';
+              const scanMsg = '[synkro:installScan] ' + cmdShort + ' → blocked';
+              const details = blockSignals.map((s: any) => s.detail).join('\n');
+              const ctx = details + '\nDo NOT install packages with security risks. Use a patched version or a different package.';
 
               const config = await loadConfig(jwt);
               for (const p of pkgResults) {
@@ -2848,7 +2846,7 @@ Do NOT install packages with security risks. Use a patched version or a differen
               installScanMsg = '[synkro:installScan] ' + summary;
             } else {
               const scannedPkgs = packages.map(p => p.name + '@' + p.version).join(', ');
-              installScanMsg = '[synkro:installScan] ' + scannedPkgs + ' \u2192 clean';
+              installScanMsg = '[synkro:installScan] ' + scannedPkgs + ' → clean';
             }
           } catch (e) {
             log('bashGuard pkg-scan failed: ' + String(e));
@@ -2930,7 +2928,7 @@ Do NOT install packages with security risks. Use a patched version or a differen
       return;
     }
 
-    // \u2500\u2500\u2500 Cloud grading \u2500\u2500\u2500
+    // ─── Cloud grading ───
     const isHeadless = ['acceptEdits', 'bypassPermissions', 'plan', 'auto'].includes(permissionMode)
       || process.env.SYNKRO_HEADLESS === '1';
 
@@ -6398,7 +6396,7 @@ function writeConfigEnv(opts) {
     `SYNKRO_CREDENTIALS_PATH=${shellQuoteSingle(credsPath)}`,
     `SYNKRO_TIER=${shellQuoteSingle(safeTier)}`,
     `SYNKRO_INFERENCE=${shellQuoteSingle(safeInference)}`,
-    `SYNKRO_VERSION=${shellQuoteSingle("1.4.82")}`
+    `SYNKRO_VERSION=${shellQuoteSingle("1.4.83")}`
   ];
   if (safeSynkroBin) lines.push(`SYNKRO_CLI_BIN=${shellQuoteSingle(safeSynkroBin)}`);
   if (safeUserId) lines.push(`SYNKRO_USER_ID=${shellQuoteSingle(safeUserId)}`);