npm - @synkro-sh/cli - Versions diffs - 1.4.82 → 1.4.84 - Mend

@synkro-sh/cli 1.4.82 → 1.4.84

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/bootstrap.js CHANGED Viewed

@@ -1991,7 +1991,7 @@ async function main() {
     const tagStr = tag(rt, config);
     if (config.silent) {
-      outputJson({ systemMessage: tagStr + ' editGuard \\u2192 skipped (silent mode)' });
+      outputJson({ systemMessage: tagStr + ' editGuard \u2192 skipped (silent mode)' });
       return;
     }
@@ -2013,7 +2013,7 @@ async function main() {
       try {
         gradeResp = await localGrade('edit', graderPrompt);
       } catch {
-        outputJson({ systemMessage: tagStr + ' editGuard ' + fileShort + ' \\u2192 local grader unavailable, skipped' });
+        outputJson({ systemMessage: tagStr + ' editGuard ' + fileShort + ' \u2192 local grader unavailable, skipped' });
         return;
       }
@@ -2034,7 +2034,7 @@ async function main() {
               ccModel: transcript.ccModel,
             });
           outputJson({
-            systemMessage: tagStr + ' editGuard ' + fileShort + ' \\u2192 blocked: ' + guardReason,
+            systemMessage: tagStr + ' editGuard ' + fileShort + ' \u2192 blocked: ' + guardReason,
             hookSpecificOutput: { hookEventName: 'PreToolUse', permissionDecision: 'deny', permissionDecisionReason: denyReason, additionalContext: denyReason },
           });
           return;
@@ -2047,7 +2047,7 @@ async function main() {
             rulesChecked: config.rules, violatedRules,
             ccModel: transcript.ccModel,
           });
-        outputJson({ systemMessage: tagStr + ' editGuard ' + fileShort + ' \\u2192 warning: ' + guardReason, hookSpecificOutput: { hookEventName: 'PreToolUse', additionalContext: 'Synkro local edit judge (audit). ' + guardReason } });
+        outputJson({ systemMessage: tagStr + ' editGuard ' + fileShort + ' \u2192 warning: ' + guardReason, hookSpecificOutput: { hookEventName: 'PreToolUse', additionalContext: 'Synkro local edit judge (audit). ' + guardReason } });
         return;
       }
@@ -2058,7 +2058,7 @@ async function main() {
           rulesChecked: config.rules, violatedRules: [],
           ccModel: transcript.ccModel,
         });
-      const passLine = tagStr + ' editGuard ' + fileShort + ' \\u2192 pass: ' + (verdict.reason || 'no policy violations detected');
+      const passLine = tagStr + ' editGuard ' + fileShort + ' \u2192 pass: ' + (verdict.reason || 'no policy violations detected');
       outputJson({ systemMessage: passLine, hookSpecificOutput: { hookEventName: 'PreToolUse', additionalContext: 'Synkro local edit judge. ' + (verdict.reason || 'no policy violations detected') } });
       return;
     }
@@ -2093,13 +2093,13 @@ async function main() {
     const resp = await postWithRetry(GATEWAY_URL + '/api/v1/hook/judge', body, jwt, 8000);
     if (!resp) {
-      log('editGuard ' + fileShort + ' \\u2192 error (timeout)');
+      log('editGuard ' + fileShort + ' \u2192 error (timeout)');
       outputEmpty();
       return;
     }
     if (!resp.hook_response || typeof resp.hook_response !== 'object') {
-      log('editGuard ' + fileShort + ' \\u2192 pass (no hook_response)');
+      log('editGuard ' + fileShort + ' \u2192 pass (no hook_response)');
       outputEmpty();
       return;
     }
@@ -2108,7 +2108,7 @@ async function main() {
     const decision = hookResp?.hookSpecificOutput?.permissionDecision;
     if (decision === 'deny' || decision === 'ask') {
-      log('editGuard ' + fileShort + ' \\u2192 BLOCKED');
+      log('editGuard ' + fileShort + ' \u2192 BLOCKED');
       // Strip permissionDecision \u2014 we use systemMessage only
       const cleaned = { ...hookResp };
       if (cleaned.hookSpecificOutput) {
@@ -2119,7 +2119,7 @@ async function main() {
       outputJson(cleaned);
     } else {
       const reason = hookResp.reason || '';
-      log('editGuard ' + fileShort + ' \\u2192 pass' + (reason ? ': ' + reason : ''));
+      log('editGuard ' + fileShort + ' \u2192 pass' + (reason ? ': ' + reason : ''));
       outputJson(hookResp);
     }
   } catch (err) {
@@ -2594,7 +2594,7 @@ async function main() {
     const rt = await route(config);
     if (config.silent) {
-      outputJson({ systemMessage: '[synkro:' + rt + ':cveScan] ' + fileShort + ' \\u2192 skipped (silent mode)' });
+      outputJson({ systemMessage: '[synkro:' + rt + ':cveScan] ' + fileShort + ' \u2192 skipped (silent mode)' });
       return;
     }
@@ -2603,7 +2603,7 @@ async function main() {
     // Reconstruct proposed content
     const proposed = reconstructContent(toolName, toolInput, filePath, cwd);
     if (!proposed) {
-      outputJson({ systemMessage: cveTag + ' ' + fileShort + ' \\u2192 skip (no content)' });
+      outputJson({ systemMessage: cveTag + ' ' + fileShort + ' \u2192 skip (no content)' });
       return;
     }
@@ -2632,7 +2632,7 @@ async function main() {
       });
       cveResp = await resp.json();
     } catch {
-      outputJson({ systemMessage: cveTag + ' ' + fileShort + ' \\u2192 error (timeout)' });
+      outputJson({ systemMessage: cveTag + ' ' + fileShort + ' \u2192 error (timeout)' });
       return;
     }
@@ -2669,7 +2669,7 @@ async function main() {
       const top3 = findings.slice(0, 3).map(formatFinding).join('; ');
       const count = findings.length;
       const label = count === 1 ? 'advisory' : 'advisories';
-      const cveMsg = cveTag + ' ' + fileShort + ' \\u2192 ' + count + ' ' + label;
+      const cveMsg = cveTag + ' ' + fileShort + ' \u2192 ' + count + ' ' + label;
       const ctx = 'CVE: ' + top3 + '\\nFix all issues before retrying. Do NOT ask the user to make the edit manually \u2014 upgrade the vulnerable dependencies yourself.';
       const cveIds = findings.slice(0, 10).map((f: any) =>
@@ -2689,7 +2689,7 @@ async function main() {
       return;
     }
-    outputJson({ systemMessage: cveTag + ' ' + fileShort + ' \\u2192 clean' });
+    outputJson({ systemMessage: cveTag + ' ' + fileShort + ' \u2192 clean' });
   } catch (err) {
     process.stderr.write('[synkro] cveGuard error: ' + String(err) + '\\n');
     outputEmpty();
@@ -2698,7 +2698,7 @@ async function main() {
 main();
 `;
-    BASH_JUDGE_TS = `#!/usr/bin/env bun
+    BASH_JUDGE_TS = String.raw`#!/usr/bin/env bun
 import process from 'node:process';
 import {
   loadJwt, ensureFreshJwt, detectRepo, loadConfig, route, tag, localGrade,
@@ -2751,17 +2751,17 @@ async function main() {
     if (!jwt) { outputEmpty(); return; }
     jwt = await ensureFreshJwt(jwt);
-    // \u2500\u2500\u2500 Install protection: server-side pkg-scan (CVE + typosquat + tarball + reputation) \u2500\u2500\u2500
+    // ─── Install protection: server-side pkg-scan (CVE + typosquat + tarball + reputation) ───
     let installScanMsg = '';
     if (toolName === 'Bash') {
       const pkgInstallMatch = command.match(
-        /^(?:.*&&s*|.*;s*)?(?:npms+(?:install|i|add)|pnpms+(?:add|install|i)|yarns+add|buns+(?:add|install|i)|(?:uvs+)?pip3?s+install|gos+get|cargos+add|gems+install|composers+require)s+([^|;&><]+)/
+        /^(?:.*&&\s*|.*;\s*)?(?:npm\s+(?:install|i|add)|pnpm\s+(?:add|install|i)|yarn\s+add|bun\s+(?:add|install|i)|(?:uv\s+)?pip3?\s+install|go\s+get|cargo\s+add|gem\s+install|composer\s+require)\s+([^|;&><]+)/
       );
-      const isPip = /(?:uvs+)?pip3?s+install/.test(command);
+      const isPip = /(?:uv\s+)?pip3?\s+install/.test(command);
       if (pkgInstallMatch) {
         const rawArgs = pkgInstallMatch[1];
         const packages: Array<{ name: string; version: string; ecosystem: string }> = [];
-        const tokens = rawArgs.split(/s+/);
+        const tokens = rawArgs.split(/\s+/);
         let skipNext = false;
         for (const token of tokens) {
           if (skipNext) { skipNext = false; continue; }
@@ -2803,11 +2803,9 @@ async function main() {
               const blockSignals = pkgResults
                 .flatMap((p: any) => (p.signals || []).filter((s: any) => s.severity === 'critical' || s.severity === 'high'))
                 .slice(0, 5);
-              const scanMsg = '[synkro:installScan] ' + cmdShort + ' \u2192 blocked';
-              const details = blockSignals.map((s: any) => s.detail).join('
-');
-              const ctx = details + '
-Do NOT install packages with security risks. Use a patched version or a different package.';
+              const scanMsg = '[synkro:installScan] ' + cmdShort + ' → blocked';
+              const details = blockSignals.map((s: any) => s.detail).join('\n');
+              const ctx = details + '\nDo NOT install packages with security risks. Use a patched version or a different package.';
               const config = await loadConfig(jwt);
               for (const p of pkgResults) {
@@ -2848,7 +2846,7 @@ Do NOT install packages with security risks. Use a patched version or a differen
               installScanMsg = '[synkro:installScan] ' + summary;
             } else {
               const scannedPkgs = packages.map(p => p.name + '@' + p.version).join(', ');
-              installScanMsg = '[synkro:installScan] ' + scannedPkgs + ' \u2192 clean';
+              installScanMsg = '[synkro:installScan] ' + scannedPkgs + ' → clean';
             }
           } catch (e) {
             log('bashGuard pkg-scan failed: ' + String(e));
@@ -2864,7 +2862,7 @@ Do NOT install packages with security risks. Use a patched version or a differen
     const tagStr = tag(rt, config);
     if (config.silent) {
-      const msg = (installScanMsg ? installScanMsg + '\\n' : '') + tagStr + ' bashGuard \\u2192 skipped (silent mode)';
+      const msg = (installScanMsg ? installScanMsg + '\\n' : '') + tagStr + ' bashGuard → skipped (silent mode)';
       outputJson({ systemMessage: msg, hookSpecificOutput: { hookEventName: 'PreToolUse', additionalContext: msg } });
       return;
     }
@@ -2883,7 +2881,7 @@ Do NOT install packages with security risks. Use a patched version or a differen
       try {
         gradeResp = await localGrade('bash', graderPrompt);
       } catch {
-        outputJson({ systemMessage: tagStr + ' bashGuard \\u2192 local grader unavailable, skipped' });
+        outputJson({ systemMessage: tagStr + ' bashGuard → local grader unavailable, skipped' });
         return;
       }
@@ -2895,7 +2893,7 @@ Do NOT install packages with security risks. Use a patched version or a differen
         const guardReason = (verdict.ruleId ? '(' + verdict.ruleId + ') ' : '') + (verdict.reason || 'policy violation');
         if (mode === 'audit') {
-          const reason = tagStr + ' bashGuard \\u2192 warning' + (verdict.ruleId ? ' (' + verdict.ruleId + ')' : '') + ': ' + (verdict.reason || 'policy violation');
+          const reason = tagStr + ' bashGuard → warning' + (verdict.ruleId ? ' (' + verdict.ruleId + ')' : '') + ': ' + (verdict.reason || 'policy violation');
           const combined = (installScanMsg ? installScanMsg + '\\n' : '') + reason;
           outputJson({ systemMessage: combined, hookSpecificOutput: { hookEventName: 'PreToolUse', additionalContext: combined } });
           dispatchCapture(jwt, 'bash', 'warning', verdict.severity || 'medium', verdict.category || 'security',
@@ -2904,7 +2902,7 @@ Do NOT install packages with security risks. Use a patched version or a differen
               recentUserMessages: transcript.recentUserMessages, ccModel: transcript.ccModel,
             });
         } else {
-          const reason = tagStr + ' bashGuard \\u2192 blocked' + (verdict.ruleId ? ' (' + verdict.ruleId + ')' : '') + ': ' + (verdict.reason || 'policy violation') + '. Ask the user for explicit consent before retrying.';
+          const reason = tagStr + ' bashGuard → blocked' + (verdict.ruleId ? ' (' + verdict.ruleId + ')' : '') + ': ' + (verdict.reason || 'policy violation') + '. Ask the user for explicit consent before retrying.';
           const combined = (installScanMsg ? installScanMsg + '\\n' : '') + reason;
           outputJson({
             systemMessage: combined,
@@ -2917,7 +2915,7 @@ Do NOT install packages with security risks. Use a patched version or a differen
             });
         }
       } else {
-        const reason = tagStr + ' bashGuard \\u2192 pass: ' + (verdict.reason || 'no policy violations detected');
+        const reason = tagStr + ' bashGuard → pass: ' + (verdict.reason || 'no policy violations detected');
         const combined = (installScanMsg ? installScanMsg + '\\n' : '') + reason;
         outputJson({ systemMessage: combined, hookSpecificOutput: { hookEventName: 'PreToolUse', additionalContext: combined } });
         dispatchCapture(jwt, 'bash', 'pass', 'audit', verdict.category || 'trivial_utility',
@@ -2930,7 +2928,7 @@ Do NOT install packages with security risks. Use a patched version or a differen
       return;
     }
-    // \u2500\u2500\u2500 Cloud grading \u2500\u2500\u2500
+    // ─── Cloud grading ───
     const isHeadless = ['acceptEdits', 'bypassPermissions', 'plan', 'auto'].includes(permissionMode)
       || process.env.SYNKRO_HEADLESS === '1';
@@ -2957,7 +2955,7 @@ Do NOT install packages with security risks. Use a patched version or a differen
     const resp = await postWithRetry(GATEWAY_URL + '/api/v1/hook/judge', body, jwt, 8000);
     if (!resp) {
-      log('bashGuard ' + cmdShort + ' \\u2192 error (timeout)');
+      log('bashGuard ' + cmdShort + ' → error (timeout)');
       if (installScanMsg) {
         outputJson({ systemMessage: installScanMsg, hookSpecificOutput: { hookEventName: 'PreToolUse', additionalContext: installScanMsg } });
       } else { outputEmpty(); }
@@ -2965,7 +2963,7 @@ Do NOT install packages with security risks. Use a patched version or a differen
     }
     if (!resp.hook_response || typeof resp.hook_response !== 'object') {
-      log('bashGuard ' + cmdShort + ' \\u2192 pass (no hook_response)');
+      log('bashGuard ' + cmdShort + ' → pass (no hook_response)');
       if (installScanMsg) {
         outputJson({ systemMessage: installScanMsg, hookSpecificOutput: { hookEventName: 'PreToolUse', additionalContext: installScanMsg } });
       } else { outputEmpty(); }
@@ -3041,7 +3039,7 @@ async function main() {
     const tagStr = tag(rt, config);
     if (config.silent) {
-      const msg = tagStr + ' agentGuard \\u2192 skipped (silent mode)';
+      const msg = tagStr + ' agentGuard \u2192 skipped (silent mode)';
       outputJson({ systemMessage: msg, hookSpecificOutput: { hookEventName: 'PreToolUse', additionalContext: msg } });
       return;
     }
@@ -3064,7 +3062,7 @@ async function main() {
       try {
         gradeResp = await localGrade('bash', graderPrompt);
       } catch {
-        outputJson({ systemMessage: tagStr + ' agentGuard \\u2192 local grader unavailable, skipped' });
+        outputJson({ systemMessage: tagStr + ' agentGuard \u2192 local grader unavailable, skipped' });
         return;
       }
@@ -3077,7 +3075,7 @@ async function main() {
         const guardReason = (verdict.ruleId ? '(' + verdict.ruleId + ') ' : '') + (verdict.reason || 'policy violation');
         if (mode === 'audit') {
-          const reason = tagStr + ' agentGuard \\u2192 warning' + (verdict.ruleId ? ' (' + verdict.ruleId + ')' : '') + ': ' + (verdict.reason || 'policy violation');
+          const reason = tagStr + ' agentGuard \u2192 warning' + (verdict.ruleId ? ' (' + verdict.ruleId + ')' : '') + ': ' + (verdict.reason || 'policy violation');
           outputJson({ systemMessage: reason, hookSpecificOutput: { hookEventName: 'PreToolUse', additionalContext: reason } });
           dispatchCapture(jwt, 'agent', 'warning', verdict.severity || 'medium', verdict.category || 'security',
             toolName, gitRepo, sessionId, config.captureDepth, {
@@ -3085,7 +3083,7 @@ async function main() {
               recentUserMessages: transcript.recentUserMessages, ccModel: transcript.ccModel,
             });
         } else {
-          const reason = tagStr + ' agentGuard \\u2192 blocked' + (verdict.ruleId ? ' (' + verdict.ruleId + ')' : '') + ': ' + (verdict.reason || 'policy violation') + '. Ask the user for explicit consent before retrying.';
+          const reason = tagStr + ' agentGuard \u2192 blocked' + (verdict.ruleId ? ' (' + verdict.ruleId + ')' : '') + ': ' + (verdict.reason || 'policy violation') + '. Ask the user for explicit consent before retrying.';
           outputJson({
             systemMessage: reason,
             hookSpecificOutput: { hookEventName: 'PreToolUse', permissionDecision: 'deny', permissionDecisionReason: reason, additionalContext: reason },
@@ -3097,7 +3095,7 @@ async function main() {
             });
         }
       } else {
-        const reason = tagStr + ' agentGuard \\u2192 pass: ' + (verdict.reason || 'no policy violations detected');
+        const reason = tagStr + ' agentGuard \u2192 pass: ' + (verdict.reason || 'no policy violations detected');
         outputJson({ systemMessage: reason, hookSpecificOutput: { hookEventName: 'PreToolUse', additionalContext: reason } });
         dispatchCapture(jwt, 'agent', 'pass', 'audit', verdict.category || 'subagent_spawn',
           toolName, gitRepo, sessionId, config.captureDepth, {
@@ -3136,13 +3134,13 @@ async function main() {
     const resp = await postWithRetry(GATEWAY_URL + '/api/v1/hook/judge', body, jwt, 8000);
     if (!resp) {
-      log('agentGuard ' + promptShort + ' \\u2192 error (timeout)');
+      log('agentGuard ' + promptShort + ' \u2192 error (timeout)');
       outputEmpty();
       return;
     }
     if (!resp.hook_response || typeof resp.hook_response !== 'object') {
-      log('agentGuard ' + promptShort + ' \\u2192 pass (no hook_response)');
+      log('agentGuard ' + promptShort + ' \u2192 pass (no hook_response)');
       outputEmpty();
       return;
     }
@@ -3237,7 +3235,7 @@ async function main() {
     const tagStr = tag(rt, config);
     if (config.silent) {
-      outputJson({ systemMessage: tagStr + ' planReview \\u2192 skipped (silent mode)' });
+      outputJson({ systemMessage: tagStr + ' planReview \u2192 skipped (silent mode)' });
       return;
     }
@@ -3254,7 +3252,7 @@ async function main() {
       try {
         gradeResp = await localGrade('plan', graderPrompt);
       } catch {
-        outputJson({ systemMessage: tagStr + ' planReview \\u2192 local grader unavailable, skipped' });
+        outputJson({ systemMessage: tagStr + ' planReview \u2192 local grader unavailable, skipped' });
         return;
       }
@@ -3265,7 +3263,7 @@ async function main() {
       if (!verdict.ok) {
         const reviewMsg = (verdict.ruleId ? '(first: ' + verdict.ruleId + ') ' : '') + (verdict.reason || 'check org rules during implementation');
         appendReviewToPlan(planFile, '\\u26a0\\ufe0f Advisory \\u2014 ' + reviewMsg);
-        const advLine = tagStr + ' planReview \\u2192 ' + reviewMsg;
+        const advLine = tagStr + ' planReview \u2192 ' + reviewMsg;
         outputJson({ systemMessage: advLine, hookSpecificOutput: { hookEventName: 'PreToolUse', additionalContext: 'Synkro local plan judge (advisory). ' + reviewMsg } });
         dispatchCapture(jwt, 'plan_review', 'advisory', verdict.severity || 'medium', verdict.category || 'general',
           'ExitPlanMode', gitRepo, sessionId, config.captureDepth, {
@@ -3275,7 +3273,7 @@ async function main() {
       } else {
         const reviewMsg = verdict.reason || 'no relevant org rules for this plan';
         appendReviewToPlan(planFile, '\\u2705 Clean \\u2014 ' + reviewMsg);
-        const cleanLine = tagStr + ' planReview \\u2192 clean: ' + reviewMsg;
+        const cleanLine = tagStr + ' planReview \u2192 clean: ' + reviewMsg;
         outputJson({ systemMessage: cleanLine, hookSpecificOutput: { hookEventName: 'PreToolUse', additionalContext: 'Synkro local plan judge. ' + reviewMsg } });
         dispatchCapture(jwt, 'plan_review', 'clean', 'audit', verdict.category || 'general',
           'ExitPlanMode', gitRepo, sessionId, config.captureDepth, {
@@ -3299,7 +3297,7 @@ async function main() {
     const resp = await postWithRetry(GATEWAY_URL + '/api/v1/hook/judge', body, jwt, 12000);
     if (!resp) {
-      log('planReview \\u2192 error (timeout)');
+      log('planReview \u2192 error (timeout)');
       outputEmpty();
       return;
     }
@@ -3311,7 +3309,7 @@ async function main() {
     if (decision) {
       const reason = hookResp?.hookSpecificOutput?.permissionDecisionReason || 'check org rules';
       appendReviewToPlan(planFile, '\\u26a0\\ufe0f Advisory \\u2014 ' + reason);
-      outputJson({ systemMessage: tagStr + ' planReview \\u2192 advisory: ' + reason });
+      outputJson({ systemMessage: tagStr + ' planReview \u2192 advisory: ' + reason });
     } else {
       const cloudMsg = hookResp.systemMessage || '';
       if (cloudMsg) appendReviewToPlan(planFile, '\\u2705 ' + cloudMsg);
@@ -3401,9 +3399,9 @@ async function main() {
     const tagStr = tag('local', config);
     if (!findings) {
-      outputJson({ systemMessage: tagStr + ' stop \\u2192 0 issues across ' + edits + ' edit(s), session complete' });
+      outputJson({ systemMessage: tagStr + ' stop \u2192 0 issues across ' + edits + ' edit(s), session complete' });
     } else {
-      outputJson({ systemMessage: tagStr + ' stop \\u2192 ' + findings + ' finding(s): ' + autoFixed + ' auto-fixed, ' + open + ' open' });
+      outputJson({ systemMessage: tagStr + ' stop \u2192 ' + findings + ' finding(s): ' + autoFixed + ' auto-fixed, ' + open + ' open' });
     }
   } catch (err) {
     process.stderr.write('[synkro] stopSummary error: ' + String(err) + '\\n');
@@ -3466,9 +3464,9 @@ async function main() {
     if (!openFindings) {
       outputJson({ systemMessage: routeLine });
     } else if (openFindings === 1) {
-      outputJson({ systemMessage: routeLine + '\\n' + tagStr + ' session start \\u2192 1 open finding in this repo from a prior session.' });
+      outputJson({ systemMessage: routeLine + '\\n' + tagStr + ' session start \u2192 1 open finding in this repo from a prior session.' });
     } else {
-      outputJson({ systemMessage: routeLine + '\\n' + tagStr + ' session start \\u2192 ' + openFindings + ' open findings in this repo from prior sessions.' });
+      outputJson({ systemMessage: routeLine + '\\n' + tagStr + ' session start \u2192 ' + openFindings + ' open findings in this repo from prior sessions.' });
     }
   } catch (err) {
     process.stderr.write('[synkro] sessionStart error: ' + String(err) + '\\n');
@@ -6398,7 +6396,7 @@ function writeConfigEnv(opts) {
     `SYNKRO_CREDENTIALS_PATH=${shellQuoteSingle(credsPath)}`,
     `SYNKRO_TIER=${shellQuoteSingle(safeTier)}`,
     `SYNKRO_INFERENCE=${shellQuoteSingle(safeInference)}`,
-    `SYNKRO_VERSION=${shellQuoteSingle("1.4.82")}`
+    `SYNKRO_VERSION=${shellQuoteSingle("1.4.84")}`
   ];
   if (safeSynkroBin) lines.push(`SYNKRO_CLI_BIN=${shellQuoteSingle(safeSynkroBin)}`);
   if (safeUserId) lines.push(`SYNKRO_USER_ID=${shellQuoteSingle(safeUserId)}`);