@synkro-sh/cli 1.4.99 → 1.4.100
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/bootstrap.js +12 -5
- package/dist/bootstrap.js.map +1 -1
- package/package.json +1 -1
package/dist/bootstrap.js
CHANGED
|
@@ -992,7 +992,7 @@ export async function channelUp(port = 18929): Promise<boolean> {
|
|
|
992
992
|
const done = (ok: boolean) => { try { sock.destroy(); } catch {} resolve(ok); };
|
|
993
993
|
sock.once('connect', () => done(true));
|
|
994
994
|
sock.once('error', () => done(false));
|
|
995
|
-
sock.setTimeout(
|
|
995
|
+
sock.setTimeout(3000, () => done(false));
|
|
996
996
|
});
|
|
997
997
|
}
|
|
998
998
|
|
|
@@ -2016,6 +2016,7 @@ async function main() {
|
|
|
2016
2016
|
'User intent (last human message): ' + (transcript.userIntent || 'none stated'),
|
|
2017
2017
|
'Last user prompt: ' + (lastPrompt || 'none'),
|
|
2018
2018
|
'Org rules: ' + JSON.stringify(config.rules),
|
|
2019
|
+
'IMPORTANT: If a rule is violated, ALWAYS return ok=false with the rule_id and reason, regardless of the rule mode. Do NOT pass a command just because the rule mode is "audit". The enforcement layer handles audit vs blocking \u2014 your job is only to detect violations.',
|
|
2019
2020
|
].join('\\n');
|
|
2020
2021
|
|
|
2021
2022
|
let gradeResp: string;
|
|
@@ -2964,6 +2965,9 @@ async function main() {
|
|
|
2964
2965
|
'User intent (last human message): ' + (transcript.userIntent || 'none stated'),
|
|
2965
2966
|
'Last user prompt: ' + (lastPrompt || 'none'),
|
|
2966
2967
|
'Org rules: ' + JSON.stringify(config.rules),
|
|
2968
|
+
'IMPORTANT: If a rule is violated, ALWAYS return ok=false with the rule_id and reason, regardless of the rule mode. Do NOT pass a command just because the rule mode is "audit". The enforcement layer handles audit vs blocking — your job is only to detect violations.',
|
|
2969
|
+
'When passing (ok=true), cite which rules you checked and why they passed (e.g. "R006 satisfied: typecheck found in session history"). Be specific, not generic.',
|
|
2970
|
+
'Rules with preconditions (e.g. "run X before Y") are CONSUMED after the protected action completes. Use the session history timestamps to determine ordering: a precondition satisfied before the last occurrence of the protected action does NOT satisfy the next occurrence. Each new protected action needs its precondition re-satisfied.',
|
|
2967
2971
|
].filter(Boolean).join('\\n');
|
|
2968
2972
|
|
|
2969
2973
|
let gradeResp: string;
|
|
@@ -3004,7 +3008,9 @@ async function main() {
|
|
|
3004
3008
|
});
|
|
3005
3009
|
}
|
|
3006
3010
|
} else {
|
|
3007
|
-
const
|
|
3011
|
+
const auditRuleIds = (config.rules || []).filter((r: any) => r.mode === 'audit').map((r: any) => r.rule_id || r.id).filter(Boolean);
|
|
3012
|
+
const auditNote = auditRuleIds.length > 0 ? ' (audit rules checked: ' + auditRuleIds.join(', ') + ')' : '';
|
|
3013
|
+
const reason = tagStr + ' bashGuard → pass: ' + (verdict.reason || 'no policy violations detected') + auditNote;
|
|
3008
3014
|
const combined = (installScanMsg ? installScanMsg + '\\n' : '') + reason;
|
|
3009
3015
|
outputJson({ systemMessage: combined, hookSpecificOutput: { hookEventName: 'PreToolUse', additionalContext: combined } });
|
|
3010
3016
|
dispatchCapture(jwt, 'bash', 'pass', 'audit', verdict.category || 'trivial_utility',
|
|
@@ -3149,6 +3155,7 @@ async function main() {
|
|
|
3149
3155
|
'User intent (last human message): ' + (transcript.userIntent || 'none stated'),
|
|
3150
3156
|
'Last user prompt: ' + (lastPrompt || 'none'),
|
|
3151
3157
|
'Org rules: ' + JSON.stringify(config.rules),
|
|
3158
|
+
'IMPORTANT: If a rule is violated, ALWAYS return ok=false with the rule_id and reason, regardless of the rule mode. Do NOT pass a command just because the rule mode is "audit". The enforcement layer handles audit vs blocking \u2014 your job is only to detect violations.',
|
|
3152
3159
|
].filter(Boolean).join('\\n');
|
|
3153
3160
|
|
|
3154
3161
|
let gradeResp: string;
|
|
@@ -5472,7 +5479,7 @@ function claudeCredsHostDir() {
|
|
|
5472
5479
|
async function dockerInstall(opts = {}) {
|
|
5473
5480
|
assertDockerAvailable();
|
|
5474
5481
|
const image = imageTag();
|
|
5475
|
-
const workers = String(opts.workersPerPool ??
|
|
5482
|
+
const workers = String(opts.workersPerPool ?? 8);
|
|
5476
5483
|
mkdirSync7(PGDATA_PATH, { recursive: true });
|
|
5477
5484
|
if (!existsSync8(MCP_JWT_PATH)) {
|
|
5478
5485
|
throw new DockerInstallError(
|
|
@@ -5732,7 +5739,7 @@ function writeConfigEnv(opts) {
|
|
|
5732
5739
|
`SYNKRO_CREDENTIALS_PATH=${shellQuoteSingle(credsPath)}`,
|
|
5733
5740
|
`SYNKRO_TIER=${shellQuoteSingle(safeTier)}`,
|
|
5734
5741
|
`SYNKRO_INFERENCE=${shellQuoteSingle(safeInference)}`,
|
|
5735
|
-
`SYNKRO_VERSION=${shellQuoteSingle("1.4.
|
|
5742
|
+
`SYNKRO_VERSION=${shellQuoteSingle("1.4.100")}`
|
|
5736
5743
|
];
|
|
5737
5744
|
if (safeSynkroBin) lines.push(`SYNKRO_CLI_BIN=${shellQuoteSingle(safeSynkroBin)}`);
|
|
5738
5745
|
if (safeUserId) lines.push(`SYNKRO_USER_ID=${shellQuoteSingle(safeUserId)}`);
|
|
@@ -7168,7 +7175,7 @@ var args = process.argv.slice(2);
|
|
|
7168
7175
|
var cmd = args[0] || "";
|
|
7169
7176
|
var subArgs = args.slice(1);
|
|
7170
7177
|
function printVersion() {
|
|
7171
|
-
console.log("1.4.
|
|
7178
|
+
console.log("1.4.100");
|
|
7172
7179
|
}
|
|
7173
7180
|
function printHelp() {
|
|
7174
7181
|
console.log(`Synkro CLI \u2014 runtime safety for AI coding agents
|