npm - @synkro-sh/cli - Versions diffs - 1.5.3 → 1.5.4 - Mend

@synkro-sh/cli 1.5.3 → 1.5.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/bootstrap.js CHANGED Viewed

@@ -2849,6 +2849,59 @@ async function main() {
     const cmdShort = command.slice(0, 80);
     log('bashGuard checking: ' + cmdShort);
+    // ─── Hook-side short-circuit for safe in-repo reads ───
+    // The judge primer already deterministically allows these, but the round
+    // trip + batch queue still costs 1–25s per call. Skipping the grade for
+    // unambiguously read-only operations removes that latency for ~half of
+    // typical commands (cat/grep/git status/ls/etc.) and unblocks the worker
+    // pool to grade the operations that actually need judgment.
+    function isSafeInRepoRead(tName: string, cmd: string): boolean {
+      // CC's native read tools are inherently safe.
+      if (tName === 'Read' || tName === 'Grep' || tName === 'Glob') return true;
+      if (tName !== 'Bash' && tName !== 'Shell' && tName !== 'terminal' &&
+          tName !== 'run_terminal_cmd' && tName !== 'execute_command') return false;
+      // Reject any shell metacharacter that could turn a "read" into a write
+      // or chain to an unsafe consumer: redirects, pipes, sequencing, command
+      // substitution, sudo/su.
+      if (/[>;&|\\\`]|\\$\\(|<<|\\bsudo\\b|\\bsu\\b|\\brm\\b|\\bmv\\b|\\bcp\\b|\\bchmod\\b|\\bchown\\b|\\btee\\b|\\bsed\\s+-i\\b|\\bkill\\b/.test(cmd)) return false;
+      const SAFE_VERBS = new Set([
+        'cat','head','tail','less','more','grep','egrep','fgrep','rg','ag',
+        'find','fd','ls','wc','cmp','diff','file','stat','which','whereis','type',
+        'pwd','whoami','id','date','echo','printf','env','true','false',
+        'jq','yq','awk','sort','uniq','cut','tr','xxd','hexdump','od','column',
+        'node','npm','pnpm','yarn','bun','python','python3','ruby','go','rustc','cargo',
+        'git',
+      ]);
+      const tokens = cmd.trim().split(/\\s+/);
+      const verb = tokens[0] || '';
+      if (!SAFE_VERBS.has(verb)) return false;
+      // For multi-mode tools, only allow read subcommands / version flags.
+      if (verb === 'git') {
+        const SAFE_GIT = new Set(['log','show','diff','blame','status','branch','tag','remote','config','rev-parse','ls-files','ls-tree','cat-file','shortlog','reflog','describe','symbolic-ref']);
+        const sub = tokens[1] || '';
+        return SAFE_GIT.has(sub);
+      }
+      if (['npm','pnpm','yarn','bun','cargo','go'].includes(verb)) {
+        // Only allow plain version/info/list/why probes — block install/add/update/run/exec.
+        const sub = tokens[1] || '';
+        const SAFE_PKG = new Set(['--version','-v','version','list','ls','why','view','show','info','outdated','-h','--help','help']);
+        return SAFE_PKG.has(sub);
+      }
+      if (['node','python','python3','ruby','rustc'].includes(verb)) {
+        const sub = tokens[1] || '';
+        return sub === '--version' || sub === '-v' || sub === '-V';
+      }
+      // sed without -i flag is read-only by definition; we already excluded
+      // sed -i above. Anything else with a SAFE_VERB and no metachars is fine.
+      return true;
+    }
+    if (isSafeInRepoRead(toolName, command)) {
+      log('bashGuard ' + cmdShort + ' → instant allow (safe in-repo read)');
+      outputJson({ hookSpecificOutput: { hookEventName: 'PreToolUse', additionalContext: 'Synkro: safe in-repo read, deterministic allow.' } });
+      return;
+    }
     let jwt = loadJwt();
     if (!jwt) { outputEmpty(); return; }
     jwt = await ensureFreshJwt(jwt);
@@ -5570,6 +5623,9 @@ async function dockerInstall(opts = {}) {
     `${CLAUDE_HOST_STATE_DIR}:/data/claude-host-state:ro`,
     "-e",
     `WORKERS_PER_POOL=${workers}`,
+    // Pass through the batch-size lever if the operator set it. Defaults
+    // inside the container to 5; clamped to [1, 20] by synkro-server.ts.
+    ...process.env.SYNKRO_MAX_BATCH_SIZE ? ["-e", `SYNKRO_MAX_BATCH_SIZE=${process.env.SYNKRO_MAX_BATCH_SIZE}`] : [],
     image
   ];
   const run = spawnSync2("docker", args2, { encoding: "utf-8", stdio: "inherit", timeout: 6e4 });
@@ -5796,7 +5852,7 @@ function writeConfigEnv(opts) {
     `SYNKRO_CREDENTIALS_PATH=${shellQuoteSingle(credsPath)}`,
     `SYNKRO_TIER=${shellQuoteSingle(safeTier)}`,
     `SYNKRO_INFERENCE=${shellQuoteSingle(safeInference)}`,
-    `SYNKRO_VERSION=${shellQuoteSingle("1.5.3")}`
+    `SYNKRO_VERSION=${shellQuoteSingle("1.5.4")}`
   ];
   if (safeSynkroBin) lines.push(`SYNKRO_CLI_BIN=${shellQuoteSingle(safeSynkroBin)}`);
   if (safeUserId) lines.push(`SYNKRO_USER_ID=${shellQuoteSingle(safeUserId)}`);
@@ -6203,7 +6259,7 @@ async function installCommand(opts = {}) {
       process.exit(1);
     }
     console.log("Installing Synkro server container...");
-    const workersPerPool = parseInt(process.env.SYNKRO_WORKERS_PER_POOL || "4", 10);
+    const workersPerPool = parseInt(process.env.SYNKRO_WORKERS_PER_POOL || "8", 10);
     const { image, hostMcpPort, hostGraderPort, hostCwePort } = await dockerInstall({ workersPerPool });
     console.log(`  \u2713 pulled ${image}`);
     console.log(`  container started \u2014 MCP=${hostMcpPort} general=${hostGraderPort} CWE=${hostCwePort}`);
@@ -7186,7 +7242,7 @@ var args = process.argv.slice(2);
 var cmd = args[0] || "";
 var subArgs = args.slice(1);
 function printVersion() {
-  console.log("1.5.3");
+  console.log("1.5.4");
 }
 function printHelp() {
   console.log(`Synkro CLI \u2014 runtime safety for AI coding agents