npm - @synkro-sh/cli - Versions diffs - 1.5.3 → 1.5.5 - Mend

@synkro-sh/cli 1.5.3 → 1.5.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/bootstrap.js CHANGED Viewed

@@ -2849,6 +2849,61 @@ async function main() {
     const cmdShort = command.slice(0, 80);
     log('bashGuard checking: ' + cmdShort);
+    // ─── Hook-side short-circuit for safe in-repo reads ───
+    // The judge primer already deterministically allows these, but the round
+    // trip + batch queue still costs 1–25s per call. Skipping the grade for
+    // unambiguously read-only operations removes that latency for ~half of
+    // typical commands (cat/grep/git status/ls/etc.) and unblocks the worker
+    // pool to grade the operations that actually need judgment.
+    function isSafeInRepoRead(tName: string, cmd: string): boolean {
+      // CC's native read tools are inherently safe.
+      if (tName === 'Read' || tName === 'Grep' || tName === 'Glob') return true;
+      if (tName !== 'Bash' && tName !== 'Shell' && tName !== 'terminal' &&
+          tName !== 'run_terminal_cmd' && tName !== 'execute_command') return false;
+      // Reject any shell metacharacter that could turn a "read" into a write
+      // or chain to an unsafe consumer. Using string includes instead of a
+      // regex because escaping inside a String.raw template literal is a
+      // footgun (we got bitten by an unbalanced-paren regex once already).
+      const UNSAFE_CHARS = ['>', ';', '&', '|', '\`'];
+      for (const ch of UNSAFE_CHARS) { if (cmd.indexOf(ch) !== -1) return false; }
+      const padded = ' ' + cmd + ' ';
+      const UNSAFE_WORDS = [' sudo ', ' su ', ' rm ', ' mv ', ' cp ', ' chmod ', ' chown ', ' tee ', ' kill ', ' sed -i', ' sed --in-place', '\$('];
+      for (const w of UNSAFE_WORDS) { if (padded.indexOf(w) !== -1) return false; }
+      const SAFE_VERBS = new Set([
+        'cat','head','tail','less','more','grep','egrep','fgrep','rg','ag',
+        'find','fd','ls','wc','cmp','diff','file','stat','which','whereis','type',
+        'pwd','whoami','id','date','echo','printf','env','true','false',
+        'jq','yq','awk','sort','uniq','cut','tr','xxd','hexdump','od','column',
+        'node','npm','pnpm','yarn','bun','python','python3','ruby','go','rustc','cargo',
+        'git','sed',
+      ]);
+      const tokens = cmd.trim().split(' ').filter(t => t.length > 0);
+      const verb = tokens[0] || '';
+      if (!SAFE_VERBS.has(verb)) return false;
+      if (verb === 'git') {
+        const SAFE_GIT = new Set(['log','show','diff','blame','status','branch','tag','remote','config','rev-parse','ls-files','ls-tree','cat-file','shortlog','reflog','describe','symbolic-ref']);
+        const sub = tokens[1] || '';
+        return SAFE_GIT.has(sub);
+      }
+      if (['npm','pnpm','yarn','bun','cargo','go'].includes(verb)) {
+        const sub = tokens[1] || '';
+        const SAFE_PKG = new Set(['--version','-v','version','list','ls','why','view','show','info','outdated','-h','--help','help']);
+        return SAFE_PKG.has(sub);
+      }
+      if (['node','python','python3','ruby','rustc'].includes(verb)) {
+        const sub = tokens[1] || '';
+        return sub === '--version' || sub === '-v' || sub === '-V';
+      }
+      // sed: only safe without -i (we filtered that above).
+      return true;
+    }
+    if (isSafeInRepoRead(toolName, command)) {
+      log('bashGuard ' + cmdShort + ' → instant allow (safe in-repo read)');
+      outputJson({ hookSpecificOutput: { hookEventName: 'PreToolUse', additionalContext: 'Synkro: safe in-repo read, deterministic allow.' } });
+      return;
+    }
     let jwt = loadJwt();
     if (!jwt) { outputEmpty(); return; }
     jwt = await ensureFreshJwt(jwt);
@@ -5570,6 +5625,9 @@ async function dockerInstall(opts = {}) {
     `${CLAUDE_HOST_STATE_DIR}:/data/claude-host-state:ro`,
     "-e",
     `WORKERS_PER_POOL=${workers}`,
+    // Pass through the batch-size lever if the operator set it. Defaults
+    // inside the container to 5; clamped to [1, 20] by synkro-server.ts.
+    ...process.env.SYNKRO_MAX_BATCH_SIZE ? ["-e", `SYNKRO_MAX_BATCH_SIZE=${process.env.SYNKRO_MAX_BATCH_SIZE}`] : [],
     image
   ];
   const run = spawnSync2("docker", args2, { encoding: "utf-8", stdio: "inherit", timeout: 6e4 });
@@ -5796,7 +5854,7 @@ function writeConfigEnv(opts) {
     `SYNKRO_CREDENTIALS_PATH=${shellQuoteSingle(credsPath)}`,
     `SYNKRO_TIER=${shellQuoteSingle(safeTier)}`,
     `SYNKRO_INFERENCE=${shellQuoteSingle(safeInference)}`,
-    `SYNKRO_VERSION=${shellQuoteSingle("1.5.3")}`
+    `SYNKRO_VERSION=${shellQuoteSingle("1.5.5")}`
   ];
   if (safeSynkroBin) lines.push(`SYNKRO_CLI_BIN=${shellQuoteSingle(safeSynkroBin)}`);
   if (safeUserId) lines.push(`SYNKRO_USER_ID=${shellQuoteSingle(safeUserId)}`);
@@ -6203,7 +6261,7 @@ async function installCommand(opts = {}) {
       process.exit(1);
     }
     console.log("Installing Synkro server container...");
-    const workersPerPool = parseInt(process.env.SYNKRO_WORKERS_PER_POOL || "4", 10);
+    const workersPerPool = parseInt(process.env.SYNKRO_WORKERS_PER_POOL || "8", 10);
     const { image, hostMcpPort, hostGraderPort, hostCwePort } = await dockerInstall({ workersPerPool });
     console.log(`  \u2713 pulled ${image}`);
     console.log(`  container started \u2014 MCP=${hostMcpPort} general=${hostGraderPort} CWE=${hostCwePort}`);
@@ -7186,7 +7244,7 @@ var args = process.argv.slice(2);
 var cmd = args[0] || "";
 var subArgs = args.slice(1);
 function printVersion() {
-  console.log("1.5.3");
+  console.log("1.5.5");
 }
 function printHelp() {
   console.log(`Synkro CLI \u2014 runtime safety for AI coding agents