npm - @trenchwork/coder - Versions diffs - 1.5.3 → 1.5.4 - Mend

@trenchwork/coder 1.5.3 → 1.5.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/dist/core/permissionMode.d.ts +2 -0
package/dist/core/permissionMode.d.ts.map +1 -1
package/dist/core/permissionMode.js +30 -1
package/dist/core/permissionMode.js.map +1 -1
package/package.json +1 -1

package/dist/core/permissionMode.d.ts CHANGED Viewed

@@ -24,6 +24,8 @@ export declare function setPermissionMode(mode: PermissionMode): void;
 /** Advance to the next mode in the cycle and return it (the Shift+Tab action). */
 export declare function cyclePermissionMode(): PermissionMode;
 export declare function isMutatingTool(name: string): boolean;
+/** True when a tool is safe to run in plan mode (cannot mutate the workspace). */
+export declare function isPlanModeReadOnly(name: string): boolean;
 export declare function isEditTool(name: string): boolean;
 /**
  * The error string a tool returns when plan mode forbids it, or null when the

package/dist/core/permissionMode.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"permissionMode.d.ts","sourceRoot":"","sources":["../../src/core/permissionMode.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;GAmBG;AAEH,MAAM,MAAM,cAAc,GAAG,SAAS,GAAG,aAAa,GAAG,MAAM,CAAC;AAMhE,wBAAgB,iBAAiB,IAAI,cAAc,CAElD;AAED,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,cAAc,GAAG,IAAI,CAE5D;AAED,kFAAkF;AAClF,wBAAgB,mBAAmB,IAAI,cAAc,CAGpD;~~AAiBD~~,wBAAgB,cAAc,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAEpD;AAED,wBAAgB,UAAU,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAEhD;AAED;;;;GAIG;AACH,wBAAgB,aAAa,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,~~CAI7D~~;AAED,yFAAyF;AACzF,wBAAgB,mBAAmB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAE7D;AAED,MAAM,WAAW,qBAAqB;IACpC,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,OAAO,CAAC;CACjB;AAED;;;;GAIG;AACH,wBAAgB,mBAAmB,CAAC,IAAI,GAAE,cAAwB,GAAG,qBAAqB,EAAE,CAM3F;AAED,kEAAkE;AAClE,wBAAgB,cAAc,CAAC,IAAI,GAAE,cAAwB,GAAG,MAAM,CAErE;AAED;;;;;GAKG;AACH,wBAAgB,oBAAoB,CAAC,IAAI,GAAE,cAAwB,GAAG,MAAM,GAAG,IAAI,CAMlF"}
1	+ {"version":3,"file":"permissionMode.d.ts","sourceRoot":"","sources":["../../src/core/permissionMode.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;GAmBG;AAEH,MAAM,MAAM,cAAc,GAAG,SAAS,GAAG,aAAa,GAAG,MAAM,CAAC;AAMhE,wBAAgB,iBAAiB,IAAI,cAAc,CAElD;AAED,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,cAAc,GAAG,IAAI,CAE5D;AAED,kFAAkF;AAClF,wBAAgB,mBAAmB,IAAI,cAAc,CAGpD;AA0CD,wBAAgB,cAAc,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAEpD;AAED,kFAAkF;AAClF,wBAAgB,kBAAkB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAExD;AAED,wBAAgB,UAAU,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAEhD;AAED;;;;GAIG;AACH,wBAAgB,aAAa,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAK7D;AAED,yFAAyF;AACzF,wBAAgB,mBAAmB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAE7D;AAED,MAAM,WAAW,qBAAqB;IACpC,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,OAAO,CAAC;CACjB;AAED;;;;GAIG;AACH,wBAAgB,mBAAmB,CAAC,IAAI,GAAE,cAAwB,GAAG,qBAAqB,EAAE,CAM3F;AAED,kEAAkE;AAClE,wBAAgB,cAAc,CAAC,IAAI,GAAE,cAAwB,GAAG,MAAM,CAErE;AAED;;;;;GAKG;AACH,wBAAgB,oBAAoB,CAAC,IAAI,GAAE,cAAwB,GAAG,MAAM,GAAG,IAAI,CAMlF"}

package/dist/core/permissionMode.js CHANGED Viewed

@@ -45,9 +45,37 @@ const EDIT_TOOLS = new Set([
     'write', 'write_file', 'edit', 'edit_file', 'multiedit', 'multi_edit',
     'delete_file', 'notebookedit', 'notebook_edit',
 ]);
+// Plan mode is DENY-BY-DEFAULT: only tools that cannot change the filesystem,
+// the repo, processes, or spawn something that could are allowed; everything
+// else is blocked. This is the safe-by-default inverse of an allowlist of
+// mutators — a tool added later is blocked in plan mode until it's explicitly
+// vetted here as read-only, so plan mode can't silently leak (the old allowlist
+// missed search_replace, the `git` tool, git_smart_commit, git_create_pr,
+// GitRestore, Skill, Agent — all of which could mutate despite "read-only").
+// bash is NOT here: its args can do anything. TodoWrite IS, because writing the
+// plan is the whole point of plan mode. HITL prompts ask the user; they don't
+// touch the workspace.
+const PLAN_MODE_READONLY = new Set([
+    // file / code reads
+    'read', 'read_file', 'list_files', 'file_exists', 'glob', 'grep', 'search',
+    // web reads
+    'web_fetch', 'webfetch', 'web_search', 'websearch', 'webextract',
+    // planning artifacts
+    'todoread', 'todowrite',
+    // background / subagent + git reads
+    'bashoutput', 'agent_status', 'agent_output', 'agent_list', 'githistory',
+    // memory reads
+    'memory_load', 'memory_list',
+    // misc reads / user interaction
+    'list_skills', 'hitl_status', 'hitl_decision', 'hitl_select', 'hitl_yesno', 'hitl_approval',
+]);
 export function isMutatingTool(name) {
     return MUTATING_TOOLS.has((name || '').toLowerCase());
 }
+/** True when a tool is safe to run in plan mode (cannot mutate the workspace). */
+export function isPlanModeReadOnly(name) {
+    return PLAN_MODE_READONLY.has((name || '').toLowerCase());
+}
 export function isEditTool(name) {
     return EDIT_TOOLS.has((name || '').toLowerCase());
 }
@@ -59,7 +87,8 @@ export function isEditTool(name) {
 export function planModeBlock(toolName) {
     if (current !== 'plan')
         return null;
-    if (!isMutatingTool(toolName))
+    // Deny-by-default: allow only vetted read-only tools, block everything else.
+    if (isPlanModeReadOnly(toolName))
         return null;
     return `Error: ${toolName} is disabled in plan mode (read-only). Investigate without changing anything, then present a concrete plan; the user approves it before any edits or commands run. Press Shift+Tab to leave plan mode.`;
 }

package/dist/core/permissionMode.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"permissionMode.js","sourceRoot":"","sources":["../../src/core/permissionMode.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;GAmBG;AAIH,MAAM,KAAK,GAA8B,CAAC,SAAS,EAAE,aAAa,EAAE,MAAM,CAAC,CAAC;AAE5E,IAAI,OAAO,GAAmB,SAAS,CAAC;AAExC,MAAM,UAAU,iBAAiB;IAC/B,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,MAAM,UAAU,iBAAiB,CAAC,IAAoB;IACpD,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC;QAAE,OAAO,GAAG,IAAI,CAAC;AAC3C,CAAC;AAED,kFAAkF;AAClF,MAAM,UAAU,mBAAmB;IACjC,OAAO,GAAG,KAAK,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC,MAAM,CAAE,CAAC;IAC9D,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,6EAA6E;AAC7E,iEAAiE;AACjE,oEAAoE;AACpE,MAAM,cAAc,GAAG,IAAI,GAAG,CAAC;IAC7B,OAAO,EAAE,YAAY,EAAE,MAAM,EAAE,WAAW,EAAE,WAAW,EAAE,YAAY;IACrE,aAAa,EAAE,QAAQ,EAAE,cAAc,EAAE,eAAe;IACxD,YAAY,EAAE,UAAU;IACxB,MAAM,EAAE,cAAc,EAAE,iBAAiB,EAAE,aAAa,EAAE,OAAO;CAClE,CAAC,CAAC;AAEH,MAAM,UAAU,GAAG,IAAI,GAAG,CAAC;IACzB,OAAO,EAAE,YAAY,EAAE,MAAM,EAAE,WAAW,EAAE,WAAW,EAAE,YAAY;IACrE,aAAa,EAAE,cAAc,EAAE,eAAe;CAC/C,CAAC,CAAC;AAEH,MAAM,UAAU,cAAc,CAAC,IAAY;IACzC,OAAO,cAAc,CAAC,GAAG,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC;AACxD,CAAC;AAED,MAAM,UAAU,UAAU,CAAC,IAAY;IACrC,OAAO,UAAU,CAAC,GAAG,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC;AACpD,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,aAAa,CAAC,QAAgB;IAC5C,IAAI,OAAO,KAAK,MAAM;QAAE,OAAO,IAAI,CAAC;IACpC,IAAI,~~CAAC~~,~~cAAc,~~CAAC,QAAQ,CAAC;QAAE,OAAO,IAAI,CAAC;~~IAC3C~~,OAAO,UAAU,QAAQ,wMAAwM,CAAC;AACpO,CAAC;AAED,yFAAyF;AACzF,MAAM,UAAU,mBAAmB,CAAC,QAAgB;IAClD,OAAO,OAAO,KAAK,aAAa,IAAI,UAAU,CAAC,QAAQ,CAAC,CAAC;AAC3D,CAAC;AAOD;;;;GAIG;AACH,MAAM,UAAU,mBAAmB,CAAC,OAAuB,OAAO;IAChE,OAAO;QACL,EAAE,KAAK,EAAE,WAAW,EAAE,MAAM,EAAE,IAAI,KAAK,SAAS,EAAE;QAClD,EAAE,KAAK,EAAE,iBAAiB,EAAE,MAAM,EAAE,IAAI,KAAK,aAAa,EAAE;QAC5D,EAAE,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,IAAI,KAAK,MAAM,EAAE;KAC7C,CAAC;AACJ,CAAC;AAED,kEAAkE;AAClE,MAAM,UAAU,cAAc,CAAC,OAAuB,OAAO;IAC3D,OAAO,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,6BAA6B,CAAC,CAAC,CAAC,oBAAoB,CAAC;AACnF,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,oBAAoB,CAAC,OAAuB,OAAO;IACjE,QAAQ,IAAI,EAAE,CAAC;QACb,KAAK,aAAa,CAAC,CAAC,OAAO,cAAc,CAAC;QAC1C,KAAK,MAAM,CAAC,CAAC,OAAO,MAAM,CAAC;QAC3B,OAAO,CAAC,CAAC,OAAO,IAAI,CAAC;IACvB,CAAC;AACH,CAAC"}
1	+ {"version":3,"file":"permissionMode.js","sourceRoot":"","sources":["../../src/core/permissionMode.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;GAmBG;AAIH,MAAM,KAAK,GAA8B,CAAC,SAAS,EAAE,aAAa,EAAE,MAAM,CAAC,CAAC;AAE5E,IAAI,OAAO,GAAmB,SAAS,CAAC;AAExC,MAAM,UAAU,iBAAiB;IAC/B,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,MAAM,UAAU,iBAAiB,CAAC,IAAoB;IACpD,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC;QAAE,OAAO,GAAG,IAAI,CAAC;AAC3C,CAAC;AAED,kFAAkF;AAClF,MAAM,UAAU,mBAAmB;IACjC,OAAO,GAAG,KAAK,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC,MAAM,CAAE,CAAC;IAC9D,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,6EAA6E;AAC7E,iEAAiE;AACjE,oEAAoE;AACpE,MAAM,cAAc,GAAG,IAAI,GAAG,CAAC;IAC7B,OAAO,EAAE,YAAY,EAAE,MAAM,EAAE,WAAW,EAAE,WAAW,EAAE,YAAY;IACrE,aAAa,EAAE,QAAQ,EAAE,cAAc,EAAE,eAAe;IACxD,YAAY,EAAE,UAAU;IACxB,MAAM,EAAE,cAAc,EAAE,iBAAiB,EAAE,aAAa,EAAE,OAAO;CAClE,CAAC,CAAC;AAEH,MAAM,UAAU,GAAG,IAAI,GAAG,CAAC;IACzB,OAAO,EAAE,YAAY,EAAE,MAAM,EAAE,WAAW,EAAE,WAAW,EAAE,YAAY;IACrE,aAAa,EAAE,cAAc,EAAE,eAAe;CAC/C,CAAC,CAAC;AAEH,8EAA8E;AAC9E,6EAA6E;AAC7E,0EAA0E;AAC1E,8EAA8E;AAC9E,gFAAgF;AAChF,0EAA0E;AAC1E,6EAA6E;AAC7E,gFAAgF;AAChF,8EAA8E;AAC9E,uBAAuB;AACvB,MAAM,kBAAkB,GAAG,IAAI,GAAG,CAAC;IACjC,oBAAoB;IACpB,MAAM,EAAE,WAAW,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ;IAC1E,YAAY;IACZ,WAAW,EAAE,UAAU,EAAE,YAAY,EAAE,WAAW,EAAE,YAAY;IAChE,qBAAqB;IACrB,UAAU,EAAE,WAAW;IACvB,oCAAoC;IACpC,YAAY,EAAE,cAAc,EAAE,cAAc,EAAE,YAAY,EAAE,YAAY;IACxE,eAAe;IACf,aAAa,EAAE,aAAa;IAC5B,gCAAgC;IAChC,aAAa,EAAE,aAAa,EAAE,eAAe,EAAE,aAAa,EAAE,YAAY,EAAE,eAAe;CAC5F,CAAC,CAAC;AAEH,MAAM,UAAU,cAAc,CAAC,IAAY;IACzC,OAAO,cAAc,CAAC,GAAG,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC;AACxD,CAAC;AAED,kFAAkF;AAClF,MAAM,UAAU,kBAAkB,CAAC,IAAY;IAC7C,OAAO,kBAAkB,CAAC,GAAG,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC;AAC5D,CAAC;AAED,MAAM,UAAU,UAAU,CAAC,IAAY;IACrC,OAAO,UAAU,CAAC,GAAG,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC;AACpD,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,aAAa,CAAC,QAAgB;IAC5C,IAAI,OAAO,KAAK,MAAM;QAAE,OAAO,IAAI,CAAC;IACpC,6EAA6E;IAC7E,IAAI,kBAAkB,CAAC,QAAQ,CAAC;QAAE,OAAO,IAAI,CAAC;IAC9C,OAAO,UAAU,QAAQ,wMAAwM,CAAC;AACpO,CAAC;AAED,yFAAyF;AACzF,MAAM,UAAU,mBAAmB,CAAC,QAAgB;IAClD,OAAO,OAAO,KAAK,aAAa,IAAI,UAAU,CAAC,QAAQ,CAAC,CAAC;AAC3D,CAAC;AAOD;;;;GAIG;AACH,MAAM,UAAU,mBAAmB,CAAC,OAAuB,OAAO;IAChE,OAAO;QACL,EAAE,KAAK,EAAE,WAAW,EAAE,MAAM,EAAE,IAAI,KAAK,SAAS,EAAE;QAClD,EAAE,KAAK,EAAE,iBAAiB,EAAE,MAAM,EAAE,IAAI,KAAK,aAAa,EAAE;QAC5D,EAAE,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,IAAI,KAAK,MAAM,EAAE;KAC7C,CAAC;AACJ,CAAC;AAED,kEAAkE;AAClE,MAAM,UAAU,cAAc,CAAC,OAAuB,OAAO;IAC3D,OAAO,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,6BAA6B,CAAC,CAAC,CAAC,oBAAoB,CAAC;AACnF,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,oBAAoB,CAAC,OAAuB,OAAO;IACjE,QAAQ,IAAI,EAAE,CAAC;QACb,KAAK,aAAa,CAAC,CAAC,OAAO,cAAc,CAAC;QAC1C,KAAK,MAAM,CAAC,CAAC,OAAO,MAAM,CAAC;QAC3B,OAAO,CAAC,CAAC,OAAO,IAAI,CAAC;IACvB,CAAC;AACH,CAAC"}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@trenchwork/coder",
-  "version": "1.5.3",
+  "version": "1.5.4",
   "description": "Claude Code–class Ink TUI agent for DeepSeek v4 Pro (max thought, ultracode always on). Live follow-up queue, Shift+Tab permission modes, colored diffs, adversarial verifier — your keys, no login. Independent; inspired by Project Glasswing.",
   "deepseek": {
     "rulebookSchema": "src/contracts/schemas/agent-rules.schema.json"