@trops/dash-core 0.1.494 → 0.1.495
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.esm.js +60 -4
- package/dist/index.esm.js.map +1 -1
- package/dist/index.js +60 -4
- package/dist/index.js.map +1 -1
- package/package.json +1 -1
package/dist/index.js
CHANGED
|
@@ -49210,6 +49210,7 @@ var WidgetGrantRow = function WidgetGrantRow(_ref6) {
|
|
|
49210
49210
|
}), allServerNames.map(function (serverName) {
|
|
49211
49211
|
var decl = declaredServers[serverName] || {};
|
|
49212
49212
|
var grant = grantedServers[serverName];
|
|
49213
|
+
var allStale = isServerEntirelyStale(decl, grant);
|
|
49213
49214
|
return /*#__PURE__*/jsxRuntime.jsxs("div", {
|
|
49214
49215
|
className: "flex flex-col space-y-2 border-t border-gray-800 pt-2",
|
|
49215
49216
|
children: [/*#__PURE__*/jsxRuntime.jsxs("div", {
|
|
@@ -49226,6 +49227,9 @@ var WidgetGrantRow = function WidgetGrantRow(_ref6) {
|
|
|
49226
49227
|
return onRevokeServer(serverName);
|
|
49227
49228
|
}
|
|
49228
49229
|
})]
|
|
49230
|
+
}), allStale && /*#__PURE__*/jsxRuntime.jsx("div", {
|
|
49231
|
+
className: "text-xs text-amber-400 bg-amber-900 bg-opacity-20 border border-amber-700 rounded px-2 py-1.5",
|
|
49232
|
+
children: "All grants on this server are no longer in the manifest \u2014 the widget likely no longer uses this server. Consider revoking."
|
|
49229
49233
|
}), /*#__PURE__*/jsxRuntime.jsx(PermsList, {
|
|
49230
49234
|
label: "Tools",
|
|
49231
49235
|
declaredItems: decl.tools || [],
|
|
@@ -49259,17 +49263,44 @@ var PermsList = function PermsList(_ref7) {
|
|
|
49259
49263
|
}), all.map(function (item) {
|
|
49260
49264
|
var isGranted = grantedSet.has(item);
|
|
49261
49265
|
var isDeclared = declaredSet.has(item);
|
|
49266
|
+
var isStale = isGranted && !isDeclared;
|
|
49262
49267
|
return /*#__PURE__*/jsxRuntime.jsxs("span", {
|
|
49263
|
-
className: "text-xs font-mono break-all ".concat(
|
|
49264
|
-
children: [item,
|
|
49265
|
-
className: "ml-2
|
|
49266
|
-
children: "(no longer
|
|
49268
|
+
className: "text-xs font-mono break-all ".concat(isStale ? "text-amber-400" : isGranted ? "opacity-100" : "opacity-50 line-through"),
|
|
49269
|
+
children: [item, isStale && /*#__PURE__*/jsxRuntime.jsx("span", {
|
|
49270
|
+
className: "ml-2 not-italic font-sans normal-case tracking-normal text-amber-400",
|
|
49271
|
+
children: "(stale \u2014 widget no longer requests this; consider revoking)"
|
|
49267
49272
|
})]
|
|
49268
49273
|
}, item);
|
|
49269
49274
|
})]
|
|
49270
49275
|
});
|
|
49271
49276
|
};
|
|
49272
49277
|
|
|
49278
|
+
/**
|
|
49279
|
+
* True when the granted entry has at least one item AND every granted
|
|
49280
|
+
* item is missing from the current declared block (i.e. all of this
|
|
49281
|
+
* server's grants are unused by the current manifest). Used to surface
|
|
49282
|
+
* a "this whole server's grant looks unused" suggestion at the row level.
|
|
49283
|
+
*/
|
|
49284
|
+
function isServerEntirelyStale(decl, grant) {
|
|
49285
|
+
if (!grant) return false;
|
|
49286
|
+
var declTools = new Set(decl.tools || []);
|
|
49287
|
+
var declRead = new Set(decl.readPaths || []);
|
|
49288
|
+
var declWrite = new Set(decl.writePaths || []);
|
|
49289
|
+
var grantedTools = grant.tools || [];
|
|
49290
|
+
var grantedRead = grant.readPaths || [];
|
|
49291
|
+
var grantedWrite = grant.writePaths || [];
|
|
49292
|
+
var total = grantedTools.length + grantedRead.length + grantedWrite.length;
|
|
49293
|
+
if (total === 0) return false;
|
|
49294
|
+
var stale = grantedTools.every(function (t) {
|
|
49295
|
+
return !declTools.has(t);
|
|
49296
|
+
}) && grantedRead.every(function (p) {
|
|
49297
|
+
return !declRead.has(p);
|
|
49298
|
+
}) && grantedWrite.every(function (p) {
|
|
49299
|
+
return !declWrite.has(p);
|
|
49300
|
+
});
|
|
49301
|
+
return stale;
|
|
49302
|
+
}
|
|
49303
|
+
|
|
49273
49304
|
/**
|
|
49274
49305
|
* Renders a small badge showing how the user got to this grant. Helps
|
|
49275
49306
|
* the user audit grants that were approved against a scanner guess
|
|
@@ -49373,6 +49404,31 @@ var EXAMPLE_FIXTURES = [{
|
|
|
49373
49404
|
}
|
|
49374
49405
|
}
|
|
49375
49406
|
}
|
|
49407
|
+
}, {
|
|
49408
|
+
caption: "Stale grant — the widget upgraded and dropped readPaths from its manifest, but the user's grant is still present.",
|
|
49409
|
+
widgetId: "@example/upgraded-widget",
|
|
49410
|
+
hasManifest: true,
|
|
49411
|
+
grantOrigin: "declared",
|
|
49412
|
+
declared: {
|
|
49413
|
+
// Manifest now declares only the tool, no paths.
|
|
49414
|
+
servers: {
|
|
49415
|
+
filesystem: {
|
|
49416
|
+
tools: ["read_file"],
|
|
49417
|
+
readPaths: [],
|
|
49418
|
+
writePaths: []
|
|
49419
|
+
}
|
|
49420
|
+
}
|
|
49421
|
+
},
|
|
49422
|
+
granted: {
|
|
49423
|
+
grantOrigin: "declared",
|
|
49424
|
+
servers: {
|
|
49425
|
+
filesystem: {
|
|
49426
|
+
tools: ["read_file"],
|
|
49427
|
+
readPaths: ["~/Documents/old-notes"],
|
|
49428
|
+
writePaths: []
|
|
49429
|
+
}
|
|
49430
|
+
}
|
|
49431
|
+
}
|
|
49376
49432
|
}];
|
|
49377
49433
|
var noop = function noop() {};
|
|
49378
49434
|
|