npm - @trops/dash-core - Versions diffs - 0.1.494 → 0.1.496 - Mend

@trops/dash-core 0.1.494 → 0.1.496

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/dist/index.js CHANGED Viewed

@@ -48852,7 +48852,7 @@ var GrantManuallyModal = function GrantManuallyModal(_ref) {
     isOpen: isOpen,
     setIsOpen: setIsOpen,
     children: /*#__PURE__*/jsxRuntime.jsxs("div", {
-      className: "flex flex-col w-full max-w-xl ring-2 ring-amber-500",
+      className: "flex flex-col w-full max-w-xl border-2 border-amber-500 rounded",
       children: [/*#__PURE__*/jsxRuntime.jsxs("div", {
         className: "px-5 py-4 border-b border-gray-700",
         children: [/*#__PURE__*/jsxRuntime.jsxs("div", {
@@ -48871,20 +48871,12 @@ var GrantManuallyModal = function GrantManuallyModal(_ref) {
             children: "Server name"
           }), /*#__PURE__*/jsxRuntime.jsx("input", {
             type: "text",
-            list: "known-mcp-servers",
             value: serverName,
             onChange: function onChange(e) {
               return setServerName(e.target.value);
             },
-            placeholder: "e.g. filesystem, github, slack",
-            className: "text-xs px-2 py-1.5 rounded bg-gray-800 border border-gray-700"
-          }), /*#__PURE__*/jsxRuntime.jsx("datalist", {
-            id: "known-mcp-servers",
-            children: knownServerNames.map(function (n) {
-              return /*#__PURE__*/jsxRuntime.jsx("option", {
-                value: n
-              }, n);
-            })
+            placeholder: knownServerNames.length > 0 ? "e.g. ".concat(knownServerNames.slice(0, 3).join(", ")) : "e.g. filesystem, github, slack",
+            className: "text-xs px-2 py-1.5 rounded bg-gray-800 border border-gray-700 text-gray-200"
           })]
         }), /*#__PURE__*/jsxRuntime.jsxs("div", {
           className: "flex flex-col gap-1",
@@ -48898,7 +48890,7 @@ var GrantManuallyModal = function GrantManuallyModal(_ref) {
               return setToolsText(e.target.value);
             },
             placeholder: "e.g. read_file, list_directory",
-            className: "text-xs px-2 py-1.5 rounded bg-gray-800 border border-gray-700 font-mono"
+            className: "text-xs px-2 py-1.5 rounded bg-gray-800 border border-gray-700 text-gray-200 font-mono"
           })]
         }), /*#__PURE__*/jsxRuntime.jsxs("div", {
           className: "flex flex-col gap-1",
@@ -48912,7 +48904,7 @@ var GrantManuallyModal = function GrantManuallyModal(_ref) {
             },
             placeholder: "/Users/jane/Documents\n/tmp/notes",
             rows: 3,
-            className: "text-xs px-2 py-1.5 rounded bg-gray-800 border border-gray-700 font-mono"
+            className: "text-xs px-2 py-1.5 rounded bg-gray-800 border border-gray-700 text-gray-200 font-mono"
           })]
         }), /*#__PURE__*/jsxRuntime.jsxs("div", {
           className: "flex flex-col gap-1",
@@ -48926,10 +48918,10 @@ var GrantManuallyModal = function GrantManuallyModal(_ref) {
             },
             placeholder: "/tmp/output",
             rows: 3,
-            className: "text-xs px-2 py-1.5 rounded bg-gray-800 border border-gray-700 font-mono"
+            className: "text-xs px-2 py-1.5 rounded bg-gray-800 border border-gray-700 text-gray-200 font-mono"
           })]
         }), error && /*#__PURE__*/jsxRuntime.jsx("div", {
-          className: "text-xs text-red-400 bg-red-900 bg-opacity-20 border border-red-700 rounded px-3 py-2",
+          className: "text-xs text-red-400 bg-red-950 border border-red-700 rounded px-3 py-2",
           children: error
         })]
       }), /*#__PURE__*/jsxRuntime.jsxs("div", {
@@ -49210,6 +49202,7 @@ var WidgetGrantRow = function WidgetGrantRow(_ref6) {
     }), allServerNames.map(function (serverName) {
       var decl = declaredServers[serverName] || {};
       var grant = grantedServers[serverName];
+      var allStale = isServerEntirelyStale(decl, grant);
       return /*#__PURE__*/jsxRuntime.jsxs("div", {
         className: "flex flex-col space-y-2 border-t border-gray-800 pt-2",
         children: [/*#__PURE__*/jsxRuntime.jsxs("div", {
@@ -49226,6 +49219,9 @@ var WidgetGrantRow = function WidgetGrantRow(_ref6) {
               return onRevokeServer(serverName);
             }
           })]
+        }), allStale && /*#__PURE__*/jsxRuntime.jsx("div", {
+          className: "text-xs text-amber-400 bg-amber-900 bg-opacity-20 border border-amber-700 rounded px-2 py-1.5",
+          children: "All grants on this server are no longer in the manifest \u2014 the widget likely no longer uses this server. Consider revoking."
         }), /*#__PURE__*/jsxRuntime.jsx(PermsList, {
           label: "Tools",
           declaredItems: decl.tools || [],
@@ -49259,17 +49255,44 @@ var PermsList = function PermsList(_ref7) {
     }), all.map(function (item) {
       var isGranted = grantedSet.has(item);
       var isDeclared = declaredSet.has(item);
+      var isStale = isGranted && !isDeclared;
       return /*#__PURE__*/jsxRuntime.jsxs("span", {
-        className: "text-xs font-mono break-all ".concat(isGranted ? "opacity-100" : isDeclared ? "opacity-50 line-through" : "opacity-100 text-amber-400"),
-        children: [item, !isDeclared && isGranted && /*#__PURE__*/jsxRuntime.jsx("span", {
-          className: "ml-2 opacity-60",
-          children: "(no longer declared)"
+        className: "text-xs font-mono break-all ".concat(isStale ? "text-amber-400" : isGranted ? "opacity-100" : "opacity-50 line-through"),
+        children: [item, isStale && /*#__PURE__*/jsxRuntime.jsx("span", {
+          className: "ml-2 not-italic font-sans normal-case tracking-normal text-amber-400",
+          children: "(stale \u2014 widget no longer requests this; consider revoking)"
         })]
       }, item);
     })]
   });
 };
+/**
+ * True when the granted entry has at least one item AND every granted
+ * item is missing from the current declared block (i.e. all of this
+ * server's grants are unused by the current manifest). Used to surface
+ * a "this whole server's grant looks unused" suggestion at the row level.
+ */
+function isServerEntirelyStale(decl, grant) {
+  if (!grant) return false;
+  var declTools = new Set(decl.tools || []);
+  var declRead = new Set(decl.readPaths || []);
+  var declWrite = new Set(decl.writePaths || []);
+  var grantedTools = grant.tools || [];
+  var grantedRead = grant.readPaths || [];
+  var grantedWrite = grant.writePaths || [];
+  var total = grantedTools.length + grantedRead.length + grantedWrite.length;
+  if (total === 0) return false;
+  var stale = grantedTools.every(function (t) {
+    return !declTools.has(t);
+  }) && grantedRead.every(function (p) {
+    return !declRead.has(p);
+  }) && grantedWrite.every(function (p) {
+    return !declWrite.has(p);
+  });
+  return stale;
+}
 /**
  * Renders a small badge showing how the user got to this grant. Helps
  * the user audit grants that were approved against a scanner guess
@@ -49373,6 +49396,31 @@ var EXAMPLE_FIXTURES = [{
       }
     }
   }
+}, {
+  caption: "Stale grant — the widget upgraded and dropped readPaths from its manifest, but the user's grant is still present.",
+  widgetId: "@example/upgraded-widget",
+  hasManifest: true,
+  grantOrigin: "declared",
+  declared: {
+    // Manifest now declares only the tool, no paths.
+    servers: {
+      filesystem: {
+        tools: ["read_file"],
+        readPaths: [],
+        writePaths: []
+      }
+    }
+  },
+  granted: {
+    grantOrigin: "declared",
+    servers: {
+      filesystem: {
+        tools: ["read_file"],
+        readPaths: ["~/Documents/old-notes"],
+        writePaths: []
+      }
+    }
+  }
 }];
 var noop = function noop() {};