@trops/dash-core 0.1.497 → 0.1.498

package/dist/electron/index.js

@@ -17,7 +17,7 @@ var require$$0$5 = require('@modelcontextprotocol/sdk/client/index.js');
 var require$$1$4 = require('@modelcontextprotocol/sdk/client/stdio.js');
 var require$$0$4 = require('pkce-challenge');
 var require$$2$1 = require('os');
-var require$$11 = require('child_process');
+var require$$12 = require('child_process');
 var require$$3$2 = require('adm-zip');
 var require$$4$1 = require('url');
 var require$$2$2 = require('vm');
@@ -22081,6 +22081,37 @@ var mcpScopeResolver = {
   applyPathScopeToCredentials: applyPathScopeToCredentials$1,
 };
 
+/**
+ * securityFlags.js
+ *
+ * Centralized readers for the two boolean security flags that gate the
+ * MCP allowlist stack:
+ *   - security.enforceWidgetMcpPermissions
+ *   - security.enableJitConsent
+ *
+ * **Default semantics: ON.** A missing settings.json, a missing
+ * `security` block, or an undefined field all yield `true`. Only an
+ * explicit `false` opts out. This is intentional — the security stack
+ * is on by default; users have to actively disable it. The
+ * Privacy & Security panel surfaces the toggles + a confirm-on-disable
+ * dialog so the disable path is deliberate.
+ *
+ * The readers are pure functions of a settings object so the
+ * default-on semantics are pinned by unit tests without touching the
+ * filesystem. The callers in mcpController.js wrap these with
+ * settings.json IO.
+ */
+
+function readEnforceFlag$1(settings) {
+  return settings?.security?.enforceWidgetMcpPermissions !== false;
+}
+
+function readJitFlag$1(settings) {
+  return settings?.security?.enableJitConsent !== false;
+}
+
+var securityFlags = { readEnforceFlag: readEnforceFlag$1, readJitFlag: readJitFlag$1 };
+
 /**
  * mcpController.js
  *
@@ -22108,46 +22139,42 @@ const responseCache$2 = responseCache_1;
 const { gateToolCall, gateToolCallWithJit } = permissionGate;
 const { serverKey, parseServerKey } = mcpServerKey;
 const { applyPathScopeToCredentials } = mcpScopeResolver;
+const { readEnforceFlag, readJitFlag } = securityFlags;
 const { app: app$7 } = require$$0$1;
 
-// Read the widget-MCP-enforcement feature flag from settings.json.
-// Default is OFF — flipping ON activates per-widget gating in
-// permissionGate.gateToolCall(). See docs/security/ipc-filesystem-audit.md
-// and electron/mcp/permissionGate.js for context.
-function isWidgetPermissionEnforcementEnabled() {
+/**
+ * Load the user's settings.json (or null on absence/parse error). The
+ * file is small; reading it on every MCP call is acceptable. If we
+ * ever care about overhead, cache + invalidate-on-change.
+ */
+function loadSettingsForFlags() {
   try {
     const settingsPath = path$e.join(
       app$7.getPath("userData"),
       "Dashboard",
       "settings.json",
     );
-    if (!fs$a.existsSync(settingsPath)) return false;
+    if (!fs$a.existsSync(settingsPath)) return null;
     const raw = fs$a.readFileSync(settingsPath, "utf8");
-    const settings = JSON.parse(raw);
-    return Boolean(settings?.security?.enforceWidgetMcpPermissions);
+    return JSON.parse(raw);
   } catch (_e) {
-    return false;
+    return null;
   }
 }
 
-// Just-in-time consent feature flag (Phase 1 of the JIT consent slice).
-// When ON and the gate would deny for "no grant", we pause the call
-// and prompt the user via the JitConsentModal. Default OFF — the gate
-// fails closed as before until the user opts in.
+// MCP enforcement flag. **Default ON** — only an explicit
+// `security.enforceWidgetMcpPermissions: false` in settings.json opts
+// out. The Privacy & Security panel surfaces a UI toggle with a
+// confirm-on-disable dialog. See electron/utils/securityFlags.js for
+// the pinned default semantics.
+function isWidgetPermissionEnforcementEnabled() {
+  return readEnforceFlag(loadSettingsForFlags());
+}
+
+// JIT consent flag. **Default ON.** Same semantics as the enforcement
+// flag — explicit false to opt out, otherwise on.
 function isJitConsentEnabled() {
-  try {
-    const settingsPath = path$e.join(
-      app$7.getPath("userData"),
-      "Dashboard",
-      "settings.json",
-    );
-    if (!fs$a.existsSync(settingsPath)) return false;
-    const raw = fs$a.readFileSync(settingsPath, "utf8");
-    const settings = JSON.parse(raw);
-    return Boolean(settings?.security?.enableJitConsent);
-  } catch (_e) {
-    return false;
-  }
+  return readJitFlag(loadSettingsForFlags());
 }
 
 /**
@@ -22284,7 +22311,7 @@ function getShellPath$1() {
     return _shellPath$1;
   }
 
-  const { execSync } = require$$11;
+  const { execSync } = require$$12;
   const fallbackDirs = ["/usr/local/bin", "/opt/homebrew/bin"];
 
   // Scan nvm versions, tracking both latest and best compatible version
@@ -23241,7 +23268,7 @@ const mcpController$3 = {
    * @returns {{ success } | { error, message }}
    */
   runAuth: async (win, mcpConfig, credentials, authCommand) => {
-    const { spawn } = require$$11;
+    const { spawn } = require$$12;
 
     const env = cleanEnvForChildProcess();
 
@@ -48641,7 +48668,7 @@ var mcpDashServerController_1 = mcpDashServerController$4;
  * can use the Chat widget without a separate API key.
  */
 
-const { spawn, execSync } = require$$11;
+const { spawn, execSync } = require$$12;
 const {
   LLM_STREAM_DELTA: LLM_STREAM_DELTA$2,
   LLM_STREAM_TOOL_CALL: LLM_STREAM_TOOL_CALL$2,