@trops/dash-core 0.1.498 → 0.1.500

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/dist/electron/index.js +15 -5
  2. package/dist/electron/index.js.map +1 -1
  3. package/dist/index.esm.js +107 -52
  4. package/dist/index.esm.js.map +1 -1
  5. package/dist/index.js +107 -52
  6. package/dist/index.js.map +1 -1
  7. package/package.json +1 -1
package/dist/index.esm.js CHANGED
@@ -49211,6 +49211,40 @@ var EnforcementToggles = function EnforcementToggles() {
49211
49211
  }
49212
49212
  setPendingDisable(null);
49213
49213
  };
49214
+
49215
+ // One-click JIT trigger for testing. Calls the gate via a fake widget
49216
+ // identity that has no grant — the gate denies, JIT escalates, the
49217
+ // modal pops. After approval, the call proceeds to the (nonexistent)
49218
+ // "test-server" and errors with "server not connected"; that's the
49219
+ // expected response since the goal is to exercise the consent flow,
49220
+ // not the server's response.
49221
+ var triggerTestJitPrompt = /*#__PURE__*/function () {
49222
+ var _ref6 = _asyncToGenerator(/*#__PURE__*/_regeneratorRuntime.mark(function _callee5() {
49223
+ var _window$mainApi3, _window$mainApi3$call;
49224
+ return _regeneratorRuntime.wrap(function (_context5) {
49225
+ while (1) switch (_context5.prev = _context5.next) {
49226
+ case 0:
49227
+ _context5.prev = 0;
49228
+ _context5.next = 1;
49229
+ return (_window$mainApi3 = window.mainApi) === null || _window$mainApi3 === void 0 || (_window$mainApi3 = _window$mainApi3.mcp) === null || _window$mainApi3 === void 0 || (_window$mainApi3$call = _window$mainApi3.callTool) === null || _window$mainApi3$call === void 0 ? void 0 : _window$mainApi3$call.call(_window$mainApi3, "test-server", "test_tool", {
49230
+ path: "/tmp/jit-probe.txt"
49231
+ }, null, "@test/jit-probe");
49232
+ case 1:
49233
+ _context5.next = 3;
49234
+ break;
49235
+ case 2:
49236
+ _context5.prev = 2;
49237
+ _context5["catch"](0);
49238
+ case 3:
49239
+ case "end":
49240
+ return _context5.stop();
49241
+ }
49242
+ }, _callee5, null, [[0, 2]]);
49243
+ }));
49244
+ return function triggerTestJitPrompt() {
49245
+ return _ref6.apply(this, arguments);
49246
+ };
49247
+ }();
49214
49248
  return /*#__PURE__*/jsxs("div", {
49215
49249
  className: "flex flex-col space-y-4 border border-gray-700 rounded p-4",
49216
49250
  children: [/*#__PURE__*/jsxs("div", {
@@ -49244,12 +49278,31 @@ var EnforcementToggles = function EnforcementToggles() {
49244
49278
  onChange: handleJitToggle,
49245
49279
  disabled: !enforceEnabled
49246
49280
  })]
49247
- }), /*#__PURE__*/jsx(ConfirmDisableModal, {
49281
+ }), /*#__PURE__*/jsx(ConfirmDisableInline, {
49248
49282
  pending: pendingDisable,
49249
49283
  onCancel: function onCancel() {
49250
49284
  return setPendingDisable(null);
49251
49285
  },
49252
49286
  onConfirm: confirmDisable
49287
+ }), enforceEnabled && jitEnabled && /*#__PURE__*/jsxs("div", {
49288
+ className: "flex flex-row items-center justify-between gap-4 border-t border-gray-800 pt-4",
49289
+ children: [/*#__PURE__*/jsxs("div", {
49290
+ className: "flex flex-col",
49291
+ children: [/*#__PURE__*/jsx("span", {
49292
+ className: "text-sm font-medium text-gray-200",
49293
+ children: "Test JIT consent prompt"
49294
+ }), /*#__PURE__*/jsxs("span", {
49295
+ className: "text-xs text-gray-400 mt-1",
49296
+ children: ["Fires a fake tool call from ", /*#__PURE__*/jsx("code", {
49297
+ children: "@test/jit-probe"
49298
+ }), " to", " ", /*#__PURE__*/jsx("code", {
49299
+ children: "test-server"
49300
+ }), ". The gate runs first (no real server needed), so you'll see the JIT modal exactly as it appears in production. Approve and the call proceeds \u2014 the fake server isn't running, so a \"server not connected\" error follows in the console. That's the expected response; the goal is to validate the consent flow."]
49301
+ })]
49302
+ }), /*#__PURE__*/jsx(Button, {
49303
+ title: "Test prompt",
49304
+ onClick: triggerTestJitPrompt
49305
+ })]
49253
49306
  })]
49254
49307
  });
49255
49308
  };
@@ -49265,57 +49318,59 @@ var DISABLE_COPY = {
49265
49318
  confirmLabel: "Disable prompts"
49266
49319
  }
49267
49320
  };
49268
- var ConfirmDisableModal = function ConfirmDisableModal(_ref6) {
49269
- var pending = _ref6.pending,
49270
- onCancel = _ref6.onCancel,
49271
- onConfirm = _ref6.onConfirm;
49321
+
49322
+ /**
49323
+ * Inline confirmation prompt — rendered directly under the toggles
49324
+ * inside the EnforcementToggles container, NOT as a nested Modal.
49325
+ *
49326
+ * Why inline: the Settings panel itself is already a Modal, so a
49327
+ * nested Modal positions relative to the panel's content area rather
49328
+ * than the viewport, landing visibly off-center. Inline avoids the
49329
+ * nesting entirely; the user keeps context and the warning is
49330
+ * impossible to miss right where the toggle lives.
49331
+ */
49332
+ var ConfirmDisableInline = function ConfirmDisableInline(_ref7) {
49333
+ var pending = _ref7.pending,
49334
+ onCancel = _ref7.onCancel,
49335
+ onConfirm = _ref7.onConfirm;
49272
49336
  if (!pending) return null;
49273
49337
  var copy = DISABLE_COPY[pending.flag];
49274
49338
  if (!copy) return null;
49275
- return /*#__PURE__*/jsx(Modal, {
49276
- isOpen: !!pending,
49277
- setIsOpen: function setIsOpen(open) {
49278
- return !open && onCancel();
49279
- },
49280
- children: /*#__PURE__*/jsxs("div", {
49281
- className: "flex flex-col w-full max-w-md border-2 border-amber-500 rounded",
49282
- children: [/*#__PURE__*/jsx("div", {
49283
- className: "px-5 py-4 border-b border-gray-700",
49284
- children: /*#__PURE__*/jsxs("div", {
49285
- className: "flex flex-row items-center gap-2",
49286
- children: [/*#__PURE__*/jsx(FontAwesomeIcon, {
49287
- icon: "triangle-exclamation",
49288
- className: "h-4 w-4 text-amber-500"
49289
- }), /*#__PURE__*/jsx("span", {
49290
- className: "text-base font-semibold text-gray-100",
49291
- children: copy.title
49292
- })]
49293
- })
49294
- }), /*#__PURE__*/jsx("div", {
49295
- className: "px-5 py-4 text-xs text-gray-300 leading-relaxed",
49296
- children: copy.body
49297
- }), /*#__PURE__*/jsxs("div", {
49298
- className: "flex justify-end gap-2 px-5 py-3 border-t border-gray-700",
49299
- children: [/*#__PURE__*/jsx(Button, {
49300
- title: "Cancel",
49301
- onClick: onCancel
49302
- }), /*#__PURE__*/jsx(Button, {
49303
- title: copy.confirmLabel,
49304
- onClick: onConfirm
49305
- })]
49339
+ return /*#__PURE__*/jsxs("div", {
49340
+ className: "flex flex-col gap-3 border-2 border-amber-500 rounded p-3 mt-2",
49341
+ children: [/*#__PURE__*/jsxs("div", {
49342
+ className: "flex flex-row items-center gap-2",
49343
+ children: [/*#__PURE__*/jsx(FontAwesomeIcon, {
49344
+ icon: "triangle-exclamation",
49345
+ className: "h-4 w-4 text-amber-500"
49346
+ }), /*#__PURE__*/jsx("span", {
49347
+ className: "text-sm font-semibold text-gray-100",
49348
+ children: copy.title
49306
49349
  })]
49307
- })
49350
+ }), /*#__PURE__*/jsx("div", {
49351
+ className: "text-xs text-gray-300 leading-relaxed",
49352
+ children: copy.body
49353
+ }), /*#__PURE__*/jsxs("div", {
49354
+ className: "flex justify-end gap-2",
49355
+ children: [/*#__PURE__*/jsx(Button, {
49356
+ title: "Cancel",
49357
+ onClick: onCancel
49358
+ }), /*#__PURE__*/jsx(Button, {
49359
+ title: copy.confirmLabel,
49360
+ onClick: onConfirm
49361
+ })]
49362
+ })]
49308
49363
  });
49309
49364
  };
49310
- var WidgetGrantRow = function WidgetGrantRow(_ref7) {
49311
- var widgetId = _ref7.widgetId,
49312
- declared = _ref7.declared,
49313
- granted = _ref7.granted,
49314
- hasManifest = _ref7.hasManifest,
49315
- grantOrigin = _ref7.grantOrigin,
49316
- onRevokeWidget = _ref7.onRevokeWidget,
49317
- onRevokeServer = _ref7.onRevokeServer,
49318
- onGrantManually = _ref7.onGrantManually;
49365
+ var WidgetGrantRow = function WidgetGrantRow(_ref8) {
49366
+ var widgetId = _ref8.widgetId,
49367
+ declared = _ref8.declared,
49368
+ granted = _ref8.granted,
49369
+ hasManifest = _ref8.hasManifest,
49370
+ grantOrigin = _ref8.grantOrigin,
49371
+ onRevokeWidget = _ref8.onRevokeWidget,
49372
+ onRevokeServer = _ref8.onRevokeServer,
49373
+ onGrantManually = _ref8.onGrantManually;
49319
49374
  var declaredServers = declared && declared.servers || {};
49320
49375
  var grantedServers = granted && granted.servers || {};
49321
49376
  var allServerNames = Array.from(new Set([].concat(_toConsumableArray(Object.keys(declaredServers)), _toConsumableArray(Object.keys(grantedServers)))));
@@ -49387,10 +49442,10 @@ var WidgetGrantRow = function WidgetGrantRow(_ref7) {
49387
49442
  })]
49388
49443
  });
49389
49444
  };
49390
- var PermsList = function PermsList(_ref8) {
49391
- var label = _ref8.label,
49392
- declaredItems = _ref8.declaredItems,
49393
- grantedItems = _ref8.grantedItems;
49445
+ var PermsList = function PermsList(_ref9) {
49446
+ var label = _ref9.label,
49447
+ declaredItems = _ref9.declaredItems,
49448
+ grantedItems = _ref9.grantedItems;
49394
49449
  if (declaredItems.length === 0 && grantedItems.length === 0) return null;
49395
49450
  var grantedSet = new Set(grantedItems);
49396
49451
  var declaredSet = new Set(declaredItems);
@@ -49446,8 +49501,8 @@ function isServerEntirelyStale(decl, grant) {
49446
49501
  * the user audit grants that were approved against a scanner guess
49447
49502
  * rather than the developer's explicit declaration.
49448
49503
  */
49449
- var GrantOriginBadge = function GrantOriginBadge(_ref9) {
49450
- var origin = _ref9.origin;
49504
+ var GrantOriginBadge = function GrantOriginBadge(_ref0) {
49505
+ var origin = _ref0.origin;
49451
49506
  var styles = {
49452
49507
  declared: {
49453
49508
  label: "declared",