@trops/dash-core 0.1.499 → 0.1.500
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/electron/index.js +15 -5
- package/dist/electron/index.js.map +1 -1
- package/dist/index.esm.js +72 -19
- package/dist/index.esm.js.map +1 -1
- package/dist/index.js +72 -19
- package/dist/index.js.map +1 -1
- package/package.json +1 -1
package/dist/index.js
CHANGED
|
@@ -49229,6 +49229,40 @@ var EnforcementToggles = function EnforcementToggles() {
|
|
|
49229
49229
|
}
|
|
49230
49230
|
setPendingDisable(null);
|
|
49231
49231
|
};
|
|
49232
|
+
|
|
49233
|
+
// One-click JIT trigger for testing. Calls the gate via a fake widget
|
|
49234
|
+
// identity that has no grant — the gate denies, JIT escalates, the
|
|
49235
|
+
// modal pops. After approval, the call proceeds to the (nonexistent)
|
|
49236
|
+
// "test-server" and errors with "server not connected"; that's the
|
|
49237
|
+
// expected response since the goal is to exercise the consent flow,
|
|
49238
|
+
// not the server's response.
|
|
49239
|
+
var triggerTestJitPrompt = /*#__PURE__*/function () {
|
|
49240
|
+
var _ref6 = _asyncToGenerator(/*#__PURE__*/_regeneratorRuntime.mark(function _callee5() {
|
|
49241
|
+
var _window$mainApi3, _window$mainApi3$call;
|
|
49242
|
+
return _regeneratorRuntime.wrap(function (_context5) {
|
|
49243
|
+
while (1) switch (_context5.prev = _context5.next) {
|
|
49244
|
+
case 0:
|
|
49245
|
+
_context5.prev = 0;
|
|
49246
|
+
_context5.next = 1;
|
|
49247
|
+
return (_window$mainApi3 = window.mainApi) === null || _window$mainApi3 === void 0 || (_window$mainApi3 = _window$mainApi3.mcp) === null || _window$mainApi3 === void 0 || (_window$mainApi3$call = _window$mainApi3.callTool) === null || _window$mainApi3$call === void 0 ? void 0 : _window$mainApi3$call.call(_window$mainApi3, "test-server", "test_tool", {
|
|
49248
|
+
path: "/tmp/jit-probe.txt"
|
|
49249
|
+
}, null, "@test/jit-probe");
|
|
49250
|
+
case 1:
|
|
49251
|
+
_context5.next = 3;
|
|
49252
|
+
break;
|
|
49253
|
+
case 2:
|
|
49254
|
+
_context5.prev = 2;
|
|
49255
|
+
_context5["catch"](0);
|
|
49256
|
+
case 3:
|
|
49257
|
+
case "end":
|
|
49258
|
+
return _context5.stop();
|
|
49259
|
+
}
|
|
49260
|
+
}, _callee5, null, [[0, 2]]);
|
|
49261
|
+
}));
|
|
49262
|
+
return function triggerTestJitPrompt() {
|
|
49263
|
+
return _ref6.apply(this, arguments);
|
|
49264
|
+
};
|
|
49265
|
+
}();
|
|
49232
49266
|
return /*#__PURE__*/jsxRuntime.jsxs("div", {
|
|
49233
49267
|
className: "flex flex-col space-y-4 border border-gray-700 rounded p-4",
|
|
49234
49268
|
children: [/*#__PURE__*/jsxRuntime.jsxs("div", {
|
|
@@ -49268,6 +49302,25 @@ var EnforcementToggles = function EnforcementToggles() {
|
|
|
49268
49302
|
return setPendingDisable(null);
|
|
49269
49303
|
},
|
|
49270
49304
|
onConfirm: confirmDisable
|
|
49305
|
+
}), enforceEnabled && jitEnabled && /*#__PURE__*/jsxRuntime.jsxs("div", {
|
|
49306
|
+
className: "flex flex-row items-center justify-between gap-4 border-t border-gray-800 pt-4",
|
|
49307
|
+
children: [/*#__PURE__*/jsxRuntime.jsxs("div", {
|
|
49308
|
+
className: "flex flex-col",
|
|
49309
|
+
children: [/*#__PURE__*/jsxRuntime.jsx("span", {
|
|
49310
|
+
className: "text-sm font-medium text-gray-200",
|
|
49311
|
+
children: "Test JIT consent prompt"
|
|
49312
|
+
}), /*#__PURE__*/jsxRuntime.jsxs("span", {
|
|
49313
|
+
className: "text-xs text-gray-400 mt-1",
|
|
49314
|
+
children: ["Fires a fake tool call from ", /*#__PURE__*/jsxRuntime.jsx("code", {
|
|
49315
|
+
children: "@test/jit-probe"
|
|
49316
|
+
}), " to", " ", /*#__PURE__*/jsxRuntime.jsx("code", {
|
|
49317
|
+
children: "test-server"
|
|
49318
|
+
}), ". The gate runs first (no real server needed), so you'll see the JIT modal exactly as it appears in production. Approve and the call proceeds \u2014 the fake server isn't running, so a \"server not connected\" error follows in the console. That's the expected response; the goal is to validate the consent flow."]
|
|
49319
|
+
})]
|
|
49320
|
+
}), /*#__PURE__*/jsxRuntime.jsx(DashReact.Button, {
|
|
49321
|
+
title: "Test prompt",
|
|
49322
|
+
onClick: triggerTestJitPrompt
|
|
49323
|
+
})]
|
|
49271
49324
|
})]
|
|
49272
49325
|
});
|
|
49273
49326
|
};
|
|
@@ -49294,10 +49347,10 @@ var DISABLE_COPY = {
|
|
|
49294
49347
|
* nesting entirely; the user keeps context and the warning is
|
|
49295
49348
|
* impossible to miss right where the toggle lives.
|
|
49296
49349
|
*/
|
|
49297
|
-
var ConfirmDisableInline = function ConfirmDisableInline(
|
|
49298
|
-
var pending =
|
|
49299
|
-
onCancel =
|
|
49300
|
-
onConfirm =
|
|
49350
|
+
var ConfirmDisableInline = function ConfirmDisableInline(_ref7) {
|
|
49351
|
+
var pending = _ref7.pending,
|
|
49352
|
+
onCancel = _ref7.onCancel,
|
|
49353
|
+
onConfirm = _ref7.onConfirm;
|
|
49301
49354
|
if (!pending) return null;
|
|
49302
49355
|
var copy = DISABLE_COPY[pending.flag];
|
|
49303
49356
|
if (!copy) return null;
|
|
@@ -49327,15 +49380,15 @@ var ConfirmDisableInline = function ConfirmDisableInline(_ref6) {
|
|
|
49327
49380
|
})]
|
|
49328
49381
|
});
|
|
49329
49382
|
};
|
|
49330
|
-
var WidgetGrantRow = function WidgetGrantRow(
|
|
49331
|
-
var widgetId =
|
|
49332
|
-
declared =
|
|
49333
|
-
granted =
|
|
49334
|
-
hasManifest =
|
|
49335
|
-
grantOrigin =
|
|
49336
|
-
onRevokeWidget =
|
|
49337
|
-
onRevokeServer =
|
|
49338
|
-
onGrantManually =
|
|
49383
|
+
var WidgetGrantRow = function WidgetGrantRow(_ref8) {
|
|
49384
|
+
var widgetId = _ref8.widgetId,
|
|
49385
|
+
declared = _ref8.declared,
|
|
49386
|
+
granted = _ref8.granted,
|
|
49387
|
+
hasManifest = _ref8.hasManifest,
|
|
49388
|
+
grantOrigin = _ref8.grantOrigin,
|
|
49389
|
+
onRevokeWidget = _ref8.onRevokeWidget,
|
|
49390
|
+
onRevokeServer = _ref8.onRevokeServer,
|
|
49391
|
+
onGrantManually = _ref8.onGrantManually;
|
|
49339
49392
|
var declaredServers = declared && declared.servers || {};
|
|
49340
49393
|
var grantedServers = granted && granted.servers || {};
|
|
49341
49394
|
var allServerNames = Array.from(new Set([].concat(_toConsumableArray(Object.keys(declaredServers)), _toConsumableArray(Object.keys(grantedServers)))));
|
|
@@ -49407,10 +49460,10 @@ var WidgetGrantRow = function WidgetGrantRow(_ref7) {
|
|
|
49407
49460
|
})]
|
|
49408
49461
|
});
|
|
49409
49462
|
};
|
|
49410
|
-
var PermsList = function PermsList(
|
|
49411
|
-
var label =
|
|
49412
|
-
declaredItems =
|
|
49413
|
-
grantedItems =
|
|
49463
|
+
var PermsList = function PermsList(_ref9) {
|
|
49464
|
+
var label = _ref9.label,
|
|
49465
|
+
declaredItems = _ref9.declaredItems,
|
|
49466
|
+
grantedItems = _ref9.grantedItems;
|
|
49414
49467
|
if (declaredItems.length === 0 && grantedItems.length === 0) return null;
|
|
49415
49468
|
var grantedSet = new Set(grantedItems);
|
|
49416
49469
|
var declaredSet = new Set(declaredItems);
|
|
@@ -49466,8 +49519,8 @@ function isServerEntirelyStale(decl, grant) {
|
|
|
49466
49519
|
* the user audit grants that were approved against a scanner guess
|
|
49467
49520
|
* rather than the developer's explicit declaration.
|
|
49468
49521
|
*/
|
|
49469
|
-
var GrantOriginBadge = function GrantOriginBadge(
|
|
49470
|
-
var origin =
|
|
49522
|
+
var GrantOriginBadge = function GrantOriginBadge(_ref0) {
|
|
49523
|
+
var origin = _ref0.origin;
|
|
49471
49524
|
var styles = {
|
|
49472
49525
|
declared: {
|
|
49473
49526
|
label: "declared",
|