aegis-mcp-server 0.1.7 → 0.1.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/services/enforcement-engine.d.ts +31 -4
- package/dist/services/enforcement-engine.d.ts.map +1 -1
- package/dist/services/enforcement-engine.js +61 -9
- package/dist/services/enforcement-engine.js.map +1 -1
- package/dist/tools/file-tools.d.ts +16 -11
- package/dist/tools/file-tools.d.ts.map +1 -1
- package/dist/tools/file-tools.js +172 -38
- package/dist/tools/file-tools.js.map +1 -1
- package/package.json +1 -1
- package/src/services/enforcement-engine.ts +89 -9
- package/src/tools/file-tools.ts +194 -40
|
@@ -7,11 +7,28 @@
|
|
|
7
7
|
* Two-layer enforcement:
|
|
8
8
|
* Layer 1 (skeleton): permissions.boundaries, scope paths, override_protocol
|
|
9
9
|
* Layer 2 (extensions): sensitive_patterns, cross_domain_rules, sensitivity_tiers
|
|
10
|
+
*
|
|
11
|
+
* Override protocol:
|
|
12
|
+
* When the governance behavior is "warn_confirm_and_log", blocked actions return
|
|
13
|
+
* an override_token. The agent surfaces the violation to the human, and if the
|
|
14
|
+
* human confirms, the agent calls aegis_request_override with the token. The
|
|
15
|
+
* override is single-use, time-limited (60s), and logged with human_confirmed: true.
|
|
16
|
+
* Immutable policies cannot be overridden regardless.
|
|
10
17
|
*/
|
|
11
18
|
import type { PolicyState, ResolvedRole, EnforcementVerdict, OverrideLogEntry } from '../types.js';
|
|
19
|
+
interface PendingOverride {
|
|
20
|
+
token: string;
|
|
21
|
+
operation: 'write' | 'read' | 'delete';
|
|
22
|
+
path: string;
|
|
23
|
+
content?: string;
|
|
24
|
+
reason: string;
|
|
25
|
+
policy_ref: string;
|
|
26
|
+
created_at: number;
|
|
27
|
+
}
|
|
12
28
|
export declare class EnforcementEngine {
|
|
13
29
|
private state;
|
|
14
30
|
private activeRole;
|
|
31
|
+
private pendingOverrides;
|
|
15
32
|
constructor(state: PolicyState, activeRole: ResolvedRole);
|
|
16
33
|
/**
|
|
17
34
|
* Update references when policy reloads.
|
|
@@ -28,12 +45,10 @@ export declare class EnforcementEngine {
|
|
|
28
45
|
validateRead(targetPath: string): EnforcementVerdict;
|
|
29
46
|
/**
|
|
30
47
|
* Scan proposed file content for sensitive patterns.
|
|
31
|
-
* Uses governance.permissions.sensitive_patterns when present.
|
|
32
48
|
*/
|
|
33
49
|
scanContent(content: string, targetPath: string): EnforcementVerdict;
|
|
34
50
|
/**
|
|
35
51
|
* Validate that a cross-domain import respects boundaries.
|
|
36
|
-
* Uses governance.cross_domain_rules when present (extension field).
|
|
37
52
|
*/
|
|
38
53
|
validateCrossDomain(sourcePath: string, importPath: string): EnforcementVerdict;
|
|
39
54
|
/**
|
|
@@ -43,13 +58,24 @@ export declare class EnforcementEngine {
|
|
|
43
58
|
behavior: 'block_and_log' | 'warn_confirm_and_log' | 'log_only';
|
|
44
59
|
isImmutable: boolean;
|
|
45
60
|
};
|
|
61
|
+
/**
|
|
62
|
+
* Create a pending override token for a blocked action.
|
|
63
|
+
* The token is single-use and expires after 60 seconds.
|
|
64
|
+
* Returns null if the policy is immutable or override behavior is block_and_log.
|
|
65
|
+
*/
|
|
66
|
+
createOverrideToken(operation: 'write' | 'read' | 'delete', path: string, reason: string, policyRef: string, content?: string): string | null;
|
|
67
|
+
/**
|
|
68
|
+
* Validate and consume an override token.
|
|
69
|
+
* Returns the pending override if the token is valid and not expired.
|
|
70
|
+
* The token is consumed (deleted) after use — single-use only.
|
|
71
|
+
*/
|
|
72
|
+
consumeOverrideToken(token: string): PendingOverride | null;
|
|
46
73
|
/**
|
|
47
74
|
* Log an override to the append-only overrides.jsonl file.
|
|
48
75
|
*/
|
|
49
76
|
logOverride(entry: OverrideLogEntry): Promise<void>;
|
|
50
77
|
/**
|
|
51
78
|
* Build the list of commands to run for quality gate validation.
|
|
52
|
-
* Maps pre_commit booleans to build_commands from constitution or governance.
|
|
53
79
|
*/
|
|
54
80
|
getQualityGateCommands(): Array<{
|
|
55
81
|
name: string;
|
|
@@ -57,13 +83,14 @@ export declare class EnforcementEngine {
|
|
|
57
83
|
}>;
|
|
58
84
|
/**
|
|
59
85
|
* Safely access permissions.boundaries — returns empty object if missing.
|
|
60
|
-
* Handles governance files that don't have the skeleton boundaries field.
|
|
61
86
|
*/
|
|
62
87
|
private get boundaries();
|
|
88
|
+
private cleanExpiredTokens;
|
|
63
89
|
private matchesAny;
|
|
64
90
|
private toRelativePath;
|
|
65
91
|
private getDomain;
|
|
66
92
|
private compilePattern;
|
|
67
93
|
private log;
|
|
68
94
|
}
|
|
95
|
+
export {};
|
|
69
96
|
//# sourceMappingURL=enforcement-engine.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"enforcement-engine.d.ts","sourceRoot":"","sources":["../../src/services/enforcement-engine.ts"],"names":[],"mappings":"AAAA
|
|
1
|
+
{"version":3,"file":"enforcement-engine.d.ts","sourceRoot":"","sources":["../../src/services/enforcement-engine.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAMH,OAAO,KAAK,EACV,WAAW,EACX,YAAY,EACZ,kBAAkB,EAClB,gBAAgB,EAEjB,MAAM,aAAa,CAAC;AAIrB,UAAU,eAAe;IACvB,KAAK,EAAE,MAAM,CAAC;IACd,SAAS,EAAE,OAAO,GAAG,MAAM,GAAG,QAAQ,CAAC;IACvC,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;CACpB;AAID,qBAAa,iBAAiB;IAI1B,OAAO,CAAC,KAAK;IACb,OAAO,CAAC,UAAU;IAJpB,OAAO,CAAC,gBAAgB,CAAsC;gBAGpD,KAAK,EAAE,WAAW,EAClB,UAAU,EAAE,YAAY;IAGlC;;OAEG;IACH,WAAW,CAAC,KAAK,EAAE,WAAW,EAAE,IAAI,EAAE,YAAY,GAAG,IAAI;IAOzD;;;OAGG;IACH,aAAa,CAAC,UAAU,EAAE,MAAM,GAAG,kBAAkB;IAuErD;;OAEG;IACH,YAAY,CAAC,UAAU,EAAE,MAAM,GAAG,kBAAkB;IAyCpD;;OAEG;IACH,WAAW,CAAC,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,kBAAkB;IAuBpE;;OAEG;IACH,mBAAmB,CAAC,UAAU,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,kBAAkB;IA4B/E;;OAEG;IACH,mBAAmB,CAAC,SAAS,EAAE,MAAM,GAAG;QACtC,QAAQ,EAAE,eAAe,GAAG,sBAAsB,GAAG,UAAU,CAAC;QAChE,WAAW,EAAE,OAAO,CAAC;KACtB;IAaD;;;;OAIG;IACH,mBAAmB,CACjB,SAAS,EAAE,OAAO,GAAG,MAAM,GAAG,QAAQ,EACtC,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,MAAM,EACd,SAAS,EAAE,MAAM,EACjB,OAAO,CAAC,EAAE,MAAM,GACf,MAAM,GAAG,IAAI;IAyBhB;;;;OAIG;IACH,oBAAoB,CAAC,KAAK,EAAE,MAAM,GAAG,eAAe,GAAG,IAAI;IAe3D;;OAEG;IACG,WAAW,CAAC,KAAK,EAAE,gBAAgB,GAAG,OAAO,CAAC,IAAI,CAAC;IASzD;;OAEG;IACH,sBAAsB,IAAI,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAA;KAAE,CAAC;IA+BlE;;OAEG;IACH,OAAO,KAAK,UAAU,GAErB;IAED,OAAO,CAAC,kBAAkB;IAS1B,OAAO,CAAC,UAAU;IASlB,OAAO,CAAC,cAAc;IAOtB,OAAO,CAAC,SAAS;IAajB,OAAO,CAAC,cAAc;IAStB,OAAO,CAAC,GAAG;CAGZ"}
|
|
@@ -7,13 +7,23 @@
|
|
|
7
7
|
* Two-layer enforcement:
|
|
8
8
|
* Layer 1 (skeleton): permissions.boundaries, scope paths, override_protocol
|
|
9
9
|
* Layer 2 (extensions): sensitive_patterns, cross_domain_rules, sensitivity_tiers
|
|
10
|
+
*
|
|
11
|
+
* Override protocol:
|
|
12
|
+
* When the governance behavior is "warn_confirm_and_log", blocked actions return
|
|
13
|
+
* an override_token. The agent surfaces the violation to the human, and if the
|
|
14
|
+
* human confirms, the agent calls aegis_request_override with the token. The
|
|
15
|
+
* override is single-use, time-limited (60s), and logged with human_confirmed: true.
|
|
16
|
+
* Immutable policies cannot be overridden regardless.
|
|
10
17
|
*/
|
|
18
|
+
import { randomBytes } from 'node:crypto';
|
|
11
19
|
import { appendFile, mkdir } from 'node:fs/promises';
|
|
12
20
|
import { dirname, join, relative, isAbsolute } from 'node:path';
|
|
13
21
|
import { minimatch } from 'minimatch';
|
|
22
|
+
const OVERRIDE_TTL_MS = 300_000; // 5 minutes
|
|
14
23
|
export class EnforcementEngine {
|
|
15
24
|
state;
|
|
16
25
|
activeRole;
|
|
26
|
+
pendingOverrides = new Map();
|
|
17
27
|
constructor(state, activeRole) {
|
|
18
28
|
this.state = state;
|
|
19
29
|
this.activeRole = activeRole;
|
|
@@ -47,7 +57,6 @@ export class EnforcementEngine {
|
|
|
47
57
|
const readOnly = this.boundaries.read_only;
|
|
48
58
|
const writable = this.boundaries.writable;
|
|
49
59
|
if (readOnly && this.matchesAny(relPath, readOnly)) {
|
|
50
|
-
// If the path is also in the writable list, writable wins
|
|
51
60
|
if (!writable || !this.matchesAny(relPath, writable)) {
|
|
52
61
|
return {
|
|
53
62
|
allowed: false,
|
|
@@ -133,7 +142,6 @@ export class EnforcementEngine {
|
|
|
133
142
|
// ─── Content Scanning ─────────────────────────────────────────────────────
|
|
134
143
|
/**
|
|
135
144
|
* Scan proposed file content for sensitive patterns.
|
|
136
|
-
* Uses governance.permissions.sensitive_patterns when present.
|
|
137
145
|
*/
|
|
138
146
|
scanContent(content, targetPath) {
|
|
139
147
|
const patterns = this.state.governance.permissions?.sensitive_patterns;
|
|
@@ -157,7 +165,6 @@ export class EnforcementEngine {
|
|
|
157
165
|
// ─── Cross-Domain Validation ──────────────────────────────────────────────
|
|
158
166
|
/**
|
|
159
167
|
* Validate that a cross-domain import respects boundaries.
|
|
160
|
-
* Uses governance.cross_domain_rules when present (extension field).
|
|
161
168
|
*/
|
|
162
169
|
validateCrossDomain(sourcePath, importPath) {
|
|
163
170
|
const rules = this.state.governance.cross_domain_rules;
|
|
@@ -168,11 +175,9 @@ export class EnforcementEngine {
|
|
|
168
175
|
return { allowed: true };
|
|
169
176
|
const sourceDomain = this.getDomain(sourcePath, domains);
|
|
170
177
|
const importDomain = this.getDomain(importPath, domains);
|
|
171
|
-
// Same domain or can't determine — allow
|
|
172
178
|
if (!sourceDomain || !importDomain || sourceDomain === importDomain) {
|
|
173
179
|
return { allowed: true };
|
|
174
180
|
}
|
|
175
|
-
// Cross-domain — must go through shared interfaces
|
|
176
181
|
if (!importPath.includes(rules.shared_interfaces_path)) {
|
|
177
182
|
return {
|
|
178
183
|
allowed: false,
|
|
@@ -197,6 +202,49 @@ export class EnforcementEngine {
|
|
|
197
202
|
isImmutable,
|
|
198
203
|
};
|
|
199
204
|
}
|
|
205
|
+
/**
|
|
206
|
+
* Create a pending override token for a blocked action.
|
|
207
|
+
* The token is single-use and expires after 60 seconds.
|
|
208
|
+
* Returns null if the policy is immutable or override behavior is block_and_log.
|
|
209
|
+
*/
|
|
210
|
+
createOverrideToken(operation, path, reason, policyRef, content) {
|
|
211
|
+
const { behavior, isImmutable } = this.getOverrideBehavior(policyRef);
|
|
212
|
+
// Immutable policies and block_and_log cannot be overridden
|
|
213
|
+
if (isImmutable || behavior === 'block_and_log') {
|
|
214
|
+
return null;
|
|
215
|
+
}
|
|
216
|
+
// Clean up expired tokens
|
|
217
|
+
this.cleanExpiredTokens();
|
|
218
|
+
const token = randomBytes(16).toString('hex');
|
|
219
|
+
this.pendingOverrides.set(token, {
|
|
220
|
+
token,
|
|
221
|
+
operation,
|
|
222
|
+
path,
|
|
223
|
+
content,
|
|
224
|
+
reason,
|
|
225
|
+
policy_ref: policyRef,
|
|
226
|
+
created_at: Date.now(),
|
|
227
|
+
});
|
|
228
|
+
return token;
|
|
229
|
+
}
|
|
230
|
+
/**
|
|
231
|
+
* Validate and consume an override token.
|
|
232
|
+
* Returns the pending override if the token is valid and not expired.
|
|
233
|
+
* The token is consumed (deleted) after use — single-use only.
|
|
234
|
+
*/
|
|
235
|
+
consumeOverrideToken(token) {
|
|
236
|
+
const pending = this.pendingOverrides.get(token);
|
|
237
|
+
if (!pending)
|
|
238
|
+
return null;
|
|
239
|
+
// Check expiration
|
|
240
|
+
if (Date.now() - pending.created_at > OVERRIDE_TTL_MS) {
|
|
241
|
+
this.pendingOverrides.delete(token);
|
|
242
|
+
return null;
|
|
243
|
+
}
|
|
244
|
+
// Consume — single use
|
|
245
|
+
this.pendingOverrides.delete(token);
|
|
246
|
+
return pending;
|
|
247
|
+
}
|
|
200
248
|
/**
|
|
201
249
|
* Log an override to the append-only overrides.jsonl file.
|
|
202
250
|
*/
|
|
@@ -209,7 +257,6 @@ export class EnforcementEngine {
|
|
|
209
257
|
// ─── Quality Gates ────────────────────────────────────────────────────────
|
|
210
258
|
/**
|
|
211
259
|
* Build the list of commands to run for quality gate validation.
|
|
212
|
-
* Maps pre_commit booleans to build_commands from constitution or governance.
|
|
213
260
|
*/
|
|
214
261
|
getQualityGateCommands() {
|
|
215
262
|
const gates = this.state.governance.quality_gate?.pre_commit;
|
|
@@ -228,7 +275,6 @@ export class EnforcementEngine {
|
|
|
228
275
|
if (gates.must_pass_typecheck && commands.typecheck) {
|
|
229
276
|
result.push({ name: 'typecheck', command: commands.typecheck });
|
|
230
277
|
}
|
|
231
|
-
// Custom checks from quality gate
|
|
232
278
|
if (gates.custom_checks) {
|
|
233
279
|
for (const check of gates.custom_checks) {
|
|
234
280
|
result.push({ name: check.name, command: check.command });
|
|
@@ -239,14 +285,20 @@ export class EnforcementEngine {
|
|
|
239
285
|
// ─── Private Helpers ──────────────────────────────────────────────────────
|
|
240
286
|
/**
|
|
241
287
|
* Safely access permissions.boundaries — returns empty object if missing.
|
|
242
|
-
* Handles governance files that don't have the skeleton boundaries field.
|
|
243
288
|
*/
|
|
244
289
|
get boundaries() {
|
|
245
290
|
return this.state.governance.permissions?.boundaries ?? {};
|
|
246
291
|
}
|
|
292
|
+
cleanExpiredTokens() {
|
|
293
|
+
const now = Date.now();
|
|
294
|
+
for (const [token, pending] of this.pendingOverrides) {
|
|
295
|
+
if (now - pending.created_at > OVERRIDE_TTL_MS) {
|
|
296
|
+
this.pendingOverrides.delete(token);
|
|
297
|
+
}
|
|
298
|
+
}
|
|
299
|
+
}
|
|
247
300
|
matchesAny(path, patterns) {
|
|
248
301
|
return patterns.some((pattern) => {
|
|
249
|
-
// Normalize: "compliance/" should match "compliance/src/index.ts"
|
|
250
302
|
const normalized = pattern.endsWith('/')
|
|
251
303
|
? pattern + '**'
|
|
252
304
|
: pattern;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"enforcement-engine.js","sourceRoot":"","sources":["../../src/services/enforcement-engine.ts"],"names":[],"mappings":"AAAA
|
|
1
|
+
{"version":3,"file":"enforcement-engine.js","sourceRoot":"","sources":["../../src/services/enforcement-engine.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAC1C,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,MAAM,kBAAkB,CAAC;AACrD,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,WAAW,CAAC;AAChE,OAAO,EAAE,SAAS,EAAE,MAAM,WAAW,CAAC;AAqBtC,MAAM,eAAe,GAAG,OAAO,CAAC,CAAC,YAAY;AAE7C,MAAM,OAAO,iBAAiB;IAIlB;IACA;IAJF,gBAAgB,GAAG,IAAI,GAAG,EAA2B,CAAC;IAE9D,YACU,KAAkB,EAClB,UAAwB;QADxB,UAAK,GAAL,KAAK,CAAa;QAClB,eAAU,GAAV,UAAU,CAAc;IAC/B,CAAC;IAEJ;;OAEG;IACH,WAAW,CAAC,KAAkB,EAAE,IAAkB;QAChD,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC;IACzB,CAAC;IAED,6EAA6E;IAE7E;;;OAGG;IACH,aAAa,CAAC,UAAkB;QAC9B,MAAM,OAAO,GAAG,IAAI,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC;QAEhD,yDAAyD;QACzD,MAAM,SAAS,GAAG,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC;QAC5C,IAAI,SAAS,IAAI,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,SAAS,CAAC,EAAE,CAAC;YACrD,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,MAAM,EAAE,SAAS,OAAO,uEAAuE;gBAC/F,UAAU,EAAE,wDAAwD;gBACpE,SAAS,EAAE,IAAI;aAChB,CAAC;QACJ,CAAC;QAED,0EAA0E;QAC1E,8EAA8E;QAC9E,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC;QAC3C,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC;QAC1C,IAAI,QAAQ,IAAI,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,QAAQ,CAAC,EAAE,CAAC;YACnD,IAAI,CAAC,QAAQ,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,QAAQ,CAAC,EAAE,CAAC;gBACrD,OAAO;oBACL,OAAO,EAAE,KAAK;oBACd,MAAM,EAAE,SAAS,OAAO,uCAAuC;oBAC/D,UAAU,EAAE,wDAAwD;oBACpE,SAAS,EAAE,KAAK;iBACjB,CAAC;YACJ,CAAC;QACH,CAAC;QAED,yBAAyB;QACzB,IAAI,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,MAAM,GAAG,CAAC;YACzC,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,EAAE,CAAC;YAC7D,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,MAAM,EAAE,SAAS,OAAO,2BAA2B,IAAI,CAAC,UAAU,CAAC,EAAE,IAAI;gBACzE,UAAU,EAAE,SAAS,IAAI,CAAC,UAAU,CAAC,EAAE,gCAAgC;gBACvE,SAAS,EAAE,KAAK;aACjB,CAAC;QACJ,CAAC;QAED,wEAAwE;QACxE,IAAI,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC9C,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,CAAC;YAC5E,MAAM,WAAW,GAAG,IAAI,CAAC,UAAU,CAAC,eAAe,CAAC,MAAM,GAAG,CAAC;gBAC5D,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,IAAI,CAAC,UAAU,CAAC,eAAe,CAAC,CAAC;YAE5D,IAAI,CAAC,UAAU,IAAI,CAAC,WAAW,EAAE,CAAC;gBAChC,OAAO;oBACL,OAAO,EAAE,KAAK;oBACd,MAAM,EAAE,SAAS,OAAO,4CAA4C,IAAI,CAAC,UAAU,CAAC,EAAE,IAAI;oBAC1F,UAAU,EAAE,SAAS,IAAI,CAAC,UAAU,CAAC,EAAE,eAAe;oBACtD,SAAS,EAAE,KAAK;iBACjB,CAAC;YACJ,CAAC;QACH,CAAC;QAED,uEAAuE;QACvE,IAAI,QAAQ,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,QAAQ,CAAC,EAAE,CAAC;YAC3E,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,MAAM,EAAE,SAAS,OAAO,2CAA2C;gBACnE,UAAU,EAAE,uDAAuD;gBACnE,SAAS,EAAE,KAAK;aACjB,CAAC;QACJ,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;IAC3B,CAAC;IAED,6EAA6E;IAE7E;;OAEG;IACH,YAAY,CAAC,UAAkB;QAC7B,MAAM,OAAO,GAAG,IAAI,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC;QAEhD,6BAA6B;QAC7B,MAAM,SAAS,GAAG,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC;QAC5C,IAAI,SAAS,IAAI,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,SAAS,CAAC,EAAE,CAAC;YACrD,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,MAAM,EAAE,SAAS,OAAO,2DAA2D;gBACnF,UAAU,EAAE,wDAAwD;gBACpE,SAAS,EAAE,IAAI;aAChB,CAAC;QACJ,CAAC;QAED,sCAAsC;QACtC,IAAI,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,MAAM,GAAG,CAAC;YACzC,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,EAAE,CAAC;YAC7D,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,MAAM,EAAE,SAAS,OAAO,2BAA2B,IAAI,CAAC,UAAU,CAAC,EAAE,IAAI;gBACzE,UAAU,EAAE,SAAS,IAAI,CAAC,UAAU,CAAC,EAAE,gCAAgC;gBACvE,SAAS,EAAE,KAAK;aACjB,CAAC;QACJ,CAAC;QAED,+CAA+C;QAC/C,IAAI,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,MAAM,GAAG,CAAC;YACzC,CAAC,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,EAAE,CAAC;YAC9D,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,MAAM,EAAE,SAAS,OAAO,4CAA4C,IAAI,CAAC,UAAU,CAAC,EAAE,IAAI;gBAC1F,UAAU,EAAE,SAAS,IAAI,CAAC,UAAU,CAAC,EAAE,sBAAsB;gBAC7D,SAAS,EAAE,KAAK;aACjB,CAAC;QACJ,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;IAC3B,CAAC;IAED,6EAA6E;IAE7E;;OAEG;IACH,WAAW,CAAC,OAAe,EAAE,UAAkB;QAC7C,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,WAAW,EAAE,kBAAkB,CAAC;QACvE,IAAI,CAAC,QAAQ,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;QAEjE,KAAK,MAAM,EAAE,IAAI,QAAQ,EAAE,CAAC;YAC1B,MAAM,KAAK,GAAG,IAAI,CAAC,cAAc,CAAC,EAAE,CAAC,OAAO,CAAC,CAAC;YAC9C,IAAI,CAAC,KAAK;gBAAE,SAAS;YAErB,IAAI,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;gBACxB,OAAO;oBACL,OAAO,EAAE,KAAK;oBACd,MAAM,EAAE,gBAAgB,UAAU,mCAAmC,EAAE,CAAC,MAAM,EAAE;oBAChF,UAAU,EAAE,oDAAoD;oBAChE,SAAS,EAAE,KAAK;iBACjB,CAAC;YACJ,CAAC;QACH,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;IAC3B,CAAC;IAED,6EAA6E;IAE7E;;OAEG;IACH,mBAAmB,CAAC,UAAkB,EAAE,UAAkB;QACxD,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,kBAAkB,CAAC;QACvD,IAAI,CAAC,KAAK,IAAI,CAAC,KAAK,CAAC,sBAAsB;YAAE,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;QAEtE,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,OAAO,CAAC,OAAO,CAAC;QACxD,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;QAE/D,MAAM,YAAY,GAAG,IAAI,CAAC,SAAS,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;QACzD,MAAM,YAAY,GAAG,IAAI,CAAC,SAAS,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;QAEzD,IAAI,CAAC,YAAY,IAAI,CAAC,YAAY,IAAI,YAAY,KAAK,YAAY,EAAE,CAAC;YACpE,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;QAC3B,CAAC;QAED,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,KAAK,CAAC,sBAAsB,CAAC,EAAE,CAAC;YACvD,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,MAAM,EAAE,6BAA6B,YAAY,SAAS,YAAY,sBAAsB,KAAK,CAAC,sBAAsB,wBAAwB,UAAU,mBAAmB;gBAC7K,UAAU,EAAE,sCAAsC;gBAClD,SAAS,EAAE,KAAK;aACjB,CAAC;QACJ,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;IAC3B,CAAC;IAED,6EAA6E;IAE7E;;OAEG;IACH,mBAAmB,CAAC,SAAiB;QAInC,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,iBAAiB,CAAC;QACzD,MAAM,QAAQ,GAAG,QAAQ,EAAE,QAAQ,IAAI,sBAAsB,CAAC;QAC9D,MAAM,SAAS,GAAG,QAAQ,EAAE,kBAAkB,IAAI,EAAE,CAAC;QAErD,MAAM,WAAW,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;QAEjE,OAAO;YACL,QAAQ,EAAE,WAAW,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,QAAQ;YAClD,WAAW;SACZ,CAAC;IACJ,CAAC;IAED;;;;OAIG;IACH,mBAAmB,CACjB,SAAsC,EACtC,IAAY,EACZ,MAAc,EACd,SAAiB,EACjB,OAAgB;QAEhB,MAAM,EAAE,QAAQ,EAAE,WAAW,EAAE,GAAG,IAAI,CAAC,mBAAmB,CAAC,SAAS,CAAC,CAAC;QAEtE,4DAA4D;QAC5D,IAAI,WAAW,IAAI,QAAQ,KAAK,eAAe,EAAE,CAAC;YAChD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,0BAA0B;QAC1B,IAAI,CAAC,kBAAkB,EAAE,CAAC;QAE1B,MAAM,KAAK,GAAG,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;QAC9C,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,KAAK,EAAE;YAC/B,KAAK;YACL,SAAS;YACT,IAAI;YACJ,OAAO;YACP,MAAM;YACN,UAAU,EAAE,SAAS;YACrB,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE;SACvB,CAAC,CAAC;QAEH,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;;;OAIG;IACH,oBAAoB,CAAC,KAAa;QAChC,MAAM,OAAO,GAAG,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACjD,IAAI,CAAC,OAAO;YAAE,OAAO,IAAI,CAAC;QAE1B,mBAAmB;QACnB,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,OAAO,CAAC,UAAU,GAAG,eAAe,EAAE,CAAC;YACtD,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YACpC,OAAO,IAAI,CAAC;QACd,CAAC;QAED,uBAAuB;QACvB,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACpC,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,WAAW,CAAC,KAAuB;QACvC,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,SAAS,EAAE,OAAO,EAAE,iBAAiB,CAAC,CAAC;QACvE,MAAM,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QACnD,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC;QAC1C,MAAM,UAAU,CAAC,OAAO,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;IAC3C,CAAC;IAED,6EAA6E;IAE7E;;OAEG;IACH,sBAAsB;QACpB,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,YAAY,EAAE,UAAU,CAAC;QAC7D,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,cAAc;YACtC,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,cAAc;YACpC,EAAE,CAAC;QAEpB,MAAM,MAAM,GAA6C,EAAE,CAAC;QAE5D,IAAI,CAAC,KAAK;YAAE,OAAO,MAAM,CAAC;QAE1B,IAAI,KAAK,CAAC,eAAe,IAAI,QAAQ,CAAC,IAAI,EAAE,CAAC;YAC3C,MAAM,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC;QACzD,CAAC;QACD,IAAI,KAAK,CAAC,cAAc,IAAI,QAAQ,CAAC,IAAI,EAAE,CAAC;YAC1C,MAAM,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC;QACxD,CAAC;QACD,IAAI,KAAK,CAAC,mBAAmB,IAAI,QAAQ,CAAC,SAAS,EAAE,CAAC;YACpD,MAAM,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,WAAW,EAAE,OAAO,EAAE,QAAQ,CAAC,SAAS,EAAE,CAAC,CAAC;QAClE,CAAC;QAED,IAAI,KAAK,CAAC,aAAa,EAAE,CAAC;YACxB,KAAK,MAAM,KAAK,IAAI,KAAK,CAAC,aAAa,EAAE,CAAC;gBACxC,MAAM,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,KAAK,CAAC,IAAI,EAAE,OAAO,EAAE,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;YAC5D,CAAC;QACH,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,6EAA6E;IAE7E;;OAEG;IACH,IAAY,UAAU;QACpB,OAAO,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,WAAW,EAAE,UAAU,IAAI,EAAE,CAAC;IAC7D,CAAC;IAEO,kBAAkB;QACxB,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,KAAK,MAAM,CAAC,KAAK,EAAE,OAAO,CAAC,IAAI,IAAI,CAAC,gBAAgB,EAAE,CAAC;YACrD,IAAI,GAAG,GAAG,OAAO,CAAC,UAAU,GAAG,eAAe,EAAE,CAAC;gBAC/C,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YACtC,CAAC;QACH,CAAC;IACH,CAAC;IAEO,UAAU,CAAC,IAAY,EAAE,QAAkB;QACjD,OAAO,QAAQ,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE;YAC/B,MAAM,UAAU,GAAG,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC;gBACtC,CAAC,CAAC,OAAO,GAAG,IAAI;gBAChB,CAAC,CAAC,OAAO,CAAC;YACZ,OAAO,SAAS,CAAC,IAAI,EAAE,UAAU,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC;QACpD,CAAC,CAAC,CAAC;IACL,CAAC;IAEO,cAAc,CAAC,UAAkB;QACvC,IAAI,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;YAC3B,OAAO,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,WAAW,EAAE,UAAU,CAAC,CAAC;QACtD,CAAC;QACD,OAAO,UAAU,CAAC;IACpB,CAAC;IAEO,SAAS,CACf,QAAgB,EAChB,OAA8C;QAE9C,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;YAC7B,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;YAClD,IAAI,QAAQ,CAAC,UAAU,CAAC,UAAU,GAAG,GAAG,CAAC,IAAI,QAAQ,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;gBAC7E,OAAO,MAAM,CAAC,IAAI,CAAC;YACrB,CAAC;QACH,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAEO,cAAc,CAAC,OAAe;QACpC,IAAI,CAAC;YACH,OAAO,IAAI,MAAM,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;QACnC,CAAC;QAAC,MAAM,CAAC;YACP,IAAI,CAAC,GAAG,CAAC,wCAAwC,OAAO,EAAE,CAAC,CAAC;YAC5D,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAEO,GAAG,CAAC,OAAe;QACzB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,mBAAmB,OAAO,IAAI,CAAC,CAAC;IACvD,CAAC;CACF"}
|
|
@@ -1,27 +1,32 @@
|
|
|
1
1
|
/**
|
|
2
2
|
* Governed File Tools — MCP tool registrations for file operations.
|
|
3
3
|
*
|
|
4
|
-
* These are the tools agents call instead of raw file system access.
|
|
5
|
-
* Every call is validated against the loaded policy before execution.
|
|
6
|
-
* The agent never sees the policy — only the verdict.
|
|
7
|
-
*
|
|
8
4
|
* GOVERNANCE MODEL: The Aegis MCP does not override the agent's native
|
|
9
5
|
* directives. It introduces itself, explains why governance is active,
|
|
10
6
|
* identifies which operations benefit from compliance validation, and
|
|
11
7
|
* asks the agent to seek user permission to route governed operations
|
|
12
8
|
* through Aegis tools. The user's authority is the enforcement mechanism.
|
|
13
9
|
*
|
|
10
|
+
* OVERRIDE HANDSHAKE: When a write/delete is blocked and the override
|
|
11
|
+
* protocol allows overrides (warn_confirm_and_log), the blocked response
|
|
12
|
+
* includes an override_token. The agent presents the violation to the
|
|
13
|
+
* human. If the human confirms, the agent calls aegis_request_override
|
|
14
|
+
* with the token. The action proceeds and is logged with human_confirmed: true.
|
|
15
|
+
* The token is single-use and expires after 5 minutes.
|
|
16
|
+
* Immutable policies cannot be overridden.
|
|
17
|
+
*
|
|
14
18
|
* LOGGING: Every denied action is logged to overrides.jsonl by the server
|
|
15
19
|
* process — no agent involvement required.
|
|
16
20
|
*
|
|
17
21
|
* Tools:
|
|
18
|
-
* aegis_check_permissions
|
|
19
|
-
* aegis_write_file
|
|
20
|
-
* aegis_read_file
|
|
21
|
-
* aegis_delete_file
|
|
22
|
-
* aegis_execute
|
|
23
|
-
* aegis_complete_task
|
|
24
|
-
* aegis_policy_summary
|
|
22
|
+
* aegis_check_permissions — Pre-check before writing
|
|
23
|
+
* aegis_write_file — Governed write with path + content validation
|
|
24
|
+
* aegis_read_file — Governed read with path validation
|
|
25
|
+
* aegis_delete_file — Governed delete (uses write permissions)
|
|
26
|
+
* aegis_execute — Governed command execution
|
|
27
|
+
* aegis_complete_task — Task completion with quality gate validation
|
|
28
|
+
* aegis_policy_summary — Minimal role/permissions summary
|
|
29
|
+
* aegis_request_override — Consume an override token after human confirmation
|
|
25
30
|
*/
|
|
26
31
|
import type { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
|
|
27
32
|
import type { EnforcementEngine } from '../services/enforcement-engine.js';
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"file-tools.d.ts","sourceRoot":"","sources":["../../src/tools/file-tools.ts"],"names":[],"mappings":"AAAA
|
|
1
|
+
{"version":3,"file":"file-tools.d.ts","sourceRoot":"","sources":["../../src/tools/file-tools.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6BG;AAKH,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AAEzE,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,mCAAmC,CAAC;AAC3E,OAAO,KAAK,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAM7D,wBAAgB,aAAa,CAC3B,MAAM,EAAE,SAAS,EACjB,SAAS,EAAE,MAAM,iBAAiB,EAClC,QAAQ,EAAE,MAAM,WAAW,EAC3B,OAAO,EAAE,MAAM,YAAY,GAC1B,IAAI,CA4hBN"}
|
package/dist/tools/file-tools.js
CHANGED
|
@@ -1,42 +1,38 @@
|
|
|
1
1
|
/**
|
|
2
2
|
* Governed File Tools — MCP tool registrations for file operations.
|
|
3
3
|
*
|
|
4
|
-
* These are the tools agents call instead of raw file system access.
|
|
5
|
-
* Every call is validated against the loaded policy before execution.
|
|
6
|
-
* The agent never sees the policy — only the verdict.
|
|
7
|
-
*
|
|
8
4
|
* GOVERNANCE MODEL: The Aegis MCP does not override the agent's native
|
|
9
5
|
* directives. It introduces itself, explains why governance is active,
|
|
10
6
|
* identifies which operations benefit from compliance validation, and
|
|
11
7
|
* asks the agent to seek user permission to route governed operations
|
|
12
8
|
* through Aegis tools. The user's authority is the enforcement mechanism.
|
|
13
9
|
*
|
|
10
|
+
* OVERRIDE HANDSHAKE: When a write/delete is blocked and the override
|
|
11
|
+
* protocol allows overrides (warn_confirm_and_log), the blocked response
|
|
12
|
+
* includes an override_token. The agent presents the violation to the
|
|
13
|
+
* human. If the human confirms, the agent calls aegis_request_override
|
|
14
|
+
* with the token. The action proceeds and is logged with human_confirmed: true.
|
|
15
|
+
* The token is single-use and expires after 5 minutes.
|
|
16
|
+
* Immutable policies cannot be overridden.
|
|
17
|
+
*
|
|
14
18
|
* LOGGING: Every denied action is logged to overrides.jsonl by the server
|
|
15
19
|
* process — no agent involvement required.
|
|
16
20
|
*
|
|
17
21
|
* Tools:
|
|
18
|
-
* aegis_check_permissions
|
|
19
|
-
* aegis_write_file
|
|
20
|
-
* aegis_read_file
|
|
21
|
-
* aegis_delete_file
|
|
22
|
-
* aegis_execute
|
|
23
|
-
* aegis_complete_task
|
|
24
|
-
* aegis_policy_summary
|
|
22
|
+
* aegis_check_permissions — Pre-check before writing
|
|
23
|
+
* aegis_write_file — Governed write with path + content validation
|
|
24
|
+
* aegis_read_file — Governed read with path validation
|
|
25
|
+
* aegis_delete_file — Governed delete (uses write permissions)
|
|
26
|
+
* aegis_execute — Governed command execution
|
|
27
|
+
* aegis_complete_task — Task completion with quality gate validation
|
|
28
|
+
* aegis_policy_summary — Minimal role/permissions summary
|
|
29
|
+
* aegis_request_override — Consume an override token after human confirmation
|
|
25
30
|
*/
|
|
26
31
|
import { readFile, writeFile, unlink, mkdir } from 'node:fs/promises';
|
|
27
32
|
import { dirname, join, isAbsolute } from 'node:path';
|
|
28
33
|
import { execSync } from 'node:child_process';
|
|
29
34
|
import { z } from 'zod';
|
|
30
35
|
// ─── Governance Introduction ────────────────────────────────────────────────
|
|
31
|
-
// This prefix is prepended to every tool description. It reaches the agent
|
|
32
|
-
// at MCP connection time as part of the tool list — before any user prompt.
|
|
33
|
-
//
|
|
34
|
-
// It does NOT attempt to override the agent's native directives. Instead it:
|
|
35
|
-
// 1. Introduces the governance context
|
|
36
|
-
// 2. Explains which operations benefit from compliance validation
|
|
37
|
-
// 3. Asks the agent to inform the user and request permission
|
|
38
|
-
//
|
|
39
|
-
// The user's authority is what binds the agent, not the MCP's.
|
|
40
36
|
const GOVERNANCE_INTRO = `NOTE: You are connected to the Aegis MCP, a governance enforcement layer installed by the project owner to maintain compliance in this workspace. This project operates under regulated governance policy (.agentpolicy/). Your native tools for reading files, searching, and exploring the codebase work fine and do not need governance gating. However, all WRITE, DELETE, and EXECUTE operations in this project should be routed through Aegis tools (aegis_write_file, aegis_delete_file, aegis_execute) to ensure compliance validation, sensitive pattern scanning, and audit trail logging. Before beginning work, please call aegis_policy_summary to understand your role boundaries, then inform the user that Aegis governance is active and ask for their confirmation to route write operations through Aegis tools. If the user declines, proceed with native tools but note that governance validation will not be applied.\n\n`;
|
|
41
37
|
export function registerTools(server, getEngine, getState, getRole) {
|
|
42
38
|
// ─── aegis_check_permissions ──────────────────────────────────────────────
|
|
@@ -49,7 +45,7 @@ Args:
|
|
|
49
45
|
- operation ('read' | 'write' | 'delete'): The operation to check
|
|
50
46
|
|
|
51
47
|
Returns:
|
|
52
|
-
{ "allowed": true } or { "allowed": false, "reason": "..." }`,
|
|
48
|
+
{ "allowed": true } or { "allowed": false, "reason": "...", "override_available": bool, "override_token": "..." }`,
|
|
53
49
|
inputSchema: {
|
|
54
50
|
path: z.string().describe('Target file path relative to project root'),
|
|
55
51
|
operation: z.enum(['read', 'write', 'delete']).describe('Operation to check'),
|
|
@@ -66,30 +62,41 @@ Returns:
|
|
|
66
62
|
const verdict = operation === 'read'
|
|
67
63
|
? engine.validateRead(path)
|
|
68
64
|
: engine.validateWrite(path);
|
|
69
|
-
// Log denied permission checks
|
|
70
65
|
if (!verdict.allowed) {
|
|
71
66
|
await logBlocked(engine, role, path, `check_permissions (${operation})`, verdict.reason);
|
|
67
|
+
// Generate override token if policy allows overrides
|
|
68
|
+
const token = engine.createOverrideToken(operation === 'delete' ? 'delete' : operation, path, verdict.reason, verdict.policy_ref);
|
|
69
|
+
return {
|
|
70
|
+
content: [{
|
|
71
|
+
type: 'text',
|
|
72
|
+
text: JSON.stringify({
|
|
73
|
+
allowed: false,
|
|
74
|
+
reason: verdict.reason,
|
|
75
|
+
override_available: token !== null,
|
|
76
|
+
override_token: token,
|
|
77
|
+
...(token ? { instructions: 'To override: present the violated policy to the user. If the user explicitly confirms the override, call aegis_request_override with this token. The token expires in 5 minutes and is single-use.' } : { instructions: 'This policy is immutable and cannot be overridden. The user must modify the governance through aegis init.' }),
|
|
78
|
+
}),
|
|
79
|
+
}],
|
|
80
|
+
};
|
|
72
81
|
}
|
|
73
82
|
return {
|
|
74
83
|
content: [{
|
|
75
84
|
type: 'text',
|
|
76
|
-
text: JSON.stringify(
|
|
77
|
-
? { allowed: true }
|
|
78
|
-
: { allowed: false, reason: verdict.reason }),
|
|
85
|
+
text: JSON.stringify({ allowed: true }),
|
|
79
86
|
}],
|
|
80
87
|
};
|
|
81
88
|
});
|
|
82
89
|
// ─── aegis_write_file ─────────────────────────────────────────────────────
|
|
83
90
|
server.registerTool('aegis_write_file', {
|
|
84
91
|
title: 'Write File (Governed)',
|
|
85
|
-
description: `${GOVERNANCE_INTRO}Write content to a file with governance enforcement. Path is validated against your role's permissions and governance boundaries. Content is scanned for sensitive patterns. If the write violates policy, it is blocked, logged, and you receive the
|
|
92
|
+
description: `${GOVERNANCE_INTRO}Write content to a file with governance enforcement. Path is validated against your role's permissions and governance boundaries. Content is scanned for sensitive patterns. If the write violates policy, it is blocked, logged, and you receive an override_token if the policy allows overrides. Present the violation to the user — if they confirm, call aegis_request_override with the token to proceed.
|
|
86
93
|
|
|
87
94
|
Args:
|
|
88
95
|
- path (string): File path relative to project root
|
|
89
96
|
- content (string): File content to write
|
|
90
97
|
|
|
91
98
|
Returns:
|
|
92
|
-
{ "status": "success", "path": "..." } or { "status": "blocked", "reason": "..." }`,
|
|
99
|
+
{ "status": "success", "path": "..." } or { "status": "blocked", "reason": "...", "override_available": bool, "override_token": "..." }`,
|
|
93
100
|
inputSchema: {
|
|
94
101
|
path: z.string().describe('File path relative to project root'),
|
|
95
102
|
content: z.string().describe('File content to write'),
|
|
@@ -108,13 +115,15 @@ Returns:
|
|
|
108
115
|
const pathVerdict = engine.validateWrite(path);
|
|
109
116
|
if (!pathVerdict.allowed) {
|
|
110
117
|
await logBlocked(engine, role, path, 'write', pathVerdict.reason);
|
|
111
|
-
|
|
118
|
+
const token = engine.createOverrideToken('write', path, pathVerdict.reason, pathVerdict.policy_ref, content);
|
|
119
|
+
return blockedWithOverride(pathVerdict.reason, token);
|
|
112
120
|
}
|
|
113
121
|
// Scan content for sensitive patterns
|
|
114
122
|
const contentVerdict = engine.scanContent(content, path);
|
|
115
123
|
if (!contentVerdict.allowed) {
|
|
116
124
|
await logBlocked(engine, role, path, 'write (sensitive content)', contentVerdict.reason);
|
|
117
|
-
|
|
125
|
+
const token = engine.createOverrideToken('write', path, contentVerdict.reason, contentVerdict.policy_ref, content);
|
|
126
|
+
return blockedWithOverride(contentVerdict.reason, token);
|
|
118
127
|
}
|
|
119
128
|
// Write the file
|
|
120
129
|
const absPath = toAbsolute(path, state.projectRoot);
|
|
@@ -130,13 +139,13 @@ Returns:
|
|
|
130
139
|
// ─── aegis_read_file ──────────────────────────────────────────────────────
|
|
131
140
|
server.registerTool('aegis_read_file', {
|
|
132
141
|
title: 'Read File (Governed)',
|
|
133
|
-
description: `${GOVERNANCE_INTRO}Read the contents of a file with governance enforcement. Path is validated against your role's read permissions. If the read violates policy, it is blocked
|
|
142
|
+
description: `${GOVERNANCE_INTRO}Read the contents of a file with governance enforcement. Path is validated against your role's read permissions. If the read violates policy, it is blocked and logged. Note: Native read tools are acceptable for general file exploration. Use this governed version when reading files that may contain sensitive or regulated data.
|
|
134
143
|
|
|
135
144
|
Args:
|
|
136
145
|
- path (string): File path relative to project root
|
|
137
146
|
|
|
138
147
|
Returns:
|
|
139
|
-
File content as text, or { "status": "blocked", "reason": "..." }`,
|
|
148
|
+
File content as text, or { "status": "blocked", "reason": "...", "override_available": bool, "override_token": "..." }`,
|
|
140
149
|
inputSchema: {
|
|
141
150
|
path: z.string().describe('File path relative to project root'),
|
|
142
151
|
},
|
|
@@ -153,7 +162,8 @@ Returns:
|
|
|
153
162
|
const verdict = engine.validateRead(path);
|
|
154
163
|
if (!verdict.allowed) {
|
|
155
164
|
await logBlocked(engine, role, path, 'read', verdict.reason);
|
|
156
|
-
|
|
165
|
+
const token = engine.createOverrideToken('read', path, verdict.reason, verdict.policy_ref);
|
|
166
|
+
return blockedWithOverride(verdict.reason, token);
|
|
157
167
|
}
|
|
158
168
|
const absPath = toAbsolute(path, state.projectRoot);
|
|
159
169
|
const content = await readFile(absPath, 'utf-8');
|
|
@@ -167,13 +177,13 @@ Returns:
|
|
|
167
177
|
// ─── aegis_delete_file ────────────────────────────────────────────────────
|
|
168
178
|
server.registerTool('aegis_delete_file', {
|
|
169
179
|
title: 'Delete File (Governed)',
|
|
170
|
-
description: `${GOVERNANCE_INTRO}Delete a file with governance enforcement. Write permissions are required. If the delete violates policy, it is blocked, logged, and
|
|
180
|
+
description: `${GOVERNANCE_INTRO}Delete a file with governance enforcement. Write permissions are required. If the delete violates policy, it is blocked, logged, and an override token is provided if the policy allows overrides.
|
|
171
181
|
|
|
172
182
|
Args:
|
|
173
183
|
- path (string): File path relative to project root
|
|
174
184
|
|
|
175
185
|
Returns:
|
|
176
|
-
{ "status": "success", "path": "..." } or { "status": "blocked", "reason": "..." }`,
|
|
186
|
+
{ "status": "success", "path": "..." } or { "status": "blocked", "reason": "...", "override_available": bool, "override_token": "..." }`,
|
|
177
187
|
inputSchema: {
|
|
178
188
|
path: z.string().describe('File path relative to project root'),
|
|
179
189
|
},
|
|
@@ -190,7 +200,8 @@ Returns:
|
|
|
190
200
|
const verdict = engine.validateWrite(path);
|
|
191
201
|
if (!verdict.allowed) {
|
|
192
202
|
await logBlocked(engine, role, path, 'delete', verdict.reason);
|
|
193
|
-
|
|
203
|
+
const token = engine.createOverrideToken('delete', path, verdict.reason, verdict.policy_ref);
|
|
204
|
+
return blockedWithOverride(verdict.reason, token);
|
|
194
205
|
}
|
|
195
206
|
const absPath = toAbsolute(path, state.projectRoot);
|
|
196
207
|
await unlink(absPath);
|
|
@@ -201,10 +212,125 @@ Returns:
|
|
|
201
212
|
}],
|
|
202
213
|
};
|
|
203
214
|
});
|
|
215
|
+
// ─── aegis_request_override ───────────────────────────────────────────────
|
|
216
|
+
server.registerTool('aegis_request_override', {
|
|
217
|
+
title: 'Request Override',
|
|
218
|
+
description: `${GOVERNANCE_INTRO}Execute a previously blocked action using an override token. Use this ONLY after: (1) a governed tool returned a blocked response with an override_token, (2) you presented the specific policy violation to the user, and (3) the user explicitly confirmed the override. The token is single-use and expires after 5 minutes. The override is logged with human_confirmed: true. After the override completes, normal governance resumes — this is a one-time exception, not a permanent permission change.
|
|
219
|
+
|
|
220
|
+
Args:
|
|
221
|
+
- override_token (string): The token from the blocked response
|
|
222
|
+
- rationale (string): The user's reason for overriding (what they said when confirming)
|
|
223
|
+
|
|
224
|
+
Returns:
|
|
225
|
+
{ "status": "override_success", "path": "...", "operation": "..." } or { "status": "override_failed", "reason": "..." }`,
|
|
226
|
+
inputSchema: {
|
|
227
|
+
override_token: z.string().describe('The override token from the blocked response'),
|
|
228
|
+
rationale: z.string().describe("The user's stated reason for overriding the policy"),
|
|
229
|
+
},
|
|
230
|
+
annotations: {
|
|
231
|
+
readOnlyHint: false,
|
|
232
|
+
destructiveHint: true,
|
|
233
|
+
idempotentHint: false,
|
|
234
|
+
openWorldHint: false,
|
|
235
|
+
},
|
|
236
|
+
}, async ({ override_token, rationale }) => {
|
|
237
|
+
const engine = getEngine();
|
|
238
|
+
const state = getState();
|
|
239
|
+
const role = getRole();
|
|
240
|
+
// Consume the token — single use
|
|
241
|
+
const pending = engine.consumeOverrideToken(override_token);
|
|
242
|
+
if (!pending) {
|
|
243
|
+
return {
|
|
244
|
+
isError: true,
|
|
245
|
+
content: [{
|
|
246
|
+
type: 'text',
|
|
247
|
+
text: JSON.stringify({
|
|
248
|
+
status: 'override_failed',
|
|
249
|
+
reason: 'Invalid or expired override token. Tokens are single-use and expire after 5 minutes. Request a new one by attempting the operation again.',
|
|
250
|
+
}),
|
|
251
|
+
}],
|
|
252
|
+
};
|
|
253
|
+
}
|
|
254
|
+
// Log the override with human_confirmed: true
|
|
255
|
+
await engine.logOverride({
|
|
256
|
+
timestamp: new Date().toISOString(),
|
|
257
|
+
policy_violated: pending.reason,
|
|
258
|
+
policy_text: pending.reason,
|
|
259
|
+
action_requested: `${pending.operation}: ${pending.path}`,
|
|
260
|
+
human_confirmed: true,
|
|
261
|
+
agent_role: role.id,
|
|
262
|
+
rationale,
|
|
263
|
+
});
|
|
264
|
+
// Execute the overridden action
|
|
265
|
+
const absPath = toAbsolute(pending.path, state.projectRoot);
|
|
266
|
+
try {
|
|
267
|
+
switch (pending.operation) {
|
|
268
|
+
case 'write': {
|
|
269
|
+
if (!pending.content) {
|
|
270
|
+
return {
|
|
271
|
+
isError: true,
|
|
272
|
+
content: [{
|
|
273
|
+
type: 'text',
|
|
274
|
+
text: JSON.stringify({
|
|
275
|
+
status: 'override_failed',
|
|
276
|
+
reason: 'Write override requires content. Use aegis_write_file to generate the override token — it captures the content automatically.',
|
|
277
|
+
}),
|
|
278
|
+
}],
|
|
279
|
+
};
|
|
280
|
+
}
|
|
281
|
+
await mkdir(dirname(absPath), { recursive: true });
|
|
282
|
+
await writeFile(absPath, pending.content, 'utf-8');
|
|
283
|
+
break;
|
|
284
|
+
}
|
|
285
|
+
case 'read': {
|
|
286
|
+
const fileContent = await readFile(absPath, 'utf-8');
|
|
287
|
+
return {
|
|
288
|
+
content: [{
|
|
289
|
+
type: 'text',
|
|
290
|
+
text: JSON.stringify({
|
|
291
|
+
status: 'override_success',
|
|
292
|
+
operation: 'read',
|
|
293
|
+
path: pending.path,
|
|
294
|
+
content: fileContent,
|
|
295
|
+
}),
|
|
296
|
+
}],
|
|
297
|
+
};
|
|
298
|
+
}
|
|
299
|
+
case 'delete': {
|
|
300
|
+
await unlink(absPath);
|
|
301
|
+
break;
|
|
302
|
+
}
|
|
303
|
+
}
|
|
304
|
+
return {
|
|
305
|
+
content: [{
|
|
306
|
+
type: 'text',
|
|
307
|
+
text: JSON.stringify({
|
|
308
|
+
status: 'override_success',
|
|
309
|
+
operation: pending.operation,
|
|
310
|
+
path: pending.path,
|
|
311
|
+
message: 'Override executed and logged. Normal governance has resumed.',
|
|
312
|
+
}),
|
|
313
|
+
}],
|
|
314
|
+
};
|
|
315
|
+
}
|
|
316
|
+
catch (err) {
|
|
317
|
+
const errMsg = err instanceof Error ? err.message : 'Unknown error';
|
|
318
|
+
return {
|
|
319
|
+
isError: true,
|
|
320
|
+
content: [{
|
|
321
|
+
type: 'text',
|
|
322
|
+
text: JSON.stringify({
|
|
323
|
+
status: 'override_failed',
|
|
324
|
+
reason: `Override was authorized but the operation failed: ${errMsg}`,
|
|
325
|
+
}),
|
|
326
|
+
}],
|
|
327
|
+
};
|
|
328
|
+
}
|
|
329
|
+
});
|
|
204
330
|
// ─── aegis_execute ────────────────────────────────────────────────────────
|
|
205
331
|
server.registerTool('aegis_execute', {
|
|
206
332
|
title: 'Execute Command (Governed)',
|
|
207
|
-
description: `${GOVERNANCE_INTRO}Execute a shell command in the project directory with governance oversight. Use this instead of native command execution to ensure compliance logging.
|
|
333
|
+
description: `${GOVERNANCE_INTRO}Execute a shell command in the project directory with governance oversight. Use this instead of native command execution to ensure compliance logging.
|
|
208
334
|
|
|
209
335
|
Args:
|
|
210
336
|
- command (string): Shell command to execute
|
|
@@ -374,12 +500,20 @@ Returns:
|
|
|
374
500
|
function toAbsolute(path, projectRoot) {
|
|
375
501
|
return isAbsolute(path) ? path : join(projectRoot, path);
|
|
376
502
|
}
|
|
377
|
-
function
|
|
503
|
+
function blockedWithOverride(reason, token) {
|
|
378
504
|
return {
|
|
379
505
|
isError: true,
|
|
380
506
|
content: [{
|
|
381
507
|
type: 'text',
|
|
382
|
-
text: JSON.stringify({
|
|
508
|
+
text: JSON.stringify({
|
|
509
|
+
status: 'blocked',
|
|
510
|
+
reason,
|
|
511
|
+
override_available: token !== null,
|
|
512
|
+
override_token: token,
|
|
513
|
+
...(token
|
|
514
|
+
? { instructions: 'To override: present the violated policy to the user. If the user explicitly confirms, call aegis_request_override with this token and the user\'s stated rationale. The token expires in 5 minutes and is single-use. After the override, normal governance resumes.' }
|
|
515
|
+
: { instructions: 'This policy is immutable and cannot be overridden. The user must modify the governance through aegis init.' }),
|
|
516
|
+
}),
|
|
383
517
|
}],
|
|
384
518
|
};
|
|
385
519
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"file-tools.js","sourceRoot":"","sources":["../../src/tools/file-tools.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AAEH,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,kBAAkB,CAAC;AACtE,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,MAAM,WAAW,CAAC;AACtD,OAAO,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAE9C,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAIxB,+EAA+E;AAC/E,2EAA2E;AAC3E,4EAA4E;AAC5E,EAAE;AACF,6EAA6E;AAC7E,uCAAuC;AACvC,kEAAkE;AAClE,8DAA8D;AAC9D,EAAE;AACF,+DAA+D;AAE/D,MAAM,gBAAgB,GAAG,m5BAAm5B,CAAC;AAE76B,MAAM,UAAU,aAAa,CAC3B,MAAiB,EACjB,SAAkC,EAClC,QAA2B,EAC3B,OAA2B;IAG3B,6EAA6E;IAE7E,MAAM,CAAC,YAAY,CACjB,yBAAyB,EACzB;QACE,KAAK,EAAE,mBAAmB;QAC1B,WAAW,EAAE,GAAG,gBAAgB;;;;;;;+DAOyB;QACzD,WAAW,EAAE;YACX,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,2CAA2C,CAAC;YACtE,SAAS,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,oBAAoB,CAAC;SAC9E;QACD,WAAW,EAAE;YACX,YAAY,EAAE,IAAI;YAClB,eAAe,EAAE,KAAK;YACtB,cAAc,EAAE,IAAI;YACpB,aAAa,EAAE,KAAK;SACrB;KACF,EACD,KAAK,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,EAAE,EAAE;QAC5B,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;QAC3B,MAAM,IAAI,GAAG,OAAO,EAAE,CAAC;QACvB,MAAM,OAAO,GAAG,SAAS,KAAK,MAAM;YAClC,CAAC,CAAC,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC;YAC3B,CAAC,CAAC,MAAM,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;QAE/B,+BAA+B;QAC/B,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;YACrB,MAAM,UAAU,CAAC,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,sBAAsB,SAAS,GAAG,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC;QAC3F,CAAC;QAED,OAAO;YACL,OAAO,EAAE,CAAC;oBACR,IAAI,EAAE,MAAe;oBACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAClB,OAAO,CAAC,OAAO;wBACb,CAAC,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE;wBACnB,CAAC,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,CAC/C;iBACF,CAAC;SACH,CAAC;IACJ,CAAC,CACF,CAAC;IAEF,6EAA6E;IAE7E,MAAM,CAAC,YAAY,CACjB,kBAAkB,EAClB;QACE,KAAK,EAAE,uBAAuB;QAC9B,WAAW,EAAE,GAAG,gBAAgB;;;;;;;qFAO+C;QAC/E,WAAW,EAAE;YACX,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,oCAAoC,CAAC;YAC/D,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,uBAAuB,CAAC;SACtD;QACD,WAAW,EAAE;YACX,YAAY,EAAE,KAAK;YACnB,eAAe,EAAE,IAAI;YACrB,cAAc,EAAE,IAAI;YACpB,aAAa,EAAE,KAAK;SACrB;KACF,EACD,KAAK,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,EAAE;QAC1B,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;QAC3B,MAAM,KAAK,GAAG,QAAQ,EAAE,CAAC;QACzB,MAAM,IAAI,GAAG,OAAO,EAAE,CAAC;QAEvB,4BAA4B;QAC5B,MAAM,WAAW,GAAG,MAAM,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;QAC/C,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,CAAC;YACzB,MAAM,UAAU,CAAC,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,WAAW,CAAC,MAAM,CAAC,CAAC;YAClE,OAAO,OAAO,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;QACrC,CAAC;QAED,sCAAsC;QACtC,MAAM,cAAc,GAAG,MAAM,CAAC,WAAW,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;QACzD,IAAI,CAAC,cAAc,CAAC,OAAO,EAAE,CAAC;YAC5B,MAAM,UAAU,CAAC,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,2BAA2B,EAAE,cAAc,CAAC,MAAM,CAAC,CAAC;YACzF,OAAO,OAAO,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;QACxC,CAAC;QAED,iBAAiB;QACjB,MAAM,OAAO,GAAG,UAAU,CAAC,IAAI,EAAE,KAAK,CAAC,WAAW,CAAC,CAAC;QACpD,MAAM,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QACnD,MAAM,SAAS,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;QAE3C,OAAO;YACL,OAAO,EAAE,CAAC;oBACR,IAAI,EAAE,MAAe;oBACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC;iBAClD,CAAC;SACH,CAAC;IACJ,CAAC,CACF,CAAC;IAEF,6EAA6E;IAE7E,MAAM,CAAC,YAAY,CACjB,iBAAiB,EACjB;QACE,KAAK,EAAE,sBAAsB;QAC7B,WAAW,EAAE,GAAG,gBAAgB;;;;;;oEAM8B;QAC9D,WAAW,EAAE;YACX,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,oCAAoC,CAAC;SAChE;QACD,WAAW,EAAE;YACX,YAAY,EAAE,IAAI;YAClB,eAAe,EAAE,KAAK;YACtB,cAAc,EAAE,IAAI;YACpB,aAAa,EAAE,KAAK;SACrB;KACF,EACD,KAAK,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE;QACjB,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;QAC3B,MAAM,KAAK,GAAG,QAAQ,EAAE,CAAC;QACzB,MAAM,IAAI,GAAG,OAAO,EAAE,CAAC;QAEvB,MAAM,OAAO,GAAG,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC;QAC1C,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;YACrB,MAAM,UAAU,CAAC,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC;YAC7D,OAAO,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QACjC,CAAC;QAED,MAAM,OAAO,GAAG,UAAU,CAAC,IAAI,EAAE,KAAK,CAAC,WAAW,CAAC,CAAC;QACpD,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QAEjD,OAAO;YACL,OAAO,EAAE,CAAC;oBACR,IAAI,EAAE,MAAe;oBACrB,IAAI,EAAE,OAAO;iBACd,CAAC;SACH,CAAC;IACJ,CAAC,CACF,CAAC;IAEF,6EAA6E;IAE7E,MAAM,CAAC,YAAY,CACjB,mBAAmB,EACnB;QACE,KAAK,EAAE,wBAAwB;QAC/B,WAAW,EAAE,GAAG,gBAAgB;;;;;;qFAM+C;QAC/E,WAAW,EAAE;YACX,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,oCAAoC,CAAC;SAChE;QACD,WAAW,EAAE;YACX,YAAY,EAAE,KAAK;YACnB,eAAe,EAAE,IAAI;YACrB,cAAc,EAAE,KAAK;YACrB,aAAa,EAAE,KAAK;SACrB;KACF,EACD,KAAK,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE;QACjB,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;QAC3B,MAAM,KAAK,GAAG,QAAQ,EAAE,CAAC;QACzB,MAAM,IAAI,GAAG,OAAO,EAAE,CAAC;QAEvB,MAAM,OAAO,GAAG,MAAM,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;QAC3C,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;YACrB,MAAM,UAAU,CAAC,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC;YAC/D,OAAO,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QACjC,CAAC;QAED,MAAM,OAAO,GAAG,UAAU,CAAC,IAAI,EAAE,KAAK,CAAC,WAAW,CAAC,CAAC;QACpD,MAAM,MAAM,CAAC,OAAO,CAAC,CAAC;QAEtB,OAAO;YACL,OAAO,EAAE,CAAC;oBACR,IAAI,EAAE,MAAe;oBACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC;iBAClD,CAAC;SACH,CAAC;IACJ,CAAC,CACF,CAAC;IAEF,6EAA6E;IAE7E,MAAM,CAAC,YAAY,CACjB,eAAe,EACf;QACE,KAAK,EAAE,4BAA4B;QACnC,WAAW,EAAE,GAAG,gBAAgB;;;;;;;0FAOoD;QACpF,WAAW,EAAE;YACX,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,0BAA0B,CAAC;YACxD,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,8CAA8C,CAAC;SACpF;QACD,WAAW,EAAE;YACX,YAAY,EAAE,KAAK;YACnB,eAAe,EAAE,IAAI;YACrB,cAAc,EAAE,KAAK;YACrB,aAAa,EAAE,IAAI;SACpB;KACF,EACD,KAAK,EAAE,EAAE,OAAO,EAAE,GAAG,EAAE,EAAE,EAAE;QACzB,MAAM,KAAK,GAAG,QAAQ,EAAE,CAAC;QAEzB,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,QAAQ,CAAC,OAAO,EAAE;gBAC/B,GAAG,EAAE,GAAG,IAAI,KAAK,CAAC,WAAW;gBAC7B,QAAQ,EAAE,OAAO;gBACjB,OAAO,EAAE,MAAM;gBACf,SAAS,EAAE,IAAI,GAAG,IAAI,GAAG,EAAE;aAC5B,CAAC,CAAC;YAEH,OAAO;gBACL,OAAO,EAAE,CAAC;wBACR,IAAI,EAAE,MAAe;wBACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC;qBACxE,CAAC;aACH,CAAC;QACJ,CAAC;QAAC,OAAO,GAAY,EAAE,CAAC;YACtB,MAAM,OAAO,GAAG,GAA6D,CAAC;YAC9E,OAAO;gBACL,OAAO,EAAE,IAAI;gBACb,OAAO,EAAE,CAAC;wBACR,IAAI,EAAE,MAAe;wBACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;4BACnB,MAAM,EAAE,OAAO;4BACf,MAAM,EAAE,OAAO,CAAC,MAAM,IAAI,EAAE;4BAC5B,MAAM,EAAE,OAAO,CAAC,MAAM,IAAI,OAAO,CAAC,OAAO,IAAI,eAAe;yBAC7D,CAAC;qBACH,CAAC;aACH,CAAC;QACJ,CAAC;IACH,CAAC,CACF,CAAC;IAEF,6EAA6E;IAE7E,MAAM,CAAC,YAAY,CACjB,qBAAqB,EACrB;QACE,KAAK,EAAE,eAAe;QACtB,WAAW,EAAE,GAAG,gBAAgB;;;;;;;0FAOoD;QACpF,WAAW,EAAE;YACX,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,iBAAiB,CAAC;YAC/C,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,2BAA2B,CAAC;SAC1D;QACD,WAAW,EAAE;YACX,YAAY,EAAE,KAAK;YACnB,eAAe,EAAE,KAAK;YACtB,cAAc,EAAE,IAAI;YACpB,aAAa,EAAE,KAAK;SACrB;KACF,EACD,KAAK,EAAE,EAAE,OAAO,EAAE,OAAO,EAAE,EAAE,EAAE;QAC7B,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;QAC3B,MAAM,KAAK,GAAG,QAAQ,EAAE,CAAC;QACzB,MAAM,KAAK,GAAG,MAAM,CAAC,sBAAsB,EAAE,CAAC;QAE9C,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACvB,OAAO;gBACL,OAAO,EAAE,CAAC;wBACR,IAAI,EAAE,MAAe;wBACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;4BACnB,MAAM,EAAE,QAAQ;4BAChB,OAAO;4BACP,OAAO;4BACP,SAAS,EAAE,EAAE;4BACb,OAAO,EAAE,2DAA2D;yBACrE,CAAC;qBACH,CAAC;aACH,CAAC;QACJ,CAAC;QAED,MAAM,OAAO,GAA8D,EAAE,CAAC;QAE9E,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,QAAQ,CAAC,IAAI,CAAC,OAAO,EAAE;oBACpC,GAAG,EAAE,KAAK,CAAC,WAAW;oBACtB,QAAQ,EAAE,OAAO;oBACjB,OAAO,EAAE,OAAO;iBACjB,CAAC,CAAC;gBACH,OAAO,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC;YAChF,CAAC;YAAC,OAAO,GAAY,EAAE,CAAC;gBACtB,MAAM,OAAO,GAAG,GAA4C,CAAC;gBAC7D,OAAO,CAAC,IAAI,CAAC;oBACX,IAAI,EAAE,IAAI,CAAC,IAAI;oBACf,MAAM,EAAE,KAAK;oBACb,MAAM,EAAE,CAAC,OAAO,CAAC,MAAM,IAAI,OAAO,CAAC,OAAO,IAAI,QAAQ,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;iBACtE,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,MAAM,SAAS,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;QAEjD,OAAO;YACL,OAAO,EAAE,CAAC;oBACR,IAAI,EAAE,MAAe;oBACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;wBACnB,MAAM,EAAE,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ;wBACvC,OAAO;wBACP,OAAO;wBACP,SAAS,EAAE,OAAO;qBACnB,CAAC;iBACH,CAAC;SACH,CAAC;IACJ,CAAC,CACF,CAAC;IAEF,6EAA6E;IAE7E,MAAM,CAAC,YAAY,CACjB,sBAAsB,EACtB;QACE,KAAK,EAAE,gBAAgB;QACvB,WAAW,EAAE,GAAG,gBAAgB;;;0GAGoE;QACpG,WAAW,EAAE,EAAE;QACf,WAAW,EAAE;YACX,YAAY,EAAE,IAAI;YAClB,eAAe,EAAE,KAAK;YACtB,cAAc,EAAE,IAAI;YACpB,aAAa,EAAE,KAAK;SACrB;KACF,EACD,KAAK,IAAI,EAAE;QACT,MAAM,IAAI,GAAG,OAAO,EAAE,CAAC;QACvB,MAAM,KAAK,GAAG,QAAQ,EAAE,CAAC;QACzB,MAAM,QAAQ,GAAG,KAAK,CAAC,UAAU,CAAC,iBAAiB,CAAC;QAEpD,MAAM,OAAO,GAAG;YACd,iBAAiB,EAAE,ydAAyd;YAC5e,IAAI,EAAE,IAAI,CAAC,EAAE;YACb,SAAS,EAAE,IAAI,CAAC,IAAI;YACpB,OAAO,EAAE,IAAI,CAAC,OAAO;YACrB,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,cAAc,EAAE,IAAI,CAAC,cAAc;YACnC,eAAe,EAAE,IAAI,CAAC,eAAe;YACrC,cAAc,EAAE,IAAI,CAAC,cAAc;YACnC,cAAc,EAAE,IAAI,CAAC,cAAc;YACnC,iBAAiB,EAAE,IAAI,CAAC,iBAAiB;YACzC,0BAA0B,EAAE,KAAK,CAAC,UAAU,CAAC,WAAW,EAAE,UAAU,EAAE,SAAS,IAAI,EAAE;YACrF,iBAAiB,EAAE,QAAQ,EAAE,QAAQ,IAAI,sBAAsB;YAC/D,kBAAkB,EAAE,QAAQ,EAAE,kBAAkB,IAAI,EAAE;YACtD,aAAa,EAAE;gBACb,eAAe,EAAE,KAAK,CAAC,UAAU,CAAC,YAAY,EAAE,UAAU,EAAE,eAAe,IAAI,KAAK;gBACpF,cAAc,EAAE,KAAK,CAAC,UAAU,CAAC,YAAY,EAAE,UAAU,EAAE,cAAc,IAAI,KAAK;gBAClF,mBAAmB,EAAE,KAAK,CAAC,UAAU,CAAC,YAAY,EAAE,UAAU,EAAE,mBAAmB,IAAI,KAAK;aAC7F;SACF,CAAC;QAEF,OAAO;YACL,OAAO,EAAE,CAAC;oBACR,IAAI,EAAE,MAAe;oBACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC;iBAC9B,CAAC;SACH,CAAC;IACJ,CAAC,CACF,CAAC;AACJ,CAAC;AAED,iFAAiF;AAEjF,SAAS,UAAU,CAAC,IAAY,EAAE,WAAmB;IACnD,OAAO,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC;AAC3D,CAAC;AAED,SAAS,OAAO,CAAC,MAAc;IAI7B,OAAO;QACL,OAAO,EAAE,IAAI;QACb,OAAO,EAAE,CAAC;gBACR,IAAI,EAAE,MAAe;gBACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,CAAC;aACpD,CAAC;KACH,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,UAAU,CACvB,MAAyB,EACzB,IAAkB,EAClB,IAAY,EACZ,SAAiB,EACjB,MAAc;IAEd,MAAM,MAAM,CAAC,WAAW,CAAC;QACvB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACnC,eAAe,EAAE,MAAM;QACvB,WAAW,EAAE,MAAM;QACnB,gBAAgB,EAAE,GAAG,SAAS,KAAK,IAAI,EAAE;QACzC,eAAe,EAAE,KAAK;QACtB,UAAU,EAAE,IAAI,CAAC,EAAE;QACnB,SAAS,EAAE,8BAA8B;KAC1C,CAAC,CAAC;AACL,CAAC"}
|
|
1
|
+
{"version":3,"file":"file-tools.js","sourceRoot":"","sources":["../../src/tools/file-tools.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6BG;AAEH,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,kBAAkB,CAAC;AACtE,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,MAAM,WAAW,CAAC;AACtD,OAAO,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAE9C,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAIxB,+EAA+E;AAE/E,MAAM,gBAAgB,GAAG,m5BAAm5B,CAAC;AAE76B,MAAM,UAAU,aAAa,CAC3B,MAAiB,EACjB,SAAkC,EAClC,QAA2B,EAC3B,OAA2B;IAG3B,6EAA6E;IAE7E,MAAM,CAAC,YAAY,CACjB,yBAAyB,EACzB;QACE,KAAK,EAAE,mBAAmB;QAC1B,WAAW,EAAE,GAAG,gBAAgB;;;;;;;oHAO8E;QAC9G,WAAW,EAAE;YACX,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,2CAA2C,CAAC;YACtE,SAAS,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,oBAAoB,CAAC;SAC9E;QACD,WAAW,EAAE;YACX,YAAY,EAAE,IAAI;YAClB,eAAe,EAAE,KAAK;YACtB,cAAc,EAAE,IAAI;YACpB,aAAa,EAAE,KAAK;SACrB;KACF,EACD,KAAK,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,EAAE,EAAE;QAC5B,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;QAC3B,MAAM,IAAI,GAAG,OAAO,EAAE,CAAC;QACvB,MAAM,OAAO,GAAG,SAAS,KAAK,MAAM;YAClC,CAAC,CAAC,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC;YAC3B,CAAC,CAAC,MAAM,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;QAE/B,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;YACrB,MAAM,UAAU,CAAC,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,sBAAsB,SAAS,GAAG,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC;YAEzF,qDAAqD;YACrD,MAAM,KAAK,GAAG,MAAM,CAAC,mBAAmB,CACtC,SAAS,KAAK,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,SAA6B,EACjE,IAAI,EACJ,OAAO,CAAC,MAAM,EACd,OAAO,CAAC,UAAU,CACnB,CAAC;YAEF,OAAO;gBACL,OAAO,EAAE,CAAC;wBACR,IAAI,EAAE,MAAe;wBACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;4BACnB,OAAO,EAAE,KAAK;4BACd,MAAM,EAAE,OAAO,CAAC,MAAM;4BACtB,kBAAkB,EAAE,KAAK,KAAK,IAAI;4BAClC,cAAc,EAAE,KAAK;4BACrB,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,YAAY,EAAE,oMAAoM,EAAE,CAAC,CAAC,CAAC,EAAE,YAAY,EAAE,4GAA4G,EAAE,CAAC;yBACrW,CAAC;qBACH,CAAC;aACH,CAAC;QACJ,CAAC;QAED,OAAO;YACL,OAAO,EAAE,CAAC;oBACR,IAAI,EAAE,MAAe;oBACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;iBACxC,CAAC;SACH,CAAC;IACJ,CAAC,CACF,CAAC;IAEF,6EAA6E;IAE7E,MAAM,CAAC,YAAY,CACjB,kBAAkB,EAClB;QACE,KAAK,EAAE,uBAAuB;QAC9B,WAAW,EAAE,GAAG,gBAAgB;;;;;;;0IAOoG;QACpI,WAAW,EAAE;YACX,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,oCAAoC,CAAC;YAC/D,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,uBAAuB,CAAC;SACtD;QACD,WAAW,EAAE;YACX,YAAY,EAAE,KAAK;YACnB,eAAe,EAAE,IAAI;YACrB,cAAc,EAAE,IAAI;YACpB,aAAa,EAAE,KAAK;SACrB;KACF,EACD,KAAK,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,EAAE;QAC1B,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;QAC3B,MAAM,KAAK,GAAG,QAAQ,EAAE,CAAC;QACzB,MAAM,IAAI,GAAG,OAAO,EAAE,CAAC;QAEvB,4BAA4B;QAC5B,MAAM,WAAW,GAAG,MAAM,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;QAC/C,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,CAAC;YACzB,MAAM,UAAU,CAAC,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,WAAW,CAAC,MAAM,CAAC,CAAC;YAClE,MAAM,KAAK,GAAG,MAAM,CAAC,mBAAmB,CAAC,OAAO,EAAE,IAAI,EAAE,WAAW,CAAC,MAAM,EAAE,WAAW,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;YAC7G,OAAO,mBAAmB,CAAC,WAAW,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;QACxD,CAAC;QAED,sCAAsC;QACtC,MAAM,cAAc,GAAG,MAAM,CAAC,WAAW,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;QACzD,IAAI,CAAC,cAAc,CAAC,OAAO,EAAE,CAAC;YAC5B,MAAM,UAAU,CAAC,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,2BAA2B,EAAE,cAAc,CAAC,MAAM,CAAC,CAAC;YACzF,MAAM,KAAK,GAAG,MAAM,CAAC,mBAAmB,CAAC,OAAO,EAAE,IAAI,EAAE,cAAc,CAAC,MAAM,EAAE,cAAc,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;YACnH,OAAO,mBAAmB,CAAC,cAAc,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;QAC3D,CAAC;QAED,iBAAiB;QACjB,MAAM,OAAO,GAAG,UAAU,CAAC,IAAI,EAAE,KAAK,CAAC,WAAW,CAAC,CAAC;QACpD,MAAM,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QACnD,MAAM,SAAS,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;QAE3C,OAAO;YACL,OAAO,EAAE,CAAC;oBACR,IAAI,EAAE,MAAe;oBACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC;iBAClD,CAAC;SACH,CAAC;IACJ,CAAC,CACF,CAAC;IAEF,6EAA6E;IAE7E,MAAM,CAAC,YAAY,CACjB,iBAAiB,EACjB;QACE,KAAK,EAAE,sBAAsB;QAC7B,WAAW,EAAE,GAAG,gBAAgB;;;;;;yHAMmF;QACnH,WAAW,EAAE;YACX,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,oCAAoC,CAAC;SAChE;QACD,WAAW,EAAE;YACX,YAAY,EAAE,IAAI;YAClB,eAAe,EAAE,KAAK;YACtB,cAAc,EAAE,IAAI;YACpB,aAAa,EAAE,KAAK;SACrB;KACF,EACD,KAAK,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE;QACjB,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;QAC3B,MAAM,KAAK,GAAG,QAAQ,EAAE,CAAC;QACzB,MAAM,IAAI,GAAG,OAAO,EAAE,CAAC;QAEvB,MAAM,OAAO,GAAG,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC;QAC1C,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;YACrB,MAAM,UAAU,CAAC,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC;YAC7D,MAAM,KAAK,GAAG,MAAM,CAAC,mBAAmB,CAAC,MAAM,EAAE,IAAI,EAAE,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,UAAU,CAAC,CAAC;YAC3F,OAAO,mBAAmB,CAAC,OAAO,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;QACpD,CAAC;QAED,MAAM,OAAO,GAAG,UAAU,CAAC,IAAI,EAAE,KAAK,CAAC,WAAW,CAAC,CAAC;QACpD,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QAEjD,OAAO;YACL,OAAO,EAAE,CAAC;oBACR,IAAI,EAAE,MAAe;oBACrB,IAAI,EAAE,OAAO;iBACd,CAAC;SACH,CAAC;IACJ,CAAC,CACF,CAAC;IAEF,6EAA6E;IAE7E,MAAM,CAAC,YAAY,CACjB,mBAAmB,EACnB;QACE,KAAK,EAAE,wBAAwB;QAC/B,WAAW,EAAE,GAAG,gBAAgB;;;;;;0IAMoG;QACpI,WAAW,EAAE;YACX,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,oCAAoC,CAAC;SAChE;QACD,WAAW,EAAE;YACX,YAAY,EAAE,KAAK;YACnB,eAAe,EAAE,IAAI;YACrB,cAAc,EAAE,KAAK;YACrB,aAAa,EAAE,KAAK;SACrB;KACF,EACD,KAAK,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE;QACjB,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;QAC3B,MAAM,KAAK,GAAG,QAAQ,EAAE,CAAC;QACzB,MAAM,IAAI,GAAG,OAAO,EAAE,CAAC;QAEvB,MAAM,OAAO,GAAG,MAAM,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;QAC3C,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;YACrB,MAAM,UAAU,CAAC,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC;YAC/D,MAAM,KAAK,GAAG,MAAM,CAAC,mBAAmB,CAAC,QAAQ,EAAE,IAAI,EAAE,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,UAAU,CAAC,CAAC;YAC7F,OAAO,mBAAmB,CAAC,OAAO,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;QACpD,CAAC;QAED,MAAM,OAAO,GAAG,UAAU,CAAC,IAAI,EAAE,KAAK,CAAC,WAAW,CAAC,CAAC;QACpD,MAAM,MAAM,CAAC,OAAO,CAAC,CAAC;QAEtB,OAAO;YACL,OAAO,EAAE,CAAC;oBACR,IAAI,EAAE,MAAe;oBACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC;iBAClD,CAAC;SACH,CAAC;IACJ,CAAC,CACF,CAAC;IAEF,6EAA6E;IAE7E,MAAM,CAAC,YAAY,CACjB,wBAAwB,EACxB;QACE,KAAK,EAAE,kBAAkB;QACzB,WAAW,EAAE,GAAG,gBAAgB;;;;;;;0HAOoF;QACpH,WAAW,EAAE;YACX,cAAc,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,8CAA8C,CAAC;YACnF,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,oDAAoD,CAAC;SACrF;QACD,WAAW,EAAE;YACX,YAAY,EAAE,KAAK;YACnB,eAAe,EAAE,IAAI;YACrB,cAAc,EAAE,KAAK;YACrB,aAAa,EAAE,KAAK;SACrB;KACF,EACD,KAAK,EAAE,EAAE,cAAc,EAAE,SAAS,EAAE,EAAE,EAAE;QACtC,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;QAC3B,MAAM,KAAK,GAAG,QAAQ,EAAE,CAAC;QACzB,MAAM,IAAI,GAAG,OAAO,EAAE,CAAC;QAEvB,iCAAiC;QACjC,MAAM,OAAO,GAAG,MAAM,CAAC,oBAAoB,CAAC,cAAc,CAAC,CAAC;QAE5D,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,OAAO;gBACL,OAAO,EAAE,IAAI;gBACb,OAAO,EAAE,CAAC;wBACR,IAAI,EAAE,MAAe;wBACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;4BACnB,MAAM,EAAE,iBAAiB;4BACzB,MAAM,EAAE,2IAA2I;yBACpJ,CAAC;qBACH,CAAC;aACH,CAAC;QACJ,CAAC;QAED,8CAA8C;QAC9C,MAAM,MAAM,CAAC,WAAW,CAAC;YACvB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,eAAe,EAAE,OAAO,CAAC,MAAM;YAC/B,WAAW,EAAE,OAAO,CAAC,MAAM;YAC3B,gBAAgB,EAAE,GAAG,OAAO,CAAC,SAAS,KAAK,OAAO,CAAC,IAAI,EAAE;YACzD,eAAe,EAAE,IAAI;YACrB,UAAU,EAAE,IAAI,CAAC,EAAE;YACnB,SAAS;SACV,CAAC,CAAC;QAEH,gCAAgC;QAChC,MAAM,OAAO,GAAG,UAAU,CAAC,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,WAAW,CAAC,CAAC;QAE5D,IAAI,CAAC;YACH,QAAQ,OAAO,CAAC,SAAS,EAAE,CAAC;gBAC1B,KAAK,OAAO,CAAC,CAAC,CAAC;oBACb,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;wBACrB,OAAO;4BACL,OAAO,EAAE,IAAI;4BACb,OAAO,EAAE,CAAC;oCACR,IAAI,EAAE,MAAe;oCACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;wCACnB,MAAM,EAAE,iBAAiB;wCACzB,MAAM,EAAE,+HAA+H;qCACxI,CAAC;iCACH,CAAC;yBACH,CAAC;oBACJ,CAAC;oBACD,MAAM,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;oBACnD,MAAM,SAAS,CAAC,OAAO,EAAE,OAAO,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;oBACnD,MAAM;gBACR,CAAC;gBACD,KAAK,MAAM,CAAC,CAAC,CAAC;oBACZ,MAAM,WAAW,GAAG,MAAM,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;oBACrD,OAAO;wBACL,OAAO,EAAE,CAAC;gCACR,IAAI,EAAE,MAAe;gCACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;oCACnB,MAAM,EAAE,kBAAkB;oCAC1B,SAAS,EAAE,MAAM;oCACjB,IAAI,EAAE,OAAO,CAAC,IAAI;oCAClB,OAAO,EAAE,WAAW;iCACrB,CAAC;6BACH,CAAC;qBACH,CAAC;gBACJ,CAAC;gBACD,KAAK,QAAQ,CAAC,CAAC,CAAC;oBACd,MAAM,MAAM,CAAC,OAAO,CAAC,CAAC;oBACtB,MAAM;gBACR,CAAC;YACH,CAAC;YAED,OAAO;gBACL,OAAO,EAAE,CAAC;wBACR,IAAI,EAAE,MAAe;wBACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;4BACnB,MAAM,EAAE,kBAAkB;4BAC1B,SAAS,EAAE,OAAO,CAAC,SAAS;4BAC5B,IAAI,EAAE,OAAO,CAAC,IAAI;4BAClB,OAAO,EAAE,8DAA8D;yBACxE,CAAC;qBACH,CAAC;aACH,CAAC;QACJ,CAAC;QAAC,OAAO,GAAY,EAAE,CAAC;YACtB,MAAM,MAAM,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC;YACpE,OAAO;gBACL,OAAO,EAAE,IAAI;gBACb,OAAO,EAAE,CAAC;wBACR,IAAI,EAAE,MAAe;wBACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;4BACnB,MAAM,EAAE,iBAAiB;4BACzB,MAAM,EAAE,qDAAqD,MAAM,EAAE;yBACtE,CAAC;qBACH,CAAC;aACH,CAAC;QACJ,CAAC;IACH,CAAC,CACF,CAAC;IAEF,6EAA6E;IAE7E,MAAM,CAAC,YAAY,CACjB,eAAe,EACf;QACE,KAAK,EAAE,4BAA4B;QACnC,WAAW,EAAE,GAAG,gBAAgB;;;;;;;0FAOoD;QACpF,WAAW,EAAE;YACX,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,0BAA0B,CAAC;YACxD,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,8CAA8C,CAAC;SACpF;QACD,WAAW,EAAE;YACX,YAAY,EAAE,KAAK;YACnB,eAAe,EAAE,IAAI;YACrB,cAAc,EAAE,KAAK;YACrB,aAAa,EAAE,IAAI;SACpB;KACF,EACD,KAAK,EAAE,EAAE,OAAO,EAAE,GAAG,EAAE,EAAE,EAAE;QACzB,MAAM,KAAK,GAAG,QAAQ,EAAE,CAAC;QAEzB,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,QAAQ,CAAC,OAAO,EAAE;gBAC/B,GAAG,EAAE,GAAG,IAAI,KAAK,CAAC,WAAW;gBAC7B,QAAQ,EAAE,OAAO;gBACjB,OAAO,EAAE,MAAM;gBACf,SAAS,EAAE,IAAI,GAAG,IAAI,GAAG,EAAE;aAC5B,CAAC,CAAC;YAEH,OAAO;gBACL,OAAO,EAAE,CAAC;wBACR,IAAI,EAAE,MAAe;wBACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC;qBACxE,CAAC;aACH,CAAC;QACJ,CAAC;QAAC,OAAO,GAAY,EAAE,CAAC;YACtB,MAAM,OAAO,GAAG,GAA6D,CAAC;YAC9E,OAAO;gBACL,OAAO,EAAE,IAAI;gBACb,OAAO,EAAE,CAAC;wBACR,IAAI,EAAE,MAAe;wBACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;4BACnB,MAAM,EAAE,OAAO;4BACf,MAAM,EAAE,OAAO,CAAC,MAAM,IAAI,EAAE;4BAC5B,MAAM,EAAE,OAAO,CAAC,MAAM,IAAI,OAAO,CAAC,OAAO,IAAI,eAAe;yBAC7D,CAAC;qBACH,CAAC;aACH,CAAC;QACJ,CAAC;IACH,CAAC,CACF,CAAC;IAEF,6EAA6E;IAE7E,MAAM,CAAC,YAAY,CACjB,qBAAqB,EACrB;QACE,KAAK,EAAE,eAAe;QACtB,WAAW,EAAE,GAAG,gBAAgB;;;;;;;0FAOoD;QACpF,WAAW,EAAE;YACX,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,iBAAiB,CAAC;YAC/C,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,2BAA2B,CAAC;SAC1D;QACD,WAAW,EAAE;YACX,YAAY,EAAE,KAAK;YACnB,eAAe,EAAE,KAAK;YACtB,cAAc,EAAE,IAAI;YACpB,aAAa,EAAE,KAAK;SACrB;KACF,EACD,KAAK,EAAE,EAAE,OAAO,EAAE,OAAO,EAAE,EAAE,EAAE;QAC7B,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;QAC3B,MAAM,KAAK,GAAG,QAAQ,EAAE,CAAC;QACzB,MAAM,KAAK,GAAG,MAAM,CAAC,sBAAsB,EAAE,CAAC;QAE9C,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACvB,OAAO;gBACL,OAAO,EAAE,CAAC;wBACR,IAAI,EAAE,MAAe;wBACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;4BACnB,MAAM,EAAE,QAAQ;4BAChB,OAAO;4BACP,OAAO;4BACP,SAAS,EAAE,EAAE;4BACb,OAAO,EAAE,2DAA2D;yBACrE,CAAC;qBACH,CAAC;aACH,CAAC;QACJ,CAAC;QAED,MAAM,OAAO,GAA8D,EAAE,CAAC;QAE9E,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,QAAQ,CAAC,IAAI,CAAC,OAAO,EAAE;oBACpC,GAAG,EAAE,KAAK,CAAC,WAAW;oBACtB,QAAQ,EAAE,OAAO;oBACjB,OAAO,EAAE,OAAO;iBACjB,CAAC,CAAC;gBACH,OAAO,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC;YAChF,CAAC;YAAC,OAAO,GAAY,EAAE,CAAC;gBACtB,MAAM,OAAO,GAAG,GAA4C,CAAC;gBAC7D,OAAO,CAAC,IAAI,CAAC;oBACX,IAAI,EAAE,IAAI,CAAC,IAAI;oBACf,MAAM,EAAE,KAAK;oBACb,MAAM,EAAE,CAAC,OAAO,CAAC,MAAM,IAAI,OAAO,CAAC,OAAO,IAAI,QAAQ,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;iBACtE,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,MAAM,SAAS,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;QAEjD,OAAO;YACL,OAAO,EAAE,CAAC;oBACR,IAAI,EAAE,MAAe;oBACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;wBACnB,MAAM,EAAE,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ;wBACvC,OAAO;wBACP,OAAO;wBACP,SAAS,EAAE,OAAO;qBACnB,CAAC;iBACH,CAAC;SACH,CAAC;IACJ,CAAC,CACF,CAAC;IAEF,6EAA6E;IAE7E,MAAM,CAAC,YAAY,CACjB,sBAAsB,EACtB;QACE,KAAK,EAAE,gBAAgB;QACvB,WAAW,EAAE,GAAG,gBAAgB;;;0GAGoE;QACpG,WAAW,EAAE,EAAE;QACf,WAAW,EAAE;YACX,YAAY,EAAE,IAAI;YAClB,eAAe,EAAE,KAAK;YACtB,cAAc,EAAE,IAAI;YACpB,aAAa,EAAE,KAAK;SACrB;KACF,EACD,KAAK,IAAI,EAAE;QACT,MAAM,IAAI,GAAG,OAAO,EAAE,CAAC;QACvB,MAAM,KAAK,GAAG,QAAQ,EAAE,CAAC;QACzB,MAAM,QAAQ,GAAG,KAAK,CAAC,UAAU,CAAC,iBAAiB,CAAC;QAEpD,MAAM,OAAO,GAAG;YACd,iBAAiB,EAAE,ydAAyd;YAC5e,IAAI,EAAE,IAAI,CAAC,EAAE;YACb,SAAS,EAAE,IAAI,CAAC,IAAI;YACpB,OAAO,EAAE,IAAI,CAAC,OAAO;YACrB,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,cAAc,EAAE,IAAI,CAAC,cAAc;YACnC,eAAe,EAAE,IAAI,CAAC,eAAe;YACrC,cAAc,EAAE,IAAI,CAAC,cAAc;YACnC,cAAc,EAAE,IAAI,CAAC,cAAc;YACnC,iBAAiB,EAAE,IAAI,CAAC,iBAAiB;YACzC,0BAA0B,EAAE,KAAK,CAAC,UAAU,CAAC,WAAW,EAAE,UAAU,EAAE,SAAS,IAAI,EAAE;YACrF,iBAAiB,EAAE,QAAQ,EAAE,QAAQ,IAAI,sBAAsB;YAC/D,kBAAkB,EAAE,QAAQ,EAAE,kBAAkB,IAAI,EAAE;YACtD,aAAa,EAAE;gBACb,eAAe,EAAE,KAAK,CAAC,UAAU,CAAC,YAAY,EAAE,UAAU,EAAE,eAAe,IAAI,KAAK;gBACpF,cAAc,EAAE,KAAK,CAAC,UAAU,CAAC,YAAY,EAAE,UAAU,EAAE,cAAc,IAAI,KAAK;gBAClF,mBAAmB,EAAE,KAAK,CAAC,UAAU,CAAC,YAAY,EAAE,UAAU,EAAE,mBAAmB,IAAI,KAAK;aAC7F;SACF,CAAC;QAEF,OAAO;YACL,OAAO,EAAE,CAAC;oBACR,IAAI,EAAE,MAAe;oBACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC;iBAC9B,CAAC;SACH,CAAC;IACJ,CAAC,CACF,CAAC;AACJ,CAAC;AAED,iFAAiF;AAEjF,SAAS,UAAU,CAAC,IAAY,EAAE,WAAmB;IACnD,OAAO,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC;AAC3D,CAAC;AAED,SAAS,mBAAmB,CAC1B,MAAc,EACd,KAAoB;IAKpB,OAAO;QACL,OAAO,EAAE,IAAI;QACb,OAAO,EAAE,CAAC;gBACR,IAAI,EAAE,MAAe;gBACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;oBACnB,MAAM,EAAE,SAAS;oBACjB,MAAM;oBACN,kBAAkB,EAAE,KAAK,KAAK,IAAI;oBAClC,cAAc,EAAE,KAAK;oBACrB,GAAG,CAAC,KAAK;wBACP,CAAC,CAAC,EAAE,YAAY,EAAE,uQAAuQ,EAAE;wBAC3R,CAAC,CAAC,EAAE,YAAY,EAAE,4GAA4G,EAAE,CACjI;iBACF,CAAC;aACH,CAAC;KACH,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,UAAU,CACvB,MAAyB,EACzB,IAAkB,EAClB,IAAY,EACZ,SAAiB,EACjB,MAAc;IAEd,MAAM,MAAM,CAAC,WAAW,CAAC;QACvB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACnC,eAAe,EAAE,MAAM;QACvB,WAAW,EAAE,MAAM;QACnB,gBAAgB,EAAE,GAAG,SAAS,KAAK,IAAI,EAAE;QACzC,eAAe,EAAE,KAAK;QACtB,UAAU,EAAE,IAAI,CAAC,EAAE;QACnB,SAAS,EAAE,8BAA8B;KAC1C,CAAC,CAAC;AACL,CAAC"}
|
package/package.json
CHANGED
|
@@ -7,8 +7,16 @@
|
|
|
7
7
|
* Two-layer enforcement:
|
|
8
8
|
* Layer 1 (skeleton): permissions.boundaries, scope paths, override_protocol
|
|
9
9
|
* Layer 2 (extensions): sensitive_patterns, cross_domain_rules, sensitivity_tiers
|
|
10
|
+
*
|
|
11
|
+
* Override protocol:
|
|
12
|
+
* When the governance behavior is "warn_confirm_and_log", blocked actions return
|
|
13
|
+
* an override_token. The agent surfaces the violation to the human, and if the
|
|
14
|
+
* human confirms, the agent calls aegis_request_override with the token. The
|
|
15
|
+
* override is single-use, time-limited (60s), and logged with human_confirmed: true.
|
|
16
|
+
* Immutable policies cannot be overridden regardless.
|
|
10
17
|
*/
|
|
11
18
|
|
|
19
|
+
import { randomBytes } from 'node:crypto';
|
|
12
20
|
import { appendFile, mkdir } from 'node:fs/promises';
|
|
13
21
|
import { dirname, join, relative, isAbsolute } from 'node:path';
|
|
14
22
|
import { minimatch } from 'minimatch';
|
|
@@ -20,7 +28,23 @@ import type {
|
|
|
20
28
|
PermissionBoundaries,
|
|
21
29
|
} from '../types.js';
|
|
22
30
|
|
|
31
|
+
// ─── Override Token Types ───────────────────────────────────────────────────
|
|
32
|
+
|
|
33
|
+
interface PendingOverride {
|
|
34
|
+
token: string;
|
|
35
|
+
operation: 'write' | 'read' | 'delete';
|
|
36
|
+
path: string;
|
|
37
|
+
content?: string;
|
|
38
|
+
reason: string;
|
|
39
|
+
policy_ref: string;
|
|
40
|
+
created_at: number;
|
|
41
|
+
}
|
|
42
|
+
|
|
43
|
+
const OVERRIDE_TTL_MS = 300_000; // 5 minutes
|
|
44
|
+
|
|
23
45
|
export class EnforcementEngine {
|
|
46
|
+
private pendingOverrides = new Map<string, PendingOverride>();
|
|
47
|
+
|
|
24
48
|
constructor(
|
|
25
49
|
private state: PolicyState,
|
|
26
50
|
private activeRole: ResolvedRole
|
|
@@ -59,7 +83,6 @@ export class EnforcementEngine {
|
|
|
59
83
|
const readOnly = this.boundaries.read_only;
|
|
60
84
|
const writable = this.boundaries.writable;
|
|
61
85
|
if (readOnly && this.matchesAny(relPath, readOnly)) {
|
|
62
|
-
// If the path is also in the writable list, writable wins
|
|
63
86
|
if (!writable || !this.matchesAny(relPath, writable)) {
|
|
64
87
|
return {
|
|
65
88
|
allowed: false,
|
|
@@ -158,7 +181,6 @@ export class EnforcementEngine {
|
|
|
158
181
|
|
|
159
182
|
/**
|
|
160
183
|
* Scan proposed file content for sensitive patterns.
|
|
161
|
-
* Uses governance.permissions.sensitive_patterns when present.
|
|
162
184
|
*/
|
|
163
185
|
scanContent(content: string, targetPath: string): EnforcementVerdict {
|
|
164
186
|
const patterns = this.state.governance.permissions?.sensitive_patterns;
|
|
@@ -185,7 +207,6 @@ export class EnforcementEngine {
|
|
|
185
207
|
|
|
186
208
|
/**
|
|
187
209
|
* Validate that a cross-domain import respects boundaries.
|
|
188
|
-
* Uses governance.cross_domain_rules when present (extension field).
|
|
189
210
|
*/
|
|
190
211
|
validateCrossDomain(sourcePath: string, importPath: string): EnforcementVerdict {
|
|
191
212
|
const rules = this.state.governance.cross_domain_rules;
|
|
@@ -197,12 +218,10 @@ export class EnforcementEngine {
|
|
|
197
218
|
const sourceDomain = this.getDomain(sourcePath, domains);
|
|
198
219
|
const importDomain = this.getDomain(importPath, domains);
|
|
199
220
|
|
|
200
|
-
// Same domain or can't determine — allow
|
|
201
221
|
if (!sourceDomain || !importDomain || sourceDomain === importDomain) {
|
|
202
222
|
return { allowed: true };
|
|
203
223
|
}
|
|
204
224
|
|
|
205
|
-
// Cross-domain — must go through shared interfaces
|
|
206
225
|
if (!importPath.includes(rules.shared_interfaces_path)) {
|
|
207
226
|
return {
|
|
208
227
|
allowed: false,
|
|
@@ -236,6 +255,62 @@ export class EnforcementEngine {
|
|
|
236
255
|
};
|
|
237
256
|
}
|
|
238
257
|
|
|
258
|
+
/**
|
|
259
|
+
* Create a pending override token for a blocked action.
|
|
260
|
+
* The token is single-use and expires after 60 seconds.
|
|
261
|
+
* Returns null if the policy is immutable or override behavior is block_and_log.
|
|
262
|
+
*/
|
|
263
|
+
createOverrideToken(
|
|
264
|
+
operation: 'write' | 'read' | 'delete',
|
|
265
|
+
path: string,
|
|
266
|
+
reason: string,
|
|
267
|
+
policyRef: string,
|
|
268
|
+
content?: string
|
|
269
|
+
): string | null {
|
|
270
|
+
const { behavior, isImmutable } = this.getOverrideBehavior(policyRef);
|
|
271
|
+
|
|
272
|
+
// Immutable policies and block_and_log cannot be overridden
|
|
273
|
+
if (isImmutable || behavior === 'block_and_log') {
|
|
274
|
+
return null;
|
|
275
|
+
}
|
|
276
|
+
|
|
277
|
+
// Clean up expired tokens
|
|
278
|
+
this.cleanExpiredTokens();
|
|
279
|
+
|
|
280
|
+
const token = randomBytes(16).toString('hex');
|
|
281
|
+
this.pendingOverrides.set(token, {
|
|
282
|
+
token,
|
|
283
|
+
operation,
|
|
284
|
+
path,
|
|
285
|
+
content,
|
|
286
|
+
reason,
|
|
287
|
+
policy_ref: policyRef,
|
|
288
|
+
created_at: Date.now(),
|
|
289
|
+
});
|
|
290
|
+
|
|
291
|
+
return token;
|
|
292
|
+
}
|
|
293
|
+
|
|
294
|
+
/**
|
|
295
|
+
* Validate and consume an override token.
|
|
296
|
+
* Returns the pending override if the token is valid and not expired.
|
|
297
|
+
* The token is consumed (deleted) after use — single-use only.
|
|
298
|
+
*/
|
|
299
|
+
consumeOverrideToken(token: string): PendingOverride | null {
|
|
300
|
+
const pending = this.pendingOverrides.get(token);
|
|
301
|
+
if (!pending) return null;
|
|
302
|
+
|
|
303
|
+
// Check expiration
|
|
304
|
+
if (Date.now() - pending.created_at > OVERRIDE_TTL_MS) {
|
|
305
|
+
this.pendingOverrides.delete(token);
|
|
306
|
+
return null;
|
|
307
|
+
}
|
|
308
|
+
|
|
309
|
+
// Consume — single use
|
|
310
|
+
this.pendingOverrides.delete(token);
|
|
311
|
+
return pending;
|
|
312
|
+
}
|
|
313
|
+
|
|
239
314
|
/**
|
|
240
315
|
* Log an override to the append-only overrides.jsonl file.
|
|
241
316
|
*/
|
|
@@ -250,7 +325,6 @@ export class EnforcementEngine {
|
|
|
250
325
|
|
|
251
326
|
/**
|
|
252
327
|
* Build the list of commands to run for quality gate validation.
|
|
253
|
-
* Maps pre_commit booleans to build_commands from constitution or governance.
|
|
254
328
|
*/
|
|
255
329
|
getQualityGateCommands(): Array<{ name: string; command: string }> {
|
|
256
330
|
const gates = this.state.governance.quality_gate?.pre_commit;
|
|
@@ -272,7 +346,6 @@ export class EnforcementEngine {
|
|
|
272
346
|
result.push({ name: 'typecheck', command: commands.typecheck });
|
|
273
347
|
}
|
|
274
348
|
|
|
275
|
-
// Custom checks from quality gate
|
|
276
349
|
if (gates.custom_checks) {
|
|
277
350
|
for (const check of gates.custom_checks) {
|
|
278
351
|
result.push({ name: check.name, command: check.command });
|
|
@@ -286,15 +359,22 @@ export class EnforcementEngine {
|
|
|
286
359
|
|
|
287
360
|
/**
|
|
288
361
|
* Safely access permissions.boundaries — returns empty object if missing.
|
|
289
|
-
* Handles governance files that don't have the skeleton boundaries field.
|
|
290
362
|
*/
|
|
291
363
|
private get boundaries(): PermissionBoundaries {
|
|
292
364
|
return this.state.governance.permissions?.boundaries ?? {};
|
|
293
365
|
}
|
|
294
366
|
|
|
367
|
+
private cleanExpiredTokens(): void {
|
|
368
|
+
const now = Date.now();
|
|
369
|
+
for (const [token, pending] of this.pendingOverrides) {
|
|
370
|
+
if (now - pending.created_at > OVERRIDE_TTL_MS) {
|
|
371
|
+
this.pendingOverrides.delete(token);
|
|
372
|
+
}
|
|
373
|
+
}
|
|
374
|
+
}
|
|
375
|
+
|
|
295
376
|
private matchesAny(path: string, patterns: string[]): boolean {
|
|
296
377
|
return patterns.some((pattern) => {
|
|
297
|
-
// Normalize: "compliance/" should match "compliance/src/index.ts"
|
|
298
378
|
const normalized = pattern.endsWith('/')
|
|
299
379
|
? pattern + '**'
|
|
300
380
|
: pattern;
|
package/src/tools/file-tools.ts
CHANGED
|
@@ -1,27 +1,32 @@
|
|
|
1
1
|
/**
|
|
2
2
|
* Governed File Tools — MCP tool registrations for file operations.
|
|
3
3
|
*
|
|
4
|
-
* These are the tools agents call instead of raw file system access.
|
|
5
|
-
* Every call is validated against the loaded policy before execution.
|
|
6
|
-
* The agent never sees the policy — only the verdict.
|
|
7
|
-
*
|
|
8
4
|
* GOVERNANCE MODEL: The Aegis MCP does not override the agent's native
|
|
9
5
|
* directives. It introduces itself, explains why governance is active,
|
|
10
6
|
* identifies which operations benefit from compliance validation, and
|
|
11
7
|
* asks the agent to seek user permission to route governed operations
|
|
12
8
|
* through Aegis tools. The user's authority is the enforcement mechanism.
|
|
13
9
|
*
|
|
10
|
+
* OVERRIDE HANDSHAKE: When a write/delete is blocked and the override
|
|
11
|
+
* protocol allows overrides (warn_confirm_and_log), the blocked response
|
|
12
|
+
* includes an override_token. The agent presents the violation to the
|
|
13
|
+
* human. If the human confirms, the agent calls aegis_request_override
|
|
14
|
+
* with the token. The action proceeds and is logged with human_confirmed: true.
|
|
15
|
+
* The token is single-use and expires after 5 minutes.
|
|
16
|
+
* Immutable policies cannot be overridden.
|
|
17
|
+
*
|
|
14
18
|
* LOGGING: Every denied action is logged to overrides.jsonl by the server
|
|
15
19
|
* process — no agent involvement required.
|
|
16
20
|
*
|
|
17
21
|
* Tools:
|
|
18
|
-
* aegis_check_permissions
|
|
19
|
-
* aegis_write_file
|
|
20
|
-
* aegis_read_file
|
|
21
|
-
* aegis_delete_file
|
|
22
|
-
* aegis_execute
|
|
23
|
-
* aegis_complete_task
|
|
24
|
-
* aegis_policy_summary
|
|
22
|
+
* aegis_check_permissions — Pre-check before writing
|
|
23
|
+
* aegis_write_file — Governed write with path + content validation
|
|
24
|
+
* aegis_read_file — Governed read with path validation
|
|
25
|
+
* aegis_delete_file — Governed delete (uses write permissions)
|
|
26
|
+
* aegis_execute — Governed command execution
|
|
27
|
+
* aegis_complete_task — Task completion with quality gate validation
|
|
28
|
+
* aegis_policy_summary — Minimal role/permissions summary
|
|
29
|
+
* aegis_request_override — Consume an override token after human confirmation
|
|
25
30
|
*/
|
|
26
31
|
|
|
27
32
|
import { readFile, writeFile, unlink, mkdir } from 'node:fs/promises';
|
|
@@ -33,15 +38,6 @@ import type { EnforcementEngine } from '../services/enforcement-engine.js';
|
|
|
33
38
|
import type { PolicyState, ResolvedRole } from '../types.js';
|
|
34
39
|
|
|
35
40
|
// ─── Governance Introduction ────────────────────────────────────────────────
|
|
36
|
-
// This prefix is prepended to every tool description. It reaches the agent
|
|
37
|
-
// at MCP connection time as part of the tool list — before any user prompt.
|
|
38
|
-
//
|
|
39
|
-
// It does NOT attempt to override the agent's native directives. Instead it:
|
|
40
|
-
// 1. Introduces the governance context
|
|
41
|
-
// 2. Explains which operations benefit from compliance validation
|
|
42
|
-
// 3. Asks the agent to inform the user and request permission
|
|
43
|
-
//
|
|
44
|
-
// The user's authority is what binds the agent, not the MCP's.
|
|
45
41
|
|
|
46
42
|
const GOVERNANCE_INTRO = `NOTE: You are connected to the Aegis MCP, a governance enforcement layer installed by the project owner to maintain compliance in this workspace. This project operates under regulated governance policy (.agentpolicy/). Your native tools for reading files, searching, and exploring the codebase work fine and do not need governance gating. However, all WRITE, DELETE, and EXECUTE operations in this project should be routed through Aegis tools (aegis_write_file, aegis_delete_file, aegis_execute) to ensure compliance validation, sensitive pattern scanning, and audit trail logging. Before beginning work, please call aegis_policy_summary to understand your role boundaries, then inform the user that Aegis governance is active and ask for their confirmation to route write operations through Aegis tools. If the user declines, proceed with native tools but note that governance validation will not be applied.\n\n`;
|
|
47
43
|
|
|
@@ -65,7 +61,7 @@ Args:
|
|
|
65
61
|
- operation ('read' | 'write' | 'delete'): The operation to check
|
|
66
62
|
|
|
67
63
|
Returns:
|
|
68
|
-
{ "allowed": true } or { "allowed": false, "reason": "..." }`,
|
|
64
|
+
{ "allowed": true } or { "allowed": false, "reason": "...", "override_available": bool, "override_token": "..." }`,
|
|
69
65
|
inputSchema: {
|
|
70
66
|
path: z.string().describe('Target file path relative to project root'),
|
|
71
67
|
operation: z.enum(['read', 'write', 'delete']).describe('Operation to check'),
|
|
@@ -84,19 +80,35 @@ Returns:
|
|
|
84
80
|
? engine.validateRead(path)
|
|
85
81
|
: engine.validateWrite(path);
|
|
86
82
|
|
|
87
|
-
// Log denied permission checks
|
|
88
83
|
if (!verdict.allowed) {
|
|
89
84
|
await logBlocked(engine, role, path, `check_permissions (${operation})`, verdict.reason);
|
|
85
|
+
|
|
86
|
+
// Generate override token if policy allows overrides
|
|
87
|
+
const token = engine.createOverrideToken(
|
|
88
|
+
operation === 'delete' ? 'delete' : operation as 'read' | 'write',
|
|
89
|
+
path,
|
|
90
|
+
verdict.reason,
|
|
91
|
+
verdict.policy_ref
|
|
92
|
+
);
|
|
93
|
+
|
|
94
|
+
return {
|
|
95
|
+
content: [{
|
|
96
|
+
type: 'text' as const,
|
|
97
|
+
text: JSON.stringify({
|
|
98
|
+
allowed: false,
|
|
99
|
+
reason: verdict.reason,
|
|
100
|
+
override_available: token !== null,
|
|
101
|
+
override_token: token,
|
|
102
|
+
...(token ? { instructions: 'To override: present the violated policy to the user. If the user explicitly confirms the override, call aegis_request_override with this token. The token expires in 5 minutes and is single-use.' } : { instructions: 'This policy is immutable and cannot be overridden. The user must modify the governance through aegis init.' }),
|
|
103
|
+
}),
|
|
104
|
+
}],
|
|
105
|
+
};
|
|
90
106
|
}
|
|
91
107
|
|
|
92
108
|
return {
|
|
93
109
|
content: [{
|
|
94
110
|
type: 'text' as const,
|
|
95
|
-
text: JSON.stringify(
|
|
96
|
-
verdict.allowed
|
|
97
|
-
? { allowed: true }
|
|
98
|
-
: { allowed: false, reason: verdict.reason }
|
|
99
|
-
),
|
|
111
|
+
text: JSON.stringify({ allowed: true }),
|
|
100
112
|
}],
|
|
101
113
|
};
|
|
102
114
|
}
|
|
@@ -108,14 +120,14 @@ Returns:
|
|
|
108
120
|
'aegis_write_file',
|
|
109
121
|
{
|
|
110
122
|
title: 'Write File (Governed)',
|
|
111
|
-
description: `${GOVERNANCE_INTRO}Write content to a file with governance enforcement. Path is validated against your role's permissions and governance boundaries. Content is scanned for sensitive patterns. If the write violates policy, it is blocked, logged, and you receive the
|
|
123
|
+
description: `${GOVERNANCE_INTRO}Write content to a file with governance enforcement. Path is validated against your role's permissions and governance boundaries. Content is scanned for sensitive patterns. If the write violates policy, it is blocked, logged, and you receive an override_token if the policy allows overrides. Present the violation to the user — if they confirm, call aegis_request_override with the token to proceed.
|
|
112
124
|
|
|
113
125
|
Args:
|
|
114
126
|
- path (string): File path relative to project root
|
|
115
127
|
- content (string): File content to write
|
|
116
128
|
|
|
117
129
|
Returns:
|
|
118
|
-
{ "status": "success", "path": "..." } or { "status": "blocked", "reason": "..." }`,
|
|
130
|
+
{ "status": "success", "path": "..." } or { "status": "blocked", "reason": "...", "override_available": bool, "override_token": "..." }`,
|
|
119
131
|
inputSchema: {
|
|
120
132
|
path: z.string().describe('File path relative to project root'),
|
|
121
133
|
content: z.string().describe('File content to write'),
|
|
@@ -136,14 +148,16 @@ Returns:
|
|
|
136
148
|
const pathVerdict = engine.validateWrite(path);
|
|
137
149
|
if (!pathVerdict.allowed) {
|
|
138
150
|
await logBlocked(engine, role, path, 'write', pathVerdict.reason);
|
|
139
|
-
|
|
151
|
+
const token = engine.createOverrideToken('write', path, pathVerdict.reason, pathVerdict.policy_ref, content);
|
|
152
|
+
return blockedWithOverride(pathVerdict.reason, token);
|
|
140
153
|
}
|
|
141
154
|
|
|
142
155
|
// Scan content for sensitive patterns
|
|
143
156
|
const contentVerdict = engine.scanContent(content, path);
|
|
144
157
|
if (!contentVerdict.allowed) {
|
|
145
158
|
await logBlocked(engine, role, path, 'write (sensitive content)', contentVerdict.reason);
|
|
146
|
-
|
|
159
|
+
const token = engine.createOverrideToken('write', path, contentVerdict.reason, contentVerdict.policy_ref, content);
|
|
160
|
+
return blockedWithOverride(contentVerdict.reason, token);
|
|
147
161
|
}
|
|
148
162
|
|
|
149
163
|
// Write the file
|
|
@@ -166,13 +180,13 @@ Returns:
|
|
|
166
180
|
'aegis_read_file',
|
|
167
181
|
{
|
|
168
182
|
title: 'Read File (Governed)',
|
|
169
|
-
description: `${GOVERNANCE_INTRO}Read the contents of a file with governance enforcement. Path is validated against your role's read permissions. If the read violates policy, it is blocked
|
|
183
|
+
description: `${GOVERNANCE_INTRO}Read the contents of a file with governance enforcement. Path is validated against your role's read permissions. If the read violates policy, it is blocked and logged. Note: Native read tools are acceptable for general file exploration. Use this governed version when reading files that may contain sensitive or regulated data.
|
|
170
184
|
|
|
171
185
|
Args:
|
|
172
186
|
- path (string): File path relative to project root
|
|
173
187
|
|
|
174
188
|
Returns:
|
|
175
|
-
File content as text, or { "status": "blocked", "reason": "..." }`,
|
|
189
|
+
File content as text, or { "status": "blocked", "reason": "...", "override_available": bool, "override_token": "..." }`,
|
|
176
190
|
inputSchema: {
|
|
177
191
|
path: z.string().describe('File path relative to project root'),
|
|
178
192
|
},
|
|
@@ -191,7 +205,8 @@ Returns:
|
|
|
191
205
|
const verdict = engine.validateRead(path);
|
|
192
206
|
if (!verdict.allowed) {
|
|
193
207
|
await logBlocked(engine, role, path, 'read', verdict.reason);
|
|
194
|
-
|
|
208
|
+
const token = engine.createOverrideToken('read', path, verdict.reason, verdict.policy_ref);
|
|
209
|
+
return blockedWithOverride(verdict.reason, token);
|
|
195
210
|
}
|
|
196
211
|
|
|
197
212
|
const absPath = toAbsolute(path, state.projectRoot);
|
|
@@ -212,13 +227,13 @@ Returns:
|
|
|
212
227
|
'aegis_delete_file',
|
|
213
228
|
{
|
|
214
229
|
title: 'Delete File (Governed)',
|
|
215
|
-
description: `${GOVERNANCE_INTRO}Delete a file with governance enforcement. Write permissions are required. If the delete violates policy, it is blocked, logged, and
|
|
230
|
+
description: `${GOVERNANCE_INTRO}Delete a file with governance enforcement. Write permissions are required. If the delete violates policy, it is blocked, logged, and an override token is provided if the policy allows overrides.
|
|
216
231
|
|
|
217
232
|
Args:
|
|
218
233
|
- path (string): File path relative to project root
|
|
219
234
|
|
|
220
235
|
Returns:
|
|
221
|
-
{ "status": "success", "path": "..." } or { "status": "blocked", "reason": "..." }`,
|
|
236
|
+
{ "status": "success", "path": "..." } or { "status": "blocked", "reason": "...", "override_available": bool, "override_token": "..." }`,
|
|
222
237
|
inputSchema: {
|
|
223
238
|
path: z.string().describe('File path relative to project root'),
|
|
224
239
|
},
|
|
@@ -237,7 +252,8 @@ Returns:
|
|
|
237
252
|
const verdict = engine.validateWrite(path);
|
|
238
253
|
if (!verdict.allowed) {
|
|
239
254
|
await logBlocked(engine, role, path, 'delete', verdict.reason);
|
|
240
|
-
|
|
255
|
+
const token = engine.createOverrideToken('delete', path, verdict.reason, verdict.policy_ref);
|
|
256
|
+
return blockedWithOverride(verdict.reason, token);
|
|
241
257
|
}
|
|
242
258
|
|
|
243
259
|
const absPath = toAbsolute(path, state.projectRoot);
|
|
@@ -252,13 +268,139 @@ Returns:
|
|
|
252
268
|
}
|
|
253
269
|
);
|
|
254
270
|
|
|
271
|
+
// ─── aegis_request_override ───────────────────────────────────────────────
|
|
272
|
+
|
|
273
|
+
server.registerTool(
|
|
274
|
+
'aegis_request_override',
|
|
275
|
+
{
|
|
276
|
+
title: 'Request Override',
|
|
277
|
+
description: `${GOVERNANCE_INTRO}Execute a previously blocked action using an override token. Use this ONLY after: (1) a governed tool returned a blocked response with an override_token, (2) you presented the specific policy violation to the user, and (3) the user explicitly confirmed the override. The token is single-use and expires after 5 minutes. The override is logged with human_confirmed: true. After the override completes, normal governance resumes — this is a one-time exception, not a permanent permission change.
|
|
278
|
+
|
|
279
|
+
Args:
|
|
280
|
+
- override_token (string): The token from the blocked response
|
|
281
|
+
- rationale (string): The user's reason for overriding (what they said when confirming)
|
|
282
|
+
|
|
283
|
+
Returns:
|
|
284
|
+
{ "status": "override_success", "path": "...", "operation": "..." } or { "status": "override_failed", "reason": "..." }`,
|
|
285
|
+
inputSchema: {
|
|
286
|
+
override_token: z.string().describe('The override token from the blocked response'),
|
|
287
|
+
rationale: z.string().describe("The user's stated reason for overriding the policy"),
|
|
288
|
+
},
|
|
289
|
+
annotations: {
|
|
290
|
+
readOnlyHint: false,
|
|
291
|
+
destructiveHint: true,
|
|
292
|
+
idempotentHint: false,
|
|
293
|
+
openWorldHint: false,
|
|
294
|
+
},
|
|
295
|
+
},
|
|
296
|
+
async ({ override_token, rationale }) => {
|
|
297
|
+
const engine = getEngine();
|
|
298
|
+
const state = getState();
|
|
299
|
+
const role = getRole();
|
|
300
|
+
|
|
301
|
+
// Consume the token — single use
|
|
302
|
+
const pending = engine.consumeOverrideToken(override_token);
|
|
303
|
+
|
|
304
|
+
if (!pending) {
|
|
305
|
+
return {
|
|
306
|
+
isError: true,
|
|
307
|
+
content: [{
|
|
308
|
+
type: 'text' as const,
|
|
309
|
+
text: JSON.stringify({
|
|
310
|
+
status: 'override_failed',
|
|
311
|
+
reason: 'Invalid or expired override token. Tokens are single-use and expire after 5 minutes. Request a new one by attempting the operation again.',
|
|
312
|
+
}),
|
|
313
|
+
}],
|
|
314
|
+
};
|
|
315
|
+
}
|
|
316
|
+
|
|
317
|
+
// Log the override with human_confirmed: true
|
|
318
|
+
await engine.logOverride({
|
|
319
|
+
timestamp: new Date().toISOString(),
|
|
320
|
+
policy_violated: pending.reason,
|
|
321
|
+
policy_text: pending.reason,
|
|
322
|
+
action_requested: `${pending.operation}: ${pending.path}`,
|
|
323
|
+
human_confirmed: true,
|
|
324
|
+
agent_role: role.id,
|
|
325
|
+
rationale,
|
|
326
|
+
});
|
|
327
|
+
|
|
328
|
+
// Execute the overridden action
|
|
329
|
+
const absPath = toAbsolute(pending.path, state.projectRoot);
|
|
330
|
+
|
|
331
|
+
try {
|
|
332
|
+
switch (pending.operation) {
|
|
333
|
+
case 'write': {
|
|
334
|
+
if (!pending.content) {
|
|
335
|
+
return {
|
|
336
|
+
isError: true,
|
|
337
|
+
content: [{
|
|
338
|
+
type: 'text' as const,
|
|
339
|
+
text: JSON.stringify({
|
|
340
|
+
status: 'override_failed',
|
|
341
|
+
reason: 'Write override requires content. Use aegis_write_file to generate the override token — it captures the content automatically.',
|
|
342
|
+
}),
|
|
343
|
+
}],
|
|
344
|
+
};
|
|
345
|
+
}
|
|
346
|
+
await mkdir(dirname(absPath), { recursive: true });
|
|
347
|
+
await writeFile(absPath, pending.content, 'utf-8');
|
|
348
|
+
break;
|
|
349
|
+
}
|
|
350
|
+
case 'read': {
|
|
351
|
+
const fileContent = await readFile(absPath, 'utf-8');
|
|
352
|
+
return {
|
|
353
|
+
content: [{
|
|
354
|
+
type: 'text' as const,
|
|
355
|
+
text: JSON.stringify({
|
|
356
|
+
status: 'override_success',
|
|
357
|
+
operation: 'read',
|
|
358
|
+
path: pending.path,
|
|
359
|
+
content: fileContent,
|
|
360
|
+
}),
|
|
361
|
+
}],
|
|
362
|
+
};
|
|
363
|
+
}
|
|
364
|
+
case 'delete': {
|
|
365
|
+
await unlink(absPath);
|
|
366
|
+
break;
|
|
367
|
+
}
|
|
368
|
+
}
|
|
369
|
+
|
|
370
|
+
return {
|
|
371
|
+
content: [{
|
|
372
|
+
type: 'text' as const,
|
|
373
|
+
text: JSON.stringify({
|
|
374
|
+
status: 'override_success',
|
|
375
|
+
operation: pending.operation,
|
|
376
|
+
path: pending.path,
|
|
377
|
+
message: 'Override executed and logged. Normal governance has resumed.',
|
|
378
|
+
}),
|
|
379
|
+
}],
|
|
380
|
+
};
|
|
381
|
+
} catch (err: unknown) {
|
|
382
|
+
const errMsg = err instanceof Error ? err.message : 'Unknown error';
|
|
383
|
+
return {
|
|
384
|
+
isError: true,
|
|
385
|
+
content: [{
|
|
386
|
+
type: 'text' as const,
|
|
387
|
+
text: JSON.stringify({
|
|
388
|
+
status: 'override_failed',
|
|
389
|
+
reason: `Override was authorized but the operation failed: ${errMsg}`,
|
|
390
|
+
}),
|
|
391
|
+
}],
|
|
392
|
+
};
|
|
393
|
+
}
|
|
394
|
+
}
|
|
395
|
+
);
|
|
396
|
+
|
|
255
397
|
// ─── aegis_execute ────────────────────────────────────────────────────────
|
|
256
398
|
|
|
257
399
|
server.registerTool(
|
|
258
400
|
'aegis_execute',
|
|
259
401
|
{
|
|
260
402
|
title: 'Execute Command (Governed)',
|
|
261
|
-
description: `${GOVERNANCE_INTRO}Execute a shell command in the project directory with governance oversight. Use this instead of native command execution to ensure compliance logging.
|
|
403
|
+
description: `${GOVERNANCE_INTRO}Execute a shell command in the project directory with governance oversight. Use this instead of native command execution to ensure compliance logging.
|
|
262
404
|
|
|
263
405
|
Args:
|
|
264
406
|
- command (string): Shell command to execute
|
|
@@ -452,7 +594,10 @@ function toAbsolute(path: string, projectRoot: string): string {
|
|
|
452
594
|
return isAbsolute(path) ? path : join(projectRoot, path);
|
|
453
595
|
}
|
|
454
596
|
|
|
455
|
-
function
|
|
597
|
+
function blockedWithOverride(
|
|
598
|
+
reason: string,
|
|
599
|
+
token: string | null
|
|
600
|
+
): {
|
|
456
601
|
isError: boolean;
|
|
457
602
|
content: Array<{ type: 'text'; text: string }>;
|
|
458
603
|
} {
|
|
@@ -460,7 +605,16 @@ function blocked(reason: string): {
|
|
|
460
605
|
isError: true,
|
|
461
606
|
content: [{
|
|
462
607
|
type: 'text' as const,
|
|
463
|
-
text: JSON.stringify({
|
|
608
|
+
text: JSON.stringify({
|
|
609
|
+
status: 'blocked',
|
|
610
|
+
reason,
|
|
611
|
+
override_available: token !== null,
|
|
612
|
+
override_token: token,
|
|
613
|
+
...(token
|
|
614
|
+
? { instructions: 'To override: present the violated policy to the user. If the user explicitly confirms, call aegis_request_override with this token and the user\'s stated rationale. The token expires in 5 minutes and is single-use. After the override, normal governance resumes.' }
|
|
615
|
+
: { instructions: 'This policy is immutable and cannot be overridden. The user must modify the governance through aegis init.' }
|
|
616
|
+
),
|
|
617
|
+
}),
|
|
464
618
|
}],
|
|
465
619
|
};
|
|
466
620
|
}
|