bx-mac 0.5.0 → 0.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/README.md +14 -3
  2. package/dist/bx-native +0 -0
  3. package/dist/bx.js +16 -4
  4. package/package.json +3 -1
package/README.md CHANGED
@@ -128,14 +128,25 @@ Deny rules are applied **in addition** to the built-in protected list:
128
128
 
129
129
  ### `<project>/.bxignore`
130
130
 
131
- Block paths within the working directory. Supports glob patterns. bx searches for `.bxignore` files **recursively** through the entire project tree (skipping `.`-prefixed dirs and `node_modules`), so you can place them in subdirectories to hide secrets close to where they live.
131
+ Block paths within the working directory. Uses [`.gitignore`-style pattern matching](https://git-scm.com/docs/gitignore#_pattern_format):
132
+
133
+ | Pattern | Matches | Why |
134
+ |---|---|---|
135
+ | `.env` | `.env` at any depth | No `/` → recursive |
136
+ | `.env.*` | `.env.local`, `sub/.env.production` | No `/` → recursive |
137
+ | `*.pem` | `key.pem`, `sub/deep/cert.pem` | No `/` → recursive |
138
+ | `secrets/` | `secrets/` at any depth | Trailing `/` is a dir marker, not a path separator |
139
+ | `/.env` | Only `<workdir>/.env` | Leading `/` → anchored to root |
140
+ | `config/secrets` | Only `<workdir>/config/secrets` | Contains `/` → relative to workdir |
141
+
142
+ bx searches for `.bxignore` files **recursively** through the entire project tree (skipping `.`-prefixed dirs and `node_modules`), so you can place them in subdirectories to hide secrets close to where they live.
132
143
 
133
144
  ```gitignore
134
145
  .env
135
146
  .env.*
136
147
  secrets/
137
- **/*.pem
138
- **/*.key
148
+ *.pem
149
+ *.key
139
150
  ```
140
151
 
141
152
  For example, a monorepo might have:
package/dist/bx-native ADDED
Binary file
package/dist/bx.js CHANGED
@@ -1,5 +1,5 @@
1
1
  #!/usr/bin/env node
2
- const __VERSION__ = "0.5.0";
2
+ const __VERSION__ = "0.6.0";
3
3
  import { accessSync, constants, cpSync, existsSync, globSync, mkdirSync, readFileSync, readdirSync, rmSync, statSync, writeFileSync } from "node:fs";
4
4
  import { dirname, join, resolve } from "node:path";
5
5
  import { spawn } from "node:child_process";
@@ -121,10 +121,22 @@ function parseLines(filePath) {
121
121
  return readFileSync(filePath, "utf-8").split("\n").map((l) => l.trim()).filter((l) => l && !l.startsWith("#"));
122
122
  }
123
123
  /**
124
+ * Convert a .bxignore line to a glob pattern following .gitignore semantics:
125
+ * - Leading "/" anchors to the base dir (stripped before globbing)
126
+ * - Patterns without "/" (except trailing) match recursively via ** / prefix
127
+ * - Patterns with "/" (non-leading, non-trailing) are relative to baseDir
128
+ * - Trailing "/" marks directories only and doesn't count as path separator
129
+ */
130
+ function toGlobPattern(line) {
131
+ if (line.startsWith("/")) return line.slice(1);
132
+ if ((line.endsWith("/") ? line.slice(0, -1) : line).includes("/")) return line;
133
+ return `**/${line}`;
134
+ }
135
+ /**
124
136
  * Apply a single .bxignore file: resolve glob patterns relative to baseDir.
125
137
  */
126
138
  function applyIgnoreFile(filePath, baseDir, ignored) {
127
- for (const line of parseLines(filePath)) for (const match of globSync(line, { cwd: baseDir })) ignored.push(resolve(baseDir, match));
139
+ for (const line of parseLines(filePath)) for (const match of globSync(toGlobPattern(line), { cwd: baseDir })) ignored.push(resolve(baseDir, match));
128
140
  }
129
141
  /**
130
142
  * Recursively find and apply .bxignore files in a directory tree.
@@ -211,7 +223,7 @@ function collectIgnoredPaths(home, workDirs) {
211
223
  const globalIgnore = join(home, ".bxignore");
212
224
  if (existsSync(globalIgnore)) {
213
225
  const denyLines = parseLines(globalIgnore).filter((l) => !l.match(/^(RW|RO):/i));
214
- for (const line of denyLines) for (const match of globSync(line, { cwd: home })) ignored.push(resolve(home, match));
226
+ for (const line of denyLines) for (const match of globSync(toGlobPattern(line), { cwd: home })) ignored.push(resolve(home, match));
215
227
  }
216
228
  for (const workDir of workDirs) collectIgnoreFilesRecursive(workDir, ignored);
217
229
  return ignored;
@@ -315,7 +327,7 @@ Configuration:
315
327
  path block access (deny)
316
328
  rw:path allow read-write access
317
329
  ro:path allow read-only access
318
- <workdir>/.bxignore blocked paths in project (supports globs, searched recursively)
330
+ <workdir>/.bxignore blocked paths in project (.gitignore-style matching)
319
331
 
320
332
  https://github.com/holtwick/bx-mac`);
321
333
  process.exit(0);
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "bx-mac",
3
- "version": "0.5.0",
3
+ "version": "0.6.0",
4
4
  "description": "Launch apps in a macOS sandbox — only the project directory is accessible",
5
5
  "type": "module",
6
6
  "bin": {
@@ -11,6 +11,8 @@
11
11
  ],
12
12
  "scripts": {
13
13
  "build": "rolldown -c",
14
+ "build:native": "bun build src/index.ts --compile --outfile dist/bx-native --define \"__VERSION__=\\\"$(node -p \"require('./package.json').version\")\\\"\"",
15
+ "sign": "./scripts/sign.sh",
14
16
  "test": "vitest run",
15
17
  "prepublishOnly": "npm run build",
16
18
  "post:release": "./scripts/release.sh"