npm - ccperm - Versions diffs - 1.8.5 → 1.9.0 - Mend

ccperm 1.8.5 → 1.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/explain.js ADDED Viewed

@@ -0,0 +1,112 @@
+"use strict";
+// Pattern-based permission explainer
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.explainPermission = explainPermission;
+const BASH_COMMANDS = {
+    // [description, risk: green/yellow/red]
+    'git': ['Git version control commands', 'green'],
+    'npm': ['Node.js package manager — can run scripts', 'yellow'],
+    'npx': ['Run npm packages — can execute arbitrary code', 'yellow'],
+    'node': ['Run Node.js scripts', 'yellow'],
+    'bun': ['Bun runtime — run scripts, install packages', 'yellow'],
+    'deno': ['Deno runtime — run scripts', 'yellow'],
+    'python': ['Run Python scripts', 'yellow'],
+    'python3': ['Run Python scripts', 'yellow'],
+    'pip': ['Python package manager — can run setup scripts', 'yellow'],
+    'pip3': ['Python package manager — can run setup scripts', 'yellow'],
+    'docker': ['Docker container management', 'yellow'],
+    'docker-compose': ['Docker Compose multi-container management', 'yellow'],
+    'curl': ['HTTP requests from command line', 'yellow'],
+    'wget': ['Download files from the web', 'yellow'],
+    'ssh': ['Remote shell access', 'red'],
+    'scp': ['Remote file copy over SSH', 'red'],
+    'rsync': ['File synchronization (local or remote)', 'yellow'],
+    'rm': ['Delete files and directories', 'red'],
+    'chmod': ['Change file permissions', 'yellow'],
+    'chown': ['Change file ownership', 'red'],
+    'kill': ['Terminate processes', 'yellow'],
+    'sudo': ['Run commands as superuser', 'red'],
+    'apt': ['System package manager (Debian/Ubuntu)', 'red'],
+    'apt-get': ['System package manager (Debian/Ubuntu)', 'red'],
+    'brew': ['Homebrew package manager (macOS)', 'yellow'],
+    'make': ['Build automation — runs Makefile targets', 'yellow'],
+    'cargo': ['Rust package manager and build tool', 'yellow'],
+    'go': ['Go build and package tool', 'yellow'],
+    'mvn': ['Maven Java build tool', 'yellow'],
+    'gradle': ['Gradle build tool', 'yellow'],
+    'yarn': ['Yarn package manager — can run scripts', 'yellow'],
+    'pnpm': ['pnpm package manager — can run scripts', 'yellow'],
+    'tsc': ['TypeScript compiler', 'green'],
+    'eslint': ['JavaScript/TypeScript linter', 'green'],
+    'prettier': ['Code formatter', 'green'],
+    'jest': ['JavaScript test runner', 'green'],
+    'vitest': ['Vite-based test runner', 'green'],
+    'cat': ['Read file contents', 'green'],
+    'ls': ['List directory contents', 'green'],
+    'find': ['Search for files', 'green'],
+    'grep': ['Search text patterns in files', 'green'],
+    'sed': ['Stream editor — modify file contents', 'yellow'],
+    'awk': ['Text processing language', 'green'],
+    'wc': ['Count lines/words/bytes', 'green'],
+    'head': ['Show first lines of file', 'green'],
+    'tail': ['Show last lines of file', 'green'],
+    'mkdir': ['Create directories', 'green'],
+    'cp': ['Copy files', 'green'],
+    'mv': ['Move/rename files', 'yellow'],
+    'echo': ['Print text', 'green'],
+    'env': ['Show/set environment variables', 'green'],
+    'which': ['Locate a command', 'green'],
+    'gh': ['GitHub CLI — repos, PRs, issues', 'yellow'],
+    'heroku': ['Heroku platform CLI', 'yellow'],
+    'vercel': ['Vercel deployment CLI', 'yellow'],
+    'aws': ['AWS CLI — cloud infrastructure', 'red'],
+    'gcloud': ['Google Cloud CLI', 'red'],
+    'az': ['Azure CLI', 'red'],
+    'kubectl': ['Kubernetes cluster management', 'red'],
+    'terraform': ['Infrastructure as Code', 'red'],
+};
+const TOOL_DESCRIPTIONS = {
+    'Read': 'Read file contents from disk',
+    'Write': 'Create or overwrite files',
+    'Edit': 'Modify existing files (partial edits)',
+    'Glob': 'Search for files by name pattern',
+    'Grep': 'Search file contents with regex',
+    'WebSearch': 'Search the web via search engine',
+};
+function explainPermission(perm) {
+    // Bash permissions
+    const bashMatch = perm.match(/^Bash\((.+?)[\s)]/);
+    if (bashMatch || perm === 'Bash') {
+        const cmd = bashMatch ? bashMatch[1] : '';
+        const entry = BASH_COMMANDS[cmd];
+        if (entry) {
+            return { description: entry[0], risk: entry[1], detail: `Command: ${cmd}` };
+        }
+        if (cmd) {
+            return { description: `Run "${cmd}" command`, risk: 'yellow', detail: `Command: ${cmd}` };
+        }
+        return { description: 'Run shell commands', risk: 'red' };
+    }
+    // WebFetch
+    const fetchMatch = perm.match(/^WebFetch\(domain:(.+)\)$/);
+    if (fetchMatch) {
+        const domain = fetchMatch[1];
+        return { description: `HTTP requests to ${domain}`, risk: 'yellow', detail: `Domain: ${domain}` };
+    }
+    if (perm.startsWith('WebFetch')) {
+        return { description: 'HTTP requests to external URLs', risk: 'yellow' };
+    }
+    // MCP tools
+    if (perm.startsWith('mcp__') || perm.startsWith('mcp_')) {
+        const parts = perm.split('__');
+        const server = parts[1] || 'unknown';
+        const tool = parts.slice(2).join('__') || 'unknown';
+        return { description: `MCP: ${server} → ${tool}`, risk: 'yellow', detail: `Server: ${server}, Tool: ${tool}` };
+    }
+    // Standard tools
+    const toolName = perm.match(/^(Read|Write|Edit|Glob|Grep|WebSearch)/)?.[1];
+    if (toolName && TOOL_DESCRIPTIONS[toolName]) {
+        return { description: TOOL_DESCRIPTIONS[toolName], risk: 'green' };
+    }
+    return { description: perm, risk: 'yellow' };
+}

package/dist/interactive.js CHANGED Viewed

@@ -6,13 +6,14 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.startInteractive = startInteractive;
 const node_readline_1 = __importDefault(require("node:readline"));
 const colors_js_1 = require("./colors.js");
+const explain_js_1 = require("./explain.js");
 // strip ANSI escape codes for visible length
 function visLen(s) {
     return s.replace(/\x1b\[[0-9;]*m/g, '').length;
 }
 function boxLine(text, width) {
     const vis = visLen(text);
-    const padRight = Math.max(0, width - vis - 1);
+    const padRight = Math.max(0, width - vis - 3);
     return `${colors_js_1.DIM}│${colors_js_1.NC} ${text}${' '.repeat(padRight)}${colors_js_1.DIM}│${colors_js_1.NC}`;
 }
 function boxTop(title, info, width) {
@@ -42,7 +43,7 @@ function startInteractive(merged, results) {
             resolve();
             return;
         }
-        const state = { view: 'list', cursor: 0, scrollOffset: 0, selectedProject: 0, detailCursor: 0, detailScroll: 0, expanded: new Set() };
+        const state = { view: 'list', cursor: 0, scrollOffset: 0, selectedProject: 0, detailCursor: 0, detailScroll: 0, expanded: new Set(), showInfo: false };
         node_readline_1.default.emitKeypressEvents(process.stdin);
         if (process.stdin.isTTY)
             process.stdin.setRawMode(true);
@@ -101,6 +102,9 @@ function startInteractive(merged, results) {
                 else if (key.name === 'return') {
                     state._toggle = true;
                 }
+                else if (key.name === 'i') {
+                    state.showInfo = !state.showInfo;
+                }
             }
             render();
         };
@@ -179,10 +183,21 @@ function renderDetail(state, withPerms, results) {
         const arrow = isOpen ? '▾' : '▸';
         navRows.push({ text: `${colors_js_1.YELLOW}${arrow} ${group.category}${colors_js_1.NC} ${colors_js_1.DIM}(${group.items.length})${colors_js_1.NC}`, key });
         if (isOpen) {
-            const maxLen = w - 12;
             for (const item of group.items) {
-                const name = item.name.length > maxLen ? item.name.slice(0, maxLen - 1) + '…' : item.name;
-                navRows.push({ text: `  ${colors_js_1.DIM}${name}${colors_js_1.NC}` });
+                if (state.showInfo) {
+                    const info = (0, explain_js_1.explainPermission)(item.name);
+                    const riskColor = info.risk === 'red' ? colors_js_1.RED : info.risk === 'yellow' ? colors_js_1.YELLOW : colors_js_1.GREEN;
+                    const dot = `${riskColor}●${colors_js_1.NC}`;
+                    const maxLen = w - 16;
+                    const name = item.name.length > maxLen ? item.name.slice(0, maxLen - 1) + '…' : item.name;
+                    navRows.push({ text: `  ${dot} ${colors_js_1.DIM}${name}${colors_js_1.NC}`, perm: item.name });
+                    navRows.push({ text: `      ${colors_js_1.DIM}${info.description}${colors_js_1.NC}` });
+                }
+                else {
+                    const maxLen = w - 12;
+                    const name = item.name.length > maxLen ? item.name.slice(0, maxLen - 1) + '…' : item.name;
+                    navRows.push({ text: `  ${colors_js_1.DIM}${name}${colors_js_1.NC}`, perm: item.name });
+                }
             }
         }
     }
@@ -219,7 +234,8 @@ function renderDetail(state, withPerms, results) {
         const prefix = isCursor ? `${colors_js_1.CYAN}▸ ` : '  ';
         lines.push(boxLine(`${prefix}${row.text}`, w));
     }
-    lines.push(boxBottom('[↑↓] navigate  [Enter] expand  [Esc] back  [q] quit', w));
+    const infoHint = state.showInfo ? '[i] hide info' : '[i] info';
+    lines.push(boxBottom(`[↑↓] navigate  [Enter] expand  ${infoHint}  [Esc] back  [q] quit`, w));
     process.stdout.write(lines.join('\n') + '\n');
 }
 function pad(s, n) {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "ccperm",
-  "version": "1.8.5",
+  "version": "1.9.0",
   "description": "Audit Claude Code permissions across all your projects",
   "bin": {
     "ccperm": "bin/ccperm.js"