npm - claude-warden - Versions diffs - 1.4.0 → 1.5.1 - Mend

claude-warden 1.4.0 → 1.5.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/.claude-plugin/plugin.json +1 -1
package/config/warden.default.yaml +6 -0
package/dist/index.cjs +75 -0
package/package.json +1 -1

package/.claude-plugin/plugin.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "claude-warden",
-  "version": "1.4.0",
+  "version": "1.5.1",
   "description": "Smart command safety filter for Claude Code — parses shell pipelines and evaluates per-command safety rules to auto-approve safe commands and block dangerous ones",
   "author": {
     "name": "banyudu"

package/config/warden.default.yaml CHANGED Viewed

@@ -13,6 +13,12 @@ defaultDecision: ask
 # If true, commands containing $() or backticks trigger "ask"
 askOnSubshell: true
+# Send OS notifications when warden prompts for permission or blocks a command.
+# On macOS, uses terminal-notifier (click to activate terminal) or osascript fallback.
+# On Linux, uses notify-send.
+notifyOnAsk: true
+notifyOnDeny: true
 # Additional commands to always allow (checked after alwaysDeny within this scope)
 # alwaysAllow:
 #   - terraform

package/dist/index.cjs CHANGED Viewed

@@ -18988,6 +18988,8 @@ function pkgRunnerRule(command) {
 var DEFAULT_CONFIG = {
   defaultDecision: "ask",
   askOnSubshell: true,
+  notifyOnAsk: true,
+  notifyOnDeny: true,
   trustedSSHHosts: [],
   trustedDockerContainers: [],
   trustedKubectlContexts: [],
@@ -19578,6 +19580,12 @@ function mergeNonLayerFields(config, raw) {
   if (typeof raw.askOnSubshell === "boolean") {
     config.askOnSubshell = raw.askOnSubshell;
   }
+  if (typeof raw.notifyOnAsk === "boolean") {
+    config.notifyOnAsk = raw.notifyOnAsk;
+  }
+  if (typeof raw.notifyOnDeny === "boolean") {
+    config.notifyOnDeny = raw.notifyOnDeny;
+  }
   if (raw.trustedContextOverrides && typeof raw.trustedContextOverrides === "object") {
     const overrides = raw.trustedContextOverrides;
     const layer = extractLayer(overrides);
@@ -19666,6 +19674,62 @@ See /claude-warden:warden-allow`;
   return lines.join("\n");
 }
+// src/notify.ts
+var import_child_process = require("child_process");
+var TERMINAL_BUNDLE_IDS = {
+  "iTerm.app": "com.googlecode.iterm2",
+  "Apple_Terminal": "com.apple.Terminal",
+  "Alacritty": "com.github.alacritty.Alacritty",
+  "WezTerm": "io.wezfurlong.wezterm"
+};
+var terminalNotifierAvailable = null;
+function hasTerminalNotifier() {
+  if (terminalNotifierAvailable !== null) return terminalNotifierAvailable;
+  try {
+    (0, import_child_process.execFileSync)("which", ["terminal-notifier"], { stdio: "ignore" });
+    terminalNotifierAvailable = true;
+  } catch {
+    terminalNotifierAvailable = false;
+  }
+  return terminalNotifierAvailable;
+}
+function getBundleId() {
+  const termProgram = process.env.TERM_PROGRAM;
+  if (!termProgram) return void 0;
+  return TERMINAL_BUNDLE_IDS[termProgram];
+}
+function buildNotifyCommand(title, message) {
+  const platform = process.platform;
+  if (platform === "darwin") {
+    if (hasTerminalNotifier()) {
+      const args2 = ["-title", title, "-message", message];
+      const bundleId = getBundleId();
+      if (bundleId) {
+        args2.push("-activate", bundleId);
+      }
+      return { cmd: "terminal-notifier", args: args2 };
+    }
+    const script = `display notification ${JSON.stringify(message)} with title ${JSON.stringify(title)}`;
+    return { cmd: "osascript", args: ["-e", script] };
+  }
+  if (platform === "linux") {
+    return { cmd: "notify-send", args: [title, message] };
+  }
+  return null;
+}
+function sendNotification(title, message, config) {
+  try {
+    const notifyCmd = buildNotifyCommand(title, message);
+    if (!notifyCmd) return;
+    const child = (0, import_child_process.spawn)(notifyCmd.cmd, notifyCmd.args, {
+      detached: true,
+      stdio: "ignore"
+    });
+    child.unref();
+  } catch {
+  }
+}
 // src/index.ts
 async function main() {
   let raw = "";
@@ -19681,6 +19745,9 @@ async function main() {
   if (input.tool_name !== "Bash") {
     process.exit(0);
   }
+  if (input.permission_mode === "dangerously-skip-permissions") {
+    process.exit(0);
+  }
   const command = input.tool_input?.command;
   if (!command || typeof command !== "string") {
     process.exit(0);
@@ -19700,6 +19767,10 @@ async function main() {
     process.exit(0);
   }
   if (result.decision === "deny") {
+    if (config.notifyOnDeny) {
+      const truncated = command.length > 80 ? command.slice(0, 77) + "..." : command;
+      sendNotification("Claude Warden", `Blocked: ${truncated}`, config);
+    }
     const msg2 = formatSystemMessage("deny", command, result.details);
     const output2 = {
       hookSpecificOutput: {
@@ -19713,6 +19784,10 @@ async function main() {
 `);
     process.exit(2);
   }
+  if (config.notifyOnAsk) {
+    const truncated = command.length > 80 ? command.slice(0, 77) + "..." : command;
+    sendNotification("Claude Warden", `Permission needed: ${truncated}`, config);
+  }
   const msg = formatSystemMessage("ask", command, result.details);
   const output = {
     hookSpecificOutput: {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "claude-warden",
-  "version": "1.4.0",
+  "version": "1.5.1",
   "description": "Smart command safety filter for Claude Code — auto-approves safe commands, blocks dangerous ones",
   "type": "module",
   "main": "dist/index.cjs",