npm - coder-config - Versions diffs - 0.46.16 → 0.47.2-beta - Mend

coder-config 0.46.16 → 0.47.2-beta

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/config-loader.js CHANGED Viewed

@@ -28,7 +28,7 @@ const { init, show } = require('./lib/init');
 const { memoryList, memoryInit, memoryAdd, memorySearch } = require('./lib/memory');
 const { envList, envSet, envUnset } = require('./lib/env');
 const { getProjectsRegistryPath, loadProjectsRegistry, saveProjectsRegistry, projectList, projectAdd, projectRemove } = require('./lib/projects');
-const { getWorkstreamsPath, loadWorkstreams, saveWorkstreams, workstreamList, workstreamCreate, workstreamUpdate, workstreamDelete, workstreamUse, workstreamActive, workstreamAddProject, workstreamRemoveProject, workstreamInject, workstreamDetect, workstreamGet, getActiveWorkstream, countWorkstreamsForProject, workstreamInstallHook, workstreamInstallHookGemini, workstreamInstallHookCodex, workstreamDeactivate, workstreamCheckPath, getSettingsPath, loadSettings, saveSettings, workstreamAddTrigger, workstreamRemoveTrigger, workstreamSetAutoActivate, setGlobalAutoActivate, shouldAutoActivate, workstreamCheckFolder, workstreamInstallCdHook, workstreamUninstallCdHook, workstreamCdHookStatus, discoverSubProjects, generateRulesFromRepos, generateRulesWithClaude, generateRulesWithAI, getAvailableAITools, findAIBinary, AI_TOOLS } = require('./lib/workstreams');
+const { getWorkstreamsPath, loadWorkstreams, saveWorkstreams, workstreamList, workstreamCreate, workstreamUpdate, workstreamDelete, workstreamUse, workstreamActive, workstreamAddProject, workstreamRemoveProject, workstreamInject, workstreamDetect, workstreamGet, getActiveWorkstream, countWorkstreamsForProject, workstreamInstallHook, workstreamInstallHookGemini, workstreamInstallHookCodex, workstreamDeactivate, workstreamCheckPath, getSettingsPath, loadSettings, saveSettings, workstreamAddTrigger, workstreamRemoveTrigger, workstreamSetAutoActivate, setGlobalAutoActivate, shouldAutoActivate, workstreamCheckFolder, workstreamInstallCdHook, workstreamUninstallCdHook, workstreamCdHookStatus, discoverSubProjects, generateRulesFromRepos, generateRulesWithClaude, generateRulesWithAI, getAvailableAITools, findAIBinary, AI_TOOLS, workstreamSetSandbox } = require('./lib/workstreams');
 const { getActivityPath, getDefaultActivity, loadActivity, saveActivity, detectProjectRoot, activityLog, activitySummary, generateWorkstreamName, activitySuggestWorkstreams, activityClear } = require('./lib/activity');
 const { getLoopsPath, loadLoops, saveLoops, loadLoopState, saveLoopState, loadHistory, saveHistory, loopList, loopCreate, loopGet, loopUpdate, loopDelete, loopStart, loopPause, loopResume, loopCancel, loopApprove, loopComplete, loopFail, loopStatus, loopHistory, loopConfig, getActiveLoop, recordIteration, saveClarifications, savePlan, loadClarifications, loadPlan, loopInject, archiveLoop } = require('./lib/loops');
 const { getSessionStatus, showSessionStatus, flushContext, clearContext, installHooks: sessionInstallHooks, getFlushedContext, installFlushCommand, installAll: sessionInstallAll, SESSION_DIR, FLUSHED_CONTEXT_FILE } = require('./lib/sessions');
@@ -132,12 +132,12 @@ class ClaudeConfigManager {
   }
   // Apply
-  apply(projectDir) { return apply(this.registryPath, projectDir); }
+  apply(projectDir) { return apply(this.registryPath, projectDir, this.installDir); }
   applyForAntigravity(projectDir) { return applyForAntigravity(this.registryPath, projectDir); }
   applyForGemini(projectDir) { return applyForGemini(this.registryPath, projectDir); }
   detectInstalledTools() { return detectInstalledTools(); }
   getToolPaths() { return TOOL_PATHS; }
-  applyForTools(projectDir, tools) { return applyForTools(this.registryPath, projectDir, tools); }
+  applyForTools(projectDir, tools) { return applyForTools(this.registryPath, projectDir, tools, this.installDir); }
   // MCPs (project)
   list() { return list(this.registryPath); }
@@ -197,7 +197,7 @@ class ClaudeConfigManager {
   workstreamInstallHook() { return workstreamInstallHook(); }
   workstreamInstallHookGemini() { return workstreamInstallHookGemini(); }
   workstreamInstallHookCodex() { return workstreamInstallHookCodex(); }
-  workstreamDeactivate() { return workstreamDeactivate(); }
+  workstreamDeactivate() { return workstreamDeactivate(this.installDir); }
   workstreamCheckPath(targetPath, silent) { return workstreamCheckPath(this.installDir, targetPath, silent); }
   // Workstream folder auto-activation
   getSettingsPath() { return getSettingsPath(this.installDir); }
@@ -206,6 +206,7 @@ class ClaudeConfigManager {
   workstreamAddTrigger(idOrName, folderPath) { return workstreamAddTrigger(this.installDir, idOrName, folderPath); }
   workstreamRemoveTrigger(idOrName, folderPath) { return workstreamRemoveTrigger(this.installDir, idOrName, folderPath); }
   workstreamSetAutoActivate(idOrName, value) { return workstreamSetAutoActivate(this.installDir, idOrName, value); }
+  workstreamSetSandbox(idOrName, value) { return workstreamSetSandbox(this.installDir, idOrName, value); }
   setGlobalAutoActivate(value) { return setGlobalAutoActivate(this.installDir, value); }
   shouldAutoActivate(workstream) { return shouldAutoActivate(this.installDir, workstream); }
   workstreamCheckFolder(folderPath, jsonOutput) { return workstreamCheckFolder(this.installDir, folderPath, jsonOutput); }

package/lib/apply.js CHANGED Viewed

@@ -8,11 +8,12 @@ const { execSync } = require('child_process');
 const { TOOL_PATHS } = require('./constants');
 const { loadJson, saveJson, loadEnvFile, interpolate, resolveEnvVars } = require('./utils');
 const { findProjectRoot, findAllConfigs, mergeConfigs, findAllConfigsForTool } = require('./config');
+const { getActiveWorkstream, applySandboxIfEnabled } = require('./workstreams');
 /**
  * Generate .mcp.json for a project (with hierarchical config merging)
  */
-function apply(registryPath, projectDir = null) {
+function apply(registryPath, projectDir = null, installDir = null) {
   const dir = projectDir || findProjectRoot() || process.cwd();
   const registry = loadJson(registryPath);
@@ -100,6 +101,19 @@ function apply(registryPath, projectDir = null) {
   console.log(`✓ Generated ${outputPath}`);
   console.log(`  └─ ${count} MCP(s): ${Object.keys(output.mcpServers).join(', ')}`);
+  // Generate settings.local.json with additionalDirectories for workstream sandbox scope
+  if (installDir) {
+    const active = getActiveWorkstream(installDir);
+    if (applySandboxIfEnabled(active, dir)) {
+      const resolvedDir = path.resolve(dir);
+      const count = active.projects.filter(p =>
+        path.resolve(p) !== resolvedDir && !resolvedDir.startsWith(path.resolve(p) + path.sep)
+      ).length;
+      console.log(`✓ Generated .claude/settings.local.json (sandbox scope)`);
+      console.log(`  └─ ${count} additional director${count === 1 ? 'y' : 'ies'}`);
+    }
+  }
   // Generate settings.json with enabledPlugins if any are configured
   if (mergedConfig.enabledPlugins && Object.keys(mergedConfig.enabledPlugins).length > 0) {
     const settingsPath = path.join(dir, '.claude', 'settings.json');
@@ -424,12 +438,12 @@ function detectInstalledTools() {
 /**
  * Apply config for multiple tools based on preferences
  */
-function applyForTools(registryPath, projectDir = null, tools = ['claude']) {
+function applyForTools(registryPath, projectDir = null, tools = ['claude'], installDir = null) {
   const results = {};
   for (const tool of tools) {
     if (tool === 'claude') {
-      results.claude = apply(registryPath, projectDir);
+      results.claude = apply(registryPath, projectDir, installDir);
     } else if (tool === 'gemini') {
       results.gemini = applyForGemini(registryPath, projectDir);
     } else if (tool === 'antigravity') {

package/lib/cli.js CHANGED Viewed

@@ -194,6 +194,13 @@ function runCli(manager) {
           process.exit(1);
         }
         manager.workstreamRemoveTrigger(args[2], args[3]);
+      } else if (args[1] === 'sandbox') {
+        if (!args[2]) {
+          console.error('Usage: coder-config workstream sandbox <workstream> [on|off]');
+          process.exit(1);
+        }
+        const value = args[3] || 'on';
+        manager.workstreamSetSandbox(args[2], value);
       } else if (args[1] === 'auto-activate') {
         if (!args[2]) {
           console.error('Usage: coder-config workstream auto-activate <workstream> [on|off|default]');
@@ -385,7 +392,7 @@ ${chalk.dim('Configuration manager for AI coding tools (Claude Code, Gemini CLI,
   // Project Commands
   console.log(box('Project', [
     cmd('init', 'Initialize project with .claude/mcps.json'),
-    cmd('apply', 'Generate .mcp.json from config'),
+    cmd('apply', 'Generate .mcp.json and sandbox scope'),
     cmd('show', 'Show current project config'),
     cmd('list', 'List available MCPs (✓ = active)'),
     cmd('add <mcp> [mcp...]', 'Add MCP(s) to project'),
@@ -434,6 +441,7 @@ ${chalk.dim('Configuration manager for AI coding tools (Claude Code, Gemini CLI,
     cmd('workstream use <name>', 'Set active workstream'),
     cmd('workstream add <ws> <path>', 'Add project to workstream'),
     cmd('workstream remove <ws> <path>', 'Remove from workstream'),
+    cmd('workstream sandbox <ws> [on|off]', 'Toggle sandbox enforcement'),
     cmd('workstream install-hook', 'Install pre-prompt hook'),
   ]));
   console.log();

package/lib/constants.js CHANGED Viewed

@@ -2,7 +2,7 @@
  * Constants and tool path configurations
  */
-const VERSION = '0.46.16';
+const VERSION = '0.47.2-beta';
 // Tool-specific path configurations
 const TOOL_PATHS = {

package/lib/workstreams.js CHANGED Viewed

@@ -86,7 +86,11 @@ function workstreamList(installDir) {
   const detected = workstreamDetect(installDir, process.cwd());
   for (const ws of data.workstreams) {
     const active = detected && ws.id === detected.id ? '● ' : '○ ';
-    console.log(`${active}${ws.name}`);
+    const badges = [];
+    if (ws.sandbox === true) badges.push('[sandbox]');
+    if (ws.autoActivate === true) badges.push('[auto]');
+    const badgeStr = badges.length > 0 ? ' ' + badges.join(' ') : '';
+    console.log(`${active}${ws.name}${badgeStr}`);
     if (ws.projects && ws.projects.length > 0) {
       console.log(`    Projects: ${ws.projects.map(p => path.basename(p)).join(', ')}`);
     }
@@ -391,6 +395,9 @@ function workstreamInject(installDir, silent = false) {
   // Always output the context (for hooks), silent only suppresses "no active" message
   console.log(output);
+  // Generate settings.local.json with additionalDirectories for sandbox scope
+  applySandboxIfEnabled(active, process.cwd());
   return output;
 }
@@ -633,10 +640,93 @@ fi
   return true;
 }
+/**
+ * Apply sandbox settings if the workstream has sandbox enabled.
+ * Shared logic used by both workstreamInject() and apply().
+ * @param {object} active - Active workstream object
+ * @param {string} dir - Target project directory (absolute)
+ * @returns {boolean} Whether sandbox settings were written
+ */
+function applySandboxIfEnabled(active, dir) {
+  if (!active || active.sandbox !== true || !active.projects || active.projects.length === 0) {
+    return false;
+  }
+  const resolvedDir = path.resolve(dir);
+  const otherProjects = active.projects.filter(p => {
+    const resolved = path.resolve(p);
+    return resolved !== resolvedDir && !resolvedDir.startsWith(resolved + path.sep);
+  });
+  if (otherProjects.length > 0) {
+    writeWorkstreamSandboxSettings(resolvedDir, otherProjects);
+    return true;
+  }
+  return false;
+}
+/**
+ * Write additionalDirectories to .claude/settings.local.json for sandbox scope
+ */
+function writeWorkstreamSandboxSettings(dir, additionalDirectories) {
+  const claudeDir = path.join(dir, '.claude');
+  const settingsLocalPath = path.join(claudeDir, 'settings.local.json');
+  let existing = {};
+  if (fs.existsSync(settingsLocalPath)) {
+    try { existing = JSON.parse(fs.readFileSync(settingsLocalPath, 'utf8')); } catch {}
+  }
+  const permissions = existing.permissions || {};
+  permissions.additionalDirectories = additionalDirectories;
+  if (!fs.existsSync(claudeDir)) {
+    fs.mkdirSync(claudeDir, { recursive: true });
+  }
+  fs.writeFileSync(settingsLocalPath, JSON.stringify({ ...existing, permissions }, null, 2) + '\n');
+}
+/**
+ * Remove additionalDirectories from .claude/settings.local.json
+ */
+function removeWorkstreamSandboxSettings(dir) {
+  const settingsLocalPath = path.join(dir, '.claude', 'settings.local.json');
+  if (!fs.existsSync(settingsLocalPath)) return;
+  let existing = {};
+  try { existing = JSON.parse(fs.readFileSync(settingsLocalPath, 'utf8')); } catch { return; }
+  if (existing.permissions && existing.permissions.additionalDirectories) {
+    delete existing.permissions.additionalDirectories;
+    // Clean up empty permissions object
+    if (Object.keys(existing.permissions).length === 0) {
+      delete existing.permissions;
+    }
+    // If nothing left, remove the file
+    if (Object.keys(existing).length === 0) {
+      fs.unlinkSync(settingsLocalPath);
+    } else {
+      fs.writeFileSync(settingsLocalPath, JSON.stringify(existing, null, 2) + '\n');
+    }
+  }
+}
 /**
  * Deactivate workstream (output shell command to unset env var)
  */
-function workstreamDeactivate() {
+function workstreamDeactivate(installDir) {
+  // Clean up sandbox settings from all workstream project directories
+  if (installDir) {
+    const active = getActiveWorkstream(installDir);
+    if (active && active.projects) {
+      for (const p of active.projects) {
+        removeWorkstreamSandboxSettings(path.resolve(p));
+      }
+    }
+  }
+  // Also clean CWD in case it's not a listed project
+  removeWorkstreamSandboxSettings(process.cwd());
   console.log('To deactivate the workstream for this session, run:');
   console.log('  unset CODER_WORKSTREAM');
   console.log('\nOr to clear the global active workstream:');
@@ -1308,6 +1398,38 @@ function workstreamRemoveTrigger(installDir, idOrName, folderPath) {
   return ws;
 }
+/**
+ * Set sandbox mode for a workstream
+ * When true: generates additionalDirectories in settings.local.json for OS-level enforcement
+ * When false (default): only injects advisory LLM rules (softer, LLM can override if important)
+ */
+function workstreamSetSandbox(installDir, idOrName, value) {
+  const data = loadWorkstreams(installDir);
+  const ws = data.workstreams.find(
+    w => w.id === idOrName || w.name.toLowerCase() === idOrName.toLowerCase()
+  );
+  if (!ws) {
+    console.error(`Workstream not found: ${idOrName}`);
+    return null;
+  }
+  if (value === 'on' || value === true || value === 'true') {
+    ws.sandbox = true;
+    console.log(`✓ Sandbox enabled for ${ws.name} (OS-level directory enforcement)`);
+  } else if (value === 'off' || value === false || value === 'false') {
+    ws.sandbox = false;
+    console.log(`✓ Sandbox disabled for ${ws.name} (advisory LLM rules only)`);
+  } else {
+    console.error(`Invalid value: ${value}. Use "on" or "off".`);
+    return null;
+  }
+  ws.updatedAt = new Date().toISOString();
+  saveWorkstreams(installDir, data);
+  return ws;
+}
 /**
  * Set auto-activate for a workstream
  * value: true, false, or null (use global default)
@@ -1641,4 +1763,6 @@ module.exports = {
   workstreamInstallCdHook,
   workstreamUninstallCdHook,
   workstreamCdHookStatus,
+  applySandboxIfEnabled,
+  workstreamSetSandbox,
 };

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "coder-config",
-  "version": "0.46.16",
+  "version": "0.47.2-beta",
   "description": "Configuration manager for AI coding tools - Claude Code, Gemini CLI, Codex CLI, Antigravity. Manage MCPs, rules, permissions, memory, and workstreams.",
   "author": "regression.io",
   "main": "config-loader.js",