npm - deepcode-ai - Versions diffs - 1.1.27 → 1.1.28 - Mend

deepcode-ai 1.1.27 → 1.1.28

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/index.js CHANGED Viewed

@@ -3489,7 +3489,7 @@ Caminho: ${selectedPath}`;
     const effectiveModel = resolvedModel;
     if (!effectiveModel) {
       throw new Error(
-        "No model configured. Set 'defaultModel'/'defaultModels' in .deepcode/config.json or DEEPCODE_MODEL environment variable."
+        `No model configured for ${resolvedTarget.provider}. Run /model or set defaultModels.${resolvedTarget.provider} in .deepcode/config.json, or set DEEPCODE_MODEL.`
       );
     }
     session.status = "planning";
@@ -3552,7 +3552,7 @@ Caminho: ${selectedPath}`;
     const model = options.model ?? session.model ?? resolveConfiguredModelForProvider(this.config, providerId);
     if (!model) {
       throw new Error(
-        "No model configured. Set 'defaultModel'/'defaultModels' in .deepcode/config.json or DEEPCODE_MODEL environment variable."
+        `No model configured for ${providerId}. Run /model or set defaultModels.${providerId} in .deepcode/config.json, or set DEEPCODE_MODEL.`
       );
     }
     const alreadyTrackingBudget = this.activeBudgets.has(session.id);
@@ -3919,6 +3919,7 @@ ${assistantText}` : assistantText;
         errorMessage: `Invalid arguments for ${call.name}: ${parsed.error.message}`
       };
     }
+    const scopedSecurity = this.securityForSession(session);
     const context = {
       sessionId: session.id,
       messageId: createId("msg"),
@@ -3928,8 +3929,8 @@ ${assistantText}` : assistantText;
       config: this.config,
       agentMode: mode,
       cache: this.cache,
-      permissions: this.permissions,
-      pathSecurity: this.pathSecurity,
+      permissions: scopedSecurity.permissions,
+      pathSecurity: scopedSecurity.pathSecurity,
       logActivity: (activity) => {
         const full = { ...activity, id: createId("activity"), createdAt: nowIso() };
         session.activities.push(full);
@@ -3979,6 +3980,13 @@ ${assistantText}` : assistantText;
       };
     }
   }
+  securityForSession(session) {
+    const pathSecurity = this.pathSecurity.forWorktree(session.worktree);
+    return {
+      pathSecurity,
+      permissions: this.permissions.forPathSecurity(pathSecurity)
+    };
+  }
   logToolActivity(session, activity) {
     const full = { ...activity, id: createId("activity"), createdAt: nowIso() };
     session.activities.push(full);
@@ -4234,8 +4242,9 @@ ${assistantText}` : assistantText;
       return "Git nao esta instalado. Quer que eu instale?";
     }
     const scanInput = inputPath === "." ? process.env.HOME ?? inputPath : inputPath;
-    const rootPath = await this.pathSecurity.normalize(scanInput, { enforceAccess: false });
-    await this.permissions.ensure({ operation: "list_projects", kind: "read", path: rootPath });
+    const security = this.securityForSession(session);
+    const rootPath = await security.pathSecurity.normalize(scanInput, { enforceAccess: false });
+    await security.permissions.ensure({ operation: "list_projects", kind: "read", path: rootPath });
     const results = [];
     await this.walkForProjects(rootPath, 3, results, /* @__PURE__ */ new Set());
     if (results.length === 0) {
@@ -6485,10 +6494,14 @@ function globToRegex(glob) {
   }
   return new RegExp(`^${globPatternToRegexSource(glob)}$`);
 }
-var PathSecurity = class {
+var PathSecurity = class _PathSecurity {
   constructor(worktree, rules) {
     this.worktree = worktree;
     this.home = process.env.HOME ?? os2.homedir();
+    this.sourceRules = {
+      whitelist: [...rules.whitelist],
+      blacklist: [...rules.blacklist]
+    };
     this.rules = {
       whitelist: rules.whitelist.map((rule) => this.expand(rule, this.home)),
       blacklist: rules.blacklist.map((rule) => this.expand(rule, this.home))
@@ -6496,7 +6509,11 @@ var PathSecurity = class {
   }
   worktree;
   rules;
+  sourceRules;
   home;
+  forWorktree(worktree) {
+    return new _PathSecurity(path7.resolve(worktree), this.sourceRules);
+  }
   async normalize(inputPath, options = {}) {
     const enforceAccess = options.enforceAccess ?? true;
     const resolved = await this.resolvePath(inputPath);
@@ -6556,13 +6573,16 @@ var PathSecurity = class {
     return targetPath;
   }
 };
-var PermissionGateway = class {
-  constructor(config, pathSecurity, audit, eventBus, interactive = false) {
+var PermissionGateway = class _PermissionGateway {
+  constructor(config, pathSecurity, audit, eventBus, interactive = false, state) {
     this.config = config;
     this.pathSecurity = pathSecurity;
     this.audit = audit;
     this.eventBus = eventBus;
     this.interactive = interactive;
+    this.sessionAllowSet = state?.sessionAllowSet ?? /* @__PURE__ */ new Set();
+    this.alwaysAllowSet = state?.alwaysAllowSet ?? /* @__PURE__ */ new Set();
+    this.pendingApprovals = state?.pendingApprovals ?? /* @__PURE__ */ new Map();
   }
   config;
   pathSecurity;
@@ -6570,11 +6590,25 @@ var PermissionGateway = class {
   eventBus;
   interactive;
   /** Set of operation+path keys that were approved for the current session */
-  sessionAllowSet = /* @__PURE__ */ new Set();
+  sessionAllowSet;
   /** Set of operation+path keys that were approved permanently (always) */
-  alwaysAllowSet = /* @__PURE__ */ new Set();
+  alwaysAllowSet;
   /** Map of pending approval requests by request ID */
-  pendingApprovals = /* @__PURE__ */ new Map();
+  pendingApprovals;
+  forPathSecurity(pathSecurity) {
+    return new _PermissionGateway(
+      this.config,
+      pathSecurity,
+      this.audit,
+      this.eventBus,
+      this.interactive,
+      {
+        sessionAllowSet: this.sessionAllowSet,
+        alwaysAllowSet: this.alwaysAllowSet,
+        pendingApprovals: this.pendingApprovals
+      }
+    );
+  }
   /** Clear all session-scoped permissions (e.g., when session ends) */
   clearSessionAllowSet() {
     this.sessionAllowSet.clear();
@@ -28118,7 +28152,7 @@ function parseVersion2(version) {
   if (!match) return null;
   return [Number(match[1]), Number(match[2]), Number(match[3])];
 }
-var VERSION = "1.1.27".length > 0 ? "1.1.27" : "0.0.0-dev";
+var VERSION = "1.1.28".length > 0 ? "1.1.28" : "0.0.0-dev";
 var updateCommand = {
   name: "update",
   description: "Check published DeepCode versions",
@@ -29697,6 +29731,7 @@ Follow-up suggestion:`;
     return null;
   }
 }
+var APPROVAL_ENTER_ARM_DELAY_MS = 350;
 var AppContainer = ({ cwd, config, provider, model, resumeSessionId }) => {
   const historyManager = useHistory();
   const addHistoryItem = historyManager.addItem;
@@ -29758,6 +29793,7 @@ var AppContainer = ({ cwd, config, provider, model, resumeSessionId }) => {
   const messageQueueRef = useRef17([]);
   const sessionShellAllowlistRef = useRef17(/* @__PURE__ */ new Set());
   const mainControlsRef = useRef17(null);
+  const approvalPromptVisibleAtRef = useRef17(null);
   const { stdin, setRawMode } = useStdin3();
   const { columns: terminalWidth, rows: terminalHeight } = useTerminalSize();
   const mainAreaWidth = Math.min(Math.max(terminalWidth - 4, 20), 120);
@@ -29985,12 +30021,14 @@ var AppContainer = ({ cwd, config, provider, model, resumeSessionId }) => {
   }, [messageQueue]);
   useEffect27(() => {
     if (approvalQueue.length > 0) {
+      approvalPromptVisibleAtRef.current ??= Date.now();
       setStreamingState(
         "waiting_for_confirmation"
         /* WaitingForConfirmation */
       );
       return;
     }
+    approvalPromptVisibleAtRef.current = null;
     if (isRunning) {
       setStreamingState(
         "responding"
@@ -30416,6 +30454,8 @@ var AppContainer = ({ cwd, config, provider, model, resumeSessionId }) => {
       let status = "Success";
       let resultDisplay = "(no output)";
       try {
+        const pathSecurity = runtime.pathSecurity.forWorktree(session.worktree);
+        const permissions = runtime.permissions.forPathSecurity(pathSecurity);
         const result = await runToolEffect(
           tool.execute(parsed.data, {
             sessionId: session.id,
@@ -30426,8 +30466,8 @@ var AppContainer = ({ cwd, config, provider, model, resumeSessionId }) => {
             config: runtime.config,
             agentMode,
             cache: runtime.cache,
-            permissions: runtime.permissions,
-            pathSecurity: runtime.pathSecurity,
+            permissions,
+            pathSecurity,
             logActivity: (activity) => {
               runtime.events.emit("activity", {
                 id: createId("activity"),
@@ -30973,10 +31013,12 @@ var AppContainer = ({ cwd, config, provider, model, resumeSessionId }) => {
     }
     if (approvalQueue.length > 0) {
       const pressed = input.toLowerCase();
-      if (pressed === "y" || key.return) {
+      const enterArmed = approvalPromptVisibleAtRef.current !== null && Date.now() - approvalPromptVisibleAtRef.current >= APPROVAL_ENTER_ARM_DELAY_MS;
+      if (pressed === "y" || key.return && enterArmed) {
         resolveApproval({ allowed: true, scope: "once", reason: "Approved in TUI" });
         return;
       }
+      if (key.return) return;
       if (pressed === "s") {
         resolveApproval({ allowed: true, scope: "session", reason: "Approved for session in TUI" });
         return;