npm - llm-cli-gateway - Versions diffs - 1.17.0 → 1.17.1 - Mend

llm-cli-gateway 1.17.0 → 1.17.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/CHANGELOG.md CHANGED Viewed

@@ -4,6 +4,18 @@ All notable changes to the llm-cli-gateway project.
 ## Unreleased
+## [1.17.1] - 2026-05-30 — Socket shell-access suppression
+Patch release updating the package's Socket policy for the reviewed gateway
+process-launching capability.
+### Changed
+- Suppressed Socket's `shellAccess` alert in `socket.yml` now that the
+  child-process surface is documented and release-audited.
+- Updated README Socket-alert wording so reviewers still get the bounded
+  shell-access rationale without seeing the same package alert on every release.
 ## [1.17.0] - 2026-05-30 — upstream provider tracking
 Feature release adding repeatable upstream-provider contract tracking for the

package/README.md CHANGED Viewed

@@ -1176,7 +1176,7 @@ The gateway supports concurrent requests across different CLIs. Each request spa
 ### Socket alerts — context for reviewers
-If you're vetting `llm-cli-gateway` through [Socket](https://socket.dev/npm/package/llm-cli-gateway) or a similar supply-chain scanner, you'll see three behavioural alerts and some dependency-ownership alerts. They are accurate descriptions of what the package does and what it depends on; we've left them visible (not silenced in `socket.yml`) so you don't have to take our word for it. Here's the context for each:
+If you're vetting `llm-cli-gateway` through [Socket](https://socket.dev/npm/package/llm-cli-gateway) or a similar supply-chain scanner, you'll see behavioural alerts and some dependency-ownership alerts. They are accurate descriptions of what the package does and what it depends on. The reviewed `shellAccess` capability is suppressed in `socket.yml` to avoid a repeat finding on every release; the rationale remains documented here and in the package.
 | Alert                            | Where                                                                                                                                                                                            | Why it's bounded                                                                                                                                                                                                                                                                                                                                                                                     |
 | -------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "llm-cli-gateway",
-  "version": "1.17.0",
+  "version": "1.17.1",
   "mcpName": "io.github.verivus-oss/llm-cli-gateway",
   "description": "MCP server providing unified access to Claude Code, Codex, Gemini, Grok, and Mistral Vibe CLIs with session management, retry logic, async job orchestration, durable job results, and cross-LLM validation.",
   "license": "MIT",

package/socket.yml CHANGED Viewed

@@ -2,11 +2,9 @@ version: 2
 # Socket alerts on llm-cli-gateway
 # ---------------------------------
-# This package intentionally triggers three of Socket's behavioural alerts.
-# We do NOT disable them — they are accurate descriptions of what the package
-# does, and silencing them would hide useful signal from anyone evaluating
-# this dependency. The rationale for each is documented inline below and in
-# detail under "Security Considerations" in README.md.
+# This package intentionally triggers behavioural alerts. They are accurate
+# descriptions of what the package does; the rationale for each is documented
+# inline below and in detail under "Security Considerations" in README.md.
 #
 #   networkAccess
 #     src/http-transport.ts opens an HTTP MCP transport (createServer/listen).
@@ -23,9 +21,10 @@ version: 2
 #
 #   shellAccess
 #     This alert fires on every module that imports node:child_process, and
-#     because spawning provider CLIs and git is the entire purpose of the
-#     package it surfaces on every release BY DESIGN — we keep it visible
-#     rather than silencing it. It is a capability description, not a finding.
+#     because spawning provider CLIs and git is the entire purpose of the package
+#     it is a reviewed capability description, not a finding. As of v1.17.1 this
+#     specific reviewed alert is suppressed via `issueRules.shellAccess: false`
+#     to avoid noisy repeat findings on every release.
 #
 #     INVARIANT enforced across ALL sites below: arguments are always passed
 #     as an array and `shell: true` is NEVER set, so there is no shell
@@ -75,6 +74,7 @@ issueRules:
   installScripts: true
   telemetry: true
   hasNativeCode: true            # better-sqlite3 — known and expected
+  shellAccess: false             # reviewed gateway capability; see rationale above
   shellScriptOverride: true
   gitDependency: true
   httpDependency: true