npm - log-llm-config - Versions diffs - 1.3.72 → 1.3.74 - Mend

log-llm-config 1.3.72 → 1.3.74

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/dist/compliance_prompt_gate.js +39 -4
package/dist/log_config_files/runtime/compliance_check.js +3 -0
package/dist/log_uuid/startup_sender.js +1 -1
package/package.json +1 -1

package/dist/compliance_prompt_gate.js CHANGED Viewed

@@ -8,12 +8,14 @@
  */
 import { applyAutofixViolations, normalizeAgentToken, pruneSatisfiedOneTimeRemediations, runLocalRemediationComplianceCheck, } from './log_config_files/runtime/compliance_check.js';
 import { existsSync, readFileSync, statSync } from 'node:fs';
-import { getRemediationInstructionsPath } from './log_config_files/runtime/management_storage.js';
+import { getRemediationInstructionsPath, readRemediationInstructionsFile } from './log_config_files/runtime/management_storage.js';
 import { hookLogSessionBanner, hookRunLog, logRemediationApplyFailure } from './log_config_files/runtime/hook_logger.js';
 import { isThisCliModule } from './cli_invocation_match.js';
 import { ensureAuthentication } from './log_config_files/auth/auth_flow.js';
 import { sendConfigFile } from './log_config_files/sender/batch_sender.js';
 import { tryResolveHardwareUuid } from './log_config_files/runtime/hardware_uuid.js';
+import { syncRemediations } from './log_config_files/runtime/remediation_sync.js';
+import { loadEndpointBase } from './log_config_files/sender/endpoint_config.js';
 const MANIFEST_STALE_MS = 7 * 24 * 60 * 60 * 1000;
 function parseIde() {
     const eq = process.argv.find((a) => a.startsWith('--ide='));
@@ -90,6 +92,19 @@ function autofixDialogLine(v) {
     const short = d.length > 160 ? `${d.slice(0, 157)}…` : d;
     return `• [${v.finding_formatted_id}] ${short}`;
 }
+/** Cursor restart dialog after enforced/preventive remediation is applied locally. */
+export function formatCursorRestartAutofixDialog(appliedViolations) {
+    const policyNames = [
+        ...new Set(appliedViolations
+            .map((v) => v.policy_name?.trim() || v.finding_title?.trim() || '')
+            .filter(Boolean)),
+    ];
+    const policyLabel = policyNames.length > 0 ? policyNames.join('\n\n') : 'Agent security policy';
+    return ('Optimus Labs enforced a preventive agent security policy as determined by your security team:\n\n' +
+        `${policyLabel}\n\n` +
+        'Cursor will now restart to apply this policy, and your context will be retained.\n\n' +
+        'Click OK to continue');
+}
 /**
  * Upload a secondary compliance file to the backend so the server can resolve the finding.
  * Fire-and-forget: upload runs in background; any failure is logged but does not block the gate.
@@ -135,6 +150,24 @@ export async function runCompliancePromptGate() {
     const ide = parseIde();
     const agent = parseAgent(ide);
     hookLogSessionBanner('compliance_prompt_gate (before submit)');
+    // Sync before checking so server-side changes (enforce/unenforce) propagate on every prompt
+    // without waiting for the background runner. Race against a 3 s timeout so a slow or
+    // unavailable server never delays the gate significantly.
+    const hw = tryResolveHardwareUuid();
+    if (hw) {
+        const { remediations } = readRemediationInstructionsFile();
+        if (Array.isArray(remediations) && remediations.length > 0) {
+            try {
+                await Promise.race([
+                    syncRemediations(loadEndpointBase(), hw),
+                    new Promise((resolve) => setTimeout(resolve, 3000)),
+                ]);
+            }
+            catch {
+                // Network or auth failure — fall back to local file state.
+            }
+        }
+    }
     const status = runLocalRemediationComplianceCheck(agent);
     // Secondary-satisfied: primary checks failed but settings.json (or equiv) has the fix.
     // Upload those files fire-and-forget so the backend can resolve the finding immediately.
@@ -189,9 +222,11 @@ export async function runCompliancePromptGate() {
             }
             if (deferredSqlitePending || recheckOk || claudeRecheckStaleAfterImmediateApply) {
                 const violationLabel = fixed === 1 ? 'policy violation' : 'policy violations';
-                const autofixMessage = `Optimus Labs auto-fixed ${fixed} ${violationLabel}:\n\n${appliedViolations
-                    .map((v) => autofixDialogLine(v))
-                    .join('\n')}`;
+                const autofixMessage = ide === 'cursor' && restartCommands.length > 0
+                    ? formatCursorRestartAutofixDialog(appliedViolations)
+                    : `Optimus Labs auto-fixed ${fixed} ${violationLabel}:\n\n${appliedViolations
+                        .map((v) => autofixDialogLine(v))
+                        .join('\n')}`;
                 const payload = { __optimus_autofix: true, autofix_message: autofixMessage };
                 if (restartCommands.length > 0)
                     payload.restart_commands = restartCommands;

package/dist/log_config_files/runtime/compliance_check.js CHANGED Viewed

@@ -325,6 +325,7 @@ export function runLocalRemediationComplianceCheck(agent = 'cursor') {
                                 description: check.description,
                                 finding_title: entry.finding_title,
                                 finding_description: entry.finding_description,
+                                policy_name: entry.policy_name,
                                 severity: compliance.severity,
                                 autofix_allowed: compliance.autofix_allowed,
                                 config_file_path: entry.config_file_path,
@@ -347,6 +348,7 @@ export function runLocalRemediationComplianceCheck(agent = 'cursor') {
                             description: check.description,
                             finding_title: entry.finding_title,
                             finding_description: entry.finding_description,
+                            policy_name: entry.policy_name,
                             severity: compliance.severity,
                             autofix_allowed: compliance.autofix_allowed,
                             config_file_path: entry.config_file_path,
@@ -371,6 +373,7 @@ export function runLocalRemediationComplianceCheck(agent = 'cursor') {
                         description: check.description,
                         finding_title: entry.finding_title,
                         finding_description: entry.finding_description,
+                        policy_name: entry.policy_name,
                         severity: compliance.severity,
                         autofix_allowed: compliance.autofix_allowed,
                         config_file_path: entry.config_file_path,

package/dist/log_uuid/startup_sender.js CHANGED Viewed

@@ -51,7 +51,7 @@ const getMetadata = () => ({
     github_username: process.env.GITHUB_USER || process.env.GH_USER || '',
     org_identifier: process.env.GITHUB_ORG || '',
     organization_uuid: readOrganizationUuid(),
-    repo_identifier: process.env.GITHUB_REPOSITORY || '',
+    repo_identifier: process.env.OPTIMUS_WORKSPACE_REPO || process.env.GITHUB_REPOSITORY || '',
     branch: process.env.GITHUB_REF_NAME || process.env.BRANCH_NAME || '',
     commit_sha: process.env.GITHUB_SHA || '',
     agent_name: process.env.OPTIMUS_AGENT || '',

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "log-llm-config",
-  "version": "1.3.72",
+  "version": "1.3.74",
   "description": "CLI helpers for logging hardware UUIDs and posting startup payloads to Optimus Security.",
   "type": "module",
   "bin": {