npm - opencode-landstrip - Versions diffs - 0.14.1 → 0.15.0 - Mend

opencode-landstrip 0.14.1 → 0.15.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/index.ts CHANGED Viewed

@@ -33,11 +33,11 @@ interface LandstripPolicy {
 }
 type LandstripTrap =
-  | { kind: 'Filesystem'; operation: 'read' | 'write'; path: string; mechanism: string }
-  | { kind: 'Network'; operation: string; target: string; mechanism: string }
-  | { kind: 'Launch'; program: string; message: string }
-  | { kind: 'Usage'; message: string }
-  | { kind: 'Internal'; fields: Record<string, string> };
+  | { kind: 'filesystem'; operation: 'read' | 'write'; path: string; mechanism: string }
+  | { kind: 'network'; operation: string; target: string; mechanism: string }
+  | { kind: 'launch'; program: string; message: string }
+  | { kind: 'usage'; message: string }
+  | { kind: 'internal'; detail: Record<string, string> };
 interface BashSandboxState {
   originalCommand: string;
@@ -58,7 +58,7 @@ interface SandboxPermissionDecision {
 type ToastVariant = 'info' | 'success' | 'warning' | 'error';
-const LANDSTRIP_VERSION = [0, 14, 5] as const;
+const LANDSTRIP_VERSION = [0, 15, 1] as const;
 const REQUIRED_LANDSTRIP_VERSION = LANDSTRIP_VERSION.join('.');
 const LANDSTRIP_OPERATIONS = new Set<'read' | 'write'>(['read', 'write']);
 const SUPPORTED_PLATFORMS = new Set<NodeJS.Platform>(['linux', 'darwin', 'win32']);
@@ -247,9 +247,9 @@ function extractBlockedPath(
   // Landstrip structured trap format carrying a denied path
   const landstripErrors = parseLandstripErrors(output);
   for (const trap of landstripErrors) {
-    if (trap.kind === 'Filesystem') return normalizeBlockedPath(trap.path, baseDirectory);
-    if (trap.kind === 'Internal' && trap.fields.file) {
-      return normalizeBlockedPath(trap.fields.file, baseDirectory);
+    if (trap.kind === 'filesystem') return normalizeBlockedPath(trap.path, baseDirectory);
+    if (trap.kind === 'internal' && trap.detail.file) {
+      return normalizeBlockedPath(trap.detail.file, baseDirectory);
     }
   }
@@ -407,40 +407,39 @@ function hasMinimumVersion(version: string, minimum: readonly [number, number, n
 function decodeLandstripTrap(value: unknown): LandstripTrap | null {
   if (typeof value !== 'object' || value === null || Array.isArray(value)) return null;
-  const entries = Object.entries(value as Record<string, unknown>);
-  if (entries.length !== 1) return null;
-  const [kind, payload] = entries[0];
-  switch (kind) {
-    case 'Filesystem': {
-      if (!Array.isArray(payload)) return null;
-      const [operation, path, mechanism] = payload;
+  const record = value as Record<string, unknown>;
+  const mechanism = typeof record.mechanism === 'string' ? record.mechanism : '';
+  switch (record.kind) {
+    case 'filesystem': {
+      const { operation, path } = record;
       if (!isLandstripOperation(operation) || typeof path !== 'string') return null;
-      return { kind, operation, path, mechanism: typeof mechanism === 'string' ? mechanism : '' };
+      return { kind: 'filesystem', operation, path, mechanism };
     }
-    case 'Network': {
-      if (!Array.isArray(payload)) return null;
-      const [operation, target, mechanism] = payload;
+    case 'network': {
+      const { operation, target } = record;
       if (typeof operation !== 'string' || typeof target !== 'string') return null;
-      return { kind, operation, target, mechanism: typeof mechanism === 'string' ? mechanism : '' };
+      return { kind: 'network', operation, target, mechanism };
     }
-    case 'Launch': {
-      if (!Array.isArray(payload)) return null;
-      const [program, message] = payload;
+    case 'launch': {
+      const { program, message } = record;
       if (typeof program !== 'string') return null;
-      return { kind, program, message: typeof message === 'string' ? message : '' };
+      return { kind: 'launch', program, message: typeof message === 'string' ? message : '' };
     }
-    case 'Usage': {
-      if (typeof payload !== 'string') return null;
-      return { kind, message: payload };
+    case 'usage': {
+      const { message } = record;
+      if (typeof message !== 'string') return null;
+      return { kind: 'usage', message };
     }
-    case 'Internal': {
-      if (typeof payload !== 'object' || payload === null || Array.isArray(payload)) return null;
-      const fields: Record<string, string> = {};
-      for (const [key, val] of Object.entries(payload as Record<string, unknown>)) {
-        fields[key] = typeof val === 'string' ? val : JSON.stringify(val);
+    case 'internal': {
+      const detail: Record<string, string> = {};
+      const payload = record.detail;
+      if (typeof payload === 'object' && payload !== null && !Array.isArray(payload)) {
+        for (const [key, val] of Object.entries(payload as Record<string, unknown>)) {
+          detail[key] = typeof val === 'string' ? val : JSON.stringify(val);
+        }
       }
-      return { kind, fields };
+      return { kind: 'internal', detail };
     }
     default:
       return null;
@@ -470,20 +469,20 @@ function parseLandstripErrors(output: string): LandstripTrap[] {
 function formatLandstripTrap(trap: LandstripTrap): string {
   switch (trap.kind) {
-    case 'Filesystem':
+    case 'filesystem':
       return `landstrip: filesystem ${trap.operation} denied (${trap.path})${
         trap.mechanism ? ` [${trap.mechanism}]` : ''
       }`;
-    case 'Network':
+    case 'network':
       return `landstrip: network ${trap.operation} denied (${trap.target})${
         trap.mechanism ? ` [${trap.mechanism}]` : ''
       }`;
-    case 'Launch':
+    case 'launch':
       return `landstrip: launch failed (${trap.program})${trap.message ? `: ${trap.message}` : ''}`;
-    case 'Usage':
+    case 'usage':
       return `landstrip: usage error: ${trap.message}`;
-    case 'Internal': {
-      const detail = Object.entries(trap.fields)
+    case 'internal': {
+      const detail = Object.entries(trap.detail)
         .map(([key, val]) => `${key}: ${val}`)
         .join(', ');
       return `landstrip: internal error${detail ? ` (${detail})` : ''}`;

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "opencode-landstrip",
-  "version": "0.14.1",
+  "version": "0.15.0",
   "description": "Landlock-based sandboxing for opencode with landstrip",
   "keywords": [
     "landlock",
@@ -49,7 +49,7 @@
     "ci:test": "npm test"
   },
   "dependencies": {
-    "@landstrip/landstrip": "^0.14.5"
+    "@landstrip/landstrip": "^0.15.1"
   },
   "devDependencies": {
     "@opencode-ai/plugin": "^1.17.7",

package/tui.ts CHANGED Viewed

@@ -64,7 +64,7 @@ function sandboxSummary(baseDirectory: string, optionOverrides: SandboxConfigOve
     `allow write: ${list(config.filesystem.allowWrite)}`,
     `deny write: ${list(config.filesystem.denyWrite)}`,
     '',
-    'esc or any key to close',
+    'Press esc or enter to close',
   ].join('\n');
 }
@@ -118,7 +118,10 @@ const tui: TuiPlugin = async (api, options, meta) => {
       activeId = undefined;
       api.ui.dialog.clear();
     }
-    pump();
+    // Defer: `clear()` above tears the dialog down by calling its `onClose`,
+    // and the host pops the stack asynchronously. Opening the next dialog
+    // synchronously here would race that teardown and get wiped.
+    queueMicrotask(pump);
   }
   async function replyPermission(
@@ -212,9 +215,11 @@ const tui: TuiPlugin = async (api, options, meta) => {
       () => {
         // Dialog dismissed (esc) without a choice: drop our hold so the next
         // pending permission can surface, but leave it unresolved upstream.
+        // The host pops the dialog itself; calling `clear()` here would re-enter
+        // this `onClose` (clear() invokes every entry's onClose) and loop until
+        // the stack overflows. Defer `pump()` so the pop settles first.
         if (activeId === permission.id) activeId = undefined;
-        api.ui.dialog.clear();
-        pump();
+        queueMicrotask(pump);
       },
     );
   }
@@ -233,14 +238,14 @@ const tui: TuiPlugin = async (api, options, meta) => {
     const directory = api.state.path.directory || process.cwd();
     const message = sandboxSummary(directory, optionOverrides);
-    api.ui.dialog.replace(
-      () =>
-        api.ui.DialogAlert({
-          title: 'Sandbox Configuration',
-          message,
-          onConfirm: () => api.ui.dialog.clear(),
-        }),
-      () => api.ui.dialog.clear(),
+    // No `onConfirm`/`onClose` that call `clear()`: the host already pops the
+    // dialog on enter/esc/click, and its `clear()` re-invokes every entry's
+    // `onClose`, so a `clear()` in there recurses forever and freezes the TUI.
+    api.ui.dialog.replace(() =>
+      api.ui.DialogAlert({
+        title: 'Sandbox Configuration',
+        message,
+      }),
     );
   };