polygram 0.10.0-rc.4 → 0.10.0-rc.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/.claude-plugin/plugin.json +1 -1
  2. package/lib/process/tmux-process.js +12 -2
  3. package/package.json +1 -1
package/.claude-plugin/plugin.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "$schema": "https://anthropic.com/claude-code/plugin.schema.json",
3
3
  "name": "polygram",
4
- "version": "0.10.0-rc.4",
4
+ "version": "0.10.0-rc.5",
5
5
  "description": "Telegram integration for Claude Code that preserves the OpenClaw per-chat session model. Migration target for OpenClaw users. Multi-bot, multi-chat, per-topic isolation; SQLite transcripts; inline-keyboard approvals. Bundles /polygram:status|logs|pair-code|approvals admin commands plus history (transcript queries) and polygram-send (out-of-turn IPC sends with file-upload validation) skills.",
6
6
  "keywords": [
7
7
  "telegram",
package/lib/process/tmux-process.js CHANGED
@@ -62,16 +62,26 @@ const STREAMING_HINT_RE = /esc to interrupt/;
62
62
  //
63
63
  // ⏺ Bash(rm foo.txt)
64
64
  // ⎿ Do you want to do this?
65
- // 1. Yes
65
+ //1. Yes
66
66
  // 2. Yes, allow always for similar commands
67
67
  // 3. No, and tell Claude what to do differently
68
68
  //
69
+ // The TUI renders a `❯` selection cursor inline before the
70
+ // highlighted option (always option 1 at first paint). Earlier
71
+ // rc.1-rc.4 regex assumed no inline cursor and silently failed to
72
+ // match every approval-gated tool call in production, hanging the
73
+ // session in the TUI until orphan-sweep killed it (see
74
+ // tests/tmux-process-approval.test.js inline-cursor regression).
75
+ //
69
76
  // SECURITY (audit H1 fix): require BOTH the question text AND a
70
77
  // following numbered menu line ("1. ...") so a malicious assistant
71
78
  // message text like "Do you want to proceed?" can't trigger a fake
72
79
  // approval card by itself. The menu is part of the TUI's pause
73
80
  // state; the assistant can't render it without actually being paused.
74
- const APPROVAL_PROMPT_RE = /Do you want to (?:proceed|do this|continue)\??[\s\S]{0,400}?(?:^|\n)\s*1\.\s+/im;
81
+ // The optional `❯` cursor in [^\S\n]*(?:❯[^\S\n]+)?1\. is still
82
+ // bounded to the line containing `1.`, so the security property
83
+ // holds — only a real menu line satisfies it.
84
+ const APPROVAL_PROMPT_RE = /Do you want to (?:proceed|do this|continue)\??[\s\S]{0,400}?(?:^|\n)[^\S\n]*(?:❯[^\S\n]+)?1\.\s+/im;
75
85
  // Pull the tool name + raw arg snippet from the line preceding the
76
86
  // approval prompt. Capture-pane preserves the ⏺ marker.
77
87
  const TOOL_INVOCATION_RE = /⏺\s+([A-Za-z_]\w*)\s*\((.*?)\)\s*$/m;
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "polygram",
3
- "version": "0.10.0-rc.4",
3
+ "version": "0.10.0-rc.5",
4
4
  "description": "Telegram daemon for Claude Code that preserves the OpenClaw per-chat session model. Migration path for OpenClaw users moving to Claude Code.",
5
5
  "main": "lib/ipc/client.js",
6
6
  "bin": {