npm - ridgeline - Versions diffs - 0.8.4 → 0.8.5 - Mend

ridgeline 0.8.4 → 0.8.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/engine/claude/sandbox.greywall.js +14 -23
package/dist/engine/claude/sandbox.greywall.js.map +1 -1
package/package.json +1 -1

package/dist/engine/claude/sandbox.greywall.js CHANGED Viewed

@@ -6,18 +6,13 @@ const node_fs_1 = require("node:fs");
 const node_path_1 = require("node:path");
 const node_os_1 = require("node:os");
 const GREYPROXY_API = "http://localhost:43080";
-/** Directories package managers need write access to for caching. */
-const packageManagerCachePaths = () => {
-    const home = (0, node_os_1.homedir)();
-    return [
-        (0, node_path_1.join)(home, ".npm"), // npm
-        (0, node_path_1.join)(home, ".cache"), // pip, yarn berry, pnpm, misc
-        (0, node_path_1.join)(home, ".yarn"), // yarn classic
-        (0, node_path_1.join)(home, ".pnpm-store"), // pnpm
-        (0, node_path_1.join)(home, ".cargo"), // cargo
-        (0, node_path_1.join)(home, ".local", "share"), // pip user installs, various tools
-    ];
-};
+// Profiles loaded via `greywall --profile`. `claude` is the agent profile
+// (Claude config dirs + Anthropic/GitHub/npm endpoints); `node` is the
+// toolchain profile (npm/pnpm/yarn/bun/deno caches, ~/.npmrc, node-gyp,
+// Playwright/Cypress browser caches, ...). To support builds that need
+// other toolchains, append names like `python`, `go`, `rust`, `ruby`,
+// `java`, `containers`, `iac`, or `scm`.
+const GREYWALL_PROFILES = "claude,node";
 /** Ensure a greyproxy allow rule exists for the given domain. */
 const ensureRule = async (domain, existingDestinations) => {
     if (existingDestinations.has(domain))
@@ -74,7 +69,7 @@ exports.greywallProvider = {
         await Promise.all(networkAllowlist.map((domain) => ensureRule(domain, existing)));
     },
     buildArgs(repoRoot, _networkAllowlist, additionalWritePaths) {
-        const writePaths = [repoRoot, "/tmp", ...packageManagerCachePaths(), ...(additionalWritePaths ?? [])];
+        const writePaths = [repoRoot, "/tmp", ...(additionalWritePaths ?? [])];
         const settings = {
             filesystem: {
                 allowWrite: writePaths,
@@ -82,16 +77,12 @@ exports.greywallProvider = {
         };
         const settingsPath = (0, node_path_1.join)((0, node_os_1.tmpdir)(), `ridgeline-greywall-${process.pid}.json`);
         (0, node_fs_1.writeFileSync)(settingsPath, JSON.stringify(settings));
-        return ["--auto-profile", "--no-credential-protection", "--settings", settingsPath, "--"];
-    },
-    env() {
-        // pnpm/npm read ~/.npmrc on every invocation; seatbelt's auto-profile denies
-        // reads to credential-bearing dotfiles, so pnpm exits 254 before running.
-        // Point user-config at /dev/null (empty) so script execution works without
-        // exposing registry tokens to the agent.
-        return {
-            NPM_CONFIG_USERCONFIG: "/dev/null",
-        };
+        return [
+            "--profile", GREYWALL_PROFILES,
+            "--no-credential-protection",
+            "--settings", settingsPath,
+            "--",
+        ];
     },
 };
 //# sourceMappingURL=sandbox.greywall.js.map

package/dist/engine/claude/sandbox.greywall.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"sandbox.greywall.js","sourceRoot":"","sources":["../../../src/engine/claude/sandbox.greywall.ts"],"names":[],"mappings":";;;AAAA,2DAA6C;AAC7C,qCAAuC;AACvC,yCAAgC;AAChC,~~qCAAyC~~;~~AAGzC~~,MAAM,aAAa,GAAG,wBAAwB,CAAA;AAE9C,~~qEAAqE~~;~~AACrE~~,~~MAAM,wBAAwB,GAAG,GAAa,EAAE~~;~~IAC9C~~,~~MAAM,IAAI,GAAG,IAAA,iBAAO,GAAE,CAAA~~;~~IACtB~~,~~OAAO~~;~~QACL~~,~~IAAA,gBAAI,EAAC,IAAI,EAAE,MAAM,CAAC,EAAY,MAAM~~;~~QACpC~~,~~IAAA,gBAAI,EAAC,IAAI,EAAE,QAAQ,CAAC,EAAU,8BAA8B~~;~~QAC5D~~,~~IAAA~~,~~gBAAI~~,~~EAAC~~,~~IAAI,EAAE,OAAO,CAAC,EAAW,eAAe;QAC7C,IAAA,gBAAI,EAAC,IAAI,EAAE,~~aAAa,~~CAAC,EAAK,OAAO;QACrC,IAAA,gBAAI,EAAC,IAAI,EAAE,QAAQ,CAAC,EAAU,QAAQ;QACtC,IAAA,gBAAI,EAAC,IAAI,EAAE,QAAQ,EAAE,OAAO,CAAC,EAAE,mCAAmC;KACnE,~~CAAA;~~AACH~~,~~CAAC,CAAA;AAED,~~iEAAiE;AACjE,MAAM,UAAU,GAAG,KAAK,EAAE,MAAc,EAAE,oBAAiC,EAAiB,EAAE;IAC5F,IAAI,oBAAoB,CAAC,GAAG,CAAC,MAAM,CAAC;QAAE,OAAM;IAC5C,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC;QAC1B,iBAAiB,EAAE,SAAS;QAC5B,mBAAmB,EAAE,MAAM;QAC3B,YAAY,EAAE,KAAK;QACnB,SAAS,EAAE,WAAW;QACtB,MAAM,EAAE,OAAO;QACf,UAAU,EAAE,WAAW;QACvB,KAAK,EAAE,6BAA6B;KACrC,CAAC,CAAA;IACF,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,aAAa,YAAY,EAAE;QACpD,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;QAC/C,IAAI;KACL,CAAC,CAAA;IACF,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;QACZ,MAAM,IAAI,KAAK,CAAC,uCAAuC,MAAM,KAAK,GAAG,CAAC,MAAM,IAAI,MAAM,GAAG,CAAC,IAAI,EAAE,EAAE,CAAC,CAAA;IACrG,CAAC;AACH,CAAC,CAAA;AAEY,QAAA,gBAAgB,GAAoB;IAC/C,IAAI,EAAE,UAAU;IAChB,OAAO,EAAE,UAAU;IACnB,UAAU;QACR,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,IAAA,6BAAQ,EAAC,gBAAgB,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,CAAC,CAAA;YACjG,IAAI,uBAAuB,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;gBACzC,OAAO,IAAI,CAAA;YACb,CAAC;YACD,OAAO,yDAAyD,CAAA;QAClE,CAAC;QAAC,OAAO,GAAY,EAAE,CAAC;YACtB,kFAAkF;YAClF,MAAM,MAAM,GAAI,GAA4C,CAAC,MAAM,IAAI,EAAE;kBACrE,CAAE,GAA4C,CAAC,MAAM,IAAI,EAAE,CAAC,CAAA;YAChE,IAAI,uBAAuB,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;gBACzC,OAAO,IAAI,CAAA;YACb,CAAC;YACD,OAAO,yDAAyD,CAAA;QAClE,CAAC;IACH,CAAC;IACD,KAAK,CAAC,SAAS,CAAC,gBAA0B;QACxC,IAAI,gBAAgB,CAAC,MAAM,KAAK,CAAC;YAAE,OAAM;QAEzC,2CAA2C;QAC3C,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,aAAa,YAAY,CAAC,CAAA;QACrD,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;YACZ,MAAM,IAAI,KAAK,CAAC,oCAAoC,GAAG,CAAC,MAAM,EAAE,CAAC,CAAA;QACnE,CAAC;QACD,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAiD,CAAA;QAC/E,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,mBAAmB,CAAC,CAAC,CAAA;QAEtE,MAAM,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,UAAU,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAA;IACnF,CAAC;IACD,SAAS,CAAC,QAAgB,EAAE,iBAA2B,EAAE,oBAA+B;QACtF,MAAM,UAAU,GAAG,CAAC,QAAQ,EAAE,MAAM,EAAE,GAAG,~~wBAAwB,EAAE,EAAE,GAAG,~~CAAC,oBAAoB,IAAI,EAAE,CAAC,CAAC,CAAA;~~QACrG~~,MAAM,QAAQ,GAA4B;YACxC,UAAU,EAAE;gBACV,UAAU,EAAE,UAAU;aACvB;SACF,CAAA;QAED,MAAM,YAAY,GAAG,IAAA,gBAAI,EAAC,IAAA,gBAAM,GAAE,EAAE,sBAAsB,OAAO,CAAC,GAAG,OAAO,CAAC,CAAA;QAC7E,IAAA,uBAAa,EAAC,YAAY,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAA;QAErD,OAAO,~~CAAC~~,~~gBAAgB,~~EAAE,4BAA4B,~~EAAE,~~YAAY,EAAE,YAAY,~~EAAE,~~IAAI~~,CAAC,CAAA~~;~~IAC3F~~,~~CAAC;IACD,GAAG;QACD,6EAA6E;QAC7E,0EAA0E;QAC1E,2EAA2E;QAC3E,yCAAyC;QACzC,OAAO;YACL,qBAAqB,EAAE,WAAW;SACnC,~~CAAA;IACH,CAAC;CACF,CAAA"}
1	+ {"version":3,"file":"sandbox.greywall.js","sourceRoot":"","sources":["../../../src/engine/claude/sandbox.greywall.ts"],"names":[],"mappings":";;;AAAA,2DAA6C;AAC7C,qCAAuC;AACvC,yCAAgC;AAChC,qCAAgC;AAGhC,MAAM,aAAa,GAAG,wBAAwB,CAAA;AAE9C,0EAA0E;AAC1E,uEAAuE;AACvE,wEAAwE;AACxE,uEAAuE;AACvE,sEAAsE;AACtE,yCAAyC;AACzC,MAAM,iBAAiB,GAAG,aAAa,CAAA;AAEvC,iEAAiE;AACjE,MAAM,UAAU,GAAG,KAAK,EAAE,MAAc,EAAE,oBAAiC,EAAiB,EAAE;IAC5F,IAAI,oBAAoB,CAAC,GAAG,CAAC,MAAM,CAAC;QAAE,OAAM;IAC5C,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC;QAC1B,iBAAiB,EAAE,SAAS;QAC5B,mBAAmB,EAAE,MAAM;QAC3B,YAAY,EAAE,KAAK;QACnB,SAAS,EAAE,WAAW;QACtB,MAAM,EAAE,OAAO;QACf,UAAU,EAAE,WAAW;QACvB,KAAK,EAAE,6BAA6B;KACrC,CAAC,CAAA;IACF,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,aAAa,YAAY,EAAE;QACpD,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;QAC/C,IAAI;KACL,CAAC,CAAA;IACF,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;QACZ,MAAM,IAAI,KAAK,CAAC,uCAAuC,MAAM,KAAK,GAAG,CAAC,MAAM,IAAI,MAAM,GAAG,CAAC,IAAI,EAAE,EAAE,CAAC,CAAA;IACrG,CAAC;AACH,CAAC,CAAA;AAEY,QAAA,gBAAgB,GAAoB;IAC/C,IAAI,EAAE,UAAU;IAChB,OAAO,EAAE,UAAU;IACnB,UAAU;QACR,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,IAAA,6BAAQ,EAAC,gBAAgB,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,CAAC,CAAA;YACjG,IAAI,uBAAuB,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;gBACzC,OAAO,IAAI,CAAA;YACb,CAAC;YACD,OAAO,yDAAyD,CAAA;QAClE,CAAC;QAAC,OAAO,GAAY,EAAE,CAAC;YACtB,kFAAkF;YAClF,MAAM,MAAM,GAAI,GAA4C,CAAC,MAAM,IAAI,EAAE;kBACrE,CAAE,GAA4C,CAAC,MAAM,IAAI,EAAE,CAAC,CAAA;YAChE,IAAI,uBAAuB,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;gBACzC,OAAO,IAAI,CAAA;YACb,CAAC;YACD,OAAO,yDAAyD,CAAA;QAClE,CAAC;IACH,CAAC;IACD,KAAK,CAAC,SAAS,CAAC,gBAA0B;QACxC,IAAI,gBAAgB,CAAC,MAAM,KAAK,CAAC;YAAE,OAAM;QAEzC,2CAA2C;QAC3C,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,aAAa,YAAY,CAAC,CAAA;QACrD,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;YACZ,MAAM,IAAI,KAAK,CAAC,oCAAoC,GAAG,CAAC,MAAM,EAAE,CAAC,CAAA;QACnE,CAAC;QACD,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAiD,CAAA;QAC/E,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,mBAAmB,CAAC,CAAC,CAAA;QAEtE,MAAM,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,UAAU,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAA;IACnF,CAAC;IACD,SAAS,CAAC,QAAgB,EAAE,iBAA2B,EAAE,oBAA+B;QACtF,MAAM,UAAU,GAAG,CAAC,QAAQ,EAAE,MAAM,EAAE,GAAG,CAAC,oBAAoB,IAAI,EAAE,CAAC,CAAC,CAAA;QACtE,MAAM,QAAQ,GAA4B;YACxC,UAAU,EAAE;gBACV,UAAU,EAAE,UAAU;aACvB;SACF,CAAA;QAED,MAAM,YAAY,GAAG,IAAA,gBAAI,EAAC,IAAA,gBAAM,GAAE,EAAE,sBAAsB,OAAO,CAAC,GAAG,OAAO,CAAC,CAAA;QAC7E,IAAA,uBAAa,EAAC,YAAY,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAA;QAErD,OAAO;YACL,WAAW,EAAE,iBAAiB;YAC9B,4BAA4B;YAC5B,YAAY,EAAE,YAAY;YAC1B,IAAI;SACL,CAAA;IACH,CAAC;CACF,CAAA"}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "ridgeline",
-  "version": "0.8.4",
+  "version": "0.8.5",
   "description": "Build harness for long-horizon software execution",
   "license": "MIT",
   "bin": {