npm - sealcode - Versions diffs - 1.1.0 → 1.2.0 - Mend

sealcode 1.1.0 → 1.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "sealcode",
-  "version": "1.1.0",
+  "version": "1.2.0",
   "description": "Lock your source code in your own git repo. Stop AI agents, scrapers, and curious eyes from reading what's yours.",
   "keywords": [
     "encryption",

package/src/cli-grants.js CHANGED Viewed

@@ -74,17 +74,38 @@ function getActiveConfig(projectRoot) {
  * a real cryptographic bug; we don't want to silently downgrade in that
  * case).
  */
-async function maybeWrapKeyForRecipient({ projectRoot, recipientEmail, verbose = false }) {
+async function maybeWrapKeyForRecipient({
+  projectRoot,
+  recipientEmail,
+  verbose = false,
+  resolveKey = null,
+}) {
   if (!recipientEmail) return null;
-  // Need the master key K to wrap. If there's no live session on this
-  // machine, we can't wrap — owner has to `sealcode unlock` first.
+  // Need the master key K to wrap. Prefer a cached session; if none, ask
+  // the caller (cli.js) to prompt for the passphrase. We deliberately do
+  // NOT silently downgrade to "passphrase fallback" here — the whole point
+  // of `--email` is to spare the recipient the passphrase exchange.
   const config = getActiveConfig(projectRoot);
   if (!isInitialized(projectRoot, config.lockedDir)) return null;
-  const K = loadSession(projectRoot);
+  let K = loadSession(projectRoot);
+  if (!K && typeof resolveKey === 'function') {
+    if (verbose) {
+      ui.step('No cached master key — prompting for passphrase so we can wrap for the recipient.');
+    }
+    try {
+      K = await resolveKey(projectRoot, config);
+    } catch (err) {
+      if (verbose) {
+        ui.warn(`Could not derive master key (${err.message || err}). Will mint without wrapping.`);
+      }
+      return null;
+    }
+  }
   if (!K) {
     if (verbose) {
-      ui.hint('(no cached session — skipping team-key wrap; recipient will need the passphrase)');
+      ui.warn('No cached master key — minting code WITHOUT wrapped key. Recipient will need the passphrase.');
+      ui.hint('Run `sealcode unlock` first, or supply a passphrase prompt, to enable passphrase-free sharing.');
     }
     return null;
   }
@@ -100,13 +121,14 @@ async function maybeWrapKeyForRecipient({ projectRoot, recipientEmail, verbose =
   } catch (err) {
     if (err instanceof ApiError) {
       if (err.status === 404) {
-        // Either the user doesn't exist or hasn't published a pubkey
-        // yet. We still mint the code; the recipient just falls back to
-        // the legacy flow when they redeem.
         if (verbose) {
+          ui.warn(
+            `Recipient ${recipientEmail} hasn't signed in to sealcode.dev yet, so no pubkey is on file.`,
+          );
           ui.hint(
-            `(recipient hasn't published a pubkey yet — falling back to passphrase-share flow)`,
+            'Ask them to visit https://sealcode.dev/login, then re-run `sealcode share --email`.',
           );
+          ui.hint('Continuing with passphrase-fallback for this code…');
         }
         return null;
       }
@@ -146,6 +168,7 @@ async function runShare({
   singleDeviceEnforce = false,
   ndaText = null,
   json = false,
+  resolveKey = null,
 }) {
   const link = requireLink(projectRoot);
@@ -159,6 +182,7 @@ async function runShare({
       projectRoot,
       recipientEmail: email,
       verbose: !json,
+      resolveKey,
     });
   } catch (err) {
     // Network errors during pubkey lookup shouldn't be silent — degrade
@@ -275,8 +299,14 @@ async function runGrants({ projectRoot, json = false }) {
   process.stdout.write(`\n${link.projectName || link.projectId}: ${grants.length} grant(s)\n`);
   for (const g of grants) {
     const state = g.state.padEnd(8);
-    const remaining =
-      g.state === 'active' ? formatRemaining(g.remainingMs) : g.state;
+    let remaining;
+    if (g.state === 'active') {
+      remaining = formatRemaining(g.remainingMs);
+    } else if (g.state === 'paused') {
+      remaining = 'paused';
+    } else {
+      remaining = g.state;
+    }
     const who = g.developerEmail || g.developerLabel || '(no label)';
     process.stdout.write(
       `  ${state}  ${g.codePrefix.padEnd(12)}  ${remaining.padEnd(10)}  ${who}  id=${g.id}\n`,
@@ -285,6 +315,85 @@ async function runGrants({ projectRoot, json = false }) {
   process.stdout.write('\n');
 }
+/**
+ * sealcode@1.2.0 — Pause an active access code from the CLI.
+ *
+ *   sealcode pause <grantId> [--reason "<text>"] [--extend-on-resume]
+ *
+ * Mirrors the dashboard pause modal. Owner must be `sealcode login`ed
+ * and be admin (or owner) of the project.
+ */
+async function runPause({ grantId, reason, extendOnResume = false }) {
+  if (!grantId) throw new Error('Usage: sealcode pause <grantId> [--reason "<text>"] [--extend-on-resume]');
+  const body = {};
+  if (reason) body.reason = String(reason).slice(0, 500);
+  if (extendOnResume) body.extendsExpiry = true;
+  try {
+    await request(
+      'POST',
+      `/api/v1/grants/${encodeURIComponent(grantId)}/pause`,
+      { auth: true, body },
+    );
+  } catch (err) {
+    if (err instanceof ApiError && err.status === 409 && err.apiCode === 'wrong_state') {
+      ui.fail(err.message || 'Grant is not in a pausable state.');
+      process.exitCode = 1;
+      return;
+    }
+    throw err;
+  }
+  process.stdout.write(`⏸  paused grant ${grantId}\n`);
+  if (reason) process.stdout.write(`   reason: ${reason}\n`);
+  if (extendOnResume) {
+    process.stdout.write(`   extend-on-resume: expiry will shift forward by the paused duration\n`);
+  }
+  process.stdout.write('   Any live watcher will re-lock the recipient\'s files within seconds.\n');
+  process.stdout.write(`   Resume with: ${ui.c.cyan(`sealcode resume ${grantId}`)}\n`);
+}
+/**
+ * sealcode@1.2.0 — Resume a paused access code from the CLI.
+ *
+ *   sealcode resume <grantId>
+ *
+ * If the grant was paused with --extend-on-resume, the expiresAt shifts
+ * forward by the just-elapsed pause duration. The recipient must run
+ * `sealcode redeem <code>` again to re-open their working copy.
+ */
+async function runResume({ grantId }) {
+  if (!grantId) throw new Error('Usage: sealcode resume <grantId>');
+  let res;
+  try {
+    res = await request(
+      'POST',
+      `/api/v1/grants/${encodeURIComponent(grantId)}/resume`,
+      { auth: true, body: {} },
+    );
+  } catch (err) {
+    if (err instanceof ApiError) {
+      if (err.status === 410) {
+        ui.fail(err.message || 'Grant expired while paused.');
+        ui.hint('  Issue a fresh access code instead: `sealcode share ...`');
+        process.exitCode = 1;
+        return;
+      }
+      if (err.status === 409 && err.apiCode === 'wrong_state') {
+        ui.fail(err.message || 'Grant is not paused.');
+        process.exitCode = 1;
+        return;
+      }
+    }
+    throw err;
+  }
+  process.stdout.write(`▶  resumed grant ${grantId}\n`);
+  if (res.newExpiresAt) process.stdout.write(`   expires: ${res.newExpiresAt}\n`);
+  if (res.extendedExpiry) {
+    const mins = Math.round((res.pausedDurationMs || 0) / 60000);
+    process.stdout.write(`   expiry shifted forward by ~${mins}m (paused duration)\n`);
+  }
+  process.stdout.write('   Recipient must re-redeem the code to re-open the vault.\n');
+}
 async function runRevoke({ grantId }) {
   if (!grantId) throw new Error('Usage: sealcode revoke <grantId>');
   const res = await request(
@@ -550,4 +659,12 @@ async function runLockdown({ projectRoot, confirm = true } = {}) {
   }
 }
-module.exports = { runShare, runGrants, runRevoke, runRedeem, runLockdown };
+module.exports = {
+  runShare,
+  runGrants,
+  runRevoke,
+  runRedeem,
+  runLockdown,
+  runPause,
+  runResume,
+};

package/src/cli-watch.js CHANGED Viewed

@@ -780,7 +780,14 @@ async function finalLock(projectRoot, config, code, reason, json, daemon) {
     process.stdout.write(JSON.stringify({ type: 'locked', count: res.count, reason: label }) + '\n');
   } else {
     ui.ok(`[${ts()}] re-locked ${ui.c.bold(res.count)} files into ${ui.c.cyan(config.lockedDir + '/')} — session cleared`);
-    ui.hint('  Your local plaintext has been wiped. Ask the owner for a fresh code if you still need access.');
+    // sealcode@1.2.0 — be specific about the "paused" case so the
+    // recipient knows it's reversible and what their next step is.
+    if (label === 'paused') {
+      ui.hint('  This access code was PAUSED by the owner — not revoked.');
+      ui.hint(`  Wait for the owner to resume, then run: ${ui.c.cyan(`sealcode redeem ${code}`)}`);
+    } else {
+      ui.hint('  Your local plaintext has been wiped. Ask the owner for a fresh code if you still need access.');
+    }
   }
   process.exit(0);
 }

package/src/cli.js CHANGED Viewed

@@ -33,7 +33,14 @@ const { installHook, uninstallHook } = require('./hooks');
 const { exportBundle, importBundle } = require('./bundle');
 const { runLogin, runSignout, runWhoami } = require('./cli-auth');
 const { runLink, runUnlink, runLinkInfo } = require('./cli-link');
-const { runShare, runGrants, runRevoke, runRedeem } = require('./cli-grants');
+const {
+  runShare,
+  runGrants,
+  runRevoke,
+  runRedeem,
+  runPause,
+  runResume,
+} = require('./cli-grants');
 const {
   runCiCreate,
   runCiList,
@@ -714,6 +721,7 @@ function build() {
           singleDeviceEnforce: !!opts.singleDevice,
           ndaText: opts.nda || null,
           json: !!opts.json,
+          resolveKey,
         });
       } catch (err) {
         process.exitCode = reportError(err);
@@ -747,6 +755,38 @@ function build() {
       }
     });
+  // -------- pause (sealcode@1.2.0) --------
+  program
+    .command('pause')
+    .argument('<grantId>', 'grant ID to pause (see `sealcode grants`)')
+    .description('Pause an active access code. Reversible: any live watcher re-locks immediately, but you can resume later.')
+    .option('--reason <text>', 'optional note visible to project admins (≤500 chars)')
+    .option('--extend-on-resume', 'on resume, shift expiry forward by the paused duration (default: clock keeps ticking)', false)
+    .action(async (grantId, opts) => {
+      try {
+        await runPause({
+          grantId,
+          reason: opts.reason,
+          extendOnResume: !!opts.extendOnResume,
+        });
+      } catch (err) {
+        process.exitCode = reportError(err);
+      }
+    });
+  // -------- resume (sealcode@1.2.0) --------
+  program
+    .command('resume')
+    .argument('<grantId>', 'grant ID to resume (see `sealcode grants`)')
+    .description('Resume a paused access code. The recipient must `sealcode redeem <code>` again to re-open their working copy.')
+    .action(async (grantId) => {
+      try {
+        await runResume({ grantId });
+      } catch (err) {
+        process.exitCode = reportError(err);
+      }
+    });
   // -------- lockdown (sealcode@1.1.0) --------
   program
     .command('lockdown')