npm - sealcode - Versions diffs - 1.1.1 → 1.2.0 - Mend

sealcode 1.1.1 → 1.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "sealcode",
-  "version": "1.1.1",
+  "version": "1.2.0",
   "description": "Lock your source code in your own git repo. Stop AI agents, scrapers, and curious eyes from reading what's yours.",
   "keywords": [
     "encryption",

package/src/cli-grants.js CHANGED Viewed

@@ -299,8 +299,14 @@ async function runGrants({ projectRoot, json = false }) {
   process.stdout.write(`\n${link.projectName || link.projectId}: ${grants.length} grant(s)\n`);
   for (const g of grants) {
     const state = g.state.padEnd(8);
-    const remaining =
-      g.state === 'active' ? formatRemaining(g.remainingMs) : g.state;
+    let remaining;
+    if (g.state === 'active') {
+      remaining = formatRemaining(g.remainingMs);
+    } else if (g.state === 'paused') {
+      remaining = 'paused';
+    } else {
+      remaining = g.state;
+    }
     const who = g.developerEmail || g.developerLabel || '(no label)';
     process.stdout.write(
       `  ${state}  ${g.codePrefix.padEnd(12)}  ${remaining.padEnd(10)}  ${who}  id=${g.id}\n`,
@@ -309,6 +315,85 @@ async function runGrants({ projectRoot, json = false }) {
   process.stdout.write('\n');
 }
+/**
+ * sealcode@1.2.0 — Pause an active access code from the CLI.
+ *
+ *   sealcode pause <grantId> [--reason "<text>"] [--extend-on-resume]
+ *
+ * Mirrors the dashboard pause modal. Owner must be `sealcode login`ed
+ * and be admin (or owner) of the project.
+ */
+async function runPause({ grantId, reason, extendOnResume = false }) {
+  if (!grantId) throw new Error('Usage: sealcode pause <grantId> [--reason "<text>"] [--extend-on-resume]');
+  const body = {};
+  if (reason) body.reason = String(reason).slice(0, 500);
+  if (extendOnResume) body.extendsExpiry = true;
+  try {
+    await request(
+      'POST',
+      `/api/v1/grants/${encodeURIComponent(grantId)}/pause`,
+      { auth: true, body },
+    );
+  } catch (err) {
+    if (err instanceof ApiError && err.status === 409 && err.apiCode === 'wrong_state') {
+      ui.fail(err.message || 'Grant is not in a pausable state.');
+      process.exitCode = 1;
+      return;
+    }
+    throw err;
+  }
+  process.stdout.write(`⏸  paused grant ${grantId}\n`);
+  if (reason) process.stdout.write(`   reason: ${reason}\n`);
+  if (extendOnResume) {
+    process.stdout.write(`   extend-on-resume: expiry will shift forward by the paused duration\n`);
+  }
+  process.stdout.write('   Any live watcher will re-lock the recipient\'s files within seconds.\n');
+  process.stdout.write(`   Resume with: ${ui.c.cyan(`sealcode resume ${grantId}`)}\n`);
+}
+/**
+ * sealcode@1.2.0 — Resume a paused access code from the CLI.
+ *
+ *   sealcode resume <grantId>
+ *
+ * If the grant was paused with --extend-on-resume, the expiresAt shifts
+ * forward by the just-elapsed pause duration. The recipient must run
+ * `sealcode redeem <code>` again to re-open their working copy.
+ */
+async function runResume({ grantId }) {
+  if (!grantId) throw new Error('Usage: sealcode resume <grantId>');
+  let res;
+  try {
+    res = await request(
+      'POST',
+      `/api/v1/grants/${encodeURIComponent(grantId)}/resume`,
+      { auth: true, body: {} },
+    );
+  } catch (err) {
+    if (err instanceof ApiError) {
+      if (err.status === 410) {
+        ui.fail(err.message || 'Grant expired while paused.');
+        ui.hint('  Issue a fresh access code instead: `sealcode share ...`');
+        process.exitCode = 1;
+        return;
+      }
+      if (err.status === 409 && err.apiCode === 'wrong_state') {
+        ui.fail(err.message || 'Grant is not paused.');
+        process.exitCode = 1;
+        return;
+      }
+    }
+    throw err;
+  }
+  process.stdout.write(`▶  resumed grant ${grantId}\n`);
+  if (res.newExpiresAt) process.stdout.write(`   expires: ${res.newExpiresAt}\n`);
+  if (res.extendedExpiry) {
+    const mins = Math.round((res.pausedDurationMs || 0) / 60000);
+    process.stdout.write(`   expiry shifted forward by ~${mins}m (paused duration)\n`);
+  }
+  process.stdout.write('   Recipient must re-redeem the code to re-open the vault.\n');
+}
 async function runRevoke({ grantId }) {
   if (!grantId) throw new Error('Usage: sealcode revoke <grantId>');
   const res = await request(
@@ -574,4 +659,12 @@ async function runLockdown({ projectRoot, confirm = true } = {}) {
   }
 }
-module.exports = { runShare, runGrants, runRevoke, runRedeem, runLockdown };
+module.exports = {
+  runShare,
+  runGrants,
+  runRevoke,
+  runRedeem,
+  runLockdown,
+  runPause,
+  runResume,
+};

package/src/cli-watch.js CHANGED Viewed

@@ -780,7 +780,14 @@ async function finalLock(projectRoot, config, code, reason, json, daemon) {
     process.stdout.write(JSON.stringify({ type: 'locked', count: res.count, reason: label }) + '\n');
   } else {
     ui.ok(`[${ts()}] re-locked ${ui.c.bold(res.count)} files into ${ui.c.cyan(config.lockedDir + '/')} — session cleared`);
-    ui.hint('  Your local plaintext has been wiped. Ask the owner for a fresh code if you still need access.');
+    // sealcode@1.2.0 — be specific about the "paused" case so the
+    // recipient knows it's reversible and what their next step is.
+    if (label === 'paused') {
+      ui.hint('  This access code was PAUSED by the owner — not revoked.');
+      ui.hint(`  Wait for the owner to resume, then run: ${ui.c.cyan(`sealcode redeem ${code}`)}`);
+    } else {
+      ui.hint('  Your local plaintext has been wiped. Ask the owner for a fresh code if you still need access.');
+    }
   }
   process.exit(0);
 }

package/src/cli.js CHANGED Viewed

@@ -33,7 +33,14 @@ const { installHook, uninstallHook } = require('./hooks');
 const { exportBundle, importBundle } = require('./bundle');
 const { runLogin, runSignout, runWhoami } = require('./cli-auth');
 const { runLink, runUnlink, runLinkInfo } = require('./cli-link');
-const { runShare, runGrants, runRevoke, runRedeem } = require('./cli-grants');
+const {
+  runShare,
+  runGrants,
+  runRevoke,
+  runRedeem,
+  runPause,
+  runResume,
+} = require('./cli-grants');
 const {
   runCiCreate,
   runCiList,
@@ -748,6 +755,38 @@ function build() {
       }
     });
+  // -------- pause (sealcode@1.2.0) --------
+  program
+    .command('pause')
+    .argument('<grantId>', 'grant ID to pause (see `sealcode grants`)')
+    .description('Pause an active access code. Reversible: any live watcher re-locks immediately, but you can resume later.')
+    .option('--reason <text>', 'optional note visible to project admins (≤500 chars)')
+    .option('--extend-on-resume', 'on resume, shift expiry forward by the paused duration (default: clock keeps ticking)', false)
+    .action(async (grantId, opts) => {
+      try {
+        await runPause({
+          grantId,
+          reason: opts.reason,
+          extendOnResume: !!opts.extendOnResume,
+        });
+      } catch (err) {
+        process.exitCode = reportError(err);
+      }
+    });
+  // -------- resume (sealcode@1.2.0) --------
+  program
+    .command('resume')
+    .argument('<grantId>', 'grant ID to resume (see `sealcode grants`)')
+    .description('Resume a paused access code. The recipient must `sealcode redeem <code>` again to re-open their working copy.')
+    .action(async (grantId) => {
+      try {
+        await runResume({ grantId });
+      } catch (err) {
+        process.exitCode = reportError(err);
+      }
+    });
   // -------- lockdown (sealcode@1.1.0) --------
   program
     .command('lockdown')