npm - sealcode - Versions diffs - 1.3.2 → 1.3.3 - Mend

sealcode 1.3.2 → 1.3.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/package.json +1 -1
package/src/seal.js +12 -0

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "sealcode",
-  "version": "1.3.2",
+  "version": "1.3.3",
   "description": "Lock your source code in your own git repo. Stop AI agents, scrapers, and curious eyes from reading what's yours.",
   "keywords": [
     "encryption",

package/src/seal.js CHANGED Viewed

@@ -49,6 +49,18 @@ function applyStubs(projectRoot, stubs) {
     } else {
       throw new Error(`stub for ${relPath} must be string or { contents, mode? }`);
     }
+    // sealcode@1.3.3 — if the target file already exists and was set to
+    // 0444 (by RO-mode unlock), writeFileSync will EACCES. This is exactly
+    // the failure that left RO-violation re-locks half-complete: the
+    // watcher detected the tamper, started the re-lock, hit EACCES on the
+    // first stub, then exited — leaving every plaintext file exposed on
+    // disk with NO watcher running. Force the file writable before we
+    // overwrite it.
+    try {
+      if (fs.existsSync(target)) {
+        fs.chmodSync(target, 0o644);
+      }
+    } catch (_) { /* best-effort; the writeFile below will surface any real error */ }
     writeFileEnsuringDir(target, contents, mode);
     written[relPath] = true;
   }