unbound-cli 1.3.0 → 1.3.2

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "unbound-cli",
-  "version": "1.3.0",
+  "version": "1.3.2",
   "description": "CLI tool for Unbound - AI Gateway management",
   "main": "src/index.js",
   "bin": {

package/src/commands/discover.js

@@ -16,7 +16,7 @@ const DISCOVERY_EXIT_UNSUPPORTED_OS = 3;
 // indefinitely. Discovery enforces this itself — on expiry it releases its lock,
 // reports the run as failed, and exits non-zero. Kept in sync with
 // setup/mdm/onboard.py's DISCOVERY_TIMEOUT_SECONDS.
-const DISCOVERY_TIMEOUT_SECONDS = 1800;
+const DISCOVERY_TIMEOUT_SECONDS = 5400;
 
 // Classifies a discovery subprocess exit code:
 // 'success' (scan ran), 'unsupported' (skipped on this OS), or 'failure'.

package/src/commands/policy.js

@@ -311,6 +311,16 @@ function parseFieldSpec(spec) {
   return [spec.slice(0, eq), spec.slice(eq + 1)];
 }
 
+// "ANY" is a wildcard across all fields; it can't be ANDed with other conditions.
+// Mirrors the backend rule so the CLI fails fast before the API call. The check is
+// case-insensitive so `--field Any=*`/`--field any=*` are caught too.
+function assertAnyExclusive(configObj) {
+  const keys = Object.keys(configObj || {});
+  if (keys.length > 1 && keys.some((k) => k.toUpperCase() === 'ANY')) {
+    throw new Error("The 'ANY' field cannot be combined with other --field conditions (ANY already matches every field).");
+  }
+}
+
 /**
  * Convert a `--sub-type` flag (kebab-case) to the backend's snake_case form.
  */
@@ -1421,7 +1431,7 @@ Subcommands:
     .description('Create a TERMINAL_COMMAND policy: monitor or block shell commands run by AI coding tools.')
     .requiredOption('--name <name>', 'Policy name (required)')
     .requiredOption('--command-family <family>', 'Command family (e.g. git, filesystem, network). See `policy tool families`.')
-    .option('--field <key=pattern>', 'Match field: <key>=<pattern>. Repeatable. At least one required unless --config is used.', (val, prev = []) => [...prev, val])
+    .option('--field <key=pattern>', 'Match field: <key>=<pattern>. Repeatable — multiple --field are ANDed (all must match), one per field, for a more specific policy. At least one required unless --config is used.', (val, prev = []) => [...prev, val])
     .requiredOption('--action <action>', `Action to take: ${TOOL_ACTIONS.join(' | ')}`)
     .option('--description <text>', 'Human-readable description')
     .option('--custom-message <text>', 'Message shown to the user when the policy fires. Required when --action is BLOCK or WARN.')
@@ -1438,9 +1448,11 @@ Examples:
   $ unbound policy tool create-terminal --name "Audit git push" \\
       --command-family git --field command='git push*' --action AUDIT
 
-  $ unbound policy tool create-terminal --name "Warn curl" \\
-      --command-family network --field command='curl*' --action WARN \\
-      --custom-message "Outbound HTTP calls are being audited."
+  # Multiple --field are ANDed — this fires only on a push to main on origin:
+  $ unbound policy tool create-terminal --name "Block push to main on origin" \\
+      --command-family git_action \\
+      --field operation=push --field branch=main --field remote='*origin*' \\
+      --action BLOCK --custom-message "Pushing to main on origin is blocked."
 
 Discover valid command families and their fields: unbound policy tool families
 Learn more: ${DOCS_TOOL}
@@ -1469,6 +1481,7 @@ Learn more: ${DOCS_TOOL}
             configObj[k] = v;
           }
         }
+        assertAnyExclusive(configObj);
 
         const body = {
           name: opts.name,
@@ -1595,7 +1608,7 @@ Learn more: ${DOCS_TOOL}
     .option('--enabled', 'Enable the policy')
     .option('--disabled', 'Disable the policy')
     .option('--command-family <family>', '(TERMINAL only) new command family')
-    .option('--field <key=pattern>', '(TERMINAL only) replace config field. Repeatable.', (val, prev = []) => [...prev, val])
+    .option('--field <key=pattern>', '(TERMINAL only) replace config fields. Repeatable — multiple --field are ANDed (all must match), one per field.', (val, prev = []) => [...prev, val])
     .option('--mcp-server <server>', '(MCP only) new MCP server')
     .option('--mcp-tool <tool>', '(MCP only) new MCP tool')
     .option('--mcp-action-type <type>', '(MCP only) new MCP action type')
@@ -1627,6 +1640,7 @@ Learn more: ${DOCS_TOOL}
         } else if (opts.config) {
           body.config = parseJsonOrThrow(opts.config);
         }
+        if (body.config) assertAnyExclusive(body.config);
 
         if (opts.mcpServer) body.mcp_server = opts.mcpServer;
         if (opts.mcpTool) body.mcp_tool = opts.mcpTool;
@@ -1888,4 +1902,4 @@ Learn more: ${DOCS_POLICIES}
   registerLegacy(policy);
 }
 
-module.exports = { register };
+module.exports = { register, assertAnyExclusive };

package/test/policy-conditions.test.js

@@ -0,0 +1,28 @@
+'use strict';
+
+const { test } = require('node:test');
+const assert = require('node:assert');
+
+const { assertAnyExclusive } = require('../src/commands/policy');
+
+test('assertAnyExclusive: allows a single ANY condition', () => {
+  assert.doesNotThrow(() => assertAnyExclusive({ ANY: '*' }));
+});
+
+test('assertAnyExclusive: allows multiple non-ANY fields (AND)', () => {
+  assert.doesNotThrow(() => assertAnyExclusive({ path: '/etc/*', operation: 'write' }));
+});
+
+test('assertAnyExclusive: rejects ANY combined with another field', () => {
+  assert.throws(() => assertAnyExclusive({ ANY: '*', path: '/etc/*' }), /ANY.*cannot be combined/);
+});
+
+test('assertAnyExclusive: case-insensitive — rejects lowercase/mixed-case any with another field', () => {
+  assert.throws(() => assertAnyExclusive({ any: '*', path: '/etc/*' }), /ANY.*cannot be combined/);
+  assert.throws(() => assertAnyExclusive({ Any: '*', path: '/etc/*' }), /ANY.*cannot be combined/);
+});
+
+test('assertAnyExclusive: tolerates empty/undefined config', () => {
+  assert.doesNotThrow(() => assertAnyExclusive({}));
+  assert.doesNotThrow(() => assertAnyExclusive(undefined));
+});