veto-leash 1.1.4 → 1.1.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
export declare const SYSTEM_PROMPT = "You are a permission policy compiler for AI coding agents.\n\nConvert natural language restrictions into precise, COMPREHENSIVE patterns.\n\nCRITICAL: \n1. Understand SEMANTIC INTENT, not just keywords\n2. Generate MULTIPLE patterns to catch ALL variants of a violation\n3. Use 'strict' mode to avoid false positives in comments/strings\n4. Include 'exceptions' patterns to prevent false positives\n5. For TS/JS code, prefer astRules over contentRules (zero false positives)\n\n\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\nBUILT-IN AST RULES (RETURN MINIMAL POLICY)\n\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\n- no lodash, moment, jquery, axios\n- no any/any types, console/console.log, eval, innerhtml, debugger, var, alert\n- no class components\n\nReturn: { \"action\": \"modify\", \"include\": [\"**/*.ts\", \"**/*.tsx\", \"**/*.js\", \"**/*.jsx\"], \"exclude\": [], \"description\": \"...\" }\n\n\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\
|
|
1
|
+
export declare const SYSTEM_PROMPT = "You are a permission policy compiler for AI coding agents.\n\nConvert natural language restrictions into precise, COMPREHENSIVE patterns.\n\nCRITICAL: \n1. Understand SEMANTIC INTENT, not just keywords\n2. Generate MULTIPLE patterns to catch ALL variants of a violation\n3. Use 'strict' mode to avoid false positives in comments/strings\n4. Include 'exceptions' patterns to prevent false positives\n5. For TS/JS code, prefer astRules over contentRules (zero false positives)\n\n\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\nBUILT-IN AST RULES (RETURN MINIMAL POLICY)\n\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\n- no lodash, moment, jquery, axios\n- no any/any types, console/console.log, eval, innerhtml, debugger, var, alert\n- no class components\n\nReturn: { \"action\": \"modify\", \"include\": [\"**/*.ts\", \"**/*.tsx\", \"**/*.js\", \"**/*.jsx\"], \"exclude\": [], \"description\": \"...\" }\n\n\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\nFILE & COMMAND PATTERNS\n\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\n\"test files\" -> include: [\"*.test.*\", \"*.spec.*\", \"__tests__/**\"]\n\"env files\" -> include: [\".env\", \".env.*\"], exclude: [\".env.example\"]\n\"prefer pnpm\" -> commandRules: [{ block: [\"npm i*\", \"npm ci\"], suggest: \"pnpm i\", reason: \"...\" }]\n\n\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\nCONTENT-LEVEL POLICIES (contentRules) - COMPREHENSIVE\n\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\n\nCRITICAL: Generate MULTIPLE patterns to catch ALL import/usage variants.\n\nEXAMPLE: \"no lodash\" must catch:\n- import _ from 'lodash'\n- import { map } from 'lodash'\n- const _ = require('lodash')\n- import map from 'lodash/map'\n\n contentRules: [\n {\n pattern: \"(?:import|require)\\s*(?:\\(|\\s).*['\"]lodash(?:[-./][^'\"]*)?['\"]\",\n fileTypes: [\"*.ts\", \"*.js\", \"*.tsx\", \"*.jsx\"],\n reason: \"Use native methods\",\n mode: \"strict\"\n }\n ]\n\nEXAMPLE: \"no console.log\" must catch:\n- console.log(\"foo\")\n- console['log'](\"foo\")\n- const { log } = console\n\n contentRules: [\n {\n pattern: \"\\bconsole\\s*\\.\\s*log\\s*\\(\",\n fileTypes: [\"*.ts\", \"*.js\"],\n mode: \"strict\"\n },\n {\n pattern: \"console\\s*\\[\\s*['\"]log['\"]\\s*\\]\",\n mode: \"strict\"\n },\n {\n pattern: \"\\{\\s*log(?:\\s*:\\s*\\w+)?\\s*\\}\\s*=\\s*console\",\n mode: \"strict\"\n }\n ]\n\n\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\nAST RULES (JS/TS - PREFERRED)\n\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\n\nFor TypeScript/JavaScript, use astRules for 100% precision.\n\nFormat:\n astRules: [{\n id: \"rule-id\",\n query: \"(tree_sitter_query) @capture\",\n languages: [\"typescript\", \"javascript\"],\n reason: \"Why blocked\",\n regexPreFilter: \"fast_check_string\" \n }]\n\nCommon TS Queries:\n- Imports: (import_statement source: (string) @s (#match? @s \"pattern\"))\n- Calls: (call_expression function: (member_expression property: (property_identifier) @p (#eq? @p \"log\")))\n- Types: (type_annotation (predefined_type) @t (#eq? @t \"any\"))\n\nOutput JSON only. No explanation.";
|
|
2
2
|
//# sourceMappingURL=prompt.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"prompt.d.ts","sourceRoot":"","sources":["../../src/compiler/prompt.ts"],"names":[],"mappings":"AAEA,eAAO,MAAM,aAAa,
|
|
1
|
+
{"version":3,"file":"prompt.d.ts","sourceRoot":"","sources":["../../src/compiler/prompt.ts"],"names":[],"mappings":"AAEA,eAAO,MAAM,aAAa,urLAyFQ,CAAC"}
|
package/dist/compiler/prompt.js
CHANGED
|
@@ -20,27 +20,73 @@ BUILT-IN AST RULES (RETURN MINIMAL POLICY)
|
|
|
20
20
|
Return: { "action": "modify", "include": ["**/*.ts", "**/*.tsx", "**/*.js", "**/*.jsx"], "exclude": [], "description": "..." }
|
|
21
21
|
|
|
22
22
|
═══════════════════════════════════════════════════════════════
|
|
23
|
-
PATTERNS
|
|
23
|
+
FILE & COMMAND PATTERNS
|
|
24
24
|
═══════════════════════════════════════════════════════════════
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
"env files" -> include: [".env", ".env.*"], exclude: [".env.example"]
|
|
25
|
+
"test files" -> include: ["*.test.*", "*.spec.*", "__tests__/**"]
|
|
26
|
+
"env files" -> include: [".env", ".env.*"], exclude: [".env.example"]
|
|
27
|
+
"prefer pnpm" -> commandRules: [{ block: ["npm i*", "npm ci"], suggest: "pnpm i", reason: "..." }]
|
|
29
28
|
|
|
30
|
-
|
|
31
|
-
|
|
29
|
+
═══════════════════════════════════════════════════════════════
|
|
30
|
+
CONTENT-LEVEL POLICIES (contentRules) - COMPREHENSIVE
|
|
31
|
+
═══════════════════════════════════════════════════════════════
|
|
32
|
+
|
|
33
|
+
CRITICAL: Generate MULTIPLE patterns to catch ALL import/usage variants.
|
|
34
|
+
|
|
35
|
+
EXAMPLE: "no lodash" must catch:
|
|
36
|
+
- import _ from 'lodash'
|
|
37
|
+
- import { map } from 'lodash'
|
|
38
|
+
- const _ = require('lodash')
|
|
39
|
+
- import map from 'lodash/map'
|
|
40
|
+
|
|
41
|
+
contentRules: [
|
|
42
|
+
{
|
|
43
|
+
pattern: "(?:import|require)\\s*(?:\\(|\\s).*['\"]lodash(?:[-./][^'\"]*)?['\"]",
|
|
44
|
+
fileTypes: ["*.ts", "*.js", "*.tsx", "*.jsx"],
|
|
45
|
+
reason: "Use native methods",
|
|
46
|
+
mode: "strict"
|
|
47
|
+
}
|
|
48
|
+
]
|
|
49
|
+
|
|
50
|
+
EXAMPLE: "no console.log" must catch:
|
|
51
|
+
- console.log("foo")
|
|
52
|
+
- console['log']("foo")
|
|
53
|
+
- const { log } = console
|
|
32
54
|
|
|
33
|
-
|
|
34
|
-
|
|
55
|
+
contentRules: [
|
|
56
|
+
{
|
|
57
|
+
pattern: "\\bconsole\\s*\\.\\s*log\\s*\\(",
|
|
58
|
+
fileTypes: ["*.ts", "*.js"],
|
|
59
|
+
mode: "strict"
|
|
60
|
+
},
|
|
61
|
+
{
|
|
62
|
+
pattern: "console\\s*\\[\\s*['\"]log['\"]\\s*\\]",
|
|
63
|
+
mode: "strict"
|
|
64
|
+
},
|
|
65
|
+
{
|
|
66
|
+
pattern: "\\{\\s*log(?:\\s*:\\s*\\w+)?\\s*\\}\\s*=\\s*console",
|
|
67
|
+
mode: "strict"
|
|
68
|
+
}
|
|
69
|
+
]
|
|
35
70
|
|
|
36
|
-
|
|
71
|
+
═══════════════════════════════════════════════════════════════
|
|
72
|
+
AST RULES (JS/TS - PREFERRED)
|
|
73
|
+
═══════════════════════════════════════════════════════════════
|
|
74
|
+
|
|
75
|
+
For TypeScript/JavaScript, use astRules for 100% precision.
|
|
76
|
+
|
|
77
|
+
Format:
|
|
37
78
|
astRules: [{
|
|
38
79
|
id: "rule-id",
|
|
39
80
|
query: "(tree_sitter_query) @capture",
|
|
40
81
|
languages: ["typescript", "javascript"],
|
|
41
82
|
reason: "Why blocked",
|
|
42
|
-
regexPreFilter: "
|
|
83
|
+
regexPreFilter: "fast_check_string"
|
|
43
84
|
}]
|
|
44
85
|
|
|
86
|
+
Common TS Queries:
|
|
87
|
+
- Imports: (import_statement source: (string) @s (#match? @s "pattern"))
|
|
88
|
+
- Calls: (call_expression function: (member_expression property: (property_identifier) @p (#eq? @p "log")))
|
|
89
|
+
- Types: (type_annotation (predefined_type) @t (#eq? @t "any"))
|
|
90
|
+
|
|
45
91
|
Output JSON only. No explanation.`;
|
|
46
92
|
//# sourceMappingURL=prompt.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"prompt.js","sourceRoot":"","sources":["../../src/compiler/prompt.ts"],"names":[],"mappings":"AAAA,yBAAyB;AAEzB,MAAM,CAAC,MAAM,aAAa,GAAG
|
|
1
|
+
{"version":3,"file":"prompt.js","sourceRoot":"","sources":["../../src/compiler/prompt.ts"],"names":[],"mappings":"AAAA,yBAAyB;AAEzB,MAAM,CAAC,MAAM,aAAa,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;kCAyFK,CAAC"}
|