vibesafu 0.1.21 → 0.1.24
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +16 -11
- package/package.json +1 -1
package/dist/index.js
CHANGED
|
@@ -2,6 +2,9 @@
|
|
|
2
2
|
|
|
3
3
|
// src/index.ts
|
|
4
4
|
import { parseArgs } from "util";
|
|
5
|
+
import { readFileSync } from "fs";
|
|
6
|
+
import { fileURLToPath } from "url";
|
|
7
|
+
import { dirname, join as join3 } from "path";
|
|
5
8
|
|
|
6
9
|
// src/cli/install.ts
|
|
7
10
|
import { readFile, writeFile, mkdir } from "fs/promises";
|
|
@@ -808,7 +811,6 @@ var CHECKPOINT_PATTERNS = [
|
|
|
808
811
|
{ pattern: /\.ssh/i, type: "file_sensitive", description: "SSH directory access" },
|
|
809
812
|
{ pattern: /\.aws/i, type: "file_sensitive", description: "AWS credentials access" },
|
|
810
813
|
{ pattern: /credentials/i, type: "file_sensitive", description: "Credentials file access" },
|
|
811
|
-
{ pattern: /CLAUDE\.md/i, type: "file_sensitive", description: "CLAUDE.md modification" },
|
|
812
814
|
// Sensitive file copy/move (indirect path bypass)
|
|
813
815
|
{ pattern: /(cp|mv)\s+.*\.ssh\//i, type: "file_sensitive", description: "Copying/moving SSH files" },
|
|
814
816
|
{ pattern: /(cp|mv)\s+.*\.aws\//i, type: "file_sensitive", description: "Copying/moving AWS credentials" },
|
|
@@ -1278,13 +1280,6 @@ var WRITE_SENSITIVE_PATHS = [
|
|
|
1278
1280
|
legitimateUses: ["Configuring PyPI", "Publishing packages"]
|
|
1279
1281
|
},
|
|
1280
1282
|
// Claude Code config - Critical (could disable security)
|
|
1281
|
-
{
|
|
1282
|
-
pattern: /CLAUDE\.md$/i,
|
|
1283
|
-
description: "Claude instructions file",
|
|
1284
|
-
severity: "critical",
|
|
1285
|
-
risk: "Can modify AI behavior and disable security rules",
|
|
1286
|
-
legitimateUses: ["Updating project instructions", "Configuring Claude behavior"]
|
|
1287
|
-
},
|
|
1288
1283
|
{
|
|
1289
1284
|
pattern: /^~?\/?\.claude\//i,
|
|
1290
1285
|
description: "Claude config directory",
|
|
@@ -2153,14 +2148,24 @@ async function check() {
|
|
|
2153
2148
|
}
|
|
2154
2149
|
|
|
2155
2150
|
// src/index.ts
|
|
2151
|
+
var __dirname = dirname(fileURLToPath(import.meta.url));
|
|
2152
|
+
var pkg = JSON.parse(readFileSync(join3(__dirname, "../package.json"), "utf-8"));
|
|
2156
2153
|
var COMMANDS = ["install", "uninstall", "check", "config"];
|
|
2157
2154
|
async function main() {
|
|
2158
|
-
const { positionals } = parseArgs({
|
|
2155
|
+
const { positionals, values } = parseArgs({
|
|
2159
2156
|
allowPositionals: true,
|
|
2160
|
-
strict: false
|
|
2157
|
+
strict: false,
|
|
2158
|
+
options: {
|
|
2159
|
+
version: { type: "boolean", short: "v" },
|
|
2160
|
+
help: { type: "boolean", short: "h" }
|
|
2161
|
+
}
|
|
2161
2162
|
});
|
|
2163
|
+
if (values.version) {
|
|
2164
|
+
console.log(pkg.version);
|
|
2165
|
+
return;
|
|
2166
|
+
}
|
|
2162
2167
|
const command = positionals[0];
|
|
2163
|
-
if (!command || !COMMANDS.includes(command)) {
|
|
2168
|
+
if (values.help || !command || !COMMANDS.includes(command)) {
|
|
2164
2169
|
console.error("vibesafu - Claude Code Security Guard");
|
|
2165
2170
|
console.error("");
|
|
2166
2171
|
console.error(`Usage: vibesafu <${COMMANDS.join("|")}>`);
|
package/package.json
CHANGED