conduct-cli 0.4.47__tar.gz → 0.4.48__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- {conduct_cli-0.4.47 → conduct_cli-0.4.48}/PKG-INFO +1 -1
- {conduct_cli-0.4.47 → conduct_cli-0.4.48}/pyproject.toml +1 -1
- {conduct_cli-0.4.47 → conduct_cli-0.4.48}/src/conduct_cli/guard.py +10 -1
- {conduct_cli-0.4.47 → conduct_cli-0.4.48}/src/conduct_cli.egg-info/PKG-INFO +1 -1
- {conduct_cli-0.4.47 → conduct_cli-0.4.48}/README.md +0 -0
- {conduct_cli-0.4.47 → conduct_cli-0.4.48}/setup.cfg +0 -0
- {conduct_cli-0.4.47 → conduct_cli-0.4.48}/setup.py +0 -0
- {conduct_cli-0.4.47 → conduct_cli-0.4.48}/src/conduct_cli/__init__.py +0 -0
- {conduct_cli-0.4.47 → conduct_cli-0.4.48}/src/conduct_cli/api.py +0 -0
- {conduct_cli-0.4.47 → conduct_cli-0.4.48}/src/conduct_cli/guardmcp.py +0 -0
- {conduct_cli-0.4.47 → conduct_cli-0.4.48}/src/conduct_cli/main.py +0 -0
- {conduct_cli-0.4.47 → conduct_cli-0.4.48}/src/conduct_cli/mcp_server.py +0 -0
- {conduct_cli-0.4.47 → conduct_cli-0.4.48}/src/conduct_cli.egg-info/SOURCES.txt +0 -0
- {conduct_cli-0.4.47 → conduct_cli-0.4.48}/src/conduct_cli.egg-info/dependency_links.txt +0 -0
- {conduct_cli-0.4.47 → conduct_cli-0.4.48}/src/conduct_cli.egg-info/entry_points.txt +0 -0
- {conduct_cli-0.4.47 → conduct_cli-0.4.48}/src/conduct_cli.egg-info/requires.txt +0 -0
- {conduct_cli-0.4.47 → conduct_cli-0.4.48}/src/conduct_cli.egg-info/top_level.txt +0 -0
- {conduct_cli-0.4.47 → conduct_cli-0.4.48}/tests/test_switch.py +0 -0
|
@@ -107,7 +107,7 @@ def _fetch_budget_status():
|
|
|
107
107
|
return False, None
|
|
108
108
|
|
|
109
109
|
|
|
110
|
-
def _check_policy(tool_name, tool_input):
|
|
110
|
+
def _check_policy(tool_name, tool_input, tokens_before=0):
|
|
111
111
|
"""Return (matched_rule, action, rule_id, message) or (None, 'allow', None, None)."""
|
|
112
112
|
if not POLICY_PATH.exists():
|
|
113
113
|
return None, "allow", None, None
|
|
@@ -139,6 +139,10 @@ def _check_policy(tool_name, tool_input):
|
|
|
139
139
|
continue
|
|
140
140
|
except re.error:
|
|
141
141
|
continue
|
|
142
|
+
min_tokens = rule.get("match_tokens_before_gt")
|
|
143
|
+
if min_tokens is not None:
|
|
144
|
+
if tokens_before <= int(min_tokens):
|
|
145
|
+
continue
|
|
142
146
|
action = rule.get("action", "audit")
|
|
143
147
|
rule_id = rule.get("rule_id", "unknown")
|
|
144
148
|
message = rule.get("message") or f"Policy violation: {rule_id}"
|
|
@@ -389,6 +393,11 @@ def post_usage_main():
|
|
|
389
393
|
elif transcript_path:
|
|
390
394
|
tokens_input, tokens_output = _read_tokens_from_transcript(transcript_path, tool_use_id)
|
|
391
395
|
_post_usage(session_id, tool_name, tokens_input, tokens_output, None)
|
|
396
|
+
# Token-threshold policy check (PostToolUse only — tokens not known at PreToolUse)
|
|
397
|
+
_, action, rule_id, message = _check_policy(tool_name, {}, tokens_before=tokens_input)
|
|
398
|
+
if action in ("warn", "block"):
|
|
399
|
+
decision = "warned" if action == "warn" else "blocked"
|
|
400
|
+
_post_event(tool_name, {}, decision, rule_id, message, session_id=session_id)
|
|
392
401
|
|
|
393
402
|
sys.exit(0)
|
|
394
403
|
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|