PyPI - plugin-scanner - Versions diffs - 2.0.87__tar.gz → 2.0.89__tar.gz - Mend

plugin-scanner 2.0.87tar.gz → 2.0.89tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (333) hide show

{plugin_scanner-2.0.87 → plugin_scanner-2.0.89}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: plugin-scanner
-Version: 2.0.87
+Version: 2.0.89
 Summary: Lint, verify, and gate plugin ecosystems for maintainers, CI, and publish workflows.
 Project-URL: Homepage, https://github.com/hashgraph-online/ai-plugin-scanner
 Project-URL: Repository, https://github.com/hashgraph-online/ai-plugin-scanner

{plugin_scanner-2.0.87 → plugin_scanner-2.0.89}/docker-requirements.txt RENAMED Viewed

@@ -857,9 +857,9 @@ linkify-it-py==2.1.0 \
     --hash=sha256:0d252c1594ecba2ecedc444053db5d3a9b7ec1b0dd929c8f1d74dce89f86c05e \
     --hash=sha256:43360231720999c10e9328dc3691160e27a718e280673d444c38d7d3aaa3b98b
     # via markdown-it-py
-litellm==1.83.14 \
-    --hash=sha256:24aef9b47cdc424c833e32f3727f411741c690832cd1fe4405e0077144fe09c9 \
-    --hash=sha256:92b11ba2a32cf80707ddf388d18526696c7999a21b418c5e3b6eda1243d2cfdb
+litellm==1.83.0 \
+    --hash=sha256:860bebc76c4bb27b4cf90b4a77acd66dba25aced37e3db98750de8a1766bfb7a \
+    --hash=sha256:88c536d339248f3987571493015784671ba3f193a328e1ea6780dbebaa2094a8
     # via
     #   cisco-ai-mcp-scanner
     #   cisco-ai-skill-scanner

{plugin_scanner-2.0.87 → plugin_scanner-2.0.89}/pyproject.toml RENAMED Viewed

@@ -4,7 +4,7 @@ build-backend = "hatchling.build"
 [project]
 name = "plugin-scanner"
-version = "2.0.87"
+version = "2.0.89"
 description = "Lint, verify, and gate plugin ecosystems for maintainers, CI, and publish workflows."
 readme = "README.md"
 license = "Apache-2.0"
@@ -53,7 +53,7 @@ publish = [
 override-dependencies = [
     "click==8.1.8",
     "jsonschema==4.23.0",
-    "litellm>=1.83.7",
+    "litellm==1.83.0",
     "openai==2.30.0",
     "python-dotenv>=1.2.2",
     "python-multipart>=0.0.26",

{plugin_scanner-2.0.87 → plugin_scanner-2.0.89}/pyproject.toml.bak RENAMED Viewed

@@ -4,7 +4,7 @@ build-backend = "hatchling.build"
 [project]
 name = "hol-guard"
-version = "2.0.87"
+version = "2.0.89"
 description = "Protect local AI harnesses with HOL Guard and run scanner checks for Codex, Claude, Cursor, Gemini, and OpenCode."
 readme = "README.md"
 license = "Apache-2.0"
@@ -53,7 +53,7 @@ publish = [
 override-dependencies = [
     "click==8.1.8",
     "jsonschema==4.23.0",
-    "litellm>=1.83.7",
+    "litellm==1.83.0",
     "openai==2.30.0",
     "python-dotenv>=1.2.2",
     "python-multipart>=0.0.26",

{plugin_scanner-2.0.87 → plugin_scanner-2.0.89}/src/codex_plugin_scanner/guard/cli/commands.py RENAMED Viewed

@@ -1601,8 +1601,9 @@ def run_guard_command(
                             }
                         ]
                     }
+                    browser_approval_daemon_client = None
                     try:
-                        daemon_client = load_guard_surface_daemon_client(guard_home)
+                        browser_approval_daemon_client = load_guard_surface_daemon_client(guard_home)
                     except RuntimeError:
                         queued = queue_blocked_approvals(
                             detection=runtime_detection,
@@ -1612,7 +1613,7 @@ def run_guard_command(
                             now=_now(),
                         )
                     else:
-                        session = daemon_client.start_session(
+                        session = browser_approval_daemon_client.start_session(
                             harness=args.harness,
                             surface="harness-adapter",
                             workspace=str(workspace) if workspace else None,
@@ -1622,7 +1623,7 @@ def run_guard_command(
                             capabilities=["approval-resolution", "receipt-view"],
                         )
                         response_payload["session_id"] = str(session["session_id"])
-                        blocked_operation = daemon_client.queue_blocked_operation(
+                        blocked_operation = browser_approval_daemon_client.queue_blocked_operation(
                             session_id=str(session["session_id"]),
                             operation_type="tool_call",
                             harness=args.harness,
@@ -1674,6 +1675,27 @@ def run_guard_command(
                     output_stream=output_stream,
                 )
                 return 0
+            codex_browser_decision = _codex_browser_approval_decision(
+                args=args,
+                event_name=event_name,
+                policy_action=policy_action,
+                response_payload=response_payload,
+                store=store,
+                config=config,
+                daemon_client=locals().get("browser_approval_daemon_client"),
+            )
+            if codex_browser_decision == "allow":
+                if event_name != "PreToolUse":
+                    _emit_native_hook_response(
+                        harness=args.harness,
+                        policy_action="allow",
+                        event_name=event_name,
+                        reason="",
+                        output_stream=output_stream,
+                    )
+                return 0
+            if codex_browser_decision == "block":
+                policy_action = "block"
             if _should_emit_native_hook_exit_block(args, event_name=event_name, policy_action=policy_action):
                 _emit_native_hook_block_stderr(
                     _native_hook_reason_for_harness(
@@ -1920,6 +1942,72 @@ def _should_emit_native_hook_exit_block(args: argparse.Namespace, *, event_name:
     )
+def _codex_browser_approval_decision(
+    *,
+    args: argparse.Namespace,
+    event_name: str,
+    policy_action: str,
+    response_payload: dict[str, object],
+    store: GuardStore,
+    config: GuardConfig,
+    daemon_client: object | None = None,
+) -> str | None:
+    if _canonical_harness_name(args.harness) != "codex":
+        return None
+    if getattr(args, "json", False):
+        return None
+    if event_name not in {"PreToolUse", "PostToolUse", "UserPromptSubmit"}:
+        return None
+    if policy_action not in {"block", "sandbox-required", "require-reapproval"}:
+        return None
+    approval_requests = response_payload.get("approval_requests")
+    if not isinstance(approval_requests, list):
+        return None
+    request_ids = [
+        item["request_id"]
+        for item in approval_requests
+        if isinstance(item, dict) and isinstance(item.get("request_id"), str)
+    ]
+    if not request_ids:
+        return None
+    has_daemon_operation = isinstance(response_payload.get("operation_id"), str)
+    wait_timeout_seconds = min(config.approval_wait_timeout_seconds, 25 if has_daemon_operation else 5)
+    wait_result = wait_for_approval_requests(
+        store=store,
+        request_ids=request_ids,
+        timeout_seconds=wait_timeout_seconds,
+    )
+    response_payload["approval_wait"] = wait_result
+    if not bool(wait_result.get("resolved")):
+        response_payload["review_hint"] = (
+            "Approval is still pending in HOL Guard. Approve it in the browser, then retry the same Codex action."
+        )
+        return None
+    resolved_items = [item for item in wait_result.get("items", []) if isinstance(item, dict)]
+    if any(str(item.get("resolution_action")) == "block" for item in resolved_items):
+        _update_codex_browser_operation_status(response_payload, daemon_client, "blocked")
+        response_payload["review_hint"] = "Browser decision saved. HOL Guard kept this Codex action blocked."
+        return "block"
+    _update_codex_browser_operation_status(response_payload, daemon_client, "completed")
+    response_payload["review_hint"] = "Approval received in HOL Guard. Codex is resuming this action."
+    return "allow"
+def _update_codex_browser_operation_status(
+    response_payload: dict[str, object],
+    daemon_client: object | None,
+    status: str,
+) -> None:
+    operation_id = response_payload.get("operation_id")
+    if daemon_client is None or not isinstance(operation_id, str) or not operation_id:
+        return
+    update_operation_status = getattr(daemon_client, "update_operation_status", None)
+    if not callable(update_operation_status):
+        return
+    with suppress(Exception):
+        update_operation_status(operation_id=operation_id, status=status)
 def _should_emit_prequeue_native_hook_response(
     args: argparse.Namespace,
     *,

{plugin_scanner-2.0.87 → plugin_scanner-2.0.89}/src/codex_plugin_scanner/guard/cli/render.py RENAMED Viewed

@@ -11,6 +11,8 @@ from collections.abc import Callable
 from pathlib import Path
 from typing import Any
+from ..redaction import redact_text
 try:
     from rich import box
     from rich.console import Console
@@ -39,9 +41,18 @@ _SAFE_POLICY_LITERALS = frozenset(
     {"allow", "warn", "review", "block", "require-reapproval", "sandbox-required", "strict", "balanced", "custom"}
 )
 _SENSITIVE_STRING_PATTERNS: tuple[tuple[re.Pattern[str], str], ...] = (
+    (
+        re.compile(
+            r"-----BEGIN [A-Z0-9 ]*PRIVATE KEY-----.*?-----END [A-Z0-9 ]*PRIVATE KEY-----",
+            re.DOTALL,
+        ),
+        "*****",
+    ),
     (re.compile(r"(?i)(authorization:\s*)(bearer\s+)?[^\s,;]+"), r"\1*****"),
     (re.compile(r"(?i)(api[-_ ]?key:\s*)[^\s,;]+"), r"\1*****"),
     (re.compile(r"(?i)(bearer\s+)[^\s,;]+"), r"\1*****"),
+    (re.compile(r"(?im)\b(?:_authToken|npm[_ -]?token)\s*[:=]\s*[^\s]+"), "npm token redacted"),
+    (re.compile(r"\b(?:postgres(?:ql)?|mysql|mongodb(?:\+srv)?|redis|amqp)://[^\s]+", re.IGNORECASE), "*****"),
     (
         re.compile(
             r"(?i)([a-z0-9_-]*(?:token|secret|api[-_]?key|password|credential)[a-z0-9_-]*=)(?:'[^']*'|\"[^\"]*\"|[^&\s]+)"
@@ -54,12 +65,13 @@ _SENSITIVE_STRING_PATTERNS: tuple[tuple[re.Pattern[str], str], ...] = (
 def emit_guard_payload(command: str, payload: dict[str, object], as_json: bool) -> None:
     """Render Guard payloads as JSON or human-friendly rich output."""
-    redacted_payload = _redact_payload(payload)
     if as_json or not _RICH_AVAILABLE:
-        sys.stdout.write(_render_redacted_json_payload(_json_payload_for_command(command, redacted_payload)))
+        redacted_output = redact_text(_safe_json_output_text(command, payload))
+        sys.stdout.write(redacted_output.text)
         sys.stdout.write("\n")
         return
+    redacted_payload = _redact_payload(payload)
     console = Console(file=sys.stdout, soft_wrap=True)
     renderer = _RENDERERS.get(command, _render_fallback)
     renderer(console, redacted_payload)
@@ -88,11 +100,21 @@ def _render_redacted_json_payload(redacted_payload: object) -> str:
     return _serialize_redacted_json(redacted_payload, indent=0)
-def _json_payload_for_command(command: str, redacted_payload: dict[str, object]) -> dict[str, object]:
+def _safe_json_output_text(command: str, payload: dict[str, object]) -> str:
+    json_payload = _json_payload_for_command(command, payload)
+    sanitized_payload = _sanitize_payload_for_output(json_payload)
+    return _render_redacted_json_payload(sanitized_payload)
+def _sanitize_payload_for_output(value: object) -> object:
+    return _redact_payload(value)
+def _json_payload_for_command(command: str, payload: dict[str, object]) -> dict[str, object]:
     json_renderer = _JSON_RENDERERS.get(command)
     if json_renderer is None:
-        return redacted_payload
-    return json_renderer(redacted_payload)
+        return dict(payload)
+    return json_renderer(dict(payload))
 def _render_settings_json_payload(redacted_payload: dict[str, object]) -> dict[str, object]:

{plugin_scanner-2.0.87 → plugin_scanner-2.0.89}/src/codex_plugin_scanner/guard/redaction.py RENAMED Viewed

@@ -42,7 +42,7 @@ _REDACTION_PATTERNS: tuple[tuple[str, re.Pattern[str], str], ...] = (
     ),
     (
         "npm-token",
-        re.compile(r"(?im)\b(_authToken|npm[_ -]?token)\s*[:=]\s*([^\s]+)"),
+        re.compile(r"(?im)\b(_authToken|npm[_ -]?token)\s*[:=]\s*([^\s\"',}]+)"),
         r"\1=*****",
     ),
     (
@@ -51,7 +51,7 @@ _REDACTION_PATTERNS: tuple[tuple[str, re.Pattern[str], str], ...] = (
             r"-----BEGIN [A-Z0-9 ]*PRIVATE KEY-----.*?-----END [A-Z0-9 ]*PRIVATE KEY-----",
             re.DOTALL,
         ),
-        "-----BEGIN PRIVATE KEY-----\n*****\n-----END PRIVATE KEY-----",
+        "*****",
     ),
     (
         "secret-env",
@@ -67,7 +67,7 @@ _REDACTION_PATTERNS: tuple[tuple[str, re.Pattern[str], str], ...] = (
     ),
     (
         "connection-string",
-        re.compile(r"\b(?:postgres(?:ql)?|mysql|mongodb(?:\+srv)?|redis|amqp)://[^\s]+", re.IGNORECASE),
+        re.compile(r"\b(?:postgres(?:ql)?|mysql|mongodb(?:\+srv)?|redis|amqp)://[^\s\"',}]+", re.IGNORECASE),
         "*****",
     ),
 )

{plugin_scanner-2.0.87 → plugin_scanner-2.0.89}/src/codex_plugin_scanner/guard/runtime/secret_file_requests.py RENAMED Viewed

@@ -5,6 +5,7 @@ from __future__ import annotations
 import ast
 import base64
 import binascii
+import contextlib
 import hashlib
 import json
 import os
@@ -2431,7 +2432,105 @@ def _runtime_read_roots(cwd: Path | None, home_dir: Path | None) -> tuple[Path,
 def _path_is_within_roots(path: Path, roots: tuple[Path, ...]) -> bool:
-    return any(path.is_relative_to(root) for root in roots)
+    path_text = os.path.realpath(os.fspath(path))
+    root_texts = _runtime_read_root_texts(roots)
+    return any(_path_text_is_within_root_text(path_text, root_text) for root_text in root_texts)
+def _path_text_is_within_root(path_text: str, root: Path) -> bool:
+    return _path_text_is_within_root_text(path_text, os.path.realpath(os.fspath(root)))
+def _path_text_is_within_root_text(path_text: str, root_text: str) -> bool:
+    normalized_path_text = os.path.normcase(path_text)
+    normalized_root_text = os.path.normcase(root_text)
+    try:
+        return os.path.commonpath((normalized_path_text, normalized_root_text)) == normalized_root_text
+    except ValueError:
+        return False
+def _runtime_read_root_texts(roots: tuple[Path, ...]) -> tuple[str, ...]:
+    return tuple(os.path.realpath(os.fspath(root)) for root in roots)
+def _runtime_relative_parts(path_text: str, root_text: str) -> tuple[str, ...] | None:
+    try:
+        relative_text = os.path.relpath(path_text, root_text)
+    except ValueError:
+        return None
+    if relative_text in {"", "."}:
+        return None
+    parts = Path(relative_text).parts
+    if not parts or any(_runtime_relative_part_is_unsafe(part) for part in parts):
+        return None
+    return parts
+def _runtime_relative_part_is_unsafe(part: str) -> bool:
+    if part in {"", ".", ".."}:
+        return True
+    separators = (os.sep, os.altsep) if os.altsep else (os.sep,)
+    return any(separator in part for separator in separators)
+def _runtime_entry_name_matches(
+    entry_name: str,
+    requested_name: str,
+    *,
+    entry_path: str,
+    requested_path: str,
+) -> bool:
+    if entry_name == requested_name or os.path.normcase(entry_name) == os.path.normcase(requested_name):
+        return True
+    if entry_name.casefold() != requested_name.casefold():
+        return False
+    try:
+        return os.path.samefile(entry_path, requested_path)
+    except OSError:
+        return False
+def _runtime_entry_for_name(directory_text: str, requested_name: str) -> os.DirEntry[str] | None:
+    requested_path = os.path.join(directory_text, requested_name)
+    try:
+        with os.scandir(directory_text) as entries:
+            return next(
+                (
+                    entry
+                    for entry in entries
+                    if _runtime_entry_name_matches(
+                        entry.name,
+                        requested_name,
+                        entry_path=entry.path,
+                        requested_path=requested_path,
+                    )
+                ),
+                None,
+            )
+    except OSError:
+        return None
+def _runtime_file_entry_under_root(path_text: str, root_text: str) -> os.DirEntry[str] | None:
+    relative_parts = _runtime_relative_parts(path_text, root_text)
+    if relative_parts is None:
+        return None
+    current_dir_text = root_text
+    for directory_name in relative_parts[:-1]:
+        directory_entry = _runtime_entry_for_name(current_dir_text, directory_name)
+        if directory_entry is None:
+            return None
+        try:
+            directory_stat = directory_entry.stat(follow_symlinks=False)
+        except OSError:
+            return None
+        if not stat.S_ISDIR(directory_stat.st_mode):
+            return None
+        current_dir_text = os.path.realpath(directory_entry.path)
+        if not _path_text_is_within_root_text(current_dir_text, root_text):
+            return None
+    return _runtime_entry_for_name(current_dir_text, relative_parts[-1])
 def _resolved_runtime_path(
@@ -2449,29 +2548,55 @@ def _resolved_runtime_path(
     read_roots = allowed_roots or _runtime_read_roots(cwd, home_dir)
     if not read_roots:
         return None
-    try:
-        resolved_path = normalized_path.resolve(strict=False)
-    except OSError:
+    path_text = os.path.realpath(os.fspath(normalized_path))
+    root_texts = _runtime_read_root_texts(read_roots)
+    if not any(_path_text_is_within_root_text(path_text, root_text) for root_text in root_texts):
         return None
-    return resolved_path if _path_is_within_roots(resolved_path, read_roots) else None
+    return Path(path_text)
 def _read_small_runtime_text_file(path: Path, *, allowed_roots: tuple[Path, ...]) -> str | None:
+    path_text = os.path.realpath(os.fspath(path))
+    root_texts = _runtime_read_root_texts(allowed_roots)
+    if not any(_path_text_is_within_root_text(path_text, root_text) for root_text in root_texts):
+        return None
+    runtime_entry = next(
+        (
+            entry
+            for root_text in root_texts
+            if _path_text_is_within_root_text(path_text, root_text)
+            for entry in (_runtime_file_entry_under_root(path_text, root_text),)
+            if entry is not None
+        ),
+        None,
+    )
+    if runtime_entry is None:
+        return None
+    open_flags = os.O_RDONLY
+    nofollow_flag = getattr(os, "O_NOFOLLOW", 0)
+    if isinstance(nofollow_flag, int):
+        open_flags |= nofollow_flag
     try:
-        resolved_path = path.resolve(strict=True)
+        entry_stat = runtime_entry.stat(follow_symlinks=False)
     except OSError:
         return None
-    if not _path_is_within_roots(resolved_path, allowed_roots):
+    if not stat.S_ISREG(entry_stat.st_mode) or entry_stat.st_size > _MAX_DECODED_PAYLOAD_BYTES:
         return None
     try:
-        stat_result = resolved_path.stat()
+        descriptor = os.open(runtime_entry.path, open_flags)
     except OSError:
         return None
-    if not stat.S_ISREG(stat_result.st_mode) or stat_result.st_size > _MAX_DECODED_PAYLOAD_BYTES:
-        return None
     try:
-        return resolved_path.read_text(encoding="utf-8")
+        stat_result = os.fstat(descriptor)
+        if not stat.S_ISREG(stat_result.st_mode) or stat_result.st_size > _MAX_DECODED_PAYLOAD_BYTES:
+            os.close(descriptor)
+            return None
+        with os.fdopen(descriptor, encoding="utf-8") as runtime_file:
+            content = runtime_file.read(_MAX_DECODED_PAYLOAD_BYTES + 1)
+            return content if len(content) <= _MAX_DECODED_PAYLOAD_BYTES else None
     except (OSError, UnicodeDecodeError):
+        with contextlib.suppress(OSError):
+            os.close(descriptor)
         return None
@@ -2899,16 +3024,14 @@ def _contains_mutating_shell_redirection(parts: list[str]) -> bool:
             else:
                 index += 1
         else:
-            match = re.fullmatch(r"(?P<prefix>[^<>\s]*?)(?P<fd>[0-2]?)(?P<op>>\||>>|>)(?P<target>.*)", token)
-            if match is None:
+            redirection = _split_attached_redirection_token(token)
+            if redirection is None:
                 index += 1
                 continue
-            prefix = match.group("prefix") or ""
+            prefix, fd, _op, target = redirection
             if prefix.endswith("="):
                 index += 1
                 continue
-            fd = match.group("fd")
-            target = match.group("target")
             if target:
                 index += 1
             elif index + 1 < len(parts):
@@ -2927,6 +3050,32 @@ def _contains_mutating_shell_redirection(parts: list[str]) -> bool:
     return False
+def _split_attached_redirection_token(token: str) -> tuple[str, str, str, str] | None:
+    for index, character in enumerate(token):
+        if character != ">":
+            continue
+        op = _attached_redirection_operator(token, index)
+        prefix = token[:index]
+        if any(character.isspace() or character in {"<", ">"} for character in prefix):
+            continue
+        target = token[index + len(op) :]
+        fd = ""
+        if prefix and prefix[-1] in {"0", "1", "2"}:
+            fd = prefix[-1]
+            prefix = prefix[:-1]
+        return prefix, fd, op, target
+    return None
+def _attached_redirection_operator(token: str, index: int) -> str:
+    next_character = token[index + 1 : index + 2]
+    if next_character == "|":
+        return ">|"
+    if next_character == ">":
+        return ">>"
+    return ">"
 def _normalized_redirect_target(target: str) -> str:
     return target.strip().strip(");,").strip("'\"")

{plugin_scanner-2.0.87 → plugin_scanner-2.0.89}/src/codex_plugin_scanner/version.py RENAMED Viewed

@@ -1,3 +1,3 @@
 """Single source of truth for tool version."""
-__version__ = "2.0.87"
+__version__ = "2.0.89"

{plugin_scanner-2.0.87 → plugin_scanner-2.0.89}/tests/test_cisco_install_surfaces.py RENAMED Viewed

@@ -27,7 +27,7 @@ def test_pyproject_keeps_cisco_mcp_scanner_optional() -> None:
     assert "cisco-ai-skill-scanner~=2.0.9" in dependency_entries
     assert "click==8.1.8" in override_entries
     assert "jsonschema==4.23.0" in override_entries
-    assert "litellm>=1.83.7" in override_entries
+    assert "litellm==1.83.0" in override_entries
     assert "openai==2.30.0" in override_entries
     assert "python-dotenv>=1.2.2" in override_entries
     assert "python-multipart>=0.0.26" in override_entries
@@ -79,17 +79,7 @@ def test_repo_controlled_surfaces_prefer_cisco_extra_where_supported() -> None:
     source_copy_index = dockerfile.index("COPY src /app/src")
     assert requirements_copy_index < source_copy_index
     assert "cisco-ai-mcp-scanner==" in docker_requirements
-    patched_litellm_versions = (
-        "litellm==1.83.7",
-        "litellm==1.83.8",
-        "litellm==1.83.9",
-        "litellm==1.83.10",
-        "litellm==1.83.11",
-        "litellm==1.83.12",
-        "litellm==1.83.13",
-        "litellm==1.83.14",
-    )
-    assert any(version in docker_requirements for version in patched_litellm_versions)
+    assert "litellm==1.83.0" in docker_requirements
     assert "python-dotenv==1.2.2" in docker_requirements
     assert "python-multipart==0.0.26" in docker_requirements
     assert "--hash=sha256:" in docker_requirements
@@ -104,4 +94,4 @@ def test_publish_workflow_builds_only_guard_and_scanner_packages() -> None:
     assert "Build codex compatibility alias" not in publish_workflow
     assert 'name = "codex-plugin-scanner"' not in publish_workflow
     assert 'codex-plugin-scanner = "codex_plugin_scanner.cli:main"' not in publish_workflow
-    assert 'uv tool install codex-plugin-scanner==' not in publish_workflow
+    assert "uv tool install codex-plugin-scanner==" not in publish_workflow

{plugin_scanner-2.0.87 → plugin_scanner-2.0.89}/tests/test_guard_protect.py RENAMED Viewed

@@ -873,6 +873,25 @@ class TestGuardProtect:
         assert output.text == "  API_TOKEN=*****\n\tDATABASE_URL=*****\n"
+    def test_guard_redaction_preserves_serialized_json_delimiters(self) -> None:
+        payload = json.dumps(
+            {
+                "token": "_authToken:abcdefghi",
+                "dsn": "postgres://user:pass@db.internal/app",
+                "key": "-----BEGIN PRIVATE KEY-----\nsecret\n-----END PRIVATE KEY-----",
+            }
+        )
+        output = redact_text(payload)
+        redacted_payload = json.loads(output.text)
+        assert "abcdefghi" not in output.text
+        assert "pass" not in output.text
+        assert "secret" not in output.text
+        assert redacted_payload["token"] == "_authToken=*****"
+        assert redacted_payload["dsn"] == "*****"
+        assert redacted_payload["key"] == "*****"
     def test_guard_store_keeps_distinct_advisories_without_ids(self, tmp_path) -> None:
         store = GuardStore(tmp_path / "guard-home")

{plugin_scanner-2.0.87 → plugin_scanner-2.0.89}/tests/test_guard_render.py RENAMED Viewed

@@ -58,6 +58,74 @@ def test_guard_render_redacts_sensitive_values_before_rich_renderer(monkeypatch)
     assert payload["launch_summary"] == "api_key=***** token=*****"
+def test_guard_json_render_redacts_after_command_specific_payload_shape(capsys) -> None:
+    emit_guard_payload(
+        "connect",
+        {
+            "connected": True,
+            "connect_url": "https://hol.org/guard/connect?token=super-secret-token",
+            "sync_url": "https://hol.org/api/guard/receipts/sync?api_key=super-secret-key",
+            "api_key": "super-secret-key",
+        },
+        True,
+    )
+    output = capsys.readouterr().out
+    rendered = json.loads(output)
+    assert "super-secret" not in output
+    assert rendered["connect_url"] == "https://hol.org/guard/connect?token=*****"
+    assert rendered["sync_url"] == "https://hol.org/api/guard/receipts/sync?api_key=*****"
+    assert rendered["api_key"] == "*****"
+def test_guard_json_render_redacts_private_key_without_breaking_json(capsys) -> None:
+    private_key = (
+        "-----BEGIN PRIVATE KEY-----\n"
+        "super-secret-material\n"
+        "-----END PRIVATE KEY-----"
+    )
+    emit_guard_payload("status", {"details": private_key}, True)
+    output = capsys.readouterr().out
+    rendered = json.loads(output)
+    assert "super-secret-material" not in output
+    assert rendered["details"] == "*****"
+def test_guard_json_render_redacts_token_lines_without_breaking_json(capsys) -> None:
+    emit_guard_payload("status", {"details": "_authToken:abcdefghi"}, True)
+    output = capsys.readouterr().out
+    rendered = json.loads(output)
+    assert "abcdefghi" not in output
+    assert rendered["details"] == "npm token redacted"
+def test_guard_json_render_redacts_connection_string_without_breaking_json(capsys) -> None:
+    emit_guard_payload("status", {"details": "postgres://user:password@localhost/db"}, True)
+    output = capsys.readouterr().out
+    rendered = json.loads(output)
+    assert "password" not in output
+    assert rendered["details"] == "*****"
+def test_guard_json_renderer_receives_payload_copy(monkeypatch, capsys) -> None:
+    def mutating_renderer(payload: dict[str, object]) -> dict[str, object]:
+        payload["api_key"] = "mutated-secret"
+        return payload
+    source_payload: dict[str, object] = {"api_key": "original-secret"}
+    monkeypatch.setitem(render._JSON_RENDERERS, "mutating", mutating_renderer)
+    emit_guard_payload("mutating", source_payload, True)
+    output = capsys.readouterr().out
+    assert source_payload["api_key"] == "original-secret"
+    assert "mutated-secret" not in output
 def test_guard_settings_json_omits_billing_flag(capsys) -> None:
     emit_guard_payload(
         "settings",

plugin-scanner 2.0.87__tar.gz → 2.0.89__tar.gz

plugin-scanner 2.0.87tar.gz → 2.0.89tar.gz