Crate aube_scripts 

Lifecycle script runner for aube.

Security model:

• Scripts from the root package (the project’s own package.json) run by default. They’re written by the user, so they’re trusted the same way a user trusts aube run <script>.
• Scripts from installed dependencies (e.g. node-gyp postinstall from a native module) are SKIPPED by default. A package runs its lifecycle scripts only if the active BuildPolicy allows it — configured via pnpm.allowBuilds in package.json, allowBuilds in aube-workspace.yaml (or pnpm-workspace.yaml), or the escape-hatch --dangerously-allow-all-builds flag.
• --ignore-scripts forces everything off, matching pnpm/npm.

Re-exports

pub use content_sniff::Suspicion;

pub use content_sniff::SuspicionKind;

pub use content_sniff::sniff_lifecycle;

pub use policy::AllowDecision;

pub use policy::BuildPolicy;

pub use policy::BuildPolicyError;

pub use policy::pattern_matches;

Modules

content_sniff

Lightweight content scanner for dependency lifecycle script bodies.

policy

Allowlist/denylist policy for running dependency lifecycle scripts.

Structs

ScriptJail

Native build jail applied to dependency lifecycle scripts.

ScriptJailHomeCleanup

ScriptSettings

Settings that affect every package-script shell aube spawns.

Enums

Error

LifecycleHook

Lifecycle hooks that aube install runs against the root package’s scripts field, in this order: preinstall → (dependencies link) → install → postinstall → prepare. Matches pnpm / npm.

Constants

DEP_LIFECYCLE_HOOKS

Dependency lifecycle hooks, in the order aube runs them for each allowlisted package. prepare is intentionally omitted — it’s meant for the root package and git-dep preparation, not installed tarballs.

Functions

aube_user_agent

User agent string exported to lifecycle scripts as npm_config_user_agent. Mirrors pnpm’s format (<name>/<version> <os> <arch>) so dep build scripts that sniff the env var to detect the running PM (e.g. husky, unrs-resolver) recognize aube without falling back to npm-mode. OS/arch use Node’s process.platform / process.arch vocabulary (darwin/linux/win32, x64/arm64), not Rust’s native std::env::consts::{OS,ARCH} values, so tools that parse the full UA string identify the platform the same way npm/yarn/pnpm do.

child_stderr

Returns a Stdio suitable for a child process’s stderr. When silent mode is active, this dups the saved real-stderr fd so the child bypasses the /dev/null redirect on fd 2. Otherwise returns Stdio::inherit().

default_install_script

Default install command for a materialized dependency directory. Thin wrapper around implicit_install_script that supplies has_binding_gyp by stat’ing <package_dir>/binding.gyp.

exit_code_from_status

Translate child ExitStatus to a parent exit code.

has_dep_lifecycle_work

True if run_dep_hook would actually execute something for this package across any of the dependency lifecycle hooks. Callers use this to skip fan-out work for packages that have nothing to run — including the implicit node-gyp rebuild default.

implicit_install_script

Single source of truth for the implicit node-gyp rebuild fallback: returns Some("node-gyp rebuild") when the package ships a binding.gyp at its root AND the manifest leaves both install and preinstall empty (either one is the author’s explicit opt-out from the default).

prepend_path

Prepend bin_dir to the current PATH using the platform’s path separator (: on Unix, ; on Windows).

run_dep_hook

Run a lifecycle hook against an installed dependency’s package directory. Mirrors run_root_hook but spawns inside package_dir (the actual linked package directory, e.g. node_modules/.aube/<dep_path>/node_modules/<name>). The manifest is the dependency’s own package.json, not the project root’s.

run_root_hook

Run a lifecycle hook against the root package, if a script for it is defined. Returns Ok(false) if the hook wasn’t defined (no-op), Ok(true) if it ran successfully.

run_root_script_by_name

Run a named root-package script if it’s defined. Used by commands (pack, publish, version) that need to run lifecycle hooks outside the install-focused LifecycleHook enum. Returns Ok(false) if the script isn’t defined.

run_script

Run a single npm-style script line through sh -c with the usual environment ($PATH extended with node_modules/.bin, INIT_CWD, npm_lifecycle_event, npm_package_name, npm_package_version).

set_saved_stderr_fd

Called once by aube after it saves + redirects fd 2. Passing the caller-owned saved fd here means child processes spawned via child_stderr() will write to the real terminal stderr instead of /dev/null.

set_script_settings

Replace the process-wide script settings snapshot. CLI commands call this after resolving .npmrc / workspace settings for the active project.

shell_quote_arg

Shell-quote one arg for safe splicing into a shell command line.

spawn_shell

Spawn a shell command line. On Unix we go through sh -c, on Windows through cmd.exe /d /s /c — matching what npm passes in @npmcli/run-script.

write_line_to_real_stderr

Write line plus a newline to the parent’s real stderr. Used by the recursive-run output multiplexer, which pipes child stderr through aube and re-emits each line with a <package>: prefix — eprintln! writes to fd 2, which SilentStderrGuard has redirected to /dev/null under --silent, so child stderr would otherwise be silently swallowed in --silent --parallel mode. Routes through the saved real-stderr fd when silent mode is active, fd 2 otherwise.