@bookedsolid/rea 0.32.0 → 0.34.0

package/dist/hooks/_lib/segments.js

@@ -229,22 +229,63 @@ function unmask(text) {
  * (lookbehind).
  */
 function splitOnUnquotedSeparators(masked) {
-    // Negative lookbehind for `\` — `git commit \; foo` shouldn't split.
-    // JS regex supports lookbehind in V8 / Node 12+.
-    const splitter = /(?<!\\)(\&\&|\|\||;|\||\&|\n)/g;
-    // We split AND consume the separator (capture group above). The
-    // result interleaves segment, separator, segment, separator, …; we
-    // keep only the even-indexed entries (the segments).
-    const parts = masked.split(splitter);
+    // 2026-05-15 codex round-3 P1 fix: walk char-by-char tracking
+    // backslash-escape state instead of using regex lookbehind. The
+    // pre-fix regex `(?<!\\)(...)` was a single-char negative lookbehind
+    // which treated `echo \\;` as "preceded by `\` → no split". But in
+    // bash semantics, `\\` is a literal `\` escape PAIR — the `;` that
+    // follows it is NOT escaped, so the command splits into two
+    // segments. The pre-fix splitter let `echo \\; npm install evil`
+    // pass as a single segment, defeating the dependency-audit-gate
+    // segment-anchor check and several other consumers.
+    //
+    // Strategy: walk left-to-right. When we encounter `\`, advance past
+    // the next character (the escape pair consumes 2 bytes). When we
+    // encounter a recognized separator at a non-pair position, emit a
+    // split. This matches bash's argv-tokenizer semantics for
+    // backslash-escape parity.
+    //
+    // The masker is byte-width-preserving so we can walk `masked`
+    // directly without re-syncing with the original.
     const segments = [];
-    for (let i = 0; i < parts.length; i += 2) {
-        const raw = parts[i];
-        if (raw === undefined)
+    let segStart = 0;
+    let i = 0;
+    const n = masked.length;
+    while (i < n) {
+        const ch = masked[i];
+        if (ch === '\\' && i + 1 < n) {
+            // Escape pair — consume both, NEVER treat the next char as a
+            // separator. Bash `\\` is a literal `\`; the char following
+            // the pair is then evaluated for separator status.
+            i += 2;
             continue;
-        const trimmed = raw.trim();
-        if (trimmed.length === 0)
+        }
+        // Separator detection. Order matters: `&&` and `||` are 2-byte
+        // separators; the 1-byte forms must not steal their first byte.
+        let sepLen = 0;
+        if (ch === '&' && masked[i + 1] === '&')
+            sepLen = 2;
+        else if (ch === '|' && masked[i + 1] === '|')
+            sepLen = 2;
+        else if (ch === ';' || ch === '|' || ch === '&' || ch === '\n')
+            sepLen = 1;
+        if (sepLen > 0) {
+            const piece = masked.slice(segStart, i);
+            const trimmed = piece.trim();
+            if (trimmed.length > 0)
+                segments.push(trimmed);
+            i += sepLen;
+            segStart = i;
             continue;
-        segments.push(trimmed);
+        }
+        i += 1;
+    }
+    // Tail.
+    if (segStart < n) {
+        const piece = masked.slice(segStart, n);
+        const trimmed = piece.trim();
+        if (trimmed.length > 0)
+            segments.push(trimmed);
     }
     return segments;
 }
@@ -389,16 +430,272 @@ function stripSegmentPrefix(seg) {
  * Split `cmd` into segments using the quote-aware masking → split →
  * unmask pipeline. Returns an array of `{ raw, head }` tuples in the
  * order they appeared in the original command.
+ *
+ * 0.33.0 — nested-shell unwrapping was added on top of the original
+ * 0.32.0 splitter. When a segment's head is `bash -c|-lc|--c PAYLOAD`
+ * or `sh -c|-lc|--c PAYLOAD` (any combination of `-l` and `-c` flags),
+ * the PAYLOAD inside the quoted arg becomes additional segments
+ * appended after the wrapper segment. Mirrors the bash counterpart's
+ * `_rea_unwrap_nested_shells` (helix-017 #3 fix). Recurses up to
+ * `MAX_NESTED_DEPTH` levels.
  */
 export function splitSegments(cmd) {
     if (cmd.length === 0)
         return [];
+    return splitSegmentsRecursive(cmd, 0);
+}
+const MAX_NESTED_DEPTH = 8;
+function splitSegmentsRecursive(cmd, depth) {
     const masked = maskQuotedSeparators(cmd);
     const rawSegs = splitOnUnquotedSeparators(masked);
-    return rawSegs.map((raw) => {
+    const out = [];
+    for (const raw of rawSegs) {
         const unmaskedRaw = unmask(raw);
-        return { raw: unmaskedRaw, head: stripSegmentPrefix(unmaskedRaw) };
-    });
+        const head = stripSegmentPrefix(unmaskedRaw);
+        out.push({ raw: unmaskedRaw, head });
+        // Try to unwrap a nested shell payload.
+        if (depth < MAX_NESTED_DEPTH) {
+            const inner = extractNestedShellPayload(head);
+            if (inner !== null) {
+                // Append the inner payload's segments AFTER the wrapper segment.
+                // This preserves the bash hook's emit-order: the wrapper IS a
+                // segment too (so a hook that anchors on `bash` for some other
+                // reason still sees it), and the inner segments follow.
+                out.push(...splitSegmentsRecursive(inner, depth + 1));
+            }
+        }
+    }
+    return out;
+}
+/**
+ * Recognize a nested-shell wrapper segment and return the unquoted
+ * payload string. Returns `null` when the segment is not a wrapper.
+ *
+ * 2026-05-15 codex round-1 P1 fix — extends parity with
+ * `_rea_unwrap_nested_shells` in `hooks/_lib/cmd-segments.sh`.
+ *
+ * Bash-parity matrix:
+ *
+ *   1. Shell names: bash | sh | zsh | dash
+ *      (The bash counterpart also includes ksh / mksh / oksh / posh /
+ *      yash / csh / tcsh / fish per the 0.19.0 M1 security review. We
+ *      cover the common quartet here; the rare shells fall through to
+ *      the bash-scanner tier which DOES have full coverage. Extending
+ *      this list later is a one-line change.)
+ *   2. Split-flag forms ANY combination of pre-flags before `-c`:
+ *        bash -l -c '…'     bash -i -c '…'     bash -e -c '…'
+ *        bash -li -c '…'    bash --noprofile -c '…'
+ *      The pre-fix regex `(?:-[a-z]*c|--c)(?:\s+-[a-z]+)*` failed
+ *      because it required `-c` to appear IN the FIRST flag token —
+ *      `bash -l -c 'PAYLOAD'` did not match.
+ *   3. Combined-flag forms: -c, -lc, -lic, -ic, -cl, -cli, -li, -il
+ *      (the bash WRAP pattern's `-(c|lc|lic|ic|cl|cli|li|il)` set).
+ *   4. ANSI-C-quoted payload: `bash -c $'…'`. Pre-fix the introducer
+ *      regex `(['"])` could not match the `$` prefix, so the entire
+ *      ANSI-C wrapper was a single un-unwrapped segment.
+ *
+ * The walker:
+ *   - Tokenizes the head into whitespace-separated tokens.
+ *   - First token must be a recognized shell name.
+ *   - Walks subsequent flag tokens, each `-[A-Za-z]+` or `--[A-Za-z]+`.
+ *   - A flag token containing a `c` letter terminates the flag walk
+ *     (it's the `-c` introducer). The next non-flag token is the
+ *     payload argument.
+ *   - The payload argument's first character determines the quote
+ *     style: `'`, `"`, or `$'` (ANSI-C). Any other character means
+ *     the payload is unquoted and we return null (don't unwrap — the
+ *     payload may already be a bare argv).
+ */
+function extractNestedShellPayload(head) {
+    // Tokenize on whitespace. The head has already passed through
+    // stripSegmentPrefix so leading `sudo`/env-prefixes are gone.
+    const trimmed = head.trimStart();
+    if (trimmed.length === 0)
+        return null;
+    // 1. Shell-name token. Full parity with cmd-segments.sh `WRAP`:
+    //    bash | sh | zsh | dash | ksh | mksh | oksh | posh | yash |
+    //    csh | tcsh | fish. Codex round-2 P1 (2026-05-15): the round-1
+    //    quartet (bash|sh|zsh|dash) left ksh/mksh/oksh/posh/yash/csh/
+    //    tcsh/fish unwrapped — on machines where any of those shells
+    //    are installed, `mksh -c 'source .env'` and
+    //    `ksh -c 'npm install missing-pkg'` would bypass
+    //    env-file-protection / dependency-audit-gate entirely.
+    //    The bash counterpart caught these via the 0.19.0 M1 security
+    //    review (WRAP regex extension).
+    //
+    //    NOTE: pwsh (PowerShell) is intentionally OUT — it accepts -c
+    //    and -Command, and -EncodedCommand base64-decodes at runtime.
+    //    Adding pwsh requires a separate code path with base64 decode
+    //    (mirroring the bash counterpart's explicit pwsh exclusion).
+    const shellMatch = /^(bash|sh|zsh|dash|ksh|mksh|oksh|posh|yash|csh|tcsh|fish)\b/i.exec(trimmed);
+    if (shellMatch === null)
+        return null;
+    let cursor = shellMatch[0].length;
+    // 2. Walk flag tokens. Each token is whitespace-separated and starts
+    //    with `-`. A flag token containing the letter `c` (case-insens.)
+    //    is the `-c` introducer; the NEXT token is the payload.
+    let sawCFlag = false;
+    while (cursor < trimmed.length) {
+        // Skip whitespace.
+        while (cursor < trimmed.length && /\s/.test(trimmed[cursor])) {
+            cursor += 1;
+        }
+        if (cursor >= trimmed.length)
+            return null;
+        // Peek next token.
+        const rest = trimmed.slice(cursor);
+        if (rest[0] !== '-') {
+            // Not a flag — must be the payload argument.
+            break;
+        }
+        // Extract the flag token (contiguous non-whitespace).
+        const flagMatch = /^(\S+)/.exec(rest);
+        if (flagMatch === null)
+            return null;
+        const flag = flagMatch[0] ?? '';
+        cursor += flag.length;
+        // Recognized flag-token shapes:
+        //   `-c` `-l` `-i` `-e` `-lc` `-lic` `-ic` `-cl` `-cli` `-li` `-il`
+        //   `--c` `--noprofile` (etc.) — we don't enforce the full list,
+        //   just that it's `-<letters>` or `--<letters>`.
+        if (!/^--?[A-Za-z]+$/.test(flag))
+            return null;
+        // Does this flag contain `c` (the -c introducer letter)?
+        // `--c` also counts (rare but bash accepts).
+        if (/c/i.test(flag.replace(/^--?/, ''))) {
+            sawCFlag = true;
+            // Continue the loop — the payload is the NEXT non-flag token.
+            // (Bash's argv parser stops walking flags as soon as it sees -c,
+            // but we accept additional flags between -c and the payload for
+            // safety; the bash WRAP regex similarly tolerates trailing
+            // flag-like tokens before the quoted body.)
+        }
+    }
+    if (!sawCFlag)
+        return null;
+    if (cursor >= trimmed.length)
+        return null;
+    // Skip whitespace before payload.
+    while (cursor < trimmed.length && /\s/.test(trimmed[cursor])) {
+        cursor += 1;
+    }
+    if (cursor >= trimmed.length)
+        return null;
+    // 3. Inspect the payload's introducer character.
+    const first = trimmed[cursor];
+    let quote;
+    let isAnsiC = false;
+    let payloadStart = cursor;
+    if (first === '$' && trimmed[cursor + 1] === "'") {
+        // ANSI-C: $'…' — single-quote-style but with C-string escapes.
+        quote = "'";
+        isAnsiC = true;
+        payloadStart = cursor + 2;
+    }
+    else if (first === "'" || first === '"') {
+        quote = first;
+        payloadStart = cursor + 1;
+    }
+    else {
+        // Unquoted payload — refuse to unwrap. The bash counterpart's
+        // WRAP regex requires a quote introducer too.
+        return null;
+    }
+    // 4. Walk the payload, collecting bytes until the matching closing
+    //    quote. Honor quote-specific escape rules.
+    let i = payloadStart;
+    let payload = '';
+    while (i < trimmed.length) {
+        const ch = trimmed[i];
+        if (ch === quote) {
+            // Closing quote found.
+            return payload;
+        }
+        if (isAnsiC && ch === '\\' && i + 1 < trimmed.length) {
+            // ANSI-C escape decoding. Mirror the bash counterpart's escape
+            // table (cmd-segments.sh, _rea_unwrap_at_depth). Only the
+            // common-enough subset is decoded; unknowns pass through as the
+            // literal pair (matches awk default behavior).
+            const nxt = trimmed[i + 1];
+            switch (nxt) {
+                case 'n':
+                    payload += '\n';
+                    break;
+                case 't':
+                    payload += '\t';
+                    break;
+                case 'r':
+                    payload += '\r';
+                    break;
+                case '\\':
+                    payload += '\\';
+                    break;
+                case "'":
+                    payload += "'";
+                    break;
+                case '"':
+                    payload += '"';
+                    break;
+                case 'a':
+                    payload += '\x07';
+                    break;
+                case 'b':
+                    payload += '\x08';
+                    break;
+                case 'e':
+                case 'E':
+                    payload += '\x1b';
+                    break;
+                case 'f':
+                    payload += '\x0c';
+                    break;
+                case 'v':
+                    payload += '\x0b';
+                    break;
+                case '0':
+                    payload += '\x00';
+                    break;
+                case 'x': {
+                    // \xHH or \xH — up to 2 hex digits.
+                    let hex = '';
+                    let k = i + 2;
+                    while (k < trimmed.length && hex.length < 2) {
+                        const hc = trimmed[k];
+                        if (!/[0-9a-fA-F]/.test(hc))
+                            break;
+                        hex += hc;
+                        k += 1;
+                    }
+                    if (hex.length > 0) {
+                        payload += String.fromCharCode(parseInt(hex, 16));
+                        i = k;
+                        continue;
+                    }
+                    // Fall through — `\x` with no hex digits is a literal pair.
+                    payload += '\\x';
+                    break;
+                }
+                default:
+                    // Unknown escape — preserve the literal pair (bash awk
+                    // default). E.g. `\z` → `\z`.
+                    payload += '\\' + nxt;
+                    break;
+            }
+            i += 2;
+            continue;
+        }
+        if (!isAnsiC && quote === '"' && ch === '\\' && i + 1 < trimmed.length) {
+            // Double-quote: backslash escapes the next character.
+            payload += trimmed[i + 1] ?? '';
+            i += 2;
+            continue;
+        }
+        payload += ch;
+        i += 1;
+    }
+    // Unterminated quote — return what we have. The bash counterpart
+    // similarly accepts unterminated quotes as "rest of line is payload".
+    return payload;
 }
 /**
  * Returns true if any segment's prefix-stripped head matches the
@@ -442,3 +739,318 @@ export function anySegmentMatches(cmd, regexSource) {
     }
     return false;
 }
+/**
+ * Returns true if any single segment's RAW text contains matches for
+ * BOTH `regexA` AND `regexB`. Mirrors `any_segment_matches_both` from
+ * the bash counterpart — used by `env-file-protection` to require that
+ * a text-reading utility AND an `.env*` filename co-occur within the
+ * same shell segment (a multi-segment construction like
+ * `echo "log: cat .env stuff" ; touch foo.env` must NOT fire because
+ * the utility and filename live in different segments).
+ *
+ * Case-INSENSITIVE, extended regex on both patterns. Same posture as
+ * the bash helper.
+ *
+ * 0.33.0 port. The bash helper was introduced in 0.16.2 to fix the
+ * helix-017 P2 false-positive class where two independent booleans
+ * (any-utility OR any-env) were AND'd across segments.
+ */
+export function anySegmentMatchesBoth(cmd, regexA, regexB) {
+    const reA = new RegExp(regexA, 'i');
+    const reB = new RegExp(regexB, 'i');
+    for (const seg of splitSegments(cmd)) {
+        if (reA.test(seg.raw) && reB.test(seg.raw))
+            return true;
+    }
+    return false;
+}
+/**
+ * Returns true if any segment's RAW text (env-var prefixes intact, only
+ * leading whitespace trimmed) matches the regex source. Mirrors
+ * `any_segment_raw_matches` in the bash counterpart — used by checks
+ * where the env-prefix itself IS the signal (`HUSKY=0 git`, `REA_BYPASS=`,
+ * `alias … = HUSKY=0`).
+ *
+ * 0.34.0 port — dangerous-bash-interceptor (H10, H15, H16) and
+ * local-review-gate (env-prefix git push detection) call into this.
+ * Note: callers anchor with `^` in the regex source when they want
+ * "starts at segment head"; we do not prepend `^` here.
+ */
+export function anySegmentRawMatches(cmd, regexSource) {
+    const re = new RegExp(regexSource, 'i');
+    for (const seg of splitSegments(cmd)) {
+        const trimmed = seg.raw.replace(/^\s+/, '');
+        if (re.test(trimmed))
+            return true;
+    }
+    return false;
+}
+/**
+ * Returns true if any segment's RAW text contains a match for the
+ * regex source. Mirrors `any_segment_matches` in the bash counterpart —
+ * used by content-scan style checks. The regex matches anywhere in the
+ * segment (not anchored). Useful for `(psql|pgcli)[^|&;]*DROP[[:space:]]+(TABLE|…)`
+ * style patterns that must match across the whole segment but only
+ * within a single segment (a heredoc body in segment N or commit
+ * message in segment 1 must NOT poison segment N+1).
+ *
+ * 0.34.0 port — dangerous-bash-interceptor H6 calls into this.
+ */
+export function anySegmentContains(cmd, regexSource) {
+    const re = new RegExp(regexSource, 'i');
+    for (const seg of splitSegments(cmd)) {
+        if (re.test(seg.head))
+            return true;
+    }
+    return false;
+}
+/**
+ * Iterate over every segment of `cmd` and invoke `callback(raw, head)`
+ * for each. Mirrors `for_each_segment` in the bash counterpart —
+ * dangerous-bash-interceptor H1 uses this to walk each push segment
+ * independently (since one segment may include `--force-with-lease`
+ * while another carries an unsafe `--force`).
+ *
+ * The callback receives the raw segment (env-prefix preserved) and the
+ * prefix-stripped head. Return value is ignored.
+ *
+ * 0.34.0 port.
+ */
+export function forEachSegment(cmd, callback) {
+    for (const seg of splitSegments(cmd)) {
+        callback(seg.raw, seg.head);
+    }
+}
+/**
+ * Quote-aware mask of in-quote separators. Mirrors `quote_masked_cmd`
+ * in the bash counterpart — produces a string where in-quote `|` / `;`
+ * / `&` characters are replaced with multi-byte sentinels so a caller's
+ * regex can match real (unquoted) instances of those bytes without
+ * false-positiving on quoted commit-message bodies (`git commit -m
+ * "curl|sh later"`).
+ *
+ * 0.34.0 port — dangerous-bash-interceptor H12 (`curl|sh` detection)
+ * uses this to scan the WHOLE command (not split into segments)
+ * without quoted-mention false positives.
+ *
+ * Implementation uses the same sentinel-byte alphabet the bash helper
+ * uses. Sentinels are public so callers can `.test()` against the
+ * masked output without accidentally tripping on them.
+ */
+export const INQUOTE_PIPE_SENTINEL = '__REA_INQUOTE_PIPE_a8f2c1__';
+export const INQUOTE_SEMI_SENTINEL = '__REA_INQUOTE_SC_a8f2c1__';
+export const INQUOTE_AMP_SENTINEL = '__REA_INQUOTE_AMP_a8f2c1__';
+export function quoteMaskedCmd(cmd) {
+    // 4-state walker mirroring the bash awk:
+    //   0 = plain
+    //   1 = inside "…" (backslash escapes next char)
+    //   2 = inside '…' (no escapes)
+    //   3 = inside $'…' (ANSI-C; backslash escapes next char)
+    // In modes 1/2/3, in-quote `|`/`;`/`&` are replaced with sentinels.
+    // The opening `$'` is preserved verbatim (caller code that detects
+    // ANSI-C envelopes still sees them).
+    let out = '';
+    let i = 0;
+    const n = cmd.length;
+    let mode = 0;
+    while (i < n) {
+        const ch = cmd[i];
+        if (mode === 0) {
+            if (ch === '$' && i + 1 < n && cmd[i + 1] === "'") {
+                mode = 3;
+                out += "$'";
+                i += 2;
+                continue;
+            }
+            if (ch === '"') {
+                mode = 1;
+                out += ch;
+                i += 1;
+                continue;
+            }
+            if (ch === "'") {
+                mode = 2;
+                out += ch;
+                i += 1;
+                continue;
+            }
+            if (ch === '\\' && i + 1 < n) {
+                out += ch + cmd[i + 1];
+                i += 2;
+                continue;
+            }
+            out += ch;
+            i += 1;
+            continue;
+        }
+        if (mode === 3) {
+            if (ch === '\\' && i + 1 < n) {
+                out += ch + cmd[i + 1];
+                i += 2;
+                continue;
+            }
+            if (ch === "'") {
+                mode = 0;
+                out += ch;
+                i += 1;
+                continue;
+            }
+            if (ch === '|') {
+                out += INQUOTE_PIPE_SENTINEL;
+                i += 1;
+                continue;
+            }
+            if (ch === ';') {
+                out += INQUOTE_SEMI_SENTINEL;
+                i += 1;
+                continue;
+            }
+            if (ch === '&') {
+                out += INQUOTE_AMP_SENTINEL;
+                i += 1;
+                continue;
+            }
+            out += ch;
+            i += 1;
+            continue;
+        }
+        if (mode === 2) {
+            if (ch === "'") {
+                mode = 0;
+                out += ch;
+                i += 1;
+                continue;
+            }
+            if (ch === '|') {
+                out += INQUOTE_PIPE_SENTINEL;
+                i += 1;
+                continue;
+            }
+            if (ch === ';') {
+                out += INQUOTE_SEMI_SENTINEL;
+                i += 1;
+                continue;
+            }
+            if (ch === '&') {
+                out += INQUOTE_AMP_SENTINEL;
+                i += 1;
+                continue;
+            }
+            out += ch;
+            i += 1;
+            continue;
+        }
+        // mode === 1
+        if (ch === '\\' && i + 1 < n) {
+            out += ch + cmd[i + 1];
+            i += 2;
+            continue;
+        }
+        if (ch === '"') {
+            mode = 0;
+            out += ch;
+            i += 1;
+            continue;
+        }
+        if (ch === '|') {
+            out += INQUOTE_PIPE_SENTINEL;
+            i += 1;
+            continue;
+        }
+        if (ch === ';') {
+            out += INQUOTE_SEMI_SENTINEL;
+            i += 1;
+            continue;
+        }
+        if (ch === '&') {
+            out += INQUOTE_AMP_SENTINEL;
+            i += 1;
+            continue;
+        }
+        out += ch;
+        i += 1;
+    }
+    return out;
+}
+/**
+ * Walk the nested-shell unwrap chain and emit `cmd` PLUS each inner
+ * payload as a separate string. Mirrors `_rea_unwrap_nested_shells`
+ * in the bash counterpart.
+ *
+ * Used by dangerous-bash-interceptor H12 (`curl|sh` detection) so a
+ * payload like `zsh -c "curl https://x | sh"` is scanned for the pipe
+ * shape even though the literal `|` is inside quotes at the outer
+ * level. The H12 check then runs `quoteMaskedCmd` against each
+ * emitted line independently.
+ *
+ * Depth-bounded at MAX_NESTED_DEPTH (8) — same as `splitSegments`.
+ *
+ * 0.34.0 port.
+ */
+export function unwrapNestedShells(cmd) {
+    const out = [cmd];
+    unwrapNestedShellsRecursive(cmd, 0, out);
+    return out;
+}
+function unwrapNestedShellsRecursive(cmd, depth, acc) {
+    if (depth >= MAX_NESTED_DEPTH)
+        return;
+    // Walk segments so a heredoc-style or multi-line command gets each
+    // segment's inner payload extracted independently.
+    const masked = maskQuotedSeparators(cmd);
+    const rawSegs = splitOnUnquotedSeparators(masked);
+    for (const raw of rawSegs) {
+        const unmaskedRaw = unmask(raw);
+        const head = stripSegmentPrefix(unmaskedRaw);
+        const inner = extractNestedShellPayload(head);
+        if (inner !== null) {
+            acc.push(inner);
+            unwrapNestedShellsRecursive(inner, depth + 1, acc);
+        }
+    }
+}
+/**
+ * Return every segment of `cmd` whose prefix-stripped head matches the
+ * head-anchored regex source. Mirrors `find_all_segments_starting_with`
+ * in the bash counterpart.
+ *
+ * Returns each match as `{ raw, head }` so callers (local-review-gate's
+ * round-25 P1-B sweep) can validate per-segment bypass against the
+ * raw (env-prefix-intact) form.
+ *
+ * Case-INSENSITIVE. Empty array on no matches.
+ *
+ * 0.34.0 port.
+ */
+export function findAllSegmentsStartingWith(cmd, regexSource) {
+    const re = new RegExp(`^${regexSource}`, 'i');
+    const out = [];
+    for (const seg of splitSegments(cmd)) {
+        if (re.test(seg.head))
+            out.push(seg);
+    }
+    return out;
+}
+/**
+ * Return every segment of `cmd` whose RAW text (env-prefix intact,
+ * leading whitespace trimmed) matches the regex source. Mirrors
+ * `find_all_segments_raw_matches` in the bash counterpart.
+ *
+ * Companion to `findAllSegmentsStartingWith` for the env-prefix shapes
+ * the prefix-stripper bails on (quoted-value env-vars like
+ * `REA_SKIP="urgent fix"`).
+ *
+ * Case-INSENSITIVE. Empty array on no matches.
+ *
+ * 0.34.0 port.
+ */
+export function findAllSegmentsRawMatches(cmd, regexSource) {
+    const re = new RegExp(regexSource, 'i');
+    const out = [];
+    for (const seg of splitSegments(cmd)) {
+        const trimmed = seg.raw.replace(/^\s+/, '');
+        if (re.test(trimmed))
+            out.push(seg);
+    }
+    return out;
+}