@dexto/tools-filesystem 1.5.2 → 1.5.3

package/dist/path-validator.test.js

@@ -15,7 +15,7 @@ describe("PathValidator", () => {
   });
   describe("validatePath", () => {
     describe("Empty and Invalid Paths", () => {
-      it("should reject empty path", () => {
+      it("should reject empty path", async () => {
         const validator = new PathValidator(
           {
             allowedPaths: ["/home/user/project"],
@@ -28,11 +28,11 @@ describe("PathValidator", () => {
           },
           mockLogger
         );
-        const result = validator.validatePath("");
+        const result = await validator.validatePath("");
         expect(result.isValid).toBe(false);
         expect(result.error).toBe("Path cannot be empty");
       });
-      it("should reject whitespace-only path", () => {
+      it("should reject whitespace-only path", async () => {
         const validator = new PathValidator(
           {
             allowedPaths: ["/home/user/project"],
@@ -45,13 +45,13 @@ describe("PathValidator", () => {
           },
           mockLogger
         );
-        const result = validator.validatePath("   ");
+        const result = await validator.validatePath("   ");
         expect(result.isValid).toBe(false);
         expect(result.error).toBe("Path cannot be empty");
       });
     });
     describe("Allowed Paths", () => {
-      it("should allow paths within allowed directories", () => {
+      it("should allow paths within allowed directories", async () => {
         const validator = new PathValidator(
           {
             allowedPaths: ["/home/user/project"],
@@ -64,11 +64,11 @@ describe("PathValidator", () => {
           },
           mockLogger
         );
-        const result = validator.validatePath("/home/user/project/src/file.ts");
+        const result = await validator.validatePath("/home/user/project/src/file.ts");
         expect(result.isValid).toBe(true);
         expect(result.normalizedPath).toBeDefined();
       });
-      it("should allow relative paths within working directory", () => {
+      it("should allow relative paths within working directory", async () => {
         const validator = new PathValidator(
           {
             allowedPaths: ["/home/user/project"],
@@ -81,10 +81,10 @@ describe("PathValidator", () => {
           },
           mockLogger
         );
-        const result = validator.validatePath("src/file.ts");
+        const result = await validator.validatePath("src/file.ts");
         expect(result.isValid).toBe(true);
       });
-      it("should reject paths outside allowed directories", () => {
+      it("should reject paths outside allowed directories", async () => {
         const validator = new PathValidator(
           {
             allowedPaths: ["/home/user/project"],
@@ -97,11 +97,11 @@ describe("PathValidator", () => {
           },
           mockLogger
         );
-        const result = validator.validatePath("/external/project/file.ts");
+        const result = await validator.validatePath("/external/project/file.ts");
         expect(result.isValid).toBe(false);
         expect(result.error).toContain("not within allowed paths");
       });
-      it("should allow all paths when allowedPaths is empty", () => {
+      it("should allow all paths when allowedPaths is empty", async () => {
         const validator = new PathValidator(
           {
             allowedPaths: [],
@@ -114,12 +114,12 @@ describe("PathValidator", () => {
           },
           mockLogger
         );
-        const result = validator.validatePath("/anywhere/file.ts");
+        const result = await validator.validatePath("/anywhere/file.ts");
         expect(result.isValid).toBe(true);
       });
     });
     describe("Path Traversal Detection", () => {
-      it("should reject path traversal attempts", () => {
+      it("should reject path traversal attempts", async () => {
         const validator = new PathValidator(
           {
             allowedPaths: ["/home/user/project"],
@@ -132,13 +132,15 @@ describe("PathValidator", () => {
           },
           mockLogger
         );
-        const result = validator.validatePath("/home/user/project/../../../etc/passwd");
+        const result = await validator.validatePath(
+          "/home/user/project/../../../etc/passwd"
+        );
         expect(result.isValid).toBe(false);
         expect(result.error).toBe("Path traversal detected");
       });
     });
     describe("Blocked Paths", () => {
-      it("should reject paths in blocked directories", () => {
+      it("should reject paths in blocked directories", async () => {
         const validator = new PathValidator(
           {
             allowedPaths: ["/home/user/project"],
@@ -151,11 +153,11 @@ describe("PathValidator", () => {
           },
           mockLogger
         );
-        const result = validator.validatePath("/home/user/project/.git/config");
+        const result = await validator.validatePath("/home/user/project/.git/config");
         expect(result.isValid).toBe(false);
         expect(result.error).toContain("blocked");
       });
-      it("should reject paths in node_modules", () => {
+      it("should reject paths in node_modules", async () => {
         const validator = new PathValidator(
           {
             allowedPaths: ["/home/user/project"],
@@ -168,7 +170,7 @@ describe("PathValidator", () => {
           },
           mockLogger
         );
-        const result = validator.validatePath(
+        const result = await validator.validatePath(
           "/home/user/project/node_modules/lodash/index.js"
         );
         expect(result.isValid).toBe(false);
@@ -176,7 +178,7 @@ describe("PathValidator", () => {
       });
     });
     describe("Blocked Extensions", () => {
-      it("should reject files with blocked extensions", () => {
+      it("should reject files with blocked extensions", async () => {
         const validator = new PathValidator(
           {
             allowedPaths: ["/home/user/project"],
@@ -189,11 +191,11 @@ describe("PathValidator", () => {
           },
           mockLogger
         );
-        const result = validator.validatePath("/home/user/project/malware.exe");
+        const result = await validator.validatePath("/home/user/project/malware.exe");
         expect(result.isValid).toBe(false);
         expect(result.error).toContain(".exe is not allowed");
       });
-      it("should handle extensions without leading dot", () => {
+      it("should handle extensions without leading dot", async () => {
         const validator = new PathValidator(
           {
             allowedPaths: ["/home/user/project"],
@@ -207,10 +209,10 @@ describe("PathValidator", () => {
           },
           mockLogger
         );
-        const result = validator.validatePath("/home/user/project/file.exe");
+        const result = await validator.validatePath("/home/user/project/file.exe");
         expect(result.isValid).toBe(false);
       });
-      it("should be case-insensitive for extensions", () => {
+      it("should be case-insensitive for extensions", async () => {
         const validator = new PathValidator(
           {
             allowedPaths: ["/home/user/project"],
@@ -223,12 +225,12 @@ describe("PathValidator", () => {
           },
           mockLogger
         );
-        const result = validator.validatePath("/home/user/project/file.EXE");
+        const result = await validator.validatePath("/home/user/project/file.EXE");
         expect(result.isValid).toBe(false);
       });
     });
     describe("Directory Approval Checker Integration", () => {
-      it("should consult approval checker for external paths", () => {
+      it("should consult approval checker for external paths", async () => {
         const validator = new PathValidator(
           {
             allowedPaths: ["/home/user/project"],
@@ -241,16 +243,16 @@ describe("PathValidator", () => {
           },
           mockLogger
         );
-        let result = validator.validatePath("/external/project/file.ts");
+        let result = await validator.validatePath("/external/project/file.ts");
         expect(result.isValid).toBe(false);
         const approvalChecker = (filePath) => {
           return filePath.startsWith("/external/project");
         };
         validator.setDirectoryApprovalChecker(approvalChecker);
-        result = validator.validatePath("/external/project/file.ts");
+        result = await validator.validatePath("/external/project/file.ts");
         expect(result.isValid).toBe(true);
       });
-      it("should not use approval checker for config-allowed paths", () => {
+      it("should not use approval checker for config-allowed paths", async () => {
         const approvalChecker = vi.fn().mockReturnValue(false);
         const validator = new PathValidator(
           {
@@ -265,14 +267,14 @@ describe("PathValidator", () => {
           mockLogger
         );
         validator.setDirectoryApprovalChecker(approvalChecker);
-        const result = validator.validatePath("/home/user/project/src/file.ts");
+        const result = await validator.validatePath("/home/user/project/src/file.ts");
         expect(result.isValid).toBe(true);
         expect(approvalChecker).not.toHaveBeenCalled();
       });
     });
   });
   describe("isPathWithinAllowed", () => {
-    it("should return true for paths within config-allowed directories", () => {
+    it("should return true for paths within config-allowed directories", async () => {
       const validator = new PathValidator(
         {
           allowedPaths: ["/home/user/project"],
@@ -285,12 +287,14 @@ describe("PathValidator", () => {
         },
         mockLogger
       );
-      expect(validator.isPathWithinAllowed("/home/user/project/src/file.ts")).toBe(true);
-      expect(validator.isPathWithinAllowed("/home/user/project/deep/nested/file.ts")).toBe(
+      expect(await validator.isPathWithinAllowed("/home/user/project/src/file.ts")).toBe(
         true
       );
+      expect(
+        await validator.isPathWithinAllowed("/home/user/project/deep/nested/file.ts")
+      ).toBe(true);
     });
-    it("should return false for paths outside config-allowed directories", () => {
+    it("should return false for paths outside config-allowed directories", async () => {
       const validator = new PathValidator(
         {
           allowedPaths: ["/home/user/project"],
@@ -303,10 +307,10 @@ describe("PathValidator", () => {
         },
         mockLogger
       );
-      expect(validator.isPathWithinAllowed("/external/project/file.ts")).toBe(false);
-      expect(validator.isPathWithinAllowed("/home/user/other/file.ts")).toBe(false);
+      expect(await validator.isPathWithinAllowed("/external/project/file.ts")).toBe(false);
+      expect(await validator.isPathWithinAllowed("/home/user/other/file.ts")).toBe(false);
     });
-    it("should NOT consult approval checker (used for prompting decisions)", () => {
+    it("should NOT consult approval checker (used for prompting decisions)", async () => {
       const approvalChecker = vi.fn().mockReturnValue(true);
       const validator = new PathValidator(
         {
@@ -321,10 +325,10 @@ describe("PathValidator", () => {
         mockLogger
       );
       validator.setDirectoryApprovalChecker(approvalChecker);
-      expect(validator.isPathWithinAllowed("/external/project/file.ts")).toBe(false);
+      expect(await validator.isPathWithinAllowed("/external/project/file.ts")).toBe(false);
       expect(approvalChecker).not.toHaveBeenCalled();
     });
-    it("should return false for empty path", () => {
+    it("should return false for empty path", async () => {
       const validator = new PathValidator(
         {
           allowedPaths: ["/home/user/project"],
@@ -337,10 +341,10 @@ describe("PathValidator", () => {
         },
         mockLogger
       );
-      expect(validator.isPathWithinAllowed("")).toBe(false);
-      expect(validator.isPathWithinAllowed("   ")).toBe(false);
+      expect(await validator.isPathWithinAllowed("")).toBe(false);
+      expect(await validator.isPathWithinAllowed("   ")).toBe(false);
     });
-    it("should return true when allowedPaths is empty (all paths allowed)", () => {
+    it("should return true when allowedPaths is empty (all paths allowed)", async () => {
       const validator = new PathValidator(
         {
           allowedPaths: [],
@@ -353,11 +357,11 @@ describe("PathValidator", () => {
         },
         mockLogger
       );
-      expect(validator.isPathWithinAllowed("/anywhere/file.ts")).toBe(true);
+      expect(await validator.isPathWithinAllowed("/anywhere/file.ts")).toBe(true);
     });
   });
   describe("Path Containment (Parent Directory Coverage)", () => {
-    it("should recognize that approving parent covers child paths", () => {
+    it("should recognize that approving parent covers child paths", async () => {
       const validator = new PathValidator(
         {
           allowedPaths: ["/external/sub"],
@@ -370,9 +374,11 @@ describe("PathValidator", () => {
         },
         mockLogger
       );
-      expect(validator.isPathWithinAllowed("/external/sub/deep/nested/file.ts")).toBe(true);
+      expect(await validator.isPathWithinAllowed("/external/sub/deep/nested/file.ts")).toBe(
+        true
+      );
     });
-    it("should not allow sibling directories", () => {
+    it("should not allow sibling directories", async () => {
       const validator = new PathValidator(
         {
           allowedPaths: ["/external/sub"],
@@ -385,9 +391,9 @@ describe("PathValidator", () => {
         },
         mockLogger
       );
-      expect(validator.isPathWithinAllowed("/external/other/file.ts")).toBe(false);
+      expect(await validator.isPathWithinAllowed("/external/other/file.ts")).toBe(false);
     });
-    it("should not allow parent directories when child is approved", () => {
+    it("should not allow parent directories when child is approved", async () => {
       const validator = new PathValidator(
         {
           allowedPaths: ["/external/sub/deep"],
@@ -400,7 +406,7 @@ describe("PathValidator", () => {
         },
         mockLogger
       );
-      expect(validator.isPathWithinAllowed("/external/sub/file.ts")).toBe(false);
+      expect(await validator.isPathWithinAllowed("/external/sub/file.ts")).toBe(false);
     });
   });
   describe("getAllowedPaths and getBlockedPaths", () => {

package/dist/read-file-tool.cjs

@@ -50,10 +50,10 @@ function createReadFileTool(options) {
      * Check if this read operation needs directory access approval.
      * Returns custom approval request if the file is outside allowed paths.
      */
-    getApprovalOverride: (args) => {
+    getApprovalOverride: async (args) => {
       const { file_path } = args;
       if (!file_path) return null;
-      const isAllowed = fileSystemService.isPathWithinConfigAllowed(file_path);
+      const isAllowed = await fileSystemService.isPathWithinConfigAllowed(file_path);
       if (isAllowed) {
         return null;
       }

package/dist/read-file-tool.js

@@ -17,10 +17,10 @@ function createReadFileTool(options) {
      * Check if this read operation needs directory access approval.
      * Returns custom approval request if the file is outside allowed paths.
      */
-    getApprovalOverride: (args) => {
+    getApprovalOverride: async (args) => {
       const { file_path } = args;
       if (!file_path) return null;
-      const isAllowed = fileSystemService.isPathWithinConfigAllowed(file_path);
+      const isAllowed = await fileSystemService.isPathWithinConfigAllowed(file_path);
       if (isAllowed) {
         return null;
       }

package/dist/tool-provider.cjs

@@ -34,6 +34,13 @@ const DEFAULT_BLOCKED_EXTENSIONS = [".exe", ".dll", ".so"];
 const DEFAULT_MAX_FILE_SIZE = 10 * 1024 * 1024;
 const DEFAULT_ENABLE_BACKUPS = false;
 const DEFAULT_BACKUP_RETENTION_DAYS = 7;
+const FILESYSTEM_TOOL_NAMES = [
+  "read_file",
+  "write_file",
+  "edit_file",
+  "glob_files",
+  "grep_content"
+];
 const FileSystemToolsConfigSchema = import_zod.z.object({
   type: import_zod.z.literal("filesystem-tools"),
   allowedPaths: import_zod.z.array(import_zod.z.string()).default(DEFAULT_ALLOWED_PATHS).describe("List of allowed base paths for file operations"),
@@ -47,6 +54,9 @@ const FileSystemToolsConfigSchema = import_zod.z.object({
   backupPath: import_zod.z.string().optional().describe("Absolute path for storing file backups (if enableBackups is true)"),
   backupRetentionDays: import_zod.z.number().int().positive().default(DEFAULT_BACKUP_RETENTION_DAYS).describe(
     `Number of days to retain backup files (default: ${DEFAULT_BACKUP_RETENTION_DAYS})`
+  ),
+  enabledTools: import_zod.z.array(import_zod.z.enum(FILESYSTEM_TOOL_NAMES)).optional().describe(
+    `Subset of tools to enable. If not specified, all tools are enabled. Available: ${FILESYSTEM_TOOL_NAMES.join(", ")}`
   )
 }).strict();
 const fileSystemToolsProvider = {
@@ -88,13 +98,18 @@ const fileSystemToolsProvider = {
       fileSystemService,
       directoryApproval
     };
-    return [
-      (0, import_read_file_tool.createReadFileTool)(fileToolOptions),
-      (0, import_write_file_tool.createWriteFileTool)(fileToolOptions),
-      (0, import_edit_file_tool.createEditFileTool)(fileToolOptions),
-      (0, import_glob_files_tool.createGlobFilesTool)(fileSystemService),
-      (0, import_grep_content_tool.createGrepContentTool)(fileSystemService)
-    ];
+    const toolCreators = {
+      read_file: () => (0, import_read_file_tool.createReadFileTool)(fileToolOptions),
+      write_file: () => (0, import_write_file_tool.createWriteFileTool)(fileToolOptions),
+      edit_file: () => (0, import_edit_file_tool.createEditFileTool)(fileToolOptions),
+      glob_files: () => (0, import_glob_files_tool.createGlobFilesTool)(fileSystemService),
+      grep_content: () => (0, import_grep_content_tool.createGrepContentTool)(fileSystemService)
+    };
+    const toolsToCreate = config.enabledTools ?? FILESYSTEM_TOOL_NAMES;
+    if (config.enabledTools) {
+      logger.debug(`Creating subset of filesystem tools: ${toolsToCreate.join(", ")}`);
+    }
+    return toolsToCreate.map((toolName) => toolCreators[toolName]());
   },
   metadata: {
     displayName: "FileSystem Tools",

package/dist/tool-provider.d.cts

@@ -34,16 +34,18 @@ declare const FileSystemToolsConfigSchema: z.ZodObject<{
     enableBackups: z.ZodDefault<z.ZodBoolean>;
     backupPath: z.ZodOptional<z.ZodString>;
     backupRetentionDays: z.ZodDefault<z.ZodNumber>;
+    enabledTools: z.ZodOptional<z.ZodArray<z.ZodEnum<["read_file", "write_file", "edit_file", "glob_files", "grep_content"]>, "many">>;
 }, "strict", z.ZodTypeAny, {
-    type: "filesystem-tools";
     allowedPaths: string[];
     blockedExtensions: string[];
     blockedPaths: string[];
     maxFileSize: number;
     enableBackups: boolean;
     backupRetentionDays: number;
+    type: "filesystem-tools";
     backupPath?: string | undefined;
     workingDirectory?: string | undefined;
+    enabledTools?: ("edit_file" | "glob_files" | "grep_content" | "read_file" | "write_file")[] | undefined;
 }, {
     type: "filesystem-tools";
     allowedPaths?: string[] | undefined;
@@ -54,6 +56,7 @@ declare const FileSystemToolsConfigSchema: z.ZodObject<{
     enableBackups?: boolean | undefined;
     backupRetentionDays?: number | undefined;
     workingDirectory?: string | undefined;
+    enabledTools?: ("edit_file" | "glob_files" | "grep_content" | "read_file" | "write_file")[] | undefined;
 }>;
 type FileSystemToolsConfig = z.output<typeof FileSystemToolsConfigSchema>;
 /**

package/dist/tool-provider.d.ts

@@ -34,16 +34,18 @@ declare const FileSystemToolsConfigSchema: z.ZodObject<{
     enableBackups: z.ZodDefault<z.ZodBoolean>;
     backupPath: z.ZodOptional<z.ZodString>;
     backupRetentionDays: z.ZodDefault<z.ZodNumber>;
+    enabledTools: z.ZodOptional<z.ZodArray<z.ZodEnum<["read_file", "write_file", "edit_file", "glob_files", "grep_content"]>, "many">>;
 }, "strict", z.ZodTypeAny, {
-    type: "filesystem-tools";
     allowedPaths: string[];
     blockedExtensions: string[];
     blockedPaths: string[];
     maxFileSize: number;
     enableBackups: boolean;
     backupRetentionDays: number;
+    type: "filesystem-tools";
     backupPath?: string | undefined;
     workingDirectory?: string | undefined;
+    enabledTools?: ("edit_file" | "glob_files" | "grep_content" | "read_file" | "write_file")[] | undefined;
 }, {
     type: "filesystem-tools";
     allowedPaths?: string[] | undefined;
@@ -54,6 +56,7 @@ declare const FileSystemToolsConfigSchema: z.ZodObject<{
     enableBackups?: boolean | undefined;
     backupRetentionDays?: number | undefined;
     workingDirectory?: string | undefined;
+    enabledTools?: ("edit_file" | "glob_files" | "grep_content" | "read_file" | "write_file")[] | undefined;
 }>;
 type FileSystemToolsConfig = z.output<typeof FileSystemToolsConfigSchema>;
 /**

package/dist/tool-provider.js

@@ -11,6 +11,13 @@ const DEFAULT_BLOCKED_EXTENSIONS = [".exe", ".dll", ".so"];
 const DEFAULT_MAX_FILE_SIZE = 10 * 1024 * 1024;
 const DEFAULT_ENABLE_BACKUPS = false;
 const DEFAULT_BACKUP_RETENTION_DAYS = 7;
+const FILESYSTEM_TOOL_NAMES = [
+  "read_file",
+  "write_file",
+  "edit_file",
+  "glob_files",
+  "grep_content"
+];
 const FileSystemToolsConfigSchema = z.object({
   type: z.literal("filesystem-tools"),
   allowedPaths: z.array(z.string()).default(DEFAULT_ALLOWED_PATHS).describe("List of allowed base paths for file operations"),
@@ -24,6 +31,9 @@ const FileSystemToolsConfigSchema = z.object({
   backupPath: z.string().optional().describe("Absolute path for storing file backups (if enableBackups is true)"),
   backupRetentionDays: z.number().int().positive().default(DEFAULT_BACKUP_RETENTION_DAYS).describe(
     `Number of days to retain backup files (default: ${DEFAULT_BACKUP_RETENTION_DAYS})`
+  ),
+  enabledTools: z.array(z.enum(FILESYSTEM_TOOL_NAMES)).optional().describe(
+    `Subset of tools to enable. If not specified, all tools are enabled. Available: ${FILESYSTEM_TOOL_NAMES.join(", ")}`
   )
 }).strict();
 const fileSystemToolsProvider = {
@@ -65,13 +75,18 @@ const fileSystemToolsProvider = {
       fileSystemService,
       directoryApproval
     };
-    return [
-      createReadFileTool(fileToolOptions),
-      createWriteFileTool(fileToolOptions),
-      createEditFileTool(fileToolOptions),
-      createGlobFilesTool(fileSystemService),
-      createGrepContentTool(fileSystemService)
-    ];
+    const toolCreators = {
+      read_file: () => createReadFileTool(fileToolOptions),
+      write_file: () => createWriteFileTool(fileToolOptions),
+      edit_file: () => createEditFileTool(fileToolOptions),
+      glob_files: () => createGlobFilesTool(fileSystemService),
+      grep_content: () => createGrepContentTool(fileSystemService)
+    };
+    const toolsToCreate = config.enabledTools ?? FILESYSTEM_TOOL_NAMES;
+    if (config.enabledTools) {
+      logger.debug(`Creating subset of filesystem tools: ${toolsToCreate.join(", ")}`);
+    }
+    return toolsToCreate.map((toolName) => toolCreators[toolName]());
   },
   metadata: {
     displayName: "FileSystem Tools",

package/dist/types.d.cts

@@ -112,6 +112,8 @@ interface WriteResult {
     path: string;
     bytesWritten: number;
     backupPath?: string | undefined;
+    /** Original content if file was overwritten (undefined for new files) */
+    originalContent?: string | undefined;
 }
 /**
  * Edit operation
@@ -138,6 +140,10 @@ interface EditResult {
     path: string;
     changesCount: number;
     backupPath?: string | undefined;
+    /** Original content before edit (for diff generation) */
+    originalContent: string;
+    /** New content after edit (for diff generation) */
+    newContent: string;
 }
 /**
  * Path validation result

package/dist/types.d.ts

@@ -112,6 +112,8 @@ interface WriteResult {
     path: string;
     bytesWritten: number;
     backupPath?: string | undefined;
+    /** Original content if file was overwritten (undefined for new files) */
+    originalContent?: string | undefined;
 }
 /**
  * Edit operation
@@ -138,6 +140,10 @@ interface EditResult {
     path: string;
     changesCount: number;
     backupPath?: string | undefined;
+    /** Original content before edit (for diff generation) */
+    originalContent: string;
+    /** New content after edit (for diff generation) */
+    newContent: string;
 }
 /**
  * Path validation result

package/dist/write-file-tool.cjs

@@ -32,10 +32,16 @@ __export(write_file_tool_exports, {
 });
 module.exports = __toCommonJS(write_file_tool_exports);
 var path = __toESM(require("node:path"), 1);
+var import_node_crypto = require("node:crypto");
 var import_zod = require("zod");
 var import_diff = require("diff");
 var import_core = require("@dexto/core");
 var import_error_codes = require("./error-codes.js");
+const previewContentHashCache = /* @__PURE__ */ new Map();
+const FILE_NOT_EXISTS_MARKER = null;
+function computeContentHash(content) {
+  return (0, import_node_crypto.createHash)("sha256").update(content, "utf8").digest("hex");
+}
 const WriteFileInputSchema = import_zod.z.object({
   file_path: import_zod.z.string().describe("Absolute path where the file should be written"),
   content: import_zod.z.string().describe("Content to write to the file"),
@@ -67,10 +73,10 @@ function createWriteFileTool(options) {
      * Check if this write operation needs directory access approval.
      * Returns custom approval request if the file is outside allowed paths.
      */
-    getApprovalOverride: (args) => {
+    getApprovalOverride: async (args) => {
       const { file_path } = args;
       if (!file_path) return null;
-      const isAllowed = fileSystemService.isPathWithinConfigAllowed(file_path);
+      const isAllowed = await fileSystemService.isPathWithinConfigAllowed(file_path);
       if (isAllowed) {
         return null;
       }
@@ -105,15 +111,25 @@ function createWriteFileTool(options) {
     },
     /**
      * Generate preview for approval UI - shows diff or file creation info
+     * Stores content hash for change detection in execute phase.
      */
-    generatePreview: async (input, _context) => {
+    generatePreview: async (input, context) => {
       const { file_path, content } = input;
       try {
         const originalFile = await fileSystemService.readFile(file_path);
         const originalContent = originalFile.content;
+        if (context?.toolCallId) {
+          previewContentHashCache.set(
+            context.toolCallId,
+            computeContentHash(originalContent)
+          );
+        }
         return generateDiffPreview(file_path, originalContent, content);
       } catch (error) {
         if (error instanceof import_core.DextoRuntimeError && error.code === import_error_codes.FileSystemErrorCode.FILE_NOT_FOUND) {
+          if (context?.toolCallId) {
+            previewContentHashCache.set(context.toolCallId, FILE_NOT_EXISTS_MARKER);
+          }
           const lineCount = content.split("\n").length;
           const preview = {
             type: "file",
@@ -129,24 +145,42 @@ function createWriteFileTool(options) {
         throw error;
       }
     },
-    execute: async (input, _context) => {
+    execute: async (input, context) => {
       const { file_path, content, create_dirs, encoding } = input;
       let originalContent = null;
+      let fileExistsNow = false;
       try {
         const originalFile = await fileSystemService.readFile(file_path);
         originalContent = originalFile.content;
+        fileExistsNow = true;
       } catch (error) {
         if (error instanceof import_core.DextoRuntimeError && error.code === import_error_codes.FileSystemErrorCode.FILE_NOT_FOUND) {
           originalContent = null;
+          fileExistsNow = false;
         } else {
           throw error;
         }
       }
+      if (context?.toolCallId && previewContentHashCache.has(context.toolCallId)) {
+        const expectedHash = previewContentHashCache.get(context.toolCallId);
+        previewContentHashCache.delete(context.toolCallId);
+        if (expectedHash === FILE_NOT_EXISTS_MARKER) {
+          if (fileExistsNow) {
+            throw import_core.ToolError.fileModifiedSincePreview("write_file", file_path);
+          }
+        } else if (expectedHash !== null) {
+          if (!fileExistsNow) {
+            throw import_core.ToolError.fileModifiedSincePreview("write_file", file_path);
+          }
+          const currentHash = computeContentHash(originalContent);
+          if (expectedHash !== currentHash) {
+            throw import_core.ToolError.fileModifiedSincePreview("write_file", file_path);
+          }
+        }
+      }
       const result = await fileSystemService.writeFile(file_path, content, {
         createDirs: create_dirs,
-        encoding,
-        backup: true
-        // Always create backup for internal tools
+        encoding
       });
       let _display;
       if (originalContent === null) {