@goobits/sherpa 1.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/chunk-3CILH2TO.js +387 -0
- package/dist/chunk-3CILH2TO.js.map +7 -0
- package/dist/chunk-5NF3BSD6.js +512 -0
- package/dist/chunk-5NF3BSD6.js.map +7 -0
- package/dist/chunk-IIU6U7TE.js +307 -0
- package/dist/chunk-IIU6U7TE.js.map +7 -0
- package/dist/chunk-LQZTKH3U.js +307 -0
- package/dist/chunk-LQZTKH3U.js.map +7 -0
- package/dist/cli.d.ts +11 -0
- package/dist/cli.d.ts.map +1 -0
- package/dist/cli.js +84 -0
- package/dist/cli.js.map +7 -0
- package/dist/commands/init.d.ts +7 -0
- package/dist/commands/init.d.ts.map +1 -0
- package/dist/commands/init.js +333 -0
- package/dist/commands/init.js.map +1 -0
- package/dist/commands/post.d.ts +20 -0
- package/dist/commands/post.d.ts.map +1 -0
- package/dist/commands/post.js +183 -0
- package/dist/commands/post.js.map +1 -0
- package/dist/commands/pre.d.ts +18 -0
- package/dist/commands/pre.d.ts.map +1 -0
- package/dist/commands/pre.js +102 -0
- package/dist/commands/pre.js.map +1 -0
- package/dist/commands/status.d.ts +5 -0
- package/dist/commands/status.d.ts.map +1 -0
- package/dist/commands/status.js +48 -0
- package/dist/commands/status.js.map +1 -0
- package/dist/daemon-V2QDZTUB.js +89 -0
- package/dist/daemon-V2QDZTUB.js.map +7 -0
- package/dist/daemon.d.ts +9 -0
- package/dist/daemon.d.ts.map +1 -0
- package/dist/daemon.js +112 -0
- package/dist/daemon.js.map +1 -0
- package/dist/index.d.ts +15 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +36 -0
- package/dist/index.js.map +7 -0
- package/dist/parser.d.ts +21 -0
- package/dist/parser.d.ts.map +1 -0
- package/dist/parser.js +152 -0
- package/dist/parser.js.map +1 -0
- package/dist/reviewer/index.js +544 -0
- package/dist/reviewer/index.js.map +7 -0
- package/dist/rules.d.ts +21 -0
- package/dist/rules.d.ts.map +1 -0
- package/dist/rules.js +165 -0
- package/dist/rules.js.map +1 -0
- package/dist/status-Q6Z4TFJZ.js +52 -0
- package/dist/status-Q6Z4TFJZ.js.map +7 -0
- package/dist/types.d.ts +69 -0
- package/dist/types.d.ts.map +1 -0
- package/dist/types.js +13 -0
- package/dist/types.js.map +1 -0
- package/package.json +52 -0
package/dist/index.js
ADDED
|
@@ -0,0 +1,36 @@
|
|
|
1
|
+
import {
|
|
2
|
+
runInit
|
|
3
|
+
} from "./chunk-IIU6U7TE.js";
|
|
4
|
+
import {
|
|
5
|
+
DEFAULT_CONFIG,
|
|
6
|
+
checkBashCommand,
|
|
7
|
+
checkCommand,
|
|
8
|
+
checkPipeline,
|
|
9
|
+
extractCommands,
|
|
10
|
+
isPathWithinAllowed,
|
|
11
|
+
matchesAllowRule,
|
|
12
|
+
matchesBlockRule,
|
|
13
|
+
normalizePath,
|
|
14
|
+
offloadOutput,
|
|
15
|
+
parseCommand,
|
|
16
|
+
runPost,
|
|
17
|
+
runPre
|
|
18
|
+
} from "./chunk-5NF3BSD6.js";
|
|
19
|
+
import "./chunk-3CILH2TO.js";
|
|
20
|
+
export {
|
|
21
|
+
DEFAULT_CONFIG,
|
|
22
|
+
checkBashCommand,
|
|
23
|
+
checkCommand,
|
|
24
|
+
checkPipeline,
|
|
25
|
+
extractCommands,
|
|
26
|
+
isPathWithinAllowed,
|
|
27
|
+
matchesAllowRule,
|
|
28
|
+
matchesBlockRule,
|
|
29
|
+
normalizePath,
|
|
30
|
+
offloadOutput,
|
|
31
|
+
parseCommand,
|
|
32
|
+
runInit,
|
|
33
|
+
runPost,
|
|
34
|
+
runPre
|
|
35
|
+
};
|
|
36
|
+
//# sourceMappingURL=index.js.map
|
package/dist/parser.d.ts
ADDED
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* AST parsing utilities for bash commands
|
|
3
|
+
*/
|
|
4
|
+
import type { ASTNode, CommandInfo, PathInfo } from './types.js';
|
|
5
|
+
/**
|
|
6
|
+
* Normalize a path to prevent traversal attacks
|
|
7
|
+
*/
|
|
8
|
+
export declare function normalizePath(inputPath: string): PathInfo;
|
|
9
|
+
/**
|
|
10
|
+
* Check if a normalized path matches an allowed pattern
|
|
11
|
+
*/
|
|
12
|
+
export declare function isPathWithinAllowed(pathInfo: PathInfo, allowedPattern: string): boolean;
|
|
13
|
+
/**
|
|
14
|
+
* Extract all commands from AST (handles pipelines, lists, etc.)
|
|
15
|
+
*/
|
|
16
|
+
export declare function extractCommands(node: ASTNode | null): CommandInfo[];
|
|
17
|
+
/**
|
|
18
|
+
* Parse a Command node into structured info
|
|
19
|
+
*/
|
|
20
|
+
export declare function parseCommand(node: ASTNode): CommandInfo | null;
|
|
21
|
+
//# sourceMappingURL=parser.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"parser.d.ts","sourceRoot":"","sources":["../src/parser.ts"],"names":[],"mappings":"AAAA;;GAEG;AAIH,OAAO,KAAK,EAAE,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAA;AAchE;;GAEG;AACH,wBAAgB,aAAa,CAAC,SAAS,EAAE,MAAM,GAAG,QAAQ,CAsCzD;AAED;;GAEG;AACH,wBAAgB,mBAAmB,CAClC,QAAQ,EAAE,QAAQ,EAClB,cAAc,EAAE,MAAM,GACpB,OAAO,CAST;AAED;;GAEG;AACH,wBAAgB,eAAe,CAAC,IAAI,EAAE,OAAO,GAAG,IAAI,GAAG,WAAW,EAAE,CAiCnE;AAED;;GAEG;AACH,wBAAgB,YAAY,CAAC,IAAI,EAAE,OAAO,GAAG,WAAW,GAAG,IAAI,CAkD9D"}
|
package/dist/parser.js
ADDED
|
@@ -0,0 +1,152 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* AST parsing utilities for bash commands
|
|
3
|
+
*/
|
|
4
|
+
import { homedir } from 'os';
|
|
5
|
+
// Cache compiled RegExp patterns
|
|
6
|
+
const regexCache = new Map();
|
|
7
|
+
function getRegex(pattern) {
|
|
8
|
+
let regex = regexCache.get(pattern);
|
|
9
|
+
if (!regex) {
|
|
10
|
+
regex = new RegExp(pattern);
|
|
11
|
+
regexCache.set(pattern, regex);
|
|
12
|
+
}
|
|
13
|
+
return regex;
|
|
14
|
+
}
|
|
15
|
+
/**
|
|
16
|
+
* Normalize a path to prevent traversal attacks
|
|
17
|
+
*/
|
|
18
|
+
export function normalizePath(inputPath) {
|
|
19
|
+
if (!inputPath) {
|
|
20
|
+
return {
|
|
21
|
+
original: inputPath,
|
|
22
|
+
normalized: inputPath,
|
|
23
|
+
hasTraversal: false,
|
|
24
|
+
isAbsolute: false
|
|
25
|
+
};
|
|
26
|
+
}
|
|
27
|
+
const original = inputPath;
|
|
28
|
+
// Handle home directory
|
|
29
|
+
let normalized = inputPath.replace(/^~/, homedir());
|
|
30
|
+
const isAbsolute = original.startsWith('/') || original.startsWith('~');
|
|
31
|
+
// Split into segments and resolve
|
|
32
|
+
const segments = normalized.split('/');
|
|
33
|
+
const resolved = [];
|
|
34
|
+
for (const seg of segments) {
|
|
35
|
+
if (seg === '..') {
|
|
36
|
+
resolved.pop();
|
|
37
|
+
}
|
|
38
|
+
else if (seg !== '.' && seg !== '') {
|
|
39
|
+
resolved.push(seg);
|
|
40
|
+
}
|
|
41
|
+
}
|
|
42
|
+
// Only prefix with / for absolute paths
|
|
43
|
+
normalized = isAbsolute ? `/${resolved.join('/')}` : resolved.join('/');
|
|
44
|
+
return {
|
|
45
|
+
original,
|
|
46
|
+
normalized,
|
|
47
|
+
hasTraversal: original.includes('..'),
|
|
48
|
+
isAbsolute
|
|
49
|
+
};
|
|
50
|
+
}
|
|
51
|
+
/**
|
|
52
|
+
* Check if a normalized path matches an allowed pattern
|
|
53
|
+
*/
|
|
54
|
+
export function isPathWithinAllowed(pathInfo, allowedPattern) {
|
|
55
|
+
const regex = getRegex(allowedPattern);
|
|
56
|
+
// If there's traversal, check the NORMALIZED path, not original
|
|
57
|
+
if (pathInfo.hasTraversal) {
|
|
58
|
+
return regex.test(pathInfo.normalized);
|
|
59
|
+
}
|
|
60
|
+
return regex.test(pathInfo.original);
|
|
61
|
+
}
|
|
62
|
+
/**
|
|
63
|
+
* Extract all commands from AST (handles pipelines, lists, etc.)
|
|
64
|
+
*/
|
|
65
|
+
export function extractCommands(node) {
|
|
66
|
+
if (!node) {
|
|
67
|
+
return [];
|
|
68
|
+
}
|
|
69
|
+
const commands = [];
|
|
70
|
+
switch (node.type) {
|
|
71
|
+
case 'Script':
|
|
72
|
+
case 'Pipeline':
|
|
73
|
+
for (const cmd of node.commands || []) {
|
|
74
|
+
commands.push(...extractCommands(cmd));
|
|
75
|
+
}
|
|
76
|
+
break;
|
|
77
|
+
case 'LogicalExpression':
|
|
78
|
+
if (node.left) {
|
|
79
|
+
commands.push(...extractCommands(node.left));
|
|
80
|
+
}
|
|
81
|
+
if (node.right) {
|
|
82
|
+
commands.push(...extractCommands(node.right));
|
|
83
|
+
}
|
|
84
|
+
break;
|
|
85
|
+
case 'Command': {
|
|
86
|
+
const parsed = parseCommand(node);
|
|
87
|
+
if (parsed) {
|
|
88
|
+
commands.push(parsed);
|
|
89
|
+
}
|
|
90
|
+
break;
|
|
91
|
+
}
|
|
92
|
+
case 'Subshell':
|
|
93
|
+
case 'CompoundList':
|
|
94
|
+
for (const cmd of node.list || []) {
|
|
95
|
+
commands.push(...extractCommands(cmd));
|
|
96
|
+
}
|
|
97
|
+
break;
|
|
98
|
+
}
|
|
99
|
+
return commands;
|
|
100
|
+
}
|
|
101
|
+
/**
|
|
102
|
+
* Parse a Command node into structured info
|
|
103
|
+
*/
|
|
104
|
+
export function parseCommand(node) {
|
|
105
|
+
if (!node.name?.text) {
|
|
106
|
+
return null;
|
|
107
|
+
}
|
|
108
|
+
const cmdName = node.name.text;
|
|
109
|
+
const info = {
|
|
110
|
+
cmd: cmdName,
|
|
111
|
+
args: [],
|
|
112
|
+
flags: [],
|
|
113
|
+
paths: [],
|
|
114
|
+
raw: []
|
|
115
|
+
};
|
|
116
|
+
// Parse suffix (arguments and flags)
|
|
117
|
+
for (const part of node.suffix || []) {
|
|
118
|
+
const text = part.text;
|
|
119
|
+
if (!text) {
|
|
120
|
+
continue;
|
|
121
|
+
}
|
|
122
|
+
info.raw.push(text);
|
|
123
|
+
if (text.startsWith('--')) {
|
|
124
|
+
// Long flag: --force, --recursive
|
|
125
|
+
const flag = text.slice(2).split('=')[0];
|
|
126
|
+
info.flags.push(flag);
|
|
127
|
+
}
|
|
128
|
+
else if (text.startsWith('-') &&
|
|
129
|
+
text.length > 1 &&
|
|
130
|
+
!/^-\d+\.?\d*$/.test(text)) {
|
|
131
|
+
// Short flags: -rf, -f, -r (but not negative numbers like -1)
|
|
132
|
+
const flags = text.slice(1);
|
|
133
|
+
for (const f of flags) {
|
|
134
|
+
info.flags.push(f);
|
|
135
|
+
}
|
|
136
|
+
}
|
|
137
|
+
else {
|
|
138
|
+
// Regular argument (could be path)
|
|
139
|
+
info.args.push(text);
|
|
140
|
+
if (/^[/~$.]/.test(text)) {
|
|
141
|
+
info.paths.push(text);
|
|
142
|
+
}
|
|
143
|
+
}
|
|
144
|
+
}
|
|
145
|
+
// Handle git subcommands
|
|
146
|
+
if (cmdName === 'git' && info.args.length > 0) {
|
|
147
|
+
info.subcommand = info.args[0];
|
|
148
|
+
info.subArgs = info.args.slice(1);
|
|
149
|
+
}
|
|
150
|
+
return info;
|
|
151
|
+
}
|
|
152
|
+
//# sourceMappingURL=parser.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"parser.js","sourceRoot":"","sources":["../src/parser.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,IAAI,CAAA;AAI5B,iCAAiC;AACjC,MAAM,UAAU,GAAG,IAAI,GAAG,EAAkB,CAAA;AAE5C,SAAS,QAAQ,CAAC,OAAe;IAChC,IAAI,KAAK,GAAG,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,CAAA;IACnC,IAAI,CAAC,KAAK,EAAE,CAAC;QACZ,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,CAAC,CAAA;QAC3B,UAAU,CAAC,GAAG,CAAC,OAAO,EAAE,KAAK,CAAC,CAAA;IAC/B,CAAC;IACD,OAAO,KAAK,CAAA;AACb,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,aAAa,CAAC,SAAiB;IAC9C,IAAI,CAAC,SAAS,EAAE,CAAC;QAChB,OAAO;YACN,QAAQ,EAAE,SAAS;YACnB,UAAU,EAAE,SAAS;YACrB,YAAY,EAAE,KAAK;YACnB,UAAU,EAAE,KAAK;SACjB,CAAA;IACF,CAAC;IAED,MAAM,QAAQ,GAAG,SAAS,CAAA;IAE1B,wBAAwB;IACxB,IAAI,UAAU,GAAG,SAAS,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,EAAE,CAAC,CAAA;IAEnD,MAAM,UAAU,GAAG,QAAQ,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,QAAQ,CAAC,UAAU,CAAC,GAAG,CAAC,CAAA;IAEvE,kCAAkC;IAClC,MAAM,QAAQ,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IACtC,MAAM,QAAQ,GAAa,EAAE,CAAA;IAE7B,KAAK,MAAM,GAAG,IAAI,QAAQ,EAAE,CAAC;QAC5B,IAAI,GAAG,KAAK,IAAI,EAAE,CAAC;YAClB,QAAQ,CAAC,GAAG,EAAE,CAAA;QACf,CAAC;aAAM,IAAI,GAAG,KAAK,GAAG,IAAI,GAAG,KAAK,EAAE,EAAE,CAAC;YACtC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;QACnB,CAAC;IACF,CAAC;IAED,wCAAwC;IACxC,UAAU,GAAG,UAAU,CAAC,CAAC,CAAC,IAAK,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;IAEzE,OAAO;QACN,QAAQ;QACR,UAAU;QACV,YAAY,EAAE,QAAQ,CAAC,QAAQ,CAAC,IAAI,CAAC;QACrC,UAAU;KACV,CAAA;AACF,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,mBAAmB,CAClC,QAAkB,EAClB,cAAsB;IAEtB,MAAM,KAAK,GAAG,QAAQ,CAAC,cAAc,CAAC,CAAA;IAEtC,gEAAgE;IAChE,IAAI,QAAQ,CAAC,YAAY,EAAE,CAAC;QAC3B,OAAO,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAA;IACvC,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;AACrC,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,eAAe,CAAC,IAAoB;IACnD,IAAI,CAAC,IAAI,EAAE,CAAC;QAAA,OAAO,EAAE,CAAA;IAAA,CAAC;IAEtB,MAAM,QAAQ,GAAkB,EAAE,CAAA;IAElC,QAAQ,IAAI,CAAC,IAAI,EAAE,CAAC;QACnB,KAAK,QAAQ,CAAC;QACd,KAAK,UAAU;YACd,KAAK,MAAM,GAAG,IAAI,IAAI,CAAC,QAAQ,IAAI,EAAE,EAAE,CAAC;gBACvC,QAAQ,CAAC,IAAI,CAAC,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC,CAAA;YACvC,CAAC;YACD,MAAK;QAEN,KAAK,mBAAmB;YACvB,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;gBAAA,QAAQ,CAAC,IAAI,CAAC,GAAG,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAA;YAAA,CAAC;YAC7D,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;gBAAA,QAAQ,CAAC,IAAI,CAAC,GAAG,eAAe,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAA;YAAA,CAAC;YAC/D,MAAK;QAEN,KAAK,SAAS,CAAC,CAAC,CAAC;YAChB,MAAM,MAAM,GAAG,YAAY,CAAC,IAAI,CAAC,CAAA;YACjC,IAAI,MAAM,EAAE,CAAC;gBAAA,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,CAAA;YAAA,CAAC;YACnC,MAAK;QACN,CAAC;QAED,KAAK,UAAU,CAAC;QAChB,KAAK,cAAc;YAClB,KAAK,MAAM,GAAG,IAAI,IAAI,CAAC,IAAI,IAAI,EAAE,EAAE,CAAC;gBACnC,QAAQ,CAAC,IAAI,CAAC,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC,CAAA;YACvC,CAAC;YACD,MAAK;IACP,CAAC;IAED,OAAO,QAAQ,CAAA;AAChB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,YAAY,CAAC,IAAa;IACzC,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC;QAAA,OAAO,IAAI,CAAA;IAAA,CAAC;IAEnC,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAA;IAE9B,MAAM,IAAI,GAAgB;QACzB,GAAG,EAAE,OAAO;QACZ,IAAI,EAAE,EAAE;QACR,KAAK,EAAE,EAAE;QACT,KAAK,EAAE,EAAE;QACT,GAAG,EAAE,EAAE;KACP,CAAA;IAED,qCAAqC;IACrC,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,MAAM,IAAI,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAA;QACtB,IAAI,CAAC,IAAI,EAAE,CAAC;YAAA,SAAQ;QAAA,CAAC;QAErB,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QAEnB,IAAI,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;YAC3B,kCAAkC;YAClC,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAA;YACxC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QACtB,CAAC;aAAM,IACN,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC;YACpB,IAAI,CAAC,MAAM,GAAG,CAAC;YACf,CAAC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,EACzB,CAAC;YACF,8DAA8D;YAC9D,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;YAC3B,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;gBACvB,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;YACnB,CAAC;QACF,CAAC;aAAM,CAAC;YACP,mCAAmC;YACnC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;YACpB,IAAI,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC1B,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;YACtB,CAAC;QACF,CAAC;IACF,CAAC;IAED,yBAAyB;IACzB,IAAI,OAAO,KAAK,KAAK,IAAI,IAAI,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC/C,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;QAC9B,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;IAClC,CAAC;IAED,OAAO,IAAI,CAAA;AACZ,CAAC"}
|