@google/gemini-cli 0.12.0-nightly.20251027.cb0947c5 → 0.12.0-preview.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +7 -5
- package/dist/package.json +2 -2
- package/dist/src/commands/extensions/disable.d.ts +1 -1
- package/dist/src/commands/extensions/disable.js +5 -4
- package/dist/src/commands/extensions/disable.js.map +1 -1
- package/dist/src/commands/extensions/enable.d.ts +1 -1
- package/dist/src/commands/extensions/enable.js +3 -2
- package/dist/src/commands/extensions/enable.js.map +1 -1
- package/dist/src/commands/extensions/install.js +2 -1
- package/dist/src/commands/extensions/install.js.map +1 -1
- package/dist/src/commands/extensions/install.test.js +1 -0
- package/dist/src/commands/extensions/install.test.js.map +1 -1
- package/dist/src/commands/extensions/link.js +2 -1
- package/dist/src/commands/extensions/link.js.map +1 -1
- package/dist/src/commands/extensions/list.js +2 -2
- package/dist/src/commands/extensions/list.js.map +1 -1
- package/dist/src/commands/extensions/uninstall.js +2 -1
- package/dist/src/commands/extensions/uninstall.js.map +1 -1
- package/dist/src/commands/extensions/update.js +2 -2
- package/dist/src/commands/extensions/update.js.map +1 -1
- package/dist/src/commands/mcp/list.js +2 -2
- package/dist/src/commands/mcp/list.js.map +1 -1
- package/dist/src/config/config.d.ts +5 -3
- package/dist/src/config/config.js +42 -9
- package/dist/src/config/config.js.map +1 -1
- package/dist/src/config/config.test.js +186 -161
- package/dist/src/config/config.test.js.map +1 -1
- package/dist/src/config/extension-manager.d.ts +23 -10
- package/dist/src/config/extension-manager.js +89 -62
- package/dist/src/config/extension-manager.js.map +1 -1
- package/dist/src/config/extension.test.js +158 -74
- package/dist/src/config/extension.test.js.map +1 -1
- package/dist/src/config/extensions/extensionSettings.d.ts +3 -3
- package/dist/src/config/extensions/extensionSettings.js +74 -24
- package/dist/src/config/extensions/extensionSettings.js.map +1 -1
- package/dist/src/config/extensions/extensionSettings.test.js +145 -24
- package/dist/src/config/extensions/extensionSettings.test.js.map +1 -1
- package/dist/src/config/extensions/github.js +3 -3
- package/dist/src/config/extensions/github.js.map +1 -1
- package/dist/src/config/extensions/github.test.js +1 -1
- package/dist/src/config/extensions/github.test.js.map +1 -1
- package/dist/src/config/extensions/update.js +7 -6
- package/dist/src/config/extensions/update.js.map +1 -1
- package/dist/src/config/extensions/update.test.js +54 -31
- package/dist/src/config/extensions/update.test.js.map +1 -1
- package/dist/src/config/keyBindings.js +1 -1
- package/dist/src/config/keyBindings.js.map +1 -1
- package/dist/src/config/policies/read-only.toml +56 -0
- package/dist/src/config/policies/write.toml +63 -0
- package/dist/src/config/policies/yolo.toml +31 -0
- package/dist/src/config/policy-engine.integration.test.js +41 -38
- package/dist/src/config/policy-engine.integration.test.js.map +1 -1
- package/dist/src/config/policy-toml-loader.d.ts +46 -0
- package/dist/src/config/policy-toml-loader.js +314 -0
- package/dist/src/config/policy-toml-loader.js.map +1 -0
- package/dist/src/config/policy-toml-loader.test.d.ts +6 -0
- package/dist/src/config/policy-toml-loader.test.js +626 -0
- package/dist/src/config/policy-toml-loader.test.js.map +1 -0
- package/dist/src/config/policy.d.ts +9 -2
- package/dist/src/config/policy.js +139 -110
- package/dist/src/config/policy.js.map +1 -1
- package/dist/src/config/policy.test.js +780 -82
- package/dist/src/config/policy.test.js.map +1 -1
- package/dist/src/config/settings.test.js +4 -4
- package/dist/src/config/settings.test.js.map +1 -1
- package/dist/src/gemini.js +6 -17
- package/dist/src/gemini.js.map +1 -1
- package/dist/src/gemini.test.js +1 -0
- package/dist/src/gemini.test.js.map +1 -1
- package/dist/src/generated/git-commit.d.ts +2 -2
- package/dist/src/generated/git-commit.js +2 -2
- package/dist/src/generated/git-commit.js.map +1 -1
- package/dist/src/test-utils/render.d.ts +12 -0
- package/dist/src/test-utils/render.js +28 -1
- package/dist/src/test-utils/render.js.map +1 -1
- package/dist/src/test-utils/render.test.d.ts +6 -0
- package/dist/src/test-utils/render.test.js +54 -0
- package/dist/src/test-utils/render.test.js.map +1 -0
- package/dist/src/ui/AppContainer.js +28 -22
- package/dist/src/ui/AppContainer.js.map +1 -1
- package/dist/src/ui/AppContainer.test.js +8 -0
- package/dist/src/ui/AppContainer.test.js.map +1 -1
- package/dist/src/ui/commands/directoryCommand.js +1 -1
- package/dist/src/ui/commands/directoryCommand.js.map +1 -1
- package/dist/src/ui/commands/extensionsCommand.js +45 -1
- package/dist/src/ui/commands/extensionsCommand.js.map +1 -1
- package/dist/src/ui/commands/extensionsCommand.test.js +64 -1
- package/dist/src/ui/commands/extensionsCommand.test.js.map +1 -1
- package/dist/src/ui/commands/memoryCommand.js +1 -1
- package/dist/src/ui/commands/memoryCommand.js.map +1 -1
- package/dist/src/ui/commands/memoryCommand.test.js +3 -1
- package/dist/src/ui/commands/memoryCommand.test.js.map +1 -1
- package/dist/src/ui/components/ConsoleSummaryDisplay.js +1 -1
- package/dist/src/ui/components/ConsoleSummaryDisplay.js.map +1 -1
- package/dist/src/ui/components/DetailedMessagesDisplay.js +1 -1
- package/dist/src/ui/components/DetailedMessagesDisplay.js.map +1 -1
- package/dist/src/ui/components/FolderTrustDialog.test.js +4 -5
- package/dist/src/ui/components/FolderTrustDialog.test.js.map +1 -1
- package/dist/src/ui/components/Footer.js +1 -1
- package/dist/src/ui/components/Footer.js.map +1 -1
- package/dist/src/ui/components/Footer.test.js +24 -0
- package/dist/src/ui/components/Footer.test.js.map +1 -1
- package/dist/src/ui/components/Help.test.js +0 -1
- package/dist/src/ui/components/Help.test.js.map +1 -1
- package/dist/src/ui/components/ModelDialog.test.js +5 -6
- package/dist/src/ui/components/ModelDialog.test.js.map +1 -1
- package/dist/src/ui/components/PermissionsModifyTrustDialog.test.js +11 -13
- package/dist/src/ui/components/PermissionsModifyTrustDialog.test.js.map +1 -1
- package/dist/src/ui/components/SettingsDialog.test.js +12 -14
- package/dist/src/ui/components/SettingsDialog.test.js.map +1 -1
- package/dist/src/ui/components/shared/BaseSelectionList.test.js +11 -13
- package/dist/src/ui/components/shared/BaseSelectionList.test.js.map +1 -1
- package/dist/src/ui/components/shared/text-buffer.test.js +2 -2
- package/dist/src/ui/components/shared/text-buffer.test.js.map +1 -1
- package/dist/src/ui/contexts/KeypressContext.test.js +6 -5
- package/dist/src/ui/contexts/KeypressContext.test.js.map +1 -1
- package/dist/src/ui/contexts/SessionContext.test.js +27 -14
- package/dist/src/ui/contexts/SessionContext.test.js.map +1 -1
- package/dist/src/ui/hooks/atCommandProcessor.js +2 -2
- package/dist/src/ui/hooks/atCommandProcessor.js.map +1 -1
- package/dist/src/ui/hooks/useAtCompletion.test.js +32 -23
- package/dist/src/ui/hooks/useAtCompletion.test.js.map +1 -1
- package/dist/src/ui/hooks/useAutoAcceptIndicator.test.js +2 -2
- package/dist/src/ui/hooks/useAutoAcceptIndicator.test.js.map +1 -1
- package/dist/src/ui/hooks/useExtensionUpdates.d.ts +1 -2
- package/dist/src/ui/hooks/useExtensionUpdates.js +2 -1
- package/dist/src/ui/hooks/useExtensionUpdates.js.map +1 -1
- package/dist/src/ui/hooks/useExtensionUpdates.test.js +14 -20
- package/dist/src/ui/hooks/useExtensionUpdates.test.js.map +1 -1
- package/dist/src/ui/hooks/useFlickerDetector.test.js +9 -6
- package/dist/src/ui/hooks/useFlickerDetector.test.js.map +1 -1
- package/dist/src/ui/hooks/useFolderTrust.test.js +45 -23
- package/dist/src/ui/hooks/useFolderTrust.test.js.map +1 -1
- package/dist/src/ui/hooks/useGeminiStream.js +7 -5
- package/dist/src/ui/hooks/useGeminiStream.js.map +1 -1
- package/dist/src/ui/hooks/useGeminiStream.test.js +42 -41
- package/dist/src/ui/hooks/useGeminiStream.test.js.map +1 -1
- package/dist/src/ui/hooks/useHistoryManager.test.js +2 -2
- package/dist/src/ui/hooks/useHistoryManager.test.js.map +1 -1
- package/dist/src/ui/hooks/useInputHistory.test.js +2 -2
- package/dist/src/ui/hooks/useInputHistory.test.js.map +1 -1
- package/dist/src/ui/hooks/useInputHistoryStore.test.js +2 -2
- package/dist/src/ui/hooks/useInputHistoryStore.test.js.map +1 -1
- package/dist/src/ui/hooks/usePermissionsModifyTrust.test.js +2 -3
- package/dist/src/ui/hooks/usePermissionsModifyTrust.test.js.map +1 -1
- package/dist/src/ui/hooks/usePhraseCycler.js +1 -1
- package/dist/src/ui/hooks/usePhraseCycler.js.map +1 -1
- package/dist/src/ui/hooks/usePhraseCycler.test.js +83 -111
- package/dist/src/ui/hooks/usePhraseCycler.test.js.map +1 -1
- package/dist/src/ui/hooks/useQuotaAndFallback.test.js +2 -2
- package/dist/src/ui/hooks/useQuotaAndFallback.test.js.map +1 -1
- package/dist/src/ui/hooks/useReactToolScheduler.test.js +1 -2
- package/dist/src/ui/hooks/useReactToolScheduler.test.js.map +1 -1
- package/dist/src/ui/hooks/useReverseSearchCompletion.test.js +2 -2
- package/dist/src/ui/hooks/useReverseSearchCompletion.test.js.map +1 -1
- package/dist/src/ui/hooks/useShellHistory.test.js +40 -17
- package/dist/src/ui/hooks/useShellHistory.test.js.map +1 -1
- package/dist/src/ui/hooks/useSlashCompletion.test.js +54 -49
- package/dist/src/ui/hooks/useSlashCompletion.test.js.map +1 -1
- package/dist/src/ui/hooks/useToolScheduler.test.js +48 -42
- package/dist/src/ui/hooks/useToolScheduler.test.js.map +1 -1
- package/dist/src/ui/keyMatchers.test.js +3 -3
- package/dist/src/ui/keyMatchers.test.js.map +1 -1
- package/dist/src/zed-integration/zedIntegration.d.ts +2 -2
- package/dist/src/zed-integration/zedIntegration.js +4 -6
- package/dist/src/zed-integration/zedIntegration.js.map +1 -1
- package/dist/tsconfig.tsbuildinfo +1 -1
- package/package.json +3 -3
|
@@ -0,0 +1,314 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @license
|
|
3
|
+
* Copyright 2025 Google LLC
|
|
4
|
+
* SPDX-License-Identifier: Apache-2.0
|
|
5
|
+
*/
|
|
6
|
+
import { PolicyDecision, } from '@google/gemini-cli-core';
|
|
7
|
+
import fs from 'node:fs/promises';
|
|
8
|
+
import path from 'node:path';
|
|
9
|
+
import toml from '@iarna/toml';
|
|
10
|
+
import { z } from 'zod';
|
|
11
|
+
/**
|
|
12
|
+
* Schema for a single policy rule in the TOML file (before transformation).
|
|
13
|
+
*/
|
|
14
|
+
const PolicyRuleSchema = z.object({
|
|
15
|
+
toolName: z.union([z.string(), z.array(z.string())]).optional(),
|
|
16
|
+
mcpName: z.string().optional(),
|
|
17
|
+
argsPattern: z.string().optional(),
|
|
18
|
+
commandPrefix: z.union([z.string(), z.array(z.string())]).optional(),
|
|
19
|
+
commandRegex: z.string().optional(),
|
|
20
|
+
decision: z.nativeEnum(PolicyDecision),
|
|
21
|
+
// Priority must be in range [0, 999] to prevent tier overflow.
|
|
22
|
+
// With tier transformation (tier + priority/1000), this ensures:
|
|
23
|
+
// - Tier 1 (default): range [1.000, 1.999]
|
|
24
|
+
// - Tier 2 (user): range [2.000, 2.999]
|
|
25
|
+
// - Tier 3 (admin): range [3.000, 3.999]
|
|
26
|
+
priority: z
|
|
27
|
+
.number({
|
|
28
|
+
required_error: 'priority is required',
|
|
29
|
+
invalid_type_error: 'priority must be a number',
|
|
30
|
+
})
|
|
31
|
+
.int({ message: 'priority must be an integer' })
|
|
32
|
+
.min(0, { message: 'priority must be >= 0' })
|
|
33
|
+
.max(999, {
|
|
34
|
+
message: 'priority must be <= 999 to prevent tier overflow. Priorities >= 1000 would jump to the next tier.',
|
|
35
|
+
}),
|
|
36
|
+
modes: z.array(z.string()).optional(),
|
|
37
|
+
});
|
|
38
|
+
/**
|
|
39
|
+
* Schema for the entire policy TOML file.
|
|
40
|
+
*/
|
|
41
|
+
const PolicyFileSchema = z.object({
|
|
42
|
+
rule: z.array(PolicyRuleSchema),
|
|
43
|
+
});
|
|
44
|
+
/**
|
|
45
|
+
* Escapes special regex characters in a string for use in a regex pattern.
|
|
46
|
+
* This is used for commandPrefix to ensure literal string matching.
|
|
47
|
+
*
|
|
48
|
+
* @param str The string to escape
|
|
49
|
+
* @returns The escaped string safe for use in a regex
|
|
50
|
+
*/
|
|
51
|
+
function escapeRegex(str) {
|
|
52
|
+
return str.replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
|
|
53
|
+
}
|
|
54
|
+
/**
|
|
55
|
+
* Converts a tier number to a human-readable tier name.
|
|
56
|
+
*/
|
|
57
|
+
function getTierName(tier) {
|
|
58
|
+
if (tier === 1)
|
|
59
|
+
return 'default';
|
|
60
|
+
if (tier === 2)
|
|
61
|
+
return 'user';
|
|
62
|
+
if (tier === 3)
|
|
63
|
+
return 'admin';
|
|
64
|
+
return 'default';
|
|
65
|
+
}
|
|
66
|
+
/**
|
|
67
|
+
* Formats a Zod validation error into a readable error message.
|
|
68
|
+
*/
|
|
69
|
+
function formatSchemaError(error, ruleIndex) {
|
|
70
|
+
const issues = error.issues
|
|
71
|
+
.map((issue) => {
|
|
72
|
+
const path = issue.path.join('.');
|
|
73
|
+
return ` - Field "${path}": ${issue.message}`;
|
|
74
|
+
})
|
|
75
|
+
.join('\n');
|
|
76
|
+
return `Invalid policy rule (rule #${ruleIndex + 1}):\n${issues}`;
|
|
77
|
+
}
|
|
78
|
+
/**
|
|
79
|
+
* Validates shell command convenience syntax rules.
|
|
80
|
+
* Returns an error message if invalid, or null if valid.
|
|
81
|
+
*/
|
|
82
|
+
function validateShellCommandSyntax(rule, ruleIndex) {
|
|
83
|
+
const hasCommandPrefix = rule.commandPrefix !== undefined;
|
|
84
|
+
const hasCommandRegex = rule.commandRegex !== undefined;
|
|
85
|
+
const hasArgsPattern = rule.argsPattern !== undefined;
|
|
86
|
+
if (hasCommandPrefix || hasCommandRegex) {
|
|
87
|
+
// Must have exactly toolName = "run_shell_command"
|
|
88
|
+
if (rule.toolName !== 'run_shell_command' || Array.isArray(rule.toolName)) {
|
|
89
|
+
return (`Rule #${ruleIndex + 1}: commandPrefix and commandRegex can only be used with toolName = "run_shell_command"\n` +
|
|
90
|
+
` Found: toolName = ${JSON.stringify(rule.toolName)}\n` +
|
|
91
|
+
` Fix: Set toolName = "run_shell_command" (not an array)`);
|
|
92
|
+
}
|
|
93
|
+
// Can't combine with argsPattern
|
|
94
|
+
if (hasArgsPattern) {
|
|
95
|
+
return (`Rule #${ruleIndex + 1}: cannot use both commandPrefix/commandRegex and argsPattern\n` +
|
|
96
|
+
` These fields are mutually exclusive\n` +
|
|
97
|
+
` Fix: Use either commandPrefix/commandRegex OR argsPattern, not both`);
|
|
98
|
+
}
|
|
99
|
+
// Can't use both commandPrefix and commandRegex
|
|
100
|
+
if (hasCommandPrefix && hasCommandRegex) {
|
|
101
|
+
return (`Rule #${ruleIndex + 1}: cannot use both commandPrefix and commandRegex\n` +
|
|
102
|
+
` These fields are mutually exclusive\n` +
|
|
103
|
+
` Fix: Use either commandPrefix OR commandRegex, not both`);
|
|
104
|
+
}
|
|
105
|
+
}
|
|
106
|
+
return null;
|
|
107
|
+
}
|
|
108
|
+
/**
|
|
109
|
+
* Transforms a priority number based on the policy tier.
|
|
110
|
+
* Formula: tier + priority/1000
|
|
111
|
+
*
|
|
112
|
+
* @param priority The priority value from the TOML file
|
|
113
|
+
* @param tier The tier (1=default, 2=user, 3=admin)
|
|
114
|
+
* @returns The transformed priority
|
|
115
|
+
*/
|
|
116
|
+
function transformPriority(priority, tier) {
|
|
117
|
+
return tier + priority / 1000;
|
|
118
|
+
}
|
|
119
|
+
/**
|
|
120
|
+
* Loads and parses policies from TOML files in the specified directories.
|
|
121
|
+
*
|
|
122
|
+
* This function:
|
|
123
|
+
* 1. Scans directories for .toml files
|
|
124
|
+
* 2. Parses and validates each file
|
|
125
|
+
* 3. Transforms rules (commandPrefix, arrays, mcpName, priorities)
|
|
126
|
+
* 4. Filters rules by approval mode
|
|
127
|
+
* 5. Collects detailed error information for any failures
|
|
128
|
+
*
|
|
129
|
+
* @param approvalMode The current approval mode (for filtering rules by mode)
|
|
130
|
+
* @param policyDirs Array of directory paths to scan for policy files
|
|
131
|
+
* @param getPolicyTier Function to determine tier (1-3) for a directory
|
|
132
|
+
* @returns Object containing successfully parsed rules and any errors encountered
|
|
133
|
+
*/
|
|
134
|
+
export async function loadPoliciesFromToml(approvalMode, policyDirs, getPolicyTier) {
|
|
135
|
+
const rules = [];
|
|
136
|
+
const errors = [];
|
|
137
|
+
for (const dir of policyDirs) {
|
|
138
|
+
const tier = getPolicyTier(dir);
|
|
139
|
+
const tierName = getTierName(tier);
|
|
140
|
+
// Scan directory for all .toml files
|
|
141
|
+
let filesToLoad;
|
|
142
|
+
try {
|
|
143
|
+
const dirEntries = await fs.readdir(dir, { withFileTypes: true });
|
|
144
|
+
filesToLoad = dirEntries
|
|
145
|
+
.filter((entry) => entry.isFile() && entry.name.endsWith('.toml'))
|
|
146
|
+
.map((entry) => entry.name);
|
|
147
|
+
}
|
|
148
|
+
catch (e) {
|
|
149
|
+
const error = e;
|
|
150
|
+
if (error.code === 'ENOENT') {
|
|
151
|
+
// Directory doesn't exist, skip it (not an error)
|
|
152
|
+
continue;
|
|
153
|
+
}
|
|
154
|
+
errors.push({
|
|
155
|
+
filePath: dir,
|
|
156
|
+
fileName: path.basename(dir),
|
|
157
|
+
tier: tierName,
|
|
158
|
+
errorType: 'file_read',
|
|
159
|
+
message: `Failed to read policy directory`,
|
|
160
|
+
details: error.message,
|
|
161
|
+
});
|
|
162
|
+
continue;
|
|
163
|
+
}
|
|
164
|
+
for (const file of filesToLoad) {
|
|
165
|
+
const filePath = path.join(dir, file);
|
|
166
|
+
try {
|
|
167
|
+
// Read file
|
|
168
|
+
const fileContent = await fs.readFile(filePath, 'utf-8');
|
|
169
|
+
// Parse TOML
|
|
170
|
+
let parsed;
|
|
171
|
+
try {
|
|
172
|
+
parsed = toml.parse(fileContent);
|
|
173
|
+
}
|
|
174
|
+
catch (e) {
|
|
175
|
+
const error = e;
|
|
176
|
+
errors.push({
|
|
177
|
+
filePath,
|
|
178
|
+
fileName: file,
|
|
179
|
+
tier: tierName,
|
|
180
|
+
errorType: 'toml_parse',
|
|
181
|
+
message: 'TOML parsing failed',
|
|
182
|
+
details: error.message,
|
|
183
|
+
suggestion: 'Check for syntax errors like missing quotes, brackets, or commas',
|
|
184
|
+
});
|
|
185
|
+
continue;
|
|
186
|
+
}
|
|
187
|
+
// Validate schema
|
|
188
|
+
const validationResult = PolicyFileSchema.safeParse(parsed);
|
|
189
|
+
if (!validationResult.success) {
|
|
190
|
+
errors.push({
|
|
191
|
+
filePath,
|
|
192
|
+
fileName: file,
|
|
193
|
+
tier: tierName,
|
|
194
|
+
errorType: 'schema_validation',
|
|
195
|
+
message: 'Schema validation failed',
|
|
196
|
+
details: formatSchemaError(validationResult.error, 0),
|
|
197
|
+
suggestion: 'Ensure all required fields (decision, priority) are present with correct types',
|
|
198
|
+
});
|
|
199
|
+
continue;
|
|
200
|
+
}
|
|
201
|
+
// Validate shell command convenience syntax
|
|
202
|
+
for (let i = 0; i < validationResult.data.rule.length; i++) {
|
|
203
|
+
const rule = validationResult.data.rule[i];
|
|
204
|
+
const validationError = validateShellCommandSyntax(rule, i);
|
|
205
|
+
if (validationError) {
|
|
206
|
+
errors.push({
|
|
207
|
+
filePath,
|
|
208
|
+
fileName: file,
|
|
209
|
+
tier: tierName,
|
|
210
|
+
ruleIndex: i,
|
|
211
|
+
errorType: 'rule_validation',
|
|
212
|
+
message: 'Invalid shell command syntax',
|
|
213
|
+
details: validationError,
|
|
214
|
+
});
|
|
215
|
+
// Continue to next rule, don't skip the entire file
|
|
216
|
+
}
|
|
217
|
+
}
|
|
218
|
+
// Transform rules
|
|
219
|
+
const parsedRules = validationResult.data.rule
|
|
220
|
+
.filter((rule) => {
|
|
221
|
+
// Filter by mode
|
|
222
|
+
if (!rule.modes || rule.modes.length === 0) {
|
|
223
|
+
return true;
|
|
224
|
+
}
|
|
225
|
+
return rule.modes.includes(approvalMode);
|
|
226
|
+
})
|
|
227
|
+
.flatMap((rule) => {
|
|
228
|
+
// Transform commandPrefix/commandRegex to argsPattern
|
|
229
|
+
let effectiveArgsPattern = rule.argsPattern;
|
|
230
|
+
const commandPrefixes = [];
|
|
231
|
+
if (rule.commandPrefix) {
|
|
232
|
+
const prefixes = Array.isArray(rule.commandPrefix)
|
|
233
|
+
? rule.commandPrefix
|
|
234
|
+
: [rule.commandPrefix];
|
|
235
|
+
commandPrefixes.push(...prefixes);
|
|
236
|
+
}
|
|
237
|
+
else if (rule.commandRegex) {
|
|
238
|
+
effectiveArgsPattern = `"command":"${rule.commandRegex}`;
|
|
239
|
+
}
|
|
240
|
+
// Expand command prefixes to multiple patterns
|
|
241
|
+
const argsPatterns = commandPrefixes.length > 0
|
|
242
|
+
? commandPrefixes.map((prefix) => `"command":"${escapeRegex(prefix)}`)
|
|
243
|
+
: [effectiveArgsPattern];
|
|
244
|
+
// For each argsPattern, expand toolName arrays
|
|
245
|
+
return argsPatterns.flatMap((argsPattern) => {
|
|
246
|
+
const toolNames = rule.toolName
|
|
247
|
+
? Array.isArray(rule.toolName)
|
|
248
|
+
? rule.toolName
|
|
249
|
+
: [rule.toolName]
|
|
250
|
+
: [undefined];
|
|
251
|
+
// Create a policy rule for each tool name
|
|
252
|
+
return toolNames.map((toolName) => {
|
|
253
|
+
// Transform mcpName field to composite toolName format
|
|
254
|
+
let effectiveToolName;
|
|
255
|
+
if (rule.mcpName && toolName) {
|
|
256
|
+
effectiveToolName = `${rule.mcpName}__${toolName}`;
|
|
257
|
+
}
|
|
258
|
+
else if (rule.mcpName) {
|
|
259
|
+
effectiveToolName = `${rule.mcpName}__*`;
|
|
260
|
+
}
|
|
261
|
+
else {
|
|
262
|
+
effectiveToolName = toolName;
|
|
263
|
+
}
|
|
264
|
+
const policyRule = {
|
|
265
|
+
toolName: effectiveToolName,
|
|
266
|
+
decision: rule.decision,
|
|
267
|
+
priority: transformPriority(rule.priority, tier),
|
|
268
|
+
};
|
|
269
|
+
// Compile regex pattern
|
|
270
|
+
if (argsPattern) {
|
|
271
|
+
try {
|
|
272
|
+
policyRule.argsPattern = new RegExp(argsPattern);
|
|
273
|
+
}
|
|
274
|
+
catch (e) {
|
|
275
|
+
const error = e;
|
|
276
|
+
errors.push({
|
|
277
|
+
filePath,
|
|
278
|
+
fileName: file,
|
|
279
|
+
tier: tierName,
|
|
280
|
+
errorType: 'regex_compilation',
|
|
281
|
+
message: 'Invalid regex pattern',
|
|
282
|
+
details: `Pattern: ${argsPattern}\nError: ${error.message}`,
|
|
283
|
+
suggestion: 'Check regex syntax for errors like unmatched brackets or invalid escape sequences',
|
|
284
|
+
});
|
|
285
|
+
// Skip this rule if regex compilation fails
|
|
286
|
+
return null;
|
|
287
|
+
}
|
|
288
|
+
}
|
|
289
|
+
return policyRule;
|
|
290
|
+
});
|
|
291
|
+
});
|
|
292
|
+
})
|
|
293
|
+
.filter((rule) => rule !== null);
|
|
294
|
+
rules.push(...parsedRules);
|
|
295
|
+
}
|
|
296
|
+
catch (e) {
|
|
297
|
+
const error = e;
|
|
298
|
+
// Catch-all for unexpected errors
|
|
299
|
+
if (error.code !== 'ENOENT') {
|
|
300
|
+
errors.push({
|
|
301
|
+
filePath,
|
|
302
|
+
fileName: file,
|
|
303
|
+
tier: tierName,
|
|
304
|
+
errorType: 'file_read',
|
|
305
|
+
message: 'Failed to read policy file',
|
|
306
|
+
details: error.message,
|
|
307
|
+
});
|
|
308
|
+
}
|
|
309
|
+
}
|
|
310
|
+
}
|
|
311
|
+
}
|
|
312
|
+
return { rules, errors };
|
|
313
|
+
}
|
|
314
|
+
//# sourceMappingURL=policy-toml-loader.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"policy-toml-loader.js","sourceRoot":"","sources":["../../../src/config/policy-toml-loader.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAEL,cAAc,GAEf,MAAM,yBAAyB,CAAC;AACjC,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAClC,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,IAAI,MAAM,aAAa,CAAC;AAC/B,OAAO,EAAE,CAAC,EAAiB,MAAM,KAAK,CAAC;AAEvC;;GAEG;AACH,MAAM,gBAAgB,GAAG,CAAC,CAAC,MAAM,CAAC;IAChC,QAAQ,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;IAC/D,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC9B,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAClC,aAAa,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;IACpE,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACnC,QAAQ,EAAE,CAAC,CAAC,UAAU,CAAC,cAAc,CAAC;IACtC,+DAA+D;IAC/D,iEAAiE;IACjE,2CAA2C;IAC3C,wCAAwC;IACxC,yCAAyC;IACzC,QAAQ,EAAE,CAAC;SACR,MAAM,CAAC;QACN,cAAc,EAAE,sBAAsB;QACtC,kBAAkB,EAAE,2BAA2B;KAChD,CAAC;SACD,GAAG,CAAC,EAAE,OAAO,EAAE,6BAA6B,EAAE,CAAC;SAC/C,GAAG,CAAC,CAAC,EAAE,EAAE,OAAO,EAAE,uBAAuB,EAAE,CAAC;SAC5C,GAAG,CAAC,GAAG,EAAE;QACR,OAAO,EACL,mGAAmG;KACtG,CAAC;IACJ,KAAK,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;CACtC,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,gBAAgB,GAAG,CAAC,CAAC,MAAM,CAAC;IAChC,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,gBAAgB,CAAC;CAChC,CAAC,CAAC;AAuCH;;;;;;GAMG;AACH,SAAS,WAAW,CAAC,GAAW;IAC9B,OAAO,GAAG,CAAC,OAAO,CAAC,qBAAqB,EAAE,MAAM,CAAC,CAAC;AACpD,CAAC;AAED;;GAEG;AACH,SAAS,WAAW,CAAC,IAAY;IAC/B,IAAI,IAAI,KAAK,CAAC;QAAE,OAAO,SAAS,CAAC;IACjC,IAAI,IAAI,KAAK,CAAC;QAAE,OAAO,MAAM,CAAC;IAC9B,IAAI,IAAI,KAAK,CAAC;QAAE,OAAO,OAAO,CAAC;IAC/B,OAAO,SAAS,CAAC;AACnB,CAAC;AAED;;GAEG;AACH,SAAS,iBAAiB,CAAC,KAAe,EAAE,SAAiB;IAC3D,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM;SACxB,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE;QACb,MAAM,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAClC,OAAO,cAAc,IAAI,MAAM,KAAK,CAAC,OAAO,EAAE,CAAC;IACjD,CAAC,CAAC;SACD,IAAI,CAAC,IAAI,CAAC,CAAC;IACd,OAAO,8BAA8B,SAAS,GAAG,CAAC,OAAO,MAAM,EAAE,CAAC;AACpE,CAAC;AAED;;;GAGG;AACH,SAAS,0BAA0B,CACjC,IAAoB,EACpB,SAAiB;IAEjB,MAAM,gBAAgB,GAAG,IAAI,CAAC,aAAa,KAAK,SAAS,CAAC;IAC1D,MAAM,eAAe,GAAG,IAAI,CAAC,YAAY,KAAK,SAAS,CAAC;IACxD,MAAM,cAAc,GAAG,IAAI,CAAC,WAAW,KAAK,SAAS,CAAC;IAEtD,IAAI,gBAAgB,IAAI,eAAe,EAAE,CAAC;QACxC,mDAAmD;QACnD,IAAI,IAAI,CAAC,QAAQ,KAAK,mBAAmB,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC1E,OAAO,CACL,SAAS,SAAS,GAAG,CAAC,yFAAyF;gBAC/G,uBAAuB,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI;gBACxD,0DAA0D,CAC3D,CAAC;QACJ,CAAC;QAED,iCAAiC;QACjC,IAAI,cAAc,EAAE,CAAC;YACnB,OAAO,CACL,SAAS,SAAS,GAAG,CAAC,gEAAgE;gBACtF,yCAAyC;gBACzC,uEAAuE,CACxE,CAAC;QACJ,CAAC;QAED,gDAAgD;QAChD,IAAI,gBAAgB,IAAI,eAAe,EAAE,CAAC;YACxC,OAAO,CACL,SAAS,SAAS,GAAG,CAAC,oDAAoD;gBAC1E,yCAAyC;gBACzC,2DAA2D,CAC5D,CAAC;QACJ,CAAC;IACH,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;;;GAOG;AACH,SAAS,iBAAiB,CAAC,QAAgB,EAAE,IAAY;IACvD,OAAO,IAAI,GAAG,QAAQ,GAAG,IAAI,CAAC;AAChC,CAAC;AAED;;;;;;;;;;;;;;GAcG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,YAA0B,EAC1B,UAAoB,EACpB,aAAsC;IAEtC,MAAM,KAAK,GAAiB,EAAE,CAAC;IAC/B,MAAM,MAAM,GAAsB,EAAE,CAAC;IAErC,KAAK,MAAM,GAAG,IAAI,UAAU,EAAE,CAAC;QAC7B,MAAM,IAAI,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC;QAChC,MAAM,QAAQ,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC;QAEnC,qCAAqC;QACrC,IAAI,WAAqB,CAAC;QAC1B,IAAI,CAAC;YACH,MAAM,UAAU,GAAG,MAAM,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC;YAClE,WAAW,GAAG,UAAU;iBACrB,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,MAAM,EAAE,IAAI,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;iBACjE,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAChC,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,MAAM,KAAK,GAAG,CAA0B,CAAC;YACzC,IAAI,KAAK,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBAC5B,kDAAkD;gBAClD,SAAS;YACX,CAAC;YACD,MAAM,CAAC,IAAI,CAAC;gBACV,QAAQ,EAAE,GAAG;gBACb,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC;gBAC5B,IAAI,EAAE,QAAQ;gBACd,SAAS,EAAE,WAAW;gBACtB,OAAO,EAAE,iCAAiC;gBAC1C,OAAO,EAAE,KAAK,CAAC,OAAO;aACvB,CAAC,CAAC;YACH,SAAS;QACX,CAAC;QAED,KAAK,MAAM,IAAI,IAAI,WAAW,EAAE,CAAC;YAC/B,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;YAEtC,IAAI,CAAC;gBACH,YAAY;gBACZ,MAAM,WAAW,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;gBAEzD,aAAa;gBACb,IAAI,MAAe,CAAC;gBACpB,IAAI,CAAC;oBACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;gBACnC,CAAC;gBAAC,OAAO,CAAC,EAAE,CAAC;oBACX,MAAM,KAAK,GAAG,CAAU,CAAC;oBACzB,MAAM,CAAC,IAAI,CAAC;wBACV,QAAQ;wBACR,QAAQ,EAAE,IAAI;wBACd,IAAI,EAAE,QAAQ;wBACd,SAAS,EAAE,YAAY;wBACvB,OAAO,EAAE,qBAAqB;wBAC9B,OAAO,EAAE,KAAK,CAAC,OAAO;wBACtB,UAAU,EACR,kEAAkE;qBACrE,CAAC,CAAC;oBACH,SAAS;gBACX,CAAC;gBAED,kBAAkB;gBAClB,MAAM,gBAAgB,GAAG,gBAAgB,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;gBAC5D,IAAI,CAAC,gBAAgB,CAAC,OAAO,EAAE,CAAC;oBAC9B,MAAM,CAAC,IAAI,CAAC;wBACV,QAAQ;wBACR,QAAQ,EAAE,IAAI;wBACd,IAAI,EAAE,QAAQ;wBACd,SAAS,EAAE,mBAAmB;wBAC9B,OAAO,EAAE,0BAA0B;wBACnC,OAAO,EAAE,iBAAiB,CAAC,gBAAgB,CAAC,KAAK,EAAE,CAAC,CAAC;wBACrD,UAAU,EACR,gFAAgF;qBACnF,CAAC,CAAC;oBACH,SAAS;gBACX,CAAC;gBAED,4CAA4C;gBAC5C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;oBAC3D,MAAM,IAAI,GAAG,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;oBAC3C,MAAM,eAAe,GAAG,0BAA0B,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;oBAC5D,IAAI,eAAe,EAAE,CAAC;wBACpB,MAAM,CAAC,IAAI,CAAC;4BACV,QAAQ;4BACR,QAAQ,EAAE,IAAI;4BACd,IAAI,EAAE,QAAQ;4BACd,SAAS,EAAE,CAAC;4BACZ,SAAS,EAAE,iBAAiB;4BAC5B,OAAO,EAAE,8BAA8B;4BACvC,OAAO,EAAE,eAAe;yBACzB,CAAC,CAAC;wBACH,oDAAoD;oBACtD,CAAC;gBACH,CAAC;gBAED,kBAAkB;gBAClB,MAAM,WAAW,GAAiB,gBAAgB,CAAC,IAAI,CAAC,IAAI;qBACzD,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE;oBACf,iBAAiB;oBACjB,IAAI,CAAC,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;wBAC3C,OAAO,IAAI,CAAC;oBACd,CAAC;oBACD,OAAO,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC;gBAC3C,CAAC,CAAC;qBACD,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE;oBAChB,sDAAsD;oBACtD,IAAI,oBAAoB,GAAG,IAAI,CAAC,WAAW,CAAC;oBAC5C,MAAM,eAAe,GAAa,EAAE,CAAC;oBAErC,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;wBACvB,MAAM,QAAQ,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,aAAa,CAAC;4BAChD,CAAC,CAAC,IAAI,CAAC,aAAa;4BACpB,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;wBACzB,eAAe,CAAC,IAAI,CAAC,GAAG,QAAQ,CAAC,CAAC;oBACpC,CAAC;yBAAM,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;wBAC7B,oBAAoB,GAAG,cAAc,IAAI,CAAC,YAAY,EAAE,CAAC;oBAC3D,CAAC;oBAED,+CAA+C;oBAC/C,MAAM,YAAY,GAChB,eAAe,CAAC,MAAM,GAAG,CAAC;wBACxB,CAAC,CAAC,eAAe,CAAC,GAAG,CACjB,CAAC,MAAM,EAAE,EAAE,CAAC,cAAc,WAAW,CAAC,MAAM,CAAC,EAAE,CAChD;wBACH,CAAC,CAAC,CAAC,oBAAoB,CAAC,CAAC;oBAE7B,+CAA+C;oBAC/C,OAAO,YAAY,CAAC,OAAO,CAAC,CAAC,WAAW,EAAE,EAAE;wBAC1C,MAAM,SAAS,GAA8B,IAAI,CAAC,QAAQ;4BACxD,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC;gCAC5B,CAAC,CAAC,IAAI,CAAC,QAAQ;gCACf,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC;4BACnB,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC;wBAEhB,0CAA0C;wBAC1C,OAAO,SAAS,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE,EAAE;4BAChC,uDAAuD;4BACvD,IAAI,iBAAqC,CAAC;4BAC1C,IAAI,IAAI,CAAC,OAAO,IAAI,QAAQ,EAAE,CAAC;gCAC7B,iBAAiB,GAAG,GAAG,IAAI,CAAC,OAAO,KAAK,QAAQ,EAAE,CAAC;4BACrD,CAAC;iCAAM,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;gCACxB,iBAAiB,GAAG,GAAG,IAAI,CAAC,OAAO,KAAK,CAAC;4BAC3C,CAAC;iCAAM,CAAC;gCACN,iBAAiB,GAAG,QAAQ,CAAC;4BAC/B,CAAC;4BAED,MAAM,UAAU,GAAe;gCAC7B,QAAQ,EAAE,iBAAiB;gCAC3B,QAAQ,EAAE,IAAI,CAAC,QAAQ;gCACvB,QAAQ,EAAE,iBAAiB,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC;6BACjD,CAAC;4BAEF,wBAAwB;4BACxB,IAAI,WAAW,EAAE,CAAC;gCAChB,IAAI,CAAC;oCACH,UAAU,CAAC,WAAW,GAAG,IAAI,MAAM,CAAC,WAAW,CAAC,CAAC;gCACnD,CAAC;gCAAC,OAAO,CAAC,EAAE,CAAC;oCACX,MAAM,KAAK,GAAG,CAAU,CAAC;oCACzB,MAAM,CAAC,IAAI,CAAC;wCACV,QAAQ;wCACR,QAAQ,EAAE,IAAI;wCACd,IAAI,EAAE,QAAQ;wCACd,SAAS,EAAE,mBAAmB;wCAC9B,OAAO,EAAE,uBAAuB;wCAChC,OAAO,EAAE,YAAY,WAAW,YAAY,KAAK,CAAC,OAAO,EAAE;wCAC3D,UAAU,EACR,mFAAmF;qCACtF,CAAC,CAAC;oCACH,4CAA4C;oCAC5C,OAAO,IAAI,CAAC;gCACd,CAAC;4BACH,CAAC;4BAED,OAAO,UAAU,CAAC;wBACpB,CAAC,CAAC,CAAC;oBACL,CAAC,CAAC,CAAC;gBACL,CAAC,CAAC;qBACD,MAAM,CAAC,CAAC,IAAI,EAAsB,EAAE,CAAC,IAAI,KAAK,IAAI,CAAC,CAAC;gBAEvD,KAAK,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,CAAC;YAC7B,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,MAAM,KAAK,GAAG,CAA0B,CAAC;gBACzC,kCAAkC;gBAClC,IAAI,KAAK,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;oBAC5B,MAAM,CAAC,IAAI,CAAC;wBACV,QAAQ;wBACR,QAAQ,EAAE,IAAI;wBACd,IAAI,EAAE,QAAQ;wBACd,SAAS,EAAE,WAAW;wBACtB,OAAO,EAAE,4BAA4B;wBACrC,OAAO,EAAE,KAAK,CAAC,OAAO;qBACvB,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC;AAC3B,CAAC"}
|