npm - @gotgenes/pi-permission-system - Versions diffs - 10.5.1 → 10.5.2 - Mend

@gotgenes/pi-permission-system 10.5.1 → 10.5.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (21) hide show

package/CHANGELOG.md +13 -0
package/package.json +1 -1
package/src/input-normalizer.ts +20 -8
package/src/path-utils.ts +1 -10
package/test/before-agent-start-cache.test.ts +89 -0
package/test/handlers/external-directory-session-dedup.test.ts +96 -0
package/test/handlers/gates/bash-path.test.ts +57 -0
package/test/handlers/gates/path.test.ts +58 -0
package/test/handlers/tool-call.test.ts +103 -0
package/test/helpers/manager-harness.ts +61 -0
package/test/input-normalizer.test.ts +77 -1
package/test/logging.test.ts +51 -0
package/test/path-utils.test.ts +10 -0
package/test/permission-forwarding.test.ts +73 -0
package/test/permission-manager-unified.test.ts +1577 -3
package/test/skill-prompt-sanitizer.test.ts +130 -0
package/test/status.test.ts +10 -0
package/test/system-prompt-sanitizer.test.ts +68 -0
package/test/tool-registry.test.ts +42 -0
package/test/yolo-mode.test.ts +78 -0
package/test/permission-system.test.ts +0 -2785

package/test/skill-prompt-sanitizer.test.ts CHANGED Viewed

@@ -1,10 +1,13 @@
+import { resolve } from "node:path";
 import { afterEach, describe, expect, test, vi } from "vitest";
 import type { PermissionManager } from "#src/permission-manager";
 import {
   findSkillPathMatch,
+  parseAllSkillPromptSections,
   resolveSkillPromptEntries,
 } from "#src/skill-prompt-sanitizer";
 import type { PermissionCheckResult } from "#src/types";
+import { createManager } from "#test/helpers/manager-harness";
 afterEach(() => {
   vi.restoreAllMocks();
@@ -242,3 +245,130 @@ describe("findSkillPathMatch", () => {
     expect(match?.name).toBe("child");
   });
 });
+// ---------------------------------------------------------------------------
+// Moved from permission-system.test.ts catch-all (#342)
+// ---------------------------------------------------------------------------
+test("parseAllSkillPromptSections finds every available_skills block", () => {
+  const prompt = [
+    "Some preamble",
+    "<available_skills>",
+    "  <skill>",
+    "    <name>skill-one</name>",
+    "    <description>First skill</description>",
+    "    <location>/path/to/one</location>",
+    "  </skill>",
+    "</available_skills>",
+    "Some content between",
+    "<available_skills>",
+    "  <skill>",
+    "    <name>skill-two</name>",
+    "    <description>Second skill</description>",
+    "    <location>/path/to/two</location>",
+    "  </skill>",
+    "</available_skills>",
+    "Footer",
+  ].join("\n");
+  const sections = parseAllSkillPromptSections(prompt);
+  expect(sections.length).toBe(2);
+  expect(sections[0].entries[0]?.name).toBe("skill-one");
+  expect(sections[1].entries[0]?.name).toBe("skill-two");
+});
+test("REGRESSION: resolveSkillPromptEntries sanitizes every available_skills block", () => {
+  const { manager, cleanup } = createManager({
+    permission: {
+      "*": "ask",
+      skill: { "denied-skill": "deny" },
+    },
+  });
+  try {
+    const prompt = [
+      "System prompt start",
+      "<available_skills>",
+      "  <skill>",
+      "    <name>visible-skill</name>",
+      "    <description>Allowed skill</description>",
+      "    <location>/skills/visible/index.ts</location>",
+      "  </skill>",
+      "  <skill>",
+      "    <name>denied-skill</name>",
+      "    <description>Denied in first block</description>",
+      "    <location>/skills/blocked/one.ts</location>",
+      "  </skill>",
+      "</available_skills>",
+      "Agent identity section",
+      "<available_skills>",
+      "  <skill>",
+      "    <name>denied-skill</name>",
+      "    <description>Denied in second block</description>",
+      "    <location>/skills/blocked/two.ts</location>",
+      "  </skill>",
+      "</available_skills>",
+      "System prompt end",
+    ].join("\n");
+    const result = resolveSkillPromptEntries(prompt, manager, null, "/cwd");
+    expect(result.prompt).not.toContain("denied-skill");
+    expect(result.prompt).toContain("visible-skill");
+    expect((result.prompt.match(/<available_skills>/g) ?? []).length).toBe(1);
+    expect(result.entries.map((entry) => entry.name)).toEqual([
+      "visible-skill",
+    ]);
+  } finally {
+    cleanup();
+  }
+});
+test("REGRESSION: resolveSkillPromptEntries keeps only visible skills available for path matching", () => {
+  const { manager, cleanup } = createManager({
+    permission: {
+      "*": "ask",
+      skill: { "blocked-skill": "deny" },
+    },
+  });
+  try {
+    const prompt = [
+      "System prompt start",
+      "<available_skills>",
+      "  <skill>",
+      "    <name>blocked-skill</name>",
+      "    <description>Blocked skill</description>",
+      "    <location>@./skills/blocked/entry.ts</location>",
+      "  </skill>",
+      "</available_skills>",
+      "Middle section",
+      "<available_skills>",
+      "  <skill>",
+      "    <name>visible-skill</name>",
+      "    <description>Visible skill</description>",
+      "    <location>@./skills/visible/entry.ts</location>",
+      "  </skill>",
+      "</available_skills>",
+      "System prompt end",
+    ].join("\n");
+    const result = resolveSkillPromptEntries(prompt, manager, null, "/cwd");
+    const visiblePath = resolve("/cwd", "./skills/visible/file.ts");
+    const blockedPath = resolve("/cwd", "./skills/blocked/file.ts");
+    const matchedVisibleSkill = findSkillPathMatch(
+      process.platform === "win32" ? visiblePath.toLowerCase() : visiblePath,
+      result.entries,
+    );
+    const matchedBlockedSkill = findSkillPathMatch(
+      process.platform === "win32" ? blockedPath.toLowerCase() : blockedPath,
+      result.entries,
+    );
+    expect(matchedVisibleSkill?.name).toBe("visible-skill");
+    expect(matchedBlockedSkill).toBe(null);
+  } finally {
+    cleanup();
+  }
+});

package/test/status.test.ts ADDED Viewed

@@ -0,0 +1,10 @@
+import { expect, test } from "vitest";
+import { DEFAULT_EXTENSION_CONFIG } from "#src/extension-config";
+import { getPermissionSystemStatus } from "#src/status";
+test("Permission-system status is only exposed when yolo mode is enabled", () => {
+  expect(getPermissionSystemStatus(DEFAULT_EXTENSION_CONFIG)).toBe(undefined);
+  expect(
+    getPermissionSystemStatus({ ...DEFAULT_EXTENSION_CONFIG, yoloMode: true }),
+  ).toBe("yolo");
+});

package/test/system-prompt-sanitizer.test.ts CHANGED Viewed

@@ -225,3 +225,71 @@ describe("sanitizeAvailableToolsSection — findSection boundary edge cases", ()
     expect(result.prompt).not.toContain("Available tools:");
   });
 });
+// ---------------------------------------------------------------------------
+// Moved from permission-system.test.ts catch-all (#342)
+// ---------------------------------------------------------------------------
+test("System prompt sanitizer removes the Available tools section and surrounding boilerplate", () => {
+  const prompt = [
+    "Available tools:",
+    "- read: Read file contents",
+    "- mcp: Discover, inspect, and call MCP tools across configured servers",
+    "",
+    "In addition to the tools above, you may have access to other custom tools depending on the project.",
+    "",
+    "Guidelines:",
+    "- Use mcp for MCP discovery first: search by capability, describe one exact tool name, then call it.",
+    "- Be concise in your responses",
+  ].join("\n");
+  const result = sanitizeAvailableToolsSection(prompt, ["read", "mcp"]);
+  expect(result.removed).toBe(true);
+  expect(result.prompt).not.toContain("Available tools:");
+  expect(result.prompt).not.toContain("In addition to the tools above");
+  expect(result.prompt).toMatch(/Guidelines:/);
+  expect(result.prompt).toMatch(/Use mcp for MCP discovery first/i);
+});
+test("System prompt sanitizer removes denied tool guidelines while keeping global guidance", () => {
+  const prompt = [
+    "Guidelines:",
+    "- Use task when work SHOULD be delegated to one or more specialized agents instead of handled entirely in the current session.",
+    "- Use mcp for MCP discovery first: search by capability, describe one exact tool name, then call it.",
+    "- Prefer grep/find/ls tools over bash for file exploration (faster, respects .gitignore)",
+    "- Be concise in your responses",
+    "- Show file paths clearly when working with files",
+  ].join("\n");
+  const result = sanitizeAvailableToolsSection(prompt, ["bash", "grep", "mcp"]);
+  expect(result.removed).toBe(true);
+  expect(result.prompt).not.toContain("Use task when work SHOULD");
+  expect(result.prompt).toMatch(/Use mcp for MCP discovery first/i);
+  expect(result.prompt).toMatch(/Prefer grep\/find\/ls tools over bash/i);
+  expect(result.prompt).toMatch(/Be concise in your responses/);
+  expect(result.prompt).toMatch(
+    /Show file paths clearly when working with files/,
+  );
+});
+test("System prompt sanitizer removes inactive built-in write guidance", () => {
+  const prompt = [
+    "Guidelines:",
+    "- Use write only for new files or complete rewrites",
+    "- When summarizing your actions, output plain text directly - do NOT use cat or bash to display what you did",
+    "- Be concise in your responses",
+  ].join("\n");
+  const result = sanitizeAvailableToolsSection(prompt, ["read"]);
+  expect(result.removed).toBe(true);
+  expect(result.prompt).not.toContain(
+    "Use write only for new files or complete rewrites",
+  );
+  expect(result.prompt).not.toContain(
+    "do NOT use cat or bash to display what you did",
+  );
+  expect(result.prompt).toMatch(/Be concise in your responses/);
+});

package/test/tool-registry.test.ts CHANGED Viewed

@@ -153,3 +153,45 @@ describe("checkRequestedToolRegistration", () => {
     expect(result.status).toBe("registered");
   });
 });
+// ---------------------------------------------------------------------------
+// Moved from permission-system.test.ts catch-all (#342)
+// ---------------------------------------------------------------------------
+test("Tool registry resolves event tool names from string and object payloads", () => {
+  expect(getToolNameFromValue("  read  ")).toBe("read");
+  expect(getToolNameFromValue({ toolName: "write" })).toBe("write");
+  expect(getToolNameFromValue({ name: "find" })).toBe("find");
+  expect(getToolNameFromValue({ tool: "grep" })).toBe("grep");
+  expect(getToolNameFromValue({})).toBe(null);
+});
+test("Tool registry blocks unregistered tools and handles aliases", () => {
+  const registeredTools = [
+    { toolName: "mcp" },
+    { toolName: "read" },
+    { toolName: "bash" },
+  ];
+  const unknownCheck = checkRequestedToolRegistration(
+    "third_party_tool",
+    registeredTools,
+  );
+  expect(unknownCheck.status).toBe("unregistered");
+  if (unknownCheck.status === "unregistered") {
+    expect(unknownCheck.availableToolNames).toEqual(["bash", "mcp", "read"]);
+  }
+  const aliasCheck = checkRequestedToolRegistration(
+    "legacy_read",
+    registeredTools,
+    { legacy_read: "read" },
+  );
+  expect(aliasCheck.status).toBe("registered");
+  const missingNameCheck = checkRequestedToolRegistration(
+    "   ",
+    registeredTools,
+  );
+  expect(missingNameCheck.status).toBe("missing-tool-name");
+});

package/test/yolo-mode.test.ts CHANGED Viewed

@@ -1,5 +1,7 @@
 import { afterEach, describe, expect, test, vi } from "vitest";
 import type { PermissionSystemExtensionConfig } from "#src/extension-config";
+import { DEFAULT_EXTENSION_CONFIG } from "#src/extension-config";
+import { resolvePermissionForwardingTargetSessionId } from "#src/permission-forwarding";
 import {
   canResolveAskPermissionRequest,
   shouldAutoApprovePermissionState,
@@ -108,3 +110,79 @@ describe("canResolveAskPermissionRequest", () => {
     ).toBe(true);
   });
 });
+// ---------------------------------------------------------------------------
+// Moved from permission-system.test.ts catch-all (#342)
+// ---------------------------------------------------------------------------
+test("Yolo mode only auto-approves ask-state permissions", () => {
+  expect(
+    shouldAutoApprovePermissionState("ask", DEFAULT_EXTENSION_CONFIG),
+  ).toBe(false);
+  expect(
+    shouldAutoApprovePermissionState("ask", {
+      ...DEFAULT_EXTENSION_CONFIG,
+      yoloMode: true,
+    }),
+  ).toBe(true);
+  expect(
+    shouldAutoApprovePermissionState("deny", {
+      ...DEFAULT_EXTENSION_CONFIG,
+      yoloMode: true,
+    }),
+  ).toBe(false);
+  expect(
+    shouldAutoApprovePermissionState("allow", {
+      ...DEFAULT_EXTENSION_CONFIG,
+      yoloMode: true,
+    }),
+  ).toBe(false);
+});
+test("Yolo mode resolves ask permissions without UI or delegation forwarding", () => {
+  expect(
+    canResolveAskPermissionRequest({
+      config: DEFAULT_EXTENSION_CONFIG,
+      hasUI: false,
+      isSubagent: false,
+    }),
+  ).toBe(false);
+  expect(
+    canResolveAskPermissionRequest({
+      config: { ...DEFAULT_EXTENSION_CONFIG, yoloMode: true },
+      hasUI: false,
+      isSubagent: false,
+    }),
+  ).toBe(true);
+  expect(
+    canResolveAskPermissionRequest({
+      config: DEFAULT_EXTENSION_CONFIG,
+      hasUI: false,
+      isSubagent: true,
+    }),
+  ).toBe(true);
+});
+test("Yolo mode bypasses delegated ask routing when no parent forwarding target is available", () => {
+  const targetSessionId = resolvePermissionForwardingTargetSessionId({
+    hasUI: false,
+    isSubagent: true,
+    currentSessionId: "child-session",
+    env: {},
+  });
+  expect(targetSessionId).toBe(null);
+  expect(
+    canResolveAskPermissionRequest({
+      config: { ...DEFAULT_EXTENSION_CONFIG, yoloMode: true },
+      hasUI: false,
+      isSubagent: true,
+    }),
+  ).toBe(true);
+  expect(
+    shouldAutoApprovePermissionState("ask", {
+      ...DEFAULT_EXTENSION_CONFIG,
+      yoloMode: true,
+    }),
+  ).toBe(true);
+});