@hasna/assistants 0.6.41 → 0.6.42
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +33 -5
- package/dist/index.js.map +4 -4
- package/package.json +2 -2
package/dist/index.js
CHANGED
|
@@ -115593,6 +115593,13 @@ class BashTool {
|
|
|
115593
115593
|
const cwd2 = input.cwd || process.cwd();
|
|
115594
115594
|
const timeoutInput = Number(input.timeout);
|
|
115595
115595
|
const timeout = Number.isFinite(timeoutInput) && timeoutInput > 0 ? timeoutInput : 30000;
|
|
115596
|
+
let allowEnv = true;
|
|
115597
|
+
try {
|
|
115598
|
+
const config = await loadConfig(cwd2);
|
|
115599
|
+
allowEnv = config.validation?.perTool?.bash?.allowEnv ?? true;
|
|
115600
|
+
} catch {
|
|
115601
|
+
allowEnv = true;
|
|
115602
|
+
}
|
|
115596
115603
|
const baseCommand = command.replace(/\s*2>&1\s*/g, " ").trim();
|
|
115597
115604
|
const baseTrimmed = baseCommand.toLowerCase();
|
|
115598
115605
|
const allowConnectorNewlines = baseTrimmed.startsWith("connect-") || baseTrimmed.startsWith("connect_");
|
|
@@ -115643,8 +115650,30 @@ class BashTool {
|
|
|
115643
115650
|
}
|
|
115644
115651
|
}
|
|
115645
115652
|
const commandTrimmed = commandForChecks.trim().toLowerCase();
|
|
115653
|
+
const isEnvCommand = /^(env|printenv)(\s|$)/.test(commandTrimmed);
|
|
115654
|
+
if (!allowEnv && isEnvCommand) {
|
|
115655
|
+
getSecurityLogger().log({
|
|
115656
|
+
eventType: "blocked_command",
|
|
115657
|
+
severity: "medium",
|
|
115658
|
+
details: {
|
|
115659
|
+
tool: "bash",
|
|
115660
|
+
command,
|
|
115661
|
+
reason: "env/printenv disabled by config"
|
|
115662
|
+
},
|
|
115663
|
+
sessionId: input.sessionId || "unknown"
|
|
115664
|
+
});
|
|
115665
|
+
throw new ToolExecutionError("Command not allowed: env/printenv disabled by config.", {
|
|
115666
|
+
toolName: "bash",
|
|
115667
|
+
toolInput: input,
|
|
115668
|
+
code: ErrorCodes.TOOL_PERMISSION_DENIED,
|
|
115669
|
+
recoverable: false,
|
|
115670
|
+
retryable: false,
|
|
115671
|
+
suggestion: "Enable validation.perTool.bash.allowEnv to allow env/printenv."
|
|
115672
|
+
});
|
|
115673
|
+
}
|
|
115646
115674
|
let isAllowed = false;
|
|
115647
|
-
|
|
115675
|
+
const allowlist = allowEnv ? this.ALLOWED_COMMANDS : this.ALLOWED_COMMANDS.filter((allowed) => allowed !== "env" && allowed !== "printenv");
|
|
115676
|
+
for (const allowed of allowlist) {
|
|
115648
115677
|
if (commandTrimmed.startsWith(allowed.toLowerCase())) {
|
|
115649
115678
|
isAllowed = true;
|
|
115650
115679
|
break;
|
|
@@ -120239,7 +120268,7 @@ function formatAge(ms) {
|
|
|
120239
120268
|
return `${days}d`;
|
|
120240
120269
|
}
|
|
120241
120270
|
// packages/core/src/commands/builtin.ts
|
|
120242
|
-
var VERSION =
|
|
120271
|
+
var VERSION = "0.6.42";
|
|
120243
120272
|
function resolveAuthTimeout(resolve5) {
|
|
120244
120273
|
resolve5({ exitCode: 1, stdout: { toString: () => "{}" } });
|
|
120245
120274
|
}
|
|
@@ -144362,8 +144391,7 @@ function formatStreamEvent(chunk) {
|
|
|
144362
144391
|
|
|
144363
144392
|
// packages/terminal/src/index.tsx
|
|
144364
144393
|
var jsx_dev_runtime13 = __toESM(require_jsx_dev_runtime(), 1);
|
|
144365
|
-
var VERSION3 = "0.6.
|
|
144366
|
-
process.env.ASSISTANTS_VERSION ??= VERSION3;
|
|
144394
|
+
var VERSION3 = "0.6.42";
|
|
144367
144395
|
function parseArgs(argv) {
|
|
144368
144396
|
const args = argv.slice(2);
|
|
144369
144397
|
const options = {
|
|
@@ -144518,4 +144546,4 @@ if (options.print !== null) {
|
|
|
144518
144546
|
});
|
|
144519
144547
|
}
|
|
144520
144548
|
|
|
144521
|
-
//# debugId=
|
|
144549
|
+
//# debugId=D518576C49ADB4E664756E2164756E21
|