@machina.ai/cell-cli-core 1.22.5-rc1 → 1.25.0-rc2

package/dist/src/policy/policy-updater.test.js

@@ -45,11 +45,11 @@ describe('createPolicyUpdater', () => {
         expect(policyEngine.addRule).toHaveBeenCalledTimes(2);
         expect(policyEngine.addRule).toHaveBeenNthCalledWith(1, expect.objectContaining({
             toolName: 'run_shell_command',
-            argsPattern: new RegExp('"command":"echo(?:[\\s"]|$)'),
+            argsPattern: new RegExp('"command":"echo(?:[\\s"]|\\\\")'),
         }));
         expect(policyEngine.addRule).toHaveBeenNthCalledWith(2, expect.objectContaining({
             toolName: 'run_shell_command',
-            argsPattern: new RegExp('"command":"ls(?:[\\s"]|$)'),
+            argsPattern: new RegExp('"command":"ls(?:[\\s"]|\\\\")'),
         }));
     });
     it('should add a single rule when commandPrefix is a string', async () => {
@@ -63,7 +63,7 @@ describe('createPolicyUpdater', () => {
         expect(policyEngine.addRule).toHaveBeenCalledTimes(1);
         expect(policyEngine.addRule).toHaveBeenCalledWith(expect.objectContaining({
             toolName: 'run_shell_command',
-            argsPattern: new RegExp('"command":"git(?:[\\s"]|$)'),
+            argsPattern: new RegExp('"command":"git(?:[\\s"]|\\\\")'),
         }));
     });
     it('should persist multiple rules correctly to TOML', async () => {
@@ -98,7 +98,7 @@ describe('ShellToolInvocation Policy Update', () => {
     });
     it('should extract multiple root commands for chained commands', () => {
         vi.mocked(shellUtils.getCommandRoots).mockReturnValue(['git', 'npm']);
-        const invocation = new ShellToolInvocation(mockConfig, { command: 'git status && npm test' }, new Set(), mockMessageBus, 'run_shell_command', 'Shell');
+        const invocation = new ShellToolInvocation(mockConfig, { command: 'git status && npm test' }, mockMessageBus, 'run_shell_command', 'Shell');
         // Accessing protected method for testing
         const options = invocation.getPolicyUpdateOptions(ToolConfirmationOutcome.ProceedAlways);
         expect(options.commandPrefix).toEqual(['git', 'npm']);
@@ -106,7 +106,7 @@ describe('ShellToolInvocation Policy Update', () => {
     });
     it('should extract a single root command', () => {
         vi.mocked(shellUtils.getCommandRoots).mockReturnValue(['ls']);
-        const invocation = new ShellToolInvocation(mockConfig, { command: 'ls -la /tmp' }, new Set(), mockMessageBus, 'run_shell_command', 'Shell');
+        const invocation = new ShellToolInvocation(mockConfig, { command: 'ls -la /tmp' }, mockMessageBus, 'run_shell_command', 'Shell');
         // Accessing protected method for testing
         const options = invocation.getPolicyUpdateOptions(ToolConfirmationOutcome.ProceedAlways);
         expect(options.commandPrefix).toEqual(['ls']);

package/dist/src/policy/policy-updater.test.js.map

@@ -1 +1 @@
-{"version":3,"file":"policy-updater.test.js","sourceRoot":"","sources":["../../../src/policy/policy-updater.test.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,QAAQ,CAAC;AACzE,OAAO,KAAK,EAAE,MAAM,kBAAkB,CAAC;AACvC,OAAO,EAAE,mBAAmB,EAAE,MAAM,aAAa,CAAC;AAClD,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,UAAU,EAAE,MAAM,oCAAoC,CAAC;AAChE,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAC;AAC9D,OAAO,EAAE,OAAO,EAAE,MAAM,sBAAsB,CAAC;AAC/C,OAAO,IAAI,MAAM,aAAa,CAAC;AAC/B,OAAO,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAC;AACxD,OAAO,EAAe,MAAM,qBAAqB,CAAC;AAClD,OAAO,EACL,uBAAuB,GAExB,MAAM,mBAAmB,CAAC;AAC3B,OAAO,KAAK,UAAU,MAAM,yBAAyB,CAAC;AAEtD,EAAE,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;AAC5B,EAAE,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;AAChC,EAAE,CAAC,IAAI,CAAC,yBAAyB,EAAE,GAAG,EAAE,CAAC,CAAC;IACxC,eAAe,EAAE,EAAE,CAAC,EAAE,EAAE;IACxB,iBAAiB,EAAE,EAAE,CAAC,EAAE,EAAE;CAC3B,CAAC,CAAC,CAAC;AAaJ,QAAQ,CAAC,qBAAqB,EAAE,GAAG,EAAE;IACnC,IAAI,YAA0B,CAAC;IAC/B,IAAI,UAAsB,CAAC;IAE3B,UAAU,CAAC,GAAG,EAAE;QACd,EAAE,CAAC,aAAa,EAAE,CAAC;QACnB,YAAY,GAAG,IAAI,YAAY,CAAC,EAAE,CAAC,CAAC;QACpC,EAAE,CAAC,KAAK,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;QAElC,UAAU,GAAG,IAAI,UAAU,CAAC,YAAY,CAAC,CAAC;QAC1C,EAAE,CAAC,KAAK,CAAC,OAAO,EAAE,oBAAoB,CAAC,CAAC,eAAe,CACrD,qBAAqB,CACtB,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,SAAS,CAAC,GAAG,EAAE;QACb,EAAE,CAAC,eAAe,EAAE,CAAC;IACvB,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,0DAA0D,EAAE,KAAK,IAAI,EAAE;QACxE,mBAAmB,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC;QAE9C,MAAM,UAAU,CAAC,OAAO,CAAC;YACvB,IAAI,EAAE,cAAc,CAAC,aAAa;YAClC,QAAQ,EAAE,mBAAmB;YAC7B,aAAa,EAAE,CAAC,MAAM,EAAE,IAAI,CAAC;YAC7B,OAAO,EAAE,KAAK;SACf,CAAC,CAAC;QAEH,MAAM,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC,CAAC;QACtD,MAAM,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,uBAAuB,CAClD,CAAC,EACD,MAAM,CAAC,gBAAgB,CAAC;YACtB,QAAQ,EAAE,mBAAmB;YAC7B,WAAW,EAAE,IAAI,MAAM,CAAC,6BAA6B,CAAC;SACvD,CAAC,CACH,CAAC;QACF,MAAM,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,uBAAuB,CAClD,CAAC,EACD,MAAM,CAAC,gBAAgB,CAAC;YACtB,QAAQ,EAAE,mBAAmB;YAC7B,WAAW,EAAE,IAAI,MAAM,CAAC,2BAA2B,CAAC;SACrD,CAAC,CACH,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,yDAAyD,EAAE,KAAK,IAAI,EAAE;QACvE,mBAAmB,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC;QAE9C,MAAM,UAAU,CAAC,OAAO,CAAC;YACvB,IAAI,EAAE,cAAc,CAAC,aAAa;YAClC,QAAQ,EAAE,mBAAmB;YAC7B,aAAa,EAAE,KAAK;YACpB,OAAO,EAAE,KAAK;SACf,CAAC,CAAC;QAEH,MAAM,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC,CAAC;QACtD,MAAM,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,oBAAoB,CAC/C,MAAM,CAAC,gBAAgB,CAAC;YACtB,QAAQ,EAAE,mBAAmB;YAC7B,WAAW,EAAE,IAAI,MAAM,CAAC,4BAA4B,CAAC;SACtD,CAAC,CACH,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,iDAAiD,EAAE,KAAK,IAAI,EAAE;QAC/D,mBAAmB,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC;QAC9C,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,QAAQ,CAAC,CAAC,iBAAiB,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,CAAC;QAC7D,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,iBAAiB,CAAC,SAAS,CAAC,CAAC;QACjD,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,SAAS,CAAC,CAAC,iBAAiB,CAAC,SAAS,CAAC,CAAC;QACrD,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,iBAAiB,CAAC,SAAS,CAAC,CAAC;QAElD,MAAM,UAAU,CAAC,OAAO,CAAC;YACvB,IAAI,EAAE,cAAc,CAAC,aAAa;YAClC,QAAQ,EAAE,mBAAmB;YAC7B,aAAa,EAAE,CAAC,MAAM,EAAE,IAAI,CAAC;YAC7B,OAAO,EAAE,IAAI;SACd,CAAC,CAAC;QAEH,0CAA0C;QAC1C,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,CAAC;QAEvD,MAAM,CAAC,EAAE,CAAC,SAAS,CAAC,CAAC,gBAAgB,EAAE,CAAC;QACxC,MAAM,CAAC,KAAK,EAAE,OAAO,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAG5D,CAAC;QACF,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAA4B,CAAC;QAE9D,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;QACpC,MAAM,CAAC,MAAM,CAAC,IAAK,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC,CAAC;IAChE,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,mCAAmC,EAAE,GAAG,EAAE;IACjD,IAAI,UAAkB,CAAC;IACvB,IAAI,cAA0B,CAAC;IAE/B,UAAU,CAAC,GAAG,EAAE;QACd,EAAE,CAAC,aAAa,EAAE,CAAC;QACnB,UAAU,GAAG,EAAY,CAAC;QAC1B,cAAc,GAAG,EAAgB,CAAC;QAElC,EAAE,CAAC,MAAM,CAAC,UAAU,CAAC,iBAAiB,CAAC,CAAC,kBAAkB,CACxD,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CACjB,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,4DAA4D,EAAE,GAAG,EAAE;QACpE,EAAE,CAAC,MAAM,CAAC,UAAU,CAAC,eAAe,CAAC,CAAC,eAAe,CAAC,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC;QAEtE,MAAM,UAAU,GAAG,IAAI,mBAAmB,CACxC,UAAU,EACV,EAAE,OAAO,EAAE,wBAAwB,EAAE,EACrC,IAAI,GAAG,EAAE,EACT,cAAc,EACd,mBAAmB,EACnB,OAAO,CACR,CAAC;QAEF,yCAAyC;QACzC,MAAM,OAAO,GACX,UACD,CAAC,sBAAsB,CAAC,uBAAuB,CAAC,aAAa,CAAC,CAAC;QAChE,MAAM,CAAC,OAAQ,CAAC,aAAa,CAAC,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC;QACvD,MAAM,CAAC,UAAU,CAAC,eAAe,CAAC,CAAC,oBAAoB,CACrD,wBAAwB,CACzB,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,sCAAsC,EAAE,GAAG,EAAE;QAC9C,EAAE,CAAC,MAAM,CAAC,UAAU,CAAC,eAAe,CAAC,CAAC,eAAe,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;QAE9D,MAAM,UAAU,GAAG,IAAI,mBAAmB,CACxC,UAAU,EACV,EAAE,OAAO,EAAE,aAAa,EAAE,EAC1B,IAAI,GAAG,EAAE,EACT,cAAc,EACd,mBAAmB,EACnB,OAAO,CACR,CAAC;QAEF,yCAAyC;QACzC,MAAM,OAAO,GACX,UACD,CAAC,sBAAsB,CAAC,uBAAuB,CAAC,aAAa,CAAC,CAAC;QAChE,MAAM,CAAC,OAAQ,CAAC,aAAa,CAAC,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;QAC/C,MAAM,CAAC,UAAU,CAAC,eAAe,CAAC,CAAC,oBAAoB,CAAC,aAAa,CAAC,CAAC;IACzE,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
+{"version":3,"file":"policy-updater.test.js","sourceRoot":"","sources":["../../../src/policy/policy-updater.test.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,QAAQ,CAAC;AACzE,OAAO,KAAK,EAAE,MAAM,kBAAkB,CAAC;AACvC,OAAO,EAAE,mBAAmB,EAAE,MAAM,aAAa,CAAC;AAClD,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,UAAU,EAAE,MAAM,oCAAoC,CAAC;AAChE,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAC;AAC9D,OAAO,EAAE,OAAO,EAAE,MAAM,sBAAsB,CAAC;AAC/C,OAAO,IAAI,MAAM,aAAa,CAAC;AAC/B,OAAO,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAC;AACxD,OAAO,EAAe,MAAM,qBAAqB,CAAC;AAClD,OAAO,EACL,uBAAuB,GAExB,MAAM,mBAAmB,CAAC;AAC3B,OAAO,KAAK,UAAU,MAAM,yBAAyB,CAAC;AAEtD,EAAE,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;AAC5B,EAAE,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;AAChC,EAAE,CAAC,IAAI,CAAC,yBAAyB,EAAE,GAAG,EAAE,CAAC,CAAC;IACxC,eAAe,EAAE,EAAE,CAAC,EAAE,EAAE;IACxB,iBAAiB,EAAE,EAAE,CAAC,EAAE,EAAE;CAC3B,CAAC,CAAC,CAAC;AAaJ,QAAQ,CAAC,qBAAqB,EAAE,GAAG,EAAE;IACnC,IAAI,YAA0B,CAAC;IAC/B,IAAI,UAAsB,CAAC;IAE3B,UAAU,CAAC,GAAG,EAAE;QACd,EAAE,CAAC,aAAa,EAAE,CAAC;QACnB,YAAY,GAAG,IAAI,YAAY,CAAC,EAAE,CAAC,CAAC;QACpC,EAAE,CAAC,KAAK,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;QAElC,UAAU,GAAG,IAAI,UAAU,CAAC,YAAY,CAAC,CAAC;QAC1C,EAAE,CAAC,KAAK,CAAC,OAAO,EAAE,oBAAoB,CAAC,CAAC,eAAe,CACrD,qBAAqB,CACtB,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,SAAS,CAAC,GAAG,EAAE;QACb,EAAE,CAAC,eAAe,EAAE,CAAC;IACvB,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,0DAA0D,EAAE,KAAK,IAAI,EAAE;QACxE,mBAAmB,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC;QAE9C,MAAM,UAAU,CAAC,OAAO,CAAC;YACvB,IAAI,EAAE,cAAc,CAAC,aAAa;YAClC,QAAQ,EAAE,mBAAmB;YAC7B,aAAa,EAAE,CAAC,MAAM,EAAE,IAAI,CAAC;YAC7B,OAAO,EAAE,KAAK;SACf,CAAC,CAAC;QAEH,MAAM,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC,CAAC;QACtD,MAAM,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,uBAAuB,CAClD,CAAC,EACD,MAAM,CAAC,gBAAgB,CAAC;YACtB,QAAQ,EAAE,mBAAmB;YAC7B,WAAW,EAAE,IAAI,MAAM,CAAC,iCAAiC,CAAC;SAC3D,CAAC,CACH,CAAC;QACF,MAAM,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,uBAAuB,CAClD,CAAC,EACD,MAAM,CAAC,gBAAgB,CAAC;YACtB,QAAQ,EAAE,mBAAmB;YAC7B,WAAW,EAAE,IAAI,MAAM,CAAC,+BAA+B,CAAC;SACzD,CAAC,CACH,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,yDAAyD,EAAE,KAAK,IAAI,EAAE;QACvE,mBAAmB,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC;QAE9C,MAAM,UAAU,CAAC,OAAO,CAAC;YACvB,IAAI,EAAE,cAAc,CAAC,aAAa;YAClC,QAAQ,EAAE,mBAAmB;YAC7B,aAAa,EAAE,KAAK;YACpB,OAAO,EAAE,KAAK;SACf,CAAC,CAAC;QAEH,MAAM,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC,CAAC;QACtD,MAAM,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,oBAAoB,CAC/C,MAAM,CAAC,gBAAgB,CAAC;YACtB,QAAQ,EAAE,mBAAmB;YAC7B,WAAW,EAAE,IAAI,MAAM,CAAC,gCAAgC,CAAC;SAC1D,CAAC,CACH,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,iDAAiD,EAAE,KAAK,IAAI,EAAE;QAC/D,mBAAmB,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC;QAC9C,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,QAAQ,CAAC,CAAC,iBAAiB,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,CAAC;QAC7D,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,iBAAiB,CAAC,SAAS,CAAC,CAAC;QACjD,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,SAAS,CAAC,CAAC,iBAAiB,CAAC,SAAS,CAAC,CAAC;QACrD,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,iBAAiB,CAAC,SAAS,CAAC,CAAC;QAElD,MAAM,UAAU,CAAC,OAAO,CAAC;YACvB,IAAI,EAAE,cAAc,CAAC,aAAa;YAClC,QAAQ,EAAE,mBAAmB;YAC7B,aAAa,EAAE,CAAC,MAAM,EAAE,IAAI,CAAC;YAC7B,OAAO,EAAE,IAAI;SACd,CAAC,CAAC;QAEH,0CAA0C;QAC1C,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,CAAC;QAEvD,MAAM,CAAC,EAAE,CAAC,SAAS,CAAC,CAAC,gBAAgB,EAAE,CAAC;QACxC,MAAM,CAAC,KAAK,EAAE,OAAO,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAG5D,CAAC;QACF,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAA4B,CAAC;QAE9D,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;QACpC,MAAM,CAAC,MAAM,CAAC,IAAK,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC,CAAC;IAChE,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,mCAAmC,EAAE,GAAG,EAAE;IACjD,IAAI,UAAkB,CAAC;IACvB,IAAI,cAA0B,CAAC;IAE/B,UAAU,CAAC,GAAG,EAAE;QACd,EAAE,CAAC,aAAa,EAAE,CAAC;QACnB,UAAU,GAAG,EAAY,CAAC;QAC1B,cAAc,GAAG,EAAgB,CAAC;QAElC,EAAE,CAAC,MAAM,CAAC,UAAU,CAAC,iBAAiB,CAAC,CAAC,kBAAkB,CACxD,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CACjB,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,4DAA4D,EAAE,GAAG,EAAE;QACpE,EAAE,CAAC,MAAM,CAAC,UAAU,CAAC,eAAe,CAAC,CAAC,eAAe,CAAC,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC;QAEtE,MAAM,UAAU,GAAG,IAAI,mBAAmB,CACxC,UAAU,EACV,EAAE,OAAO,EAAE,wBAAwB,EAAE,EACrC,cAAc,EACd,mBAAmB,EACnB,OAAO,CACR,CAAC;QAEF,yCAAyC;QACzC,MAAM,OAAO,GACX,UACD,CAAC,sBAAsB,CAAC,uBAAuB,CAAC,aAAa,CAAC,CAAC;QAChE,MAAM,CAAC,OAAQ,CAAC,aAAa,CAAC,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC;QACvD,MAAM,CAAC,UAAU,CAAC,eAAe,CAAC,CAAC,oBAAoB,CACrD,wBAAwB,CACzB,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,sCAAsC,EAAE,GAAG,EAAE;QAC9C,EAAE,CAAC,MAAM,CAAC,UAAU,CAAC,eAAe,CAAC,CAAC,eAAe,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;QAE9D,MAAM,UAAU,GAAG,IAAI,mBAAmB,CACxC,UAAU,EACV,EAAE,OAAO,EAAE,aAAa,EAAE,EAC1B,cAAc,EACd,mBAAmB,EACnB,OAAO,CACR,CAAC;QAEF,yCAAyC;QACzC,MAAM,OAAO,GACX,UACD,CAAC,sBAAsB,CAAC,uBAAuB,CAAC,aAAa,CAAC,CAAC;QAChE,MAAM,CAAC,OAAQ,CAAC,aAAa,CAAC,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;QAC/C,MAAM,CAAC,UAAU,CAAC,eAAe,CAAC,CAAC,oBAAoB,CAAC,aAAa,CAAC,CAAC;IACzE,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/src/policy/shell-safety.test.js

@@ -3,26 +3,98 @@
  * Copyright 2025 Google LLC
  * SPDX-License-Identifier: Apache-2.0
  */
-import { describe, it, expect, beforeEach } from 'vitest';
+import { describe, it, expect, beforeEach, vi } from 'vitest';
+// Mock shell-utils to avoid relying on tree-sitter WASM which is flaky in CI on Windows
+vi.mock('../utils/shell-utils.js', async (importOriginal) => {
+    const actual = await importOriginal();
+    // Static map of test commands to their expected subcommands
+    // This mirrors what the real parser would output for these specific strings
+    const commandMap = {
+        'git log': ['git log'],
+        'git log --oneline': ['git log --oneline'],
+        'git logout': ['git logout'],
+        'git log && rm -rf /': ['git log', 'rm -rf /'],
+        'git log; rm -rf /': ['git log', 'rm -rf /'],
+        'git log || rm -rf /': ['git log', 'rm -rf /'],
+        'git log &&& rm -rf /': [], // Simulates parse failure
+        'echo $(rm -rf /)': ['echo $(rm -rf /)', 'rm -rf /'],
+        'echo $(git log)': ['echo $(git log)', 'git log'],
+        'echo `rm -rf /`': ['echo `rm -rf /`', 'rm -rf /'],
+        'diff <(git log) <(rm -rf /)': [
+            'diff <(git log) <(rm -rf /)',
+            'git log',
+            'rm -rf /',
+        ],
+        'tee >(rm -rf /)': ['tee >(rm -rf /)', 'rm -rf /'],
+        'git log | rm -rf /': ['git log', 'rm -rf /'],
+        'git log --format=$(rm -rf /)': [
+            'git log --format=$(rm -rf /)',
+            'rm -rf /',
+        ],
+        'git log && echo $(git log | rm -rf /)': [
+            'git log',
+            'echo $(git log | rm -rf /)',
+            'git log',
+            'rm -rf /',
+        ],
+        'git log && echo $(git log)': ['git log', 'echo $(git log)', 'git log'],
+        'git log > /tmp/test': ['git log > /tmp/test'],
+        'git log @(Get-Process)': [], // Simulates parse failure (Bash parser vs PowerShell syntax)
+        'git commit -m "msg" && git push': ['git commit -m "msg"', 'git push'],
+        'git status && unknown_command': ['git status', 'unknown_command'],
+        'unknown_command_1 && another_unknown_command': [
+            'unknown_command_1',
+            'another_unknown_command',
+        ],
+        'known_ask_command_1 && known_ask_command_2': [
+            'known_ask_command_1',
+            'known_ask_command_2',
+        ],
+    };
+    return {
+        ...actual,
+        initializeShellParsers: vi.fn(),
+        splitCommands: (command) => {
+            if (Object.prototype.hasOwnProperty.call(commandMap, command)) {
+                return commandMap[command];
+            }
+            const known = commandMap[command];
+            if (known)
+                return known;
+            // Default fallback for unmatched simple cases in development, but explicit map is better
+            return [command];
+        },
+        hasRedirection: (command) => 
+        // Simple regex check sufficient for testing the policy engine's handling of the *result* of hasRedirection
+        /[><]/.test(command),
+    };
+});
 import { PolicyEngine } from './policy-engine.js';
 import { PolicyDecision, ApprovalMode } from './types.js';
+import { buildArgsPatterns } from './utils.js';
 describe('Shell Safety Policy', () => {
     let policyEngine;
-    beforeEach(() => {
-        policyEngine = new PolicyEngine({
+    // Helper to create a policy engine with a simple command prefix rule
+    function createPolicyEngineWithPrefix(prefix) {
+        const argsPatterns = buildArgsPatterns(undefined, prefix, undefined);
+        // Since buildArgsPatterns returns array of patterns (strings), we pick the first one
+        // and compile it.
+        const argsPattern = new RegExp(argsPatterns[0]);
+        return new PolicyEngine({
             rules: [
                 {
                     toolName: 'run_shell_command',
-                    // Mimic the regex generated by toml-loader for commandPrefix = ["git log"]
-                    // Regex: "command":"git log(?:[\s"]|$)
-                    argsPattern: /"command":"git log(?:[\s"]|$)/,
+                    argsPattern,
                     decision: PolicyDecision.ALLOW,
-                    priority: 1.01, // Higher priority than default
+                    priority: 1.01,
                 },
             ],
             defaultDecision: PolicyDecision.ASK_USER,
             approvalMode: ApprovalMode.DEFAULT,
         });
+    }
+    beforeEach(() => {
+        policyEngine = createPolicyEngineWithPrefix('git log');
     });
     it('SHOULD match "git log" exactly', async () => {
         const toolCall = {
@@ -61,15 +133,306 @@ describe('Shell Safety Policy', () => {
         const result = await policyEngine.check(toolCall, undefined);
         expect(result.decision).toBe(PolicyDecision.ASK_USER);
     });
+    it('SHOULD NOT allow "git log; rm -rf /" (semicolon separator)', async () => {
+        const toolCall = {
+            name: 'run_shell_command',
+            args: { command: 'git log; rm -rf /' },
+        };
+        const result = await policyEngine.check(toolCall, undefined);
+        expect(result.decision).toBe(PolicyDecision.ASK_USER);
+    });
+    it('SHOULD NOT allow "git log || rm -rf /" (OR separator)', async () => {
+        const toolCall = {
+            name: 'run_shell_command',
+            args: { command: 'git log || rm -rf /' },
+        };
+        const result = await policyEngine.check(toolCall, undefined);
+        expect(result.decision).toBe(PolicyDecision.ASK_USER);
+    });
     it('SHOULD NOT allow "git log &&& rm -rf /" when prefix is "git log" (parse failure)', async () => {
         const toolCall = {
             name: 'run_shell_command',
             args: { command: 'git log &&& rm -rf /' },
         };
         // Desired behavior: Should fail safe (ASK_USER or DENY) because parsing failed.
-        // If we let it pass as "single command" that matches prefix, it's dangerous.
         const result = await policyEngine.check(toolCall, undefined);
         expect(result.decision).toBe(PolicyDecision.ASK_USER);
     });
+    it('SHOULD NOT allow command substitution $(rm -rf /)', async () => {
+        const toolCall = {
+            name: 'run_shell_command',
+            args: { command: 'echo $(rm -rf /)' },
+        };
+        // `splitCommands` recursively finds nested commands (e.g., `rm` inside `echo $()`).
+        // The policy engine requires ALL extracted commands to be allowed.
+        // Since `rm` does not match the allowed prefix, this should result in ASK_USER.
+        const echoPolicy = createPolicyEngineWithPrefix('echo');
+        const result = await echoPolicy.check(toolCall, undefined);
+        expect(result.decision).toBe(PolicyDecision.ASK_USER);
+    });
+    it('SHOULD allow command substitution if inner command is ALSO allowed', async () => {
+        // Both `echo` and `git` allowed.
+        const argsPatternsEcho = buildArgsPatterns(undefined, 'echo', undefined);
+        const argsPatternsGit = buildArgsPatterns(undefined, 'git', undefined); // Allow all git
+        const policyEngineWithBoth = new PolicyEngine({
+            rules: [
+                {
+                    toolName: 'run_shell_command',
+                    argsPattern: new RegExp(argsPatternsEcho[0]),
+                    decision: PolicyDecision.ALLOW,
+                    priority: 2,
+                },
+                {
+                    toolName: 'run_shell_command',
+                    argsPattern: new RegExp(argsPatternsGit[0]),
+                    decision: PolicyDecision.ALLOW,
+                    priority: 2,
+                },
+            ],
+            defaultDecision: PolicyDecision.ASK_USER,
+        });
+        const toolCall = {
+            name: 'run_shell_command',
+            args: { command: 'echo $(git log)' },
+        };
+        const result = await policyEngineWithBoth.check(toolCall, undefined);
+        expect(result.decision).toBe(PolicyDecision.ALLOW);
+    });
+    it('SHOULD NOT allow command substitution with backticks `rm -rf /`', async () => {
+        const toolCall = {
+            name: 'run_shell_command',
+            args: { command: 'echo `rm -rf /`' },
+        };
+        const result = await policyEngine.check(toolCall, undefined);
+        expect(result.decision).toBe(PolicyDecision.ASK_USER);
+    });
+    it('SHOULD NOT allow process substitution <(rm -rf /)', async () => {
+        const toolCall = {
+            name: 'run_shell_command',
+            args: { command: 'diff <(git log) <(rm -rf /)' },
+        };
+        const result = await policyEngine.check(toolCall, undefined);
+        expect(result.decision).toBe(PolicyDecision.ASK_USER);
+    });
+    it('SHOULD NOT allow process substitution >(rm -rf /)', async () => {
+        // Note: >(...) is output substitution, but syntax is similar.
+        const toolCall = {
+            name: 'run_shell_command',
+            args: { command: 'tee >(rm -rf /)' },
+        };
+        const result = await policyEngine.check(toolCall, undefined);
+        expect(result.decision).toBe(PolicyDecision.ASK_USER);
+    });
+    it('SHOULD NOT allow piped commands "git log | rm -rf /"', async () => {
+        const toolCall = {
+            name: 'run_shell_command',
+            args: { command: 'git log | rm -rf /' },
+        };
+        const result = await policyEngine.check(toolCall, undefined);
+        expect(result.decision).toBe(PolicyDecision.ASK_USER);
+    });
+    it('SHOULD NOT allow argument injection via --arg=$(rm -rf /)', async () => {
+        const toolCall = {
+            name: 'run_shell_command',
+            args: { command: 'git log --format=$(rm -rf /)' },
+        };
+        const result = await policyEngine.check(toolCall, undefined);
+        expect(result.decision).toBe(PolicyDecision.ASK_USER);
+    });
+    it('SHOULD NOT allow complex nested commands "git log && echo $(git log | rm -rf /)"', async () => {
+        const toolCall = {
+            name: 'run_shell_command',
+            args: { command: 'git log && echo $(git log | rm -rf /)' },
+        };
+        const result = await policyEngine.check(toolCall, undefined);
+        expect(result.decision).toBe(PolicyDecision.ASK_USER);
+    });
+    it('SHOULD allow complex allowed commands "git log && echo $(git log)"', async () => {
+        // Both `echo` and `git` allowed.
+        const argsPatternsEcho = buildArgsPatterns(undefined, 'echo', undefined);
+        const argsPatternsGit = buildArgsPatterns(undefined, 'git', undefined);
+        const policyEngineWithBoth = new PolicyEngine({
+            rules: [
+                {
+                    toolName: 'run_shell_command',
+                    argsPattern: new RegExp(argsPatternsEcho[0]),
+                    decision: PolicyDecision.ALLOW,
+                    priority: 2,
+                },
+                {
+                    toolName: 'run_shell_command',
+                    // Matches "git" at start of *subcommand*
+                    argsPattern: new RegExp(argsPatternsGit[0]),
+                    decision: PolicyDecision.ALLOW,
+                    priority: 2,
+                },
+            ],
+            defaultDecision: PolicyDecision.ASK_USER,
+        });
+        const toolCall = {
+            name: 'run_shell_command',
+            args: { command: 'git log && echo $(git log)' },
+        };
+        const result = await policyEngineWithBoth.check(toolCall, undefined);
+        expect(result.decision).toBe(PolicyDecision.ALLOW);
+    });
+    it('SHOULD NOT allow generic redirection > /tmp/test', async () => {
+        // Current logic downgrades ALLOW to ASK_USER for redirections if redirection is not explicitly allowed.
+        const toolCall = {
+            name: 'run_shell_command',
+            args: { command: 'git log > /tmp/test' },
+        };
+        const result = await policyEngine.check(toolCall, undefined);
+        expect(result.decision).toBe(PolicyDecision.ASK_USER);
+    });
+    it('SHOULD allow generic redirection > /tmp/test if allowRedirection is true', async () => {
+        // If PolicyRule has allowRedirection: true, it should stay ALLOW
+        const argsPatternsGitLog = buildArgsPatterns(undefined, 'git log', undefined);
+        const policyWithRedirection = new PolicyEngine({
+            rules: [
+                {
+                    toolName: 'run_shell_command',
+                    argsPattern: new RegExp(argsPatternsGitLog[0]),
+                    decision: PolicyDecision.ALLOW,
+                    priority: 2,
+                    allowRedirection: true,
+                },
+            ],
+            defaultDecision: PolicyDecision.ASK_USER,
+        });
+        const toolCall = {
+            name: 'run_shell_command',
+            args: { command: 'git log > /tmp/test' },
+        };
+        const result = await policyWithRedirection.check(toolCall, undefined);
+        expect(result.decision).toBe(PolicyDecision.ALLOW);
+    });
+    it('SHOULD NOT allow PowerShell @(...) usage if it implies code execution', async () => {
+        // Bash parser fails on PowerShell syntax @(...) (returns empty subcommands).
+        // The policy engine correctly identifies this as unparseable and falls back to ASK_USER.
+        const toolCall = {
+            name: 'run_shell_command',
+            args: { command: 'git log @(Get-Process)' },
+        };
+        const result = await policyEngine.check(toolCall, undefined);
+        expect(result.decision).toBe(PolicyDecision.ASK_USER);
+    });
+    it('SHOULD match DENY rule even if nested/chained with unknown command', async () => {
+        // Scenario:
+        // git commit -m "..." (Unknown/No Rule -> ASK_USER)
+        // git push (DENY -> DENY)
+        // Overall should be DENY.
+        const argsPatternsPush = buildArgsPatterns(undefined, 'git push', undefined);
+        const denyPushPolicy = new PolicyEngine({
+            rules: [
+                {
+                    toolName: 'run_shell_command',
+                    argsPattern: new RegExp(argsPatternsPush[0]),
+                    decision: PolicyDecision.DENY,
+                    priority: 2,
+                },
+            ],
+            defaultDecision: PolicyDecision.ASK_USER,
+        });
+        const toolCall = {
+            name: 'run_shell_command',
+            args: { command: 'git commit -m "msg" && git push' },
+        };
+        const result = await denyPushPolicy.check(toolCall, undefined);
+        expect(result.decision).toBe(PolicyDecision.DENY);
+    });
+    it('SHOULD aggregate ALLOW + ASK_USER to ASK_USER and blame the ASK_USER part', async () => {
+        // Scenario:
+        // `git status` (ALLOW) && `unknown_command` (ASK_USER by default)
+        // Expected: ASK_USER, and the matched rule should be related to the unknown_command
+        const argsPatternsGitStatus = buildArgsPatterns(undefined, 'git status', undefined);
+        const policyEngine = new PolicyEngine({
+            rules: [
+                {
+                    toolName: 'run_shell_command',
+                    argsPattern: new RegExp(argsPatternsGitStatus[0]),
+                    decision: PolicyDecision.ALLOW,
+                    priority: 2,
+                    name: 'allow_git_status_rule', // Give a name to easily identify
+                },
+            ],
+            defaultDecision: PolicyDecision.ASK_USER,
+        });
+        const toolCall = {
+            name: 'run_shell_command',
+            args: { command: 'git status && unknown_command' },
+        };
+        const result = await policyEngine.check(toolCall, undefined);
+        expect(result.decision).toBe(PolicyDecision.ASK_USER);
+        // Expect the matched rule to be null/undefined since it's the default decision for 'unknown_command'
+        // or the rule that led to the ASK_USER decision. In this case, it should be the rule for 'unknown_command', which is the default decision.
+        // The policy engine's `matchedRule` will be the rule that caused the final decision.
+        // If it's a default ASK_USER, then `result.rule` should be undefined.
+        expect(result.rule).toBeUndefined();
+    });
+    it('SHOULD aggregate ASK_USER (default) + ASK_USER (rule) to ASK_USER and blame the specific ASK_USER rule', async () => {
+        // Scenario:
+        // `unknown_command_1` (ASK_USER by default) && `another_unknown_command` (ASK_USER by explicit rule)
+        // Expected: ASK_USER, and the matched rule should be the explicit ASK_USER rule
+        const argsPatternsAnotherUnknown = buildArgsPatterns(undefined, 'another_unknown_command', undefined);
+        const policyEngine = new PolicyEngine({
+            rules: [
+                {
+                    toolName: 'run_shell_command',
+                    argsPattern: new RegExp(argsPatternsAnotherUnknown[0]),
+                    decision: PolicyDecision.ASK_USER,
+                    priority: 2,
+                    name: 'ask_another_unknown_command_rule',
+                },
+            ],
+            defaultDecision: PolicyDecision.ASK_USER,
+        });
+        const toolCall = {
+            name: 'run_shell_command',
+            args: { command: 'unknown_command_1 && another_unknown_command' },
+        };
+        const result = await policyEngine.check(toolCall, undefined);
+        expect(result.decision).toBe(PolicyDecision.ASK_USER);
+        // The first command triggers default ASK_USER (undefined rule).
+        // The second triggers explicit ASK_USER rule.
+        // We attribute to the first cause => undefined.
+        expect(result.rule).toBeUndefined();
+    });
+    it('SHOULD aggregate ASK_USER (rule) + ASK_USER (rule) to ASK_USER and blame the first specific ASK_USER rule in subcommands', async () => {
+        // Scenario:
+        // `known_ask_command_1` (ASK_USER by explicit rule 1) && `known_ask_command_2` (ASK_USER by explicit rule 2)
+        // Expected: ASK_USER, and the matched rule should be explicit ASK_USER rule 1.
+        // The current implementation prioritizes the rule that changes the decision to ASK_USER, if any.
+        // If multiple rules lead to ASK_USER, it takes the first one.
+        const argsPatternsAsk1 = buildArgsPatterns(undefined, 'known_ask_command_1', undefined);
+        const argsPatternsAsk2 = buildArgsPatterns(undefined, 'known_ask_command_2', undefined);
+        const policyEngine = new PolicyEngine({
+            rules: [
+                {
+                    toolName: 'run_shell_command',
+                    argsPattern: new RegExp(argsPatternsAsk1[0]),
+                    decision: PolicyDecision.ASK_USER,
+                    priority: 2,
+                    name: 'ask_rule_1',
+                },
+                {
+                    toolName: 'run_shell_command',
+                    argsPattern: new RegExp(argsPatternsAsk2[0]),
+                    decision: PolicyDecision.ASK_USER,
+                    priority: 2,
+                    name: 'ask_rule_2',
+                },
+            ],
+            defaultDecision: PolicyDecision.ALLOW, // Set default to ALLOW to ensure rules are hit
+        });
+        const toolCall = {
+            name: 'run_shell_command',
+            args: { command: 'known_ask_command_1 && known_ask_command_2' },
+        };
+        const result = await policyEngine.check(toolCall, undefined);
+        expect(result.decision).toBe(PolicyDecision.ASK_USER);
+        // Expect the rule that first caused ASK_USER to be blamed
+        expect(result.rule?.name).toBe('ask_rule_1');
+    });
 });
 //# sourceMappingURL=shell-safety.test.js.map

package/dist/src/policy/shell-safety.test.js.map

@@ -1 +1 @@
-{"version":3,"file":"shell-safety.test.js","sourceRoot":"","sources":["../../../src/policy/shell-safety.test.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAC;AAC1D,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,cAAc,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAG1D,QAAQ,CAAC,qBAAqB,EAAE,GAAG,EAAE;IACnC,IAAI,YAA0B,CAAC;IAE/B,UAAU,CAAC,GAAG,EAAE;QACd,YAAY,GAAG,IAAI,YAAY,CAAC;YAC9B,KAAK,EAAE;gBACL;oBACE,QAAQ,EAAE,mBAAmB;oBAC7B,2EAA2E;oBAC3E,uCAAuC;oBACvC,WAAW,EAAE,+BAA+B;oBAC5C,QAAQ,EAAE,cAAc,CAAC,KAAK;oBAC9B,QAAQ,EAAE,IAAI,EAAE,+BAA+B;iBAChD;aACF;YACD,eAAe,EAAE,cAAc,CAAC,QAAQ;YACxC,YAAY,EAAE,YAAY,CAAC,OAAO;SACnC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,gCAAgC,EAAE,KAAK,IAAI,EAAE;QAC9C,MAAM,QAAQ,GAAiB;YAC7B,IAAI,EAAE,mBAAmB;YACzB,IAAI,EAAE,EAAE,OAAO,EAAE,SAAS,EAAE;SAC7B,CAAC;QACF,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,KAAK,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;QAC7D,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,uCAAuC,EAAE,KAAK,IAAI,EAAE;QACrD,MAAM,QAAQ,GAAiB;YAC7B,IAAI,EAAE,mBAAmB;YACzB,IAAI,EAAE,EAAE,OAAO,EAAE,mBAAmB,EAAE;SACvC,CAAC;QACF,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,KAAK,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;QAC7D,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,+EAA+E,EAAE,KAAK,IAAI,EAAE;QAC7F,MAAM,QAAQ,GAAiB;YAC7B,IAAI,EAAE,mBAAmB;YACzB,IAAI,EAAE,EAAE,OAAO,EAAE,YAAY,EAAE;SAChC,CAAC;QAEF,uDAAuD;QACvD,2EAA2E;QAC3E,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,KAAK,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;QAC7D,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;IACxD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,sGAAsG,EAAE,KAAK,IAAI,EAAE;QACpH,MAAM,QAAQ,GAAiB;YAC7B,IAAI,EAAE,mBAAmB;YACzB,IAAI,EAAE,EAAE,OAAO,EAAE,qBAAqB,EAAE;SACzC,CAAC;QAEF,yEAAyE;QACzE,qEAAqE;QACrE,gCAAgC;QAChC,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,KAAK,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;QAC7D,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;IACxD,CAAC,CAAC,CAAC;IACH,EAAE,CAAC,kFAAkF,EAAE,KAAK,IAAI,EAAE;QAChG,MAAM,QAAQ,GAAiB;YAC7B,IAAI,EAAE,mBAAmB;YACzB,IAAI,EAAE,EAAE,OAAO,EAAE,sBAAsB,EAAE;SAC1C,CAAC;QAEF,gFAAgF;QAChF,6EAA6E;QAC7E,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,KAAK,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;QAC7D,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;IACxD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
+{"version":3,"file":"shell-safety.test.js","sourceRoot":"","sources":["../../../src/policy/shell-safety.test.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,UAAU,EAAE,EAAE,EAAE,MAAM,QAAQ,CAAC;AAE9D,wFAAwF;AACxF,EAAE,CAAC,IAAI,CAAC,yBAAyB,EAAE,KAAK,EAAE,cAAc,EAAE,EAAE;IAC1D,MAAM,MAAM,GACV,MAAM,cAAc,EAA4C,CAAC;IAEnE,4DAA4D;IAC5D,4EAA4E;IAC5E,MAAM,UAAU,GAA6B;QAC3C,SAAS,EAAE,CAAC,SAAS,CAAC;QACtB,mBAAmB,EAAE,CAAC,mBAAmB,CAAC;QAC1C,YAAY,EAAE,CAAC,YAAY,CAAC;QAC5B,qBAAqB,EAAE,CAAC,SAAS,EAAE,UAAU,CAAC;QAC9C,mBAAmB,EAAE,CAAC,SAAS,EAAE,UAAU,CAAC;QAC5C,qBAAqB,EAAE,CAAC,SAAS,EAAE,UAAU,CAAC;QAC9C,sBAAsB,EAAE,EAAE,EAAE,0BAA0B;QACtD,kBAAkB,EAAE,CAAC,kBAAkB,EAAE,UAAU,CAAC;QACpD,iBAAiB,EAAE,CAAC,iBAAiB,EAAE,SAAS,CAAC;QACjD,iBAAiB,EAAE,CAAC,iBAAiB,EAAE,UAAU,CAAC;QAClD,6BAA6B,EAAE;YAC7B,6BAA6B;YAC7B,SAAS;YACT,UAAU;SACX;QACD,iBAAiB,EAAE,CAAC,iBAAiB,EAAE,UAAU,CAAC;QAClD,oBAAoB,EAAE,CAAC,SAAS,EAAE,UAAU,CAAC;QAC7C,8BAA8B,EAAE;YAC9B,8BAA8B;YAC9B,UAAU;SACX;QACD,uCAAuC,EAAE;YACvC,SAAS;YACT,4BAA4B;YAC5B,SAAS;YACT,UAAU;SACX;QACD,4BAA4B,EAAE,CAAC,SAAS,EAAE,iBAAiB,EAAE,SAAS,CAAC;QACvE,qBAAqB,EAAE,CAAC,qBAAqB,CAAC;QAC9C,wBAAwB,EAAE,EAAE,EAAE,6DAA6D;QAC3F,iCAAiC,EAAE,CAAC,qBAAqB,EAAE,UAAU,CAAC;QACtE,+BAA+B,EAAE,CAAC,YAAY,EAAE,iBAAiB,CAAC;QAClE,8CAA8C,EAAE;YAC9C,mBAAmB;YACnB,yBAAyB;SAC1B;QACD,4CAA4C,EAAE;YAC5C,qBAAqB;YACrB,qBAAqB;SACtB;KACF,CAAC;IAEF,OAAO;QACL,GAAG,MAAM;QACT,sBAAsB,EAAE,EAAE,CAAC,EAAE,EAAE;QAC/B,aAAa,EAAE,CAAC,OAAe,EAAE,EAAE;YACjC,IAAI,MAAM,CAAC,SAAS,CAAC,cAAc,CAAC,IAAI,CAAC,UAAU,EAAE,OAAO,CAAC,EAAE,CAAC;gBAC9D,OAAO,UAAU,CAAC,OAAO,CAAC,CAAC;YAC7B,CAAC;YACD,MAAM,KAAK,GAAG,UAAU,CAAC,OAAO,CAAC,CAAC;YAClC,IAAI,KAAK;gBAAE,OAAO,KAAK,CAAC;YACxB,yFAAyF;YACzF,OAAO,CAAC,OAAO,CAAC,CAAC;QACnB,CAAC;QACD,cAAc,EAAE,CAAC,OAAe,EAAE,EAAE;QAClC,2GAA2G;QAC3G,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC;KACvB,CAAC;AACJ,CAAC,CAAC,CAAC;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,cAAc,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAE1D,OAAO,EAAE,iBAAiB,EAAE,MAAM,YAAY,CAAC;AAE/C,QAAQ,CAAC,qBAAqB,EAAE,GAAG,EAAE;IACnC,IAAI,YAA0B,CAAC;IAE/B,qEAAqE;IACrE,SAAS,4BAA4B,CAAC,MAAc;QAClD,MAAM,YAAY,GAAG,iBAAiB,CAAC,SAAS,EAAE,MAAM,EAAE,SAAS,CAAC,CAAC;QACrE,qFAAqF;QACrF,kBAAkB;QAClB,MAAM,WAAW,GAAG,IAAI,MAAM,CAAC,YAAY,CAAC,CAAC,CAAE,CAAC,CAAC;QAEjD,OAAO,IAAI,YAAY,CAAC;YACtB,KAAK,EAAE;gBACL;oBACE,QAAQ,EAAE,mBAAmB;oBAC7B,WAAW;oBACX,QAAQ,EAAE,cAAc,CAAC,KAAK;oBAC9B,QAAQ,EAAE,IAAI;iBACf;aACF;YACD,eAAe,EAAE,cAAc,CAAC,QAAQ;YACxC,YAAY,EAAE,YAAY,CAAC,OAAO;SACnC,CAAC,CAAC;IACL,CAAC;IAED,UAAU,CAAC,GAAG,EAAE;QACd,YAAY,GAAG,4BAA4B,CAAC,SAAS,CAAC,CAAC;IACzD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,gCAAgC,EAAE,KAAK,IAAI,EAAE;QAC9C,MAAM,QAAQ,GAAiB;YAC7B,IAAI,EAAE,mBAAmB;YACzB,IAAI,EAAE,EAAE,OAAO,EAAE,SAAS,EAAE;SAC7B,CAAC;QACF,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,KAAK,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;QAC7D,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,uCAAuC,EAAE,KAAK,IAAI,EAAE;QACrD,MAAM,QAAQ,GAAiB;YAC7B,IAAI,EAAE,mBAAmB;YACzB,IAAI,EAAE,EAAE,OAAO,EAAE,mBAAmB,EAAE;SACvC,CAAC;QACF,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,KAAK,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;QAC7D,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,+EAA+E,EAAE,KAAK,IAAI,EAAE;QAC7F,MAAM,QAAQ,GAAiB;YAC7B,IAAI,EAAE,mBAAmB;YACzB,IAAI,EAAE,EAAE,OAAO,EAAE,YAAY,EAAE;SAChC,CAAC;QAEF,uDAAuD;QACvD,2EAA2E;QAC3E,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,KAAK,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;QAC7D,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;IACxD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,sGAAsG,EAAE,KAAK,IAAI,EAAE;QACpH,MAAM,QAAQ,GAAiB;YAC7B,IAAI,EAAE,mBAAmB;YACzB,IAAI,EAAE,EAAE,OAAO,EAAE,qBAAqB,EAAE;SACzC,CAAC;QAEF,yEAAyE;QACzE,qEAAqE;QACrE,gCAAgC;QAChC,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,KAAK,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;QAC7D,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;IACxD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,4DAA4D,EAAE,KAAK,IAAI,EAAE;QAC1E,MAAM,QAAQ,GAAiB;YAC7B,IAAI,EAAE,mBAAmB;YACzB,IAAI,EAAE,EAAE,OAAO,EAAE,mBAAmB,EAAE;SACvC,CAAC;QACF,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,KAAK,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;QAC7D,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;IACxD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,uDAAuD,EAAE,KAAK,IAAI,EAAE;QACrE,MAAM,QAAQ,GAAiB;YAC7B,IAAI,EAAE,mBAAmB;YACzB,IAAI,EAAE,EAAE,OAAO,EAAE,qBAAqB,EAAE;SACzC,CAAC;QACF,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,KAAK,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;QAC7D,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;IACxD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,kFAAkF,EAAE,KAAK,IAAI,EAAE;QAChG,MAAM,QAAQ,GAAiB;YAC7B,IAAI,EAAE,mBAAmB;YACzB,IAAI,EAAE,EAAE,OAAO,EAAE,sBAAsB,EAAE;SAC1C,CAAC;QAEF,gFAAgF;QAChF,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,KAAK,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;QAC7D,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;IACxD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,mDAAmD,EAAE,KAAK,IAAI,EAAE;QACjE,MAAM,QAAQ,GAAiB;YAC7B,IAAI,EAAE,mBAAmB;YACzB,IAAI,EAAE,EAAE,OAAO,EAAE,kBAAkB,EAAE;SACtC,CAAC;QACF,oFAAoF;QACpF,mEAAmE;QACnE,gFAAgF;QAChF,MAAM,UAAU,GAAG,4BAA4B,CAAC,MAAM,CAAC,CAAC;QACxD,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,KAAK,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;QAC3D,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;IACxD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,oEAAoE,EAAE,KAAK,IAAI,EAAE;QAClF,iCAAiC;QACjC,MAAM,gBAAgB,GAAG,iBAAiB,CAAC,SAAS,EAAE,MAAM,EAAE,SAAS,CAAC,CAAC;QACzE,MAAM,eAAe,GAAG,iBAAiB,CAAC,SAAS,EAAE,KAAK,EAAE,SAAS,CAAC,CAAC,CAAC,gBAAgB;QAExF,MAAM,oBAAoB,GAAG,IAAI,YAAY,CAAC;YAC5C,KAAK,EAAE;gBACL;oBACE,QAAQ,EAAE,mBAAmB;oBAC7B,WAAW,EAAE,IAAI,MAAM,CAAC,gBAAgB,CAAC,CAAC,CAAE,CAAC;oBAC7C,QAAQ,EAAE,cAAc,CAAC,KAAK;oBAC9B,QAAQ,EAAE,CAAC;iBACZ;gBACD;oBACE,QAAQ,EAAE,mBAAmB;oBAC7B,WAAW,EAAE,IAAI,MAAM,CAAC,eAAe,CAAC,CAAC,CAAE,CAAC;oBAC5C,QAAQ,EAAE,cAAc,CAAC,KAAK;oBAC9B,QAAQ,EAAE,CAAC;iBACZ;aACF;YACD,eAAe,EAAE,cAAc,CAAC,QAAQ;SACzC,CAAC,CAAC;QAEH,MAAM,QAAQ,GAAiB;YAC7B,IAAI,EAAE,mBAAmB;YACzB,IAAI,EAAE,EAAE,OAAO,EAAE,iBAAiB,EAAE;SACrC,CAAC;QAEF,MAAM,MAAM,GAAG,MAAM,oBAAoB,CAAC,KAAK,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;QACrE,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;IACH,EAAE,CAAC,iEAAiE,EAAE,KAAK,IAAI,EAAE;QAC/E,MAAM,QAAQ,GAAiB;YAC7B,IAAI,EAAE,mBAAmB;YACzB,IAAI,EAAE,EAAE,OAAO,EAAE,iBAAiB,EAAE;SACrC,CAAC;QACF,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,KAAK,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;QAC7D,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;IACxD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,mDAAmD,EAAE,KAAK,IAAI,EAAE;QACjE,MAAM,QAAQ,GAAiB;YAC7B,IAAI,EAAE,mBAAmB;YACzB,IAAI,EAAE,EAAE,OAAO,EAAE,6BAA6B,EAAE;SACjD,CAAC;QACF,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,KAAK,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;QAC7D,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;IACxD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,mDAAmD,EAAE,KAAK,IAAI,EAAE;QACjE,8DAA8D;QAC9D,MAAM,QAAQ,GAAiB;YAC7B,IAAI,EAAE,mBAAmB;YACzB,IAAI,EAAE,EAAE,OAAO,EAAE,iBAAiB,EAAE;SACrC,CAAC;QACF,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,KAAK,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;QAC7D,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;IACxD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,sDAAsD,EAAE,KAAK,IAAI,EAAE;QACpE,MAAM,QAAQ,GAAiB;YAC7B,IAAI,EAAE,mBAAmB;YACzB,IAAI,EAAE,EAAE,OAAO,EAAE,oBAAoB,EAAE;SACxC,CAAC;QACF,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,KAAK,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;QAC7D,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;IACxD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,2DAA2D,EAAE,KAAK,IAAI,EAAE;QACzE,MAAM,QAAQ,GAAiB;YAC7B,IAAI,EAAE,mBAAmB;YACzB,IAAI,EAAE,EAAE,OAAO,EAAE,8BAA8B,EAAE;SAClD,CAAC;QACF,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,KAAK,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;QAC7D,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;IACxD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,kFAAkF,EAAE,KAAK,IAAI,EAAE;QAChG,MAAM,QAAQ,GAAiB;YAC7B,IAAI,EAAE,mBAAmB;YACzB,IAAI,EAAE,EAAE,OAAO,EAAE,uCAAuC,EAAE;SAC3D,CAAC;QACF,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,KAAK,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;QAC7D,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;IACxD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,oEAAoE,EAAE,KAAK,IAAI,EAAE;QAClF,iCAAiC;QACjC,MAAM,gBAAgB,GAAG,iBAAiB,CAAC,SAAS,EAAE,MAAM,EAAE,SAAS,CAAC,CAAC;QACzE,MAAM,eAAe,GAAG,iBAAiB,CAAC,SAAS,EAAE,KAAK,EAAE,SAAS,CAAC,CAAC;QAEvE,MAAM,oBAAoB,GAAG,IAAI,YAAY,CAAC;YAC5C,KAAK,EAAE;gBACL;oBACE,QAAQ,EAAE,mBAAmB;oBAC7B,WAAW,EAAE,IAAI,MAAM,CAAC,gBAAgB,CAAC,CAAC,CAAE,CAAC;oBAC7C,QAAQ,EAAE,cAAc,CAAC,KAAK;oBAC9B,QAAQ,EAAE,CAAC;iBACZ;gBACD;oBACE,QAAQ,EAAE,mBAAmB;oBAC7B,yCAAyC;oBACzC,WAAW,EAAE,IAAI,MAAM,CAAC,eAAe,CAAC,CAAC,CAAE,CAAC;oBAC5C,QAAQ,EAAE,cAAc,CAAC,KAAK;oBAC9B,QAAQ,EAAE,CAAC;iBACZ;aACF;YACD,eAAe,EAAE,cAAc,CAAC,QAAQ;SACzC,CAAC,CAAC;QAEH,MAAM,QAAQ,GAAiB;YAC7B,IAAI,EAAE,mBAAmB;YACzB,IAAI,EAAE,EAAE,OAAO,EAAE,4BAA4B,EAAE;SAChD,CAAC;QAEF,MAAM,MAAM,GAAG,MAAM,oBAAoB,CAAC,KAAK,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;QACrE,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,kDAAkD,EAAE,KAAK,IAAI,EAAE;QAChE,wGAAwG;QACxG,MAAM,QAAQ,GAAiB;YAC7B,IAAI,EAAE,mBAAmB;YACzB,IAAI,EAAE,EAAE,OAAO,EAAE,qBAAqB,EAAE;SACzC,CAAC;QACF,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,KAAK,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;QAC7D,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;IACxD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,0EAA0E,EAAE,KAAK,IAAI,EAAE;QACxF,iEAAiE;QACjE,MAAM,kBAAkB,GAAG,iBAAiB,CAC1C,SAAS,EACT,SAAS,EACT,SAAS,CACV,CAAC;QACF,MAAM,qBAAqB,GAAG,IAAI,YAAY,CAAC;YAC7C,KAAK,EAAE;gBACL;oBACE,QAAQ,EAAE,mBAAmB;oBAC7B,WAAW,EAAE,IAAI,MAAM,CAAC,kBAAkB,CAAC,CAAC,CAAE,CAAC;oBAC/C,QAAQ,EAAE,cAAc,CAAC,KAAK;oBAC9B,QAAQ,EAAE,CAAC;oBACX,gBAAgB,EAAE,IAAI;iBACvB;aACF;YACD,eAAe,EAAE,cAAc,CAAC,QAAQ;SACzC,CAAC,CAAC;QAEH,MAAM,QAAQ,GAAiB;YAC7B,IAAI,EAAE,mBAAmB;YACzB,IAAI,EAAE,EAAE,OAAO,EAAE,qBAAqB,EAAE;SACzC,CAAC;QACF,MAAM,MAAM,GAAG,MAAM,qBAAqB,CAAC,KAAK,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;QACtE,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,uEAAuE,EAAE,KAAK,IAAI,EAAE;QACrF,6EAA6E;QAC7E,yFAAyF;QACzF,MAAM,QAAQ,GAAiB;YAC7B,IAAI,EAAE,mBAAmB;YACzB,IAAI,EAAE,EAAE,OAAO,EAAE,wBAAwB,EAAE;SAC5C,CAAC;QACF,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,KAAK,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;QAC7D,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;IACxD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,oEAAoE,EAAE,KAAK,IAAI,EAAE;QAClF,YAAY;QACZ,oDAAoD;QACpD,0BAA0B;QAC1B,0BAA0B;QAC1B,MAAM,gBAAgB,GAAG,iBAAiB,CACxC,SAAS,EACT,UAAU,EACV,SAAS,CACV,CAAC;QAEF,MAAM,cAAc,GAAG,IAAI,YAAY,CAAC;YACtC,KAAK,EAAE;gBACL;oBACE,QAAQ,EAAE,mBAAmB;oBAC7B,WAAW,EAAE,IAAI,MAAM,CAAC,gBAAgB,CAAC,CAAC,CAAE,CAAC;oBAC7C,QAAQ,EAAE,cAAc,CAAC,IAAI;oBAC7B,QAAQ,EAAE,CAAC;iBACZ;aACF;YACD,eAAe,EAAE,cAAc,CAAC,QAAQ;SACzC,CAAC,CAAC;QAEH,MAAM,QAAQ,GAAiB;YAC7B,IAAI,EAAE,mBAAmB;YACzB,IAAI,EAAE,EAAE,OAAO,EAAE,iCAAiC,EAAE;SACrD,CAAC;QAEF,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,KAAK,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;QAC/D,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC;IACpD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,2EAA2E,EAAE,KAAK,IAAI,EAAE;QACzF,YAAY;QACZ,kEAAkE;QAClE,oFAAoF;QACpF,MAAM,qBAAqB,GAAG,iBAAiB,CAC7C,SAAS,EACT,YAAY,EACZ,SAAS,CACV,CAAC;QAEF,MAAM,YAAY,GAAG,IAAI,YAAY,CAAC;YACpC,KAAK,EAAE;gBACL;oBACE,QAAQ,EAAE,mBAAmB;oBAC7B,WAAW,EAAE,IAAI,MAAM,CAAC,qBAAqB,CAAC,CAAC,CAAE,CAAC;oBAClD,QAAQ,EAAE,cAAc,CAAC,KAAK;oBAC9B,QAAQ,EAAE,CAAC;oBACX,IAAI,EAAE,uBAAuB,EAAE,iCAAiC;iBACjE;aACF;YACD,eAAe,EAAE,cAAc,CAAC,QAAQ;SACzC,CAAC,CAAC;QAEH,MAAM,QAAQ,GAAiB;YAC7B,IAAI,EAAE,mBAAmB;YACzB,IAAI,EAAE,EAAE,OAAO,EAAE,+BAA+B,EAAE;SACnD,CAAC;QAEF,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,KAAK,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;QAC7D,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;QACtD,qGAAqG;QACrG,2IAA2I;QAC3I,qFAAqF;QACrF,sEAAsE;QACtE,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,aAAa,EAAE,CAAC;IACtC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,wGAAwG,EAAE,KAAK,IAAI,EAAE;QACtH,YAAY;QACZ,qGAAqG;QACrG,gFAAgF;QAChF,MAAM,0BAA0B,GAAG,iBAAiB,CAClD,SAAS,EACT,yBAAyB,EACzB,SAAS,CACV,CAAC;QAEF,MAAM,YAAY,GAAG,IAAI,YAAY,CAAC;YACpC,KAAK,EAAE;gBACL;oBACE,QAAQ,EAAE,mBAAmB;oBAC7B,WAAW,EAAE,IAAI,MAAM,CAAC,0BAA0B,CAAC,CAAC,CAAE,CAAC;oBACvD,QAAQ,EAAE,cAAc,CAAC,QAAQ;oBACjC,QAAQ,EAAE,CAAC;oBACX,IAAI,EAAE,kCAAkC;iBACzC;aACF;YACD,eAAe,EAAE,cAAc,CAAC,QAAQ;SACzC,CAAC,CAAC;QAEH,MAAM,QAAQ,GAAiB;YAC7B,IAAI,EAAE,mBAAmB;YACzB,IAAI,EAAE,EAAE,OAAO,EAAE,8CAA8C,EAAE;SAClE,CAAC;QAEF,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,KAAK,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;QAC7D,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;QACtD,gEAAgE;QAChE,8CAA8C;QAC9C,gDAAgD;QAChD,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,aAAa,EAAE,CAAC;IACtC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,0HAA0H,EAAE,KAAK,IAAI,EAAE;QACxI,YAAY;QACZ,6GAA6G;QAC7G,+EAA+E;QAC/E,iGAAiG;QACjG,8DAA8D;QAC9D,MAAM,gBAAgB,GAAG,iBAAiB,CACxC,SAAS,EACT,qBAAqB,EACrB,SAAS,CACV,CAAC;QACF,MAAM,gBAAgB,GAAG,iBAAiB,CACxC,SAAS,EACT,qBAAqB,EACrB,SAAS,CACV,CAAC;QAEF,MAAM,YAAY,GAAG,IAAI,YAAY,CAAC;YACpC,KAAK,EAAE;gBACL;oBACE,QAAQ,EAAE,mBAAmB;oBAC7B,WAAW,EAAE,IAAI,MAAM,CAAC,gBAAgB,CAAC,CAAC,CAAE,CAAC;oBAC7C,QAAQ,EAAE,cAAc,CAAC,QAAQ;oBACjC,QAAQ,EAAE,CAAC;oBACX,IAAI,EAAE,YAAY;iBACnB;gBACD;oBACE,QAAQ,EAAE,mBAAmB;oBAC7B,WAAW,EAAE,IAAI,MAAM,CAAC,gBAAgB,CAAC,CAAC,CAAE,CAAC;oBAC7C,QAAQ,EAAE,cAAc,CAAC,QAAQ;oBACjC,QAAQ,EAAE,CAAC;oBACX,IAAI,EAAE,YAAY;iBACnB;aACF;YACD,eAAe,EAAE,cAAc,CAAC,KAAK,EAAE,+CAA+C;SACvF,CAAC,CAAC;QAEH,MAAM,QAAQ,GAAiB;YAC7B,IAAI,EAAE,mBAAmB;YACzB,IAAI,EAAE,EAAE,OAAO,EAAE,4CAA4C,EAAE;SAChE,CAAC;QAEF,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,KAAK,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;QAC7D,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;QACtD,0DAA0D;QAC1D,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;IAC/C,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/src/policy/toml-loader.d.ts

@@ -29,14 +29,6 @@ export interface PolicyLoadResult {
     checkers: SafetyCheckerRule[];
     errors: PolicyFileError[];
 }
-/**
- * Escapes special regex characters in a string for use in a regex pattern.
- * This is used for commandPrefix to ensure literal string matching.
- *
- * @param str The string to escape
- * @returns The escaped string safe for use in a regex
- */
-export declare function escapeRegex(str: string): string;
 /**
  * Loads and parses policies from TOML files in the specified directories.
  *

package/dist/src/policy/toml-loader.js

@@ -4,6 +4,7 @@
  * SPDX-License-Identifier: Apache-2.0
  */
 import { PolicyDecision, ApprovalMode, InProcessCheckerType, } from './types.js';
+import { buildArgsPatterns } from './utils.js';
 import fs from 'node:fs/promises';
 import path from 'node:path';
 import toml from '@iarna/toml';
@@ -34,6 +35,7 @@ const PolicyRuleSchema = z.object({
         message: 'priority must be <= 999 to prevent tier overflow. Priorities >= 1000 would jump to the next tier.',
     }),
     modes: z.array(z.nativeEnum(ApprovalMode)).optional(),
+    allow_redirection: z.boolean().optional(),
 });
 /**
  * Schema for a single safety checker rule in the TOML file.
@@ -68,16 +70,6 @@ const PolicyFileSchema = z.object({
     rule: z.array(PolicyRuleSchema).optional(),
     safety_checker: z.array(SafetyCheckerRuleSchema).optional(),
 });
-/**
- * Escapes special regex characters in a string for use in a regex pattern.
- * This is used for commandPrefix to ensure literal string matching.
- *
- * @param str The string to escape
- * @returns The escaped string safe for use in a regex
- */
-export function escapeRegex(str) {
-    return str.replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
-}
 /**
  * Converts a tier number to a human-readable tier name.
  */
@@ -226,7 +218,6 @@ export async function loadPoliciesFromToml(policyDirs, getPolicyTier) {
                 }
                 // Validate shell command convenience syntax
                 const tomlRules = validationResult.data.rule ?? [];
-                const tomlCheckers = validationResult.data.safety_checker ?? [];
                 for (let i = 0; i < tomlRules.length; i++) {
                     const rule = tomlRules[i];
                     const validationError = validateShellCommandSyntax(rule, i);
@@ -255,8 +246,8 @@ export async function loadPoliciesFromToml(policyDirs, getPolicyTier) {
                         });
                     }
                 }
-                for (let i = 0; i < tomlCheckers.length; i++) {
-                    const checker = tomlCheckers[i];
+                for (let i = 0; i < checkers.length; i++) {
+                    const checker = checkers[i];
                     if (tier > 1 && checker.modes && checker.modes.length > 0) {
                         errors.push({
                             filePath,
@@ -273,22 +264,7 @@ export async function loadPoliciesFromToml(policyDirs, getPolicyTier) {
                 // Transform rules
                 const parsedRules = (validationResult.data.rule ?? [])
                     .flatMap((rule) => {
-                    // Transform commandPrefix/commandRegex to argsPattern
-                    let effectiveArgsPattern = rule.argsPattern;
-                    const commandPrefixes = [];
-                    if (rule.commandPrefix) {
-                        const prefixes = Array.isArray(rule.commandPrefix)
-                            ? rule.commandPrefix
-                            : [rule.commandPrefix];
-                        commandPrefixes.push(...prefixes);
-                    }
-                    else if (rule.commandRegex) {
-                        effectiveArgsPattern = `"command":"${rule.commandRegex}`;
-                    }
-                    // Expand command prefixes to multiple patterns
-                    const argsPatterns = commandPrefixes.length > 0
-                        ? commandPrefixes.map((prefix) => `"command":"${escapeRegex(prefix)}(?:[\\s"]|$)`)
-                        : [effectiveArgsPattern];
+                    const argsPatterns = buildArgsPatterns(rule.argsPattern, rule.commandPrefix, rule.commandRegex);
                     // For each argsPattern, expand toolName arrays
                     return argsPatterns.flatMap((argsPattern) => {
                         const toolNames = rule.toolName
@@ -313,7 +289,12 @@ export async function loadPoliciesFromToml(policyDirs, getPolicyTier) {
                                 toolName: effectiveToolName,
                                 decision: rule.decision,
                                 priority: transformPriority(rule.priority, tier),
-                                modes: tier === 1 ? rule.modes : undefined,
+                                // Only include modes if valid (tier 1 or empty/undefined)
+                                // If invalid (tier > 1 with modes), it was already reported as error above
+                                modes: tier === 1 || !rule.modes || rule.modes.length === 0
+                                    ? rule.modes
+                                    : undefined,
+                                allowRedirection: rule.allow_redirection,
                             };
                             // Compile regex pattern
                             if (argsPattern) {
@@ -344,20 +325,7 @@ export async function loadPoliciesFromToml(policyDirs, getPolicyTier) {
                 // Transform checkers
                 const parsedCheckers = (validationResult.data.safety_checker ?? [])
                     .flatMap((checker) => {
-                    let effectiveArgsPattern = checker.argsPattern;
-                    const commandPrefixes = [];
-                    if (checker.commandPrefix) {
-                        const prefixes = Array.isArray(checker.commandPrefix)
-                            ? checker.commandPrefix
-                            : [checker.commandPrefix];
-                        commandPrefixes.push(...prefixes);
-                    }
-                    else if (checker.commandRegex) {
-                        effectiveArgsPattern = `"command":"${checker.commandRegex}`;
-                    }
-                    const argsPatterns = commandPrefixes.length > 0
-                        ? commandPrefixes.map((prefix) => `"command":"${escapeRegex(prefix)}(?:[\\s"]|$)`)
-                        : [effectiveArgsPattern];
+                    const argsPatterns = buildArgsPatterns(checker.argsPattern, checker.commandPrefix, checker.commandRegex);
                     return argsPatterns.flatMap((argsPattern) => {
                         const toolNames = checker.toolName
                             ? Array.isArray(checker.toolName)
@@ -379,7 +347,7 @@ export async function loadPoliciesFromToml(policyDirs, getPolicyTier) {
                                 toolName: effectiveToolName,
                                 priority: checker.priority,
                                 checker: checker.checker,
-                                modes: tier === 1 ? checker.modes : undefined,
+                                modes: checker.modes,
                             };
                             if (argsPattern) {
                                 try {