@nervekit/tools 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +201 -0
- package/NOTICE +5 -0
- package/dist/catalog/core/filesystem.tools.d.ts +140 -0
- package/dist/catalog/core/filesystem.tools.d.ts.map +1 -0
- package/dist/catalog/core/filesystem.tools.js +221 -0
- package/dist/catalog/core/filesystem.tools.js.map +1 -0
- package/dist/catalog/core/interaction.tools.d.ts +37 -0
- package/dist/catalog/core/interaction.tools.d.ts.map +1 -0
- package/dist/catalog/core/interaction.tools.js +55 -0
- package/dist/catalog/core/interaction.tools.js.map +1 -0
- package/dist/catalog/core/python.tools.d.ts +17 -0
- package/dist/catalog/core/python.tools.d.ts.map +1 -0
- package/dist/catalog/core/python.tools.js +32 -0
- package/dist/catalog/core/python.tools.js.map +1 -0
- package/dist/catalog/core/shell.tools.d.ts +14 -0
- package/dist/catalog/core/shell.tools.d.ts.map +1 -0
- package/dist/catalog/core/shell.tools.js +22 -0
- package/dist/catalog/core/shell.tools.js.map +1 -0
- package/dist/catalog/core/web.tools.d.ts +23 -0
- package/dist/catalog/core/web.tools.d.ts.map +1 -0
- package/dist/catalog/core/web.tools.js +34 -0
- package/dist/catalog/core/web.tools.js.map +1 -0
- package/dist/catalog/descriptors.d.ts +4 -0
- package/dist/catalog/descriptors.d.ts.map +1 -0
- package/dist/catalog/descriptors.js +17 -0
- package/dist/catalog/descriptors.js.map +1 -0
- package/dist/catalog/index.d.ts +18 -0
- package/dist/catalog/index.d.ts.map +1 -0
- package/dist/catalog/index.js +44 -0
- package/dist/catalog/index.js.map +1 -0
- package/dist/catalog/orchestration/explore.tools.d.ts +20 -0
- package/dist/catalog/orchestration/explore.tools.d.ts.map +1 -0
- package/dist/catalog/orchestration/explore.tools.js +42 -0
- package/dist/catalog/orchestration/explore.tools.js.map +1 -0
- package/dist/catalog/orchestration/plan-mode.tools.d.ts +32 -0
- package/dist/catalog/orchestration/plan-mode.tools.d.ts.map +1 -0
- package/dist/catalog/orchestration/plan-mode.tools.js +43 -0
- package/dist/catalog/orchestration/plan-mode.tools.js.map +1 -0
- package/dist/catalog/orchestration/process.tools.d.ts +68 -0
- package/dist/catalog/orchestration/process.tools.d.ts.map +1 -0
- package/dist/catalog/orchestration/process.tools.js +96 -0
- package/dist/catalog/orchestration/process.tools.js.map +1 -0
- package/dist/catalog/orchestration/subagent.tools.d.ts +16 -0
- package/dist/catalog/orchestration/subagent.tools.d.ts.map +1 -0
- package/dist/catalog/orchestration/subagent.tools.js +25 -0
- package/dist/catalog/orchestration/subagent.tools.js.map +1 -0
- package/dist/catalog/orchestration/task.tools.d.ts +107 -0
- package/dist/catalog/orchestration/task.tools.d.ts.map +1 -0
- package/dist/catalog/orchestration/task.tools.js +170 -0
- package/dist/catalog/orchestration/task.tools.js.map +1 -0
- package/dist/catalog/risk.d.ts +3 -0
- package/dist/catalog/risk.d.ts.map +1 -0
- package/dist/catalog/risk.js +29 -0
- package/dist/catalog/risk.js.map +1 -0
- package/dist/catalog/types.d.ts +14 -0
- package/dist/catalog/types.d.ts.map +1 -0
- package/dist/catalog/types.js +2 -0
- package/dist/catalog/types.js.map +1 -0
- package/dist/definitions.d.ts +2 -0
- package/dist/definitions.d.ts.map +1 -0
- package/dist/definitions.js +2 -0
- package/dist/definitions.js.map +1 -0
- package/dist/execution/atomic-write.d.ts +2 -0
- package/dist/execution/atomic-write.d.ts.map +1 -0
- package/dist/execution/atomic-write.js +7 -0
- package/dist/execution/atomic-write.js.map +1 -0
- package/dist/execution/bash.d.ts +3 -0
- package/dist/execution/bash.d.ts.map +1 -0
- package/dist/execution/bash.js +133 -0
- package/dist/execution/bash.js.map +1 -0
- package/dist/execution/common/args.d.ts +2 -0
- package/dist/execution/common/args.d.ts.map +1 -0
- package/dist/execution/common/args.js +6 -0
- package/dist/execution/common/args.js.map +1 -0
- package/dist/execution/common/output-budget.d.ts +61 -0
- package/dist/execution/common/output-budget.d.ts.map +1 -0
- package/dist/execution/common/output-budget.js +140 -0
- package/dist/execution/common/output-budget.js.map +1 -0
- package/dist/execution/common/process-result.d.ts +44 -0
- package/dist/execution/common/process-result.d.ts.map +1 -0
- package/dist/execution/common/process-result.js +322 -0
- package/dist/execution/common/process-result.js.map +1 -0
- package/dist/execution/common/search-utils.d.ts +8 -0
- package/dist/execution/common/search-utils.d.ts.map +1 -0
- package/dist/execution/common/search-utils.js +110 -0
- package/dist/execution/common/search-utils.js.map +1 -0
- package/dist/execution/common/tool-error.d.ts +8 -0
- package/dist/execution/common/tool-error.d.ts.map +1 -0
- package/dist/execution/common/tool-error.js +14 -0
- package/dist/execution/common/tool-error.js.map +1 -0
- package/dist/execution/common/truncate.d.ts +27 -0
- package/dist/execution/common/truncate.d.ts.map +1 -0
- package/dist/execution/common/truncate.js +108 -0
- package/dist/execution/common/truncate.js.map +1 -0
- package/dist/execution/common.d.ts +2 -0
- package/dist/execution/common.d.ts.map +1 -0
- package/dist/execution/common.js +6 -0
- package/dist/execution/common.js.map +1 -0
- package/dist/execution/core-dispatch.d.ts +4 -0
- package/dist/execution/core-dispatch.d.ts.map +1 -0
- package/dist/execution/core-dispatch.js +58 -0
- package/dist/execution/core-dispatch.js.map +1 -0
- package/dist/execution/dispatch.d.ts +4 -0
- package/dist/execution/dispatch.d.ts.map +1 -0
- package/dist/execution/dispatch.js +54 -0
- package/dist/execution/dispatch.js.map +1 -0
- package/dist/execution/edit.d.ts +9 -0
- package/dist/execution/edit.d.ts.map +1 -0
- package/dist/execution/edit.js +175 -0
- package/dist/execution/edit.js.map +1 -0
- package/dist/execution/file-mutation-queue.d.ts +2 -0
- package/dist/execution/file-mutation-queue.d.ts.map +1 -0
- package/dist/execution/file-mutation-queue.js +19 -0
- package/dist/execution/file-mutation-queue.js.map +1 -0
- package/dist/execution/filesystem/atomic-write.d.ts +2 -0
- package/dist/execution/filesystem/atomic-write.d.ts.map +1 -0
- package/dist/execution/filesystem/atomic-write.js +7 -0
- package/dist/execution/filesystem/atomic-write.js.map +1 -0
- package/dist/execution/filesystem/edit-args.d.ts +46 -0
- package/dist/execution/filesystem/edit-args.d.ts.map +1 -0
- package/dist/execution/filesystem/edit-args.js +212 -0
- package/dist/execution/filesystem/edit-args.js.map +1 -0
- package/dist/execution/filesystem/edit-errors.d.ts +4 -0
- package/dist/execution/filesystem/edit-errors.d.ts.map +1 -0
- package/dist/execution/filesystem/edit-errors.js +8 -0
- package/dist/execution/filesystem/edit-errors.js.map +1 -0
- package/dist/execution/filesystem/edit.d.ts +4 -0
- package/dist/execution/filesystem/edit.d.ts.map +1 -0
- package/dist/execution/filesystem/edit.js +330 -0
- package/dist/execution/filesystem/edit.js.map +1 -0
- package/dist/execution/filesystem/file-mutation-queue.d.ts +2 -0
- package/dist/execution/filesystem/file-mutation-queue.d.ts.map +1 -0
- package/dist/execution/filesystem/file-mutation-queue.js +19 -0
- package/dist/execution/filesystem/file-mutation-queue.js.map +1 -0
- package/dist/execution/filesystem/find.d.ts +3 -0
- package/dist/execution/filesystem/find.d.ts.map +1 -0
- package/dist/execution/filesystem/find.js +93 -0
- package/dist/execution/filesystem/find.js.map +1 -0
- package/dist/execution/filesystem/legacy-edit.d.ts +9 -0
- package/dist/execution/filesystem/legacy-edit.d.ts.map +1 -0
- package/dist/execution/filesystem/legacy-edit.js +122 -0
- package/dist/execution/filesystem/legacy-edit.js.map +1 -0
- package/dist/execution/filesystem/list.d.ts +3 -0
- package/dist/execution/filesystem/list.d.ts.map +1 -0
- package/dist/execution/filesystem/list.js +49 -0
- package/dist/execution/filesystem/list.js.map +1 -0
- package/dist/execution/filesystem/path.d.ts +7 -0
- package/dist/execution/filesystem/path.d.ts.map +1 -0
- package/dist/execution/filesystem/path.js +69 -0
- package/dist/execution/filesystem/path.js.map +1 -0
- package/dist/execution/filesystem/read.d.ts +3 -0
- package/dist/execution/filesystem/read.d.ts.map +1 -0
- package/dist/execution/filesystem/read.js +225 -0
- package/dist/execution/filesystem/read.js.map +1 -0
- package/dist/execution/filesystem/search.d.ts +3 -0
- package/dist/execution/filesystem/search.d.ts.map +1 -0
- package/dist/execution/filesystem/search.js +149 -0
- package/dist/execution/filesystem/search.js.map +1 -0
- package/dist/execution/filesystem/smart-match.d.ts +31 -0
- package/dist/execution/filesystem/smart-match.d.ts.map +1 -0
- package/dist/execution/filesystem/smart-match.js +309 -0
- package/dist/execution/filesystem/smart-match.js.map +1 -0
- package/dist/execution/filesystem/text-editing.d.ts +9 -0
- package/dist/execution/filesystem/text-editing.d.ts.map +1 -0
- package/dist/execution/filesystem/text-editing.js +43 -0
- package/dist/execution/filesystem/text-editing.js.map +1 -0
- package/dist/execution/filesystem/write.d.ts +3 -0
- package/dist/execution/filesystem/write.d.ts.map +1 -0
- package/dist/execution/filesystem/write.js +21 -0
- package/dist/execution/filesystem/write.js.map +1 -0
- package/dist/execution/find.d.ts +3 -0
- package/dist/execution/find.d.ts.map +1 -0
- package/dist/execution/find.js +90 -0
- package/dist/execution/find.js.map +1 -0
- package/dist/execution/index.d.ts +18 -0
- package/dist/execution/index.d.ts.map +1 -0
- package/dist/execution/index.js +17 -0
- package/dist/execution/index.js.map +1 -0
- package/dist/execution/list.d.ts +3 -0
- package/dist/execution/list.d.ts.map +1 -0
- package/dist/execution/list.js +46 -0
- package/dist/execution/list.js.map +1 -0
- package/dist/execution/path.d.ts +7 -0
- package/dist/execution/path.d.ts.map +1 -0
- package/dist/execution/path.js +69 -0
- package/dist/execution/path.js.map +1 -0
- package/dist/execution/python/python.d.ts +3 -0
- package/dist/execution/python/python.d.ts.map +1 -0
- package/dist/execution/python/python.js +566 -0
- package/dist/execution/python/python.js.map +1 -0
- package/dist/execution/python/runtime.d.ts +22 -0
- package/dist/execution/python/runtime.d.ts.map +1 -0
- package/dist/execution/python/runtime.js +178 -0
- package/dist/execution/python/runtime.js.map +1 -0
- package/dist/execution/read.d.ts +3 -0
- package/dist/execution/read.d.ts.map +1 -0
- package/dist/execution/read.js +97 -0
- package/dist/execution/read.js.map +1 -0
- package/dist/execution/search-utils.d.ts +8 -0
- package/dist/execution/search-utils.d.ts.map +1 -0
- package/dist/execution/search-utils.js +110 -0
- package/dist/execution/search-utils.js.map +1 -0
- package/dist/execution/search.d.ts +3 -0
- package/dist/execution/search.d.ts.map +1 -0
- package/dist/execution/search.js +131 -0
- package/dist/execution/search.js.map +1 -0
- package/dist/execution/shell/bash.d.ts +3 -0
- package/dist/execution/shell/bash.d.ts.map +1 -0
- package/dist/execution/shell/bash.js +134 -0
- package/dist/execution/shell/bash.js.map +1 -0
- package/dist/execution/truncate.d.ts +21 -0
- package/dist/execution/truncate.d.ts.map +1 -0
- package/dist/execution/truncate.js +94 -0
- package/dist/execution/truncate.js.map +1 -0
- package/dist/execution/web/web-fetch.d.ts +3 -0
- package/dist/execution/web/web-fetch.d.ts.map +1 -0
- package/dist/execution/web/web-fetch.js +132 -0
- package/dist/execution/web/web-fetch.js.map +1 -0
- package/dist/execution/web/web-search.d.ts +3 -0
- package/dist/execution/web/web-search.d.ts.map +1 -0
- package/dist/execution/web/web-search.js +59 -0
- package/dist/execution/web/web-search.js.map +1 -0
- package/dist/execution/web-fetch.d.ts +3 -0
- package/dist/execution/web-fetch.d.ts.map +1 -0
- package/dist/execution/web-fetch.js +132 -0
- package/dist/execution/web-fetch.js.map +1 -0
- package/dist/execution/web-search.d.ts +3 -0
- package/dist/execution/web-search.d.ts.map +1 -0
- package/dist/execution/web-search.js +59 -0
- package/dist/execution/web-search.js.map +1 -0
- package/dist/execution/write.d.ts +3 -0
- package/dist/execution/write.d.ts.map +1 -0
- package/dist/execution/write.js +21 -0
- package/dist/execution/write.js.map +1 -0
- package/dist/index.d.ts +9 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +11 -0
- package/dist/index.js.map +1 -0
- package/dist/safety/command-policy-git.d.ts +2 -0
- package/dist/safety/command-policy-git.d.ts.map +1 -0
- package/dist/safety/command-policy-git.js +88 -0
- package/dist/safety/command-policy-git.js.map +1 -0
- package/dist/safety/command-policy-options.d.ts +6 -0
- package/dist/safety/command-policy-options.d.ts.map +1 -0
- package/dist/safety/command-policy-options.js +112 -0
- package/dist/safety/command-policy-options.js.map +1 -0
- package/dist/safety/command-policy-packages.d.ts +4 -0
- package/dist/safety/command-policy-packages.d.ts.map +1 -0
- package/dist/safety/command-policy-packages.js +161 -0
- package/dist/safety/command-policy-packages.js.map +1 -0
- package/dist/safety/command-policy-parser.d.ts +11 -0
- package/dist/safety/command-policy-parser.d.ts.map +1 -0
- package/dist/safety/command-policy-parser.js +121 -0
- package/dist/safety/command-policy-parser.js.map +1 -0
- package/dist/safety/command-policy-wrappers.d.ts +6 -0
- package/dist/safety/command-policy-wrappers.d.ts.map +1 -0
- package/dist/safety/command-policy-wrappers.js +95 -0
- package/dist/safety/command-policy-wrappers.js.map +1 -0
- package/dist/safety/command-policy.d.ts +6 -0
- package/dist/safety/command-policy.d.ts.map +1 -0
- package/dist/safety/command-policy.js +118 -0
- package/dist/safety/command-policy.js.map +1 -0
- package/dist/types.d.ts +78 -0
- package/dist/types.d.ts.map +1 -0
- package/dist/types.js +2 -0
- package/dist/types.js.map +1 -0
- package/package.json +48 -0
|
@@ -0,0 +1,121 @@
|
|
|
1
|
+
import { parse as shellParse } from "shell-quote";
|
|
2
|
+
function isOpEntry(entry) {
|
|
3
|
+
return typeof entry === "object" && typeof entry.op === "string";
|
|
4
|
+
}
|
|
5
|
+
function isCommentEntry(entry) {
|
|
6
|
+
return typeof entry === "object" && typeof entry.comment === "string";
|
|
7
|
+
}
|
|
8
|
+
export function parseCommand(command) {
|
|
9
|
+
try {
|
|
10
|
+
const result = shellParse(command, (key) => `$${key}`);
|
|
11
|
+
if (!Array.isArray(result))
|
|
12
|
+
return null;
|
|
13
|
+
return result;
|
|
14
|
+
}
|
|
15
|
+
catch {
|
|
16
|
+
return null;
|
|
17
|
+
}
|
|
18
|
+
}
|
|
19
|
+
/** Detect $() and backtick command substitution outside single quotes. */
|
|
20
|
+
export function hasCommandSubstitution(command) {
|
|
21
|
+
let inSingleQuote = false;
|
|
22
|
+
let inDoubleQuote = false;
|
|
23
|
+
let escaped = false;
|
|
24
|
+
for (let i = 0; i < command.length; i++) {
|
|
25
|
+
const char = command[i];
|
|
26
|
+
if (escaped) {
|
|
27
|
+
escaped = false;
|
|
28
|
+
continue;
|
|
29
|
+
}
|
|
30
|
+
if (char === "\\" && inDoubleQuote) {
|
|
31
|
+
escaped = true;
|
|
32
|
+
continue;
|
|
33
|
+
}
|
|
34
|
+
if (char === "'" && !inDoubleQuote) {
|
|
35
|
+
inSingleQuote = !inSingleQuote;
|
|
36
|
+
continue;
|
|
37
|
+
}
|
|
38
|
+
if (char === '"' && !inSingleQuote) {
|
|
39
|
+
inDoubleQuote = !inDoubleQuote;
|
|
40
|
+
continue;
|
|
41
|
+
}
|
|
42
|
+
if (!inSingleQuote) {
|
|
43
|
+
if (char === "$" && command[i + 1] === "(")
|
|
44
|
+
return true;
|
|
45
|
+
if (char === "`")
|
|
46
|
+
return true;
|
|
47
|
+
}
|
|
48
|
+
}
|
|
49
|
+
return false;
|
|
50
|
+
}
|
|
51
|
+
export function hasUnsafeConstructs(entries) {
|
|
52
|
+
for (let i = 0; i < entries.length; i++) {
|
|
53
|
+
const entry = entries[i];
|
|
54
|
+
if (!isOpEntry(entry))
|
|
55
|
+
continue;
|
|
56
|
+
const op = entry.op;
|
|
57
|
+
if (op === "<(" || op === ">(")
|
|
58
|
+
return true;
|
|
59
|
+
if (op === "(" || op === ")")
|
|
60
|
+
return true;
|
|
61
|
+
if (op === "<<<")
|
|
62
|
+
return true;
|
|
63
|
+
if (op === "&") {
|
|
64
|
+
const next = entries[i + 1];
|
|
65
|
+
if (i + 2 < entries.length &&
|
|
66
|
+
isOpEntry(next) &&
|
|
67
|
+
next.op === ">" &&
|
|
68
|
+
entries[i + 2] === "/dev/null") {
|
|
69
|
+
continue;
|
|
70
|
+
}
|
|
71
|
+
return true;
|
|
72
|
+
}
|
|
73
|
+
}
|
|
74
|
+
return false;
|
|
75
|
+
}
|
|
76
|
+
export function hasUnsafeRedirects(entries) {
|
|
77
|
+
for (let i = 0; i < entries.length; i++) {
|
|
78
|
+
const entry = entries[i];
|
|
79
|
+
if (!isOpEntry(entry))
|
|
80
|
+
continue;
|
|
81
|
+
const op = entry.op;
|
|
82
|
+
if (op === ">" || op === ">>") {
|
|
83
|
+
const target = entries[i + 1];
|
|
84
|
+
if (typeof target === "string" && target === "/dev/null") {
|
|
85
|
+
i++;
|
|
86
|
+
continue;
|
|
87
|
+
}
|
|
88
|
+
return true;
|
|
89
|
+
}
|
|
90
|
+
if (op === "<")
|
|
91
|
+
return true;
|
|
92
|
+
if (op === ">&") {
|
|
93
|
+
const target = entries[i + 1];
|
|
94
|
+
if (typeof target === "string" && /^\d$/.test(target)) {
|
|
95
|
+
i++;
|
|
96
|
+
continue;
|
|
97
|
+
}
|
|
98
|
+
return true;
|
|
99
|
+
}
|
|
100
|
+
}
|
|
101
|
+
return false;
|
|
102
|
+
}
|
|
103
|
+
export function extractSegments(entries) {
|
|
104
|
+
const segments = [[]];
|
|
105
|
+
for (const entry of entries) {
|
|
106
|
+
if (isCommentEntry(entry))
|
|
107
|
+
continue;
|
|
108
|
+
if (typeof entry === "string") {
|
|
109
|
+
segments[segments.length - 1].push(entry);
|
|
110
|
+
continue;
|
|
111
|
+
}
|
|
112
|
+
if (!isOpEntry(entry))
|
|
113
|
+
continue;
|
|
114
|
+
if (["|", "||", "&&", ";"].includes(entry.op)) {
|
|
115
|
+
if (segments[segments.length - 1].length > 0)
|
|
116
|
+
segments.push([]);
|
|
117
|
+
}
|
|
118
|
+
}
|
|
119
|
+
return segments.filter((segment) => segment.length > 0);
|
|
120
|
+
}
|
|
121
|
+
//# sourceMappingURL=command-policy-parser.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"command-policy-parser.js","sourceRoot":"","sources":["../../src/safety/command-policy-parser.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,IAAI,UAAU,EAAE,MAAM,aAAa,CAAC;AAIlD,SAAS,SAAS,CAAC,KAAiB;IAClC,OAAO,OAAO,KAAK,KAAK,QAAQ,IAAI,OAAO,KAAK,CAAC,EAAE,KAAK,QAAQ,CAAC;AACnE,CAAC;AAED,SAAS,cAAc,CAAC,KAAiB;IACvC,OAAO,OAAO,KAAK,KAAK,QAAQ,IAAI,OAAO,KAAK,CAAC,OAAO,KAAK,QAAQ,CAAC;AACxE,CAAC;AAED,MAAM,UAAU,YAAY,CAAC,OAAe;IAC1C,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,UAAU,CAAC,OAAO,EAAE,CAAC,GAAW,EAAE,EAAE,CAAC,IAAI,GAAG,EAAE,CAAC,CAAC;QAC/D,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC;YAAE,OAAO,IAAI,CAAC;QACxC,OAAO,MAAsB,CAAC;IAChC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,0EAA0E;AAC1E,MAAM,UAAU,sBAAsB,CAAC,OAAe;IACpD,IAAI,aAAa,GAAG,KAAK,CAAC;IAC1B,IAAI,aAAa,GAAG,KAAK,CAAC;IAC1B,IAAI,OAAO,GAAG,KAAK,CAAC;IAEpB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACxC,MAAM,IAAI,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;QAExB,IAAI,OAAO,EAAE,CAAC;YACZ,OAAO,GAAG,KAAK,CAAC;YAChB,SAAS;QACX,CAAC;QAED,IAAI,IAAI,KAAK,IAAI,IAAI,aAAa,EAAE,CAAC;YACnC,OAAO,GAAG,IAAI,CAAC;YACf,SAAS;QACX,CAAC;QAED,IAAI,IAAI,KAAK,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC;YACnC,aAAa,GAAG,CAAC,aAAa,CAAC;YAC/B,SAAS;QACX,CAAC;QAED,IAAI,IAAI,KAAK,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC;YACnC,aAAa,GAAG,CAAC,aAAa,CAAC;YAC/B,SAAS;QACX,CAAC;QAED,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,IAAI,IAAI,KAAK,GAAG,IAAI,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,GAAG;gBAAE,OAAO,IAAI,CAAC;YACxD,IAAI,IAAI,KAAK,GAAG;gBAAE,OAAO,IAAI,CAAC;QAChC,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAM,UAAU,mBAAmB,CAAC,OAAqB;IACvD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACxC,MAAM,KAAK,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;QACzB,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC;YAAE,SAAS;QAEhC,MAAM,EAAE,GAAG,KAAK,CAAC,EAAE,CAAC;QAEpB,IAAI,EAAE,KAAK,IAAI,IAAI,EAAE,KAAK,IAAI;YAAE,OAAO,IAAI,CAAC;QAC5C,IAAI,EAAE,KAAK,GAAG,IAAI,EAAE,KAAK,GAAG;YAAE,OAAO,IAAI,CAAC;QAC1C,IAAI,EAAE,KAAK,KAAK;YAAE,OAAO,IAAI,CAAC;QAE9B,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;YACf,MAAM,IAAI,GAAG,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YAC5B,IACE,CAAC,GAAG,CAAC,GAAG,OAAO,CAAC,MAAM;gBACtB,SAAS,CAAC,IAAI,CAAC;gBACf,IAAI,CAAC,EAAE,KAAK,GAAG;gBACf,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,WAAW,EAC9B,CAAC;gBACD,SAAS;YACX,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAM,UAAU,kBAAkB,CAAC,OAAqB;IACtD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACxC,MAAM,KAAK,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;QACzB,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC;YAAE,SAAS;QAEhC,MAAM,EAAE,GAAG,KAAK,CAAC,EAAE,CAAC;QAEpB,IAAI,EAAE,KAAK,GAAG,IAAI,EAAE,KAAK,IAAI,EAAE,CAAC;YAC9B,MAAM,MAAM,GAAG,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YAC9B,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,MAAM,KAAK,WAAW,EAAE,CAAC;gBACzD,CAAC,EAAE,CAAC;gBACJ,SAAS;YACX,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,EAAE,KAAK,GAAG;YAAE,OAAO,IAAI,CAAC;QAE5B,IAAI,EAAE,KAAK,IAAI,EAAE,CAAC;YAChB,MAAM,MAAM,GAAG,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YAC9B,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;gBACtD,CAAC,EAAE,CAAC;gBACJ,SAAS;YACX,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAM,UAAU,eAAe,CAAC,OAAqB;IACnD,MAAM,QAAQ,GAAe,CAAC,EAAE,CAAC,CAAC;IAElC,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;QAC5B,IAAI,cAAc,CAAC,KAAK,CAAC;YAAE,SAAS;QAEpC,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,QAAQ,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YAC1C,SAAS;QACX,CAAC;QAED,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC;YAAE,SAAS;QAEhC,IAAI,CAAC,GAAG,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,CAAC;YAC9C,IAAI,QAAQ,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC;gBAAE,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAClE,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,CAAC,MAAM,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;AAC1D,CAAC"}
|
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
export declare function stripEnvVarAssignments(tokens: string[]): string[];
|
|
2
|
+
export declare function normalizeCommandName(command: string): string;
|
|
3
|
+
export declare function unwrapCommandTokens(tokens: string[]): string[];
|
|
4
|
+
export declare function getXargsInvokedCommandIndex(tokens: string[]): number | undefined;
|
|
5
|
+
export declare function hasAnyToken(tokens: string[], blocked: Set<string>): boolean;
|
|
6
|
+
//# sourceMappingURL=command-policy-wrappers.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"command-policy-wrappers.d.ts","sourceRoot":"","sources":["../../src/safety/command-policy-wrappers.ts"],"names":[],"mappings":"AAAA,wBAAgB,sBAAsB,CAAC,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,EAAE,CASjE;AAED,wBAAgB,oBAAoB,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAE5D;AAiBD,wBAAgB,mBAAmB,CAAC,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,EAAE,CAgD9D;AAED,wBAAgB,2BAA2B,CACzC,MAAM,EAAE,MAAM,EAAE,GACf,MAAM,GAAG,SAAS,CAmBpB;AAED,wBAAgB,WAAW,CAAC,MAAM,EAAE,MAAM,EAAE,EAAE,OAAO,EAAE,GAAG,CAAC,MAAM,CAAC,GAAG,OAAO,CAE3E"}
|
|
@@ -0,0 +1,95 @@
|
|
|
1
|
+
export function stripEnvVarAssignments(tokens) {
|
|
2
|
+
let index = 0;
|
|
3
|
+
while (index < tokens.length &&
|
|
4
|
+
/^[A-Za-z_][A-Za-z0-9_]*=/.test(tokens[index] ?? "")) {
|
|
5
|
+
index++;
|
|
6
|
+
}
|
|
7
|
+
return tokens.slice(index);
|
|
8
|
+
}
|
|
9
|
+
export function normalizeCommandName(command) {
|
|
10
|
+
return (command.split("/").pop() ?? command).trim();
|
|
11
|
+
}
|
|
12
|
+
function stripLeadingOptions(tokens) {
|
|
13
|
+
let index = 0;
|
|
14
|
+
while (tokens[index]?.startsWith("-"))
|
|
15
|
+
index++;
|
|
16
|
+
return tokens.slice(index);
|
|
17
|
+
}
|
|
18
|
+
const WRAPPER_ROOT_COMMANDS = new Set([
|
|
19
|
+
"command",
|
|
20
|
+
"env",
|
|
21
|
+
"nice",
|
|
22
|
+
"nohup",
|
|
23
|
+
"time",
|
|
24
|
+
"timeout",
|
|
25
|
+
]);
|
|
26
|
+
export function unwrapCommandTokens(tokens) {
|
|
27
|
+
let current = tokens;
|
|
28
|
+
for (let depth = 0; depth < 5; depth++) {
|
|
29
|
+
const rootCommand = normalizeCommandName(current[0] ?? "");
|
|
30
|
+
if (!WRAPPER_ROOT_COMMANDS.has(rootCommand))
|
|
31
|
+
break;
|
|
32
|
+
if (rootCommand === "env") {
|
|
33
|
+
let index = 1;
|
|
34
|
+
while (index < current.length) {
|
|
35
|
+
const token = current[index];
|
|
36
|
+
if (token === "-u" || token === "--unset" || token === "-S") {
|
|
37
|
+
index += 2;
|
|
38
|
+
continue;
|
|
39
|
+
}
|
|
40
|
+
if (token.startsWith("-")) {
|
|
41
|
+
index++;
|
|
42
|
+
continue;
|
|
43
|
+
}
|
|
44
|
+
if (/^[A-Za-z_][A-Za-z0-9_]*=/.test(token)) {
|
|
45
|
+
index++;
|
|
46
|
+
continue;
|
|
47
|
+
}
|
|
48
|
+
break;
|
|
49
|
+
}
|
|
50
|
+
current = current.slice(index);
|
|
51
|
+
continue;
|
|
52
|
+
}
|
|
53
|
+
if (rootCommand === "timeout") {
|
|
54
|
+
const withoutOptions = stripLeadingOptions(current.slice(1));
|
|
55
|
+
current = withoutOptions.slice(1);
|
|
56
|
+
continue;
|
|
57
|
+
}
|
|
58
|
+
if (rootCommand === "nice") {
|
|
59
|
+
let index = 1;
|
|
60
|
+
if (current[index] === "-n")
|
|
61
|
+
index += 2;
|
|
62
|
+
else if (current[index]?.startsWith("-n"))
|
|
63
|
+
index++;
|
|
64
|
+
while (current[index]?.startsWith("-"))
|
|
65
|
+
index++;
|
|
66
|
+
current = current.slice(index);
|
|
67
|
+
continue;
|
|
68
|
+
}
|
|
69
|
+
current = stripLeadingOptions(current.slice(1));
|
|
70
|
+
}
|
|
71
|
+
return current;
|
|
72
|
+
}
|
|
73
|
+
export function getXargsInvokedCommandIndex(tokens) {
|
|
74
|
+
for (let i = 1; i < tokens.length; i++) {
|
|
75
|
+
const token = tokens[i];
|
|
76
|
+
if (token === "-E" ||
|
|
77
|
+
token === "-I" ||
|
|
78
|
+
token === "-L" ||
|
|
79
|
+
token === "-P" ||
|
|
80
|
+
token === "-d" ||
|
|
81
|
+
token === "-n" ||
|
|
82
|
+
token === "-s") {
|
|
83
|
+
i++;
|
|
84
|
+
continue;
|
|
85
|
+
}
|
|
86
|
+
if (token.startsWith("-"))
|
|
87
|
+
continue;
|
|
88
|
+
return i;
|
|
89
|
+
}
|
|
90
|
+
return undefined;
|
|
91
|
+
}
|
|
92
|
+
export function hasAnyToken(tokens, blocked) {
|
|
93
|
+
return tokens.some((token) => blocked.has(token));
|
|
94
|
+
}
|
|
95
|
+
//# sourceMappingURL=command-policy-wrappers.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"command-policy-wrappers.js","sourceRoot":"","sources":["../../src/safety/command-policy-wrappers.ts"],"names":[],"mappings":"AAAA,MAAM,UAAU,sBAAsB,CAAC,MAAgB;IACrD,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,OACE,KAAK,GAAG,MAAM,CAAC,MAAM;QACrB,0BAA0B,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,EACpD,CAAC;QACD,KAAK,EAAE,CAAC;IACV,CAAC;IACD,OAAO,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;AAC7B,CAAC;AAED,MAAM,UAAU,oBAAoB,CAAC,OAAe;IAClD,OAAO,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,IAAI,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC;AACtD,CAAC;AAED,SAAS,mBAAmB,CAAC,MAAgB;IAC3C,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,OAAO,MAAM,CAAC,KAAK,CAAC,EAAE,UAAU,CAAC,GAAG,CAAC;QAAE,KAAK,EAAE,CAAC;IAC/C,OAAO,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;AAC7B,CAAC;AAED,MAAM,qBAAqB,GAAG,IAAI,GAAG,CAAC;IACpC,SAAS;IACT,KAAK;IACL,MAAM;IACN,OAAO;IACP,MAAM;IACN,SAAS;CACV,CAAC,CAAC;AAEH,MAAM,UAAU,mBAAmB,CAAC,MAAgB;IAClD,IAAI,OAAO,GAAG,MAAM,CAAC;IAErB,KAAK,IAAI,KAAK,GAAG,CAAC,EAAE,KAAK,GAAG,CAAC,EAAE,KAAK,EAAE,EAAE,CAAC;QACvC,MAAM,WAAW,GAAG,oBAAoB,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAC3D,IAAI,CAAC,qBAAqB,CAAC,GAAG,CAAC,WAAW,CAAC;YAAE,MAAM;QAEnD,IAAI,WAAW,KAAK,KAAK,EAAE,CAAC;YAC1B,IAAI,KAAK,GAAG,CAAC,CAAC;YACd,OAAO,KAAK,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;gBAC9B,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC;gBAC7B,IAAI,KAAK,KAAK,IAAI,IAAI,KAAK,KAAK,SAAS,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;oBAC5D,KAAK,IAAI,CAAC,CAAC;oBACX,SAAS;gBACX,CAAC;gBACD,IAAI,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;oBAC1B,KAAK,EAAE,CAAC;oBACR,SAAS;gBACX,CAAC;gBACD,IAAI,0BAA0B,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;oBAC3C,KAAK,EAAE,CAAC;oBACR,SAAS;gBACX,CAAC;gBACD,MAAM;YACR,CAAC;YACD,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;YAC/B,SAAS;QACX,CAAC;QAED,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;YAC9B,MAAM,cAAc,GAAG,mBAAmB,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;YAC7D,OAAO,GAAG,cAAc,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YAClC,SAAS;QACX,CAAC;QAED,IAAI,WAAW,KAAK,MAAM,EAAE,CAAC;YAC3B,IAAI,KAAK,GAAG,CAAC,CAAC;YACd,IAAI,OAAO,CAAC,KAAK,CAAC,KAAK,IAAI;gBAAE,KAAK,IAAI,CAAC,CAAC;iBACnC,IAAI,OAAO,CAAC,KAAK,CAAC,EAAE,UAAU,CAAC,IAAI,CAAC;gBAAE,KAAK,EAAE,CAAC;YACnD,OAAO,OAAO,CAAC,KAAK,CAAC,EAAE,UAAU,CAAC,GAAG,CAAC;gBAAE,KAAK,EAAE,CAAC;YAChD,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;YAC/B,SAAS;QACX,CAAC;QAED,OAAO,GAAG,mBAAmB,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;IAClD,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,MAAM,UAAU,2BAA2B,CACzC,MAAgB;IAEhB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACvC,MAAM,KAAK,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;QACxB,IACE,KAAK,KAAK,IAAI;YACd,KAAK,KAAK,IAAI;YACd,KAAK,KAAK,IAAI;YACd,KAAK,KAAK,IAAI;YACd,KAAK,KAAK,IAAI;YACd,KAAK,KAAK,IAAI;YACd,KAAK,KAAK,IAAI,EACd,CAAC;YACD,CAAC,EAAE,CAAC;YACJ,SAAS;QACX,CAAC;QACD,IAAI,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC;YAAE,SAAS;QACpC,OAAO,CAAC,CAAC;IACX,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,MAAM,UAAU,WAAW,CAAC,MAAgB,EAAE,OAAoB;IAChE,OAAO,MAAM,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC;AACpD,CAAC"}
|
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
export declare function hasShellControlOperator(command: string): boolean;
|
|
2
|
+
export declare function isKnownReadOnlyCommand(command: string): boolean;
|
|
3
|
+
export declare function hasDangerousCommandPattern(command: string): boolean;
|
|
4
|
+
export declare function isLikelyLongRunningCommand(command: string): boolean;
|
|
5
|
+
export declare function isAllowedPlanModeBashCommand(command: string): boolean;
|
|
6
|
+
//# sourceMappingURL=command-policy.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"command-policy.d.ts","sourceRoot":"","sources":["../../src/safety/command-policy.ts"],"names":[],"mappings":"AAuBA,wBAAgB,uBAAuB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAMhE;AAED,wBAAgB,sBAAsB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAe/D;AAED,wBAAgB,0BAA0B,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAInE;AAED,wBAAgB,0BAA0B,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAWnE;AA8DD,wBAAgB,4BAA4B,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAcrE"}
|
|
@@ -0,0 +1,118 @@
|
|
|
1
|
+
import { isBlockedGitInvocation } from "./command-policy-git.js";
|
|
2
|
+
import { isBlockedByCommandOptions, isBlockedLongRunningInvocation, } from "./command-policy-options.js";
|
|
3
|
+
import { isBlockedPackageManagerInvocation, isBlockedSystemPackageManagerInvocation, } from "./command-policy-packages.js";
|
|
4
|
+
import { extractSegments, hasCommandSubstitution, hasUnsafeConstructs, hasUnsafeRedirects, parseCommand, } from "./command-policy-parser.js";
|
|
5
|
+
import { getXargsInvokedCommandIndex, normalizeCommandName, stripEnvVarAssignments, unwrapCommandTokens, } from "./command-policy-wrappers.js";
|
|
6
|
+
export function hasShellControlOperator(command) {
|
|
7
|
+
return (/[><|`$();]/.test(command) ||
|
|
8
|
+
command.includes("&&") ||
|
|
9
|
+
command.includes("||"));
|
|
10
|
+
}
|
|
11
|
+
export function isKnownReadOnlyCommand(command) {
|
|
12
|
+
const normalized = command.trim().replace(/\s+/g, " ");
|
|
13
|
+
if (!normalized || hasShellControlOperator(normalized))
|
|
14
|
+
return false;
|
|
15
|
+
const first = normalized.split(" ")[0];
|
|
16
|
+
if (["pwd", "ls", "find", "rg", "grep", "which", "cat"].includes(first))
|
|
17
|
+
return true;
|
|
18
|
+
if (normalized === "git status" || normalized.startsWith("git status "))
|
|
19
|
+
return true;
|
|
20
|
+
if (normalized === "git diff" || normalized.startsWith("git diff "))
|
|
21
|
+
return true;
|
|
22
|
+
if (normalized === "git log" || normalized.startsWith("git log "))
|
|
23
|
+
return true;
|
|
24
|
+
if (normalized === "git show" || normalized.startsWith("git show "))
|
|
25
|
+
return true;
|
|
26
|
+
return false;
|
|
27
|
+
}
|
|
28
|
+
export function hasDangerousCommandPattern(command) {
|
|
29
|
+
return /(^|\s)(rm\s+-rf|sudo|mkfs|dd\s+if=|chmod\s+-R|chown\s+-R|git\s+reset\s+--hard|git\s+clean\s+-fd|docker\s+system\s+prune|kubectl\s+delete)(\s|$)/.test(command);
|
|
30
|
+
}
|
|
31
|
+
export function isLikelyLongRunningCommand(command) {
|
|
32
|
+
const normalized = command.trim().replace(/\s+/g, " ");
|
|
33
|
+
if (!normalized)
|
|
34
|
+
return false;
|
|
35
|
+
return (/(^|\s)(npm|pnpm|yarn|bun)\s+(run\s+)?(dev|start|serve|preview|watch)(\s|$)/.test(normalized) ||
|
|
36
|
+
/(^|\s)(vite|next\s+dev|svelte-kit\s+dev|astro\s+dev|webpack\s+serve|nodemon|tsx\s+watch|tsc\s+--watch|cargo\s+watch)(\s|$)/.test(normalized));
|
|
37
|
+
}
|
|
38
|
+
const BLOCKED_BASH_ROOT_COMMANDS = new Set([
|
|
39
|
+
"chmod",
|
|
40
|
+
"chgrp",
|
|
41
|
+
"chown",
|
|
42
|
+
"code",
|
|
43
|
+
"cp",
|
|
44
|
+
"dash",
|
|
45
|
+
"dd",
|
|
46
|
+
"doas",
|
|
47
|
+
"emacs",
|
|
48
|
+
"eval",
|
|
49
|
+
"exec",
|
|
50
|
+
"fish",
|
|
51
|
+
"function",
|
|
52
|
+
"kill",
|
|
53
|
+
"killall",
|
|
54
|
+
"ln",
|
|
55
|
+
"mkdir",
|
|
56
|
+
"mkfs",
|
|
57
|
+
"mount",
|
|
58
|
+
"mv",
|
|
59
|
+
"nano",
|
|
60
|
+
"pkill",
|
|
61
|
+
"rm",
|
|
62
|
+
"rmdir",
|
|
63
|
+
"sh",
|
|
64
|
+
"shred",
|
|
65
|
+
"sudo",
|
|
66
|
+
"tee",
|
|
67
|
+
"touch",
|
|
68
|
+
"truncate",
|
|
69
|
+
"umount",
|
|
70
|
+
"vi",
|
|
71
|
+
"vim",
|
|
72
|
+
"zsh",
|
|
73
|
+
]);
|
|
74
|
+
function isBlockedCommandSegment(tokens) {
|
|
75
|
+
const stripped = stripEnvVarAssignments(tokens);
|
|
76
|
+
const unwrapped = unwrapCommandTokens(stripped);
|
|
77
|
+
if (unwrapped.length === 0)
|
|
78
|
+
return false;
|
|
79
|
+
const rootCommand = normalizeCommandName(unwrapped[0]);
|
|
80
|
+
if (rootCommand === "xargs") {
|
|
81
|
+
const invokedIndex = getXargsInvokedCommandIndex(unwrapped);
|
|
82
|
+
if (invokedIndex === undefined)
|
|
83
|
+
return false;
|
|
84
|
+
return isBlockedCommandSegment(unwrapped.slice(invokedIndex));
|
|
85
|
+
}
|
|
86
|
+
if (BLOCKED_BASH_ROOT_COMMANDS.has(rootCommand))
|
|
87
|
+
return true;
|
|
88
|
+
if (isBlockedLongRunningInvocation(unwrapped))
|
|
89
|
+
return true;
|
|
90
|
+
if (isBlockedGitInvocation(unwrapped))
|
|
91
|
+
return true;
|
|
92
|
+
if (isBlockedPackageManagerInvocation(unwrapped, isBlockedCommandSegment)) {
|
|
93
|
+
return true;
|
|
94
|
+
}
|
|
95
|
+
if (isBlockedSystemPackageManagerInvocation(unwrapped))
|
|
96
|
+
return true;
|
|
97
|
+
return isBlockedByCommandOptions(unwrapped, isBlockedCommandSegment);
|
|
98
|
+
}
|
|
99
|
+
export function isAllowedPlanModeBashCommand(command) {
|
|
100
|
+
if (!command.trim())
|
|
101
|
+
return false;
|
|
102
|
+
if (isLikelyLongRunningCommand(command))
|
|
103
|
+
return false;
|
|
104
|
+
if (hasCommandSubstitution(command))
|
|
105
|
+
return false;
|
|
106
|
+
const entries = parseCommand(command);
|
|
107
|
+
if (!entries || entries.length === 0)
|
|
108
|
+
return false;
|
|
109
|
+
if (hasUnsafeConstructs(entries))
|
|
110
|
+
return false;
|
|
111
|
+
if (hasUnsafeRedirects(entries))
|
|
112
|
+
return false;
|
|
113
|
+
const segments = extractSegments(entries);
|
|
114
|
+
if (segments.length === 0)
|
|
115
|
+
return false;
|
|
116
|
+
return segments.every((segment) => !isBlockedCommandSegment(segment));
|
|
117
|
+
}
|
|
118
|
+
//# sourceMappingURL=command-policy.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"command-policy.js","sourceRoot":"","sources":["../../src/safety/command-policy.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,sBAAsB,EAAE,MAAM,yBAAyB,CAAC;AACjE,OAAO,EACL,yBAAyB,EACzB,8BAA8B,GAC/B,MAAM,6BAA6B,CAAC;AACrC,OAAO,EACL,iCAAiC,EACjC,uCAAuC,GACxC,MAAM,8BAA8B,CAAC;AACtC,OAAO,EACL,eAAe,EACf,sBAAsB,EACtB,mBAAmB,EACnB,kBAAkB,EAClB,YAAY,GACb,MAAM,4BAA4B,CAAC;AACpC,OAAO,EACL,2BAA2B,EAC3B,oBAAoB,EACpB,sBAAsB,EACtB,mBAAmB,GACpB,MAAM,8BAA8B,CAAC;AAEtC,MAAM,UAAU,uBAAuB,CAAC,OAAe;IACrD,OAAO,CACL,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC;QAC1B,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC;QACtB,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CACvB,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,sBAAsB,CAAC,OAAe;IACpD,MAAM,UAAU,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IACvD,IAAI,CAAC,UAAU,IAAI,uBAAuB,CAAC,UAAU,CAAC;QAAE,OAAO,KAAK,CAAC;IACrE,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IACvC,IAAI,CAAC,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC;QACrE,OAAO,IAAI,CAAC;IACd,IAAI,UAAU,KAAK,YAAY,IAAI,UAAU,CAAC,UAAU,CAAC,aAAa,CAAC;QACrE,OAAO,IAAI,CAAC;IACd,IAAI,UAAU,KAAK,UAAU,IAAI,UAAU,CAAC,UAAU,CAAC,WAAW,CAAC;QACjE,OAAO,IAAI,CAAC;IACd,IAAI,UAAU,KAAK,SAAS,IAAI,UAAU,CAAC,UAAU,CAAC,UAAU,CAAC;QAC/D,OAAO,IAAI,CAAC;IACd,IAAI,UAAU,KAAK,UAAU,IAAI,UAAU,CAAC,UAAU,CAAC,WAAW,CAAC;QACjE,OAAO,IAAI,CAAC;IACd,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAM,UAAU,0BAA0B,CAAC,OAAe;IACxD,OAAO,iJAAiJ,CAAC,IAAI,CAC3J,OAAO,CACR,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,0BAA0B,CAAC,OAAe;IACxD,MAAM,UAAU,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IACvD,IAAI,CAAC,UAAU;QAAE,OAAO,KAAK,CAAC;IAC9B,OAAO,CACL,4EAA4E,CAAC,IAAI,CAC/E,UAAU,CACX;QACD,4HAA4H,CAAC,IAAI,CAC/H,UAAU,CACX,CACF,CAAC;AACJ,CAAC;AAED,MAAM,0BAA0B,GAAG,IAAI,GAAG,CAAC;IACzC,OAAO;IACP,OAAO;IACP,OAAO;IACP,MAAM;IACN,IAAI;IACJ,MAAM;IACN,IAAI;IACJ,MAAM;IACN,OAAO;IACP,MAAM;IACN,MAAM;IACN,MAAM;IACN,UAAU;IACV,MAAM;IACN,SAAS;IACT,IAAI;IACJ,OAAO;IACP,MAAM;IACN,OAAO;IACP,IAAI;IACJ,MAAM;IACN,OAAO;IACP,IAAI;IACJ,OAAO;IACP,IAAI;IACJ,OAAO;IACP,MAAM;IACN,KAAK;IACL,OAAO;IACP,UAAU;IACV,QAAQ;IACR,IAAI;IACJ,KAAK;IACL,KAAK;CACN,CAAC,CAAC;AAEH,SAAS,uBAAuB,CAAC,MAAgB;IAC/C,MAAM,QAAQ,GAAG,sBAAsB,CAAC,MAAM,CAAC,CAAC;IAChD,MAAM,SAAS,GAAG,mBAAmB,CAAC,QAAQ,CAAC,CAAC;IAChD,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IAEzC,MAAM,WAAW,GAAG,oBAAoB,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;IAEvD,IAAI,WAAW,KAAK,OAAO,EAAE,CAAC;QAC5B,MAAM,YAAY,GAAG,2BAA2B,CAAC,SAAS,CAAC,CAAC;QAC5D,IAAI,YAAY,KAAK,SAAS;YAAE,OAAO,KAAK,CAAC;QAC7C,OAAO,uBAAuB,CAAC,SAAS,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,CAAC;IAChE,CAAC;IAED,IAAI,0BAA0B,CAAC,GAAG,CAAC,WAAW,CAAC;QAAE,OAAO,IAAI,CAAC;IAC7D,IAAI,8BAA8B,CAAC,SAAS,CAAC;QAAE,OAAO,IAAI,CAAC;IAC3D,IAAI,sBAAsB,CAAC,SAAS,CAAC;QAAE,OAAO,IAAI,CAAC;IACnD,IAAI,iCAAiC,CAAC,SAAS,EAAE,uBAAuB,CAAC,EAAE,CAAC;QAC1E,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,uCAAuC,CAAC,SAAS,CAAC;QAAE,OAAO,IAAI,CAAC;IACpE,OAAO,yBAAyB,CAAC,SAAS,EAAE,uBAAuB,CAAC,CAAC;AACvE,CAAC;AAED,MAAM,UAAU,4BAA4B,CAAC,OAAe;IAC1D,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE;QAAE,OAAO,KAAK,CAAC;IAClC,IAAI,0BAA0B,CAAC,OAAO,CAAC;QAAE,OAAO,KAAK,CAAC;IACtD,IAAI,sBAAsB,CAAC,OAAO,CAAC;QAAE,OAAO,KAAK,CAAC;IAElD,MAAM,OAAO,GAAG,YAAY,CAAC,OAAO,CAAC,CAAC;IACtC,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IACnD,IAAI,mBAAmB,CAAC,OAAO,CAAC;QAAE,OAAO,KAAK,CAAC;IAC/C,IAAI,kBAAkB,CAAC,OAAO,CAAC;QAAE,OAAO,KAAK,CAAC;IAE9C,MAAM,QAAQ,GAAG,eAAe,CAAC,OAAO,CAAC,CAAC;IAC1C,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IAExC,OAAO,QAAQ,CAAC,KAAK,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,uBAAuB,CAAC,OAAO,CAAC,CAAC,CAAC;AACxE,CAAC"}
|
package/dist/types.d.ts
ADDED
|
@@ -0,0 +1,78 @@
|
|
|
1
|
+
import type { ToolContentBlockPayload, ToolExecutionResultPayload, ToolImageContentPayload, ToolTextContentPayload } from "@nervekit/shared";
|
|
2
|
+
import type { PythonRuntime } from "./execution/python/runtime.js";
|
|
3
|
+
export type ToolExecutionOutputUpdate = {
|
|
4
|
+
kind: "output";
|
|
5
|
+
stream: "stdout" | "stderr" | "combined";
|
|
6
|
+
chunk: string;
|
|
7
|
+
};
|
|
8
|
+
export type ToolExecutionContext = {
|
|
9
|
+
cwd: string;
|
|
10
|
+
signal?: AbortSignal;
|
|
11
|
+
dataDir?: string;
|
|
12
|
+
getApiKey?: (provider: string) => Promise<string | undefined>;
|
|
13
|
+
pythonRuntime?: PythonRuntime;
|
|
14
|
+
pythonPolicy?: {
|
|
15
|
+
allowNetwork: boolean;
|
|
16
|
+
allowFileWrite: boolean;
|
|
17
|
+
};
|
|
18
|
+
onUpdate?: (update: ToolExecutionOutputUpdate) => void;
|
|
19
|
+
};
|
|
20
|
+
export type ToolTextContent = ToolTextContentPayload;
|
|
21
|
+
export type ToolImageContent = ToolImageContentPayload;
|
|
22
|
+
export type ToolContentBlock = ToolContentBlockPayload;
|
|
23
|
+
export type ToolExecutionResult = ToolExecutionResultPayload;
|
|
24
|
+
export type ToolPathArgs = {
|
|
25
|
+
path?: unknown;
|
|
26
|
+
};
|
|
27
|
+
export type ReadToolArgs = ToolPathArgs & {
|
|
28
|
+
offset?: unknown;
|
|
29
|
+
limit?: unknown;
|
|
30
|
+
byteOffset?: unknown;
|
|
31
|
+
byteLimit?: unknown;
|
|
32
|
+
};
|
|
33
|
+
export type WriteToolArgs = ToolPathArgs & {
|
|
34
|
+
content?: unknown;
|
|
35
|
+
};
|
|
36
|
+
export type EditToolArgs = ToolPathArgs & {
|
|
37
|
+
dryRun?: unknown;
|
|
38
|
+
replacements?: unknown;
|
|
39
|
+
insertions?: unknown;
|
|
40
|
+
lineReplacements?: unknown;
|
|
41
|
+
lineInsertions?: unknown;
|
|
42
|
+
patch?: unknown;
|
|
43
|
+
};
|
|
44
|
+
export type BashToolArgs = {
|
|
45
|
+
command?: unknown;
|
|
46
|
+
timeout?: unknown;
|
|
47
|
+
};
|
|
48
|
+
export type PythonToolArgs = {
|
|
49
|
+
code?: unknown;
|
|
50
|
+
path?: unknown;
|
|
51
|
+
cwd?: unknown;
|
|
52
|
+
timeout?: unknown;
|
|
53
|
+
env?: unknown;
|
|
54
|
+
};
|
|
55
|
+
export type LsToolArgs = ToolPathArgs & {
|
|
56
|
+
limit?: unknown;
|
|
57
|
+
};
|
|
58
|
+
export type FindToolArgs = ToolPathArgs & {
|
|
59
|
+
pattern?: unknown;
|
|
60
|
+
limit?: unknown;
|
|
61
|
+
};
|
|
62
|
+
export type GrepToolArgs = ToolPathArgs & {
|
|
63
|
+
pattern?: unknown;
|
|
64
|
+
glob?: unknown;
|
|
65
|
+
ignoreCase?: unknown;
|
|
66
|
+
literal?: unknown;
|
|
67
|
+
context?: unknown;
|
|
68
|
+
limit?: unknown;
|
|
69
|
+
};
|
|
70
|
+
export type WebSearchToolArgs = {
|
|
71
|
+
query?: unknown;
|
|
72
|
+
max_results?: unknown;
|
|
73
|
+
};
|
|
74
|
+
export type WebFetchToolArgs = {
|
|
75
|
+
url?: unknown;
|
|
76
|
+
raw?: unknown;
|
|
77
|
+
};
|
|
78
|
+
//# sourceMappingURL=types.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,uBAAuB,EACvB,0BAA0B,EAC1B,uBAAuB,EACvB,sBAAsB,EACvB,MAAM,kBAAkB,CAAC;AAC1B,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,+BAA+B,CAAC;AAEnE,MAAM,MAAM,yBAAyB,GAAG;IACtC,IAAI,EAAE,QAAQ,CAAC;IACf,MAAM,EAAE,QAAQ,GAAG,QAAQ,GAAG,UAAU,CAAC;IACzC,KAAK,EAAE,MAAM,CAAC;CACf,CAAC;AAEF,MAAM,MAAM,oBAAoB,GAAG;IACjC,GAAG,EAAE,MAAM,CAAC;IACZ,MAAM,CAAC,EAAE,WAAW,CAAC;IACrB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,SAAS,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC,CAAC;IAC9D,aAAa,CAAC,EAAE,aAAa,CAAC;IAC9B,YAAY,CAAC,EAAE;QACb,YAAY,EAAE,OAAO,CAAC;QACtB,cAAc,EAAE,OAAO,CAAC;KACzB,CAAC;IACF,QAAQ,CAAC,EAAE,CAAC,MAAM,EAAE,yBAAyB,KAAK,IAAI,CAAC;CACxD,CAAC;AAGF,MAAM,MAAM,eAAe,GAAG,sBAAsB,CAAC;AACrD,MAAM,MAAM,gBAAgB,GAAG,uBAAuB,CAAC;AACvD,MAAM,MAAM,gBAAgB,GAAG,uBAAuB,CAAC;AACvD,MAAM,MAAM,mBAAmB,GAAG,0BAA0B,CAAC;AAE7D,MAAM,MAAM,YAAY,GAAG;IACzB,IAAI,CAAC,EAAE,OAAO,CAAC;CAChB,CAAC;AAEF,MAAM,MAAM,YAAY,GAAG,YAAY,GAAG;IACxC,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,SAAS,CAAC,EAAE,OAAO,CAAC;CACrB,CAAC;AAEF,MAAM,MAAM,aAAa,GAAG,YAAY,GAAG;IACzC,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB,CAAC;AAEF,MAAM,MAAM,YAAY,GAAG,YAAY,GAAG;IACxC,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,gBAAgB,CAAC,EAAE,OAAO,CAAC;IAC3B,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,KAAK,CAAC,EAAE,OAAO,CAAC;CACjB,CAAC;AAEF,MAAM,MAAM,YAAY,GAAG;IACzB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB,CAAC;AAEF,MAAM,MAAM,cAAc,GAAG;IAC3B,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,GAAG,CAAC,EAAE,OAAO,CAAC;IACd,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,GAAG,CAAC,EAAE,OAAO,CAAC;CACf,CAAC;AAEF,MAAM,MAAM,UAAU,GAAG,YAAY,GAAG;IACtC,KAAK,CAAC,EAAE,OAAO,CAAC;CACjB,CAAC;AAEF,MAAM,MAAM,YAAY,GAAG,YAAY,GAAG;IACxC,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,KAAK,CAAC,EAAE,OAAO,CAAC;CACjB,CAAC;AAEF,MAAM,MAAM,YAAY,GAAG,YAAY,GAAG;IACxC,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,KAAK,CAAC,EAAE,OAAO,CAAC;CACjB,CAAC;AAEF,MAAM,MAAM,iBAAiB,GAAG;IAC9B,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB,WAAW,CAAC,EAAE,OAAO,CAAC;CACvB,CAAC;AAEF,MAAM,MAAM,gBAAgB,GAAG;IAC7B,GAAG,CAAC,EAAE,OAAO,CAAC;IACd,GAAG,CAAC,EAAE,OAAO,CAAC;CACf,CAAC"}
|
package/dist/types.js
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":""}
|
package/package.json
ADDED
|
@@ -0,0 +1,48 @@
|
|
|
1
|
+
{
|
|
2
|
+
"name": "@nervekit/tools",
|
|
3
|
+
"version": "0.1.0",
|
|
4
|
+
"author": "ThilinaTLM",
|
|
5
|
+
"license": "Apache-2.0",
|
|
6
|
+
"type": "module",
|
|
7
|
+
"publishConfig": {
|
|
8
|
+
"access": "public",
|
|
9
|
+
"registry": "https://registry.npmjs.org"
|
|
10
|
+
},
|
|
11
|
+
"repository": {
|
|
12
|
+
"type": "git",
|
|
13
|
+
"url": "git+https://github.com/ThilinaTLM/nerve.git",
|
|
14
|
+
"directory": "packages/tools"
|
|
15
|
+
},
|
|
16
|
+
"homepage": "https://github.com/ThilinaTLM/nerve#readme",
|
|
17
|
+
"files": [
|
|
18
|
+
"dist/**",
|
|
19
|
+
"LICENSE",
|
|
20
|
+
"NOTICE"
|
|
21
|
+
],
|
|
22
|
+
"exports": {
|
|
23
|
+
".": {
|
|
24
|
+
"types": "./dist/index.d.ts",
|
|
25
|
+
"import": "./dist/index.js"
|
|
26
|
+
}
|
|
27
|
+
},
|
|
28
|
+
"dependencies": {
|
|
29
|
+
"diff": "^8.0.4",
|
|
30
|
+
"node-html-markdown": "^2.0.0",
|
|
31
|
+
"shell-quote": "^1.8.4",
|
|
32
|
+
"typebox": "1.1.38",
|
|
33
|
+
"@nervekit/shared": "0.1.0"
|
|
34
|
+
},
|
|
35
|
+
"devDependencies": {
|
|
36
|
+
"@types/node": "24.10.1",
|
|
37
|
+
"@types/shell-quote": "^1.7.5",
|
|
38
|
+
"typescript": "5.9.3"
|
|
39
|
+
},
|
|
40
|
+
"engines": {
|
|
41
|
+
"node": ">=24.0.0"
|
|
42
|
+
},
|
|
43
|
+
"scripts": {
|
|
44
|
+
"build": "tsc -b",
|
|
45
|
+
"check": "tsc -b --pretty false",
|
|
46
|
+
"test": "tsx --test test/*.test.ts"
|
|
47
|
+
}
|
|
48
|
+
}
|