@pugi/cli 0.1.0-beta.99 → 1.0.0-alpha.1

package/dist/core/permissions/bash-parser.js

@@ -1,371 +0,0 @@
-const WRAPPER_COMMANDS = new Set(['bash', 'sh']);
-const PIPELINE_SEPARATORS = new Set(['&&', '||', '|', ';']);
-export function parseBashCommand(cmd) {
-    const rawCommand = cmd;
-    const command = stripWrappers(cmd).trim();
-    if (command.length === 0) {
-        throw new Error('empty bash command');
-    }
-    const stageSources = splitPipeline(command);
-    const envVars = {};
-    const redirects = [];
-    const pipelineStages = [];
-    const tokens = [];
-    for (const stageSource of stageSources) {
-        const rawTokens = tokenize(stageSource);
-        const stage = normalizeStage(rawTokens, envVars, redirects);
-        if (stage.length === 0) {
-            throw new Error('pipeline stage has no command');
-        }
-        pipelineStages.push(stage);
-        tokens.push(...stage);
-    }
-    const firstStage = pipelineStages[0];
-    if (firstStage === undefined) {
-        throw new Error('bash command has no stages');
-    }
-    const firstCommand = firstStage[0];
-    if (firstCommand === undefined || firstCommand.length === 0) {
-        throw new Error('bash command has no first command');
-    }
-    return {
-        rawCommand,
-        tokens,
-        firstCommand,
-        pipelineStages,
-        envVars,
-        redirects,
-    };
-}
-export function isAllowed(cmd, allowlist) {
-    let parsed;
-    try {
-        parsed = parseBashCommand(cmd);
-    }
-    catch (error) {
-        const message = error instanceof Error ? error.message : 'parse failed';
-        return { allowed: false, reason: message };
-    }
-    if (parsed.firstCommand.length === 0) {
-        return { allowed: false, reason: 'missing first command' };
-    }
-    const allowedCommands = new Set(allowlist);
-    for (const stage of parsed.pipelineStages) {
-        const stageCommand = stage[0];
-        if (stageCommand === undefined || stageCommand.length === 0) {
-            return {
-                allowed: false,
-                reason: 'missing command in pipeline stage',
-                firstCommand: parsed.firstCommand,
-            };
-        }
-        if (!allowedCommands.has(stageCommand)) {
-            return {
-                allowed: false,
-                reason: `command not allowlisted: ${stageCommand}`,
-                firstCommand: parsed.firstCommand,
-            };
-        }
-    }
-    return { allowed: true, firstCommand: parsed.firstCommand };
-}
-function stripWrappers(cmd) {
-    let current = cmd.trim();
-    for (let depth = 0; depth < 8; depth += 1) {
-        const tokens = tokenize(current);
-        const first = tokens[0];
-        if (first === undefined) {
-            return current;
-        }
-        if (WRAPPER_COMMANDS.has(first)) {
-            const second = tokens[1];
-            const third = tokens[2];
-            if (second === '-c' && third !== undefined) {
-                current = third.trim();
-                continue;
-            }
-        }
-        if (first === 'eval') {
-            const inner = tokens.slice(1).join(' ').trim();
-            if (inner.length === 0) {
-                throw new Error('eval wrapper has no inner command');
-            }
-            current = inner;
-            continue;
-        }
-        return current;
-    }
-    throw new Error('too many nested shell wrappers');
-}
-function splitPipeline(command) {
-    const stages = [];
-    let current = '';
-    let quote = 'none';
-    let escaped = false;
-    for (let i = 0; i < command.length; i += 1) {
-        const ch = command[i];
-        if (ch === undefined) {
-            break;
-        }
-        if (escaped) {
-            current += ch;
-            escaped = false;
-            continue;
-        }
-        if (quote !== 'single' && ch === '\\') {
-            current += ch;
-            escaped = true;
-            continue;
-        }
-        if (quote === 'none' && ch === "'") {
-            current += ch;
-            quote = 'single';
-            continue;
-        }
-        if (quote === 'single' && ch === "'") {
-            current += ch;
-            quote = 'none';
-            continue;
-        }
-        if (quote === 'none' && ch === '"') {
-            current += ch;
-            quote = 'double';
-            continue;
-        }
-        if (quote === 'double' && ch === '"') {
-            current += ch;
-            quote = 'none';
-            continue;
-        }
-        if (quote === 'none') {
-            const next = command[i + 1];
-            const pair = next === undefined ? ch : `${ch}${next}`;
-            if (PIPELINE_SEPARATORS.has(pair)) {
-                pushStage(stages, current);
-                current = '';
-                i += 1;
-                continue;
-            }
-            if (PIPELINE_SEPARATORS.has(ch)) {
-                pushStage(stages, current);
-                current = '';
-                continue;
-            }
-        }
-        current += ch;
-    }
-    if (escaped) {
-        throw new Error('dangling escape in bash command');
-    }
-    if (quote !== 'none') {
-        throw new Error('unterminated quote in bash command');
-    }
-    pushStage(stages, current);
-    return stages;
-}
-function pushStage(stages, stage) {
-    const trimmed = stage.trim();
-    if (trimmed.length === 0) {
-        throw new Error('empty pipeline stage');
-    }
-    stages.push(trimmed);
-}
-function tokenize(input) {
-    const tokens = [];
-    let current = '';
-    let quote = 'none';
-    let escaped = false;
-    for (let i = 0; i < input.length; i += 1) {
-        const ch = input[i];
-        if (ch === undefined) {
-            break;
-        }
-        if (escaped) {
-            current += ch;
-            escaped = false;
-            continue;
-        }
-        if (quote !== 'single' && ch === '\\') {
-            escaped = true;
-            continue;
-        }
-        if (quote === 'none' && isWhitespace(ch)) {
-            pushToken(tokens, current);
-            current = '';
-            continue;
-        }
-        if (quote === 'none' && ch === "'") {
-            quote = 'single';
-            continue;
-        }
-        if (quote === 'single' && ch === "'") {
-            quote = 'none';
-            continue;
-        }
-        if (quote === 'none' && ch === '"') {
-            quote = 'double';
-            continue;
-        }
-        if (quote === 'double' && ch === '"') {
-            quote = 'none';
-            continue;
-        }
-        if (quote === 'none' && startsRedirect(input, i)) {
-            pushToken(tokens, current);
-            current = '';
-            const parsed = readRedirect(input, i);
-            tokens.push(parsed.token);
-            i = parsed.nextIndex - 1;
-            continue;
-        }
-        current += ch;
-    }
-    if (escaped) {
-        throw new Error('dangling escape in bash command');
-    }
-    if (quote !== 'none') {
-        throw new Error('unterminated quote in bash command');
-    }
-    pushToken(tokens, current);
-    return tokens;
-}
-function pushToken(tokens, token) {
-    if (token.length > 0) {
-        tokens.push(token);
-    }
-}
-function startsRedirect(input, index) {
-    const ch = input[index];
-    if (ch === undefined) {
-        return false;
-    }
-    if (ch === '>' || ch === '<') {
-        return true;
-    }
-    if (!isDigit(ch)) {
-        return false;
-    }
-    let cursor = index;
-    while (isDigit(input[cursor] ?? '')) {
-        cursor += 1;
-    }
-    const next = input[cursor];
-    return next === '>' || next === '<';
-}
-function readRedirect(input, index) {
-    let cursor = index;
-    let token = '';
-    while (isDigit(input[cursor] ?? '')) {
-        const digit = input[cursor];
-        if (digit === undefined) {
-            break;
-        }
-        token += digit;
-        cursor += 1;
-    }
-    const first = input[cursor];
-    if (first !== '>' && first !== '<') {
-        throw new Error('invalid redirect operator');
-    }
-    token += first;
-    cursor += 1;
-    const second = input[cursor];
-    const third = input[cursor + 1];
-    if (first === '>' && second === '>') {
-        token += second;
-        cursor += 1;
-    }
-    else if (first === '<' && second === '<' && third === '<') {
-        token += `${second}${third}`;
-        cursor += 2;
-    }
-    else if (first === '<' && second === '<') {
-        token += second;
-        cursor += 1;
-    }
-    else if ((first === '>' || first === '<') && second === '&') {
-        token += second;
-        cursor += 1;
-    }
-    else if (first === '>' && second === '|') {
-        token += second;
-        cursor += 1;
-    }
-    else if (first === '<' && second === '>') {
-        token += second;
-        cursor += 1;
-    }
-    while (true) {
-        const ch = input[cursor];
-        if (ch === undefined || isWhitespace(ch) || ch === '"' || ch === "'") {
-            break;
-        }
-        if (ch === '>' || ch === '<') {
-            break;
-        }
-        token += ch;
-        cursor += 1;
-    }
-    return { token, nextIndex: cursor };
-}
-function normalizeStage(rawTokens, envVars, redirects) {
-    const withoutEnv = [];
-    let commandStarted = false;
-    for (const token of rawTokens) {
-        if (!commandStarted && isEnvAssignment(token)) {
-            const parsed = parseEnvAssignment(token);
-            envVars[parsed.name] = parsed.value;
-            continue;
-        }
-        commandStarted = true;
-        withoutEnv.push(token);
-    }
-    const stage = [];
-    for (let i = 0; i < withoutEnv.length; i += 1) {
-        const token = withoutEnv[i];
-        if (token === undefined) {
-            continue;
-        }
-        if (isRedirectToken(token)) {
-            if (redirectNeedsOperand(token)) {
-                const target = withoutEnv[i + 1];
-                if (target === undefined || isRedirectToken(target)) {
-                    throw new Error('redirect missing target');
-                }
-                redirects.push(`${token} ${target}`);
-                i += 1;
-                continue;
-            }
-            redirects.push(token);
-            continue;
-        }
-        stage.push(token);
-    }
-    return stage;
-}
-function isEnvAssignment(token) {
-    return /^[A-Za-z_][A-Za-z0-9_]*=.*$/u.test(token);
-}
-function parseEnvAssignment(token) {
-    const index = token.indexOf('=');
-    if (index < 1) {
-        throw new Error('invalid environment assignment');
-    }
-    return {
-        name: token.slice(0, index),
-        value: token.slice(index + 1),
-    };
-}
-function isRedirectToken(token) {
-    return /^(?:\d*)?(?:>>?|<|<<|<<<|>\||<>|>&|<&)(?:.+)?$/u.test(token);
-}
-function redirectNeedsOperand(token) {
-    return /^(?:\d*)?(?:>>?|<|<<|<<<|>\||<>|>&|<&)$/u.test(token);
-}
-function isWhitespace(ch) {
-    return ch === ' ' || ch === '\t' || ch === '\n' || ch === '\r';
-}
-function isDigit(ch) {
-    return ch >= '0' && ch <= '9';
-}
-//# sourceMappingURL=bash-parser.js.map

package/dist/core/permissions/circuit-breaker.js

@@ -1,83 +0,0 @@
-/**
- * bypassPermissions circuit-breaker — .
- *
- * `bypassPermissions` is "skip ALL checks" for trusted scripted runs.
- * Even so, certain commands are catastrophic enough that the gate
- * MUST refuse regardless of mode. This module owns that short list.
- *
- * The breaker is conservative on purpose:
- *  - rm -rf against `/`, `~`, or workspace root (`.`)
- *  - fork bomb signature (`:(){:|:&};:`)
- *  - dd if=/ (raw block-device read or write)
- *
- * False positives are acceptable here — an operator who really wants
- * to nuke their root filesystem can switch to `dontAsk` and re-issue;
- * the breaker is the "are you sure you typed this correctly?" guard,
- * not a hard policy boundary.
- *
- * `evaluateCircuitBreaker` is pure regex matching — no IO, no state.
- * It's called by the gate before any other routing so a bypass-mode
- * session that types `rm -rf /` sees the deny path first.
- */
-/**
- * Pattern list — kept narrow on purpose. Each entry must match the
- * canonical destructive shape; argv variants without the exact form
- * fall through к the regular `dontAsk` / `bypassPermissions` allow
- * path, which is what the operator opted into.
- */
-const CIRCUIT_BREAKER_PATTERNS = [
-    // rm -rf against absolute root, $HOME, ~, $WORKSPACE_ROOT, or `.`
-    // with no further token. The negative lookahead на `[/~.]\S` makes
-    // sure `rm -rf /tmp/foo` (specific subtree) doesn't trip — only the
-    // catastrophic `rm -rf /` or `rm -rf ~` or `rm -rf .` shapes do.
-    {
-        pattern: /\brm\s+(-[a-z]*r[a-z]*f|-[a-z]*f[a-z]*r)\s+(\/|~|\$HOME|\$\{HOME\}|\.)\s*$/i,
-        reason: 'rm -rf against /, $HOME, ~, or workspace root',
-    },
-    // Fork bomb signature. Whitespace-tolerant но shape-strict.
-    {
-        pattern: /:\s*\(\s*\)\s*\{\s*:\s*\|\s*:\s*&\s*\}\s*;?\s*:/,
-        reason: 'fork bomb (`:(){ :|:& };:`)',
-    },
-    // dd to/from raw devices. Either direction is catastrophic enough
-    // to warrant the breaker (read of /dev/random into a workspace file
-    // can fill the disk, write to /dev/sda destroys the disk).
-    {
-        pattern: /\bdd\b[^|;&]*\b(if|of)=\/dev\//i,
-        reason: 'dd reading/writing /dev/* (catastrophic IO)',
-    },
-    // mkfs against any disk — single regex covers ext*, xfs, btrfs, vfat.
-    {
-        pattern: /\bmkfs(\.[a-z0-9]+)?\s+\/dev\//i,
-        reason: 'mkfs against /dev/* (filesystem format)',
-    },
-];
-/**
- * Test the command against every circuit-breaker pattern. Returns the
- * first match (most-catastrophic-first ordering is encoded в the array
- * order); when no pattern matches, the breaker is `tripped: false` so
- * the caller proceeds to the regular gate decision.
- *
- * Pure function — no IO, no module-scoped state. Safe to call from any
- * surface (gate, doctor command, audit replay).
- */
-export function evaluateCircuitBreaker(command) {
-    const trimmed = command.trim();
-    if (trimmed.length === 0)
-        return { tripped: false, reason: '' };
-    for (const entry of CIRCUIT_BREAKER_PATTERNS) {
-        if (entry.pattern.test(trimmed)) {
-            return { tripped: true, reason: entry.reason };
-        }
-    }
-    return { tripped: false, reason: '' };
-}
-/**
- * Diagnostic accessor — exposed для doctor surfaces + spec coverage so
- * the test layer can iterate the full list and assert each entry trips
- * on representative input.
- */
-export function listCircuitBreakerPatterns() {
-    return CIRCUIT_BREAKER_PATTERNS.map((e) => ({ pattern: e.pattern.source, reason: e.reason }));
-}
-//# sourceMappingURL=circuit-breaker.js.map

package/dist/core/permissions/constrained-edit.js

@@ -1,91 +0,0 @@
-import * as path from 'node:path';
-const REGEX_META = new Set(['.', '+', '^', '$', '(', ')', '|', '{', '}', '[', ']', '\\']);
-function globToRegExp(pattern) {
-    let re = '';
-    let i = 0;
-    while (i < pattern.length) {
-        const c = pattern[i];
-        if (c === '*') {
-            if (pattern[i + 1] === '*') {
-                re += '.*';
-                i += 2;
-                if (pattern[i] === '/')
-                    i += 1;
-            }
-            else {
-                re += '[^/]*';
-                i += 1;
-            }
-        }
-        else if (c === '?') {
-            re += '[^/]';
-            i += 1;
-        }
-        else if (REGEX_META.has(c)) {
-            re += '\\' + c;
-            i += 1;
-        }
-        else {
-            re += c;
-            i += 1;
-        }
-    }
-    return new RegExp('^' + re + '$');
-}
-function toRelPosix(absPath, repoRoot) {
-    const normRoot = path.resolve(repoRoot);
-    const normPath = path.resolve(absPath);
-    const rel = path.relative(normRoot, normPath);
-    if (rel === '' || rel.startsWith('..') || path.isAbsolute(rel)) {
-        return rel.startsWith('..') || path.isAbsolute(rel) ? null : rel;
-    }
-    return rel.split(path.sep).join('/');
-}
-export function isPathAllowed(absPath, repoRoot, allowlist) {
-    const rel = toRelPosix(absPath, repoRoot);
-    if (rel === null)
-        return false;
-    for (const pattern of allowlist) {
-        if (pattern === rel)
-            return true;
-        if (globToRegExp(pattern).test(rel))
-            return true;
-    }
-    return false;
-}
-const SHELL_OP_SPLIT = /\s*(?:&&|\|\||;|\|)\s*/;
-const ENV_ASSIGN = /^[A-Za-z_][A-Za-z0-9_]*=/;
-export function checkBashCommand(cmd, allowlist) {
-    const stages = cmd
-        .split(SHELL_OP_SPLIT)
-        .map((s) => s.trim())
-        .filter((s) => s.length > 0);
-    if (stages.length === 0) {
-        return { allowed: false, reason: 'empty command' };
-    }
-    for (const stage of stages) {
-        const tokens = stage.split(/\s+/);
-        let i = 0;
-        while (i < tokens.length && ENV_ASSIGN.test(tokens[i]))
-            i += 1;
-        const head = tokens[i];
-        if (!head) {
-            return { allowed: false, reason: `empty stage in command: '${stage}'` };
-        }
-        if (!allowlist.includes(head)) {
-            return { allowed: false, reason: `command '${head}' not in bash_allowlist` };
-        }
-    }
-    return { allowed: true };
-}
-export function verifyTouched(touchedPaths, repoRoot, allowlist) {
-    const violations = [];
-    for (const p of touchedPaths) {
-        const abs = path.isAbsolute(p) ? p : path.resolve(repoRoot, p);
-        if (!isPathAllowed(abs, repoRoot, allowlist)) {
-            violations.push(p);
-        }
-    }
-    return { ok: violations.length === 0, violations };
-}
-//# sourceMappingURL=constrained-edit.js.map