@shareai-lab/kode 1.1.13 → 1.1.16

package/src/utils/commands.ts

@@ -1,261 +0,0 @@
-import { memoize } from 'lodash-es'
-import { API_ERROR_MESSAGE_PREFIX, queryQuick } from '../services/claude'
-import { type ControlOperator, parse, ParseEntry } from 'shell-quote'
-import { PRODUCT_NAME } from '../constants/product'
-
-const SINGLE_QUOTE = '__SINGLE_QUOTE__'
-const DOUBLE_QUOTE = '__DOUBLE_QUOTE__'
-
-export type CommandPrefixResult =
-  | {
-      commandPrefix: string | null
-      commandInjectionDetected: false
-    }
-  | { commandInjectionDetected: true }
-
-// Command prefix result alongside subcommand prefixes
-export type CommandSubcommandPrefixResult = CommandPrefixResult & {
-  subcommandPrefixes: Map<string, CommandPrefixResult>
-}
-
-/**
- * Splits a command string into individual commands based on shell operators
- */
-export function splitCommand(command: string): string[] {
-  const parts: ParseEntry[] = []
-
-  // 1. Collapse adjacent strings
-  for (const part of parse(
-    command
-      .replaceAll('"', `"${DOUBLE_QUOTE}`) // parse() strips out quotes :P
-      .replaceAll("'", `'${SINGLE_QUOTE}`), // parse() strips out quotes :P
-    varName => `$${varName}`, // Preserve shell variables
-  )) {
-    if (typeof part === 'string') {
-      if (parts.length > 0 && typeof parts[parts.length - 1] === 'string') {
-        parts[parts.length - 1] += ' ' + part
-        continue
-      }
-    }
-    parts.push(part)
-  }
-
-  // 2. Map tokens to strings
-  const stringParts = parts
-    .map(part => {
-      if (typeof part === 'string') {
-        return part
-      }
-      if ('comment' in part) {
-        // TODO: make this less hacky
-        return '#' + part.comment
-      }
-      if ('op' in part && part.op === 'glob') {
-        return part.pattern
-      }
-      if ('op' in part) {
-        return part.op
-      }
-      return null
-    })
-    .filter(_ => _ !== null)
-
-  // 3. Map quotes back to their original form
-  const quotedParts = stringParts.map(part => {
-    return part
-      .replaceAll(`${SINGLE_QUOTE}`, "'")
-      .replaceAll(`${DOUBLE_QUOTE}`, '"')
-  })
-
-  // 4. Filter out separators
-  return quotedParts.filter(
-    part => !(COMMAND_LIST_SEPARATORS as Set<string>).has(part),
-  )
-}
-
-export const getCommandSubcommandPrefix = memoize(
-  async (
-    command: string,
-    abortSignal: AbortSignal,
-  ): Promise<CommandSubcommandPrefixResult | null> => {
-    const subcommands = splitCommand(command)
-
-    const [fullCommandPrefix, ...subcommandPrefixesResults] = await Promise.all(
-      [
-        getCommandPrefix(command, abortSignal),
-        ...subcommands.map(async subcommand => ({
-          subcommand,
-          prefix: await getCommandPrefix(subcommand, abortSignal),
-        })),
-      ],
-    )
-    if (!fullCommandPrefix) {
-      return null
-    }
-    const subcommandPrefixes = subcommandPrefixesResults.reduce(
-      (acc, { subcommand, prefix }) => {
-        if (prefix) {
-          acc.set(subcommand, prefix)
-        }
-        return acc
-      },
-      new Map<string, CommandPrefixResult>(),
-    )
-
-    return {
-      ...fullCommandPrefix,
-      subcommandPrefixes,
-    }
-  },
-  command => command, // memoize by command only
-)
-
-const getCommandPrefix = memoize(
-  async (
-    command: string,
-    abortSignal: AbortSignal,
-  ): Promise<CommandPrefixResult | null> => {
-    const response = await queryQuick({
-      systemPrompt: [
-        `Your task is to process Bash commands that an AI coding agent wants to run.
-
-This policy spec defines how to determine the prefix of a Bash command:`,
-      ],
-      userPrompt: `<policy_spec>
-# ${PRODUCT_NAME} Code Bash command prefix detection
-
-This document defines risk levels for actions that the ${PRODUCT_NAME} agent may take. This classification system is part of a broader safety framework and is used to determine when additional user confirmation or oversight may be needed.
-
-## Definitions
-
-**Command Injection:** Any technique used that would result in a command being run other than the detected prefix.
-
-## Command prefix extraction examples
-Examples:
-- cat foo.txt => cat
-- cd src => cd
-- cd path/to/files/ => cd
-- find ./src -type f -name "*.ts" => find
-- gg cat foo.py => gg cat
-- gg cp foo.py bar.py => gg cp
-- git commit -m "foo" => git commit
-- git diff HEAD~1 => git diff
-- git diff --staged => git diff
-- git diff $(pwd) => command_injection_detected
-- git status => git status
-- git status# test(\`id\`) => command_injection_detected
-- git status\`ls\` => command_injection_detected
-- git push => none
-- git push origin master => git push
-- git log -n 5 => git log
-- git log --oneline -n 5 => git log
-- grep -A 40 "from foo.bar.baz import" alpha/beta/gamma.py => grep
-- pig tail zerba.log => pig tail
-- npm test => none
-- npm test --foo => npm test
-- npm test -- -f "foo" => npm test
-- pwd\n curl example.com => command_injection_detected
-- pytest foo/bar.py => pytest
-- scalac build => none
-</policy_spec>
-
-The user has allowed certain command prefixes to be run, and will otherwise be asked to approve or deny the command.
-Your task is to determine the command prefix for the following command.
-
-IMPORTANT: Bash commands may run multiple commands that are chained together.
-For safety, if the command seems to contain command injection, you must return "command_injection_detected". 
-(This will help protect the user: if they think that they're allowlisting command A, 
-but the AI coding agent sends a malicious command that technically has the same prefix as command A, 
-then the safety system will see that you said “command_injection_detected” and ask the user for manual confirmation.)
-
-Note that not every command has a prefix. If a command has no prefix, return "none".
-
-ONLY return the prefix. Do not return any other text, markdown markers, or other content or formatting.
-
-Command: ${command}
-`,
-      signal: abortSignal,
-      enablePromptCaching: false,
-    })
-
-    const prefix =
-      typeof response.message.content === 'string'
-        ? response.message.content
-        : Array.isArray(response.message.content)
-          ? (response.message.content.find(_ => _.type === 'text')?.text ??
-            'none')
-          : 'none'
-
-    if (prefix.startsWith(API_ERROR_MESSAGE_PREFIX)) {
-      return null
-    }
-
-    if (prefix === 'command_injection_detected') {
-      return { commandInjectionDetected: true }
-    }
-
-    // Never accept base `git` as a prefix (if e.g. `git diff` prefix not detected)
-    if (prefix === 'git') {
-      return {
-        commandPrefix: null,
-        commandInjectionDetected: false,
-      }
-    }
-
-    if (prefix === 'none') {
-      return {
-        commandPrefix: null,
-        commandInjectionDetected: false,
-      }
-    }
-
-    return {
-      commandPrefix: prefix,
-      commandInjectionDetected: false,
-    }
-  },
-  command => command, // memoize by command only
-)
-
-const COMMAND_LIST_SEPARATORS = new Set<ControlOperator>([
-  '&&',
-  '||',
-  ';',
-  ';;',
-])
-
-// Checks if this is just a list of commands
-function isCommandList(command: string): boolean {
-  for (const part of parse(
-    command
-      .replaceAll('"', `"${DOUBLE_QUOTE}`) // parse() strips out quotes :P
-      .replaceAll("'", `'${SINGLE_QUOTE}`), // parse() strips out quotes :P
-    varName => `$${varName}`, // Preserve shell variables
-  )) {
-    if (typeof part === 'string') {
-      // Strings are safe
-      continue
-    }
-    if ('comment' in part) {
-      // Don't trust comments, they can contain command injection
-      return false
-    }
-    if ('op' in part) {
-      if (part.op === 'glob') {
-        // Globs are safe
-        continue
-      } else if (COMMAND_LIST_SEPARATORS.has(part.op)) {
-        // Command list separators are safe
-        continue
-      }
-      // Other operators are unsafe
-      return false
-    }
-  }
-  // No unsafe operators found in entire command
-  return true
-}
-
-export function isUnsafeCompoundCommand(command: string): boolean {
-  return splitCommand(command).length > 1 && !isCommandList(command)
-}

package/src/utils/commonUnixCommands.ts

@@ -1,161 +0,0 @@
-/**
- * Common Unix Commands Database
- * 
- * A curated list of 500+ most frequently used Unix/Linux commands
- * for developers and system administrators.
- * 
- * Categories:
- * - File & Directory Operations
- * - Text Processing
- * - Process Management
- * - Network Tools
- * - Development Tools
- * - System Administration
- * - Package Management
- * - Version Control
- */
-
-export const COMMON_UNIX_COMMANDS = [
-  // File & Directory Operations (50+)
-  'ls', 'cd', 'pwd', 'mkdir', 'rmdir', 'rm', 'cp', 'mv', 'touch', 'cat',
-  'less', 'more', 'head', 'tail', 'file', 'stat', 'ln', 'readlink', 'basename', 'dirname',
-  'find', 'locate', 'which', 'whereis', 'type', 'tree', 'du', 'df', 'mount', 'umount',
-  'chmod', 'chown', 'chgrp', 'umask', 'setfacl', 'getfacl', 'lsattr', 'chattr', 'realpath', 'mktemp',
-  'rsync', 'scp', 'sftp', 'ftp', 'wget', 'curl', 'tar', 'gzip', 'gunzip', 'zip',
-  'unzip', 'bzip2', 'bunzip2', 'xz', 'unxz', '7z', 'rar', 'unrar', 'zcat', 'zless',
-  
-  // Text Processing (50+)
-  'grep', 'egrep', 'fgrep', 'rg', 'ag', 'ack', 'sed', 'awk', 'cut', 'paste',
-  'sort', 'uniq', 'wc', 'tr', 'col', 'column', 'expand', 'unexpand', 'fold', 'fmt',
-  'pr', 'nl', 'od', 'hexdump', 'xxd', 'strings', 'split', 'csplit', 'join', 'comm',
-  'diff', 'sdiff', 'vimdiff', 'patch', 'diffstat', 'cmp', 'md5sum', 'sha1sum', 'sha256sum', 'sha512sum',
-  'base64', 'uuencode', 'uudecode', 'rev', 'tac', 'shuf', 'jq', 'yq', 'xmllint', 'tidy',
-  
-  // Process Management (40+)
-  'ps', 'top', 'htop', 'atop', 'iotop', 'iftop', 'nethogs', 'pgrep', 'pkill', 'kill',
-  'killall', 'jobs', 'bg', 'fg', 'nohup', 'disown', 'nice', 'renice', 'ionice', 'taskset',
-  'pstree', 'fuser', 'lsof', 'strace', 'ltrace', 'ptrace', 'gdb', 'valgrind', 'time', 'timeout',
-  'watch', 'screen', 'tmux', 'byobu', 'dtach', 'nmon', 'dstat', 'vmstat', 'iostat', 'mpstat',
-  
-  // Network Tools (50+)
-  'ping', 'ping6', 'traceroute', 'tracepath', 'mtr', 'netstat', 'ss', 'ip', 'ifconfig', 'route',
-  'arp', 'hostname', 'hostnamectl', 'nslookup', 'dig', 'host', 'whois', 'nc', 'netcat', 'ncat',
-  'socat', 'telnet', 'ssh', 'ssh-keygen', 'ssh-copy-id', 'ssh-add', 'ssh-agent', 'sshd', 'tcpdump', 'wireshark',
-  'tshark', 'nmap', 'masscan', 'zmap', 'iptables', 'ip6tables', 'firewall-cmd', 'ufw', 'fail2ban', 'nginx',
-  'apache2', 'httpd', 'curl', 'wget', 'aria2', 'axel', 'links', 'lynx', 'w3m', 'elinks',
-  
-  // Development Tools - Languages (60+)
-  'gcc', 'g++', 'clang', 'clang++', 'make', 'cmake', 'autoconf', 'automake', 'libtool', 'pkg-config',
-  'python3', 'pip', 'pip3', 'pipenv', 'poetry', 'virtualenv', 'pyenv',
-  'node', 'npm', 'uv', 'npx', 'yarn', 'pnpm', 'nvm', 'volta', 'deno', 'bun', 'tsx',
-  'ruby', 'gem', 'bundle', 'bundler', 'rake', 'rbenv', 'rvm', 'irb', 'pry', 'rails',
-  'java', 'javac', 'jar', 'javadoc', 'maven', 'mvn', 'gradle', 'ant', 'kotlin', 'kotlinc',
-  'go', 'gofmt', 'golint', 'govet', 'godoc', 'rust', 'rustc', 'cargo', 'rustup', 'rustfmt',
-  
-  // Development Tools - Utilities (40+)
-  'git', 'svn', 'hg', 'bzr', 'cvs', 'fossil', 'tig', 'gitk', 'git-flow', 'hub',
-  'gh', 'glab', 'docker', 'docker-compose', 'podman', 'kubectl', 'helm', 'minikube', 'kind', 'k3s',
-  'vagrant', 'terraform', 'ansible', 'puppet', 'chef', 'salt', 'packer', 'consul', 'vault', 'nomad',
-  'vim', 'vi', 'nvim', 'emacs', 'nano', 'pico', 'ed', 'code', 'subl', 'atom',
-  
-  // Database & Data Tools (30+)
-  'mysql', 'mysqldump', 'mysqladmin', 'psql', 'pg_dump', 'pg_restore', 'sqlite3', 'redis-cli', 'mongo', 'mongodump',
-  'mongorestore', 'cqlsh', 'influx', 'clickhouse-client', 'mariadb', 'cockroach', 'etcdctl', 'consul', 'vault', 'nomad',
-  'jq', 'yq', 'xmlstarlet', 'csvkit', 'miller', 'awk', 'sed', 'perl', 'lua', 'tcl',
-  
-  // System Administration (50+)
-  'sudo', 'su', 'passwd', 'useradd', 'userdel', 'usermod', 'groupadd', 'groupdel', 'groupmod', 'id',
-  'who', 'w', 'last', 'lastlog', 'finger', 'chfn', 'chsh', 'login', 'logout', 'exit',
-  'systemctl', 'service', 'journalctl', 'systemd-analyze', 'init', 'telinit', 'runlevel', 'shutdown', 'reboot', 'halt',
-  'poweroff', 'uptime', 'uname', 'hostname', 'hostnamectl', 'timedatectl', 'localectl', 'loginctl', 'machinectl', 'bootctl',
-  'cron', 'crontab', 'at', 'batch', 'anacron', 'systemd-run', 'systemd-timer', 'logrotate', 'logger', 'dmesg',
-  
-  // Package Management (30+)
-  'apt', 'apt-get', 'apt-cache', 'dpkg', 'dpkg-reconfigure', 'aptitude', 'snap', 'flatpak', 'appimage', 'alien',
-  'yum', 'dnf', 'rpm', 'zypper', 'pacman', 'yaourt', 'yay', 'makepkg', 'abs', 'aur',
-  'brew', 'port', 'pkg', 'emerge', 'portage', 'nix', 'guix', 'conda', 'mamba', 'micromamba',
-  
-  // Monitoring & Performance (30+)
-  'top', 'htop', 'atop', 'btop', 'gtop', 'gotop', 'bashtop', 'bpytop', 'glances', 'nmon',
-  'sar', 'iostat', 'mpstat', 'vmstat', 'pidstat', 'free', 'uptime', 'tload', 'slabtop', 'powertop',
-  'iotop', 'iftop', 'nethogs', 'bmon', 'nload', 'speedtest', 'speedtest-cli', 'fast', 'mtr', 'smokeping',
-  
-  // Security Tools (30+)
-  'gpg', 'gpg2', 'openssl', 'ssh-keygen', 'ssh-keyscan', 'ssl-cert', 'certbot', 'acme.sh', 'mkcert', 'step',
-  'pass', 'keepassxc-cli', 'bitwarden', '1password', 'hashcat', 'john', 'hydra', 'ncrack', 'medusa', 'aircrack-ng',
-  'chkrootkit', 'rkhunter', 'clamav', 'clamscan', 'freshclam', 'aide', 'tripwire', 'samhain', 'ossec', 'wazuh',
-  
-  // Shell & Scripting (30+)
-  'bash', 'sh', 'zsh', 'fish', 'ksh', 'tcsh', 'csh', 'dash', 'ash', 'elvish',
-  'export', 'alias', 'unalias', 'history', 'fc', 'source', 'eval', 'exec', 'command', 'builtin',
-  'set', 'unset', 'env', 'printenv', 'echo', 'printf', 'read', 'test', 'expr', 'let',
-  
-  // Archive & Compression (20+)
-  'tar', 'gzip', 'gunzip', 'bzip2', 'bunzip2', 'xz', 'unxz', 'lzma', 'unlzma', 'compress',
-  'uncompress', 'zip', 'unzip', '7z', '7za', 'rar', 'unrar', 'ar', 'cpio', 'pax',
-  
-  // Media Tools (20+)
-  'ffmpeg', 'ffplay', 'ffprobe', 'sox', 'play', 'rec', 'mpg123', 'mpg321', 'ogg123', 'flac',
-  'lame', 'oggenc', 'opusenc', 'convert', 'mogrify', 'identify', 'display', 'import', 'animate', 'montage',
-  
-  // Math & Calculation (15+)
-  'bc', 'dc', 'calc', 'qalc', 'units', 'factor', 'primes', 'seq', 'shuf', 'random',
-  'octave', 'maxima', 'sage', 'r', 'julia',
-  
-  // Documentation & Help (15+)
-  'man', 'info', 'help', 'apropos', 'whatis', 'whereis', 'which', 'type', 'command', 'hash',
-  'tldr', 'cheat', 'howdoi', 'stackoverflow', 'explainshell',
-  
-  // Miscellaneous Utilities (30+)
-  'date', 'cal', 'ncal', 'timedatectl', 'zdump', 'tzselect', 'hwclock', 'ntpdate', 'chrony', 'timeshift',
-  'yes', 'true', 'false', 'sleep', 'usleep', 'seq', 'jot', 'shuf', 'tee', 'xargs',
-  'parallel', 'rush', 'dsh', 'pssh', 'clusterssh', 'terminator', 'tilix', 'alacritty', 'kitty', 'wezterm',
-] as const
-
-/**
- * Get common commands that exist on the current system
- * @param systemCommands Array of commands available on the system
- * @returns Deduplicated intersection of common commands and system commands
- */
-export function getCommonSystemCommands(systemCommands: string[]): string[] {
-  const systemSet = new Set(systemCommands.map(cmd => cmd.toLowerCase()))
-  const commonIntersection = COMMON_UNIX_COMMANDS.filter(cmd => systemSet.has(cmd.toLowerCase()))
-  // Remove duplicates using Set
-  return Array.from(new Set(commonIntersection))
-}
-
-/**
- * Get a priority score for a command based on its position in the common list
- * Earlier commands get higher priority (more commonly used)
- */
-export function getCommandPriority(command: string): number {
-  const index = COMMON_UNIX_COMMANDS.indexOf(command.toLowerCase() as any)
-  if (index === -1) return 0
-  
-  // Convert index to priority score (earlier = higher score)
-  const maxScore = 100
-  const score = maxScore - (index / COMMON_UNIX_COMMANDS.length) * maxScore
-  return Math.round(score)
-}
-
-/**
- * Get essential fallback commands for when PATH is empty or unavailable
- * These are the most basic commands that should always be available
- */
-export function getEssentialCommands(): string[] {
-  return [
-    'ls', 'cd', 'pwd', 'cat', 'grep', 'find', 'which', 'man', 'cp', 'mv', 'rm', 'mkdir',
-    'touch', 'chmod', 'ps', 'top', 'kill', 'git', 'node', 'npm', 'python3',
-    'curl', 'wget', 'docker', 'vim', 'nano', 'echo', 'export', 'env', 'sudo'
-  ]
-}
-
-/**
- * Get minimal fallback commands for error scenarios
- * These are absolute minimum commands for basic functionality
- */
-export function getMinimalFallbackCommands(): string[] {
-  return [
-    'ls', 'cd', 'pwd', 'cat', 'grep', 'find', 'git', 'node', 'npm', 'python3', 'vim', 'nano'
-  ]
-}