npm - @sisu-ai/tool-terminal - Versions diffs - 7.0.1 → 7.1.0 - Mend

@sisu-ai/tool-terminal 7.0.1 → 7.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/index.d.ts CHANGED Viewed

@@ -28,6 +28,26 @@ export interface TerminalToolConfig {
 export declare const DEFAULT_CONFIG: TerminalToolConfig;
 export declare const TERMINAL_COMMANDS_ALLOW: ReadonlyArray<string>;
 export declare function defaultTerminalConfig(overrides?: Partial<TerminalToolConfig>): TerminalToolConfig;
+interface TerminalPolicy {
+    allowed: boolean;
+    reason?: string;
+    allowedCommands?: string[];
+    allowedRoots?: string[];
+}
+interface TerminalRunResult {
+    exitCode: number;
+    stdout: string;
+    stderr: string;
+    durationMs: number;
+    policy: TerminalPolicy;
+    message?: string;
+    cwd: string;
+}
+interface TerminalReadResult {
+    contents: string;
+    policy: TerminalPolicy;
+    message?: string;
+}
 export declare function createTerminalTool(config?: Partial<TerminalToolConfig>): {
     start_session: (args?: {
         cwd?: string;
@@ -42,17 +62,7 @@ export declare function createTerminalTool(config?: Partial<TerminalToolConfig>)
         env?: Record<string, string>;
         stdin?: string;
         sessionId?: string;
-    }) => Promise<{
-        exitCode: number;
-        stdout: string;
-        stderr: string;
-        durationMs: number;
-        policy: {
-            allowed: boolean;
-            reason?: string;
-        };
-        cwd: string;
-    }>;
+    }) => Promise<TerminalRunResult>;
     cd: (args: {
         path: string;
         sessionId?: string;
@@ -64,16 +74,14 @@ export declare function createTerminalTool(config?: Partial<TerminalToolConfig>)
         path: string;
         encoding?: "utf8" | "base64";
         sessionId?: string;
-    }) => Promise<{
-        contents: string;
-    }>;
+    }) => Promise<TerminalReadResult>;
     tools: (Tool<{
         command: string;
         cwd?: string;
         env?: Record<string, string>;
         stdin?: string;
         sessionId?: string;
-    }, any> | Tool<{
+    }, TerminalRunResult> | Tool<{
         path: string;
         sessionId?: string;
     }, {
@@ -83,8 +91,7 @@ export declare function createTerminalTool(config?: Partial<TerminalToolConfig>)
         path: string;
         encoding?: "utf8" | "base64";
         sessionId?: string;
-    }, {
-        contents: string;
-    }>)[];
+    }, TerminalReadResult>)[];
 };
 export type TerminalTool = ReturnType<typeof createTerminalTool>;
+export {};

package/dist/index.js CHANGED Viewed

@@ -87,6 +87,8 @@ function isPathAllowed(absPath, cfg, mode) {
     return true;
 }
 function looksLikePath(arg) {
+    if (/^https?:\/\//i.test(arg))
+        return false;
     return (arg.startsWith(".") ||
         arg.includes("/") ||
         /^(?:[A-Za-z]:[\\/]|\\\\)/.test(arg));
@@ -240,7 +242,7 @@ function commandPolicyCheck(args, cfg) {
         found.push("`...`");
     if (/>/.test(cmdStr))
         found.push(">");
-    if (/<\<?/.test(cmdStr))
+    if (/<<?/.test(cmdStr))
         found.push("<");
     if (/(^|\s)&(\s|$)/.test(cmdStr))
         found.push("&");
@@ -373,7 +375,12 @@ export function createTerminalTool(config) {
                 stdout: "",
                 stderr: "",
                 durationMs: 0,
-                policy: pre,
+                policy: {
+                    allowed: false,
+                    reason: pre.reason,
+                    allowedCommands: cfg.commands.allow,
+                },
+                message: `Command denied by policy. Allowed commands: ${cfg.commands.allow.join(", ")}.`,
                 cwd,
             };
         }
@@ -431,7 +438,9 @@ export function createTerminalTool(config) {
                     try {
                         c.kill("SIGKILL");
                     }
-                    catch { }
+                    catch {
+                        // ignore kill errors
+                    }
                 }
             };
             const onStdout = (d) => {
@@ -547,14 +556,14 @@ export function createTerminalTool(config) {
     }
     function cd(args) {
         let session = getSession(args.sessionId);
+        let createdSessionId;
         // If no valid session is provided, create one anchored at the first root
         if (!session) {
             const cwd = canonicalize(cfg.roots[0]);
-            const sessionId = randomUUID();
+            createdSessionId = randomUUID();
             const expiresAt = Date.now() + cfg.sessions.ttlMs;
             session = { cwd, env: {}, expiresAt };
-            sessions.set(sessionId, session);
-            args._createdSessionId = sessionId;
+            sessions.set(createdSessionId, session);
         }
         const newPath = canonicalize(path.resolve(session.cwd, args.path));
         if (!isPathAllowed(newPath, cfg, "exec")) {
@@ -564,7 +573,7 @@ export function createTerminalTool(config) {
         session.expiresAt = Date.now() + cfg.sessions.ttlMs;
         return {
             cwd: session.cwd,
-            sessionId: args._createdSessionId ?? args.sessionId,
+            sessionId: createdSessionId ?? args.sessionId,
         };
     }
     async function read_file(args) {
@@ -573,12 +582,21 @@ export function createTerminalTool(config) {
         const session = getSession(args.sessionId);
         const cwd = session?.cwd ?? cfg.roots[0];
         const abs = canonicalize(path.resolve(cwd, args.path));
-        if (!isPathAllowed(abs, cfg, "read"))
-            throw new Error("path outside allowed roots");
+        if (!isPathAllowed(abs, cfg, "read")) {
+            return {
+                contents: "",
+                policy: {
+                    allowed: false,
+                    reason: "path outside allowed roots",
+                    allowedRoots: cfg.roots,
+                },
+                message: `Path denied by policy. Allowed roots: ${cfg.roots.join(", ")}.`,
+            };
+        }
         const buf = await fs.readFile(abs);
         const encoding = args.encoding ?? "utf8";
         const contents = encoding === "base64" ? buf.toString("base64") : buf.toString("utf8");
-        return { contents };
+        return { contents, policy: { allowed: true } };
     }
     const runCommandTool = {
         name: "terminalRun",

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@sisu-ai/tool-terminal",
-  "version": "7.0.1",
+  "version": "7.1.0",
   "type": "module",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",