npm - @ww_nero/mini-cli - Versions diffs - 1.0.76 → 1.0.77 - Mend

@ww_nero/mini-cli 1.0.76 → 1.0.77

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@ww_nero/mini-cli",
-  "version": "1.0.76",
+  "version": "1.0.77",
   "description": "极简的 AI 命令行助手",
   "bin": {
     "mini": "bin/mini.js"

package/src/config.js CHANGED Viewed

@@ -12,12 +12,6 @@ const FILE_NAMES = {
   mini: 'MINI.md'
 };
-const DEFAULT_ALLOWED_COMMANDS = [
-  'rm', 'rmdir', 'touch', 'mkdir', 'cd', 'cp', 'mv', 'node', 'npm', 'pkill', 'kill',
-  'curl', 'ls', 'pwd', 'grep', 'cat', 'echo', 'sed', 'head', 'tail', 'find', 'true',
-  'false', 'pip', 'python', 'ps', 'lsof', 'git', 'pandoc'
-];
 const DEFAULT_TOOL_RESPONSE_MAX_TOKENS = 65536;
 const DEFAULT_COMPACT_TOKEN_THRESHOLD = 65536;
 const DEFAULT_MCP_TOOL_TIMEOUT_MS = 10 * 60 * 1000;
@@ -91,7 +85,6 @@ const DEFAULT_SETTINGS = {
   commands: [],
   maxToolTokens: DEFAULT_TOOL_RESPONSE_MAX_TOKENS,
   compactTokenThreshold: DEFAULT_COMPACT_TOKEN_THRESHOLD,
-  allowedCommands: [...DEFAULT_ALLOWED_COMMANDS],
   mcpToolTimeout: DEFAULT_MCP_TOOL_TIMEOUT_MS,
   outputMaxLength: DEFAULT_OUTPUT_MAX_LENGTH,
   executionTimeout: DEFAULT_EXECUTION_TIMEOUT,
@@ -345,10 +338,6 @@ const loadSettings = ({ defaultTools = [] } = {}) => {
       parsed.maxToolTokens,
       DEFAULT_TOOL_RESPONSE_MAX_TOKENS
     ),
-    allowedCommands: (() => {
-      const list = ensureArrayOfStrings(parsed.allowedCommands);
-      return list.length ? Array.from(new Set(list)) : [...DEFAULT_ALLOWED_COMMANDS];
-    })(),
     compactTokenThreshold: normalizePositiveInteger(
       parsed.compactTokenThreshold,
       DEFAULT_COMPACT_TOKEN_THRESHOLD
@@ -392,7 +381,6 @@ module.exports = {
   loadSettings,
   ensureConfigFiles,
   getConfigPath,
-  DEFAULT_ALLOWED_COMMANDS,
   DEFAULT_TOOL_RESPONSE_MAX_TOKENS,
   DEFAULT_COMPACT_TOKEN_THRESHOLD,
   COMPACT_SUMMARY_PROMPT

package/src/tools/bash.js CHANGED Viewed

@@ -1,76 +1,5 @@
 const { spawn } = require('child_process');
 const { resolveWorkspacePath } = require('../utils/helpers');
-const { DEFAULT_ALLOWED_COMMANDS } = require('../config');
-// Git 只读命令白名单
-const GIT_READONLY_COMMANDS = ['show', 'diff', 'log', 'status', 'branch', 'tag', 'ls-files', 'ls-tree', 'rev-parse', 'reflog', 'blame', 'shortlog', 'describe', 'config --get', 'config --list', 'remote', 'ls-remote', 'fetch --dry-run', 'grep'];
-// Git 禁止的命令（会修改状态的命令）
-const GIT_FORBIDDEN_COMMANDS = ['add', 'commit', 'push', 'pull', 'merge', 'rebase', 'reset', 'revert', 'cherry-pick', 'apply', 'stash', 'clean', 'rm', 'mv', 'checkout', 'switch', 'restore', 'tag -a', 'tag -d', 'branch -d', 'branch -D', 'config --add', 'config --unset', 'submodule', 'clone', 'init'];
-const splitShellCommands = (commandString = '') => {
-  const operators = ['&&', '||'];
-  const pattern = '(' + operators.map(op => op.replace(/[.*+?^${}()|[\]\\]/g, '\\$&')).join('|') + ')';
-  return commandString
-    .split(new RegExp(pattern))
-    .map(part => part.trim())
-    .filter(part => part && !operators.includes(part));
-};
-const validateSingleCommand = (commandString = '', allowedCommands = []) => {
-  const parts = commandString.match(/(?:[^\s"']+|"[^"]*"|'[^']*')+/g) || [];
-  if (parts.length === 0) {
-    return { isValid: false, reason: '命令为空' };
-  }
-  const command = parts[0];
-  if (!allowedCommands.includes(command)) {
-    return { isValid: false, reason: `命令 ${command} 不在允许名单内` };
-  }
-  if ((command === 'rm' || command === 'rmdir') && parts.slice(1).some(arg => !arg.startsWith('-') && arg.includes('.git'))) {
-    return { isValid: false, reason: '禁止对 .git 目录执行删除操作' };
-  }
-  // Git 命令额外验证
-  if (command === 'git') {
-    if (parts.length < 2) {
-      return { isValid: false, reason: 'git 命令缺少子命令' };
-    }
-    const gitSubCommand = parts[1];
-    const gitArgs = parts.slice(2).join(' ');
-    const fullGitCommand = gitSubCommand + (gitArgs ? ' ' + gitArgs : '');
-    // 检查是否是禁止的命令
-    for (const forbidden of GIT_FORBIDDEN_COMMANDS) {
-      if (gitSubCommand === forbidden || fullGitCommand.startsWith(forbidden)) {
-        return {
-          isValid: false,
-          reason: `禁止执行会修改仓库状态的 git 命令: ${forbidden}。只允许执行只读命令如: ${GIT_READONLY_COMMANDS.join(', ')}`
-        };
-      }
-    }
-    // 检查是否是允许的只读命令
-    let isReadOnly = false;
-    for (const readonly of GIT_READONLY_COMMANDS) {
-      if (gitSubCommand === readonly || fullGitCommand.startsWith(readonly)) {
-        isReadOnly = true;
-        break;
-      }
-    }
-    if (!isReadOnly) {
-      return {
-        isValid: false,
-        reason: `git 子命令 ${gitSubCommand} 不在只读命令白名单内。允许的命令: ${GIT_READONLY_COMMANDS.join(', ')}`
-      };
-    }
-  }
-  return { isValid: true, reason: '' };
-};
 const executeCommand = async ({ command, workingDirectory = '.', isService = false } = {}, context = {}) => {
   if (!command || typeof command !== 'string' || !command.trim()) {
@@ -79,30 +8,9 @@ const executeCommand = async ({ command, workingDirectory = '.', isService = fal
   const normalizedCommand = command.replace(/\bpython3\b/g, 'python');
-  const allowedCommands = Array.isArray(context.allowedCommands) && context.allowedCommands.length > 0
-    ? context.allowedCommands
-    : DEFAULT_ALLOWED_COMMANDS;
   const outputMaxLength = context.outputMaxLength || 12000;
   const executionTimeout = context.executionTimeout || 300000;
   const serviceBootWindow = context.serviceBootWindow || 5000;
-  const commands = splitShellCommands(normalizedCommand);
-  if (commands.length === 0) {
-    return '未找到有效的命令';
-  }
-  for (let i = 0; i < commands.length; i += 1) {
-    const validation = validateSingleCommand(commands[i], allowedCommands);
-    if (!validation.isValid) {
-      return [
-        '命令未通过安全校验',
-        `第 ${i + 1} 个指令: ${commands[i]}`,
-        `原因: ${validation.reason}`,
-        '允许的命令: ' + allowedCommands.join(', '),
-        '附加限制: rm/rmdir 禁止修改`.git`目录'
-      ].join('\n');
-    }
-  }
   let cwd;
   try {
@@ -196,13 +104,8 @@ const executeCommand = async ({ command, workingDirectory = '.', isService = fal
   });
 };
-const createBashToolSchema = (context = {}) => {
-  const allowedCommands = Array.isArray(context.allowedCommands) && context.allowedCommands.length > 0
-    ? context.allowedCommands
-    : DEFAULT_ALLOWED_COMMANDS;
+const createBashToolSchema = () => {
   const descriptionParts = ['在指定目录运行 bash 命令，支持使用 && / || 连接多个命令。'];
-  descriptionParts.push(`支持的命令: ${allowedCommands.join(', ')}。`);
-  descriptionParts.push('git 命令仅支持只读操作（show/diff/log/status 等），严禁执行 add/commit/push/reset 等会修改仓库状态的命令。');
   descriptionParts.push('isService=true 时在后台运行服务，等待 5 秒返回初始输出，进程继续运行并持续捕获输出；默认等待命令执行完成，超时为 300 秒。');
   return {

package/src/tools/index.js CHANGED Viewed

@@ -13,11 +13,9 @@ const createToolRuntime = async (workspaceRoot, options = {}) => {
   const { settings } = loadSettings({ defaultTools: defaultToolNames });
   const enabledTools = new Set(settings.tools && settings.tools.length > 0 ? settings.tools : defaultToolNames);
   const enabledMcps = Array.isArray(settings.mcps) ? settings.mcps : [];
-  const allowedCommands = settings.allowedCommands;
   const context = {
     workspaceRoot,
-    allowedCommands,
     outputMaxLength: settings.outputMaxLength,
     executionTimeout: settings.executionTimeout,
     serviceBootWindow: settings.serviceBootWindow,

package/src/utils/settings.js CHANGED Viewed

@@ -5,11 +5,6 @@ const path = require('path');
 const MINI_DIR_NAME = '.mini';
 const SETTINGS_FILE_NAME = 'settings.json';
 const DEFAULT_TOOL_OUTPUT_TOKEN_LIMIT = 32768;
-const DEFAULT_ALLOWED_COMMANDS = [
-  'rm', 'rmdir', 'touch', 'mkdir', 'cd', 'cp', 'mv', 'node', 'npm', 'ls',
-  'grep', 'cat', 'echo', 'sed', 'head', 'tail', 'find', 'true', 'false',
-  'pkill', 'kill', 'curl', 'ps', 'lsof', 'git', 'pip', 'python', 'pandoc'
-];
 const ensureArrayOfStrings = (value, fallback = []) => {
   if (!Array.isArray(value)) {
@@ -29,8 +24,7 @@ const loadSettings = ({ defaultTools = [] } = {}) => {
   const defaultSettings = {
     mcps: [],
     tools: [...defaultTools],
-    toolOutputTokenLimit: DEFAULT_TOOL_OUTPUT_TOKEN_LIMIT,
-    allowedCommands: [...DEFAULT_ALLOWED_COMMANDS]
+    toolOutputTokenLimit: DEFAULT_TOOL_OUTPUT_TOKEN_LIMIT
   };
   let parsed = null;
@@ -50,11 +44,6 @@ const loadSettings = ({ defaultTools = [] } = {}) => {
         parsed.toolOutputTokenLimit = DEFAULT_TOOL_OUTPUT_TOKEN_LIMIT;
         needsUpdate = true;
       }
-      if (!Array.isArray(parsed.allowedCommands)) {
-        parsed.allowedCommands = [...DEFAULT_ALLOWED_COMMANDS];
-        needsUpdate = true;
-      }
     } catch (error) {
       parsed = defaultSettings;
     }
@@ -65,8 +54,7 @@ const loadSettings = ({ defaultTools = [] } = {}) => {
     tools: ensureArrayOfStrings(parsed.tools, defaultSettings.tools),
     toolOutputTokenLimit: typeof parsed.toolOutputTokenLimit === 'number' && parsed.toolOutputTokenLimit > 0
       ? parsed.toolOutputTokenLimit
-      : DEFAULT_TOOL_OUTPUT_TOKEN_LIMIT,
-    allowedCommands: ensureArrayOfStrings(parsed.allowedCommands, DEFAULT_ALLOWED_COMMANDS)
+      : DEFAULT_TOOL_OUTPUT_TOKEN_LIMIT
   };
   if (needsUpdate) {
@@ -85,6 +73,5 @@ const loadSettings = ({ defaultTools = [] } = {}) => {
 module.exports = {
   loadSettings,
-  DEFAULT_TOOL_OUTPUT_TOKEN_LIMIT,
-  DEFAULT_ALLOWED_COMMANDS
+  DEFAULT_TOOL_OUTPUT_TOKEN_LIMIT
 };