@zhin.js/agent 0.1.16 → 0.1.18
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/builtin/ask-user-tool.d.ts +1 -1
- package/lib/builtin/ask-user-tool.d.ts.map +1 -1
- package/lib/builtin/ask-user-tool.js +5 -3
- package/lib/builtin/ask-user-tool.js.map +1 -1
- package/lib/builtin/edit-file-tool.d.ts.map +1 -1
- package/lib/builtin/edit-file-tool.js +8 -2
- package/lib/builtin/edit-file-tool.js.map +1 -1
- package/lib/builtin/web-fetch-tool.js +1 -1
- package/lib/builtin/web-fetch-tool.js.map +1 -1
- package/lib/builtin/write-file-tool.d.ts.map +1 -1
- package/lib/builtin/write-file-tool.js +8 -2
- package/lib/builtin/write-file-tool.js.map +1 -1
- package/lib/discovery/utils.d.ts +3 -1
- package/lib/discovery/utils.d.ts.map +1 -1
- package/lib/discovery/utils.js +12 -5
- package/lib/discovery/utils.js.map +1 -1
- package/lib/index.d.ts +3 -1
- package/lib/index.d.ts.map +1 -1
- package/lib/index.js +1 -0
- package/lib/index.js.map +1 -1
- package/lib/init/register-owner-approve-commands.d.ts +2 -0
- package/lib/init/register-owner-approve-commands.d.ts.map +1 -0
- package/lib/init/register-owner-approve-commands.js +137 -0
- package/lib/init/register-owner-approve-commands.js.map +1 -0
- package/lib/init.d.ts +1 -1
- package/lib/init.d.ts.map +1 -1
- package/lib/init.js +3 -1
- package/lib/init.js.map +1 -1
- package/lib/orchestrator/owner-confirm-orchestration.d.ts +30 -0
- package/lib/orchestrator/owner-confirm-orchestration.d.ts.map +1 -0
- package/lib/orchestrator/owner-confirm-orchestration.js +98 -0
- package/lib/orchestrator/owner-confirm-orchestration.js.map +1 -0
- package/lib/orchestrator/owner-orchestration-constants.d.ts +6 -0
- package/lib/orchestrator/owner-orchestration-constants.d.ts.map +1 -0
- package/lib/orchestrator/owner-orchestration-constants.js +10 -0
- package/lib/orchestrator/owner-orchestration-constants.js.map +1 -0
- package/lib/security/bash-tool-context.d.ts +5 -0
- package/lib/security/bash-tool-context.d.ts.map +1 -0
- package/lib/security/bash-tool-context.js +13 -0
- package/lib/security/bash-tool-context.js.map +1 -0
- package/lib/security/exec-policy.d.ts +1 -1
- package/lib/security/exec-policy.d.ts.map +1 -1
- package/lib/security/exec-policy.js +39 -3
- package/lib/security/exec-policy.js.map +1 -1
- package/lib/security/owner-approve-always-store.d.ts +52 -0
- package/lib/security/owner-approve-always-store.d.ts.map +1 -0
- package/lib/security/owner-approve-always-store.js +357 -0
- package/lib/security/owner-approve-always-store.js.map +1 -0
- package/lib/subagent.d.ts.map +1 -1
- package/lib/subagent.js +13 -1
- package/lib/subagent.js.map +1 -1
- package/lib/zhin-agent/index.d.ts.map +1 -1
- package/lib/zhin-agent/index.js +9 -2
- package/lib/zhin-agent/index.js.map +1 -1
- package/lib/zhin-agent/prompt.d.ts.map +1 -1
- package/lib/zhin-agent/prompt.js +1 -0
- package/lib/zhin-agent/prompt.js.map +1 -1
- package/package.json +3 -3
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"owner-confirm-orchestration.d.ts","sourceRoot":"","sources":["../../src/orchestrator/owner-confirm-orchestration.ts"],"names":[],"mappings":"AAOA,OAAO,KAAK,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AACzD,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,aAAa,CAAC;AAUvD,4BAA4B;AAC5B,eAAO,MAAM,2BAA2B,EAAG,mBAA4B,CAAC;AAExE,OAAO,EAAE,8BAA8B,EAAE,MAAM,oCAAoC,CAAC;AAMpF,MAAM,WAAW,yBAAyB;IACxC,WAAW,EAAE,WAAW,CAAC;IACzB,kCAAkC;IAClC,wBAAwB,CAAC,EAAE,OAAO,CAAC;IACnC,8BAA8B;IAC9B,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB;;;OAGG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED;;GAEG;AACH,wBAAgB,qBAAqB,CAAC,MAAM,EAAE,MAAM,GAAG;IAAE,SAAS,EAAE,OAAO,CAAC;IAAC,IAAI,EAAE,MAAM,CAAA;CAAE,CAQ1F;AAED,wBAAgB,iCAAiC,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAG3F;AAqBD;;GAEG;AACH,wBAAgB,0CAA0C,CACxD,OAAO,EAAE,yBAAyB,GACjC,mBAAmB,CAoDrB"}
|
|
@@ -0,0 +1,98 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Owner 确认信号(ZHIN_NEEDS_OWNER)与白名单硬编排(GitHub #398)
|
|
3
|
+
*
|
|
4
|
+
* 阶段 A:工具结果首行 `ZHIN_NEEDS_OWNER:` 为权威信号。
|
|
5
|
+
* 阶段 B:白名单工具 + 信号 + 非子 Agent 时由本模块同步调用 ask_user(type=confirm)。
|
|
6
|
+
*/
|
|
7
|
+
import { getPlugin } from '@zhin.js/core';
|
|
8
|
+
import { AskUserBuiltinTool } from '../builtin/ask-user-tool.js';
|
|
9
|
+
import { errMsg } from '../discovery/utils.js';
|
|
10
|
+
import { clearPendingOrchestrationTool, hasOwnerApproveAlways, setPendingOrchestrationTool, } from '../security/owner-approve-always-store.js';
|
|
11
|
+
import { OWNER_HARD_ORCHESTRATION_TOOLS } from './owner-orchestration-constants.js';
|
|
12
|
+
/** 工具结果第一行须与此完全一致(行首无空白) */
|
|
13
|
+
export const ZHIN_NEEDS_OWNER_FIRST_LINE = 'ZHIN_NEEDS_OWNER:';
|
|
14
|
+
export { OWNER_HARD_ORCHESTRATION_TOOLS } from './owner-orchestration-constants.js';
|
|
15
|
+
const WHITELIST = new Set(OWNER_HARD_ORCHESTRATION_TOOLS);
|
|
16
|
+
const DEFAULT_MAX_AUTO_ASK = 3;
|
|
17
|
+
/**
|
|
18
|
+
* 解析权威首行;正文为第二行起(可含多行)。
|
|
19
|
+
*/
|
|
20
|
+
export function parseNeedsOwnerSignal(result) {
|
|
21
|
+
const lines = result.split(/\r?\n/);
|
|
22
|
+
const first = lines[0] ?? '';
|
|
23
|
+
if (first !== ZHIN_NEEDS_OWNER_FIRST_LINE) {
|
|
24
|
+
return { hasSignal: false, body: result };
|
|
25
|
+
}
|
|
26
|
+
const body = lines.slice(1).join('\n').replace(/^\n+/, '');
|
|
27
|
+
return { hasSignal: true, body };
|
|
28
|
+
}
|
|
29
|
+
export function shouldHardOrchestrateOwnerConfirm(toolName, result) {
|
|
30
|
+
if (!WHITELIST.has(toolName))
|
|
31
|
+
return false;
|
|
32
|
+
return parseNeedsOwnerSignal(result).hasSignal;
|
|
33
|
+
}
|
|
34
|
+
function appendOrchestratedOwnerAnswer(originalToolText, ownerAnswer) {
|
|
35
|
+
return `${originalToolText.trimEnd()}\n\n---\n[Owner confirmation (orchestrated)]\n${ownerAnswer}`;
|
|
36
|
+
}
|
|
37
|
+
function appendUnavailableNote(originalToolText, note) {
|
|
38
|
+
return `${originalToolText.trimEnd()}\n\n---\n⚠️ 无法自动收集 Owner 在线确认:${note}\n请 Bot Owner 配置 owner 与私聊通道,或由助手向用户说明下一步。`;
|
|
39
|
+
}
|
|
40
|
+
function appendLimitNote(originalToolText, maxAsk) {
|
|
41
|
+
return `${originalToolText.trimEnd()}\n\n---\n⚠️ 本会话自动 Owner 确认次数已达上限(${maxAsk} 次),不再自动弹窗。\n权威行 ${ZHIN_NEEDS_OWNER_FIRST_LINE} 仍然有效,请用文字向用户或 Owner 说明结果与风险。`;
|
|
42
|
+
}
|
|
43
|
+
function buildConfirmQuestion(toolName, body) {
|
|
44
|
+
const trimmed = body.trim() || '(无补充说明)';
|
|
45
|
+
const cap = 2000;
|
|
46
|
+
const detail = trimmed.length > cap ? `${trimmed.slice(0, cap)}\n…(truncated)` : trimmed;
|
|
47
|
+
return `工具「${toolName}」需要 Owner 确认是否继续:\n\n${detail}`;
|
|
48
|
+
}
|
|
49
|
+
/**
|
|
50
|
+
* 为单次 Agent.run 创建工具结果变换:在写入对话前可能插入 Owner confirm 结果。
|
|
51
|
+
*/
|
|
52
|
+
export function createOwnerOrchestratedToolResultTransform(options) {
|
|
53
|
+
const maxAsk = options.maxAutoOwnerAsk ?? DEFAULT_MAX_AUTO_ASK;
|
|
54
|
+
let usedOrchestrationSlots = 0;
|
|
55
|
+
return async (input) => {
|
|
56
|
+
const { toolName, result } = input;
|
|
57
|
+
if (!shouldHardOrchestrateOwnerConfirm(toolName, result))
|
|
58
|
+
return result;
|
|
59
|
+
if (options.disableHardOrchestration)
|
|
60
|
+
return result;
|
|
61
|
+
if (usedOrchestrationSlots >= maxAsk) {
|
|
62
|
+
return appendLimitNote(result, maxAsk);
|
|
63
|
+
}
|
|
64
|
+
let plugin = options.plugin;
|
|
65
|
+
if (!plugin) {
|
|
66
|
+
try {
|
|
67
|
+
plugin = getPlugin();
|
|
68
|
+
}
|
|
69
|
+
catch (e) {
|
|
70
|
+
return appendUnavailableNote(result, errMsg(e));
|
|
71
|
+
}
|
|
72
|
+
}
|
|
73
|
+
const askTool = new AskUserBuiltinTool(plugin);
|
|
74
|
+
const { body } = parseNeedsOwnerSignal(result);
|
|
75
|
+
const question = buildConfirmQuestion(toolName, body);
|
|
76
|
+
if (toolName === 'bash' && hasOwnerApproveAlways(plugin, options.toolContext, toolName)) {
|
|
77
|
+
return appendOrchestratedOwnerAnswer(result, 'yes');
|
|
78
|
+
}
|
|
79
|
+
if (toolName === 'bash') {
|
|
80
|
+
setPendingOrchestrationTool(plugin, options.toolContext, toolName);
|
|
81
|
+
}
|
|
82
|
+
try {
|
|
83
|
+
const ownerRaw = await askTool.run({ question, type: 'confirm', timeout: 120 }, options.toolContext);
|
|
84
|
+
const ownerStr = typeof ownerRaw === 'string' ? ownerRaw : String(ownerRaw);
|
|
85
|
+
if (ownerStr.startsWith('Error:')) {
|
|
86
|
+
return appendUnavailableNote(result, ownerStr);
|
|
87
|
+
}
|
|
88
|
+
usedOrchestrationSlots++;
|
|
89
|
+
return appendOrchestratedOwnerAnswer(result, ownerStr.trim());
|
|
90
|
+
}
|
|
91
|
+
finally {
|
|
92
|
+
if (toolName === 'bash') {
|
|
93
|
+
clearPendingOrchestrationTool(plugin, options.toolContext);
|
|
94
|
+
}
|
|
95
|
+
}
|
|
96
|
+
};
|
|
97
|
+
}
|
|
98
|
+
//# sourceMappingURL=owner-confirm-orchestration.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"owner-confirm-orchestration.js","sourceRoot":"","sources":["../../src/orchestrator/owner-confirm-orchestration.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AACH,OAAO,EAAE,SAAS,EAAE,MAAM,eAAe,CAAC;AAG1C,OAAO,EAAE,kBAAkB,EAAE,MAAM,6BAA6B,CAAC;AACjE,OAAO,EAAE,MAAM,EAAE,MAAM,uBAAuB,CAAC;AAC/C,OAAO,EACL,6BAA6B,EAC7B,qBAAqB,EACrB,2BAA2B,GAC5B,MAAM,2CAA2C,CAAC;AACnD,OAAO,EAAE,8BAA8B,EAAE,MAAM,oCAAoC,CAAC;AAEpF,4BAA4B;AAC5B,MAAM,CAAC,MAAM,2BAA2B,GAAG,mBAA4B,CAAC;AAExE,OAAO,EAAE,8BAA8B,EAAE,MAAM,oCAAoC,CAAC;AAEpF,MAAM,SAAS,GAAG,IAAI,GAAG,CAAS,8BAA8B,CAAC,CAAC;AAElE,MAAM,oBAAoB,GAAG,CAAC,CAAC;AAe/B;;GAEG;AACH,MAAM,UAAU,qBAAqB,CAAC,MAAc;IAClD,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IACpC,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;IAC7B,IAAI,KAAK,KAAK,2BAA2B,EAAE,CAAC;QAC1C,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;IAC5C,CAAC;IACD,MAAM,IAAI,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IAC3D,OAAO,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;AACnC,CAAC;AAED,MAAM,UAAU,iCAAiC,CAAC,QAAgB,EAAE,MAAc;IAChF,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,QAAQ,CAAC;QAAE,OAAO,KAAK,CAAC;IAC3C,OAAO,qBAAqB,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC;AACjD,CAAC;AAED,SAAS,6BAA6B,CAAC,gBAAwB,EAAE,WAAmB;IAClF,OAAO,GAAG,gBAAgB,CAAC,OAAO,EAAE,iDAAiD,WAAW,EAAE,CAAC;AACrG,CAAC;AAED,SAAS,qBAAqB,CAAC,gBAAwB,EAAE,IAAY;IACnE,OAAO,GAAG,gBAAgB,CAAC,OAAO,EAAE,iCAAiC,IAAI,4CAA4C,CAAC;AACxH,CAAC;AAED,SAAS,eAAe,CAAC,gBAAwB,EAAE,MAAc;IAC/D,OAAO,GAAG,gBAAgB,CAAC,OAAO,EAAE,oCAAoC,MAAM,oBAAoB,2BAA2B,+BAA+B,CAAC;AAC/J,CAAC;AAED,SAAS,oBAAoB,CAAC,QAAgB,EAAE,IAAY;IAC1D,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,IAAI,SAAS,CAAC;IACzC,MAAM,GAAG,GAAG,IAAI,CAAC;IACjB,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,gBAAgB,CAAC,CAAC,CAAC,OAAO,CAAC;IACzF,OAAO,MAAM,QAAQ,wBAAwB,MAAM,EAAE,CAAC;AACxD,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,0CAA0C,CACxD,OAAkC;IAElC,MAAM,MAAM,GAAG,OAAO,CAAC,eAAe,IAAI,oBAAoB,CAAC;IAC/D,IAAI,sBAAsB,GAAG,CAAC,CAAC;IAE/B,OAAO,KAAK,EAAE,KAAK,EAAmB,EAAE;QACtC,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,GAAG,KAAK,CAAC;QACnC,IAAI,CAAC,iCAAiC,CAAC,QAAQ,EAAE,MAAM,CAAC;YAAE,OAAO,MAAM,CAAC;QACxE,IAAI,OAAO,CAAC,wBAAwB;YAAE,OAAO,MAAM,CAAC;QAEpD,IAAI,sBAAsB,IAAI,MAAM,EAAE,CAAC;YACrC,OAAO,eAAe,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACzC,CAAC;QAED,IAAI,MAAM,GAAuB,OAAO,CAAC,MAAM,CAAC;QAChD,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,IAAI,CAAC;gBACH,MAAM,GAAG,SAAS,EAAE,CAAC;YACvB,CAAC;YAAC,OAAO,CAAU,EAAE,CAAC;gBACpB,OAAO,qBAAqB,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;YAClD,CAAC;QACH,CAAC;QAED,MAAM,OAAO,GAAG,IAAI,kBAAkB,CAAC,MAAM,CAAC,CAAC;QAC/C,MAAM,EAAE,IAAI,EAAE,GAAG,qBAAqB,CAAC,MAAM,CAAC,CAAC;QAC/C,MAAM,QAAQ,GAAG,oBAAoB,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;QAEtD,IAAI,QAAQ,KAAK,MAAM,IAAI,qBAAqB,CAAC,MAAM,EAAE,OAAO,CAAC,WAAW,EAAE,QAAQ,CAAC,EAAE,CAAC;YACxF,OAAO,6BAA6B,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;QACtD,CAAC;QAED,IAAI,QAAQ,KAAK,MAAM,EAAE,CAAC;YACxB,2BAA2B,CAAC,MAAM,EAAE,OAAO,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;QACrE,CAAC;QACD,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC,GAAG,CAChC,EAAE,QAAQ,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,GAAG,EAAE,EAC3C,OAAO,CAAC,WAAW,CACpB,CAAC;YACF,MAAM,QAAQ,GAAG,OAAO,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;YAE5E,IAAI,QAAQ,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAClC,OAAO,qBAAqB,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;YACjD,CAAC;YAED,sBAAsB,EAAE,CAAC;YACzB,OAAO,6BAA6B,CAAC,MAAM,EAAE,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC;QAChE,CAAC;gBAAS,CAAC;YACT,IAAI,QAAQ,KAAK,MAAM,EAAE,CAAC;gBACxB,6BAA6B,CAAC,MAAM,EAAE,OAAO,CAAC,WAAW,CAAC,CAAC;YAC7D,CAAC;QACH,CAAC;IACH,CAAC,CAAC;AACJ,CAAC"}
|
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Owner 硬编排(ZHIN_NEEDS_OWNER → ask_user)涉及的工具白名单。
|
|
3
|
+
*/
|
|
4
|
+
export declare const OWNER_HARD_ORCHESTRATION_TOOLS: readonly ["bash", "write_file", "edit_file", "web_fetch"];
|
|
5
|
+
export type OwnerHardOrchestrationTool = (typeof OWNER_HARD_ORCHESTRATION_TOOLS)[number];
|
|
6
|
+
//# sourceMappingURL=owner-orchestration-constants.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"owner-orchestration-constants.d.ts","sourceRoot":"","sources":["../../src/orchestrator/owner-orchestration-constants.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,eAAO,MAAM,8BAA8B,2DAKjC,CAAC;AAEX,MAAM,MAAM,0BAA0B,GAAG,CAAC,OAAO,8BAA8B,CAAC,CAAC,MAAM,CAAC,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"owner-orchestration-constants.js","sourceRoot":"","sources":["../../src/orchestrator/owner-orchestration-constants.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,MAAM,CAAC,MAAM,8BAA8B,GAAG;IAC5C,MAAM;IACN,YAAY;IACZ,WAAW;IACX,WAAW;CACH,CAAC"}
|
|
@@ -0,0 +1,5 @@
|
|
|
1
|
+
import type { ToolContext } from '@zhin.js/core';
|
|
2
|
+
export declare function getCurrentBashToolContext(): ToolContext | undefined;
|
|
3
|
+
export declare function runWithBashToolContext<T>(ctx: ToolContext | undefined, fn: () => T): T;
|
|
4
|
+
export declare function runWithBashToolContext<T>(ctx: ToolContext | undefined, fn: () => Promise<T>): Promise<T>;
|
|
5
|
+
//# sourceMappingURL=bash-tool-context.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"bash-tool-context.d.ts","sourceRoot":"","sources":["../../src/security/bash-tool-context.ts"],"names":[],"mappings":"AAKA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAIjD,wBAAgB,yBAAyB,IAAI,WAAW,GAAG,SAAS,CAEnE;AAED,wBAAgB,sBAAsB,CAAC,CAAC,EAAE,GAAG,EAAE,WAAW,GAAG,SAAS,EAAE,EAAE,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC;AACxF,wBAAgB,sBAAsB,CAAC,CAAC,EAAE,GAAG,EAAE,WAAW,GAAG,SAAS,EAAE,EAAE,EAAE,MAAM,OAAO,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC"}
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* 在 @zhin.js/ai Agent 执行工具期间挂载当前 {@link ToolContext},
|
|
3
|
+
* 供 {@link checkExecPolicy} 等无法从 `tool.execute(args)` 拿到上下文的模块读取(如 icqq bash 放行规则)。
|
|
4
|
+
*/
|
|
5
|
+
import { AsyncLocalStorage } from 'node:async_hooks';
|
|
6
|
+
const als = new AsyncLocalStorage();
|
|
7
|
+
export function getCurrentBashToolContext() {
|
|
8
|
+
return als.getStore();
|
|
9
|
+
}
|
|
10
|
+
export function runWithBashToolContext(ctx, fn) {
|
|
11
|
+
return als.run(ctx, fn);
|
|
12
|
+
}
|
|
13
|
+
//# sourceMappingURL=bash-tool-context.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"bash-tool-context.js","sourceRoot":"","sources":["../../src/security/bash-tool-context.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,OAAO,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AAGrD,MAAM,GAAG,GAAG,IAAI,iBAAiB,EAA2B,CAAC;AAE7D,MAAM,UAAU,yBAAyB;IACvC,OAAO,GAAG,CAAC,QAAQ,EAAE,CAAC;AACxB,CAAC;AAID,MAAM,UAAU,sBAAsB,CAAI,GAA4B,EAAE,EAAwB;IAC9F,OAAO,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;AAC1B,CAAC"}
|
|
@@ -7,7 +7,7 @@
|
|
|
7
7
|
* 3. Safe wrapper 剥离 — `timeout 10 cmd` → 按 `cmd` 做匹配
|
|
8
8
|
* 4. 复合命令拆分 — `&&` `||` `;` 逐段独立检查,deny 优先
|
|
9
9
|
* 5. 只读命令自动放行 — 与 file-policy classifyBashCommand 集成
|
|
10
|
-
* 6.
|
|
10
|
+
* 6. Owner 信号 — execAsk=true 时返回需审批(ZHIN_NEEDS_OWNER),由编排层可硬触发 ask_user
|
|
11
11
|
*/
|
|
12
12
|
import type { AgentTool } from '@zhin.js/core';
|
|
13
13
|
import type { ZhinAgentConfig } from '../zhin-agent/config.js';
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"exec-policy.d.ts","sourceRoot":"","sources":["../../src/security/exec-policy.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,eAAe,CAAC;
|
|
1
|
+
{"version":3,"file":"exec-policy.d.ts","sourceRoot":"","sources":["../../src/security/exec-policy.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,eAAe,CAAC;AAE/C,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,yBAAyB,CAAC;AAc/D,eAAO,MAAM,YAAY,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,CAIjD,CAAC;AAqBF;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAE3D;AAID;;;;;GAKG;AACH,wBAAgB,iBAAiB,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAMzD;AAYD;;;GAGG;AACH,wBAAgB,iBAAiB,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAsBzD;AAID;;;;;GAKG;AACH,wBAAgB,oBAAoB,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,EAAE,CAG9D;AAED;;;GAGG;AACH,wBAAgB,kBAAkB,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAK1D;AAID,MAAM,WAAW,gBAAgB;IAC/B,OAAO,EAAE,OAAO,CAAC;IACjB,iBAAiB;IACjB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,6CAA6C;IAC7C,aAAa,CAAC,EAAE,OAAO,CAAC;CACzB;AAID;;GAEG;AACH,wBAAgB,oBAAoB,CAAC,MAAM,EAAE,QAAQ,CAAC,eAAe,CAAC,GAAG,MAAM,EAAE,CAMhF;AA2FD;;;;;GAKG;AACH,wBAAgB,eAAe,CAAC,MAAM,EAAE,QAAQ,CAAC,eAAe,CAAC,EAAE,OAAO,EAAE,MAAM,GAAG,gBAAgB,CAyCpG;AAED;;;GAGG;AACH,wBAAgB,sBAAsB,CAAC,MAAM,EAAE,QAAQ,CAAC,eAAe,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,SAAS,EAAE,CAoBzG"}
|
|
@@ -7,9 +7,12 @@
|
|
|
7
7
|
* 3. Safe wrapper 剥离 — `timeout 10 cmd` → 按 `cmd` 做匹配
|
|
8
8
|
* 4. 复合命令拆分 — `&&` `||` `;` 逐段独立检查,deny 优先
|
|
9
9
|
* 5. 只读命令自动放行 — 与 file-policy classifyBashCommand 集成
|
|
10
|
-
* 6.
|
|
10
|
+
* 6. Owner 信号 — execAsk=true 时返回需审批(ZHIN_NEEDS_OWNER),由编排层可硬触发 ask_user
|
|
11
11
|
*/
|
|
12
|
+
import { getPlugin } from '@zhin.js/core';
|
|
12
13
|
import { classifyBashCommand } from './file-policy.js';
|
|
14
|
+
import { getCurrentBashToolContext } from './bash-tool-context.js';
|
|
15
|
+
import { isIcqqSensitiveSubcommand, matchesBashOwnerExecBypass, } from './owner-approve-always-store.js';
|
|
13
16
|
// ── 预设命令白名单 ──────────────────────────────────────────────────
|
|
14
17
|
const PRESET_READONLY = ['ls', 'cat', 'pwd', 'date', 'whoami', 'grep', 'find', 'head', 'tail', 'wc', 'stat', 'file'];
|
|
15
18
|
const PRESET_NETWORK = [...PRESET_READONLY, 'curl', 'wget', 'ping', 'dig', 'nslookup', 'host'];
|
|
@@ -121,6 +124,18 @@ export function resolveExecAllowlist(config) {
|
|
|
121
124
|
const merged = [...new Set([...presetList, ...custom])];
|
|
122
125
|
return merged;
|
|
123
126
|
}
|
|
127
|
+
function tryExecBypassForSensitiveIcqq(normalizedSubCommand) {
|
|
128
|
+
const ctx = getCurrentBashToolContext();
|
|
129
|
+
if (!ctx?.platform || !ctx?.botId)
|
|
130
|
+
return false;
|
|
131
|
+
try {
|
|
132
|
+
const plugin = getPlugin().root ?? getPlugin();
|
|
133
|
+
return matchesBashOwnerExecBypass(plugin, ctx, normalizedSubCommand);
|
|
134
|
+
}
|
|
135
|
+
catch {
|
|
136
|
+
return false;
|
|
137
|
+
}
|
|
138
|
+
}
|
|
124
139
|
/**
|
|
125
140
|
* 检查单条子命令是否允许执行。
|
|
126
141
|
* 内部函数 — 不做复合命令拆分。
|
|
@@ -139,6 +154,27 @@ function checkSingleCommand(cmdName, fullSubCommand, allowlist, security, execAs
|
|
|
139
154
|
if (classification.isReadOnly) {
|
|
140
155
|
return { allowed: true };
|
|
141
156
|
}
|
|
157
|
+
// 3.5 icqq CLI(allowlist 模式):非敏感子命令直接放行;敏感子命令可走 Owner 正则/永久放行
|
|
158
|
+
if (security === 'allowlist' && cmdName === 'icqq') {
|
|
159
|
+
const norm = stripSafeWrappers(stripEnvVarPrefix(fullSubCommand.trim()));
|
|
160
|
+
if (!isIcqqSensitiveSubcommand(norm)) {
|
|
161
|
+
return { allowed: true };
|
|
162
|
+
}
|
|
163
|
+
if (tryExecBypassForSensitiveIcqq(norm)) {
|
|
164
|
+
return { allowed: true };
|
|
165
|
+
}
|
|
166
|
+
if (execAsk) {
|
|
167
|
+
return {
|
|
168
|
+
allowed: false,
|
|
169
|
+
needsApproval: true,
|
|
170
|
+
reason: `icqq 敏感操作需 Bot Owner 确认:${norm.slice(0, 280)}`,
|
|
171
|
+
};
|
|
172
|
+
}
|
|
173
|
+
return {
|
|
174
|
+
allowed: false,
|
|
175
|
+
reason: `icqq 敏感操作已被拒绝(未开启 execAsk):${norm.slice(0, 280)}`,
|
|
176
|
+
};
|
|
177
|
+
}
|
|
142
178
|
// 4. 白名单匹配
|
|
143
179
|
const allowed = allowlist.some(pattern => {
|
|
144
180
|
try {
|
|
@@ -221,8 +257,8 @@ export function applyExecPolicyToTools(config, tools) {
|
|
|
221
257
|
const result = checkExecPolicy(config, cmd);
|
|
222
258
|
if (!result.allowed) {
|
|
223
259
|
if (result.needsApproval) {
|
|
224
|
-
//
|
|
225
|
-
return
|
|
260
|
+
// 权威首行 + 正文:硬编排识别;与旧「请使用 ask_user」话术合并为单套
|
|
261
|
+
return `ZHIN_NEEDS_OWNER:\n⚠️ ${result.reason}\n\n此 shell 命令需 Bot Owner 审批后方可执行。`;
|
|
226
262
|
}
|
|
227
263
|
throw new Error(result.reason);
|
|
228
264
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"exec-policy.js","sourceRoot":"","sources":["../../src/security/exec-policy.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;
|
|
1
|
+
{"version":3,"file":"exec-policy.js","sourceRoot":"","sources":["../../src/security/exec-policy.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAGH,OAAO,EAAE,SAAS,EAAE,MAAM,eAAe,CAAC;AAE1C,OAAO,EAAE,mBAAmB,EAAE,MAAM,kBAAkB,CAAC;AACvD,OAAO,EAAE,yBAAyB,EAAE,MAAM,wBAAwB,CAAC;AACnE,OAAO,EACL,yBAAyB,EACzB,0BAA0B,GAC3B,MAAM,iCAAiC,CAAC;AAEzC,gEAAgE;AAEhE,MAAM,eAAe,GAAG,CAAC,IAAI,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC;AACrH,MAAM,cAAc,GAAG,CAAC,GAAG,eAAe,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,UAAU,EAAE,MAAM,CAAC,CAAC;AAC/F,MAAM,kBAAkB,GAAG,CAAC,GAAG,cAAc,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC;AAE5I,MAAM,CAAC,MAAM,YAAY,GAA6B;IACpD,QAAQ,EAAE,eAAe;IACzB,OAAO,EAAE,cAAc;IACvB,WAAW,EAAE,kBAAkB;CAChC,CAAC;AAEF,8DAA8D;AAE9D;;;GAGG;AACH,MAAM,kBAAkB,GAAwB,IAAI,GAAG,CAAC;IACtD,KAAK;IACL,MAAM,EAAE,IAAI,EAAE,MAAM;IACpB,sBAAsB;IACtB,MAAM,EAAE,MAAM;IACd,QAAQ;IACR,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,QAAQ;IAC/B,OAAO;IACP,KAAK,EAAE,QAAQ,EAAE,QAAQ,EAAE,QAAQ;IACnC,iBAAiB;IACjB,QAAQ;CACT,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,UAAU,kBAAkB,CAAC,OAAe;IAChD,OAAO,kBAAkB,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;AACzC,CAAC;AAED,yDAAyD;AAEzD;;;;;GAKG;AACH,MAAM,UAAU,iBAAiB,CAAC,OAAe;IAC/C,kDAAkD;IAClD,OAAO,OAAO,CAAC,OAAO,CACpB,gEAAgE,EAChE,EAAE,CACH,CAAC,IAAI,EAAE,CAAC;AACX,CAAC;AAED,iEAAiE;AAEjE;;;GAGG;AACH,MAAM,aAAa,GAAwB,IAAI,GAAG,CAAC;IACjD,SAAS,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,UAAU;CACnE,CAAC,CAAC;AAEH;;;GAGG;AACH,MAAM,UAAU,iBAAiB,CAAC,OAAe;IAC/C,IAAI,SAAS,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC;IAC/B,IAAI,OAAO,GAAG,IAAI,CAAC;IACnB,kBAAkB;IAClB,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,OAAO,OAAO,IAAI,OAAO,EAAE,GAAG,CAAC,EAAE,CAAC;QAChC,OAAO,GAAG,KAAK,CAAC;QAChB,MAAM,MAAM,GAAG,SAAS,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;QACtC,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC;YAAE,MAAM;QAC7B,IAAI,aAAa,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YACjC,0CAA0C;YAC1C,IAAI,CAAC,GAAG,CAAC,CAAC;YACV,OAAO,CAAC,GAAG,MAAM,CAAC,MAAM,IAAI,gCAAgC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gBAC7E,CAAC,EAAE,CAAC;YACN,CAAC;YACD,IAAI,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC;gBACtB,SAAS,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;gBACtC,OAAO,GAAG,IAAI,CAAC;YACjB,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,4DAA4D;AAE5D;;;;;GAKG;AACH,MAAM,UAAU,oBAAoB,CAAC,OAAe;IAClD,0BAA0B;IAC1B,OAAO,OAAO,CAAC,KAAK,CAAC,qBAAqB,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;AACjF,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,kBAAkB,CAAC,OAAe;IAChD,MAAM,QAAQ,GAAG,iBAAiB,CAAC,iBAAiB,CAAC,OAAO,CAAC,CAAC,CAAC;IAC/D,gBAAgB;IAChB,MAAM,IAAI,GAAG,QAAQ,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;IAC9C,OAAO,IAAI,CAAC;AACd,CAAC;AAYD,iEAAiE;AAEjE;;GAEG;AACH,MAAM,UAAU,oBAAoB,CAAC,MAAiC;IACpE,MAAM,MAAM,GAAG,MAAM,CAAC,UAAU,CAAC;IACjC,MAAM,UAAU,GAAG,CAAC,MAAM,IAAI,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IACvF,MAAM,MAAM,GAAG,MAAM,CAAC,aAAa,IAAI,EAAE,CAAC;IAC1C,MAAM,MAAM,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,UAAU,EAAE,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;IACxD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,6BAA6B,CAAC,oBAA4B;IACjE,MAAM,GAAG,GAAG,yBAAyB,EAAE,CAAC;IACxC,IAAI,CAAC,GAAG,EAAE,QAAQ,IAAI,CAAC,GAAG,EAAE,KAAK;QAAE,OAAO,KAAK,CAAC;IAChD,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC,IAAI,IAAI,SAAS,EAAE,CAAC;QAC/C,OAAO,0BAA0B,CAAC,MAAM,EAAE,GAAG,EAAE,oBAAoB,CAAC,CAAC;IACvE,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,SAAS,kBAAkB,CACzB,OAAe,EACf,cAAsB,EACtB,SAAmB,EACnB,QAAgB,EAChB,OAAgB;IAEhB,qBAAqB;IACrB,IAAI,kBAAkB,CAAC,OAAO,CAAC,EAAE,CAAC;QAChC,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,YAAY,OAAO,mBAAmB,EAAE,CAAC;IAC5E,CAAC;IAED,0BAA0B;IAC1B,IAAI,QAAQ,KAAK,MAAM,EAAE,CAAC;QACxB,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;IAC3B,CAAC;IAED,oDAAoD;IACpD,MAAM,cAAc,GAAG,mBAAmB,CAAC,cAAc,CAAC,CAAC;IAC3D,IAAI,cAAc,CAAC,UAAU,EAAE,CAAC;QAC9B,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;IAC3B,CAAC;IAED,8DAA8D;IAC9D,IAAI,QAAQ,KAAK,WAAW,IAAI,OAAO,KAAK,MAAM,EAAE,CAAC;QACnD,MAAM,IAAI,GAAG,iBAAiB,CAAC,iBAAiB,CAAC,cAAc,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;QACzE,IAAI,CAAC,yBAAyB,CAAC,IAAI,CAAC,EAAE,CAAC;YACrC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;QAC3B,CAAC;QACD,IAAI,6BAA6B,CAAC,IAAI,CAAC,EAAE,CAAC;YACxC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;QAC3B,CAAC;QACD,IAAI,OAAO,EAAE,CAAC;YACZ,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,aAAa,EAAE,IAAI;gBACnB,MAAM,EAAE,2BAA2B,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;aACxD,CAAC;QACJ,CAAC;QACD,OAAO;YACL,OAAO,EAAE,KAAK;YACd,MAAM,EAAE,8BAA8B,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;SAC3D,CAAC;IACJ,CAAC;IAED,WAAW;IACX,MAAM,OAAO,GAAG,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE;QACvC,IAAI,CAAC;YACH,MAAM,EAAE,GAAG,IAAI,MAAM,CAAC,IAAI,OAAO,GAAG,CAAC,CAAC;YACtC,OAAO,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC1B,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,OAAO,KAAK,OAAO,CAAC;QAC7B,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,IAAI,OAAO,EAAE,CAAC;QACZ,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;IAC3B,CAAC;IAED,YAAY;IACZ,IAAI,OAAO,EAAE,CAAC;QACZ,OAAO;YACL,OAAO,EAAE,KAAK;YACd,aAAa,EAAE,IAAI;YACnB,MAAM,EAAE,MAAM,OAAO,qBAAqB;SAC3C,CAAC;IACJ,CAAC;IAED,OAAO;QACL,OAAO,EAAE,KAAK;QACd,MAAM,EAAE,MAAM,OAAO,6DAA6D;KACnF,CAAC;AACJ,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,eAAe,CAAC,MAAiC,EAAE,OAAe;IAChF,MAAM,QAAQ,GAAG,MAAM,CAAC,YAAY,IAAI,MAAM,CAAC;IAC/C,IAAI,QAAQ,KAAK,MAAM,EAAE,CAAC;QACxB,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,yEAAyE,EAAE,CAAC;IAC/G,CAAC;IAED,MAAM,SAAS,GAAG,oBAAoB,CAAC,MAAM,CAAC,CAAC;IAC/C,MAAM,OAAO,GAAG,MAAM,CAAC,OAAO,IAAI,KAAK,CAAC;IACxC,MAAM,GAAG,GAAG,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;IAEnC,IAAI,CAAC,GAAG,EAAE,CAAC;QACT,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC;IAC5C,CAAC;IAED,0BAA0B;IAC1B,MAAM,WAAW,GAAG,oBAAoB,CAAC,GAAG,CAAC,CAAC;IAC9C,IAAI,eAAe,GAA4B,IAAI,CAAC;IAEpD,KAAK,MAAM,GAAG,IAAI,WAAW,EAAE,CAAC;QAC9B,MAAM,OAAO,GAAG,kBAAkB,CAAC,GAAG,CAAC,CAAC;QACxC,IAAI,CAAC,OAAO;YAAE,SAAS;QAEvB,MAAM,MAAM,GAAG,kBAAkB,CAAC,OAAO,EAAE,GAAG,EAAE,SAAS,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC;QAE9E,4BAA4B;QAC5B,IAAI,CAAC,MAAM,CAAC,OAAO,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE,CAAC;YAC7C,OAAO,MAAM,CAAC;QAChB,CAAC;QAED,aAAa;QACb,IAAI,CAAC,MAAM,CAAC,OAAO,IAAI,MAAM,CAAC,aAAa,IAAI,CAAC,eAAe,EAAE,CAAC;YAChE,eAAe,GAAG,MAAM,CAAC;QAC3B,CAAC;IACH,CAAC;IAED,UAAU;IACV,IAAI,eAAe,EAAE,CAAC;QACpB,OAAO,eAAe,CAAC;IACzB,CAAC;IAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;AAC3B,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,sBAAsB,CAAC,MAAiC,EAAE,KAAkB;IAC1F,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE;QACnB,IAAI,CAAC,CAAC,IAAI,KAAK,MAAM;YAAE,OAAO,CAAC,CAAC;QAChC,MAAM,QAAQ,GAAG,CAAC,CAAC,OAAO,CAAC;QAC3B,OAAO;YACL,GAAG,CAAC;YACJ,OAAO,EAAE,KAAK,EAAE,IAAyB,EAAE,EAAE;gBAC3C,MAAM,GAAG,GAAG,IAAI,EAAE,OAAO,IAAI,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gBAC9D,MAAM,MAAM,GAAG,eAAe,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;gBAC5C,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;oBACpB,IAAI,MAAM,CAAC,aAAa,EAAE,CAAC;wBACzB,0CAA0C;wBAC1C,OAAO,yBAAyB,MAAM,CAAC,MAAM,oCAAoC,CAAC;oBACpF,CAAC;oBACD,MAAM,IAAI,KAAK,CAAC,MAAM,CAAC,MAAO,CAAC,CAAC;gBAClC,CAAC;gBACD,OAAO,QAAQ,CAAC,IAAI,CAAC,CAAC;YACxB,CAAC;SACF,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC"}
|
|
@@ -0,0 +1,52 @@
|
|
|
1
|
+
import type { Message, Plugin, ToolContext } from '@zhin.js/core';
|
|
2
|
+
export declare const OWNER_APPROVE_ALWAYS_TOOL: "bash";
|
|
3
|
+
/** 需 Owner 审批的 icqq 子命令(正则匹配整段子命令文本,大小写不敏感) */
|
|
4
|
+
export declare const ICQQ_SENSITIVE_SUBCOMMAND_REGEXES: readonly RegExp[];
|
|
5
|
+
export interface BashRuleEntry {
|
|
6
|
+
id: string;
|
|
7
|
+
pattern: string;
|
|
8
|
+
createdAt: number;
|
|
9
|
+
}
|
|
10
|
+
export interface BashApprovalBotEntry {
|
|
11
|
+
bashAlways?: boolean;
|
|
12
|
+
bashRules: BashRuleEntry[];
|
|
13
|
+
}
|
|
14
|
+
export declare function getOwnerToolContextOrUndefined(plugin: Plugin, message: Message<any>): ToolContext | undefined;
|
|
15
|
+
/** 编排层:是否已「永久放行」bash 的 Owner 硬确认(ZHIN_NEEDS_OWNER 路径) */
|
|
16
|
+
export declare function hasOwnerApproveAlways(plugin: Plugin, ctx: ToolContext, toolName: string): boolean;
|
|
17
|
+
export declare function setBashAlways(plugin: Plugin, ctx: ToolContext, value: boolean): void;
|
|
18
|
+
export declare function addOwnerApproveAlways(plugin: Plugin, ctx: ToolContext, toolName: string): {
|
|
19
|
+
ok: true;
|
|
20
|
+
} | {
|
|
21
|
+
ok: false;
|
|
22
|
+
error: string;
|
|
23
|
+
};
|
|
24
|
+
export declare function removeOwnerApproveAlways(plugin: Plugin, ctx: ToolContext, toolName: string): {
|
|
25
|
+
ok: true;
|
|
26
|
+
} | {
|
|
27
|
+
ok: false;
|
|
28
|
+
error: string;
|
|
29
|
+
};
|
|
30
|
+
export declare function addBashApproveRule(plugin: Plugin, ctx: ToolContext, pattern: string): {
|
|
31
|
+
ok: true;
|
|
32
|
+
id: string;
|
|
33
|
+
} | {
|
|
34
|
+
ok: false;
|
|
35
|
+
error: string;
|
|
36
|
+
};
|
|
37
|
+
export declare function removeBashApproveRule(plugin: Plugin, ctx: ToolContext, ruleId: string): {
|
|
38
|
+
ok: true;
|
|
39
|
+
} | {
|
|
40
|
+
ok: false;
|
|
41
|
+
error: string;
|
|
42
|
+
};
|
|
43
|
+
/** exec 策略:bashAlways 或任一 bashRules 匹配 commandLine */
|
|
44
|
+
export declare function matchesBashOwnerExecBypass(plugin: Plugin, ctx: ToolContext, commandLine: string): boolean;
|
|
45
|
+
export declare function formatBashApproveList(plugin: Plugin, ctx: ToolContext): string;
|
|
46
|
+
/** 兼容旧单测:返回 bash 与 rule 摘要行 */
|
|
47
|
+
export declare function listOwnerApproveAlways(plugin: Plugin, ctx: ToolContext): string[];
|
|
48
|
+
export declare function isIcqqSensitiveSubcommand(fullSubCommand: string): boolean;
|
|
49
|
+
export declare function setPendingOrchestrationTool(plugin: Plugin, ctx: ToolContext, toolName: string): void;
|
|
50
|
+
export declare function clearPendingOrchestrationTool(plugin: Plugin, ctx: ToolContext): void;
|
|
51
|
+
export declare function getPendingOrchestrationTool(plugin: Plugin, ctx: ToolContext): string | undefined;
|
|
52
|
+
//# sourceMappingURL=owner-approve-always-store.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"owner-approve-always-store.d.ts","sourceRoot":"","sources":["../../src/security/owner-approve-always-store.ts"],"names":[],"mappings":"AAWA,OAAO,KAAK,EAAW,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAG3E,eAAO,MAAM,yBAAyB,EAAG,MAAe,CAAC;AAKzD,+CAA+C;AAC/C,eAAO,MAAM,iCAAiC,EAAE,SAAS,MAAM,EAoB9D,CAAC;AAEF,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE,MAAM,CAAC;IACX,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,oBAAoB;IACnC,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,SAAS,EAAE,aAAa,EAAE,CAAC;CAC5B;AAgHD,wBAAgB,8BAA8B,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,GAAG,WAAW,GAAG,SAAS,CAa7G;AAED,yDAAyD;AACzD,wBAAgB,qBAAqB,CAAC,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAKjG;AAED,wBAAgB,aAAa,CAAC,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,WAAW,EAAE,KAAK,EAAE,OAAO,GAAG,IAAI,CAapF;AAED,wBAAgB,qBAAqB,CAAC,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,GAAG;IAAE,EAAE,EAAE,IAAI,CAAA;CAAE,GAAG;IAAE,EAAE,EAAE,KAAK,CAAC;IAAC,KAAK,EAAE,MAAM,CAAA;CAAE,CAYrI;AAED,wBAAgB,wBAAwB,CAAC,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,GAAG;IAAE,EAAE,EAAE,IAAI,CAAA;CAAE,GAAG;IAAE,EAAE,EAAE,KAAK,CAAC;IAAC,KAAK,EAAE,MAAM,CAAA;CAAE,CAgBxI;AAED,wBAAgB,kBAAkB,CAChC,MAAM,EAAE,MAAM,EACd,GAAG,EAAE,WAAW,EAChB,OAAO,EAAE,MAAM,GACd;IAAE,EAAE,EAAE,IAAI,CAAC;IAAC,EAAE,EAAE,MAAM,CAAA;CAAE,GAAG;IAAE,EAAE,EAAE,KAAK,CAAC;IAAC,KAAK,EAAE,MAAM,CAAA;CAAE,CAwBzD;AAED,wBAAgB,qBAAqB,CACnC,MAAM,EAAE,MAAM,EACd,GAAG,EAAE,WAAW,EAChB,MAAM,EAAE,MAAM,GACb;IAAE,EAAE,EAAE,IAAI,CAAA;CAAE,GAAG;IAAE,EAAE,EAAE,KAAK,CAAC;IAAC,KAAK,EAAE,MAAM,CAAA;CAAE,CAmB7C;AAED,sDAAsD;AACtD,wBAAgB,0BAA0B,CAAC,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,GAAG,OAAO,CAgBzG;AAED,wBAAgB,qBAAqB,CAAC,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,WAAW,GAAG,MAAM,CAa9E;AAED,+BAA+B;AAC/B,wBAAgB,sBAAsB,CAAC,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,WAAW,GAAG,MAAM,EAAE,CAQjF;AAED,wBAAgB,yBAAyB,CAAC,cAAc,EAAE,MAAM,GAAG,OAAO,CAIzE;AASD,wBAAgB,2BAA2B,CAAC,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,GAAG,IAAI,CASpG;AAED,wBAAgB,6BAA6B,CAAC,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,WAAW,GAAG,IAAI,CAKpF;AAED,wBAAgB,2BAA2B,CAAC,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,WAAW,GAAG,MAAM,GAAG,SAAS,CAehG"}
|