axconfig 3.6.2 → 3.6.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Gemini TOML rule generation helpers.
|
|
3
|
+
*/
|
|
4
|
+
/**
|
|
5
|
+
* Generate TOML rule for tool permissions.
|
|
6
|
+
*
|
|
7
|
+
* For allow rules that include run_shell_command, adds `allow_redirection = true`
|
|
8
|
+
* to permit heredocs, pipes, and redirects.
|
|
9
|
+
*/
|
|
10
|
+
export declare function generateToolRule(toolNames: string[], decision: "allow" | "deny", priority: number): string;
|
|
11
|
+
/**
|
|
12
|
+
* Generate TOML rule for bash command patterns.
|
|
13
|
+
*
|
|
14
|
+
* For allow rules, includes `allow_redirection = true` to permit
|
|
15
|
+
* heredocs, pipes, and redirects. Gemini CLI normally downgrades
|
|
16
|
+
* ALLOW to ASK_USER (DENY in --yolo mode) when redirections detected.
|
|
17
|
+
*/
|
|
18
|
+
export declare function generateBashRule(patterns: string[], decision: "allow" | "deny", priority: number): string;
|
|
@@ -0,0 +1,40 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Gemini TOML rule generation helpers.
|
|
3
|
+
*/
|
|
4
|
+
/**
|
|
5
|
+
* Generate TOML rule for tool permissions.
|
|
6
|
+
*
|
|
7
|
+
* For allow rules that include run_shell_command, adds `allow_redirection = true`
|
|
8
|
+
* to permit heredocs, pipes, and redirects.
|
|
9
|
+
*/
|
|
10
|
+
export function generateToolRule(toolNames, decision, priority) {
|
|
11
|
+
if (toolNames.length === 0)
|
|
12
|
+
return "";
|
|
13
|
+
const toolNameValue = toolNames.length === 1 ? `"${toolNames[0]}"` : JSON.stringify(toolNames);
|
|
14
|
+
// Allow redirections for shell commands (heredocs, pipes, >)
|
|
15
|
+
const includesShell = toolNames.includes("run_shell_command");
|
|
16
|
+
const allowRedirection = decision === "allow" && includesShell ? "\nallow_redirection = true" : "";
|
|
17
|
+
return `[[rule]]
|
|
18
|
+
toolName = ${toolNameValue}
|
|
19
|
+
decision = "${decision}"
|
|
20
|
+
priority = ${priority}${allowRedirection}`;
|
|
21
|
+
}
|
|
22
|
+
/**
|
|
23
|
+
* Generate TOML rule for bash command patterns.
|
|
24
|
+
*
|
|
25
|
+
* For allow rules, includes `allow_redirection = true` to permit
|
|
26
|
+
* heredocs, pipes, and redirects. Gemini CLI normally downgrades
|
|
27
|
+
* ALLOW to ASK_USER (DENY in --yolo mode) when redirections detected.
|
|
28
|
+
*/
|
|
29
|
+
export function generateBashRule(patterns, decision, priority) {
|
|
30
|
+
if (patterns.length === 0)
|
|
31
|
+
return "";
|
|
32
|
+
const prefixValue = patterns.length === 1 ? `"${patterns[0]}"` : JSON.stringify(patterns);
|
|
33
|
+
// Allow redirections (heredocs, pipes, >) for allowed commands
|
|
34
|
+
const allowRedirection = decision === "allow" ? "\nallow_redirection = true" : "";
|
|
35
|
+
return `[[rule]]
|
|
36
|
+
toolName = "run_shell_command"
|
|
37
|
+
commandPrefix = ${prefixValue}
|
|
38
|
+
decision = "${decision}"
|
|
39
|
+
priority = ${priority}${allowRedirection}`;
|
|
40
|
+
}
|
|
@@ -6,3 +6,10 @@
|
|
|
6
6
|
* Throws if file exists but contains invalid JSON to prevent data loss.
|
|
7
7
|
*/
|
|
8
8
|
export declare function readExistingSettings(settingsPath: string): Record<string, unknown>;
|
|
9
|
+
/**
|
|
10
|
+
* Build settings with /tmp workspace added.
|
|
11
|
+
*
|
|
12
|
+
* Adds /tmp to workspaces array to allow temporary file writes.
|
|
13
|
+
* Safe for CI/CD environments (ephemeral containers).
|
|
14
|
+
*/
|
|
15
|
+
export declare function buildSettingsWithTemporaryWorkspace(existingSettings: Record<string, unknown>): Record<string, unknown>;
|
|
@@ -19,3 +19,22 @@ export function readExistingSettings(settingsPath) {
|
|
|
19
19
|
throw new Error(`Failed to parse existing settings at ${settingsPath}: ${message}`);
|
|
20
20
|
}
|
|
21
21
|
}
|
|
22
|
+
/**
|
|
23
|
+
* Build settings with /tmp workspace added.
|
|
24
|
+
*
|
|
25
|
+
* Adds /tmp to workspaces array to allow temporary file writes.
|
|
26
|
+
* Safe for CI/CD environments (ephemeral containers).
|
|
27
|
+
*/
|
|
28
|
+
export function buildSettingsWithTemporaryWorkspace(existingSettings) {
|
|
29
|
+
const existingWorkspaces = Array.isArray(existingSettings.workspaces)
|
|
30
|
+
? existingSettings.workspaces
|
|
31
|
+
: [];
|
|
32
|
+
// Avoid duplicate /tmp entries
|
|
33
|
+
if (existingWorkspaces.includes("/tmp")) {
|
|
34
|
+
return existingSettings;
|
|
35
|
+
}
|
|
36
|
+
return {
|
|
37
|
+
...existingSettings,
|
|
38
|
+
workspaces: [...existingWorkspaces, "/tmp"],
|
|
39
|
+
};
|
|
40
|
+
}
|
package/dist/agents/gemini.js
CHANGED
|
@@ -14,7 +14,8 @@ import { atomicWriteFileSync } from "../atomic-write.js";
|
|
|
14
14
|
import { registerConfigBuilder } from "../builder.js";
|
|
15
15
|
// Re-export reader
|
|
16
16
|
export { geminiConfigReader } from "./gemini-reader.js";
|
|
17
|
-
import {
|
|
17
|
+
import { generateBashRule, generateToolRule } from "./gemini-rules.js";
|
|
18
|
+
import { buildSettingsWithTemporaryWorkspace, readExistingSettings, } from "./gemini-settings.js";
|
|
18
19
|
/** Gemini CLI tool name mapping */
|
|
19
20
|
const TOOL_MAP = {
|
|
20
21
|
read: "read_file",
|
|
@@ -31,31 +32,6 @@ const CAPABILITIES = {
|
|
|
31
32
|
pathRestrictions: false, // Gemini doesn't support path patterns
|
|
32
33
|
canDenyRead: true,
|
|
33
34
|
};
|
|
34
|
-
/**
|
|
35
|
-
* Generate TOML rule for tool permissions.
|
|
36
|
-
*/
|
|
37
|
-
function generateToolRule(toolNames, decision, priority) {
|
|
38
|
-
if (toolNames.length === 0)
|
|
39
|
-
return "";
|
|
40
|
-
const toolNameValue = toolNames.length === 1 ? `"${toolNames[0]}"` : JSON.stringify(toolNames);
|
|
41
|
-
return `[[rule]]
|
|
42
|
-
toolName = ${toolNameValue}
|
|
43
|
-
decision = "${decision}"
|
|
44
|
-
priority = ${priority}`;
|
|
45
|
-
}
|
|
46
|
-
/**
|
|
47
|
-
* Generate TOML rule for bash command patterns.
|
|
48
|
-
*/
|
|
49
|
-
function generateBashRule(patterns, decision, priority) {
|
|
50
|
-
if (patterns.length === 0)
|
|
51
|
-
return "";
|
|
52
|
-
const prefixValue = patterns.length === 1 ? `"${patterns[0]}"` : JSON.stringify(patterns);
|
|
53
|
-
return `[[rule]]
|
|
54
|
-
toolName = "run_shell_command"
|
|
55
|
-
commandPrefix = ${prefixValue}
|
|
56
|
-
decision = "${decision}"
|
|
57
|
-
priority = ${priority}`;
|
|
58
|
-
}
|
|
59
35
|
/**
|
|
60
36
|
* Build Gemini CLI configuration.
|
|
61
37
|
*
|
|
@@ -162,7 +138,8 @@ function build(config, output) {
|
|
|
162
138
|
// Write settings.json, preserving existing settings (e.g., model)
|
|
163
139
|
const settingsPath = path.join(output, "settings.json");
|
|
164
140
|
const existingSettings = readExistingSettings(settingsPath);
|
|
165
|
-
|
|
141
|
+
const settings = buildSettingsWithTemporaryWorkspace(existingSettings);
|
|
142
|
+
atomicWriteFileSync(settingsPath, JSON.stringify(settings, undefined, 2));
|
|
166
143
|
return {
|
|
167
144
|
ok: true,
|
|
168
145
|
env: { GEMINI_DIR: output },
|
package/package.json
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
"name": "axconfig",
|
|
3
3
|
"author": "Łukasz Jerciński",
|
|
4
4
|
"license": "MIT",
|
|
5
|
-
"version": "3.6.
|
|
5
|
+
"version": "3.6.3",
|
|
6
6
|
"description": "Unified configuration management for AI coding agents - common API for permissions, settings, and config across Claude Code, Codex, Gemini CLI, GitHub Copilot CLI, and OpenCode",
|
|
7
7
|
"repository": {
|
|
8
8
|
"type": "git",
|