icopilot 2.2.0

package/dist/tools/run-in-terminal.js

@@ -0,0 +1,162 @@
+import { spawn } from 'node:child_process';
+import path from 'node:path';
+import { config } from '../config.js';
+import { assertSandbox } from './sandbox.js';
+const DEFAULT_TIMEOUT_MS = 30_000;
+const MAX_OUTPUT_BYTES = 10 * 1024;
+const TRUNCATION_NOTE = '\n…[output truncated after 10KB]';
+export const runInTerminalSchema = {
+    type: 'function',
+    function: {
+        name: 'run_in_terminal',
+        description: 'Run a terminal command immediately with streamed stdout/stderr, optional cwd/env overrides, and timeout protection.',
+        parameters: {
+            type: 'object',
+            properties: {
+                command: {
+                    type: 'string',
+                    description: 'Command line to execute.',
+                },
+                cwd: {
+                    type: 'string',
+                    description: 'Optional working directory, relative to the current workspace unless absolute.',
+                },
+                timeout: {
+                    type: 'number',
+                    description: 'Optional timeout in milliseconds. Defaults to 30000.',
+                    default: DEFAULT_TIMEOUT_MS,
+                },
+                env: {
+                    type: 'object',
+                    additionalProperties: { type: 'string' },
+                    description: 'Optional environment variable overrides.',
+                },
+            },
+            required: ['command'],
+        },
+    },
+};
+export async function runInTerminal(args) {
+    const cwd = path.resolve(config.cwd, args.cwd || '.');
+    const timeoutMs = normalizeTimeout(args.timeout);
+    const env = {
+        ...process.env,
+        ...sanitizeEnv(args.env),
+    };
+    try {
+        assertSandbox(cwd, config.cwd);
+    }
+    catch (error) {
+        const message = error instanceof Error ? error.message : String(error);
+        return {
+            stdout: '',
+            stderr: message,
+            exitCode: -1,
+            timedOut: false,
+            truncated: false,
+        };
+    }
+    return new Promise((resolve) => {
+        const child = spawn(args.command, {
+            cwd,
+            env,
+            shell: true,
+            stdio: ['ignore', 'pipe', 'pipe'],
+        });
+        let stdout = '';
+        let stderr = '';
+        let capturedBytes = 0;
+        let timedOut = false;
+        let truncated = false;
+        let settled = false;
+        const timeoutId = setTimeout(() => {
+            timedOut = true;
+            child.kill();
+        }, timeoutMs);
+        const onStdout = (chunk) => {
+            const text = chunk.toString();
+            if (!config.jsonOutput)
+                process.stdout.write(text);
+            const result = appendOutput(stdout, text, capturedBytes, truncated);
+            stdout = result.output;
+            capturedBytes = result.capturedBytes;
+            truncated = result.truncated;
+        };
+        const onStderr = (chunk) => {
+            const text = chunk.toString();
+            if (!config.jsonOutput)
+                process.stderr.write(text);
+            const result = appendOutput(stderr, text, capturedBytes, truncated);
+            stderr = result.output;
+            capturedBytes = result.capturedBytes;
+            truncated = result.truncated;
+        };
+        child.stdout?.on('data', onStdout);
+        child.stderr?.on('data', onStderr);
+        child.once('error', (error) => {
+            if (settled)
+                return;
+            settled = true;
+            clearTimeout(timeoutId);
+            const result = appendOutput(stderr, error.message, capturedBytes, truncated);
+            resolve({
+                stdout,
+                stderr: result.output,
+                exitCode: -1,
+                timedOut,
+                truncated: result.truncated,
+            });
+        });
+        child.once('close', (code) => {
+            if (settled)
+                return;
+            settled = true;
+            clearTimeout(timeoutId);
+            resolve({
+                stdout,
+                stderr,
+                exitCode: code,
+                timedOut,
+                truncated,
+            });
+        });
+    });
+}
+function sanitizeEnv(env) {
+    if (!env)
+        return {};
+    return Object.fromEntries(Object.entries(env).filter((entry) => typeof entry[1] === 'string'));
+}
+function normalizeTimeout(timeout) {
+    if (typeof timeout !== 'number' || !Number.isFinite(timeout) || timeout <= 0) {
+        return DEFAULT_TIMEOUT_MS;
+    }
+    return Math.floor(timeout);
+}
+function appendOutput(current, chunk, capturedBytes, alreadyTruncated) {
+    if (alreadyTruncated || chunk.length === 0) {
+        return { output: current, capturedBytes, truncated: alreadyTruncated };
+    }
+    const availableBytes = MAX_OUTPUT_BYTES - capturedBytes;
+    if (availableBytes <= 0) {
+        return { output: withTruncationNote(current), capturedBytes, truncated: true };
+    }
+    const chunkBytes = Buffer.byteLength(chunk);
+    if (chunkBytes <= availableBytes) {
+        return {
+            output: current + chunk,
+            capturedBytes: capturedBytes + chunkBytes,
+            truncated: false,
+        };
+    }
+    const chunkBuffer = Buffer.from(chunk);
+    const visible = chunkBuffer.subarray(0, availableBytes).toString('utf8');
+    return {
+        output: withTruncationNote(current + visible),
+        capturedBytes: MAX_OUTPUT_BYTES,
+        truncated: true,
+    };
+}
+function withTruncationNote(output) {
+    return output.endsWith(TRUNCATION_NOTE) ? output : output + TRUNCATION_NOTE;
+}

package/dist/tools/safety.js

@@ -0,0 +1,64 @@
+import { theme } from '../ui/theme.js';
+const SAFE_CHECK = {
+    dangerous: false,
+    level: 'safe',
+    reason: '',
+};
+const FORK_BOMB_PATTERN = /:\s*\(\)\s*\{\s*:\s*\|\s*:\s*&\s*\}\s*;\s*:/;
+const ROOT_DELETE_PATTERN = /\brm\s+-rf\b[^\n\r;|&]*?(?:^|\s)(?:\/(?:\s|$)|~(?:\s|$)|["']\/["']|["']~["'])/i;
+const RECURSIVE_DELETE_PATTERN = /\brm\s+-rf\b/i;
+const SQL_DESTRUCTIVE_PATTERN = /\b(?:drop\s+table|drop\s+database|truncate(?:\s+table)?)\b/i;
+const FORCE_PUSH_PATTERN = /\bgit\s+push\b[^\n\r;|&]*(?:\s--force(?:-with-lease)?\b|\s-f\b)/i;
+const CHMOD_WORLD_WRITABLE_PATTERN = /\bchmod\b[^\n\r;|&]*\b777\b/i;
+const DEV_NULL_REDIRECT_PATTERN = /(?:^|\s)(?:\d*>)\s*\/dev\/null\b/;
+const IMPORTANT_COMMAND_PATTERN = /\b(?:rm|git|chmod|chown|dd|mkfs(?:\.\w+)?|curl|wget|docker|kubectl|npm|pnpm|yarn|node|psql|mysql|sqlite3|systemctl|service)\b/i;
+const PIPE_TO_SHELL_PATTERN = /\b(?:curl|wget)\b[^\n\r;|&]*\|\s*(?:sh|bash|zsh|ksh|fish)\b/i;
+const MKFS_PATTERN = /\bmkfs(?:\.\w+)?\b/i;
+const DD_TO_DEVICE_PATTERN = /\bdd\b[^\n\r;|&]*\bif=[^\s]+[^\n\r;|&]*\bof=\/dev\/\S+/i;
+export function checkCommandSafety(command) {
+    const normalized = command.trim();
+    if (!normalized)
+        return SAFE_CHECK;
+    if (FORK_BOMB_PATTERN.test(normalized)) {
+        return critical('fork bomb can exhaust system resources');
+    }
+    if (ROOT_DELETE_PATTERN.test(normalized)) {
+        return critical('recursive delete of root/home');
+    }
+    if (SQL_DESTRUCTIVE_PATTERN.test(normalized)) {
+        return critical('destructive SQL command detected');
+    }
+    if (MKFS_PATTERN.test(normalized) || DD_TO_DEVICE_PATTERN.test(normalized)) {
+        return critical('disk formatting or raw device overwrite detected');
+    }
+    if (RECURSIVE_DELETE_PATTERN.test(normalized)) {
+        return warn('recursive delete may remove many files');
+    }
+    if (FORCE_PUSH_PATTERN.test(normalized)) {
+        return warn('force push may overwrite remote history');
+    }
+    if (CHMOD_WORLD_WRITABLE_PATTERN.test(normalized)) {
+        return warn('world-writable permissions');
+    }
+    if (DEV_NULL_REDIRECT_PATTERN.test(normalized) && IMPORTANT_COMMAND_PATTERN.test(normalized)) {
+        return warn('output redirection may hide failures from an important command');
+    }
+    if (PIPE_TO_SHELL_PATTERN.test(normalized)) {
+        return warn('piping remote scripts to a shell can execute untrusted code');
+    }
+    return SAFE_CHECK;
+}
+export function formatSafetyWarning(check) {
+    if (!check.dangerous || check.level === 'safe')
+        return '';
+    if (check.level === 'critical') {
+        return theme.err(`Critical: ${check.reason}`);
+    }
+    return theme.warn(`Warning: ${check.reason}`);
+}
+function warn(reason) {
+    return { dangerous: true, level: 'warn', reason };
+}
+function critical(reason) {
+    return { dangerous: true, level: 'critical', reason };
+}

package/dist/tools/sandbox.js

@@ -0,0 +1,15 @@
+import path from 'node:path';
+export function isSandboxed() {
+    return process.env.ICOPILOT_SANDBOX === '1';
+}
+export function pathInSandbox(absPath, cwdRoot) {
+    const resolvedPath = path.resolve(absPath);
+    const resolvedRoot = path.resolve(cwdRoot);
+    const rel = path.relative(resolvedRoot, resolvedPath);
+    return rel === '' || (!rel.startsWith('..') && !path.isAbsolute(rel));
+}
+export function assertSandbox(absPath, cwdRoot) {
+    if (isSandboxed() && !pathInSandbox(absPath, cwdRoot)) {
+        throw new Error(`sandbox violation: ${path.resolve(absPath)} outside ${path.resolve(cwdRoot)}`);
+    }
+}

package/dist/tools/search-symbols.js

@@ -0,0 +1,212 @@
+import fs from 'node:fs';
+import path from 'node:path';
+import fg from 'fast-glob';
+import { config } from '../config.js';
+import { assertSandbox } from './sandbox.js';
+const RESULT_LIMIT = 50;
+const DEFAULT_FILE_PATTERNS = [
+    '**/*.{ts,tsx,mts,cts}',
+    '**/*.{js,jsx,mjs,cjs}',
+    '**/*.py',
+    '**/*.go',
+    '**/*.rs',
+];
+const PATTERN_LIBRARY = {
+    typescript: [
+        {
+            type: 'function',
+            regex: /^\s*(?:export\s+)?(?:default\s+)?(?:async\s+)?function\s+(?<name>[A-Za-z_$][\w$]*)\b/,
+        },
+        {
+            type: 'class',
+            regex: /^\s*(?:export\s+)?(?:default\s+)?class\s+(?<name>[A-Za-z_$][\w$]*)\b/,
+        },
+        {
+            type: 'interface',
+            regex: /^\s*(?:export\s+)?(?:default\s+)?interface\s+(?<name>[A-Za-z_$][\w$]*)\b/,
+        },
+        { type: 'type', regex: /^\s*(?:export\s+)?type\s+(?<name>[A-Za-z_$][\w$]*)\b/ },
+        {
+            type: 'variable',
+            regex: /^\s*(?:export\s+)?(?:const|let|var)\s+(?<name>[A-Za-z_$][\w$]*)\b/,
+        },
+    ],
+    javascript: [
+        {
+            type: 'function',
+            regex: /^\s*(?:export\s+)?(?:default\s+)?(?:async\s+)?function\s+(?<name>[A-Za-z_$][\w$]*)\b/,
+        },
+        {
+            type: 'class',
+            regex: /^\s*(?:export\s+)?(?:default\s+)?class\s+(?<name>[A-Za-z_$][\w$]*)\b/,
+        },
+        {
+            type: 'variable',
+            regex: /^\s*(?:export\s+)?(?:const|let|var)\s+(?<name>[A-Za-z_$][\w$]*)\b/,
+        },
+    ],
+    python: [
+        { type: 'function', regex: /^\s*def\s+(?<name>[A-Za-z_][\w]*)\b/ },
+        { type: 'class', regex: /^\s*class\s+(?<name>[A-Za-z_][\w]*)\b/ },
+        { type: 'variable', regex: /^(?<name>[A-Za-z_][\w]*)\s*(?::[^=]+)?=/ },
+    ],
+    go: [
+        { type: 'function', regex: /^\s*func\s*(?:\([^)]*\)\s*)?(?<name>[A-Za-z_][\w]*)\s*\(/ },
+        { type: 'interface', regex: /^\s*type\s+(?<name>[A-Za-z_][\w]*)\s+interface\b/ },
+        { type: 'type', regex: /^\s*type\s+(?<name>[A-Za-z_][\w]*)\s+(?!interface\b).+/ },
+        { type: 'variable', regex: /^\s*(?:var|const)\s+(?<name>[A-Za-z_][\w]*)\b/ },
+    ],
+    rust: [
+        { type: 'function', regex: /^\s*(?:pub\s+)?(?:async\s+)?fn\s+(?<name>[A-Za-z_][\w]*)\b/ },
+        { type: 'interface', regex: /^\s*(?:pub\s+)?trait\s+(?<name>[A-Za-z_][\w]*)\b/ },
+        { type: 'type', regex: /^\s*(?:pub\s+)?(?:struct|enum|type)\s+(?<name>[A-Za-z_][\w]*)\b/ },
+        {
+            type: 'variable',
+            regex: /^\s*(?:pub\s+)?(?:const|static)\s+(?:mut\s+)?(?<name>[A-Za-z_][\w]*)\b/,
+        },
+    ],
+};
+export const searchSymbolsSchema = {
+    type: 'function',
+    function: {
+        name: 'search_symbols',
+        description: 'Search source files for symbol declarations matching a regex query.',
+        parameters: {
+            type: 'object',
+            properties: {
+                query: {
+                    type: 'string',
+                    description: 'Regular expression used to match symbol names or declaration signatures.',
+                },
+                filePattern: {
+                    type: 'string',
+                    description: 'Optional fast-glob file pattern to narrow the search scope.',
+                },
+                type: {
+                    type: 'string',
+                    enum: ['function', 'class', 'variable', 'interface', 'type', 'all'],
+                    description: 'Optional symbol kind filter.',
+                },
+            },
+            required: ['query'],
+        },
+    },
+};
+export async function searchSymbols(args) {
+    const root = path.resolve(config.cwd);
+    assertSandbox(root, config.cwd);
+    const query = compileQuery(args.query);
+    const typeFilter = args.type ?? 'all';
+    const files = await fg(args.filePattern ? [args.filePattern] : [...DEFAULT_FILE_PATTERNS], {
+        cwd: root,
+        onlyFiles: true,
+        dot: false,
+        unique: true,
+        ignore: ['**/node_modules/**', '**/dist/**', '**/.git/**', ...loadGitIgnorePatterns(root)],
+    });
+    const results = [];
+    for (const file of files) {
+        if (results.length >= RESULT_LIMIT)
+            break;
+        const language = detectLanguage(file);
+        if (!language)
+            continue;
+        const matches = searchFile(path.join(root, file), path.relative(config.cwd, path.join(root, file)), language, query, typeFilter);
+        for (const match of matches) {
+            results.push(match);
+            if (results.length >= RESULT_LIMIT)
+                break;
+        }
+    }
+    return JSON.stringify(results);
+}
+function searchFile(absoluteFile, relativeFile, language, query, typeFilter) {
+    let content;
+    try {
+        content = fs.readFileSync(absoluteFile, 'utf8');
+    }
+    catch {
+        return [];
+    }
+    const patterns = PATTERN_LIBRARY[language];
+    const results = [];
+    const lines = content.split(/\r?\n/);
+    for (let index = 0; index < lines.length; index += 1) {
+        const line = lines[index] ?? '';
+        for (const pattern of patterns) {
+            if (typeFilter !== 'all' && pattern.type !== typeFilter)
+                continue;
+            const match = pattern.regex.exec(line);
+            const name = match?.groups?.name;
+            if (!name)
+                continue;
+            const signature = line.trim();
+            if (!query.test(name) && !query.test(signature))
+                continue;
+            results.push({
+                name,
+                type: pattern.type,
+                file: relativeFile,
+                line: index + 1,
+                signature,
+            });
+            break;
+        }
+    }
+    return results;
+}
+function compileQuery(query) {
+    try {
+        return new RegExp(query);
+    }
+    catch {
+        return new RegExp(escapeRegex(query));
+    }
+}
+function detectLanguage(file) {
+    const extension = path.extname(file).toLowerCase();
+    switch (extension) {
+        case '.ts':
+        case '.tsx':
+        case '.mts':
+        case '.cts':
+            return 'typescript';
+        case '.js':
+        case '.jsx':
+        case '.mjs':
+        case '.cjs':
+            return 'javascript';
+        case '.py':
+            return 'python';
+        case '.go':
+            return 'go';
+        case '.rs':
+            return 'rust';
+        default:
+            return null;
+    }
+}
+function escapeRegex(value) {
+    return value.replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
+}
+function loadGitIgnorePatterns(root) {
+    const gitIgnorePath = path.join(root, '.gitignore');
+    if (!fs.existsSync(gitIgnorePath))
+        return [];
+    try {
+        return fs
+            .readFileSync(gitIgnorePath, 'utf8')
+            .split(/\r?\n/)
+            .map((line) => line.trim())
+            .filter((line) => line !== '' && !line.startsWith('#') && !line.startsWith('!'))
+            .flatMap((line) => {
+            const normalized = line.replace(/^\.\//, '').replace(/^\/+/, '');
+            if (normalized.endsWith('/'))
+                return [normalized, `${normalized}**`];
+            return [normalized];
+        });
+    }
+    catch {
+        return [];
+    }
+}

package/dist/tools/shell.js

@@ -0,0 +1,118 @@
+import { spawn } from 'node:child_process';
+import path from 'node:path';
+import { confirm, input } from '@inquirer/prompts';
+import { config } from '../config.js';
+import { theme } from '../ui/theme.js';
+import { toolMemory } from './memory.js';
+import { loadPolicy, shellCommandAllowed } from './policy.js';
+import { assertSandbox } from './sandbox.js';
+import { checkCommandSafety } from './safety.js';
+/**
+ * Propose a shell command, require confirmation, then run it.
+ * Output is streamed to the terminal AND captured for return.
+ */
+export async function proposeAndRun(cmd, opts = {}) {
+    const cwd = path.resolve(opts.cwd || config.cwd);
+    const policy = loadPolicy(config.cwd);
+    if (!shellCommandAllowed(cmd, policy)) {
+        process.stdout.write(theme.err('  policy denied\n'));
+        return { ran: false, exitCode: null, stdout: '', stderr: 'policy denied' };
+    }
+    try {
+        assertSandbox(cwd, config.cwd);
+    }
+    catch (e) {
+        const message = e?.message || String(e);
+        process.stdout.write(theme.err(`  ${message}\n`));
+        return { ran: false, exitCode: null, stdout: '', stderr: message };
+    }
+    if (!config.quiet && !config.jsonOutput) {
+        process.stdout.write('\n' + theme.badge('SHELL') + '\n');
+        if (opts.explain)
+            process.stdout.write(theme.dim(opts.explain) + '\n');
+        process.stdout.write(theme.hl('  $ ') + cmd + '\n');
+        process.stdout.write(theme.dim(`  cwd: ${cwd}\n`));
+    }
+    const safety = checkCommandSafety(cmd);
+    const remembered = toolMemory.isShellRemembered(cmd);
+    let ok = false;
+    if (config.autoApprove && safety.level !== 'critical') {
+        ok = true;
+    }
+    else if (safety.level === 'critical') {
+        ok = await approveCriticalCommand(safety.reason).catch(() => false);
+    }
+    else if (remembered && safety.level === 'safe') {
+        ok = true;
+    }
+    else {
+        ok = await approveCommand(safety.reason, safety.level === 'warn');
+    }
+    if (!ok) {
+        if (!config.jsonOutput)
+            process.stdout.write(theme.warn('  skipped.\n'));
+        return { ran: false, exitCode: null, stdout: '', stderr: '' };
+    }
+    if (!config.autoApprove && !remembered) {
+        const remember = await confirm({
+            message: 'Remember this command for the session?',
+            default: false,
+        }).catch(() => false);
+        if (remember)
+            toolMemory.rememberShell(cmd);
+    }
+    return runCaptured(cmd, cwd);
+}
+async function approveCommand(reason, warned) {
+    if (warned && !config.quiet && !config.jsonOutput) {
+        process.stdout.write(theme.warn(`  Warning: ${reason}\n`));
+    }
+    return confirm({
+        message: 'Run this command?',
+        default: false,
+    }).catch(() => false);
+}
+async function approveCriticalCommand(reason) {
+    if (config.autoApprove) {
+        if (!config.quiet && !config.jsonOutput) {
+            process.stdout.write(theme.err(`  blocked critical command: ${reason}\n`));
+        }
+        return false;
+    }
+    process.stdout.write(theme.err('  !!! CRITICAL COMMAND WARNING !!!\n'));
+    process.stdout.write(theme.err(`  Reason: ${reason}\n`));
+    const answer = await input({
+        message: 'Type "yes" to run this critical command:',
+        default: '',
+    }).catch(() => '');
+    return answer.trim() === 'yes';
+}
+function runCaptured(cmd, cwd) {
+    return new Promise((resolve) => {
+        const isWin = process.platform === 'win32';
+        const shell = isWin ? 'powershell.exe' : 'bash';
+        const args = isWin ? ['-NoProfile', '-Command', cmd] : ['-lc', cmd];
+        const child = spawn(shell, args, { cwd, stdio: ['ignore', 'pipe', 'pipe'] });
+        let stdout = '';
+        let stderr = '';
+        child.stdout.on('data', (d) => {
+            const s = d.toString();
+            stdout += s;
+            if (!config.jsonOutput)
+                process.stdout.write(s);
+        });
+        child.stderr.on('data', (d) => {
+            const s = d.toString();
+            stderr += s;
+            if (!config.jsonOutput)
+                process.stderr.write(s);
+        });
+        child.on('close', (code) => {
+            resolve({ ran: true, exitCode: code, stdout, stderr });
+        });
+        child.on('error', (err) => {
+            stderr += String(err);
+            resolve({ ran: true, exitCode: -1, stdout, stderr });
+        });
+    });
+}