maestro-agent-sdk 0.1.9 → 0.1.11
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/core/is-abort-error.d.ts +8 -0
- package/dist/core/is-abort-error.d.ts.map +1 -0
- package/dist/core/is-abort-error.js +17 -0
- package/dist/core/is-abort-error.js.map +1 -0
- package/dist/core/loop.d.ts.map +1 -1
- package/dist/core/loop.js +37 -1
- package/dist/core/loop.js.map +1 -1
- package/dist/platform/version.d.ts +1 -1
- package/dist/platform/version.d.ts.map +1 -1
- package/dist/platform/version.js +1 -1
- package/dist/platform/version.js.map +1 -1
- package/dist/provider.d.ts +2 -1
- package/dist/provider.d.ts.map +1 -1
- package/dist/provider.js +2 -10
- package/dist/provider.js.map +1 -1
- package/dist/registry.js +6 -6
- package/dist/registry.js.map +1 -1
- package/dist/sub-agent/runner.d.ts +1 -1
- package/dist/sub-agent/runner.d.ts.map +1 -1
- package/dist/sub-agent/runner.js +34 -23
- package/dist/sub-agent/runner.js.map +1 -1
- package/dist/tools/builtin/agent.d.ts +7 -4
- package/dist/tools/builtin/agent.d.ts.map +1 -1
- package/dist/tools/builtin/agent.js +7 -4
- package/dist/tools/builtin/agent.js.map +1 -1
- package/dist/tools/builtin/bash.d.ts +35 -0
- package/dist/tools/builtin/bash.d.ts.map +1 -1
- package/dist/tools/builtin/bash.js +138 -100
- package/dist/tools/builtin/bash.js.map +1 -1
- package/dist/tools/builtin/edit.d.ts.map +1 -1
- package/dist/tools/builtin/edit.js +8 -2
- package/dist/tools/builtin/edit.js.map +1 -1
- package/dist/tools/builtin/glob.d.ts.map +1 -1
- package/dist/tools/builtin/glob.js +5 -3
- package/dist/tools/builtin/glob.js.map +1 -1
- package/dist/tools/builtin/multi_edit.d.ts.map +1 -1
- package/dist/tools/builtin/multi_edit.js +8 -2
- package/dist/tools/builtin/multi_edit.js.map +1 -1
- package/dist/tools/builtin/write.d.ts.map +1 -1
- package/dist/tools/builtin/write.js +8 -2
- package/dist/tools/builtin/write.js.map +1 -1
- package/dist/tools/path-guard.d.ts +23 -0
- package/dist/tools/path-guard.d.ts.map +1 -0
- package/dist/tools/path-guard.js +52 -0
- package/dist/tools/path-guard.js.map +1 -0
- package/package.json +1 -1
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"bash.d.ts","sourceRoot":"","sources":["../../../src/tools/builtin/bash.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"bash.d.ts","sourceRoot":"","sources":["../../../src/tools/builtin/bash.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AA4DpD,wBAAgB,cAAc,CAAC,IAAI,CAAC,EAAE;IAAE,MAAM,CAAC,EAAE,WAAW,CAAA;CAAE,GAAG,WAAW,CAW3E;AAwGD;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AACH,eAAO,MAAM,QAAQ,EAAE,WAA8B,CAAC;AAEtD;kDACkD;AAClD,eAAO,MAAM,cAAc;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAAa,CAAC;AAEzC;;;;;;;;GAQG;AACH,UAAU,UAAU;IAClB,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,MAAM,IAAI,MAAM,CAAC;IACjB,SAAS,IAAI,OAAO,CAAC;CACtB;AAED,wBAAgB,gBAAgB,CAAC,GAAG,EAAE,MAAM,GAAG,UAAU,CA8DxD;AAQD,eAAO,MAAM,yBAAyB,QAA0B,CAAC;AACjE,eAAO,MAAM,sBAAsB,SAAuB,CAAC;AAC3D,eAAO,MAAM,iBAAiB,QAAkB,CAAC;AACjD,eAAO,MAAM,qBAAqB,QAAsB,CAAC"}
|
|
@@ -1,4 +1,138 @@
|
|
|
1
1
|
import { spawn } from "node:child_process";
|
|
2
|
+
import { isAbsolute, normalize } from "node:path";
|
|
3
|
+
/** Shared Bash schema — extracted as a named constant so both the bare
|
|
4
|
+
* export (`bashTool`) and the factory (`createBashTool`) reference the
|
|
5
|
+
* same object without a forward-reference problem. */
|
|
6
|
+
const bashSchema = {
|
|
7
|
+
name: "Bash",
|
|
8
|
+
description: "Execute a bash command and return stdout/stderr. Default 30s timeout " +
|
|
9
|
+
"(override via `timeout`, max 10min). 50KB output cap per stream by default " +
|
|
10
|
+
"(override via `max_output_bytes`, max 100KB). When a stream exceeds the " +
|
|
11
|
+
"cap both head and tail are preserved with a `[truncated N bytes]` marker " +
|
|
12
|
+
"between them — keeps the trailing error/summary visible. Optional " +
|
|
13
|
+
"`description` is recorded for audit/UI and otherwise ignored.",
|
|
14
|
+
input_schema: {
|
|
15
|
+
type: "object",
|
|
16
|
+
properties: {
|
|
17
|
+
command: {
|
|
18
|
+
type: "string",
|
|
19
|
+
description: "Bash command to execute.",
|
|
20
|
+
},
|
|
21
|
+
description: {
|
|
22
|
+
type: "string",
|
|
23
|
+
description: "Short human-readable rationale for the command (~5-10 words). " +
|
|
24
|
+
"Accepted for claude-SDK parity — surfaces in permission UIs / " +
|
|
25
|
+
"audit logs. Ignored by execution.",
|
|
26
|
+
},
|
|
27
|
+
timeout: {
|
|
28
|
+
type: "number",
|
|
29
|
+
description: "Wall-clock timeout in milliseconds. Defaults to 30000 (30s). " +
|
|
30
|
+
"Clamped to a hard ceiling of 600000 (10min). Use a higher value " +
|
|
31
|
+
"for slow tests, installs, or builds.",
|
|
32
|
+
},
|
|
33
|
+
max_output_bytes: {
|
|
34
|
+
type: "number",
|
|
35
|
+
description: "Per-stream output cap in bytes. Defaults to 50000 (50KB). Clamped " +
|
|
36
|
+
"to a hard ceiling of 100000 (100KB). Exceeding bytes are dropped " +
|
|
37
|
+
"from the middle — head and tail are preserved with a " +
|
|
38
|
+
"`[truncated N bytes]` marker between them.",
|
|
39
|
+
},
|
|
40
|
+
cwd: {
|
|
41
|
+
type: "string",
|
|
42
|
+
description: "Working directory (optional).",
|
|
43
|
+
},
|
|
44
|
+
},
|
|
45
|
+
required: ["command"],
|
|
46
|
+
},
|
|
47
|
+
};
|
|
48
|
+
// ───────────────────────────────────────────────
|
|
49
|
+
// Factory — wraps the shared shell-out logic with
|
|
50
|
+
// an AbortSignal so the sub-agent runner can wire
|
|
51
|
+
// parent abort through to `spawn({ signal })`.
|
|
52
|
+
//
|
|
53
|
+
// Usage in runner.ts:
|
|
54
|
+
// tools.register(createBashTool({ signal: abortSignal }));
|
|
55
|
+
// ───────────────────────────────────────────────
|
|
56
|
+
export function createBashTool(opts) {
|
|
57
|
+
const parentSignal = opts?.signal;
|
|
58
|
+
return {
|
|
59
|
+
schema: bashSchema,
|
|
60
|
+
async execute(input) {
|
|
61
|
+
if (parentSignal?.aborted) {
|
|
62
|
+
return JSON.stringify({ error: "aborted" });
|
|
63
|
+
}
|
|
64
|
+
return executeBash(input, parentSignal);
|
|
65
|
+
},
|
|
66
|
+
};
|
|
67
|
+
}
|
|
68
|
+
/** Shared execute logic — used by both the factory wrapper and the bare export. */
|
|
69
|
+
async function executeBash(input, abortSignal) {
|
|
70
|
+
const command = String(input.command ?? "");
|
|
71
|
+
if (!command.trim()) {
|
|
72
|
+
return JSON.stringify({ error: "empty command" });
|
|
73
|
+
}
|
|
74
|
+
let cwd = typeof input.cwd === "string" ? input.cwd : undefined;
|
|
75
|
+
if (cwd !== undefined) {
|
|
76
|
+
cwd = normalize(cwd);
|
|
77
|
+
if (!isAbsolute(cwd)) {
|
|
78
|
+
return JSON.stringify({
|
|
79
|
+
error: `Bash: 'cwd' must be an absolute path, got '${cwd}'`,
|
|
80
|
+
});
|
|
81
|
+
}
|
|
82
|
+
}
|
|
83
|
+
const rawTimeout = input.timeout;
|
|
84
|
+
const timeoutMs = typeof rawTimeout === "number" && Number.isFinite(rawTimeout) && rawTimeout > 0
|
|
85
|
+
? Math.min(Math.floor(rawTimeout), BASH_TIMEOUT_MAX_MS)
|
|
86
|
+
: BASH_TIMEOUT_MS;
|
|
87
|
+
const rawMaxOutput = input.max_output_bytes;
|
|
88
|
+
const maxOutputBytes = typeof rawMaxOutput === "number" && Number.isFinite(rawMaxOutput) && rawMaxOutput > 0
|
|
89
|
+
? Math.min(Math.floor(rawMaxOutput), BASH_MAX_OUTPUT_HARD)
|
|
90
|
+
: BASH_MAX_OUTPUT_DEFAULT;
|
|
91
|
+
const stdoutRing = createOutputRing(maxOutputBytes);
|
|
92
|
+
const stderrRing = createOutputRing(maxOutputBytes);
|
|
93
|
+
return new Promise((resolve, reject) => {
|
|
94
|
+
try {
|
|
95
|
+
const child = spawn("bash", ["-c", command], {
|
|
96
|
+
...(cwd ? { cwd } : {}),
|
|
97
|
+
...(abortSignal ? { signal: abortSignal } : {}),
|
|
98
|
+
env: process.env,
|
|
99
|
+
});
|
|
100
|
+
const timer = setTimeout(() => {
|
|
101
|
+
child.kill("SIGKILL");
|
|
102
|
+
resolve(JSON.stringify({
|
|
103
|
+
error: `timeout after ${timeoutMs}ms`,
|
|
104
|
+
stdout: stdoutRing.render(),
|
|
105
|
+
stderr: stderrRing.render(),
|
|
106
|
+
...truncatedFlag(stdoutRing, stderrRing),
|
|
107
|
+
}));
|
|
108
|
+
}, timeoutMs);
|
|
109
|
+
child.stdout?.on("data", (chunk) => {
|
|
110
|
+
stdoutRing.append(chunk.toString("utf-8"));
|
|
111
|
+
});
|
|
112
|
+
child.stderr?.on("data", (chunk) => {
|
|
113
|
+
stderrRing.append(chunk.toString("utf-8"));
|
|
114
|
+
});
|
|
115
|
+
child.on("close", (code) => {
|
|
116
|
+
clearTimeout(timer);
|
|
117
|
+
resolve(JSON.stringify({
|
|
118
|
+
exitCode: code,
|
|
119
|
+
stdout: stdoutRing.render(),
|
|
120
|
+
stderr: stderrRing.render(),
|
|
121
|
+
...truncatedFlag(stdoutRing, stderrRing),
|
|
122
|
+
}));
|
|
123
|
+
});
|
|
124
|
+
child.on("error", (err) => {
|
|
125
|
+
clearTimeout(timer);
|
|
126
|
+
resolve(JSON.stringify({ error: err.message }));
|
|
127
|
+
});
|
|
128
|
+
}
|
|
129
|
+
catch (err) {
|
|
130
|
+
// Synchronous throw from spawn (e.g. invalid options) — reject
|
|
131
|
+
// rather than letting the Promise hang unresolved.
|
|
132
|
+
reject(err instanceof Error ? err : new Error(String(err)));
|
|
133
|
+
}
|
|
134
|
+
});
|
|
135
|
+
}
|
|
2
136
|
/** Default wall-clock cap. The model can override via the `timeout` input
|
|
3
137
|
* field — useful for slow tests, builds, installs — capped at `BASH_TIMEOUT_MAX_MS`
|
|
4
138
|
* so a runaway can't pin the runtime indefinitely. */
|
|
@@ -40,106 +174,10 @@ const BASH_MAX_OUTPUT_HARD = 100_000;
|
|
|
40
174
|
* pretrained instinct to emit a short rationale per Bash call survives the
|
|
41
175
|
* agent switch, which is what permission UIs / audit logs want to render.
|
|
42
176
|
*/
|
|
43
|
-
export const bashTool =
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
"(override via `timeout`, max 10min). 50KB output cap per stream by default " +
|
|
48
|
-
"(override via `max_output_bytes`, max 100KB). When a stream exceeds the " +
|
|
49
|
-
"cap both head and tail are preserved with a `[truncated N bytes]` marker " +
|
|
50
|
-
"between them — keeps the trailing error/summary visible. Optional " +
|
|
51
|
-
"`description` is recorded for audit/UI and otherwise ignored.",
|
|
52
|
-
input_schema: {
|
|
53
|
-
type: "object",
|
|
54
|
-
properties: {
|
|
55
|
-
command: {
|
|
56
|
-
type: "string",
|
|
57
|
-
description: "Bash command to execute.",
|
|
58
|
-
},
|
|
59
|
-
description: {
|
|
60
|
-
type: "string",
|
|
61
|
-
description: "Short human-readable rationale for the command (~5-10 words). " +
|
|
62
|
-
"Accepted for claude-SDK parity — surfaces in permission UIs / " +
|
|
63
|
-
"audit logs. Ignored by execution.",
|
|
64
|
-
},
|
|
65
|
-
timeout: {
|
|
66
|
-
type: "number",
|
|
67
|
-
description: "Wall-clock timeout in milliseconds. Defaults to 30000 (30s). " +
|
|
68
|
-
"Clamped to a hard ceiling of 600000 (10min). Use a higher value " +
|
|
69
|
-
"for slow tests, installs, or builds.",
|
|
70
|
-
},
|
|
71
|
-
max_output_bytes: {
|
|
72
|
-
type: "number",
|
|
73
|
-
description: "Per-stream output cap in bytes. Defaults to 50000 (50KB). Clamped " +
|
|
74
|
-
"to a hard ceiling of 100000 (100KB). Exceeding bytes are dropped " +
|
|
75
|
-
"from the middle — head and tail are preserved with a " +
|
|
76
|
-
"`[truncated N bytes]` marker between them.",
|
|
77
|
-
},
|
|
78
|
-
cwd: {
|
|
79
|
-
type: "string",
|
|
80
|
-
description: "Working directory (optional).",
|
|
81
|
-
},
|
|
82
|
-
},
|
|
83
|
-
required: ["command"],
|
|
84
|
-
},
|
|
85
|
-
},
|
|
86
|
-
async execute(input) {
|
|
87
|
-
const command = String(input.command ?? "");
|
|
88
|
-
if (!command.trim()) {
|
|
89
|
-
return JSON.stringify({ error: "empty command" });
|
|
90
|
-
}
|
|
91
|
-
const cwd = typeof input.cwd === "string" ? input.cwd : undefined;
|
|
92
|
-
// Resolve the effective timeout. Non-numeric / non-finite / non-positive
|
|
93
|
-
// falls back to the 30s default. Positive values are clamped to 10min.
|
|
94
|
-
const rawTimeout = input.timeout;
|
|
95
|
-
const timeoutMs = typeof rawTimeout === "number" && Number.isFinite(rawTimeout) && rawTimeout > 0
|
|
96
|
-
? Math.min(Math.floor(rawTimeout), BASH_TIMEOUT_MAX_MS)
|
|
97
|
-
: BASH_TIMEOUT_MS;
|
|
98
|
-
// Same shape for the output cap. The model often picks an explicit value
|
|
99
|
-
// when it knows the command will be noisy (`bun install`, `pytest -v`),
|
|
100
|
-
// and we want to honour that without giving away an unbounded buffer.
|
|
101
|
-
const rawMaxOutput = input.max_output_bytes;
|
|
102
|
-
const maxOutputBytes = typeof rawMaxOutput === "number" && Number.isFinite(rawMaxOutput) && rawMaxOutput > 0
|
|
103
|
-
? Math.min(Math.floor(rawMaxOutput), BASH_MAX_OUTPUT_HARD)
|
|
104
|
-
: BASH_MAX_OUTPUT_DEFAULT;
|
|
105
|
-
const stdoutRing = createOutputRing(maxOutputBytes);
|
|
106
|
-
const stderrRing = createOutputRing(maxOutputBytes);
|
|
107
|
-
return new Promise((resolve) => {
|
|
108
|
-
const child = spawn("bash", ["-c", command], {
|
|
109
|
-
...(cwd ? { cwd } : {}),
|
|
110
|
-
env: process.env,
|
|
111
|
-
});
|
|
112
|
-
const timer = setTimeout(() => {
|
|
113
|
-
child.kill("SIGKILL");
|
|
114
|
-
resolve(JSON.stringify({
|
|
115
|
-
error: `timeout after ${timeoutMs}ms`,
|
|
116
|
-
stdout: stdoutRing.render(),
|
|
117
|
-
stderr: stderrRing.render(),
|
|
118
|
-
...truncatedFlag(stdoutRing, stderrRing),
|
|
119
|
-
}));
|
|
120
|
-
}, timeoutMs);
|
|
121
|
-
child.stdout?.on("data", (chunk) => {
|
|
122
|
-
stdoutRing.append(chunk.toString("utf-8"));
|
|
123
|
-
});
|
|
124
|
-
child.stderr?.on("data", (chunk) => {
|
|
125
|
-
stderrRing.append(chunk.toString("utf-8"));
|
|
126
|
-
});
|
|
127
|
-
child.on("close", (code) => {
|
|
128
|
-
clearTimeout(timer);
|
|
129
|
-
resolve(JSON.stringify({
|
|
130
|
-
exitCode: code,
|
|
131
|
-
stdout: stdoutRing.render(),
|
|
132
|
-
stderr: stderrRing.render(),
|
|
133
|
-
...truncatedFlag(stdoutRing, stderrRing),
|
|
134
|
-
}));
|
|
135
|
-
});
|
|
136
|
-
child.on("error", (err) => {
|
|
137
|
-
clearTimeout(timer);
|
|
138
|
-
resolve(JSON.stringify({ error: err.message }));
|
|
139
|
-
});
|
|
140
|
-
});
|
|
141
|
-
},
|
|
142
|
-
};
|
|
177
|
+
export const bashTool = createBashTool();
|
|
178
|
+
/** Named schema export so the provider can reference it
|
|
179
|
+
* without instantiating a full tool registry. */
|
|
180
|
+
export const bashToolSchema = bashSchema;
|
|
143
181
|
export function createOutputRing(cap) {
|
|
144
182
|
if (cap <= 0) {
|
|
145
183
|
return {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"bash.js","sourceRoot":"","sources":["../../../src/tools/builtin/bash.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,oBAAoB,CAAC;
|
|
1
|
+
{"version":3,"file":"bash.js","sourceRoot":"","sources":["../../../src/tools/builtin/bash.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,oBAAoB,CAAC;AAC3C,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,WAAW,CAAC;AAIlD;;uDAEuD;AACvD,MAAM,UAAU,GAAG;IACjB,IAAI,EAAE,MAAM;IACZ,WAAW,EACT,uEAAuE;QACvE,6EAA6E;QAC7E,0EAA0E;QAC1E,2EAA2E;QAC3E,oEAAoE;QACpE,+DAA+D;IACjE,YAAY,EAAE;QACZ,IAAI,EAAE,QAAQ;QACd,UAAU,EAAE;YACV,OAAO,EAAE;gBACP,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,0BAA0B;aACxC;YACD,WAAW,EAAE;gBACX,IAAI,EAAE,QAAQ;gBACd,WAAW,EACT,gEAAgE;oBAChE,gEAAgE;oBAChE,mCAAmC;aACtC;YACD,OAAO,EAAE;gBACP,IAAI,EAAE,QAAQ;gBACd,WAAW,EACT,+DAA+D;oBAC/D,kEAAkE;oBAClE,sCAAsC;aACzC;YACD,gBAAgB,EAAE;gBAChB,IAAI,EAAE,QAAQ;gBACd,WAAW,EACT,oEAAoE;oBACpE,mEAAmE;oBACnE,uDAAuD;oBACvD,4CAA4C;aAC/C;YACD,GAAG,EAAE;gBACH,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,+BAA+B;aAC7C;SACF;QACD,QAAQ,EAAE,CAAC,SAAS,CAAC;KACtB;CACO,CAAC;AAEX,kDAAkD;AAClD,kDAAkD;AAClD,kDAAkD;AAClD,+CAA+C;AAC/C,EAAE;AACF,sBAAsB;AACtB,6DAA6D;AAC7D,kDAAkD;AAClD,MAAM,UAAU,cAAc,CAAC,IAA+B;IAC5D,MAAM,YAAY,GAAG,IAAI,EAAE,MAAM,CAAC;IAClC,OAAO;QACL,MAAM,EAAE,UAA2C;QACnD,KAAK,CAAC,OAAO,CAAC,KAAK;YACjB,IAAI,YAAY,EAAE,OAAO,EAAE,CAAC;gBAC1B,OAAO,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,CAAC,CAAC;YAC9C,CAAC;YACD,OAAO,WAAW,CAAC,KAAK,EAAE,YAAY,CAAC,CAAC;QAC1C,CAAC;KACF,CAAC;AACJ,CAAC;AAED,mFAAmF;AACnF,KAAK,UAAU,WAAW,CACxB,KAA8B,EAC9B,WAAyB;IAEzB,MAAM,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC;IAC5C,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC;QACpB,OAAO,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,eAAe,EAAE,CAAC,CAAC;IACpD,CAAC;IACD,IAAI,GAAG,GAAG,OAAO,KAAK,CAAC,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC;IAChE,IAAI,GAAG,KAAK,SAAS,EAAE,CAAC;QACtB,GAAG,GAAG,SAAS,CAAC,GAAG,CAAC,CAAC;QACrB,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YACrB,OAAO,IAAI,CAAC,SAAS,CAAC;gBACpB,KAAK,EAAE,8CAA8C,GAAG,GAAG;aAC5D,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IACD,MAAM,UAAU,GAAG,KAAK,CAAC,OAAO,CAAC;IACjC,MAAM,SAAS,GACb,OAAO,UAAU,KAAK,QAAQ,IAAI,MAAM,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,UAAU,GAAG,CAAC;QAC7E,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,mBAAmB,CAAC;QACvD,CAAC,CAAC,eAAe,CAAC;IACtB,MAAM,YAAY,GAAG,KAAK,CAAC,gBAAgB,CAAC;IAC5C,MAAM,cAAc,GAClB,OAAO,YAAY,KAAK,QAAQ,IAAI,MAAM,CAAC,QAAQ,CAAC,YAAY,CAAC,IAAI,YAAY,GAAG,CAAC;QACnF,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,EAAE,oBAAoB,CAAC;QAC1D,CAAC,CAAC,uBAAuB,CAAC;IAE9B,MAAM,UAAU,GAAG,gBAAgB,CAAC,cAAc,CAAC,CAAC;IACpD,MAAM,UAAU,GAAG,gBAAgB,CAAC,cAAc,CAAC,CAAC;IAEpD,OAAO,IAAI,OAAO,CAAS,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QAC7C,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,OAAO,CAAC,EAAE;gBAC3C,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;gBACvB,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;gBAC/C,GAAG,EAAE,OAAO,CAAC,GAAG;aACjB,CAAC,CAAC;YAEH,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,EAAE;gBAC5B,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;gBACtB,OAAO,CACL,IAAI,CAAC,SAAS,CAAC;oBACb,KAAK,EAAE,iBAAiB,SAAS,IAAI;oBACrC,MAAM,EAAE,UAAU,CAAC,MAAM,EAAE;oBAC3B,MAAM,EAAE,UAAU,CAAC,MAAM,EAAE;oBAC3B,GAAG,aAAa,CAAC,UAAU,EAAE,UAAU,CAAC;iBACzC,CAAC,CACH,CAAC;YACJ,CAAC,EAAE,SAAS,CAAC,CAAC;YAEd,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,EAAE,CAAC,KAAa,EAAE,EAAE;gBACzC,UAAU,CAAC,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC;YAC7C,CAAC,CAAC,CAAC;YACH,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,EAAE,CAAC,KAAa,EAAE,EAAE;gBACzC,UAAU,CAAC,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC;YAC7C,CAAC,CAAC,CAAC;YACH,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,IAAI,EAAE,EAAE;gBACzB,YAAY,CAAC,KAAK,CAAC,CAAC;gBACpB,OAAO,CACL,IAAI,CAAC,SAAS,CAAC;oBACb,QAAQ,EAAE,IAAI;oBACd,MAAM,EAAE,UAAU,CAAC,MAAM,EAAE;oBAC3B,MAAM,EAAE,UAAU,CAAC,MAAM,EAAE;oBAC3B,GAAG,aAAa,CAAC,UAAU,EAAE,UAAU,CAAC;iBACzC,CAAC,CACH,CAAC;YACJ,CAAC,CAAC,CAAC;YACH,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE;gBACxB,YAAY,CAAC,KAAK,CAAC,CAAC;gBACpB,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;YAClD,CAAC,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,+DAA+D;YAC/D,mDAAmD;YACnD,MAAM,CAAC,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QAC9D,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC;AAGD;;uDAEuD;AACvD,MAAM,eAAe,GAAG,MAAM,CAAC;AAE/B;kFACkF;AAClF,MAAM,mBAAmB,GAAG,EAAE,GAAG,MAAM,CAAC;AAExC;;;kBAGkB;AAClB,MAAM,uBAAuB,GAAG,MAAM,CAAC;AAEvC;;2DAE2D;AAC3D,MAAM,oBAAoB,GAAG,OAAO,CAAC;AAErC;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AACH,MAAM,CAAC,MAAM,QAAQ,GAAgB,cAAc,EAAE,CAAC;AAEtD;kDACkD;AAClD,MAAM,CAAC,MAAM,cAAc,GAAG,UAAU,CAAC;AAiBzC,MAAM,UAAU,gBAAgB,CAAC,GAAW;IAC1C,IAAI,GAAG,IAAI,CAAC,EAAE,CAAC;QACb,OAAO;YACL,MAAM,KAAI,CAAC;YACX,MAAM,EAAE,GAAG,EAAE,CAAC,EAAE;YAChB,SAAS,EAAE,GAAG,EAAE,CAAC,KAAK;SACvB,CAAC;IACJ,CAAC;IACD,yEAAyE;IACzE,0EAA0E;IAC1E,qDAAqD;IACrD,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC;IACnC,MAAM,OAAO,GAAG,GAAG,GAAG,OAAO,CAAC;IAC9B,IAAI,IAAI,GAAG,EAAE,CAAC;IACd,yEAAyE;IACzE,wEAAwE;IACxE,qEAAqE;IACrE,6CAA6C;IAC7C,IAAI,IAAI,GAAG,EAAE,CAAC;IACd,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,oEAAoE;IACpE,qCAAqC;IACrC,IAAI,KAAK,GAAG,CAAC,CAAC;IAEd,OAAO;QACL,MAAM,CAAC,IAAY;YACjB,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC;gBAAE,OAAO;YAC9B,KAAK,IAAI,IAAI,CAAC,MAAM,CAAC;YAErB,0DAA0D;YAC1D,IAAI,IAAI,CAAC,MAAM,GAAG,OAAO,EAAE,CAAC;gBAC1B,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,EAAE,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC;gBAC1D,IAAI,IAAI,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;gBAC5B,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBACxB,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC;oBAAE,OAAO;YAChC,CAAC;YAED,kEAAkE;YAClE,gEAAgE;YAChE,mEAAmE;YACnE,IAAI,OAAO,KAAK,CAAC,EAAE,CAAC;gBAClB,8DAA8D;gBAC9D,OAAO,IAAI,IAAI,CAAC,MAAM,CAAC;gBACvB,OAAO;YACT,CAAC;YACD,IAAI,IAAI,IAAI,CAAC;YACb,IAAI,IAAI,CAAC,MAAM,GAAG,OAAO,EAAE,CAAC;gBAC1B,MAAM,IAAI,GAAG,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC;gBACnC,OAAO,IAAI,IAAI,CAAC;gBAChB,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YAC1B,CAAC;QACH,CAAC;QACD,MAAM;YACJ,IAAI,OAAO,KAAK,CAAC;gBAAE,OAAO,IAAI,GAAG,IAAI,CAAC;YACtC,sEAAsE;YACtE,kEAAkE;YAClE,kEAAkE;YAClE,iBAAiB;YACjB,OAAO,GAAG,IAAI,mBAAmB,OAAO,eAAe,IAAI,EAAE,CAAC;QAChE,CAAC;QACD,SAAS,EAAE,GAAG,EAAE,CAAC,OAAO,GAAG,CAAC;KAC7B,CAAC;AACJ,CAAC;AAED,SAAS,aAAa,CAAC,MAAkB,EAAE,MAAkB;IAC3D,IAAI,MAAM,CAAC,SAAS,EAAE,IAAI,MAAM,CAAC,SAAS,EAAE;QAAE,OAAO,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC;IACzE,OAAO,EAAE,CAAC;AACZ,CAAC;AAED,8BAA8B;AAC9B,MAAM,CAAC,MAAM,yBAAyB,GAAG,uBAAuB,CAAC;AACjE,MAAM,CAAC,MAAM,sBAAsB,GAAG,oBAAoB,CAAC;AAC3D,MAAM,CAAC,MAAM,iBAAiB,GAAG,eAAe,CAAC;AACjD,MAAM,CAAC,MAAM,qBAAqB,GAAG,mBAAmB,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"edit.d.ts","sourceRoot":"","sources":["../../../src/tools/builtin/edit.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"edit.d.ts","sourceRoot":"","sources":["../../../src/tools/builtin/edit.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AAC3D,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAgCpD,MAAM,WAAW,eAAe;IAC9B;;;;OAIG;IACH,OAAO,CAAC,EAAE,gBAAgB,CAAC;CAC5B;AAED,wBAAgB,cAAc,CAAC,IAAI,GAAE,eAAoB,GAAG,WAAW,CAgKtE;AAED,+EAA+E;AAC/E,eAAO,MAAM,QAAQ,EAAE,WAA8B,CAAC;AAEtD;;;;GAIG;AACH,wBAAgB,gBAAgB,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,MAAM,CAUzE;AAqCD,eAAO,MAAM,gBAAgB,QAAiB,CAAC"}
|
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
import { existsSync, readFileSync, statSync, writeFileSync } from "node:fs";
|
|
2
|
-
import { isAbsolute } from "node:path";
|
|
2
|
+
import { isAbsolute, normalize } from "node:path";
|
|
3
|
+
import { checkBlockedPath } from "../../tools/path-guard.js";
|
|
3
4
|
/**
|
|
4
5
|
* Edit builtin — claude SDK `Edit` tool parity for maestro.
|
|
5
6
|
*
|
|
@@ -62,7 +63,9 @@ export function createEditTool(opts = {}) {
|
|
|
62
63
|
},
|
|
63
64
|
},
|
|
64
65
|
async execute(input) {
|
|
65
|
-
|
|
66
|
+
// normalize() collapses `..` segments (e.g. /safe/../etc → /etc) so
|
|
67
|
+
// that the isAbsolute check cannot be bypassed by path traversal.
|
|
68
|
+
const filePath = normalize(typeof input.file_path === "string" ? input.file_path : "");
|
|
66
69
|
if (!filePath) {
|
|
67
70
|
return JSON.stringify({ error: "Edit: missing 'file_path' argument" });
|
|
68
71
|
}
|
|
@@ -71,6 +74,9 @@ export function createEditTool(opts = {}) {
|
|
|
71
74
|
error: `Edit: file_path must be absolute, got '${filePath}'`,
|
|
72
75
|
});
|
|
73
76
|
}
|
|
77
|
+
const blockErr = checkBlockedPath("Edit", filePath);
|
|
78
|
+
if (blockErr)
|
|
79
|
+
return JSON.stringify({ error: blockErr });
|
|
74
80
|
// Read-before-Edit gate. No-op when no tracker is wired (standalone use).
|
|
75
81
|
if (tracker) {
|
|
76
82
|
const gateErr = tracker.checkBeforeMutate(filePath, "Edit");
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"edit.js","sourceRoot":"","sources":["../../../src/tools/builtin/edit.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,YAAY,EAAc,QAAQ,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AACxF,OAAO,EAAE,UAAU,EAAE,MAAM,WAAW,CAAC;
|
|
1
|
+
{"version":3,"file":"edit.js","sourceRoot":"","sources":["../../../src/tools/builtin/edit.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,YAAY,EAAc,QAAQ,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AACxF,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,WAAW,CAAC;AAClD,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AAItD;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AAEH,MAAM,cAAc,GAAG,EAAE,GAAG,IAAI,GAAG,IAAI,CAAC,CAAC,0BAA0B;AACnE,MAAM,oBAAoB,GAAG,CAAC,CAAC;AAW/B,MAAM,UAAU,cAAc,CAAC,OAAwB,EAAE;IACvD,MAAM,EAAE,OAAO,EAAE,GAAG,IAAI,CAAC;IACzB,OAAO;QACL,MAAM,EAAE;YACN,IAAI,EAAE,MAAM;YACZ,WAAW,EACT,yCAAyC;gBACzC,6DAA6D;gBAC7D,yEAAyE;gBACzE,uEAAuE;gBACvE,yEAAyE;YAC3E,YAAY,EAAE;gBACZ,IAAI,EAAE,QAAQ;gBACd,UAAU,EAAE;oBACV,SAAS,EAAE;wBACT,IAAI,EAAE,QAAQ;wBACd,WAAW,EAAE,0DAA0D;qBACxE;oBACD,UAAU,EAAE;wBACV,IAAI,EAAE,QAAQ;wBACd,WAAW,EAAE,+DAA+D;qBAC7E;oBACD,UAAU,EAAE;wBACV,IAAI,EAAE,QAAQ;wBACd,WAAW,EAAE,kDAAkD;qBAChE;oBACD,WAAW,EAAE;wBACX,IAAI,EAAE,SAAS;wBACf,WAAW,EACT,6EAA6E;qBAChF;iBACF;gBACD,QAAQ,EAAE,CAAC,WAAW,EAAE,YAAY,EAAE,YAAY,CAAC;aACpD;SACF;QACD,KAAK,CAAC,OAAO,CAAC,KAAK;YACjB,oEAAoE;YACpE,kEAAkE;YAClE,MAAM,QAAQ,GAAG,SAAS,CAAC,OAAO,KAAK,CAAC,SAAS,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;YACvF,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACd,OAAO,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,oCAAoC,EAAE,CAAC,CAAC;YACzE,CAAC;YACD,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC1B,OAAO,IAAI,CAAC,SAAS,CAAC;oBACpB,KAAK,EAAE,0CAA0C,QAAQ,GAAG;iBAC7D,CAAC,CAAC;YACL,CAAC;YACD,MAAM,QAAQ,GAAG,gBAAgB,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;YACpD,IAAI,QAAQ;gBAAE,OAAO,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC,CAAC;YACzD,0EAA0E;YAC1E,IAAI,OAAO,EAAE,CAAC;gBACZ,MAAM,OAAO,GAAG,OAAO,CAAC,iBAAiB,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;gBAC5D,IAAI,OAAO,EAAE,CAAC;oBACZ,OAAO,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,CAAC;gBAC5C,CAAC;YACH,CAAC;YACD,IAAI,OAAO,KAAK,CAAC,UAAU,KAAK,QAAQ,EAAE,CAAC;gBACzC,OAAO,IAAI,CAAC,SAAS,CAAC;oBACpB,KAAK,EAAE,4CAA4C,OAAO,KAAK,CAAC,UAAU,EAAE;iBAC7E,CAAC,CAAC;YACL,CAAC;YACD,IAAI,OAAO,KAAK,CAAC,UAAU,KAAK,QAAQ,EAAE,CAAC;gBACzC,OAAO,IAAI,CAAC,SAAS,CAAC;oBACpB,KAAK,EAAE,4CAA4C,OAAO,KAAK,CAAC,UAAU,EAAE;iBAC7E,CAAC,CAAC;YACL,CAAC;YACD,MAAM,MAAM,GAAG,KAAK,CAAC,UAAU,CAAC;YAChC,MAAM,MAAM,GAAG,KAAK,CAAC,UAAU,CAAC;YAChC,MAAM,UAAU,GAAG,OAAO,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;YAE9C,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;gBACtB,OAAO,IAAI,CAAC,SAAS,CAAC;oBACpB,KAAK,EAAE,wEAAwE;iBAChF,CAAC,CAAC;YACL,CAAC;YACD,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACxB,OAAO,IAAI,CAAC,SAAS,CAAC;oBACpB,KAAK,EAAE,oCAAoC;iBAC5C,CAAC,CAAC;YACL,CAAC;YAED,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC1B,OAAO,IAAI,CAAC,SAAS,CAAC;oBACpB,KAAK,EAAE,8BAA8B,QAAQ,kCAAkC;iBAChF,CAAC,CAAC;YACL,CAAC;YACD,IAAI,IAAW,CAAC;YAChB,IAAI,CAAC;gBACH,IAAI,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC;YAC5B,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,OAAO,IAAI,CAAC,SAAS,CAAC;oBACpB,KAAK,EAAE,sBAAsB,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE;iBAC1E,CAAC,CAAC;YACL,CAAC;YACD,IAAI,IAAI,CAAC,WAAW,EAAE,EAAE,CAAC;gBACvB,OAAO,IAAI,CAAC,SAAS,CAAC;oBACpB,KAAK,EAAE,UAAU,QAAQ,+BAA+B;iBACzD,CAAC,CAAC;YACL,CAAC;YACD,IAAI,IAAI,CAAC,IAAI,GAAG,cAAc,EAAE,CAAC;gBAC/B,OAAO,IAAI,CAAC,SAAS,CAAC;oBACpB,KAAK,EAAE,mBAAmB,IAAI,CAAC,IAAI,sDAAsD;iBAC1F,CAAC,CAAC;YACL,CAAC;YAED,IAAI,GAAW,CAAC;YAChB,IAAI,CAAC;gBACH,GAAG,GAAG,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;YACxC,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,OAAO,IAAI,CAAC,SAAS,CAAC;oBACpB,KAAK,EAAE,sBAAsB,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE;iBAC1E,CAAC,CAAC;YACL,CAAC;YAED,MAAM,WAAW,GAAG,gBAAgB,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;YAClD,IAAI,WAAW,KAAK,CAAC,EAAE,CAAC;gBACtB,OAAO,IAAI,CAAC,SAAS,CAAC;oBACpB,KAAK,EAAE,iCAAiC,QAAQ,+EAA+E;iBAChI,CAAC,CAAC;YACL,CAAC;YACD,IAAI,CAAC,UAAU,IAAI,WAAW,GAAG,CAAC,EAAE,CAAC;gBACnC,OAAO,IAAI,CAAC,SAAS,CAAC;oBACpB,KAAK,EAAE,4BAA4B,WAAW,aAAa,QAAQ,mGAAmG;oBACtK,WAAW;iBACZ,CAAC,CAAC;YACL,CAAC;YAED,2BAA2B;YAC3B,IAAI,OAAe,CAAC;YACpB,IAAI,UAAU,EAAE,CAAC;gBACf,OAAO,GAAG,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YAC3C,CAAC;iBAAM,CAAC;gBACN,MAAM,GAAG,GAAG,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;gBAChC,OAAO,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,MAAM,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC;YACxE,CAAC;YAED,IAAI,CAAC;gBACH,aAAa,CAAC,QAAQ,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;YAC5C,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,OAAO,IAAI,CAAC,SAAS,CAAC;oBACpB,KAAK,EAAE,uBAAuB,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE;iBAC3E,CAAC,CAAC;YACL,CAAC;YAED,qEAAqE;YACrE,4DAA4D;YAC5D,OAAO,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;YAE1B,yEAAyE;YACzE,0EAA0E;YAC1E,gCAAgC;YAChC,MAAM,aAAa,GAAG,UAAU,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC;YACnD,MAAM,OAAO,GAAG,gBAAgB,CAAC,GAAG,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC;YAC/D,OAAO;gBACL,gBAAgB,QAAQ,KAAK,aAAa,eAAe,aAAa,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,GAAG;gBAC1F,EAAE;gBACF,OAAO;aACR,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACf,CAAC;KACF,CAAC;AACJ,CAAC;AAED,+EAA+E;AAC/E,MAAM,CAAC,MAAM,QAAQ,GAAgB,cAAc,EAAE,CAAC;AAEtD;;;;GAIG;AACH,MAAM,UAAU,gBAAgB,CAAC,QAAgB,EAAE,MAAc;IAC/D,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,CAAC,CAAC;IAClC,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,IAAI,IAAI,GAAG,CAAC,CAAC;IACb,SAAS,CAAC;QACR,MAAM,GAAG,GAAG,QAAQ,CAAC,OAAO,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;QAC3C,IAAI,GAAG,KAAK,CAAC,CAAC;YAAE,OAAO,KAAK,CAAC;QAC7B,KAAK,EAAE,CAAC;QACR,IAAI,GAAG,GAAG,GAAG,MAAM,CAAC,MAAM,CAAC;IAC7B,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,SAAS,gBAAgB,CACvB,SAAiB,EACjB,OAAe,EACf,OAAe,EACf,MAAc;IAEd,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,oDAAoD,CAAC;IACrF,MAAM,GAAG,GAAG,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;IACpC,IAAI,GAAG,GAAG,CAAC;QAAE,OAAO,EAAE,CAAC;IACvB,MAAM,QAAQ,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IACrC,gDAAgD;IAChD,IAAI,GAAG,GAAG,CAAC,CAAC;IACZ,IAAI,WAAW,GAAG,CAAC,CAAC;IACpB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACzC,MAAM,IAAI,GAAG,GAAG,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,wBAAwB;QACnE,IAAI,IAAI,GAAG,GAAG,EAAE,CAAC;YACf,WAAW,GAAG,CAAC,CAAC;YAChB,MAAM;QACR,CAAC;QACD,GAAG,GAAG,IAAI,CAAC;IACb,CAAC;IACD,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,WAAW,GAAG,oBAAoB,CAAC,CAAC;IAC9D,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM,EAAE,WAAW,GAAG,oBAAoB,GAAG,CAAC,CAAC,CAAC;IAC9E,OAAO,QAAQ;SACZ,KAAK,CAAC,KAAK,EAAE,GAAG,CAAC;SACjB,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,MAAM,CAAC,KAAK,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,KAAK,IAAI,EAAE,CAAC;SACtE,IAAI,CAAC,IAAI,CAAC,CAAC;AAChB,CAAC;AAED,8BAA8B;AAC9B,MAAM,CAAC,MAAM,gBAAgB,GAAG,cAAc,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"glob.d.ts","sourceRoot":"","sources":["../../../src/tools/builtin/glob.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAuCpD,eAAO,MAAM,QAAQ,EAAE,
|
|
1
|
+
{"version":3,"file":"glob.d.ts","sourceRoot":"","sources":["../../../src/tools/builtin/glob.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAuCpD,eAAO,MAAM,QAAQ,EAAE,WAwKtB,CAAC;AAEF;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAgB,WAAW,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAEnD;AA2GD;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,wBAAgB,oBAAoB,CAAC,CAAC,EAAE,MAAM,GAAG;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,CAsBjF"}
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { readdirSync, statSync } from "node:fs";
|
|
2
|
-
import { isAbsolute, join, relative, sep } from "node:path";
|
|
2
|
+
import { isAbsolute, join, normalize, relative, sep } from "node:path";
|
|
3
3
|
/**
|
|
4
4
|
* `Glob` builtin — claude-SDK parity file-pattern matcher.
|
|
5
5
|
*
|
|
@@ -83,7 +83,8 @@ export const globTool = {
|
|
|
83
83
|
error: `Glob: 'path' must be absolute, got '${rawPath}'`,
|
|
84
84
|
});
|
|
85
85
|
}
|
|
86
|
-
root
|
|
86
|
+
// normalize() collapses `..` so the walk root can't escape via e.g. /safe/../../../etc.
|
|
87
|
+
root = normalize(rawPath);
|
|
87
88
|
}
|
|
88
89
|
else if (isAbsolute(rawPattern)) {
|
|
89
90
|
// claude-SDK parity: when the caller embeds the absolute root inside
|
|
@@ -93,7 +94,8 @@ export const globTool = {
|
|
|
93
94
|
// *relative* paths and returns zero — a footgun we hit often when the
|
|
94
95
|
// model copy-pastes absolute paths it just got from Read/Grep.
|
|
95
96
|
const split = splitAbsolutePattern(rawPattern);
|
|
96
|
-
|
|
97
|
+
// normalize here too — brace patterns can embed `..` in the fixed prefix.
|
|
98
|
+
root = normalize(split.root);
|
|
97
99
|
pattern = split.pattern;
|
|
98
100
|
}
|
|
99
101
|
else {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"glob.js","sourceRoot":"","sources":["../../../src/tools/builtin/glob.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAc,QAAQ,EAAE,MAAM,SAAS,CAAC;AAC5D,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,QAAQ,EAAE,GAAG,EAAE,MAAM,WAAW,CAAC;
|
|
1
|
+
{"version":3,"file":"glob.js","sourceRoot":"","sources":["../../../src/tools/builtin/glob.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAc,QAAQ,EAAE,MAAM,SAAS,CAAC;AAC5D,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,SAAS,EAAE,QAAQ,EAAE,GAAG,EAAE,MAAM,WAAW,CAAC;AAGvE;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AAEH,8EAA8E;AAC9E,MAAM,WAAW,GAAG,MAAM,CAAC;AAE3B;+BAC+B;AAC/B,MAAM,eAAe,GAAG,MAAM,CAAC;AAE/B,MAAM,CAAC,MAAM,QAAQ,GAAgB;IACnC,sEAAsE;IACtE,oCAAoC;IACpC,YAAY,EAAE,IAAI;IAClB,MAAM,EAAE;QACN,IAAI,EAAE,MAAM;QACZ,WAAW,EACT,sEAAsE;YACtE,8EAA8E;YAC9E,qEAAqE;YACrE,2EAA2E;YAC3E,4EAA4E;YAC5E,sFAAsF;QACxF,YAAY,EAAE;YACZ,IAAI,EAAE,QAAQ;YACd,UAAU,EAAE;gBACV,OAAO,EAAE;oBACP,IAAI,EAAE,QAAQ;oBACd,WAAW,EACT,6DAA6D;wBAC7D,gEAAgE;wBAChE,8DAA8D;wBAC9D,gEAAgE;wBAChE,8BAA8B;iBACjC;gBACD,IAAI,EAAE;oBACJ,IAAI,EAAE,QAAQ;oBACd,WAAW,EACT,+EAA+E;wBAC/E,wEAAwE;wBACxE,8CAA8C;iBACjD;aACF;YACD,QAAQ,EAAE,CAAC,SAAS,CAAC;SACtB;KACF;IACD,KAAK,CAAC,OAAO,CAAC,KAAK;QACjB,MAAM,UAAU,GAAG,OAAO,KAAK,CAAC,OAAO,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC;QAC1E,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,OAAO,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,kCAAkC,EAAE,CAAC,CAAC;QACvE,CAAC;QAED,MAAM,OAAO,GAAG,OAAO,KAAK,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;QACxE,IAAI,IAAY,CAAC;QACjB,yEAAyE;QACzE,2EAA2E;QAC3E,IAAI,OAAO,GAAG,UAAU,CAAC;QAEzB,IAAI,OAAO,KAAK,SAAS,EAAE,CAAC;YAC1B,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;gBACzB,OAAO,IAAI,CAAC,SAAS,CAAC;oBACpB,KAAK,EAAE,uCAAuC,OAAO,GAAG;iBACzD,CAAC,CAAC;YACL,CAAC;YACD,wFAAwF;YACxF,IAAI,GAAG,SAAS,CAAC,OAAO,CAAC,CAAC;QAC5B,CAAC;aAAM,IAAI,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;YAClC,qEAAqE;YACrE,wEAAwE;YACxE,sEAAsE;YACtE,oEAAoE;YACpE,sEAAsE;YACtE,+DAA+D;YAC/D,MAAM,KAAK,GAAG,oBAAoB,CAAC,UAAU,CAAC,CAAC;YAC/C,0EAA0E;YAC1E,IAAI,GAAG,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YAC7B,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC;QAC1B,CAAC;aAAM,CAAC;YACN,IAAI,GAAG,OAAO,CAAC,GAAG,EAAE,CAAC;QACvB,CAAC;QAED,IAAI,QAAe,CAAC;QACpB,IAAI,CAAC;YACH,QAAQ,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC;QAC5B,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,OAAO,IAAI,CAAC,SAAS,CAAC;gBACpB,KAAK,EAAE,2BAA2B,IAAI,MAAM,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE;aACzF,CAAC,CAAC;QACL,CAAC;QACD,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,EAAE,CAAC;YAC5B,OAAO,IAAI,CAAC,SAAS,CAAC;gBACpB,KAAK,EAAE,gDAAgD,IAAI,GAAG;aAC/D,CAAC,CAAC;QACL,CAAC;QAED,IAAI,KAAa,CAAC;QAClB,IAAI,CAAC;YACH,KAAK,GAAG,WAAW,CAAC,OAAO,CAAC,CAAC;QAC/B,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,OAAO,IAAI,CAAC,SAAS,CAAC;gBACpB,KAAK,EAAE,oCAAoC,OAAO,MAAM,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE;aACrG,CAAC,CAAC;QACL,CAAC;QAED,MAAM,OAAO,GAA0C,EAAE,CAAC;QAC1D,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAC7B,IAAI,SAAS,GAAG,KAAK,CAAC;QACtB,IAAI,QAAQ,GAAG,KAAK,CAAC;QAErB,SAAS,UAAU;YACjB,IAAI,OAAO,CAAC,MAAM,IAAI,WAAW,EAAE,CAAC;gBAClC,SAAS,GAAG,IAAI,CAAC;gBACjB,OAAO,IAAI,CAAC;YACd,CAAC;YACD,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,GAAG,eAAe,EAAE,CAAC;gBAC7C,QAAQ,GAAG,IAAI,CAAC;gBAChB,OAAO,IAAI,CAAC;YACd,CAAC;YACD,OAAO,KAAK,CAAC;QACf,CAAC;QAED,SAAS,IAAI,CAAC,GAAW;YACvB,IAAI,UAAU,EAAE;gBAAE,OAAO;YACzB,IAAI,KAAe,CAAC;YACpB,IAAI,CAAC;gBACH,qEAAqE;gBACrE,sEAAsE;gBACtE,4DAA4D;gBAC5D,uEAAuE;gBACvE,KAAK,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC;YAC3B,CAAC;YAAC,MAAM,CAAC;gBACP,gEAAgE;gBAChE,OAAO;YACT,CAAC;YACD,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;gBACzB,IAAI,UAAU,EAAE;oBAAE,OAAO;gBACzB,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;gBAC5B,IAAI,IAAW,CAAC;gBAChB,IAAI,CAAC;oBACH,IAAI,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC;gBACvB,CAAC;gBAAC,MAAM,CAAC;oBACP,SAAS;gBACX,CAAC;gBACD,IAAI,IAAI,CAAC,WAAW,EAAE,EAAE,CAAC;oBACvB,IAAI,CAAC,GAAG,CAAC,CAAC;oBACV,SAAS;gBACX,CAAC;gBACD,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE;oBAAE,SAAS;gBAC7B,oEAAoE;gBACpE,oCAAoC;gBACpC,MAAM,GAAG,GAAG,QAAQ,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;gBACrD,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC;oBAAE,SAAS;gBAC/B,OAAO,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,KAAK,EAAE,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC;YAC7C,CAAC;QACH,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,CAAC;QACX,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC;QAC1C,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAExC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACvB,OAAO,IAAI,CAAC,SAAS,CAAC;gBACpB,EAAE,EAAE,IAAI;gBACR,KAAK,EAAE,CAAC;gBACR,KAAK,EAAE,EAAE;gBACT,IAAI,EAAE,QAAQ,CAAC,CAAC,CAAC,2CAA2C,CAAC,CAAC,CAAC,aAAa;aAC7E,CAAC,CAAC;QACL,CAAC;QAED,MAAM,OAAO,GAA4B;YACvC,EAAE,EAAE,IAAI;YACR,KAAK,EAAE,KAAK,CAAC,MAAM;YACnB,KAAK;SACN,CAAC;QACF,IAAI,SAAS;YAAE,OAAO,CAAC,SAAS,GAAG,IAAI,CAAC;QACxC,IAAI,QAAQ;YAAE,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC;QACtC,OAAO,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;IACjC,CAAC;CACF,CAAC;AAEF;;;;;;;;;;;;;;;;GAgBG;AACH,MAAM,UAAU,WAAW,CAAC,OAAe;IACzC,OAAO,IAAI,MAAM,CAAC,IAAI,eAAe,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;AACrD,CAAC;AAED,2EAA2E;AAC3E,SAAS,eAAe,CAAC,OAAe;IACtC,IAAI,CAAC,GAAG,EAAE,CAAC;IACX,IAAI,CAAC,GAAG,CAAC,CAAC;IACV,OAAO,CAAC,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;QAC1B,MAAM,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;QACrB,IAAI,CAAC,KAAK,GAAG,EAAE,CAAC;YACd,8CAA8C;YAC9C,IAAI,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,GAAG,EAAE,CAAC;gBAC3B,IAAI,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,GAAG,EAAE,CAAC;oBAC3B,CAAC,IAAI,YAAY,CAAC;oBAClB,CAAC,IAAI,CAAC,CAAC;gBACT,CAAC;qBAAM,CAAC;oBACN,CAAC,IAAI,IAAI,CAAC;oBACV,CAAC,IAAI,CAAC,CAAC;gBACT,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,CAAC,IAAI,OAAO,CAAC;gBACb,CAAC,IAAI,CAAC,CAAC;YACT,CAAC;QACH,CAAC;aAAM,IAAI,CAAC,KAAK,GAAG,EAAE,CAAC;YACrB,CAAC,IAAI,MAAM,CAAC;YACZ,CAAC,IAAI,CAAC,CAAC;QACT,CAAC;aAAM,IAAI,CAAC,KAAK,GAAG,EAAE,CAAC;YACrB,oEAAoE;YACpE,qEAAqE;YACrE,MAAM,GAAG,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;YACxC,IAAI,GAAG,KAAK,CAAC,CAAC,EAAE,CAAC;gBACf,CAAC,IAAI,KAAK,CAAC;gBACX,CAAC,IAAI,CAAC,CAAC;YACT,CAAC;iBAAM,CAAC;gBACN,IAAI,GAAG,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC;gBACpC,IAAI,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC;oBAAE,GAAG,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,iBAAiB;gBACpE,CAAC,IAAI,IAAI,GAAG,GAAG,CAAC;gBAChB,CAAC,GAAG,GAAG,GAAG,CAAC,CAAC;YACd,CAAC;QACH,CAAC;aAAM,IAAI,CAAC,KAAK,GAAG,EAAE,CAAC;YACrB,kEAAkE;YAClE,oEAAoE;YACpE,gCAAgC;YAChC,MAAM,KAAK,GAAG,kBAAkB,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;YAC7C,IAAI,KAAK,KAAK,CAAC,CAAC,EAAE,CAAC;gBACjB,CAAC,IAAI,KAAK,CAAC;gBACX,CAAC,IAAI,CAAC,CAAC;YACT,CAAC;iBAAM,CAAC;gBACN,MAAM,IAAI,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC;gBACzC,MAAM,KAAK,GAAG,aAAa,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;gBACvC,iEAAiE;gBACjE,oDAAoD;gBACpD,MAAM,IAAI,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,CAAC;gBAClD,CAAC,IAAI,MAAM,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC;gBAC7B,CAAC,GAAG,KAAK,GAAG,CAAC,CAAC;YAChB,CAAC;QACH,CAAC;aAAM,IAAI,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC;YAClC,CAAC,IAAI,KAAK,CAAC,EAAE,CAAC;YACd,CAAC,IAAI,CAAC,CAAC;QACT,CAAC;aAAM,CAAC;YACN,CAAC,IAAI,CAAC,CAAC;YACP,CAAC,IAAI,CAAC,CAAC;QACT,CAAC;IACH,CAAC;IACD,OAAO,CAAC,CAAC;AACX,CAAC;AAED;;;GAGG;AACH,SAAS,kBAAkB,CAAC,OAAe,EAAE,OAAe;IAC1D,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,KAAK,IAAI,CAAC,GAAG,OAAO,GAAG,CAAC,EAAE,CAAC,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAClD,MAAM,EAAE,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;QACtB,IAAI,EAAE,KAAK,GAAG;YAAE,KAAK,EAAE,CAAC;aACnB,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;YACpB,KAAK,EAAE,CAAC;YACR,IAAI,KAAK,KAAK,CAAC;gBAAE,OAAO,CAAC,CAAC;QAC5B,CAAC;IACH,CAAC;IACD,OAAO,CAAC,CAAC,CAAC;AACZ,CAAC;AAED;;;;GAIG;AACH,SAAS,aAAa,CAAC,IAAY,EAAE,GAAW;IAC9C,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACrC,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;QACnB,IAAI,EAAE,KAAK,GAAG;YAAE,KAAK,EAAE,CAAC;aACnB,IAAI,EAAE,KAAK,GAAG;YAAE,KAAK,EAAE,CAAC;aACxB,IAAI,EAAE,KAAK,GAAG,IAAI,KAAK,KAAK,CAAC,EAAE,CAAC;YACnC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,CAAC;YACjC,KAAK,GAAG,CAAC,GAAG,CAAC,CAAC;QAChB,CAAC;IACH,CAAC;IACD,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC;IAC9B,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAM,UAAU,GAAG,WAAW,CAAC;AAE/B;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,MAAM,UAAU,oBAAoB,CAAC,CAAS;IAC5C,MAAM,IAAI,GAAG,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC1B,IAAI,MAAM,GAAG,CAAC,CAAC,CAAC;IAChB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACrC,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YACnD,MAAM,GAAG,CAAC,CAAC;YACX,MAAM;QACR,CAAC;IACH,CAAC;IACD,IAAI,MAAM,KAAK,CAAC,CAAC,EAAE,CAAC;QAClB,uEAAuE;QACvE,yEAAyE;QACzE,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,EAAE,CAAC;QAC3B,MAAM,IAAI,GAAG,KAAK,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC;QAC/B,MAAM,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC;QACpC,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;IACjC,CAAC;IACD,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACnD,OAAO;QACL,IAAI,EAAE,UAAU,IAAI,GAAG;QACvB,OAAO,EAAE,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC;KACtC,CAAC;AACJ,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"multi_edit.d.ts","sourceRoot":"","sources":["../../../src/tools/builtin/multi_edit.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"multi_edit.d.ts","sourceRoot":"","sources":["../../../src/tools/builtin/multi_edit.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AAC3D,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAqDpD,MAAM,WAAW,oBAAoB;IACnC;;;;OAIG;IACH,OAAO,CAAC,EAAE,gBAAgB,CAAC;CAC5B;AAED,wBAAgB,mBAAmB,CAAC,IAAI,GAAE,oBAAyB,GAAG,WAAW,CA0NhF;AAED,+EAA+E;AAC/E,eAAO,MAAM,aAAa,EAAE,WAAmC,CAAC;AA8BhE,eAAO,MAAM,gBAAgB,QAAiB,CAAC;AAC/C,eAAO,MAAM,WAAW,KAAY,CAAC"}
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
import { existsSync, readFileSync, statSync, writeFileSync } from "node:fs";
|
|
2
|
-
import { isAbsolute } from "node:path";
|
|
2
|
+
import { isAbsolute, normalize } from "node:path";
|
|
3
3
|
import { countOccurrences } from "../../tools/builtin/edit.js";
|
|
4
|
+
import { checkBlockedPath } from "../../tools/path-guard.js";
|
|
4
5
|
/**
|
|
5
6
|
* MultiEdit builtin — claude SDK `MultiEdit` tool parity for maestro.
|
|
6
7
|
*
|
|
@@ -92,7 +93,9 @@ export function createMultiEditTool(opts = {}) {
|
|
|
92
93
|
},
|
|
93
94
|
},
|
|
94
95
|
async execute(input) {
|
|
95
|
-
|
|
96
|
+
// normalize() collapses `..` segments before the isAbsolute guard so
|
|
97
|
+
// that path traversal (e.g. /safe/../etc/passwd) cannot bypass it.
|
|
98
|
+
const filePath = normalize(typeof input.file_path === "string" ? input.file_path : "");
|
|
96
99
|
if (!filePath) {
|
|
97
100
|
return JSON.stringify({ error: "MultiEdit: missing 'file_path' argument" });
|
|
98
101
|
}
|
|
@@ -101,6 +104,9 @@ export function createMultiEditTool(opts = {}) {
|
|
|
101
104
|
error: `MultiEdit: file_path must be absolute, got '${filePath}'`,
|
|
102
105
|
});
|
|
103
106
|
}
|
|
107
|
+
const blockErr = checkBlockedPath("MultiEdit", filePath);
|
|
108
|
+
if (blockErr)
|
|
109
|
+
return JSON.stringify({ error: blockErr });
|
|
104
110
|
// Read-before-Edit gate. Fires once for the whole batch.
|
|
105
111
|
if (tracker) {
|
|
106
112
|
const gateErr = tracker.checkBeforeMutate(filePath, "MultiEdit");
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"multi_edit.js","sourceRoot":"","sources":["../../../src/tools/builtin/multi_edit.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,YAAY,EAAc,QAAQ,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AACxF,OAAO,EAAE,UAAU,EAAE,MAAM,WAAW,CAAC;
|
|
1
|
+
{"version":3,"file":"multi_edit.js","sourceRoot":"","sources":["../../../src/tools/builtin/multi_edit.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,YAAY,EAAc,QAAQ,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AACxF,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,WAAW,CAAC;AAClD,OAAO,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAC;AACxD,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AAItD;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAuCG;AAEH,MAAM,cAAc,GAAG,EAAE,GAAG,IAAI,GAAG,IAAI,CAAC,CAAC,iCAAiC;AAC1E,MAAM,SAAS,GAAG,EAAE,CAAC,CAAC,2DAA2D;AACjF,MAAM,oBAAoB,GAAG,CAAC,CAAC;AAiB/B,MAAM,UAAU,mBAAmB,CAAC,OAA6B,EAAE;IACjE,MAAM,EAAE,OAAO,EAAE,GAAG,IAAI,CAAC;IACzB,OAAO;QACL,MAAM,EAAE;YACN,IAAI,EAAE,WAAW;YACjB,WAAW,EACT,qEAAqE;gBACrE,sEAAsE;gBACtE,mEAAmE;gBACnE,sEAAsE;gBACtE,kEAAkE;gBAClE,qEAAqE;YACvE,YAAY,EAAE;gBACZ,IAAI,EAAE,QAAQ;gBACd,UAAU,EAAE;oBACV,SAAS,EAAE;wBACT,IAAI,EAAE,QAAQ;wBACd,WAAW,EAAE,+DAA+D;qBAC7E;oBACD,KAAK,EAAE;wBACL,IAAI,EAAE,OAAO;wBACb,WAAW,EACT,iEAAiE;4BACjE,uEAAuE;4BACvE,4CAA4C;wBAC9C,KAAK,EAAE;4BACL,IAAI,EAAE,QAAQ;4BACd,UAAU,EAAE;gCACV,UAAU,EAAE;oCACV,IAAI,EAAE,QAAQ;oCACd,WAAW,EAAE,8DAA8D;iCAC5E;gCACD,UAAU,EAAE;oCACV,IAAI,EAAE,QAAQ;oCACd,WAAW,EAAE,gDAAgD;iCAC9D;gCACD,WAAW,EAAE;oCACX,IAAI,EAAE,SAAS;oCACf,WAAW,EACT,6DAA6D;wCAC7D,wCAAwC;iCAC3C;6BACF;4BACD,QAAQ,EAAE,CAAC,YAAY,EAAE,YAAY,CAAC;yBACvC;qBACF;iBACF;gBACD,QAAQ,EAAE,CAAC,WAAW,EAAE,OAAO,CAAC;aACjC;SACF;QACD,KAAK,CAAC,OAAO,CAAC,KAAK;YACjB,qEAAqE;YACrE,mEAAmE;YACnE,MAAM,QAAQ,GAAG,SAAS,CAAC,OAAO,KAAK,CAAC,SAAS,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;YACvF,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACd,OAAO,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,yCAAyC,EAAE,CAAC,CAAC;YAC9E,CAAC;YACD,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC1B,OAAO,IAAI,CAAC,SAAS,CAAC;oBACpB,KAAK,EAAE,+CAA+C,QAAQ,GAAG;iBAClE,CAAC,CAAC;YACL,CAAC;YACD,MAAM,QAAQ,GAAG,gBAAgB,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;YACzD,IAAI,QAAQ;gBAAE,OAAO,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC,CAAC;YACzD,yDAAyD;YACzD,IAAI,OAAO,EAAE,CAAC;gBACZ,MAAM,OAAO,GAAG,OAAO,CAAC,iBAAiB,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAC;gBACjE,IAAI,OAAO,EAAE,CAAC;oBACZ,OAAO,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,CAAC;gBAC5C,CAAC;YACH,CAAC;YAED,MAAM,QAAQ,GAAG,KAAK,CAAC,KAAK,CAAC;YAC7B,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACtD,OAAO,IAAI,CAAC,SAAS,CAAC;oBACpB,KAAK,EAAE,8CAA8C;iBACtD,CAAC,CAAC;YACL,CAAC;YACD,IAAI,QAAQ,CAAC,MAAM,GAAG,SAAS,EAAE,CAAC;gBAChC,OAAO,IAAI,CAAC,SAAS,CAAC;oBACpB,KAAK,EAAE,6BAA6B,QAAQ,CAAC,MAAM,mBAAmB,SAAS,8BAA8B;iBAC9G,CAAC,CAAC;YACL,CAAC;YACD,qEAAqE;YACrE,oEAAoE;YACpE,mEAAmE;YACnE,2DAA2D;YAC3D,MAAM,KAAK,GAAyB,EAAE,CAAC;YACvC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBACzC,MAAM,CAAC,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;gBACtB,IAAI,CAAC,KAAK,IAAI,IAAI,OAAO,CAAC,KAAK,QAAQ,IAAI,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC;oBAC5D,OAAO,IAAI,CAAC,SAAS,CAAC;wBACpB,KAAK,EAAE,mBAAmB,CAAC,qBAAqB;qBACjD,CAAC,CAAC;gBACL,CAAC;gBACD,MAAM,GAAG,GAAG,CAA4B,CAAC;gBACzC,IAAI,OAAO,GAAG,CAAC,UAAU,KAAK,QAAQ,EAAE,CAAC;oBACvC,OAAO,IAAI,CAAC,SAAS,CAAC;wBACpB,KAAK,EAAE,mBAAmB,CAAC,sCAAsC,OAAO,GAAG,CAAC,UAAU,EAAE;qBACzF,CAAC,CAAC;gBACL,CAAC;gBACD,IAAI,OAAO,GAAG,CAAC,UAAU,KAAK,QAAQ,EAAE,CAAC;oBACvC,OAAO,IAAI,CAAC,SAAS,CAAC;wBACpB,KAAK,EAAE,mBAAmB,CAAC,sCAAsC,OAAO,GAAG,CAAC,UAAU,EAAE;qBACzF,CAAC,CAAC;gBACL,CAAC;gBACD,IAAI,GAAG,CAAC,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;oBAChC,OAAO,IAAI,CAAC,SAAS,CAAC;wBACpB,KAAK,EAAE,mBAAmB,CAAC,gCAAgC;qBAC5D,CAAC,CAAC;gBACL,CAAC;gBACD,IAAI,GAAG,CAAC,UAAU,KAAK,GAAG,CAAC,UAAU,EAAE,CAAC;oBACtC,OAAO,IAAI,CAAC,SAAS,CAAC;wBACpB,KAAK,EAAE,mBAAmB,CAAC,0CAA0C;qBACtE,CAAC,CAAC;gBACL,CAAC;gBACD,KAAK,CAAC,IAAI,CAAC;oBACT,UAAU,EAAE,GAAG,CAAC,UAAU;oBAC1B,UAAU,EAAE,GAAG,CAAC,UAAU;oBAC1B,WAAW,EAAE,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC;iBACtC,CAAC,CAAC;YACL,CAAC;YAED,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC1B,OAAO,IAAI,CAAC,SAAS,CAAC;oBACpB,KAAK,EAAE,mCAAmC,QAAQ,kCAAkC;iBACrF,CAAC,CAAC;YACL,CAAC;YACD,IAAI,IAAW,CAAC;YAChB,IAAI,CAAC;gBACH,IAAI,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC;YAC5B,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,OAAO,IAAI,CAAC,SAAS,CAAC;oBACpB,KAAK,EAAE,2BAA2B,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE;iBAC/E,CAAC,CAAC;YACL,CAAC;YACD,IAAI,IAAI,CAAC,WAAW,EAAE,EAAE,CAAC;gBACvB,OAAO,IAAI,CAAC,SAAS,CAAC;oBACpB,KAAK,EAAE,eAAe,QAAQ,+BAA+B;iBAC9D,CAAC,CAAC;YACL,CAAC;YACD,IAAI,IAAI,CAAC,IAAI,GAAG,cAAc,EAAE,CAAC;gBAC/B,OAAO,IAAI,CAAC,SAAS,CAAC;oBACpB,KAAK,EAAE,wBAAwB,IAAI,CAAC,IAAI,sDAAsD;iBAC/F,CAAC,CAAC;YACL,CAAC;YAED,IAAI,GAAW,CAAC;YAChB,IAAI,CAAC;gBACH,GAAG,GAAG,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;YACxC,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,OAAO,IAAI,CAAC,SAAS,CAAC;oBACpB,KAAK,EAAE,2BAA2B,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE;iBAC/E,CAAC,CAAC;YACL,CAAC;YAED,sEAAsE;YACtE,uEAAuE;YACvE,qEAAqE;YACrE,kDAAkD;YAClD,IAAI,MAAM,GAAG,GAAG,CAAC;YACjB,IAAI,iBAAiB,GAAG,CAAC,CAAC;YAC1B,IAAI,kBAAkB,GAAkB,IAAI,CAAC;YAC7C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBACtC,MAAM,EAAE,UAAU,EAAE,UAAU,EAAE,WAAW,EAAE,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;gBACzD,MAAM,WAAW,GAAG,gBAAgB,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;gBACzD,IAAI,WAAW,KAAK,CAAC,EAAE,CAAC;oBACtB,OAAO,IAAI,CAAC,SAAS,CAAC;wBACpB,KAAK,EACH,mBAAmB,CAAC,2CAA2C;4BAC/D,gEAAgE;wBAClE,QAAQ,EAAE,CAAC;qBACZ,CAAC,CAAC;gBACL,CAAC;gBACD,IAAI,CAAC,WAAW,IAAI,WAAW,GAAG,CAAC,EAAE,CAAC;oBACpC,OAAO,IAAI,CAAC,SAAS,CAAC;wBACpB,KAAK,EACH,mBAAmB,CAAC,wBAAwB,WAAW,UAAU;4BACjE,0EAA0E;wBAC5E,QAAQ,EAAE,CAAC;wBACX,WAAW;qBACZ,CAAC,CAAC;gBACL,CAAC;gBACD,IAAI,WAAW,EAAE,CAAC;oBAChB,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;oBACnD,iBAAiB,IAAI,WAAW,CAAC;gBACnC,CAAC;qBAAM,CAAC;oBACN,MAAM,GAAG,GAAG,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;oBACvC,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,UAAU,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC;oBACnF,iBAAiB,IAAI,CAAC,CAAC;gBACzB,CAAC;gBACD,IAAI,kBAAkB,KAAK,IAAI,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACzD,kBAAkB,GAAG,UAAU,CAAC;gBAClC,CAAC;YACH,CAAC;YAED,IAAI,CAAC;gBACH,aAAa,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC;YAC3C,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,OAAO,IAAI,CAAC,SAAS,CAAC;oBACpB,KAAK,EAAE,4BAA4B,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE;iBAChF,CAAC,CAAC;YACL,CAAC;YAED,OAAO,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;YAE1B,MAAM,OAAO,GAAG,kBAAkB;gBAChC,CAAC,CAAC,YAAY,CAAC,MAAM,EAAE,kBAAkB,CAAC;gBAC1C,CAAC,CAAC,8BAA8B,CAAC;YACnC,MAAM,SAAS,GAAG,KAAK,CAAC,MAAM,CAAC;YAC/B,OAAO;gBACL,gBAAgB,QAAQ,KAAK,SAAS,QAAQ,SAAS,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,IAAI;oBAC1E,GAAG,iBAAiB,qBAAqB,iBAAiB,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,GAAG;gBAChF,EAAE;gBACF,OAAO;aACR,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACf,CAAC;KACF,CAAC;AACJ,CAAC;AAED,+EAA+E;AAC/E,MAAM,CAAC,MAAM,aAAa,GAAgB,mBAAmB,EAAE,CAAC;AAEhE;;;;GAIG;AACH,SAAS,YAAY,CAAC,MAAc,EAAE,MAAc;IAClD,MAAM,GAAG,GAAG,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;IACnC,IAAI,GAAG,GAAG,CAAC;QAAE,OAAO,EAAE,CAAC;IACvB,MAAM,QAAQ,GAAG,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IACpC,IAAI,GAAG,GAAG,CAAC,CAAC;IACZ,IAAI,WAAW,GAAG,CAAC,CAAC;IACpB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACzC,MAAM,IAAI,GAAG,GAAG,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,wBAAwB;QACnE,IAAI,IAAI,GAAG,GAAG,EAAE,CAAC;YACf,WAAW,GAAG,CAAC,CAAC;YAChB,MAAM;QACR,CAAC;QACD,GAAG,GAAG,IAAI,CAAC;IACb,CAAC;IACD,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,WAAW,GAAG,oBAAoB,CAAC,CAAC;IAC9D,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM,EAAE,WAAW,GAAG,oBAAoB,GAAG,CAAC,CAAC,CAAC;IAC9E,OAAO,QAAQ;SACZ,KAAK,CAAC,KAAK,EAAE,GAAG,CAAC;SACjB,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,MAAM,CAAC,KAAK,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,KAAK,IAAI,EAAE,CAAC;SACtE,IAAI,CAAC,IAAI,CAAC,CAAC;AAChB,CAAC;AAED,8BAA8B;AAC9B,MAAM,CAAC,MAAM,gBAAgB,GAAG,cAAc,CAAC;AAC/C,MAAM,CAAC,MAAM,WAAW,GAAG,SAAS,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"write.d.ts","sourceRoot":"","sources":["../../../src/tools/builtin/write.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"write.d.ts","sourceRoot":"","sources":["../../../src/tools/builtin/write.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AAC3D,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAEpD;;;;;;;;;;;;;GAaG;AAEH,MAAM,WAAW,gBAAgB;IAC/B;;;;;;OAMG;IACH,OAAO,CAAC,EAAE,gBAAgB,CAAC;CAC5B;AAED,wBAAgB,eAAe,CAAC,IAAI,GAAE,gBAAqB,GAAG,WAAW,CAsExE;AAED,mDAAmD;AACnD,eAAO,MAAM,SAAS,EAAE,WAA+B,CAAC"}
|
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
import { mkdirSync, writeFileSync } from "node:fs";
|
|
2
|
-
import { dirname, isAbsolute } from "node:path";
|
|
2
|
+
import { dirname, isAbsolute, normalize } from "node:path";
|
|
3
|
+
import { checkBlockedPath } from "../../tools/path-guard.js";
|
|
3
4
|
export function createWriteTool(opts = {}) {
|
|
4
5
|
const { tracker } = opts;
|
|
5
6
|
return {
|
|
@@ -24,7 +25,9 @@ export function createWriteTool(opts = {}) {
|
|
|
24
25
|
},
|
|
25
26
|
},
|
|
26
27
|
async execute(input) {
|
|
27
|
-
|
|
28
|
+
// normalize() collapses `..` segments before the isAbsolute + blocklist
|
|
29
|
+
// guards so that path traversal cannot bypass either check.
|
|
30
|
+
const filePath = normalize(typeof input.file_path === "string" ? input.file_path : "");
|
|
28
31
|
if (!filePath) {
|
|
29
32
|
return JSON.stringify({ error: "Write: missing 'file_path' argument" });
|
|
30
33
|
}
|
|
@@ -33,6 +36,9 @@ export function createWriteTool(opts = {}) {
|
|
|
33
36
|
error: `Write: file_path must be absolute, got '${filePath}'`,
|
|
34
37
|
});
|
|
35
38
|
}
|
|
39
|
+
const blockErr = checkBlockedPath("Write", filePath);
|
|
40
|
+
if (blockErr)
|
|
41
|
+
return JSON.stringify({ error: blockErr });
|
|
36
42
|
// gate: Read-before-Write — when the file already exists the model
|
|
37
43
|
// must have read it first (line-numbered view) to avoid blind overwrites.
|
|
38
44
|
if (tracker) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"write.js","sourceRoot":"","sources":["../../../src/tools/builtin/write.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AACnD,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,WAAW,CAAC;
|
|
1
|
+
{"version":3,"file":"write.js","sourceRoot":"","sources":["../../../src/tools/builtin/write.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AACnD,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,WAAW,CAAC;AAC3D,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AA8BtD,MAAM,UAAU,eAAe,CAAC,OAAyB,EAAE;IACzD,MAAM,EAAE,OAAO,EAAE,GAAG,IAAI,CAAC;IACzB,OAAO;QACL,MAAM,EAAE;YACN,IAAI,EAAE,OAAO;YACb,WAAW,EACT,sEAAsE;gBACtE,uEAAuE;gBACvE,qEAAqE;YACvE,YAAY,EAAE;gBACZ,IAAI,EAAE,QAAQ;gBACd,UAAU,EAAE;oBACV,SAAS,EAAE;wBACT,IAAI,EAAE,QAAQ;wBACd,WAAW,EAAE,+DAA+D;qBAC7E;oBACD,OAAO,EAAE;wBACP,IAAI,EAAE,QAAQ;wBACd,WAAW,EAAE,kDAAkD;qBAChE;iBACF;gBACD,QAAQ,EAAE,CAAC,WAAW,EAAE,SAAS,CAAC;aACnC;SACF;QACD,KAAK,CAAC,OAAO,CAAC,KAAK;YACjB,wEAAwE;YACxE,4DAA4D;YAC5D,MAAM,QAAQ,GAAG,SAAS,CAAC,OAAO,KAAK,CAAC,SAAS,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;YACvF,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACd,OAAO,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,qCAAqC,EAAE,CAAC,CAAC;YAC1E,CAAC;YACD,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC1B,OAAO,IAAI,CAAC,SAAS,CAAC;oBACpB,KAAK,EAAE,2CAA2C,QAAQ,GAAG;iBAC9D,CAAC,CAAC;YACL,CAAC;YACD,MAAM,QAAQ,GAAG,gBAAgB,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;YACrD,IAAI,QAAQ;gBAAE,OAAO,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC,CAAC;YACzD,mEAAmE;YACnE,0EAA0E;YAC1E,IAAI,OAAO,EAAE,CAAC;gBACZ,MAAM,OAAO,GAAG,OAAO,CAAC,iBAAiB,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;gBAC7D,IAAI,OAAO;oBAAE,OAAO,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,CAAC;YACzD,CAAC;YACD,uEAAuE;YACvE,kEAAkE;YAClE,IAAI,OAAO,KAAK,CAAC,OAAO,KAAK,QAAQ,EAAE,CAAC;gBACtC,OAAO,IAAI,CAAC,SAAS,CAAC;oBACpB,KAAK,EAAE,0CAA0C,OAAO,KAAK,CAAC,OAAO,EAAE;iBACxE,CAAC,CAAC;YACL,CAAC;YACD,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC;YAE9B,IAAI,CAAC;gBACH,SAAS,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;gBAClD,aAAa,CAAC,QAAQ,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;YAC5C,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,OAAO,IAAI,CAAC,SAAS,CAAC;oBACpB,KAAK,EAAE,kBAAkB,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE;iBACtE,CAAC,CAAC;YACL,CAAC;YAED,qEAAqE;YACrE,uDAAuD;YACvD,OAAO,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;YAE1B,MAAM,KAAK,GAAG,MAAM,CAAC,UAAU,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;YAClD,OAAO,iBAAiB,QAAQ,KAAK,KAAK,SAAS,CAAC;QACtD,CAAC;KACF,CAAC;AACJ,CAAC;AAED,mDAAmD;AACnD,MAAM,CAAC,MAAM,SAAS,GAAgB,eAAe,EAAE,CAAC"}
|
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Path-guard utilities shared across file-mutation tools (Write, Edit, MultiEdit).
|
|
3
|
+
*
|
|
4
|
+
* Centralises two concerns:
|
|
5
|
+
* 1. `checkBlockedPath` — rejects writes to sensitive files (.env, .ssh, etc.)
|
|
6
|
+
* that should never be silently overwritten by an agent, regardless of what
|
|
7
|
+
* the model requests.
|
|
8
|
+
*
|
|
9
|
+
* These are *last-resort* guards. The primary access control layer is the
|
|
10
|
+
* Read-before-Edit invariant enforced by FileStateTracker. The guards here
|
|
11
|
+
* are a belt-and-suspenders measure that survives even if the tracker is
|
|
12
|
+
* not wired (e.g. direct tool invocation in tests).
|
|
13
|
+
*/
|
|
14
|
+
/**
|
|
15
|
+
* Returns an error string if `normalizedAbsPath` matches a blocked pattern,
|
|
16
|
+
* `null` otherwise. The returned string is ready to be wrapped in
|
|
17
|
+
* `JSON.stringify({ error: ... })` by the caller.
|
|
18
|
+
*
|
|
19
|
+
* @param toolName Display name used in the error message ("Write", "Edit", …).
|
|
20
|
+
* @param normalizedAbsPath An already-`normalize()`d absolute path.
|
|
21
|
+
*/
|
|
22
|
+
export declare function checkBlockedPath(toolName: string, normalizedAbsPath: string): string | null;
|
|
23
|
+
//# sourceMappingURL=path-guard.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"path-guard.d.ts","sourceRoot":"","sources":["../../src/tools/path-guard.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAuBH;;;;;;;GAOG;AACH,wBAAgB,gBAAgB,CAAC,QAAQ,EAAE,MAAM,EAAE,iBAAiB,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAW3F"}
|