orquesta-cli 0.2.106 → 0.2.107
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/utils/platform-utils.js +20 -1
- package/package.json +1 -1
|
@@ -51,16 +51,33 @@ export const BASH_DANGEROUS_PATTERNS = [
|
|
|
51
51
|
/\brm\s+-rf\s+[\/~]/i,
|
|
52
52
|
/\brm\s+-rf\s+\*/i,
|
|
53
53
|
/\bdd\s+if=/i,
|
|
54
|
+
/\bdd\b[^\n]*\bof=\/dev\/sd/i,
|
|
54
55
|
/\bmkfs\b/i,
|
|
55
56
|
/\b:(){ :|:& };:/,
|
|
56
|
-
/\bchmod\s
|
|
57
|
+
/\bchmod\s+(-R\s+)?777\s+[\/~]/i,
|
|
57
58
|
/\bsudo\s+rm/i,
|
|
58
59
|
/>\s*\/dev\/sd[a-z]/i,
|
|
60
|
+
/\b(curl|wget)\b[^|]*\|\s*(sudo\s+)?(ba|z)?sh\b/i,
|
|
61
|
+
/\bgit\s+push\b[^\n]*(?:^|\s)(?:--force|-f)\b[^\n]*\b(?:main|master|prod)\b/i,
|
|
62
|
+
/\bgit\s+push\b[^\n]*\b(?:main|master|prod)\b[^\n]*(?:^|\s)(?:--force|-f)\b/i,
|
|
59
63
|
/\bshutdown\b/i,
|
|
60
64
|
/\breboot\b/i,
|
|
61
65
|
/\bhalt\b/i,
|
|
62
66
|
/\bpoweroff\b/i,
|
|
63
67
|
];
|
|
68
|
+
const CATASTROPHIC_RM_TARGET = /^(\/|~\/?|\*|\.\/?|\.\.\/?|\/\*|~\/\*)$/;
|
|
69
|
+
function isCatastrophicRm(command) {
|
|
70
|
+
const m = command.match(/\brm\b((?:\s+-{1,2}[A-Za-z-]+)*)\s+(\S+)/i);
|
|
71
|
+
if (!m)
|
|
72
|
+
return false;
|
|
73
|
+
const flags = (m[1] ?? '').toLowerCase();
|
|
74
|
+
const target = m[2] ?? '';
|
|
75
|
+
const hasRecursive = /-{1,2}\w*r/.test(flags) || flags.includes('recursive');
|
|
76
|
+
const hasForce = /-{1,2}\w*f/.test(flags) || flags.includes('force');
|
|
77
|
+
if (!hasRecursive || !hasForce)
|
|
78
|
+
return false;
|
|
79
|
+
return CATASTROPHIC_RM_TARGET.test(target);
|
|
80
|
+
}
|
|
64
81
|
export const POWERSHELL_DANGEROUS_PATTERNS = [
|
|
65
82
|
/Remove-Item\s+.*-Recurse\s+.*-Force\s+[A-Z]:\\/i,
|
|
66
83
|
/ri\s+.*-r\s+.*-fo\s+[A-Z]:\\/i,
|
|
@@ -79,6 +96,8 @@ export const POWERSHELL_DANGEROUS_PATTERNS = [
|
|
|
79
96
|
/for\s*\(\s*;\s*;\s*\)\s*\{.*Start-Process/i,
|
|
80
97
|
];
|
|
81
98
|
export function isDangerousBashCommand(command) {
|
|
99
|
+
if (isCatastrophicRm(command))
|
|
100
|
+
return true;
|
|
82
101
|
return BASH_DANGEROUS_PATTERNS.some(pattern => pattern.test(command));
|
|
83
102
|
}
|
|
84
103
|
export function isDangerousPowerShellCommand(command) {
|