rulesync 8.15.0 → 8.15.1

package/dist/{chunk-UMJWBQ2X.js → chunk-3DM6NLND.js}

@@ -473,7 +473,8 @@ function validateOutputRoot(outputRoot) {
     throw new Error("outputRoot cannot be an empty string");
   }
   if (isAbsolute(outputRoot)) {
-    const segments = outputRoot.split(/[/\\]/);
+    const separatorRegex = process.platform === "win32" ? /[/\\]/ : /\//;
+    const segments = outputRoot.split(separatorRegex);
     if (segments.includes("..")) {
       throw new Error(`Path traversal detected: ${outputRoot}`);
     }
@@ -10092,6 +10093,7 @@ var ToolPermissions = class extends ToolFile {
 };
 
 // src/features/permissions/augmentcode-permissions.ts
+var moduleLogger = new ConsoleLogger();
 var AugmentPermissionTypeSchema = z30.enum(["allow", "deny", "ask-user"]);
 var AugmentToolPermissionSchema = z30.looseObject({
   toolName: z30.string(),
@@ -10183,6 +10185,33 @@ function shellRegexToGlob(regex) {
   }
   return glob;
 }
+function isShellRegexRoundtrippable(regex) {
+  if (!regex.startsWith("^") || !regex.endsWith("$")) {
+    return false;
+  }
+  const body = regex.slice(1, -1);
+  let i = 0;
+  while (i < body.length) {
+    const ch = body[i];
+    if (ch === "\\" && i + 1 < body.length) {
+      i += 2;
+      continue;
+    }
+    if (ch === "." && body[i + 1] === "*") {
+      i += 2;
+      continue;
+    }
+    if (ch === ".") {
+      i += 1;
+      continue;
+    }
+    if (/[$^|+?*(){}[\]]/.test(ch ?? "")) {
+      return false;
+    }
+    i += 1;
+  }
+  return true;
+}
 var MANAGED_AUGMENT_TOOL_NAMES = new Set(Object.values(CANONICAL_TO_AUGMENT_TOOL_NAMES));
 var AugmentcodePermissions = class _AugmentcodePermissions extends ToolPermissions {
   constructor(params) {
@@ -10190,6 +10219,12 @@ var AugmentcodePermissions = class _AugmentcodePermissions extends ToolPermissio
       ...params,
       fileContent: params.fileContent ?? "{}"
     });
+    if (params.validate) {
+      const result = this.validate();
+      if (!result.success) {
+        throw result.error;
+      }
+    }
   }
   isDeletable() {
     return false;
@@ -10283,14 +10318,27 @@ var AugmentcodePermissions = class _AugmentcodePermissions extends ToolPermissio
       );
     }
     const config = convertAugmentToRulesyncPermissions({
-      entries: settings.toolPermissions ?? []
+      entries: settings.toolPermissions ?? [],
+      logger: moduleLogger
     });
     return this.toRulesyncPermissionsDefault({
       fileContent: JSON.stringify(config, null, 2)
     });
   }
   validate() {
-    return { success: true, error: null };
+    try {
+      const parsed = JSON.parse(this.fileContent || "{}");
+      const result = AugmentSettingsSchema.safeParse(parsed);
+      if (!result.success) {
+        return { success: false, error: result.error };
+      }
+      return { success: true, error: null };
+    } catch (error) {
+      return {
+        success: false,
+        error: new Error(`Failed to parse AugmentCode permissions JSON: ${formatError(error)}`)
+      };
+    }
   }
   static forDeletion({
     outputRoot = process.cwd(),
@@ -10388,7 +10436,8 @@ function sortAugmentEntries(entries) {
   return decorated.map((d) => d.entry);
 }
 function convertAugmentToRulesyncPermissions({
-  entries
+  entries,
+  logger
 }) {
   const actionPriority = {
     deny: 2,
@@ -10399,7 +10448,27 @@ function convertAugmentToRulesyncPermissions({
   for (const entry of entries) {
     const canonical = toCanonicalToolName(entry.toolName);
     const action = augmentTypeToAction(entry.permission.type);
-    const pattern = entry.toolName === "launch-process" && entry.shellInputRegex ? shellRegexToGlob(entry.shellInputRegex) : "*";
+    let pattern;
+    if (entry.toolName === "launch-process" && entry.shellInputRegex) {
+      const regex = entry.shellInputRegex;
+      if (isShellRegexRoundtrippable(regex)) {
+        pattern = shellRegexToGlob(regex);
+      } else {
+        if (action === "deny") {
+          logger?.warn(
+            `AugmentCode permissions: shellInputRegex '${regex}' on tool '${entry.toolName}' is not faithfully roundtrippable to a glob. Importing as the catch-all '*' pattern (fail-closed) so the deny rule cannot be silently narrowed on regenerate.`
+          );
+          pattern = "*";
+        } else {
+          pattern = shellRegexToGlob(regex);
+          logger?.warn(
+            `AugmentCode permissions: shellInputRegex '${regex}' on tool '${entry.toolName}' is not faithfully roundtrippable to a glob. Importing as glob '${pattern}'; the rule may match a different set of inputs after regenerate.`
+          );
+        }
+      }
+    } else {
+      pattern = "*";
+    }
     if (!permission[canonical]) {
       permission[canonical] = {};
     }
@@ -10654,6 +10723,12 @@ var ClinePermissions = class _ClinePermissions extends ToolPermissions {
       ...params,
       fileContent: params.fileContent ?? "{}"
     });
+    if (params.validate) {
+      const result = this.validate();
+      if (!result.success) {
+        throw result.error;
+      }
+    }
   }
   isDeletable() {
     return false;
@@ -10792,7 +10867,19 @@ var ClinePermissions = class _ClinePermissions extends ToolPermissions {
     });
   }
   validate() {
-    return { success: true, error: null };
+    try {
+      const parsed = JSON.parse(this.fileContent || "{}");
+      const result = ClineCommandPermissionsSchema.safeParse(parsed);
+      if (!result.success) {
+        return { success: false, error: result.error };
+      }
+      return { success: true, error: null };
+    } catch (error) {
+      return {
+        success: false,
+        error: new Error(`Failed to parse Cline permissions JSON: ${formatError(error)}`)
+      };
+    }
   }
   static forDeletion({
     outputRoot = process.cwd(),
@@ -11385,7 +11472,7 @@ var RESERVED_OBJECT_KEYS = /* @__PURE__ */ new Set([
   "constructor",
   "prototype"
 ]);
-var moduleLogger = new ConsoleLogger();
+var moduleLogger2 = new ConsoleLogger();
 var GeminicliPermissions = class _GeminicliPermissions extends ToolPermissions {
   static getSettablePaths(_options = {}) {
     return {
@@ -11414,7 +11501,7 @@ var GeminicliPermissions = class _GeminicliPermissions extends ToolPermissions {
     rulesyncPermissions,
     validate = true,
     global = false,
-    logger = moduleLogger
+    logger = moduleLogger2
   }) {
     const paths = this.getSettablePaths({ global });
     const fileContent = buildGeminicliPolicyContent(rulesyncPermissions.getJson(), logger);
@@ -11439,31 +11526,31 @@ var GeminicliPermissions = class _GeminicliPermissions extends ToolPermissions {
           { cause: error }
         );
       }
-      const rules = extractRules(parsed, moduleLogger);
+      const rules = extractRules(parsed, moduleLogger2);
       for (const [index, rule] of rules.entries()) {
         const mappedCategory = Object.hasOwn(GEMINICLI_TO_RULESYNC_TOOL_NAME, rule.toolName) ? GEMINICLI_TO_RULESYNC_TOOL_NAME[rule.toolName] : void 0;
         const category = mappedCategory ?? rule.toolName;
         if (RESERVED_OBJECT_KEYS.has(category)) {
-          moduleLogger.warn(
+          moduleLogger2.warn(
             `Skipping rule #${index} in ${this.getRelativeFilePath()}: toolName "${rule.toolName}" maps to a reserved object key ("${category}") and would risk prototype pollution.`
           );
           continue;
         }
         const action = mapFromGeminicliDecision(rule.decision);
         if (!action) {
-          moduleLogger.warn(
+          moduleLogger2.warn(
             `Skipping rule #${index} (toolName="${rule.toolName}", commandPrefix=${JSON.stringify(rule.commandPrefix)}, argsPattern=${JSON.stringify(rule.argsPattern)}) in ${this.getRelativeFilePath()}: unknown decision ${JSON.stringify(rule.decision)}`
           );
           continue;
         }
         if (rule.toolName === "run_shell_command" && rule.commandPrefix !== void 0 && rule.argsPattern !== void 0) {
-          moduleLogger.warn(
+          moduleLogger2.warn(
             `Rule #${index} in ${this.getRelativeFilePath()} sets both commandPrefix and argsPattern; rulesync will honor argsPattern and ignore commandPrefix=${JSON.stringify(rule.commandPrefix)}.`
           );
         }
         const pattern = extractPattern(rule);
         if (RESERVED_OBJECT_KEYS.has(pattern)) {
-          moduleLogger.warn(
+          moduleLogger2.warn(
             `Skipping rule #${index} in ${this.getRelativeFilePath()}: pattern "${pattern}" is a reserved object key.`
           );
           continue;
@@ -12232,7 +12319,7 @@ var QwenSettingsPermissionsSchema = z36.looseObject({
 var QwenSettingsSchema = z36.looseObject({
   permissions: z36.optional(QwenSettingsPermissionsSchema)
 });
-var moduleLogger2 = new ConsoleLogger();
+var moduleLogger3 = new ConsoleLogger();
 var CANONICAL_TO_QWEN_TOOL_NAMES = {
   bash: "Bash",
   read: "Read",
@@ -12287,6 +12374,12 @@ var QwencodePermissions = class _QwencodePermissions extends ToolPermissions {
       ...params,
       fileContent: params.fileContent ?? "{}"
     });
+    if (params.validate) {
+      const result = this.validate();
+      if (!result.success) {
+        throw result.error;
+      }
+    }
   }
   isDeletable() {
     return false;
@@ -12408,7 +12501,19 @@ var QwencodePermissions = class _QwencodePermissions extends ToolPermissions {
     });
   }
   validate() {
-    return { success: true, error: null };
+    try {
+      const parsed = JSON.parse(this.fileContent || "{}");
+      const result = QwenSettingsSchema.safeParse(parsed);
+      if (!result.success) {
+        return { success: false, error: result.error };
+      }
+      return { success: true, error: null };
+    } catch (error) {
+      return {
+        success: false,
+        error: new Error(`Failed to parse Qwen permissions JSON: ${formatError(error)}`)
+      };
+    }
   }
   static forDeletion({
     outputRoot = process.cwd(),
@@ -12449,7 +12554,7 @@ function convertRulesyncToQwenPermissions(config) {
 }
 function convertQwenToRulesyncPermissions(params) {
   const permission = {};
-  const logger = params.logger ?? moduleLogger2;
+  const logger = params.logger ?? moduleLogger3;
   const processEntries = (entries, action) => {
     for (const entry of entries) {
       const parsed = parseQwenPermissionEntry(entry, { logger });
@@ -21030,6 +21135,8 @@ var CopilotRuleFrontmatterSchema = z77.object({
   applyTo: z77.optional(z77.string()),
   excludeAgent: z77.optional(z77.union([z77.literal("code-review"), z77.literal("coding-agent")]))
 });
+var normalizeRelativePath = (path4) => path4.replace(/\\/g, "/").replace(/\/+/g, "/");
+var sameRelativePath = (leftDir, leftFile, rightDir, rightFile) => normalizeRelativePath(join133(leftDir, leftFile)) === normalizeRelativePath(join133(rightDir, rightFile));
 var CopilotRule = class _CopilotRule extends ToolRule {
   frontmatter;
   body;
@@ -21147,7 +21254,12 @@ var CopilotRule = class _CopilotRule extends ToolRule {
     global = false
   }) {
     const paths = this.getSettablePaths({ global });
-    const isRoot = relativeDirPath ? join133(relativeDirPath, relativeFilePath) === join133(paths.root.relativeDirPath, paths.root.relativeFilePath) : relativeFilePath === paths.root.relativeFilePath;
+    const isRoot = relativeDirPath ? sameRelativePath(
+      relativeDirPath,
+      relativeFilePath,
+      paths.root.relativeDirPath,
+      paths.root.relativeFilePath
+    ) : relativeFilePath === paths.root.relativeFilePath;
     const resolvedRelativeDirPath = relativeDirPath ?? (isRoot ? paths.root.relativeDirPath : paths.nonRoot?.relativeDirPath ?? paths.root.relativeDirPath);
     if (isRoot) {
       const relativePath2 = join133(paths.root.relativeDirPath, paths.root.relativeFilePath);
@@ -21191,7 +21303,12 @@ var CopilotRule = class _CopilotRule extends ToolRule {
     global = false
   }) {
     const paths = this.getSettablePaths({ global });
-    const isRoot = join133(relativeDirPath, relativeFilePath) === join133(paths.root.relativeDirPath, paths.root.relativeFilePath);
+    const isRoot = sameRelativePath(
+      relativeDirPath,
+      relativeFilePath,
+      paths.root.relativeDirPath,
+      paths.root.relativeFilePath
+    );
     return new _CopilotRule({
       outputRoot,
       relativeDirPath,

package/dist/cli/index.cjs

@@ -282,7 +282,8 @@ function validateOutputRoot(outputRoot) {
     throw new Error("outputRoot cannot be an empty string");
   }
   if ((0, import_node_path2.isAbsolute)(outputRoot)) {
-    const segments = outputRoot.split(/[/\\]/);
+    const separatorRegex = process.platform === "win32" ? /[/\\]/ : /\//;
+    const segments = outputRoot.split(separatorRegex);
     if (segments.includes("..")) {
       throw new Error(`Path traversal detected: ${outputRoot}`);
     }
@@ -10125,6 +10126,7 @@ var ToolPermissions = class extends ToolFile {
 };
 
 // src/features/permissions/augmentcode-permissions.ts
+var moduleLogger = new ConsoleLogger();
 var AugmentPermissionTypeSchema = import_mini30.z.enum(["allow", "deny", "ask-user"]);
 var AugmentToolPermissionSchema = import_mini30.z.looseObject({
   toolName: import_mini30.z.string(),
@@ -10216,6 +10218,33 @@ function shellRegexToGlob(regex) {
   }
   return glob;
 }
+function isShellRegexRoundtrippable(regex) {
+  if (!regex.startsWith("^") || !regex.endsWith("$")) {
+    return false;
+  }
+  const body = regex.slice(1, -1);
+  let i = 0;
+  while (i < body.length) {
+    const ch = body[i];
+    if (ch === "\\" && i + 1 < body.length) {
+      i += 2;
+      continue;
+    }
+    if (ch === "." && body[i + 1] === "*") {
+      i += 2;
+      continue;
+    }
+    if (ch === ".") {
+      i += 1;
+      continue;
+    }
+    if (/[$^|+?*(){}[\]]/.test(ch ?? "")) {
+      return false;
+    }
+    i += 1;
+  }
+  return true;
+}
 var MANAGED_AUGMENT_TOOL_NAMES = new Set(Object.values(CANONICAL_TO_AUGMENT_TOOL_NAMES));
 var AugmentcodePermissions = class _AugmentcodePermissions extends ToolPermissions {
   constructor(params) {
@@ -10223,6 +10252,12 @@ var AugmentcodePermissions = class _AugmentcodePermissions extends ToolPermissio
       ...params,
       fileContent: params.fileContent ?? "{}"
     });
+    if (params.validate) {
+      const result = this.validate();
+      if (!result.success) {
+        throw result.error;
+      }
+    }
   }
   isDeletable() {
     return false;
@@ -10316,14 +10351,27 @@ var AugmentcodePermissions = class _AugmentcodePermissions extends ToolPermissio
       );
     }
     const config = convertAugmentToRulesyncPermissions({
-      entries: settings.toolPermissions ?? []
+      entries: settings.toolPermissions ?? [],
+      logger: moduleLogger
     });
     return this.toRulesyncPermissionsDefault({
       fileContent: JSON.stringify(config, null, 2)
     });
   }
   validate() {
-    return { success: true, error: null };
+    try {
+      const parsed = JSON.parse(this.fileContent || "{}");
+      const result = AugmentSettingsSchema.safeParse(parsed);
+      if (!result.success) {
+        return { success: false, error: result.error };
+      }
+      return { success: true, error: null };
+    } catch (error) {
+      return {
+        success: false,
+        error: new Error(`Failed to parse AugmentCode permissions JSON: ${formatError(error)}`)
+      };
+    }
   }
   static forDeletion({
     outputRoot = process.cwd(),
@@ -10421,7 +10469,8 @@ function sortAugmentEntries(entries) {
   return decorated.map((d) => d.entry);
 }
 function convertAugmentToRulesyncPermissions({
-  entries
+  entries,
+  logger: logger5
 }) {
   const actionPriority = {
     deny: 2,
@@ -10432,7 +10481,27 @@ function convertAugmentToRulesyncPermissions({
   for (const entry of entries) {
     const canonical = toCanonicalToolName(entry.toolName);
     const action = augmentTypeToAction(entry.permission.type);
-    const pattern = entry.toolName === "launch-process" && entry.shellInputRegex ? shellRegexToGlob(entry.shellInputRegex) : "*";
+    let pattern;
+    if (entry.toolName === "launch-process" && entry.shellInputRegex) {
+      const regex = entry.shellInputRegex;
+      if (isShellRegexRoundtrippable(regex)) {
+        pattern = shellRegexToGlob(regex);
+      } else {
+        if (action === "deny") {
+          logger5?.warn(
+            `AugmentCode permissions: shellInputRegex '${regex}' on tool '${entry.toolName}' is not faithfully roundtrippable to a glob. Importing as the catch-all '*' pattern (fail-closed) so the deny rule cannot be silently narrowed on regenerate.`
+          );
+          pattern = "*";
+        } else {
+          pattern = shellRegexToGlob(regex);
+          logger5?.warn(
+            `AugmentCode permissions: shellInputRegex '${regex}' on tool '${entry.toolName}' is not faithfully roundtrippable to a glob. Importing as glob '${pattern}'; the rule may match a different set of inputs after regenerate.`
+          );
+        }
+      }
+    } else {
+      pattern = "*";
+    }
     if (!permission[canonical]) {
       permission[canonical] = {};
     }
@@ -10687,6 +10756,12 @@ var ClinePermissions = class _ClinePermissions extends ToolPermissions {
       ...params,
       fileContent: params.fileContent ?? "{}"
     });
+    if (params.validate) {
+      const result = this.validate();
+      if (!result.success) {
+        throw result.error;
+      }
+    }
   }
   isDeletable() {
     return false;
@@ -10825,7 +10900,19 @@ var ClinePermissions = class _ClinePermissions extends ToolPermissions {
     });
   }
   validate() {
-    return { success: true, error: null };
+    try {
+      const parsed = JSON.parse(this.fileContent || "{}");
+      const result = ClineCommandPermissionsSchema.safeParse(parsed);
+      if (!result.success) {
+        return { success: false, error: result.error };
+      }
+      return { success: true, error: null };
+    } catch (error) {
+      return {
+        success: false,
+        error: new Error(`Failed to parse Cline permissions JSON: ${formatError(error)}`)
+      };
+    }
   }
   static forDeletion({
     outputRoot = process.cwd(),
@@ -11418,7 +11505,7 @@ var RESERVED_OBJECT_KEYS = /* @__PURE__ */ new Set([
   "constructor",
   "prototype"
 ]);
-var moduleLogger = new ConsoleLogger();
+var moduleLogger2 = new ConsoleLogger();
 var GeminicliPermissions = class _GeminicliPermissions extends ToolPermissions {
   static getSettablePaths(_options = {}) {
     return {
@@ -11447,7 +11534,7 @@ var GeminicliPermissions = class _GeminicliPermissions extends ToolPermissions {
     rulesyncPermissions,
     validate = true,
     global = false,
-    logger: logger5 = moduleLogger
+    logger: logger5 = moduleLogger2
   }) {
     const paths = this.getSettablePaths({ global });
     const fileContent = buildGeminicliPolicyContent(rulesyncPermissions.getJson(), logger5);
@@ -11472,31 +11559,31 @@ var GeminicliPermissions = class _GeminicliPermissions extends ToolPermissions {
           { cause: error }
         );
       }
-      const rules = extractRules(parsed, moduleLogger);
+      const rules = extractRules(parsed, moduleLogger2);
       for (const [index, rule] of rules.entries()) {
         const mappedCategory = Object.hasOwn(GEMINICLI_TO_RULESYNC_TOOL_NAME, rule.toolName) ? GEMINICLI_TO_RULESYNC_TOOL_NAME[rule.toolName] : void 0;
         const category = mappedCategory ?? rule.toolName;
         if (RESERVED_OBJECT_KEYS.has(category)) {
-          moduleLogger.warn(
+          moduleLogger2.warn(
             `Skipping rule #${index} in ${this.getRelativeFilePath()}: toolName "${rule.toolName}" maps to a reserved object key ("${category}") and would risk prototype pollution.`
           );
           continue;
         }
         const action = mapFromGeminicliDecision(rule.decision);
         if (!action) {
-          moduleLogger.warn(
+          moduleLogger2.warn(
             `Skipping rule #${index} (toolName="${rule.toolName}", commandPrefix=${JSON.stringify(rule.commandPrefix)}, argsPattern=${JSON.stringify(rule.argsPattern)}) in ${this.getRelativeFilePath()}: unknown decision ${JSON.stringify(rule.decision)}`
           );
           continue;
         }
         if (rule.toolName === "run_shell_command" && rule.commandPrefix !== void 0 && rule.argsPattern !== void 0) {
-          moduleLogger.warn(
+          moduleLogger2.warn(
             `Rule #${index} in ${this.getRelativeFilePath()} sets both commandPrefix and argsPattern; rulesync will honor argsPattern and ignore commandPrefix=${JSON.stringify(rule.commandPrefix)}.`
           );
         }
         const pattern = extractPattern(rule);
         if (RESERVED_OBJECT_KEYS.has(pattern)) {
-          moduleLogger.warn(
+          moduleLogger2.warn(
             `Skipping rule #${index} in ${this.getRelativeFilePath()}: pattern "${pattern}" is a reserved object key.`
           );
           continue;
@@ -12265,7 +12352,7 @@ var QwenSettingsPermissionsSchema = import_mini36.z.looseObject({
 var QwenSettingsSchema = import_mini36.z.looseObject({
   permissions: import_mini36.z.optional(QwenSettingsPermissionsSchema)
 });
-var moduleLogger2 = new ConsoleLogger();
+var moduleLogger3 = new ConsoleLogger();
 var CANONICAL_TO_QWEN_TOOL_NAMES = {
   bash: "Bash",
   read: "Read",
@@ -12320,6 +12407,12 @@ var QwencodePermissions = class _QwencodePermissions extends ToolPermissions {
       ...params,
       fileContent: params.fileContent ?? "{}"
     });
+    if (params.validate) {
+      const result = this.validate();
+      if (!result.success) {
+        throw result.error;
+      }
+    }
   }
   isDeletable() {
     return false;
@@ -12441,7 +12534,19 @@ var QwencodePermissions = class _QwencodePermissions extends ToolPermissions {
     });
   }
   validate() {
-    return { success: true, error: null };
+    try {
+      const parsed = JSON.parse(this.fileContent || "{}");
+      const result = QwenSettingsSchema.safeParse(parsed);
+      if (!result.success) {
+        return { success: false, error: result.error };
+      }
+      return { success: true, error: null };
+    } catch (error) {
+      return {
+        success: false,
+        error: new Error(`Failed to parse Qwen permissions JSON: ${formatError(error)}`)
+      };
+    }
   }
   static forDeletion({
     outputRoot = process.cwd(),
@@ -12482,7 +12587,7 @@ function convertRulesyncToQwenPermissions(config) {
 }
 function convertQwenToRulesyncPermissions(params) {
   const permission = {};
-  const logger5 = params.logger ?? moduleLogger2;
+  const logger5 = params.logger ?? moduleLogger3;
   const processEntries = (entries, action) => {
     for (const entry of entries) {
       const parsed = parseQwenPermissionEntry(entry, { logger: logger5 });
@@ -21063,6 +21168,8 @@ var CopilotRuleFrontmatterSchema = import_mini77.z.object({
   applyTo: import_mini77.z.optional(import_mini77.z.string()),
   excludeAgent: import_mini77.z.optional(import_mini77.z.union([import_mini77.z.literal("code-review"), import_mini77.z.literal("coding-agent")]))
 });
+var normalizeRelativePath = (path5) => path5.replace(/\\/g, "/").replace(/\/+/g, "/");
+var sameRelativePath = (leftDir, leftFile, rightDir, rightFile) => normalizeRelativePath((0, import_node_path136.join)(leftDir, leftFile)) === normalizeRelativePath((0, import_node_path136.join)(rightDir, rightFile));
 var CopilotRule = class _CopilotRule extends ToolRule {
   frontmatter;
   body;
@@ -21180,7 +21287,12 @@ var CopilotRule = class _CopilotRule extends ToolRule {
     global = false
   }) {
     const paths = this.getSettablePaths({ global });
-    const isRoot = relativeDirPath ? (0, import_node_path136.join)(relativeDirPath, relativeFilePath) === (0, import_node_path136.join)(paths.root.relativeDirPath, paths.root.relativeFilePath) : relativeFilePath === paths.root.relativeFilePath;
+    const isRoot = relativeDirPath ? sameRelativePath(
+      relativeDirPath,
+      relativeFilePath,
+      paths.root.relativeDirPath,
+      paths.root.relativeFilePath
+    ) : relativeFilePath === paths.root.relativeFilePath;
     const resolvedRelativeDirPath = relativeDirPath ?? (isRoot ? paths.root.relativeDirPath : paths.nonRoot?.relativeDirPath ?? paths.root.relativeDirPath);
     if (isRoot) {
       const relativePath2 = (0, import_node_path136.join)(paths.root.relativeDirPath, paths.root.relativeFilePath);
@@ -21224,7 +21336,12 @@ var CopilotRule = class _CopilotRule extends ToolRule {
     global = false
   }) {
     const paths = this.getSettablePaths({ global });
-    const isRoot = (0, import_node_path136.join)(relativeDirPath, relativeFilePath) === (0, import_node_path136.join)(paths.root.relativeDirPath, paths.root.relativeFilePath);
+    const isRoot = sameRelativePath(
+      relativeDirPath,
+      relativeFilePath,
+      paths.root.relativeDirPath,
+      paths.root.relativeFilePath
+    );
     return new _CopilotRule({
       outputRoot,
       relativeDirPath,
@@ -26171,7 +26288,10 @@ var GITIGNORE_ENTRY_REGISTRY = [
   { target: "kilo", feature: "commands", entry: "**/.kilo/workflows/" },
   { target: "kilo", feature: "mcp", entry: "**/.kilo/mcp.json" },
   { target: "kilo", feature: "ignore", entry: "**/.kiloignore" },
-  { target: "kilo", feature: "permissions", entry: "**/kilo.jsonc" },
+  // No `**/kilo.jsonc` entry: structurally identical to `opencode.jsonc` (no
+  // entry). The Kilo translator preserves non-permissions Kilo settings on
+  // round-trip, so the file is intended to be checked in by the user — adding
+  // `**/kilo.jsonc` would be too aggressive.
   // Kiro
   { target: "kiro", feature: "rules", entry: "**/.kiro/steering/" },
   { target: "kiro", feature: "commands", entry: "**/.kiro/prompts/" },
@@ -31509,7 +31629,7 @@ function wrapCommand({
 }
 
 // src/cli/index.ts
-var getVersion = () => "8.15.0";
+var getVersion = () => "8.15.1";
 function wrapCommand2(name, errorCode, handler) {
   return wrapCommand({ name, errorCode, handler, getVersion });
 }

package/dist/cli/index.js

@@ -79,7 +79,7 @@ import {
   stringifyFrontmatter,
   toPosixPath,
   writeFileContent
-} from "../chunk-UMJWBQ2X.js";
+} from "../chunk-3DM6NLND.js";
 
 // src/cli/index.ts
 import { Command } from "commander";
@@ -1408,7 +1408,10 @@ var GITIGNORE_ENTRY_REGISTRY = [
   { target: "kilo", feature: "commands", entry: "**/.kilo/workflows/" },
   { target: "kilo", feature: "mcp", entry: "**/.kilo/mcp.json" },
   { target: "kilo", feature: "ignore", entry: "**/.kiloignore" },
-  { target: "kilo", feature: "permissions", entry: "**/kilo.jsonc" },
+  // No `**/kilo.jsonc` entry: structurally identical to `opencode.jsonc` (no
+  // entry). The Kilo translator preserves non-permissions Kilo settings on
+  // round-trip, so the file is intended to be checked in by the user — adding
+  // `**/kilo.jsonc` would be too aggressive.
   // Kiro
   { target: "kiro", feature: "rules", entry: "**/.kiro/steering/" },
   { target: "kiro", feature: "commands", entry: "**/.kiro/prompts/" },
@@ -6482,7 +6485,7 @@ function wrapCommand({
 }
 
 // src/cli/index.ts
-var getVersion = () => "8.15.0";
+var getVersion = () => "8.15.1";
 function wrapCommand2(name, errorCode, handler) {
   return wrapCommand({ name, errorCode, handler, getVersion });
 }

package/dist/index.cjs

@@ -232,7 +232,8 @@ function validateOutputRoot(outputRoot) {
     throw new Error("outputRoot cannot be an empty string");
   }
   if ((0, import_node_path2.isAbsolute)(outputRoot)) {
-    const segments = outputRoot.split(/[/\\]/);
+    const separatorRegex = process.platform === "win32" ? /[/\\]/ : /\//;
+    const segments = outputRoot.split(separatorRegex);
     if (segments.includes("..")) {
       throw new Error(`Path traversal detected: ${outputRoot}`);
     }
@@ -9998,6 +9999,7 @@ var ToolPermissions = class extends ToolFile {
 };
 
 // src/features/permissions/augmentcode-permissions.ts
+var moduleLogger = new ConsoleLogger();
 var AugmentPermissionTypeSchema = import_mini30.z.enum(["allow", "deny", "ask-user"]);
 var AugmentToolPermissionSchema = import_mini30.z.looseObject({
   toolName: import_mini30.z.string(),
@@ -10089,6 +10091,33 @@ function shellRegexToGlob(regex) {
   }
   return glob;
 }
+function isShellRegexRoundtrippable(regex) {
+  if (!regex.startsWith("^") || !regex.endsWith("$")) {
+    return false;
+  }
+  const body = regex.slice(1, -1);
+  let i = 0;
+  while (i < body.length) {
+    const ch = body[i];
+    if (ch === "\\" && i + 1 < body.length) {
+      i += 2;
+      continue;
+    }
+    if (ch === "." && body[i + 1] === "*") {
+      i += 2;
+      continue;
+    }
+    if (ch === ".") {
+      i += 1;
+      continue;
+    }
+    if (/[$^|+?*(){}[\]]/.test(ch ?? "")) {
+      return false;
+    }
+    i += 1;
+  }
+  return true;
+}
 var MANAGED_AUGMENT_TOOL_NAMES = new Set(Object.values(CANONICAL_TO_AUGMENT_TOOL_NAMES));
 var AugmentcodePermissions = class _AugmentcodePermissions extends ToolPermissions {
   constructor(params) {
@@ -10096,6 +10125,12 @@ var AugmentcodePermissions = class _AugmentcodePermissions extends ToolPermissio
       ...params,
       fileContent: params.fileContent ?? "{}"
     });
+    if (params.validate) {
+      const result = this.validate();
+      if (!result.success) {
+        throw result.error;
+      }
+    }
   }
   isDeletable() {
     return false;
@@ -10189,14 +10224,27 @@ var AugmentcodePermissions = class _AugmentcodePermissions extends ToolPermissio
       );
     }
     const config = convertAugmentToRulesyncPermissions({
-      entries: settings.toolPermissions ?? []
+      entries: settings.toolPermissions ?? [],
+      logger: moduleLogger
     });
     return this.toRulesyncPermissionsDefault({
       fileContent: JSON.stringify(config, null, 2)
     });
   }
   validate() {
-    return { success: true, error: null };
+    try {
+      const parsed = JSON.parse(this.fileContent || "{}");
+      const result = AugmentSettingsSchema.safeParse(parsed);
+      if (!result.success) {
+        return { success: false, error: result.error };
+      }
+      return { success: true, error: null };
+    } catch (error) {
+      return {
+        success: false,
+        error: new Error(`Failed to parse AugmentCode permissions JSON: ${formatError(error)}`)
+      };
+    }
   }
   static forDeletion({
     outputRoot = process.cwd(),
@@ -10294,7 +10342,8 @@ function sortAugmentEntries(entries) {
   return decorated.map((d) => d.entry);
 }
 function convertAugmentToRulesyncPermissions({
-  entries
+  entries,
+  logger
 }) {
   const actionPriority = {
     deny: 2,
@@ -10305,7 +10354,27 @@ function convertAugmentToRulesyncPermissions({
   for (const entry of entries) {
     const canonical = toCanonicalToolName(entry.toolName);
     const action = augmentTypeToAction(entry.permission.type);
-    const pattern = entry.toolName === "launch-process" && entry.shellInputRegex ? shellRegexToGlob(entry.shellInputRegex) : "*";
+    let pattern;
+    if (entry.toolName === "launch-process" && entry.shellInputRegex) {
+      const regex = entry.shellInputRegex;
+      if (isShellRegexRoundtrippable(regex)) {
+        pattern = shellRegexToGlob(regex);
+      } else {
+        if (action === "deny") {
+          logger?.warn(
+            `AugmentCode permissions: shellInputRegex '${regex}' on tool '${entry.toolName}' is not faithfully roundtrippable to a glob. Importing as the catch-all '*' pattern (fail-closed) so the deny rule cannot be silently narrowed on regenerate.`
+          );
+          pattern = "*";
+        } else {
+          pattern = shellRegexToGlob(regex);
+          logger?.warn(
+            `AugmentCode permissions: shellInputRegex '${regex}' on tool '${entry.toolName}' is not faithfully roundtrippable to a glob. Importing as glob '${pattern}'; the rule may match a different set of inputs after regenerate.`
+          );
+        }
+      }
+    } else {
+      pattern = "*";
+    }
     if (!permission[canonical]) {
       permission[canonical] = {};
     }
@@ -10560,6 +10629,12 @@ var ClinePermissions = class _ClinePermissions extends ToolPermissions {
       ...params,
       fileContent: params.fileContent ?? "{}"
     });
+    if (params.validate) {
+      const result = this.validate();
+      if (!result.success) {
+        throw result.error;
+      }
+    }
   }
   isDeletable() {
     return false;
@@ -10698,7 +10773,19 @@ var ClinePermissions = class _ClinePermissions extends ToolPermissions {
     });
   }
   validate() {
-    return { success: true, error: null };
+    try {
+      const parsed = JSON.parse(this.fileContent || "{}");
+      const result = ClineCommandPermissionsSchema.safeParse(parsed);
+      if (!result.success) {
+        return { success: false, error: result.error };
+      }
+      return { success: true, error: null };
+    } catch (error) {
+      return {
+        success: false,
+        error: new Error(`Failed to parse Cline permissions JSON: ${formatError(error)}`)
+      };
+    }
   }
   static forDeletion({
     outputRoot = process.cwd(),
@@ -11291,7 +11378,7 @@ var RESERVED_OBJECT_KEYS = /* @__PURE__ */ new Set([
   "constructor",
   "prototype"
 ]);
-var moduleLogger = new ConsoleLogger();
+var moduleLogger2 = new ConsoleLogger();
 var GeminicliPermissions = class _GeminicliPermissions extends ToolPermissions {
   static getSettablePaths(_options = {}) {
     return {
@@ -11320,7 +11407,7 @@ var GeminicliPermissions = class _GeminicliPermissions extends ToolPermissions {
     rulesyncPermissions,
     validate = true,
     global = false,
-    logger = moduleLogger
+    logger = moduleLogger2
   }) {
     const paths = this.getSettablePaths({ global });
     const fileContent = buildGeminicliPolicyContent(rulesyncPermissions.getJson(), logger);
@@ -11345,31 +11432,31 @@ var GeminicliPermissions = class _GeminicliPermissions extends ToolPermissions {
           { cause: error }
         );
       }
-      const rules = extractRules(parsed, moduleLogger);
+      const rules = extractRules(parsed, moduleLogger2);
       for (const [index, rule] of rules.entries()) {
         const mappedCategory = Object.hasOwn(GEMINICLI_TO_RULESYNC_TOOL_NAME, rule.toolName) ? GEMINICLI_TO_RULESYNC_TOOL_NAME[rule.toolName] : void 0;
         const category = mappedCategory ?? rule.toolName;
         if (RESERVED_OBJECT_KEYS.has(category)) {
-          moduleLogger.warn(
+          moduleLogger2.warn(
             `Skipping rule #${index} in ${this.getRelativeFilePath()}: toolName "${rule.toolName}" maps to a reserved object key ("${category}") and would risk prototype pollution.`
           );
           continue;
         }
         const action = mapFromGeminicliDecision(rule.decision);
         if (!action) {
-          moduleLogger.warn(
+          moduleLogger2.warn(
             `Skipping rule #${index} (toolName="${rule.toolName}", commandPrefix=${JSON.stringify(rule.commandPrefix)}, argsPattern=${JSON.stringify(rule.argsPattern)}) in ${this.getRelativeFilePath()}: unknown decision ${JSON.stringify(rule.decision)}`
           );
           continue;
         }
         if (rule.toolName === "run_shell_command" && rule.commandPrefix !== void 0 && rule.argsPattern !== void 0) {
-          moduleLogger.warn(
+          moduleLogger2.warn(
             `Rule #${index} in ${this.getRelativeFilePath()} sets both commandPrefix and argsPattern; rulesync will honor argsPattern and ignore commandPrefix=${JSON.stringify(rule.commandPrefix)}.`
           );
         }
         const pattern = extractPattern(rule);
         if (RESERVED_OBJECT_KEYS.has(pattern)) {
-          moduleLogger.warn(
+          moduleLogger2.warn(
             `Skipping rule #${index} in ${this.getRelativeFilePath()}: pattern "${pattern}" is a reserved object key.`
           );
           continue;
@@ -12138,7 +12225,7 @@ var QwenSettingsPermissionsSchema = import_mini36.z.looseObject({
 var QwenSettingsSchema = import_mini36.z.looseObject({
   permissions: import_mini36.z.optional(QwenSettingsPermissionsSchema)
 });
-var moduleLogger2 = new ConsoleLogger();
+var moduleLogger3 = new ConsoleLogger();
 var CANONICAL_TO_QWEN_TOOL_NAMES = {
   bash: "Bash",
   read: "Read",
@@ -12193,6 +12280,12 @@ var QwencodePermissions = class _QwencodePermissions extends ToolPermissions {
       ...params,
       fileContent: params.fileContent ?? "{}"
     });
+    if (params.validate) {
+      const result = this.validate();
+      if (!result.success) {
+        throw result.error;
+      }
+    }
   }
   isDeletable() {
     return false;
@@ -12314,7 +12407,19 @@ var QwencodePermissions = class _QwencodePermissions extends ToolPermissions {
     });
   }
   validate() {
-    return { success: true, error: null };
+    try {
+      const parsed = JSON.parse(this.fileContent || "{}");
+      const result = QwenSettingsSchema.safeParse(parsed);
+      if (!result.success) {
+        return { success: false, error: result.error };
+      }
+      return { success: true, error: null };
+    } catch (error) {
+      return {
+        success: false,
+        error: new Error(`Failed to parse Qwen permissions JSON: ${formatError(error)}`)
+      };
+    }
   }
   static forDeletion({
     outputRoot = process.cwd(),
@@ -12355,7 +12460,7 @@ function convertRulesyncToQwenPermissions(config) {
 }
 function convertQwenToRulesyncPermissions(params) {
   const permission = {};
-  const logger = params.logger ?? moduleLogger2;
+  const logger = params.logger ?? moduleLogger3;
   const processEntries = (entries, action) => {
     for (const entry of entries) {
       const parsed = parseQwenPermissionEntry(entry, { logger });
@@ -20936,6 +21041,8 @@ var CopilotRuleFrontmatterSchema = import_mini77.z.object({
   applyTo: import_mini77.z.optional(import_mini77.z.string()),
   excludeAgent: import_mini77.z.optional(import_mini77.z.union([import_mini77.z.literal("code-review"), import_mini77.z.literal("coding-agent")]))
 });
+var normalizeRelativePath = (path4) => path4.replace(/\\/g, "/").replace(/\/+/g, "/");
+var sameRelativePath = (leftDir, leftFile, rightDir, rightFile) => normalizeRelativePath((0, import_node_path136.join)(leftDir, leftFile)) === normalizeRelativePath((0, import_node_path136.join)(rightDir, rightFile));
 var CopilotRule = class _CopilotRule extends ToolRule {
   frontmatter;
   body;
@@ -21053,7 +21160,12 @@ var CopilotRule = class _CopilotRule extends ToolRule {
     global = false
   }) {
     const paths = this.getSettablePaths({ global });
-    const isRoot = relativeDirPath ? (0, import_node_path136.join)(relativeDirPath, relativeFilePath) === (0, import_node_path136.join)(paths.root.relativeDirPath, paths.root.relativeFilePath) : relativeFilePath === paths.root.relativeFilePath;
+    const isRoot = relativeDirPath ? sameRelativePath(
+      relativeDirPath,
+      relativeFilePath,
+      paths.root.relativeDirPath,
+      paths.root.relativeFilePath
+    ) : relativeFilePath === paths.root.relativeFilePath;
     const resolvedRelativeDirPath = relativeDirPath ?? (isRoot ? paths.root.relativeDirPath : paths.nonRoot?.relativeDirPath ?? paths.root.relativeDirPath);
     if (isRoot) {
       const relativePath2 = (0, import_node_path136.join)(paths.root.relativeDirPath, paths.root.relativeFilePath);
@@ -21097,7 +21209,12 @@ var CopilotRule = class _CopilotRule extends ToolRule {
     global = false
   }) {
     const paths = this.getSettablePaths({ global });
-    const isRoot = (0, import_node_path136.join)(relativeDirPath, relativeFilePath) === (0, import_node_path136.join)(paths.root.relativeDirPath, paths.root.relativeFilePath);
+    const isRoot = sameRelativePath(
+      relativeDirPath,
+      relativeFilePath,
+      paths.root.relativeDirPath,
+      paths.root.relativeFilePath
+    );
     return new _CopilotRule({
       outputRoot,
       relativeDirPath,

package/dist/index.js

@@ -7,7 +7,7 @@ import {
   convertFromTool,
   generate,
   importFromTool
-} from "./chunk-UMJWBQ2X.js";
+} from "./chunk-3DM6NLND.js";
 
 // src/index.ts
 async function generate2(options = {}) {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "rulesync",
-  "version": "8.15.0",
+  "version": "8.15.1",
   "description": "Unified AI rules management CLI tool that generates configuration files for various AI development tools",
   "keywords": [
     "ai",
@@ -61,7 +61,7 @@
     "gray-matter": "4.0.3",
     "js-yaml": "4.1.1",
     "jsonc-parser": "3.3.1",
-    "smol-toml": "1.6.0",
+    "smol-toml": "1.6.1",
     "sury": "10.0.4",
     "zod": "4.3.6"
   },