tlc-claude-code 2.2.1 → 2.4.0

package/server/lib/careful-patterns.js

@@ -0,0 +1,142 @@
+/**
+ * Careful Patterns Module
+ *
+ * Destructive command detection patterns for /tlc:careful
+ * and path scope checking for /tlc:freeze.
+ *
+ * @module careful-patterns
+ */
+
+const path = require('path');
+
+/**
+ * Destructive command patterns with their metadata.
+ * Each entry: { regex, reason, pattern }
+ * @type {Array<{regex: RegExp, reason: string, pattern: string}>}
+ */
+const DESTRUCTIVE_PATTERNS = [
+  {
+    regex: /\bgit\s+push\s+(?:.*\s+)?--force\b/,
+    reason: 'Force push',
+    pattern: 'git push --force',
+  },
+  {
+    regex: /\bgit\s+push\s+(?:.*\s+)?-f\b/,
+    reason: 'Force push',
+    pattern: 'git push -f',
+  },
+  {
+    regex: /\bgit\s+reset\s+--hard\b/,
+    reason: 'Hard reset',
+    pattern: 'git reset --hard',
+  },
+  {
+    regex: /\brm\s+-rf\b/,
+    reason: 'Recursive force delete',
+    pattern: 'rm -rf',
+  },
+  {
+    regex: /\bdrop\s+table\b/i,
+    reason: 'Drop table',
+    pattern: 'DROP TABLE',
+  },
+  {
+    regex: /\bdrop\s+database\b/i,
+    reason: 'Drop database',
+    pattern: 'DROP DATABASE',
+  },
+  {
+    regex: /\btruncate\s+table\b/i,
+    reason: 'Truncate table',
+    pattern: 'TRUNCATE TABLE',
+  },
+  {
+    regex: /\bgit\s+clean\s+-f/,
+    reason: 'Clean untracked files',
+    pattern: 'git clean -f',
+  },
+];
+
+/**
+ * Check if a shell command matches destructive patterns.
+ *
+ * Checks against known dangerous operations like force push,
+ * hard reset, recursive delete, and destructive SQL statements.
+ * SQL patterns are matched case-insensitively.
+ *
+ * @param {string} command - Shell command string to check
+ * @returns {{ destructive: boolean, reason?: string, pattern?: string }}
+ */
+function isDestructive(command) {
+  if (!command || typeof command !== 'string') {
+    return { destructive: false };
+  }
+
+  // Check DELETE FROM without WHERE (special case: only destructive without WHERE)
+  // Don't early-return on safe DELETE — continue checking for other destructive patterns
+  const deleteMatch = command.match(/\bdelete\s+from\b/i);
+  if (deleteMatch) {
+    const hasWhere = /\bwhere\b/i.test(command);
+    if (!hasWhere) {
+      return {
+        destructive: true,
+        reason: 'Delete without WHERE',
+        pattern: 'DELETE FROM',
+      };
+    }
+    // DELETE FROM ... WHERE is safe, but continue scanning for other patterns
+    // (e.g., "DELETE FROM users WHERE id=1; DROP TABLE sessions")
+  }
+
+  // Check all other patterns
+  for (const entry of DESTRUCTIVE_PATTERNS) {
+    if (entry.regex.test(command)) {
+      return {
+        destructive: true,
+        reason: entry.reason,
+        pattern: entry.pattern,
+      };
+    }
+  }
+
+  return { destructive: false };
+}
+
+/**
+ * Check if a file path is within an allowed scope directory.
+ *
+ * Resolves parent traversal (../) before checking containment.
+ * Both paths are normalized to prevent bypass via trailing slashes
+ * or prefix collisions (e.g., src/auth vs src/authorization).
+ *
+ * @param {string} filePath - File path to check
+ * @param {string} scopeDir - Allowed scope directory
+ * @returns {boolean}
+ */
+function isInScope(filePath, scopeDir) {
+  if (!filePath || !scopeDir) {
+    return false;
+  }
+  if (typeof filePath !== 'string' || typeof scopeDir !== 'string') {
+    return false;
+  }
+
+  // Normalize both paths to resolve ../ and remove trailing slashes
+  const normalizedFile = path.normalize(filePath);
+  const normalizedScope = path.normalize(scopeDir);
+
+  // Exact match
+  if (normalizedFile === normalizedScope) {
+    return true;
+  }
+
+  // File must be under scope directory (with path separator to prevent prefix collisions)
+  const scopePrefix = normalizedScope.endsWith(path.sep)
+    ? normalizedScope
+    : normalizedScope + path.sep;
+
+  return normalizedFile.startsWith(scopePrefix);
+}
+
+
+module.exports = { isDestructive, isInScope };

package/server/lib/careful-patterns.test.js

@@ -0,0 +1,164 @@
+/**
+ * Careful Patterns Tests - Phase 89 Task 6
+ *
+ * Destructive command detection and path scope checking
+ */
+
+import { describe, it, expect } from 'vitest';
+
+import { isDestructive, isInScope } from './careful-patterns.js';
+
+describe('careful-patterns', () => {
+  describe('isDestructive', () => {
+    it('detects git push --force as destructive', () => {
+      const result = isDestructive('git push --force origin main');
+      expect(result.destructive).toBe(true);
+      expect(result.reason).toBe('Force push');
+      expect(result.pattern).toBe('git push --force');
+    });
+
+    it('detects git push -f as destructive', () => {
+      const result = isDestructive('git push -f origin main');
+      expect(result.destructive).toBe(true);
+      expect(result.reason).toBe('Force push');
+    });
+
+    it('allows normal git push', () => {
+      const result = isDestructive('git push origin feature');
+      expect(result.destructive).toBe(false);
+      expect(result.reason).toBeUndefined();
+      expect(result.pattern).toBeUndefined();
+    });
+
+    it('detects git reset --hard as destructive', () => {
+      const result = isDestructive('git reset --hard HEAD~3');
+      expect(result.destructive).toBe(true);
+      expect(result.reason).toBe('Hard reset');
+      expect(result.pattern).toBe('git reset --hard');
+    });
+
+    it('allows git reset --soft', () => {
+      const result = isDestructive('git reset --soft HEAD~1');
+      expect(result.destructive).toBe(false);
+    });
+
+    it('detects rm -rf as destructive', () => {
+      const result = isDestructive('rm -rf /');
+      expect(result.destructive).toBe(true);
+      expect(result.reason).toBe('Recursive force delete');
+      expect(result.pattern).toBe('rm -rf');
+    });
+
+    it('allows simple rm', () => {
+      const result = isDestructive('rm file.txt');
+      expect(result.destructive).toBe(false);
+    });
+
+    it('detects DROP TABLE as destructive', () => {
+      const result = isDestructive('DROP TABLE users');
+      expect(result.destructive).toBe(true);
+      expect(result.reason).toBe('Drop table');
+      expect(result.pattern).toMatch(/drop table/i);
+    });
+
+    it('detects DELETE FROM without WHERE as destructive', () => {
+      const result = isDestructive('DELETE FROM users');
+      expect(result.destructive).toBe(true);
+      expect(result.reason).toBe('Delete without WHERE');
+    });
+
+    it('allows DELETE FROM with WHERE', () => {
+      const result = isDestructive('DELETE FROM users WHERE id = 1');
+      expect(result.destructive).toBe(false);
+    });
+
+    it('detects DROP after safe DELETE in multi-statement command', () => {
+      const result = isDestructive('DELETE FROM users WHERE id = 1; DROP TABLE sessions');
+      expect(result.destructive).toBe(true);
+      expect(result.reason).toBe('Drop table');
+    });
+
+    it('detects TRUNCATE TABLE as destructive', () => {
+      const result = isDestructive('TRUNCATE TABLE sessions');
+      expect(result.destructive).toBe(true);
+      expect(result.reason).toBe('Truncate table');
+    });
+
+    it('detects git clean -fd as destructive', () => {
+      const result = isDestructive('git clean -fd');
+      expect(result.destructive).toBe(true);
+      expect(result.reason).toBe('Clean untracked files');
+      expect(result.pattern).toBe('git clean -f');
+    });
+
+    it('allows npm install', () => {
+      const result = isDestructive('npm install express');
+      expect(result.destructive).toBe(false);
+    });
+
+    it('detects DROP DATABASE as destructive', () => {
+      const result = isDestructive('DROP DATABASE production');
+      expect(result.destructive).toBe(true);
+      expect(result.reason).toBe('Drop database');
+    });
+
+    it('handles SQL commands case-insensitively', () => {
+      expect(isDestructive('drop table users').destructive).toBe(true);
+      expect(isDestructive('Drop Table users').destructive).toBe(true);
+      expect(isDestructive('DELETE from users').destructive).toBe(true);
+      expect(isDestructive('truncate TABLE sessions').destructive).toBe(true);
+    });
+
+    it('returns destructive:false for empty string', () => {
+      const result = isDestructive('');
+      expect(result.destructive).toBe(false);
+    });
+
+    it('returns destructive:false for null/undefined', () => {
+      expect(isDestructive(null).destructive).toBe(false);
+      expect(isDestructive(undefined).destructive).toBe(false);
+    });
+  });
+
+  describe('isInScope', () => {
+    it('returns true for file within scope directory', () => {
+      expect(isInScope('src/auth/login.ts', 'src/auth')).toBe(true);
+    });
+
+    it('returns false for file outside scope directory', () => {
+      expect(isInScope('src/user/user.ts', 'src/auth')).toBe(false);
+    });
+
+    it('returns false for parent traversal attempts', () => {
+      expect(isInScope('src/auth/../user/user.ts', 'src/auth')).toBe(false);
+    });
+
+    it('returns true for deeply nested files within scope', () => {
+      expect(isInScope('src/auth/deep/nested/file.ts', 'src/auth')).toBe(true);
+    });
+
+    it('returns true for exact directory match', () => {
+      expect(isInScope('src/auth', 'src/auth')).toBe(true);
+    });
+
+    it('returns false when file path starts with scope but is a different dir', () => {
+      // src/authorization is not inside src/auth
+      expect(isInScope('src/authorization/file.ts', 'src/auth')).toBe(false);
+    });
+
+    it('handles trailing slashes consistently', () => {
+      expect(isInScope('src/auth/file.ts', 'src/auth/')).toBe(true);
+      expect(isInScope('src/auth/file.ts', 'src/auth')).toBe(true);
+    });
+
+    it('returns false for empty inputs', () => {
+      expect(isInScope('', 'src/auth')).toBe(false);
+      expect(isInScope('src/auth/file.ts', '')).toBe(false);
+    });
+
+    it('returns false for null/undefined inputs', () => {
+      expect(isInScope(null, 'src/auth')).toBe(false);
+      expect(isInScope('src/auth/file.ts', null)).toBe(false);
+    });
+  });
+});

package/server/lib/cli-dispatcher.js

@@ -0,0 +1,98 @@
+/**
+ * CLI Dispatcher
+ *
+ * Generic dispatcher for shelling out to any CLI-based LLM provider.
+ * Spawns the process, pipes the prompt via stdin, captures stdout/stderr,
+ * handles timeouts.
+ *
+ * @module cli-dispatcher
+ */
+
+/**
+ * Dispatch a command to a CLI process.
+ * @param {Object} opts - Dispatch options
+ * @param {string} opts.command - CLI executable name (e.g., "codex", "gemini")
+ * @param {string[]} opts.args - CLI arguments
+ * @param {string} opts.prompt - Prompt text to pipe via stdin
+ * @param {number} [opts.timeout=120000] - Timeout in ms
+ * @param {string} [opts.cwd] - Working directory
+ * @param {Function} opts.spawn - Injected child_process.spawn
+ * @returns {Promise<{stdout: string, stderr: string, exitCode: number, duration: number}>}
+ */
+function dispatch({ command, args = [], prompt = '', timeout = 120000, cwd, spawn = require('child_process').spawn }) {
+  return new Promise((resolve) => {
+    const start = Date.now();
+
+    const spawnOpts = {};
+    if (cwd) spawnOpts.cwd = cwd;
+
+    const proc = spawn(command, args, spawnOpts);
+
+    let stdout = '';
+    let stderr = '';
+    let settled = false;
+
+    const finish = (exitCode, stderrOverride) => {
+      if (settled) return;
+      settled = true;
+      clearTimeout(timer);
+      resolve({
+        stdout,
+        stderr: stderrOverride !== undefined ? stderrOverride : stderr,
+        exitCode,
+        duration: Date.now() - start,
+      });
+    };
+
+    const timer = setTimeout(() => {
+      proc.kill();
+      finish(-1, 'Process timed out');
+    }, timeout);
+
+    proc.stdout.on('data', (data) => {
+      stdout += data.toString();
+    });
+
+    proc.stderr.on('data', (data) => {
+      stderr += data.toString();
+    });
+
+    proc.on('close', (code) => {
+      finish(code);
+    });
+
+    proc.on('error', (err) => {
+      finish(-1, err.message || 'Failed to spawn process');
+    });
+
+    // Suppress broken pipe if child exits before stdin is consumed
+    proc.stdin.on('error', () => {});
+
+    // Write prompt to stdin then close
+    if (prompt) {
+      proc.stdin.write(prompt);
+    }
+    proc.stdin.end();
+  });
+}
+
+/**
+ * Build command and args from a provider config object.
+ * @param {Object} provider - Provider config from model_providers
+ * @param {string} provider.type - Provider type ("cli", "inline", etc.)
+ * @param {string} provider.command - CLI executable name
+ * @param {string[]} [provider.flags] - CLI flags
+ * @returns {{command: string, args: string[]}|null} Command spec, or null for non-CLI types
+ */
+function buildProviderCommand(provider) {
+  if (provider.type !== 'cli') {
+    return null;
+  }
+
+  return {
+    command: provider.command,
+    args: provider.flags || [],
+  };
+}
+
+module.exports = { dispatch, buildProviderCommand };

package/server/lib/cli-dispatcher.test.js

@@ -0,0 +1,249 @@
+import { describe, it, expect, vi } from 'vitest';
+import { dispatch, buildProviderCommand } from './cli-dispatcher.js';
+
+/**
+ * Create a mock spawn function that simulates child_process.spawn.
+ * @param {Object} opts - Mock behavior
+ * @param {string} [opts.stdout=''] - Data to emit on stdout
+ * @param {string} [opts.stderr=''] - Data to emit on stderr
+ * @param {number} [opts.exitCode=0] - Exit code to emit on close
+ * @param {number} [opts.delay=0] - Delay in ms before emitting close
+ * @returns {Function} Mock spawn function
+ */
+function createMockSpawn({ stdout = '', stderr = '', exitCode = 0, delay = 0 } = {}) {
+  return vi.fn(() => {
+    const listeners = {};
+    const stdinChunks = [];
+    const proc = {
+      stdin: {
+        write(data) { stdinChunks.push(data); },
+        end() { stdinChunks.push(null); },
+        on() {},
+      },
+      stdout: { on(event, cb) { listeners[`stdout:${event}`] = cb; } },
+      stderr: { on(event, cb) { listeners[`stderr:${event}`] = cb; } },
+      on(event, cb) { listeners[event] = cb; },
+      kill() { listeners._killed = true; },
+      _stdinChunks: stdinChunks,
+    };
+
+    // Emit data and close asynchronously
+    setTimeout(() => {
+      if (stdout) listeners['stdout:data']?.(Buffer.from(stdout));
+      if (stderr) listeners['stderr:data']?.(Buffer.from(stderr));
+      if (!listeners._killed) {
+        listeners.close?.(exitCode);
+      }
+    }, delay);
+
+    return proc;
+  });
+}
+
+describe('cli-dispatcher', () => {
+  describe('dispatch', () => {
+    it('dispatches command and captures stdout', async () => {
+      const mockSpawn = createMockSpawn({ stdout: 'hello world' });
+
+      const result = await dispatch({
+        command: 'echo',
+        args: ['hello'],
+        prompt: '',
+        spawn: mockSpawn,
+      });
+
+      expect(result.stdout).toBe('hello world');
+      expect(result.exitCode).toBe(0);
+    });
+
+    it('captures stderr separately', async () => {
+      const mockSpawn = createMockSpawn({ stdout: 'out', stderr: 'err' });
+
+      const result = await dispatch({
+        command: 'test-cmd',
+        args: [],
+        prompt: '',
+        spawn: mockSpawn,
+      });
+
+      expect(result.stdout).toBe('out');
+      expect(result.stderr).toBe('err');
+    });
+
+    it('pipes prompt to stdin', async () => {
+      const mockSpawn = createMockSpawn({ stdout: 'response' });
+
+      await dispatch({
+        command: 'codex',
+        args: ['--quiet'],
+        prompt: 'Review this code',
+        spawn: mockSpawn,
+      });
+
+      const proc = mockSpawn.mock.results[0].value;
+      expect(proc._stdinChunks).toContain('Review this code');
+      // stdin should be ended (null sentinel)
+      expect(proc._stdinChunks).toContain(null);
+    });
+
+    it('returns exit code from process', async () => {
+      const mockSpawn = createMockSpawn({ exitCode: 42 });
+
+      const result = await dispatch({
+        command: 'failing-cmd',
+        args: [],
+        prompt: '',
+        spawn: mockSpawn,
+      });
+
+      expect(result.exitCode).toBe(42);
+    });
+
+    it('timeout kills process and returns error result', async () => {
+      const mockSpawn = createMockSpawn({ stdout: 'slow', delay: 5000 });
+
+      const result = await dispatch({
+        command: 'slow-cmd',
+        args: [],
+        prompt: '',
+        timeout: 50,
+        spawn: mockSpawn,
+      });
+
+      expect(result.exitCode).toBe(-1);
+      expect(result.stderr).toBe('Process timed out');
+    });
+
+    it('duration measured in milliseconds', async () => {
+      const mockSpawn = createMockSpawn({ stdout: 'fast', delay: 10 });
+
+      const result = await dispatch({
+        command: 'fast-cmd',
+        args: [],
+        prompt: '',
+        spawn: mockSpawn,
+      });
+
+      expect(result.duration).toBeTypeOf('number');
+      expect(result.duration).toBeGreaterThanOrEqual(0);
+    });
+
+    it('non-zero exit code captured not thrown', async () => {
+      const mockSpawn = createMockSpawn({ exitCode: 1, stderr: 'command failed' });
+
+      const result = await dispatch({
+        command: 'bad-cmd',
+        args: [],
+        prompt: '',
+        spawn: mockSpawn,
+      });
+
+      // Should NOT throw
+      expect(result.exitCode).toBe(1);
+      expect(result.stderr).toBe('command failed');
+      expect(result.stdout).toBe('');
+    });
+
+    it('empty prompt still works and closes stdin immediately', async () => {
+      const mockSpawn = createMockSpawn({ stdout: 'ok' });
+
+      const result = await dispatch({
+        command: 'cmd',
+        args: [],
+        prompt: '',
+        spawn: mockSpawn,
+      });
+
+      expect(result.stdout).toBe('ok');
+      expect(result.exitCode).toBe(0);
+
+      // stdin.end should have been called (null sentinel present)
+      const proc = mockSpawn.mock.results[0].value;
+      expect(proc._stdinChunks).toContain(null);
+    });
+
+    it('handles spawn error event (e.g., ENOENT) without hanging', async () => {
+      const mockSpawn = vi.fn(() => {
+        const listeners = {};
+        const proc = {
+          stdin: { write() {}, end() {}, on() {} },
+          stdout: { on(event, cb) { listeners[`stdout:${event}`] = cb; } },
+          stderr: { on(event, cb) { listeners[`stderr:${event}`] = cb; } },
+          on(event, cb) { listeners[event] = cb; },
+          kill() {},
+        };
+        // Emit error asynchronously (simulates ENOENT)
+        setTimeout(() => {
+          listeners.error?.(new Error('spawn codex ENOENT'));
+        }, 1);
+        return proc;
+      });
+
+      const result = await dispatch({
+        command: 'codex',
+        args: [],
+        prompt: 'test',
+        timeout: 5000,
+        spawn: mockSpawn,
+      });
+
+      expect(result.exitCode).toBe(-1);
+      expect(result.stderr).toContain('ENOENT');
+      expect(result.duration).toBeLessThan(1000);
+    });
+
+    it('passes cwd to spawn options', async () => {
+      const mockSpawn = createMockSpawn({ stdout: 'ok' });
+
+      await dispatch({
+        command: 'cmd',
+        args: ['--flag'],
+        prompt: 'hello',
+        cwd: '/tmp/test',
+        spawn: mockSpawn,
+      });
+
+      expect(mockSpawn).toHaveBeenCalledWith(
+        'cmd',
+        ['--flag'],
+        expect.objectContaining({ cwd: '/tmp/test' })
+      );
+    });
+  });
+
+  describe('buildProviderCommand', () => {
+    it('extracts command and flags', () => {
+      const result = buildProviderCommand({
+        type: 'cli',
+        command: 'codex',
+        flags: ['--dangerously-skip-permissions'],
+      });
+
+      expect(result).toEqual({
+        command: 'codex',
+        args: ['--dangerously-skip-permissions'],
+      });
+    });
+
+    it('handles provider with no flags', () => {
+      const result = buildProviderCommand({
+        type: 'cli',
+        command: 'gemini',
+      });
+
+      expect(result).toEqual({
+        command: 'gemini',
+        args: [],
+      });
+    });
+
+    it('handles inline type and returns null', () => {
+      const result = buildProviderCommand({
+        type: 'inline',
+        command: 'claude',
+      });
+
+      expect(result).toBeNull();
+    });
+  });
+});