wave-agent-sdk 0.0.10 → 0.0.11
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/agent.d.ts.map +1 -1
- package/dist/agent.js +25 -14
- package/dist/index.d.ts +1 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +1 -0
- package/dist/managers/permissionManager.d.ts +9 -0
- package/dist/managers/permissionManager.d.ts.map +1 -1
- package/dist/managers/permissionManager.js +166 -6
- package/dist/tools/bashTool.d.ts.map +1 -1
- package/dist/tools/bashTool.js +66 -27
- package/dist/types/permissions.d.ts +4 -0
- package/dist/types/permissions.d.ts.map +1 -1
- package/dist/utils/bashParser.d.ts +24 -0
- package/dist/utils/bashParser.d.ts.map +1 -0
- package/dist/utils/bashParser.js +413 -0
- package/dist/utils/pathSafety.d.ts +10 -0
- package/dist/utils/pathSafety.d.ts.map +1 -0
- package/dist/utils/pathSafety.js +23 -0
- package/package.json +5 -2
- package/src/agent.ts +28 -13
- package/src/index.ts +1 -0
- package/src/managers/permissionManager.ts +210 -6
- package/src/tools/bashTool.ts +72 -32
- package/src/types/permissions.ts +4 -0
- package/src/utils/bashParser.ts +444 -0
- package/src/utils/pathSafety.ts +26 -0
- package/dist/utils/largeOutputHandler.d.ts +0 -15
- package/dist/utils/largeOutputHandler.d.ts.map +0 -1
- package/dist/utils/largeOutputHandler.js +0 -40
- package/dist/utils/tokenEstimator.d.ts +0 -39
- package/dist/utils/tokenEstimator.d.ts.map +0 -1
- package/dist/utils/tokenEstimator.js +0 -55
- package/src/utils/largeOutputHandler.ts +0 -55
- package/src/utils/tokenEstimator.ts +0 -68
package/dist/agent.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"agent.d.ts","sourceRoot":"","sources":["../src/agent.ts"],"names":[],"mappings":"AAAA,OAAO,EAEL,KAAK,uBAAuB,EAC7B,MAAM,8BAA8B,CAAC;AAGtC,OAAO,EAEL,KAAK,wBAAwB,EAC9B,MAAM,+BAA+B,CAAC;AAEvC,OAAO,EAAc,KAAK,mBAAmB,EAAE,MAAM,0BAA0B,CAAC;AAGhF,OAAO,EAEL,KAAK,8BAA8B,EACpC,MAAM,qCAAqC,CAAC;AAG7C,OAAO,KAAK,EACV,YAAY,EACZ,kBAAkB,EAClB,WAAW,EACZ,MAAM,kBAAkB,CAAC;AAC1B,OAAO,KAAK,EACV,OAAO,EACP,MAAM,EACN,eAAe,EACf,aAAa,EACb,WAAW,EACX,KAAK,EACL,cAAc,EACd,kBAAkB,EACnB,MAAM,kBAAkB,CAAC;AAe1B,OAAO,EAAE,aAAa,EAAE,MAAM,QAAQ,CAAC;AAEvC;;;;;GAKG;AACH,MAAM,WAAW,YAAY;IAE3B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,cAAc,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACxC,YAAY,CAAC,EAAE,aAAa,CAAC,cAAc,CAAC,CAAC;IAC7C,KAAK,CAAC,EAAE,aAAa,CAAC,OAAO,CAAC,CAAC;IAC/B,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,UAAU,CAAC,EAAE,MAAM,CAAC;IAGpB,SAAS,CAAC,EAAE,cAAc,CAAC;IAC3B,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,mBAAmB,CAAC,EAAE,OAAO,CAAC;IAC9B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,qEAAqE;IACrE,QAAQ,CAAC,EAAE,OAAO,EAAE,CAAC;IACrB,6DAA6D;IAC7D,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,iFAAiF;IACjF,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,6CAA6C;IAC7C,cAAc,CAAC,EAAE,cAAc,CAAC;IAChC,gCAAgC;IAChC,UAAU,CAAC,EAAE,kBAAkB,CAAC;IAChC,uEAAuE;IACvE,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,qFAAqF;IACrF,UAAU,CAAC,EAAE,WAAW,CAAC;CAC1B;AAED,MAAM,WAAW,cACf,SAAQ,uBAAuB,EAC7B,8BAA8B,EAC9B,mBAAmB,EACnB,wBAAwB;IAC1B,sBAAsB,CAAC,EAAE,CAAC,IAAI,EAAE,cAAc,KAAK,IAAI,CAAC;CACzD;AAED,qBAAa,KAAK;IAChB,OAAO,CAAC,cAAc,CAAiB;IACvC,OAAO,CAAC,SAAS,CAAY;IAE7B,OAAO,CAAC,WAAW,CAA4B;IAC/C,OAAO,CAAC,qBAAqB,CAAwB;IACrD,OAAO,CAAC,MAAM,CAAC,CAAS;IACxB,OAAO,CAAC,WAAW,CAAc;IACjC,OAAO,CAAC,UAAU,CAAa;IAC/B,OAAO,CAAC,UAAU,CAAc;IAChC,OAAO,CAAC,iBAAiB,CAAoB;IAC7C,OAAO,CAAC,eAAe,CAAkB;IACzC,OAAO,CAAC,mBAAmB,CAAsB;IACjD,OAAO,CAAC,WAAW,CAAc;IACjC,OAAO,CAAC,iBAAiB,CAAoB;IAC7C,OAAO,CAAC,oBAAoB,CAAuB;IACnD,OAAO,CAAC,OAAO,CAAS;IACxB,OAAO,CAAC,YAAY,CAAC,CAAS;IAC9B,OAAO,CAAC,OAAO,CAAe;IAC9B,OAAO,CAAC,MAAM,CAAU;IAGxB,OAAO,CAAC,OAAO,CAAe;IAG9B,OAAO,CAAC,qBAAqB,CAAc;IAC3C,OAAO,CAAC,kBAAkB,CAAc;IAGjC,gBAAgB,IAAI,aAAa;IAUjC,cAAc,IAAI,WAAW;IAO7B,aAAa,IAAI,MAAM;IAI9B;;;;OAIG;IACI,YAAY,CAAC,MAAM,EAAE;QAC1B,OAAO,CAAC,EAAE,OAAO,CAAC,aAAa,CAAC,CAAC;QACjC,KAAK,CAAC,EAAE,OAAO,CAAC,WAAW,CAAC,CAAC;QAC7B,UAAU,CAAC,EAAE,MAAM,CAAC;KACrB,GAAG,IAAI;IAyBR;;;;;;;;OAQG;IACH,OAAO;IAwKP,IAAW,SAAS,IAAI,MAAM,CAE7B;IAED,IAAW,QAAQ,IAAI,OAAO,EAAE,CAE/B;IAED,IAAW,MAAM,IAAI,KAAK,EAAE,CAE3B;IAED,IAAW,eAAe,IAAI,MAAM,CAEnC;IAED;;;OAGG;IACH,OAAO,CAAC,wBAAwB;IAWhC;;;OAGG;IACH,OAAO,CAAC,QAAQ;IAKhB,IAAW,iBAAiB,IAAI,MAAM,CAErC;IAED,IAAW,gBAAgB,IAAI,MAAM,EAAE,CAEtC;IAED,4BAA4B;IAC5B,IAAW,gBAAgB,IAAI,MAAM,CAEpC;IAED,iCAAiC;IACjC,IAAW,aAAa,IAAI,MAAM,CAEjC;IAED,8BAA8B;IAC9B,IAAW,UAAU,IAAI,MAAM,CAE9B;IAED,mDAAmD;IACnD,IAAW,cAAc,IAAI,MAAM,CAYlC;IAED,4BAA4B;IAC5B,IAAW,SAAS,IAAI,OAAO,CAE9B;IAED,qCAAqC;IACrC,IAAW,aAAa,IAAI,OAAO,CAElC;IAED,wCAAwC;IACxC,IAAW,gBAAgB,IAAI,OAAO,CAErC;IAED,uCAAuC;IAChC,wBAAwB,CAC7B,EAAE,EAAE,MAAM,EACV,MAAM,CAAC,EAAE,MAAM,GACd;QAAE,MAAM,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAA;KAAE,GAAG,IAAI;IAI5D,iCAAiC;IAC1B,mBAAmB,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO;IAI/C;;;;;;;;OAQG;IACH;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA6BG;WACU,MAAM,CAAC,OAAO,EAAE,YAAY,GAAG,OAAO,CAAC,KAAK,CAAC;IAW1D;;;;;OAKG;IACH,OAAO,CAAC,wBAAwB;IAehC,wEAAwE;YAC1D,UAAU;IAsKxB;;;OAGG;YACW,uBAAuB;IA2ErC;;;OAGG;IACU,cAAc,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAsCtD,cAAc,IAAI,IAAI;IAI7B,2BAA2B;IACd,kBAAkB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAM/D,uCAAuC;IAChC,aAAa,IAAI,IAAI;IAI5B,kFAAkF;IAC3E,YAAY,IAAI,IAAI;IAM3B,2BAA2B;IAC3B,OAAO,CAAC,iBAAiB;IAIzB,uCAAuC;IAChC,gBAAgB,IAAI,IAAI;IAI/B,wCAAwC;IACjC,iBAAiB,IAAI,IAAI;IAIhC,2CAA2C;IAC9B,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;IA2BrC;;;;;;;;;;;;;;;;;;;;;;;;;OAyBG;IACU,WAAW,CACtB,OAAO,EAAE,MAAM,EACf,MAAM,CAAC,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAA;KAAE,CAAC,GACjD,OAAO,CAAC,IAAI,CAAC;IAoFhB,iDAAiD;IACpC,UAAU,CACrB,OAAO,EAAE,MAAM,EACf,IAAI,EAAE,SAAS,GAAG,MAAM,GACvB,OAAO,CAAC,IAAI,CAAC;IA+ChB,gCAAgC;IACzB,aAAa,IAAI,eAAe,EAAE;IAIzC,yBAAyB;IACZ,gBAAgB,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAInE,4BAA4B;IACf,mBAAmB,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAMtE,uCAAuC;IAChC,gBAAgB,IAAI,YAAY,EAAE;IAIzC,oCAAoC;IAC7B,eAAe,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO;IAIlD,6BAA6B;IACtB,oBAAoB,IAAI,IAAI;IAInC,iCAAiC;IAC1B,gBAAgB,CAAC,SAAS,EAAE,MAAM,GAAG,kBAAkB,GAAG,SAAS;IAI1E,8BAA8B;IACvB,iBAAiB,IAAI,kBAAkB,EAAE;IAIhD;;OAEG;IACI,iBAAiB,IAAI,cAAc;IAI1C;;;OAGG;IACI,iBAAiB,CAAC,IAAI,EAAE,cAAc,GAAG,IAAI;IAKpD;;;OAGG;YACW,iBAAiB;
|
|
1
|
+
{"version":3,"file":"agent.d.ts","sourceRoot":"","sources":["../src/agent.ts"],"names":[],"mappings":"AAAA,OAAO,EAEL,KAAK,uBAAuB,EAC7B,MAAM,8BAA8B,CAAC;AAGtC,OAAO,EAEL,KAAK,wBAAwB,EAC9B,MAAM,+BAA+B,CAAC;AAEvC,OAAO,EAAc,KAAK,mBAAmB,EAAE,MAAM,0BAA0B,CAAC;AAGhF,OAAO,EAEL,KAAK,8BAA8B,EACpC,MAAM,qCAAqC,CAAC;AAG7C,OAAO,KAAK,EACV,YAAY,EACZ,kBAAkB,EAClB,WAAW,EACZ,MAAM,kBAAkB,CAAC;AAC1B,OAAO,KAAK,EACV,OAAO,EACP,MAAM,EACN,eAAe,EACf,aAAa,EACb,WAAW,EACX,KAAK,EACL,cAAc,EACd,kBAAkB,EACnB,MAAM,kBAAkB,CAAC;AAe1B,OAAO,EAAE,aAAa,EAAE,MAAM,QAAQ,CAAC;AAEvC;;;;;GAKG;AACH,MAAM,WAAW,YAAY;IAE3B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,cAAc,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACxC,YAAY,CAAC,EAAE,aAAa,CAAC,cAAc,CAAC,CAAC;IAC7C,KAAK,CAAC,EAAE,aAAa,CAAC,OAAO,CAAC,CAAC;IAC/B,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,UAAU,CAAC,EAAE,MAAM,CAAC;IAGpB,SAAS,CAAC,EAAE,cAAc,CAAC;IAC3B,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,mBAAmB,CAAC,EAAE,OAAO,CAAC;IAC9B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,qEAAqE;IACrE,QAAQ,CAAC,EAAE,OAAO,EAAE,CAAC;IACrB,6DAA6D;IAC7D,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,iFAAiF;IACjF,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,6CAA6C;IAC7C,cAAc,CAAC,EAAE,cAAc,CAAC;IAChC,gCAAgC;IAChC,UAAU,CAAC,EAAE,kBAAkB,CAAC;IAChC,uEAAuE;IACvE,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,qFAAqF;IACrF,UAAU,CAAC,EAAE,WAAW,CAAC;CAC1B;AAED,MAAM,WAAW,cACf,SAAQ,uBAAuB,EAC7B,8BAA8B,EAC9B,mBAAmB,EACnB,wBAAwB;IAC1B,sBAAsB,CAAC,EAAE,CAAC,IAAI,EAAE,cAAc,KAAK,IAAI,CAAC;CACzD;AAED,qBAAa,KAAK;IAChB,OAAO,CAAC,cAAc,CAAiB;IACvC,OAAO,CAAC,SAAS,CAAY;IAE7B,OAAO,CAAC,WAAW,CAA4B;IAC/C,OAAO,CAAC,qBAAqB,CAAwB;IACrD,OAAO,CAAC,MAAM,CAAC,CAAS;IACxB,OAAO,CAAC,WAAW,CAAc;IACjC,OAAO,CAAC,UAAU,CAAa;IAC/B,OAAO,CAAC,UAAU,CAAc;IAChC,OAAO,CAAC,iBAAiB,CAAoB;IAC7C,OAAO,CAAC,eAAe,CAAkB;IACzC,OAAO,CAAC,mBAAmB,CAAsB;IACjD,OAAO,CAAC,WAAW,CAAc;IACjC,OAAO,CAAC,iBAAiB,CAAoB;IAC7C,OAAO,CAAC,oBAAoB,CAAuB;IACnD,OAAO,CAAC,OAAO,CAAS;IACxB,OAAO,CAAC,YAAY,CAAC,CAAS;IAC9B,OAAO,CAAC,OAAO,CAAe;IAC9B,OAAO,CAAC,MAAM,CAAU;IAGxB,OAAO,CAAC,OAAO,CAAe;IAG9B,OAAO,CAAC,qBAAqB,CAAc;IAC3C,OAAO,CAAC,kBAAkB,CAAc;IAGjC,gBAAgB,IAAI,aAAa;IAUjC,cAAc,IAAI,WAAW;IAO7B,aAAa,IAAI,MAAM;IAI9B;;;;OAIG;IACI,YAAY,CAAC,MAAM,EAAE;QAC1B,OAAO,CAAC,EAAE,OAAO,CAAC,aAAa,CAAC,CAAC;QACjC,KAAK,CAAC,EAAE,OAAO,CAAC,WAAW,CAAC,CAAC;QAC7B,UAAU,CAAC,EAAE,MAAM,CAAC;KACrB,GAAG,IAAI;IAyBR;;;;;;;;OAQG;IACH,OAAO;IAwKP,IAAW,SAAS,IAAI,MAAM,CAE7B;IAED,IAAW,QAAQ,IAAI,OAAO,EAAE,CAE/B;IAED,IAAW,MAAM,IAAI,KAAK,EAAE,CAE3B;IAED,IAAW,eAAe,IAAI,MAAM,CAEnC;IAED;;;OAGG;IACH,OAAO,CAAC,wBAAwB;IAWhC;;;OAGG;IACH,OAAO,CAAC,QAAQ;IAKhB,IAAW,iBAAiB,IAAI,MAAM,CAErC;IAED,IAAW,gBAAgB,IAAI,MAAM,EAAE,CAEtC;IAED,4BAA4B;IAC5B,IAAW,gBAAgB,IAAI,MAAM,CAEpC;IAED,iCAAiC;IACjC,IAAW,aAAa,IAAI,MAAM,CAEjC;IAED,8BAA8B;IAC9B,IAAW,UAAU,IAAI,MAAM,CAE9B;IAED,mDAAmD;IACnD,IAAW,cAAc,IAAI,MAAM,CAYlC;IAED,4BAA4B;IAC5B,IAAW,SAAS,IAAI,OAAO,CAE9B;IAED,qCAAqC;IACrC,IAAW,aAAa,IAAI,OAAO,CAElC;IAED,wCAAwC;IACxC,IAAW,gBAAgB,IAAI,OAAO,CAErC;IAED,uCAAuC;IAChC,wBAAwB,CAC7B,EAAE,EAAE,MAAM,EACV,MAAM,CAAC,EAAE,MAAM,GACd;QAAE,MAAM,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAA;KAAE,GAAG,IAAI;IAI5D,iCAAiC;IAC1B,mBAAmB,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO;IAI/C;;;;;;;;OAQG;IACH;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA6BG;WACU,MAAM,CAAC,OAAO,EAAE,YAAY,GAAG,OAAO,CAAC,KAAK,CAAC;IAW1D;;;;;OAKG;IACH,OAAO,CAAC,wBAAwB;IAehC,wEAAwE;YAC1D,UAAU;IAsKxB;;;OAGG;YACW,uBAAuB;IA2ErC;;;OAGG;IACU,cAAc,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAsCtD,cAAc,IAAI,IAAI;IAI7B,2BAA2B;IACd,kBAAkB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAM/D,uCAAuC;IAChC,aAAa,IAAI,IAAI;IAI5B,kFAAkF;IAC3E,YAAY,IAAI,IAAI;IAM3B,2BAA2B;IAC3B,OAAO,CAAC,iBAAiB;IAIzB,uCAAuC;IAChC,gBAAgB,IAAI,IAAI;IAI/B,wCAAwC;IACjC,iBAAiB,IAAI,IAAI;IAIhC,2CAA2C;IAC9B,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;IA2BrC;;;;;;;;;;;;;;;;;;;;;;;;;OAyBG;IACU,WAAW,CACtB,OAAO,EAAE,MAAM,EACf,MAAM,CAAC,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAA;KAAE,CAAC,GACjD,OAAO,CAAC,IAAI,CAAC;IAoFhB,iDAAiD;IACpC,UAAU,CACrB,OAAO,EAAE,MAAM,EACf,IAAI,EAAE,SAAS,GAAG,MAAM,GACvB,OAAO,CAAC,IAAI,CAAC;IA+ChB,gCAAgC;IACzB,aAAa,IAAI,eAAe,EAAE;IAIzC,yBAAyB;IACZ,gBAAgB,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAInE,4BAA4B;IACf,mBAAmB,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAMtE,uCAAuC;IAChC,gBAAgB,IAAI,YAAY,EAAE;IAIzC,oCAAoC;IAC7B,eAAe,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO;IAIlD,6BAA6B;IACtB,oBAAoB,IAAI,IAAI;IAInC,iCAAiC;IAC1B,gBAAgB,CAAC,SAAS,EAAE,MAAM,GAAG,kBAAkB,GAAG,SAAS;IAI1E,8BAA8B;IACvB,iBAAiB,IAAI,kBAAkB,EAAE;IAIhD;;OAEG;IACI,iBAAiB,IAAI,cAAc;IAI1C;;;OAGG;IACI,iBAAiB,CAAC,IAAI,EAAE,cAAc,GAAG,IAAI;IAKpD;;;OAGG;YACW,iBAAiB;CAiChC"}
|
package/dist/agent.js
CHANGED
|
@@ -807,20 +807,31 @@ export class Agent {
|
|
|
807
807
|
* @param rule - The rule to add (e.g., "Bash(ls)")
|
|
808
808
|
*/
|
|
809
809
|
async addPermissionRule(rule) {
|
|
810
|
-
// 1.
|
|
811
|
-
|
|
812
|
-
|
|
813
|
-
|
|
814
|
-
|
|
815
|
-
|
|
816
|
-
|
|
817
|
-
|
|
818
|
-
|
|
819
|
-
|
|
820
|
-
|
|
821
|
-
|
|
822
|
-
|
|
823
|
-
|
|
810
|
+
// 1. Expand rule if it's a Bash command
|
|
811
|
+
let rulesToAdd = [rule];
|
|
812
|
+
const bashMatch = rule.match(/^Bash\((.*)\)$/);
|
|
813
|
+
if (bashMatch) {
|
|
814
|
+
const command = bashMatch[1];
|
|
815
|
+
rulesToAdd = this.permissionManager.expandBashRule(command, this.workdir);
|
|
816
|
+
}
|
|
817
|
+
for (const ruleToAdd of rulesToAdd) {
|
|
818
|
+
// 2. Update PermissionManager state
|
|
819
|
+
const currentRules = this.permissionManager.getAllowedRules();
|
|
820
|
+
if (!currentRules.includes(ruleToAdd)) {
|
|
821
|
+
this.permissionManager.updateAllowedRules([...currentRules, ruleToAdd]);
|
|
822
|
+
// 3. Persist to settings.local.json
|
|
823
|
+
try {
|
|
824
|
+
await this.configurationService.addAllowedRule(this.workdir, ruleToAdd);
|
|
825
|
+
this.logger?.debug("Persistent permission rule added", {
|
|
826
|
+
rule: ruleToAdd,
|
|
827
|
+
});
|
|
828
|
+
}
|
|
829
|
+
catch (error) {
|
|
830
|
+
this.logger?.error("Failed to persist permission rule", {
|
|
831
|
+
rule: ruleToAdd,
|
|
832
|
+
error: error instanceof Error ? error.message : String(error),
|
|
833
|
+
});
|
|
834
|
+
}
|
|
824
835
|
}
|
|
825
836
|
}
|
|
826
837
|
}
|
package/dist/index.d.ts
CHANGED
|
@@ -6,6 +6,7 @@ export * from "./services/jsonlHandler.js";
|
|
|
6
6
|
export * from "./services/configurationService.js";
|
|
7
7
|
export * from "./agent.js";
|
|
8
8
|
export * from "./utils/bashHistory.js";
|
|
9
|
+
export * from "./utils/bashParser.js";
|
|
9
10
|
export * from "./utils/convertMessagesForAPI.js";
|
|
10
11
|
export * from "./utils/fileFilter.js";
|
|
11
12
|
export * from "./utils/fileSearch.js";
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,cAAc,yBAAyB,CAAC;AACxC,cAAc,sBAAsB,CAAC;AACrC,cAAc,uBAAuB,CAAC;AACtC,cAAc,oBAAoB,CAAC;AACnC,cAAc,4BAA4B,CAAC;AAC3C,cAAc,oCAAoC,CAAC;AAGnD,cAAc,YAAY,CAAC;AAG3B,cAAc,wBAAwB,CAAC;AACvC,cAAc,kCAAkC,CAAC;AACjD,cAAc,uBAAuB,CAAC;AACtC,cAAc,uBAAuB,CAAC;AACtC,cAAc,yBAAyB,CAAC;AACxC,cAAc,qBAAqB,CAAC;AACpC,cAAc,8BAA8B,CAAC;AAC7C,cAAc,iBAAiB,CAAC;AAChC,cAAc,wBAAwB,CAAC;AACvC,cAAc,2BAA2B,CAAC;AAC1C,cAAc,wBAAwB,CAAC;AAGvC,cAAc,kBAAkB,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,cAAc,yBAAyB,CAAC;AACxC,cAAc,sBAAsB,CAAC;AACrC,cAAc,uBAAuB,CAAC;AACtC,cAAc,oBAAoB,CAAC;AACnC,cAAc,4BAA4B,CAAC;AAC3C,cAAc,oCAAoC,CAAC;AAGnD,cAAc,YAAY,CAAC;AAG3B,cAAc,wBAAwB,CAAC;AACvC,cAAc,uBAAuB,CAAC;AACtC,cAAc,kCAAkC,CAAC;AACjD,cAAc,uBAAuB,CAAC;AACtC,cAAc,uBAAuB,CAAC;AACtC,cAAc,yBAAyB,CAAC;AACxC,cAAc,qBAAqB,CAAC;AACpC,cAAc,8BAA8B,CAAC;AAC7C,cAAc,iBAAiB,CAAC;AAChC,cAAc,wBAAwB,CAAC;AACvC,cAAc,2BAA2B,CAAC;AAC1C,cAAc,wBAAwB,CAAC;AAGvC,cAAc,kBAAkB,CAAC"}
|
package/dist/index.js
CHANGED
|
@@ -9,6 +9,7 @@ export * from "./services/configurationService.js"; // New configuration managem
|
|
|
9
9
|
export * from "./agent.js";
|
|
10
10
|
// Export all utilities
|
|
11
11
|
export * from "./utils/bashHistory.js";
|
|
12
|
+
export * from "./utils/bashParser.js";
|
|
12
13
|
export * from "./utils/convertMessagesForAPI.js";
|
|
13
14
|
export * from "./utils/fileFilter.js";
|
|
14
15
|
export * from "./utils/fileSearch.js";
|
|
@@ -62,5 +62,14 @@ export declare class PermissionManager {
|
|
|
62
62
|
* Check if a tool call is allowed by persistent rules
|
|
63
63
|
*/
|
|
64
64
|
private isAllowedByRule;
|
|
65
|
+
/**
|
|
66
|
+
* Expand a bash command into individual permission rules, filtering out safe commands.
|
|
67
|
+
* Used when saving permissions to the allow list.
|
|
68
|
+
*
|
|
69
|
+
* @param command The full bash command string
|
|
70
|
+
* @param workdir The working directory for path safety checks
|
|
71
|
+
* @returns Array of permission rules in "Bash(cmd)" format
|
|
72
|
+
*/
|
|
73
|
+
expandBashRule(command: string, workdir: string): string[];
|
|
65
74
|
}
|
|
66
75
|
//# sourceMappingURL=permissionManager.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"permissionManager.d.ts","sourceRoot":"","sources":["../../src/managers/permissionManager.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;
|
|
1
|
+
{"version":3,"file":"permissionManager.d.ts","sourceRoot":"","sources":["../../src/managers/permissionManager.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAGH,OAAO,KAAK,EACV,kBAAkB,EAClB,qBAAqB,EACrB,kBAAkB,EAClB,cAAc,EACf,MAAM,yBAAyB,CAAC;AAEjC,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAYhD,MAAM,WAAW,wBAAwB;IACvC,gDAAgD;IAChD,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,uDAAuD;IACvD,qBAAqB,CAAC,EAAE,cAAc,CAAC;IACvC,kCAAkC;IAClC,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;CACzB;AAED,qBAAa,iBAAiB;IAC5B,OAAO,CAAC,MAAM,CAAC,CAAS;IACxB,OAAO,CAAC,qBAAqB,CAAC,CAAiB;IAC/C,OAAO,CAAC,YAAY,CAAgB;IACpC,OAAO,CAAC,6BAA6B,CAAC,CAAiC;gBAE3D,OAAO,GAAE,wBAA6B;IAMlD;;OAEG;IACI,gCAAgC,CACrC,QAAQ,EAAE,CAAC,IAAI,EAAE,cAAc,KAAK,IAAI,GACvC,IAAI;IAIP;;OAEG;IACH,2BAA2B,CAAC,WAAW,CAAC,EAAE,cAAc,GAAG,IAAI;IAyB/D;;OAEG;IACI,eAAe,IAAI,MAAM,EAAE;IAIlC;;OAEG;IACH,kBAAkB,CAAC,KAAK,EAAE,MAAM,EAAE,GAAG,IAAI;IAOzC;;OAEG;IACH,uBAAuB,CAAC,iBAAiB,CAAC,EAAE,cAAc,GAAG,cAAc;IAI3E;;OAEG;IACH,8BAA8B,CAC5B,iBAAiB,CAAC,EAAE,cAAc,GACjC,cAAc;IAuBjB;;;OAGG;IACG,eAAe,CACnB,OAAO,EAAE,qBAAqB,GAC7B,OAAO,CAAC,kBAAkB,CAAC;IAqF9B;;OAEG;IACH,gBAAgB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO;IAW3C;;OAEG;IACH,aAAa,CACX,QAAQ,EAAE,MAAM,EAChB,cAAc,EAAE,cAAc,EAC9B,QAAQ,CAAC,EAAE,kBAAkB,EAC7B,SAAS,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAClC,qBAAqB;IAuExB;;OAEG;IACH,OAAO,CAAC,eAAe;IAiEvB;;;;;;;OAOG;IACI,cAAc,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,MAAM,EAAE;CAiFlE"}
|
|
@@ -5,7 +5,11 @@
|
|
|
5
5
|
* It implements the permission logic for different modes (default vs bypass) and
|
|
6
6
|
* handles custom callback integration.
|
|
7
7
|
*/
|
|
8
|
+
import path from "node:path";
|
|
8
9
|
import { RESTRICTED_TOOLS } from "../types/permissions.js";
|
|
10
|
+
import { splitBashCommand, stripEnvVars, stripRedirections, getSmartPrefix, DANGEROUS_COMMANDS, } from "../utils/bashParser.js";
|
|
11
|
+
import { isPathInside } from "../utils/pathSafety.js";
|
|
12
|
+
const SAFE_COMMANDS = ["cd", "ls", "pwd"];
|
|
9
13
|
export class PermissionManager {
|
|
10
14
|
constructor(options = {}) {
|
|
11
15
|
this.allowedRules = [];
|
|
@@ -174,17 +178,60 @@ export class PermissionManager {
|
|
|
174
178
|
* Helper method to create a permission context for CLI integration
|
|
175
179
|
*/
|
|
176
180
|
createContext(toolName, permissionMode, callback, toolInput) {
|
|
181
|
+
let suggestedPrefix;
|
|
182
|
+
if (toolName === "Bash" && toolInput?.command) {
|
|
183
|
+
const command = String(toolInput.command);
|
|
184
|
+
const parts = splitBashCommand(command);
|
|
185
|
+
// Only suggest prefix for single commands to avoid confusion with complex chains
|
|
186
|
+
if (parts.length === 1) {
|
|
187
|
+
const processedPart = stripRedirections(stripEnvVars(parts[0]));
|
|
188
|
+
suggestedPrefix = getSmartPrefix(processedPart) ?? undefined;
|
|
189
|
+
}
|
|
190
|
+
}
|
|
177
191
|
const context = {
|
|
178
192
|
toolName,
|
|
179
193
|
permissionMode,
|
|
180
194
|
canUseToolCallback: callback,
|
|
181
195
|
toolInput,
|
|
196
|
+
suggestedPrefix,
|
|
182
197
|
};
|
|
198
|
+
// Set hidePersistentOption for dangerous or out-of-bounds bash commands
|
|
199
|
+
if (toolName === "Bash" && toolInput?.command) {
|
|
200
|
+
const command = String(toolInput.command);
|
|
201
|
+
const workdir = toolInput.workdir;
|
|
202
|
+
const parts = splitBashCommand(command);
|
|
203
|
+
const isDangerous = parts.some((part) => {
|
|
204
|
+
const processedPart = stripRedirections(stripEnvVars(part));
|
|
205
|
+
const commandMatch = processedPart.match(/^(\w+)(\s+.*)?$/);
|
|
206
|
+
if (commandMatch) {
|
|
207
|
+
const cmd = commandMatch[1];
|
|
208
|
+
const args = commandMatch[2]?.trim() || "";
|
|
209
|
+
// Check blacklist
|
|
210
|
+
if (DANGEROUS_COMMANDS.includes(cmd)) {
|
|
211
|
+
return true;
|
|
212
|
+
}
|
|
213
|
+
// Check out-of-bounds for cd and ls
|
|
214
|
+
if (workdir && (cmd === "cd" || cmd === "ls")) {
|
|
215
|
+
const pathArgs = (args.match(/(?:[^\s"']+|"[^"]*"|'[^']*')+/g) || []).filter((arg) => !arg.startsWith("-")) || [];
|
|
216
|
+
return pathArgs.some((pathArg) => {
|
|
217
|
+
const cleanPath = pathArg.replace(/^['"](.*)['"]$/, "$1");
|
|
218
|
+
const absolutePath = path.resolve(workdir, cleanPath);
|
|
219
|
+
return !isPathInside(absolutePath, workdir);
|
|
220
|
+
});
|
|
221
|
+
}
|
|
222
|
+
}
|
|
223
|
+
return false;
|
|
224
|
+
});
|
|
225
|
+
if (isDangerous) {
|
|
226
|
+
context.hidePersistentOption = true;
|
|
227
|
+
}
|
|
228
|
+
}
|
|
183
229
|
this.logger?.debug("Created permission context", {
|
|
184
230
|
toolName,
|
|
185
231
|
permissionMode,
|
|
186
232
|
hasCallback: !!callback,
|
|
187
233
|
hasToolInput: !!toolInput,
|
|
234
|
+
suggestedPrefix,
|
|
188
235
|
});
|
|
189
236
|
return context;
|
|
190
237
|
}
|
|
@@ -193,16 +240,129 @@ export class PermissionManager {
|
|
|
193
240
|
*/
|
|
194
241
|
isAllowedByRule(context) {
|
|
195
242
|
if (context.toolName === "Bash" && context.toolInput?.command) {
|
|
196
|
-
const
|
|
197
|
-
|
|
198
|
-
|
|
199
|
-
|
|
200
|
-
|
|
243
|
+
const command = String(context.toolInput.command);
|
|
244
|
+
const parts = splitBashCommand(command);
|
|
245
|
+
if (parts.length === 0)
|
|
246
|
+
return false;
|
|
247
|
+
const workdir = context.toolInput?.workdir;
|
|
248
|
+
return parts.every((part) => {
|
|
249
|
+
const processedPart = stripRedirections(stripEnvVars(part));
|
|
250
|
+
// Check for safe commands
|
|
251
|
+
const commandMatch = processedPart.match(/^(\w+)(\s+.*)?$/);
|
|
252
|
+
if (commandMatch) {
|
|
253
|
+
const cmd = commandMatch[1];
|
|
254
|
+
const args = commandMatch[2]?.trim() || "";
|
|
255
|
+
if (SAFE_COMMANDS.includes(cmd)) {
|
|
256
|
+
if (workdir) {
|
|
257
|
+
if (cmd === "pwd") {
|
|
258
|
+
return true;
|
|
259
|
+
}
|
|
260
|
+
// For cd and ls, check paths
|
|
261
|
+
const pathArgs = (args.match(/(?:[^\s"']+|"[^"]*"|'[^']*')+/g) || []).filter((arg) => !arg.startsWith("-")) || [];
|
|
262
|
+
if (pathArgs.length === 0) {
|
|
263
|
+
// cd or ls without arguments operates on current dir (workdir)
|
|
264
|
+
return true;
|
|
265
|
+
}
|
|
266
|
+
const allPathsSafe = pathArgs.every((pathArg) => {
|
|
267
|
+
// Remove quotes if present
|
|
268
|
+
const cleanPath = pathArg.replace(/^['"](.*)['"]$/, "$1");
|
|
269
|
+
const absolutePath = path.resolve(workdir, cleanPath);
|
|
270
|
+
return isPathInside(absolutePath, workdir);
|
|
271
|
+
});
|
|
272
|
+
if (allPathsSafe) {
|
|
273
|
+
return true;
|
|
274
|
+
}
|
|
275
|
+
}
|
|
276
|
+
}
|
|
201
277
|
}
|
|
202
|
-
|
|
278
|
+
const action = `${context.toolName}(${processedPart})`;
|
|
279
|
+
const allowedByRule = this.allowedRules.some((rule) => {
|
|
280
|
+
if (rule.endsWith(":*)")) {
|
|
281
|
+
const prefix = rule.slice(0, -3);
|
|
282
|
+
return action.startsWith(prefix);
|
|
283
|
+
}
|
|
284
|
+
return action === rule;
|
|
285
|
+
});
|
|
286
|
+
if (allowedByRule)
|
|
287
|
+
return true;
|
|
288
|
+
return !this.isRestrictedTool(context.toolName);
|
|
203
289
|
});
|
|
204
290
|
}
|
|
205
291
|
// Add other tools if needed in the future
|
|
206
292
|
return false;
|
|
207
293
|
}
|
|
294
|
+
/**
|
|
295
|
+
* Expand a bash command into individual permission rules, filtering out safe commands.
|
|
296
|
+
* Used when saving permissions to the allow list.
|
|
297
|
+
*
|
|
298
|
+
* @param command The full bash command string
|
|
299
|
+
* @param workdir The working directory for path safety checks
|
|
300
|
+
* @returns Array of permission rules in "Bash(cmd)" format
|
|
301
|
+
*/
|
|
302
|
+
expandBashRule(command, workdir) {
|
|
303
|
+
const parts = splitBashCommand(command);
|
|
304
|
+
const rules = [];
|
|
305
|
+
for (const part of parts) {
|
|
306
|
+
const processedPart = stripRedirections(stripEnvVars(part));
|
|
307
|
+
// Check for safe commands
|
|
308
|
+
const commandMatch = processedPart.match(/^(\w+)(\s+.*)?$/);
|
|
309
|
+
let isSafe = false;
|
|
310
|
+
if (commandMatch) {
|
|
311
|
+
const cmd = commandMatch[1];
|
|
312
|
+
const args = commandMatch[2]?.trim() || "";
|
|
313
|
+
if (SAFE_COMMANDS.includes(cmd)) {
|
|
314
|
+
if (cmd === "pwd") {
|
|
315
|
+
isSafe = true;
|
|
316
|
+
}
|
|
317
|
+
else {
|
|
318
|
+
// For cd and ls, check paths
|
|
319
|
+
const pathArgs = (args.match(/(?:[^\s"']+|"[^"]*"|'[^']*')+/g) || []).filter((arg) => !arg.startsWith("-")) || [];
|
|
320
|
+
if (pathArgs.length === 0) {
|
|
321
|
+
isSafe = true;
|
|
322
|
+
}
|
|
323
|
+
else {
|
|
324
|
+
const allPathsSafe = pathArgs.every((pathArg) => {
|
|
325
|
+
const cleanPath = pathArg.replace(/^['"](.*)['"]$/, "$1");
|
|
326
|
+
const absolutePath = path.resolve(workdir, cleanPath);
|
|
327
|
+
return isPathInside(absolutePath, workdir);
|
|
328
|
+
});
|
|
329
|
+
if (allPathsSafe) {
|
|
330
|
+
isSafe = true;
|
|
331
|
+
}
|
|
332
|
+
}
|
|
333
|
+
}
|
|
334
|
+
}
|
|
335
|
+
}
|
|
336
|
+
if (!isSafe) {
|
|
337
|
+
// Check if command is dangerous or out-of-bounds
|
|
338
|
+
const commandMatch = processedPart.match(/^(\w+)(\s+.*)?$/);
|
|
339
|
+
if (commandMatch) {
|
|
340
|
+
const cmd = commandMatch[1];
|
|
341
|
+
const args = commandMatch[2]?.trim() || "";
|
|
342
|
+
if (DANGEROUS_COMMANDS.includes(cmd)) {
|
|
343
|
+
continue;
|
|
344
|
+
}
|
|
345
|
+
if (cmd === "cd" || cmd === "ls") {
|
|
346
|
+
const pathArgs = (args.match(/(?:[^\s"']+|"[^"]*"|'[^']*')+/g) || []).filter((arg) => !arg.startsWith("-")) || [];
|
|
347
|
+
const isOutOfBounds = pathArgs.some((pathArg) => {
|
|
348
|
+
const cleanPath = pathArg.replace(/^['"](.*)['"]$/, "$1");
|
|
349
|
+
const absolutePath = path.resolve(workdir, cleanPath);
|
|
350
|
+
return !isPathInside(absolutePath, workdir);
|
|
351
|
+
});
|
|
352
|
+
if (isOutOfBounds) {
|
|
353
|
+
continue;
|
|
354
|
+
}
|
|
355
|
+
}
|
|
356
|
+
}
|
|
357
|
+
const smartPrefix = getSmartPrefix(processedPart);
|
|
358
|
+
if (smartPrefix) {
|
|
359
|
+
rules.push(`Bash(${smartPrefix}:*)`);
|
|
360
|
+
}
|
|
361
|
+
else {
|
|
362
|
+
rules.push(`Bash(${processedPart})`);
|
|
363
|
+
}
|
|
364
|
+
}
|
|
365
|
+
}
|
|
366
|
+
return rules;
|
|
367
|
+
}
|
|
208
368
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"bashTool.d.ts","sourceRoot":"","sources":["../../src/tools/bashTool.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"bashTool.d.ts","sourceRoot":"","sources":["../../src/tools/bashTool.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,UAAU,EAA2B,MAAM,YAAY,CAAC;AAKtE;;GAEG;AACH,eAAO,MAAM,QAAQ,EAAE,UAiUtB,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,cAAc,EAAE,UA+F5B,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,YAAY,EAAE,UA8E1B,CAAC"}
|
package/dist/tools/bashTool.js
CHANGED
|
@@ -1,7 +1,8 @@
|
|
|
1
1
|
import { spawn } from "child_process";
|
|
2
2
|
import { logger } from "../utils/globalLogger.js";
|
|
3
3
|
import { stripAnsiColors } from "../utils/stringUtils.js";
|
|
4
|
-
|
|
4
|
+
const MAX_OUTPUT_LENGTH = 30000;
|
|
5
|
+
const BASH_DEFAULT_TIMEOUT_MS = 120000;
|
|
5
6
|
/**
|
|
6
7
|
* Bash command execution tool - supports both foreground and background execution
|
|
7
8
|
*/
|
|
@@ -11,7 +12,52 @@ export const bashTool = {
|
|
|
11
12
|
type: "function",
|
|
12
13
|
function: {
|
|
13
14
|
name: "Bash",
|
|
14
|
-
description:
|
|
15
|
+
description: `Executes a given bash command in a persistent shell session with optional timeout, ensuring proper handling and security measures.
|
|
16
|
+
|
|
17
|
+
IMPORTANT: This tool is for terminal operations like git, npm, docker, etc. DO NOT use it for file operations (reading, writing, editing, searching, finding files) - use the specialized tools for this instead.
|
|
18
|
+
|
|
19
|
+
Before executing the command, please follow these steps:
|
|
20
|
+
|
|
21
|
+
1. Directory Verification:
|
|
22
|
+
- If the command will create new directories or files, first use \`ls\` to verify the parent directory exists and is the correct location
|
|
23
|
+
- For example, before running "mkdir foo/bar", first use \`ls foo\` to check that "foo" exists and is the intended parent directory
|
|
24
|
+
|
|
25
|
+
2. Command Execution:
|
|
26
|
+
- Always quote file paths that contain spaces with double quotes (e.g., cd "path with spaces/file.txt")
|
|
27
|
+
- Examples of proper quoting:
|
|
28
|
+
- cd "/Users/name/My Documents" (correct)
|
|
29
|
+
- cd /Users/name/My Documents (incorrect - will fail)
|
|
30
|
+
- python "/path/with spaces/script.py" (correct)
|
|
31
|
+
- python /path/with spaces/script.py (incorrect - will fail)
|
|
32
|
+
- After ensuring proper quoting, execute the command.
|
|
33
|
+
- Capture the output of the command.
|
|
34
|
+
|
|
35
|
+
Usage notes:
|
|
36
|
+
- The command argument is required.
|
|
37
|
+
- You can specify an optional timeout in milliseconds (up to ${BASH_DEFAULT_TIMEOUT_MS}ms / ${BASH_DEFAULT_TIMEOUT_MS / 60000} minutes). If not specified, commands will timeout after ${BASH_DEFAULT_TIMEOUT_MS}ms (${BASH_DEFAULT_TIMEOUT_MS / 60000} minutes).
|
|
38
|
+
- It is very helpful if you write a clear, concise description of what this command does in 5-10 words.
|
|
39
|
+
- If the output exceeds ${MAX_OUTPUT_LENGTH} characters, output will be truncated before being returned to you.
|
|
40
|
+
- You can use the \`run_in_background\` parameter to run the command in the background, which allows you to continue working while the command runs. You can monitor the output using the Bash tool as it becomes available. You do not need to use '&' at the end of the command when using this parameter.
|
|
41
|
+
- Avoid using Bash with the \`find\`, \`grep\`, \`cat\`, \`head\`, \`tail\`, \`sed\`, \`awk\`, or \`echo\` commands, unless explicitly instructed or when these commands are truly necessary for the task. Instead, always prefer using the dedicated tools for these commands:
|
|
42
|
+
- File search: Use Glob (NOT find or ls)
|
|
43
|
+
- Content search: Use Grep (NOT grep or rg)
|
|
44
|
+
- Read files: Use Read (NOT cat/head/tail)
|
|
45
|
+
- Edit files: Use Edit (NOT sed/awk)
|
|
46
|
+
- Write files: Use Write (NOT echo >/cat <<EOF)
|
|
47
|
+
- Communication: Output text directly (NOT echo/printf)
|
|
48
|
+
- When issuing multiple commands:
|
|
49
|
+
- If the commands are independent and can run in parallel, make multiple Bash tool calls in a single message. For example, if you need to run "git status" and "git diff", send a single message with two Bash tool calls in parallel.
|
|
50
|
+
- If the commands depend on each other and must run sequentially, use a single Bash call with '&&' to chain them together (e.g., \`git add . && git commit -m "message" && git push\`). For instance, if one operation must complete before another starts (like mkdir before cp, Write before Bash for git operations, or git add before git commit), run these operations sequentially instead.
|
|
51
|
+
- Use ';' only when you need to run commands sequentially but don't care if earlier commands fail
|
|
52
|
+
- DO NOT use newlines to separate commands (newlines are ok in quoted strings)
|
|
53
|
+
- Try to maintain your current working directory throughout the session by using absolute paths and avoiding usage of \`cd\`. You may use \`cd\` if the User explicitly requests it.
|
|
54
|
+
<good-example>
|
|
55
|
+
pytest /foo/bar/tests
|
|
56
|
+
</good-example>
|
|
57
|
+
<bad-example>
|
|
58
|
+
cd /foo/bar && pytest tests
|
|
59
|
+
</bad-example>
|
|
60
|
+
`,
|
|
15
61
|
parameters: {
|
|
16
62
|
type: "object",
|
|
17
63
|
properties: {
|
|
@@ -40,9 +86,9 @@ export const bashTool = {
|
|
|
40
86
|
const command = args.command;
|
|
41
87
|
const runInBackground = args.run_in_background;
|
|
42
88
|
const description = args.description;
|
|
43
|
-
// Set default timeout:
|
|
89
|
+
// Set default timeout: BASH_DEFAULT_TIMEOUT_MS for foreground, no timeout for background
|
|
44
90
|
const timeout = args.timeout ??
|
|
45
|
-
(runInBackground ? undefined :
|
|
91
|
+
(runInBackground ? undefined : BASH_DEFAULT_TIMEOUT_MS);
|
|
46
92
|
if (!command || typeof command !== "string") {
|
|
47
93
|
return {
|
|
48
94
|
success: false,
|
|
@@ -70,6 +116,7 @@ export const bashTool = {
|
|
|
70
116
|
description,
|
|
71
117
|
run_in_background: runInBackground,
|
|
72
118
|
timeout,
|
|
119
|
+
workdir: context.workdir,
|
|
73
120
|
});
|
|
74
121
|
const permissionResult = await context.permissionManager.checkPermission(permissionContext);
|
|
75
122
|
if (permissionResult.behavior === "deny") {
|
|
@@ -202,28 +249,18 @@ export const bashTool = {
|
|
|
202
249
|
}
|
|
203
250
|
const exitCode = code ?? 0;
|
|
204
251
|
const combinedOutput = outputBuffer + (errorBuffer ? "\n" + errorBuffer : "");
|
|
205
|
-
// Handle large output by
|
|
252
|
+
// Handle large output by truncation if needed
|
|
206
253
|
const finalOutput = combinedOutput || `Command executed with exit code: ${exitCode}`;
|
|
207
|
-
|
|
208
|
-
.
|
|
209
|
-
|
|
210
|
-
|
|
211
|
-
|
|
212
|
-
|
|
213
|
-
|
|
214
|
-
|
|
215
|
-
|
|
216
|
-
|
|
217
|
-
})
|
|
218
|
-
.catch((error) => {
|
|
219
|
-
logger.warn(`Error handling large output: ${error}`);
|
|
220
|
-
resolve({
|
|
221
|
-
success: exitCode === 0,
|
|
222
|
-
content: finalOutput,
|
|
223
|
-
error: exitCode !== 0
|
|
224
|
-
? `Command failed with exit code: ${exitCode}`
|
|
225
|
-
: undefined,
|
|
226
|
-
});
|
|
254
|
+
const content = finalOutput.length > MAX_OUTPUT_LENGTH
|
|
255
|
+
? finalOutput.substring(0, MAX_OUTPUT_LENGTH) +
|
|
256
|
+
"\n\n... (output truncated)"
|
|
257
|
+
: finalOutput;
|
|
258
|
+
resolve({
|
|
259
|
+
success: exitCode === 0,
|
|
260
|
+
content,
|
|
261
|
+
error: exitCode !== 0
|
|
262
|
+
? `Command failed with exit code: ${exitCode}`
|
|
263
|
+
: undefined,
|
|
227
264
|
});
|
|
228
265
|
}
|
|
229
266
|
});
|
|
@@ -319,11 +356,13 @@ export const bashOutputTool = {
|
|
|
319
356
|
content += (content ? "\n" : "") + stripAnsiColors(output.stderr);
|
|
320
357
|
}
|
|
321
358
|
const finalContent = content || "No output available";
|
|
322
|
-
const
|
|
359
|
+
const processedContent = finalContent.length > MAX_OUTPUT_LENGTH
|
|
360
|
+
? finalContent.substring(0, MAX_OUTPUT_LENGTH) +
|
|
361
|
+
"\n\n... (output truncated)"
|
|
362
|
+
: finalContent;
|
|
323
363
|
return {
|
|
324
364
|
success: true,
|
|
325
365
|
content: processedContent,
|
|
326
|
-
filePath,
|
|
327
366
|
shortResult: `${bashId}: ${output.status}${shell.exitCode !== undefined ? ` (${shell.exitCode})` : ""}`,
|
|
328
367
|
error: undefined,
|
|
329
368
|
};
|
|
@@ -27,6 +27,10 @@ export interface ToolPermissionContext {
|
|
|
27
27
|
canUseToolCallback?: PermissionCallback;
|
|
28
28
|
/** Tool input parameters for better context */
|
|
29
29
|
toolInput?: Record<string, unknown>;
|
|
30
|
+
/** Suggested prefix for bash commands */
|
|
31
|
+
suggestedPrefix?: string;
|
|
32
|
+
/** Whether to hide the persistent permission option (e.g., "Don't ask again") in the UI */
|
|
33
|
+
hidePersistentOption?: boolean;
|
|
30
34
|
}
|
|
31
35
|
/** List of tools that require permission checks in default mode */
|
|
32
36
|
export declare const RESTRICTED_TOOLS: readonly ["Edit", "MultiEdit", "Delete", "Bash", "Write"];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"permissions.d.ts","sourceRoot":"","sources":["../../src/types/permissions.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,oCAAoC;AACpC,MAAM,MAAM,cAAc,GAAG,SAAS,GAAG,mBAAmB,GAAG,aAAa,CAAC;AAE7E,mCAAmC;AACnC,MAAM,WAAW,kBAAkB;IACjC,6CAA6C;IAC7C,QAAQ,EAAE,OAAO,GAAG,MAAM,CAAC;IAC3B,mEAAmE;IACnE,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,qDAAqD;IACrD,iBAAiB,CAAC,EAAE,cAAc,CAAC;IACnC,2CAA2C;IAC3C,iBAAiB,CAAC,EAAE,MAAM,CAAC;CAC5B;AAED,oDAAoD;AACpD,MAAM,MAAM,kBAAkB,GAAG,CAC/B,OAAO,EAAE,qBAAqB,KAC3B,OAAO,CAAC,kBAAkB,CAAC,CAAC;AAEjC,mDAAmD;AACnD,MAAM,WAAW,qBAAqB;IACpC,sCAAsC;IACtC,QAAQ,EAAE,MAAM,CAAC;IACjB,8BAA8B;IAC9B,cAAc,EAAE,cAAc,CAAC;IAC/B,6CAA6C;IAC7C,kBAAkB,CAAC,EAAE,kBAAkB,CAAC;IACxC,+CAA+C;IAC/C,SAAS,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"permissions.d.ts","sourceRoot":"","sources":["../../src/types/permissions.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,oCAAoC;AACpC,MAAM,MAAM,cAAc,GAAG,SAAS,GAAG,mBAAmB,GAAG,aAAa,CAAC;AAE7E,mCAAmC;AACnC,MAAM,WAAW,kBAAkB;IACjC,6CAA6C;IAC7C,QAAQ,EAAE,OAAO,GAAG,MAAM,CAAC;IAC3B,mEAAmE;IACnE,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,qDAAqD;IACrD,iBAAiB,CAAC,EAAE,cAAc,CAAC;IACnC,2CAA2C;IAC3C,iBAAiB,CAAC,EAAE,MAAM,CAAC;CAC5B;AAED,oDAAoD;AACpD,MAAM,MAAM,kBAAkB,GAAG,CAC/B,OAAO,EAAE,qBAAqB,KAC3B,OAAO,CAAC,kBAAkB,CAAC,CAAC;AAEjC,mDAAmD;AACnD,MAAM,WAAW,qBAAqB;IACpC,sCAAsC;IACtC,QAAQ,EAAE,MAAM,CAAC;IACjB,8BAA8B;IAC9B,cAAc,EAAE,cAAc,CAAC;IAC/B,6CAA6C;IAC7C,kBAAkB,CAAC,EAAE,kBAAkB,CAAC;IACxC,+CAA+C;IAC/C,SAAS,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACpC,yCAAyC;IACzC,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,2FAA2F;IAC3F,oBAAoB,CAAC,EAAE,OAAO,CAAC;CAChC;AAED,mEAAmE;AACnE,eAAO,MAAM,gBAAgB,2DAMnB,CAAC;AAEX,qCAAqC;AACrC,MAAM,MAAM,cAAc,GAAG,CAAC,OAAO,gBAAgB,CAAC,CAAC,MAAM,CAAC,CAAC"}
|
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Splits a complex bash command into individual simple commands by shell operators (&&, ||, ;, |, &).
|
|
3
|
+
* Correctly handles quotes, escaped characters, and subshells.
|
|
4
|
+
*/
|
|
5
|
+
export declare function splitBashCommand(command: string): string[];
|
|
6
|
+
/**
|
|
7
|
+
* Removes inline environment variable assignments (e.g., VAR=val cmd -> cmd).
|
|
8
|
+
*/
|
|
9
|
+
export declare function stripEnvVars(command: string): string;
|
|
10
|
+
/**
|
|
11
|
+
* Removes redirections (e.g., echo "data" > output.txt -> echo "data").
|
|
12
|
+
*/
|
|
13
|
+
export declare function stripRedirections(command: string): string;
|
|
14
|
+
/**
|
|
15
|
+
* Blacklist of dangerous commands that should not be safely prefix-matched
|
|
16
|
+
* and should not have persistent permissions.
|
|
17
|
+
*/
|
|
18
|
+
export declare const DANGEROUS_COMMANDS: string[];
|
|
19
|
+
/**
|
|
20
|
+
* Extracts a "smart prefix" from a bash command based on common developer tools.
|
|
21
|
+
* Returns null if the command is blacklisted or cannot be safely prefix-matched.
|
|
22
|
+
*/
|
|
23
|
+
export declare function getSmartPrefix(command: string): string | null;
|
|
24
|
+
//# sourceMappingURL=bashParser.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"bashParser.d.ts","sourceRoot":"","sources":["../../src/utils/bashParser.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,wBAAgB,gBAAgB,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,EAAE,CA8G1D;AAED;;GAEG;AACH,wBAAgB,YAAY,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CA2CpD;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAuHzD;AAED;;;GAGG;AACH,eAAO,MAAM,kBAAkB,UAa9B,CAAC;AAEF;;;GAGG;AACH,wBAAgB,cAAc,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAoI7D"}
|