xiaotime 0.2.1 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/__tests__/approval_menu.test.d.ts +15 -0
- package/dist/__tests__/approval_menu.test.d.ts.map +1 -0
- package/dist/__tests__/approval_menu.test.js +107 -0
- package/dist/__tests__/approval_menu.test.js.map +1 -0
- package/dist/__tests__/server_tool_render.test.d.ts +17 -0
- package/dist/__tests__/server_tool_render.test.d.ts.map +1 -0
- package/dist/__tests__/server_tool_render.test.js +74 -0
- package/dist/__tests__/server_tool_render.test.js.map +1 -0
- package/dist/__tests__/settings.test.d.ts +16 -0
- package/dist/__tests__/settings.test.d.ts.map +1 -0
- package/dist/__tests__/settings.test.js +289 -0
- package/dist/__tests__/settings.test.js.map +1 -0
- package/dist/__tests__/tools.test.d.ts +17 -0
- package/dist/__tests__/tools.test.d.ts.map +1 -0
- package/dist/__tests__/tools.test.js +381 -0
- package/dist/__tests__/tools.test.js.map +1 -0
- package/dist/display.d.ts +19 -0
- package/dist/display.d.ts.map +1 -1
- package/dist/display.js +23 -0
- package/dist/display.js.map +1 -1
- package/dist/settings.d.ts +109 -0
- package/dist/settings.d.ts.map +1 -0
- package/dist/settings.js +332 -0
- package/dist/settings.js.map +1 -0
- package/dist/tools.d.ts +11 -3
- package/dist/tools.d.ts.map +1 -1
- package/dist/tools.js +96 -33
- package/dist/tools.js.map +1 -1
- package/dist/ui_state.d.ts +134 -0
- package/dist/ui_state.d.ts.map +1 -0
- package/dist/ui_state.js +460 -0
- package/dist/ui_state.js.map +1 -0
- package/dist/ws.d.ts +5 -0
- package/dist/ws.d.ts.map +1 -1
- package/dist/ws.js +99 -66
- package/dist/ws.js.map +1 -1
- package/package.json +5 -2
|
@@ -0,0 +1,381 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* Tool-execution surface tests.
|
|
4
|
+
*
|
|
5
|
+
* SPRINT-CLI-APPROVAL-MENU-1 (#6509):
|
|
6
|
+
* - PR1: ISC-6509-006 (read-only tools never prompt)
|
|
7
|
+
* + write_file approval integration (#6532 CR-r1)
|
|
8
|
+
* - PR2: ISC-6509-004 (allowlist match skips promptApprovalMenu +
|
|
9
|
+
* auto-approved suffix)
|
|
10
|
+
* + option-2 selection writes the derived pattern to
|
|
11
|
+
* ~/.xiaotime/settings.json
|
|
12
|
+
*
|
|
13
|
+
* Tests redirect XIAOTIME_SETTINGS_PATH to a per-test tmpdir so
|
|
14
|
+
* the user's real ~/.xiaotime/settings.json is never read or
|
|
15
|
+
* written.
|
|
16
|
+
*/
|
|
17
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
18
|
+
if (k2 === undefined) k2 = k;
|
|
19
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
20
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
21
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
22
|
+
}
|
|
23
|
+
Object.defineProperty(o, k2, desc);
|
|
24
|
+
}) : (function(o, m, k, k2) {
|
|
25
|
+
if (k2 === undefined) k2 = k;
|
|
26
|
+
o[k2] = m[k];
|
|
27
|
+
}));
|
|
28
|
+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
29
|
+
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
30
|
+
}) : function(o, v) {
|
|
31
|
+
o["default"] = v;
|
|
32
|
+
});
|
|
33
|
+
var __importStar = (this && this.__importStar) || (function () {
|
|
34
|
+
var ownKeys = function(o) {
|
|
35
|
+
ownKeys = Object.getOwnPropertyNames || function (o) {
|
|
36
|
+
var ar = [];
|
|
37
|
+
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
|
|
38
|
+
return ar;
|
|
39
|
+
};
|
|
40
|
+
return ownKeys(o);
|
|
41
|
+
};
|
|
42
|
+
return function (mod) {
|
|
43
|
+
if (mod && mod.__esModule) return mod;
|
|
44
|
+
var result = {};
|
|
45
|
+
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
|
|
46
|
+
__setModuleDefault(result, mod);
|
|
47
|
+
return result;
|
|
48
|
+
};
|
|
49
|
+
})();
|
|
50
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
51
|
+
const vitest_1 = require("vitest");
|
|
52
|
+
const fs = __importStar(require("fs"));
|
|
53
|
+
const path = __importStar(require("path"));
|
|
54
|
+
const os = __importStar(require("os"));
|
|
55
|
+
const tools_js_1 = require("../tools.js");
|
|
56
|
+
const ui_state_js_1 = require("../ui_state.js");
|
|
57
|
+
const settings_js_1 = require("../settings.js");
|
|
58
|
+
let tmpDir;
|
|
59
|
+
let settingsPath;
|
|
60
|
+
let origSettingsEnv;
|
|
61
|
+
(0, vitest_1.beforeEach)(() => {
|
|
62
|
+
tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), "xiaotime-tools-test-"));
|
|
63
|
+
(0, tools_js_1.setSessionCwd)(tmpDir);
|
|
64
|
+
// Redirect allowlist to a tmpfile so we never read or write the
|
|
65
|
+
// user's real ~/.xiaotime/settings.json.
|
|
66
|
+
settingsPath = path.join(tmpDir, ".xiaotime-test-settings.json");
|
|
67
|
+
origSettingsEnv = process.env.XIAOTIME_SETTINGS_PATH;
|
|
68
|
+
process.env.XIAOTIME_SETTINGS_PATH = settingsPath;
|
|
69
|
+
vitest_1.vi.spyOn(process.stdout, "write").mockImplementation(() => true);
|
|
70
|
+
vitest_1.vi.spyOn(console, "log").mockImplementation(() => { });
|
|
71
|
+
vitest_1.vi.spyOn(console, "error").mockImplementation(() => { });
|
|
72
|
+
});
|
|
73
|
+
(0, vitest_1.afterEach)(() => {
|
|
74
|
+
if (origSettingsEnv === undefined) {
|
|
75
|
+
delete process.env.XIAOTIME_SETTINGS_PATH;
|
|
76
|
+
}
|
|
77
|
+
else {
|
|
78
|
+
process.env.XIAOTIME_SETTINGS_PATH = origSettingsEnv;
|
|
79
|
+
}
|
|
80
|
+
vitest_1.vi.restoreAllMocks();
|
|
81
|
+
fs.rmSync(tmpDir, { recursive: true, force: true });
|
|
82
|
+
});
|
|
83
|
+
(0, vitest_1.describe)("read-only tools never prompt (ISC-6509-006)", () => {
|
|
84
|
+
(0, vitest_1.test)("read_file does not call promptApprovalMenu", async () => {
|
|
85
|
+
const filePath = path.join(tmpDir, "sample.txt");
|
|
86
|
+
fs.writeFileSync(filePath, "line one\nline two\nline three\n");
|
|
87
|
+
const ui = new ui_state_js_1.SessionUI();
|
|
88
|
+
const spy = vitest_1.vi.spyOn(ui, "promptApprovalMenu");
|
|
89
|
+
try {
|
|
90
|
+
const result = await (0, tools_js_1.executeTool)({
|
|
91
|
+
tool_use_id: "test-1",
|
|
92
|
+
name: "read_file",
|
|
93
|
+
input: { path: filePath },
|
|
94
|
+
}, ui);
|
|
95
|
+
(0, vitest_1.expect)(result.is_error).toBe(false);
|
|
96
|
+
(0, vitest_1.expect)(result.content).toContain("line one");
|
|
97
|
+
(0, vitest_1.expect)(spy).not.toHaveBeenCalled();
|
|
98
|
+
}
|
|
99
|
+
finally {
|
|
100
|
+
ui.getRl().close();
|
|
101
|
+
}
|
|
102
|
+
});
|
|
103
|
+
(0, vitest_1.test)("list_directory does not call promptApprovalMenu", async () => {
|
|
104
|
+
fs.writeFileSync(path.join(tmpDir, "a.txt"), "a");
|
|
105
|
+
fs.writeFileSync(path.join(tmpDir, "b.txt"), "b");
|
|
106
|
+
const ui = new ui_state_js_1.SessionUI();
|
|
107
|
+
const spy = vitest_1.vi.spyOn(ui, "promptApprovalMenu");
|
|
108
|
+
try {
|
|
109
|
+
const result = await (0, tools_js_1.executeTool)({
|
|
110
|
+
tool_use_id: "test-2",
|
|
111
|
+
name: "list_directory",
|
|
112
|
+
input: { path: tmpDir },
|
|
113
|
+
}, ui);
|
|
114
|
+
(0, vitest_1.expect)(result.is_error).toBe(false);
|
|
115
|
+
(0, vitest_1.expect)(result.content).toContain("a.txt");
|
|
116
|
+
(0, vitest_1.expect)(result.content).toContain("b.txt");
|
|
117
|
+
(0, vitest_1.expect)(spy).not.toHaveBeenCalled();
|
|
118
|
+
}
|
|
119
|
+
finally {
|
|
120
|
+
ui.getRl().close();
|
|
121
|
+
}
|
|
122
|
+
});
|
|
123
|
+
});
|
|
124
|
+
(0, vitest_1.describe)("write_file approval integration (#6532 CR-r1)", () => {
|
|
125
|
+
(0, vitest_1.test)("rejection returns 'Rejected by user: <reason>' and does NOT write", async () => {
|
|
126
|
+
const target = path.join(tmpDir, "should-not-exist.txt");
|
|
127
|
+
const ui = new ui_state_js_1.SessionUI();
|
|
128
|
+
vitest_1.vi.spyOn(ui, "promptApprovalMenu").mockResolvedValue({
|
|
129
|
+
approved: false,
|
|
130
|
+
rejectReason: "I don't want this written",
|
|
131
|
+
});
|
|
132
|
+
try {
|
|
133
|
+
const result = await (0, tools_js_1.executeTool)({
|
|
134
|
+
tool_use_id: "t-reject-1",
|
|
135
|
+
name: "write_file",
|
|
136
|
+
input: { path: target, content: "should never land" },
|
|
137
|
+
}, ui);
|
|
138
|
+
(0, vitest_1.expect)(result.is_error).toBe(false);
|
|
139
|
+
(0, vitest_1.expect)(result.content).toBe("Rejected by user: I don't want this written");
|
|
140
|
+
(0, vitest_1.expect)(fs.existsSync(target)).toBe(false);
|
|
141
|
+
}
|
|
142
|
+
finally {
|
|
143
|
+
ui.getRl().close();
|
|
144
|
+
}
|
|
145
|
+
});
|
|
146
|
+
(0, vitest_1.test)("rejection with empty reason returns 'Rejected by user.'", async () => {
|
|
147
|
+
const target = path.join(tmpDir, "empty-reason.txt");
|
|
148
|
+
const ui = new ui_state_js_1.SessionUI();
|
|
149
|
+
vitest_1.vi.spyOn(ui, "promptApprovalMenu").mockResolvedValue({
|
|
150
|
+
approved: false,
|
|
151
|
+
rejectReason: "",
|
|
152
|
+
});
|
|
153
|
+
try {
|
|
154
|
+
const result = await (0, tools_js_1.executeTool)({
|
|
155
|
+
tool_use_id: "t-reject-2",
|
|
156
|
+
name: "write_file",
|
|
157
|
+
input: { path: target, content: "x" },
|
|
158
|
+
}, ui);
|
|
159
|
+
(0, vitest_1.expect)(result.content).toBe("Rejected by user.");
|
|
160
|
+
(0, vitest_1.expect)(fs.existsSync(target)).toBe(false);
|
|
161
|
+
}
|
|
162
|
+
finally {
|
|
163
|
+
ui.getRl().close();
|
|
164
|
+
}
|
|
165
|
+
});
|
|
166
|
+
(0, vitest_1.test)("approval writes the file and returns 'File written: <path>'", async () => {
|
|
167
|
+
const target = path.join(tmpDir, "approved.txt");
|
|
168
|
+
const ui = new ui_state_js_1.SessionUI();
|
|
169
|
+
vitest_1.vi.spyOn(ui, "promptApprovalMenu").mockResolvedValue({
|
|
170
|
+
approved: true,
|
|
171
|
+
allowlistRequested: false,
|
|
172
|
+
});
|
|
173
|
+
try {
|
|
174
|
+
const result = await (0, tools_js_1.executeTool)({
|
|
175
|
+
tool_use_id: "t-approve-1",
|
|
176
|
+
name: "write_file",
|
|
177
|
+
input: { path: target, content: "content here" },
|
|
178
|
+
}, ui);
|
|
179
|
+
(0, vitest_1.expect)(result.is_error).toBe(false);
|
|
180
|
+
(0, vitest_1.expect)(result.content).toBe(`File written: ${target}`);
|
|
181
|
+
(0, vitest_1.expect)(fs.readFileSync(target, "utf-8")).toBe("content here");
|
|
182
|
+
}
|
|
183
|
+
finally {
|
|
184
|
+
ui.getRl().close();
|
|
185
|
+
}
|
|
186
|
+
});
|
|
187
|
+
});
|
|
188
|
+
(0, vitest_1.describe)("allowlist persistence on option-2 selection (ISC-6509-003)", () => {
|
|
189
|
+
(0, vitest_1.test)("write_file: allowlistRequested=true persists derived pattern", async () => {
|
|
190
|
+
const target = path.join(tmpDir, "nested", "deep", "approved.txt");
|
|
191
|
+
const ui = new ui_state_js_1.SessionUI();
|
|
192
|
+
vitest_1.vi.spyOn(ui, "promptApprovalMenu").mockResolvedValue({
|
|
193
|
+
approved: true,
|
|
194
|
+
allowlistRequested: true,
|
|
195
|
+
});
|
|
196
|
+
try {
|
|
197
|
+
await (0, tools_js_1.executeTool)({
|
|
198
|
+
tool_use_id: "t-allowlist-1",
|
|
199
|
+
name: "write_file",
|
|
200
|
+
input: { path: target, content: "x" },
|
|
201
|
+
}, ui);
|
|
202
|
+
const loaded = (0, settings_js_1.loadAllowlist)();
|
|
203
|
+
(0, vitest_1.expect)(loaded).toHaveLength(1);
|
|
204
|
+
(0, vitest_1.expect)(loaded[0]).toMatchObject({
|
|
205
|
+
tool: "write_file",
|
|
206
|
+
pattern: `${path.dirname(target)}/**`,
|
|
207
|
+
});
|
|
208
|
+
}
|
|
209
|
+
finally {
|
|
210
|
+
ui.getRl().close();
|
|
211
|
+
}
|
|
212
|
+
});
|
|
213
|
+
(0, vitest_1.test)("shell_command: allowlistRequested=true persists 'echo hello' for 'echo hello world'", async () => {
|
|
214
|
+
// Real `echo` command — benign, no side effects, exits 0
|
|
215
|
+
// immediately. Avoids needing to mock child_process.execSync
|
|
216
|
+
// (which is hard to redefine on an ESM module namespace).
|
|
217
|
+
const ui = new ui_state_js_1.SessionUI();
|
|
218
|
+
vitest_1.vi.spyOn(ui, "promptApprovalMenu").mockResolvedValue({
|
|
219
|
+
approved: true,
|
|
220
|
+
allowlistRequested: true,
|
|
221
|
+
});
|
|
222
|
+
try {
|
|
223
|
+
await (0, tools_js_1.executeTool)({
|
|
224
|
+
tool_use_id: "t-allowlist-2",
|
|
225
|
+
name: "shell_command",
|
|
226
|
+
input: { command: "echo hello world" },
|
|
227
|
+
}, ui);
|
|
228
|
+
const loaded = (0, settings_js_1.loadAllowlist)();
|
|
229
|
+
(0, vitest_1.expect)(loaded).toHaveLength(1);
|
|
230
|
+
(0, vitest_1.expect)(loaded[0]).toMatchObject({
|
|
231
|
+
tool: "shell_command",
|
|
232
|
+
pattern: "echo hello",
|
|
233
|
+
});
|
|
234
|
+
}
|
|
235
|
+
finally {
|
|
236
|
+
ui.getRl().close();
|
|
237
|
+
}
|
|
238
|
+
});
|
|
239
|
+
(0, vitest_1.test)("appendAllowlist failure does NOT abort the tool run (#6538 CR-r1)", async () => {
|
|
240
|
+
// Force the settings file to be unwritable by pointing
|
|
241
|
+
// XIAOTIME_SETTINGS_PATH at a non-existent directory under a
|
|
242
|
+
// read-only parent. The tool was already approved; persist
|
|
243
|
+
// failure should log to stderr and let the tool execute.
|
|
244
|
+
const readOnlyDir = path.join(tmpDir, "read-only");
|
|
245
|
+
fs.mkdirSync(readOnlyDir);
|
|
246
|
+
fs.chmodSync(readOnlyDir, 0o400); // r--
|
|
247
|
+
process.env.XIAOTIME_SETTINGS_PATH = path.join(readOnlyDir, "child", "settings.json");
|
|
248
|
+
const stderrSpy = vitest_1.vi
|
|
249
|
+
.spyOn(process.stderr, "write")
|
|
250
|
+
.mockImplementation(() => true);
|
|
251
|
+
const target = path.join(tmpDir, "still-written.txt");
|
|
252
|
+
const ui = new ui_state_js_1.SessionUI();
|
|
253
|
+
vitest_1.vi.spyOn(ui, "promptApprovalMenu").mockResolvedValue({
|
|
254
|
+
approved: true,
|
|
255
|
+
allowlistRequested: true,
|
|
256
|
+
});
|
|
257
|
+
try {
|
|
258
|
+
const result = await (0, tools_js_1.executeTool)({
|
|
259
|
+
tool_use_id: "t-persist-fail",
|
|
260
|
+
name: "write_file",
|
|
261
|
+
input: { path: target, content: "should still land" },
|
|
262
|
+
}, ui);
|
|
263
|
+
// Tool ran despite persist failure.
|
|
264
|
+
(0, vitest_1.expect)(result.is_error).toBe(false);
|
|
265
|
+
(0, vitest_1.expect)(fs.readFileSync(target, "utf-8")).toBe("should still land");
|
|
266
|
+
// Stderr received the failure warning.
|
|
267
|
+
const stderrCalls = stderrSpy.mock.calls
|
|
268
|
+
.map((c) => String(c[0]))
|
|
269
|
+
.join("");
|
|
270
|
+
(0, vitest_1.expect)(stderrCalls).toContain("failed to persist allowlist");
|
|
271
|
+
}
|
|
272
|
+
finally {
|
|
273
|
+
ui.getRl().close();
|
|
274
|
+
// Restore mode so cleanup can rm -rf.
|
|
275
|
+
fs.chmodSync(readOnlyDir, 0o700);
|
|
276
|
+
}
|
|
277
|
+
});
|
|
278
|
+
(0, vitest_1.test)("allowlistRequested=false does NOT persist", async () => {
|
|
279
|
+
const target = path.join(tmpDir, "no-persist.txt");
|
|
280
|
+
const ui = new ui_state_js_1.SessionUI();
|
|
281
|
+
vitest_1.vi.spyOn(ui, "promptApprovalMenu").mockResolvedValue({
|
|
282
|
+
approved: true,
|
|
283
|
+
allowlistRequested: false,
|
|
284
|
+
});
|
|
285
|
+
try {
|
|
286
|
+
await (0, tools_js_1.executeTool)({
|
|
287
|
+
tool_use_id: "t-no-persist",
|
|
288
|
+
name: "write_file",
|
|
289
|
+
input: { path: target, content: "x" },
|
|
290
|
+
}, ui);
|
|
291
|
+
(0, vitest_1.expect)((0, settings_js_1.loadAllowlist)()).toEqual([]);
|
|
292
|
+
(0, vitest_1.expect)(fs.existsSync(settingsPath)).toBe(false);
|
|
293
|
+
}
|
|
294
|
+
finally {
|
|
295
|
+
ui.getRl().close();
|
|
296
|
+
}
|
|
297
|
+
});
|
|
298
|
+
});
|
|
299
|
+
(0, vitest_1.describe)("allowlist match skips promptApprovalMenu (ISC-6509-004)", () => {
|
|
300
|
+
(0, vitest_1.test)("write_file: matching dir glob skips menu + writes file", async () => {
|
|
301
|
+
// Pre-seed the allowlist with a write_file dir-glob entry.
|
|
302
|
+
(0, settings_js_1.appendAllowlist)({
|
|
303
|
+
tool: "write_file",
|
|
304
|
+
pattern: `${tmpDir}/**`,
|
|
305
|
+
});
|
|
306
|
+
const target = path.join(tmpDir, "auto-approved.txt");
|
|
307
|
+
const ui = new ui_state_js_1.SessionUI();
|
|
308
|
+
const spy = vitest_1.vi.spyOn(ui, "promptApprovalMenu");
|
|
309
|
+
try {
|
|
310
|
+
const result = await (0, tools_js_1.executeTool)({
|
|
311
|
+
tool_use_id: "t-skip-1",
|
|
312
|
+
name: "write_file",
|
|
313
|
+
input: { path: target, content: "via allowlist" },
|
|
314
|
+
}, ui);
|
|
315
|
+
(0, vitest_1.expect)(result.is_error).toBe(false);
|
|
316
|
+
(0, vitest_1.expect)(result.content).toBe(`File written: ${target}`);
|
|
317
|
+
(0, vitest_1.expect)(fs.readFileSync(target, "utf-8")).toBe("via allowlist");
|
|
318
|
+
(0, vitest_1.expect)(spy).not.toHaveBeenCalled();
|
|
319
|
+
}
|
|
320
|
+
finally {
|
|
321
|
+
ui.getRl().close();
|
|
322
|
+
}
|
|
323
|
+
});
|
|
324
|
+
(0, vitest_1.test)("shell_command: matching derived pattern skips menu + runs", async () => {
|
|
325
|
+
(0, settings_js_1.appendAllowlist)({
|
|
326
|
+
tool: "shell_command",
|
|
327
|
+
pattern: "echo hello",
|
|
328
|
+
});
|
|
329
|
+
const ui = new ui_state_js_1.SessionUI();
|
|
330
|
+
const spy = vitest_1.vi.spyOn(ui, "promptApprovalMenu");
|
|
331
|
+
try {
|
|
332
|
+
const result = await (0, tools_js_1.executeTool)({
|
|
333
|
+
tool_use_id: "t-skip-2",
|
|
334
|
+
name: "shell_command",
|
|
335
|
+
input: { command: "echo hello world" },
|
|
336
|
+
}, ui);
|
|
337
|
+
(0, vitest_1.expect)(result.is_error).toBe(false);
|
|
338
|
+
(0, vitest_1.expect)(result.content).toBe("hello world\n");
|
|
339
|
+
(0, vitest_1.expect)(spy).not.toHaveBeenCalled();
|
|
340
|
+
}
|
|
341
|
+
finally {
|
|
342
|
+
ui.getRl().close();
|
|
343
|
+
}
|
|
344
|
+
});
|
|
345
|
+
// NOTE: git_commit auto-approve happy-path is covered by the
|
|
346
|
+
// PR-body manual walkthrough (requires a real git repo with staged
|
|
347
|
+
// changes; setting that up in a vitest fixture is heavier than the
|
|
348
|
+
// marginal coverage gain). The skip-menu invariant is exercised
|
|
349
|
+
// here via shell_command + write_file; git_commit shares the
|
|
350
|
+
// _gateApproval helper one switch case over.
|
|
351
|
+
(0, vitest_1.test)("non-matching allowlist entry → menu IS called", async () => {
|
|
352
|
+
// Allowlist has a write_file entry for a DIFFERENT dir; shouldn't
|
|
353
|
+
// authorize a write to tmpDir.
|
|
354
|
+
(0, settings_js_1.appendAllowlist)({
|
|
355
|
+
tool: "write_file",
|
|
356
|
+
pattern: "/some/other/**",
|
|
357
|
+
});
|
|
358
|
+
const target = path.join(tmpDir, "needs-prompt.txt");
|
|
359
|
+
const ui = new ui_state_js_1.SessionUI();
|
|
360
|
+
vitest_1.vi.spyOn(ui, "promptApprovalMenu").mockResolvedValue({
|
|
361
|
+
approved: true,
|
|
362
|
+
allowlistRequested: false,
|
|
363
|
+
});
|
|
364
|
+
try {
|
|
365
|
+
const result = await (0, tools_js_1.executeTool)({
|
|
366
|
+
tool_use_id: "t-skip-4",
|
|
367
|
+
name: "write_file",
|
|
368
|
+
input: { path: target, content: "x" },
|
|
369
|
+
}, ui);
|
|
370
|
+
(0, vitest_1.expect)(result.is_error).toBe(false);
|
|
371
|
+
(0, vitest_1.expect)(fs.readFileSync(target, "utf-8")).toBe("x");
|
|
372
|
+
// The mocked promptApprovalMenu WAS called, confirming the
|
|
373
|
+
// non-matching allowlist didn't authorize.
|
|
374
|
+
(0, vitest_1.expect)(ui.promptApprovalMenu).toHaveBeenCalledTimes(1);
|
|
375
|
+
}
|
|
376
|
+
finally {
|
|
377
|
+
ui.getRl().close();
|
|
378
|
+
}
|
|
379
|
+
});
|
|
380
|
+
});
|
|
381
|
+
//# sourceMappingURL=tools.test.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"tools.test.js","sourceRoot":"","sources":["../../src/__tests__/tools.test.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;GAcG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,mCAA2E;AAC3E,uCAAyB;AACzB,2CAA6B;AAC7B,uCAAyB;AACzB,0CAAyD;AACzD,gDAA2C;AAC3C,gDAAgE;AAEhE,IAAI,MAAc,CAAC;AACnB,IAAI,YAAoB,CAAC;AACzB,IAAI,eAAmC,CAAC;AAExC,IAAA,mBAAU,EAAC,GAAG,EAAE;IACd,MAAM,GAAG,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,MAAM,EAAE,EAAE,sBAAsB,CAAC,CAAC,CAAC;IACxE,IAAA,wBAAa,EAAC,MAAM,CAAC,CAAC;IACtB,gEAAgE;IAChE,yCAAyC;IACzC,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,8BAA8B,CAAC,CAAC;IACjE,eAAe,GAAG,OAAO,CAAC,GAAG,CAAC,sBAAsB,CAAC;IACrD,OAAO,CAAC,GAAG,CAAC,sBAAsB,GAAG,YAAY,CAAC;IAClD,WAAE,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,kBAAkB,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC;IACjE,WAAE,CAAC,KAAK,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC,kBAAkB,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;IACtD,WAAE,CAAC,KAAK,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,kBAAkB,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;AAC1D,CAAC,CAAC,CAAC;AAEH,IAAA,kBAAS,EAAC,GAAG,EAAE;IACb,IAAI,eAAe,KAAK,SAAS,EAAE,CAAC;QAClC,OAAO,OAAO,CAAC,GAAG,CAAC,sBAAsB,CAAC;IAC5C,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,GAAG,CAAC,sBAAsB,GAAG,eAAe,CAAC;IACvD,CAAC;IACD,WAAE,CAAC,eAAe,EAAE,CAAC;IACrB,EAAE,CAAC,MAAM,CAAC,MAAM,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;AACtD,CAAC,CAAC,CAAC;AAEH,IAAA,iBAAQ,EAAC,6CAA6C,EAAE,GAAG,EAAE;IAC3D,IAAA,aAAI,EAAC,4CAA4C,EAAE,KAAK,IAAI,EAAE;QAC5D,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,YAAY,CAAC,CAAC;QACjD,EAAE,CAAC,aAAa,CAAC,QAAQ,EAAE,kCAAkC,CAAC,CAAC;QAE/D,MAAM,EAAE,GAAG,IAAI,uBAAS,EAAE,CAAC;QAC3B,MAAM,GAAG,GAAG,WAAE,CAAC,KAAK,CAAC,EAAE,EAAE,oBAAoB,CAAC,CAAC;QAC/C,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,IAAA,sBAAW,EAC9B;gBACE,WAAW,EAAE,QAAQ;gBACrB,IAAI,EAAE,WAAW;gBACjB,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;aAC1B,EACD,EAAE,CACH,CAAC;YACF,IAAA,eAAM,EAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YACpC,IAAA,eAAM,EAAC,MAAM,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;YAC7C,IAAA,eAAM,EAAC,GAAG,CAAC,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAC;QACrC,CAAC;gBAAS,CAAC;YACT,EAAE,CAAC,KAAK,EAAE,CAAC,KAAK,EAAE,CAAC;QACrB,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,IAAA,aAAI,EAAC,iDAAiD,EAAE,KAAK,IAAI,EAAE;QACjE,EAAE,CAAC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,GAAG,CAAC,CAAC;QAClD,EAAE,CAAC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,GAAG,CAAC,CAAC;QAElD,MAAM,EAAE,GAAG,IAAI,uBAAS,EAAE,CAAC;QAC3B,MAAM,GAAG,GAAG,WAAE,CAAC,KAAK,CAAC,EAAE,EAAE,oBAAoB,CAAC,CAAC;QAC/C,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,IAAA,sBAAW,EAC9B;gBACE,WAAW,EAAE,QAAQ;gBACrB,IAAI,EAAE,gBAAgB;gBACtB,KAAK,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE;aACxB,EACD,EAAE,CACH,CAAC;YACF,IAAA,eAAM,EAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YACpC,IAAA,eAAM,EAAC,MAAM,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;YAC1C,IAAA,eAAM,EAAC,MAAM,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;YAC1C,IAAA,eAAM,EAAC,GAAG,CAAC,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAC;QACrC,CAAC;gBAAS,CAAC;YACT,EAAE,CAAC,KAAK,EAAE,CAAC,KAAK,EAAE,CAAC;QACrB,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,IAAA,iBAAQ,EAAC,+CAA+C,EAAE,GAAG,EAAE;IAC7D,IAAA,aAAI,EAAC,mEAAmE,EAAE,KAAK,IAAI,EAAE;QACnF,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,sBAAsB,CAAC,CAAC;QACzD,MAAM,EAAE,GAAG,IAAI,uBAAS,EAAE,CAAC;QAC3B,WAAE,CAAC,KAAK,CAAC,EAAE,EAAE,oBAAoB,CAAC,CAAC,iBAAiB,CAAC;YACnD,QAAQ,EAAE,KAAK;YACf,YAAY,EAAE,2BAA2B;SAC1C,CAAC,CAAC;QACH,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,IAAA,sBAAW,EAC9B;gBACE,WAAW,EAAE,YAAY;gBACzB,IAAI,EAAE,YAAY;gBAClB,KAAK,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,mBAAmB,EAAE;aACtD,EACD,EAAE,CACH,CAAC;YACF,IAAA,eAAM,EAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YACpC,IAAA,eAAM,EAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CACzB,6CAA6C,CAC9C,CAAC;YACF,IAAA,eAAM,EAAC,EAAE,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC5C,CAAC;gBAAS,CAAC;YACT,EAAE,CAAC,KAAK,EAAE,CAAC,KAAK,EAAE,CAAC;QACrB,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,IAAA,aAAI,EAAC,yDAAyD,EAAE,KAAK,IAAI,EAAE;QACzE,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,kBAAkB,CAAC,CAAC;QACrD,MAAM,EAAE,GAAG,IAAI,uBAAS,EAAE,CAAC;QAC3B,WAAE,CAAC,KAAK,CAAC,EAAE,EAAE,oBAAoB,CAAC,CAAC,iBAAiB,CAAC;YACnD,QAAQ,EAAE,KAAK;YACf,YAAY,EAAE,EAAE;SACjB,CAAC,CAAC;QACH,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,IAAA,sBAAW,EAC9B;gBACE,WAAW,EAAE,YAAY;gBACzB,IAAI,EAAE,YAAY;gBAClB,KAAK,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,EAAE;aACtC,EACD,EAAE,CACH,CAAC;YACF,IAAA,eAAM,EAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;YACjD,IAAA,eAAM,EAAC,EAAE,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC5C,CAAC;gBAAS,CAAC;YACT,EAAE,CAAC,KAAK,EAAE,CAAC,KAAK,EAAE,CAAC;QACrB,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,IAAA,aAAI,EAAC,6DAA6D,EAAE,KAAK,IAAI,EAAE;QAC7E,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC;QACjD,MAAM,EAAE,GAAG,IAAI,uBAAS,EAAE,CAAC;QAC3B,WAAE,CAAC,KAAK,CAAC,EAAE,EAAE,oBAAoB,CAAC,CAAC,iBAAiB,CAAC;YACnD,QAAQ,EAAE,IAAI;YACd,kBAAkB,EAAE,KAAK;SAC1B,CAAC,CAAC;QACH,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,IAAA,sBAAW,EAC9B;gBACE,WAAW,EAAE,aAAa;gBAC1B,IAAI,EAAE,YAAY;gBAClB,KAAK,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,cAAc,EAAE;aACjD,EACD,EAAE,CACH,CAAC;YACF,IAAA,eAAM,EAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YACpC,IAAA,eAAM,EAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,iBAAiB,MAAM,EAAE,CAAC,CAAC;YACvD,IAAA,eAAM,EAAC,EAAE,CAAC,YAAY,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QAChE,CAAC;gBAAS,CAAC;YACT,EAAE,CAAC,KAAK,EAAE,CAAC,KAAK,EAAE,CAAC;QACrB,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,IAAA,iBAAQ,EAAC,4DAA4D,EAAE,GAAG,EAAE;IAC1E,IAAA,aAAI,EAAC,8DAA8D,EAAE,KAAK,IAAI,EAAE;QAC9E,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,cAAc,CAAC,CAAC;QACnE,MAAM,EAAE,GAAG,IAAI,uBAAS,EAAE,CAAC;QAC3B,WAAE,CAAC,KAAK,CAAC,EAAE,EAAE,oBAAoB,CAAC,CAAC,iBAAiB,CAAC;YACnD,QAAQ,EAAE,IAAI;YACd,kBAAkB,EAAE,IAAI;SACzB,CAAC,CAAC;QACH,IAAI,CAAC;YACH,MAAM,IAAA,sBAAW,EACf;gBACE,WAAW,EAAE,eAAe;gBAC5B,IAAI,EAAE,YAAY;gBAClB,KAAK,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,EAAE;aACtC,EACD,EAAE,CACH,CAAC;YACF,MAAM,MAAM,GAAG,IAAA,2BAAa,GAAE,CAAC;YAC/B,IAAA,eAAM,EAAC,MAAM,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;YAC/B,IAAA,eAAM,EAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC;gBAC9B,IAAI,EAAE,YAAY;gBAClB,OAAO,EAAE,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK;aACtC,CAAC,CAAC;QACL,CAAC;gBAAS,CAAC;YACT,EAAE,CAAC,KAAK,EAAE,CAAC,KAAK,EAAE,CAAC;QACrB,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,IAAA,aAAI,EAAC,qFAAqF,EAAE,KAAK,IAAI,EAAE;QACrG,yDAAyD;QACzD,6DAA6D;QAC7D,0DAA0D;QAC1D,MAAM,EAAE,GAAG,IAAI,uBAAS,EAAE,CAAC;QAC3B,WAAE,CAAC,KAAK,CAAC,EAAE,EAAE,oBAAoB,CAAC,CAAC,iBAAiB,CAAC;YACnD,QAAQ,EAAE,IAAI;YACd,kBAAkB,EAAE,IAAI;SACzB,CAAC,CAAC;QACH,IAAI,CAAC;YACH,MAAM,IAAA,sBAAW,EACf;gBACE,WAAW,EAAE,eAAe;gBAC5B,IAAI,EAAE,eAAe;gBACrB,KAAK,EAAE,EAAE,OAAO,EAAE,kBAAkB,EAAE;aACvC,EACD,EAAE,CACH,CAAC;YACF,MAAM,MAAM,GAAG,IAAA,2BAAa,GAAE,CAAC;YAC/B,IAAA,eAAM,EAAC,MAAM,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;YAC/B,IAAA,eAAM,EAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC;gBAC9B,IAAI,EAAE,eAAe;gBACrB,OAAO,EAAE,YAAY;aACtB,CAAC,CAAC;QACL,CAAC;gBAAS,CAAC;YACT,EAAE,CAAC,KAAK,EAAE,CAAC,KAAK,EAAE,CAAC;QACrB,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,IAAA,aAAI,EAAC,mEAAmE,EAAE,KAAK,IAAI,EAAE;QACnF,uDAAuD;QACvD,6DAA6D;QAC7D,2DAA2D;QAC3D,yDAAyD;QACzD,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;QACnD,EAAE,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;QAC1B,EAAE,CAAC,SAAS,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,CAAC,MAAM;QACxC,OAAO,CAAC,GAAG,CAAC,sBAAsB,GAAG,IAAI,CAAC,IAAI,CAC5C,WAAW,EACX,OAAO,EACP,eAAe,CAChB,CAAC;QACF,MAAM,SAAS,GAAG,WAAE;aACjB,KAAK,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC;aAC9B,kBAAkB,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC;QAElC,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,mBAAmB,CAAC,CAAC;QACtD,MAAM,EAAE,GAAG,IAAI,uBAAS,EAAE,CAAC;QAC3B,WAAE,CAAC,KAAK,CAAC,EAAE,EAAE,oBAAoB,CAAC,CAAC,iBAAiB,CAAC;YACnD,QAAQ,EAAE,IAAI;YACd,kBAAkB,EAAE,IAAI;SACzB,CAAC,CAAC;QACH,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,IAAA,sBAAW,EAC9B;gBACE,WAAW,EAAE,gBAAgB;gBAC7B,IAAI,EAAE,YAAY;gBAClB,KAAK,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,mBAAmB,EAAE;aACtD,EACD,EAAE,CACH,CAAC;YACF,oCAAoC;YACpC,IAAA,eAAM,EAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YACpC,IAAA,eAAM,EAAC,EAAE,CAAC,YAAY,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;YACnE,uCAAuC;YACvC,MAAM,WAAW,GAAG,SAAS,CAAC,IAAI,CAAC,KAAK;iBACrC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;iBACxB,IAAI,CAAC,EAAE,CAAC,CAAC;YACZ,IAAA,eAAM,EAAC,WAAW,CAAC,CAAC,SAAS,CAAC,6BAA6B,CAAC,CAAC;QAC/D,CAAC;gBAAS,CAAC;YACT,EAAE,CAAC,KAAK,EAAE,CAAC,KAAK,EAAE,CAAC;YACnB,sCAAsC;YACtC,EAAE,CAAC,SAAS,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC;QACnC,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,IAAA,aAAI,EAAC,2CAA2C,EAAE,KAAK,IAAI,EAAE;QAC3D,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,gBAAgB,CAAC,CAAC;QACnD,MAAM,EAAE,GAAG,IAAI,uBAAS,EAAE,CAAC;QAC3B,WAAE,CAAC,KAAK,CAAC,EAAE,EAAE,oBAAoB,CAAC,CAAC,iBAAiB,CAAC;YACnD,QAAQ,EAAE,IAAI;YACd,kBAAkB,EAAE,KAAK;SAC1B,CAAC,CAAC;QACH,IAAI,CAAC;YACH,MAAM,IAAA,sBAAW,EACf;gBACE,WAAW,EAAE,cAAc;gBAC3B,IAAI,EAAE,YAAY;gBAClB,KAAK,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,EAAE;aACtC,EACD,EAAE,CACH,CAAC;YACF,IAAA,eAAM,EAAC,IAAA,2BAAa,GAAE,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;YACpC,IAAA,eAAM,EAAC,EAAE,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAClD,CAAC;gBAAS,CAAC;YACT,EAAE,CAAC,KAAK,EAAE,CAAC,KAAK,EAAE,CAAC;QACrB,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,IAAA,iBAAQ,EAAC,yDAAyD,EAAE,GAAG,EAAE;IACvE,IAAA,aAAI,EAAC,wDAAwD,EAAE,KAAK,IAAI,EAAE;QACxE,2DAA2D;QAC3D,IAAA,6BAAe,EAAC;YACd,IAAI,EAAE,YAAY;YAClB,OAAO,EAAE,GAAG,MAAM,KAAK;SACxB,CAAC,CAAC;QAEH,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,mBAAmB,CAAC,CAAC;QACtD,MAAM,EAAE,GAAG,IAAI,uBAAS,EAAE,CAAC;QAC3B,MAAM,GAAG,GAAG,WAAE,CAAC,KAAK,CAAC,EAAE,EAAE,oBAAoB,CAAC,CAAC;QAC/C,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,IAAA,sBAAW,EAC9B;gBACE,WAAW,EAAE,UAAU;gBACvB,IAAI,EAAE,YAAY;gBAClB,KAAK,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,eAAe,EAAE;aAClD,EACD,EAAE,CACH,CAAC;YACF,IAAA,eAAM,EAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YACpC,IAAA,eAAM,EAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,iBAAiB,MAAM,EAAE,CAAC,CAAC;YACvD,IAAA,eAAM,EAAC,EAAE,CAAC,YAAY,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;YAC/D,IAAA,eAAM,EAAC,GAAG,CAAC,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAC;QACrC,CAAC;gBAAS,CAAC;YACT,EAAE,CAAC,KAAK,EAAE,CAAC,KAAK,EAAE,CAAC;QACrB,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,IAAA,aAAI,EAAC,2DAA2D,EAAE,KAAK,IAAI,EAAE;QAC3E,IAAA,6BAAe,EAAC;YACd,IAAI,EAAE,eAAe;YACrB,OAAO,EAAE,YAAY;SACtB,CAAC,CAAC;QAEH,MAAM,EAAE,GAAG,IAAI,uBAAS,EAAE,CAAC;QAC3B,MAAM,GAAG,GAAG,WAAE,CAAC,KAAK,CAAC,EAAE,EAAE,oBAAoB,CAAC,CAAC;QAC/C,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,IAAA,sBAAW,EAC9B;gBACE,WAAW,EAAE,UAAU;gBACvB,IAAI,EAAE,eAAe;gBACrB,KAAK,EAAE,EAAE,OAAO,EAAE,kBAAkB,EAAE;aACvC,EACD,EAAE,CACH,CAAC;YACF,IAAA,eAAM,EAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YACpC,IAAA,eAAM,EAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;YAC7C,IAAA,eAAM,EAAC,GAAG,CAAC,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAC;QACrC,CAAC;gBAAS,CAAC;YACT,EAAE,CAAC,KAAK,EAAE,CAAC,KAAK,EAAE,CAAC;QACrB,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,6DAA6D;IAC7D,mEAAmE;IACnE,mEAAmE;IACnE,gEAAgE;IAChE,6DAA6D;IAC7D,6CAA6C;IAE7C,IAAA,aAAI,EAAC,+CAA+C,EAAE,KAAK,IAAI,EAAE;QAC/D,kEAAkE;QAClE,+BAA+B;QAC/B,IAAA,6BAAe,EAAC;YACd,IAAI,EAAE,YAAY;YAClB,OAAO,EAAE,gBAAgB;SAC1B,CAAC,CAAC;QAEH,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,kBAAkB,CAAC,CAAC;QACrD,MAAM,EAAE,GAAG,IAAI,uBAAS,EAAE,CAAC;QAC3B,WAAE,CAAC,KAAK,CAAC,EAAE,EAAE,oBAAoB,CAAC,CAAC,iBAAiB,CAAC;YACnD,QAAQ,EAAE,IAAI;YACd,kBAAkB,EAAE,KAAK;SAC1B,CAAC,CAAC;QACH,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,IAAA,sBAAW,EAC9B;gBACE,WAAW,EAAE,UAAU;gBACvB,IAAI,EAAE,YAAY;gBAClB,KAAK,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,EAAE;aACtC,EACD,EAAE,CACH,CAAC;YACF,IAAA,eAAM,EAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YACpC,IAAA,eAAM,EAAC,EAAE,CAAC,YAAY,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YACnD,2DAA2D;YAC3D,2CAA2C;YAC3C,IAAA,eAAM,EAAC,EAAE,CAAC,kBAAkB,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC,CAAC;QACzD,CAAC;gBAAS,CAAC;YACT,EAAE,CAAC,KAAK,EAAE,CAAC,KAAK,EAAE,CAAC;QACrB,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
package/dist/display.d.ts
CHANGED
|
@@ -8,4 +8,23 @@ export declare function printTurnEnd(costUsd: number): void;
|
|
|
8
8
|
export declare function printError(message: string): void;
|
|
9
9
|
export declare function printSessionList(sessions: Session[]): void;
|
|
10
10
|
export declare function printPrompt(): void;
|
|
11
|
+
/**
|
|
12
|
+
* Render a single inline log line for a server-side tool invocation.
|
|
13
|
+
*
|
|
14
|
+
* SPRINT-CLI-APPROVAL-MENU-1 (#6509) PR3 — pre-#6509 the 15 tools in
|
|
15
|
+
* terminal_orchestrator/main.py's SERVER_TOOLS set executed silently
|
|
16
|
+
* from the user's perspective. This helper renders the
|
|
17
|
+
* `server_tool_call` WS event the orchestrator now emits before each
|
|
18
|
+
* server-side dispatch, matching the visual style of the existing
|
|
19
|
+
* client-tool inline logs in cli/src/tools.ts (`[read_file] /path
|
|
20
|
+
* (N lines)`, `[git_status]`, etc.).
|
|
21
|
+
*
|
|
22
|
+
* `inputSummary` is built server-side (see
|
|
23
|
+
* `terminal_orchestrator/main.py::_build_server_tool_input_summary`)
|
|
24
|
+
* — ≤120 chars, preferred-keys-per-tool, middle-truncated values,
|
|
25
|
+
* no newlines. Empty inputSummary (e.g. librarian_list_collections,
|
|
26
|
+
* which has no meaningful input to render) drops to just the
|
|
27
|
+
* `[server:<name>]` prefix.
|
|
28
|
+
*/
|
|
29
|
+
export declare function printServerToolCall(name: string, inputSummary: string): void;
|
|
11
30
|
//# sourceMappingURL=display.d.ts.map
|
package/dist/display.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"display.d.ts","sourceRoot":"","sources":["../src/display.ts"],"names":[],"mappings":"AAAA;;GAEG;AAGH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AAE5C,wBAAgB,YAAY,CAAC,SAAS,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,GAAG,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,YAAY,EAAE,MAAM,QAQjH;AAED,wBAAgB,cAAc,CAAC,IAAI,EAAE,MAAM,QAE1C;AAED,wBAAgB,YAAY,CAAC,OAAO,EAAE,MAAM,QAG3C;AAED,wBAAgB,UAAU,CAAC,OAAO,EAAE,MAAM,QAEzC;AAED,wBAAgB,gBAAgB,CAAC,QAAQ,EAAE,OAAO,EAAE,QAoBnD;AAED,wBAAgB,WAAW,SAE1B"}
|
|
1
|
+
{"version":3,"file":"display.d.ts","sourceRoot":"","sources":["../src/display.ts"],"names":[],"mappings":"AAAA;;GAEG;AAGH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AAE5C,wBAAgB,YAAY,CAAC,SAAS,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,GAAG,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,YAAY,EAAE,MAAM,QAQjH;AAED,wBAAgB,cAAc,CAAC,IAAI,EAAE,MAAM,QAE1C;AAED,wBAAgB,YAAY,CAAC,OAAO,EAAE,MAAM,QAG3C;AAED,wBAAgB,UAAU,CAAC,OAAO,EAAE,MAAM,QAEzC;AAED,wBAAgB,gBAAgB,CAAC,QAAQ,EAAE,OAAO,EAAE,QAoBnD;AAED,wBAAgB,WAAW,SAE1B;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,wBAAgB,mBAAmB,CAAC,IAAI,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,GAAG,IAAI,CAG5E"}
|
package/dist/display.js
CHANGED
|
@@ -12,6 +12,7 @@ exports.printTurnEnd = printTurnEnd;
|
|
|
12
12
|
exports.printError = printError;
|
|
13
13
|
exports.printSessionList = printSessionList;
|
|
14
14
|
exports.printPrompt = printPrompt;
|
|
15
|
+
exports.printServerToolCall = printServerToolCall;
|
|
15
16
|
const chalk_1 = __importDefault(require("chalk"));
|
|
16
17
|
function printWelcome(sessionId, sessionName, resumed, messageCount) {
|
|
17
18
|
const name = sessionName || sessionId.slice(0, 8);
|
|
@@ -55,4 +56,26 @@ function printSessionList(sessions) {
|
|
|
55
56
|
function printPrompt() {
|
|
56
57
|
process.stdout.write(chalk_1.default.bold("you: "));
|
|
57
58
|
}
|
|
59
|
+
/**
|
|
60
|
+
* Render a single inline log line for a server-side tool invocation.
|
|
61
|
+
*
|
|
62
|
+
* SPRINT-CLI-APPROVAL-MENU-1 (#6509) PR3 — pre-#6509 the 15 tools in
|
|
63
|
+
* terminal_orchestrator/main.py's SERVER_TOOLS set executed silently
|
|
64
|
+
* from the user's perspective. This helper renders the
|
|
65
|
+
* `server_tool_call` WS event the orchestrator now emits before each
|
|
66
|
+
* server-side dispatch, matching the visual style of the existing
|
|
67
|
+
* client-tool inline logs in cli/src/tools.ts (`[read_file] /path
|
|
68
|
+
* (N lines)`, `[git_status]`, etc.).
|
|
69
|
+
*
|
|
70
|
+
* `inputSummary` is built server-side (see
|
|
71
|
+
* `terminal_orchestrator/main.py::_build_server_tool_input_summary`)
|
|
72
|
+
* — ≤120 chars, preferred-keys-per-tool, middle-truncated values,
|
|
73
|
+
* no newlines. Empty inputSummary (e.g. librarian_list_collections,
|
|
74
|
+
* which has no meaningful input to render) drops to just the
|
|
75
|
+
* `[server:<name>]` prefix.
|
|
76
|
+
*/
|
|
77
|
+
function printServerToolCall(name, inputSummary) {
|
|
78
|
+
const tail = inputSummary ? ` ${inputSummary}` : "";
|
|
79
|
+
console.log(chalk_1.default.dim(` [server:${name}]${tail}`));
|
|
80
|
+
}
|
|
58
81
|
//# sourceMappingURL=display.js.map
|
package/dist/display.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"display.js","sourceRoot":"","sources":["../src/display.ts"],"names":[],"mappings":";AAAA;;GAEG;;;;;AAKH,oCAQC;AAED,wCAEC;AAED,oCAGC;AAED,gCAEC;AAED,4CAoBC;AAED,kCAEC;
|
|
1
|
+
{"version":3,"file":"display.js","sourceRoot":"","sources":["../src/display.ts"],"names":[],"mappings":";AAAA;;GAEG;;;;;AAKH,oCAQC;AAED,wCAEC;AAED,oCAGC;AAED,gCAEC;AAED,4CAoBC;AAED,kCAEC;AAoBD,kDAGC;AAzED,kDAA0B;AAG1B,SAAgB,YAAY,CAAC,SAAiB,EAAE,WAA0B,EAAE,OAAgB,EAAE,YAAoB;IAChH,MAAM,IAAI,GAAG,WAAW,IAAI,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IAClD,IAAI,OAAO,EAAE,CAAC;QACZ,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,IAAI,CAAC,iBAAiB,IAAI,KAAK,YAAY,kBAAkB,CAAC,CAAC,CAAC;IACpF,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,IAAI,CAAC,qBAAqB,IAAI,EAAE,CAAC,CAAC,CAAC;IACvD,CAAC;IACD,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,GAAG,CAAC,sCAAsC,CAAC,CAAC,CAAC;AACjE,CAAC;AAED,SAAgB,cAAc,CAAC,IAAY;IACzC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;AAC7B,CAAC;AAED,SAAgB,YAAY,CAAC,OAAe;IAC1C,MAAM,OAAO,GAAG,OAAO,GAAG,CAAC,CAAC,CAAC,CAAC,eAAK,CAAC,GAAG,CAAC,MAAM,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAC1E,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,OAAO,MAAM,CAAC,CAAC;AAC3C,CAAC;AAED,SAAgB,UAAU,CAAC,OAAe;IACxC,OAAO,CAAC,KAAK,CAAC,eAAK,CAAC,GAAG,CAAC,YAAY,OAAO,IAAI,CAAC,CAAC,CAAC;AACpD,CAAC;AAED,SAAgB,gBAAgB,CAAC,QAAmB;IAClD,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC1B,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC,CAAC;QAC7C,OAAO;IACT,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC;IACzC,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,MAAM,IAAI,GAAG,CAAC,CAAC,YAAY,IAAI,eAAK,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QACtD,MAAM,EAAE,GAAG,eAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;QACvC,MAAM,KAAK,GAAG,GAAG,CAAC,CAAC,aAAa,QAAQ,CAAC;QACzC,MAAM,IAAI,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC;QACvD,MAAM,UAAU,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,cAAc,EAAE,CAAC;QAC/D,MAAM,MAAM,GAAG,CAAC,CAAC,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,eAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,eAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAEzE,OAAO,CAAC,GAAG,CAAC,KAAK,MAAM,IAAI,IAAI,IAAI,EAAE,EAAE,CAAC,CAAC;QACzC,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,GAAG,CAAC,QAAQ,KAAK,MAAM,IAAI,kBAAkB,UAAU,EAAE,CAAC,CAAC,CAAC;QAC9E,OAAO,CAAC,GAAG,EAAE,CAAC;IAChB,CAAC;IACD,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,GAAG,CAAC,qCAAqC,CAAC,CAAC,CAAC;AAChE,CAAC;AAED,SAAgB,WAAW;IACzB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,eAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;AAC5C,CAAC;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,SAAgB,mBAAmB,CAAC,IAAY,EAAE,YAAoB;IACpE,MAAM,IAAI,GAAG,YAAY,CAAC,CAAC,CAAC,IAAI,YAAY,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;IACpD,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,GAAG,CAAC,aAAa,IAAI,IAAI,IAAI,EAAE,CAAC,CAAC,CAAC;AACtD,CAAC"}
|
|
@@ -0,0 +1,109 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Per-user CLI settings + approval allowlist.
|
|
3
|
+
*
|
|
4
|
+
* SPRINT-CLI-APPROVAL-MENU-1 (#6509) PR2.
|
|
5
|
+
*
|
|
6
|
+
* Backs the option-2 "Run and don't ask again" path of
|
|
7
|
+
* `promptApprovalMenu`. Allowlist is persisted to
|
|
8
|
+
* `~/.xiaotime/settings.json` (mode 0600) and consulted before every
|
|
9
|
+
* `executeTool` invocation of the three prompting client-side tools
|
|
10
|
+
* (`shell_command` / `write_file` / `git_commit`). A match short-
|
|
11
|
+
* circuits the menu entirely; the inline log line gets an
|
|
12
|
+
* ` (auto-approved)` suffix so the user can still see what ran.
|
|
13
|
+
*
|
|
14
|
+
* Schema is `version: 1`; missing/malformed/unknown-version files
|
|
15
|
+
* fall back to an empty allowlist (with a stderr warning for
|
|
16
|
+
* malformed/unknown cases) — never crash the CLI on corrupted local
|
|
17
|
+
* config (ISC-6509-007).
|
|
18
|
+
*
|
|
19
|
+
* Pattern derivation differs per tool (see D2 in the sprint spec):
|
|
20
|
+
* - shell_command: argv[0] + leading flags + first subcommand
|
|
21
|
+
* token. `npm install --no-save lodash` → "npm install".
|
|
22
|
+
* Multi-level subcommand grammars (gh issue list) collapse to
|
|
23
|
+
* the first 2 tokens; users can hand-edit settings.json for
|
|
24
|
+
* finer-grained patterns.
|
|
25
|
+
* - write_file: `dirname(path) + "/**"`. Glob-matched against
|
|
26
|
+
* subsequent write_file invocations so allowlisting a write to
|
|
27
|
+
* `/repo/foo.ts` covers `/repo/bar.ts`.
|
|
28
|
+
* - git_commit: literal `"*"` — allowlisting one commit
|
|
29
|
+
* allowlists all future commits (the commit message + staged
|
|
30
|
+
* files vary by definition; there's no meaningful pattern
|
|
31
|
+
* parameter to narrow on).
|
|
32
|
+
*
|
|
33
|
+
* Distinct from `terminal_orchestrator/task_manager.py:57`'s
|
|
34
|
+
* server-side allowlist (EXACT-NAME on argv[0] basename, binary `gh`
|
|
35
|
+
* only). That's a security perimeter for `task_create`'s long-running
|
|
36
|
+
* managed-task envelope; this is a UX gate for client-side tool
|
|
37
|
+
* approvals. Two allowlists, two audiences, two update cadences.
|
|
38
|
+
*/
|
|
39
|
+
export type AllowlistTool = "shell_command" | "write_file" | "git_commit";
|
|
40
|
+
export interface AllowlistEntry {
|
|
41
|
+
tool: AllowlistTool;
|
|
42
|
+
pattern: string;
|
|
43
|
+
added_at: string;
|
|
44
|
+
}
|
|
45
|
+
/**
|
|
46
|
+
* Settings-file location. Resolved lazily per call so the
|
|
47
|
+
* `XIAOTIME_SETTINGS_PATH` env-var override can redirect (used by
|
|
48
|
+
* tests to avoid touching the real `~/.xiaotime/settings.json`).
|
|
49
|
+
* Default: `~/.xiaotime/settings.json`.
|
|
50
|
+
*/
|
|
51
|
+
export declare function _settingsPath(): string;
|
|
52
|
+
/**
|
|
53
|
+
* Read the allowlist from disk. Returns [] for any of:
|
|
54
|
+
* - file missing (first run; not an error)
|
|
55
|
+
* - file unreadable (permissions; logged + treated as empty)
|
|
56
|
+
* - malformed JSON (logged + treated as empty)
|
|
57
|
+
* - unknown schema version (logged + treated as empty)
|
|
58
|
+
* - shape doesn't match SettingsV1 (silently treated as empty)
|
|
59
|
+
*
|
|
60
|
+
* Never throws. The CLI must remain usable when the user has a
|
|
61
|
+
* corrupted local config (ISC-6509-007).
|
|
62
|
+
*/
|
|
63
|
+
export declare function loadAllowlist(): AllowlistEntry[];
|
|
64
|
+
/**
|
|
65
|
+
* Append a new entry to the allowlist + persist. Creates
|
|
66
|
+
* ~/.xiaotime/ with mode 0700 if it doesn't exist; writes
|
|
67
|
+
* settings.json with mode 0600. Idempotent on duplicate
|
|
68
|
+
* (tool, pattern) — duplicate appends are silently dropped.
|
|
69
|
+
*/
|
|
70
|
+
export declare function appendAllowlist(entry: {
|
|
71
|
+
tool: AllowlistTool;
|
|
72
|
+
pattern: string;
|
|
73
|
+
}): void;
|
|
74
|
+
/**
|
|
75
|
+
* Derive the allowlist pattern for a tool invocation. Returns null
|
|
76
|
+
* if the input shape is unusable (empty command, missing path). The
|
|
77
|
+
* pattern is used both at write time (option-2 selection persists
|
|
78
|
+
* `derivePattern(tool, input)`) and at read time (the next call's
|
|
79
|
+
* derived pattern feeds `matchAllowlist`).
|
|
80
|
+
*
|
|
81
|
+
* Per D2 in the sprint spec, derivation is coarse on purpose. For
|
|
82
|
+
* shell_command, the v1 rule captures argv[0] + leading flags + at
|
|
83
|
+
* most one subcommand token. Multi-level grammars (gh issue list,
|
|
84
|
+
* git remote add) collapse to 2-token prefixes; users who want finer
|
|
85
|
+
* patterns can hand-edit settings.json. For write_file, the directory
|
|
86
|
+
* the file lives in is allowlisted (`/**` suffix); writes deeper in
|
|
87
|
+
* the tree match. For git_commit, the literal `"*"` allowlists all
|
|
88
|
+
* future commits.
|
|
89
|
+
*/
|
|
90
|
+
export declare function derivePattern(tool: AllowlistTool, input: Record<string, unknown>): string | null;
|
|
91
|
+
/**
|
|
92
|
+
* Check whether a tool invocation matches any entry in the
|
|
93
|
+
* allowlist. Matching semantics differ per tool:
|
|
94
|
+
* - shell_command: exact equality between derived pattern and
|
|
95
|
+
* stored pattern (`npm install` matches only `npm install`,
|
|
96
|
+
* not `npm install lodash` directly — but the derived pattern
|
|
97
|
+
* for `npm install lodash` IS `npm install`, so it matches.)
|
|
98
|
+
* - write_file: glob-match the incoming path against each
|
|
99
|
+
* `write_file` entry's stored glob.
|
|
100
|
+
* - git_commit: any `git_commit` entry matches (stored pattern
|
|
101
|
+
* is `"*"`).
|
|
102
|
+
*
|
|
103
|
+
* The cross-tool isolation invariant (PR3 ISC-spec): an entry with
|
|
104
|
+
* `tool === "shell_command"` can never authorize a `write_file` call
|
|
105
|
+
* even if patterns coincidentally match — the tool field is checked
|
|
106
|
+
* first.
|
|
107
|
+
*/
|
|
108
|
+
export declare function matchAllowlist(tool: AllowlistTool, input: Record<string, unknown>, allowlist: AllowlistEntry[]): AllowlistEntry | null;
|
|
109
|
+
//# sourceMappingURL=settings.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"settings.d.ts","sourceRoot":"","sources":["../src/settings.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAqCG;AAMH,MAAM,MAAM,aAAa,GAAG,eAAe,GAAG,YAAY,GAAG,YAAY,CAAC;AAQ1E,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,aAAa,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,MAAM,CAAC;CAClB;AASD;;;;;GAKG;AACH,wBAAgB,aAAa,IAAI,MAAM,CAKtC;AAMD;;;;;;;;;;GAUG;AACH,wBAAgB,aAAa,IAAI,cAAc,EAAE,CAoChD;AAED;;;;;GAKG;AACH,wBAAgB,eAAe,CAC7B,KAAK,EAAE;IAAE,IAAI,EAAE,aAAa,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,GAC9C,IAAI,CAwCN;AAED;;;;;;;;;;;;;;;GAeG;AACH,wBAAgB,aAAa,CAC3B,IAAI,EAAE,aAAa,EACnB,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAC7B,MAAM,GAAG,IAAI,CA+Cf;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAgB,cAAc,CAC5B,IAAI,EAAE,aAAa,EACnB,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC9B,SAAS,EAAE,cAAc,EAAE,GAC1B,cAAc,GAAG,IAAI,CAsBvB"}
|