PyPI - patchpal - Versions diffs - 0.1.2__tar.gz → 0.1.4__tar.gz - Mend

patchpal 0.1.2tar.gz → 0.1.4tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (27) hide show

{patchpal-0.1.2/patchpal.egg-info → patchpal-0.1.4}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: patchpal
-Version: 0.1.2
+Version: 0.1.4
 Summary: A lean Claude Code clone in pure  Python
 Author: PatchPal Contributors
 License-Expression: Apache-2.0
@@ -27,6 +27,7 @@ Requires-Dist: rich>=13.0.0
 Requires-Dist: pyyaml>=6.0.0
 Requires-Dist: prompt_toolkit>=3.0.0
 Requires-Dist: tiktoken>=0.5.0
+Requires-Dist: boto3
 Provides-Extra: dev
 Requires-Dist: pytest>=7.0.0; extra == "dev"
 Requires-Dist: pytest-cov>=4.0.0; extra == "dev"
@@ -606,12 +607,16 @@ PatchPal includes comprehensive security protections enabled by default:
 ```bash
 # Critical Security Controls
 export PATCHPAL_REQUIRE_PERMISSION=true  # Prompt for permission before executing commands/modifying files (default: true)
-                                          # Set to false to disable prompts (not recommended for production use)
+                                          # ⚠️  WARNING: Setting to false disables prompts - only use in trusted, controlled environments
+                                          # When disabled, the agent can modify files and run commands without asking
 export PATCHPAL_MAX_FILE_SIZE=5242880     # Maximum file size in bytes for read/write operations (default: 10485760 = 10MB)
 export PATCHPAL_READ_ONLY=true            # Prevent all file modifications, analysis-only mode (default: false)
                                            # Useful for: code review, exploration, security audits, CI/CD analysis, or trying PatchPal risk-free
 export PATCHPAL_ALLOW_SENSITIVE=true      # Allow access to .env, credentials, API keys (default: false - blocked for safety)
                                            # Only enable when working with test/dummy credentials or intentionally managing config files
+export PATCHPAL_ALLOW_SUDO=true           # Allow sudo commands (default: false - blocked for safety)
+                                           # ⚠️  WARNING: Only enable in trusted, controlled environments where sudo is necessary
+                                           # When enabled, all privilege escalation blocking is disabled
 # Operational Safety Controls
 export PATCHPAL_AUDIT_LOG=false           # Log all operations to ~/.patchpal/<repo-name>/audit.log (default: true)

{patchpal-0.1.2 → patchpal-0.1.4}/README.md RENAMED Viewed

@@ -570,12 +570,16 @@ PatchPal includes comprehensive security protections enabled by default:
 ```bash
 # Critical Security Controls
 export PATCHPAL_REQUIRE_PERMISSION=true  # Prompt for permission before executing commands/modifying files (default: true)
-                                          # Set to false to disable prompts (not recommended for production use)
+                                          # ⚠️  WARNING: Setting to false disables prompts - only use in trusted, controlled environments
+                                          # When disabled, the agent can modify files and run commands without asking
 export PATCHPAL_MAX_FILE_SIZE=5242880     # Maximum file size in bytes for read/write operations (default: 10485760 = 10MB)
 export PATCHPAL_READ_ONLY=true            # Prevent all file modifications, analysis-only mode (default: false)
                                            # Useful for: code review, exploration, security audits, CI/CD analysis, or trying PatchPal risk-free
 export PATCHPAL_ALLOW_SENSITIVE=true      # Allow access to .env, credentials, API keys (default: false - blocked for safety)
                                            # Only enable when working with test/dummy credentials or intentionally managing config files
+export PATCHPAL_ALLOW_SUDO=true           # Allow sudo commands (default: false - blocked for safety)
+                                           # ⚠️  WARNING: Only enable in trusted, controlled environments where sudo is necessary
+                                           # When enabled, all privilege escalation blocking is disabled
 # Operational Safety Controls
 export PATCHPAL_AUDIT_LOG=false           # Log all operations to ~/.patchpal/<repo-name>/audit.log (default: true)

{patchpal-0.1.2 → patchpal-0.1.4}/patchpal/__init__.py RENAMED Viewed

@@ -1,6 +1,6 @@
 """PatchPal - An open-source Claude Code clone implemented purely in Python."""
-__version__ = "0.1.2"
+__version__ = "0.1.4"
 from patchpal.agent import create_agent
 from patchpal.tools import (

{patchpal-0.1.2 → patchpal-0.1.4}/patchpal/agent.py RENAMED Viewed

@@ -372,7 +372,7 @@ TOOLS = [
         "type": "function",
         "function": {
             "name": "run_shell",
-            "description": "Run a safe shell command in the repository. Dangerous commands (rm, mv, sudo, etc.) are blocked.",
+            "description": "Run a safe shell command in the repository. Privilege escalation (sudo, su) blocked by default unless PATCHPAL_ALLOW_SUDO=true.",
             "parameters": {
                 "type": "object",
                 "properties": {

{patchpal-0.1.2 → patchpal-0.1.4}/patchpal/cli.py RENAMED Viewed

@@ -92,6 +92,13 @@ class SmartPathCompleter(Completer):
                 )
+def _get_version() -> str:
+    """Get the PatchPal version string."""
+    from patchpal import __version__
+    return __version__
 def _get_patchpal_dir() -> Path:
     """Get the patchpal directory for this repository.
@@ -174,6 +181,12 @@ Supported models: Any LiteLLM-supported model
   - Others: See https://docs.litellm.ai/docs/providers
         """,
     )
+    parser.add_argument(
+        "--version",
+        action="version",
+        version=f"%(prog)s {_get_version()}",
+        help="Show program's version number and exit",
+    )
     parser.add_argument(
         "--model",
         type=str,

{patchpal-0.1.2 → patchpal-0.1.4}/patchpal/system_prompt.md RENAMED Viewed

@@ -20,7 +20,7 @@ Today is {current_date}. Current time is {current_time}.
 - **grep_code**: Search for patterns in code files (faster than run_shell with grep)
 - **list_skills**: List available skills (custom workflows in ~/.patchpal/skills/ or .patchpal/skills/)
 - **use_skill**: Invoke a skill with optional arguments
-{web_tools}- **run_shell**: Run shell commands (requires permission; privilege escalation blocked)
+{web_tools}- **run_shell**: Run shell commands (requires permission; privilege escalation blocked unless PATCHPAL_ALLOW_SUDO=true)
 ## Tool Overview and Scope

{patchpal-0.1.2 → patchpal-0.1.4}/patchpal/tools.py RENAMED Viewed

@@ -32,7 +32,13 @@ REPO_ROOT = Path(".").resolve()
 # Platform-aware command blocking - minimal list since we have permission system
 # Only block privilege escalation commands specific to each platform
-if platform.system() == "Windows":
+# Allow sudo if explicitly enabled via environment variable
+ALLOW_SUDO = os.getenv("PATCHPAL_ALLOW_SUDO", "false").lower() == "true"
+if ALLOW_SUDO:
+    # Sudo allowed - no command blocking
+    FORBIDDEN = set()
+elif platform.system() == "Windows":
     # Windows privilege escalation commands
     FORBIDDEN = {"runas", "psexec"}  # Run as different user, SysInternals elevated execution
 else:

{patchpal-0.1.2 → patchpal-0.1.4/patchpal.egg-info}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: patchpal
-Version: 0.1.2
+Version: 0.1.4
 Summary: A lean Claude Code clone in pure  Python
 Author: PatchPal Contributors
 License-Expression: Apache-2.0
@@ -27,6 +27,7 @@ Requires-Dist: rich>=13.0.0
 Requires-Dist: pyyaml>=6.0.0
 Requires-Dist: prompt_toolkit>=3.0.0
 Requires-Dist: tiktoken>=0.5.0
+Requires-Dist: boto3
 Provides-Extra: dev
 Requires-Dist: pytest>=7.0.0; extra == "dev"
 Requires-Dist: pytest-cov>=4.0.0; extra == "dev"
@@ -606,12 +607,16 @@ PatchPal includes comprehensive security protections enabled by default:
 ```bash
 # Critical Security Controls
 export PATCHPAL_REQUIRE_PERMISSION=true  # Prompt for permission before executing commands/modifying files (default: true)
-                                          # Set to false to disable prompts (not recommended for production use)
+                                          # ⚠️  WARNING: Setting to false disables prompts - only use in trusted, controlled environments
+                                          # When disabled, the agent can modify files and run commands without asking
 export PATCHPAL_MAX_FILE_SIZE=5242880     # Maximum file size in bytes for read/write operations (default: 10485760 = 10MB)
 export PATCHPAL_READ_ONLY=true            # Prevent all file modifications, analysis-only mode (default: false)
                                            # Useful for: code review, exploration, security audits, CI/CD analysis, or trying PatchPal risk-free
 export PATCHPAL_ALLOW_SENSITIVE=true      # Allow access to .env, credentials, API keys (default: false - blocked for safety)
                                            # Only enable when working with test/dummy credentials or intentionally managing config files
+export PATCHPAL_ALLOW_SUDO=true           # Allow sudo commands (default: false - blocked for safety)
+                                           # ⚠️  WARNING: Only enable in trusted, controlled environments where sudo is necessary
+                                           # When enabled, all privilege escalation blocking is disabled
 # Operational Safety Controls
 export PATCHPAL_AUDIT_LOG=false           # Log all operations to ~/.patchpal/<repo-name>/audit.log (default: true)

{patchpal-0.1.2 → patchpal-0.1.4}/patchpal.egg-info/requires.txt RENAMED Viewed

@@ -6,6 +6,7 @@ rich>=13.0.0
 pyyaml>=6.0.0
 prompt_toolkit>=3.0.0
 tiktoken>=0.5.0
+boto3
 [dev]
 pytest>=7.0.0

{patchpal-0.1.2 → patchpal-0.1.4}/pyproject.toml RENAMED Viewed

@@ -33,6 +33,7 @@ dependencies = [
     "pyyaml>=6.0.0",
     "prompt_toolkit>=3.0.0",
     "tiktoken>=0.5.0",
+	"boto3"
 ]
 [project.optional-dependencies]

{patchpal-0.1.2 → patchpal-0.1.4}/tests/test_tools.py RENAMED Viewed

@@ -155,6 +155,47 @@ def test_run_shell_forbidden_commands(temp_repo):
             run_shell(cmd)
+def test_run_shell_allow_sudo(temp_repo, monkeypatch):
+    """Test that sudo can be allowed via PATCHPAL_ALLOW_SUDO."""
+    import platform
+    from patchpal.tools import run_shell
+    # Set environment variable to allow sudo
+    monkeypatch.setenv("PATCHPAL_ALLOW_SUDO", "true")
+    # Need to reload the module to pick up the new environment variable
+    import importlib
+    import patchpal.tools
+    importlib.reload(patchpal.tools)
+    # Re-patch REPO_ROOT after reload
+    monkeypatch.setattr("patchpal.tools.REPO_ROOT", temp_repo)
+    if platform.system() != "Windows":
+        # On Unix-like systems, sudo should now be allowed (will fail but not blocked)
+        # We can't actually test sudo execution without root, but we can verify
+        # it's not blocked by the FORBIDDEN check
+        try:
+            # This will fail with "sudo: a terminal is required" or similar
+            # but NOT with "Blocked dangerous command"
+            run_shell("sudo --version")
+            # If it succeeds, that's fine too
+        except ValueError as e:
+            # Should not be blocked by our FORBIDDEN check
+            assert "Blocked dangerous command" not in str(e)
+            # Might fail for other reasons (e.g., sudo not installed in test env)
+            assert "sudo" not in str(e).lower() or "not found" in str(e).lower()
+    else:
+        # On Windows, test runas
+        try:
+            run_shell("runas /?")
+        except ValueError as e:
+            assert "Blocked dangerous command" not in str(e)
 def test_run_shell_complex_safe_command(temp_repo):
     """Test that complex but safe commands work."""
     from patchpal.tools import run_shell