diff --git a/codex-rs/core/src/is_safe_command.rs b/codex-rs/core/src/command_safety/is_safe_command.rs similarity index 98% rename from codex-rs/core/src/is_safe_command.rs rename to codex-rs/core/src/command_safety/is_safe_command.rs index 12eb36e0..c3321540 100644 --- a/codex-rs/core/src/is_safe_command.rs +++ b/codex-rs/core/src/command_safety/is_safe_command.rs @@ -2,6 +2,14 @@ use crate::bash::try_parse_bash; use crate::bash::try_parse_word_only_commands_sequence; pub fn is_known_safe_command(command: &[String]) -> bool { + #[cfg(target_os = "windows")] + { + use super::windows_safe_commands::is_safe_command_windows; + if is_safe_command_windows(command) { + return true; + } + } + if is_safe_to_call_with_exec(command) { return true; } @@ -24,7 +32,6 @@ pub fn is_known_safe_command(command: &[String]) -> bool { { return true; } - false } diff --git a/codex-rs/core/src/command_safety/mod.rs b/codex-rs/core/src/command_safety/mod.rs new file mode 100644 index 00000000..b3095c86 --- /dev/null +++ b/codex-rs/core/src/command_safety/mod.rs @@ -0,0 +1,3 @@ +pub mod is_safe_command; +#[cfg(target_os = "windows")] +pub mod windows_safe_commands; diff --git a/codex-rs/core/src/command_safety/windows_safe_commands.rs b/codex-rs/core/src/command_safety/windows_safe_commands.rs new file mode 100644 index 00000000..c6e781f8 --- /dev/null +++ b/codex-rs/core/src/command_safety/windows_safe_commands.rs @@ -0,0 +1,25 @@ +// This is a WIP. This will eventually contain a real list of common safe Windows commands. +pub fn is_safe_command_windows(_command: &[String]) -> bool { + false +} + +#[cfg(test)] +mod tests { + use super::is_safe_command_windows; + + fn vec_str(args: &[&str]) -> Vec { + args.iter().map(ToString::to_string).collect() + } + + #[test] + fn everything_is_unsafe() { + for cmd in [ + vec_str(&["powershell.exe", "-NoLogo", "-Command", "echo hello"]), + vec_str(&["copy", "foo", "bar"]), + vec_str(&["del", "file.txt"]), + vec_str(&["powershell.exe", "Get-ChildItem"]), + ] { + assert!(!is_safe_command_windows(&cmd)); + } + } +} diff --git a/codex-rs/core/src/lib.rs b/codex-rs/core/src/lib.rs index 8c5bcf94..2db1e6e7 100644 --- a/codex-rs/core/src/lib.rs +++ b/codex-rs/core/src/lib.rs @@ -15,6 +15,7 @@ pub mod codex; mod codex_conversation; pub mod token_data; pub use codex_conversation::CodexConversation; +mod command_safety; pub mod config; pub mod config_edit; pub mod config_profile; @@ -29,7 +30,6 @@ pub mod exec_env; mod flags; pub mod git_info; pub mod internal_storage; -mod is_safe_command; pub mod landlock; mod mcp_connection_manager; mod mcp_tool_call; @@ -80,6 +80,7 @@ mod user_notification; pub mod util; pub use apply_patch::CODEX_APPLY_PATCH_ARG1; +pub use command_safety::is_safe_command; pub use safety::get_platform_sandbox; // Re-export the protocol types from the standalone `codex-protocol` crate so existing // `codex_core::protocol::...` references continue to work across the workspace.