valknar/llmx
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore: consolidate model utils and drive-by cleanups (#476)

Browse Source 
Signed-off-by: Thibault Sottiaux <tibo@openai.com>
This commit is contained in:
Thibault Sottiaux
2025-04-21 12:33:57 -04:00
committed by GitHub
parent dc276999a9
commit 3c4f1fea9b
21 changed files with 196 additions and 205 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
codex-cli/src/approvals.ts
View File

@@ -136,8 +136,8 @@ export function canAutoApprove(
// bashCmd could be a mix of strings and operators, e.g.:
// "ls || (true && pwd)" => [ 'ls', { op: '||' }, '(', 'true', { op: '&&' }, 'pwd', ')' ]
// We try to ensure that *every* command segment is deemed safe and that
// all operators belong to an allowlist. If so, the entire expression is
// considered autoapprovable.
// all operators belong to an allow-list. If so, the entire expression is
// considered auto-approvable.
const shellSafe = isEntireShellExpressionSafe(bashCmd);
if (shellSafe != null) {
@@ -333,7 +333,7 @@ export function isSafeCommand(
};
case "true":
return {
reason: "Noop (true)",
reason: "No-op (true)",
group: "Utility",
};
case "echo":
@@ -442,10 +442,10 @@ function isValidSedNArg(arg: string | undefined): boolean {
// ---------------- Helper utilities for complex shell expressions -----------------
// A conservative allowlist of bash operators that do not, on their own, cause
// A conservative allow-list of bash operators that do not, on their own, cause
// side effects. Redirections (>, >>, <, etc.) and command substitution `$()`
// are intentionally excluded. Parentheses used for grouping are treated as
// strings by `shellquote`, so we do not add them here. Reference:
// strings by `shell-quote`, so we do not add them here. Reference:
// https://github.com/substack/node-shell-quote#parsecmd-opts
const SAFE_SHELL_OPERATORS: ReadonlySet<string> = new Set([
"&&", // logical AND
@@ -471,7 +471,7 @@ function isEntireShellExpressionSafe(
}
try {
// Collect command segments delimited by operators. `shellquote` represents
// Collect command segments delimited by operators. `shell-quote` represents
// subshell grouping parentheses as literal strings "(" and ")"; treat them
// as unsafe to keep the logic simple (since subshells could introduce
// unexpected scope changes).
@@ -539,7 +539,7 @@ function isParseEntryWithOp(
return (
typeof entry === "object" &&
entry != null &&
// Using the safe `in` operator keeps the check propertysafe even when
// Using the safe `in` operator keeps the check property-safe even when
// `entry` is a `string`.
"op" in entry &&
typeof (entry as { op?: unknown }).op === "string"