valknar/llmx
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
6f87f4c69fbb85b231bfbd261608170a9c13c3d3
llmx/codex-rs/execpolicy/src/opt.rs
Michael Bolin 58f0e5ab74 feat: introduce codex_execpolicy crate for defining "safe" commands (#634) 
As described in detail in `codex-rs/execpolicy/README.md` introduced in
this PR, `execpolicy` is a tool that lets you define a set of _patterns_
used to match [`execv(3)`](https://linux.die.net/man/3/execv)
invocations. When a pattern is matched, `execpolicy` returns the parsed
version in a structured form that is amenable to static analysis.

The primary use case is to define patterns match commands that should be
auto-approved by a tool such as Codex. This supports a richer pattern
matching mechanism that the sort of prefix-matching we have done to
date, e.g.:


5e40d9d221/codex-cli/src/approvals.ts (L333-L354)

Note we are still playing with the API and the `system_path` option in
particular still needs some work.
2025-04-24 17:14:47 -07:00

78 lines
2.1 KiB
Rust
Raw Blame History

#![allow(clippy::needless_lifetimes)]
use crate::starlark::values::ValueLike;
use crate::ArgType;
use allocative::Allocative;
use derive_more::derive::Display;
use starlark::any::ProvidesStaticType;
use starlark::values::starlark_value;
use starlark::values::AllocValue;
use starlark::values::Heap;
use starlark::values::NoSerialize;
use starlark::values::StarlarkValue;
use starlark::values::UnpackValue;
use starlark::values::Value;
/// Command line option that takes a value.
#[derive(Clone, Debug, Display, PartialEq, Eq, ProvidesStaticType, NoSerialize, Allocative)]
#[display("opt({})", opt)]
pub struct Opt {
/// The option as typed on the command line, e.g., `-h` or `--help`. If
/// it can be used in the `--name=value` format, then this should be
/// `--name` (though this is subject to change).
pub opt: String,
pub meta: OptMeta,
pub required: bool,
}
/// When defining an Opt, use as specific an OptMeta as possible.
#[derive(Clone, Debug, Display, PartialEq, Eq, ProvidesStaticType, NoSerialize, Allocative)]
#[display("{}", self)]
pub enum OptMeta {
/// Option does not take a value.
Flag,
/// Option takes a single value matching the specified type.
Value(ArgType),
}
impl Opt {
pub fn new(opt: String, meta: OptMeta, required: bool) -> Self {
Self {
opt,
meta,
required,
}
}
pub fn name(&self) -> &str {
&self.opt
}
}
#[starlark_value(type = "Opt")]
impl<'v> StarlarkValue<'v> for Opt {
type Canonical = Opt;
}
impl<'v> UnpackValue<'v> for Opt {
type Error = starlark::Error;
fn unpack_value_impl(value: Value<'v>) -> starlark::Result<Option<Self>> {
// TODO(mbolin): It fels like this should be doable without cloning?
// Cannot simply consume the value?
Ok(value.downcast_ref::<Opt>().cloned())
}
}
impl<'v> AllocValue<'v> for Opt {
fn alloc_value(self, heap: &'v Heap) -> Value<'v> {
heap.alloc_simple(self)
}
}
#[starlark_value(type = "OptMeta")]
impl<'v> StarlarkValue<'v> for OptMeta {
type Canonical = OptMeta;
}
Reference in New Issue View Git Blame Copy Permalink