58f0e5ab74
As described in detail in `codex-rs/execpolicy/README.md` introduced in
this PR, `execpolicy` is a tool that lets you define a set of _patterns_
used to match [`execv(3)`](https://linux.die.net/man/3/execv)
invocations. When a pattern is matched, `execpolicy` returns the parsed
version in a structured form that is amenable to static analysis.
The primary use case is to define patterns match commands that should be
auto-approved by a tool such as Codex. This supports a richer pattern
matching mechanism that the sort of prefix-matching we have done to
date, e.g.:
5e40d9d221/codex-cli/src/approvals.ts (L333-L354)
Note we are still playing with the API and the `system_path` option in
particular still needs some work.
29 lines
623 B
Rust
29 lines
623 B
Rust
use std::fmt::Display;
|
|
|
|
use serde::Serialize;
|
|
|
|
#[derive(Clone, Debug, Eq, PartialEq, Serialize)]
|
|
pub struct ExecCall {
|
|
pub program: String,
|
|
pub args: Vec<String>,
|
|
}
|
|
|
|
impl ExecCall {
|
|
pub fn new(program: &str, args: &[&str]) -> Self {
|
|
Self {
|
|
program: program.to_string(),
|
|
args: args.iter().map(|&s| s.into()).collect(),
|
|
}
|
|
}
|
|
}
|
|
|
|
impl Display for ExecCall {
|
|
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
|
|
write!(f, "{}", self.program)?;
|
|
for arg in &self.args {
|
|
write!(f, " {}", arg)?;
|
|
}
|
|
Ok(())
|
|
}
|
|
}
|