v2.9.0 (#641)
Co-authored-by: Antoine <33425718+anth2o@users.noreply.github.com> Co-authored-by: Bastien <bastien.baret@gmail.com> Co-authored-by: Clément Sirieix <clement.sirieix@mistral.ai> Co-authored-by: Kim-Adeline Miguel <51720070+kimadeline@users.noreply.github.com> Co-authored-by: Mathias Gesbert <mathias.gesbert@mistral.ai> Co-authored-by: Maxime Dolores <maxime.dolores@ext.mistral.ai> Co-authored-by: Michel Thomazo <51709227+michelTho@users.noreply.github.com> Co-authored-by: Nelson PROIA <144663685+Nelson-PROIA@users.noreply.github.com> Co-authored-by: Pierre Rossinès <pierre.rossines@mistral.ai> Co-authored-by: Quentin <quentin.torroba@mistral.ai> Co-authored-by: Robin Gullo <robin.gullo@mistral.ai> Co-authored-by: Mistral Vibe <vibe@mistral.ai>
This commit is contained in:
parent
a83c81ecf5
commit
632ea8c032
253 changed files with 13965 additions and 2525 deletions
|
|
@ -77,15 +77,53 @@ async def test_decodes_non_utf8_bytes(bash):
|
|||
assert result.stderr == ""
|
||||
|
||||
|
||||
def test_find_not_in_default_allowlist():
|
||||
bash_tool = Bash(config_getter=lambda: BashToolConfig(), state=BaseToolState())
|
||||
# find -exec runs arbitrary commands; must not be allowlisted by default
|
||||
permission = bash_tool.resolve_permission(BashArgs(command="find . -exec id \\;"))
|
||||
assert (
|
||||
not isinstance(permission, PermissionContext)
|
||||
or permission.permission is not ToolPermission.ALWAYS
|
||||
@pytest.mark.parametrize("predicate", ["-exec", "-execdir", "-ok", "-okdir"])
|
||||
def test_find_execution_predicates_force_ask(predicate: str):
|
||||
config = BashToolConfig(permission=ToolPermission.ALWAYS)
|
||||
bash_tool = Bash(config_getter=lambda: config, state=BaseToolState())
|
||||
|
||||
permission = bash_tool.resolve_permission(
|
||||
BashArgs(command=f"find . {predicate} id \\;")
|
||||
)
|
||||
|
||||
assert isinstance(permission, PermissionContext)
|
||||
assert permission.permission is ToolPermission.ASK
|
||||
assert [required.label for required in permission.required_permissions] == [
|
||||
f"find . {predicate} id \\;"
|
||||
]
|
||||
|
||||
|
||||
def test_find_exec_compound_includes_companion_required_permission():
|
||||
config = BashToolConfig(permission=ToolPermission.ALWAYS)
|
||||
bash_tool = Bash(config_getter=lambda: config, state=BaseToolState())
|
||||
|
||||
permission = bash_tool.resolve_permission(
|
||||
BashArgs(command='find . -exec id \\; && python3 -c "import os"')
|
||||
)
|
||||
|
||||
assert isinstance(permission, PermissionContext)
|
||||
assert permission.permission is ToolPermission.ASK
|
||||
labels = {rp.label for rp in permission.required_permissions}
|
||||
assert any("find" in label for label in labels), (
|
||||
f"Expected a find-exec RequiredPermission, got {labels}"
|
||||
)
|
||||
assert any("python3" in label for label in labels), (
|
||||
f"Companion command should also require permission, got {labels}"
|
||||
)
|
||||
|
||||
|
||||
def test_find_execution_predicate_does_not_override_denylist():
|
||||
config = BashToolConfig(denylist=["passwd"])
|
||||
bash_tool = Bash(config_getter=lambda: config, state=BaseToolState())
|
||||
|
||||
permission = bash_tool.resolve_permission(
|
||||
BashArgs(command="find . -exec id \\; && passwd root")
|
||||
)
|
||||
|
||||
assert isinstance(permission, PermissionContext)
|
||||
assert permission.permission is ToolPermission.NEVER
|
||||
assert "matches denylist pattern 'passwd'" in (permission.reason or "")
|
||||
|
||||
|
||||
def test_resolve_permission():
|
||||
config = BashToolConfig(allowlist=["echo", "pwd"], denylist=["rm"])
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue