d0zingcat/claude-code
1
0
Fork 0
mirror of https://github.com/instructkr/claude-code.git synced 2026-06-06 12:16:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

style: cargo fmt after merged PRs (#3164, #3209, #3214, #3216)

Browse Source 
Fix formatting inconsistencies introduced by merged external PRs.

Generated with https://github.com/Yeachan-Heo/gajae-code
Co-authored-by: Gajae Code <dev@gajae-code.com>
This commit is contained in:
bellman
2026-06-05 10:52:37 +09:00
parent 114c2da9fc
commit 503d515f38
2 changed files with 30 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
rust/crates/runtime/src/permission_enforcer.rs
View File

@@ -242,19 +242,13 @@ fn is_read_only_command(command: &str) -> bool {
// Shell metacharacters that enable command chaining, substitution,
// piping, redirection, or subshells. Presence of any of these means we
// cannot reason about the command from its leading token alone.
const SHELL_METACHARS: &[char] =
&[';', '|', '&', '$', '`', '>', '<', '(', ')', '{', '}', '\n'];
const SHELL_METACHARS: &[char] = &[';', '|', '&', '$', '`', '>', '<', '(', ')', '{', '}', '\n'];
if command.contains(SHELL_METACHARS) {
return false;
}
let mut tokens = command.split_whitespace();
let first_token = tokens
.next()
.unwrap_or("")
.rsplit('/')
.next()
.unwrap_or("");
let first_token = tokens.next().unwrap_or("").rsplit('/').next().unwrap_or("");
// `git` is only read-only for a curated set of subcommands.
if first_token == "git" {
@@ -503,7 +497,10 @@ mod tests {
#[test]
fn workspace_rejects_parent_traversal() {
assert!(!is_within_workspace("/workspace/../etc/passwd", "/workspace"));
assert!(!is_within_workspace(
"/workspace/../etc/passwd",
"/workspace"
));
assert!(!is_within_workspace(
"/workspace/../../etc/crontab",
"/workspace"
@@ -514,7 +511,10 @@ mod tests {
"/workspace"
));
// Legitimate paths still resolve inside.
assert!(is_within_workspace("/workspace/./src/main.rs", "/workspace"));
assert!(is_within_workspace(
"/workspace/./src/main.rs",
"/workspace"
));
assert!(is_within_workspace(
"/workspace/src/../src/main.rs",
"/workspace"