feat(shell): && || ; sequencing, increment 4 (#34)#41
Merged
Conversation
WHAT: The safe-subset engine now parses a Script — a sequence of pipelines joined by && / || / ; (Sep::And/Or/Seq). parse.rs builds Vec<ScriptItem{sep, pipeline}> (first item is Seq); leading/doubled/dangling separators and dangling pipes are Malformed; quoted operators stay literal. run_script executes the bash AND-OR-list short-circuit: ; runs unconditionally, && runs iff prev exit==0, || runs iff prev exit!=0; output of the pipelines that ran is concatenated in order; exit = last pipeline that ran.
WHY: && / || / ; are core agent ergonomics (cd x && build, try || fallback). The Spawner seam is unchanged (still one run() per pipeline) — sequencing is orchestration in run_script, so it is fully mock-testable. Atomic admission is widened to the WHOLE script: an out-of-scope program or redirect ANYWHERE (even one a && / || would short-circuit away) denies everything before any spawn — no partial side effects.
TEST: 19 unit (mock-spawner short-circuit: && skips on failure, || runs on failure, ; unconditional, true|| skips, combined output order, atomic admission across the script, dynamic-stage refused) + 10 real-spawn integration (true&&echo, false&&echo skipped, false||echo fallback, echo;echo). just check green (fmt + clippy all-features & no-default-features + workspace tests).
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01HMGPEApE4XfwgMhgFbRn6c
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Increment 4 of #34 (ADR 0005 D3): the safe-subset engine now runs sequences — pipelines joined by
&&/||/;with bash short-circuit semantics.What
parse.rs—classify()returns aScript=Vec<ScriptItem { sep, pipeline }>(Sep::Seq/And/Or; first item isSeq). Leading/doubled/dangling separators and dangling pipes areMalformed; quoted operators stay literal (echo "a&&b"is one argv).shell_tool.rs—run_scriptfolds the AND-OR list:;unconditional,&&iff prev exit 0,||iff prev exit ≠ 0; output of the pipelines that ran is concatenated in order; exit = last pipeline that ran. TheSpawnerseam is unchanged (onerun()per pipeline) — sequencing is orchestration, so it's fully mock-testable.Security
Atomic admission widened to the whole script: an out-of-scope program or redirect target anywhere — even one a
&&/||would short-circuit away — denies everything before any spawn (no partial side effects).Testing (fully mocked + deep)
false && echoskips echo;false || echoruns it;true || echoskips;;unconditional; combined output concatenates in order; out-of-scope command anywhere denies the whole script with nothing spawned; a dynamic stage in a sequence is refused.true && echo,false && echo(skipped),false || echo(fallback),echo a ; echo b.Test plan
just checkgreen (fmt + clippy all-features & no-default-features + workspace tests). Part of #34.🤖 Generated with Claude Code