fix(cli): add explicit intercept match predicates#1364
Open
dpersek wants to merge 5 commits into
Open
Conversation
Signed-off-by: Dustin Persek <dustin.persek@protonmail.com>
Contributor
PR Review SummarySize
Affected crates
Blast radius — ModerateThis PR touches: source code,configuration / policy files Updated automatically on each push to this PR. |
Member
|
cc @kipz might be worth a look whenever :) |
Contributor
|
@SequeI and @SyntaxSawdust - looks good to me FWIW. This leaves open the possibility of other matchers (e.g. regex, negation etc) which might be handy too in the future. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Linked Issue
Closes #1328
Summary
Intercept rules can now use an explicit
matchpredicate instead of relying only on legacy literalargswindows. This gives profiles a deliberate way to match observed argv shapes withexact,prefix, orcontains, and to match out-of-band behavior through filtered child environment variables such asGIT_SSH_COMMAND.The legacy
argsform remains backward-compatible, including first-match ordering andargs: []catch-all behavior. The new predicate form is intentionally bounded: it does not add a git parser, flag alias folding, flag reordering, or shell-style expansion of literal argv tokens.Agent Disclosure
This PR was prepared by Dustin Persek with assistance from an AI coding agent. I reviewed the generated code and tests before submission.
References consulted:
CONTRIBUTING.mdCLAUDE.mdNOGENT.mdSECURITY.md.github/PULL_REQUEST_TEMPLATE.mdCompliance notes:
crates/nono-cli, where command policy and tool-sandbox behavior live.unwrap/expectin non-test matcher code and passes strict clippy with-D clippy::unwrap_used.Test Plan
cargo fmtjq empty crates/nono-cli/data/nono-profile.schema.jsoncargo fmt --checkgit diff --checkcargo test -p nono-cli tool_sandbox::policy::intercept_testscargo test -p nono-cli validate_interceptcargo test -p nono-cli empty_argvcargo test -p nono-cli --test schema_shapecargo check -p nono-clicargo clippy --workspace --all-targets --all-features -- -D warnings -D clippy::unwrap_usedcargo test -p nono-cli -- --test-threads=1Note: a local Linux cross-target check was blocked because this macOS Homebrew Rust toolchain does not have the
x86_64-unknown-linux-gnutarget std/core installed.Scope / non-goals
argsas the backward-compatible literal/contiguous shorthand.--flag=valuevs--flag value, short/long aliases, duplicate flags, reordered flags, or git-specific parsing.Checklist
CHANGELOG.mdif needed; not applicable for this narrow bug/config-surface fixAgent Compliance Check
NonoErrorwhere required