mirror of
https://github.com/earendil-works/pi.git
synced 2026-06-18 15:54:04 +08:00
fix(coding-agent): make trust input traversal portable
This commit is contained in:
@@ -1,5 +1,5 @@
|
||||
import { existsSync, mkdirSync, readFileSync, writeFileSync } from "node:fs";
|
||||
import { dirname, join, resolve } from "node:path";
|
||||
import { dirname, join } from "node:path";
|
||||
import lockfile from "proper-lockfile";
|
||||
import { CONFIG_DIR_NAME } from "../config.ts";
|
||||
import { canonicalizePath, resolvePath } from "../utils/paths.ts";
|
||||
@@ -95,12 +95,11 @@ function withTrustFileLock<T>(path: string, fn: () => T): T {
|
||||
}
|
||||
|
||||
export function hasProjectTrustInputs(cwd: string): boolean {
|
||||
let currentDir = resolvePath(cwd);
|
||||
let currentDir = canonicalizePath(resolvePath(cwd));
|
||||
if (existsSync(join(currentDir, CONFIG_DIR_NAME))) {
|
||||
return true;
|
||||
}
|
||||
|
||||
const root = resolve("/");
|
||||
while (true) {
|
||||
for (const filename of CONTEXT_FILE_NAMES) {
|
||||
if (existsSync(join(currentDir, filename))) {
|
||||
@@ -111,11 +110,7 @@ export function hasProjectTrustInputs(cwd: string): boolean {
|
||||
return true;
|
||||
}
|
||||
|
||||
if (currentDir === root) {
|
||||
return false;
|
||||
}
|
||||
|
||||
const parentDir = resolve(currentDir, "..");
|
||||
const parentDir = dirname(currentDir);
|
||||
if (parentDir === currentDir) {
|
||||
return false;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user