mirrors/hermes-agent
1
0
Fork 0
mirror of https://github.com/NousResearch/hermes-agent.git synced 2026-04-25 00:51:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

test: cover absolute paths in project env/config approval regex

Browse source 
The original regex only matched relative paths (./foo/.env or bare
.env), so the exact command from the bug report —
`cp /opt/data/.env.local /opt/data/.env` — did not trigger approval.
Broaden the leading-path prefix to accept an absolute leading slash
alongside ./ and ../, and add regressions for the bug-report command
and its redirection variant.
This commit is contained in:
Teknium 2026-04-23 14:05:15 -07:00 committed by Teknium
parent 1dfcda4e3c
commit b848ce2c79
2 changed files with 20 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

18
tests/tools/test_approval.py
View file

@ -460,6 +460,24 @@ class TestProjectSensitiveCopyPattern:
assert key is not None assert key is not None
assert "project env/config" in desc.lower() assert "project env/config" in desc.lower()
def test_cp_absolute_path_to_dotenv_requires_approval(self):
# Regression: the real-world bug report was `cp /opt/data/.env.local /opt/data/.env`.
# The regex must cover absolute paths, not just `./` / bare relative paths.
dangerous, key, desc = detect_dangerous_command(
"cp /opt/data/.env.local /opt/data/.env"
)
assert dangerous is True
assert key is not None
assert "project env/config" in desc.lower()
def test_redirect_absolute_path_to_dotenv_requires_approval(self):
dangerous, key, desc = detect_dangerous_command(
"cat /opt/data/.env.local > /opt/data/.env"
)
assert dangerous is True
assert key is not None
assert "project env/config" in desc.lower()
def test_mv_to_nested_config_yaml_requires_approval(self): def test_mv_to_nested_config_yaml_requires_approval(self):
dangerous, key, desc = detect_dangerous_command("mv tmp/generated.yaml config/config.yaml") dangerous, key, desc = detect_dangerous_command("mv tmp/generated.yaml config/config.yaml")
assert dangerous is True assert dangerous is True

4
tools/approval.py
View file

@ -63,8 +63,8 @@ _HERMES_ENV_PATH = (
r'(?:\$hermes_home|\$\{hermes_home\})/)' r'(?:\$hermes_home|\$\{hermes_home\})/)'
r'\.env\b' r'\.env\b'
) )
_PROJECT_ENV_PATH = r'(?:(?:\.{1,2}/)?(?:[^\s/"\'`]+/)*\.env(?:\.[^/\s"\'`]+)*)' _PROJECT_ENV_PATH = r'(?:(?:/|\.{1,2}/)?(?:[^\s/"\'`]+/)*\.env(?:\.[^/\s"\'`]+)*)'
_PROJECT_CONFIG_PATH = r'(?:(?:\.{1,2}/)?(?:[^\s/"\'`]+/)*config\.yaml)' _PROJECT_CONFIG_PATH = r'(?:(?:/|\.{1,2}/)?(?:[^\s/"\'`]+/)*config\.yaml)'
_SENSITIVE_WRITE_TARGET = ( _SENSITIVE_WRITE_TARGET = (
r'(?:/etc/|/dev/sd|' r'(?:/etc/|/dev/sd|'
rf'{_SSH_SENSITIVE_PATH}|' rf'{_SSH_SENSITIVE_PATH}|'