github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-09 03:28:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(exec-approvals): coerce bare string allowlist entries (#9903) (thanks @mcaxtr)

Browse Source
This commit is contained in:
George Pickett
2026-02-05 15:51:27 -08:00
parent 6ff209e932
commit 141f551a4c
7 changed files with 82 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
src/infra/exec-approvals.test.ts
View File

@@ -680,4 +680,37 @@ describe("normalizeExecApprovals handles string allowlist entries (#9790)", () =
// Only "ls" should survive; empty/whitespace strings should be dropped
expect(entries.map((e) => e.pattern)).toEqual(["ls"]);
});
it("drops malformed object entries with missing/non-string patterns", () => {
const file = {
version: 1,
agents: {
main: {
allowlist: [{ pattern: "/usr/bin/ls" }, {}, { pattern: 123 }, { pattern: " " }, "echo"],
},
},
} as unknown as ExecApprovalsFile;
const normalized = normalizeExecApprovals(file);
const entries = normalized.agents?.main?.allowlist ?? [];
expect(entries.map((e) => e.pattern)).toEqual(["/usr/bin/ls", "echo"]);
for (const entry of entries) {
expect(entry).not.toHaveProperty("0");
}
});
it("drops non-array allowlist values", () => {
const file = {
version: 1,
agents: {
main: {
allowlist: "ls",
},
},
} as unknown as ExecApprovalsFile;
const normalized = normalizeExecApprovals(file);
expect(normalized.agents?.main?.allowlist).toBeUndefined();
});
});