refactor(security): unify dangerous name matching handling

2026-04-19 06:17:27 +00:00 · 2026-02-24 01:32:23 +00:00
parent 6a7c303dcc
commit 161d9841dc
17 changed files with 671 additions and 471 deletions
--- a/extensions/googlechat/src/monitor.ts
+++ b/extensions/googlechat/src/monitor.ts
@@ -6,6 +6,7 @@ import {
  readJsonBodyWithLimit,
  registerWebhookTarget,
  rejectNonPostWebhookRequest,
+  isDangerousNameMatchingEnabled,
  resolveAllowlistProviderRuntimeGroupPolicy,
  resolveDefaultGroupPolicy,
  resolveSingleWebhookTargetAsync,
@@ -410,7 +411,7 @@ async function processMessageWithPipeline(params: {
  const senderId = sender?.name ?? "";
  const senderName = sender?.displayName ?? "";
  const senderEmail = sender?.email ?? undefined;
-  const allowNameMatching = account.config.dangerouslyAllowNameMatching === true;
+  const allowNameMatching = isDangerousNameMatchingEnabled(account.config);

  const allowBots = account.config.allowBots === true;
  if (!allowBots) {