Function validate_pattern_safety

Source

pub fn validate_pattern_safety(pattern: &str) -> Result<()>

Expand description

Validates that a pattern is safe and doesn’t contain path traversal attempts.

This security function prevents malicious patterns that could access files outside the intended directory boundaries. It checks for common path traversal patterns and absolute paths that could escape the repository or project directory.

§Security Checks

Path Traversal: Rejects patterns containing .. components
Absolute Paths (Unix): Rejects patterns starting with /
Absolute Paths (Windows): Rejects patterns containing : or starting with \

§Arguments

pattern - The glob pattern to validate

§Returns

Ok(()) if the pattern is safe to use.

§Errors

Returns an error if the pattern contains dangerous components:

Path traversal attempts (../, ../../, etc.)
Absolute paths (/etc/passwd, C:\Windows\, etc.)
UNC paths on Windows (\\server\share)

§Examples

use agpm_cli::pattern::validate_pattern_safety;

// Safe patterns
assert!(validate_pattern_safety("*.md").is_ok());
assert!(validate_pattern_safety("agents/*.md").is_ok());
assert!(validate_pattern_safety("**/*.md").is_ok());

// Unsafe patterns
assert!(validate_pattern_safety("../etc/passwd").is_err());

validate_pattern_safety

Function validate_pattern_safety Copy item path