rippy-cli 0.2.0

A shell command safety hook for AI coding tools (Claude Code, Cursor, Gemini CLI) — Rust rewrite of Dippy
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102

use super::{Classification, Handler, HandlerContext, has_flag};

pub static NPM_HANDLER: NpmHandler = NpmHandler;

pub struct NpmHandler;

const SAFE: &[&str] = &[
    "list",
    "ls",
    "ll",
    "la",
    "info",
    "show",
    "view",
    "search",
    "outdated",
    "help",
    "docs",
    "whoami",
    "ping",
    "explain",
    "why",
    "pack",
    "fund",
    "doctor",
    "licenses",
    "completion",
    "diff",
    "find-dupes",
    "query",
    "stars",
    "sbom",
];

// All non-safe commands default to Ask, so no explicit ASK list needed.

impl Handler for NpmHandler {
    fn commands(&self) -> &[&str] {
        &["npm", "npx", "yarn", "pnpm", "bun"]
    }

    fn classify(&self, ctx: &HandlerContext) -> Classification {
        let sub = ctx.args.first().map_or("", String::as_str);
        let desc = format!("{} {sub}", ctx.command_name);

        if has_flag(ctx.args, &["--help", "-h", "--version", "-v"]) {
            return Classification::Allow(format!("{} help/version", ctx.command_name));
        }

        // npx always asks (runs arbitrary packages)
        if ctx.command_name == "npx" {
            return Classification::Ask(format!("npx {sub}"));
        }

        if sub == "run" {
            // npm run with no script name or --list is safe
            if ctx.args.len() <= 1 || has_flag(ctx.args, &["--list"]) {
                return Classification::Allow(format!("{} run (list)", ctx.command_name));
            }
            return Classification::Ask(desc);
        }

        if sub == "config" || sub == "c" {
            return classify_config(ctx);
        }

        if sub == "cache" {
            return classify_cache(ctx);
        }

        if sub == "audit" {
            if has_flag(&ctx.args[1..], &["fix"]) {
                return Classification::Ask(format!("{} audit fix", ctx.command_name));
            }
            return Classification::Allow(format!("{} audit", ctx.command_name));
        }

        if SAFE.contains(&sub) {
            Classification::Allow(desc)
        } else {
            Classification::Ask(desc)
        }
    }
}

fn classify_config(ctx: &HandlerContext) -> Classification {
    let sub = ctx.args.get(1).map_or("", String::as_str);
    match sub {
        "list" | "ls" | "get" => {
            Classification::Allow(format!("{} config {sub}", ctx.command_name))
        }
        _ => Classification::Ask(format!("{} config {sub}", ctx.command_name)),
    }
}

fn classify_cache(ctx: &HandlerContext) -> Classification {
    let sub = ctx.args.get(1).map_or("", String::as_str);
    match sub {
        "ls" | "list" => Classification::Allow(format!("{} cache {sub}", ctx.command_name)),
        _ => Classification::Ask(format!("{} cache {sub}", ctx.command_name)),
    }
}