Function prefix_allow_matches

Source

pub fn prefix_allow_matches(pattern: &str, command: &str) -> bool

Expand description

Return true when an allow-rule pattern (a command-prefix string such as "git status") matches the concrete command string using the arity-aware prefix classification from classify_command.

This is the canonical entry point for config allow / auto_allow rule evaluation. It correctly handles:

"git status" → matches git status -s, git status --porcelain; does not match git push origin main.
"npm run dev" → matches only npm run dev, not npm run build.
"cargo check" → matches cargo check --workspace.
"make" → matches make all, make clean (arity 1).

For allow rules that contain wildcards (*) or regex metacharacters, the caller should additionally invoke the pattern-matching path from crate::execpolicy::matcher::pattern_matches.

§Examples

assert!( prefix_allow_matches("git status",    "git status --porcelain"));
assert!(!prefix_allow_matches("git status",    "git push origin main"));
assert!( prefix_allow_matches("cargo check",   "cargo check --workspace"));
assert!( prefix_allow_matches("npm run dev",   "npm run dev"));
assert!(!prefix_allow_matches("npm run dev",   "npm run build"));

prefix_allow_matches

Function prefix_allow_matches Copy item path

§Examples

Function prefix_allow_matches