MCPcopy Index your code
hub / github.com/21st-dev/1code / validateRelativePath

Function validateRelativePath

src/main/lib/git/security/path-validation.ts:135–167  ·  view source on GitHub ↗
(
	filePath: string,
	options: ValidatePathOptions = {},
)

Source from the content-addressed store, hash-verified

133 * @throws PathValidationError if path is invalid
134 */
135export function validateRelativePath(
136 filePath: string,
137 options: ValidatePathOptions = {},
138): void {
139 const { allowRoot = false } = options;
140
141 // Reject absolute paths
142 if (isAbsolute(filePath)) {
143 throw new PathValidationError(
144 "Absolute paths are not allowed",
145 "ABSOLUTE_PATH",
146 );
147 }
148
149 const normalized = normalize(filePath);
150 const segments = normalized.split(sep);
151
152 // Reject ".." as a path segment (allows "..foo" directories)
153 if (segments.includes("..")) {
154 throw new PathValidationError(
155 "Path traversal not allowed",
156 "PATH_TRAVERSAL",
157 );
158 }
159
160 // Reject root path unless explicitly allowed
161 if (!allowRoot && (normalized === "" || normalized === ".")) {
162 throw new PathValidationError(
163 "Cannot target worktree root",
164 "INVALID_TARGET",
165 );
166 }
167}
168
169/**
170 * Validates and resolves a path within a worktree. Sync, simple.

Callers 2

resolvePathInWorktreeFunction · 0.85
assertValidGitPathFunction · 0.85

Calls

no outgoing calls

Tested by

no test coverage detected