(
filePath: string,
options: ValidatePathOptions = {},
)
| 133 | * @throws PathValidationError if path is invalid |
| 134 | */ |
| 135 | export function validateRelativePath( |
| 136 | filePath: string, |
| 137 | options: ValidatePathOptions = {}, |
| 138 | ): void { |
| 139 | const { allowRoot = false } = options; |
| 140 | |
| 141 | // Reject absolute paths |
| 142 | if (isAbsolute(filePath)) { |
| 143 | throw new PathValidationError( |
| 144 | "Absolute paths are not allowed", |
| 145 | "ABSOLUTE_PATH", |
| 146 | ); |
| 147 | } |
| 148 | |
| 149 | const normalized = normalize(filePath); |
| 150 | const segments = normalized.split(sep); |
| 151 | |
| 152 | // Reject ".." as a path segment (allows "..foo" directories) |
| 153 | if (segments.includes("..")) { |
| 154 | throw new PathValidationError( |
| 155 | "Path traversal not allowed", |
| 156 | "PATH_TRAVERSAL", |
| 157 | ); |
| 158 | } |
| 159 | |
| 160 | // Reject root path unless explicitly allowed |
| 161 | if (!allowRoot && (normalized === "" || normalized === ".")) { |
| 162 | throw new PathValidationError( |
| 163 | "Cannot target worktree root", |
| 164 | "INVALID_TARGET", |
| 165 | ); |
| 166 | } |
| 167 | } |
| 168 | |
| 169 | /** |
| 170 | * Validates and resolves a path within a worktree. Sync, simple. |
no outgoing calls
no test coverage detected