Get extra read-only paths from EXTRA_READ_PATHS environment variable. Parses comma-separated absolute paths and validates each one: - Must be an absolute path - Must exist and be a directory - Cannot be or contain sensitive directories (e.g., .ssh, .aws) Returns: L
()
| 110 | |
| 111 | |
| 112 | def get_extra_read_paths() -> list[Path]: |
| 113 | """ |
| 114 | Get extra read-only paths from EXTRA_READ_PATHS environment variable. |
| 115 | |
| 116 | Parses comma-separated absolute paths and validates each one: |
| 117 | - Must be an absolute path |
| 118 | - Must exist and be a directory |
| 119 | - Cannot be or contain sensitive directories (e.g., .ssh, .aws) |
| 120 | |
| 121 | Returns: |
| 122 | List of validated, canonicalized Path objects. |
| 123 | """ |
| 124 | raw_value = os.getenv(EXTRA_READ_PATHS_VAR, "").strip() |
| 125 | if not raw_value: |
| 126 | return [] |
| 127 | |
| 128 | validated_paths: list[Path] = [] |
| 129 | home_dir = Path.home() |
| 130 | |
| 131 | for path_str in raw_value.split(","): |
| 132 | path_str = path_str.strip() |
| 133 | if not path_str: |
| 134 | continue |
| 135 | |
| 136 | # Parse and canonicalize the path |
| 137 | try: |
| 138 | path = Path(path_str).resolve() |
| 139 | except (OSError, ValueError) as e: |
| 140 | print(f" - Warning: Invalid EXTRA_READ_PATHS path '{path_str}': {e}") |
| 141 | continue |
| 142 | |
| 143 | # Must be absolute (resolve() makes it absolute, but check original input) |
| 144 | if not Path(path_str).is_absolute(): |
| 145 | print(f" - Warning: EXTRA_READ_PATHS requires absolute paths, skipping: {path_str}") |
| 146 | continue |
| 147 | |
| 148 | # Must exist |
| 149 | if not path.exists(): |
| 150 | print(f" - Warning: EXTRA_READ_PATHS path does not exist, skipping: {path_str}") |
| 151 | continue |
| 152 | |
| 153 | # Must be a directory |
| 154 | if not path.is_dir(): |
| 155 | print(f" - Warning: EXTRA_READ_PATHS path is not a directory, skipping: {path_str}") |
| 156 | continue |
| 157 | |
| 158 | # Check against sensitive directory blocklist |
| 159 | is_blocked = False |
| 160 | for sensitive in EXTRA_READ_PATHS_BLOCKLIST: |
| 161 | sensitive_path = (home_dir / sensitive).resolve() |
| 162 | try: |
| 163 | # Block if path IS the sensitive dir or is INSIDE it |
| 164 | if path == sensitive_path or path.is_relative_to(sensitive_path): |
| 165 | print(f" - Warning: EXTRA_READ_PATHS blocked sensitive path: {path_str}") |
| 166 | is_blocked = True |
| 167 | break |
| 168 | # Also block if sensitive dir is INSIDE the requested path |
| 169 | if sensitive_path.is_relative_to(path): |
no outgoing calls