MCPcopy Index your code
hub / github.com/codeaashu/claude-code / parseCommandArguments

Function parseCommandArguments

src/tools/BashTool/pathValidation.ts:791–817  ·  view source on GitHub ↗

* Parses command arguments using shell-quote, converting glob objects to strings. * This is necessary because shell-quote parses patterns like *.txt as glob objects, * but we need them as strings for path validation.

(cmd: string)

Source from the content-addressed store, hash-verified

789 * but we need them as strings for path validation.
790 */
791function parseCommandArguments(cmd: string): string[] {
792 const parseResult = tryParseShellCommand(cmd, env => `$${env}`)
793 if (!parseResult.success) {
794 // Malformed shell syntax, return empty array
795 return []
796 }
797 const parsed = parseResult.tokens
798 const extractedArgs: string[] = []
799
800 for (const arg of parsed) {
801 if (typeof arg === 'string') {
802 // Include empty strings - they're valid arguments (e.g., grep "" /tmp/t)
803 extractedArgs.push(arg)
804 } else if (
805 typeof arg === 'object' &&
806 arg !== null &&
807 'op' in arg &&
808 arg.op === 'glob' &&
809 'pattern' in arg
810 ) {
811 // shell-quote parses glob patterns as objects, but we need them as strings for validation
812 extractedArgs.push(String(arg.pattern))
813 }
814 }
815
816 return extractedArgs
817}
818
819/**
820 * Validates a single command for path constraints and shell safety.

Callers 1

Calls 2

tryParseShellCommandFunction · 0.85
pushMethod · 0.45

Tested by

no test coverage detected