MCPcopy Index your code
hub / github.com/codeaashu/claude-code / getCommandAllowlist

Function getCommandAllowlist

src/tools/BashTool/readOnlyValidation.ts:1201–1215  ·  view source on GitHub ↗
()

Source from the content-addressed store, hash-verified

1199}
1200
1201function getCommandAllowlist(): Record<string, CommandConfig> {
1202 let allowlist: Record<string, CommandConfig> = COMMAND_ALLOWLIST
1203 // On Windows, xargs can be used as a data-to-code bridge: if a file contains
1204 // a UNC path, `cat file | xargs cat` feeds that path to cat, triggering SMB
1205 // resolution. Since the UNC path is in file contents (not the command string),
1206 // regex-based detection cannot catch this.
1207 if (getPlatform() === 'windows') {
1208 const { xargs: _, ...rest } = allowlist
1209 allowlist = rest
1210 }
1211 if (process.env.USER_TYPE === 'ant') {
1212 return { ...allowlist, ...ANT_ONLY_COMMAND_ALLOWLIST }
1213 }
1214 return allowlist
1215}
1216
1217/**
1218 * Commands that are safe to use as xargs targets for auto-approval.

Callers 1

Calls 1

getPlatformFunction · 0.85

Tested by

no test coverage detected