MCPcopy Index your code
hub / github.com/codeaashu/claude-code / checkSedConstraints

Function checkSedConstraints

src/tools/BashTool/sedValidation.ts:644–684  ·  view source on GitHub ↗
(
  input: { command: string },
  toolPermissionContext: ToolPermissionContext,
)

Source from the content-addressed store, hash-verified

642 * - 'passthrough' if no sed commands or all are safe
643 */
644export function checkSedConstraints(
645 input: { command: string },
646 toolPermissionContext: ToolPermissionContext,
647): PermissionResult {
648 const commands = splitCommand_DEPRECATED(input.command)
649
650 for (const cmd of commands) {
651 // Skip non-sed commands
652 const trimmed = cmd.trim()
653 const baseCmd = trimmed.split(/\s+/)[0]
654 if (baseCmd !== 'sed') {
655 continue
656 }
657
658 // In acceptEdits mode, allow file writes (-i flag) but still block dangerous operations
659 const allowFileWrites = toolPermissionContext.mode === 'acceptEdits'
660
661 const isAllowed = sedCommandIsAllowedByAllowlist(trimmed, {
662 allowFileWrites,
663 })
664
665 if (!isAllowed) {
666 return {
667 behavior: 'ask',
668 message:
669 'sed command requires approval (contains potentially dangerous operations)',
670 decisionReason: {
671 type: 'other',
672 reason:
673 'sed command contains operations that require explicit approval (e.g., write commands, execute commands)',
674 },
675 }
676 }
677 }
678
679 // No dangerous sed commands found (or no sed commands at all)
680 return {
681 behavior: 'passthrough',
682 message: 'No dangerous sed operations detected',
683 }
684}
685

Callers 1

bashToolCheckPermissionFunction · 0.85

Calls 2

splitCommand_DEPRECATEDFunction · 0.85

Tested by

no test coverage detected