MCPcopy
hub / github.com/codeaashu/claude-code / isSourceAllowedByPolicy

Function isSourceAllowedByPolicy

src/utils/plugins/marketplaceHelpers.ts:480–505  ·  view source on GitHub ↗
(source: MarketplaceSource)

Source from the content-addressed store, hash-verified

478 * 2. strictKnownMarketplaces (allowlist) - if set, source must be in the list
479 */
480export function isSourceAllowedByPolicy(source: MarketplaceSource): boolean {
481 // Check blocklist first (takes precedence)
482 if (isSourceInBlocklist(source)) {
483 return false
484 }
485
486 // Then check allowlist
487 const allowlist = getStrictKnownMarketplaces()
488 if (allowlist === null) {
489 return true // No restrictions
490 }
491
492 // Check each entry in the allowlist
493 return allowlist.some(allowed => {
494 // Handle hostPattern entries - match by extracted host
495 if (allowed.source === 'hostPattern') {
496 return doesSourceMatchHostPattern(source, allowed)
497 }
498 // Handle pathPattern entries - match file/directory .path by regex
499 if (allowed.source === 'pathPattern') {
500 return doesSourceMatchPathPattern(source, allowed)
501 }
502 // Handle regular source entries - exact match
503 return areSourcesEqual(source, allowed)
504 })
505}
506
507/**
508 * Format a MarketplaceSource for display in error messages

Calls 5

isSourceInBlocklistFunction · 0.85
areSourcesEqualFunction · 0.85

Tested by

no test coverage detected