* Get glob patterns that won't work fully on Linux/WSL
()
| 595 | * Get glob patterns that won't work fully on Linux/WSL |
| 596 | */ |
| 597 | function getLinuxGlobPatternWarnings(): string[] { |
| 598 | // Only return warnings on Linux/WSL (bubblewrap doesn't support globs) |
| 599 | const platform = getPlatform() |
| 600 | if (platform !== 'linux' && platform !== 'wsl') { |
| 601 | return [] |
| 602 | } |
| 603 | |
| 604 | try { |
| 605 | const settings = getSettings_DEPRECATED() |
| 606 | |
| 607 | // Only return warnings when sandboxing is enabled (check settings directly, not cached value) |
| 608 | if (!settings?.sandbox?.enabled) { |
| 609 | return [] |
| 610 | } |
| 611 | |
| 612 | const permissions = settings?.permissions || {} |
| 613 | const warnings: string[] = [] |
| 614 | |
| 615 | // Helper to check if a path has glob characters (excluding trailing /**) |
| 616 | const hasGlobs = (path: string): boolean => { |
| 617 | const stripped = path.replace(/\/\*\*$/, '') |
| 618 | return /[*?[\]]/.test(stripped) |
| 619 | } |
| 620 | |
| 621 | // Check all permission rules |
| 622 | for (const ruleString of [ |
| 623 | ...(permissions.allow || []), |
| 624 | ...(permissions.deny || []), |
| 625 | ]) { |
| 626 | const rule = permissionRuleValueFromString(ruleString) |
| 627 | if ( |
| 628 | (rule.toolName === FILE_EDIT_TOOL_NAME || |
| 629 | rule.toolName === FILE_READ_TOOL_NAME) && |
| 630 | rule.ruleContent && |
| 631 | hasGlobs(rule.ruleContent) |
| 632 | ) { |
| 633 | warnings.push(ruleString) |
| 634 | } |
| 635 | } |
| 636 | |
| 637 | return warnings |
| 638 | } catch (error) { |
| 639 | logForDebugging(`Failed to get Linux glob pattern warnings: ${error}`) |
| 640 | return [] |
| 641 | } |
| 642 | } |
| 643 | |
| 644 | /** |
| 645 | * Check if sandbox settings are locked by policy |
nothing calls this directly
no test coverage detected