mirror of
https://github.com/SuperClaude-Org/SuperClaude_Framework.git
synced 2025-12-18 18:26:46 +00:00
050d5ea2ab
* fix(orchestration): add WebFetch auto-trigger for infrastructure configuration Problem: Infrastructure configuration changes (e.g., Traefik port settings) were being made based on assumptions without consulting official documentation, violating the 'Evidence > assumptions' principle in PRINCIPLES.md. Solution: - Added Infrastructure Configuration Validation section to MODE_Orchestration.md - Auto-triggers WebFetch for infrastructure tools (Traefik, nginx, Docker, etc.) - Enforces MODE_DeepResearch activation for investigation - BLOCKS assumption-based configuration changes Testing: Verified WebFetch successfully retrieves Traefik official docs (port 80 default) This prevents production outages from infrastructure misconfiguration by ensuring all technical recommendations are backed by official documentation. * feat: Add PM Agent (Project Manager Agent) for seamless orchestration Introduces PM Agent as the default orchestration layer that coordinates all sub-agents and manages workflows automatically. Key Features: - Default orchestration: All user interactions handled by PM Agent - Auto-delegation: Intelligent sub-agent selection based on task analysis - Docker Gateway integration: Zero-token baseline with dynamic MCP loading - Self-improvement loop: Automatic documentation of patterns and mistakes - Optional override: Users can specify sub-agents explicitly if desired Architecture: - Agent spec: SuperClaude/Agents/pm-agent.md - Command: SuperClaude/Commands/pm.md - Updated docs: README.md (15→16 agents), agents.md (new Orchestration category) User Experience: - Default: PM Agent handles everything (seamless, no manual routing) - Optional: Explicit --agent flag for direct sub-agent access - Both modes available simultaneously (no user downside) Implementation Status: - ✅ Specification complete - ✅ Documentation complete - ⏳ Prototype implementation needed - ⏳ Docker Gateway integration needed - ⏳ Testing and validation needed Refs: kazukinakai/docker-mcp-gateway (IRIS MCP Gateway integration) * feat: Add Agent Orchestration rules for PM Agent default activation Implements PM Agent as the default orchestration layer in RULES.md. Key Changes: - New 'Agent Orchestration' section (CRITICAL priority) - PM Agent receives ALL user requests by default - Manual override with @agent-[name] bypasses PM Agent - Agent Selection Priority clearly defined: 1. Manual override → Direct routing 2. Default → PM Agent → Auto-delegation 3. Delegation based on keywords, file types, complexity, context User Experience: - Default: PM Agent handles everything (seamless) - Override: @agent-[name] for direct specialist access - Transparent: PM Agent reports delegation decisions This establishes PM Agent as the orchestration layer while respecting existing auto-activation patterns and manual overrides. Next Steps: - Local testing in agiletec project - Iteration based on actual behavior - Documentation updates as needed * refactor(pm-agent): redesign as self-improvement meta-layer Problem Resolution: PM Agent's initial design competed with existing auto-activation for task routing, creating confusion about orchestration responsibilities and adding unnecessary complexity. Design Change: Redefined PM Agent as a meta-layer agent that operates AFTER specialist agents complete tasks, focusing on: - Post-implementation documentation and pattern recording - Immediate mistake analysis with prevention checklists - Monthly documentation maintenance and noise reduction - Pattern extraction and knowledge synthesis Two-Layer Orchestration System: 1. Task Execution Layer: Existing auto-activation handles task routing (unchanged) 2. Self-Improvement Layer: PM Agent meta-layer handles documentation (new) Files Modified: - SuperClaude/Agents/pm-agent.md: Complete rewrite with meta-layer design - Category: orchestration → meta - Triggers: All user interactions → Post-implementation, mistakes, monthly - Behavioral Mindset: Continuous learning system - Self-Improvement Workflow: BEFORE/DURING/AFTER/MISTAKE RECOVERY/MAINTENANCE - SuperClaude/Core/RULES.md: Agent Orchestration section updated - Split into Task Execution Layer + Self-Improvement Layer - Added orchestration flow diagram - Clarified PM Agent activates AFTER task completion - README.md: Updated PM Agent description - "orchestrates all interactions" → "ensures continuous learning" - Docs/User-Guide/agents.md: PM Agent section rewritten - Section: Orchestration Agent → Meta-Layer Agent - Expertise: Project orchestration → Self-improvement workflow executor - Examples: Task coordination → Post-implementation documentation - PR_DOCUMENTATION.md: Comprehensive PR documentation added - Summary, motivation, changes, testing, breaking changes - Two-layer orchestration system diagram - Verification checklist Integration Validated: Tested with agiletec project's self-improvement-workflow.md: ✅ PM Agent aligns with existing BEFORE/DURING/AFTER/MISTAKE RECOVERY phases ✅ Complements (not competes with) existing workflow ✅ agiletec workflow defines WHAT, PM Agent defines WHO executes it Breaking Changes: None - Existing auto-activation continues unchanged - Specialist agents unaffected - User workflows remain the same - New capability: Automatic documentation and knowledge maintenance Value Proposition: Transforms SuperClaude into a continuously learning system that accumulates knowledge, prevents recurring mistakes, and maintains fresh documentation without manual intervention. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * docs: add Claude Code conversation history management research Research covering .jsonl file structure, performance impact, and retention policies. Content: - Claude Code .jsonl file format and message types - Performance issues from GitHub (memory leaks, conversation compaction) - Retention policies (consumer vs enterprise) - Rotation recommendations based on actual data - File history snapshot tracking mechanics Source: Moved from agiletec project (research applicable to all Claude Code projects) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * feat: add Development documentation structure Phase 1: Documentation Structure complete - Add Docs/Development/ directory for development documentation - Add ARCHITECTURE.md - System architecture with PM Agent meta-layer - Add ROADMAP.md - 5-phase development plan with checkboxes - Add TASKS.md - Daily task tracking with progress indicators - Add PROJECT_STATUS.md - Current status dashboard and metrics - Add pm-agent-integration.md - Implementation guide for PM Agent mode This establishes comprehensive documentation foundation for: - System architecture understanding - Development planning and tracking - Implementation guidance - Progress visibility Related: #pm-agent-mode #documentation #phase-1 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * feat: PM Agent session lifecycle and PDCA implementation Phase 2: PM Agent Mode Integration (Design Phase) Commands/pm.md updates: - Add "Always-Active Foundation Layer" concept - Add Session Lifecycle (Session Start/During Work/Session End) - Add PDCA Cycle (Plan/Do/Check/Act) automation - Add Serena MCP Memory Integration (list/read/write_memory) - Document auto-activation triggers Agents/pm-agent.md updates: - Add Session Start Protocol (MANDATORY auto-activation) - Add During Work PDCA Cycle with example workflows - Add Session End Protocol with state preservation - Add PDCA Self-Evaluation Pattern - Add Documentation Strategy (temp → patterns/mistakes) - Add Memory Operations Reference Key Features: - Session start auto-activation for context restoration - 30-minute checkpoint saves during work - Self-evaluation with think_about_* operations - Systematic documentation lifecycle - Knowledge evolution to CLAUDE.md Implementation Status: - ✅ Design complete (Commands/pm.md, Agents/pm-agent.md) - ⏳ Implementation pending (Core components) - ⏳ Serena MCP integration pending Salvaged from mistaken development in ~/.claude directory Related: #pm-agent-mode #session-lifecycle #pdca-cycle #phase-2 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * fix: disable Serena MCP auto-browser launch Disable web dashboard and GUI log window auto-launch in Serena MCP server to prevent intrusive browser popups on startup. Users can still manually access the dashboard at http://localhost:24282/dashboard/ if needed. Changes: - Add CLI flags to Serena run command: - --enable-web-dashboard false - --enable-gui-log-window false - Ensures Git-tracked configuration (no reliance on ~/.serena/serena_config.yml) - Aligns with AIRIS MCP Gateway integration approach 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * refactor: rename directories to lowercase for PEP8 compliance - Rename superclaude/Agents -> superclaude/agents - Rename superclaude/Commands -> superclaude/commands - Rename superclaude/Core -> superclaude/core - Rename superclaude/Examples -> superclaude/examples - Rename superclaude/MCP -> superclaude/mcp - Rename superclaude/Modes -> superclaude/modes This change follows Python PEP8 naming conventions for package directories. * style: fix PEP8 violations and update package name to lowercase Changes: - Format all Python files with black (43 files reformatted) - Update package name from 'SuperClaude' to 'superclaude' in pyproject.toml - Fix import statements to use lowercase package name - Add missing imports (timedelta, __version__) - Remove old SuperClaude.egg-info directory PEP8 violations reduced from 2672 to 701 (mostly E501 line length due to black's 88 char vs flake8's 79 char limit). * docs: add PM Agent development documentation Add comprehensive PM Agent development documentation: - PM Agent ideal workflow (7-phase autonomous cycle) - Project structure understanding (Git vs installed environment) - Installation flow understanding (CommandsComponent behavior) - Task management system (current-tasks.md) Purpose: Eliminate repeated explanations and enable autonomous PDCA cycles 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * feat(pm-agent): add self-correcting execution and warning investigation culture ## Changes ### superclaude/commands/pm.md - Add "Self-Correcting Execution" section with root cause analysis protocol - Add "Warning/Error Investigation Culture" section enforcing zero-tolerance for dismissal - Define error detection protocol: STOP → Investigate → Hypothesis → Different Solution → Execute - Document anti-patterns (retry without understanding) and correct patterns (research-first) ### docs/Development/hypothesis-pm-autonomous-enhancement-2025-10-14.md - Add PDCA workflow hypothesis document for PM Agent autonomous enhancement ## Rationale PM Agent must never retry failed operations without understanding root causes. All warnings and errors require investigation via context7/WebFetch/documentation to ensure production-quality code and prevent technical debt accumulation. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * feat(installer): add airis-mcp-gateway MCP server option ## Changes - Add airis-mcp-gateway to MCP server options in installer - Configuration: GitHub-based installation via uvx - Repository: https://github.com/oraios/airis-mcp-gateway - Purpose: Dynamic MCP Gateway for zero-token baseline and on-demand tool loading ## Implementation Added to setup/components/mcp.py self.mcp_servers dictionary with: - install_method: github - install_command: uvx test installation - run_command: uvx runtime execution - required: False (optional server) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> --------- Co-authored-by: kazuki <kazuki@kazukinoMacBook-Air.local> Co-authored-by: Claude <noreply@anthropic.com>
468 lines
15 KiB
Python
468 lines
15 KiB
Python
"""
|
|
Abstract base class for installable components
|
|
"""
|
|
|
|
from abc import ABC, abstractmethod
|
|
from typing import List, Dict, Tuple, Optional, Any
|
|
from pathlib import Path
|
|
import json
|
|
from ..services.files import FileService
|
|
from ..services.settings import SettingsService
|
|
from ..utils.logger import get_logger
|
|
from ..utils.security import SecurityValidator
|
|
|
|
|
|
class Component(ABC):
|
|
"""Base class for all installable components"""
|
|
|
|
def __init__(
|
|
self, install_dir: Optional[Path] = None, component_subdir: Path = Path("")
|
|
):
|
|
"""
|
|
Initialize component with installation directory
|
|
|
|
Args:
|
|
install_dir: Target installation directory (defaults to ~/.claude)
|
|
"""
|
|
from .. import DEFAULT_INSTALL_DIR
|
|
|
|
# Initialize logger first
|
|
self.logger = get_logger()
|
|
# Resolve path safely
|
|
self.install_dir = self._resolve_path_safely(install_dir or DEFAULT_INSTALL_DIR)
|
|
self.settings_manager = SettingsService(self.install_dir)
|
|
self.component_files = self._discover_component_files()
|
|
self.file_manager = FileService()
|
|
self.install_component_subdir = self.install_dir / component_subdir
|
|
|
|
@abstractmethod
|
|
def get_metadata(self) -> Dict[str, str]:
|
|
"""
|
|
Return component metadata
|
|
|
|
Returns:
|
|
Dict containing:
|
|
- name: Component name
|
|
- version: Component version
|
|
- description: Component description
|
|
- category: Component category (core, command, integration, etc.)
|
|
"""
|
|
pass
|
|
|
|
def is_reinstallable(self) -> bool:
|
|
"""
|
|
Whether this component should be re-installed if already present.
|
|
Useful for container-like components that can install sub-parts.
|
|
"""
|
|
return False
|
|
|
|
def validate_prerequisites(
|
|
self, installSubPath: Optional[Path] = None
|
|
) -> Tuple[bool, List[str]]:
|
|
"""
|
|
Check prerequisites for this component
|
|
|
|
Returns:
|
|
Tuple of (success: bool, error_messages: List[str])
|
|
"""
|
|
errors = []
|
|
|
|
# Check if we have read access to source files
|
|
source_dir = self._get_source_dir()
|
|
if not source_dir or (source_dir and not source_dir.exists()):
|
|
errors.append(f"Source directory not found: {source_dir}")
|
|
return False, errors
|
|
|
|
# Check if all required framework files exist
|
|
missing_files = []
|
|
for filename in self.component_files:
|
|
source_file = source_dir / filename
|
|
if not source_file.exists():
|
|
missing_files.append(filename)
|
|
|
|
if missing_files:
|
|
errors.append(f"Missing component files: {missing_files}")
|
|
|
|
# Check write permissions to install directory
|
|
has_perms, missing = SecurityValidator.check_permissions(
|
|
self.install_dir, {"write"}
|
|
)
|
|
if not has_perms:
|
|
errors.append(f"No write permissions to {self.install_dir}: {missing}")
|
|
|
|
# Validate installation target
|
|
is_safe, validation_errors = SecurityValidator.validate_installation_target(
|
|
self.install_component_subdir
|
|
)
|
|
if not is_safe:
|
|
errors.extend(validation_errors)
|
|
|
|
# Get files to install
|
|
files_to_install = self.get_files_to_install()
|
|
|
|
# Validate all files for security
|
|
is_safe, security_errors = SecurityValidator.validate_component_files(
|
|
files_to_install, source_dir, self.install_component_subdir
|
|
)
|
|
if not is_safe:
|
|
errors.extend(security_errors)
|
|
|
|
if not self.file_manager.ensure_directory(self.install_component_subdir):
|
|
errors.append(
|
|
f"Could not create install directory: {self.install_component_subdir}"
|
|
)
|
|
|
|
return len(errors) == 0, errors
|
|
|
|
def get_files_to_install(self) -> List[Tuple[Path, Path]]:
|
|
"""
|
|
Return list of files to install
|
|
|
|
Returns:
|
|
List of tuples (source_path, target_path)
|
|
"""
|
|
source_dir = self._get_source_dir()
|
|
files = []
|
|
|
|
if source_dir:
|
|
for filename in self.component_files:
|
|
source = source_dir / filename
|
|
target = self.install_component_subdir / filename
|
|
files.append((source, target))
|
|
|
|
return files
|
|
|
|
def get_settings_modifications(self) -> Dict[str, Any]:
|
|
"""
|
|
Return settings.json modifications to apply
|
|
(now only Claude Code compatible settings)
|
|
|
|
Returns:
|
|
Dict of settings to merge into settings.json
|
|
"""
|
|
# Return empty dict as we don't modify Claude Code settings
|
|
return {}
|
|
|
|
def install(self, config: Dict[str, Any]) -> bool:
|
|
try:
|
|
return self._install(config)
|
|
except Exception as e:
|
|
self.logger.exception(
|
|
f"Unexpected error during {repr(self)} installation: {e}"
|
|
)
|
|
return False
|
|
|
|
@abstractmethod
|
|
def _install(self, config: Dict[str, Any]) -> bool:
|
|
"""
|
|
Perform component-specific installation logic
|
|
|
|
Args:
|
|
config: Installation configuration
|
|
|
|
Returns:
|
|
True if successful, False otherwise
|
|
"""
|
|
# Validate installation
|
|
success, errors = self.validate_prerequisites()
|
|
if not success:
|
|
for error in errors:
|
|
self.logger.error(error)
|
|
return False
|
|
|
|
# Get files to install
|
|
files_to_install = self.get_files_to_install()
|
|
|
|
# Copy framework files
|
|
success_count = 0
|
|
for source, target in files_to_install:
|
|
self.logger.debug(f"Copying {source.name} to {target}")
|
|
|
|
if self.file_manager.copy_file(source, target):
|
|
success_count += 1
|
|
self.logger.debug(f"Successfully copied {source.name}")
|
|
else:
|
|
self.logger.error(f"Failed to copy {source.name}")
|
|
|
|
if success_count != len(files_to_install):
|
|
self.logger.error(
|
|
f"Only {success_count}/{len(files_to_install)} files copied successfully"
|
|
)
|
|
return False
|
|
|
|
self.logger.success(
|
|
f"{repr(self)} component installed successfully ({success_count} files)"
|
|
)
|
|
|
|
return self._post_install()
|
|
|
|
@abstractmethod
|
|
def _post_install(self) -> bool:
|
|
pass
|
|
|
|
@abstractmethod
|
|
def uninstall(self) -> bool:
|
|
"""
|
|
Remove component
|
|
|
|
Returns:
|
|
True if successful, False otherwise
|
|
"""
|
|
pass
|
|
|
|
@abstractmethod
|
|
def get_dependencies(self) -> List[str]:
|
|
"""
|
|
Return list of component dependencies
|
|
|
|
Returns:
|
|
List of component names this component depends on
|
|
"""
|
|
pass
|
|
|
|
@abstractmethod
|
|
def _get_source_dir(self) -> Optional[Path]:
|
|
"""Get source directory for component files"""
|
|
pass
|
|
|
|
def update(self, config: Dict[str, Any]) -> bool:
|
|
"""
|
|
Update component (default: uninstall then install)
|
|
|
|
Args:
|
|
config: Installation configuration
|
|
|
|
Returns:
|
|
True if successful, False otherwise
|
|
"""
|
|
# Default implementation: uninstall and reinstall
|
|
if self.uninstall():
|
|
return self.install(config)
|
|
return False
|
|
|
|
def get_installed_version(self) -> Optional[str]:
|
|
"""
|
|
Get currently installed version of component
|
|
|
|
Returns:
|
|
Version string if installed, None otherwise
|
|
"""
|
|
self.logger.debug("Checking installed version")
|
|
metadata_file = self.install_dir / ".superclaude-metadata.json"
|
|
if metadata_file.exists():
|
|
self.logger.debug("Metadata file exists, reading version")
|
|
try:
|
|
with open(metadata_file, "r") as f:
|
|
metadata = json.load(f)
|
|
component_name = self.get_metadata()["name"]
|
|
version = (
|
|
metadata.get("components", {})
|
|
.get(component_name, {})
|
|
.get("version")
|
|
)
|
|
self.logger.debug(f"Found version: {version}")
|
|
return version
|
|
except Exception as e:
|
|
self.logger.warning(f"Failed to read version from metadata: {e}")
|
|
else:
|
|
self.logger.debug("Metadata file does not exist")
|
|
return None
|
|
|
|
def is_installed(self) -> bool:
|
|
"""
|
|
Check if component is installed
|
|
|
|
Returns:
|
|
True if installed, False otherwise
|
|
"""
|
|
return self.get_installed_version() is not None
|
|
|
|
def validate_installation(self) -> Tuple[bool, List[str]]:
|
|
"""
|
|
Validate that component is correctly installed
|
|
|
|
Returns:
|
|
Tuple of (success: bool, error_messages: List[str])
|
|
"""
|
|
errors = []
|
|
|
|
# Check if all files exist
|
|
for _, target in self.get_files_to_install():
|
|
if not target.exists():
|
|
errors.append(f"Missing file: {target}")
|
|
|
|
# Check version in metadata
|
|
if not self.get_installed_version():
|
|
errors.append("Component not registered in .superclaude-metadata.json")
|
|
|
|
return len(errors) == 0, errors
|
|
|
|
def get_size_estimate(self) -> int:
|
|
"""
|
|
Estimate installed size in bytes
|
|
|
|
Returns:
|
|
Estimated size in bytes
|
|
"""
|
|
total_size = 0
|
|
for source, _ in self.get_files_to_install():
|
|
if source.exists():
|
|
if source.is_file():
|
|
total_size += source.stat().st_size
|
|
elif source.is_dir():
|
|
total_size += sum(
|
|
f.stat().st_size for f in source.rglob("*") if f.is_file()
|
|
)
|
|
return total_size
|
|
|
|
def _discover_component_files(self) -> List[str]:
|
|
"""
|
|
Dynamically discover framework .md files in the Core directory
|
|
|
|
Returns:
|
|
List of framework filenames (e.g., ['CLAUDE.md', 'COMMANDS.md', ...])
|
|
"""
|
|
source_dir = self._get_source_dir()
|
|
|
|
if not source_dir:
|
|
return []
|
|
|
|
return self._discover_files_in_directory(
|
|
source_dir,
|
|
extension=".md",
|
|
exclude_patterns=["README.md", "CHANGELOG.md", "LICENSE.md"],
|
|
)
|
|
|
|
def _discover_files_in_directory(
|
|
self,
|
|
directory: Path,
|
|
extension: str = ".md",
|
|
exclude_patterns: Optional[List[str]] = None,
|
|
) -> List[str]:
|
|
"""
|
|
Shared utility for discovering files in a directory
|
|
|
|
Args:
|
|
directory: Directory to scan
|
|
extension: File extension to look for (default: '.md')
|
|
exclude_patterns: List of filename patterns to exclude
|
|
|
|
Returns:
|
|
List of filenames found in the directory
|
|
"""
|
|
if exclude_patterns is None:
|
|
exclude_patterns = []
|
|
|
|
try:
|
|
if not directory.exists():
|
|
self.logger.warning(f"Source directory not found: {directory}")
|
|
return []
|
|
|
|
if not directory.is_dir():
|
|
self.logger.warning(f"Source path is not a directory: {directory}")
|
|
return []
|
|
|
|
# Discover files with the specified extension
|
|
files = []
|
|
for file_path in directory.iterdir():
|
|
if (
|
|
file_path.is_file()
|
|
and file_path.suffix.lower() == extension.lower()
|
|
and file_path.name not in exclude_patterns
|
|
):
|
|
files.append(file_path.name)
|
|
|
|
# Sort for consistent ordering
|
|
files.sort()
|
|
|
|
self.logger.debug(
|
|
f"Discovered {len(files)} {extension} files in {directory}"
|
|
)
|
|
if files:
|
|
self.logger.debug(f"Files found: {files}")
|
|
|
|
return files
|
|
|
|
except PermissionError:
|
|
self.logger.error(f"Permission denied accessing directory: {directory}")
|
|
return []
|
|
except Exception as e:
|
|
self.logger.error(f"Error discovering files in {directory}: {e}")
|
|
return []
|
|
|
|
def __str__(self) -> str:
|
|
"""String representation of component"""
|
|
metadata = self.get_metadata()
|
|
return f"{metadata['name']} v{metadata['version']}"
|
|
|
|
def __repr__(self) -> str:
|
|
"""Developer representation of component"""
|
|
return f"<{self.__class__.__name__}({self.get_metadata()['name']})>"
|
|
|
|
def _resolve_path_safely(self, path: Path) -> Path:
|
|
"""
|
|
Safely resolve path with proper error handling and security validation
|
|
|
|
Args:
|
|
path: Path to resolve
|
|
|
|
Returns:
|
|
Resolved path
|
|
|
|
Raises:
|
|
ValueError: If path resolution fails or path is unsafe
|
|
"""
|
|
try:
|
|
# Expand user directory (~) and resolve path
|
|
resolved_path = path.expanduser().resolve()
|
|
|
|
# Basic security validation - only enforce for production directories
|
|
path_str = str(resolved_path).lower()
|
|
|
|
# Check for most dangerous system patterns (but allow /tmp for testing)
|
|
dangerous_patterns = [
|
|
"/etc/",
|
|
"/bin/",
|
|
"/sbin/",
|
|
"/usr/bin/",
|
|
"/usr/sbin/",
|
|
"/var/log/",
|
|
"/var/lib/",
|
|
"/dev/",
|
|
"/proc/",
|
|
"/sys/",
|
|
"c:\\windows\\",
|
|
"c:\\program files\\",
|
|
]
|
|
|
|
# Allow temporary directories for testing
|
|
if path_str.startswith("/tmp/") or "temp" in path_str:
|
|
self.logger.debug(f"Allowing temporary directory: {resolved_path}")
|
|
return resolved_path
|
|
|
|
for pattern in dangerous_patterns:
|
|
if path_str.startswith(pattern):
|
|
raise ValueError(f"Cannot use system directory: {resolved_path}")
|
|
|
|
return resolved_path
|
|
|
|
except Exception as e:
|
|
self.logger.error(f"Failed to resolve path {path}: {e}")
|
|
raise ValueError(f"Invalid path: {path}")
|
|
|
|
def _resolve_source_path_safely(self, path: Path) -> Optional[Path]:
|
|
"""
|
|
Safely resolve source path with existence check
|
|
|
|
Args:
|
|
path: Source path to resolve
|
|
|
|
Returns:
|
|
Resolved path if valid and exists, None otherwise
|
|
"""
|
|
try:
|
|
resolved_path = self._resolve_path_safely(path)
|
|
return resolved_path if resolved_path.exists() else None
|
|
except ValueError:
|
|
return None
|