MediaMetz/gemini-cli
1
0
Fork 0
mirror of https://github.com/google-gemini/gemini-cli.git synced 2026-04-20 10:10:56 -07:00
Code Issues Packages Projects Releases Wiki Activity

fix(core): prevent race condition in policy persistence (#18506)

Browse Source 
Co-authored-by: Allen Hutchison <adh@google.com>
This commit is contained in:
Brad Dux
2026-02-10 15:35:09 -08:00
committed by GitHub
parent be2ebd1772
commit 6d3fff2ea4
6 changed files with 256 additions and 86 deletions
Download Patch File Download Diff File Expand all files Collapse all files
packages/core/src/policy/utils.test.ts
+39 -1
View File
@@ -5,7 +5,7 @@
*/
import { describe, it, expect } from 'vitest';
import { escapeRegex, buildArgsPatterns } from './utils.js';
import { escapeRegex, buildArgsPatterns, isSafeRegExp } from './utils.js';
describe('policy/utils', () => {
describe('escapeRegex', () => {
@@ -23,6 +23,44 @@ describe('policy/utils', () => {
});
});
describe('isSafeRegExp', () => {
it('should return true for simple regexes', () => {
expect(isSafeRegExp('abc')).toBe(true);
expect(isSafeRegExp('^abc$')).toBe(true);
expect(isSafeRegExp('a|b')).toBe(true);
});
it('should return true for safe quantifiers', () => {
expect(isSafeRegExp('a+')).toBe(true);
expect(isSafeRegExp('a*')).toBe(true);
expect(isSafeRegExp('a?')).toBe(true);
expect(isSafeRegExp('a{1,3}')).toBe(true);
});
it('should return true for safe groups', () => {
expect(isSafeRegExp('(abc)*')).toBe(true);
expect(isSafeRegExp('(a|b)+')).toBe(true);
});
it('should return false for invalid regexes', () => {
expect(isSafeRegExp('([a-z)')).toBe(false);
expect(isSafeRegExp('*')).toBe(false);
});
it('should return false for extremely long regexes', () => {
expect(isSafeRegExp('a'.repeat(2049))).toBe(false);
});
it('should return false for nested quantifiers (potential ReDoS)', () => {
expect(isSafeRegExp('(a+)+')).toBe(false);
expect(isSafeRegExp('(a+)*')).toBe(false);
expect(isSafeRegExp('(a*)+')).toBe(false);
expect(isSafeRegExp('(a*)*')).toBe(false);
expect(isSafeRegExp('(a|b+)+')).toBe(false);
expect(isSafeRegExp('(.*)+')).toBe(false);
});
});
describe('buildArgsPatterns', () => {
it('should return argsPattern if provided and no commandPrefix/regex', () => {
const result = buildArgsPatterns('my-pattern', undefined, undefined);