vrr/qwen-code
2
0
Fork 0
mirror of https://github.com/QwenLM/qwen-code.git synced 2026-04-30 12:40:44 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 21
qwen-code/packages/cli/src/ui
History
jinye bf561fa495
fix(core): prevent malformed permission rules from becoming tool-wide catch-alls (#3467) 
* fix(core): prevent malformed permission rules from becoming tool-wide catch-alls

A permission rule with unbalanced parentheses (e.g. `Bash(rm -rf /)*`)
was silently parsed with `specifier: undefined`, causing `matchesRule`
to treat it as a catch-all that matches every invocation of the tool.
For deny rules this blocked all commands; for allow rules a typo could
silently auto-approve everything.

Add an `invalid` flag to `PermissionRule`. `parseRule` now marks rules
with unbalanced parens as invalid, `matchesRule` short-circuits them to
never match, and all entry points (`addSession*Rule`, `addPersistentRule`,
`parseRules`) warn on malformed input. `listRules` filters out invalid
rules so they don't appear in the /permissions UI.

* fix(cli): show error in /permissions dialog when adding malformed rule

When a user enters a rule with unbalanced parentheses via the "Add Rule"
input in the /permissions dialog, show an inline error message instead of
silently accepting and then hiding the invalid rule.

Closes #3459

Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
2026-04-20 18:56:14 +08:00
..
auth feat(auth): discontinue Qwen OAuth free tier (2026-04-15 cutoff) (#3291) 2026-04-15 22:30:20 +08:00
commands refactor(cli): replace slash command whitelist with capability-based filtering (Phase 1) (#3283) 2026-04-20 14:34:43 +08:00
components fix(core): prevent malformed permission rules from becoming tool-wide catch-alls (#3467) 2026-04-20 18:56:14 +08:00
contexts feat(cli): add early input capture to prevent keystroke loss during startup (#3319) 2026-04-19 00:40:44 +08:00
editors feat: add support for Trae editor (#1037) 2025-11-17 10:58:33 +08:00
hooks feat(cli): add tool execution progress messages (#3155) 2026-04-20 16:04:58 +08:00
layouts Merge pull request #2776 from QwenLM/feat/enhance-btw-command 2026-04-03 19:17:12 +08:00
models fix: 修复模型常量更新导致的单测失败 2026-02-26 15:45:06 +08:00
noninteractive feat(cli): add session recap with /recap and auto-show on return (#3434) 2026-04-19 21:38:48 +08:00
state feat: move extension to core package 2026-01-14 15:30:27 +08:00
themes refactor(cli): consolidate and rename message components 2026-03-05 20:11:00 +08:00
utils fix(tool-registry): add lazy factory registration with inflight concurrency dedup (#3297) 2026-04-18 10:31:50 +08:00
App.test.tsx feat(cli): Add agent tab navigation and live tool output for in-process arena mode 2026-02-23 13:21:16 +08:00
App.tsx feat: Redesign CLI welcome screen and improve visual consistency 2026-01-16 11:48:31 +08:00
AppContainer.test.tsx feat(cli): support bare exit/quit commands to exit the CLI (#3201) 2026-04-13 18:21:27 +08:00
AppContainer.tsx feat(cli): add tool execution progress messages (#3155) 2026-04-20 16:04:58 +08:00
colors.ts Use dim colors for YOLO/auto-accept mode borders 2026-01-17 14:23:42 +01:00
CommandFormatMigrationNudge.tsx feat: add i18n 2026-01-19 10:08:21 +08:00
constants.ts Sync upstream Gemini-CLI v0.8.2 (#838) 2025-10-23 09:27:04 +08:00
FeedbackDialog.tsx refactor: reorder feedback options and improve dialog feedback timestamp handling 2026-01-23 18:55:43 +08:00
IdeIntegrationNudge.tsx update user messages 2026-01-07 17:25:27 +08:00
keyMatchers.test.ts refactor: rename verboseMode to compactMode for better UX clarity (#3075) 2026-04-10 11:55:50 +08:00
keyMatchers.ts fix test on windows 2026-02-03 15:11:20 +08:00
semantic-colors.ts Explict imports & exports with type modifier (#3774) 2025-08-25 22:04:53 +00:00
textConstants.ts Patch 0.3.0 preview.4 (#7713) 2025-09-04 17:00:46 +00:00
types.ts feat(cli): add tool execution progress messages (#3155) 2026-04-20 16:04:58 +08:00