feature/recipe_implementation #5
@ -24,8 +24,8 @@ func NewRunner(r *Recipe, client *grok.Client, model string) *Runner {
|
||||
func (r *Runner) Run() error {
|
||||
fmt.Printf("🍳 Starting recipe: %s v%s\n\n", r.Recipe.Name, r.Recipe.Version)
|
||||
|
||||
// Resolve package_path once at the start (handles ~, ., etc.)
|
||||
workDir := r.resolvePackagePath()
|
||||
// Resolve the final working directory once (package_path + project_name)
|
||||
workDir := r.resolveWorkDir()
|
||||
|
||||
var previousResults []string
|
||||
var refactorJSONs []string
|
||||
@ -92,6 +92,40 @@ Execute this step now. Respond ONLY with the expected output format — no expla
|
||||
return nil
|
||||
}
|
||||
|
||||
// resolveWorkDir returns the absolute path where all shell commands should run
|
||||
func (r *Runner) resolveWorkDir() string {
|
||||
// Start with package_path param or default
|
||||
root := "."
|
||||
if v, ok := r.Recipe.ResolvedParams["package_path"]; ok {
|
||||
if s, ok := v.(string); ok && s != "" {
|
||||
root = s
|
||||
}
|
||||
}
|
||||
|
||||
// Expand ~
|
||||
if strings.HasPrefix(root, "~/") {
|
||||
home, _ := os.UserHomeDir()
|
||||
root = filepath.Join(home, root[2:])
|
||||
} else if root == "~" {
|
||||
root, _ = os.UserHomeDir()
|
||||
}
|
||||
|
||||
// Make absolute
|
||||
absRoot, err := filepath.Abs(root)
|
||||
if err != nil {
|
||||
absRoot = root
|
||||
}
|
||||
|
||||
// Append project_name if provided
|
||||
if name, ok := r.Recipe.ResolvedParams["project_name"]; ok {
|
||||
if s, ok := name.(string); ok && s != "" {
|
||||
absRoot = filepath.Join(absRoot, s)
|
||||
}
|
||||
}
|
||||
|
||||
return absRoot
|
||||
}
|
||||
|
||||
// resolvePackagePath expands ~, ., and makes the path absolute
|
||||
func (r *Runner) resolvePackagePath() string {
|
||||
root := "."
|
||||
@ -118,7 +152,8 @@ func (r *Runner) resolvePackagePath() string {
|
||||
}
|
||||
|
||||
// discoverFiles now takes the resolved absolute path
|
||||
func (r *Runner) discoverFiles(root string) []string {
|
||||
// discoverFiles now takes the resolved workDir
|
||||
func (r *Runner) discoverFiles(workDir string) []string {
|
||||
var files []string
|
||||
|
||||
allowedExt := make(map[string]bool)
|
||||
@ -130,13 +165,18 @@ func (r *Runner) discoverFiles(root string) []string {
|
||||
}
|
||||
}
|
||||
|
||||
_ = filepath.WalkDir(root, func(path string, d os.DirEntry, err error) error {
|
||||
searchFor := r.Recipe.SearchPattern
|
||||
if searchFor == "" {
|
||||
searchFor = "if err != nil"
|
||||
}
|
||||
|
||||
_ = filepath.WalkDir(workDir, func(path string, d os.DirEntry, err error) error {
|
||||
if err != nil || d.IsDir() {
|
||||
return nil
|
||||
}
|
||||
if allowedExt[filepath.Ext(path)] {
|
||||
b, _ := os.ReadFile(path)
|
||||
if strings.Contains(string(b), r.Recipe.SearchPattern) {
|
||||
if strings.Contains(string(b), searchFor) {
|
||||
files = append(files, path)
|
||||
}
|
||||
}
|
||||
@ -259,13 +299,12 @@ func createUnifiedPatch(changes []FileChange, patchPath string) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
// executeShellCommands — safe, whitelisted, boundary-enforced
|
||||
// executeShellCommands — safe, whitelisted, boundary-enforced
|
||||
func (r *Runner) executeShellCommands(step Step, previousResults []string, workDir string) {
|
||||
|
||||
prompt := fmt.Sprintf(`You are executing shell commands for this step.
|
||||
|
||||
Recipe Overview:
|
||||
%s
|
||||
Project root (current working directory for all commands): %s
|
||||
|
||||
Previous step results:
|
||||
%s
|
||||
@ -274,17 +313,17 @@ Previous step results:
|
||||
Objective: %s
|
||||
Instructions: %s
|
||||
|
||||
Return ONLY a JSON array of commands to run. Each command must be in this exact format:
|
||||
Return ONLY a JSON array of commands. Use **relative paths only** (no ~, no absolute paths). Example:
|
||||
|
||||
[
|
||||
{
|
||||
"command": "poetry",
|
||||
"args": ["new", "{{.project_name}}"]
|
||||
"args": ["new", "."]
|
||||
}
|
||||
]
|
||||
|
||||
Only use commands from the allowed list. Never use cd, rm -rf, or anything that could escape the project directory.`,
|
||||
r.Recipe.Overview,
|
||||
Never use cd, rm -rf, or anything that could escape the project directory.`,
|
||||
workDir,
|
||||
strings.Join(previousResults, "\n\n---\n\n"),
|
||||
step.Objective,
|
||||
step.Instructions)
|
||||
@ -297,7 +336,6 @@ Only use commands from the allowed list. Never use cd, rm -rf, or anything that
|
||||
response := r.Client.Stream(messages, r.Model)
|
||||
fmt.Println()
|
||||
|
||||
// Parse JSON...
|
||||
type ShellCommand struct {
|
||||
Command string `json:"command"`
|
||||
Args []string `json:"args"`
|
||||
@ -337,7 +375,15 @@ Only use commands from the allowed list. Never use cd, rm -rf, or anything that
|
||||
continue
|
||||
}
|
||||
|
||||
// Execute with strict cwd = resolved package_path
|
||||
// Safety check: no escaping the boundary
|
||||
for _, arg := range cmd.Args {
|
||||
if strings.Contains(arg, "..") || strings.HasPrefix(arg, "/") {
|
||||
fmt.Printf(" ❌ Command rejected (tries to escape boundary): %s\n", fullCmd)
|
||||
continue
|
||||
}
|
||||
}
|
||||
|
||||
// Execute with strict cwd
|
||||
execCmd := exec.Command(cmd.Command, cmd.Args...)
|
||||
execCmd.Dir = workDir
|
||||
output, err := execCmd.CombinedOutput()
|
||||
|
||||
Loading…
Reference in New Issue
Block a user