oppi.li
source dump of claude code
1/**
2 * Detects potentially destructive bash commands and returns a warning string
3 * for display in the permission dialog. This is purely informational — it
4 * doesn't affect permission logic or auto-approval.
5 */
6
7type DestructivePattern = {
8 pattern: RegExp
9 warning: string
10}
11
12const DESTRUCTIVE_PATTERNS: DestructivePattern[] = [
13 // Git — data loss / hard to reverse
14 {
15 pattern: /\bgit\s+reset\s+--hard\b/,
16 warning: 'Note: may discard uncommitted changes',
17 },
18 {
19 pattern: /\bgit\s+push\b[^;&|\n]*[ \t](--force|--force-with-lease|-f)\b/,
20 warning: 'Note: may overwrite remote history',
21 },
22 {
23 pattern:
24 /\bgit\s+clean\b(?![^;&|\n]*(?:-[a-zA-Z]*n|--dry-run))[^;&|\n]*-[a-zA-Z]*f/,
25 warning: 'Note: may permanently delete untracked files',
26 },
27 {
28 pattern: /\bgit\s+checkout\s+(--\s+)?\.[ \t]*($|[;&|\n])/,
29 warning: 'Note: may discard all working tree changes',
30 },
31 {
32 pattern: /\bgit\s+restore\s+(--\s+)?\.[ \t]*($|[;&|\n])/,
33 warning: 'Note: may discard all working tree changes',
34 },
35 {
36 pattern: /\bgit\s+stash[ \t]+(drop|clear)\b/,
37 warning: 'Note: may permanently remove stashed changes',
38 },
39 {
40 pattern:
41 /\bgit\s+branch\s+(-D[ \t]|--delete\s+--force|--force\s+--delete)\b/,
42 warning: 'Note: may force-delete a branch',
43 },
44
45 // Git — safety bypass
46 {
47 pattern: /\bgit\s+(commit|push|merge)\b[^;&|\n]*--no-verify\b/,
48 warning: 'Note: may skip safety hooks',
49 },
50 {
51 pattern: /\bgit\s+commit\b[^;&|\n]*--amend\b/,
52 warning: 'Note: may rewrite the last commit',
53 },
54
55 // File deletion (dangerous paths already handled by checkDangerousRemovalPaths)
56 {
57 pattern:
58 /(^|[;&|\n]\s*)rm\s+-[a-zA-Z]*[rR][a-zA-Z]*f|(^|[;&|\n]\s*)rm\s+-[a-zA-Z]*f[a-zA-Z]*[rR]/,
59 warning: 'Note: may recursively force-remove files',
60 },
61 {
62 pattern: /(^|[;&|\n]\s*)rm\s+-[a-zA-Z]*[rR]/,
63 warning: 'Note: may recursively remove files',
64 },
65 {
66 pattern: /(^|[;&|\n]\s*)rm\s+-[a-zA-Z]*f/,
67 warning: 'Note: may force-remove files',
68 },
69
70 // Database
71 {
72 pattern: /\b(DROP|TRUNCATE)\s+(TABLE|DATABASE|SCHEMA)\b/i,
73 warning: 'Note: may drop or truncate database objects',
74 },
75 {
76 pattern: /\bDELETE\s+FROM\s+\w+[ \t]*(;|"|'|\n|$)/i,
77 warning: 'Note: may delete all rows from a database table',
78 },
79
80 // Infrastructure
81 {
82 pattern: /\bkubectl\s+delete\b/,
83 warning: 'Note: may delete Kubernetes resources',
84 },
85 {
86 pattern: /\bterraform\s+destroy\b/,
87 warning: 'Note: may destroy Terraform infrastructure',
88 },
89]
90
91/**
92 * Checks if a bash command matches known destructive patterns.
93 * Returns a human-readable warning string, or null if no destructive pattern is detected.
94 */
95export function getDestructiveCommandWarning(command: string): string | null {
96 for (const { pattern, warning } of DESTRUCTIVE_PATTERNS) {
97 if (pattern.test(command)) {
98 return warning
99 }
100 }
101 return null
102}