vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-04-24 15:41:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

refactor: dedupe security lowercase helpers

Browse Source
This commit is contained in:
Peter Steinberger
2026-04-07 14:30:53 +01:00
parent a903936750
commit 2cd11565a6
10 changed files with 46 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
src/security/audit-extra.async.ts
View File

@@ -27,6 +27,7 @@ import type { AgentToolsConfig } from "../config/types.tools.js";
import { readInstalledPackageVersion } from "../infra/package-update-utils.js";
import { normalizePluginsConfig } from "../plugins/config-state.js";
import { normalizeAgentId } from "../routing/session-key.js";
import { normalizeOptionalLowercaseString } from "../shared/string-coerce.js";
import {
formatPermissionDetail,
formatPermissionRemediation,
@@ -239,7 +240,11 @@ function resolveToolPolicies(params: {
}
function normalizePluginIdSet(entries: string[]): Set<string> {
return new Set(entries.map((entry) => entry.trim().toLowerCase()).filter(Boolean));
return new Set(
entries
.map((entry) => normalizeOptionalLowercaseString(entry))
.filter((entry): entry is string => Boolean(entry)),
);
}
function resolveEnabledExtensionPluginIds(params: {
@@ -255,12 +260,16 @@ function resolveEnabledExtensionPluginIds(params: {
const denySet = normalizePluginIdSet(normalized.deny);
const entryById = new Map<string, { enabled?: boolean }>();
for (const [id, entry] of Object.entries(normalized.entries)) {
entryById.set(id.trim().toLowerCase(), entry);
const normalizedId = normalizeOptionalLowercaseString(id);
if (!normalizedId) {
continue;
}
entryById.set(normalizedId, entry);
}
const enabled: string[] = [];
for (const id of params.pluginDirs) {
const normalizedId = id.trim().toLowerCase();
const normalizedId = normalizeOptionalLowercaseString(id);
if (!normalizedId) {
continue;
}
@@ -286,7 +295,9 @@ function collectAllowEntries(config?: { allow?: string[]; alsoAllow?: string[] }
if (Array.isArray(config?.alsoAllow)) {
out.push(...config.alsoAllow);
}
return out.map((entry) => entry.trim().toLowerCase()).filter(Boolean);
return out
.map((entry) => normalizeOptionalLowercaseString(entry))
.filter((entry): entry is string => Boolean(entry));
}
function hasExplicitPluginAllow(params: {
@@ -496,7 +507,7 @@ function parsePublishedHostFromDockerPortLine(line: string): string | null {
}
function isLoopbackPublishHost(host: string): boolean {
const normalized = host.trim().toLowerCase();
const normalized = normalizeOptionalLowercaseString(host);
return normalized === "127.0.0.1" || normalized === "::1" || normalized === "localhost";
}