Pi;XdZddlmZddlZddlmZddlmZddlm Z m Z ddgd e d d DzZ e hd Ze hd Ze hdZe hdZe hdZGddeZGddejZd-d.dZd/d Ze hd!Ze hd"Zd0d'Zd1d(Zd2d,ZdS)3a Python command handler for Dippy. Analyzes Python scripts to determine if they're safe (read-only, no I/O, no code execution). Uses AST-based static analysis with a whitelist approach. Conservative by design: if we can't prove it's safe, ask for confirmation. ) annotationsN)Path) NamedTuple)ClassificationHandlerContextpythonpython3cg|]}d|S)zpython3.).0vs 1/root/projects/gits/Dippy/src/dippy/cli/python.py rs#I#I#IqNqNN#I#I#I>9 html.parser html.entitiescollections.abcreuuabcastcsvdiscopyenumhmachtmljsonmathtimezlibarraycmathheapqtokentypesbase64bisectpprintquoprirandomstringstructtypingdecimaldifflibhashlibkeywordnumbersreprlibtomllibbinasciicalendardatetimegraphliboperatorsymtabletextwraptokenizewarningszoneinfo fractions functools itertools traceback contextlib statistics collections dataclasses unicodedatatyping_extensions>_xml.domxml.sax xml.etree http.client http.server xml.parsers urllib.parseurllib.requestxml.dom.minidomxml.dom.pulldomwsgiref.handlersxml.parsers.expatconcurrent.futuresxml.dom.expatbuilderxml.etree.ElementTreexml.etree.cElementTreegcioosbz2cgicmddbmgrpptypwdsslsysttyxmlcodedillglobgziphttplzmammapspwdcgitbcryptfcntlrunpyshlexatexitcodecscodeopctypesftplibgetoptpicklepopen2poplibshelveshutilsignalsocketurllibxmlrpcasynciocPicklefnmatchgetpassimaplibinspectloggingmarshalnntplibpathlibpkgutilsmtplibsqlite3tarfiletermioszipfileargparsecommandsplatformresourcetempfile fileinput importlib ipaddress linecache sysconfig telnetlib threading compileall concurrent jsonpickle py_compile subprocess webbrowser configparser socketservermultiprocessing>direvalexecopenvarsinputprintlocalscompiledelattrgetattrglobalssetattr __import__ breakpoint memoryview>4idabsallanybinchrhexintlenmapmaxminoctordpowsetstrsumzipbooldicthashiterlistnextreprtypeasciibytesfloatrangeroundslicesupertupledivmodfilterformatobjectsortedcomplexhasattrcallablepropertyreversed bytearray enumerate frozenset isinstance issubclass classmethod staticmethod>prunbindcallrforkkilllinkrreadrecvsendwaitPopenchmodchowncloseexeclexecvflushmkdirpopenrmdirspawnwait3wait4writeacceptchrootexecleexeclpexecveexecvpf_backf_codekillpglistenr~popen3popen4removerenamermtreesendtospawnlspawnvsystemunlink__mro__co_codeconnectcr_codeexeclpeexecvpef_traceforkptygi_coderecvmsgreplacerequestsendallsendmsgspawnlespawnlpspawnvespawnvpsymlinktb_nexturlopenwaitpid__code____dict____spec__cr_awaitcr_framef_localsgi_framemakedirsreadlinerecvfromspawnlpespawnvpetb_frametruncate Unpickler __bases__ __class__ f_globals getoutput read_text readlines startfile terminater __loader__ __reduce__ check_call f_builtins read_bytes write_text writelines __closure__ __globals__ urlretrieve write_bytes __builtins__ __getstate__ __setstate__ check_output gi_yieldfrom __reduce_ex____subclasses__getstatusoutputc<eZdZUdZded<ded<ded<ded<dS) Violationz)A safety violation found during analysis.rlinecolrkinddetailN)__name__ __module__ __qualname____doc____annotations__r rrr\r\s:33 III HHH IIIKKKKKrr\ceZdZdZd(d)dZd*d Zd+dZd,dZd-dZe hdZ d.dZ d/dZ d0dZ d1dZd2dZd3d Zd4d"Zd5d$Zd6d&Zd'S)7SafetyAnalyzerz AST visitor that checks Python code for safety. Uses a strict whitelist approach: only explicitly safe constructs are allowed. Anything unknown is flagged. T allow_printrc"g|_||_dSN) violationsrh)selfrhs r__init__zSafetyAnalyzer.__init__s+-&rnodeast.ASTr_rr`returnNonec |jtt|ddt|dd||dS)Nlinenor col_offset)rkappendr\r)rlrnr_r`s r_addzSafetyAnalyzer._addsU  h**GD,,J,JDRX       r ast.Importc:|jD]}}|j}|dd}|tvs |tvr||dd|Q|t vr#|t vr||dd|~||dS)N.rimportdangerous module: unknown module: )namesnamesplitDANGEROUS_MODULESrv SAFE_MODULES generic_visit)rlrnaliasmoduleroots r visit_ImportzSafetyAnalyzer.visit_ImportsZ G GEZF<<$$Q'D***d6G.G.G $*Gv*G*GHHHH|++L0H0H $*EV*E*EFFF 4     rast.ImportFromcf|j||dddS|j}|dd}|tvs |tvr||dd|n,|tvr#|tvr||dd|||dS)Nrzzrelative import without moduleryrr{r|)rrvrrrr)rlrnrrs rvisit_ImportFromzSafetyAnalyzer.visit_ImportFroms ;  IIdH&F G G G F||C  # & & &$2C*C*C IIdH&C6&C&C D D D D < ' 'D ,D,D IIdH&A&A&A B B B 4     rast.Callc|j}t|tjr^|j}|t vr)|dkr|jrn||dd|ni|tvr|d s nDt|tj r*|j }|tvr||dd|| |dS)Nrbuiltinzdangerous builtin: rmethodzdangerous method: )funcrrNamerDANGEROUS_BUILTINSrhrv SAFE_BUILTINSisupper AttributeattrDANGEROUS_ATTRSr)rlrnrr~rs r visit_CallzSafetyAnalyzer.visit_Callsy dCH % % G7D)))7??t'7?IIdI/KT/K/KLLLL]**47??3D3D*cm , , G9D&& $*Et*E*EFFF 4     r>r rrrrr!r#r.r1r2r4r5r6r7r=r@rArBrIrKrOrPrSrWrXrY ast.Attributec|j|jvr||dd|j||dS)N reflectionzdangerous attribute: )rREFLECTION_ATTRSrvrrlrns rvisit_AttributezSafetyAnalyzer.visit_Attribute1sM 9- - - IIdL*M$)*M*M N N N 4     rast.Namecz|j}|dvr||dd|||dS)N)rSrHr3rzdangerous name: )rrvr)rlrnr~s r visit_NamezSafetyAnalyzer.visit_Name8sNw = = = IIdL*CT*C*C D D D 4     r ast.Starredc0||dSrjrrs r visit_StarredzSafetyAnalyzer.visit_Starred@ 4     rast.FunctionDefc|jD]+}t|tjr|jt vr ,||dSrj)decorator_listrrrrrr)rlrn decorators rvisit_FunctionDefz SafetyAnalyzer.visit_FunctionDefDsS,  I)SX.. <}44 4     rast.AsyncFunctionDefc^||dd||dS)Nasynczasync functions require asynciorvrrs rvisit_AsyncFunctionDefz%SafetyAnalyzer.visit_AsyncFunctionDefMs3 $!BCCC 4     r ast.Awaitc^||dd||dS)Nrzawait requires asynciorrs r visit_AwaitzSafetyAnalyzer.visit_AwaitRs3 $!9::: 4     rast.Withc|jD]i}|j}t|tjrFt|jtjr'|jjdkr||ddj| |dS)Nrr]zfile open in with statement) items context_exprrrCallrrrrvr)rlrnitemctxs r visit_WithzSafetyAnalyzer.visit_WithVsJ M MD#C#sx(( Mch11Mx{f,, $.KLLL 4     r ast.GlobalcdSrjr rs r visit_GlobalzSafetyAnalyzer.visit_Globalas rast.Tryc0||dSrjrrs r visit_TryzSafetyAnalyzer.visit_TryerrNT)rhr)rnror_rr`rrprq)rnrwrprq)rnrrprq)rnrrprq)rnrrprq)rnrrprq)rnrrprq)rnrrprq)rnrrprq)rnrrprq)rnrrprq)rnrrprq)rnrrprq)rarbrcrdrmrvrrrrrrrrrrrrrrr rrrgrgs_'''''     ! ! ! ! ! ! ! !!!!!4!y   !!F!!!!!!!!!!!!!!!!!!!! !!!! ! ! ! !    !!!!!!rrgTsourcerrhrrplist[Violation]c  tj|}nE#t$r8}t|jpd|jpddt |gcYd}~Sd}~wwxYwt|}|||j S)zx Analyze Python source code for safety violations. Returns list of violations, empty if code appears safe. rsyntaxN)rh) rparse SyntaxErrorr\rsoffsetrrgvisitrk)rrhtreeeanalyzers ranalyze_python_sourcerjs Ky   KKK!(-aQ#a&&IIJJJJJJJK+666H NN4  s A-AAApathrtuple[bool, str]c|sdd|fS|sdd|fS|jdvr dd|jfS |j}|dkrdSn#t $r}dd|fcYd }~Sd }~wwxYw |d }n%#t tf$r}dd |fcYd }~Sd }~wwxYwt|}|r$|d }d|j d|j d|j dfSdS)zK Analyze a Python file for safety. Returns (is_safe, reason). Fzfile not found: z not a file: )z.pyz.pywznot a Python file: i)Fzfile too large to analyzezcannot stat file: Nzutf-8)encodingzcannot read file: r: z (line ))Tzstatic analysis passed) existsis_filesuffixstatst_sizeOSErrorrDUnicodeDecodeErrorrr_r`r])rsizerrrkr s ranalyze_python_filerzs ;;==0///// <<>>,+T++++ {/))9DK9999/yy{{" '>>55  ///.1.........//11 ' (///.1........./'v..J> qM==18==AF===== ) )s< A// B 9B?B B B%%C6C<CC>-W-X--check-hash-based-pycs-c-m>-V-h-VV--help --versiontokens list[str]cwdtuple[Path | None, int]cpd}|t|kr||}|tvrdS|dvrdS|tvr|dz };|dr d|vr|dz }Z|dr|dz }ut |}|s||z }||fSdS)zu Find the script path in Python command tokens. Returns (path, index) or (None, -1) if no script found. )N)rr-=)r SAFE_FLAGSFLAGS_WITH_ARG startswithr is_absoluteresolve)rrir' script_paths r_find_script_pathrs A c&kk//q  J  8 L 8 N " " FA    C  SE\\ FA    C   FA 5kk &&(( , +K""$$a'' 8rct|dkr|dS|ddD]}|tvr|dd|cS|dkr |ddcS|dkrP|d}|dzt|kr|dd ||dzcS|dd cS|d s!|ddt |jcS|dS) z#Get description for Python command.rrrN rz -crz -m z -mr)rrindexrrr~)rr'idxs rget_descriptionrs9 6{{Qay 5 5 J  Qi))%)) ) ) ) D==Qi$$$ $ $ $ D==,,t$$CQwV$$ )::a:::::Qi$$$ $ $ $$$ 5Qi44$u++"244 4 4 4 5 !9rrrrc|j}tj}t|}t |dkrt d|ddS|ddD]}|t vrt d|cSd |vrt d|Sd |vr^|d }|dzt |kr"||dz}|d krt d|St d|Sd |vrt d|St||\}}|t d|St|\} } | rt d|d St d|d| S)a6Classify Python command for approval. Auto-approves: - Version/help flags - Scripts that pass static analysis (no I/O, no dangerous imports) Requires confirmation: - -c (inline code) - -m (module execution) - Scripts that fail analysis or can't be read - Interactive mode raskrz interactive) descriptionrNallowrrr9z-iz (analyzed)r) rrrrrrrrrr) rrrdescr'rrr_is_safereasons rclassifyrsZF (**C 6 " "D 6{{QeF1I1K1K1KLLLL== J  !'t<<< < < <  v~~e6666 v~~ll4   7S[[ C!G_F ##%g4@@@@e6666 v~~e6666'vs33NKe6666*+66OGVFgd3G3G3GHHHHeD1D1DF1D1DEEEErr)rrrhrrpr)rrrpr)rrrrrpr)rrrpr)rrrpr)rd __future__rrrrr0r dippy.clirrrCOMMANDSrrrrrrr\ NodeVisitorrgrrrrrrrr rrr sm#""""" 44444444 i #I#IEE!RLL#I#I#I I yLLLNN dImmmoodY8 <<<>> D)~~~@@F a!a!a!a!a!S_a!a!a!H      %*%*%*%*VY ((((V,>F>F>F>F>F>Fr