Merge pull request #8298 from continuedev/pe/read-file-errs

feat: allow file reads outside IDE workspace (w/ permission)

Author: RomneyDa

.github/actions/setup-component/action.yml

@@ -31,12 +31,18 @@ runs:
           packages/*/node_modules
         key: ${{ runner.os }}-packages-node-modules-${{ hashFiles('packages/*/package-lock.json') }}
 
-    - uses: actions/cache@v4  
+    - uses: actions/cache@v4
       if: inputs.include-root == 'true'
+      id: root-cache
       with:
         path: node_modules
         key: ${{ runner.os }}-root-node-modules-${{ hashFiles('package-lock.json') }}
 
+    - name: Install root dependencies
+      if: inputs.include-root == 'true' && steps.root-cache.outputs.cache-hit != 'true'
+      shell: bash
+      run: npm ci
+
     - uses: actions/cache@v4
       id: component-cache
       with:

core/core.ts

@@ -1093,7 +1093,7 @@ export class Core {
 
     on(
       "tools/evaluatePolicy",
-      async ({ data: { toolName, basePolicy, args } }) => {
+      async ({ data: { toolName, basePolicy, parsedArgs, processedArgs } }) => {
         const { config } = await this.configHandler.loadConfig();
         if (!config) {
           throw new Error("Config not loaded");
@@ -1106,12 +1106,16 @@ export class Core {
 
         // Extract display value for specific tools
         let displayValue: string | undefined;
-        if (toolName === "runTerminalCommand" && args.command) {
-          displayValue = args.command as string;
+        if (toolName === "runTerminalCommand" && parsedArgs.command) {
+          displayValue = parsedArgs.command as string;
         }
 
         if (tool.evaluateToolCallPolicy) {
-          const evaluatedPolicy = tool.evaluateToolCallPolicy(basePolicy, args);
+          const evaluatedPolicy = tool.evaluateToolCallPolicy(
+            basePolicy,
+            parsedArgs,
+            processedArgs,
+          );
           return { policy: evaluatedPolicy, displayValue };
         }
         return { policy: basePolicy, displayValue };

core/index.d.ts

@@ -1110,6 +1110,7 @@ export interface Tool {
   evaluateToolCallPolicy?: (
     basePolicy: ToolPolicy,
     parsedArgs: Record<string, unknown>,
+    processedArgs?: Record<string, unknown>,
   ) => ToolPolicy;
 }
 

core/indexing/docs/crawlers/DocsCrawler.test.ts

@@ -19,7 +19,7 @@ const TIMEOUT_MS = 1_000_000_000;
 // so that we don't delete the Chromium install between tests
 ChromiumInstaller.PCR_CONFIG = { downloadPath: os.tmpdir() };
 
-describe("DocsCrawler", () => {
+describe.skip("DocsCrawler", () => {
   let config: ContinueConfig;
   let mockIde: FileSystemIde;
   let chromiumInstaller: ChromiumInstaller;

core/package-lock.json

@@ -121,6 +121,7 @@
     "system-ca": "^1.0.3",
     "tar": "^7.4.3",
     "tree-sitter-wasms": "^0.1.11",
+    "untildify": "^6.0.0",
     "uuid": "^9.0.1",
     "vectordb": "^0.4.20",
     "web-tree-sitter": "^0.21.0",

core/package.json

@@ -314,7 +314,12 @@ export type ToCoreFromIdeOrWebviewProtocol = {
     },
   ];
   "tools/evaluatePolicy": [
-    { toolName: string; basePolicy: ToolPolicy; args: Record<string, unknown> },
+    {
+      toolName: string;
+      basePolicy: ToolPolicy;
+      parsedArgs: Record<string, unknown>;
+      processedArgs?: Record<string, unknown>;
+    },
     { policy: ToolPolicy; displayValue?: string },
   ];
   "tools/preprocessArgs": [

core/protocol/core.ts

@@ -1,5 +1,8 @@
+import { ToolPolicy } from "@continuedev/terminal-security";
 import { Tool } from "../..";
+import { ResolvedPath, resolveInputPath } from "../../util/pathResolver";
 import { BUILT_IN_GROUP_NAME, BuiltInToolNames } from "../builtIn";
+import { evaluateFileAccessPolicy } from "../policies/fileAccess";
 
 export const createNewFileTool: Tool = {
   type: "function",
@@ -21,7 +24,7 @@ export const createNewFileTool: Tool = {
         filepath: {
           type: "string",
           description:
-            "The path where the new file should be created, relative to the root of the workspace",
+            "The path where the new file should be created. Can be a relative path (from workspace root), absolute path, tilde path (~/...), or file:// URI.",
         },
         contents: {
           type: "string",
@@ -38,4 +41,26 @@ export const createNewFileTool: Tool = {
       ["contents", "Contents of the file"],
     ],
   },
+  preprocessArgs: async (args, { ide }) => {
+    const filepath = args.filepath as string;
+    const resolvedPath = await resolveInputPath(ide, filepath);
+
+    // Store the resolved path info in args for policy evaluation
+    return {
+      resolvedPath,
+    };
+  },
+  evaluateToolCallPolicy: (
+    basePolicy: ToolPolicy,
+    _: Record<string, unknown>,
+    processedArgs?: Record<string, unknown>,
+  ): ToolPolicy => {
+    const resolvedPath = processedArgs?.resolvedPath as
+      | ResolvedPath
+      | null
+      | undefined;
+    if (!resolvedPath) return basePolicy;
+
+    return evaluateFileAccessPolicy(basePolicy, resolvedPath.isWithinWorkspace);
+  },
 };

core/tools/definitions/createNewFile.ts

@@ -1,6 +1,9 @@
 import { Tool } from "../..";
 
+import { ToolPolicy } from "@continuedev/terminal-security";
+import { ResolvedPath, resolveInputPath } from "../../util/pathResolver";
 import { BUILT_IN_GROUP_NAME, BuiltInToolNames } from "../builtIn";
+import { evaluateFileAccessPolicy } from "../policies/fileAccess";
 
 export const lsTool: Tool = {
   type: "function",
@@ -20,7 +23,7 @@ export const lsTool: Tool = {
         dirPath: {
           type: "string",
           description:
-            "The directory path relative to the root of the project. Use forward slash paths like '/'. rather than e.g. '.'",
+            "The directory path. Can be relative to project root, absolute path, tilde path (~/...), or file:// URI. Use forward slash paths",
         },
         recursive: {
           type: "boolean",
@@ -39,4 +42,28 @@ export const lsTool: Tool = {
     ],
   },
   toolCallIcon: "FolderIcon",
+  preprocessArgs: async (args, { ide }) => {
+    const dirPath = args.dirPath as string;
+
+    // Default to current directory if no path provided
+    const pathToResolve = dirPath || ".";
+    const resolvedPath = await resolveInputPath(ide, pathToResolve);
+
+    return {
+      resolvedPath,
+    };
+  },
+  evaluateToolCallPolicy: (
+    basePolicy: ToolPolicy,
+    _: Record<string, unknown>,
+    processedArgs?: Record<string, unknown>,
+  ): ToolPolicy => {
+    const resolvedPath = processedArgs?.resolvedPath as
+      | ResolvedPath
+      | null
+      | undefined;
+    if (!resolvedPath) return basePolicy;
+
+    return evaluateFileAccessPolicy(basePolicy, resolvedPath.isWithinWorkspace);
+  },
 };

core/tools/definitions/ls.ts

@@ -1,5 +1,8 @@
+import { ToolPolicy } from "@continuedev/terminal-security";
 import { Tool } from "../..";
+import { ResolvedPath, resolveInputPath } from "../../util/pathResolver";
 import { BUILT_IN_GROUP_NAME, BuiltInToolNames } from "../builtIn";
+import { evaluateFileAccessPolicy } from "../policies/fileAccess";
 
 export const readFileTool: Tool = {
   type: "function",
@@ -21,7 +24,7 @@ export const readFileTool: Tool = {
         filepath: {
           type: "string",
           description:
-            "The path of the file to read, relative to the root of the workspace (NOT uri or absolute path)",
+            "The path of the file to read. Can be a relative path (from workspace root), absolute path, tilde path (~/...), or file:// URI",
         },
       },
     },
@@ -32,4 +35,26 @@ export const readFileTool: Tool = {
   },
   defaultToolPolicy: "allowedWithoutPermission",
   toolCallIcon: "DocumentIcon",
+  preprocessArgs: async (args, { ide }) => {
+    const filepath = args.filepath as string;
+    const resolvedPath = await resolveInputPath(ide, filepath);
+
+    // Store the resolved path info in args for policy evaluation
+    return {
+      resolvedPath,
+    };
+  },
+  evaluateToolCallPolicy: (
+    basePolicy: ToolPolicy,
+    _: Record<string, unknown>,
+    processedArgs?: Record<string, unknown>,
+  ): ToolPolicy => {
+    const resolvedPath = processedArgs?.resolvedPath as
+      | ResolvedPath
+      | null
+      | undefined;
+    if (!resolvedPath) return basePolicy;
+
+    return evaluateFileAccessPolicy(basePolicy, resolvedPath.isWithinWorkspace);
+  },
 };