diff --git a/pkg/workflow/strict_mode.go b/pkg/workflow/strict_mode.go index a7ef8289a5..c347a3e51c 100644 --- a/pkg/workflow/strict_mode.go +++ b/pkg/workflow/strict_mode.go @@ -35,7 +35,6 @@ package workflow // 1. validateStrictPermissions() - Refuses write permissions on sensitive scopes // 2. validateStrictNetwork() - Requires explicit network configuration // 3. validateStrictMCPNetwork() - Requires network config on custom MCP servers -// 4. validateStrictBashTools() - Refuses bash wildcard tools ("*" and ":*") // // Note: Strict mode also affects zizmor security scanner behavior (see pkg/cli/zizmor.go) // When zizmor is enabled with --zizmor flag, strict mode will treat any security @@ -60,10 +59,5 @@ func (c *Compiler) validateStrictMode(frontmatter map[string]any, networkPermiss return err } - // 4. Refuse bash wildcard tools ("*" and ":*") - if err := c.validateStrictBashTools(frontmatter); err != nil { - return err - } - return nil } diff --git a/pkg/workflow/strict_mode_test.go b/pkg/workflow/strict_mode_test.go index 35f9eaf51a..84618fe8b5 100644 --- a/pkg/workflow/strict_mode_test.go +++ b/pkg/workflow/strict_mode_test.go @@ -486,7 +486,7 @@ network: expectError: false, }, { - name: "bash wildcard star refused in strict mode", + name: "bash wildcard star allowed in strict mode", content: `--- on: push permissions: @@ -503,11 +503,10 @@ network: --- # Test Workflow`, - expectError: true, - errorMsg: "strict mode: bash wildcard '*' is not allowed - use specific commands instead", + expectError: false, }, { - name: "bash wildcard colon-star refused in strict mode", + name: "bash wildcard colon-star allowed in strict mode", content: `--- on: push permissions: @@ -524,11 +523,10 @@ network: --- # Test Workflow`, - expectError: true, - errorMsg: "strict mode: bash wildcard ':*' is not allowed - use specific commands instead", + expectError: false, }, { - name: "bash wildcard star mixed with commands refused in strict mode", + name: "bash wildcard star mixed with commands allowed in strict mode", content: `--- on: push permissions: @@ -545,8 +543,7 @@ network: --- # Test Workflow`, - expectError: true, - errorMsg: "strict mode: bash wildcard '*' is not allowed - use specific commands instead", + expectError: false, }, { name: "bash command wildcards like git:* are allowed in strict mode", diff --git a/pkg/workflow/validation_strict_mode.go b/pkg/workflow/validation_strict_mode.go index ef376bc6ea..84be5bfec9 100644 --- a/pkg/workflow/validation_strict_mode.go +++ b/pkg/workflow/validation_strict_mode.go @@ -12,7 +12,6 @@ // 1. validateStrictPermissions() - Refuses write permissions on sensitive scopes // 2. validateStrictNetwork() - Requires explicit network configuration // 3. validateStrictMCPNetwork() - Requires network config on custom MCP servers -// 4. validateStrictBashTools() - Refuses bash wildcard tools ("*" and ":*") // // # Integration with Security Scanners // @@ -119,45 +118,3 @@ func (c *Compiler) validateStrictMCPNetwork(frontmatter map[string]any) error { return nil } - -// validateStrictBashTools refuses bash wildcard tools ("*" and ":*") -func (c *Compiler) validateStrictBashTools(frontmatter map[string]any) error { - // Check tools section - toolsValue, exists := frontmatter["tools"] - if !exists { - return nil - } - - toolsMap, ok := toolsValue.(map[string]any) - if !ok { - return nil - } - - // Check bash tool for wildcards - bashValue, hasBash := toolsMap["bash"] - if !hasBash { - return nil - } - - // Check if bash is an array of commands - bashCommands, ok := bashValue.([]any) - if !ok { - // If bash is not an array (e.g., true, null, or object), it's allowed in strict mode - return nil - } - - // Check for wildcard patterns in bash commands - for _, cmd := range bashCommands { - cmdStr, ok := cmd.(string) - if !ok { - continue - } - - // Refuse "*" and ":*" wildcards - if cmdStr == "*" || cmdStr == ":*" { - return fmt.Errorf("strict mode: bash wildcard '%s' is not allowed - use specific commands instead", cmdStr) - } - } - - return nil -}