Fix unsandboxed terminal sandbox wrapping for quoted shell execution

[dileepyavan]

Fixes #306463, #304861

Summary

This updates the unsandboxed terminal sandbox wrapping path to execute the full input command through the active shell using -c, instead of interpolating raw command text directly into a parenthesized wrapper.

This addresses the case where a command ends with a trailing backslash and breaks the wrapper syntax by escaping the closing delimiter.

Changes

• Pass the active shell into the command line sandbox rewriter's wrapCommand call.
• Update TerminalSandboxService.wrapCommand to accept the shell for unsandboxed wrapping.
• Change the unsandboxed wrapper to use:
  • env TMPDIR="..." <shell> -c '<command>'
• Preserve the existing fallback parenthesized form when no shell is available.
• Add regression coverage for:
  • unsandboxed commands preserving TMPDIR
  • piped unsandboxed commands
  • trailing backslashes in unsandboxed commands
  • fish-shell unsandboxed wrapping
  • blocked-domain rewrites in the unsandboxed path

Why

The previous unsandboxed wrapper embedded raw command text directly in a subshell-like wrapper. When the input command ended with a trailing backslash, that backslash could escape the wrapper's closing syntax and produce an invalid command.

By passing the command as a quoted -c payload, the command body is treated as data by the outer shell parser, which avoids the trailing-backslash failure while still scoping TMPDIR to that invocation.

Testing

• ./scripts/test.sh --run src/vs/workbench/contrib/terminalContrib/chatAgentTools/test/browser/terminalSandboxService.test.ts
• node --experimental-strip-types build/hygiene.ts src/vs/workbench/contrib/terminalContrib/chatAgentTools/browser/tools/commandLineRewriter/commandLineSandboxRewriter.ts src/vs/workbench/contrib/terminalContrib/chatAgentTools/common/terminalSandboxService.ts src/vs/workbench/contrib/terminalContrib/chatAgentTools/test/browser/terminalSandboxService.test.ts

[Copilot]

Pull request overview

This PR updates the unsandboxed terminal sandbox wrapping path to avoid syntactic breakage when commands contain tricky shell characters (notably trailing backslashes), by executing the full command via the active shell using -c rather than interpolating raw text into a parenthesized wrapper.

Changes:

• Plumb the active shell through the command-line sandbox rewriter into TerminalSandboxService.wrapCommand.
• Extend ITerminalSandboxService.wrapCommand/TerminalSandboxService.wrapCommand to accept an optional shell for unsandboxed wrapping.
• Switch unsandboxed wrapping to env TMPDIR="..." <shell> -c '<command>' (with a parenthesized fallback when no shell is provided), and add/adjust regression tests.

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 2 comments.

File	Description
src/vs/workbench/contrib/terminalContrib/chatAgentTools/test/browser/terminalSandboxService.test.ts	Updates/extends regression tests to validate the new unsandboxed wrapping format and blocked-domain unsandboxed behavior.
src/vs/workbench/contrib/terminalContrib/chatAgentTools/common/terminalSandboxService.ts	Adds an optional shell parameter and implements the new unsandboxed wrapping strategy using env … <shell> -c ….
src/vs/workbench/contrib/terminalContrib/chatAgentTools/browser/tools/commandLineRewriter/commandLineSandboxRewriter.ts	Forwards the active shell into wrapCommand so unsandboxed wrapping can use the correct shell.