Skip to content

feat: add public policy preflight checks for paths, commands, and URLs#190

Merged
jy-tan merged 1 commit into
mainfrom
library-check
Jul 4, 2026
Merged

feat: add public policy preflight checks for paths, commands, and URLs#190
jy-tan merged 1 commit into
mainfrom
library-check

Conversation

@jy-tan

@jy-tan jy-tan commented Jul 4, 2026

Copy link
Copy Markdown
Collaborator

Summary

Exposes Fence's policy evaluation as a public preflight API, so embedders can use one fence.json as the source of truth for operations that don't go through the sandbox (e.g. agent tools like glob/read_file/web_fetch built on the Go stdlib).

Resolves #189.

func CheckReadPath(cfg *Config, path, cwd string) error
func CheckWritePath(cfg *Config, path, cwd string) error
func CheckCommand(cfg *Config, command string) error
func CheckURL(cfg *Config, rawURL string) error

Thin exports of the internal predicates the hook integrations already use, so hook-mode, wrap-mode, and library checks can't drift. No Manager or proxies required. Denials are typed errors with matched rule and reason. These are policy preflights, not enforcement - the sandbox and proxies remain authoritative (documented, including the CheckURL declared-URL-only caveat).

Changes

  • internal/sandbox/path_check.go: generalize PathWriteBlockedError -> PathBlockedError (adds Op; write messages unchanged); add CheckReadPath mirroring wrap-mode read semantics. Dangerous-path protection stays write-only by design.
  • pkg/fence/fence.go: export the four Check* functions + typed-error aliases. CheckCommand is WrapCommand's preflight (chain/nested sh -c parsing, SSH policy) without a Manager.
  • Tests for read semantics and all four checkers; "Policy Checks (Preflight)" section in docs/library.md.

@jy-tan jy-tan merged commit 79607fb into main Jul 4, 2026
5 checks passed
@jy-tan jy-tan deleted the library-check branch July 4, 2026 14:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

[Feature Request]: Allow file system permissions check from the library

1 participant