flow_application/

cli_tools.rs

//! CLI tool detection for `cli-tool` nodes.
//!
//! The Node Hub asks "is the binary this `cli-tool` node needs installed, and
//! is it at least the minimum version the entry declares?". This module answers
//! the first half - it probes the machine by running `<name> <version_command>`
//! (default `--version`) and parsing a version token out of the output. The
//! minimum-version verdict is computed by the caller (the frontend) so the
//! probe stays a pure "what's installed?" query and the command is reusable.
//!
//! Spawning mirrors the adapters' `tokio::process::Command::new(CLI)` pattern,
//! so no extra Tauri plugin or shell capability is required.

use std::process::Stdio;

use serde::Serialize;
use tokio::process::Command;

/// Outcome of probing the machine for one CLI tool. `found` distinguishes
/// "binary missing from PATH" from "present but version unparseable". Never
/// surfaced as an `Err` so the Hub renders a badge instead of failing.
#[derive(Debug, Clone, Default, Serialize)]
#[serde(rename_all = "camelCase")]
pub struct CliToolStatus {
    pub found: bool,
    #[serde(skip_serializing_if = "Option::is_none")]
    pub installed_version: Option<String>,
    #[serde(skip_serializing_if = "Option::is_none")]
    pub path: Option<String>,
    #[serde(skip_serializing_if = "Option::is_none")]
    pub raw: Option<String>,
}

const DEFAULT_VERSION_ARG: &str = "--version";

/// Probe for `name <version_command>`. Returns `found: false` (never an `Err`)
/// when the binary can't be spawned or the name is rejected.
pub async fn detect_cli_tool(name: &str, version_command: Option<&str>) -> CliToolStatus {
    if !is_safe_binary_name(name) {
        return CliToolStatus::default();
    }
    let arg = version_command
        .map(str::trim)
        .filter(|s| !s.is_empty())
        .unwrap_or(DEFAULT_VERSION_ARG);

    match Command::new(name)
        .arg(arg)
        .stdin(Stdio::null())
        .output()
        .await
    {
        Ok(out) => {
            // The binary exists and ran - that alone means "installed". Most
            // CLIs print the version to stdout; a few use stderr.
            let stdout = String::from_utf8_lossy(&out.stdout);
            let text = if stdout.trim().is_empty() {
                String::from_utf8_lossy(&out.stderr).into_owned()
            } else {
                stdout.into_owned()
            };
            CliToolStatus {
                found: true,
                installed_version: parse_version(&text),
                path: which(name),
                raw: first_nonempty_line(&text),
            }
        }
        // `ErrorKind::NotFound` (and any other spawn failure) => not usable.
        Err(_) => CliToolStatus::default(),
    }
}

/// Extract the first dotted numeric version token (`\d+(\.\d+)+`) from `text`.
/// Bare integers and dash-separated dates (`2024-01-02`) are skipped so a build
/// date or revision number isn't mistaken for a version.
pub fn parse_version(text: &str) -> Option<String> {
    let bytes = text.as_bytes();
    let mut i = 0;
    while i < bytes.len() {
        if !bytes[i].is_ascii_digit() {
            i += 1;
            continue;
        }
        let start = i;
        let mut saw_dot = false;
        while i < bytes.len() && (bytes[i].is_ascii_digit() || bytes[i] == b'.') {
            if bytes[i] == b'.' {
                saw_dot = true;
            }
            i += 1;
        }
        let token = text[start..i].trim_end_matches('.');
        if saw_dot && token.contains('.') {
            return Some(token.to_string());
        }
        // Bare integer - keep scanning from where the run ended.
    }
    None
}

fn first_nonempty_line(text: &str) -> Option<String> {
    text.lines()
        .map(str::trim)
        .find(|l| !l.is_empty())
        .map(str::to_string)
}

/// Reject anything but a bare binary name - no path separators, spaces, or
/// shell metacharacters. Defense-in-depth: the catalog is trusted, but the
/// probe must never become an injection vector.
fn is_safe_binary_name(name: &str) -> bool {
    !name.is_empty()
        && name.len() <= 64
        && name
            .chars()
            .all(|c| c.is_ascii_alphanumeric() || matches!(c, '-' | '_' | '.'))
}

/// Best-effort resolution of `name` against `PATH`. The version probe already
/// proves presence; this just enriches the status with a path when one is
/// found. On Windows it also tries the common executable extensions.
fn which(name: &str) -> Option<String> {
    let path_var = std::env::var_os("PATH")?;
    let exts: &[&str] = if cfg!(windows) {
        &["", ".exe", ".cmd", ".bat"]
    } else {
        &[""]
    };
    for dir in std::env::split_paths(&path_var) {
        for ext in exts {
            let candidate = dir.join(format!("{name}{ext}"));
            if candidate.is_file() {
                return candidate.to_str().map(str::to_string);
            }
        }
    }
    None
}

#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn parses_version_from_common_banners() {
        assert_eq!(
            parse_version("tool version 2.40.0 (2023-11-08)"),
            Some("2.40.0".into())
        );
        assert_eq!(parse_version("mytool 8.0.1"), Some("8.0.1".into()));
        assert_eq!(parse_version("v1.2"), Some("1.2".into()));
        assert_eq!(parse_version("name 3.11.5\nmore"), Some("3.11.5".into()));
        assert_eq!(parse_version("1.2.3-beta+meta"), Some("1.2.3".into()));
    }

    #[test]
    fn ignores_bare_ints_and_dates() {
        assert_eq!(parse_version("built 2024-01-02"), None);
        assert_eq!(parse_version("revision 12345"), None);
        assert_eq!(parse_version("no numbers here"), None);
    }

    #[test]
    fn rejects_unsafe_binary_names() {
        assert!(!is_safe_binary_name(""));
        assert!(!is_safe_binary_name("../evil"));
        assert!(!is_safe_binary_name("a b"));
        assert!(!is_safe_binary_name("foo;rm -rf /"));
        assert!(!is_safe_binary_name("foo/bar"));
        assert!(is_safe_binary_name("gh"));
        assert!(is_safe_binary_name("zowe"));
        assert!(is_safe_binary_name("python3.11"));
    }

    #[tokio::test]
    async fn missing_binary_is_not_found_not_error() {
        let status = detect_cli_tool("definitely-not-a-real-binary-xyz", None).await;
        assert!(!status.found);
        assert!(status.installed_version.is_none());
    }

    #[tokio::test]
    async fn unsafe_name_short_circuits_to_not_found() {
        let status = detect_cli_tool("foo/bar", None).await;
        assert!(!status.found);
    }
}