hermes-agent/tests/acp
Jace Nibarger 060779bb76 fix: bound threat-pattern/FTS5 regex input and cover V4A Move-File edits
Salvaged from PR #35130 (the safe subset of jnibarger01's security pass):

- threat_patterns.py: replace unbounded (?:\w+\s+)* filler with bounded
  {0,8} + cap scan input at MAX_SCAN_CHARS (64KiB), and bound the .*
  runs in the exfil/config-mod patterns. Kills catastrophic backtracking
  on adversarial near-misses.
- hermes_state.py: cap FTS5 query length (MAX_FTS5_QUERY_CHARS) and
  extract quoted phrases with a linear scan instead of a regex so
  pathological quote runs can't induce backtracking.
- acp_adapter/edit_approval.py + agent/tool_dispatch_helpers.py: recognize
  '*** Move File: src -> dst' V4A headers so patch-mode edits are
  permissioned/traversal-checked (previously only Update/Add/Delete), and
  surface a proposal for mode=patch V4A calls (previously replace-only).

Tests: +ReDoS-bound + FTS5-cap + Move-File-target + V4A-approval cases.
2026-07-01 01:05:28 -07:00
..
__init__.py
test_approval_isolation.py fix(acp): thread-safe interactive approval via contextvars 2026-06-30 03:24:58 -07:00
test_auth.py
test_edit_approval.py fix: bound threat-pattern/FTS5 regex input and cover V4A Move-File edits 2026-07-01 01:05:28 -07:00
test_entry.py
test_events.py fix(ci): rip out some xdist legacy stuff... how did these ever work?? 2026-06-26 19:15:18 -07:00
test_mcp_e2e.py
test_permissions.py
test_ping_suppression.py
test_registry_manifest.py
test_server.py fix(acp): preserve memory provider tools 2026-06-13 04:51:44 -07:00
test_session.py fix(codex): seed app-server sessions with configured cwd 2026-06-21 16:39:02 -07:00
test_session_db_private_access.py
test_session_provenance.py feat(acp): emit session provenance metadata for compression rotation (#41724) 2026-06-07 22:22:21 -07:00
test_tools.py