Skip to content

feat: npx safe policy — destructive subcommand exclusions#9

Open
3stacks wants to merge 1 commit into
brycehans:mainfrom
3stacks:feat/npx-destructive-subcommands
Open

feat: npx safe policy — destructive subcommand exclusions#9
3stacks wants to merge 1 commit into
brycehans:mainfrom
3stacks:feat/npx-destructive-subcommands

Conversation

@3stacks

@3stacks 3stacks commented May 5, 2026

Copy link
Copy Markdown
Contributor

Summary

  • Extends the npx safe whitelist to support per-package destructive subcommand exclusions
  • Packages mapped to true keep existing behaviour (all subcommands auto-allowed)
  • Packages mapped to a Set<string> auto-allow all subcommands except those in the set, which fall through to ask
  • Adds cdk with deploy and destroy as destructive subcommands — so npx cdk synth/diff/list are auto-allowed but npx cdk deploy prompts for confirmation
  • Bumps version to 0.5.0

Test plan

  • 12 new tests covering safe packages, CDK safe subcommands, CDK destructive subcommands, unknown packages, and non-Bash tools
  • All existing tests still pass

@3stacks @claude
feat: support destructive subcommand exclusions in npx safe policy
47e7238 
The npx safe whitelist now accepts per-package destructive subcommands.
Packages mapped to `true` allow all subcommands (existing behaviour).
Packages mapped to a `Set<string>` allow everything except those
subcommands — e.g. `npx cdk synth` is auto-allowed but `npx cdk deploy`
falls through to ask.

Adds CDK with deploy/destroy as destructive subcommands.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@3stacks