🛡️ Sentinel: [CRITICAL] Fix path traversal in module resolution

[bashandbone]

🚨 Severity: CRITICAL
💡 Vulnerability: Path normalization logic allowed Component::ParentDir to pop RootDir or Prefix and make absolute paths relative. Attackers could craft relative import strings (../../../etc/passwd) that escape project boundaries and are resolved against unintended root locations.
🎯 Impact: Arbitrary local file inclusion and path traversal logic, leading to the risk of sensitive files being read or executed by module loaders or system tools dependent on resolving module specifiers.
🔧 Fix: Explicitly restricted the path normalization logic in typescript.rs. The code now actively checks the last component, and skips the pop logic if ParentDir tries to traverse beyond RootDir or Prefix. If the component vector is empty or already ends with ParentDir, the ParentDir is pushed.
✅ Verification: Verified by passing tests locally in extractor_typescript_tests. Tested that normal resolving still functions and there are no regressions.

---

PR created automatically by Jules for task 11299775835637984422 started by @bashandbone

Summary by Sourcery

Fix path normalization to prevent directory traversal beyond root in TypeScript module resolution and apply minor code formatting cleanups.

Bug Fixes:

• Prevent ParentDir components from escaping root or prefix during TypeScript path normalization, closing a path traversal issue in module resolution.

Enhancements:

• Apply minor formatting and readability cleanups in AST engine and rule engine code paths.

[google-labs-jules]

👋 Jules, reporting for duty! I'm here to lend a hand with this pull request.

When you start a review, I'll add a 👀 emoji to each comment to let you know I've read it. I'll focus on feedback directed at me and will do my best to stay out of conversations between you and other bots or reviewers to keep the noise down.

I'll push a commit with your requested changes shortly after. Please note there might be a delay between these steps, but rest assured I'm on the job!

For more direct control, you can switch me to Reactive Mode. When this mode is on, I will only act on comments where you specifically mention me with @jules. You can find this option in the Pull Request section of your global Jules UI settings. You can always switch back!

New to Jules? Learn more at jules.google/docs.

---

For security, I will only act on instructions from the user who triggered this task.

[sourcery-ai]

Reviewer's Guide

Fixes a critical path traversal vulnerability in TypeScript module resolution by tightening ParentDir handling during path normalization, and includes a few minor formatting/cleanup changes elsewhere in the codebase.

Class diagram for updated TypeScript path normalization logic

classDiagram
class TypeScriptDependencyExtractor {
    +resolve_module(resolved_path, components)
    -normalize_components(components)
    -handle_parent_dir(components, parent_dir_component)
}

class std_path_Component {
    <<enumeration>>
    RootDir
    Prefix
    ParentDir
    CurDir
    Normal
}

TypeScriptDependencyExtractor --> std_path_Component : uses

class ParentDirHandlingBefore {
    -components : Vec_std_path_Component
    +on_parent_dir(components)
}

class ParentDirHandlingAfter {
    -components : Vec_std_path_Component
    +on_parent_dir(components)
}

ParentDirHandlingBefore : on_parent_dir(components)
ParentDirHandlingBefore : components.pop()

ParentDirHandlingAfter : on_parent_dir(components)
ParentDirHandlingAfter : if last is RootDir or Prefix -> ignore
ParentDirHandlingAfter : else if last is ParentDir -> push ParentDir
ParentDirHandlingAfter : else if last exists -> pop
ParentDirHandlingAfter : else -> push ParentDir

TypeScriptDependencyExtractor ..> ParentDirHandlingAfter : updated logic

Loading

Flow diagram for restricted ParentDir handling in path normalization

flowchart TD
    A["ParentDir component encountered"] --> B{components.last exists}

    B -- "no" --> C["push ParentDir onto components"]
    C --> Z["continue with next component"]

    B -- "yes" --> D{last is RootDir or Prefix}

    D -- "yes" --> E["ignore ParentDir (do not modify components)"]
    E --> Z

    D -- "no" --> F{last is ParentDir}

    F -- "yes" --> G["push ParentDir onto components"]
    G --> Z

    F -- "no" --> H["pop last component"]
    H --> Z

Loading

File-Level Changes

Change	Details	Files
Harden ParentDir handling in TypeScript module resolution to prevent traversal above root/prefix and incorrect normalization of absolute paths.	Change ParentDir normalization to inspect the last accumulated component before deciding whether to pop or push. Prevent popping when the last component is RootDir or Prefix, effectively ignoring ParentDir at filesystem roots. Ensure consecutive ParentDir components are preserved by pushing when the last component is also ParentDir. When there are no prior components, push ParentDir instead of popping to avoid underflow and root escape.	crates/flow/src/incremental/extractors/typescript.rs
Apply minor style/formatting cleanups to string UTF-8 recovery logic and test assertions in AST engine.	Reformat unwrap_or_else call on String::from_utf8 to a single indented expression without changing behavior. Reformat a long assert_eq! on tree-sitter parse trees into multiline style for readability.	crates/ast-engine/src/tree_sitter/mod.rs
Apply minor style/formatting cleanup in rule engine APIs without changing behavior.	Reformat Rule::Pattern branch in defined_vars to multi-line chained iterator methods for clarity. Reformat Registration::read to a single chained expression for conciseness while preserving semantics.	crates/rule-engine/src/rule/mod.rs crates/rule-engine/src/rule/referent_rule.rs

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[sourcery-ai]

Hey - I've left some high level feedback:

• The new ParentDir handling in typescript.rs would be easier to reason about and less error‑prone if extracted into a small helper (e.g. fn push_normalized(components: &mut Vec<Component>, c: Component)) with a clear comment about its invariants, instead of embedding the logic inline in the loop.
• Consider documenting (and double‑checking) the behavior for Windows prefixes/UNC paths in the Prefix branch, since treating ParentDir as a no‑op there alters semantics from the standard iterator behavior and could have platform‑specific edge cases.

Prompt for AI Agents

Please address the comments from this code review:

## Overall Comments
- The new `ParentDir` handling in `typescript.rs` would be easier to reason about and less error‑prone if extracted into a small helper (e.g. `fn push_normalized(components: &mut Vec<Component>, c: Component)`) with a clear comment about its invariants, instead of embedding the logic inline in the loop.
- Consider documenting (and double‑checking) the behavior for Windows prefixes/UNC paths in the `Prefix` branch, since treating `ParentDir` as a no‑op there alters semantics from the standard iterator behavior and could have platform‑specific edge cases.

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[Copilot]

Pull request overview

Hardens TypeScript module path normalization to avoid .. collapsing past RootDir/Prefix (which could turn absolute paths into relative ones), addressing a path traversal-related module resolution vulnerability.

Changes:

• Updated manual .. normalization in TypeScriptDependencyExtractor::resolve_module_path to avoid popping RootDir/Prefix and to preserve leading .. components when appropriate.
• Minor formatting-only refactors in rule-engine and ast-engine modules.

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 1 comment.

File	Description
crates/flow/src/incremental/extractors/typescript.rs	Adjusts manual path component normalization to avoid popping RootDir/Prefix when handling ParentDir.
crates/rule-engine/src/rule/referent_rule.rs	Formatting-only change to RwLock read/clone chain.
crates/rule-engine/src/rule/mod.rs	Formatting-only change to defined_vars mapping/collection chain.
crates/ast-engine/src/tree_sitter/mod.rs	Formatting-only changes in UTF-8 recovery and a test assertion formatting.

Comments suppressed due to low confidence (1)

crates/flow/src/incremental/extractors/typescript.rs:833

• This change fixes a security-critical normalization edge case, but there’s no regression test covering it. Please add a unit test that exercises a path like /a/../../etc (or Windows prefix/root equivalents) where the old logic would pop RootDir/Prefix and return a relative path, and assert the normalized result stays absolute.

            // Normalize the path to resolve ../ components
            if let Ok(canonical) = resolved.canonicalize() {
                resolved = canonical;
            } else {
                // If canonicalize fails (file doesn't exist), manually resolve
                let mut components = Vec::new();
                for component in resolved.components() {
                    match component {
                        std::path::Component::ParentDir => {
                            if let Some(last) = components.last() {
                                match last {
                                    std::path::Component::RootDir
                                    | std::path::Component::Prefix(_) => {
                                        // Ignore ParentDir at root to prevent path traversal
                                    }
                                    std::path::Component::ParentDir => {
                                        components.push(component);
                                    }
                                    _ => {
                                        components.pop();
                                    }
                                }
                            } else {
                                components.push(component);
                            }
                        }
                        std::path::Component::CurDir => {}
                        _ => components.push(component),
                    }
                }
                resolved = components.iter().collect();
            }

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

The inline comment says this ignores ParentDir “to prevent path traversal”, but the actual behavior here is specifically to prevent ParentDir from popping RootDir/Prefix (which would turn an absolute path into a relative one). Consider rewording the comment to reflect the actual security property being enforced to avoid giving a false sense of full traversal prevention.

Suggested change

	// Ignore ParentDir at root to prevent path traversal
	// Ignore ParentDir here so it cannot pop a root/prefix
	// component and turn an absolute path into a relative one.