marketing-shibata50/cmux
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat: cmux.json for custom commands (#2011)

Browse source 
* Pre-launch app for browser UI test on headless CI runners

XCUIApplication.launch() blocks ~60s then fails on headless WarpBuild
runners because foreground activation requires a GUI login session.

Apply the same pre-launch strategy used for the display resolution test:
- CI shell launches the app with env vars before running xcodebuild
- Test detects pre-launched app via manifest, uses activate() instead of
  launch() to avoid killing and relaunching the app
- Falls back to clicking the window for focus via accessibility framework

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* Revert "Pre-launch app for browser UI test on headless CI runners"

This reverts commit a540e2fd99aaa1395b91a8d50caa797cdd7551b8.

* feat: cmux.json for custom commands

* tests: add cmux  json tests

* fix: pr review feedback: validation, translations, input handling, and palette improvements

  - Fix Danish ("Overfladedef inition") and Norwegian ("rotmapp") translation typos
  - Add empty-string check for baseCwd fallback in command palette handlers
  - Coalesce \r\n into single Return keypress in sendInput
  - Redact command text from timeout log to prevent secret leakage
  - Add decode-time validation: reject hybrid/empty commands, ambiguous layout
    nodes, wrong split children count, and empty pane surfaces
  - Namespace custom command IDs with "cmux.config.command." prefix
  - Forward command description to palette subtitle when available
  - Update tests for new validation rules and ID prefix

* fix: address PR review feedback — per-window config isolation, blank validation, ancestor walk,
  palette sanitization

* fix: fallback to current dir cmux.json watching if no any cmux.json found in full acesor walk

* ci: trigger CI for fork PR

* Add directory trust for cmux.json command confirmation

The confirm dialog now shows the actual command text and has an "Always
trust commands from this folder" checkbox. When checked, future confirm
commands from that directory skip the dialog.

Trust is scoped to the git repo root if the cmux.json is inside a repo,
so trusting once covers all subdirectories. Non-git directories are
trusted by exact path. Global config is always trusted.

Trusted directories are persisted in ~/Library/Application Support/cmux/
trusted-directories.json.

* Add trusted directories section to Settings

Shows all trusted directories with per-directory revoke buttons and a
Clear All option. Placed in a "Custom Commands" section between
Automation and Browser in Settings.

* Replace trusted directories list with editable textarea

One path per line, with a Save button that activates on changes.
Users can add, remove, or edit paths directly.

* Auto-save trusted directories on edit, remove Save button

Matches the behavior of other textarea settings (browser host
whitelist, external URL patterns) which auto-save via @AppStorage.

* Sanitize command text in confirm dialog against BiDi attacks

Strip zero-width and BiDi override characters from the command preview
so the dialog shows exactly what will be executed.

---------

Co-authored-by: austinpower1258 <austinwang115@gmail.com>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: Lawrence Chen <lawrencecchen@users.noreply.github.com>
This commit is contained in:
Pratik Pakhale 2026-03-25 10:58:46 +05:30 committed by GitHub
parent 09e31448c9
commit b9c656b90c
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
33 changed files with 4588 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

130
Sources/CmuxConfigExecutor.swift Normal file
View file

@ -0,0 +1,130 @@
import AppKit
import Foundation
@MainActor
struct CmuxConfigExecutor {
static func execute(
command: CmuxCommandDefinition,
tabManager: TabManager,
baseCwd: String,
configSourcePath: String?,
globalConfigPath: String
) {
if let workspace = command.workspace {
executeWorkspaceCommand(command: command, workspace: workspace, tabManager: tabManager, baseCwd: baseCwd)
} else if let shellCommand = command.command {
let needsConfirm = command.confirm ?? false
if needsConfirm, let sourcePath = configSourcePath {
let trusted = CmuxDirectoryTrust.shared.isTrusted(
configPath: sourcePath,
globalConfigPath: globalConfigPath
)
if !trusted {
guard showConfirmDialog(command: shellCommand, configPath: sourcePath) else { return }
}
}
guard let terminal = tabManager.selectedWorkspace?.focusedTerminalPanel else { return }
terminal.sendInput(shellCommand + "\n")
}
}
/// Show a confirmation dialog with the command text and a "trust this directory" checkbox.
/// Returns true if the user chose to run, false if cancelled.
private static func showConfirmDialog(command: String, configPath: String) -> Bool {
let alert = NSAlert()
alert.messageText = String(
localized: "dialog.cmuxConfig.confirmCommand.title",
defaultValue: "Run Command"
)
let messageFormat = String(
localized: "dialog.cmuxConfig.confirmCommand.messageWithCommand",
defaultValue: "This will run the following command:\n\n%@"
)
alert.informativeText = String(format: messageFormat, sanitizeForDisplay(command))
alert.alertStyle = .warning
alert.addButton(withTitle: String(
localized: "dialog.cmuxConfig.confirmCommand.run",
defaultValue: "Run"
))
alert.addButton(withTitle: String(
localized: "dialog.cmuxConfig.confirmCommand.cancel",
defaultValue: "Cancel"
))
let checkbox = NSButton(checkboxWithTitle: String(
localized: "dialog.cmuxConfig.confirmCommand.trustDirectory",
defaultValue: "Always trust commands from this folder"
), target: nil, action: nil)
checkbox.state = .off
alert.accessoryView = checkbox
let response = alert.runModal()
guard response == .alertFirstButtonReturn else { return false }
if checkbox.state == .on {
CmuxDirectoryTrust.shared.trust(configPath: configPath)
}
return true
}
private static func sanitizeForDisplay(_ text: String) -> String {
let dangerous: Set<Unicode.Scalar> = [
"\u{200B}", "\u{200C}", "\u{200D}", "\u{200E}", "\u{200F}",
"\u{202A}", "\u{202B}", "\u{202C}", "\u{202D}", "\u{202E}",
"\u{2066}", "\u{2067}", "\u{2068}", "\u{2069}",
"\u{FEFF}",
]
let filtered = String(text.unicodeScalars.filter { !dangerous.contains($0) })
return filtered.trimmingCharacters(in: .whitespacesAndNewlines)
}
private static func executeWorkspaceCommand(
command: CmuxCommandDefinition,
workspace wsDef: CmuxWorkspaceDefinition,
tabManager: TabManager,
baseCwd: String
) {
let workspaceName = wsDef.name ?? command.name
let restart = command.restart ?? .ignore
if let existing = tabManager.tabs.first(where: { $0.customTitle == workspaceName }) {
switch restart {
case .ignore:
tabManager.selectWorkspace(existing)
return
case .recreate:
tabManager.closeWorkspace(existing)
case .confirm:
let alert = NSAlert()
alert.messageText = String(
localized: "dialog.cmuxConfig.confirmRestart.title",
defaultValue: "Workspace Already Exists"
)
alert.informativeText = String(
localized: "dialog.cmuxConfig.confirmRestart.message",
defaultValue: "A workspace with this name already exists. Close it and create a new one?"
)
alert.alertStyle = .warning
alert.addButton(withTitle: String(localized: "dialog.cmuxConfig.confirmRestart.recreate", defaultValue: "Recreate"))
alert.addButton(withTitle: String(localized: "dialog.cmuxConfig.confirmRestart.cancel", defaultValue: "Cancel"))
guard alert.runModal() == .alertFirstButtonReturn else {
tabManager.selectWorkspace(existing)
return
}
tabManager.closeWorkspace(existing)
}
}
let resolvedCwd = CmuxConfigStore.resolveCwd(wsDef.cwd, relativeTo: baseCwd)
let newWorkspace = tabManager.addWorkspace(workingDirectory: resolvedCwd)
newWorkspace.setCustomTitle(workspaceName)
if let color = wsDef.color {
newWorkspace.setCustomColor(color)
}
guard let layout = wsDef.layout else { return }
newWorkspace.applyCustomLayout(layout, baseCwd: resolvedCwd)
}
}