Commit dcba0b4
authored
feat(samples): CLI explainer/auditor + Blazor WASM Mermaid visualizer (#12)
Adds two runnable samples that demonstrate consuming the ShellSyntaxTree
v0.1.0-alpha API. Both samples are IsPackable=false so they don't ship
in the nupkg.
samples/ShellSyntaxTree.Cli.Sample (net8.0 console, System.CommandLine 2.0.7):
- `explain "<cmd>"` — pretty-prints the AST with [flag]/[path]/
[cwd-attr]/[dyn-skip]/[glob] markers per arg, redirect targets, and
the IsSubshell/IsBashCWrapped flags. Unparseable inputs show the
reason.
- `audit "<cmd>"` — runs a tiny built-in policy (deny writes under
/etc/, /usr/, /bin/, /sbin/, /lib/; warn on `curl | bash`; warn on
dynamic content in path-arg slots; warn on IsUnparseable). Exits
0/1/2 by severity.
- AuditPolicy.cs is one file so the README can point at it as a
reference implementation.
samples/ShellSyntaxTree.Web.Sample (net8.0 Blazor WebAssembly):
- Single page: textarea on the left, mermaid SVG render on the right.
- Five preset buttons covering compound commands, subshell isolation,
bash -c recursion, dynamic-cwd attribution, and unparseable inputs.
- Source/AST/Unparseable tabs alongside the rendered diagram.
- 300ms debounced auto-render on input; Render button available too.
- mermaid.js v11 loaded from jsDelivr CDN; JS interop via
shellSyntaxTreeInterop.renderMermaid().
- MermaidRenderer.cs handles label escaping, subshell/bash -c
subgraphs, dotted edges for redirects, and CSS classes for
unparseable (red) and dynamic-skip (yellow) nodes.
- ScriptSplitter.cs folds line continuations, skips blank/comment
lines, preserves heredoc bodies so the parser sees them whole.
README rewritten:
- Elevator pitch + install line up top
- Inline mermaid example (GitHub renders directly)
- Use-case bullets covering AI agent gates, CI/CD audits, sandbox
policy generation, pre-commit linters, audit-log analytics, and
documentation tools
- Quick-start code snippet (~25 LOC of consumer code)
- Pointer to both samples with copy-pasteable `dotnet run` commands
- Repository layout table for contributors
- Locked public API surface from SPEC §2
Eight screenshots captured via Playwright validating the Blazor sample's
core scenarios (empty state, build script, subshell, bash -c,
unparseable, dynamic cwd, custom input, source tab).
Renderer fixes after first Playwright pass:
- Empty input now returns string.Empty so the host page's "No script
yet" placeholder shows instead of a phantom "(no commands)" node.
- `2>&1` and `N>&M` fd-dup redirect targets are filtered out (they're
not files; basename-startswith-& check handles the resolver's
cwd-joined form like `/work/&1`).
- Apostrophes in node labels left unescaped (mermaid 11 renders
' as `&'` inside `["..."]` labels).
- Node labels fall back to first non-flag arg when no path args are
present, so verbs like `echo done` and `set -e` show their args
instead of rendering as bare verb-only nodes.
- Razor textarea placeholder was Razor-encoding && to &&.
API surface unchanged; tests still 353/353.
CPM additions:
- System.CommandLine 2.0.7
- $(AspNetCoreVersion) = 8.0.26 for Microsoft.AspNetCore.Components.WebAssembly[.DevServer]
No new CI/CD workflow. Samples runnable via `dotnet run` only.1 parent 782afa5 commit dcba0b4
28 files changed
Lines changed: 1644 additions & 41 deletions
File tree
- assets
- samples
- ShellSyntaxTree.Cli.Sample
- Commands
- ShellSyntaxTree.Web.Sample
- Pages
- Properties
- Samples
- Services
- wwwroot
- css
- js
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
4 | 4 | | |
5 | 5 | | |
6 | 6 | | |
| 7 | + | |
| 8 | + | |
7 | 9 | | |
8 | 10 | | |
9 | 11 | | |
| |||
16 | 18 | | |
17 | 19 | | |
18 | 20 | | |
| 21 | + | |
| 22 | + | |
| 23 | + | |
| 24 | + | |
| 25 | + | |
| 26 | + | |
19 | 27 | | |
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1 | 1 | | |
2 | 2 | | |
3 | | - | |
4 | | - | |
5 | | - | |
| 3 | + | |
6 | 4 | | |
7 | | - | |
8 | | - | |
9 | | - | |
10 | | - | |
| 5 | + | |
| 6 | + | |
| 7 | + | |
| 8 | + | |
11 | 9 | | |
12 | | - | |
13 | | - | |
14 | | - | |
| 10 | + | |
| 11 | + | |
15 | 12 | | |
16 | | - | |
| 13 | + | |
| 14 | + | |
| 15 | + | |
| 16 | + | |
| 17 | + | |
| 18 | + | |
| 19 | + | |
| 20 | + | |
| 21 | + | |
| 22 | + | |
| 23 | + | |
| 24 | + | |
| 25 | + | |
| 26 | + | |
17 | 27 | | |
18 | | - | |
19 | | - | |
| 28 | + | |
| 29 | + | |
| 30 | + | |
| 31 | + | |
| 32 | + | |
| 33 | + | |
| 34 | + | |
| 35 | + | |
| 36 | + | |
| 37 | + | |
| 38 | + | |
| 39 | + | |
| 40 | + | |
| 41 | + | |
| 42 | + | |
| 43 | + | |
| 44 | + | |
| 45 | + | |
| 46 | + | |
| 47 | + | |
| 48 | + | |
| 49 | + | |
| 50 | + | |
| 51 | + | |
| 52 | + | |
| 53 | + | |
| 54 | + | |
| 55 | + | |
20 | 56 | | |
21 | | - | |
| 57 | + | |
| 58 | + | |
| 59 | + | |
| 60 | + | |
| 61 | + | |
| 62 | + | |
| 63 | + | |
| 64 | + | |
| 65 | + | |
| 66 | + | |
| 67 | + | |
| 68 | + | |
| 69 | + | |
| 70 | + | |
| 71 | + | |
| 72 | + | |
| 73 | + | |
| 74 | + | |
| 75 | + | |
| 76 | + | |
| 77 | + | |
| 78 | + | |
| 79 | + | |
| 80 | + | |
| 81 | + | |
| 82 | + | |
| 83 | + | |
| 84 | + | |
| 85 | + | |
| 86 | + | |
| 87 | + | |
22 | 88 | | |
23 | | - | |
24 | | - | |
25 | | - | |
26 | | - | |
| 89 | + | |
| 90 | + | |
| 91 | + | |
| 92 | + | |
| 93 | + | |
| 94 | + | |
| 95 | + | |
27 | 96 | | |
28 | 97 | | |
29 | 98 | | |
30 | 99 | | |
31 | 100 | | |
32 | 101 | | |
33 | 102 | | |
34 | | - | |
| 103 | + | |
35 | 104 | | |
36 | 105 | | |
37 | | - | |
38 | | - | |
39 | | - | |
40 | | - | |
41 | | - | |
| 106 | + | |
| 107 | + | |
| 108 | + | |
| 109 | + | |
| 110 | + | |
42 | 111 | | |
43 | 112 | | |
44 | 113 | | |
45 | 114 | | |
46 | 115 | | |
47 | 116 | | |
48 | 117 | | |
49 | | - | |
50 | | - | |
| 118 | + | |
| 119 | + | |
| 120 | + | |
| 121 | + | |
51 | 122 | | |
52 | | - | |
| 123 | + | |
53 | 124 | | |
54 | | - | |
55 | | - | |
| 125 | + | |
56 | 126 | | |
57 | | - | |
| 127 | + | |
58 | 128 | | |
| 129 | + | |
| 130 | + | |
| 131 | + | |
59 | 132 | | |
60 | | - | |
61 | | - | |
62 | | - | |
63 | | - | |
64 | | - | |
65 | | - | |
66 | | - | |
67 | | - | |
| 133 | + | |
| 134 | + | |
| 135 | + | |
| 136 | + | |
| 137 | + | |
| 138 | + | |
| 139 | + | |
| 140 | + | |
| 141 | + | |
| 142 | + | |
| 143 | + | |
| 144 | + | |
| 145 | + | |
| 146 | + | |
| 147 | + | |
| 148 | + | |
| 149 | + | |
| 150 | + | |
| 151 | + | |
| 152 | + | |
68 | 153 | | |
69 | 154 | | |
70 | | - | |
| 155 | + | |
| 156 | + | |
| 157 | + | |
| 158 | + | |
| 159 | + | |
| 160 | + | |
| 161 | + | |
| 162 | + | |
71 | 163 | | |
72 | 164 | | |
73 | 165 | | |
| |||
76 | 168 | | |
77 | 169 | | |
78 | 170 | | |
79 | | - | |
80 | | - | |
| 171 | + | |
| 172 | + | |
| 173 | + | |
| 174 | + | |
| 175 | + | |
| 176 | + | |
| 177 | + | |
| 178 | + | |
| 179 | + | |
| 180 | + | |
| 181 | + | |
81 | 182 | | |
82 | 183 | | |
83 | 184 | | |
84 | 185 | | |
| 186 | + | |
| 187 | + | |
| 188 | + | |
| 189 | + | |
| 190 | + | |
| 191 | + | |
| 192 | + | |
| 193 | + | |
| 194 | + | |
| 195 | + | |
| 196 | + | |
| 197 | + | |
| 198 | + | |
| 199 | + | |
| 200 | + | |
| 201 | + | |
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
21 | 21 | | |
22 | 22 | | |
23 | 23 | | |
| 24 | + | |
| 25 | + | |
| 26 | + | |
| 27 | + | |
24 | 28 | | |
Loading
Loading
Loading
Loading
Loading
Loading
Loading
0 commit comments