extension: Add capabilities for the process API (#26224)

This PR adds support for capabilities for the extension process API. In order to use the process API, an extension must declare which commands it wants to use, with arguments: ```toml [[capabilities]] kind = "process:exec" command = "echo" args = ["hello!"] ``` A `*` can be used to denote a single wildcard in the argument list: ```toml [[capabilities]] kind = "process:exec" command = "echo" args = ["*"] ``` And `**` can be used to denote a wildcard for the remaining arguments: ```toml [[capabilities]] kind = "process:exec" command = "ls" args = ["-a", "**"] ``` Release Notes: - N/A --------- Co-authored-by: Conrad Irwin <conrad.irwin@gmail.com>
2025-03-06 11:55:00 -05:00 · 2025-03-06 11:55:00 -05:00 · 6fd9708eee
commit 6fd9708eee
parent 99216acdec
5 changed files with 170 additions and 1 deletions
--- a/crates/extension_host/src/extension_store_test.rs
+++ b/crates/extension_host/src/extension_store_test.rs
@ -163,6 +163,7 @@ async fn test_extension_store(cx: &mut TestAppContext) {
                        slash_commands: BTreeMap::default(),
                        indexed_docs_providers: BTreeMap::default(),
                        snippets: None,
+                        capabilities: Vec::new(),
                    }),
                    dev: false,
                },
@ -191,6 +192,7 @@ async fn test_extension_store(cx: &mut TestAppContext) {
                        slash_commands: BTreeMap::default(),
                        indexed_docs_providers: BTreeMap::default(),
                        snippets: None,
+                        capabilities: Vec::new(),
                    }),
                    dev: false,
                },
@ -356,6 +358,7 @@ async fn test_extension_store(cx: &mut TestAppContext) {
                slash_commands: BTreeMap::default(),
                indexed_docs_providers: BTreeMap::default(),
                snippets: None,
+                capabilities: Vec::new(),
            }),
            dev: false,
        },
--- a/crates/extension_host/src/wasm_host/wit/since_v0_3_0.rs
+++ b/crates/extension_host/src/wasm_host/wit/since_v0_3_0.rs
@ -592,6 +592,8 @@ impl process::Host for WasmState {
        command: process::Command,
    ) -> wasmtime::Result<Result<process::Output, String>> {
        maybe!(async {
+            self.manifest.allow_exec(&command.command, &command.args)?;
+
            let output = util::command::new_smol_command(command.command.as_str())
                .args(&command.args)
                .envs(command.env)