EnvironmentVariableExpansionPolicy class
Flags commands that expand environment variables ($HOME, ${HOME},
%USERPROFILE%, $env:USERPROFILE).
It relies on the env-expansion security findings. By default expansion
yields CommandDecision.review; set onMatch to deny for a strict policy.
- Inheritance
-
- Object
- CommandPolicy
- EnvironmentVariableExpansionPolicy
Constructors
- EnvironmentVariableExpansionPolicy({CommandDecision onMatch = CommandDecision.review, SecurityLevel level = SecurityLevel.lowRisk})
-
Creates the policy.
const
Properties
- allowResult → CommandResult
-
Helper to build an allow result with no findings.
no setterinherited
- hashCode → int
-
The hash code for this object.
no setterinherited
- level → SecurityLevel
-
The severity attached to the finding.
final
- name → String
-
A short, stable identifier for the policy (used in findings/tests).
no setteroverride
- onMatch → CommandDecision
-
The decision returned when expansion is detected.
final
- runtimeType → Type
-
A representation of the runtime type of the object.
no setterinherited
Methods
-
evaluate(
CommandAnalysis analysis) → CommandResult -
Evaluates
analysisand returns a result.override -
noSuchMethod(
Invocation invocation) → dynamic -
Invoked when a nonexistent method or property is accessed.
inherited
-
result(
CommandDecision decision, SecurityLevel level, String message) → CommandResult -
Helper to build a result carrying a single finding.
inherited
-
toString(
) → String -
A string representation of this object.
inherited
Operators
-
operator ==(
Object other) → bool -
The equality operator.
inherited