🛡️ Sentinel: [CRITICAL] Fix path traversal in typescript extractor

[bashandbone]

🚨 Severity: CRITICAL
💡 Vulnerability: The TypeScriptDependencyExtractor manually normalized paths and blindly popped the components vector when encountering .. (std::path::Component::ParentDir). If the vector was empty (or navigating backwards multiple levels), it swallowed the .., which meant traversing ../../../sensitive would simply resolve to sensitive, opening up the risk for path traversal vulnerabilities in dependency extraction.
🎯 Impact: An attacker controlling imports in a TypeScript file could force the extractor to resolve and process files outside of the intended source tree, potentially extracting contents or crashing the system depending on how the parsed results are handled.
🔧 Fix: Updated the normalization logic to securely inspect the last element in the components vector. It now correctly retains .. if the list is empty or the last element is also .., prevents popping RootDir or Prefix, and only pops if the last component was a normal path directory. Also cleaned up some unused lifetimes in crates/rule-engine/src/check_var.rs caught by clippy.
✅ Verification: Ran unit tests for the TypeScript extractor (cargo test -p thread-flow --test extractor_typescript_tests) to ensure correct resolution behaviour and ensure no regressions were introduced. Also successfully ran cargo clippy --workspace -- -D warnings.

---

PR created automatically by Jules for task 12822901857360876647 started by @bashandbone

Summary by Sourcery

Fix insecure path normalization in the TypeScript dependency extractor to prevent path traversal and perform minor cleanup in the rule engine.

Bug Fixes:

• Ensure TypeScript module resolution correctly handles .. components without allowing traversal outside the intended root or prefix.

Enhancements:

• Remove unnecessary lifetimes from rule engine variable checking helpers for cleaner type signatures.

Chores:

• Add a Sentinel incident note documenting the path traversal vulnerability, its root cause, and prevention guidance.

[google-labs-jules]

👋 Jules, reporting for duty! I'm here to lend a hand with this pull request.

When you start a review, I'll add a 👀 emoji to each comment to let you know I've read it. I'll focus on feedback directed at me and will do my best to stay out of conversations between you and other bots or reviewers to keep the noise down.

I'll push a commit with your requested changes shortly after. Please note there might be a delay between these steps, but rest assured I'm on the job!

For more direct control, you can switch me to Reactive Mode. When this mode is on, I will only act on comments where you specifically mention me with @jules. You can find this option in the Pull Request section of your global Jules UI settings. You can always switch back!

New to Jules? Learn more at jules.google/docs.

---

For security, I will only act on instructions from the user who triggered this task.

[sourcery-ai]

Reviewer's Guide

Fixes a critical path traversal bug in the TypeScript dependency extractor’s manual path normalization logic and performs a small lifetime-simplification cleanup in the rule engine, plus adds a Sentinel write-up documenting the vulnerability and mitigation pattern.

File-Level Changes

Change	Details	Files
Harden manual path normalization in the TypeScript dependency extractor to correctly handle .. components and prevent path traversal.	Replace blind components.pop() on encountering ParentDir with logic that inspects the last component first. Prevent ParentDir from popping RootDir or Prefix components, effectively blocking escape above the filesystem root or drive prefix. Retain ParentDir by pushing it onto the components list when the list is empty or already ends with ParentDir, ensuring sequences like ../../../file do not collapse to file. Only pop the last component when it is a normal directory, preserving correct relative resolution semantics.	crates/flow/src/incremental/extractors/typescript.rs
Clean up unused lifetimes in rule engine variable-checking helpers to satisfy clippy and simplify signatures.	Remove unused lifetime parameter from check_var_in_constraints and change its constraints parameter to a non-lifetime-annotated reference. Remove unused lifetime parameter from check_var_in_transform and change its transform parameter to a non-lifetime-annotated reference.	crates/rule-engine/src/check_var.rs
Add Sentinel documentation describing the path traversal vulnerability, root cause, and prevention guidelines.	Create a Sentinel markdown file describing the TypeScript path traversal issue, the behavior of Path::components, and recommended defensive patterns for manual normalization.	.jules/sentinel.md

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[sourcery-ai]

Hey - I've left some high level feedback:

• The manual path-normalization logic in TypeScriptDependencyExtractor is now fairly intricate; consider extracting it into a small, well-named helper function with a brief comment documenting its security invariants (e.g., when ParentDir is pushed vs. popped and why RootDir/Prefix are protected) to make future maintenance and review easier.
• In the components match, you might want to handle all std::path::Component variants explicitly (e.g., with a non-empty match on component rather than using _) so that any new variants added by the standard library cause a compile-time error instead of being silently treated as a normal component.

Prompt for AI Agents

Please address the comments from this code review:

## Overall Comments
- The manual path-normalization logic in `TypeScriptDependencyExtractor` is now fairly intricate; consider extracting it into a small, well-named helper function with a brief comment documenting its security invariants (e.g., when `ParentDir` is pushed vs. popped and why `RootDir`/`Prefix` are protected) to make future maintenance and review easier.
- In the `components` match, you might want to handle all `std::path::Component` variants explicitly (e.g., with a non-empty `match` on `component` rather than using `_`) so that any new variants added by the standard library cause a compile-time error instead of being silently treated as a normal component.

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[Copilot]

Pull request overview

This PR addresses a critical security issue in the TypeScript/JavaScript dependency extractor’s path normalization logic to reduce the risk of path traversal during module resolution, alongside minor Rust cleanup and an incident note.

Changes:

• Hardened manual .. component handling in TypeScriptDependencyExtractor::resolve_module_path.
• Removed unnecessary lifetimes from rule-engine variable checking helpers (clippy cleanup).
• Added a Sentinel incident note documenting the vulnerability and prevention guidance.

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 3 comments.

File	Description
crates/rule-engine/src/check_var.rs	Simplifies helper function signatures by removing unused lifetimes.
crates/flow/src/incremental/extractors/typescript.rs	Updates .. normalization logic during TypeScript module path resolution.
.jules/sentinel.md	Adds an incident write-up for the path traversal issue and mitigation guidance.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.