Why Go
- Case Studies
  
  Common problems companies solve with Go
- Use Cases
  
  Stories about how and why companies use Go
- Security
  
  How Go can help keep you secure by default
Learn
Docs
- Effective Go
  
  Tips for writing clear, performant, and idiomatic Go code
- Go User Manual
  
  A complete introduction to building software with Go
- Standard library
  
  Reference documentation for Go's standard library
- Release Notes
  
  Learn what's new in each Go release
Packages
Community
- Recorded Talks
  
  Videos from prior events
- Meetups
  
  Meet other local Go developers
- Conferences
  
  Learn and network with Go developers from around the world
- Go blog
  
  The Go project's official blog.
- Go project
  
  Get help and stay informed from Go
- Get connected

security

package

Go to main page

Versions in this module

v1

v1.0.0

Feb 23, 2026

Changes in this version

+ var ErrEmptyCommand = errors.New("security: empty command")

+ var ErrPathNotAllowed = errors.New("security: path not in sandbox allowlist")

+ type ApprovalQueue struct

+ func NewApprovalQueue(storePath string) (*ApprovalQueue, error)

+ func (q *ApprovalQueue) Approve(id, approver string, whitelistTTL time.Duration) (*ApprovalRecord, error)

+ func (q *ApprovalQueue) Deny(id, approver, reason string) (*ApprovalRecord, error)

+ func (q *ApprovalQueue) IsWhitelisted(sessionID string) bool

+ func (q *ApprovalQueue) ListPending() []*ApprovalRecord

+ func (q *ApprovalQueue) Request(sessionID, command string, paths []string) (*ApprovalRecord, error)

+ func (q *ApprovalQueue) Wait(ctx context.Context, id string) (*ApprovalRecord, error)

+ type ApprovalRecord struct

+ ApprovedAt *time.Time

+ Approver string

+ AutoApproved bool

+ Command string

+ ExpiresAt *time.Time

+ ID string

+ Paths []string

+ Reason string

+ RequestedAt time.Time

+ SessionID string

+ State ApprovalState

+ type ApprovalState string

+ const ApprovalApproved

+ const ApprovalDenied

+ const ApprovalPending

+ type PathResolver struct

+ func NewPathResolver() *PathResolver

+ func (r *PathResolver) Resolve(path string) (string, error)

+ type PermissionAction string

+ const PermissionAllow

+ const PermissionAsk

+ const PermissionDeny

+ const PermissionUnknown

+ type PermissionAudit struct

+ Action PermissionAction

+ Rule string

+ Target string

+ Timestamp time.Time

+ Tool string

+ type PermissionDecision struct

+ Action PermissionAction

+ Rule string

+ Target string

+ Tool string

+ type PermissionMatcher struct

+ func NewPermissionMatcher(cfg *config.PermissionsConfig) (*PermissionMatcher, error)

+ func (m *PermissionMatcher) Match(toolName string, params map[string]any) PermissionDecision

+ type Sandbox struct

+ func NewDisabledSandbox() *Sandbox

+ func NewSandbox(workDir string) *Sandbox

+ func (s *Sandbox) Allow(path string)

+ func (s *Sandbox) AllowShellMetachars(allow bool)

+ func (s *Sandbox) CheckToolPermission(toolName string, params map[string]any) (PermissionDecision, error)

+ func (s *Sandbox) LoadPermissions(projectRoot string) error

+ func (s *Sandbox) PermissionAudits() []PermissionAudit

+ func (s *Sandbox) SetCommandLimits(maxBytes, maxArgs int)

+ func (s *Sandbox) ValidateCommand(cmd string) error

+ func (s *Sandbox) ValidatePath(path string) error

+ type Validator struct

+ func NewValidator() *Validator

+ func (v *Validator) AllowShellMetachars(allow bool)

+ func (v *Validator) SetMaxArgs(n int)

+ func (v *Validator) SetMaxCommandBytes(n int)

+ func (v *Validator) Validate(input string) error