feat(power-menu): per-DE commands config with safe subprocess execution

Author: DIMFLIX

src/mewline/constants.py

@@ -144,6 +144,22 @@
                 "reboot_icon_size": "20px",
                 "shutdown_icon": "",
                 "shutdown_icon_size": "20px",
+                "commands": {
+                    "hyprland": {
+                        "lock": "hyprlock",
+                        "logout": "hyprctl dispatch exit",
+                        "suspend": "systemctl suspend",
+                        "reboot": "systemctl reboot",
+                        "shutdown": "systemctl poweroff",
+                    },
+                    "bspwm": {
+                        "lock": "i3lock",
+                        "logout": "bspc quit",
+                        "suspend": "systemctl suspend",
+                        "reboot": "systemctl reboot",
+                        "shutdown": "systemctl poweroff",
+                    },
+                }
             },
             "compact": {
                 "window_titles": {

src/mewline/utils/config_structure.py

@@ -1,6 +1,15 @@
+import re
 from typing import Literal
 
 from pydantic import BaseModel
+from pydantic import field_validator
+
+# Shell metacharacters that could enable command injection.
+# $( and backtick allow command substitution; |, ;, & chain commands;
+# <, > redirect I/O; ( ) start subshells.
+# Plain $VAR / ${VAR} references are intentionally allowed so users can
+# point to scripts via env-var paths (expanded at runtime, not here).
+_UNSAFE_SHELL_RE = re.compile(r"[|;&`<>()]|\$\(")
 
 
 class Theme(BaseModel):
@@ -72,6 +81,45 @@ class PowerModule(BaseModel):
     tooltip: bool
 
 
+class PowerMenuCommands(BaseModel):
+    """Commands executed for each power-menu action.
+
+    Keys of the ``commands`` dict in :class:`PowerMenu` must match the value
+    of ``XDG_CURRENT_DESKTOP`` (compared case-insensitively at runtime).
+
+    **Environment-variable substitution** – ``$VAR`` and ``${VAR}`` references
+    inside a command string are expanded at runtime via
+    :func:`os.path.expandvars` *before* the command is split and executed.
+    This lets you write paths like ``$HOME/.local/bin/screen-lock.sh``
+    without hard-coding your home directory.
+
+    **Security** – Commands are executed via :func:`subprocess.Popen` with
+    ``shell=False``, so no shell features (pipes, redirections, command
+    substitution, etc.) are available.  To enforce this, the validator rejects
+    any command string that contains the following characters or sequences:
+    ``|``, ``;``, ``&``, backtick, ``<``, ``>``, ``(``, ``)``, ``$(``.  If
+    you need complex logic, put it in a standalone script and reference that
+    script here.
+    """
+
+    lock: str = "hyprlock"
+    logout: str = "hyprctl dispatch exit"
+    suspend: str = "systemctl suspend"
+    reboot: str = "systemctl reboot"
+    shutdown: str = "systemctl poweroff"
+
+    @field_validator("lock", "logout", "suspend", "reboot", "shutdown", mode="before")
+    @classmethod
+    def _no_shell_metacharacters(cls, v: str) -> str:
+        if _UNSAFE_SHELL_RE.search(v):
+            raise ValueError(
+                f"Command contains unsafe shell metacharacters: {v!r}. "
+                "Shell features are not supported; use an absolute path to a "
+                "wrapper script instead (e.g. /home/user/.local/bin/lock.sh)."
+            )
+        return v
+
+
 class PowerMenu(BaseModel):
     lock_icon: str
     lock_icon_size: str
@@ -83,6 +131,7 @@ class PowerMenu(BaseModel):
     reboot_icon_size: str
     shutdown_icon: str
     shutdown_icon_size: str
+    commands: dict[str, PowerMenuCommands] = {}
 
 
 class DatetimeModule(BaseModel):

src/mewline/widgets/dynamic_island/power.py

@@ -1,11 +1,14 @@
+import os
+import shlex
+import subprocess
 from typing import TYPE_CHECKING
 
 from fabric.widgets.box import Box
 from fabric.widgets.button import Button
-from gi.repository import GLib
 from loguru import logger
 
 from mewline.config import cfg
+from mewline.utils.config_structure import PowerMenuCommands
 from mewline.utils.widget_utils import setup_cursor_hover
 from mewline.utils.widget_utils import text_icon
 from mewline.widgets.dynamic_island.base import BaseDiWidget
@@ -102,27 +105,83 @@ def __init__(self, di: "DynamicIsland", **kwargs):
     def close_menu(self):
         self.dynamic_island.close()
 
+    def _get_commands(self) -> PowerMenuCommands:
+        """Return commands for the current desktop environment.
+
+        Looks up ``XDG_CURRENT_DESKTOP`` in ``config.commands``
+        (case-insensitive).  Falls back to the first entry in the dict, or
+        to built-in defaults when the dict is empty.
+        """
+        desktop = os.environ.get("XDG_CURRENT_DESKTOP", "").lower()
+        commands_map = self.config.commands
+
+        for key, cmds in commands_map.items():
+            if key.lower() == desktop:
+                return cmds
+
+        if commands_map:
+            first_key = next(iter(commands_map))
+            logger.warning(
+                f"[PowerMenu] No commands configured for desktop {desktop!r}, "
+                f"falling back to {first_key!r} commands."
+            )
+            return commands_map[first_key]
+
+        logger.warning(
+            f"[PowerMenu] No commands configured for desktop {desktop!r} and "
+            "no fallback available - using built-in defaults."
+        )
+        return PowerMenuCommands()
+
+    @staticmethod
+    def _run_command(command: str) -> None:
+        """Execute *command* safely without a shell.
+
+        ``$VAR`` / ``${VAR}`` references are expanded via
+        :func:`os.path.expandvars` before the string is split with
+        :func:`shlex.split`.  The resulting argument list is handed directly
+        to :class:`subprocess.Popen` (``shell=False``), so no shell injection
+        is possible regardless of the command string's content.
+        """
+        expanded = os.path.expandvars(command)
+        try:
+            args = shlex.split(expanded)
+        except ValueError as exc:
+            logger.error(f"[PowerMenu] Failed to parse command {command!r}: {exc}")
+            return
+
+        if not args:
+            logger.warning(f"[PowerMenu] Empty command after parsing: {command!r}")
+            return
+
+        try:
+            subprocess.Popen(args)
+        except FileNotFoundError:
+            logger.error(f"[PowerMenu] Command not found: {args[0]!r}")
+        except OSError as exc:
+            logger.error(f"[PowerMenu] Failed to start {args!r}: {exc}")
+
     def lock(self, *args):
-        logger.info("Locking screen...")
-        GLib.spawn_command_line_async("swaylock")
+        logger.info("[PowerMenu] Locking screen...")
+        self._run_command(self._get_commands().lock)
         self.close_menu()
 
     def suspend(self, *args):
-        logger.info("Suspending screen...")
-        GLib.spawn_command_line_async("systemctl suspend")
+        logger.info("[PowerMenu] Suspending system...")
+        self._run_command(self._get_commands().suspend)
         self.close_menu()
 
     def logout(self, *args):
-        logger.info("Logging out...")
-        GLib.spawn_command_line_async("hyprctl dispatch exit")
+        logger.info("[PowerMenu] Logging out...")
+        self._run_command(self._get_commands().logout)
         self.close_menu()
 
     def reboot(self, *args):
-        logger.info("Rebooting system...")
-        GLib.spawn_command_line_async("systemctl reboot")
+        logger.info("[PowerMenu] Rebooting system...")
+        self._run_command(self._get_commands().reboot)
         self.close_menu()
 
     def poweroff(self, *args):
-        logger.info("Powering off system...")
-        GLib.spawn_command_line_async("systemctl poweroff")
+        logger.info("[PowerMenu] Powering off system...")
+        self._run_command(self._get_commands().shutdown)
         self.close_menu()

whitelist-vulture

@@ -34,40 +34,40 @@ MONITOR_FOCUS  # unused variable (src/mewline/custom_fabric/bspwm/service.py:54)
 MONITOR_GEOMETRY  # unused variable (src/mewline/custom_fabric/bspwm/service.py:55)
 POINTER_ACTION  # unused variable (src/mewline/custom_fabric/bspwm/service.py:56)
 _.event_thread  # unused attribute (src/mewline/custom_fabric/bspwm/service.py:107)
-_.empty  # unused attribute (src/mewline/custom_fabric/bspwm/widgets.py:83)
-_.empty  # unused attribute (src/mewline/custom_fabric/bspwm/widgets.py:121)
 _._duration  # unused attribute (src/mewline/shared/animator.py:76)
 _.rowstride  # unused attribute (src/mewline/utils/temporary_fixes.py:29)
 _.has_alpha  # unused attribute (src/mewline/utils/temporary_fixes.py:30)
 _.bits_per_sample  # unused attribute (src/mewline/utils/temporary_fixes.py:31)
 _.channels  # unused attribute (src/mewline/utils/temporary_fixes.py:32)
 _._pixbuf  # unused attribute (src/mewline/utils/temporary_fixes.py:43)
 _.byte_array  # unused attribute (src/mewline/utils/temporary_fixes.py:44)
+_.min_width  # unused attribute (src/mewline/widgets/dynamic_island/__init__.py:404)
+_.min_height  # unused attribute (src/mewline/widgets/dynamic_island/__init__.py:405)
+_.max_width  # unused attribute (src/mewline/widgets/dynamic_island/__init__.py:406)
+_.max_height  # unused attribute (src/mewline/widgets/dynamic_island/__init__.py:407)
+allocation  # unused variable (src/mewline/widgets/dynamic_island/__init__.py:482)
 _.xalign  # unused attribute (src/mewline/widgets/dynamic_island/app_launcher.py:59)
 _.xalign  # unused attribute (src/mewline/widgets/dynamic_island/clipboard.py:59)
 _.xalign  # unused attribute (src/mewline/widgets/dynamic_island/emoji.py:57)
 _.xalign  # unused attribute (src/mewline/widgets/dynamic_island/pawlette_themes.py:81)
-_.xalign  # unused attribute (src/mewline/widgets/dynamic_island/wallpapers.py:159)
+_.xalign  # unused attribute (src/mewline/widgets/dynamic_island/wallpapers.py:172)
 _.toggle_shuffle  # unused method (src/mewline/services/mpris.py:87)
-_.set_pointing_to  # unused method (src/mewline/shared/popover.py:107)
-_.set_content  # unused method (src/mewline/shared/popover.py:110)
+_.set_pointing_to  # unused method (src/mewline/shared/popover.py:182)
+_.set_content  # unused method (src/mewline/shared/popover.py:185)
+_.set_pointing_to  # unused method (src/mewline/shared/popover.py:301)
+_.set_content  # unused method (src/mewline/shared/popover.py:304)
 _.do_action_next  # unused method (src/mewline/custom_fabric/bspwm/widgets.py:136)
 _.do_action_previous  # unused method (src/mewline/custom_fabric/bspwm/widgets.py:140)
 _.do_button_clicked  # unused method (src/mewline/custom_fabric/bspwm/widgets.py:144)
-_._unblock_service_updates  # unused method (src/mewline/widgets/combined_controls.py:367)
 _.show_for_device  # unused method (src/mewline/widgets/osd.py:159)
 _.get_profile_icon  # unused method (src/mewline/services/battery.py:176)
-popover_opened  # unused function (src/mewline/shared/popover.py:76)
-popover_closed  # unused function (src/mewline/shared/popover.py:82)
+popover_opened  # unused function (src/mewline/shared/popover.py:151)
+popover_closed  # unused function (src/mewline/shared/popover.py:157)
 _.stop  # unused method (src/mewline/shared/animator.py:174)
-_.return_popover_window  # unused method (src/mewline/shared/popover.py:60)
-_.is_x11  # unused method (src/mewline/utils/window_manager.py:68)
+_.return_popover_window  # unused method (src/mewline/shared/popover.py:66)
+_.return_popover_window  # unused method (src/mewline/shared/popover.py:136)
+_._no_shell_metacharacters  # unused method (src/mewline/utils/config_structure.py:111)
 get_display_backend  # unused function (src/mewline/utils/window_manager.py:120)
-_._detach_nav  # unused method (src/mewline/widgets/dynamic_island/notifications.py:555)
-BspwmEventType  # unused class (src/mewline/custom_fabric/bspwm/service.py:20)
-min_width  # unused attribute (src/mewline/widgets/dynamic_island/__init__.py:404)
-min_height  # unused attribute (src/mewline/widgets/dynamic_island/__init__.py:405)
-max_width  # unused attribute (src/mewline/widgets/dynamic_island/__init__.py:406)
-max_height  # unused attribute (src/mewline/widgets/dynamic_island/__init__.py:407)
-allocation  # unused variable (src/mewline/widgets/dynamic_island/__init__.py:482)
+_._detach_nav  # unused method (src/mewline/widgets/dynamic_island/notifications.py:564)
 _._on_item_removed  # unused method (src/mewline/widgets/system_tray.py:206)
+BspwmEventType  # unused class (src/mewline/custom_fabric/bspwm/service.py:20)