feat(find): implement -execdir command {} ;

SHELL_FEATURES.md

@@ -12,7 +12,7 @@ Blocked features are rejected before execution with exit code 2.
 - ✅ `echo [-neE] [ARG]...` — write arguments to stdout; `-n` suppresses trailing newline, `-e` enables backslash escapes, `-E` disables them (default)
 - ✅ `exit [N]` — exit the shell with status N (default 0)
 - ✅ `false` — return exit code 1
-- ✅ `find [-L] [-P] [PATH...] [EXPRESSION]` — search for files in a directory hierarchy; supports `--help`, `-name`, `-iname`, `-path`, `-ipath`, `-type` (b,c,d,f,l,p,s), `-size`, `-empty`, `-newer`, `-mtime`, `-mmin`, `-perm`, `-maxdepth`, `-mindepth`, `-print`, `-print0`, `-prune`, `-quit`, logical operators (`!`, `-a`, `-o`, `()`); blocks `-exec`, `-delete`, `-regex` for sandbox safety
+- ✅ `find [-L] [-P] [PATH...] [EXPRESSION]` — search for files in a directory hierarchy; supports `--help`, `-name`, `-iname`, `-path`, `-ipath`, `-type` (b,c,d,f,l,p,s), `-size`, `-empty`, `-newer`, `-mtime`, `-mmin`, `-perm`, `-maxdepth`, `-mindepth`, `-print`, `-print0`, `-execdir CMD {} \;`, `-prune`, `-quit`, logical operators (`!`, `-a`, `-o`, `()`); blocks `-exec`, `-delete`, `-regex` for sandbox safety
 - ✅ `grep [-EFGivclLnHhoqsxw] [-e PATTERN] [-m NUM] [-A NUM] [-B NUM] [-C NUM] PATTERN [FILE]...` — print lines that match patterns; uses RE2 regex engine (linear-time, no backtracking)
 - ✅ `head [-n N|-c N] [-q|-v] [FILE]...` — output the first part of files (default: first 10 lines); `-z`/`--zero-terminated` and `--follow` are rejected
 - ✅ `help` — display all available builtin commands with brief descriptions; for detailed flag info, use `<command> --help`

allowedsymbols/symbols_builtins.go

@@ -89,12 +89,15 @@ var builtinPerCommandSymbols = map[string][]string{
 		"math.MaxInt64",                   // 🟢 integer constant; no side effects.
 		"os.IsNotExist",                   // 🟢 checks if error is "not exist"; pure function, no I/O.
 		"os.PathError",                    // 🟢 error type for path operations; pure type.
+		"path/filepath.Dir",               // 🟢 returns the directory component of a path; pure function, no I/O.
+		"path/filepath.IsAbs",             // 🟢 reports whether a path is absolute; pure function, no I/O.
 		"path/filepath.ToSlash",           // 🟢 converts OS path separators to forward slashes; pure function, no I/O.
 		"strconv.Atoi",                    // 🟢 string-to-int conversion; pure function, no I/O.
 		"strconv.ErrRange",                // 🟢 sentinel error value for overflow; pure constant.
 		"strconv.ParseInt",                // 🟢 string-to-int conversion; pure function, no I/O.
 		"strconv.ParseUint",               // 🟢 string-to-unsigned-int conversion; pure function, no I/O.
 		"strings.HasPrefix",               // 🟢 pure function for prefix matching; no I/O.
+		"strings.ReplaceAll",              // 🟢 replaces all {} occurrences in -execdir args; pure function, no I/O.
 		"strings.Split",                   // 🟢 splits a string by separator into a slice; pure function, no I/O.
 		"strings.ToLower",                 // 🟢 converts string to lowercase; pure function, no I/O.
 		"time.Duration",                   // 🟢 duration type; pure integer alias, no I/O.
@@ -103,6 +106,7 @@ var builtinPerCommandSymbols = map[string][]string{
 		"time.Second",                     // 🟢 constant representing one second; no side effects.
 		"time.Time",                       // 🟢 time value type; pure data, no side effects.
 		"unicode/utf8.DecodeRuneInString", // 🟢 decodes first UTF-8 rune from a string; pure function, no I/O.
+
 	},
 	"grep": {
 		"bufio.NewScanner",  // 🟢 line-by-line input reading (e.g. head, cat); no write or exec capability.
@@ -454,6 +458,8 @@ var builtinAllowedSymbols = []string{
 	"os.IsNotExist",                                       // 🟢 checks if error is "not exist"; pure function, no I/O.
 	"os.O_RDONLY",                                         // 🟢 read-only file flag constant; cannot open files by itself.
 	"os.PathError",                                        // 🟢 error type for filesystem path errors; pure type, no I/O.
+	"path/filepath.Dir",                                   // 🟢 returns the directory component of a path; pure function, no I/O.
+	"path/filepath.IsAbs",                                 // 🟢 reports whether a path is absolute; pure function, no I/O.
 	"path/filepath.ToSlash",                               // 🟢 converts OS path separators to forward slashes; pure function, no I/O.
 	"regexp.Compile",                                      // 🟢 compiles a regular expression; pure function, no I/O. Uses RE2 engine (linear-time, no backtracking).
 	"regexp.QuoteMeta",                                    // 🟢 escapes all special regex characters in a string; pure function, no I/O.
@@ -518,4 +524,5 @@ var builtinAllowedSymbols = []string{
 	"unicode/utf8.RuneError",                              // 🟢 replacement character returned for invalid UTF-8; constant, no I/O.
 	"unicode/utf8.UTFMax",                                 // 🟢 maximum number of bytes in a UTF-8 encoding; constant, no I/O.
 	"unicode/utf8.Valid",                                  // 🟢 checks if a byte slice is valid UTF-8; pure function, no I/O.
+
 }

builtins/builtins.go

@@ -149,6 +149,14 @@ type CallContext struct {
 	// commands.
 	CommandAllowed func(name string) bool
 
+	// WorkDir returns the shell's current working directory (absolute path).
+	// Used by builtins that need to compute absolute paths for sub-operations.
+	WorkDir func() string
+
+	// RunCommand executes a builtin command within the shell's sandbox.
+	// dir overrides the working directory for path resolution.
+	// Returns the command's exit code.
+	RunCommand func(ctx context.Context, dir string, name string, args []string) (uint8, error)
 	// Proc provides access to the proc filesystem for the ps builtin.
 	// The path is fixed at construction time and cannot be overridden by callers.
 	Proc *ProcProvider