fix: validate project name to reject path separators in apm init

apm init passed the project_name argument directly into Path(), causing
'/' and '\' to be silently interpreted as filesystem path separators.
On Windows this produced a low-level WinError instead of a clear message.

Add _validate_project_name() in _helpers.py that rejects names containing
'/' or '\', call it in init() before any Path usage, and re-prompt in
interactive mode when the user enters an invalid name.

Fixes #723
Closes #718 (discussion)

Author: edenfunf

src/apm_cli/commands/_helpers.py

@@ -414,6 +414,17 @@ def _validate_plugin_name(name):
     return bool(re.match(r"^[a-z][a-z0-9-]{0,63}$", name))
 
 
+def _validate_project_name(name):
+    """Validate that a project name does not contain path separators.
+
+    Project names are used directly as directory names and must not contain
+    '/' or '\\' to prevent unintended filesystem path traversal.
+
+    Returns True if valid, False otherwise.
+    """
+    return "/" not in name and "\\" not in name
+
+
 def _create_plugin_json(config):
     """Create plugin.json file with package metadata.
 

src/apm_cli/commands/init.py

@@ -22,6 +22,7 @@
     _lazy_confirm,
     _rich_blank_line,
     _validate_plugin_name,
+    _validate_project_name,
 )
 
 
@@ -47,6 +48,14 @@ def init(ctx, project_name, yes, plugin, verbose):
         if project_name == ".":
             project_name = None
 
+        # Reject names containing path separators before any filesystem use
+        if project_name and not _validate_project_name(project_name):
+            logger.error(
+                f"Invalid project name '{project_name}': "
+                "project names must not contain path separators ('/' or '\\\\')."
+            )
+            sys.exit(1)
+
         # Determine project directory and name
         if project_name:
             project_dir = Path(project_name)
@@ -163,7 +172,7 @@ def init(ctx, project_name, yes, plugin, verbose):
 
 def _interactive_project_setup(default_name, logger):
     """Interactive setup for new APM projects with auto-detection."""
-    from ._helpers import _auto_detect_author, _auto_detect_description
+    from ._helpers import _auto_detect_author, _auto_detect_description, _validate_project_name
 
     # Get auto-detected defaults
     auto_author = _auto_detect_author()
@@ -179,7 +188,15 @@ def _interactive_project_setup(default_name, logger):
         console.print("\n[info]Setting up your APM project...[/info]")
         console.print("[muted]Press ^C at any time to quit.[/muted]\n")
 
-        name = Prompt.ask("Project name", default=default_name).strip()
+        while True:
+            name = Prompt.ask("Project name", default=default_name).strip()
+            if _validate_project_name(name):
+                break
+            console.print(
+                f"[error]Invalid project name '{name}': "
+                "project names must not contain path separators ('/' or '\\\\').[/error]"
+            )
+
         version = Prompt.ask("Version", default="1.0.0").strip()
         description = Prompt.ask("Description", default=auto_description).strip()
         author = Prompt.ask("Author", default=auto_author).strip()
@@ -201,7 +218,15 @@ def _interactive_project_setup(default_name, logger):
         logger.progress("Setting up your APM project...")
         logger.progress("Press ^C at any time to quit.")
 
-        name = click.prompt("Project name", default=default_name).strip()
+        while True:
+            name = click.prompt("Project name", default=default_name).strip()
+            if _validate_project_name(name):
+                break
+            click.echo(
+                f"{ERROR}Invalid project name '{name}': "
+                "project names must not contain path separators ('/' or '\\\\').{RESET}"
+            )
+
         version = click.prompt("Version", default="1.0.0").strip()
         description = click.prompt("Description", default=auto_description).strip()
         author = click.prompt("Author", default=auto_author).strip()

tests/unit/test_init_command.py

@@ -319,3 +319,87 @@ def test_invalid_names(self):
         assert _validate_plugin_name("-plugin") is False
         assert _validate_plugin_name("a" * 65) is False
         assert _validate_plugin_name("My-Plugin") is False
+
+
+class TestProjectNameValidation:
+    """Unit tests for _validate_project_name helper."""
+
+    def test_valid_names(self):
+        from apm_cli.commands._helpers import _validate_project_name
+
+        assert _validate_project_name("myproject") is True
+        assert _validate_project_name("my-project") is True
+        assert _validate_project_name("my_project") is True
+        assert _validate_project_name("Project123") is True
+        assert _validate_project_name("4") is True
+        assert _validate_project_name(".") is True
+
+    def test_invalid_forward_slash(self):
+        from apm_cli.commands._helpers import _validate_project_name
+
+        assert _validate_project_name("4/15") is False
+        assert _validate_project_name("a/b") is False
+        assert _validate_project_name("/leading") is False
+        assert _validate_project_name("trailing/") is False
+
+    def test_invalid_backslash(self):
+        from apm_cli.commands._helpers import _validate_project_name
+
+        assert _validate_project_name("a\\b") is False
+        assert _validate_project_name("\\leading") is False
+        assert _validate_project_name("trailing\\") is False
+
+
+class TestInitProjectNameValidation:
+    """Integration tests: apm init rejects project names with path separators."""
+
+    def setup_method(self):
+        self.runner = CliRunner()
+        try:
+            self.original_dir = os.getcwd()
+        except FileNotFoundError:
+            self.original_dir = str(Path(__file__).parent.parent.parent)
+            os.chdir(self.original_dir)
+
+    def teardown_method(self):
+        try:
+            os.chdir(self.original_dir)
+        except (FileNotFoundError, OSError):
+            os.chdir(str(Path(__file__).parent.parent.parent))
+
+    def test_init_rejects_forward_slash_in_name(self):
+        """apm init 4/15 must fail with a clear error, not a WinError."""
+        with tempfile.TemporaryDirectory() as tmp_dir:
+            os.chdir(tmp_dir)
+            try:
+                result = self.runner.invoke(cli, ["init", "4/15", "--yes"])
+                assert result.exit_code != 0
+                assert "Invalid project name" in result.output
+                assert "4/15" in result.output
+                # No directory should be created
+                assert not Path("4").exists()
+            finally:
+                os.chdir(self.original_dir)
+
+    def test_init_rejects_backslash_in_name(self):
+        """apm init with a backslash in the name must fail with a clear error."""
+        with tempfile.TemporaryDirectory() as tmp_dir:
+            os.chdir(tmp_dir)
+            try:
+                result = self.runner.invoke(cli, ["init", "a\\b", "--yes"])
+                assert result.exit_code != 0
+                assert "Invalid project name" in result.output
+                assert "a\\b" in result.output
+            finally:
+                os.chdir(self.original_dir)
+
+    def test_init_accepts_plain_name(self):
+        """apm init with a simple name still works normally."""
+        with tempfile.TemporaryDirectory() as tmp_dir:
+            os.chdir(tmp_dir)
+            try:
+                result = self.runner.invoke(cli, ["init", "my-project", "--yes"])
+                assert result.exit_code == 0
+                assert (Path(tmp_dir) / "my-project" / "apm.yml").exists()
+            finally:
+                os.chdir(self.original_dir)