mirror of https://github.com/garrytan/gstack.git
51a8d26be2
design/src/serve.ts:200-212 used to accept a path that resolved to the
allowedDir itself (the OR branch `|| resolvedReload === allowedDir`),
which then crashed readFileSync with EISDIR. Now:
1. startsWith(allowedDir + path.sep) must pass — rejects the dir itself
and anything outside (403).
2. statSync(resolvedReload).isFile() must pass — rejects subdirectories
inside allowedDir with a clear "Path must be a file" 400.
The test stub in serve.test.ts mirrors prod; both updated, plus two new
test cases for the previously-broken paths. Codex caught this in the
plan-review pass; it's a latent bug in shipping code, not a regression
from the daemon work.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
|
||
|---|---|---|
| .. | ||
| auth.ts | ||
| brief.ts | ||
| check.ts | ||
| cli.ts | ||
| commands.ts | ||
| compare.ts | ||
| design-to-code.ts | ||
| diff.ts | ||
| evolve.ts | ||
| gallery.ts | ||
| generate.ts | ||
| iterate.ts | ||
| memory.ts | ||
| serve.ts | ||
| session.ts | ||
| variants.ts | ||