gstack

History

Garry Tan 56c8c994bf fix: block SSRF via URL validation in browse commands (#17 ) Adds validateNavigationUrl() that blocks non-HTTP(S) schemes (file://, javascript:, data:) and cloud metadata endpoints (169.254.169.254, metadata.google.internal). Applied to goto, diff, and newTab commands. Localhost and private IPs remain allowed for local dev QA. Closes #17 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>		2026-03-18 23:27:27 -07:00
..
fixtures	feat: 3-tier eval suite with planted-bug outcome testing (EVALS=1)	2026-03-14 01:17:36 -05:00
commands.test.ts	fix: js statement wrapping + click auto-routes option to selectOption (v0.4.5) (#117 )	2026-03-16 21:50:43 -05:00
config.test.ts	feat: TODOS-aware skills, 2-tier Greptile replies, gitignore fix (#61 )	2026-03-14 20:15:11 -07:00
cookie-import-browser.test.ts	feat: Phase 3.5 — cookie import, QA testing, team retro (v0.3.1) (#29 )	2026-03-13 00:31:41 -07:00
cookie-picker-routes.test.ts	feat: v0.3.2 — project-local state, diff-aware QA, Greptile integration (#36 )	2026-03-13 18:10:56 -07:00
find-browse.test.ts	feat: daily update check + /gstack-upgrade skill (v0.3.4) (#42 )	2026-03-13 22:17:25 -07:00
gstack-config.test.ts	feat: smart update check with auto-upgrade, snooze backoff, config CLI (v0.3.9) (#62 )	2026-03-14 23:28:02 -07:00
gstack-update-check.test.ts	fix: update check cache — 60min UP_TO_DATE TTL + --force flag (v0.4.4) (#110 )	2026-03-16 14:14:15 -05:00
handoff.test.ts	feat: browse handoff — headless-to-headed browser switching (v0.7.4) (#201 )	2026-03-19 00:38:58 -05:00
snapshot.test.ts	feat: QA restructure, browser ref staleness, eval efficiency metrics (v0.4.0) (#83 )	2026-03-15 23:55:39 -05:00
test-server.ts	feat: Phase 3.5 — cookie import, QA testing, team retro (v0.3.1) (#29 )	2026-03-13 00:31:41 -07:00
url-validation.test.ts	fix: block SSRF via URL validation in browse commands (#17 )	2026-03-18 23:27:27 -07:00