mirror of https://github.com/garrytan/gstack.git
3cda8deec9
* fix: chrome-cdp localhost-only binding Restrict Chrome CDP to localhost by adding --remote-debugging-address=127.0.0.1 and --remote-allow-origins to prevent network-accessible debugging sessions. Clears 1 Socket anomaly (Chrome CDP session exposure). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix: extension sender validation + message type allowlist Add sender.id check and ALLOWED_TYPES allowlist to the Chrome extension's message handler. Defense-in-depth against message spoofing from external extensions or future externally_connectable changes. Clears 2 Socket anomalies (extension permissions). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix: checksum-verified bun install Replace unverified curl|bash bun installation with checksum-verified download-then-execute pattern. The install script is downloaded, sha256 verified against a known hash, then executed. Preserves the Bun-native install path without adding a Node/npm dependency. Clears Snyk W012 + 3 Socket anomalies. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix: content trust boundary markers in browse output Wrap page-content commands (text, html, links, forms, accessibility, console, dialog, snapshot) with --- BEGIN/END UNTRUSTED EXTERNAL CONTENT --- markers. Covers direct commands (server.ts), chain sub-commands, and snapshot output (meta-commands.ts). Adds PAGE_CONTENT_COMMANDS set and wrapUntrustedContent() helper in commands.ts (single source of truth, DRY). Expands the SKILL.md trust warning with explicit processing rules for agents. Clears Snyk W011 (third-party content exposure). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix: harden trust boundary markers against escape attacks - Sanitize URLs in markers (remove newlines, cap at 200 chars) to prevent marker injection via history.pushState - Escape marker strings in content (zero-width space) so malicious pages can't forge the END marker to break out of the untrusted block - Wrap resume command snapshot with trust boundary markers - Wrap diff command output with trust boundary markers - Wrap watch stop last snapshot with trust boundary markers Found by cross-model adversarial review (Claude + Codex). * chore: bump version and changelog (v0.13.4.0) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * chore: gitignore .factory/ and remove from tracking Factory Droid support was removed in this branch. The .factory/ directory was re-added by merging main (which had v0.13.5.0 Factory support). Gitignore it so it stays out. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|---|---|---|
| .. | ||
| fixtures | ||
| helpers | ||
| analytics.test.ts | ||
| audit-compliance.test.ts | ||
| codex-e2e.test.ts | ||
| gemini-e2e.test.ts | ||
| gen-skill-docs.test.ts | ||
| global-discover.test.ts | ||
| hook-scripts.test.ts | ||
| learnings.test.ts | ||
| relink.test.ts | ||
| review-log.test.ts | ||
| skill-e2e-bws.test.ts | ||
| skill-e2e-cso.test.ts | ||
| skill-e2e-deploy.test.ts | ||
| skill-e2e-design.test.ts | ||
| skill-e2e-learnings.test.ts | ||
| skill-e2e-plan.test.ts | ||
| skill-e2e-qa-bugs.test.ts | ||
| skill-e2e-qa-workflow.test.ts | ||
| skill-e2e-review.test.ts | ||
| skill-e2e-sidebar.test.ts | ||
| skill-e2e-workflow.test.ts | ||
| skill-e2e.test.ts | ||
| skill-llm-eval.test.ts | ||
| skill-parser.test.ts | ||
| skill-routing-e2e.test.ts | ||
| skill-validation.test.ts | ||
| telemetry.test.ts | ||
| touchfiles.test.ts | ||
| uninstall.test.ts | ||
| worktree.test.ts | ||