RomanNum3ral
/
gstack
mirror of https://github.com/garrytan/gstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
gstack/browse
History
Garry Tan c7fc5e5ca9
fix: harden file/directory permissions to owner-only (C5+H9+M9+M10) 
Add mode 0o700 to all mkdirSync calls for state/session directories.
Add mode 0o600 to all writeFileSync calls for session.json, chat.jsonl,
and log files. Add umask 077 to setup script. Prevents auth tokens, chat
history, and browser logs from being world-readable on multi-user systems.
Closes C5, H9, M9, M10 from security audit #783.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 		2026-04-04 21:22:12 -07:00
..
bin feat: multi-agent support — gstack works on Codex, Gemini CLI, and Cursor (v0.9.0) (#226) 2026-03-19 18:20:50 -07:00
scripts fix: Windows support — Node.js server fallback for Playwright (#255) 2026-03-20 12:22:11 -07:00
src fix: harden file/directory permissions to owner-only (C5+H9+M9+M10) 2026-04-04 21:22:12 -07:00
test feat: GStack Browser — double-click AI browser with anti-bot stealth (#695) 2026-04-04 10:17:05 -07:00
SKILL.md feat: interactive /plan-devex-review + plan mode skill fix (v0.15.5.0) (#796) 2026-04-04 14:36:23 -07:00
SKILL.md.tmpl feat: sidebar CSS inspector + per-tab agents (v0.13.9.0) (#650) 2026-03-30 12:51:05 -06:00