diff --git a/src/resources/extensions/sf/tools/complete-slice.ts b/src/resources/extensions/sf/tools/complete-slice.ts index 7b56901e9..d7f86d531 100644 --- a/src/resources/extensions/sf/tools/complete-slice.ts +++ b/src/resources/extensions/sf/tools/complete-slice.ts @@ -428,7 +428,11 @@ export async function handleCompleteSlice( sliceId: paramsInput.sliceId, }); if (idCheck) { - return { error: "unsafe_id", field: idCheck.fieldName, reason: idCheck.reason } as unknown as { error: string }; + return { + error: "unsafe_id", + field: idCheck.fieldName, + reason: idCheck.reason, + }; } let params: CompleteSliceParams; @@ -700,19 +704,19 @@ export async function handleCompleteSlice( dir: string, ) => Promise<{ nodes: unknown[]; edges: unknown[]; builtAt: string }>; writeGraph: (sfRoot: string, graph: unknown) => Promise; - resolveSfRoot: (basePath: string) => string; + resolveGsdRoot: (basePath: string) => string; }>; if ( typeof graphMod.buildGraph !== "function" || typeof graphMod.writeGraph !== "function" || - typeof graphMod.resolveSfRoot !== "function" + typeof graphMod.resolveGsdRoot !== "function" ) { throw new Error( "graph helpers unavailable from @singularity-forge/mcp-server", ); } const g = await graphMod.buildGraph(basePath); - await graphMod.writeGraph(graphMod.resolveSfRoot(basePath), g); + await graphMod.writeGraph(graphMod.resolveGsdRoot(basePath), g); } catch (graphErr) { // Graph rebuild is best-effort — log at warning level but never propagate logWarning( diff --git a/src/resources/extensions/sf/tools/product-audit-tool.ts b/src/resources/extensions/sf/tools/product-audit-tool.ts index 11a387021..f93afc4a4 100644 --- a/src/resources/extensions/sf/tools/product-audit-tool.ts +++ b/src/resources/extensions/sf/tools/product-audit-tool.ts @@ -265,11 +265,7 @@ function renderAuditMarkdown( export async function handleProductAudit( rawParams: ProductAuditParams, basePath: string, -): Promise< - | ProductAuditResult - | { error: string } - | { error: string; field: string; reason: string } -> { +): Promise { let params: ProductAuditParams; try { params = validateProductAuditParams(rawParams); diff --git a/src/resources/extensions/sf/tools/reassess-roadmap.ts b/src/resources/extensions/sf/tools/reassess-roadmap.ts index f470fec7a..7b1da4c41 100644 --- a/src/resources/extensions/sf/tools/reassess-roadmap.ts +++ b/src/resources/extensions/sf/tools/reassess-roadmap.ts @@ -5,7 +5,11 @@ import { renderAssessmentFromDb, renderRoadmapFromDb, } from "../markdown-renderer.js"; -import { checkSafeIds, validateSafePathSegment } from "../safety/safe-id.js"; +import { + UnsafeIdError, + checkSafeIds, + validateSafePathSegment, +} from "../safety/safe-id.js"; import { deleteAssessmentByScope, deleteSlice, @@ -125,7 +129,8 @@ export async function handleReassessRoadmap( // ── Path-traversal ID safety check ──────────────────────────────── // Reject any ID that could escape .sf/ via path traversal before it - // reaches string interpolation or DB writes. See safety/safe-id.ts. + // reaches string interpolation or DB writes. See safety/safe-id.ts + // and the validation-safe-id-path-segments self-feedback entry. const idCheck = checkSafeIds({ milestoneId: params.milestoneId, sliceId: params.completedSliceId, @@ -137,7 +142,7 @@ export async function handleReassessRoadmap( reason: idCheck.reason, }; } - // Validate slice IDs inside the arrays (modified, added, removed) + // Validate slice IDs inside the sliceChanges arrays (modified, added, removed) for (let i = 0; i < params.sliceChanges.modified.length; i++) { try { validateSafePathSegment( @@ -145,7 +150,7 @@ export async function handleReassessRoadmap( `sliceChanges.modified[${i}].sliceId`, ); } catch (e) { - const err = e as import("../safety/safe-id.js").UnsafeIdError; + const err = e as UnsafeIdError; return { error: "unsafe_id", field: err.fieldName, reason: err.reason }; } } @@ -156,7 +161,7 @@ export async function handleReassessRoadmap( `sliceChanges.added[${i}].sliceId`, ); } catch (e) { - const err = e as import("../safety/safe-id.js").UnsafeIdError; + const err = e as UnsafeIdError; return { error: "unsafe_id", field: err.fieldName, reason: err.reason }; } } @@ -167,7 +172,7 @@ export async function handleReassessRoadmap( `sliceChanges.removed[${i}]`, ); } catch (e) { - const err = e as import("../safety/safe-id.js").UnsafeIdError; + const err = e as UnsafeIdError; return { error: "unsafe_id", field: err.fieldName, reason: err.reason }; } }