701ec8fb88
Pi-mono Tier 0 #1 (security) — sf-driven port. Two upstream security fixes (pi-mono PR #3819, #3883) that escape user-controlled session content before embedding in HTML exports. Crafted session content (image mime types, image data, model IDs, tool names, entry IDs) could otherwise inject markup at the export boundary. What sf changed in packages/pi-coding-agent/src/core/export-html/template.js: - Image tags: escape `mimeType` and `data` attributes for both tool-result and user-message image renders (PR #3819). - Session metadata: escape `msg.toolName`, `msg.role`, `entry.modelId`, `entry.thinkingLevel`, `entry.type`, `entry.id`, and `globalStats.models` (PR #3883). - DOM id construction: renamed `entryId` → `entryDomId` and escape `entry.id` to prevent attribute-breakout from a crafted id. The existing `escapeHtml()` helper was used at every site; no new helper introduced. Type-check passes. Co-Authored-By: sf v2.75.1 (session 150fe2c1) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> |
||
|---|---|---|
| .. | ||
| daemon | ||
| mcp-server | ||
| native | ||
| pi-agent-core | ||
| pi-ai | ||
| pi-coding-agent | ||
| pi-tui | ||
| rpc-client | ||