singularity/singularity-forge
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
singularity-forge/web/lib
History
Mikael Hugo 66ff949c11 cherry-pick(security): harden project-controlled surfaces (PR #4755 partial) 
Cherry-pick of gsd-build/gsd-2 65ca5aa2e — applies the security hardening
hunks that conflicted minimally:

- mcp-server/env-writer: validate writes against a strict allowlist
- web/api/files: enforce path containment via web/lib/secure-path
- vscode-extension: read binaryPath/autoStart only from trusted
  global/default scopes (resolveTrustedSfStartupConfig), avoiding
  workspace-controlled override (renamed Gsd → Sf for sf naming)
- New regression tests: mcp-client-security, vscode-startup-security,
  web-files-symlink

Skipped hunks (drifted): mcp-server/server.ts, mcp-client/index.ts,
mcp-server/README.md.

Co-Authored-By: Jeremy <jeremy@fluxlabs.net>
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-28 05:37:07 +02:00
..
__tests__ chore: sync workspace state after rebrand 2026-04-15 14:54:20 +02:00
auth-guard.ts chore: sync workspace state after rebrand 2026-04-15 14:54:20 +02:00
auth.ts refactor: update log prefixes and string values from gsd- to sf- namespace 2026-04-15 15:37:12 +02:00
browser-slash-command-dispatch.ts refactor: rebrand gsd_ tool names and references to sf_ namespace 2026-04-15 15:51:38 +02:00
command-surface-contract.ts refactor: update log prefixes and string values from gsd- to sf- namespace 2026-04-15 15:37:12 +02:00
dev-overrides.tsx refactor: rebrand gsd_ tool names and references to sf_ namespace 2026-04-15 15:51:38 +02:00
diagnostics-types.ts refactor: rebrand gsd_ tool names and references to sf_ namespace 2026-04-15 15:51:38 +02:00
git-summary-contract.ts
image-utils.ts
initial-sf-header-filter.ts chore: sync workspace state after rebrand 2026-04-15 14:54:20 +02:00
knowledge-captures-types.ts
project-store-manager.tsx
project-url.ts
pty-chat-parser.ts refactor: update log prefixes and string values from gsd- to sf- namespace 2026-04-15 15:37:12 +02:00
pty-manager.ts refactor: rebrand gsd_ tool names and references to sf_ namespace 2026-04-15 15:51:38 +02:00
remaining-command-types.ts chore: sync workspace state after rebrand 2026-04-15 14:54:20 +02:00
secure-path.ts cherry-pick(security): harden project-controlled surfaces (PR #4755 partial) 2026-04-28 05:37:07 +02:00
session-browser-contract.ts
settings-types.ts
sf-workspace-store.tsx refactor: rebrand gsd_ tool names and references to sf_ namespace 2026-04-15 15:51:38 +02:00
shutdown-gate.ts chore: sync workspace state after rebrand 2026-04-15 14:54:20 +02:00
use-editor-font-size.ts refactor: update log prefixes and string values from gsd- to sf- namespace 2026-04-15 15:37:12 +02:00
use-terminal-font-size.ts refactor: update log prefixes and string values from gsd- to sf- namespace 2026-04-15 15:37:12 +02:00
use-user-mode.ts refactor: update log prefixes and string values from gsd- to sf- namespace 2026-04-15 15:37:12 +02:00
utils.ts
visualizer-types.ts
workflow-action-execution.ts
workflow-actions.ts refactor: update log prefixes and string values from gsd- to sf- namespace 2026-04-15 15:37:12 +02:00
workspace-status.ts chore: sync workspace state after rebrand 2026-04-15 14:54:20 +02:00
workspace-types.ts chore: sync workspace state after rebrand 2026-04-15 14:54:20 +02:00
xterm-theme.ts