CalvinBackup/gstack
1
0
Fork 0
mirror of https://github.com/garrytan/gstack.git synced 2026-06-26 11:39:58 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix(make-pdf): adversarial-review wave — offline posture enforced, symlink-aware confinement, bounded reads

Browse Source 
Codex adversarial + structured review findings:

- Remote images are now BLOCKED with a visible placeholder instead of
  warn-and-keep — leaving the tag meant Chromium fetched the URL at print
  time anyway, so the offline posture was a lie (tracking pixels and
  internal-URL probes ran without --allow-network).
- The out-of-tree read check compares REAL paths: a symlink inside the input
  dir pointing at ~/.ssh/... passed the string-prefix check, including under
  --strict. Ordered after the existence check (realpath of a missing file
  false-positives on macOS /var → /private/var).
- Image reads are bounded BEFORE reading: statSync first, non-regular files
  (fifo/device/dir) and >64MB files degrade to placeholders instead of
  hanging or exhausting memory; malformed percent-encoding (foo%zz.png)
  degrades to missing-image instead of crashing decodeURIComponent.
- browse shell-outs get a 120s timeout — a wedged daemon or hostile mermaid
  source fails the run instead of hanging it.
- TOC entries link to the heading's ACTUAL id (pre-id'd raw-HTML headings
  previously got dead #toc-N links); per-side margins compose into the CSS
  @page shorthand so a landscape promotion flipping preferCSSPageSize no
  longer silently reverts --margin-left/right to defaults (Codex P2).
- The image memo is a typed object — literal NUL-byte separators had made
  diagram-prepass.ts register as binary to text tooling.

Codex structured review GATE: PASS (no P1).

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
This commit is contained in:
Garry Tan
2026-06-12 10:01:48 -07:00
parent 1bd984f86d
commit 26a7cab26d
6 changed files with 168 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files
make-pdf/test/render.test.ts
+7
View File
@@ -264,6 +264,13 @@ describe("printCss", () => {
expect(css).toContain("margin: 72pt");
});
test("per-side margins reach the CSS @page rule (preferCSSPageSize parity)", () => {
// Under a landscape promotion Chromium honors the CSS margins, not the
// CDP per-side options — render() must compose them into the shorthand.
const r = render({ markdown: "# T", marginLeft: "0.5in", marginRight: "0.5in" });
expect(r.printCss).toContain("margin: 1in 0.5in 1in 0.5in");
});
test("emits letter page size by default", () => {
const css = printCss();
expect(css).toContain("size: letter");