CalvinBackup/gstack
1
0
Fork 0
mirror of https://github.com/garrytan/gstack.git synced 2026-05-14 00:12:12 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix: extend security sanitization + add 10 tests for merged community PRs

Browse Source 
- Extend json_safe() to ERROR_CLASS and FAILED_STEP fields
- Improve ERROR_MESSAGE escaping to handle backslashes and newlines
- Replace python3 with bun for JSON validation in gstack-review-log
- Add 7 telemetry injection prevention tests
- Add 2 review-log JSON validation tests
- Add 1 discover-skills hidden directory filtering test

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Garry Tan
2026-03-26 19:13:07 -06:00
parent 3fd14b8a05
commit ecfed58f55
5 changed files with 182 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files
bin/gstack-review-log
+1 -1
View File
@@ -9,7 +9,7 @@ mkdir -p "$GSTACK_HOME/projects/$SLUG"
# Validate: input must be parseable JSON (reject malformed or injection attempts)
INPUT="$1"
if ! printf '%s' "$INPUT" | python3 -c "import json,sys; json.load(sys.stdin)" 2>/dev/null; then
if ! printf '%s' "$INPUT" | bun -e "JSON.parse(await Bun.stdin.text())" 2>/dev/null; then
# Not valid JSON — refuse to append
echo "gstack-review-log: invalid JSON, skipping" >&2
exit 1