1. HIGH — Function.toString Map exfiltration:
Replaced Map with WeakMap + bound methods. A malicious page could
monkeypatch Map.prototype.has to capture the override store, then
use it to cloak malicious functions as [native code]. WeakMap with
pre-bound has/get methods prevents this side-channel.
2. MEDIUM — Static GPU fingerprint:
Default GPU renderer now randomly selects from 5 common Apple chip
variants (M1, M1 Pro, M1 Max, M2, M3) per session. Prevents sites
from building a static GStack-specific fingerprint signature.
3. Tests updated: 54 total (35 unit + 19 e2e), 0 failures.
Added tests for WeakMap usage and GPU randomization.
gstack
1eae837260