Garry Tan b60162ae45 fix: symlink bypass in validateReadPath (MEDIUM-02) ...

- Always resolve to absolute path first (fixes relative path bypass)
- Use realpathSync to follow symlinks before boundary check
- Throw on non-ENOENT realpathSync failures (explicit over silent)
- Resolve SAFE_DIRECTORIES through realpathSync (macOS /tmp → /private/tmp)
- Resolve directory part for non-existent files (ENOENT with symlinked parent)

2026-03-27 22:14:02 -07:00

..

bin

feat: multi-agent support — gstack works on Codex, Gemini CLI, and Cursor (v0.9.0) (#226)

2026-03-19 18:20:50 -07:00

scripts

fix: Windows support — Node.js server fallback for Playwright (#255)

2026-03-20 12:22:11 -07:00

src

fix: symlink bypass in validateReadPath (MEDIUM-02)

2026-03-27 22:14:02 -07:00

test

feat: community PRs — faster install, skill namespacing, uninstall, Codex fallback, Windows fix, Python patterns (v0.12.9.0) (#561)

2026-03-27 00:44:37 -06:00

SKILL.md

fix: security audit compliance — credentials, telemetry, bun pin, untrusted warning (v0.12.12.0) (#574)

2026-03-27 12:06:58 -06:00

SKILL.md.tmpl

feat: worktree isolation for E2E tests + infrastructure elegance (v0.11.12.0) (#425)

2026-03-23 23:05:22 -07:00