gstack

mirror of https://github.com/garrytan/gstack.git synced 2026-05-06 05:35:46 +02:00

Files

T

Garry Tan b5f377a8be fix: remove CORS wildcard, restrict to localhost (H1)

Replace Access-Control-Allow-Origin: * with http://127.0.0.1 on sidebar
tab/chat endpoints. The Chrome extension uses manifest host_permissions
to bypass CORS entirely, so this only blocks malicious websites from
making cross-origin requests. Closes H1 from security audit #783.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-04-04 21:22:40 -07:00

bin

feat: multi-agent support — gstack works on Codex, Gemini CLI, and Cursor (v0.9.0) (#226 )

2026-03-19 18:20:50 -07:00

scripts

fix: Windows support — Node.js server fallback for Playwright (#255 )

2026-03-20 12:22:11 -07:00

src

fix: remove CORS wildcard, restrict to localhost (H1)

2026-04-04 21:22:40 -07:00

test

feat: GStack Browser — double-click AI browser with anti-bot stealth (#695 )

2026-04-04 10:17:05 -07:00

SKILL.md

feat: interactive /plan-devex-review + plan mode skill fix (v0.15.5.0) (#796 )

2026-04-04 14:36:23 -07:00

SKILL.md.tmpl

feat: sidebar CSS inspector + per-tab agents (v0.13.9.0) (#650 )

2026-03-30 12:51:05 -06:00