📦 PR #72 Merged: GH-67 Fix + Security Hardening (188 tests passing) #73
quantamixsol
announced in
Announcements
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
PR #72 (merged, CI ✅) resolves 3 bugs surfaced by GH-67:
/dev/nulldiff parsing —apply_diff()now supports creating new files from/dev/nulldiffs. Previously returned silent failure._coerce_booltrap —bool("false") == Truein Python eliminated; MCP string booleans now parse correctly via allowlist pattern.apply_difffailures now surfaced in MCP responsemetadata.write_error(was silently swallowed aslogger.warning).Security
CWE-22 path traversal containment — user-supplied paths validated against project root before any file I/O. Traversal attempts rejected.
Audit trail persistence — every content gate decision now logged to append-only JSONL governance log (SOC2/ISO27001).
Quality
✅ 188 tests passing. Zero regressions. All CI gates green (3.10, 3.11, 3.12 + Windows + Ubuntu).
Beta Was this translation helpful? Give feedback.
All reactions