fix: address nitpick feedback from PR #423

## Security Fix (Command Injection) - Use `execFile` with argument arrays instead of string interpolation - Add `safeOpenInEditor` helper that properly handles `open -a` commands - Validate that worktreePath is an absolute path before execution - Prevents shell metacharacter injection attacks ## Shared Type Definition - Move `EditorInfo` interface to `@automaker/types` package - Server and UI now import from shared package to prevent drift - Re-export from use-available-editors.ts for convenience ## Remove Unused Code - Remove unused `defaultEditorName` prop from WorktreeActionsDropdown - Remove prop from WorktreeTab component interface - Remove useDefaultEditor hook usage from WorktreePanel - Export new hooks from hooks/index.ts Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-31 20:03:37 +00:00 · 2026-01-11 16:37:05 +01:00
parent ac87594b5d
commit 33dd9ae347
8 changed files with 54 additions and 28 deletions
--- a/apps/ui/src/components/views/board-view/worktree-panel/components/worktree-actions-dropdown.tsx
+++ b/apps/ui/src/components/views/board-view/worktree-panel/components/worktree-actions-dropdown.tsx
@@ -34,7 +34,6 @@ import { getEditorIcon } from '@/components/icons/editor-icons';
 interface WorktreeActionsDropdownProps {
  worktree: WorktreeInfo;
  isSelected: boolean;
-  defaultEditorName: string;
  aheadCount: number;
  behindCount: number;
  isPulling: boolean;
@@ -60,7 +59,6 @@ interface WorktreeActionsDropdownProps {
 export function WorktreeActionsDropdown({
  worktree,
  isSelected,
-  defaultEditorName,
  aheadCount,
  behindCount,
  isPulling,
--- a/apps/ui/src/components/views/board-view/worktree-panel/components/worktree-tab.tsx
+++ b/apps/ui/src/components/views/board-view/worktree-panel/components/worktree-tab.tsx
@@ -17,7 +17,6 @@ interface WorktreeTabProps {
  isActivating: boolean;
  isDevServerRunning: boolean;
  devServerInfo?: DevServerInfo;
-  defaultEditorName: string;
  branches: BranchInfo[];
  filteredBranches: BranchInfo[];
  branchFilter: string;
@@ -58,7 +57,6 @@ export function WorktreeTab({
  isActivating,
  isDevServerRunning,
  devServerInfo,
-  defaultEditorName,
  branches,
  filteredBranches,
  branchFilter,
@@ -315,7 +313,6 @@ export function WorktreeTab({
      <WorktreeActionsDropdown
        worktree={worktree}
        isSelected={isSelected}
-        defaultEditorName={defaultEditorName}
        aheadCount={aheadCount}
        behindCount={behindCount}
        isPulling={isPulling}
--- a/apps/ui/src/components/views/board-view/worktree-panel/hooks/index.ts
+++ b/apps/ui/src/components/views/board-view/worktree-panel/hooks/index.ts
@@ -2,5 +2,5 @@ export { useWorktrees } from './use-worktrees';
 export { useDevServers } from './use-dev-servers';
 export { useBranches } from './use-branches';
 export { useWorktreeActions } from './use-worktree-actions';
-export { useDefaultEditor } from './use-default-editor';
 export { useRunningFeatures } from './use-running-features';
+export { useAvailableEditors, useEffectiveDefaultEditor } from './use-available-editors';
--- a/apps/ui/src/components/views/board-view/worktree-panel/hooks/use-available-editors.ts
+++ b/apps/ui/src/components/views/board-view/worktree-panel/hooks/use-available-editors.ts
@@ -2,13 +2,12 @@ import { useState, useEffect, useCallback, useMemo } from 'react';
 import { createLogger } from '@automaker/utils/logger';
 import { getElectronAPI } from '@/lib/electron';
 import { useAppStore } from '@/store/app-store';
+import type { EditorInfo } from '@automaker/types';

 const logger = createLogger('AvailableEditors');

-export interface EditorInfo {
-  name: string;
-  command: string;
-}
+// Re-export EditorInfo for convenience
+export type { EditorInfo };

 export function useAvailableEditors() {
  const [editors, setEditors] = useState<EditorInfo[]>([]);
--- a/apps/ui/src/components/views/board-view/worktree-panel/worktree-panel.tsx
+++ b/apps/ui/src/components/views/board-view/worktree-panel/worktree-panel.tsx
@@ -9,7 +9,6 @@ import {
  useDevServers,
  useBranches,
  useWorktreeActions,
-  useDefaultEditor,
  useRunningFeatures,
 } from './hooks';
 import { WorktreeTab } from './components';
@@ -76,8 +75,6 @@ export function WorktreePanel({
    fetchBranches,
  });

-  const { defaultEditorName } = useDefaultEditor();
-
  const { hasRunningFeatures } = useRunningFeatures({
    runningFeatureIds,
    features,
@@ -192,7 +189,6 @@ export function WorktreePanel({
            isActivating={isActivating}
            isDevServerRunning={isDevServerRunning(mainWorktree)}
            devServerInfo={getDevServerInfo(mainWorktree)}
-            defaultEditorName={defaultEditorName}
            branches={branches}
            filteredBranches={filteredBranches}
            branchFilter={branchFilter}
@@ -247,7 +243,6 @@ export function WorktreePanel({
                  isActivating={isActivating}
                  isDevServerRunning={isDevServerRunning(worktree)}
                  devServerInfo={getDevServerInfo(worktree)}
-                  defaultEditorName={defaultEditorName}
                  branches={branches}
                  filteredBranches={filteredBranches}
                  branchFilter={branchFilter}