fix: address nitpick feedback from PR #423

## Security Fix (Command Injection) - Use `execFile` with argument arrays instead of string interpolation - Add `safeOpenInEditor` helper that properly handles `open -a` commands - Validate that worktreePath is an absolute path before execution - Prevents shell metacharacter injection attacks ## Shared Type Definition - Move `EditorInfo` interface to `@automaker/types` package - Server and UI now import from shared package to prevent drift - Re-export from use-available-editors.ts for convenience ## Remove Unused Code - Remove unused `defaultEditorName` prop from WorktreeActionsDropdown - Remove prop from WorktreeTab component interface - Remove useDefaultEditor hook usage from WorktreePanel - Export new hooks from hooks/index.ts Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-30 06:12:03 +00:00 · 2026-01-11 16:37:05 +01:00
parent ac87594b5d
commit 33dd9ae347
8 changed files with 54 additions and 28 deletions
--- a/libs/types/src/editor.ts
+++ b/libs/types/src/editor.ts
@@ -0,0 +1,13 @@
+/**
+ * Editor types for the "Open In" functionality
+ */
+
+/**
+ * Information about an available code editor
+ */
+export interface EditorInfo {
+  /** Display name of the editor (e.g., "VS Code", "Cursor") */
+  name: string;
+  /** CLI command or open command to launch the editor */
+  command: string;
+}
--- a/libs/types/src/index.ts
+++ b/libs/types/src/index.ts
@@ -204,6 +204,9 @@ export type {
 // Port configuration
 export { STATIC_PORT, SERVER_PORT, RESERVED_PORTS } from './ports.js';

+// Editor types
+export type { EditorInfo } from './editor.js';
+
 // Ideation types
 export type {
  IdeaCategory,