refactor: integrate secure file system operations across services

This commit replaces direct file system operations with a secure file system adapter to enhance security by enforcing path validation. The changes include: - Replaced `fs` imports with `secureFs` in various services and utilities. - Updated file operations in `agent-service`, `auto-mode-service`, `feature-loader`, and `settings-service` to use the secure file system methods. - Ensured that all file I/O operations are validated against the ALLOWED_ROOT_DIRECTORY. This refactor aims to prevent unauthorized file access and improve overall security posture. Tests: All unit tests passing. 🤖 Generated with Claude Code
2026-02-01 08:13:37 +00:00 · 2025-12-20 18:45:39 -05:00
parent ade80484bb
commit f3c9e828e2
45 changed files with 329 additions and 551 deletions
--- a/apps/server/src/routes/git/index.ts
+++ b/apps/server/src/routes/git/index.ts
@@ -3,14 +3,15 @@
 */

 import { Router } from "express";
+import { validatePathParams } from "../../middleware/validate-paths.js";
 import { createDiffsHandler } from "./routes/diffs.js";
 import { createFileDiffHandler } from "./routes/file-diff.js";

 export function createGitRoutes(): Router {
  const router = Router();

-  router.post("/diffs", createDiffsHandler());
-  router.post("/file-diff", createFileDiffHandler());
+  router.post("/diffs", validatePathParams("projectPath"), createDiffsHandler());
+  router.post("/file-diff", validatePathParams("projectPath", "filePath"), createFileDiffHandler());

  return router;
 }
--- a/apps/server/src/routes/git/routes/diffs.ts
+++ b/apps/server/src/routes/git/routes/diffs.ts
@@ -5,7 +5,6 @@
 import type { Request, Response } from "express";
 import { getErrorMessage, logError } from "../common.js";
 import { getGitRepositoryDiffs } from "../../common.js";
-import { validatePath, PathNotAllowedError } from "../../../lib/security.js";

 export function createDiffsHandler() {
  return async (req: Request, res: Response): Promise<void> => {
@@ -17,20 +16,6 @@ export function createDiffsHandler() {
        return;
      }

-      // Validate paths are within ALLOWED_ROOT_DIRECTORY
-      try {
-        validatePath(projectPath);
-      } catch (error) {
-        if (error instanceof PathNotAllowedError) {
-          res.status(403).json({
-            success: false,
-            error: error.message,
-          });
-          return;
-        }
-        throw error;
-      }
-
      try {
        const result = await getGitRepositoryDiffs(projectPath);
        res.json({
--- a/apps/server/src/routes/git/routes/file-diff.ts
+++ b/apps/server/src/routes/git/routes/file-diff.ts
@@ -7,7 +7,6 @@ import { exec } from "child_process";
 import { promisify } from "util";
 import { getErrorMessage, logError } from "../common.js";
 import { generateSyntheticDiffForNewFile } from "../../common.js";
-import { validatePath, PathNotAllowedError } from "../../../lib/security.js";

 const execAsync = promisify(exec);

@@ -26,21 +25,6 @@ export function createFileDiffHandler() {
        return;
      }

-      // Validate paths are within ALLOWED_ROOT_DIRECTORY
-      try {
-        validatePath(projectPath);
-        validatePath(filePath);
-      } catch (error) {
-        if (error instanceof PathNotAllowedError) {
-          res.status(403).json({
-            success: false,
-            error: error.message,
-          });
-          return;
-        }
-        throw error;
-      }
-
      try {
        // First check if the file is untracked
        const { stdout: status } = await execAsync(