fix: address CodeRabbitAI security and UX review comments

Security improvements in open-in-editor.ts: - Use execFile with argument arrays instead of shell interpolation in commandExists() to prevent command injection - Replace shell `test -d` commands with Node.js fs/promises access() in findMacApp() for safer file system checks - Add cache TTL (5 minutes) for editor detection to prevent stale data UX improvements in worktree-actions-dropdown.tsx: - Add error handling for clipboard copy operation - Show success toast when path is copied - Show error toast if clipboard write fails Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-31 20:03:37 +00:00 · 2026-01-11 16:55:25 +01:00
parent 33dd9ae347
commit fb3a8499f3
2 changed files with 32 additions and 13 deletions
--- a/apps/ui/src/components/views/board-view/worktree-panel/components/worktree-actions-dropdown.tsx
+++ b/apps/ui/src/components/views/board-view/worktree-panel/components/worktree-actions-dropdown.tsx
@@ -25,6 +25,7 @@ import {
  AlertCircle,
  Copy,
 } from 'lucide-react';
+import { toast } from 'sonner';
 import { cn } from '@/lib/utils';
 import type { WorktreeInfo, DevServerInfo, PRInfo, GitRepoStatus } from '../types';
 import { TooltipWrapper } from './tooltip-wrapper';
@@ -249,7 +250,14 @@ export function WorktreeActionsDropdown({
              })}
              {otherEditors.length > 0 && <DropdownMenuSeparator />}
              <DropdownMenuItem
-                onClick={() => navigator.clipboard.writeText(worktree.path)}
+                onClick={async () => {
+                  try {
+                    await navigator.clipboard.writeText(worktree.path);
+                    toast.success('Path copied to clipboard');
+                  } catch {
+                    toast.error('Failed to copy path to clipboard');
+                  }
+                }}
                className="text-xs"
              >
                <Copy className="w-3.5 h-3.5 mr-2" />