Removed all references to WORKSPACE_DIR environment variable to simplify
configuration. The system now uses exclusively ALLOWED_ROOT_DIRECTORY
for controlling the root directory where projects can be accessed.
Changes:
- Removed WORKSPACE_DIR from security.ts initialization
- Updated workspace/routes/directories.ts to require ALLOWED_ROOT_DIRECTORY
- Updated workspace/routes/config.ts to require ALLOWED_ROOT_DIRECTORY
- Updated apps/ui/src/main.ts to use ALLOWED_ROOT_DIRECTORY instead of WORKSPACE_DIR
- Updated .env file to reference ALLOWED_ROOT_DIRECTORY
- Removed WORKSPACE_DIR test from security.test.ts
Backend test results: 653/653 passing ✅🤖 Generated with Claude Code
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
This commit consolidates directory security from two environment variables
(WORKSPACE_DIR, ALLOWED_PROJECT_DIRS) into a single ALLOWED_ROOT_DIRECTORY variable
while maintaining backward compatibility.
Changes:
- Re-enabled path validation in security.ts (was previously disabled)
- Implemented isPathAllowed() to check ALLOWED_ROOT_DIRECTORY with DATA_DIR exception
- Added backward compatibility for legacy ALLOWED_PROJECT_DIRS and WORKSPACE_DIR
- Implemented path traversal protection via isPathWithinDirectory() helper
- Added PathNotAllowedError custom exception for security violations
- Updated all FS route endpoints to validate paths and return 403 on violation
- Updated template clone endpoint to validate project paths
- Updated workspace config endpoints to use ALLOWED_ROOT_DIRECTORY
- Fixed stat() response property access bug in project-init.ts
- Updated security tests to expect actual validation behavior
Security improvements:
- Path validation now enforced at all layers (routes, project init, agent services)
- appData directory (DATA_DIR) always allowed for settings/credentials
- Backward compatible with existing ALLOWED_PROJECT_DIRS/WORKSPACE_DIR configurations
- Protection against path traversal attacks
Backend test results: 654/654 passing ✅🤖 Generated with Claude Code
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
- Add comprehensive unit tests for SettingsService, covering global and project settings management, including creation, updates, and merging with defaults.
- Implement tests for handling credentials, ensuring proper masking and merging of API keys.
- Introduce tests for migration from localStorage, validating successful data transfer and error handling.
- Enhance error handling in subprocess management tests, ensuring robust timeout and output reading scenarios.
- Added tests to ensure mkdirSafe handles ELOOP and EEXIST errors gracefully.
- Implemented checks for existsSafe to return true for ELOOP errors and throw for other errors.
- Improved overall robustness of filesystem utility tests.
- Added comprehensive tests for the `specToXml` function, covering various scenarios including minimal specs, XML escaping, and optional sections.
- Updated tests for `getStructuredSpecPromptInstruction` and `getAppSpecFormatInstruction` to ensure they return valid instructions.
- Refactored automaker paths tests to use `path.join` for cross-platform compatibility, ensuring correct directory paths are generated.
Merge latest features from main including:
- PR #161 (worktree-confusion): Clarified branch handling in dialogs
- PR #160 (speckits-rebase): Planning mode functionality
Resolved conflicts:
- add-feature-dialog.tsx: Combined TanStack Router navigation with branch selection state
- worktree-integration.spec.ts: Updated tests for new worktree behavior (created at execution time)
- package-lock.json: Regenerated after merge
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Updated MAX_TURNS to allow for more iterations in suggestion generation: quick (5 to 50), standard (20 to 100), and extended (50 to 250).
- Introduced a JSON schema for structured output in suggestions, improving the format and consistency of generated suggestions.
- Modified the generateSuggestions function to utilize structured output when available, with a fallback to text parsing for compatibility.
This enhances the suggestion generation process, allowing for more thorough exploration and better output formatting.
- Updated Playwright configuration to always reuse existing servers, improving test efficiency.
- Enhanced CreatePRDialog to handle null browser URLs gracefully, ensuring better user experience during PR creation failures.
- Added new unit tests for app specification format and automaker paths, improving test coverage and reliability.
- Introduced tests for file system utilities and logger functionality, ensuring robust error handling and logging behavior.
- Implemented comprehensive tests for SDK options and dev server service, enhancing overall test stability and maintainability.
- Introduced comprehensive unit tests for the enhancement prompts module, covering system prompt constants, example constants, and various utility functions.
- Validated the behavior of `getEnhancementPrompt`, `getSystemPrompt`, `getExamples`, `buildUserPrompt`, `isValidEnhancementMode`, and `getAvailableEnhancementModes`.
- Ensured that all enhancement modes are correctly handled and that prompts are built as expected.
This addition enhances code reliability by ensuring that the enhancement prompts logic is thoroughly tested.
- Replaced direct access to state variables with calls to the new getSpecRegenerationStatus function in unit tests for setRunningState.
- This change improves encapsulation and ensures that tests reflect the updated state management logic.
- Removed the old spec regeneration routes and replaced them with a new structure under the app-spec directory for better modularity.
- Introduced unit tests for common functionalities in app-spec, covering state management and error handling.
- Added documentation on route organization patterns to improve maintainability and clarity for future development.
The test "should reuse existing session if already started" expected fs.readFile to be called 1 time, but startConversation calls it 2 times on first call (loadSession + loadMetadata). The second call correctly reuses the in-memory session.
Co-authored-by: GTheMachine <156854865+GTheMachine@users.noreply.github.com>
- Renamed test case to clarify that it handles conversation history with sdkSessionId using the resume option.
- Updated assertions to verify that the sdk.query method is called with the correct options when a session ID is provided.
- Modified test cases in security.test.ts to reflect that all paths are allowed when permissions are disabled.
- Updated descriptions of test cases to clarify the new behavior regarding path validation and error handling.
