Removed all references to WORKSPACE_DIR environment variable to simplify
configuration. The system now uses exclusively ALLOWED_ROOT_DIRECTORY
for controlling the root directory where projects can be accessed.
Changes:
- Removed WORKSPACE_DIR from security.ts initialization
- Updated workspace/routes/directories.ts to require ALLOWED_ROOT_DIRECTORY
- Updated workspace/routes/config.ts to require ALLOWED_ROOT_DIRECTORY
- Updated apps/ui/src/main.ts to use ALLOWED_ROOT_DIRECTORY instead of WORKSPACE_DIR
- Updated .env file to reference ALLOWED_ROOT_DIRECTORY
- Removed WORKSPACE_DIR test from security.test.ts
Backend test results: 653/653 passing ✅🤖 Generated with Claude Code
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
This commit consolidates directory security from two environment variables
(WORKSPACE_DIR, ALLOWED_PROJECT_DIRS) into a single ALLOWED_ROOT_DIRECTORY variable
while maintaining backward compatibility.
Changes:
- Re-enabled path validation in security.ts (was previously disabled)
- Implemented isPathAllowed() to check ALLOWED_ROOT_DIRECTORY with DATA_DIR exception
- Added backward compatibility for legacy ALLOWED_PROJECT_DIRS and WORKSPACE_DIR
- Implemented path traversal protection via isPathWithinDirectory() helper
- Added PathNotAllowedError custom exception for security violations
- Updated all FS route endpoints to validate paths and return 403 on violation
- Updated template clone endpoint to validate project paths
- Updated workspace config endpoints to use ALLOWED_ROOT_DIRECTORY
- Fixed stat() response property access bug in project-init.ts
- Updated security tests to expect actual validation behavior
Security improvements:
- Path validation now enforced at all layers (routes, project init, agent services)
- appData directory (DATA_DIR) always allowed for settings/credentials
- Backward compatible with existing ALLOWED_PROJECT_DIRS/WORKSPACE_DIR configurations
- Protection against path traversal attacks
Backend test results: 654/654 passing ✅🤖 Generated with Claude Code
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
- Add comprehensive unit tests for SettingsService, covering global and project settings management, including creation, updates, and merging with defaults.
- Implement tests for handling credentials, ensuring proper masking and merging of API keys.
- Introduce tests for migration from localStorage, validating successful data transfer and error handling.
- Enhance error handling in subprocess management tests, ensuring robust timeout and output reading scenarios.
- Added tests to ensure mkdirSafe handles ELOOP and EEXIST errors gracefully.
- Implemented checks for existsSafe to return true for ELOOP errors and throw for other errors.
- Improved overall robustness of filesystem utility tests.
- Added comprehensive tests for the `specToXml` function, covering various scenarios including minimal specs, XML escaping, and optional sections.
- Updated tests for `getStructuredSpecPromptInstruction` and `getAppSpecFormatInstruction` to ensure they return valid instructions.
- Refactored automaker paths tests to use `path.join` for cross-platform compatibility, ensuring correct directory paths are generated.
- Updated MAX_TURNS to allow for more iterations in suggestion generation: quick (5 to 50), standard (20 to 100), and extended (50 to 250).
- Introduced a JSON schema for structured output in suggestions, improving the format and consistency of generated suggestions.
- Modified the generateSuggestions function to utilize structured output when available, with a fallback to text parsing for compatibility.
This enhances the suggestion generation process, allowing for more thorough exploration and better output formatting.
- Updated Playwright configuration to always reuse existing servers, improving test efficiency.
- Enhanced CreatePRDialog to handle null browser URLs gracefully, ensuring better user experience during PR creation failures.
- Added new unit tests for app specification format and automaker paths, improving test coverage and reliability.
- Introduced tests for file system utilities and logger functionality, ensuring robust error handling and logging behavior.
- Implemented comprehensive tests for SDK options and dev server service, enhancing overall test stability and maintainability.
- Introduced comprehensive unit tests for the enhancement prompts module, covering system prompt constants, example constants, and various utility functions.
- Validated the behavior of `getEnhancementPrompt`, `getSystemPrompt`, `getExamples`, `buildUserPrompt`, `isValidEnhancementMode`, and `getAvailableEnhancementModes`.
- Ensured that all enhancement modes are correctly handled and that prompts are built as expected.
This addition enhances code reliability by ensuring that the enhancement prompts logic is thoroughly tested.
- Modified test cases in security.test.ts to reflect that all paths are allowed when permissions are disabled.
- Updated descriptions of test cases to clarify the new behavior regarding path validation and error handling.
