* feat(mcp): add workspace root validation to prevent path traversal
- Add workspaceRoot field to Service for restricting file operations
- Add WithWorkspaceRoot() option for configuring the workspace directory
- Add validatePath() helper to check paths are within workspace
- Apply validation to all file operation handlers
- Default to current working directory for security
- Add comprehensive tests for path validation
Closes#82
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* refactor: move CLI commands from pkg/ to internal/cmd/
- Move 18 CLI command packages to internal/cmd/ (not externally importable)
- Keep 16 library packages in pkg/ (externally importable)
- Update all import paths throughout codebase
- Cleaner separation between CLI logic and reusable libraries
CLI commands moved: ai, ci, dev, docs, doctor, gitcmd, go, monitor,
php, pkgcmd, qa, sdk, security, setup, test, updater, vm, workspace
Libraries remaining: agentic, build, cache, cli, container, devops,
errors, framework, git, i18n, io, log, mcp, process, release, repos
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* refactor(mcp): use pkg/io Medium for sandboxed file operations
Replace manual path validation with pkg/io.Medium for all file operations.
This delegates security (path traversal, symlink bypass) to the sandboxed
local.Medium implementation.
Changes:
- Add io.NewSandboxed() for creating sandboxed Medium instances
- Refactor MCP Service to use io.Medium instead of direct os.* calls
- Remove validatePath and resolvePathWithSymlinks functions
- Update tests to verify Medium-based behaviour
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix: correct import path and workflow references
- Fix pkg/io/io.go import from core-gui to core
- Update CI workflows to use internal/cmd/updater path
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix(security): address CodeRabbit review issues for path validation
- pkg/io/local: add symlink resolution and boundary-aware containment
- Reject absolute paths in sandboxed Medium
- Use filepath.EvalSymlinks to prevent symlink bypass attacks
- Fix prefix check to prevent /tmp/root matching /tmp/root2
- pkg/mcp: fix resolvePath to validate and return errors
- Changed resolvePath from (string) to (string, error)
- Update deleteFile, renameFile, listDirectory, fileExists to handle errors
- Changed New() to return (*Service, error) instead of *Service
- Properly propagate option errors instead of silently discarding
- pkg/io: wrap errors with E() helper for consistent context
- Copy() and MockMedium.Read() now use coreerr.E()
- tests: rename to use _Good/_Bad/_Ugly suffixes per coding guidelines
- Fix hardcoded /tmp in TestPath to use t.TempDir()
- Add TestResolvePath_Bad_SymlinkTraversal test
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* style: fix gofmt formatting
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* style: fix gofmt formatting across all files
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
- Rewrite i18n package to handle nested JSON natively
- Remove go-i18n dependency in favour of simple custom implementation
- Flatten nested keys to dot notation internally (cli.confirm.yes)
- Support pluralisation with one/other keys
- Template interpolation with {{.Var}} syntax
- Update tests for new API and nested structure
Nested JSON is the standard format for translation tools,
making it easier to manage with external translation services.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Service with embedded locale files (en, de)
- Auto-detect system language from LANG/LC_* env vars
- Template support for interpolation and pluralization
- Extensible: GUI can load additional translations via LoadFS()
- Global default service with T() shorthand
- Thread-safe with sync.RWMutex
Designed to be extended by core-gui which can import this
package and add GUI-specific translations on top.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Move cmd/core/cmd/* to cmd/* (flatten directory structure)
- Update module path from github.com/host-uk/core/cmd/core to github.com/host-uk/core
- Remove go.mod files from pkg/* (single module now)
- Simplify pkg/mcp to file operations only (no GUI deps)
- GUI features (display, webview, process) stay in core-gui/pkg/mcp
- Fix import aliases (sdkpkg) for package name conflicts
- Remove old backup directory (cmdbk)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Move CLI commands into subdirectories matching command hierarchy:
dev/, go/, php/, build/, ci/, sdk/, pkg/, vm/, docs/, setup/, doctor/, test/, ai/
- Create shared/ package for common styles and utilities
- Add new `core ai` root command with claude subcommand
- Update package declarations and imports across all files
- Create commands.go entry points for each package
- Remove GUI-related files (moved to core-gui repo)
This makes the filesystem structure match the CLI command structure,
improving context capture and code organization.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Updates go.mod and go.sum files across all workspace modules
after adding oasdiff and kin-openapi dependencies for SDK generation.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Move Go module from github.com/Snider/Core to github.com/host-uk/core
to match the new repository location under the host-uk organization.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* refactor: Remove unused packages and flatten project structure
Removes the following unused packages:
- pkg/crypt
- pkg/workspace
- pkg/io
Moves the remaining packages (core, e, runtime) to the top level of the project.
Updates all import paths to reflect the new structure.
* refactor: Remove unused packages and flatten project structure
Removes the following unused packages:
- pkg/crypt
- pkg/workspace
- pkg/io
Moves the remaining packages (core, e, runtime) to the top level of the project.
Updates all import paths to reflect the new structure.
---------
Co-authored-by: google-labs-jules[bot] <161369871+google-labs-jules[bot]@users.noreply.github.com>
Removes the following unused packages:
- pkg/config
- pkg/display
- pkg/i18n
Also removes the dependencies from pkg/runtime and cleans up the go.mod and go.sum files.
Co-authored-by: google-labs-jules[bot] <161369871+google-labs-jules[bot]@users.noreply.github.com>
* refactor: Rearchitect library to use runtime and pkg modules
This commit introduces a major architectural refactoring to simplify the library's structure and improve its maintainability.
Key changes include:
- **Simplified Project Structure:** All top-level facade packages (config, crypt, display, etc.) and the root `core.go` have been removed. All library code now resides directly under the `pkg/` directory.
- **Unified Runtime:** A new `pkg/runtime` module with a `New()` constructor has been introduced. This function initializes and wires together all core services, providing a single, convenient entry point for applications.
- **Updated Entry Points:** The `cmd/core-gui` application and all examples have been updated to use the new `runtime.New()` initialization.
- **Internal Packages:** The `config` and `crypt` packages have been refactored to use an `internal` subdirectory for their implementation. This hides private details and exposes a clean, stable public API.
- **Standardized Error Handling:** A new error handling package has been added at `pkg/e`. The `workspace` and `crypt` services have been updated to use this new standard.
- **Improved Feature Flagging:** A `IsFeatureEnabled` method was added to the `config` service for more robust and centralized feature flag checks.
- **CI and Dependencies:**
- A GitHub Actions workflow has been added for continuous integration.
- All Go dependencies have been updated to their latest versions.
- **Documentation:** All documentation has been updated to reflect the new, simplified architecture, and obsolete files have been removed.
* refactor: Rearchitect library to use runtime and pkg modules
This commit introduces a major architectural refactoring to simplify the library's structure and improve its maintainability.
Key changes include:
- **Simplified Project Structure:** All top-level facade packages (config, crypt, display, etc.) and the root `core.go` have been removed. All library code now resides directly under the `pkg/` directory.
- **Unified Runtime:** A new `pkg/runtime` module with a `New()` constructor has been introduced. This function initializes and wires together all core services, providing a single, convenient entry point for applications. The runtime now accepts the Wails application instance, ensuring proper integration with the GUI.
- **Updated Entry Points:** The `cmd/core-gui` application and all examples have been updated to use the new `runtime.New()` constructor and correctly register the runtime as a Wails service.
- **Internal Packages:** The `config` and `crypt` packages have been refactored to use an `internal` subdirectory for their implementation. This hides private details and exposes a clean, stable public API.
- **Standardized Error Handling:** A new error handling package has been added at `pkg/e`. The `workspace` and `crypt` services have been updated to use this new standard.
- **Improved Feature Flagging:** A `IsFeatureEnabled` method was added to the `config` service for more robust and centralized feature flag checks.
- **CI and Dependencies:**
- A GitHub Actions workflow has been added for continuous integration.
- All Go dependencies have been updated to their latest versions.
- **Documentation:** All documentation has been updated to reflect the new, simplified architecture, and obsolete files have been removed.
* Feature tdd contract testing (#19)
* feat: Implement TDD contract testing for public API
This commit introduces a Test-Driven Development (TDD) workflow to enforce the public API contract. A new `tdd/` directory has been added to house these tests, which are intended to be the starting point for any new features or bug fixes that affect the public interface.
The "Good, Bad, Ugly" testing methodology has been adopted for these tests:
- `_Good` tests verify the "happy path" with valid inputs.
- `_Bad` tests verify predictable errors with invalid inputs.
- `_Ugly` tests verify edge cases and unexpected inputs to prevent panics.
TDD contract tests have been implemented for the `core` and `config` packages, and the `core.New` function has been hardened to prevent panics from `nil` options.
The `README.md` has been updated to document this new workflow.
* feat: Add TDD contract tests for all services
This commit expands the TDD contract testing framework to cover all services in the application. "Good, Bad, Ugly" tests have been added for the `help`, `i18n`, and `workspace` services.
To facilitate testing, the following refactors were made:
- `help`: Added a `SetDisplay` method to allow for mock injection. Hardened `Show` and `ShowAt` to prevent panics.
- `i18n`: Added a `SetBundle` method to allow for loading test-specific localization files.
- `workspace`: Made the `Config` field public and added a `SetMedium` method to allow for mock injection.
The TDD tests for the `crypt` service have been skipped due to issues with PGP key generation in the test environment.
* CLI code-docgen function (#16)
* Refactor CLI structure: move commands to 'dev' package, add docstring generation command, and update Taskfile for new tasks
Signed-off-by: Snider <snider@lt.hn>
* Add CodeRabbit PR review badge to README
Signed-off-by: Snider <snider@lt.hn>
---------
Signed-off-by: Snider <snider@lt.hn>
---------
Signed-off-by: Snider <snider@lt.hn>
Co-authored-by: google-labs-jules[bot] <161369871+google-labs-jules[bot]@users.noreply.github.com>
* Update pkg/runtime/runtime.go
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
* feat: Rearchitect library and add automated documentation
This commit introduces a major architectural refactoring of the Core library and adds a new, automated documentation system.
**Architectural Changes:**
* **Unified Runtime:** A new `pkg/runtime` module provides a single `runtime.New()` constructor that initializes and manages all core services. This simplifies application startup and improves maintainability.
* **Wails Integration:** The `Runtime` is now correctly integrated with the Wails application lifecycle, accepting the `*application.App` instance and being registered as a Wails service.
* **Simplified Project Structure:** All top-level facade packages have been removed, and library code is now consolidated under the `pkg/` directory.
* **Internal Packages:** The `config` and `crypt` services now use an `internal` package to enforce a clean separation between public API and implementation details.
* **Standardized Error Handling:** The `pkg/e` package has been introduced and integrated into the `workspace` and `crypt` services for consistent error handling.
* **Graceful Shutdown:** The shutdown process has been fixed to ensure shutdown signals are correctly propagated to all services.
**Documentation:**
* **Automated Doc Generation:** A new `docgen` command has been added to `cmd/core` to automatically generate Markdown documentation from the service source code.
* **MkDocs Site:** A new MkDocs Material documentation site has been configured in the `/docs` directory.
* **Deployment Workflow:** A new GitHub Actions workflow (`.github/workflows/docs.yml`) automatically builds and deploys the documentation site to GitHub Pages.
**Quality Improvements:**
* **Hermetic Tests:** The config service tests have been updated to be fully hermetic, running in a temporary environment to avoid side effects.
* **Panic Fix:** A panic in the config service's `Set` method has been fixed, and "Good, Bad, Ugly" tests have been added to verify the fix.
* **CI/CD:** The CI workflow has been updated to use the latest GitHub Actions.
* **Code Quality:** Numerous smaller fixes and improvements have been made based on CI feedback.
---------
Signed-off-by: Snider <snider@lt.hn>
Co-authored-by: google-labs-jules[bot] <161369871+google-labs-jules[bot]@users.noreply.github.com>
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
