core/cli
8
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions 1
cli/pkg/container
History
Snider e8fb36c8d1 feat(io): Migrate pkg/mcp to use Medium abstraction (#289) 
* feat(io): Migrate pkg/mcp to use Medium abstraction

- Replaced custom path validation in `pkg/mcp` with `local.Medium` sandboxing.
- Updated `mcp.Service` to use `io.Medium` for all file operations.
- Enhanced `local.Medium` security by implementing robust symlink escape detection in `validatePath`.
- Simplified `fileExists` handler to use `IsFile` and `IsDir` methods.
- Removed redundant Issue 103 comments.
- Updated tests to verify symlink blocking.

This change ensures consistent path security across the codebase and simplifies the MCP server implementation.

* feat(io): Migrate pkg/mcp to use Medium abstraction and enhance security

- Replaced custom path validation in `pkg/mcp` with `local.Medium` sandboxing.
- Updated `mcp.Service` to use `io.Medium` interface for all file operations.
- Enhanced `local.Medium` security by implementing robust symlink escape detection in `validatePath`.
- Simplified `fileExists` handler to use `IsFile` and `IsDir` methods.
- Removed redundant Issue 103 comments.
- Updated tests to verify symlink blocking and type compatibility.

This change ensures consistent path security across the codebase and simplifies the MCP server implementation.

* feat(io): Migrate pkg/mcp to use Medium abstraction and enhance security

- Replaced custom path validation in `pkg/mcp` with `local.Medium` sandboxing.
- Updated `mcp.Service` to use `io.Medium` interface for all file operations.
- Enhanced `local.Medium` security by implementing robust symlink escape detection in `validatePath`.
- Simplified `fileExists` handler to use `IsFile` and `IsDir` methods.
- Removed redundant Issue 103 comments.
- Updated tests to verify symlink blocking and type compatibility.

Confirmed that CI failure `org-gate` is administrative and requires manual label. Local tests pass.

* feat(io): Migrate pkg/mcp to use Medium abstraction and enhance security

- Replaced custom path validation in `pkg/mcp` with `local.Medium` sandboxing.
- Updated `mcp.Service` to use `io.Medium` interface for all file operations.
- Enhanced `local.Medium` security by implementing robust symlink escape detection in `validatePath`.
- Optimized `fileExists` handler to use a single `Stat` call for improved efficiency.
- Cleaned up outdated comments and removed legacy validation logic.
- Updated tests to verify symlink blocking and correct sandboxing of absolute paths.

This change ensures consistent path security across the codebase and simplifies the MCP server implementation.
2026-02-04 15:02:47 +00:00
..
templates feat(container): add LinuxKit YAML templates with variable substitution 2026-01-28 18:59:45 +00:00
container.go feat(container): implement LinuxKit container runtime 2026-01-28 18:50:32 +00:00
hypervisor.go feat: git command, build improvements, and go fmt git-aware (#74) 2026-02-01 10:48:44 +00:00
hypervisor_test.go test: increase coverage across packages 2026-01-29 13:19:08 +00:00
linuxkit.go feat(io): Migrate pkg/mcp to use Medium abstraction (#289) 2026-02-04 15:02:47 +00:00
linuxkit_test.go feat: infrastructure packages and lint cleanup (#281) 2026-02-04 11:34:43 +00:00
state.go docs(audit): add dependency security audit report (#248) 2026-02-02 08:04:26 +00:00
state_test.go feat: infrastructure packages and lint cleanup (#281) 2026-02-04 11:34:43 +00:00
templates.go docs(audit): add dependency security audit report (#248) 2026-02-02 08:04:26 +00:00
templates_test.go feat: infrastructure packages and lint cleanup (#281) 2026-02-04 11:34:43 +00:00