20 commits

Author	SHA1	Message	Date
Vi	27f8632867	feat: BugSETI app, WebSocket hub, browser automation, and MCP tools (#336) ... * feat: add security logging and fix framework regressions This commit implements comprehensive security event logging and resolves critical regressions in the core framework. Security Logging: - Enhanced `pkg/log` with a `Security` level and helper. - Added `log.Username()` to consistently identify the executing user. - Instrumented GitHub CLI auth, Agentic configuration, filesystem sandbox, MCP handlers, and MCP TCP transport with security logs. - Added `SecurityStyle` to the CLI for consistent visual representation of security events. UniFi Security (CodeQL): - Refactored `pkg/unifi` to remove hardcoded `InsecureSkipVerify`, resolving a high-severity alert. - Added a `--verify-tls` flag and configuration option to control TLS verification. - Updated command handlers to support the new verification parameter. Framework Fixes: - Restored original signatures for `MustServiceFor`, `Config()`, and `Display()` in `pkg/framework/core`, which had been corrupted during a merge. - Fixed `pkg/framework/framework.go` and `pkg/framework/core/runtime_pkg.go` to match the restored signatures. - These fixes resolve project-wide compilation errors caused by the signature mismatches. I encountered significant blockers due to a corrupted state of the `dev` branch after a merge, which introduced breaking changes in the core framework's DI system. I had to manually reconcile these signatures with the expected usage across the codebase to restore build stability. * feat(mcp): add RAG tools (query, ingest, collections) Add vector database tools to the MCP server for RAG operations: - rag_query: Search for relevant documentation using semantic similarity - rag_ingest: Ingest files or directories into the vector database - rag_collections: List available collections Uses existing internal/cmd/rag exports (QueryDocs, IngestDirectory, IngestFile) and pkg/rag for Qdrant client access. Default collection is "hostuk-docs" with topK=5 for queries. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * feat(mcp): add metrics tools (record, query) Add MCP tools for recording and querying AI/security metrics events. The metrics_record tool writes events to daily JSONL files, and the metrics_query tool provides aggregated statistics by type, repo, and agent. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * feat: add 'core mcp serve' command Add CLI command to start the MCP server for AI tool integration. - Create internal/cmd/mcpcmd package with serve subcommand - Support --workspace flag for directory restriction - Handle SIGINT/SIGTERM for clean shutdown - Register in full.go build variant Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * feat(ws): add WebSocket hub package for real-time streaming Add pkg/ws package implementing a hub pattern for WebSocket connections: - Hub manages client connections, broadcasts, and channel subscriptions - Client struct represents connected WebSocket clients - Message types: process_output, process_status, event, error, ping/pong - Channel-based subscription system (subscribe/unsubscribe) - SendProcessOutput and SendProcessStatus for process streaming integration - Full test coverage including concurrency tests Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * feat(mcp): add process management and WebSocket MCP tools Add MCP tools for process management: - process_start: Start a new external process - process_stop: Gracefully stop a running process - process_kill: Force kill a process - process_list: List all managed processes - process_output: Get captured process output - process_input: Send input to process stdin Add MCP tools for WebSocket: - ws_start: Start WebSocket server for real-time streaming - ws_info: Get hub statistics (clients, channels) Update Service struct with optional process.Service and ws.Hub fields, new WithProcessService and WithWSHub options, getter methods, and Shutdown method for cleanup. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * feat(webview): add browser automation package via Chrome DevTools Protocol Add pkg/webview package for browser automation: - webview.go: Main interface with Connect, Navigate, Click, Type, QuerySelector, Screenshot, Evaluate - cdp.go: Chrome DevTools Protocol WebSocket client implementation - actions.go: DOM action types (Click, Type, Hover, Scroll, etc.) and ActionSequence builder - console.go: Console message capture and filtering with ConsoleWatcher and ExceptionWatcher - angular.go: Angular-specific helpers for router navigation, component access, and Zone.js stability Add MCP tools for webview: - webview_connect/disconnect: Connection management - webview_navigate: Page navigation - webview_click/type/query/wait: DOM interaction - webview_console: Console output capture - webview_eval: JavaScript execution - webview_screenshot: Screenshot capture Add documentation: - docs/mcp/angular-testing.md: Guide for Angular application testing Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * docs: document new packages and BugSETI application - Update CLAUDE.md with documentation for: - pkg/ws (WebSocket hub for real-time streaming) - pkg/webview (Browser automation via CDP) - pkg/mcp (MCP server tools: process, ws, webview) - BugSETI application overview - Add comprehensive README for BugSETI with: - Installation and configuration guide - Usage workflow documentation - Architecture overview - Contributing guidelines Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * feat(bugseti): add BugSETI system tray app with auto-update BugSETI - Distributed Bug Fixing like SETI@home but for code Features: - System tray app with Wails v3 - GitHub issue fetching with label filters - Issue queue with priority management - AI context seeding via seed-agent-developer skill - Automated PR submission flow - Stats tracking and leaderboard - Cross-platform notifications - Self-updating with stable/beta/nightly channels Includes: - cmd/bugseti: Main application with Angular frontend - internal/bugseti: Core services (fetcher, queue, seeder, submit, config, stats, notify) - internal/bugseti/updater: Auto-update system (checker, downloader, installer) - .github/workflows/bugseti-release.yml: CI/CD for all platforms Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: resolve import cycle and code duplication - Remove pkg/log import from pkg/io/local to break import cycle (pkg/log/rotation.go imports pkg/io, creating circular dependency) - Use stderr logging for security events in sandbox escape detection - Remove unused sync/atomic import from core.go - Fix duplicate LogSecurity function declarations in cli/log.go - Update workspace/service.go Crypt() call to match interface Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: update tests for new function signatures and format code - Update core_test.go: Config(), Display() now panic instead of returning error - Update runtime_pkg_test.go: sr.Config() now panics instead of returning error - Update MustServiceFor tests to use assert.Panics - Format BugSETI, MCP tools, and webview packages with gofmt Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> --------- Co-authored-by: Snider <631881+Snider@users.noreply.github.com> Co-authored-by: Claude <developers@lethean.io> Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>	2026-02-05 17:22:05 +00:00
Snider	bfa5353205	Add streaming API to pkg/io and optimize agentic context gathering (#313) ... * feat(io): add streaming API to Medium interface and optimize agentic context - Added ReadStream and WriteStream to io.Medium interface. - Implemented streaming methods in local and mock mediums. - Updated pkg/agentic/context.go to use streaming I/O with LimitReader. - Added 5000-byte truncation limit for all AI context file reads to reduce memory usage. - Documented when to use streaming vs full-file APIs in io.Medium. * feat(io): optimize streaming API and fix PR feedback - Fixed resource leak in agentic context by using defer for closing file streams. - Improved truncation logic in agentic context to handle multibyte characters correctly by checking byte length before string conversion. - Added comprehensive documentation to ReadStream and WriteStream in local medium. - Added unit tests for ReadStream and WriteStream in local medium. - Applied formatting and fixed auto-merge CI configuration. * feat(io): add streaming API and fix CI failures (syntax fix) - Introduced ReadStream and WriteStream to io.Medium interface. - Implemented streaming methods in local and mock mediums. - Optimized agentic context with streaming reads and truncation logic. - Fixed syntax error in local client tests by overwriting the file. - Fixed auto-merge CI by adding checkout and repository context. - Applied formatting fixes.	2026-02-05 11:00:49 +00:00
Snider	7e035d8ae3	feat(release): Scoop bucket + core-ide CI builds (#327) ... * fix(ci): configure git auth for homebrew-tap push Set remote URL with x-access-token so git push can authenticate to the homebrew-tap repository using HOMEBREW_TAP_TOKEN. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * feat(release): add Scoop bucket, core-ide builds, and Windows zip support - Create host-uk/scoop-bucket with core.json and core-ide.json manifests - Add Windows zip creation to CLI build for Scoop distribution - Add build-ide job (Wails v3 GUI) for darwin/arm64, linux/amd64, windows/amd64 - Add update-scoop job to both alpha-release and release workflows - Extend update-tap to publish core-ide Formula (Linux) and Cask (macOS) - Remove core-ide replace directive, resolve core-gui from GitHub - Add scoop publisher to .core/release.yaml Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>	2026-02-05 02:43:53 +00:00
Snider	1cb30d2b69	feat(release): add Homebrew tap support and fix artifact naming (#325) ... * feat(release): add Homebrew tap support and fix artifact naming - Fix platform naming: binaries now named core-{os}-{arch} instead of just 'core', preventing collision when artifacts merge - Add tar.gz archives for non-Windows builds (Homebrew requirement) - Add update-tap job to alpha-release workflow that auto-updates host-uk/homebrew-tap with checksums on each alpha release - Add homebrew publisher to .core/release.yaml for formal releases - Update install instructions to include brew install Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * feat(unifi): add UniFi Go SDK integration and CLI commands - Add pkg/unifi SDK wrapping unpoller/unifi with TLS, config resolution, and typed accessors for sites, clients, devices, networks, and routes - Add CLI commands: unifi sites, clients, devices, networks, routes, config - Register unifi commands in full variant build Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix(release): set AppVersion ldflags, git config, and tap token - Set -X pkg/cli.AppVersion in ldflags so core --version reports the correct version instead of "dev" - Add git config user.name/email in update-tap job so commit succeeds - Use HOMEBREW_TAP_TOKEN secret instead of GITHUB_TOKEN for cross-repo push to host-uk/homebrew-tap Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix(unifi): address CodeRabbit review feedback - Reject conflicting --wired and --wireless flags in clients command - Complete --type flag help text with bgp and ospf route types - URL-escape site name in routes API path - Wrap all command errors with log.E for contextual diagnostics - Set TLS MinVersion to 1.2 on UniFi client - Simplify redundant fmt.Sprintf in Print calls Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>	2026-02-05 01:37:02 +00:00
Snider	9bd0b09e3b	refactor(core): decompose Core into serviceManager + messageBus (#282) ... * refactor(core): decompose Core into serviceManager + messageBus (#215) Extract two focused, unexported components from the Core "god object": - serviceManager: owns service registry, lifecycle tracking (startables/ stoppables), and service lock - messageBus: owns IPC action dispatch, query handling, and task handling All public API methods on Core become one-line delegation wrappers. Zero consumer changes — no files outside pkg/framework/core/ modified. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix(core): remove unused fields from test struct Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix(core): address review feedback from Gemini and Copilot - Move locked check inside mutex in registerService to fix TOCTOU race - Add mutex guards to enableLock and applyLock methods - Replace fmt.Errorf with errors.Join in action() for correct error aggregation (consistent with queryAll and lifecycle methods) - Add TestMessageBus_Action_Bad for error aggregation coverage Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * ci(workflows): bump host-uk/build from v3 to v4 Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * ci(workflows): replace Wails build with Go CLI build The build action doesn't yet support Wails v3. Comment out the GUI build step and use host-uk/build/actions/setup/go for Go toolchain setup with a plain `go build` for the CLI binary. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix(container): check context before select in Stop to fix flaky test Stop() now checks ctx.Err() before entering the select block. When a pre-cancelled context is passed, the select could non-deterministically choose <-done over <-ctx.Done() if the process had already exited, causing TestLinuxKitManager_Stop_Good_ContextCancelled to fail on CI. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix(ci): trim CodeQL matrix to valid languages Remove javascript-typescript and actions from CodeQL matrix — this repo contains only Go and Python. Invalid languages blocked SARIF upload and prevented merge. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * feat(go): add `core go fuzz` command and wire into QA - New `core go fuzz` command discovers Fuzz* targets and runs them with configurable --duration (default 10s per target) - Fuzz added to default QA checks with 5s burst duration - Seed fuzz targets for core package: FuzzE (error constructor), FuzzServiceRegistration, FuzzMessageDispatch Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * ci(codeql): add workflow_dispatch trigger for manual runs Allows manual triggering of CodeQL when the automatic pull_request trigger doesn't fire. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * ci(codeql): remove workflow in favour of default setup CodeQL default setup is now enabled via repo settings for go and python. The workflow-based approach uploaded results as "code quality" rather than "code scanning", which didn't satisfy the code_scanning ruleset requirement. Default setup handles this natively. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * ci(workflows): add explicit permissions to all workflows - agent-verify: add issues: write (was missing, writes comments/labels) - ci: add contents: read (explicit least-privilege) - coverage: add contents: read (explicit least-privilege) All workflows now declare permissions explicitly. Repo default is read-only, so workflows without a block silently lacked write access. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * ci(workflows): replace inline logic with org reusable workflow callers agent-verify.yml and auto-project.yml now delegate to centralised reusable workflows in host-uk/.github, reducing per-repo duplication. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>	2026-02-04 13:40:16 +00:00
Snider	84179ee70c	ci(workflows): use host-uk/build@dev for releases (#264) ... * ci(workflows): use host-uk/build@dev for releases - Replace manual Go bootstrap with host-uk/build@dev action - Add matrix builds for linux/amd64, linux/arm64, darwin/universal, windows/amd64 - Update README URLs from Snider/Core to host-uk/core - Simplify artifact handling with merge-multiple Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * docs(mkdocs): update repo references to host-uk/core Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * chore(coderabbit): disable auto-review, manual trigger only Trigger with @coderabbitai review to control costs. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * feat(ci): implement semver release channels - Rename dev-release.yml → alpha-release.yml - Alpha builds: v0.0.4-alpha.{run_number} (prerelease) - Add pr-build.yml for draft releases - PR builds: v0.0.4-pr.{num}.bid.{id} (draft, not published) - Add attestation permissions for SLSA compliance - No more deleting/recreating dev tag Versioning strategy: - Draft: +pr.{NUM}.bid.{ID} (testable, not published) - Alpha: -alpha.{N} (canary channel) - Beta: -beta (quality scored) - RC: -rc.{N} (release candidate) - Stable: no suffix Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix(ci): use build@v3 and dot notation for versions - Switch from host-uk/build@dev to host-uk/build@v3 - Use dots instead of + for build metadata (GitHub tag compatible) - v0.0.4.pr.{num}.bid.{id} format for PR drafts Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * ci(workflows): update all actions to latest versions - actions/setup-go: v5 → v6 (Go 1.25+ support) - actions/upload-artifact: v4 → v6 (immutable artifacts) - actions/download-artifact: v4 → v7 (attestations support) - actions/github-script: v7 → v8 (Node 20) - actions/checkout: standardized on v6 Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * ci: temporarily use self-hosted runners Testing build on local runners while GitHub hosted runners are backed up. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * ci: fix webkit dep for Ubuntu 20.04 runners Fall back to libwebkit2gtk-4.0-dev on older Ubuntu. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * test: skip unwritable dir test when running as root Docker self-hosted runners run as root, which can write anywhere. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * ci: revert to ubuntu-latest runners Self-hosted runners need environment parity work (ARM64, root user, SDK tools). Keep self-hosted for future local-llm integration tasks. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>	2026-02-04 08:54:24 +00:00
dependabot[bot]	780cd4a8ee	deps(actions): bump actions/setup-go from 5 to 6 (#268) ... Bumps [actions/setup-go](https://github.com/actions/setup-go) from 5 to 6. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](https://github.com/actions/setup-go/compare/v5...v6) --- updated-dependencies: - dependency-name: actions/setup-go dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Snider <snider@host.uk.com>	2026-02-04 01:29:43 +00:00
dependabot[bot]	ec12fed0a0	deps(actions): bump actions/download-artifact from 4 to 7 (#267) ... Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 4 to 7. - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/v4...v7) --- updated-dependencies: - dependency-name: actions/download-artifact dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Snider <snider@host.uk.com>	2026-02-04 01:00:11 +00:00
Snider	2ec4d300ee	fix(release): use PowerShell for Windows zip (#276) ... Git Bash doesn't have zip command. Use PowerShell's Compress-Archive. Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>	2026-02-03 05:17:48 +00:00
Snider	5dd211562c	feat(release): package binaries in archives (#275) ... - Build binary as `core` (or `core.exe` on Windows) - Package in tar.gz (unix) or zip (windows) - Archive names: core-{os}-{arch}.tar.gz/.zip This prepares for dogfooding: host-uk/build can download and extract the core CLI to replace complex GitHub Actions with simple commands. Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>	2026-02-03 05:12:24 +00:00
Snider	c1e5b0d99f	fix(release): use bash shell for Windows build step (#274) ... PowerShell interprets '.' differently than bash. Adding shell: bash ensures consistent behavior across all platforms. Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>	2026-02-03 05:00:57 +00:00
Snider	8769a1bcb6	fix(release): correct build path to root (main.go at root, not cmd/) (#273) ... Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>	2026-02-03 04:56:11 +00:00
Snider	917dccbc76	fix(release): use direct Go build instead of build action (#272) ... The build action only supports wails2/cpp stacks and defaults to wails2 for unknown projects. Core is a pure Go CLI with no frontend, so it needs direct go build. Changes: - Replace host-uk/build@dev with direct go build steps - Build separate darwin/amd64 and darwin/arm64 (no universal binary) - Set CGO_ENABLED=0 for static binaries - Inject version via -ldflags Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>	2026-02-03 04:51:04 +00:00
Snider	b553afaf87	feat: CI improvements and release channels (#266) ... * feat(help): Add CLI help command Fixes #136 * chore: remove binary * feat(mcp): Add TCP transport Fixes #126 * feat(io): Migrate pkg/mcp to use Medium abstraction Fixes #103 * feat(io): batch implementation placeholder Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * feat(errors): batch implementation placeholder Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * feat(log): batch implementation placeholder Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * chore(io): Migrate internal/cmd/docs/* to Medium abstraction Fixes #113 * chore(io): Migrate internal/cmd/dev/* to Medium abstraction Fixes #114 * chore(io): Migrate internal/cmd/setup/* to Medium abstraction * chore(io): Complete migration of internal/cmd/dev/* to Medium abstraction * feat(io): extend Medium interface with Delete, Rename, List, Stat operations Adds the following methods to the Medium interface: - Delete(path) - remove a file or empty directory - DeleteAll(path) - recursively remove a file or directory - Rename(old, new) - move/rename a file or directory - List(path) - list directory entries (returns []fs.DirEntry) - Stat(path) - get file information (returns fs.FileInfo) - Exists(path) - check if path exists - IsDir(path) - check if path is a directory Implements these methods in both local.Medium (using os package) and MockMedium (in-memory for testing). Includes FileInfo and DirEntry types for mock implementations. This enables migration of direct os.* calls to the Medium abstraction for consistent path validation and testability. Refs #101 Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * chore(io): Migrate internal/cmd/sdk, pkgcmd, and workspace to Medium abstraction * chore(io): migrate internal/cmd/docs and internal/cmd/dev to Medium - internal/cmd/docs: Replace os.Stat, os.ReadFile, os.WriteFile, os.MkdirAll, os.RemoveAll with io.Local equivalents - internal/cmd/dev: Replace os.Stat, os.ReadFile, os.WriteFile, os.MkdirAll, os.ReadDir with io.Local equivalents - Fix local.Medium to allow absolute paths when root is "/" for full filesystem access (io.Local use case) Refs #113, #114 Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * chore(io): migrate internal/cmd/setup to Medium abstraction Migrated all direct os.* filesystem calls to use io.Local: - cmd_repo.go: os.MkdirAll -> io.Local.EnsureDir, os.WriteFile -> io.Local.Write, os.Stat -> io.Local.IsFile - cmd_bootstrap.go: os.MkdirAll -> io.Local.EnsureDir, os.Stat -> io.Local.IsDir/Exists, os.ReadDir -> io.Local.List - cmd_registry.go: os.MkdirAll -> io.Local.EnsureDir, os.Stat -> io.Local.Exists - cmd_ci.go: os.ReadFile -> io.Local.Read - github_config.go: os.ReadFile -> io.Local.Read, os.Stat -> io.Local.Exists Refs #116 Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * feat(log): add error creation and log-and-return helpers Implements issues #129 and #132: - Add Err struct with Op, Msg, Err, Code fields for structured errors - Add E(), Wrap(), WrapCode(), NewCode() for error creation - Add Is(), As(), NewError(), Join() as stdlib wrappers - Add Op(), ErrCode(), Message(), Root() for introspection - Add LogError(), LogWarn(), Must() for combined log-and-return Closes #129 Closes #132 Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * chore(errors): create deprecation alias pointing to pkg/log Makes pkg/errors a thin compatibility layer that re-exports from pkg/log. All error handling functions now have canonical implementations in pkg/log. Migration guide in package documentation: - errors.Error -> log.Err - errors.E -> log.E - errors.Code -> log.NewCode - errors.New -> log.NewError Fixes behavior consistency: - E(op, msg, nil) now creates an error (for errors without cause) - Wrap(nil, op, msg) returns nil (for conditional wrapping) - WrapCode returns nil only when both err is nil AND code is empty Closes #128 Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * chore(log): migrate pkg/errors imports to pkg/log Migrates all internal packages from pkg/errors to pkg/log: - internal/cmd/monitor - internal/cmd/qa - internal/cmd/dev - pkg/agentic Closes #130 Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix(io): address Copilot review feedback - Fix MockMedium.Rename: collect keys before mutating maps during iteration - Fix .git checks to use Exists instead of List (handles worktrees/submodules) - Fix cmd_sync.go: use DeleteAll for recursive directory removal Files updated: - pkg/io/io.go: safe map iteration in Rename - internal/cmd/setup/cmd_bootstrap.go: Exists for .git checks - internal/cmd/setup/cmd_registry.go: Exists for .git checks - internal/cmd/pkgcmd/cmd_install.go: Exists for .git checks - internal/cmd/pkgcmd/cmd_manage.go: Exists for .git checks - internal/cmd/docs/cmd_sync.go: DeleteAll for recursive delete Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix(updater): resolve PkgVersion duplicate declaration Remove var PkgVersion from updater.go since go generate creates const PkgVersion in version.go. Track version.go in git to ensure builds work without running go generate first. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * style: fix formatting in internal/variants Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * style: fix formatting across migrated files Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * refactor(io): simplify local Medium implementation Rewrote to match the simpler TypeScript pattern: - path() sanitizes and returns string directly - Each method calls path() once - No complex symlink validation - Less code, less attack surface Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix(io): remove duplicate method declarations Clean up the client.go file that had duplicate method declarations from a bad cherry-pick merge. Now has 127 lines of simple, clean code. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * test(io): fix traversal test to match sanitization behavior The simplified path() sanitizes .. to . without returning errors. Update test to verify sanitization works correctly. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * test(mcp): update sandboxing tests for simplified Medium The simplified io/local.Medium implementation: - Sanitizes .. to . (no error, path is cleaned) - Allows absolute paths through (caller validates if needed) - Follows symlinks (no traversal blocking) Update tests to match this simplified behavior. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: address CodeRabbit review issues - Fix critical sandbox escape in local.Medium.path() - Absolute paths now constrained to sandbox root when root != "/" - Only allow absolute path passthrough when root is "/" - Fix weak test assertion in TestMust_Ugly_Panics - Use assert.Contains instead of weak OR condition - Remove unused issues.json file - Add TestPath_RootFilesystem test for absolute path handling Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix(io): sandbox absolute paths under root in Medium.path * ci(workflows): use host-uk/build@dev for releases - Replace manual Go bootstrap with host-uk/build@dev action - Add matrix builds for linux/amd64, linux/arm64, darwin/universal, windows/amd64 - Update README URLs from Snider/Core to host-uk/core - Simplify artifact handling with merge-multiple Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix(io): sandbox absolute paths under root in Medium.path Security fix: Remove Windows drive root bypass and properly strip volume names before sandboxing. Paths like C:\Windows are now correctly sandboxed under root instead of escaping. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>	2026-02-03 03:52:09 +00:00
Snider	3365bfd5ba	feat(mcp): add workspace root validation to prevent path traversal (#100) ... * feat(mcp): add workspace root validation to prevent path traversal - Add workspaceRoot field to Service for restricting file operations - Add WithWorkspaceRoot() option for configuring the workspace directory - Add validatePath() helper to check paths are within workspace - Apply validation to all file operation handlers - Default to current working directory for security - Add comprehensive tests for path validation Closes #82 Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * refactor: move CLI commands from pkg/ to internal/cmd/ - Move 18 CLI command packages to internal/cmd/ (not externally importable) - Keep 16 library packages in pkg/ (externally importable) - Update all import paths throughout codebase - Cleaner separation between CLI logic and reusable libraries CLI commands moved: ai, ci, dev, docs, doctor, gitcmd, go, monitor, php, pkgcmd, qa, sdk, security, setup, test, updater, vm, workspace Libraries remaining: agentic, build, cache, cli, container, devops, errors, framework, git, i18n, io, log, mcp, process, release, repos Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * refactor(mcp): use pkg/io Medium for sandboxed file operations Replace manual path validation with pkg/io.Medium for all file operations. This delegates security (path traversal, symlink bypass) to the sandboxed local.Medium implementation. Changes: - Add io.NewSandboxed() for creating sandboxed Medium instances - Refactor MCP Service to use io.Medium instead of direct os.* calls - Remove validatePath and resolvePathWithSymlinks functions - Update tests to verify Medium-based behaviour Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: correct import path and workflow references - Fix pkg/io/io.go import from core-gui to core - Update CI workflows to use internal/cmd/updater path Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix(security): address CodeRabbit review issues for path validation - pkg/io/local: add symlink resolution and boundary-aware containment - Reject absolute paths in sandboxed Medium - Use filepath.EvalSymlinks to prevent symlink bypass attacks - Fix prefix check to prevent /tmp/root matching /tmp/root2 - pkg/mcp: fix resolvePath to validate and return errors - Changed resolvePath from (string) to (string, error) - Update deleteFile, renameFile, listDirectory, fileExists to handle errors - Changed New() to return (*Service, error) instead of *Service - Properly propagate option errors instead of silently discarding - pkg/io: wrap errors with E() helper for consistent context - Copy() and MockMedium.Read() now use coreerr.E() - tests: rename to use _Good/_Bad/_Ugly suffixes per coding guidelines - Fix hardcoded /tmp in TestPath to use t.TempDir() - Add TestResolvePath_Bad_SymlinkTraversal test Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * style: fix gofmt formatting Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * style: fix gofmt formatting across all files Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>	2026-02-01 21:59:34 +00:00
Snider	e28fc52456	feat(ci): add core setup ci and dogfood CLI in workflows ... - Add `core setup ci` command for generating installation scripts - Supports bash, powershell, and GitHub Actions YAML output - Configurable via .core/ci.yaml - Auto-detects platform and uses Homebrew/Scoop/direct download - Update all GitHub workflows to use global `core` binary: - ci.yml: Uses `core go qa` for all quality checks - coverage.yml: Uses `core go cov` for coverage - release.yml: Uses `core build --ci` for cross-compilation - dev-release.yml: Uses `core build --ci` for all targets - Add .core/ci.yaml with default configuration This ensures the CLI dogfoods itself across all CI operations, validating the framework that the Web3 ecosystem builds from. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-02-01 11:36:59 +00:00
Snider	3cbb04f512	ci: use core CLI for QA and standardize workflows ... - ci.yml: Download latest dev release, run `core go qa`, build matrix - release.yml: Use go-version-file, consistent artifact handling - dev-release.yml: Add checksums, cleaner version string - coverage.yml: Standardize setup-go version, add CLI verification All workflows now use: - go-version-file for consistent Go version - upload-artifact@v4 / download-artifact@v4 - Proper version injection via ldflags Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-02-01 11:05:26 +00:00
Snider	0435613a31	chore(deps): update GitHub Actions and Go modules (#73) ... GitHub Actions: - actions/checkout v4 → v6 - actions/upload-artifact v4 → v6 - github/codeql-action v3 → v4 - arduino/setup-task v1 → v2 Go modules: - golang.org/x/mod v0.31.0 → v0.32.0 - golang.org/x/exp updated - aead.dev/minisign v0.2.0 → v0.3.0 - github.com/go-openapi/jsonpointer v0.21.0 → v0.22.4 - github.com/go-openapi/swag v0.23.0 → v0.25.4 - github.com/google/jsonschema-go v0.3.0 → v0.4.2 - github.com/mailru/easyjson v0.9.0 → v0.9.1 - github.com/tidwall/match v1.1.1 → v1.2.0 - github.com/woodsbury/decimal128 v1.3.0 → v1.4.0 Also fixed fmt.Errorf with non-constant format string in security package. Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>	2026-02-01 06:46:54 +00:00
Snider	6670ad7d2b	fix(release): add proper release workflow with version injection ... - Make AppVersion injectable via ldflags at build time - Replace GoReleaser with simple GitHub Actions workflow - Build for linux/darwin/windows on amd64/arm64 - Generate checksums.txt for integrity verification - Inject version from git tag into binary Fixes #37 Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-02-01 06:21:29 +00:00
Snider	d25bd5c5ca	Add GoReleaser configuration and update Go version to 1.25 ... Signed-off-by: Snider <snider@lt.hn>	2025-11-04 12:00:58 +00:00