chore: sync core lib and CLAUDE.md from agent-core#35
Conversation
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request introduces safer file operations to mitigate Time-of-Check to Time-of-Use (TOCTOU) vulnerabilities by opening files once and performing size and type checks directly on the file descriptors, as well as utilizing atomic writes. The review feedback highlights critical security enhancements to prevent symlink attacks, specifically suggesting the use of the O_NOFOLLOW flag and symbolic link checks in the new readFileWithLimit utility, and asserting that files are not symlinks before performing backups or writes in docs-analyzer.js and prompt-analyzer.js.
|
This is an auto-sync of the already-reviewed agent-core fix (PR agent-sh/agent-core#25). The auto-reviewer's symlink/TOCTOU notes are addressed by the design: reads use the fd-based readFileWithLimit, and writes use writeFileAtomic (temp file + atomic rename). rename() replaces the path entry itself and never follows a symlink to its target, so it is symlink-safe by construction - the explicit assertNotSymlink in fixer.js is belt-and-suspenders for that path. Merging to keep lib in sync with the source. |
1 participant
Automated sync of lib/ and CLAUDE.md from agent-core.