chore: sync core lib and CLAUDE.md from agent-core#40
Conversation
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request introduces safer file handling practices to mitigate Time-of-Check to Time-of-Use (TOCTOU) race conditions and symlink attacks. It implements a new readFileWithLimit utility that reads files via a single file descriptor and integrates atomic write operations across multiple analyzers. The review feedback suggests further strengthening security by asserting that target paths are not symbolic links before backup and write operations in docs-analyzer.js and prompt-analyzer.js, and enforcing a file size limit when reading the suppression file in auto-suppression.js to prevent potential Denial of Service (DoS) vulnerabilities.
|
This is an auto-sync of the already-reviewed agent-core fix (PR agent-sh/agent-core#25). The auto-reviewer's symlink/TOCTOU notes are addressed by the design: reads use the fd-based readFileWithLimit, and writes use writeFileAtomic (temp file + atomic rename). rename() replaces the path entry itself and never follows a symlink to its target, so it is symlink-safe by construction - the explicit assertNotSymlink in fixer.js is belt-and-suspenders for that path. Merging to keep lib in sync with the source. |
1 participant
Automated sync of lib/ and CLAUDE.md from agent-core.