Release v0.1: Security hardening, dead code removal, and ACP documentation · app-dev-panel/api

v0.1
212e397
Choose a tag to compare

Filter

View all tags

v0.1: Security hardening, dead code removal, and ACP documentation

v0.1
212e397
Choose a tag to compare

Filter

View all tags

claude tagged this 05 Apr 06:12

Security:
- Validate X-Acp-Session as UUID format to prevent socket protocol injection
- Block dangerous env vars (PATH, LD_PRELOAD, etc.) in acpEnv
- Tighten daemon socket permissions from 0660 to 0600

Dead code removal:
- Remove unused AcpClient, AcpClientFactory, AcpTransport and their interfaces
- Remove corresponding tests (19 tests for dead code)
- Clean up mago lint baseline (11 stale entries)

Documentation:
- Update website/guide/ai-chat.md: add ACP provider section, session lifecycle,
  daemon architecture, updated settings table and architecture diagram
- Update website/api/rest.md: multi-session ACP connect flow, X-Acp-Session
  header, daemon protocol, response format
- Update libs/API/CLAUDE.md: reflect new file structure
- Update libs/frontend/CLAUDE.md: add Llm/acpSession.ts module

https://claude.ai/code/session_01W4kLoG2QdFrRYqkVyJF6df

Assets 2

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Choose a tag to compare

Sorry, something went wrong.

Sorry, something went wrong.

Uh oh!

No results found

Choose a tag to compare

Sorry, something went wrong.

Sorry, something went wrong.

Uh oh!

No results found

Uh oh!