Skip to content

fix: apply W1-W4 from code review sweep (fixes #26)#36

Merged
blaspat merged 1 commit into
mainfrom
fix/26-sweep-W1-W4
Jun 12, 2026
Merged

fix: apply W1-W4 from code review sweep (fixes #26)#36
blaspat merged 1 commit into
mainfrom
fix/26-sweep-W1-W4

Conversation

@blaspat

@blaspat blaspat commented Jun 12, 2026
edited
Loading

Copy link
Copy Markdown
Owner

Summary

Addresses W1-W4 from Quinn's full codebase review, plus fixes the canonicalize bug.

Changes

Finding File Change
W1 — Audit gaps handler_fs.go, handler_exec.go All protocol-level rejections now audit with status=rejected
W2 — Exec canonical handler_exec.go fs.Check canonical captured in audit target
W3 — Canonical in errors handler_fs.go Error paths use canonical for audit + error detail
W4 — Dead code handler_fs.go NewFileSystemWithIO removed
Canonicalize fix internal/fs/allowlist.go Fixed: non-existing leaf returned parent dir instead of full path

Verification

  • go test -race -count=1 ./... — 6/6 green (tightened canonical tests pass)
  • go vet, go build clean

@blaspat
fix: apply W1-W4 from code review sweep (fixes #26)
e0b587c 
W1 — Audit protocol-level rejections: decode failures, empty paths,
empty command, and empty content_b64 now write an audit row with
status=rejected before returning an error envelope. Covers read,
write, and exec handlers (7 exit points).

W2 — Exec handler canonical path: fs.Check's canonical return is
now captured and used in audit targets (allowlist denial + success)
instead of the raw cwd. Same pattern as the #24 fix for read/write.

W3 — Consistent canonical in read/write error audits: post-allowlist
error paths (file_not_found, io_error, file_too_large, unknown mode,
create_refused) now record the canonical path in both the audit
target and the error_detail — matching the success path behaviour
established in #24. The actual I/O calls (Stat, ReadFile, WriteFile)
still use the raw p.Path since the OS handles its own path
resolution; audit/error-detail use canonical.

W4 — Remove dead code: NewFileSystemWithIO was exported but never
called anywhere (not even in tests). Also cleaned up its docstring
reference in NewFileSystem.
@blaspat blaspat force-pushed the fix/26-sweep-W1-W4 branch from a4aa30f to e0b587c Compare June 12, 2026 03:12
@blaspat blaspat marked this pull request as ready for review June 12, 2026 03:14
@blaspat blaspat merged commit a43c864 into main Jun 12, 2026
@blaspat blaspat deleted the fix/26-sweep-W1-W4 branch June 12, 2026 03:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@blaspat