Skip to content

security

Douwe de Vries edited this page Jul 2, 2026 · 2 revisions

Security

CSV Align is a local-file comparison app, so the main trust boundaries are local file input, browser/Tauri transport, desktop CSP, release signing, and generated export files.

Trust boundaries

Boundary Relevant files Notes
CSV upload size and parsing src/backend/workflow.rs, src/data/csv_loader.rs, frontend/src/services/contracts.ts Files are size-limited and parsed as strict headered CSV.
Session memory src/backend/store.rs, src/backend/session.rs Store limits sessions, idle lifetime, and estimated total bytes.
Desktop IPC src-tauri/src/commands.rs, frontend/src/services/tauri.ts Raw bytes are user-selected and metadata is header-based.
Tauri CSP src-tauri/tauri.conf.json Production CSP restricts scripts, frames, objects, and connection targets.
Exports src/data/export.rs, frontend/src/features/results/htmlExport.ts, frontend/src/features/results/htmlExportTemplate.ts CSV and HTML exports contain user data from selected files.
Release signing .github/workflows/release.yml, docs/releasing.md Secrets are confined to GitHub Actions release jobs.

Input handling

src/data/csv_loader.rs rejects duplicate headers and malformed rows with unequal lengths. src/backend/validation.rs rejects missing, duplicate, mismatched, or invalid selected columns and mappings. src/backend/persistence/v1/mod.rs validates snapshots before loading persisted results into a session.

Browser and desktop behavior

Browser mode posts multipart files to routes from frontend/src/services/apiRoutes.ts. Desktop mode uses Tauri IPC and native dialogs. src-tauri/tauri.conf.json sets production CSP values for scripts, styles, images, fonts, connections, objects, base URI, and frame ancestors.

Export considerations

CSV exports are built by src/data/export.rs. HTML exports escape embedded JSON through escapeJsonForHtml in frontend/src/features/results/htmlExport.ts. Because exports can contain local CSV contents, avoid logging them or adding telemetry around row values.

Key source files

File Purpose
src/backend/workflow.rs File size caps and workflow validation calls.
src/backend/validation.rs Compare request validation.
src/backend/persistence/v1/mod.rs Snapshot validation.
src-tauri/tauri.conf.json Desktop CSP and bundle security config.
.github/workflows/release.yml Release signing and verification.

For runtime monitoring, see how to monitor.

Clone this wiki locally