-
Notifications
You must be signed in to change notification settings - Fork 0
security
CSV Align is a local-file comparison app, so the main trust boundaries are local file input, browser/Tauri transport, desktop CSP, release signing, and generated export files.
| Boundary | Relevant files | Notes |
|---|---|---|
| CSV upload size and parsing |
src/backend/workflow.rs, src/data/csv_loader.rs, frontend/src/services/contracts.ts
|
Files are size-limited and parsed as strict headered CSV. |
| Session memory |
src/backend/store.rs, src/backend/session.rs
|
Store limits sessions, idle lifetime, and estimated total bytes. |
| Desktop IPC |
src-tauri/src/commands.rs, frontend/src/services/tauri.ts
|
Raw bytes are user-selected and metadata is header-based. |
| Tauri CSP | src-tauri/tauri.conf.json |
Production CSP restricts scripts, frames, objects, and connection targets. |
| Exports |
src/data/export.rs, frontend/src/features/results/htmlExport.ts, frontend/src/features/results/htmlExportTemplate.ts
|
CSV and HTML exports contain user data from selected files. |
| Release signing |
.github/workflows/release.yml, docs/releasing.md
|
Secrets are confined to GitHub Actions release jobs. |
src/data/csv_loader.rs rejects duplicate headers and malformed rows with unequal lengths. src/backend/validation.rs rejects missing, duplicate, mismatched, or invalid selected columns and mappings. src/backend/persistence/v1/mod.rs validates snapshots before loading persisted results into a session.
Browser mode posts multipart files to routes from frontend/src/services/apiRoutes.ts. Desktop mode uses Tauri IPC and native dialogs. src-tauri/tauri.conf.json sets production CSP values for scripts, styles, images, fonts, connections, objects, base URI, and frame ancestors.
CSV exports are built by src/data/export.rs. HTML exports escape embedded JSON through escapeJsonForHtml in frontend/src/features/results/htmlExport.ts. Because exports can contain local CSV contents, avoid logging them or adding telemetry around row values.
| File | Purpose |
|---|---|
src/backend/workflow.rs |
File size caps and workflow validation calls. |
src/backend/validation.rs |
Compare request validation. |
src/backend/persistence/v1/mod.rs |
Snapshot validation. |
src-tauri/tauri.conf.json |
Desktop CSP and bundle security config. |
.github/workflows/release.yml |
Release signing and verification. |
For runtime monitoring, see how to monitor.