Skip to content

v0.2.2 — post-v0.2.1 review pass

Choose a tag to compare

View all tags
@ed-smartass ed-smartass released this 10 May 08:27
· 1 commit to main since this release
v0.2.2
f0ac50c
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

External code review pass closing four correctness issues, two spec/doc drifts, and one Windows-portability bug Copilot flagged on the fix-PR itself. No public API changes; all fixes are behaviour-preserving on POSIX, behaviour-tightening on Windows + edge-case responses.

Fixed

  • MAGPIE_FILES_ROOT bypass via symlinked parent (security). When a target file didn't yet exist (typical for download_to / save_to), canonicalize fell back to lexical path.resolve — meaning <root>/symlinked-dir/new.txt could pass isUnderRoot while the actual write landed outside MAGPIE_FILES_ROOT. canonicalize now walks up to the nearest existing ancestor, realpathSyncs that, and re-attaches the non-existent suffix. Implementation uses path.dirname + path.parse(abs).root so it works on POSIX, Windows drive roots (C:\\), and UNC shares.
  • 307 / 308 redirect on streamed (multipart) body now fails fast. RFC 7231 says preserve method+body, but a Readable body has been consumed by the first request — replaying it threw "Response body object should not be disturbed or locked" from undici, which surfaced as a generic network_error. Now detected explicitly: invalid_input with the final URL so the caller can re-issue the request directly.
  • next_step_hints no longer suggests map({id, name}) for scalar arrays. For { data: [1,2,3] } the projection is nonsense and produces a jq parse error if the agent runs it. Branches on object-array vs scalar-array; scalars get unique instead, and projections use identifier-safe keys actually present on the first object.
  • body_mode: "auto" on empty body now resolves to inline (matches spec §4). Previously returned schema. Body is null either way; the behaviour change is observable only in meta.body_inclusion.resolved_mode.
  • http_inspect now returns next_step_hints for JSON bodies (matches spec §5.6). Previously the spec advertised it but the wire response only carried schema.
  • Binary + body_mode: "inline" error message no longer suggests http_read. After v0.2.1's recovery-path narrowing there's no cache_id surfaced for that error, so the previous "use download_to or http_read with save_to" was misleading. Now: "use download_to to stream straight to disk, or omit body_mode (defaults to schema for binary)".

Docs

  • README server_info example: version 0.2.00.2.1.
  • CONTRIBUTING.md CHANGELOG template uses X.Y.Z — YYYY-MM-DD placeholder instead of a stale specific version/date.
Assets 2
Loading