Codex/merge security fixes

agents/analyzer/index.ts

@@ -40,9 +40,11 @@ export interface AnalysisResult {
 
 export class CodeAnalyzerAgent {
   private projectRoot: string;
+  private allowBuildScripts: boolean;
 
-  constructor(projectRoot: string) {
+  constructor(projectRoot: string, allowBuildScripts: boolean = true) {
     this.projectRoot = projectRoot;
+    this.allowBuildScripts = allowBuildScripts;
   }
 
   /**
@@ -63,8 +65,12 @@ export class CodeAnalyzerAgent {
     issues.push(...eslintIssues);
 
     // 3. Build check
-    const buildIssues = await this.runBuildCheck();
-    issues.push(...buildIssues);
+    if (this.allowBuildScripts) {
+      const buildIssues = await this.runBuildCheck();
+      issues.push(...buildIssues);
+    } else {
+      console.log('[CodeAnalyzer] Build check skipped for untrusted repository');
+    }
 
     const errors = issues.filter(i => i.severity === 'error').length;
     const warnings = issues.filter(i => i.severity === 'warning').length;

agents/verifier/index.ts

@@ -7,7 +7,7 @@
  * Instrumented with W&B Weave for observability.
  */
 
-import { execSync } from 'child_process';
+import { execFileSync } from 'child_process';
 import * as fs from 'fs';
 import * as path from 'path';
 import type {
@@ -38,6 +38,8 @@ export class VerifierAgent implements IVerifierAgent {
   private autoCommit: boolean;
   private currentFailureReport?: FailureReport;
 
+  private static readonly COMMIT_MESSAGE_MAX_LENGTH = 200;
+
   constructor(projectRoot: string = process.cwd(), options: VerifierOptions = {}) {
     this.projectRoot = projectRoot;
     this.useRedis = options.useRedis ?? true;
@@ -179,9 +181,14 @@ export class VerifierAgent implements IVerifierAgent {
    */
   private async commitFix(patch: Patch): Promise<void> {
     try {
-      const commitMessage = `fix: ${patch.description}\n\nApplied by PatchPilot`;
-      execSync(`git add ${patch.file}`, { cwd: this.projectRoot, stdio: 'pipe' });
-      execSync(`git commit -m "${commitMessage}"`, {
+      const safeFilePath = this.getValidatedFilePath(patch.file);
+      const commitMessage = `fix: ${this.sanitizeCommitDescription(patch.description)}\n\nApplied by QAgent`;
+
+      execFileSync('git', ['add', '--', safeFilePath], {
+        cwd: this.projectRoot,
+        stdio: 'pipe',
+      });
+      execFileSync('git', ['commit', '-m', commitMessage], {
         cwd: this.projectRoot,
         stdio: 'pipe',
       });
@@ -210,7 +217,7 @@ export class VerifierAgent implements IVerifierAgent {
   }
 
   private async deploy(): Promise<string> {
-    execSync('git push', {
+    execFileSync('git', ['push'], {
       cwd: this.projectRoot,
       stdio: 'pipe',
     });
@@ -266,7 +273,7 @@ export class VerifierAgent implements IVerifierAgent {
    */
   private async applyPatch(patch: Patch): Promise<boolean> {
     try {
-      const fullPath = path.join(this.projectRoot, patch.file);
+      const fullPath = this.getValidatedFilePath(patch.file);
       const sourceCode = fs.readFileSync(fullPath, 'utf-8');
 
       // Parse the diff to get the change details
@@ -313,7 +320,7 @@ export class VerifierAgent implements IVerifierAgent {
    * Create a backup of a file
    */
   private async backupFile(filePath: string): Promise<string> {
-    const fullPath = path.join(this.projectRoot, filePath);
+    const fullPath = this.getValidatedFilePath(filePath);
     const backupPath = `${fullPath}.backup.${Date.now()}`;
     fs.copyFileSync(fullPath, backupPath);
     return backupPath;
@@ -323,7 +330,7 @@ export class VerifierAgent implements IVerifierAgent {
    * Restore a file from backup
    */
   private async restoreFile(filePath: string, backupPath: string): Promise<void> {
-    const fullPath = path.join(this.projectRoot, filePath);
+    const fullPath = this.getValidatedFilePath(filePath);
     fs.copyFileSync(backupPath, fullPath);
     this.cleanupBackup(backupPath);
   }
@@ -344,7 +351,7 @@ export class VerifierAgent implements IVerifierAgent {
    */
   private async validateSyntax(filePath: string): Promise<boolean> {
     try {
-      const fullPath = path.join(this.projectRoot, filePath);
+      const fullPath = this.getValidatedFilePath(filePath);
       const content = fs.readFileSync(fullPath, 'utf-8');
 
       // Basic bracket balance check
@@ -371,7 +378,7 @@ export class VerifierAgent implements IVerifierAgent {
       // Try to run TypeScript check using project config
       try {
         // Use project's tsconfig to ensure JSX and other settings are applied
-        execSync(`npx tsc --noEmit --project tsconfig.json 2>&1`, {
+        execFileSync('npx', ['tsc', '--noEmit', '--project', 'tsconfig.json'], {
           cwd: this.projectRoot,
           stdio: 'pipe',
         });
@@ -441,6 +448,41 @@ export class VerifierAgent implements IVerifierAgent {
       console.error('Error recording fix in knowledge base:', error);
     }
   }
+
+  /**
+   * Resolve and validate that patch file paths stay within the repository.
+   */
+  private getValidatedFilePath(filePath: string): string {
+    if (!filePath || typeof filePath !== 'string') {
+      throw new Error('Invalid patch file path');
+    }
+
+    const normalizedPath = path.normalize(filePath);
+    if (path.isAbsolute(normalizedPath)) {
+      throw new Error('Absolute file paths are not allowed in patches');
+    }
+
+    const resolvedPath = path.resolve(this.projectRoot, normalizedPath);
+    const rootPath = path.resolve(this.projectRoot);
+
+    if (resolvedPath !== rootPath && !resolvedPath.startsWith(`${rootPath}${path.sep}`)) {
+      throw new Error('Patch file path resolves outside project root');
+    }
+
+    return resolvedPath;
+  }
+
+  /**
+   * Keep commit subjects safe, readable, and bounded.
+   */
+  private sanitizeCommitDescription(description: string): string {
+    const fallback = 'Bug fix';
+    const normalized = description.trim().replace(/[\r\n]+/g, ' ');
+    if (!normalized) {
+      return fallback;
+    }
+    return normalized.slice(0, VerifierAgent.COMMIT_MESSAGE_MAX_LENGTH);
+  }
 }
 
 export default VerifierAgent;

app/api/runs/[runId]/session/route.ts

@@ -1,5 +1,6 @@
 import { NextRequest, NextResponse } from 'next/server';
 import { getRunAsync } from '@/lib/dashboard/run-store';
+import { getSession } from '@/lib/auth/session';
 import Browserbase from '@browserbasehq/sdk';
 
 // GET /api/runs/[runId]/session - Get Browserbase session debug URLs
@@ -8,12 +9,18 @@ export async function GET(
   { params }: { params: Promise<{ runId: string }> }
 ) {
   const { runId } = await params;
+  const session = await getSession();
   const run = await getRunAsync(runId);
 
   if (!run) {
     return NextResponse.json({ error: 'Run not found' }, { status: 404 });
   }
 
+  const requesterId = session?.user?.id;
+  if (requesterId === undefined || run.ownerId !== requesterId) {
+    return NextResponse.json({ error: 'Run not found' }, { status: 404 });
+  }
+
   if (!run.sessionId) {
     return NextResponse.json({
       hasSession: false,

app/api/runs/analyze/route.ts

@@ -24,6 +24,7 @@ export async function POST(request: NextRequest) {
     }
 
     const run = createRun({
+      ownerId: session?.user?.id,
       repoId: repoId || repoName,
       repoName,
       testSpecs: [],

app/api/runs/route.ts

@@ -13,6 +13,9 @@ import { executeAdHocRun } from '@/lib/queue/ad-hoc-runner';
 export const dynamic = 'force-dynamic';
 
 export async function GET(request: NextRequest) {
+  const session = await getSession();
+  const userId = session?.user?.id;
+
   const { searchParams } = request.nextUrl;
   const page = Math.max(1, parseInt(searchParams.get('page') || '1', 10));
   const limit = Math.min(100, Math.max(1, parseInt(searchParams.get('limit') || '20', 10)));
@@ -22,6 +25,10 @@ export async function GET(request: NextRequest) {
 
   let runs = await getAllRunsAsync();
 
+  if (userId !== undefined) {
+    runs = runs.filter((r) => r.ownerId === userId);
+  }
+
   if (statusFilter) {
     runs = runs.filter((run) => run.status === statusFilter);
   }
@@ -86,12 +93,17 @@ export async function POST(request: NextRequest) {
       return NextResponse.json({ error: 'Repository is required' }, { status: 400 });
     }
 
-    const session = cloudMode ? await getSession() : null;
-    const githubToken = session?.accessToken || undefined;
+    const session = await getSession();
+    const githubToken = cloudMode ? session?.accessToken || undefined : undefined;
+
+    if (cloudMode && !githubToken) {
+      return NextResponse.json({ error: 'GitHub authentication required' }, { status: 401 });
+    }
 
     const resolvedRepoId = repoId || (cloudMode ? repoName : 'local');
     const resolvedRepoName = repoName || 'Demo App';
     const run = createRun({
+      ownerId: session?.user?.id,
       repoId: resolvedRepoId,
       repoName: resolvedRepoName,
       testSpecs,

lib/auth/github.ts

@@ -15,7 +15,14 @@ export function getGitHubAuthUrl(state: string): string {
   return `https://github.com/login/oauth/authorize?${params.toString()}`;
 }
 
-export async function exchangeCodeForToken(code: string): Promise<string> {
+export async function exchangeCodeForToken(
+  params: string | { code: string; redirectUri?: string; codeVerifier?: string; state?: string }
+): Promise<string> {
+  const requestParams =
+    typeof params === 'string'
+      ? { code: params }
+      : params;
+
   const response = await fetch('https://github.com/login/oauth/access_token', {
     method: 'POST',
     headers: {
@@ -25,7 +32,10 @@ export async function exchangeCodeForToken(code: string): Promise<string> {
     body: JSON.stringify({
       client_id: GITHUB_CLIENT_ID,
       client_secret: GITHUB_CLIENT_SECRET,
-      code,
+      code: requestParams.code,
+      ...(requestParams.redirectUri ? { redirect_uri: requestParams.redirectUri } : {}),
+      ...(requestParams.codeVerifier ? { code_verifier: requestParams.codeVerifier } : {}),
+      ...(requestParams.state ? { state: requestParams.state } : {}),
     }),
   });
 

lib/auth/session-secret.ts

@@ -0,0 +1,32 @@
+const DEV_SESSION_SECRET_GLOBAL_KEY = '__PATCHPILOT_DEV_SESSION_SECRET__';
+const TEST_FALLBACK_SECRET = 'test-session-secret';
+
+type GlobalWithSecret = typeof globalThis & {
+  [DEV_SESSION_SECRET_GLOBAL_KEY]?: string;
+};
+
+function getDevSessionSecret(): string {
+  const globalWithSecret = globalThis as GlobalWithSecret;
+  if (!globalWithSecret[DEV_SESSION_SECRET_GLOBAL_KEY]) {
+    globalWithSecret[DEV_SESSION_SECRET_GLOBAL_KEY] = crypto.randomUUID();
+  }
+
+  return globalWithSecret[DEV_SESSION_SECRET_GLOBAL_KEY];
+}
+
+export function getSessionSecret(): string {
+  const envSecret = process.env.SESSION_SECRET;
+  if (envSecret) {
+    return envSecret;
+  }
+
+  if (process.env.NODE_ENV === 'test') {
+    return TEST_FALLBACK_SECRET;
+  }
+
+  if (process.env.NODE_ENV === 'production') {
+    throw new Error('SESSION_SECRET environment variable is required in production');
+  }
+
+  return getDevSessionSecret();
+}

lib/auth/session.ts

@@ -1,22 +1,9 @@
 import { cookies } from 'next/headers';
 import { SignJWT, jwtVerify } from 'jose';
 import type { Session, GitHubUser, GitHubRepo, SessionPayload } from '@/lib/types';
+import { getSessionSecret } from '@/lib/auth/session-secret';
 
 const SESSION_COOKIE = 'qagent_session';
-const TEST_FALLBACK_SECRET = 'test-session-secret';
-
-function getSessionSecret(): string {
-  const secret = process.env.SESSION_SECRET;
-  if (secret) {
-    return secret;
-  }
-
-  if (process.env.NODE_ENV === 'test') {
-    return TEST_FALLBACK_SECRET;
-  }
-
-  throw new Error('SESSION_SECRET environment variable is required');
-}
 
 export function getSessionKey(): Uint8Array {
   return new TextEncoder().encode(getSessionSecret());

lib/dashboard/run-store.ts

@@ -30,13 +30,15 @@ function persistRun(run: Run): void {
 }
 
 export function createRun(data: {
+  ownerId?: number;
   repoId: string;
   repoName: string;
   testSpecs: TestSpec[];
   maxIterations: number;
 }): Run {
   const run: Run = {
     id: crypto.randomUUID(),
+    ownerId: data.ownerId,
     repoId: data.repoId,
     repoName: data.repoName,
     status: 'pending',

lib/git/clone.ts

@@ -113,7 +113,10 @@ export async function installDependencies(
   const pm = detectPackageManager(repoPath);
   console.log(`[GitClone] Installing dependencies with ${pm}...`);
 
-  const installCommand = pm === 'npm' ? 'npm install' : `${pm} install`;
+  const installCommand =
+    pm === 'npm'
+      ? 'npm install --ignore-scripts'
+      : `${pm} install --ignore-scripts`;
 
   try {
     execSync(installCommand, {

lib/queue/ad-hoc-runner.ts

@@ -138,7 +138,7 @@ async function runCodeFirst(
     emitAgentStarted(runId, 'tester');
     updateRunAgent(runId, 'tester');
 
-    const analyzer = new CodeAnalyzerAgent(clonedRepo.repoPath);
+    const analyzer = new CodeAnalyzerAgent(clonedRepo.repoPath, false);
     const analysisResult = await analyzer.analyze();
 
     emitAgentCompleted(runId, 'tester');

lib/types.ts

@@ -214,6 +214,7 @@ export type AgentType = 'tester' | 'triage' | 'fixer' | 'verifier';
 
 export interface Run {
   id: string;
+  ownerId?: number;
   repoId: string;
   repoName: string;
   status: RunStatus;