Skip to content

v0.4.0 — production hardening

Choose a tag to compare

@smarchetti smarchetti released this 04 Jul 01:41
af22c76

0.4.0 — 2026-07-03

Production hardening.

Security

  • POST /api/webhook now requires a random per-session token (header X-Sidecar-Token, ?token=, or Authorization: Bearer), closing a cross-site request forgery hole where any webpage could inject text in front of Claude via localhost POSTs.
  • Artifact iframes are sandboxed (allow-scripts allow-forms allow-popups, opaque origin). claude.send() now crosses a postMessage bridge validated and forwarded by the canvas shell, which holds the token; artifact code never sees it.

Reliability

  • Multiple sessions coexist: if the preferred port (default 8765) is taken, the server falls back to an ephemeral port instead of crashing. Each session writes .sidecar/session.json (pid, port, url, token) for discovery by external callers.
  • Canvas contents persist to .sidecar/artifacts.json and are restored on restart.
  • await_interaction accepts artifact_id to filter, so stale clicks on other artifacts can't be misread as the answer.
  • claude.send() debounces identical payloads within 1.5s (double-click protection).
  • Canvas reconnects jump to the newest artifact instead of staying pinned to the URL-hash one.
  • interactions.jsonl rotates at 5MB.
  • Browser auto-open works on macOS, Linux, and Windows.

Tooling

  • End-to-end test suite in-repo (bun test), exercising the server over real MCP stdio.
  • CI workflow: tests plus a check that the committed dist/sidecar.js matches the source.
  • Landing page deploys to GitHub Pages.