KeiSeiKit-1.0

keisei/KeiSeiKit-1.0

Fork 0

Commit graph

Author	SHA1	Message	Date
Parfii-bot	e84e9fc1fe	feat(stream-f): kei-forge pure-Rust templating — eliminate shell-out Remove std::process::Command invocation of scripts/new-atom.sh from kei-forge. Templating moves to pure Rust — eliminates the sed-metacharacter injection class structurally, on top of the description whitelist that E2 added as defence-in-depth. src/generate.rs split into 4 Cubes (Constructor Pattern): - generate/placeholders.rs — 6-token substitution, longer-first ordering - generate/paths.rs — TargetPaths::resolve + assert_none_exist - generate/rollback.rs — Drop-based atomic rollback (Rust idiom for shell `trap ERR`) - generate/atom_tests.rs — 5 tempdir integration tests generate.rs dropped from 295 → 159 LOC as orchestration thin wrapper. Behavioural parity with scripts/new-atom.sh maintained: same 6 tokens, same order, refuse-overwrite, atomic rollback, same file-list ordering. scripts/new-atom.sh untouched on disk (still usable as standalone CLI). Cargo.toml: removed mock-generate feature flag (no longer needed — pure-Rust tests use tempfile::TempDir), added tempfile dev-dep. Tests: 44/44 (was 29 with mock-generate; +15 new pure-Rust unit tests across placeholders/paths/rollback/atom_tests). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-23 01:21:00 +08:00
Parfii-bot	f7982f0415	fix(substrate): E2 — kei-forge security hardening (DNS rebind + CSRF + injection) Three HIGH security findings resolved in _primitives/_rust/kei-forge/: - F-1: DNS rebinding — require_local_host middleware returns 421 on non-localhost Host headers - F-2: CSRF via urlencoded — require_json_content_type middleware returns 415 on non-JSON; form HTML now POSTs JSON via fetch() - crit#1/SA F-7: description sed injection — whitelist validator rejects newline/CR/tab/NUL/backtick/$/length>200, blocks the shell-script attack at the Rust layer - crit#11: missing security headers — CSP, X-Frame-Options DENY, X-Content-Type-Options nosniff, Referrer-Policy no-referrer on GET / Zero new deps (axum 0.7 middleware::from_fn + HeaderMap native). Constructor Pattern compliant — 6 Cube files, largest 231 LOC including tests. Tests: 29/29 (was 12/12; +17 new). Includes 4 adversarial integration tests for each defence layer. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-23 00:49:49 +08:00
Parfii-bot	fd25c3af60	feat(stream-a): kei-forge MVP — local web wizard scaffolding atoms New crate _primitives/_rust/kei-forge/ exposing POST /forge over axum on 127.0.0.1:8747. Shell-outs to scripts/new-atom.sh for generation. 5-input inline HTML form, no JS required. 9 unit + 3 integration tests green via `cargo test --features mock-generate`. Registered kei-forge in workspace members. Stream A of substrate v1 parallel build — see docs/SUBSTRATE-SCHEMA.md. Spec pre-locked; schema immutable until 2026-06-03 or revocation. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-23 00:09:53 +08:00

Author

SHA1

Message

Date

Parfii-bot

e84e9fc1fe

feat(stream-f): kei-forge pure-Rust templating — eliminate shell-out

Remove std::process::Command invocation of scripts/new-atom.sh from
kei-forge. Templating moves to pure Rust — eliminates the
sed-metacharacter injection class structurally, on top of the
description whitelist that E2 added as defence-in-depth.

src/generate.rs split into 4 Cubes (Constructor Pattern):
- generate/placeholders.rs — 6-token substitution, longer-first ordering
- generate/paths.rs — TargetPaths::resolve + assert_none_exist
- generate/rollback.rs — Drop-based atomic rollback (Rust idiom for
  shell `trap ERR`)
- generate/atom_tests.rs — 5 tempdir integration tests

generate.rs dropped from 295 → 159 LOC as orchestration thin wrapper.

Behavioural parity with scripts/new-atom.sh maintained: same 6 tokens,
same order, refuse-overwrite, atomic rollback, same file-list
ordering. scripts/new-atom.sh untouched on disk (still usable as
standalone CLI).

Cargo.toml: removed mock-generate feature flag (no longer needed —
pure-Rust tests use tempfile::TempDir), added tempfile dev-dep.

Tests: 44/44 (was 29 with mock-generate; +15 new pure-Rust unit tests
across placeholders/paths/rollback/atom_tests).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-04-23 01:21:00 +08:00

Parfii-bot

f7982f0415

fix(substrate): E2 — kei-forge security hardening (DNS rebind + CSRF + injection)

Three HIGH security findings resolved in _primitives/_rust/kei-forge/:

- F-1: DNS rebinding — require_local_host middleware returns 421 on
  non-localhost Host headers
- F-2: CSRF via urlencoded — require_json_content_type middleware
  returns 415 on non-JSON; form HTML now POSTs JSON via fetch()
- crit#1/SA F-7: description sed injection — whitelist validator rejects
  newline/CR/tab/NUL/backtick/$/length>200, blocks the shell-script attack
  at the Rust layer
- crit#11: missing security headers — CSP, X-Frame-Options DENY,
  X-Content-Type-Options nosniff, Referrer-Policy no-referrer on GET /

Zero new deps (axum 0.7 middleware::from_fn + HeaderMap native).
Constructor Pattern compliant — 6 Cube files, largest 231 LOC including tests.

Tests: 29/29 (was 12/12; +17 new). Includes 4 adversarial integration
tests for each defence layer.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-04-23 00:49:49 +08:00

Parfii-bot

fd25c3af60

feat(stream-a): kei-forge MVP — local web wizard scaffolding atoms

New crate _primitives/_rust/kei-forge/ exposing POST /forge over axum
on 127.0.0.1:8747. Shell-outs to scripts/new-atom.sh for generation.
5-input inline HTML form, no JS required. 9 unit + 3 integration tests
green via `cargo test --features mock-generate`.

Registered kei-forge in workspace members.

Stream A of substrate v1 parallel build — see docs/SUBSTRATE-SCHEMA.md.
Spec pre-locked; schema immutable until 2026-06-03 or revocation.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-04-23 00:09:53 +08:00

3 commits