keisei/KeiSeiKit-1.0
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
KeiSeiKit-1.0/_primitives/_rust
History
Parfii-bot e43b13335e fix(v0.19.2): polish — marker perms 0600, ANSI sanitize, manifest size bound, dead-code cleanup 
Closes remaining MEDIUM/LOW audit findings not in v0.19.0 security wave.

M1 — marker file 0600 perms (unix)
  config.rs::write() applies chmod 0o600 after write, cfg(unix) gated.
  Test marker_file_has_0600_perms_on_unix asserts mode & 0o777 == 0o600.

L9 — ANSI-escape sanitization
  New module display.rs (27 LOC) — sanitize_display(&str) replaces
  ASCII < 0x20 OR == 0x7F with '?', leaves space + unicode alone.
  Applied in status.rs + attach.rs to brain_name / brain_path /
  attached_at / client_type / config_path / mcp_path before print.
  Test status_sanitizes_control_chars_in_brain_name asserts
  sanitize_display('evil\x1b[2Jpayload') → 'evil?[2Jpayload'.

L12 — manifest size bound
  brain_validate.rs const MAX_MANIFEST_BYTES = 64 * 1024; metadata
  check before read_to_string. New Error::ManifestTooLarge { size, max }
  with thiserror Display impl. Test manifest_too_large_rejected
  writes 100 KB manifest, asserts error + marker not written.

Dead-code cleanup:
  - Error::NotAttached: #[allow(dead_code)] + comment (reserved for
    future detach subcommand when no marker exists)
  - config::has_client: #[allow(dead_code)] + comment (reserved for
    future multi-brain support)
  - mount.rs / detach.rs: dropped unused ClientAdapter import

brain.rs module doc-comment expanded — lists all v0.19 invariants:
path confinement, symlink reject, name regex, 64 KiB manifest cap,
schema v1; notes v2 (multi-platform) lands in v0.20.

Tests: 16 existing + 3 new = 19/19 pass.
cargo check -p keisei: zero warnings in keisei crate.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-22 17:17:14 +08:00
..
firewall-diff feat(primitives): 2 Rust verification cubes 2026-04-21 21:00:01 +08:00
kei-artifact Merge feat/v0.16.1-polish — dynamic schema + mode matrix Phase 3.6 2026-04-22 15:13:05 +08:00
kei-auth fix(kei-auth): remove --key CLI flag (F12 HIGH — /proc/cmdline leak) 2026-04-22 13:36:17 +08:00
kei-changelog feat(primitives): kei-docs-scaffold shell + kei-changelog Rust 2026-04-21 21:01:28 +08:00
kei-chat-store chore(rust): misc schema/main refactor in 8 crates (assorted CP splits) 2026-04-22 13:36:17 +08:00
kei-conflict-scan feat(primitives): 4 Rust crates for deep-sleep — conflict-scan, refactor-engine, graph-check, store 2026-04-22 08:28:22 +08:00
kei-content-store chore(rust): misc schema/main refactor in 8 crates (assorted CP splits) 2026-04-22 13:36:17 +08:00
kei-crossdomain chore(rust): misc schema/main refactor in 8 crates (assorted CP splits) 2026-04-22 13:36:17 +08:00
kei-curator chore(rust): misc schema/main refactor in 8 crates (assorted CP splits) 2026-04-22 13:36:17 +08:00
kei-graph-check feat(primitives): 4 Rust crates for deep-sleep — conflict-scan, refactor-engine, graph-check, store 2026-04-22 08:28:22 +08:00
kei-ledger feat(primitives): kei-ledger Rust SQLite agent ledger 2026-04-21 20:52:20 +08:00
kei-memory feat(primitives): kei-memory Rust crate — offline session analyzer (Genesis-clean) 2026-04-22 00:50:04 +08:00
kei-migrate feat(primitives): kei-migrate Rust universal migration runner 2026-04-21 20:35:29 +08:00
kei-refactor-engine fix(kei-refactor-engine): retract 'git apply-ready' claim (F1 RELEASE BLOCKER) 2026-04-22 13:36:17 +08:00
kei-router chore(rust): misc schema/main refactor in 8 crates (assorted CP splits) 2026-04-22 13:36:17 +08:00
kei-sage chore(rust): misc schema/main refactor in 8 crates (assorted CP splits) 2026-04-22 13:36:17 +08:00
kei-search-core chore(rust): misc schema/main refactor in 8 crates (assorted CP splits) 2026-04-22 13:36:17 +08:00
kei-social-store chore(rust): misc schema/main refactor in 8 crates (assorted CP splits) 2026-04-22 13:36:17 +08:00
kei-store fix(kei-store): path-traversal guard (F2 RELEASE BLOCKER) + S3 stub gate (F7) + GitHub RULE 0.1 guard (F8) 2026-04-22 13:36:17 +08:00
kei-task chore(rust): misc schema/main refactor in 8 crates (assorted CP splits) 2026-04-22 13:36:17 +08:00
keisei fix(v0.19.2): polish — marker perms 0600, ANSI sanitize, manifest size bound, dead-code cleanup 2026-04-22 17:17:14 +08:00
mock-render refactor(mock-render): split main.rs 227 LOC into 4 cubes (F5a Constructor Pattern) 2026-04-22 13:36:17 +08:00
ssh-check feat(primitives): 2 Rust verification cubes 2026-04-21 21:00:01 +08:00
tokens-sync feat(primitives): 3 Rust cubes — mock-render, visual-diff, tokens-sync 2026-04-21 21:07:45 +08:00
visual-diff feat(primitives): 3 Rust cubes — mock-render, visual-diff, tokens-sync 2026-04-21 21:07:45 +08:00
.gitignore feat(primitives): 2 Rust verification cubes 2026-04-21 21:00:01 +08:00
Cargo.lock fix(v0.19): audit hardening — 3 security HIGH + 3 critic HIGH + 2 critic MEDIUM 2026-04-22 16:36:11 +08:00
Cargo.toml fix(v0.19): audit hardening — 3 security HIGH + 3 critic HIGH + 2 critic MEDIUM 2026-04-22 16:36:11 +08:00