hai/gstack
1
0
Fork 0
mirror of https://github.com/garrytan/gstack.git synced 2026-05-20 19:29:56 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix: resolve merge conflicts — keep security defenses + per-tab isolation

Browse Source 
Merged main's security improvements (XML escaping, prompt injection defense,
allowed commands whitelist, --model opus, Write tool, stderr capture) with
our branch's per-tab isolation (BROWSE_TAB env var, processingTabs set,
no --resume). Updated test expectations for expanded system prompt.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Garry Tan
2026-03-29 22:27:42 -07:00
parent fe4441b530
commit 91d2f73a67
3 changed files with 6 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
browse/test/sidebar-security.test.ts
View File

@@ -110,7 +110,7 @@ describe('Sidebar prompt injection defense', () => {
// It should NOT rebuild args from scratch (the old bug)
expect(AGENT_SRC).toContain('args || [');
// Verify the destructured args come from queueEntry
expect(AGENT_SRC).toContain('const { prompt, args, stateFile, cwd } = queueEntry');
expect(AGENT_SRC).toContain('const { prompt, args, stateFile, cwd, tabId } = queueEntry');
});
test('sidebar-agent falls back to defaults if queue has no args', () => {