johno/beads
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: harden JSONL path handling

Browse Source 
- bound fresh-clone JSONL discovery to the .beads dir (abs path, traversal guard) before reading counts
- add safeWorkspacePath/isWithinWorkspace helpers and use in doctor fixes (database_config, untracked) to reject absolute/traversal inputs and confine .gitattributes edits
- normalize git status paths and path-guard tests for cross-OS (Windows) compatibility
- add regression tests for the new guards
This commit is contained in:
Joel Klabo
2025-11-28 18:58:04 -08:00
parent 6df2b44787
commit cb6ccef7c2
6 changed files with 233 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
cmd/bd/doctor/fix/database_config.go
View File

@@ -18,7 +18,16 @@ func DatabaseConfig(path string) error {
return err
}
beadsDir := filepath.Join(path, ".beads")
absPath, err := filepath.Abs(path)
if err != nil {
return fmt.Errorf("invalid workspace path: %w", err)
}
path = absPath
beadsDir, err := safeWorkspacePath(path, ".beads")
if err != nil {
return err
}
// Load existing config
cfg, err := configfile.Load(beadsDir)
@@ -129,7 +138,16 @@ func LegacyJSONLConfig(path string) error {
return err
}
beadsDir := filepath.Join(path, ".beads")
absPath, err := filepath.Abs(path)
if err != nil {
return fmt.Errorf("invalid workspace path: %w", err)
}
path = absPath
beadsDir, err := safeWorkspacePath(path, ".beads")
if err != nil {
return err
}
// Load existing config
cfg, err := configfile.Load(beadsDir)
@@ -162,8 +180,11 @@ func LegacyJSONLConfig(path string) error {
cfg.JSONLExport = "issues.jsonl"
// Update .gitattributes if it references beads.jsonl
gitattrsPath := filepath.Join(path, ".gitattributes")
if content, err := os.ReadFile(gitattrsPath); err == nil {
gitattrsPath, err := safeWorkspacePath(path, ".gitattributes")
if err != nil {
fmt.Printf(" Skipping .gitattributes update: %v\n", err)
// #nosec G304 -- gitattrsPath constrained to workspace root
} else if content, err := os.ReadFile(gitattrsPath); err == nil {
if strings.Contains(string(content), ".beads/beads.jsonl") {
newContent := strings.ReplaceAll(string(content), ".beads/beads.jsonl", ".beads/issues.jsonl")
// #nosec G306 -- .gitattributes should be world-readable