You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
* add base tool class with camelcase to snake case serialization boundary
* add interactive tool classes porting session management and command execution from python
* add report image tools using sharp for webp compression and path traversal validation
* add tools barrel export
* add tests for interactive shell and session management tools
* add tests for report image tools covering path traversal and platform validation
* verify process liveness with kill(0) so a missed exit event cannot leave the pty marked alive
* serialize session terminate and cleanup with a lifecycle lock to prevent double kill and stale exit codes
* drop redundant cleanup call in terminateSession so final output buffer is not discarded
* use function replacement in annotate and preserve modes so $& in escape sequences is not reinterpreted
* transition session to terminated from any non-terminal state so a startup failure cannot leave a creating zombie
* ignore non-positive history limit so a negative value cannot drop recent commands
* track session death time and use it for force-cleanup timing instead of last activity
* skip null session placeholders in terminateAllSessions so in-progress creates are not lost
* reject infinite and negative float settings so a timeout cannot be silently disabled
* reject negative integer settings so a negative session limit cannot block all creation
* backfill execution_time for all commands batched into a single readOutput
* preserve exit code across cleanup so late waitForExit callers get the real code
* use a live pid in the pty mock so the kill(0) liveness probe sees an active process
* reject whitespace-only path segments in validatePathSegment
* bound per-session command history so long-lived sessions do not leak memory
* block body-eval builtins and bracket substitution so the query tool cannot be bypassed via catch/if/foreach or set x [exec ls]
* terminate auto-created session when executeCommand throws so the session is not leaked
* derive wasAlive from info.isAlive and propagate it through error branches in TerminateSessionTool
* discard queued commands and warn on terminate so pending inputs are not silently dropped
* rename isAlive to checkAlive on InteractiveSession to surface its state-transition side effect
* wrap non-force cleanup in finally so a throwing cleanup still removes the dead session from the map
* snapshot session counts after the async metrics loop so the totals reflect post-loop state
* remove dead session loop in cleanupAll since terminateAllSessions already empties the map
* call terminateProcess with force=true in cleanup so a stuck process is not retried with SIGTERM
* guard against null image dimensions before resize so missing metadata does not produce a silent 256x256 output
* update integration_check to call checkAlive instead of the renamed isAlive
* extend bracket-scan regex to match [::exec ls] so namespace-qualified commands are not exempt
* code cleanup
* add interactive tool wire-format snapshots so CI snapshot tests pass
* clamp brace depth and gate quotes on word boundaries so an unbalanced } or mid-word " cannot hide a trailing statement from the verb check
* walk the report tree manually and skip symlinks so a linked dir or file cannot escape the contained run directory
* reject zero for env settings where it is degenerate (max sessions, queue/buffer/chunk sizes, command/idle timeouts) so a 0 cannot silently disable sessions or output
* scan bracket substitutions per statement and skip comment/blank lines so a bracket inside a # comment is not rejected as an exec
* treat EPERM from the liveness probe as alive so a pid we cannot signal is not misreported dead, only ESRCH counts as gone
* author the metrics and command-history payloads in camelCase like every other domain model so snake_case is produced only by toSnakeCase at the wire boundary, not hand-written
* resolve tcl backslash escapes in the verb and bracket scan so an obfuscated command like \socket or \x73ocket is matched as the command tcl actually runs, not the literal backslash form
* capture the bracket command word up to a delimiter so a dynamic substituted command ($x or nested [[...]]) is surfaced and rejected by the read-only tool instead of running exec via runtime variable substitution
* use function replacement in _detectErrors so $& or $1 in a captured error message is inserted literally instead of being reinterpreted as a replacement pattern
0 commit comments