v0.42.37.0 fix(security,ingest): source-isolation grant enforcement + non-string frontmatter guard + papercuts#1999
Merged
Conversation
…t_page exact-path leak One shared resolveRequestedScope() routes every source-scoped read op (query, code_callers/callees, search_by_image, code_blast/flow, get_page) through a single fail-closed trust+grant ladder: a remote caller's __all__ collapses to its granted sources (never the whole brain) and an explicit out-of-grant source_id is rejected. get_page's exact-match path now honors a federated grant via getPage(sourceIds[]) in both engines. Legacy bearer tokens carry their stored permissions.source_id grant (bounded, never widened). Also retries getConfig on transient connection loss. Closes #1924, #1371, #1393, #1336, #1603.
…/hook/catalog papercuts Parser coerces a non-string title to a string and falls back to inference for slug/type (never fabricating a "123" slug), with a lint NON_STRING_FIELD finding surfacing the malformed frontmatter; a defensive guard in content-sanity stops a non-string title from crashing the whole lint/sync run brain-wide. Plus: embed --catch-up no longer arms the overflowed 32-bit budget timer (and surfaces unembeddable chunks); the frontmatter pre-commit hook ships a correct .md/.mdx regex; and the skill catalog parses YAML block-scalar descriptions. Closes #1883, #1658, #1556, #1948, #1946, #1840, #1711.
…ain-issues # Conflicts: # src/core/content-sanity.ts # src/core/markdown.ts
… non-string frontmatter guard + papercuts Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
…0.42.37.0 The v0.42.37.0 non-string-frontmatter fix added an eighth validation class (NON_STRING_FIELD / lint code frontmatter-non-string-field). Update the two current-state docs that enumerate the validation classes: - skills/frontmatter-guard/SKILL.md (seven->eight + table row) - docs/integrations/pre-commit.md (seven->eight + table row) Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
mgunnin
added a commit
to mgunnin/gbrain
that referenced
this pull request
Jun 9, 2026
* upstream/master: v0.42.37.0 fix(security,ingest): source-isolation grant enforcement + non-string frontmatter guard + papercuts (garrytan#1999) v0.42.36.0 fix(sync): resumable, durable, single-flight sync — converges under pool exhaustion + repeated kills (garrytan#1794) (garrytan#1980) v0.42.35.0 fix(sync): recover from unreachable last_commit instead of full-walking forever (garrytan#1970) (garrytan#1975) v0.42.34.0 feat(search): typed-edge relational retrieval — relationship questions get relationship answers (garrytan#1959) docs(designs): add COMMUNITY_IDEAS ledger from open-PR backlog triage (garrytan#1969) v0.42.33.0 fix(sources): confine sync re-clone to gbrain-owned clones; never delete a user working tree (garrytan#1881) (garrytan#1960) # Conflicts: # src/core/operations.ts
brentyates-swx
added a commit
to swxtchio/gbrain
that referenced
this pull request
Jun 9, 2026
Single consolidated patch carrying the swxtch customizations whose goals are still valid against current upstream. Re-implemented against today's code (the original per-commit history is discarded); verified each goal, dropped the ones upstream now solves. Cross-model reviewed (Gemini + Codex). Still-valid goals, re-implemented: - Multi-domain: index.md is a syncable folder entry page (removed from SYNC_SKIP_FILES). (src/core/sync.ts + 2 tests) - GBRAIN_TOP_DIRS: scope a multi-repo brain root to an allowlist of top-level dirs — ported once into the now-central collectSyncableFiles walker. - N-segment slug resolver: accept domain/docs/page (3-segment) slugs, not just upstream's 2-segment shape; getPage()/allSlugs.has() decide existence. (src/core/link-extraction.ts, src/commands/extract.ts) - C/C++ chunker: extract symbols instead of falling back to text — collectSemanticNodes recursion through header guards / extern "C" / namespaces / templates (PASSTHROUGH_TYPES); type_definition/enum/union top-level types; declarator-chain name extraction; C/C++-scoped symbol-preserving merge. Surfaces functions, prototypes, typedefs, struct/union/enum, object- and function-like macros, namespace members, and templated fn/class. (src/core/chunkers/code.ts) - code-def: accept the C/C++ symbol_types the patched chunker emits. (src/commands/code-def.ts) - gbrain-safe-update: the non-destructive fork-preserving upgrade wrapper. (scripts/gbrain-safe-update) Dropped — already handled by upstream (verified): - source_id cross-source slug scoping → upstream source-isolation (all engine slug subqueries are source-scoped; federated grants, garrytan#1999/garrytan#1881/garrytan#996). - gbrain doctor OPENCLAW_WORKSPACE → upstream uses autoDetectSkillsDirReadOnly. - cli.ts executable bit → upstream ships src/cli.ts mode 100755. Cross-model review (Gemini + Codex) caught and fixed: C++ namespace/template members were collapsed into one opaque chunk (moved to PASSTHROUGH so the walker recurses to the inner symbol); C++/function-like macros weren't extracted (added preproc_def/preproc_function_def to the C/C++ top-level sets); a second stale index.md skip-test (test/sync.test.ts). Verified: tsc --noEmit clean; sync/sync-isSyncable/chunkers/code-def-refs/ edge-extractor/parent-scope suites green; C/C++ symbol extraction confirmed empirically (functions, prototypes, typedefs, macros, namespace members, templated fn/class) while TS small-sibling merging is unchanged. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
A backlog-triage wave: the highest-impact open issues, fixed and shipped together. Eng-reviewed (plan-eng-review CLEAR) with a Codex adversarial outside-voice pass; all findings folded in.
Security — source isolation (functional description per responsible disclosure)
get_page's exact-slug path honors a federated grant viagetPage(sourceIds[])in both engines (pglite + postgres). (gbrain#1393)default. (gbrain#1336)search_by_image,code_blast/code_flow); both now route through the resolver.Ingest — frontmatter robustness
title/slug/type(bare number or date) is coerced to a usable string instead of throwing mid-run and aborting the wholelint/sync(root trigger behind the never-converging-sync reports). A defensive guard in content-sanity backs it up, andgbrain lintflags the un-quoted field (NON_STRING_FIELD). Aligned with master's Sync bookmark permanently stuck when importer throws on non-string frontmattertitle(content-sanity.ts:379) — silent indexing outage #1939 coercion. (gbrain#1883, sync crashes in assessContentSanity on pages with undefined title (opts.title.toLowerCase) — confirms #1556 on current master #1658, sync crashes on inferred date-like titles from bare markdown #1556, Non-string frontmatter title/type/slug mis-types pages on import #1948)Papercuts
embed --catch-upno longer arms an overflowed 32-bit budget timer (which aborted after one batch); surfaces un-embeddable chunks at the end. (gbrain#1946).md/.mdxmatcher instead of a silent no-op. (gbrain#1840)description: |) descriptions. (gbrain#1711)getConfigretries on a transient connection blip instead of silently falling back to defaults. (gbrain#1603)Test Coverage
Six new test files (resolver trust+grant matrix, get_page federated leak, frontmatter coercion + lint surfacing, skill-catalog block-scalar, install-hook regex, legacy-token grant) plus extensions to existing suites. All new code paths covered; engine-parity pinned for
getPage(sourceIds[]).Pre-Landing Review
Diff was eng-reviewed via /plan-eng-review (CLEAR, 0 unresolved) with a Codex adversarial outside-voice pass. Findings (2 missed leak surfaces + 2 correctness tensions) were all addressed before this PR.
Eval Results
No prompt-related files changed — evals skipped.
Plan Completion
Plan at
~/.claude/plans/...iridescent-island.md. All 9 issues implemented; OV3a slug/type policy superseded by master's landed #1939 coercion during merge (documented in CHANGELOG + tests updated to match).Verification Results
Managed unit suite: 12,853 pass. 10 failures are all non-blocking and not caused by this diff: 7 pre-existing env-key tests (assert "no API key" behavior; this workspace has provider creds — stash-verified pre-existing) + 3 cold-start load timeouts (bootstrap.test.ts confirmed green in isolation). Typecheck clean. CI guards (batch-audit-site, jsonb, operations-filter-bypass, progress-to-stdout) green.
TODOS
No TODO items mapped to these issues.
Documentation
Docs audited against the wave. The non-string-frontmatter fix added an eighth frontmatter validation class (
NON_STRING_FIELD/ lint codefrontmatter-non-string-field);skills/frontmatter-guard/SKILL.mdanddocs/integrations/pre-commit.mdupdated to match. No other docs drifted. CHANGELOG authored for 0.42.37.0; CLAUDE.md unchanged.Test plan
🤖 Generated with Claude Code