Commit ac1fdd6
fix: second-pass bug sweep — crawler traversal guards, FIFO hangs, atomic writes, CLI contract (#111)
* fix: second-pass bug sweep across core and CLI + sweep tooling
Fixes from the per-file review sweep (study-crates.ts / fix-bugs config),
each landed with a regression test that failed on the old code:
- crawlers: fail-closed coordinate guards on untrusted PURL components
(deno/go/maven/npm/nuget/ruby) so `..`/absolute segments can't escape
the package root during in-place apply; nuget legacy content-folder
parse + empty NUGET_PACKAGES fallback; python purl subpath strip
- patch engine: cargo sidecar checksum resync on rollback/remove, FIFO
open hangs (O_NONBLOCK), copy_tree symlinked-root chmod, cow hardlink
is_file gate, rollback/sidecar path-escape guards, create_dir_all
perm-relax ordering, go_redirect reconcile + drive-letter escape
- manifest/config writers: atomic write (stage+fsync+rename) for
gem/composer/package.json/pyproject/go.mod sites; BOM tolerance
- CLI: --silent honored in scan/list/get/remove/repair/setup; env-bool
flags via parse_bool_flag; non-UTF-8 argv usage error; unlock lock-dir
under --manifest-path; rollback go redirect backend + 4 CLI bugs;
get UUID proxy fallback + blob-hash guard; output severity colors
- vex: product.rs BOM/comment-header parsing, schema spec-optional
fields; telemetry trailing-slash URL join
Tooling: simplify.config.ts sweep prompt, fix-bugs prompt hardening,
study-crates model export + no default timeout.
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
* fix(lock): drop self-defeating --break-lock advice on refused break-lock
All five CI failures were the single RED test
break_lock_refusal_does_not_advise_break_lock_again: a refused
--break-lock (live holder) still printed "rerun with --break-lock".
Replace emit()'s unused-path hint_dir param with a Hint enum so the
break-probe refusal keeps only the `socket-patch unlock` pointer while
the plain lock_held path keeps the full advice.
Also post-merge reconciliation with #110:
- rollback.rs tests: destructure rollback_patches' new 3-tuple
(vendored_skipped) return
- npm_crawler.rs tests: clippy cloned_ref_to_slice_refs cleanup
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
---------
Co-authored-by: Claude Fable 5 <noreply@anthropic.com>1 parent 4488ed1 commit ac1fdd6
74 files changed
Lines changed: 7145 additions & 597 deletions
File tree
- crates
- socket-patch-cli
- src
- commands
- tests
- socket-patch-core
- src
- api
- composer_setup
- crawlers
- gem_setup
- manifest
- package_json
- patch
- sidecars
- pth_hook
- utils
- vex
- tests
- scripts
Some content is hidden
Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
35 | 35 | | |
36 | 36 | | |
37 | 37 | | |
| 38 | + | |
38 | 39 | | |
39 | 40 | | |
40 | 41 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
217 | 217 | | |
218 | 218 | | |
219 | 219 | | |
220 | | - | |
221 | | - | |
222 | | - | |
223 | | - | |
| 220 | + | |
| 221 | + | |
| 222 | + | |
| 223 | + | |
224 | 224 | | |
225 | 225 | | |
226 | 226 | | |
| |||
282 | 282 | | |
283 | 283 | | |
284 | 284 | | |
285 | | - | |
286 | | - | |
287 | | - | |
| 285 | + | |
| 286 | + | |
| 287 | + | |
| 288 | + | |
| 289 | + | |
| 290 | + | |
| 291 | + | |
| 292 | + | |
| 293 | + | |
| 294 | + | |
| 295 | + | |
288 | 296 | | |
| 297 | + | |
| 298 | + | |
| 299 | + | |
289 | 300 | | |
290 | 301 | | |
291 | 302 | | |
| |||
294 | 305 | | |
295 | 306 | | |
296 | 307 | | |
| 308 | + | |
| 309 | + | |
| 310 | + | |
| 311 | + | |
| 312 | + | |
| 313 | + | |
| 314 | + | |
| 315 | + | |
| 316 | + | |
| 317 | + | |
| 318 | + | |
| 319 | + | |
| 320 | + | |
| 321 | + | |
| 322 | + | |
| 323 | + | |
| 324 | + | |
| 325 | + | |
| 326 | + | |
| 327 | + | |
| 328 | + | |
| 329 | + | |
| 330 | + | |
| 331 | + | |
| 332 | + | |
| 333 | + | |
| 334 | + | |
| 335 | + | |
| 336 | + | |
| 337 | + | |
| 338 | + | |
| 339 | + | |
| 340 | + | |
| 341 | + | |
| 342 | + | |
| 343 | + | |
| 344 | + | |
| 345 | + | |
| 346 | + | |
| 347 | + | |
| 348 | + | |
| 349 | + | |
| 350 | + | |
| 351 | + | |
| 352 | + | |
| 353 | + | |
| 354 | + | |
297 | 355 | | |
298 | 356 | | |
299 | 357 | | |
| |||
350 | 408 | | |
351 | 409 | | |
352 | 410 | | |
353 | | - | |
354 | | - | |
355 | | - | |
356 | | - | |
357 | | - | |
358 | | - | |
359 | | - | |
360 | | - | |
361 | | - | |
362 | | - | |
363 | | - | |
364 | | - | |
365 | | - | |
366 | | - | |
367 | | - | |
368 | | - | |
369 | | - | |
370 | | - | |
371 | | - | |
372 | | - | |
373 | | - | |
374 | | - | |
| 411 | + | |
| 412 | + | |
375 | 413 | | |
376 | 414 | | |
377 | 415 | | |
| |||
392 | 430 | | |
393 | 431 | | |
394 | 432 | | |
| 433 | + | |
| 434 | + | |
| 435 | + | |
| 436 | + | |
| 437 | + | |
| 438 | + | |
| 439 | + | |
| 440 | + | |
| 441 | + | |
| 442 | + | |
| 443 | + | |
| 444 | + | |
| 445 | + | |
| 446 | + | |
| 447 | + | |
| 448 | + | |
| 449 | + | |
| 450 | + | |
| 451 | + | |
| 452 | + | |
| 453 | + | |
| 454 | + | |
| 455 | + | |
| 456 | + | |
| 457 | + | |
| 458 | + | |
| 459 | + | |
| 460 | + | |
| 461 | + | |
| 462 | + | |
| 463 | + | |
| 464 | + | |
| 465 | + | |
| 466 | + | |
| 467 | + | |
| 468 | + | |
| 469 | + | |
| 470 | + | |
| 471 | + | |
| 472 | + | |
| 473 | + | |
| 474 | + | |
| 475 | + | |
| 476 | + | |
| 477 | + | |
| 478 | + | |
| 479 | + | |
| 480 | + | |
| 481 | + | |
| 482 | + | |
| 483 | + | |
| 484 | + | |
| 485 | + | |
| 486 | + | |
| 487 | + | |
| 488 | + | |
| 489 | + | |
| 490 | + | |
| 491 | + | |
| 492 | + | |
| 493 | + | |
| 494 | + | |
| 495 | + | |
| 496 | + | |
| 497 | + | |
| 498 | + | |
| 499 | + | |
| 500 | + | |
| 501 | + | |
| 502 | + | |
| 503 | + | |
| 504 | + | |
| 505 | + | |
| 506 | + | |
| 507 | + | |
| 508 | + | |
| 509 | + | |
| 510 | + | |
| 511 | + | |
| 512 | + | |
| 513 | + | |
| 514 | + | |
| 515 | + | |
| 516 | + | |
| 517 | + | |
| 518 | + | |
| 519 | + | |
| 520 | + | |
| 521 | + | |
| 522 | + | |
| 523 | + | |
| 524 | + | |
| 525 | + | |
| 526 | + | |
| 527 | + | |
| 528 | + | |
| 529 | + | |
| 530 | + | |
| 531 | + | |
| 532 | + | |
| 533 | + | |
| 534 | + | |
| 535 | + | |
| 536 | + | |
| 537 | + | |
| 538 | + | |
| 539 | + | |
| 540 | + | |
| 541 | + | |
| 542 | + | |
| 543 | + | |
| 544 | + | |
395 | 545 | | |
396 | 546 | | |
397 | 547 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
772 | 772 | | |
773 | 773 | | |
774 | 774 | | |
| 775 | + | |
| 776 | + | |
| 777 | + | |
| 778 | + | |
| 779 | + | |
| 780 | + | |
| 781 | + | |
| 782 | + | |
| 783 | + | |
| 784 | + | |
| 785 | + | |
| 786 | + | |
| 787 | + | |
| 788 | + | |
| 789 | + | |
| 790 | + | |
| 791 | + | |
| 792 | + | |
| 793 | + | |
| 794 | + | |
| 795 | + | |
| 796 | + | |
775 | 797 | | |
776 | 798 | | |
777 | | - | |
| 799 | + | |
778 | 800 | | |
779 | 801 | | |
780 | 802 | | |
| |||
788 | 810 | | |
789 | 811 | | |
790 | 812 | | |
791 | | - | |
792 | | - | |
793 | | - | |
794 | | - | |
795 | | - | |
796 | | - | |
797 | | - | |
798 | | - | |
799 | | - | |
800 | 813 | | |
801 | 814 | | |
802 | 815 | | |
| |||
0 commit comments