Skip to content

Fix/path guards root level#2559

Open
SyedaAnshrahGillani wants to merge 2 commits into
abhigyanpatwari:mainfrom
SyedaAnshrahGillani:fix/path-guards-root-level
Open

Fix/path guards root level#2559
SyedaAnshrahGillani wants to merge 2 commits into
abhigyanpatwari:mainfrom
SyedaAnshrahGillani:fix/path-guards-root-level

Conversation

@SyedaAnshrahGillani

Copy link
Copy Markdown

Summary

This PR fixes a bug where repository path comparison and sandbox traversal guards duplicate slashes when the target path ends with a separator (like the root directory / on Unix or drive root C:\ on Windows).

Motivation / context

When a repository or target directory is located at a drive root (e.g., C:\ on Windows) or the root filesystem (e.g., / on Unix), suffixing path.sep (e.g. root + path.sep) duplicates the separator (forming // or C:\\\). This causes prefix matching and traversal guards (which check startsWith) to fail. This change handles the trailing separator dynamically.

Areas touched

  • gitnexus/ (CLI / core / MCP server)
  • gitnexus-web/ (Vite / React UI)
  • .github/ (workflows, actions)
  • eval/ or other tooling
  • Docs / agent config only (AGENTS.md, CLAUDE.md, .cursor/, llms.txt, etc.)

Scope & constraints

In scope

  • Fixed checkCwdMatch in git-staleness.ts to support root-level directories.
  • Fixed assertSafePath in validation.ts to support root-level directories.
  • Fixed resolveContainedDest in upload-ingest.ts to correctly handle root-level staging directory sandbox checks.
  • Fixed database deletion guard check in lbug-adapter.ts for root-level parents.
  • Fixed local backend assertSafePath in local-backend.ts.
  • Fixed UPLOAD_ROOT deletion check and file search path traversal guard in api.ts.
  • Fixed isWithinRepo in nuxt-auto-imports.ts for root-level repositories.
  • Added a unit test in server-validation.test.ts verifying assertSafePath with root-level /.

Explicitly out of scope / not done here

  • Non-prefix path validation logic.

Implementation notes

  • Normalizes the prefix before startsWith check by checking endsWith(path.sep) ? root : root + path.sep instead of blindly appending path.sep.

Testing & verification

  • cd gitnexus && npm test (Verified through specific unit tests suite)
  • cd gitnexus && npm run test:integration (if core/indexing/MCP paths changed)
  • cd gitnexus && npx tsc --noEmit
  • cd gitnexus-web && npm test (if web changed)
  • cd gitnexus-web && npx tsc -b --noEmit (if web changed)
  • Manual / Playwright E2E (note environment — see gitnexus-web/e2e/)

Ran:

  • npx vitest run test/unit/staleness.test.ts test/unit/sibling-clone-drift.test.ts test/unit/server-validation.test.ts
  • npx tsc --noEmit

Risk & rollout

Low risk. Changes only refine boundary comparison for root-level directory path checks.

Checklist

  • PR body meets repo minimum length (workflow may label short descriptions)
  • If AGENTS.md / overlays changed: headers, scope block, and changelog updated per project conventions
  • No secrets, tokens, or machine-specific paths committed

@vercel

vercel Bot commented Jul 18, 2026

Copy link
Copy Markdown

@github-actions[bot] is attempting to deploy a commit to the NexusCore Team on Vercel.

A member of the Team first needs to authorize it.

@azizur100389

Copy link
Copy Markdown
Collaborator

I would hold this until full CI runs. Right now I only see labeler checks plus a Vercel authorization failure, with no CI Gate. This PR touches multiple path traversal/deletion guard paths, so it needs the normal required checks before review/merge. Please also update the title to conventional format and add coverage for the affected guard surfaces, especially Windows drive-root behavior, not just the single / case in server-validation.test.ts.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants