admin/Moltbot
1
0
Fork 0
Code Issues Pull Requests Actions 6 Packages Projects Releases Wiki Activity
13,309 Commits 1 Branch 0 Tags
e84d89ab06d6d37be1471e63bb62a87cac9704fe
Commit Graph

8230 Commits

Author SHA1 Message Date
Peter Steinberger
e84d89ab06 test(gateway): extract shared parse warning helper 2026-02-21 23:32:32 +00:00
Peter Steinberger
d3991d6aa9 fix: harden sandbox tmp media validation (#17892) (thanks @dashed) 2026-02-22 00:31:21 +01:00
Alberto Leal
2958a8414d test(media): narrow result kind before sendResult assertion 2026-02-22 00:31:21 +01:00
Alberto Leal
8934da785b test(media): verify tmpdir media paths allowed through message action runner 
Add integration test confirming that runMessageAction with a sandbox
root now accepts media paths under os.tmpdir() through the full
normalization pipeline (normalizeSandboxMediaList → resolveSandboxedMediaSource).
 2026-02-22 00:31:21 +01:00
Alberto Leal
0bb81f7294 fix(media): allow os.tmpdir() paths in sandbox media source validation 
resolveSandboxedMediaSource() rejected all paths outside the sandbox
workspace root, including /tmp. This blocked sandboxed agents from
sending locally-generated temp files (e.g. images from Python scripts)
via messaging actions.

Add an os.tmpdir() prefix check before the strict sandbox containment
assertion, consistent with buildMediaLocalRoots() which already
includes os.tmpdir() in its default allowlist. Path traversal through
/tmp (e.g. /tmp/../etc/passwd) is prevented by path.resolve()
normalization before the prefix check.

Relates-to: #16382, #14174
 2026-02-22 00:31:21 +01:00
Alberto Leal
4cf5c3e109 test: add unit tests for resolveSandboxedMediaSource 
Add baseline test coverage for the previously untested
resolveSandboxedMediaSource() function, covering sandbox-relative
path resolution, rejection of paths outside the sandbox root,
path traversal prevention, file:// URL handling, HTTP URL
passthrough, and empty input edge cases.
 2026-02-22 00:31:21 +01:00
Peter Steinberger
59563847e4 test(web): table-drive SSRF and voice input rejection cases 2026-02-21 23:30:13 +00:00
Peter Steinberger
d748657265 test(gateway): table-drive runtime config validation matrix 2026-02-21 23:29:29 +00:00
Peter Steinberger
4ab85cee0b test(cli): table-drive repeated argv and byte-size checks 2026-02-21 23:28:07 +00:00
Peter Steinberger
fc2ed0b843 test(cron): dedupe webhook patch validation cases 2026-02-21 23:28:07 +00:00
Peter Steinberger
bcfae0434b test(fetch): table-drive sync throw cleanup coverage 2026-02-21 23:28:07 +00:00
Peter Steinberger
833144fd72 test(gateway): tighten e2e timeout budget 2026-02-21 23:28:07 +00:00
Peter Steinberger
dd4e8f8098 test(cli): table-drive camera url failure cases 2026-02-21 23:28:07 +00:00
Peter Steinberger
c9593c4c87 test(sandbox): table-drive bind and network validation cases 2026-02-21 23:28:07 +00:00
Peter Steinberger
7c248cca4a test(targets): table-drive slack and discord parse cases 2026-02-21 23:28:07 +00:00
Peter Steinberger
98790339ef test: dedupe repeated validation and throw assertions 2026-02-21 23:28:07 +00:00
Peter Steinberger
01ec832f78 test(actions): table-drive telegram and signal mappings 2026-02-21 23:28:06 +00:00
Peter Steinberger
884c6afc26 test(telegram): table-drive channel override and id helper cases 2026-02-21 23:28:06 +00:00
Peter Steinberger
b97691f3a7 test(config): avoid duplicate include resolution in throw assertions 2026-02-21 23:28:06 +00:00
Peter Steinberger
c78ea8ec3f test(gateway): tighten health e2e timeout ceilings 2026-02-21 23:28:06 +00:00
Peter Steinberger
8cdb184f10 test(actions): table-drive discord forwarding cases 2026-02-21 23:28:06 +00:00
Peter Steinberger
95dab6e019 fix: harden config prototype-key guards (#22968) (thanks @Clawborn) 2026-02-22 00:25:22 +01:00
Clawborn
e23c08b5f4 Fix prototype pollution in applyMergePatch via blocked key filter 
applyMergePatch in merge-patch.ts iterates Object.entries(patch) without
filtering dangerous keys. When a caller passes a JSON-parsed object with
a "__proto__" key, the loop assigns result["__proto__"] = value, which
replaces the prototype of result and pollutes Object.prototype for the
entire process.

Add a BLOCKED_KEYS set ({"__proto__", "constructor", "prototype"}) and
skip those keys during iteration, matching the guard already present in
deepMerge (includes.ts) via isBlockedObjectKey.

Adds four tests covering __proto__, constructor, prototype, and nested
__proto__ injection.

Co-authored-by: Clawborn <tianrun.yang103@gmail.com>
 2026-02-22 00:25:22 +01:00
Peter Steinberger
780bbbd062 fix: restore CI checks after #23012 (thanks @druide67) 2026-02-22 00:16:15 +01:00
Peter Steinberger
1ef30b82b2 fix(test): guard optional forum topic options 2026-02-22 00:10:07 +01:00
Peter Steinberger
843a037532 fix(test): repair readonly case table typing 2026-02-22 00:10:07 +01:00
Peter Steinberger
8394f0e30e fix(test): resolve outbound envelope case typing 2026-02-22 00:10:07 +01:00
Peter Steinberger
8752203f59 refactor(test): stabilize case tables and readonly helper inputs 2026-02-22 00:10:07 +01:00
Peter Steinberger
fbf0c99d7c test(security): simplify repeated audit finding assertions 2026-02-21 23:09:15 +00:00
Peter Steinberger
d5cc357737 test(telegram): table-drive sticker and forum-topic cases 2026-02-21 23:07:58 +00:00
Peter Steinberger
b1c50cc5c0 test(browser): tighten relay test watchdog timeouts 2026-02-21 23:07:58 +00:00
Peter Steinberger
1534248169 test(telegram): dedupe shared reply/chat-not-found cases 2026-02-21 23:07:58 +00:00
Marcus Widing
fa4e4efd92 fix(gateway): restore localhost Control UI pairing when allowInsecureAuth is set (#22996) 
* fix(gateway): allow localhost Control UI without device identity when allowInsecureAuth is set

* fix(gateway): pass isLocalClient to evaluateMissingDeviceIdentity

* test: add regression tests for localhost Control UI pairing

* fix(gateway): require pairing for legacy metadata upgrades

* test(gateway): fix legacy metadata e2e ws typing

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
 2026-02-22 00:04:52 +01:00
Peter Steinberger
37d5320f6b test: tighten canvas host websocket watchdog timeouts 2026-02-21 23:02:44 +00:00
Peter Steinberger
5164822cd5 test: table-drive status reactions and session key cases 2026-02-21 23:02:44 +00:00
Peter Steinberger
389630fc64 test: table-drive internal hook type-guard cases 2026-02-21 23:02:44 +00:00
Peter Steinberger
4a2ff03f49 test: dedupe channel/web cases and tighten gateway e2e waits 2026-02-21 23:02:44 +00:00
Peter Steinberger
c708a18b0f test: table-drive utils and channel-match cases 2026-02-21 23:02:44 +00:00
Peter Steinberger
1b0e021e91 test(telegram): table-drive pairing DM scenarios 2026-02-21 23:02:44 +00:00
Peter Steinberger
f3d4045c03 test: matrix owner and timezone system-prompt cases 2026-02-21 23:02:44 +00:00
Peter Steinberger
0e39371dc4 test: dedupe command gating coverage tables 2026-02-21 23:02:44 +00:00
Peter Steinberger
b2de8719ad test(gateway): normalize canvas ws watchdog timeouts 2026-02-21 23:02:44 +00:00
Peter Steinberger
81a85c19ff test(gateway): tighten e2e timeouts and dedupe invoke checks 2026-02-21 23:02:44 +00:00
Peter Steinberger
0bd9f0d4ac fix: enforce strict allowlist across pairing stores (#23017) 2026-02-22 00:00:23 +01:00
Brian Mendonca
21087c5c70 test: fix rebase-introduced tsgo regressions 2026-02-21 23:57:34 +01:00
Brian Mendonca
1357e02cff test: stabilize internal hook error assertions 2026-02-21 23:57:34 +01:00
Brian Mendonca
69cedc7a15 test: make brew fallback assertion windows-safe 2026-02-21 23:57:34 +01:00
Brian Mendonca
6c813bd32b test: avoid asserting auth.json absence for invalid profile creds 2026-02-21 23:57:34 +01:00
Brian Mendonca
4414af977a test: guard inline keyboard fixture against undefined input 2026-02-21 23:57:34 +01:00
Brian Mendonca
a186036814 test: fix latest tsgo inference regressions in test suites 2026-02-21 23:57:34 +01:00