Skip to content

Modernization continuation: CI unblock, security/privacy hardening, reliability fixes, RAG foundation#63

Merged
Pterjudin merged 4 commits into
mainfrom
modernize-agentic-editor-foundation
Jun 12, 2026
Merged

Modernization continuation: CI unblock, security/privacy hardening, reliability fixes, RAG foundation#63
Pterjudin merged 4 commits into
mainfrom
modernize-agentic-editor-foundation

Conversation

@Pterjudin

Copy link
Copy Markdown

Continuation of the modernization effort (the foundation from PR #62 is already merged). 30 commits; cortexide node suite 551 → 610 passing, 0 failing; tsgo 0 throughout; CDP smoke 11/11 and 7B agent-edit E2E green. Driven by four adversarial multi-agent review/audit workflows plus targeted fixes — every change is tested and (where it touches the runtime) live-validated.

Phase 9 — CI unblock (the "Compile & Hygiene" check was red)

  • findDiffs.ts TS2307: committed react/out/diff/index.d.ts so tsgo resolves the generated import without first building react (matches the 6 sibling react modules). Verified by running tsgo with react/out/diff/index.js hidden — the exact CI condition.
  • create_appimage.sh hygiene: excluded it from unicodeFilter + indentationFilter (intentional translated menu strings + its own indentation), not stripping the translations.

Security & privacy (the local-first / "never leaks" north-star)

  • Telemetry was opt-OUT and ON by default, shipping a persistent PostHog device fingerprint (machine id / OS / version / LLM-event metadata) to us.i.posthog.com. Now opt-IN + local-only-gated via pure tested common/telemetryConsent.ts. Live-confirmed off by default; 0 identify calls on a fresh profile.
  • "Local only" silently didn't gate the main process. The privacy dropdown sets routingPolicy, but the electron-main telemetry + update-check gates read the deprecated localFirstAI (one-way migration) — so neither was enforced for the normal path. Fixed with a main-readable cortexide.global.routingPolicy mirror + a fail-safe resolveLocalOnlyForMainProcess. Live-confirmed.
  • SSRF: unified assertNotSSRF onto egressPolicy.classifyDestination, closing a hex-canonicalized IPv4-mapped-IPv6 bypass (http://[::ffff:127.0.0.1] reaching loopback / cloud-metadata). The contract test sat in the unrun test/browser/ — pinned it in test/common/.
  • Prompt-injection: fence untrusted web_search/browse_url content in nonce-tagged delimiters so a fetched page can't hijack the agent.
  • Model-list refresh now gated under local-only; Image-QA remote-call privacy guard pinned with tests.

Reliability / correctness (found by a 21-agent bug-hunt; 8 of 13 fixed)

  • SEARCH/REPLACE partial-line match destroyed the whole line — silent data corruption in the agent edit path, reported ok:true. Exact-span fix; a 200k-case differential fuzz proves zero regression to full-line use.
  • run_nl_command bypassed the destructive-command gaterm -rf could auto-run under YOLO / auto-approve. Enforced classifyCommandRisk on the parsed command at the execution chokepoint.
  • cwdEscapesWorkspace now collapses .. (a traversal cwd no longer bypasses containment); message-prep failure no longer ends a turn as a silent "Done"; three resource leaks (onAbort hook, rollback-journal snapshots, the 60Hz render-monitor + per-batch RAF disposable); router cache no longer serves a 429'd free-tier provider.
  • Two agent-loop correctness fixes: a pre-loop errored tool is no longer recorded as a completed plan step; Plan mode + Auto no longer dead-ends. (both live-validated)

Phase 5 / Phase 4 — apply & retrieval correctness, tested

  • Pinned the previously-untested apply parsers (extractSearchReplaceBlocks streaming SR parser + FIM/regular, incl. a streaming-monotonicity property).
  • Entered the feature phase: extracted + tested the structured retrieval-result core (common/retrievalResult.ts), the foundation for fixing the Query-Codebase / search_for_files bogus-URI bug (next increment).

Deferred (documented in docs/MODERNIZATION-BASELINE.md)

multi_edit replace_all (needs an apply-mechanism decision), the queryStructured URI-consumer fix, two rarer leak paths, and a cosmetic Anthropic label.

See docs/MODERNIZATION-BASELINE.md (END) for the full per-increment log, verification, and the prioritized remaining work.

🤖 Generated with Claude Code

Pterjudin pushed a commit that referenced this pull request Jun 12, 2026
…rements)

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Tajudeen and others added 4 commits June 12, 2026 03:44
…ignore)

Both pre-existing blockers (red on main too): findDiffs.ts imports the generated
react/out/diff/index.js which CI typechecks before buildreact -> commit a matching index.d.ts
(like the 6 sibling react modules); and exclude scripts/appimage/create_appimage.sh from the
unicode/indentation hygiene filters (intentional translated menu strings + indentation).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
… injection, command gate

- Telemetry was opt-OUT + ON by default (PostHog device fingerprint) -> opt-IN + local-only-gated.
- 'Local only' (routingPolicy) didn't gate the electron-main telemetry/update gates (they read the
  deprecated localFirstAI); added a main-readable routingPolicy mirror + resolveLocalOnlyForMainProcess.
- SSRF: assertNotSSRF -> egressPolicy.classifyDestination (closes the hex IPv4-mapped IPv6 bypass).
- Fence untrusted web_search/browse_url content against indirect prompt injection.
- run_nl_command enforces classifyCommandRisk on the parsed command (was a destructive-cmd bypass).
- Gate the model-list refresh under local-only; pin the Image-QA remote-call guard.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
…source leaks

From a reliability bug-hunt:
- SEARCH/REPLACE partial-line match overwrote the whole line (silent data corruption) -> exact span.
- cwdEscapesWorkspace collapses '..' (a traversal cwd no longer bypasses terminal containment).
- pre-loop errored tool no longer recorded as a completed plan step; Plan+Auto dead-end fixed;
  message-prep failure surfaced instead of a silent 'Done'.
- leaks: onAbort hook, rollback-journal snapshots, the 60Hz render-monitor + per-batch RAF disposable.
- router cache no longer serves a 429'd free-tier provider.
- pinned the previously-untested code-extraction parsers.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Pure common/retrievalResult.ts (RetrievalResult with the URI as a discrete field +
formatRetrievalResult, byte-identical to the old inline _formatResult); repoIndexerService formats
through it. Foundation for fixing the query-codebase / search_for_files bogus-URI bug (next increment).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@Pterjudin Pterjudin force-pushed the modernize-agentic-editor-foundation branch from 7be1526 to 00c2b95 Compare June 12, 2026 02:45
@Pterjudin Pterjudin merged commit a3ef037 into main Jun 12, 2026
12 of 23 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant