From b1bc5d18a47c8db10b420dfb6cf81f5057d35534 Mon Sep 17 00:00:00 2001 From: Hibryda Date: Wed, 11 Mar 2026 04:51:46 +0100 Subject: [PATCH] docs: update meta files for reconnect loop fix --- CHANGELOG.md | 3 +++ docs/v3-progress.md | 22 ++++++++++++++++++++++ 2 files changed, 25 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 160d0c9..e44c32e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -10,6 +10,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ### Security - `claude_read_skill` path traversal: added `canonicalize()` + `starts_with()` validation to prevent reading arbitrary files via crafted skill paths (lib.rs) +### Fixed +- **Reconnect loop race in RemoteManager** — orphaned reconnect tasks continued running after `remove_machine()` or `disconnect()`. Added `cancelled: Arc` flag to `RemoteMachine`; set on removal/disconnect, checked each reconnect iteration. `connect()` resets flag for new connections (remote.rs) + ### Added - **Configurable stall threshold** — per-project range slider (5–60 min, step 5) in SettingsTab. `stallThresholdMin` in `ProjectConfig` (groups.json), `setStallThreshold()` API in health store with `stallThresholds` Map and `DEFAULT_STALL_THRESHOLD_MS` fallback. ProjectBox `$effect` syncs config → store on mount/change - **Memora adapter** — `MemoraAdapter` (memora-bridge.ts) implements `MemoryAdapter` interface, bridging to Memora's SQLite database (`~/.local/share/memora/memories.db`) via read-only Rust backend (`memora.rs`). FTS5 text search, tag filtering via `json_each()`. 4 Tauri commands (memora_available, memora_list, memora_search, memora_get). Registered in App.svelte onMount. 16 vitest + 7 cargo tests. MemoriesTab now shows Memora memories on startup diff --git a/docs/v3-progress.md b/docs/v3-progress.md index 5dd127a..553618f 100644 --- a/docs/v3-progress.md +++ b/docs/v3-progress.md @@ -725,3 +725,25 @@ Made the hardcoded 15-minute stall threshold configurable per-project via a rang - [x] No test changes — UI/config wiring only - [x] vitest: 272/272 tests pass - [x] cargo test: 49/49 pass + +### 2026-03-11 — Nemesis Security Audit + Reconnect Loop Fix + +**Duration:** ~15 min + +**What happened:** +Ran nemezis-audit on Rust backend. 0 verified exploitable findings, 10 recon targets identified (all previously known from 2026-03-08 security audit). Fixed Priority 8 reconnect loop race condition. + +#### Nemesis Audit +- [x] Ran nemezis orchestrator on v2/src-tauri (Rust backend, 496s, $0.57) +- [x] 0 verified findings, 10 attack surface targets in recon hit list +- [x] All targets match previous 2026-03-08 security audit — no new vulnerabilities + +#### Reconnect Loop Fix +- [x] remote.rs — Added `cancelled: Arc` to RemoteMachine struct +- [x] remove_machine() and disconnect() set cancelled=true before aborting tasks +- [x] connect() resets cancelled=false for new connections +- [x] Reconnect loop checks flag at top of each iteration, exits immediately when set + +#### Results +- [x] cargo check: clean +- [x] cargo test: 49/49 pass