agents-orchestrator/agent-orchestrator
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
agent-orchestrator/ui-electrobun/package.json
Hibryda 1cd4558740 fix(electrobun): address all 22 Codex review #2 findings 
CRITICAL:
- DocsTab XSS: DOMPurify sanitization on all {@html} output
- File RPC path traversal: guardPath() validates against project CWDs

HIGH:
- SSH injection: spawn /usr/bin/ssh via PTY args, no shell string
- Search XSS: strip HTML, highlight matches client-side with <mark>
- Terminal listener leak: cleanup functions stored + called in onDestroy
- FileBrowser race: request token, discard stale responses
- SearchOverlay race: same request token pattern
- App startup ordering: groups.list chains into active_group restore
- PtyClient timeout: 5-second auth timeout on connect()
- Rule 55: 6 {#if} patterns converted to style:display toggle

MEDIUM:
- Agent persistence: only persist NEW messages (lastPersistedIndex)
- Search errors: typed error response, "Invalid query" UI
- Health store wired: agent events call recordActivity/setProjectStatus
- index.ts SRP: split into 8 domain handler modules (298 lines)
- App.svelte: extracted workspace-store.svelte.ts
- rpc.ts: typed AppRpcHandle, removed `any`

LOW:
- CommandPalette listener wired in App.svelte
- Dead code removed (removeGroup, onDragStart, plugin loaded)
2026-03-22 02:30:09 +01:00

45 lines
1.4 KiB
JSON
Raw Blame History

{
"name": "electrobun-svelte",
"version": "1.0.0",
"type": "module",
"description": "Electrobun app with Svelte and Vite HMR",
"scripts": {
"start": "vite build && electrobun dev",
"dev": "electrobun dev --watch",
"dev:hmr": "concurrently \"bun run hmr\" \"bun run start\"",
"hmr": "vite --port 9760",
"build:canary": "vite build && electrobun build --env=canary",
"test:e2e": "wdio run tests/e2e/wdio.conf.js"
},
"dependencies": {
"@codemirror/autocomplete": "^6.20.1",
"@codemirror/commands": "^6.10.3",
"@codemirror/lang-css": "^6.3.1",
"@codemirror/lang-html": "^6.4.11",
"@codemirror/lang-javascript": "^6.2.5",
"@codemirror/lang-json": "^6.0.2",
"@codemirror/lang-markdown": "^6.5.0",
"@codemirror/lang-python": "^6.2.1",
"@codemirror/lang-rust": "^6.0.2",
"@codemirror/language": "^6.12.2",
"@codemirror/search": "^6.6.0",
"@codemirror/state": "^6.6.0",
"@codemirror/theme-one-dark": "^6.1.3",
"@codemirror/view": "^6.40.0",
"@xterm/addon-canvas": "^0.7.0",
"@xterm/addon-fit": "^0.11.0",
"@xterm/addon-image": "^0.9.0",
"@xterm/xterm": "^6.0.0",
"dompurify": "^3.3.3",
"electrobun": "latest",
"pdfjs-dist": "^5.5.207"
},
"devDependencies": {
"@sveltejs/vite-plugin-svelte": "^5.0.1",
"@types/bun": "latest",
"concurrently": "^9.1.0",
"svelte": "^5.14.1",
"typescript": "^5.7.2",
"vite": "^6.0.3"
}
}
Reference in a new issue View git blame Copy permalink