vestige/crates/vestige-core
Sam Valladares 8900a27c40 fix(audit): round-2 panics, overflows, XML/SSRF hardening (swarm)
Second swarm pass (complete every-line sweep), verified against real code
(38/101 confirmed real; 63 false positives excluded). This commit lands the
main-compatible subset:

- redmine SSRF guard: rewrite host check to use host_str()+std::net::IpAddr
  instead of the `url` crate (url is not a direct dep of vestige-core on main;
  the previous form only compiled on the feature branch). Same protection:
  blocks localhost + loopback/private/link-local/unspecified IPs.
- bin/restore: guard wrapper[0] index (empty backup array would panic)
- bin/cli: char-boundary-safe node.id truncation (2 byte-slice panics);
  XML-escape the model/home strings before launchd plist substitution
- prospective_memory: Duration::try_hours/try_days (panic on out-of-range
  user config); case-insensitive " at " split now uses the lowercased index
  so the contains() check and the split agree

core 477/0, mcp builds, clippy clean.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-29 15:09:31 -05:00
..
benches feat(v2.0.5): Intentional Amnesia — active forgetting via top-down inhibitory control 2026-04-14 17:30:30 -05:00
src fix(audit): round-2 panics, overflows, XML/SSRF hardening (swarm) 2026-06-29 15:09:31 -05:00
Cargo.toml merge(#99): v2.2 12-tool consolidation + flagship backfill (13 advertised) 2026-06-29 15:03:47 -05:00