Commit Graph

9 Commits

  • fix(security): add host/origin allowlist + validate git refs + quote workflow input (#2185)
    Three defense-in-depth fixes around untrusted input flowing to subprocess execution:
    
    1. **Control-pane HTTP server (scripts/lib/control-pane/server.js)**
       The local control-pane API binds to 127.0.0.1 but had no Host or Origin
       validation, so a DNS-rebinding attack from a malicious website could pivot
       into the loopback endpoints — including POST /api/actions/:id, which spawns
       'cargo run -- graph ...' with caller-supplied query strings. Add a hostname
       allowlist (loopback variants plus the explicitly configured --host) and
       reject mismatched Host (421) or non-loopback Origin (403) before any route
       handler runs.
    
    2. **OpenCode git-summary tool (.opencode/tools/git-summary.ts)**
       The tool was building 'git diff ${baseBranch}...HEAD --stat' with execSync
       and a raw model-supplied baseBranch string. Switch run() to execFileSync
       with an args array (no shell), validate baseBranch against a conservative
       git-ref allowlist (rejects shell metacharacters, leading -, embedded ..),
       and clamp the depth arg to a small positive integer before interpolating
       into 'git log --oneline -<N>'.
    
    3. **Reusable test workflow (.github/workflows/reusable-test.yml)**
       The 'Install dependencies' step interpolated ${{ inputs.package-manager }}
       directly into a bash 'case' and into an echo, so a downstream caller that
       forwarded attacker-controllable input could inject into the runner. Move
       the input into a PACKAGE_MANAGER env var and reference $PACKAGE_MANAGER
       inside the script per the GitHub script-injection guidance.
    
    Detected by Aeon + semgrep p/security-audit (host check via threat-model
    manual-review axis; git-summary via detect-child-process; workflow via
    run-shell-injection).
    
    Verification: node tests/run-all.js — 2686/2687 pre-existing tests pass; the
    one failure (observe.sh legacy output fallback) reproduces on main without
    this branch applied. Added 2 new control-pane tests covering the allowlist
    classifier and the DNS-rebinding-gate behavior end-to-end.
    
    ---
    Filed by [Aeon](https://github.com/aaronjmars/aeon-aaron).
    
    Co-authored-by: aeonframework <aeon@aaronjmars.com>
  • feat(opencode): add changed-files tree with change indicators (#815)
    * feat(opencode): add changed-files tree with change indicators
    
    * feat(opencode): address changed-files review feedback
    
    ---------
    
    Co-authored-by: Affaan Mustafa <me@affaanmustafa.com>
  • feat: add Cursor, Codex, and OpenCode harnesses — maximize every AI coding tool
    - AGENTS.md: universal cross-tool file read by Claude Code, Cursor, Codex, and OpenCode
    - .cursor/: 15 hook events via hooks.json, 16 hook scripts with DRY adapter pattern,
      29 rules (9 common + 20 language-specific) with Cursor YAML frontmatter
    - .codex/: reference config.toml, Codex-specific AGENTS.md supplement,
      10 skills ported to .agents/skills/ with openai.yaml metadata
    - .opencode/: 3 new tools (format-code, lint-check, git-summary), 3 new hooks
      (shell.env, experimental.session.compacting, permission.ask), expanded instructions,
      version bumped to 1.6.0
    - README: fixed Cursor section, added Codex section, added cross-tool parity table
    - install.sh: now copies hooks.json + hooks/ for --target cursor
  • feat(ecc): prune plugin 43→12 items, promote 7 rules to .claude/rules/ (#245)
    ECC community plugin pruning: removed 530+ non-essential files
    (.cursor/, .opencode/, docs/ja-JP, docs/zh-CN, docs/zh-TW,
    language-specific skills/agents/rules). Retained 4 agents,
    3 commands, 5 skills. Promoted 13 rule files (8 common + 5
    typescript) to .claude/rules/ for CC native loading. Extracted
    reusable patterns to EXTRACTED-PATTERNS.md.
  • fix: update opencode-ecc plugin for SDK v1.1.53 and refresh README stats
    - Fix PluginContext → PluginInput type rename in @opencode-ai/plugin
    - Import tool from @opencode-ai/plugin/tool subpath (fixes broken barrel export)
    - Update client.app.log() calls to use new options-object API signature
    - Stringify tool execute return values (SDK now requires Promise<string>)
    - Add .js extensions to relative imports for NodeNext module resolution
    - Update README star count (42K+) and contributor count (24)
  • feat: complete OpenCode plugin support with hooks, tools, and commands
    Major OpenCode integration overhaul:
    
    - llms.txt: Comprehensive OpenCode documentation for LLMs (642 lines)
    - .opencode/plugins/ecc-hooks.ts: All Claude Code hooks translated to OpenCode's plugin system
    - .opencode/tools/*.ts: 3 custom tools (run-tests, check-coverage, security-audit)
    - .opencode/commands/*.md: All 24 commands in OpenCode format
    - .opencode/package.json: npm package structure for opencode-ecc
    - .opencode/index.ts: Main plugin entry point
    
    - Delete incorrect LIMITATIONS.md (hooks ARE supported via plugins)
    - Rewrite MIGRATION.md with correct hook event mapping
    - Update README.md OpenCode section to show full feature parity
    
    OpenCode has 20+ events vs Claude Code's 3 phases:
    - PreToolUse → tool.execute.before
    - PostToolUse → tool.execute.after
    - Stop → session.idle
    - SessionStart → session.created
    - SessionEnd → session.deleted
    - Plus: file.edited, file.watcher.updated, permission.asked, todo.updated
    
    - 12 agents: Full parity
    - 24 commands: Full parity (+1 from original 23)
    - 16 skills: Full parity
    - Hooks: OpenCode has MORE (20+ events vs 3 phases)
    - Custom Tools: 3 native OpenCode tools
    
    The OpenCode configuration can now be:
    1. Used directly: cd everything-claude-code && opencode
    2. Installed via npm: npm install opencode-ecc