diff options
| author | Adam Malczewski <[email protected]> | 2026-06-02 17:53:46 +0900 |
|---|---|---|
| committer | Adam Malczewski <[email protected]> | 2026-06-02 17:53:46 +0900 |
| commit | 09914c6ba15214d5ec05c106d5d11fd14a86f532 (patch) | |
| tree | 11f265a8d9e223f0b4b90ffadefc1ba0791569c1 /packaging/[email protected] | |
| parent | 8d70db66d3f0046cdef5fbce2ce5a86eab0959ef (diff) | |
| download | dispatch-09914c6ba15214d5ec05c106d5d11fd14a86f532.tar.gz dispatch-09914c6ba15214d5ec05c106d5d11fd14a86f532.zip | |
harden(search_code): defensive arg coercion, per-line truncation, rerun-safe pkg
Address findings from a second independent (Gemini) review covering the tool
and the packaging:
- Robustness (was: crash): non-string params from a model hallucination (e.g.
include_ext: ["ts","go"]) threw 'x.trim is not a function' and killed the
tool call. Add an asString() coercion for all string params (query, path,
include_ext, exclude_pattern, only); non-strings now no-op or return the
graceful 'query is required' error.
- Output bound: cap each rendered snippet line at 500 chars (MAX_LINE_CHARS,
mirrors read-file.ts) so a matched minified/generated line can't bloat the
payload. (Total output is already bounded by the universal truncator.)
- packaging/PKGBUILD: make the cs clone rerun-safe (rm -rf before clone) so
makepkg -e / repeat runs don't abort on 'destination path already exists';
add conflicts=('cs') to the code-search package for a clean pacman error vs.
the unrelated AUR 'cs' that also owns /usr/bin/cs (no provides — different
program).
Not changed (verified): path containment, the -- flag-injection guard, and the
deterministic pinned Docker build were all confirmed solid by the review.
Tests: +2 (wrong-type params don't crash; long-line truncation). Full suite
605 pass, biome + tsc green.
Diffstat (limited to 'packaging/[email protected]')
0 files changed, 0 insertions, 0 deletions
