415270ff03
* fix: relax workspace trust boundary to user home directory The previous restriction required workspaces to be under DEFAULT_WORKSPACE (/home/hermes/workspace), which blocked all profile-specific workspaces (~/CodePath, ~/General, ~/WebUI, ~/Camanji, etc.) since each profile uses a different directory under home. New boundary: any directory under Path.home() is trusted. This still blocks /etc, /tmp, /var, /root, /usr and all paths outside the user's home, while allowing any legitimate workspace under ~/ Also updates test assertions from 'trusted workspace root' to 'outside' since the new error message says 'outside the user home directory'. * fix: workspace trust uses home-dir + saved-list, not single ancestor Three-layer trust model that works cross-platform and multi-workspace: 1. BLOCKLIST: /etc, /usr, /var, /bin, /sbin, /boot, /proc, /sys, /dev, /root, /lib, /lib64, /opt/homebrew — always rejected, even if somehow saved 2. HOME CHECK: any path under Path.home() is trusted — covers ~/CodePath, ~/hermes-webui-public, ~/WebUI, ~/General, ~/Camanji simultaneously; Path.home() is cross-platform (Linux ~/..., macOS ~/..., Windows C:\Users\...\...) 3. SAVED LIST ESCAPE HATCH: if a path is already in the saved workspace list, it's trusted regardless of location — covers self-hosted deployments where workspaces live outside home (/data/projects, /opt/workspace, etc.) None/empty → DEFAULT_WORKSPACE (always trusted, validated at startup) * docs: v0.50.35 release — version badge and CHANGELOG --------- Co-authored-by: Nathan Esquenazi <nesquena@gmail.com>
14 KiB
14 KiB