safety

package
v0.3.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 16, 2026 License: MIT Imports: 7 Imported by: 0

Documentation

Overview

Package safety provides path validation and atomic file writes used when importing bundles. The goal is to never let a malicious or malformed bundle write outside the Codex sessions directory, and to never partially overwrite a file.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func CleanRelPath

func CleanRelPath(name string) (string, error)

CleanRelPath validates a ZIP entry name and returns it as a safe, canonical, forward-slash relative path. It rejects anything that could escape the destination: absolute paths, Windows drive/volume prefixes, backslashes, empty or "."/".." segments, and non-canonical forms.

func CopyAtomic

func CopyAtomic(dest string, r io.Reader) (err error)

CopyAtomic streams r into dest atomically: it creates any missing parent directories, writes to a temp file in the destination directory, fsyncs it, and renames it into place. On any failure before the rename, the temp file is removed and dest is left untouched.

func DestPath

func DestPath(root, rel string) (string, error)

DestPath joins a cleaned relative bundle path onto the Codex home root and verifies, as defense in depth, that the result stays within root.

func IsClaudeSessionEntry added in v0.3.0

func IsClaudeSessionEntry(rel string) bool

IsClaudeSessionEntry reports whether a (already cleaned) relative path is a Claude Code transcript under projects/<encoded-cwd>/<uuid>.jsonl.

func IsSessionEntry

func IsSessionEntry(rel string) bool

IsSessionEntry reports whether a (already cleaned) relative path is a Codex rollout file under sessions/YYYY/MM/DD/.

Types

This section is empty.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL