mosaicstack/stack
1
0
Fork 0
Code Issues 13 Pull Requests Actions Packages Projects Releases 11 Wiki Activity

fix: coord review remediations (path traversal, JSON parse, race condition) (#81)

Browse Source 
Co-authored-by: Jason Woltje <jason@diversecanvas.com>
Co-committed-by: Jason Woltje <jason@diversecanvas.com>
This commit was merged in pull request #81.
This commit is contained in:
Jason Woltje
2026-03-13 03:43:49 +00:00
committed by jason.woltje
parent b03c603759
commit 8da2759fec
5 changed files with 86 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
packages/coord/src/status.ts
View File

@@ -78,7 +78,12 @@ async function readActiveSession(mission: Mission): Promise<MissionSession | und
throw error;
}
const lock = JSON.parse(lockRaw) as SessionLockState;
let lock: SessionLockState;
try {
lock = JSON.parse(lockRaw) as SessionLockState;
} catch {
return undefined;
}
if (
typeof lock.session_id !== 'string' ||
(lock.runtime !== 'claude' && lock.runtime !== 'codex') ||
@@ -106,10 +111,10 @@ async function readActiveSession(mission: Mission): Promise<MissionSession | und
};
}
export async function getMissionStatus(mission: Mission): Promise<MissionStatusSummary> {
const freshMission = await loadMission(mission.projectPath);
const tasks = await readTasks(freshMission);
async function buildStatusSummary(
freshMission: Mission,
tasks: MissionTask[],
): Promise<MissionStatusSummary> {
const done = tasks.filter((task) => task.status === 'done').length;
const inProgress = tasks.filter((task) => task.status === 'in-progress').length;
const pending = tasks.filter((task) => task.status === 'not-started').length;
@@ -151,6 +156,12 @@ export async function getMissionStatus(mission: Mission): Promise<MissionStatusS
};
}
export async function getMissionStatus(mission: Mission): Promise<MissionStatusSummary> {
const freshMission = await loadMission(mission.projectPath);
const tasks = await readTasks(freshMission);
return buildStatusSummary(freshMission, tasks);
}
export async function getTaskStatus(mission: Mission, taskId: string): Promise<TaskDetail> {
const freshMission = await loadMission(mission.projectPath);
const tasks = await readTasks(freshMission);
@@ -164,7 +175,7 @@ export async function getTaskStatus(mission: Mission, taskId: string): Promise<T
throw new Error(`Duplicate task IDs found: ${taskId}`);
}
const summary = await getMissionStatus(freshMission);
const summary = await buildStatusSummary(freshMission, tasks);
return {
missionId: freshMission.id,