Skip to content

Commit 08496ed

Browse files
authored
Merge pull request #93 from 0xmariowu/release/v0.8.2
chore: bump version to 0.8.2
2 parents da7606c + dd8b38b commit 08496ed

7 files changed

Lines changed: 38 additions & 6 deletions

File tree

.claude-plugin/marketplace.json

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -5,14 +5,14 @@
55
},
66
"metadata": {
77
"description": "Check how well your repo supports AI coding agents.",
8-
"version": "0.8.1"
8+
"version": "0.8.2"
99
},
1010
"plugins": [
1111
{
1212
"name": "agent-lint",
1313
"source": "./",
1414
"description": "Check how well your repo supports AI coding agents.",
15-
"version": "0.8.1",
15+
"version": "0.8.2",
1616
"author": {
1717
"name": "0xmariowu"
1818
},

.claude-plugin/plugin.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
{
22
"name": "agent-lint",
3-
"version": "0.8.1",
3+
"version": "0.8.2",
44
"description": "Check how well your repo supports AI coding agents.",
55
"author": {
66
"name": "0xmariowu"

CHANGELOG.md

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,21 @@
11
# Changelog
22

3+
## v0.8.2 (2026-04-16)
4+
5+
### Security
6+
7+
- **Symlink attack protection across scanner, fixer, and analyzers.** A malicious repository could place a symlinked `CLAUDE.md` (or `AGENTS.md`, `.cursorrules`, `.cursor/rules/*.mdc`) pointing to sensitive host files like `~/.ssh/id_rsa` or `/etc/passwd`. Running scanner, fixer, deep-analyzer, or session-analyzer on such a repo would read, leak (to LLM prompts or output), or overwrite the symlink target. All entry-file resolution now uses `lstat`-based checks that reject symlinks.
8+
- **I1 keyword scan no longer buffers entire entry file in memory.** v0.8.1 introduced a bash variable accumulator that grew unbounded — a 29 MB `CLAUDE.md` could crash the scanner with `xrealloc: cannot allocate N bytes` under constrained memory. Replaced with streaming awk that uses O(1) memory regardless of file size.
9+
- **S6 hardcoded secrets check now inspects `.env` files.** Previous `':!*.env'` exclusion allowed committed secrets in `.env` / `.env.local` / `.env.production` to bypass detection.
10+
- **Hook script paths confined to project directory.** `extract_script_path` (used by H3/H6) refuses absolute paths and traversal sequences that escape the scanned repo.
11+
- **F8 rules directory check rejects symlinks and non-regular files.** Symlinked `.claude/rules` or non-regular `.md` rule files could cause tool crashes or unexpected reads.
12+
- **S3 secret-scan detection refuses symlinked `.github/workflows`.** `grep -rl` follows symlinks passed as command-line arguments; a symlinked workflows directory could cause the scanner to traverse outside the repo.
13+
14+
### Notes
15+
16+
- Addresses 10 security findings from Codex code review.
17+
- All local tests pass (scorer 15, fixer 20, reporter 11, scanner 93, e2e 45, sarif 10, action-smoke 6, install-script 16, traversal 7, malicious-fixtures 10) plus E2B extreme correctness suite 33/33.
18+
319
## v0.8.1 (2026-04-16)
420

521
### Fixed

docs/content/changelog.md

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,21 @@
11
# Changelog
22

3+
## v0.8.2 (2026-04-16)
4+
5+
### Security
6+
7+
- **Symlink attack protection across scanner, fixer, and analyzers.** A malicious repository could place a symlinked `CLAUDE.md` (or `AGENTS.md`, `.cursorrules`, `.cursor/rules/*.mdc`) pointing to sensitive host files like `~/.ssh/id_rsa` or `/etc/passwd`. Running scanner, fixer, deep-analyzer, or session-analyzer on such a repo would read, leak (to LLM prompts or output), or overwrite the symlink target. All entry-file resolution now uses `lstat`-based checks that reject symlinks.
8+
- **I1 keyword scan no longer buffers entire entry file in memory.** v0.8.1 introduced a bash variable accumulator that grew unbounded — a 29 MB `CLAUDE.md` could crash the scanner with `xrealloc: cannot allocate N bytes` under constrained memory. Replaced with streaming awk that uses O(1) memory regardless of file size.
9+
- **S6 hardcoded secrets check now inspects `.env` files.** Previous `':!*.env'` exclusion allowed committed secrets in `.env` / `.env.local` / `.env.production` to bypass detection.
10+
- **Hook script paths confined to project directory.** `extract_script_path` (used by H3/H6) refuses absolute paths and traversal sequences that escape the scanned repo.
11+
- **F8 rules directory check rejects symlinks and non-regular files.** Symlinked `.claude/rules` or non-regular `.md` rule files could cause tool crashes or unexpected reads.
12+
- **S3 secret-scan detection refuses symlinked `.github/workflows`.** `grep -rl` follows symlinks passed as command-line arguments; a symlinked workflows directory could cause the scanner to traverse outside the repo.
13+
14+
### Notes
15+
16+
- Addresses 10 security findings from Codex code review.
17+
- All local tests pass (scorer 15, fixer 20, reporter 11, scanner 93, e2e 45, sarif 10, action-smoke 6, install-script 16, traversal 7, malicious-fixtures 10) plus E2B extreme correctness suite 33/33.
18+
319
## v0.8.1 (2026-04-16)
420

521
### Fixed

npm/package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
{
22
"name": "@0xmariowu/agent-lint",
3-
"version": "0.8.1",
3+
"version": "0.8.2",
44
"description": "Check how well your repo supports AI coding agents. Claude Code plugin.",
55
"author": "0xmariowu",
66
"license": "MIT",

package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"name": "agent-lint",
33
"private": true,
4-
"version": "0.8.1",
4+
"version": "0.8.2",
55
"description": "Check how well your repo supports AI coding agents.",
66
"license": "MIT",
77
"repository": {

release-metadata.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
{
2-
"version": "0.8.1",
2+
"version": "0.8.2",
33
"check_count": 49,
44
"dimensions": [
55
{

0 commit comments

Comments
 (0)