nexus

Author SHA1 Message Date

Author	SHA1	Message	Date
Nexus Dev	22e14545d4	fix(nexus): extend tilde expansion and mkdir to all user path endpoints Follow-up to commit `91530b07` which only covered agents.adapter_config .cwd. An audit found three additional user-facing endpoints that accept filesystem paths without normalization. Same zero-terminal bug in each: user supplies "~/foo", server stores it raw, downstream consumers can't resolve the tilde. Extract the two helpers (expandUserPath, normalizeWorkspaceDir) from the agents.ts closure into a shared utility so all endpoints use the same primitive. new: server/src/utils/path-normalization.ts - expandUserPath(candidate): resolves ~ / ~/foo to homedir() and path.resolve() to absolute. Null-safe on non-string input. - normalizeWorkspaceDir(rawPath, { field }): expand + assert absolute + mkdir -p + stat isDirectory + log the change. Throws unprocessable (422) on any filesystem failure with a field-aware error message. changed: server/src/routes/agents.ts - Replaced the inline expandUserPath + normalizeAdapterConfigPaths helpers with a narrow wrapper that delegates to the shared utility. Three call sites (create, hire, patch) unchanged in behavior. - Removed now-unused imports: mkdir, stat, homedir. changed: server/src/routes/projects.ts - POST /projects/:id/workspaces: normalize req.body.cwd before the service call. - PATCH /projects/:id/workspaces/:workspaceId: same. - Added import. changed: server/src/routes/execution-workspaces.ts - PATCH /execution-workspaces/🆔 normalize req.body.cwd before the patch object is built. - Added import. changed: server/src/services/nexus-settings.ts - In set(): expand ~ in piperBinaryPath and whisperBinaryPath before merging and validating. These are executable paths so we expand but don't mkdir — caller still has to install the binary itself, but the stored path is now resolvable by the server. - Added import. Not extended: - Storage provider baseDir: computed at startup from environment, not user request body. Sandboxed. No change needed. - Instructions bundle paths: indirectly covered — the legacy path resolver depends on cwd being absolute, which `91530b07` ensures. - Chat file upload object keys: system-generated, not user-supplied. Verification: npx tsc --noEmit on server — zero errors introduced in any touched file. Dev server on :6100 still returns 200. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-10 18:22:33 +00:00
Nexus Dev	0956c31384	feat: Phase 42 — Wallpapers, Social, Format Conversion & Voice (12 platforms, convert pipeline, offline badge)	2026-04-05 09:56:53 +00:00

Nexus Dev

22e14545d4

fix(nexus): extend tilde expansion and mkdir to all user path endpoints

Follow-up to commit 91530b07 which only covered agents.adapter_config
.cwd. An audit found three additional user-facing endpoints that
accept filesystem paths without normalization. Same zero-terminal bug
in each: user supplies "~/foo", server stores it raw, downstream
consumers can't resolve the tilde.

Extract the two helpers (expandUserPath, normalizeWorkspaceDir) from
the agents.ts closure into a shared utility so all endpoints use the
same primitive.

new: server/src/utils/path-normalization.ts
  - expandUserPath(candidate): resolves ~ / ~/foo to homedir() and
    path.resolve() to absolute. Null-safe on non-string input.
  - normalizeWorkspaceDir(rawPath, { field }): expand + assert
    absolute + mkdir -p + stat isDirectory + log the change.
    Throws unprocessable (422) on any filesystem failure with a
    field-aware error message.

changed: server/src/routes/agents.ts
  - Replaced the inline expandUserPath + normalizeAdapterConfigPaths
    helpers with a narrow wrapper that delegates to the shared utility.
    Three call sites (create, hire, patch) unchanged in behavior.
  - Removed now-unused imports: mkdir, stat, homedir.

changed: server/src/routes/projects.ts
  - POST /projects/:id/workspaces: normalize req.body.cwd before the
    service call.
  - PATCH /projects/:id/workspaces/:workspaceId: same.
  - Added import.

changed: server/src/routes/execution-workspaces.ts
  - PATCH /execution-workspaces/🆔 normalize req.body.cwd before the
    patch object is built.
  - Added import.

changed: server/src/services/nexus-settings.ts
  - In set(): expand ~ in piperBinaryPath and whisperBinaryPath before
    merging and validating. These are executable paths so we expand
    but don't mkdir — caller still has to install the binary itself,
    but the stored path is now resolvable by the server.
  - Added import.

Not extended:
  - Storage provider baseDir: computed at startup from environment,
    not user request body. Sandboxed. No change needed.
  - Instructions bundle paths: indirectly covered — the legacy path
    resolver depends on cwd being absolute, which 91530b07 ensures.
  - Chat file upload object keys: system-generated, not user-supplied.

Verification: npx tsc --noEmit on server — zero errors introduced in
any touched file. Dev server on :6100 still returns 200.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-04-10 18:22:33 +00:00

Nexus Dev

0956c31384

feat: Phase 42 — Wallpapers, Social, Format Conversion & Voice (12 platforms, convert pipeline, offline badge)

2026-04-05 09:56:53 +00:00

2 commits