Multi-axis audit fixes: security, code quality, API consistency

Security fixes: - Add explicit symlink detection in _resolve_chroot_path - Fix TOCTOU race conditions in _patch_text_impl and _patch_bytes_impl - Sanitize SQLite error messages to prevent information leakage - Add finally:conn.close() to prevent SQLite connection leaks - Add readonly check for output_csv in shed_sqlite Code quality: - Replace bare except with specific exceptions (OSError, UnicodeDecodeError, etc.) - Translate French comments to English in shed_import - Refactor shed_sqlite to use centralized _resolve_zone() API improvements: - Change safe=False to safe=True by default in patch_text/patch_bytes - Change message='' to message=None in zone movement functions Documentation: - Add comprehensive error codes reference table to SPEC.md https://claude.ai/code/session_01THb4YA4SqYG52LVwjwb5Uo
2026-05-03 05:50:21 +00:00 · 2026-01-29 08:19:42 +00:00 · 2026-01-29 08:19:42 +00:00 · 1c40d972d2
commit 1c40d972d2
parent d75e174d44
2 changed files with 119 additions and 98 deletions
--- a/docs/SPEC.md
+++ b/docs/SPEC.md
@ -425,20 +425,37 @@ Response format:
 }
 ```

-Common error codes:
+### Error Codes Reference

- `FILE_NOT_FOUND` — Path does not exist
- `FILE_EXISTS` — Destination already exists
- `FILE_TOO_LARGE` — File exceeds max_file_size_mb limit
- `PATH_ESCAPE` — Path traversal attempt blocked
- `PERMISSION_DENIED` — Group ownership check failed
- `COMMAND_FORBIDDEN` — Command not in whitelist
- `QUOTA_EXCEEDED` — Storage quota exceeded
- `FILE_LOCKED` — File locked by another user/conversation
- `INVALID_ZONE` — Unknown zone parameter
- `ZONE_READONLY` — Write operation on read-only zone (Uploads)
- `MISSING_PARAMETER` — Required parameter missing
- `GROUP_ACCESS_DENIED` — User is not a member of the group
+| Code | Description |
+| --- | --- |
+| `FILE_NOT_FOUND` | Path does not exist |
+| `FILE_EXISTS` | Destination already exists |
+| `FILE_TOO_LARGE` | File exceeds max_file_size_mb limit |
+| `FILE_LOCKED` | File locked by another user/conversation |
+| `PATH_ESCAPE` | Path traversal or symlink escape attempt blocked |
+| `PERMISSION_DENIED` | Group ownership check failed |
+| `COMMAND_FORBIDDEN` | Command not in whitelist |
+| `ARGUMENT_FORBIDDEN` | Dangerous argument pattern detected |
+| `QUOTA_EXCEEDED` | Storage quota exceeded |
+| `INVALID_ZONE` | Unknown zone parameter |
+| `ZONE_FORBIDDEN` | Invalid zone for this operation |
+| `ZONE_READONLY` | Write operation on read-only zone (Uploads) |
+| `MISSING_PARAMETER` | Required parameter missing |
+| `INVALID_PARAMETER` | Invalid parameter value |
+| `GROUP_ACCESS_DENIED` | User is not a member of the group |
+| `NOT_A_FILE` | Expected file but found directory |
+| `NOT_IN_EDIT_MODE` | File not open for locked editing |
+| `PATTERN_NOT_FOUND` | Regex pattern not found in file |
+| `EXEC_ERROR` | Command execution failed |
+| `EXEC_TIMEOUT` | Command exceeded timeout |
+| `INVALID_FORMAT` | Invalid file format for operation |
+| `INVALID_OWNER` | Invalid owner ID for chown |
+| `CSV_PARSE_ERROR` | Failed to parse CSV file |
+| `TABLE_EXISTS` | SQLite table already exists (use if_exists) |
+| `NETWORK_FORBIDDEN` | Network access disabled by policy |
+| `LINK_NOT_FOUND` | Download link not found |
+| `LINK_ACCESS_DENIED` | Not authorized to access this link |

 ## Response Format