ruvector

mirror of https://github.com/ruvnet/RuVector.git synced 2026-05-28 09:53:36 +00:00

History

rUv b0d31df2b6 security: fix vulnerabilities and optimize rudag package SECURITY FIXES (HIGH): - Path traversal prevention in CLI (validateFilePath) - Path traversal prevention in FileDagStorage (ensureWithinBase) - Input validation for all public APIs (isValidDagId, isValidStorageId) - Type guards for WASM output (isCriticalPath) to prevent prototype pollution - Extension restrictions (.dag, .json only) in CLI MEMORY LEAK FIXES (HIGH): - Static methods now properly close owned storage connections - WASM cleanup on initialization failures - Cache invalidation on dispose() PERFORMANCE OPTIMIZATIONS: - Single-transaction IndexedDB saves (atomic read-modify-write) - Batch save API for bulk operations (saveBatch) - Result caching for topoSort and criticalPath - Lazy module loading in CLI for faster startup OTHER IMPROVEMENTS: - onblocked/onversionchange handlers for IndexedDB - Background save error handler (onSaveError option) - Comprehensive input validation with clear error messages - Convert sync to async file operations in Node.js 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-30 16:07:46 +00:00
..
cli.js	security: fix vulnerabilities and optimize rudag package	2025-12-30 16:07:46 +00:00

rUv b0d31df2b6 security: fix vulnerabilities and optimize rudag package

SECURITY FIXES (HIGH):
- Path traversal prevention in CLI (validateFilePath)
- Path traversal prevention in FileDagStorage (ensureWithinBase)
- Input validation for all public APIs (isValidDagId, isValidStorageId)
- Type guards for WASM output (isCriticalPath) to prevent prototype pollution
- Extension restrictions (.dag, .json only) in CLI

MEMORY LEAK FIXES (HIGH):
- Static methods now properly close owned storage connections
- WASM cleanup on initialization failures
- Cache invalidation on dispose()

PERFORMANCE OPTIMIZATIONS:
- Single-transaction IndexedDB saves (atomic read-modify-write)
- Batch save API for bulk operations (saveBatch)
- Result caching for topoSort and criticalPath
- Lazy module loading in CLI for faster startup

OTHER IMPROVEMENTS:
- onblocked/onversionchange handlers for IndexedDB
- Background save error handler (onSaveError option)
- Comprehensive input validation with clear error messages
- Convert sync to async file operations in Node.js

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

2025-12-30 16:07:46 +00:00

cli.js

security: fix vulnerabilities and optimize rudag package

2025-12-30 16:07:46 +00:00