hermes-agent

mirrors/hermes-agent

Fork 0

mirror of https://github.com/NousResearch/hermes-agent.git synced 2026-05-29 06:31:32 +00:00

Commit graph

Author	SHA1	Message	Date
zapabob	2c3ca475c0	fix(cron): reject id mutation + validate output paths under OUTPUT_DIR Two defense-in-depth fixes on cron output path handling: 1. cron/jobs.py:update_job() rejects mutation of the immutable 'id' field (raises ValueError). Dashboard PUT /api/cron/jobs/{id} converts this to HTTP 400. Without this, an attacker who can reach the update endpoint could rename a job's id to '../escape' and move its output directory outside OUTPUT_DIR. 2. cron/jobs.py:_job_output_dir() validates job IDs before composing paths: rejects '.', '..', '/', '\\', absolute paths, and Windows drive prefixes. Used by save_job_output() and remove_job() so legacy unsafe IDs (from before this guard) fail closed rather than half-applying a shutil.rmtree or output write outside the sandbox. Tests: - update_job rejects {'id': '../escape'} without renaming - remove_job(legacy '../escape' id) raises ValueError without deleting files outside OUTPUT_DIR or removing the job from the store - save_job_output rejects '..', './escape', 'nested/escape', absolute paths - dashboard PUT /api/cron/jobs/{id} with {'id': '../escape'} returns 400, job list unchanged Salvaged from PR #29826 by @zapabob. Simplified implementation: - Dropped a 23-line _validate_job_output_id() helper using Path.parts semantics. The inline check (path separators + dot-components + is_absolute) is shorter and behaviorally identical. - Dropped the secondary OUTPUT_DIR.resolve()/relative_to() check — redundant once we reject any path separator at the input boundary. - Dropped the _docs/2026-05-21_cron-output-path-hardening_codex.md planning artifact (we don't check planning docs into the repo). Co-authored-by: teknium1 <127238744+teknium1@users.noreply.github.com>	2026-05-25 01:15:24 -07:00
SerenityTn	1a5172742e	feat(kanban): show dashboard cron jobs across profiles Salvages #27568 by @SerenityTn. Dashboard cron page now lists cron jobs from all profiles, with profile-aware filter UI and storage routing. Includes test coverage for cross-profile listing, mutation, deletion, and validation. Also fixes orphan conflict markers in config.py left by an earlier salvage merge (kanban.dispatch_stale_timeout_seconds was double-nested in HEAD/PR markers from #28452 salvage of #23790).	2026-05-18 21:26:45 -07:00

Author

SHA1

Message

Date

zapabob

2c3ca475c0

fix(cron): reject id mutation + validate output paths under OUTPUT_DIR

Two defense-in-depth fixes on cron output path handling:

1. cron/jobs.py:update_job() rejects mutation of the immutable 'id' field
   (raises ValueError). Dashboard PUT /api/cron/jobs/{id} converts this to
   HTTP 400. Without this, an attacker who can reach the update endpoint
   could rename a job's id to '../escape' and move its output directory
   outside OUTPUT_DIR.

2. cron/jobs.py:_job_output_dir() validates job IDs before composing
   paths: rejects '.', '..', '/', '\\', absolute paths, and Windows drive
   prefixes. Used by save_job_output() and remove_job() so legacy unsafe
   IDs (from before this guard) fail closed rather than half-applying a
   shutil.rmtree or output write outside the sandbox.

Tests:
  - update_job rejects {'id': '../escape'} without renaming
  - remove_job(legacy '../escape' id) raises ValueError without deleting
    files outside OUTPUT_DIR or removing the job from the store
  - save_job_output rejects '..', './escape', 'nested/escape',
    absolute paths
  - dashboard PUT /api/cron/jobs/{id} with {'id': '../escape'} returns
    400, job list unchanged

Salvaged from PR #29826 by @zapabob. Simplified implementation:
- Dropped a 23-line _validate_job_output_id() helper using Path.parts
  semantics. The inline check (path separators + dot-components +
  is_absolute) is shorter and behaviorally identical.
- Dropped the secondary OUTPUT_DIR.resolve()/relative_to() check —
  redundant once we reject any path separator at the input boundary.
- Dropped the _docs/2026-05-21_cron-output-path-hardening_codex.md
  planning artifact (we don't check planning docs into the repo).

Co-authored-by: teknium1 <127238744+teknium1@users.noreply.github.com>

2026-05-25 01:15:24 -07:00

SerenityTn

1a5172742e

feat(kanban): show dashboard cron jobs across profiles

Salvages #27568 by @SerenityTn. Dashboard cron page now lists cron
jobs from all profiles, with profile-aware filter UI and storage
routing. Includes test coverage for cross-profile listing, mutation,
deletion, and validation.

Also fixes orphan conflict markers in config.py left by an earlier
salvage merge (kanban.dispatch_stale_timeout_seconds was double-nested
in HEAD/PR markers from #28452 salvage of #23790).

2026-05-18 21:26:45 -07:00

2 commits