molecule-ai/molecule-core

fix(workspace): restore _sanitize_for_external and stderr parameter (CWE-117, closes #471) #573

Merged

infra-runtime-be merged 2 commits from fix/471-cwe117-stderr-scrubbing into main

2026-05-11 23:07:01 +00:00

Author	SHA1	Message	Date
Molecule AI Infra-Runtime-BE	a507d5d19f	chore: re-trigger CI to supersede stale status checks Some checks failed Block internal-flavored paths / Block forbidden paths (pull_request) Successful in 15s Details publish-runtime-autobump / bump-and-tag (pull_request) Has been skipped Details CI / Detect changes (pull_request) Successful in 32s Details Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 16s Details security-review / approved (pull_request) Failing after 21s Details qa-review / approved (pull_request) Failing after 24s Details sop-tier-check / tier-check (pull_request) Successful in 27s Details gate-check-v3 / gate-check (pull_request) Successful in 39s Details E2E API Smoke Test / detect-changes (pull_request) Successful in 50s Details Handlers Postgres Integration / detect-changes (pull_request) Successful in 47s Details publish-runtime-autobump / pr-validate (pull_request) Successful in 48s Details E2E Staging Canvas (Playwright) / detect-changes (pull_request) Successful in 50s Details Runtime PR-Built Compatibility / detect-changes (pull_request) Successful in 43s Details CI / Platform (Go) (pull_request) Successful in 9s Details CI / Shellcheck (E2E scripts) (pull_request) Successful in 7s Details CI / Canvas (Next.js) (pull_request) Successful in 12s Details E2E API Smoke Test / E2E API Smoke Test (pull_request) Successful in 12s Details Handlers Postgres Integration / Handlers Postgres Integration (pull_request) Successful in 12s Details E2E Staging Canvas (Playwright) / Canvas tabs E2E (pull_request) Successful in 17s Details audit-force-merge / audit (pull_request) Successful in 25s Details Runtime PR-Built Compatibility / PR-built wheel + import smoke (pull_request) Successful in 2m32s Details CI / Canvas Deploy Reminder (pull_request) Has been skipped Details CI / Python Lint & Test (pull_request) Successful in 7m38s Details CI / all-required (pull_request) Successful in 3s Details	2026-05-11 22:59:41 +00:00
Molecule AI Core-DevOps	7f90630f98	fix(tests): correct test_sanitize_agent_error_stderr_and_exc assertion The test expected the exception class to be hidden when stderr is provided, but the implementation always uses the exc type as the tag. Fix the assertion to match actual (correct) behavior: ValueError is in the tag, stderr is the body. Also add a check that we don't fall back to the generic "workspace logs" form. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-11 22:59:41 +00:00