f52b6c3f64
* fix(plugins): close F1086 err.Error() leaks in plugin install pipeline F1086 / #1206: Three err.Error() calls in the plugin install pipeline leaked internal file paths, resolver state, and query parameters in API responses. Replaced with context-appropriate generic messages: - ParseSource error → "invalid plugin source" - Resolve error → "plugin resolution failed" (available_schemes kept for self-service, raw error hidden) - validatePluginName error → "invalid plugin name" (path traversal/injection risk means no diagnostic should be returned) 🤖 Generated with [Claude Code](https://claude.ai) * fix(provision): close F1086 err.Error() leaks in workspace_provision.go F1086 / #1206: env mutator and provisioner start errors in workspace_provision.go leaked internal error strings (credential URIs, docker/volume paths, AMI/VPC details) via: - Broadcast payloads to canvas Events tab - last_sample_error field in the workspaces DB row Fixed all 6 occurrences across both the docker and CPProvisioner code paths: - env mutator failures → "environment configuration failed" - provisioner/docker start failures → "workspace start failed" The verbose %v-logged errors are preserved for operator diagnostics; only the broadcast and DB fields receive generic messages. 🤖 Generated with [Claude Code](https://claude.ai) --------- Co-authored-by: Molecule AI Core-BE <core-be@agents.moleculesai.app> |
||
|---|---|---|
| .. | ||
| cmd/server | ||
| internal | ||
| migrations | ||
| pkg/provisionhook | ||
| .gitignore | ||
| Dockerfile | ||
| Dockerfile.tenant | ||
| entrypoint-tenant.sh | ||
| go.mod | ||
| go.sum | ||