Skip to content

fix: harden cross-platform compatibility, security, and test coverage#21

Merged
GeiserX merged 1 commit into
mainfrom
fix/reviewer-findings
May 7, 2026
Merged

fix: harden cross-platform compatibility, security, and test coverage#21
GeiserX merged 1 commit into
mainfrom
fix/reviewer-findings

Conversation

@GeiserX
Copy link
Copy Markdown
Owner

@GeiserX GeiserX commented May 7, 2026

Summary

Comprehensive fixes from 8 specialized code reviewers analyzing PRs #9#16:

  • Security: restrict config dir/file permissions (700/600), validate profile names, TTY guard on credential export
  • Bug fix: reactive path no longer falls back to loginCmd (could hang without TTY)
  • Cross-platform: Windows aws.exe resolution, case-insensitive plugin path detection, sleepSync fallback
  • Feature: ISO-8601 expiration timestamp support (some providers use these instead of epoch)
  • CI: version consistency check, deduplicate test runs, harden release workflow
  • Tests: 4 new test cases (future-timestamp lock, garbage lock, concurrent lock, profile mismatch, ISO-8601)

Test plan

  • 48 tests passing (node --test lib.test.mjs)
  • All scripts syntax-checked (node --check *.mjs)
  • marketplace.json versions now match package.json (0.3.2)

@GeiserX
fix: harden cross-platform compatibility, security, and test coverage
260977e 
- Security: restrict config dir to 700, config file to 600 on Unix
- Security: validate profile name format (prevent CLI flag injection)
- Security: add TTY warning guard to aws-cred-export.mjs
- Bug: reactive path no longer falls back to loginCmd (may hang without TTY)
- Bug: add timeout message when wait loop expires in aws-auth-refresh
- Cross-platform: add shell option for Windows aws CLI resolution
- Cross-platform: case-insensitive path comparison for isPlugin on Windows
- Cross-platform: sleepSync fallback when SharedArrayBuffer unavailable
- Feature: support ISO-8601 expiration timestamps (some providers use these)
- CI: add version consistency check (package.json vs marketplace.json)
- CI: fix duplicate test execution on coverage matrix cell
- CI: harden release workflow with duplicate release guard and HEAD^1
- Fix marketplace.json version drift (0.3.0 → 0.3.2)
- Tests: add future-timestamp lock, garbage lock, concurrent lock, ISO-8601,
  profile mismatch cases (48 tests total, all passing)
@GeiserX GeiserX merged commit e768121 into main May 7, 2026
@GeiserX GeiserX deleted the fix/reviewer-findings branch May 7, 2026 22:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@GeiserX