Conversation
…rrent syncs, recover corrupted manifest - bound RPC body reads (Content-Length, chunked, and read-to-end paths) at 16 MiB so a malicious or compromised local responder cannot OOM tokscale or fill the disk via unbounded chunked encoding - strengthen Antigravity process identification by checking the actual executable path (lsof on macOS, /proc/<pid>/exe on Linux) on top of the existing CLI-substring heuristic so other same-user processes can't impersonate the language server just by argv shape - probe candidate endpoints with a real RPC call and JSON-shape check (cap probe body at 4 KiB) instead of trusting any 200 response, so a rogue local listener can't poison the sync cache - lock 'antigravity sync' on a per-cache PID lock file with stale-pid recovery so two concurrent runs can't race on the manifest or delete artifacts the other run just produced - enforce manifest version on load: future versions abort, older versions start fresh, identical version proceeds - on corrupted manifest, move it aside as manifest.json.corrupt-<ts> and start fresh instead of failing every sync until the user intervenes
…harden timestamp/dedup edges - walk the full reverse messageHistory in extract_usage_from_run_state and merge usage signals across entries instead of returning on the first hit; this prevents silent token loss when the newest assistant entry only carries a model id and an earlier entry holds the actual token counts - include the source-array ordinal in the fallback dedup key so two id-less assistant messages in the same chat with identical timestamp, model, and token shape no longer collapse into a single record - reject non-positive numeric timestamps in parse_timestamp_value and parse_timestamp_str so messages with timestamp=0 or negative epochs fall through to the chat-id / file-mtime fallback chain instead of being pinned at the unix epoch
…e --client values - move SYNTHETIC_HOTKEY from 'x' (which collided with Mux and silently shadowed Synthetic in the picker dispatch) to 'n', a free letter not used by any current client. Document the cross-file invariant so future client additions don't reintroduce the same collision. - enable ignore_case on the --client/-c value enum so 'OPENCODE', 'Codebuff', and 'antigravity' all parse as the same canonical filter. Add end-to-end clap tests for uppercase, mixed-case, unknown values, empty strings, and duplicated legacy bool flags so the parser surface has explicit coverage.
Contributor
|
The latest updates on your projects. Learn more about Vercel for GitHub. 1 Skipped Deployment
|
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
![devin-ai-integration[bot]](https://avatars.githubusercontent.com/in/811515?s=60&v=4){kind=small}
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
…nd exe-path heuristic
- only evict the sync lock when its owner PID is provably dead. The
previous age-based 'stale after 10 minutes' rule could let a second
sync overlap a long-running first one and corrupt the manifest.
- replace the stale-recovery recursion with a bounded retry loop
(up to 3 attempts) so a process that keeps recreating the lock can no
longer trigger an unbounded recursive call stack.
- consume HTTP headers before reading the body in probe_heartbeat so the
4 KiB probe cap applies only to the JSON body, matching the existing
identity_probe_request implementation. This prevents valid endpoints
whose response headers contain '{' from being silently rejected.
- accept exe paths containing 'language_server' as well as 'antigravity'.
On Linux, /proc/<pid>/exe almost always resolves, but a generic
language-server binary invoked with '--app_data_dir antigravity' would
otherwise fail the exe-path check even though is_antigravity_process
already validated the antigravity affiliation via argv.
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Pre-release correctness and security fixes across the four PRs landed this cycle (#464, #454, #359, #355). All issues surfaced by post-merge review.
Antigravity (
fix(antigravity): ...)Trust boundary around the local language-server RPC was too loose:
Codebuff (
fix(codebuff): ...)Parser correctness around silent data loss:
TUI + parsing (
fix(tui): ...)User-visible client-filter UX:
Test results
Each fix has a regression test where applicable.
Commits
Summary by cubic
Hardens the local
antigravityRPC boundary, fixescodebuffparsing that could drop usage, and improves the TUI client filter. Lowers local attack surface and prevents silent token loss.antigravity: Cap RPC bodies at 16 MiB (Content-Length, chunked, read-to-end). Verify process executable path; acceptlanguage_serveras well asantigravity. Probe endpoints with a real RPC and JSON-shape check with a 4 KiB body cap, consuming headers first. Lock concurrent syncs with a PID lock; only evict when the owner PID is dead and use a bounded (3-attempt) retry. Enforce manifest version; auto-backup corrupted manifests.codebuff: Accumulate usage across the full reverse history so tokens aren’t lost when the newest entry only has a model. Add source ordinal to the fallback dedup key to keep identical id-less messages distinct. Reject non‑positive numeric timestamps.--client/-ccase-insensitive with end-to-end parser tests.Written for commit 512930d. Summary will update on new commits.