fix: 3-way-audit P1 gaps (apps fencing, safari macOS 26, HTTP crash, notarize, docs)#305
Merged
Conversation
…rash, notarize, docs) - apps: fence calendar/music/timeline app-tool egress; widgets read raw structuredContent - safari: drop module-level brokenOn:[26] — only add_bookmark broke, 11 tools were lost on 26 - http-transport: permanent error handler after listen so a post-bind socket error no longer crashes - notarize-app.sh: preserve .appex entitlements across re-sign; drop --deep that stripped them - README: stop claiming .mcpb/npm ship the Swift bridge (source build / bundled app only) - tests: apps egress fencing (behavioral) + safari-registers-on-26 (manifest-driven) - adversarially verified + empirical notarize entitlement-survival run; suite 2017 green
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
A 3-way completeness audit (Claude existing session + Claude new session + Codex new session) surfaced these P1 gaps. This PR closes all 5 — notably one was the headline finding from each independent run.
calendar_week_view/music_player/timeline_todayreturned external Apple content (event titles, reminder names, track metadata) to the model UNFENCED. Now fenced (untrusted markers +_meta); widgets render from rawstructuredContent.brokenOn:[26]skip-dropped ALL 12 Safari tools on macOS 26, though onlyadd_bookmarkis broken (and it already self-gates at the tool level). Removed it → the 11 working tools register on 26.errorlistener afterlistening, so a post-bind socket error crashed the process. Added a permanent handler..appexentitlements — re-signing the widget extension dropped its entitlements (codesign --verifystill passed). Now extracted before strip + re-applied; the--deepouter sign (which re-stripped them) is removed..mcpbclaim — README said the.mcpb/npm tarball ship the Swift bridge; they don't. Corrected (source build / bundled app only).Verified: typecheck, full suite (2006 tests), gen/manifest checks,
mcp:validate,npm audit --audit-level=highall green. New behavioral tests for apps fencing + safari-registers-on-26 (manifest-driven). Adversarially verified, including an empirical notarize entitlement-survival run.Not closed here (needs real macOS + Apple signing): live notarize submission, Siri/AppIntents runtime registration. P2 audit items (dual-provider guard, audit tail-truncation anchor, FM runtime test, count-docs reconciliation, app/FM CI, etc.) are a separate follow-up.