-
Notifications
You must be signed in to change notification settings - Fork 10.9k
Open
Labels
coreAnything pertaining to core functionality of the application (opencode server stuff)Anything pertaining to core functionality of the application (opencode server stuff)
Description
The problem
There is a failing unit test in test/tool/write.test.ts called sets file permissions when writing sensitive data. The WriteTool currently writes all files with default permissions and does not restrict access to 0o644 or 0o600 when creating or editing sensitive files like .env or sensitive.json.
Steps to reproduce
Run bun test test/tool/write.test.ts on unix.
Expected behavior
The test should pass and files ending in .env, .env.local, or sensitive.json should receive restricted read/write permissions for security.
Reactions are currently unavailable
Metadata
Metadata
Assignees
Labels
coreAnything pertaining to core functionality of the application (opencode server stuff)Anything pertaining to core functionality of the application (opencode server stuff)