Commit 27e301f
committed
fix: address Copilot review 4 on PR #7
Four follow-ups from the fourth pass:
1. Validate --port: reject non-numeric, out-of-range (<1, >65535),
and trailing-garbage values at parse time. parseInt('abc') was
silently producing NaN, which then propagated to JSS as
`--port NaN` and crashed the server with a confusing error.
2. Validate the persisted JWT secret on read. If <root>/.token-secret
exists but is empty / whitespace-only / too short (<32 chars), warn
and regenerate rather than silently weakening signing. Empty file
could happen via a botched edit, a failed `cp`, or a partial write.
3. Differentiate the LAN-exposure warning based on whether the
password is env-supplied. Previously the warning always claimed
the server was exposing "well-known me/me credentials," even when
the user had supplied a strong password via env — a false statement
and a confusing one. Now: default rung-1 keeps the original
well-known-credentials wording; env-supplied gets a more neutral
"exposes single-user sign-in" warning that suggests strong-password
discipline and HTTPS for production.
4. Stop re-exposing the env-supplied password on the JSS subprocess
argv. `ps`, service-manager logs, and other local users could read
what we'd carefully hidden from the banner. The fix: pass
`--single-user-password` on argv only when it's the literal
rung-1 placeholder ('me' has no secrecy property). For env-
supplied passwords, JSS picks up JSS_SINGLE_USER_PASSWORD from
process.env directly (already inherited from jspod's env spread).
Verified via `ps` — JSS argv now: `--port ... --host ... --root
... --notifications --conneg --no-multiuser --single-user --idp`,
no password.
Refs #1 #3 #61 parent 8de8cbd commit 27e301f
1 file changed
Lines changed: 44 additions & 7 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
72 | 72 | | |
73 | 73 | | |
74 | 74 | | |
75 | | - | |
| 75 | + | |
| 76 | + | |
| 77 | + | |
| 78 | + | |
| 79 | + | |
| 80 | + | |
| 81 | + | |
| 82 | + | |
| 83 | + | |
| 84 | + | |
| 85 | + | |
76 | 86 | | |
77 | 87 | | |
78 | 88 | | |
| |||
156 | 166 | | |
157 | 167 | | |
158 | 168 | | |
159 | | - | |
| 169 | + | |
| 170 | + | |
| 171 | + | |
| 172 | + | |
| 173 | + | |
| 174 | + | |
| 175 | + | |
| 176 | + | |
160 | 177 | | |
161 | 178 | | |
162 | 179 | | |
| |||
221 | 238 | | |
222 | 239 | | |
223 | 240 | | |
224 | | - | |
225 | | - | |
226 | | - | |
227 | | - | |
| 241 | + | |
| 242 | + | |
| 243 | + | |
| 244 | + | |
| 245 | + | |
| 246 | + | |
| 247 | + | |
| 248 | + | |
| 249 | + | |
| 250 | + | |
| 251 | + | |
| 252 | + | |
| 253 | + | |
| 254 | + | |
| 255 | + | |
228 | 256 | | |
229 | 257 | | |
230 | 258 | | |
| |||
263 | 291 | | |
264 | 292 | | |
265 | 293 | | |
266 | | - | |
| 294 | + | |
| 295 | + | |
| 296 | + | |
| 297 | + | |
| 298 | + | |
| 299 | + | |
| 300 | + | |
| 301 | + | |
| 302 | + | |
| 303 | + | |
267 | 304 | | |
268 | 305 | | |
269 | 306 | | |
| |||
0 commit comments