security: add polyglot guard and full test coverage to pack endpoint
Audit findings addressed: - Add PolyglotObjectError exception class in musehub_wire.py - Add polyglot magic-bytes check to wire_push_object_pack (same guard as wire_push) — HTML/JS and extension-mismatched content rejected with 422 before any storage write - Add PolyglotObjectError catch in push_object_pack route handler → 422
New tests (19 pack tests total, up from 11): - test_push_object_pack_rejects_polyglot_file (.py with HTML content) - test_push_object_pack_empty_pack (stored=0, skipped=0 no-op) - test_push_object_pack_exact_object_limit (1000 objects boundary) - test_push_object_pack_cross_repo_dedup (global SHA-256 dedup confirmed) - test_push_object_pack_concurrent_overlapping_objects (race-safe idempotency) - test_push_object_pack_admin_collaborator_allowed (admin permission) - test_push_object_pack_read_collaborator_rejected (read permission blocked) - test_push_object_pack_non_html_extension_allowed (unknown ext pass-through)
All 107 wire protocol tests pass.
0 comments
muse hub commit comment sha256:41d4cbdc09b93fd1698cffb7577ba3d6fc3c1d42a4442ac75d3f6d2167e7c422 --body "your comment"
No comments yet. Be the first to start the discussion.