C.J. Winslow
58f7b7638a
Security: add per-wrapper IDs to untrusted-content markers ( #19009 )
...
Fixes #10927
Adds unique per-wrapper IDs to external-content boundary markers to
prevent spoofing attacks where malicious content could inject fake
marker boundaries.
- Generate random 16-char hex ID per wrap operation
- Start/end markers share the same ID for pairing
- Sanitizer strips markers with or without IDs (handles legacy + spoofed)
- Added test for attacker-injected markers with fake IDs
Co-authored-by: Vincent Koc <vincentkoc@ieee.org >
2026-02-21 01:16:02 -05:00
Peter Steinberger
5f12334761
refactor: dedupe image, web, and auth profile test fixtures
2026-02-18 04:04:14 +00:00
Seb Slight
f44e3b2a34
revert: fix models set catalog validation ( #19194 )
...
Merged via /review-pr -> /prepare-pr -> /merge-pr.
Prepared head SHA: 7e3b2ff7afe052097c4414fc64d7e66191e8fcc3
Co-authored-by: sebslight <19554889+sebslight@users.noreply.github.com >
Co-authored-by: sebslight <19554889+sebslight@users.noreply.github.com >
Reviewed-by: @sebslight
2026-02-17 09:43:41 -05:00
Sebastian
cc359d338e
test: add fetch mock helper and reaction coverage
2026-02-17 09:02:39 -05:00
cpojer
b6d4f7c00e
chore: Fix types in tests 5/N.
2026-02-17 10:57:31 +09:00
Peter Steinberger
b0035a1e49
refactor(test): table-drive web tool defaults checks
2026-02-16 18:31:27 +00:00
Peter Steinberger
f717a13039
refactor(agent): dedupe harness and command workflows
2026-02-16 14:59:30 +00:00
青雲
89fa93ed75
feat: support freshness parameter for Perplexity web_search provider ( #15343 )
...
Merged via /review-pr -> /prepare-pr -> /merge-pr.
Prepared head SHA: 01aba2bfba053c028f62970dcd153b19d00c5e3b
Co-authored-by: echoVic <16428813+echoVic@users.noreply.github.com >
Co-authored-by: sebslight <19554889+sebslight@users.noreply.github.com >
Reviewed-by: @sebslight
2026-02-13 22:18:16 -05:00
Peter Steinberger
9131b22a28
test: migrate suites to e2e coverage layout
2026-02-13 14:28:22 +00:00
