jester/zlh-grind
1
0
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases Wiki Activity

consolidation pass: replace CONSTRAINTS with current guardrails

Browse Source
This commit is contained in:
jester 2026-03-01 23:29:19 +00:00
parent 160cecd2a8
commit fe2a6d1ffc
1 changed files with 22 additions and 68 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

90
CONSTRAINTS.md
View File

@ -33,113 +33,67 @@ All paths:
Uploads write directly to runtime. Uploads write directly to runtime.
No: No:
- Staging folders - staging folders
- Symlink injection - symlink injection
- Delayed deployment - delayed deployment
--- ---
## 4. Metadata Is Hidden ## 4. Metadata Is Hidden
`.zlh_metadata.json` and `.zlh-shadow` must never be exposed via file APIs. `.zlh_metadata.json`
`.zlh-shadow`
Filtered centrally inside the agent `internal/files` package, not in route handlers. Must never be exposed via file APIs.
--- ---
## 5. Upload Allowlist Only ## 5. Upload Allowlist Only
Only: Only:
- `mods/*.jar` - `mods/*.jar`
- `world/datapacks/*.zip` - `world/datapacks/*.zip`
Anything else → `403`. Anything else → 403.
--- ---
## 6. Delete Is Strictly Constrained ## 6. Delete Is Strictly Constrained
No recursive delete. No directory delete. One-level file only. No recursive delete.
No directory delete.
Allowed paths: One-level file only.
- `mods-removed/<file>`
- `mods-uploaded/<file>`
- `logs/<file>.log`
- `logs/<file>.log.gz`
--- ---
## 7. No Curated Inference ## 7. No Curated Inference
If metadata does not exist → `source: null` If metadata does not exist:
- `source: null`
Do not assume curated status from filename or path. Do not assume curated status.
--- ---
## 8. Upload Transport ## 8. Upload Transport
API upload must: API upload must:
- Stream via raw `http.request` piping - Stream
- Not buffer entire file in memory - Not buffer entire file
- Not use `fetch()` streaming - Not use fetch streaming
- Not re-implement upload policy (agent enforces) - Use raw piping
--- ---
## 9. Timeouts ## 9. Timeouts
Upload route must use extended timeout. Other file routes remain short. Upload route must use extended timeout.
Other file routes remain short.
--- ---
## 10. Portal Does Not Enforce Security ## 10. Portal Does Not Enforce Security
Portal may validate for UX (extension pre-check, size warning). Agent enforces real policy. Portal may validate for UX.
Agent enforces real policy.
---
## 11. Frontend Cannot Reach Agents Directly
All agent access flows through API. Container IPs are internal-only (`10.x` network). No CORS headers on agents.
```
Frontend → API → Agent ✅
Frontend → Agent ❌
```
---
## 12. Authentication
- JWT tokens issued by API only
- No cookies for auth
- No CSRF tokens
- No APIv1 or Pterodactyl auth patterns
- Portal stores tokens client-side (`sessionStorage`)
---
## 13. Console Must Remain PTY-Backed
- PTY-backed
- Agent-owned
- WebSocket-based
- Full duplex (input + output)
Disallowed:
- Log tailing as "console"
- Exec-per-command models
- Frontend-owned processes
- Proxmox console passthrough
---
## Enforcement
If a change violates these constraints:
- The change must be reverted
- The documentation takes precedence
- AI tools must be corrected
These constraints override convenience.