marcoallegretti/WEFT_OS
marcoallegretti/WEFT_OS
1
0
Fork 0
mirror of https://github.com/marcoallegretti/WEFT_OS.git synced 2026-03-27 01:13:09 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat(pack): validate capability strings in check subcommand

Browse source 
check_package() now rejects any capabilities not in the known set:
  fs:rw:app-data, fs:read:app-data,
  fs:rw:xdg-documents, fs:read:xdg-documents

This keeps the manifest in sync with what resolve_preopens() in
weft-appd actually maps; unknown strings would otherwise silently
produce no preopens at runtime.
This commit is contained in:
Marco Allegretti 2026-03-11 18:33:05 +01:00
parent c9e1eb5075
commit bd348e0c3d
1 changed files with 12 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
crates/weft-pack/src/main.rs
View file

@ -188,6 +188,18 @@ fn check_package(dir: &Path) -> anyhow::Result<String> {
if !ui_path.exists() { if !ui_path.exists() {
errors.push(format!("ui.entry '{}' not found", ui_path.display())); errors.push(format!("ui.entry '{}' not found", ui_path.display()));
} }
const KNOWN_CAPS: &[&str] = &[
"fs:rw:app-data",
"fs:read:app-data",
"fs:rw:xdg-documents",
"fs:read:xdg-documents",
];
for cap in m.package.capabilities.iter().flatten() {
if !KNOWN_CAPS.contains(&cap.as_str()) {
errors.push(format!("unknown capability '{cap}'"));
}
}
} }
if errors.is_empty() { if errors.is_empty() {