Harden Iris security boundaries#1
Merged
divshekhar merged 10 commits intoJun 17, 2026
Merged
Conversation
iris_inspect: component.name was required string but babel-plugin source data is absent when the plugin is not configured — made optional. iris_clock: ok field was required boolean but the browser side does not always return it — made optional. Both bugs surfaced during end-to-end stress testing against the demo app and caused MCP -32602 output validation errors on every call. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
The glow border, cursor tracking, and narration HUD now appear as soon as the demo app loads with Iris connected, without needing ?present in the URL. Add ?nopresent to suppress for clean screen recordings. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…arrate MCP validation - Transport: add onConnected callback, fires when WebSocket to bridge opens - iris.ts: call sessionStart() on onConnected so the glow border + HUD appear immediately when the agent connects, not only on the first tool call - iris_narrate handler: wrap result to include ok:true so MCP output schema validation passes (structuredContent must contain the required ok field) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
Caution Review failedThe pull request is closed. ℹ️ Recent review info⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Run ID: ⛔ Files ignored due to path filters (1)
📒 Files selected for processing (96)
📝 WalkthroughWalkthroughThis change adds an MCP proxy CLI flow, update-management tools, stricter browser and server transport/security checks, dangerous-action confirmation during actions and replay, revised session selection, broader integration and e2e coverage, and updated app wiring, docs, release notes, and workspace configuration. ChangesIris 0.5.0 platform changes
Sequence Diagram(s)sequenceDiagram
participant Client as MCP Client
participant CLI as iris mcp
participant Daemon as Iris Daemon
participant SSE as MCP SSE Session
Client->>CLI: launch stdio proxy
CLI->>Daemon: probe daemon port
alt daemon absent
CLI->>Daemon: spawn _daemon
CLI->>Daemon: wait for readiness
end
CLI->>SSE: open SSE connection
SSE-->>CLI: endpoint event
Client->>CLI: send JSON-RPC request
CLI->>SSE: POST request to session
SSE-->>CLI: message event
CLI-->>Client: write JSON-RPC response
Estimated code review effort🎯 5 (Critical) | ⏱️ ~110 minutes Poem
✨ Finishing Touches🧪 Generate unit tests (beta)
|
…root - iris mcp: auto-starts daemon if not running, proxies stdio↔SSE - New MCP tools: iris_version_info, iris_apply_update, iris_rollback - SKILL.md moved to repo root (was skill/SKILL.md) — shorter URL - Removed skill/README.md; skill/ directory cleaned up - README Installation section updated: skill-first flow, all 7 harness configs, URLs point to root SKILL.md - SKILL.md auto-detects setup vs test mode via .iris.json presence - Q6 (headed/headless), Q7 (harness selection) added to setup flow - .iris.json written after setup; dev:iris script added to demo app - All-throttled session auto-selection: picks freshest heartbeat instead of throwing - IRIS_TESTING_PORT = 4310 isolated from user dev port - iris mcp --drive <url> flag for Playwright-owned browser Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Contributor
|
Hi @karthiknagpuri , |
…iris into karthiknagpuri-codex/security-hardening # Conflicts: # packages/server/src/bridge.ts
The MCP SDK pulls hono transitively at 4.12.23, which is vulnerable to a high-severity CORS issue (wildcard origin reflected with credentials). Pin via pnpm override to 4.12.25 so `pnpm audit --audit-level high` passes. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
The presenter overlay (HUD + border glow) is mounted on the page when the SDK connects with present:true, and its activity log / border state change with every command. capturePage was including it, so a fresh screenshot of an unchanged page no longer matched its baseline — the e2e visual-test diff came back at ~1% (12k px) and tripped its maxRatio:0.01 gate on CI. Apply Playwright's per-shot `style` to hide [data-iris-overlay] and `animations: 'disabled'` so captures reflect the app, not Iris chrome. Same-page diff is now ratio=0, changed=0. Both real-input providers route through capturePage, so the fix is centralized. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Verification
Summary by CodeRabbit
New Features
Bug Fixes
Documentation
Chores