logs.gokuls.in

April 1, 2026

2 pull requests merged across 1 repo

bahdotsh/wrkflw

fix: resolve correctness, security, and parsing bugs across codebase

Comprehensive bug fix pass addressing correctness, security, and parsing issues discovered during full codebase verification.

Key fixes:

  • Security (critical): Fix AES-GCM nonce reuse in EncryptedSecretStore — each secret now gets a unique random nonce prepended to its ciphertext
  • Executor: Implement continue-on-error and step-level if condition support, fix hardcoded show_action_messages flag, replace inline regex hacks with proper substitution::process_step_run, skip symlinks during directory copy, validate volume host paths for traversal
  • Parser: Add Strategy wrapper to correctly model GitHub Actions strategy.matrix structure, add new Step fields (if, id, working-directory, shell, timeout-minutes, continue-on-error)
  • Models: Handle GitLab script/before_script/after_script as string-or-vec, coerce variable values to strings, add CacheKey enum, fix Rule.if serde rename, add needs/interruptible/reports/default fields
  • Validators: Fix reusable workflow reference validation logic (||&&), add proper cron syntax validation, add cyclic needs detection via DFS, fix GitLab artifact validation for reports-only artifacts
  • GitHub/GitLab: Fix default branch detection to use remote HEAD, replace curl shell-out with reqwest
  • UI: Fix Box::leak memory leak in status bar, fix unsafe string slicing in workflow path display, wire show_action_messages through TUI
  • CLI: Remove dead if true block, fix validate_github_workflow to call evaluator directly, handle read_dir errors gracefully

Breaking change: EncryptedSecretStore serialization format changed (nonce field removed). See BREAKING_CHANGES.md.

Test plan

  • cargo check passes
  • cargo clippy passes with no warnings
  • cargo fmt produces no changes
  • All 159 tests pass, including 19 new tests:
  • Matrix include/exclude merge semantics (5 tests)
  • Step condition evaluation for unsupported expressions (6 tests)
  • Volume path traversal edge cases (2 tests)
  • Continue-on-error and step-level if parsing (1 test)
  • Per-secret unique nonce verification (1 test)
  • Cyclic needs detection (1 test)
  • Cron syntax validation (7 tests)
  • Strategy/matrix parsing (1 test)
  • Step field parsing (1 test)
fix: correct multiple bugs found during full codebase review
  • Docker build_image_inner mtime bug: Used .elapsed() instead of .duration_since(UNIX_EPOCH) — tar timestamps were "seconds since modification" instead of actual Unix timestamps
  • Docker logs() missing options: Was passing None for log options, not explicitly requesting stdout/stderr streams
  • Emulation runtime exit code inconsistency: Returned Err on non-zero exit codes (swallowing stdout/stderr), while Docker/Podman return Ok with the exit code — engine already handles non-zero in the Ok path
  • UI previous_job() missing bounds check: next_job() had a .filter() guard against stale indices, previous_job() did not — potential panic
  • Log processor UTF-8 safety: String slicing without is_char_boundary() checks could panic on multi-byte characters
  • Step validation logic error: Steps with only name (no uses or run) incorrectly passed validation
  • main.rs panic on directory read: .expect() calls replaced with proper error handling

Test plan

  • All 134 existing tests pass
  • Clippy clean (no new warnings)
  • Full workspace build succeeds
  • Manual: run wrkflw validate on a directory with restricted permissions
  • Manual: run a workflow in emulation mode with a failing step — verify stdout/stderr preserved
  • Manual: navigate job list in TUI with stale workflow state