v5.1: 全面代码审查修复 — 安全加固 + 功能修复 + 测试补全 + 工程化

安全修复 (CRITICAL): - 启用 CSP (default-src 'self') - read_text_file 限制文件扩展名白名单 (.json/.csv/.txt) - capabilities 显式声明窗口权限 - profile 名校验增强 (null 字节/控制字符/长度限制) 功能修复 (HIGH): - AnalyzeDialog 重新打开时正确刷新数据 - UndoRedoButtons 订阅路径长度变化确保响应性 - 禁用状态持久化错误处理 (.catch → console.warn) - 硬编码中文全部迁移到 i18n (6 处) - PATH 长度检查改用 UTF-16 字符计数 - PATH 写入前 null 字节校验 - CLI export 拒绝写入系统目录 - savePaths 职责分离: window.confirm → Tauri ask() 对话框代码质量 (MEDIUM): - 导入路径统一过滤 (sanitize_paths: null 字节/分号/空白) - 原子写入 (atomic_write: disabled.json + profiles) - 验证缓存自动清理 (PathTable useEffect) - Scanner 线程错误处理改进 (.unwrap → .map_err) - Ctrl+F 去重 (移除 use-keyboard 重复处理) - Profile 路径列表 key 修复 (index → path) - 生产构建启用日志插件 (Warn 级别) - export_paths JSON 序列化改 expect 测试: - Rust: 35 → 48 测试 (+13) - Frontend: 80 → 85 测试 (+5) - Vitest 全局 jsdom + 覆盖率阈值 (80%) - 安装 @vitest/coverage-v8 + test:coverage 脚本 - 移除未使用的 @testing-library/jest-dom 工程化: - CI 添加 Cargo 缓存 (Swatinem/rust-cache@v2) - CI 添加 cargo fmt --check - tsconfig.test.json 覆盖测试文件类型检查 - cargo fmt 全量格式化 Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-06-29 09:55:56 +08:00 · 2026-05-29 23:17:27 +08:00
parent 5c73321ce6
commit cbf99f12fd
40 changed files with 937 additions and 324 deletions
@@ -45,7 +45,7 @@ interface AppState {
  redo: () => void;

  loadPaths: () => Promise<void>;
-  savePaths: () => Promise<void>;
+  savePaths: (force?: boolean) => Promise<boolean>;
  initialize: () => Promise<void>;

 }
@@ -248,7 +248,7 @@ export const useAppStore = create<AppState>((set, get) => {
    const sysDisabled = sys.filter(e => !e.enabled).map(e => e.path);
    const usrDisabled = usr.filter(e => !e.enabled).map(e => e.path);
    invoke('save_disabled_state', { system: sysDisabled, user: usrDisabled })
-      .catch(() => {});
+      .catch((e) => console.warn('保存禁用状态失败:', e));
  },

  undo: () => {
@@ -264,7 +264,7 @@ export const useAppStore = create<AppState>((set, get) => {
      invoke('save_disabled_state', {
        system: result[0].filter(e => !e.enabled).map(e => e.path),
        user: result[1].filter(e => !e.enabled).map(e => e.path),
-      }).catch(() => {});
+      }).catch((e) => console.warn('保存禁用状态失败:', e));
    }
  },

@@ -281,7 +281,7 @@ export const useAppStore = create<AppState>((set, get) => {
      invoke('save_disabled_state', {
        system: result[0].filter(e => !e.enabled).map(e => e.path),
        user: result[1].filter(e => !e.enabled).map(e => e.path),
-      }).catch(() => {});
+      }).catch((e) => console.warn('保存禁用状态失败:', e));
    }
  },

@@ -322,9 +322,9 @@ export const useAppStore = create<AppState>((set, get) => {
    }
  },

-  savePaths: async () => {
+  savePaths: async (force?: boolean) => {
    const state = get();
-    if (state.isSaving) return;
+    if (state.isSaving) return false;
    set({ isSaving: true, statusMessage: i18n.t('status.saving') });

    // 只保存 enabled 的路径到注册表
@@ -333,9 +333,11 @@ export const useAppStore = create<AppState>((set, get) => {
    const sysJoined = sysPaths.join(';');
    const userJoined = userPaths.join(';');

+    // 长度检查：非强制模式下返回警告，由 UI 层确认
    const { maxSystemLength, maxUserLength, maxCombinedLength } = appConfig.path;
-    if (sysJoined.length > maxSystemLength || userJoined.length > maxUserLength || (sysJoined + userJoined).length > maxCombinedLength) {
-      if (!window.confirm('PATH 长度超过建议值，是否继续保存？')) { set({ isSaving: false }); return; }
+    if (!force && (sysJoined.length > maxSystemLength || userJoined.length > maxUserLength || (sysJoined + userJoined).length > maxCombinedLength)) {
+      set({ isSaving: false, statusMessage: i18n.t('status.saveWarningLongPaths') });
+      return false;
    }

    // 备份当前注册表（保存前备份旧值，失败仅警告不中断）
@@ -357,12 +359,14 @@ export const useAppStore = create<AppState>((set, get) => {
      set({ isModified: false, isSaving: false,
        statusMessage: backupFailed ? i18n.t('status.saved_without_backup') : i18n.t('status.saved'),
        _savedSys: savedSys, _savedUser: savedUser });
+      return true;
    } else {
      const sysErr = (!sysOk && sysResult.status === 'rejected') ? String(sysResult.reason) : '';
      const usrErr = (!userOk && userResult.status === 'rejected') ? String(userResult.reason) : '';
      const parts = [sysErr, usrErr].filter(Boolean);
      const msg = sysOk ? '用户 PATH 保存失败' : userOk ? '系统 PATH 保存失败' : `保存失败: ${parts.join('; ')}`;
      set({ isSaving: false, statusMessage: msg });
+      return false;
    }
  },