jason/mempalace
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore: clarify security guardrails

Browse Source 
Agent-Logs-Url: https://github.com/MemPalace/mempalace/sessions/775f2fc4-3051-462e-8586-6d694b55da0d

Co-authored-by: igorls <4753812+igorls@users.noreply.github.com>
This commit is contained in:
copilot-swe-agent[bot]
2026-04-12 22:27:40 +00:00
committed by Igor Lins e Silva
parent b1a676fa24
commit c383523768
3 changed files with 6 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
mempalace/cli.py
+1 -1
View File
@@ -228,7 +228,7 @@ def cmd_repair(args):
if os.path.exists(backup_path): if os.path.exists(backup_path):
if not contains_palace_database(backup_path): if not contains_palace_database(backup_path):
print( print(
" Cannot proceed: backup path exists but does not contain chroma.sqlite3. " " Backup validation failed: backup path exists but does not contain chroma.sqlite3. "
f"Please remove or rename: {backup_path}" f"Please remove or rename: {backup_path}"
) )
return return
mempalace/query_sanitizer.py
+4 -3
View File
@@ -27,6 +27,7 @@ logger = logging.getLogger("mempalace_mcp")
MAX_QUERY_LENGTH = 250 # Above this, prompt contamination increasingly dominates MAX_QUERY_LENGTH = 250 # Above this, prompt contamination increasingly dominates
SAFE_QUERY_LENGTH = 200 # Below this, query is almost certainly clean SAFE_QUERY_LENGTH = 200 # Below this, query is almost certainly clean
MIN_QUERY_LENGTH = 10 # Extracted result shorter than this = extraction failed MIN_QUERY_LENGTH = 10 # Extracted result shorter than this = extraction failed
QUOTE_CHARS = {"'", '"'}
# Sentence splitter: split on . ! ? (including fullwidth) and newlines # Sentence splitter: split on . ! ? (including fullwidth) and newlines
_SENTENCE_SPLIT = re.compile(r"[.!?。!?\n]+") _SENTENCE_SPLIT = re.compile(r"[.!?。!?\n]+")
@@ -69,13 +70,13 @@ def sanitize_query(raw_query: str) -> dict:
def _strip_wrapping_quotes(candidate: str) -> str: def _strip_wrapping_quotes(candidate: str) -> str:
candidate = candidate.strip() candidate = candidate.strip()
while len(candidate) >= 2 and candidate[:1] in {"'", '"'} and candidate[-1:] in {"'", '"'}: while len(candidate) >= 2 and candidate[:1] in QUOTE_CHARS and candidate[-1:] in QUOTE_CHARS:
candidate = candidate[1:-1].strip() candidate = candidate[1:-1].strip()
if not candidate: if not candidate:
return "" return ""
if candidate[:1] in {"'", '"'}: if candidate[:1] in QUOTE_CHARS:
candidate = candidate[1:].strip() candidate = candidate[1:].strip()
if candidate[-1:] in {"'", '"'}: if candidate[-1:] in QUOTE_CHARS:
candidate = candidate[:-1].strip() candidate = candidate[:-1].strip()
return candidate return candidate
tests/test_migrate.py
+1
View File
@@ -20,6 +20,7 @@ def test_migrate_requires_palace_database(tmp_path, capsys):
def test_migrate_aborts_without_confirmation(tmp_path, capsys): def test_migrate_aborts_without_confirmation(tmp_path, capsys):
palace_dir = tmp_path / "palace" palace_dir = tmp_path / "palace"
palace_dir.mkdir() palace_dir.mkdir()
# Presence of chroma.sqlite3 is the safety gate; validity is mocked below.
(palace_dir / "chroma.sqlite3").write_text("db") (palace_dir / "chroma.sqlite3").write_text("db")
mock_chromadb = SimpleNamespace( mock_chromadb = SimpleNamespace(