Skip to content

feat(install): add Swival auto-registration#83

Open
jedisct1 wants to merge 2 commits intojustrach:mainfrom
dip-proto:swival
Open

feat(install): add Swival auto-registration#83
jedisct1 wants to merge 2 commits intojustrach:mainfrom
dip-proto:swival

Conversation

@jedisct1
Copy link
Copy Markdown

@jedisct1 jedisct1 commented Apr 1, 2026

If a Swival config is found, automatically register codedb there.

@jedisct1
feat(install): add Swival auto-registration
17d7af8 
If a Swival config is found, automatically register codedb there.
@justrach
Copy link
Copy Markdown
Owner

justrach commented Apr 1, 2026

@codex review this PR for security issues — specifically the install script changes in register_swival(). Check for injection risks, file permission issues, or anything that could be exploited.

chatgpt-codex-connector[bot]
chatgpt-codex-connector bot reviewed Apr 1, 2026
View reviewed changes
Copy link
Copy Markdown

@chatgpt-codex-connector chatgpt-codex-connector bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 17d7af88b6

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

justrach
justrach requested changes Apr 11, 2026
View reviewed changes
Copy link
Copy Markdown
Owner

@justrach justrach left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the Swival integration work.

Before merge I still want the two install-script hardening fixes from the review thread:

  • escape or otherwise safely serialize codedb_bin before writing it into the TOML command field
  • create/update the Swival config with restrictive permissions instead of relying on the default umask-derived mode

I know similar raw writes exist elsewhere, but this PR is extending installer registration in a security-sensitive path, so I do not want to add another unescaped write or broad-permission config creation here. Once those two points are addressed, please tag @codex review again.

@jedisct1
Copy link
Copy Markdown
Author

jedisct1 commented Apr 11, 2026

@codex review

@chatgpt-codex-connector
Copy link
Copy Markdown

chatgpt-codex-connector bot commented Apr 11, 2026

Codex Review: Didn't find any major issues. Already looking forward to the next diff.

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

@jedisct1
Copy link
Copy Markdown
Author

jedisct1 commented Apr 11, 2026

Thank you @justrach !

I wanted to stay consistent with the existing code, but indeed, this is not a good direction.

Your suggestions have been applied.

Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chatgpt-codex-connector chatgpt-codex-connector[bot] chatgpt-codex-connector[bot] left review comments

@justrach justrach justrach requested changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jedisct1 @justrach