Pandipipas/scoreko-electron-dev
1
0
Fork 0
mirror of https://github.com/Pandipipas/scoreko-electron-dev.git synced 2026-06-06 05:32:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: Enhance NodeCG process management and add IPC security tests

Browse Source
This commit is contained in:
Pandipipas
2026-05-24 22:13:04 +02:00
parent 2e1d3a170c
commit 54ab1fcb9f
5 changed files with 260 additions and 53 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docs/refactor/PHASE_2_SUMMARY.md
+79
View File
@@ -0,0 +1,79 @@
# Phase 2 Summary
## Scope
Executed the IPC and process-management phase only.
Documentation used as source of truth:
- `docs/refactor/ARCHITECTURE_AUDIT.md`
- `docs/refactor/ARCHITECTURE_RULES.md`
- `docs/refactor/TARGET_ARCHITECTURE.md`
- `docs/refactor/MIGRATION_PLAN.md`
- `docs/refactor/SESSION_HANDOFF.md`
## IPC And Preload Decision
No IPC or preload layer was added.
This is intentional. The current architecture defines a zero-surface IPC model as the secure target because there is no custom renderer and no product requirement for desktop APIs to cross into web content.
To make that decision enforceable, a regression test now scans `src/main` and fails if main-process source introduces:
- `ipcMain`
- `ipcRenderer`
- `contextBridge`
- `preload`
## Process Management Changes
- Narrowed `NodecgProcessManager` so `startNodecgProcess` no longer returns the raw `ChildProcess`.
- Removed the public internal `getProcess` escape hatch from `NodecgProcessManager`.
- Added explicit NodeCG process states:
- `idle`
- `starting`
- `running`
- `stopping`
- `stopped`
- `failed`
- Added `getState` as the narrow observable process-management API.
- Made NodeCG startup idempotent while an async startup is already in progress.
- Prevented new startup while process shutdown is in progress.
- Preserved process-tree termination through `platform-process-killer.ts`.
- Preserved `ELECTRON_RUN_AS_NODE`, `shell: false`, `windowsHide: true`, and detached POSIX process-group behavior.
## Security Notes
- No raw Electron IPC APIs are imported in production source.
- No preload script is configured or exposed.
- No renderer/main business logic boundary was added.
- No filesystem, process, shell, or update primitives were exposed to web content.
- BrowserWindow security settings from Phase 1 remain unchanged.
## Verification
Commands run successfully:
```text
npm run typecheck
npm test
npm run lint
```
Current test result:
```text
55 tests passing
```
Additional sanity search:
```text
rg -n "ipcMain|ipcRenderer|contextBridge|preload|nodeIntegration:\s*true|webSecurity:\s*false|\bany\b" src/main src/tests
```
Result:
- No production IPC or preload surface exists.
- No unsafe Electron settings were introduced.
- Remaining IPC/preload string matches are limited to the regression test that guards the zero-surface policy.