Fix Open Knowledge on Windows. Filesystem paths are now compared and…#249
Merged
Conversation
…k (PRD-7140) (#2007)
* fix(open-knowledge): make Windows file/folder ops + skill install work (PRD-7140)
On Windows, `path.resolve()`/`realpath()`/`readdir()` return backslash-separated
absolute paths, but several server paths mixed those with a hardcoded POSIX `/`.
The result: "New file" failed with "path must not escape content directory",
"New folder" was created on disk then vanished from the tree
(`refusing symlink-escape …kb/asdf -> …kb\asdf`), and `relative()` results used
as docNames carried `\`, breaking the file tree, backlinks, tags, and sync.
Fixes, all server-side (clients already send POSIX over the wire):
- New `packages/server/src/path-utils.ts` with separator-independent helpers
`isWithinDir(child, parent)` and `toPosix(p)`. Both normalize to `/` first, so
they are correct on Windows (and for mixed separators) AND unit-testable on a
POSIX runner with `C:\…` literals.
- Containment checks that hardcoded `${dir}/` now use `isWithinDir` (api-extension
`safeSubdir`/showAll/create-page/`resolveDocPath`, server-factory, persistence,
conflict-storage). `persistence.isWithinContentDir` delegates to `isWithinDir`.
- Filesystem paths built as `${absDir}/${name}` now use `path.join` (the showAll
walk root + symlink-escape probe sites from the bug report).
- `relative(contentDir, abs)` results that become docNames / map keys / response
fields are normalized with `toPosix` (file-watcher, sync-engine, content-filter
ignore-prefix, backlink-index, tag-index, conflict-lifecycle-seed, asset-walk,
api-extension upload + symlink targets, server-factory conflict docName).
- `ok init` skill install: `runSpawn` now spawns `npx` with `shell:true` on
Windows (where `npx` resolves to `npx.cmd`, which Node cannot exec without a
shell — CVE-2024-27980), quoting whitespace-bearing args. `platform` is an
injectable seam so the win32 branch is unit-tested off-Windows.
Tests: path-utils.test.ts (win32 + posix, incl. the PRD-7140 regression path);
skill-install.test.ts asserts shell:true on win32 and the arg quoting.
Verified with `bun run check` (green) and the full server suite (0 fail). Windows
end-to-end (ok init, New file/folder, file tree) verified manually by the author.
Deferred to follow-ups: the cursor `.cmd` spawn (routes through the
security-hardened `spawnDetached` with a user-supplied path) and CRLF handling.
Claude-Session: https://claude.ai/code/session_01R8SAre7qWaqwXqZwaRBMQg
* chore(open-knowledge): regen ng-anchors catalog (pre-existing test-count drift)
The committed catalog's testFileCount lagged a prior app/tests addition; turbo
hashes only src/** for the `test` task, so CI cache-replays green while a cold
local `bun run check` fails the freshness gate. Regenerated so the local gate is
green. Unrelated to PRD-7140; durable fix is widening the turbo test inputs.
Claude-Session: https://claude.ai/code/session_01R8SAre7qWaqwXqZwaRBMQg
---------
GitOrigin-RevId: 1284c861d7ad982df796c57d2f124b409ad4a351
* fix(open-knowledge): polish docs OpenGraph cards and metadata Default OG card now matches the hero headline via a shared SITE_HEADLINE constant, drops the stretched wordmark (correct viewBox ratio) and the blue scribble, and reserves a bottom safe-area so platform title chips (X/iMessage/Slack) don't overlap the text. Adds a blue uppercase eyebrow to all three cards (OPEN SOURCE / DOCS / SHARED), and the share card's branch row uses the git-branch icon with a muted color. Metadata fixes: add og:site_name and twitter:site/creator (@openknowledgeai) to doc + share routes (Next shallow-replaces openGraph/twitter, so the root values were dropped), and normalize descriptions via metaDescription (fallback when empty, clamp when long). Share pages now carry a real "Open <name> with Open Knowledge" description instead of a too-short stub. * fix(open-knowledge): drop unused DESCRIPTION_MAX export (knip) DESCRIPTION_MAX is only referenced inside site.ts; exporting it tripped the knip unused-exports check in CI lint. Make it module-private. * fix(open-knowledge): address OG metadata review feedback - Add tests for metaDescription() (fallback/passthrough/truncation/word-boundary) and buildShareDescription() (doc/folder × default/non-default branch). - buildShareDescription + share OG alt now derive the product name from SITE_NAME instead of hardcoding "Open Knowledge". - Move buildShareDescription below buildSplashViewModel so the latter's JSDoc is no longer orphaned. - Root layout normalizes its description through metaDescription() for parity with child routes (no-op today; prevents a future split world). --------- GitOrigin-RevId: 94f9c8a75901060442227845a0b8fbff29b67eec
![inkeep-internal-ci[bot]](https://avatars.githubusercontent.com/u/123133689?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Automated approval from agents-private public-mirror-sync (run: https://github.com/inkeep/agents-private/actions/runs/28116186497). Source of truth is the monorepo; direct edits on inkeep/open-knowledge are overwritten on next sync.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fix Open Knowledge on Windows. Filesystem paths are now compared and normalized in a separator-correct way, so creating a new file or folder no longer fails with "path must not escape content directory" or silently vanishes from the tree, and the file tree, backlinks, tags, and sync no longer break on backslash-separated paths.
ok initalso installs the agent skill reliably now that thenpxsubprocess is spawned through a shell on Windows (wherenpxresolves tonpx.cmd).