Context
Implements safety invariants S1-S14. Centralises all destructive operations in Remover, enforces GlobalDenyList, TOCTOU atomicity, input-validation grammars, output sanitisation. XL scope — decomposed into 8 child tasks.
Goals
Remover actor — single destructive path (S1).TrashService through FileManager.trashItem in DevsweepCorePrivate.GlobalDenyList static and comprehensive (S2).- TOCTOU re-validation via
openat O_NOFOLLOW + unlinkat (S4).
displaySafe sanitisation (S9).- Input-validation grammars (S14).
--allow-danger argv-only + non-TTY abort (S12).SymlinkPolicy enforcement (S3).
Child tasks
Will be added as sub-issues after task batch.
Exit criteria
- All AC covering S1-S14 pass.
Related documents
- Research report §Safety engineering S1-S14
Context
Implements safety invariants S1-S14. Centralises all destructive operations in
Remover, enforcesGlobalDenyList, TOCTOU atomicity, input-validation grammars, output sanitisation. XL scope — decomposed into 8 child tasks.Goals
Removeractor — single destructive path (S1).TrashServicethroughFileManager.trashIteminDevsweepCorePrivate.GlobalDenyListstatic and comprehensive (S2).openat O_NOFOLLOW+unlinkat(S4).displaySafesanitisation (S9).--allow-dangerargv-only + non-TTY abort (S12).SymlinkPolicyenforcement (S3).Child tasks
Will be added as sub-issues after task batch.
Exit criteria
Related documents