nevaforget
64f08d7e8b
Security: - Fix path traversal in _save/_load_last_session by rejecting usernames starting with dot (blocks '..' and hidden file creation) - Add avatar file size limit (10 MB) to prevent DoS via large ~/.face - Add session_name length validation on write (symmetric with read) - Add payload size check to send_message (symmetric with recv_message) - Set log level to INFO in production (was DEBUG) Quality: - Eliminate main-thread blocking on user switch: _cancel_pending_session now sets a cancellation event and closes the socket instead of doing blocking IPC. The login worker checks the event after each step. - Move power actions (reboot/shutdown) to background threads - Catch TimeoutExpired in addition to CalledProcessError for power actions - Consolidate socket cleanup in _login_worker via finally block, remove redundant _close_greetd_sock calls from error callbacks - Fix _select_initial_user to return False for GLib.idle_add deregistration - Fix context manager leak in resolve_wallpaper_path on exception - Pass Config object to GreeterWindow instead of loading it twice
31 lines
572 B
TOML
31 lines
572 B
TOML
[build-system]
|
|
requires = ["hatchling"]
|
|
build-backend = "hatchling.build"
|
|
|
|
[project]
|
|
name = "moongreet"
|
|
version = "0.2.0"
|
|
description = "A greetd greeter for Wayland with GTK4"
|
|
requires-python = ">=3.11"
|
|
license = "MIT"
|
|
dependencies = [
|
|
"PyGObject>=3.46",
|
|
]
|
|
|
|
[project.scripts]
|
|
moongreet = "moongreet.main:main"
|
|
|
|
[tool.hatch.build.targets.wheel]
|
|
packages = ["src/moongreet"]
|
|
|
|
[tool.pytest.ini_options]
|
|
testpaths = ["tests"]
|
|
pythonpath = ["src"]
|
|
|
|
[tool.pyright]
|
|
pythonVersion = "3.11"
|
|
pythonPlatform = "Linux"
|
|
venvPath = "."
|
|
venv = ".venv"
|
|
typeCheckingMode = "standard"
|