Skip to content

[Portal] Use .exe build for windows device agent instead of zip file #1766

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[Portal] Use .exe build for windows device agent instead of zip file #1766

wants to merge 1 commit into from
+20 −99

Conversation

@github-actions
Copy link
Contributor

@github-actions github-actions bot commented Nov 18, 2025

This is an automated pull request to merge chas/update-window-build into dev.
It was created by the [Auto Pull Request] action.
@comp-ai-code-review
Copy link

comp-ai-code-review bot commented Nov 18, 2025
edited
Loading

🔒 Comp AI - Security Review

🔴 Risk Level: HIGH

OSV scan found 3 NPM advisories: xlsx (GHSA-4r6h-8v6p-xvw6 prototype pollution, GHSA-5pgg-2g8v-p4x9 ReDoS) and ai (GHSA-rwvc-j5jr-mgvh filetype whitelist bypass).

📦 Dependency Vulnerabilities

🟠 NPM Packages (HIGH)

Risk Score: 8/10 | Summary: 2 high, 1 low CVEs found

Package Version CVE Severity CVSS Summary Fixed In
xlsx 0.18.5 GHSA-4r6h-8v6p-xvw6 HIGH N/A Prototype Pollution in sheetJS No fix yet
xlsx 0.18.5 GHSA-5pgg-2g8v-p4x9 HIGH N/A SheetJS Regular Expression Denial of Service (ReDoS) No fix yet
ai 5.0.0 GHSA-rwvc-j5jr-mgvh LOW N/A Vercel’s AI SDK's filetype whitelists can be bypassed when uploading files 5.0.52

🛡️ Code Security Analysis

View 2 file(s) with issues

🟡 apps/portal/src/app/(app)/(home)/[orgId]/components/tasks/DeviceAgentAccordionItem.tsx (MEDIUM Risk)

# Issue Risk Level
1 Unvalidated member orgId/employeeId sent to token API MEDIUM
2 User-controlled detectedOS used in download URL MEDIUM
3 Download token placed in URL query string (leaks via referrer/logs) MEDIUM
4 Token request endpoint may be CSRF-prone (POST without CSRF token) MEDIUM
5 Client can tamper detectedOS via DOM/requests to request arbitrary os MEDIUM

Recommendations:

  1. Validate and authorize orgId and employeeId server-side: never trust client-supplied orgId/employeeId for authorizing token issuance. Verify the requester identity (session/auth token) and that the authenticated user is permitted to request a token for the given orgId/employeeId.
  2. Whitelist/validate 'os' on the server: accept only a strict set of expected values (e.g., 'macos', 'macos-intel', 'windows') and reject or normalize anything else. Perform server-side mapping of OS to artifact rather than relying on client input.
  3. Avoid placing secrets/tokens in URL query strings: return the installer via an authenticated endpoint that uses Authorization header or a POST body to carry ephemeral tokens, or perform the download as a direct response from a server endpoint that validates the token in headers/cookies.
  4. Use short-lived, single-use tokens and mark them server-side as used after consumption. Consider binding token to client/session and to a specific artifact (OS) and IP/user-agent if appropriate so replay is prevented.
  5. Enforce CSRF protections on the token-issuing endpoint: require same-site cookies, CSRF tokens, or use authorization headers (Bearer tokens) for authenticated API calls so cross-site POSTs cannot silently obtain download tokens.
  6. Ensure transport and storage protections: issue token only over HTTPS; do not log tokens in server logs; set proper Content-Disposition and Content-Type when serving binaries; and avoid referrer leaks by using rel='noreferrer' or using window.location.href to navigate to a short-lived server endpoint that issues the file securely.
  7. Server-side authorization checks for download flow: confirm the authenticated user actually has access to request the agent for the provided employee or organization, and check host/device linking permissions before issuing tokens.

🔴 apps/portal/src/app/api/download-agent/route.ts (HIGH Risk)

# Issue Risk Level
1 Download token in URL may leak via referrer, browser history, or logs HIGH
2 No rate limiting on token checks enables brute-force token guessing HIGH
3 Token deleted immediately after KV read; failed delivery causes denial of service HIGH
4 Token not validated or bound to user/IP/session HIGH
5 Different HTTP statuses leak token validity (403 vs 400) HIGH
6 No file size/stream limits—large objects may exhaust resources HIGH
7 Error logging may include sensitive stack/metadata HIGH

Recommendations:

  1. Avoid placing one-time tokens in query parameters. Issue short-lived, signed S3 URLs (pre-signed GET) or require the token in an Authorization header or request body to reduce leakage via referrers and browser history.
  2. Add brute-force protections and rate limiting for this endpoint (per-IP and per-token throttling, exponential backoff, CAPTCHA for abused flows, or request counters in KV).
  3. Do not delete the token immediately after KV.get(). Use atomic single-use semantics only after successful delivery. Options: (a) mark token as 'in-progress' and delete after successful streaming completion; (b) issue a signed S3 URL and only invalidate the KV entry after client reports success; (c) use conditional KV operations with state transitions to avoid losing token on transient failures.
  4. Bind tokens to a user/session or client context (user ID, account, or originating IP fingerprint) and validate that context before serving the file. Also validate token format/length to reduce attack surface.
  5. Return consistent error codes/messages for invalid or missing tokens to avoid distinguishing valid vs invalid tokens (e.g., always return a generic 400/403 with same body).
  6. Enforce object size and streaming limits: check S3 metadata (Content-Length) before streaming, enforce a maximum allowed size, and implement timeouts/stream quotas to prevent resource exhaustion.
  7. Sanitize and redact error objects before logging. Avoid logging full stack traces or sensitive metadata in production logs. Capture enough context to debug but strip secrets and user tokens.

💡 Recommendations

View 3 recommendation(s)
  1. Upgrade the xlsx dependency (currently 0.18.5) to a release that fixes GHSA-4r6h-8v6p-xvw6 and GHSA-5pgg-2g8v-p4x9; update package.json to the patched version and run tests for any code paths that parse or merge workbook content.
  2. Bump the ai package from 5.0.0 to the fixed release (fixedIn: 5.0.52 or later) to remediate GHSA-rwvc-j5jr-mgvh; validate any server/client filetype checks used before passing files to the SDK.
  3. Harden code that calls these libraries: validate and constrain external inputs (file type/size), avoid passing untrusted objects into merge/extend APIs to prevent prototype pollution, and restrict or pre-validate regex patterns or user-controlled strings before handing them to parsing/regex operations to reduce ReDoS exposure.

Powered by Comp AI - AI that handles compliance for you. Reviewed Nov 18, 2025
@vercel
Copy link

vercel bot commented Nov 18, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Preview Comments Updated (UTC)
portal Ready Ready Preview Comment Nov 18, 2025 3:37am
1 Skipped Deployment
Project Deployment Preview Comments Updated (UTC)
app Skipped Skipped Nov 18, 2025 3:37am
@chasprowebdev chasprowebdev changed the title [dev] [chasprowebdev] chas/update-window-build [Portal] Use .exe build for windows device agent instead of zip file Nov 18, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

automated-pr

2 participants

@chasprowebdev