@trops/dash-core 0.1.486 → 0.1.489

package/dist/electron/index.js

@@ -4,7 +4,7 @@ var require$$0$1 = require('electron');
 var require$$1$1 = require('electron-store');
 var require$$1$2 = require('path');
 var require$$0$2 = require('fs');
-var require$$5$1 = require('objects-to-csv');
+var require$$6$1 = require('objects-to-csv');
 var require$$1$3 = require('readline');
 var require$$2 = require('xtreamer');
 var require$$3$1 = require('xml2js');
@@ -12,12 +12,12 @@ var require$$4 = require('JSONStream');
 var require$$5 = require('stream');
 var require$$6 = require('csv-parser');
 var require$$0$3 = require('quickjs-emscripten');
-var require$$7 = require('https');
+var require$$8$1 = require('https');
 var require$$0$5 = require('@modelcontextprotocol/sdk/client/index.js');
 var require$$1$4 = require('@modelcontextprotocol/sdk/client/stdio.js');
 var require$$0$4 = require('pkce-challenge');
 var require$$2$1 = require('os');
-var require$$7$1 = require('child_process');
+var require$$9$1 = require('child_process');
 var require$$3$2 = require('adm-zip');
 var require$$4$1 = require('url');
 var require$$2$2 = require('vm');
@@ -28,7 +28,7 @@ var require$$0$6 = require('openai');
 require('live-plugin-manager');
 var require$$0$9 = require('@anthropic-ai/sdk');
 var require$$3$4 = require('crypto');
-var require$$8$1 = require('zod');
+var require$$8$2 = require('zod');
 var require$$0$7 = require('http');
 var require$$1$6 = require('http2');
 var require$$2$4 = require('node-forge');
@@ -1107,7 +1107,7 @@ var secureStoreController$1 = {
   getData: getData$1,
 };
 
-const path$j = require$$1$2;
+const path$l = require$$1$2;
 const {
   readFileSync,
   writeFileSync: writeFileSync$4,
@@ -1125,7 +1125,7 @@ const {
 function ensureDirectoryExistence$2(filePath) {
   try {
     // isDirectory
-    var dirname = path$j.dirname(filePath);
+    var dirname = path$l.dirname(filePath);
     // check if the directory exists...return true
     // if not, we can pass in the dirname as the filepath
     // and check each directory recursively.
@@ -1240,7 +1240,7 @@ function removeFilesFromDirectory(directory, excludeFiles = []) {
 
       for (const file of files) {
         if (!excludeFiles.includes(file)) {
-          unlinkSync(path$j.join(directory, file), (err) => {
+          unlinkSync(path$l.join(directory, file), (err) => {
             if (err) throw err;
           });
         }
@@ -1257,8 +1257,8 @@ var file = {
   checkDirectory: checkDirectory$1,
 };
 
-const { app: app$b } = require$$0$1;
-const path$i = require$$1$2;
+const { app: app$e } = require$$0$1;
+const path$k = require$$1$2;
 const { writeFileSync: writeFileSync$3 } = require$$0$2;
 const { getFileContents: getFileContents$7 } = file;
 
@@ -1305,8 +1305,8 @@ const workspaceController$3 = {
   saveWorkspaceForApplication: (win, appId, workspaceObject) => {
     try {
       // filename to the pages file (live pages)
-      const filename = path$i.join(
-        app$b.getPath("userData"),
+      const filename = path$k.join(
+        app$e.getPath("userData"),
         appName$7,
         appId,
         configFilename$5,
@@ -1354,8 +1354,8 @@ const workspaceController$3 = {
   saveMenuItemsForApplication: (win, appId, menuItems) => {
     try {
       // filename to the workspaces file
-      const filename = path$i.join(
-        app$b.getPath("userData"),
+      const filename = path$k.join(
+        app$e.getPath("userData"),
         appName$7,
         appId,
         configFilename$5,
@@ -1403,8 +1403,8 @@ const workspaceController$3 = {
    */
   deleteWorkspaceForApplication: (win, appId, workspaceId) => {
     try {
-      const filename = path$i.join(
-        app$b.getPath("userData"),
+      const filename = path$k.join(
+        app$e.getPath("userData"),
         appName$7,
         appId,
         configFilename$5,
@@ -1437,8 +1437,8 @@ const workspaceController$3 = {
 
   listWorkspacesForApplication: (win, appId) => {
     try {
-      const filename = path$i.join(
-        app$b.getPath("userData"),
+      const filename = path$k.join(
+        app$e.getPath("userData"),
         appName$7,
         appId,
         configFilename$5,
@@ -1465,8 +1465,8 @@ const workspaceController$3 = {
 
   listMenuItemsForApplication: (win, appId) => {
     try {
-      const filename = path$i.join(
-        app$b.getPath("userData"),
+      const filename = path$k.join(
+        app$e.getPath("userData"),
         appName$7,
         appId,
         configFilename$5,
@@ -1509,8 +1509,8 @@ const workspaceController$3 = {
 
 var workspaceController_1 = workspaceController$3;
 
-const { app: app$a } = require$$0$1;
-const path$h = require$$1$2;
+const { app: app$d } = require$$0$1;
+const path$j = require$$1$2;
 const { writeFileSync: writeFileSync$2 } = require$$0$2;
 const { getFileContents: getFileContents$6 } = file;
 
@@ -1530,8 +1530,8 @@ const themeController$5 = {
   saveThemeForApplication: (win, appId, name, obj) => {
     try {
       // filename to the pages file (live pages)
-      const filename = path$h.join(
-        app$a.getPath("userData"),
+      const filename = path$j.join(
+        app$d.getPath("userData"),
         appName$6,
         appId,
         configFilename$4,
@@ -1576,8 +1576,8 @@ const themeController$5 = {
    */
   listThemesForApplication: (win, appId) => {
     try {
-      const filename = path$h.join(
-        app$a.getPath("userData"),
+      const filename = path$j.join(
+        app$d.getPath("userData"),
         appName$6,
         appId,
         configFilename$4,
@@ -1618,8 +1618,8 @@ const themeController$5 = {
    */
   deleteThemeForApplication: (win, appId, themeKey) => {
     try {
-      const filename = path$h.join(
-        app$a.getPath("userData"),
+      const filename = path$j.join(
+        app$d.getPath("userData"),
         appName$6,
         appId,
         configFilename$4,
@@ -1650,6 +1650,179 @@ const themeController$5 = {
 
 var themeController_1 = themeController$5;
 
+/**
+ * safePath.js
+ *
+ * Path-traversal containment for IPC handlers that accept renderer-
+ * supplied paths.
+ *
+ * Why: dash-core exposes IPC handlers (mainApi.data.saveData,
+ * mainApi.data.parseXMLStream, mainApi.algolia.createBatchesFromFile,
+ * etc.) that historically passed renderer-controlled paths directly to
+ * fs.writeFileSync / fs.createReadStream. A widget could pass
+ * "../../etc/passwd" and the handler would write/read OUTSIDE the
+ * intended app data directory because path.join doesn't reject `..`
+ * segments. See docs/security/ipc-filesystem-audit.md for the full
+ * finding set.
+ *
+ * This utility resolves the requested path, walks symlinks, and asserts
+ * containment within at least one explicitly-allowed root. Any handler
+ * that takes a renderer path runs it through `safePath(p, roots)` and
+ * either gets back a validated absolute real-path, or throws.
+ *
+ * Public API:
+ *
+ *   safePath(requested, allowedRoots[]) → string
+ *     Throws on traversal, missing input, or empty roots. Returns the
+ *     resolved real-path (which is what the caller should pass to fs).
+ *
+ *   getAllowedRoots(category) → string[]
+ *     Canonical roots per category. Categories:
+ *       "data"     — userData/Dashboard/data + user-configured override
+ *       "themes"   — userData/Dashboard/themes
+ *       "widgets"  — userData/widgets
+ *       "plugins"  — userData/plugins
+ *       "downloads"— OS Downloads folder
+ *
+ * Defense layers:
+ *   1. path.resolve() to absolute form.
+ *   2. fs.realpathSync() through any symlinks. If the path doesn't
+ *      exist yet, realpath the parent directory (so a symlink-in-parent
+ *      can't trick a future create operation).
+ *   3. startsWith(realRoot + path.sep) test — single-equals check
+ *      handles "exactly the root" case, prefix-with-sep handles
+ *      "inside the root" without false-matching `/data-evil/` against
+ *      `/data/`.
+ */
+
+const path$i = require$$1$2;
+const fs$d = require$$0$2;
+const { app: app$c } = require$$0$1;
+
+const APP_NAME = "Dashboard";
+
+/**
+ * @param {string} category
+ * @returns {string[]} ordered allowed roots for that category
+ */
+function getAllowedRoots$2(category) {
+  const userData = app$c.getPath("userData");
+  switch (category) {
+    case "data": {
+      const def = path$i.join(userData, APP_NAME, "data");
+      // The user can configure a custom data directory in
+      // Settings → General → Data Directory. If set, that
+      // location is ALSO an allowed root. We don't replace the
+      // default — both are valid because legacy data may still
+      // live in the default while new data goes to the override.
+      const override = readDataDirectoryFromSettings();
+      return override ? [def, override] : [def];
+    }
+    case "themes":
+      return [path$i.join(userData, APP_NAME, "themes")];
+    case "widgets":
+      return [path$i.join(userData, "widgets")];
+    case "plugins":
+      return [path$i.join(userData, "plugins")];
+    case "downloads":
+      return [app$c.getPath("downloads")];
+    default:
+      throw new Error("safePath: unknown allowed-roots category: " + category);
+  }
+}
+
+/**
+ * Read the user-configured data directory from settings.json. Returns
+ * undefined if not set or unreadable.
+ *
+ * Inlined to avoid a circular require with settingsController. Reads
+ * the same settings.json file directly.
+ */
+function readDataDirectoryFromSettings() {
+  try {
+    const settingsPath = path$i.join(
+      app$c.getPath("userData"),
+      APP_NAME,
+      "settings.json",
+    );
+    if (!fs$d.existsSync(settingsPath)) return undefined;
+    const raw = fs$d.readFileSync(settingsPath, "utf8");
+    const settings = JSON.parse(raw);
+    const dir = settings && settings.dataDirectory;
+    if (typeof dir === "string" && dir) return dir;
+  } catch (_e) {
+    // best-effort — fall through to default
+  }
+  return undefined;
+}
+
+/**
+ * Resolve and validate a path against allowed roots.
+ *
+ * @param {string} requested  the path the renderer asked for
+ * @param {string[]} allowedRoots  list of absolute paths the result must be inside
+ * @returns {string} validated absolute real-path
+ * @throws if requested is not contained within any allowed root
+ */
+function safePath$3(requested, allowedRoots) {
+  if (typeof requested !== "string" || !requested) {
+    throw new Error("safePath: requested must be a non-empty string");
+  }
+  if (!Array.isArray(allowedRoots) || allowedRoots.length === 0) {
+    throw new Error("safePath: allowedRoots must be a non-empty array");
+  }
+
+  const resolved = path$i.resolve(requested);
+
+  // Real-path through symlinks. If the file doesn't exist yet (a
+  // create-new operation), real-path the parent so a symlink in the
+  // parent chain can't trick us.
+  let real = resolved;
+  try {
+    real = fs$d.realpathSync(resolved);
+  } catch (_e) {
+    try {
+      const parent = fs$d.realpathSync(path$i.dirname(resolved));
+      real = path$i.join(parent, path$i.basename(resolved));
+    } catch (_e2) {
+      // Parent doesn't exist either. Use the resolved-but-not-
+      // real path; the caller's mkdirSync will happen inside the
+      // validated root, and any symlinks underneath will be
+      // re-checked the next time safePath sees the same path.
+    }
+  }
+
+  for (const root of allowedRoots) {
+    let realRoot = root;
+    try {
+      if (fs$d.existsSync(root)) realRoot = fs$d.realpathSync(root);
+    } catch (_e) {
+      // root doesn't exist or isn't reachable — keep as-is for
+      // the comparison below
+    }
+    // Exact match OR strictly-inside (with separator to prevent
+    // /data-evil/ matching /data/).
+    if (real === realRoot || real.startsWith(realRoot + path$i.sep)) {
+      return real;
+    }
+  }
+
+  throw new Error(
+    "safePath: requested path is not within any allowed root. " +
+      "Requested: " +
+      requested +
+      " (resolved to " +
+      real +
+      "). Allowed roots: " +
+      allowedRoots.join(", "),
+  );
+}
+
+var safePath_1 = {
+  safePath: safePath$3,
+  getAllowedRoots: getAllowedRoots$2,
+};
+
 /**
  * safeJsExecutor.js
  *
@@ -1887,15 +2060,15 @@ var safeJsExecutor$1 = {
  * - CSV -> JSON
  */
 
-var fs$b = require$$0$2;
+var fs$c = require$$0$2;
 var readline = require$$1$3;
 const xtreamer = require$$2;
 var xmlParser = require$$3$1;
 var JSONStream$1 = require$$4;
 const stream$1 = require$$5;
 var csv = require$$6;
-const path$g = require$$1$2;
-const { app: app$9 } = require$$0$1;
+const path$h = require$$1$2;
+const { app: app$b } = require$$0$1;
 const { ensureDirectoryExistence: ensureDirectoryExistence$1 } = file;
 const safeJsExecutor = safeJsExecutor$1;
 
@@ -1949,7 +2122,7 @@ let Transform$1 = class Transform {
         let lineObject = [];
 
         const readInterface = readline.createInterface({
-          input: fs$b.createReadStream(filepath),
+          input: fs$c.createReadStream(filepath),
           output: process.stdout,
           console: false,
         });
@@ -1984,7 +2157,7 @@ let Transform$1 = class Transform {
     return new Promise((resolve, reject) => {
       try {
         const parser = JSONStream$1.parse("*");
-        const readStream = fs$b.createReadStream(file).pipe(parser);
+        const readStream = fs$c.createReadStream(file).pipe(parser);
 
         let count = 0;
 
@@ -2037,7 +2210,7 @@ let Transform$1 = class Transform {
   parseXMLStream = (filepath, outpath, start) => {
     return new Promise((resolve, reject) => {
       try {
-        const xmlFileReadStream = fs$b.createReadStream(filepath);
+        const xmlFileReadStream = fs$c.createReadStream(filepath);
 
         xmlFileReadStream.on("end", () => {
           writeStream.write("\n]");
@@ -2048,7 +2221,7 @@ let Transform$1 = class Transform {
           resolve("Read Finish");
         });
 
-        const writeStream = fs$b.createWriteStream(outpath);
+        const writeStream = fs$c.createWriteStream(outpath);
         writeStream.write("[\n");
 
         const options = {
@@ -2100,10 +2273,10 @@ let Transform$1 = class Transform {
   ) => {
     return new Promise((resolve, reject) => {
       try {
-        const readStream = fs$b
+        const readStream = fs$c
           .createReadStream(filepath)
           .pipe(csv({ separator: delimiter }));
-        const writeStream = fs$b.createWriteStream(outpath);
+        const writeStream = fs$c.createWriteStream(outpath);
 
         let canParse = true;
 
@@ -2189,18 +2362,18 @@ let Transform$1 = class Transform {
       }
 
       // Validate file paths are within app data directory
-      const appDataDir = path$g.join(app$9.getPath("userData"), TRANSFORM_APP_NAME);
-      const resolvedFilepath = path$g.resolve(filepath);
-      const resolvedOutFilepath = path$g.resolve(outFilepath);
+      const appDataDir = path$h.join(app$b.getPath("userData"), TRANSFORM_APP_NAME);
+      const resolvedFilepath = path$h.resolve(filepath);
+      const resolvedOutFilepath = path$h.resolve(outFilepath);
 
-      if (!resolvedFilepath.startsWith(appDataDir + path$g.sep)) {
+      if (!resolvedFilepath.startsWith(appDataDir + path$h.sep)) {
         return reject(
           new Error(
             "Input file path must be within the application data directory",
           ),
         );
       }
-      if (!resolvedOutFilepath.startsWith(appDataDir + path$g.sep)) {
+      if (!resolvedOutFilepath.startsWith(appDataDir + path$h.sep)) {
         return reject(
           new Error(
             "Output file path must be within the application data directory",
@@ -2211,16 +2384,16 @@ let Transform$1 = class Transform {
       // JSON parser
       var parser = JSONStream$1.parse("*");
 
-      if (!fs$b.existsSync(resolvedFilepath)) {
+      if (!fs$c.existsSync(resolvedFilepath)) {
         return reject(new Error("File doesnt exist"));
       }
       console.log("file exists ", resolvedFilepath);
       // create the readStream to parse the large file (json)
-      var readStream = fs$b.createReadStream(resolvedFilepath).pipe(parser);
+      var readStream = fs$c.createReadStream(resolvedFilepath).pipe(parser);
 
       ensureDirectoryExistence$1(resolvedOutFilepath);
 
-      var writeStream = fs$b.createWriteStream(resolvedOutFilepath);
+      var writeStream = fs$c.createWriteStream(resolvedOutFilepath);
 
       let sep = "";
       let count = 0;
@@ -2332,16 +2505,17 @@ let Transform$1 = class Transform {
 
 var transform = Transform$1;
 
-const { app: app$8 } = require$$0$1;
-var fs$a = require$$0$2;
-const path$f = require$$1$2;
+const { app: app$a } = require$$0$1;
+var fs$b = require$$0$2;
+const path$g = require$$1$2;
 const events$5 = events$8;
 const { getFileContents: getFileContents$5, writeToFile: writeToFile$2 } = file;
+const { safePath: safePath$2, getAllowedRoots: getAllowedRoots$1 } = safePath_1;
 
 // Convert Json to Csv
-const ObjectsToCsv = require$$5$1;
+const ObjectsToCsv = require$$6$1;
 const Transform = transform;
-const https$3 = require$$7;
+const https$3 = require$$8$1;
 const appName$5 = "Dashboard";
 
 const dataController$1 = {
@@ -2355,14 +2529,25 @@ const dataController$1 = {
    */
   convertJsonToCsvFile: (win, appId, jsonObject, toFilename = "test.csv") => {
     try {
-      // filename to the pages file (live pages)
-      const filename = path$f.join(
-        app$8.getPath("userData"),
+      // Validate the renderer-supplied filename is contained within
+      // the data directory. path.join doesn't reject `..` segments;
+      // safePath does.
+      const candidate = path$g.join(
+        app$a.getPath("userData"),
         appName$5,
         appId,
         "data",
         toFilename,
       );
+      let filename;
+      try {
+        filename = safePath$2(candidate, getAllowedRoots$1("data"));
+      } catch (pathErr) {
+        win.webContents.send(events$5.DATA_JSON_TO_CSV_FILE_ERROR, {
+          error: pathErr.message,
+        });
+        return;
+      }
 
       // make sure the file exists...
       const fileContents = getFileContents$5(filename, "");
@@ -2420,8 +2605,17 @@ const dataController$1 = {
 
   readLinesFromFile: (win, filepath, lineCount) => {
     try {
+      let validated;
+      try {
+        validated = safePath$2(filepath, getAllowedRoots$1("data"));
+      } catch (pathErr) {
+        win.webContents.send(events$5.READ_LINES_ERROR, {
+          error: pathErr.message,
+        });
+        return;
+      }
       const t = new Transform();
-      t.readLinesFromFile(win, filepath, lineCount, events$5.READ_LINES_UPDATE)
+      t.readLinesFromFile(win, validated, lineCount, events$5.READ_LINES_UPDATE)
         .then((res) => {
           win.webContents.send(events$5.READ_LINES_COMPLETE, {
             success: true,
@@ -2445,9 +2639,18 @@ const dataController$1 = {
 
   readJSONFromFile: (win, filepath, objectCount = null) => {
     try {
-      console.log("reading json from file ", filepath, objectCount);
+      let validated;
+      try {
+        validated = safePath$2(filepath, getAllowedRoots$1("data"));
+      } catch (pathErr) {
+        win.webContents.send(events$5.READ_JSON_ERROR, {
+          error: pathErr.message,
+        });
+        return;
+      }
+      console.log("reading json from file ", validated, objectCount);
       const t = new Transform();
-      t.readJSONFromFile(win, filepath, objectCount, events$5.READ_JSON_UPDATE)
+      t.readJSONFromFile(win, validated, objectCount, events$5.READ_JSON_UPDATE)
         .then((res) => {
           win.webContents.send(events$5.READ_JSON_COMPLETE, {
             success: true,
@@ -2483,16 +2686,12 @@ const dataController$1 = {
         );
       }
 
-      // Validate toFilepath is within the app data directory
-      const appDataDir = path$f.join(app$8.getPath("userData"), appName$5);
-      const resolvedFilepath = path$f.resolve(toFilepath);
-      if (!resolvedFilepath.startsWith(appDataDir + path$f.sep)) {
-        throw new Error(
-          "File path must be within the application data directory",
-        );
-      }
+      // Validate toFilepath is within the app data directory.
+      // safePath replaces the previous inline check; same containment
+      // intent, plus realpath/symlink protection.
+      const resolvedFilepath = safePath$2(toFilepath, getAllowedRoots$1("data"));
 
-      const writeStream = fs$a.createWriteStream(resolvedFilepath);
+      const writeStream = fs$b.createWriteStream(resolvedFilepath);
 
       https$3
         .get(url, (resp) => {
@@ -2537,10 +2736,21 @@ const dataController$1 = {
     objectIdKey = null,
   ) => {
     try {
+      let validatedIn, validatedOut;
+      try {
+        const roots = getAllowedRoots$1("data");
+        validatedIn = safePath$2(filepath, roots);
+        validatedOut = safePath$2(outpath, roots);
+      } catch (pathErr) {
+        win.webContents.send(events$5.PARSE_XML_STREAM_ERROR, {
+          error: pathErr.message,
+        });
+        return;
+      }
       const t = new Transform();
       t.parseXMLStream(
-        filepath,
-        outpath,
+        validatedIn,
+        validatedOut,
         start,
         // recordNode,
         // objectIdKey,
@@ -2586,10 +2796,21 @@ const dataController$1 = {
     limit = null,
   ) => {
     try {
+      let validatedIn, validatedOut;
+      try {
+        const roots = getAllowedRoots$1("data");
+        validatedIn = safePath$2(filepath, roots);
+        validatedOut = safePath$2(outpath, roots);
+      } catch (pathErr) {
+        win.webContents.send(events$5.PARSE_CSV_STREAM_ERROR, {
+          error: pathErr.message,
+        });
+        return;
+      }
       const t = new Transform();
       t.parseCSVStream(
-        filepath,
-        outpath,
+        validatedIn,
+        validatedOut,
         delimiter,
         objectIdKey,
         headers,
@@ -2632,13 +2853,25 @@ const dataController$1 = {
   saveToFile: (win, data, filename, append, returnEmpty = {}) => {
     try {
       if (data) {
-        // filename to the pages file (live pages)
-        const toFilename = path$f.join(
-          app$8.getPath("userData"),
+        // Validate filename is contained within the data directory.
+        // path.join doesn't reject `..` segments; safePath does.
+        const candidate = path$g.join(
+          app$a.getPath("userData"),
           appName$5,
           "data",
           filename,
         );
+        let toFilename;
+        try {
+          toFilename = safePath$2(candidate, getAllowedRoots$1("data"));
+        } catch (pathErr) {
+          win.webContents.send(events$5.DATA_SAVE_TO_FILE_ERROR, {
+            success: false,
+            filename,
+            message: pathErr.message,
+          });
+          return;
+        }
 
         //console.log("saving to file ", toFilename);
 
@@ -2715,8 +2948,8 @@ const dataController$1 = {
     try {
       if (filename) {
         // filename to the pages file (live pages)
-        const fromFilename = path$f.join(
-          app$8.getPath("userData"),
+        const fromFilename = path$g.join(
+          app$a.getPath("userData"),
           appName$5,
           "data",
           filename,
@@ -2796,9 +3029,9 @@ var dataController_1 = dataController$1;
  * settingsController
  */
 
-const { app: app$7 } = require$$0$1;
-const path$e = require$$1$2;
-const fs$9 = require$$0$2;
+const { app: app$9 } = require$$0$1;
+const path$f = require$$1$2;
+const fs$a = require$$0$2;
 const { getFileContents: getFileContents$4, writeToFile: writeToFile$1 } = file;
 
 const configFilename$3 = "settings.json";
@@ -2806,15 +3039,15 @@ const appName$4 = "Dashboard";
 
 // Helper function to recursively copy directory
 function copyDirectory(source, destination) {
-  if (!fs$9.existsSync(destination)) {
-    fs$9.mkdirSync(destination, { recursive: true });
+  if (!fs$a.existsSync(destination)) {
+    fs$a.mkdirSync(destination, { recursive: true });
   }
 
-  const files = fs$9.readdirSync(source);
+  const files = fs$a.readdirSync(source);
   for (const file of files) {
-    const srcPath = path$e.join(source, file);
-    const destPath = path$e.join(destination, file);
-    const stat = fs$9.lstatSync(srcPath);
+    const srcPath = path$f.join(source, file);
+    const destPath = path$f.join(destination, file);
+    const stat = fs$a.lstatSync(srcPath);
 
     // Skip symlinks to prevent following links to sensitive files
     if (stat.isSymbolicLink()) {
@@ -2825,7 +3058,7 @@ function copyDirectory(source, destination) {
     if (stat.isDirectory()) {
       copyDirectory(srcPath, destPath);
     } else {
-      fs$9.copyFileSync(srcPath, destPath);
+      fs$a.copyFileSync(srcPath, destPath);
     }
   }
 }
@@ -2841,8 +3074,8 @@ const settingsController$4 = {
     try {
       if (data) {
         // <appId>/settings.json
-        const filename = path$e.join(
-          app$7.getPath("userData"),
+        const filename = path$f.join(
+          app$9.getPath("userData"),
           appName$4,
           configFilename$3,
         );
@@ -2877,8 +3110,8 @@ const settingsController$4 = {
   getSettingsForApplication: (win) => {
     try {
       // <appId>/settings.json
-      const filename = path$e.join(
-        app$7.getPath("userData"),
+      const filename = path$f.join(
+        app$9.getPath("userData"),
         appName$4,
         configFilename$3,
       );
@@ -2908,15 +3141,15 @@ const settingsController$4 = {
    */
   getDataDirectory: (win) => {
     try {
-      const settingsPath = path$e.join(
-        app$7.getPath("userData"),
+      const settingsPath = path$f.join(
+        app$9.getPath("userData"),
         appName$4,
         configFilename$3,
       );
       const settings = getFileContents$4(settingsPath, {});
       const userDataDir =
         settings.userDataDirectory ||
-        path$e.join(app$7.getPath("userData"), appName$4);
+        path$f.join(app$9.getPath("userData"), appName$4);
 
       console.log("[settingsController] Data directory retrieved successfully");
       // Return the data for ipcMain.handle() - modern promise-based approach
@@ -2943,18 +3176,18 @@ const settingsController$4 = {
   setDataDirectory: (win, newPath) => {
     try {
       // Validate the path exists and is a directory
-      if (!fs$9.existsSync(newPath)) {
-        fs$9.mkdirSync(newPath, { recursive: true });
+      if (!fs$a.existsSync(newPath)) {
+        fs$a.mkdirSync(newPath, { recursive: true });
       }
 
-      const stats = fs$9.statSync(newPath);
+      const stats = fs$a.statSync(newPath);
       if (!stats.isDirectory()) {
         throw new Error("Path is not a directory");
       }
 
       // Update settings
-      const settingsPath = path$e.join(
-        app$7.getPath("userData"),
+      const settingsPath = path$f.join(
+        app$9.getPath("userData"),
         appName$4,
         configFilename$3,
       );
@@ -2987,20 +3220,20 @@ const settingsController$4 = {
   migrateDataDirectory: (win, oldPath, newPath) => {
     try {
       // Resolve paths to prevent traversal
-      const resolvedOldPath = path$e.resolve(oldPath);
-      const resolvedNewPath = path$e.resolve(newPath);
+      const resolvedOldPath = path$f.resolve(oldPath);
+      const resolvedNewPath = path$f.resolve(newPath);
 
       // Validate oldPath is the current configured data directory
-      const settingsCheckPath = path$e.join(
-        app$7.getPath("userData"),
+      const settingsCheckPath = path$f.join(
+        app$9.getPath("userData"),
         appName$4,
         configFilename$3,
       );
       const currentSettings = getFileContents$4(settingsCheckPath, {});
       const currentDataDir =
         currentSettings.userDataDirectory ||
-        path$e.join(app$7.getPath("userData"), appName$4);
-      if (resolvedOldPath !== path$e.resolve(currentDataDir)) {
+        path$f.join(app$9.getPath("userData"), appName$4);
+      if (resolvedOldPath !== path$f.resolve(currentDataDir)) {
         throw new Error("Source path must be the current data directory");
       }
 
@@ -3024,20 +3257,20 @@ const settingsController$4 = {
       }
 
       // Validate paths
-      if (!fs$9.existsSync(resolvedOldPath)) {
+      if (!fs$a.existsSync(resolvedOldPath)) {
         throw new Error("Source directory does not exist");
       }
 
-      if (!fs$9.existsSync(resolvedNewPath)) {
-        fs$9.mkdirSync(resolvedNewPath, { recursive: true });
+      if (!fs$a.existsSync(resolvedNewPath)) {
+        fs$a.mkdirSync(resolvedNewPath, { recursive: true });
       }
 
       // Copy files
       copyDirectory(resolvedOldPath, resolvedNewPath);
 
       // Update settings to use new path
-      const settingsPath = path$e.join(
-        app$7.getPath("userData"),
+      const settingsPath = path$f.join(
+        app$9.getPath("userData"),
         appName$4,
         configFilename$3,
       );
@@ -3701,8 +3934,8 @@ function requireProviderController () {
 	return providerController_1;
 }
 
-const { app: app$6 } = require$$0$1;
-const path$d = require$$1$2;
+const { app: app$8 } = require$$0$1;
+const path$e = require$$1$2;
 const { writeFileSync: writeFileSync$1 } = require$$0$2;
 const events$4 = events$8;
 const { getFileContents: getFileContents$3 } = file;
@@ -3722,8 +3955,8 @@ const layoutController$1 = {
   saveLayoutForApplication: (win, appId, layoutObject) => {
     try {
       // filename to the pages file (live pages)
-      const filename = path$d.join(
-        app$6.getPath("userData"),
+      const filename = path$e.join(
+        app$8.getPath("userData"),
         appName$3,
         appId,
         configFilename$2,
@@ -3755,8 +3988,8 @@ const layoutController$1 = {
    */
   listLayoutsForApplication: (win, appId) => {
     try {
-      const filename = path$d.join(
-        app$6.getPath("userData"),
+      const filename = path$e.join(
+        app$8.getPath("userData"),
         appName$3,
         appId,
         configFilename$2,
@@ -20919,6 +21152,311 @@ let StreamableHTTPClientTransport$1 = class StreamableHTTPClientTransport {
 };
 streamableHttp$1.StreamableHTTPClientTransport = StreamableHTTPClientTransport$1;
 
+/**
+ * widgetPermissions.js
+ *
+ * Read and parse the `dash.permissions.mcp` block from an installed
+ * widget's package.json.
+ *
+ * Manifest format (declared by widget authors in their package.json):
+ *
+ *   {
+ *     "name": "@trops/notes-summarizer",
+ *     "dash": {
+ *       "permissions": {
+ *         "mcp": {
+ *           "filesystem": {
+ *             "tools": ["read_file", "list_directory"],
+ *             "readPaths": ["~/Documents/notes"],
+ *             "writePaths": []
+ *           },
+ *           "github": {
+ *             "tools": ["search_repositories", "get_file_contents"]
+ *           }
+ *         }
+ *       }
+ *     }
+ *   }
+ *
+ * Path strings beginning with `~` are expanded to the user's home
+ * directory at parse time. Tool-only servers (no path I/O, e.g.
+ * github) omit the `readPaths`/`writePaths` keys.
+ *
+ * Public API:
+ *
+ *   getWidgetMcpPermissions(widgetId) → permissions | null
+ *     Returns the parsed permissions for a widget, or null if the
+ *     widget is unmanifested. Cached per process.
+ *
+ *   parseManifestPermissions(packageJson) → permissions | null
+ *     Pure function — exposed for tests.
+ *
+ *   clearCache() → void
+ *     Test-only. Drops the in-process cache so tests can re-read.
+ */
+
+const fs$9 = require$$0$2;
+const path$d = require$$1$2;
+const os$2 = require$$2$1;
+const { app: app$7 } = require$$0$1;
+
+// Cache: widgetId → permissions | null. Populated lazily on first
+// lookup; invalidated when a widget is installed/uninstalled (the
+// install/uninstall paths call clearCache()).
+const _cache = new Map();
+
+/**
+ * Expand a leading "~" to the user's home directory. Other paths are
+ * returned as-is.
+ */
+function expandHome(p) {
+  if (typeof p !== "string" || !p) return p;
+  if (p === "~") return os$2.homedir();
+  if (p.startsWith("~/") || p.startsWith("~\\")) {
+    return path$d.join(os$2.homedir(), p.slice(2));
+  }
+  return p;
+}
+
+/**
+ * Parse a widget's package.json contents into a normalized permissions
+ * object. Returns null if no `dash.permissions.mcp` block exists.
+ */
+function parseManifestPermissions(packageJson) {
+  if (!packageJson || typeof packageJson !== "object") return null;
+  const mcp = packageJson?.dash?.permissions?.mcp;
+  if (!mcp || typeof mcp !== "object") return null;
+
+  const servers = {};
+  for (const [serverName, raw] of Object.entries(mcp)) {
+    if (!raw || typeof raw !== "object") continue;
+    const tools = Array.isArray(raw.tools)
+      ? raw.tools.filter((t) => typeof t === "string")
+      : [];
+    const readPaths = Array.isArray(raw.readPaths)
+      ? raw.readPaths.filter((p) => typeof p === "string").map(expandHome)
+      : [];
+    const writePaths = Array.isArray(raw.writePaths)
+      ? raw.writePaths.filter((p) => typeof p === "string").map(expandHome)
+      : [];
+    servers[serverName] = { tools, readPaths, writePaths };
+  }
+
+  return { servers };
+}
+
+/**
+ * Find a widget's installed package.json on disk. Widgets live under
+ * userData/widgets/<scope>/<name>/ for scoped packages or
+ * userData/widgets/<name>/ for unscoped. The widgetId is the npm
+ * package name (e.g. "@trops/notes-summarizer" or "notes-summarizer").
+ */
+function resolveWidgetPackagePath(widgetId) {
+  if (typeof widgetId !== "string" || !widgetId) return null;
+  const widgetsRoot = path$d.join(app$7.getPath("userData"), "widgets");
+  // Split scope from name for "@scope/name" form.
+  const parts = widgetId.startsWith("@") ? widgetId.split("/") : [widgetId];
+  return path$d.join(widgetsRoot, ...parts, "package.json");
+}
+
+/**
+ * Read and parse a widget's MCP permissions. Returns null if:
+ *   - the widget directory doesn't exist
+ *   - package.json is unreadable / malformed
+ *   - the widget hasn't declared dash.permissions.mcp
+ *
+ * Result is cached per widgetId for the lifetime of this process.
+ */
+function getWidgetMcpPermissions$1(widgetId) {
+  if (_cache.has(widgetId)) return _cache.get(widgetId);
+  const pkgPath = resolveWidgetPackagePath(widgetId);
+  if (!pkgPath || !fs$9.existsSync(pkgPath)) {
+    _cache.set(widgetId, null);
+    return null;
+  }
+  try {
+    const raw = fs$9.readFileSync(pkgPath, "utf8");
+    const pkg = JSON.parse(raw);
+    const perms = parseManifestPermissions(pkg);
+    _cache.set(widgetId, perms);
+    return perms;
+  } catch (e) {
+    console.warn(
+      "[widgetPermissions] failed to read package.json for " +
+        widgetId +
+        ": " +
+        e.message,
+    );
+    _cache.set(widgetId, null);
+    return null;
+  }
+}
+
+function clearCache() {
+  _cache.clear();
+}
+
+var widgetPermissions = {
+  getWidgetMcpPermissions: getWidgetMcpPermissions$1,
+  parseManifestPermissions,
+  expandHome,
+  clearCache,
+};
+
+/**
+ * permissionGate.js
+ *
+ * Per-widget gating for MCP tool calls.
+ *
+ * When `gateToolCall` is invoked with a widget identity, server name,
+ * tool name, and tool arguments, it consults the widget's installed
+ * permission manifest (electron/mcp/widgetPermissions.js) and either
+ * permits the call or returns a clear denial reason.
+ *
+ * Two layers:
+ *
+ *   1. **Tool-name allowlist** — the manifest's `tools[]` array for the
+ *      target server determines which tool names this widget may
+ *      invoke. Anything outside the list is rejected.
+ *
+ *   2. **Path-argument containment** — for tools whose arguments
+ *      include a path-shaped key (`path`, `uri`, `filepath`, `file`,
+ *      `directory`), the supplied path is validated with safePath()
+ *      against the widget's declared `readPaths` or `writePaths` for
+ *      the target server. The read/write distinction is heuristic
+ *      based on the tool name (e.g. `write_file` is treated as a
+ *      write).
+ *
+ * This is the runtime enforcement layer. Install-time consent UI and
+ * per-dashboard MCP-server scope reconfiguration are separate plans
+ * (Slices 2 and 3). When the feature flag is OFF (default), this gate
+ * is bypassed entirely; mcpController behaves as before. When ON,
+ * every callTool dispatch goes through this gate.
+ */
+
+const { getWidgetMcpPermissions } = widgetPermissions;
+const { safePath: safePath$1 } = safePath_1;
+
+// Argument keys that look like paths. Different MCP servers use
+// different conventions; this list covers the common filesystem-style
+// servers. Extensible — add as new patterns surface.
+const PATH_ARG_KEYS = ["path", "uri", "filepath", "file", "directory"];
+
+// Heuristic: tool names matching this regex are treated as writes for
+// purposes of choosing readPaths vs writePaths. The match is intentionally
+// broad — we'd rather treat an ambiguous tool as a write (stricter) than
+// as a read.
+const WRITE_TOOL_PATTERN =
+  /(^|_)(write|create|edit|delete|remove|append|move|rename|chmod|chown|mkdir)/i;
+
+function isWriteTool(toolName) {
+  if (typeof toolName !== "string") return false;
+  return WRITE_TOOL_PATTERN.test(toolName);
+}
+
+/**
+ * @returns {{ allow: true } | { allow: false, reason: string }}
+ */
+function gateToolCall$1({ widgetId, serverName, toolName, args }) {
+  if (!widgetId) {
+    return {
+      allow: false,
+      reason: "no widgetId supplied; cannot determine permissions",
+    };
+  }
+
+  const perms = getWidgetMcpPermissions(widgetId);
+  if (!perms) {
+    return {
+      allow: false,
+      reason:
+        "widget '" +
+        widgetId +
+        "' has no MCP permission manifest; declare dash.permissions.mcp in its package.json to grant access",
+    };
+  }
+
+  const serverPerms = perms.servers[serverName];
+  if (!serverPerms) {
+    return {
+      allow: false,
+      reason:
+        "widget '" +
+        widgetId +
+        "' is not authorized to call '" +
+        serverName +
+        "'",
+    };
+  }
+
+  if (!serverPerms.tools.includes(toolName)) {
+    return {
+      allow: false,
+      reason:
+        "tool '" +
+        toolName +
+        "' is not in the allowlist for widget '" +
+        widgetId +
+        "' on server '" +
+        serverName +
+        "'",
+    };
+  }
+
+  // Path-argument containment. Only checked when the tool's args
+  // include a path-shaped key.
+  const isWrite = isWriteTool(toolName);
+  // Write tools must use writePaths; read tools may use either
+  // readPaths or writePaths (write access implies read access).
+  const allowedPaths = isWrite
+    ? serverPerms.writePaths
+    : [...serverPerms.readPaths, ...serverPerms.writePaths];
+
+  if (args && typeof args === "object") {
+    for (const key of PATH_ARG_KEYS) {
+      const v = args[key];
+      if (typeof v !== "string" || !v) continue;
+      if (allowedPaths.length === 0) {
+        return {
+          allow: false,
+          reason:
+            "tool '" +
+            toolName +
+            "' uses path argument '" +
+            key +
+            "' but widget '" +
+            widgetId +
+            "' has no " +
+            (isWrite ? "writePaths" : "readPaths or writePaths") +
+            " declared for server '" +
+            serverName +
+            "'",
+        };
+      }
+      try {
+        safePath$1(v, allowedPaths);
+      } catch (e) {
+        return {
+          allow: false,
+          reason:
+            "path argument '" +
+            key +
+            "' rejected: " +
+            (e && e.message ? e.message : String(e)),
+        };
+      }
+    }
+  }
+
+  return { allow: true };
+}
+
+var permissionGate = {
+  gateToolCall: gateToolCall$1,
+  isWriteTool,
+  PATH_ARG_KEYS,
+};
+
 /**
  * mcpController.js
  *
@@ -20943,6 +21481,28 @@ const path$c = require$$1$2;
 const fs$8 = require$$0$2;
 const os$1 = require$$2$1;
 const responseCache$2 = responseCache_1;
+const { gateToolCall } = permissionGate;
+const { app: app$6 } = require$$0$1;
+
+// Read the widget-MCP-enforcement feature flag from settings.json.
+// Default is OFF — flipping ON activates per-widget gating in
+// permissionGate.gateToolCall(). See docs/security/ipc-filesystem-audit.md
+// and electron/mcp/permissionGate.js for context.
+function isWidgetPermissionEnforcementEnabled() {
+  try {
+    const settingsPath = path$c.join(
+      app$6.getPath("userData"),
+      "Dashboard",
+      "settings.json",
+    );
+    if (!fs$8.existsSync(settingsPath)) return false;
+    const raw = fs$8.readFileSync(settingsPath, "utf8");
+    const settings = JSON.parse(raw);
+    return Boolean(settings?.security?.enforceWidgetMcpPermissions);
+  } catch (_e) {
+    return false;
+  }
+}
 
 /**
  * Tool name prefixes considered safe to cache (read-only).
@@ -21078,7 +21638,7 @@ function getShellPath$1() {
     return _shellPath$1;
   }
 
-  const { execSync } = require$$7$1;
+  const { execSync } = require$$9$1;
   const fallbackDirs = ["/usr/local/bin", "/opt/homebrew/bin"];
 
   // Scan nvm versions, tracking both latest and best compatible version
@@ -21258,7 +21818,7 @@ async function refreshGoogleOAuthToken(tokenRefresh) {
 
   console.log("[mcpController] Refreshing Google OAuth token...");
 
-  const https = require$$7;
+  const https = require$$8$1;
   const postData = [
     `client_id=${encodeURIComponent(keyData.client_id)}`,
     `client_secret=${encodeURIComponent(keyData.client_secret)}`,
@@ -21647,14 +22207,41 @@ const mcpController$3 = {
    * @param {Array<string>} allowedTools optional whitelist of allowed tool names
    * @returns {{ result } | { error, message }}
    */
-  callTool: async (win, serverName, toolName, args, allowedTools = null) => {
+  callTool: async (
+    win,
+    serverName,
+    toolName,
+    args,
+    allowedTools = null,
+    widgetId = null,
+  ) => {
     try {
       const server = activeServers.get(serverName);
       if (!server || !server.client) {
         throw new Error(`Server not connected: ${serverName}`);
       }
 
-      // Enforce tool scoping if allowedTools is specified
+      // Per-widget manifest gate. Activated by the
+      // security.enforceWidgetMcpPermissions setting. When enabled
+      // and a widgetId is supplied, the widget's installed
+      // package.json's dash.permissions.mcp block determines what
+      // tools and paths are allowed.
+      if (isWidgetPermissionEnforcementEnabled() && widgetId) {
+        const gate = gateToolCall({
+          widgetId,
+          serverName,
+          toolName,
+          args,
+        });
+        if (!gate.allow) {
+          throw new Error(`Widget permission gate: ${gate.reason}`);
+        }
+      }
+
+      // Legacy renderer-supplied allowedTools whitelist. Kept for
+      // backward compatibility with callers that pre-date the
+      // manifest-based gate. Once the manifest gate is enforced
+      // everywhere, this can be removed.
       if (allowedTools && !allowedTools.includes(toolName)) {
         throw new Error(
           `Tool "${toolName}" is not in the allowed tools list for this widget. Allowed: ${allowedTools.join(
@@ -21951,7 +22538,7 @@ const mcpController$3 = {
    * @returns {{ success } | { error, message }}
    */
   runAuth: async (win, mcpConfig, credentials, authCommand) => {
-    const { spawn } = require$$7$1;
+    const { spawn } = require$$9$1;
 
     const env = cleanEnvForChildProcess();
 
@@ -25973,6 +26560,7 @@ const algoliasearch = require$$2$3;
 const events$3 = events$8;
 const AlgoliaIndex = algolia;
 var fs$3 = require$$0$2;
+const { safePath, getAllowedRoots } = safePath_1;
 
 const algoliaController$1 = {
   /**
@@ -26129,10 +26717,19 @@ const algoliaController$1 = {
     createIfNotExists = false,
   ) {
     try {
+      let validatedDir;
+      try {
+        validatedDir = safePath(dir, getAllowedRoots("data"));
+      } catch (pathErr) {
+        win.webContents.send(events$3.ALGOLIA_PARTIAL_UPDATE_OBJECTS_ERROR, {
+          error: pathErr.message,
+        });
+        return;
+      }
       const a = new AlgoliaIndex(appId, apiKey, indexName);
       // now we can make the call to the utility and we are passing in the createIfNotExists FALSE by default
       a.partialUpdateObjectsFromDirectorySync(
-        dir,
+        validatedDir,
         createIfNotExists,
         (data) => {
           win.webContents.send(
@@ -26172,10 +26769,21 @@ const algoliaController$1 = {
     batchSize = 500,
   ) => {
     try {
+      let validatedIn, validatedOut;
+      try {
+        const roots = getAllowedRoots("data");
+        validatedIn = safePath(filepath, roots);
+        validatedOut = safePath(batchFilepath, roots);
+      } catch (pathErr) {
+        win.webContents.send(events$3.ALGOLIA_CREATE_BATCH_ERROR, {
+          error: pathErr.message,
+        });
+        return;
+      }
       const a = new AlgoliaIndex();
       a.createBatchesFromJSONFile(
-        filepath,
-        batchFilepath,
+        validatedIn,
+        validatedOut,
         batchSize,
         (data) => {
           win.webContents.send(events$3.ALGOLIA_CREATE_BATCH_UPDATE, data);
@@ -43641,7 +44249,7 @@ const completable_js_1 = completable;
 const uriTemplate_js_1 = uriTemplate;
 const toolNameValidation_js_1 = toolNameValidation;
 const mcp_server_js_1 = mcpServer$1;
-const zod_1 = require$$8$1;
+const zod_1 = require$$8$2;
 /**
  * High-level MCP server that provides a simpler API for working with resources, tools, and prompts.
  * For advanced usage (like sending notifications or setting custom request handlers), use the underlying
@@ -46274,7 +46882,7 @@ var tlsCert = { getOrCreateCert: getOrCreateCert$1 };
  * for Zod schemas in tool input validation (safeParseAsync).
  */
 
-const z$1 = require$$8$1;
+const z$1 = require$$8$2;
 
 /**
  * Convert a JSON Schema property definition to a Zod v3 schema.
@@ -46367,7 +46975,7 @@ var jsonSchemaToZod_1 = { jsonSchemaToZod: jsonSchemaToZod$1, jsonSchemaProperty
  *   - Rate limiting via token bucket (60 req/min)
  */
 
-const https$1 = require$$7;
+const https$1 = require$$8$1;
 const { randomUUID } = require$$3$4;
 const { BrowserWindow: BrowserWindow$1 } = require$$0$1;
 const { McpServer } = mcp;
@@ -46498,7 +47106,7 @@ function registerPrompt$1(promptDef) {
   registeredPrompts.push(promptDef);
 }
 
-const z = require$$8$1;
+const z = require$$8$2;
 const { jsonSchemaToZod } = jsonSchemaToZod_1;
 
 /**
@@ -46879,7 +47487,7 @@ var mcpDashServerController_1 = mcpDashServerController$4;
  * can use the Chat widget without a separate API key.
  */
 
-const { spawn, execSync } = require$$7$1;
+const { spawn, execSync } = require$$9$1;
 const {
   LLM_STREAM_DELTA: LLM_STREAM_DELTA$2,
   LLM_STREAM_TOOL_CALL: LLM_STREAM_TOOL_CALL$2,
@@ -48176,7 +48784,7 @@ var themeFromUrlErrors$1 = {
 
 const css = require$$0$8;
 const { Vibrant } = require$$1$7;
-const https = require$$7;
+const https = require$$8$1;
 const http = require$$0$7;
 const { URL: URL$1 } = require$$4$1;
 const {
@@ -61216,15 +61824,27 @@ const mcpApi$2 = {
    * @param {string} serverName the server name
    * @param {string} toolName the tool to call
    * @param {object} args tool arguments
-   * @param {Array<string>} allowedTools optional whitelist of allowed tool names
+   * @param {Array<string>} allowedTools optional whitelist of allowed tool names (legacy — prefer per-widget manifest)
+   * @param {string} widgetId optional widget identity. When the
+   *   security.enforceWidgetMcpPermissions setting is enabled, this is
+   *   used to look up the widget's MCP permission manifest and gate
+   *   the call accordingly. Should be the npm package name of the
+   *   calling widget (e.g. "@trops/notes-summarizer").
    * @returns {Promise<{ result } | { error, message }>}
    */
-  callTool: (serverName, toolName, args, allowedTools = null) =>
+  callTool: (
+    serverName,
+    toolName,
+    args,
+    allowedTools = null,
+    widgetId = null,
+  ) =>
     ipcRenderer$i.invoke(MCP_CALL_TOOL, {
       serverName,
       toolName,
       args,
       allowedTools,
+      widgetId,
     }),
 
   /**