ptn 0.3.2__py3-none-any.whl → 0.4.2__py3-none-any.whl

porterminal/infrastructure/repositories/in_memory_tab.py

@@ -44,16 +44,8 @@ class InMemoryTabRepository(TabRepository):
         session_id = str(tab.session_id)
 
         self._tabs[tab_id] = tab
-
-        # Index by user
-        if user_id not in self._user_tabs:
-            self._user_tabs[user_id] = set()
-        self._user_tabs[user_id].add(tab_id)
-
-        # Index by session
-        if session_id not in self._session_tabs:
-            self._session_tabs[session_id] = set()
-        self._session_tabs[session_id].add(tab_id)
+        self._user_tabs.setdefault(user_id, set()).add(tab_id)
+        self._session_tabs.setdefault(session_id, set()).add(tab_id)
 
     def update(self, tab: Tab) -> None:
         """Update an existing tab (name, last_accessed)."""

porterminal/pty/env.py

@@ -1,94 +1,32 @@
-"""Environment variable sanitization for PTY processes."""
+"""Environment variable sanitization for PTY processes.
+
+This module re-exports the environment rules from the domain layer
+and provides the build_safe_environment() function for PTY spawning.
+"""
 
 import os
 
-# Environment variables to allowlist (safe to pass to shell)
-SAFE_ENV_VARS: frozenset[str] = frozenset(
-    {
-        # System paths
-        "PATH",
-        "PATHEXT",
-        "SYSTEMROOT",
-        "WINDIR",
-        "TEMP",
-        "TMP",
-        "COMSPEC",
-        # User directories
-        "HOME",
-        "USERPROFILE",
-        "HOMEDRIVE",
-        "HOMEPATH",
-        "LOCALAPPDATA",
-        "APPDATA",
-        "PROGRAMFILES",
-        "PROGRAMFILES(X86)",
-        "COMMONPROGRAMFILES",
-        # System info
-        "COMPUTERNAME",
-        "USERNAME",
-        "USERDOMAIN",
-        "OS",
-        "PROCESSOR_ARCHITECTURE",
-        "NUMBER_OF_PROCESSORS",
-        # Terminal
-        "TERM",
-        # Locale settings for proper text rendering
-        "LANG",
-        "LC_ALL",
-        "LC_CTYPE",
-    }
+from porterminal.domain.values.environment_rules import (
+    DEFAULT_BLOCKED_VARS as BLOCKED_ENV_VARS,
 )
-
-# Environment variables to explicitly block (secrets)
-BLOCKED_ENV_VARS: frozenset[str] = frozenset(
-    {
-        # AWS
-        "AWS_ACCESS_KEY_ID",
-        "AWS_SECRET_ACCESS_KEY",
-        "AWS_SESSION_TOKEN",
-        # Azure
-        "AZURE_CLIENT_SECRET",
-        "AZURE_CLIENT_ID",
-        # Git/GitHub/GitLab
-        "GH_TOKEN",
-        "GITHUB_TOKEN",
-        "GITLAB_TOKEN",
-        # Package managers
-        "NPM_TOKEN",
-        # AI APIs
-        "ANTHROPIC_API_KEY",
-        "OPENAI_API_KEY",
-        "GOOGLE_API_KEY",
-        # Payment
-        "STRIPE_SECRET_KEY",
-        # Database
-        "DATABASE_URL",
-        "DB_PASSWORD",
-        # Generic secrets
-        "SECRET_KEY",
-        "API_KEY",
-        "API_SECRET",
-        "PRIVATE_KEY",
-    }
+from porterminal.domain.values.environment_rules import (
+    DEFAULT_SAFE_VARS as SAFE_ENV_VARS,
 )
 
+# Re-export for backward compatibility
+__all__ = ["SAFE_ENV_VARS", "BLOCKED_ENV_VARS", "build_safe_environment"]
+
 
 def build_safe_environment() -> dict[str, str]:
     """Build a sanitized environment for the PTY.
 
+    Uses allowlist approach - only SAFE_ENV_VARS are copied,
+    so BLOCKED_ENV_VARS can never be included.
+
     Returns:
         Dictionary of safe environment variables.
     """
-    safe_env: dict[str, str] = {}
-
-    # Copy only allowed variables
-    for var in SAFE_ENV_VARS:
-        if var in os.environ:
-            safe_env[var] = os.environ[var]
-
-    # Ensure blocked vars are not included (defense in depth)
-    for var in BLOCKED_ENV_VARS:
-        safe_env.pop(var, None)
+    safe_env = {var: os.environ[var] for var in SAFE_ENV_VARS if var in os.environ}
 
     # Set custom variables for audit trail
     safe_env["TERM"] = "xterm-256color"

porterminal/pty/manager.py

@@ -5,6 +5,8 @@ import shutil
 from pathlib import Path
 from typing import TYPE_CHECKING
 
+from porterminal.domain.values import MAX_COLS, MAX_ROWS, MIN_COLS, MIN_ROWS
+
 from .env import build_safe_environment
 from .protocol import PTYBackend
 
@@ -43,8 +45,8 @@ class SecurePTYManager:
         """
         self._backend = backend
         self.shell_config = shell_config
-        self.cols = max(40, min(cols, 500))
-        self.rows = max(10, min(rows, 200))
+        self.cols = max(MIN_COLS, min(cols, MAX_COLS))
+        self.rows = max(MIN_ROWS, min(rows, MAX_ROWS))
         self.cwd = cwd
         self._closed = False
 
@@ -133,8 +135,8 @@ class SecurePTYManager:
         if self._closed:
             return
 
-        cols = max(40, min(cols, 500))
-        rows = max(10, min(rows, 200))
+        cols = max(MIN_COLS, min(cols, MAX_COLS))
+        rows = max(MIN_ROWS, min(rows, MAX_ROWS))
 
         try:
             self._backend.resize(rows, cols)