Skip to content

Use owner-only permissions for IPC files#1705

Merged
renkun-ken merged 4 commits into
masterfrom
ipc-file-perm
May 10, 2026
Merged

Use owner-only permissions for IPC files#1705
renkun-ken merged 4 commits into
masterfrom
ipc-file-perm

Conversation

@renkun-ken

@renkun-ken renkun-ken commented May 10, 2026

Copy link
Copy Markdown
Member

The file artifacts created for IPC are located in the temporary folder. The files should be owner-only.

@renkun-ken renkun-ken merged commit eba52fc into master May 10, 2026
5 checks passed
@randy3k randy3k mentioned this pull request Jun 26, 2026
Open
grantmcdermott added a commit to grantmcdermott/vscode-R that referenced this pull request Jun 27, 2026
@grantmcdermott
fix(plot): address JGD viewer review feedback
b9e93bc 
Apply the should-fix items from @randy3k's review of REditorSupport#1706:

- Escape gc.col/gc.fill, font-family, text fill, and the raster href
  through svgEsc() in the SVG export builders; previously only text
  content was escaped, leaving these attributes injectable.
- Encode large PNG exports to base64 in chunks (uint8ToBase64) instead
  of String.fromCharCode(...bytes), which overflows the call stack at
  large sizes/DPI.
- Place the Unix domain socket in a private 0o700 mkdtemp directory and
  remove it on stop(), matching the IPC pipe handling from REditorSupport#1705.
- Add a Content-Security-Policy meta tag to the JGD webview.
- Set the panel icon (UriIcon 'graph') for parity with the httpgd and
  standard plot viewers.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@renkun-ken