Gloria
Gloria
Fixes #8313 ## Summary Enhanced `Filesystem.contains()` to prevent directory escape attacks via symlinks and cross-drive paths on Windows. ## Changes - **`src/util/filesystem.ts`**: Enhanced `contains()` function - Use `realpathSync()` to resolve...
### Description ## Problem The `Filesystem.contains()` function uses lexical path checking only, which allows: - Symlink escape attacks - Cross-drive path bypass on Windows See TODO comments in `src/file/index.ts:280-281` and...