refactor(security): unify secure id paths and guard weak patterns

2026-05-09 11:37:38 +00:00 · 2026-02-22 10:14:55 +01:00
parent ae8d4a8eec
commit 6c2e999776
12 changed files with 167 additions and 54 deletions
--- a/src/browser/trash.ts
+++ b/src/browser/trash.ts
@@ -1,6 +1,7 @@
 import fs from "node:fs";
 import os from "node:os";
 import path from "node:path";
+import { generateSecureToken } from "../infra/secure-random.js";
 import { runExec } from "../process/exec.js";

 export async function movePathToTrash(targetPath: string): Promise<string> {
@@ -13,7 +14,7 @@ export async function movePathToTrash(targetPath: string): Promise<string> {
    const base = path.basename(targetPath);
    let dest = path.join(trashDir, `${base}-${Date.now()}`);
    if (fs.existsSync(dest)) {
-      dest = path.join(trashDir, `${base}-${Date.now()}-${Math.random()}`);
+      dest = path.join(trashDir, `${base}-${Date.now()}-${generateSecureToken(6)}`);
    }
    fs.renameSync(targetPath, dest);
    return dest;