Release v0.51.545 — Release TD (extension manifest asset bundles)
Ships #4561 (santastabber). Maintainer-blessed (richer/more-full-featured extension system). Deep-gated for the security of the manifest loader.
Added
- Bundle extension assets with a manifest instead of long comma-separated URL lists (#4505). A new
HERMES_WEBUI_EXTENSION_MANIFESTenv points to a small JSON manifest (≤64 KB) listing an extension'sscripts/stylesheets, replacing unwieldyHERMES_WEBUI_EXTENSION_SCRIPT_URLSstrings for multi-extension self-hosters. Per-extensionenabled: falseskips a bundle. Manifest path is traversal-guarded; every asset URL still goes through the same same-origin allowlist validator (/extensions/or/static/only); capped at 32 + deduped; default-off. Thanks @santastabber.
Gate
- Full pytest suite: 9851 passed, 0 failed
- Codex: SAFE TO SHIP (re-confirm after fix)
- Opus: SAFE — adversarially verified: path traversal blocked (
../,%2e%2e, in-dir symlink→/etc all rejected); same-origin allowlist preserved (https://evil,//evil,javascript:,data:, injection payloads all rejected); default-off byte-identical;html.escapebelt-and-suspenders at injection - One BRICK found + fixed at the gate: a ≤64 KB but deeply-nested manifest raised
RecursionErrorinjson.loadsand escaped into the app-shell route (every page 503). AddedRecursionErrorto the fail-safe handler + a regression test (verified red-without/green-with).
Closes #4505.