Rather than relying on the frame_arena, use a distinct arena for FormData. This
generally results in tighter memory usage, but more importantly it ensures that
if FormData outlives the frame, we don't get a UAF. This can happen if the
FormData is refernced in v8 and finalized late (e.g. after the frame would
appear to still be needed).
Also, in Frame.submitForm use the explicit acquireRef and releaseRef. This
FormData can [in theory] be passed to JS, via the `formdata` event that we fire.
Replace the monochrome braille logo with a truecolor ANSI-colored
version. Update logo dimensions and row counting logic, and simplify
the welcome banner printing to stream logo lines directly.
Statically assert that the banner fits within 80 columns at compile
time. This removes the need to dynamically measure terminal width
and conditionally hide the logo.
Updates the isocline dependency to use its native hints for Ctrl-D
and Esc. Removes the custom status bar rendering logic, and prints
the active model and effort level at REPL startup instead.
Prints a Braille-art Lightpanda logo alongside the welcome text and
command hints if the terminal is wide enough. Otherwise, falls back
to a text-only layout.
Also exposes `Terminal.displayWidth` to assist with layout calculations.
- Track initialized providers in Agent.zig to avoid freeing garbage
memory on error.
- Discard the rest of the line in mcp router on StreamTooLong to
allow processing subsequent requests.
newSession set self.session to undefined, but left it non-null if
Session.init failed. closeSession() then ran deinit() on garbage:
- double-released the arena
- read undefined fields on the never-assigned path
Add an errdefer to null the slot on failure.
I threw Claude at WPT's /WebCryptoAPI/ which represents a significant number of
failing cases.
There were a few very low-hanging fruit, like enabling CryptoKey on Worker and
supporting `{name: string}` in addition to just `string` for some functions.
Some of these "fixes" just handle the error case / validation, which tends to
represent a greater number of WPT cases, e.g. some of the importKey algorithms
aren't fully supported, but they still validate the input and return the correct
errors.
To that end, while there should be considerably more passing cases (~42K), some
of these changes merely unlocked more failing cases, so our total case count
should go up.
Claude's summary:
1. digest {name} object fix (16→80)
2. Symmetric importKey/exportKey/generateKey (AES, HMAC; raw + jwk) + CryptoKey
accessors + DataError
3. EC/OKP importKey usage validation (failure-path)
4. PBKDF2 + HKDF deriveBits, then deriveKey
5. ECDH generateKey + import (spki/pkcs8) + deriveBits/deriveKey
6. AES encrypt/decrypt (CBC/CTR/GCM)
Address review: replace the bare 0/1/2 button values in the
mousedown/release switch (Frame.zig) and the CDP button mapping
(input.zig) with named constants so the code self-documents.
