fix: SEC-4/SEC-5 CSP lockdown + IPC-1 serde camelCase

- Set restrictive CSP policy (was null) - Gate devtools behind feature flag - Set withGlobalTauri: false - Add camelCase serde rename to ConnectionGroup Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-29 16:40:00 -04:00 · 2026-03-29 16:40:00 -04:00 · a907213d57
commit a907213d57
parent 1b7b1a0051
3 changed files with 8 additions and 3 deletions
--- a/src-tauri/Cargo.toml
+++ b/src-tauri/Cargo.toml
@ -12,11 +12,15 @@ crate-type = ["lib", "cdylib", "staticlib"]
 name = "wraith-mcp-bridge"
 path = "src/bin/wraith_mcp_bridge.rs"
 [features]
 default = []
 devtools = ["tauri/devtools"]
 [build-dependencies]
 tauri-build = { version = "2", features = [] }
 [dependencies]
-tauri = { version = "2", features = ["devtools"] }
+tauri = { version = "2", features = [] }
 tauri-plugin-shell = "2"
 tauri-plugin-updater = "2"
 anyhow = "1"
--- a/src-tauri/src/connections/mod.rs
+++ b/src-tauri/src/connections/mod.rs
@ -19,6 +19,7 @@ use crate::db::Database;
 // ── domain types ──────────────────────────────────────────────────────────────
 #[derive(Debug, Serialize, Deserialize, Clone)]
 #[serde(rename_all = "camelCase")]
 pub struct ConnectionGroup {
    pub id: i64,
    pub name: String,
--- a/src-tauri/tauri.conf.json
+++ b/src-tauri/tauri.conf.json
@ -22,9 +22,9 @@
      }
    ],
    "security": {
-      "csp": null
+      "csp": "default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' asset: https://asset.localhost data:; connect-src 'self' ipc: http://ipc.localhost"
    },
-    "withGlobalTauri": true
+    "withGlobalTauri": false
  },
  "bundle": {
    "active": true,