spawnSync was blocking the event loop until the subprocess exited, so
opening a browser would freeze the server until it closed. Replace with
spawn + unref (detached, stdio ignored) and remove the now-pointless
awaits and async keywords from action handlers.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Parse the URL and reject anything that isn't http/https before passing
to xdg-open, blocking file://, javascript:// and other schemes.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Each request is signed with HMAC-SHA256 over timestamp+body using a
per-user secret loaded from a --secrets file (never env vars or git).
Users have a canApprove list controlling who may approve queued actions.
Queue entries track submitted_by for permission checks on approve/deny.
Also renames all identifiers to snake_case throughout the codebase.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Move resolvePath and exec out of index.mjs into server/helpers.mjs so
actions can import them directly rather than receiving them as arguments.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
