Fix 29 audit findings across all severity tiers

Critical: fix unsquashfs arg order, quote Exec paths with spaces, fix compare_versions antisymmetry, chunk-based signature detection, bounded ELF header reads. High: handle NULL CVE severity, prevent pipe deadlock in inspector, fix glob_match edge case, fix backup archive path collisions, async crash detection with stderr capture. Medium: gate scan on auto-scan setting, fix window size persistence, fix announce() for Stack containers, claim lightbox gesture, use serde_json for CLI output, remove dead CSS @media blocks, add detail-tab persistence, remove invalid metainfo categories, byte-level fuse signature search. Low: tighten Wayland env var detection, ELF magic validation, timeout for update info extraction, quoted arg parsing, stop watcher timer on window destroy, GSettings choices/range constraints, remove unused CSS classes, define status-ok/status-attention CSS.
2026-02-27 22:08:53 +02:00
parent f87403794e
commit e9343da249
27 changed files with 1737 additions and 250 deletions
--- a/src/core/database.rs
+++ b/src/core/database.rs
@@ -184,34 +184,6 @@ pub struct ConfigBackupRecord {
    pub last_restored_at: Option<String>,
 }

-#[derive(Debug, Clone)]
-#[allow(dead_code)]
-pub struct CatalogSourceRecord {
-    pub id: i64,
-    pub name: String,
-    pub url: String,
-    pub source_type: String,
-    pub enabled: bool,
-    pub last_synced: Option<String>,
-    pub app_count: i32,
-}
-
-#[derive(Debug, Clone)]
-#[allow(dead_code)]
-pub struct CatalogAppRecord {
-    pub id: i64,
-    pub source_id: i64,
-    pub name: String,
-    pub description: Option<String>,
-    pub categories: Option<String>,
-    pub latest_version: Option<String>,
-    pub download_url: String,
-    pub icon_url: Option<String>,
-    pub homepage: Option<String>,
-    pub file_size: Option<i64>,
-    pub architecture: Option<String>,
-}
-
 #[derive(Debug, Clone)]
 pub struct SandboxProfileRecord {
    pub id: i64,
@@ -1374,7 +1346,9 @@ impl Database {
             WHERE appimage_id = ?1 GROUP BY severity"
        )?;
        let rows = stmt.query_map(params![appimage_id], |row| {
-            Ok((row.get::<_, String>(0)?, row.get::<_, i64>(1)?))
+            let severity: String = row.get::<_, Option<String>>(0)?
+                .unwrap_or_else(|| "MEDIUM".to_string());
+            Ok((severity, row.get::<_, i64>(1)?))
        })?;
        for row in rows {
            let (severity, count) = row?;
@@ -1395,7 +1369,9 @@ impl Database {
            "SELECT severity, COUNT(*) FROM cve_matches GROUP BY severity"
        )?;
        let rows = stmt.query_map([], |row| {
-            Ok((row.get::<_, String>(0)?, row.get::<_, i64>(1)?))
+            let severity: String = row.get::<_, Option<String>>(0)?
+                .unwrap_or_else(|| "MEDIUM".to_string());
+            Ok((severity, row.get::<_, i64>(1)?))
        })?;
        for row in rows {
            let (severity, count) = row?;