Fix 29 audit findings across all severity tiers

Critical: fix unsquashfs arg order, quote Exec paths with spaces, fix compare_versions antisymmetry, chunk-based signature detection, bounded ELF header reads. High: handle NULL CVE severity, prevent pipe deadlock in inspector, fix glob_match edge case, fix backup archive path collisions, async crash detection with stderr capture. Medium: gate scan on auto-scan setting, fix window size persistence, fix announce() for Stack containers, claim lightbox gesture, use serde_json for CLI output, remove dead CSS @media blocks, add detail-tab persistence, remove invalid metainfo categories, byte-level fuse signature search. Low: tighten Wayland env var detection, ELF magic validation, timeout for update info extraction, quoted arg parsing, stop watcher timer on window destroy, GSettings choices/range constraints, remove unused CSS classes, define status-ok/status-attention CSS.
2026-02-27 22:08:53 +02:00
parent f87403794e
commit e9343da249
27 changed files with 1737 additions and 250 deletions
--- a/src/core/wayland.rs
+++ b/src/core/wayland.rs
@@ -307,11 +307,9 @@ pub fn detect_desktop_environment() -> String {
 /// Result of analyzing a running process for Wayland usage.
 #[derive(Debug, Clone)]
 pub struct RuntimeAnalysis {
-    #[allow(dead_code)]
    pub pid: u32,
    pub has_wayland_socket: bool,
    pub has_x11_connection: bool,
-    #[allow(dead_code)]
    pub env_vars: Vec<(String, String)>,
 }

@@ -391,7 +389,6 @@ pub fn analyze_running_process(pid: u32) -> Result<RuntimeAnalysis, String> {
        has_wayland_socket = env_vars.iter().any(|(k, v)| {
            (k == "GDK_BACKEND" && v.contains("wayland"))
                || (k == "QT_QPA_PLATFORM" && v.contains("wayland"))
-                || (k == "WAYLAND_DISPLAY" && !v.is_empty())
        });
    }