MikeWatch Forks of the Mike legal-AI codebase, distilled for legal-tech readers
Home · willchen96/mike · PR #28

fix(projects): validate folder ownership before folder mutations

✅ merged · #28 · willchen96/mike ← fayerman-source/mike · opened 22d ago by fayerman-source · merged 18d ago · +28-3 across 1 file · ↗ on GitHub

From the PR description

Summary

  • validate parent folders against the current project before moving folders
  • validate target folders against the current project before moving documents
  • verify folder ownership before deletion and scope document cleanup to the current project

Why

Project folders are project-scoped, but a few mutation paths accepted folder IDs without first proving they belonged to the same project. In a legal document workspace, avoiding cross-project references is part of the basic trust boundary.

Test

  • npm run build --prefix backend

Our analysis

Enforce project boundaries on folder and document moves — read the full analysis →

Think the analysis missed something the PR description covers?

Commits in this PR (1)

SHA Subject Author Date
7062a300 fix project folder boundary checks Eli Fayerman 2026-05-04 ↗ GitHub

Capture this PR into my fork

Download a Markdown prompt that tells Claude how to port every commit in this PR into your working tree. Run it via claude -p < capture-pull-28.md from inside the repo you want the changes in.

⬇ Download capture-pull-28.md