- Add PathValidator class for preventing path traversal attacks
- Add SecureSubprocessRunner for safe command execution
- Replace unsafe XML parsing with defusedxml for security
- Add comprehensive input validation tools for circuit generation
- Include security dependencies (defusedxml, bandit) in pyproject.toml
- Add security scanning job to CI/CD pipeline
- Add comprehensive test coverage for security utilities
- Add timeout constants for safe operation limits
- Add boundary validation for component positioning
This establishes a strong security foundation for the KiCad MCP server
by implementing defense-in-depth security measures across all input
vectors and external process interactions.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Added environment variable support for configuring KiCad project search paths
- Implemented auto-detection of common project directories (~/pcb, ~/Electronics, etc.)
- Created .env file support for user-friendly configuration
- Added utility module for environment variable loading and management
- Updated documentation with detailed configuration options and troubleshooting steps
- Improved logging to help diagnose path-related issues
- Removed hardcoded paths to make the MCP server more generally usable
