Module apply 

cellctl apply -f formation.yaml → POST /v1/formations.

YAML is parsed locally only to validate shape and convert to JSON. The authoritative validation happens on the server; we do a minimal local check to surface obvious schema errors with exit-code 3 before any network call.

Red-team wave 2 hardening

serde_yaml (the unmaintained YAML 1.1 parser still in the workspace) is known to be vulnerable to the “billion-laughs” alias-expansion attack: a ~1 KiB YAML document can expand to gigabytes of in-memory Value tree during deserialization. The full fix is to migrate off serde_yaml; until that lands, we defend in depth here:

1. Hard byte cap on the source file. A formation document is ~12 KiB for a 64-cell formation; 256 KiB is two orders of magnitude over any legitimate input and small enough that even an aggressive alias bomb cannot inflate past a few hundred MiB of allocator pressure on the parsing pass (still bad, but not unbounded-CPU bad).
2. Reject symlinks at the final path component. cellctl apply -f /tmp/attacker-controlled cannot redirect the read to /etc/shadow via a swapped-in symlink. Matches the SEC-15b / SEC-08 protection applied to CELLOS_POLICY_PACK_PATH and the supervisor spec path.
3. Reject non-regular files. Named pipes, devices, and sockets are not legitimate config sources — cellctl apply -f /dev/zero should fail fast, not spin forever inside read_to_string.

Functions

run