 Hartmut
|
656c9329f7
|
Merge branch 'security/audit-2026-04-17'
CI / Architecture Guardrails (push) Successful in 3m11s
CI / Assistant Split Regression (push) Successful in 4m51s
CI / Lint (push) Successful in 6m1s
CI / Typecheck (push) Successful in 6m55s
CI / Unit Tests (push) Failing after 5m16s
CI / Build (push) Failing after 4m4s
CI / E2E Tests (push) Has been skipped
CI / Fresh-Linux Docker Deploy (push) Has been skipped
CI / Release Images (push) Has been skipped
Security audit 2026-04-17 — 20 commits hardening the application surface ahead of the Accenture CDP review.
Major changes:
- Auth: constant-time authorize, Unicode-aware prompt-injection guard, TOTP replay-race CAS, cookie/session hardening, E2E bypass fail-fast, login timing attack fix, AUTH_SECRET entropy enforcement, RBAC cache pub/sub, password policy alignment
- Authorization: default-deny /api middleware, scoped-caller completeness verification
- Input validation: JSONB bound, batchUpdateCustomFields whitelist, Zod .max() hardening, dispo workbook path allowlist, image polyglot validator
- AI: assistant chat payload cap, project-cover prompt injection guard, password redaction in audit DB entries, per-turn AssistantPrompt audit, Prisma error masking in AI-tool helpers
- Network: CSP tightening, SSRF guard IPv6 + DNS-rebind, blueprint validator ReDoS hardening
- Ops: Docker/Compose hardening, read-only AI DB proxy raw/tx escape-hatch block, audit writes awaited for durability
Resolves Gitea #38–#58 (security audit series).
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
|
2026-04-17 16:11:57 +02:00 |
|