senke/veza - Talas Project: Beyond coding. We Forge.

senke/veza

Fork 0

Commit graph

Author	SHA1	Message	Date
senke	2ed2bb9dcf	v0.9.4	2026-03-05 23:03:43 +01:00
senke	51984e9a1f	feat(security): v0.901 Ironclad - fix 5 critical/high vulnerabilities Some checks failed Backend API CI / test-unit (push) Failing after 0s Details Backend API CI / test-integration (push) Failing after 0s Details - OAuth: use JWTService+SessionService, httpOnly cookies (VEZA-SEC-001) - Remove PasswordService.GenerateJWT (VEZA-SEC-002) - Hyperswitch webhook: mandatory verification, 500 if secret empty (VEZA-SEC-005) - Auth middleware: TokenBlacklist.IsBlacklisted check (VEZA-SEC-006) - Waveform: ValidateExecPath before exec (VEZA-SEC-007)	2026-02-26 19:34:45 +01:00

Author

SHA1

Message

Date

senke

2ed2bb9dcf

v0.9.4

2026-03-05 23:03:43 +01:00

senke

51984e9a1f

feat(security): v0.901 Ironclad - fix 5 critical/high vulnerabilities

Backend API CI / test-unit (push) Failing after 0s

Details

Backend API CI / test-integration (push) Failing after 0s

Details

- OAuth: use JWTService+SessionService, httpOnly cookies (VEZA-SEC-001)
- Remove PasswordService.GenerateJWT (VEZA-SEC-002)
- Hyperswitch webhook: mandatory verification, 500 if secret empty (VEZA-SEC-005)
- Auth middleware: TokenBlacklist.IsBlacklisted check (VEZA-SEC-006)
- Waveform: ValidateExecPath before exec (VEZA-SEC-007)

2026-02-26 19:34:45 +01:00

2 commits