senke/veza
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1953 commits 37 branches 94 tags 1.5 GiB
Commit graph

4 commits

Author SHA1 Message Date
senke
caa5e698aa fix(security): reject DISABLE_RATE_LIMIT_FOR_TESTS in production (A04) 2026-02-16 10:16:35 +01:00
senke
9c23fefe40 fix(backend): require ClamAV in production environment 
Add validation in ValidateForEnvironment() to fail startup when
CLAMAV_REQUIRED=false in production. Virus scanning is mandatory
for all file uploads in production.
Phase 1 audit - P1.4
 2026-02-15 15:54:58 +01:00
senke
efbe6968f9 fix(audit-1.6,1.7): remove hardcoded test secrets, block bypass flags in prod 
- 1.6: Replace hardcoded JWT secrets in chat server tests with runtime-generated
  values (env TEST_JWT_SECRET or uuid-based fallback)
- 1.7: Add validateNoBypassFlagsInProduction() in config; fail startup if
  BYPASS_CONTENT_CREATOR_ROLE or CSRF_DISABLED is set in production

Refs: AUDIT_TECHNIQUE_INTEGRAL_2026_02_15.md items 1.6, 1.7
 2026-02-15 14:18:23 +01:00
okinrev
2425c15b09 adding initial backend API (Go) 2025-12-03 20:29:37 +01:00