senke
|
a7cec19e8f
|
fix(security): correct SQL injection in chat server cleanup_old_messages
- Verify parameterized query (make_interval + $1) is used
- Add input validation for older_than_days (1-3650)
- Harden bulk_insert COPY escaping for backslash in content, message_type, metadata
- Add security tests for cleanup_old_messages
- Add message_store module to lib.rs
- Update AUDIT_TECHNIQUE_INTEGRAL and AUDIT_2
Refs: AUDIT_TECHNIQUE_INTEGRAL_2026_02_15.md item 1.1 (P0)
|
2026-02-15 12:36:59 +01:00 |
|
senke
|
7c7580be4d
|
refactor(auth): consolidate AuthContext to authStore, update Storybook
|
2026-02-14 22:06:22 +01:00 |
|
senke
|
be810c4236
|
docs(audit): update Stream Server status to Compile
|
2026-02-14 20:21:53 +01:00 |
|
senke
|
7b3356eb6b
|
ci(backend): add coverage report generation and upload
|
2026-02-14 20:21:28 +01:00 |
|
senke
|
0d31772d66
|
ci: add gitleaks secret scanning
|
2026-02-14 20:21:19 +01:00 |
|
senke
|
e99447027c
|
ci(backend): run Go tests without -short, add test DB service
|
2026-02-14 20:20:54 +01:00 |
|
senke
|
eb313e83c5
|
fix(api): add rate limiting on POST /api/v1/logs/frontend
|
2026-02-14 20:19:56 +01:00 |
|
senke
|
abb6668205
|
fix(web): disable ghost feature routes (Education, Gamification, Studio)
|
2026-02-14 20:19:23 +01:00 |
|
senke
|
1f4053caa3
|
docs(audit): add progress tracking section, mark 1.1 and 1.2 as done
|
2026-02-14 20:18:38 +01:00 |
|