senke
|
9612041c63
|
fix(security): correct SQL injection in chat server cleanup_old_messages
- Verify parameterized query (make_interval + $1) is used
- Add input validation for older_than_days (1-3650)
- Harden bulk_insert COPY escaping for backslash in content, message_type, metadata
- Add security tests for cleanup_old_messages
- Add message_store module to lib.rs
- Update AUDIT_TECHNIQUE_INTEGRAL and AUDIT_2
Refs: AUDIT_TECHNIQUE_INTEGRAL_2026_02_15.md item 1.1 (P0)
|
2026-02-15 12:36:59 +01:00 |
|
senke
|
587f1cc30a
|
refactor(auth): consolidate AuthContext to authStore, update Storybook
|
2026-02-14 22:06:22 +01:00 |
|
senke
|
3f0145d6d4
|
docs(audit): update Stream Server status to Compile
|
2026-02-14 20:21:53 +01:00 |
|
senke
|
cb8bbf829d
|
ci(backend): add coverage report generation and upload
|
2026-02-14 20:21:28 +01:00 |
|
senke
|
00690e3eb5
|
ci: add gitleaks secret scanning
|
2026-02-14 20:21:19 +01:00 |
|
senke
|
436123f510
|
ci(backend): run Go tests without -short, add test DB service
|
2026-02-14 20:20:54 +01:00 |
|
senke
|
724064bdbf
|
fix(api): add rate limiting on POST /api/v1/logs/frontend
|
2026-02-14 20:19:56 +01:00 |
|
senke
|
eca1a23a21
|
fix(web): disable ghost feature routes (Education, Gamification, Studio)
|
2026-02-14 20:19:23 +01:00 |
|
senke
|
9a43e62915
|
docs(audit): add progress tracking section, mark 1.1 and 1.2 as done
|
2026-02-14 20:18:38 +01:00 |
|