f0c0e6b45a
feat(api): add conversation archive with vector search (MS22-DB-004, MS22-API-004)
...
ci/woodpecker/push/api Pipeline was successful
- Add ConversationArchive Prisma model with pgvector(1536) embedding field
- Migration: 20260228000000_ms22_conversation_archive
- NestJS module at apps/api/src/conversation-archive/ with service, controller, DTOs, spec
- POST /api/conversations/ingest — ingest session logs, auto-embed via EmbeddingService
- POST /api/conversations/search — vector similarity search with agentId filter
- GET /api/conversations — paginated list with agentId + date range filters
- GET /api/conversations/:id — fetch full conversation including messages
- Register ConversationArchiveModule in app.module.ts
- 8 unit tests, all passing (vitest)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-02-28 20:20:31 -06:00
4b2e48af9c
feat(api): add agent memory module (MS22-DB-002, MS22-API-002) ( #586 )
...
ci/woodpecker/push/api Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-01 02:20:15 +00:00
127bf61fe2
chore(orchestrator): Fix TASKS.md schema + correct TEST-003/MIG-004 status ( #572 )
...
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-02-28 20:16:31 +00:00
8098504fb8
chore: bootstrap MS21 Multi-Tenant RBAC Data Migration mission ( #552 )
...
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-02-28 17:12:22 +00:00
d2c51eda91
docs: close MS20 Site Stabilization mission ( #550 )
...
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-02-27 12:25:24 +00:00
d39ab6aafc
chore(orchestrator): update MS20 task tracking for S3 ( #543 )
...
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-02-27 11:02:27 +00:00
8964226163
chore(orchestrator): bootstrap MS20 Site Stabilization mission ( #535 )
...
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-02-27 10:12:24 +00:00
1aaf5618ce
docs: close out MS19 Chat & Terminal System mission ( #523 )
...
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-02-26 04:21:38 +00:00
374ca7ace3
docs: initialize MS19 Chat & Terminal mission planning ( #513 )
...
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-02-26 01:49:40 +00:00
91934b9933
docs: update mission artifacts for MS18 completion ( #504 )
...
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-02-24 02:29:06 +00:00
f9cccd6965
feat(api): seed 7 widget definitions for dashboard system ( #496 )
...
ci/woodpecker/push/api Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-02-24 00:28:02 +00:00
f435d8e8c6
docs: initialize MS18 Theme & Widget System mission ( #492 )
...
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-02-23 13:36:10 +00:00
3d78b09064
docs: close out MS16+MS17 mission ( #486 )
...
ci/woodpecker/push/web Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-02-23 13:27:22 +00:00
a7955b9b32
docs: mark MS16+MS17 milestone complete ( #485 )
...
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-02-23 13:16:38 +00:00
372cc100cc
docs: update PRD statuses and mission artifacts for MS16+MS17 ( #484 )
...
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-02-23 05:09:04 +00:00
172ed1d40f
feat(web): add kanban board page with drag-and-drop ( #478 )
...
ci/woodpecker/push/web Pipeline failed
ci/woodpecker/push/orchestrator Pipeline was successful
ci/woodpecker/push/api Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-02-23 04:26:25 +00:00
cd5c2218c8
chore(orchestrator): bootstrap MS16+MS17 planning ( #470 )
...
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-02-23 03:29:53 +00:00
8957904ea9
Phase 4: Deploy + Smoke Test ( #463 ) ( #464 )
...
ci/woodpecker/push/web Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-02-23 02:09:43 +00:00
458cac7cdd
Phase 3: Agent Cycle Visibility ( #461 ) ( #462 )
...
ci/woodpecker/push/api Pipeline was successful
ci/woodpecker/push/web Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-02-23 01:07:29 +00:00
7581d26567
Phase 2: Task Ingestion Pipeline ( #459 ) ( #460 )
...
ci/woodpecker/push/api Pipeline was successful
ci/woodpecker/push/web Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-02-23 00:54:55 +00:00
07f5225a76
Phase 1: Dashboard Polish + Theming ( #457 ) ( #458 )
...
ci/woodpecker/push/orchestrator Pipeline was successful
ci/woodpecker/push/api Pipeline was successful
ci/woodpecker/push/web Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-02-23 00:16:45 +00:00
ea1620fa7a
docs: initialize go-live MVP mission with coordinator protocol ( #455 )
...
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-02-22 23:37:13 +00:00
a5ed260fbd
feat(web): MS15 Phase 1 — Design System & App Shell ( #451 )
...
ci/woodpecker/push/web Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-02-22 20:57:06 +00:00
b5ac2630c1
docs(auth): record digest-based deploy fix verification
2026-02-18 23:39:06 -06:00
8424a28faa
fix(auth): use set_config for transaction-scoped RLS context
ci/woodpecker/push/api Pipeline was successful
2026-02-18 23:23:15 -06:00
d2cec04cba
fix(auth): preserve raw BetterAuth cookie token for session lookup
ci/woodpecker/push/api Pipeline was successful
2026-02-18 23:06:37 -06:00
0c2a6b14cf
fix(auth): verify BetterAuth sessions via cookie headers
2026-02-18 22:39:54 -06:00
dedc1af080
fix(auth): restore BetterAuth OIDC flow across api/web/compose
ci/woodpecker/push/infra Pipeline was successful
ci/woodpecker/push/web Pipeline was successful
ci/woodpecker/push/api Pipeline was successful
2026-02-17 23:37:49 -06:00
6521cba735
feat: add flexible docker-compose architecture with profiles
...
ci/woodpecker/push/woodpecker Pipeline was successful
- Add OpenBao services to docker-compose.yml with profiles (openbao, full)
- Add docker-compose.build.yml for local builds vs registry pulls
- Make PostgreSQL and Valkey optional via profiles (database, cache)
- Create example compose files for common deployment scenarios:
- docker/docker-compose.example.turnkey.yml (all bundled)
- docker/docker-compose.example.external.yml (all external)
- docker/docker.example.hybrid.yml (mixed deployment)
- Update documentation:
- Enhance .env.example with profiles and external service examples
- Update README.md with deployment mode quick starts
- Add deployment scenarios to docs/OPENBAO.md
- Create docker/DOCKER-COMPOSE-GUIDE.md with comprehensive guide
- Clean up repository structure:
- Move shell scripts to scripts/ directory
- Move documentation to docs/ directory
- Move docker compose examples to docker/ directory
- Configure for external Authentik with internal services:
- Comment out Authentik services (using external OIDC)
- Comment out unused volumes for disabled services
- Keep postgres, valkey, openbao as internal services
This provides a flexible deployment architecture supporting turnkey,
production (all external), and hybrid configurations via Docker Compose
profiles.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-02-08 16:55:33 -06:00
73074932f6
feat( #360 ): Add federation credential isolation
...
Implement explicit deny-lists in QueryService and CommandService to prevent
user credentials from leaking across federation boundaries.
## Changes
### Core Implementation
- QueryService: Block all credential-related queries with keyword detection
- CommandService: Block all credential operations (create/update/delete/read)
- Case-insensitive keyword matching for both queries and commands
### Security Features
- Deny-list includes: credential, api_key, secret, token, password, oauth
- Errors returned for blocked operations
- No impact on existing allowed operations (tasks, events, projects, agent commands)
### Testing
- Added 2 unit tests to query.service.spec.ts
- Added 3 unit tests to command.service.spec.ts
- Added 8 integration tests in credential-isolation.integration.spec.ts
- All 377 federation tests passing
### Documentation
- Created comprehensive security doc at docs/security/federation-credential-isolation.md
- Documents 4 security guarantees (G1-G4)
- Includes testing strategy and incident response procedures
## Security Guarantees
1. G1: Credential Confidentiality - Credentials never leave instance in plaintext
2. G2: Cross-Instance Isolation - Compromised key on one instance doesn't affect others
3. G3: Query/Command Isolation - Federated instances cannot query/modify credentials
4. G4: Accidental Exposure Prevention - Credentials cannot leak via messages
## Defense-in-Depth
This implementation adds application-layer protection on top of existing:
- Transit key separation (mosaic-credentials vs mosaic-federation)
- Per-instance OpenBao servers
- Workspace-scoped credential access
Fixes #360
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-02-07 16:55:49 -06:00
46d0a06ef5
feat( #356 ): Build credential CRUD API endpoints
...
Implement comprehensive CRUD API for managing user credentials with encryption,
RLS, and audit logging following TDD methodology.
Features:
- POST /api/credentials - Create encrypted credential
- GET /api/credentials - List credentials (masked values only)
- GET /api/credentials/:id - Get single credential (masked)
- GET /api/credentials/:id/value - Decrypt plaintext (rate limited 10/min)
- PATCH /api/credentials/:id - Update metadata
- POST /api/credentials/:id/rotate - Rotate credential value
- DELETE /api/credentials/:id - Soft delete
Security:
- All values encrypted via VaultService (TransitKey.CREDENTIALS)
- List/Get endpoints NEVER return plaintext (only maskedValue)
- getValue endpoint rate limited to 10 requests/minute per user
- All operations audit-logged with CREDENTIAL_* ActivityAction
- RLS enforces per-user isolation via getRlsClient() pattern
- Input validation via class-validator DTOs
Testing:
- 26/26 unit tests passing
- 95.71% code coverage (exceeds 85% requirement)
- Service: 95.16%
- Controller: 100%
- TypeScript checks pass
Files created:
- apps/api/src/credentials/credentials.service.ts
- apps/api/src/credentials/credentials.service.spec.ts
- apps/api/src/credentials/credentials.controller.ts
- apps/api/src/credentials/credentials.controller.spec.ts
- apps/api/src/credentials/credentials.module.ts
- apps/api/src/credentials/dto/*.dto.ts (5 DTOs)
Files modified:
- apps/api/src/app.module.ts - imported CredentialsModule
Note: Admin credentials endpoints deferred to future issue. Current
implementation covers all user credential endpoints.
Refs #346
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-02-07 16:50:02 -06:00
aa2ee5aea3
feat( #359 ): Encrypt LLM provider API keys in database
...
Implemented transparent encryption/decryption of LLM provider API keys
stored in llm_provider_instances.config JSON field using OpenBao Transit
encryption.
Implementation:
- Created llm-encryption.middleware.ts with encryption/decryption logic
- Auto-detects format (vault:v1: vs plaintext) for backward compatibility
- Idempotent encryption prevents double-encryption
- Registered middleware in PrismaService
- Created data migration script for active encryption
- Added migrate:encrypt-llm-keys command to package.json
Tests:
- 14 comprehensive unit tests
- 90.76% code coverage (exceeds 85% requirement)
- Tests create, read, update, upsert operations
- Tests error handling and backward compatibility
Migration:
- Lazy migration: New keys encrypted, old keys work until re-saved
- Active migration: pnpm --filter @mosaic/api migrate:encrypt-llm-keys
- No schema changes required
- Zero downtime
Security:
- Uses TransitKey.LLM_CONFIG from OpenBao Transit
- Keys never touch disk in plaintext (in-memory only)
- Transparent to LlmManagerService and providers
- Follows proven pattern from account-encryption.middleware.ts
Files:
- apps/api/src/prisma/llm-encryption.middleware.ts (new)
- apps/api/src/prisma/llm-encryption.middleware.spec.ts (new)
- apps/api/scripts/encrypt-llm-keys.ts (new)
- apps/api/prisma/migrations/20260207_encrypt_llm_api_keys/ (new)
- apps/api/src/prisma/prisma.service.ts (modified)
- apps/api/package.json (modified)
Note: The migration script (encrypt-llm-keys.ts) is not included in
tsconfig.json to avoid rootDir conflicts. It's executed via tsx which
handles TypeScript directly.
Refs #359
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-02-07 16:49:37 -06:00
864c23dc94
feat( #355 ): Create UserCredential model with RLS and encryption support
...
ci/woodpecker/push/woodpecker Pipeline failed
Implements secure user credential storage with comprehensive RLS policies
and encryption-ready architecture for Phase 3 of M9-CredentialSecurity.
**Features:**
- UserCredential Prisma model with 19 fields
- CredentialType enum (6 values: API_KEY, OAUTH_TOKEN, etc.)
- CredentialScope enum (USER, WORKSPACE, SYSTEM)
- FORCE ROW LEVEL SECURITY with 3 policies
- Encrypted value storage (OpenBao Transit ready)
- Cascade delete on user/workspace deletion
- Activity logging integration (CREDENTIAL_* actions)
- 28 comprehensive test cases
**Security:**
- RLS owner bypass, user access, workspace admin policies
- SQL injection hardening for is_workspace_admin()
- Encryption version tracking ready
- Full down migration for reversibility
**Testing:**
- 100% enum coverage (all CredentialType + CredentialScope values)
- Unique constraint enforcement
- Foreign key cascade deletes
- Timestamp behavior validation
- JSONB metadata storage
**Files:**
- Migration: 20260207_add_user_credentials (184 lines + 76 line down.sql)
- Security: 20260207163740_fix_sql_injection_is_workspace_admin
- Tests: user-credential.model.spec.ts (28 tests, 544 lines)
- Docs: README.md (228 lines), scratchpad
Fixes #355
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-02-07 16:39:15 -06:00
e57271c278
fix( #201 ): Enhance WikiLink XSS protection with comprehensive validation
...
ci/woodpecker/push/woodpecker Pipeline failed
Added defense-in-depth security layers for wiki-link rendering:
Slug Validation (isValidWikiLinkSlug):
- Reject empty slugs
- Block dangerous protocols: javascript:, data:, vbscript:, file:, about:, blob:
- Block URL-encoded dangerous protocols (e.g., %6A%61%76%61... = javascript)
- Block HTML tags in slugs
- Block HTML entities in slugs
- Only allow safe characters: a-z, A-Z, 0-9, -, _, ., /
Display Text Sanitization (DOMPurify):
- Strip all HTML tags from display text
- ALLOWED_TAGS: [] (no HTML allowed)
- KEEP_CONTENT: true (preserves text content)
- Prevents event handler injection
- Prevents iframe/object/embed injection
Comprehensive XSS Testing:
- 11 new attack vector tests
- javascript: URLs - blocked
- data: URLs - blocked
- vbscript: URLs - blocked
- Event handlers (onerror, onclick) - removed
- iframe/object/embed - removed
- SVG with scripts - removed
- HTML entity bypass - blocked
- URL-encoded protocols - blocked
- All 25 tests passing (14 existing + 11 new)
Files modified:
- apps/web/src/components/knowledge/WikiLinkRenderer.tsx
- apps/web/src/components/knowledge/__tests__/WikiLinkRenderer.test.tsx
Fixes #201
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com >
2026-02-03 22:59:41 -06:00
f87a28ac55
fix( #200 ): Enhance Mermaid XSS protection with DOMPurify
...
ci/woodpecker/push/woodpecker Pipeline failed
Added defense-in-depth security layers for Mermaid rendering:
DOMPurify SVG Sanitization:
- Sanitize SVG output after mermaid.render()
- Remove script tags, iframes, objects, embeds
- Remove event handlers (onerror, onclick, onload, etc.)
- Use SVG profile for allowed elements
Label Sanitization:
- Added sanitizeMermaidLabel() function
- Remove HTML tags from all labels
- Remove dangerous protocols (javascript:, data:, vbscript:)
- Remove control characters
- Escape Mermaid special characters
- Truncate to 200 chars for DoS prevention
- Applied to all node labels in diagrams
Comprehensive XSS Testing:
- 15 test cases covering all attack vectors
- Script tag injection variants
- Event handler injection
- JavaScript/data URL injection
- SVG with embedded scripts
- HTML entity bypass attempts
- All tests passing
Files modified:
- apps/web/src/components/mindmap/MermaidViewer.tsx
- apps/web/src/components/mindmap/hooks/useGraphData.ts
- apps/web/src/components/mindmap/MermaidViewer.test.tsx (new)
Fixes #200
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com >
2026-02-03 22:55:57 -06:00
9582d9a265
fix( #298 ): Fix async response handling in dashboard
...
ci/woodpecker/push/woodpecker Pipeline failed
Replaced setTimeout hacks with proper polling mechanism:
- Added pollForQueryResponse() function with configurable polling interval
- Polls every 500ms with 30s timeout
- Properly handles DELIVERED and FAILED message states
- Throws errors for failures and timeouts
Updated dashboard to use polling instead of arbitrary delays:
- Removed setTimeout(resolve, 1000) hacks
- Added proper async/await for query responses
- Improved response data parsing for new query format
- Better error handling via polling exceptions
This fixes race conditions and unreliable data loading.
Fixes #298
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com >
2026-02-03 22:51:25 -06:00
4ac4219ce0
fix( #297 ): Implement actual query processing for federation
...
ci/woodpecker/push/woodpecker Pipeline failed
Added query processing to route federation queries to domain services:
- Created query parser to extract intent and parameters from query strings
- Route queries to TasksService, EventsService, and ProjectsService
- Return actual data instead of placeholder responses
- Added workspace context validation
Implemented query types:
- Tasks: "get tasks", "show tasks", etc.
- Events: "get events", "upcoming events", etc.
- Projects: "get projects", "show projects", etc.
Added 5 new tests for query processing (20 tests total, all passing):
- Process tasks/events/projects queries
- Handle unknown query types
- Enforce workspace context requirements
Updated FederationModule to import TasksModule, EventsModule, ProjectsModule.
Fixes #297
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com >
2026-02-03 22:48:59 -06:00
68f641211a
fix( #195 ): Implement RLS context helpers consistently across all services
...
ci/woodpecker/push/woodpecker Pipeline failed
Added workspace context management to PrismaService:
- setWorkspaceContext(userId, workspaceId, client?) - Sets session variables
- clearWorkspaceContext(client?) - Clears session variables
- withWorkspaceContext(userId, workspaceId, fn) - Transaction wrapper
Extended db-context.ts with workspace-scoped helpers:
- setCurrentWorkspace(workspaceId, client)
- setWorkspaceContext(userId, workspaceId, client)
- clearWorkspaceContext(client)
- withWorkspaceContext(userId, workspaceId, fn)
All functions use SET LOCAL for transaction-scoped variables (connection pool safe).
Added comprehensive tests (11 passing unit tests).
Fixes #195
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com >
2026-02-03 22:44:54 -06:00
88be403c86
feat( #194 ): Fix workspace ID transmission mismatch between API and client
...
ci/woodpecker/push/woodpecker Pipeline failed
- Update WorkspaceGuard to support query string as fallback (backward compatibility)
- Priority order: Header > Param > Body > Query
- Update web client to send workspace ID via X-Workspace-Id header (recommended)
- Extend apiRequest helpers to accept workspace ID option
- Update fetchTasks to use header instead of query parameter
- Add comprehensive tests for all workspace ID transmission methods
- Tests passing: API 11 tests, Web 6 new tests (total 494)
This ensures consistent workspace ID handling with proper multi-tenant isolation
while maintaining backward compatibility with existing query string approaches.
Fixes #194
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com >
2026-02-03 22:38:13 -06:00
a2b61d2bff
feat( #193 ): Align authentication mechanism between API and web client
...
ci/woodpecker/push/woodpecker Pipeline failed
- Update AuthUser type in @mosaic/shared to include workspace fields
- Update AuthGuard to support both cookie-based and Bearer token authentication
- Add /auth/session endpoint for session validation
- Install and configure cookie-parser middleware
- Update CurrentUser decorator to use shared AuthUser type
- Update tests for cookie and token authentication (20 tests passing)
This ensures consistent authentication handling across API and web client,
with proper type safety and support for both web browsers (cookies) and
API clients (Bearer tokens).
Fixes #193
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com >
2026-02-03 22:29:42 -06:00
3bba2f1c33
feat( #284 ): Reduce timestamp validation window to 60s with replay attack prevention
...
Security improvements:
- Reduce timestamp tolerance from 5 minutes to 60 seconds
- Add nonce-based replay attack prevention using Redis
- Store signature nonce with 60s TTL matching tolerance window
- Reject replayed messages with same signature
Changes:
- Update SignatureService.TIMESTAMP_TOLERANCE_MS to 60s
- Add Redis client injection to SignatureService
- Make verifyConnectionRequest async for nonce checking
- Create RedisProvider for shared Redis client
- Update ConnectionService to await signature verification
- Add comprehensive test coverage for replay prevention
Part of M7.1 Remediation Sprint P1 security fixes.
Fixes #284
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com >
2026-02-03 21:43:01 -06:00
a1973e6419
Fix QA validation issues and add M7.1 security fixes ( #318 )
...
ci/woodpecker/push/woodpecker Pipeline failed
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-02-04 03:08:09 +00:00
0a527d2a4e
fix( #279 ): Validate orchestrator URL configuration (SSRF risk)
...
ci/woodpecker/push/woodpecker Pipeline failed
Implemented comprehensive URL validation to prevent SSRF attacks:
- Created URL validator utility with protocol whitelist (http/https only)
- Blocked access to private IP ranges (10.x, 192.168.x, 172.16-31.x)
- Blocked loopback addresses (127.x, localhost, 0.0.0.0)
- Blocked link-local addresses (169.254.x)
- Blocked IPv6 localhost (::1, ::)
- Allow localhost in development/test environments only
- Added structured audit logging for invalid URL attempts
- Comprehensive test coverage (37 tests for URL validator)
Security Impact:
- Prevents attackers from redirecting agent spawn requests to internal services
- Blocks data exfiltration via malicious orchestrator URL
- All agent operations now validated against SSRF
Files changed:
- apps/api/src/federation/utils/url-validator.ts (new)
- apps/api/src/federation/utils/url-validator.spec.ts (new)
- apps/api/src/federation/federation-agent.service.ts (validation integration)
- apps/api/src/federation/federation-agent.service.spec.ts (test updates)
- apps/api/src/federation/audit.service.ts (audit logging)
- apps/api/src/federation/federation.module.ts (service exports)
Fixes #279
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com >
2026-02-03 20:47:41 -06:00
ebd842f007
fix( #278 ): Implement CSRF protection using double-submit cookie pattern
...
ci/woodpecker/push/woodpecker Pipeline failed
Implemented comprehensive CSRF protection for all state-changing endpoints
(POST, PATCH, DELETE) using the double-submit cookie pattern.
Security Implementation:
- Created CsrfGuard using double-submit cookie validation
- Token set in httpOnly cookie and validated against X-CSRF-Token header
- Applied guard to FederationController (vulnerable endpoints)
- Safe HTTP methods (GET, HEAD, OPTIONS) automatically exempted
- Signature-based endpoints (@SkipCsrf decorator) exempted
Components Added:
- CsrfGuard: Validates cookie and header token match
- CsrfController: GET /api/v1/csrf/token endpoint for token generation
- @SkipCsrf(): Decorator to exempt endpoints with alternative auth
- Comprehensive tests (20 tests, all passing)
Protected Endpoints:
- POST /api/v1/federation/connections/initiate
- POST /api/v1/federation/connections/:id/accept
- POST /api/v1/federation/connections/:id/reject
- POST /api/v1/federation/connections/:id/disconnect
- POST /api/v1/federation/instance/regenerate-keys
Exempted Endpoints:
- POST /api/v1/federation/incoming/connect (signature-verified)
- GET requests (safe methods)
Security Features:
- httpOnly cookies prevent XSS attacks
- SameSite=strict prevents subdomain attacks
- Cryptographically secure random tokens (32 bytes)
- 24-hour token expiry
- Structured logging for security events
Testing:
- 14 guard tests covering all scenarios
- 6 controller tests for token generation
- Quality gates: lint, typecheck, build all passing
Note: Frontend integration required to use tokens. Clients must:
1. GET /api/v1/csrf/token to receive token
2. Include token in X-CSRF-Token header for state-changing requests
Fixes #278
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com >
2026-02-03 20:35:00 -06:00
b7f4749ffb
Merge branch 'develop' into work/m4-llm
ci/woodpecker/push/woodpecker Pipeline failed
ci/woodpecker/pr/woodpecker Pipeline failed
2026-02-04 02:28:50 +00:00
596ec39442
fix( #277 ): Add comprehensive security event logging for command injection
...
ci/woodpecker/push/woodpecker Pipeline failed
Implemented comprehensive structured logging for all git command injection
and SSRF attack attempts blocked by input validation.
Security Events Logged:
- GIT_COMMAND_INJECTION_BLOCKED: Invalid characters in branch names
- GIT_OPTION_INJECTION_BLOCKED: Branch names starting with hyphen
- GIT_RANGE_INJECTION_BLOCKED: Double dots in branch names
- GIT_PATH_TRAVERSAL_BLOCKED: Path traversal patterns
- GIT_DANGEROUS_PROTOCOL_BLOCKED: Dangerous protocols (file://, javascript:, etc)
- GIT_SSRF_ATTEMPT_BLOCKED: Localhost/internal network URLs
Log Structure:
- event: Event type identifier
- input: The malicious input that was blocked
- reason: Human-readable reason for blocking
- securityEvent: true (enables security monitoring)
- timestamp: ISO 8601 timestamp
Benefits:
- Enables attack detection and forensic analysis
- Provides visibility into attack patterns
- Supports security monitoring and alerting
- Captures attempted exploits before they reach git operations
Testing:
- All 31 validation tests passing
- Quality gates: lint, typecheck, build all passing
- Logging does not affect validation behavior (tests unchanged)
Partial fix for #277 . Additional logging areas (OIDC, rate limits) will
be addressed in follow-up commits.
Fixes #277
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com >
2026-02-03 20:27:45 -06:00
744290a438
fix( #276 ): Add comprehensive audit logging for incoming connections
...
ci/woodpecker/push/woodpecker Pipeline failed
Implemented comprehensive audit logging for all incoming federation
connection attempts to provide visibility and security monitoring.
Changes:
- Added logIncomingConnectionAttempt() to FederationAuditService
- Added logIncomingConnectionCreated() to FederationAuditService
- Added logIncomingConnectionRejected() to FederationAuditService
- Injected FederationAuditService into ConnectionService
- Updated handleIncomingConnectionRequest() to log all connection events
Audit logging captures:
- All incoming connection attempts with remote instance details
- Successful connection creations with connection ID
- Rejected connections with failure reason and error details
- Workspace ID for all events (security compliance)
- All events marked as securityEvent: true
Testing:
- Added 3 new tests for audit logging verification
- All 24 connection service tests passing
- Quality gates: lint, typecheck, build all passing
Security Impact:
- Provides visibility into all incoming connection attempts
- Enables security monitoring and threat detection
- Audit trail for compliance requirements
- Foundation for future authorization controls
Note: This implements Phase 1 (audit logging) of issue #276 .
Full authorization (allowlist/denylist, admin approval) will be
implemented in a follow-up issue requiring schema changes.
Fixes #276
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com >
2026-02-03 20:24:46 -06:00
0669c7cb77
feat( #42 ): Implement persistent Jarvis chat overlay
...
ci/woodpecker/push/woodpecker Pipeline failed
ci/woodpecker/pr/woodpecker Pipeline failed
Add a persistent chat overlay accessible from any authenticated view.
The overlay wraps the existing Chat component and adds state management,
keyboard shortcuts, and responsive design.
Features:
- Three states: Closed (floating button), Open (full panel), Minimized (header)
- Keyboard shortcuts:
- Cmd/Ctrl + K: Open chat (when closed)
- Escape: Minimize chat (when open)
- Cmd/Ctrl + Shift + J: Toggle chat panel
- State persistence via localStorage
- Responsive design (full-width mobile, sidebar desktop)
- PDA-friendly design with calm colors
- 32 comprehensive tests (14 hook tests + 18 component tests)
Files added:
- apps/web/src/hooks/useChatOverlay.ts
- apps/web/src/hooks/useChatOverlay.test.ts
- apps/web/src/components/chat/ChatOverlay.tsx
- apps/web/src/components/chat/ChatOverlay.test.tsx
Files modified:
- apps/web/src/components/chat/index.ts (added export)
- apps/web/src/app/(authenticated)/layout.tsx (integrated overlay)
All tests passing (490 tests, 50 test files)
All lint checks passing
Build succeeds
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com >
2026-02-03 20:24:41 -06:00
7d9c102c6d
fix( #275 ): Prevent silent connection initiation failures
...
ci/woodpecker/push/woodpecker Pipeline failed
Fixed silent connection initiation failures where HTTP errors were caught
but success was returned to the user, leaving zombie connections in
PENDING state forever.
Changes:
- Delete failed connection from database when HTTP request fails
- Throw BadRequestException with clear error message
- Added test to verify connection deletion and exception throwing
- Import BadRequestException in connection.service.ts
User Impact:
- Users now receive immediate feedback when connection initiation fails
- No more zombie connections stuck in PENDING state
- Clear error messages indicate the reason for failure
Testing:
- Added test case: "should delete connection and throw error if request fails"
- All 21 connection service tests passing
- Quality gates: lint, typecheck, build all passing
Fixes #275
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com >
2026-02-03 20:21:06 -06:00
7a84d96d72
fix( #274 ): Add input validation to prevent command injection in git operations
...
ci/woodpecker/push/woodpecker Pipeline failed
Implemented strict whitelist-based validation for git branch names and
repository URLs to prevent command injection vulnerabilities in worktree
operations.
Security fixes:
- Created git-validation.util.ts with whitelist validation functions
- Added custom DTO validators for branch names and repository URLs
- Applied defense-in-depth validation in WorktreeManagerService
- Comprehensive test coverage (31 tests) for all validation scenarios
Validation rules:
- Branch names: alphanumeric + hyphens + underscores + slashes + dots only
- Repository URLs: https://, http://, ssh://, git:// protocols only
- Blocks: option injection (--), command substitution ($(), ``), shell operators
- Prevents: SSRF attacks (localhost, internal networks), credential injection
Defense layers:
1. DTO validation (first line of defense at API boundary)
2. Service-level validation (defense-in-depth before git operations)
Fixes #274
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com >
2026-02-03 20:17:47 -06:00
