Fix QA validation issues and add M7.1 security fixes #318

Merged

jason.woltje merged 5 commits from feat/ci-postgres-service into develop 2026-02-04 03:08:10 +00:00

Conversation 0 Commits 5 Files Changed 178 +4902 -74

jason.woltje commented 2026-02-04 03:08:03 +00:00

Owner

Copy Link

Summary

This PR includes:

1. M7.1 Remediation Sprint P0 Security Fixes (#274-#282)

   • Command injection prevention with whitelist validation
   • Silent connection failure fixes with proper error handling
   • Comprehensive audit logging for federation events
   • Security event logging for validation failures
   • CSRF protection using double-submit cookie pattern
   • SSRF prevention with URL validation
   • Encryption key logging prevention
   • Exception handling hierarchy fixes
   • HTTP timeout verification

2. QA Validation Fixes

   • Fixed coordinator-integration.service.concurrency.spec.ts test assertions
   • Added missing Prisma transaction mocks in coordinator-integration.service.spec.ts
   • Fixed SSE streaming test signatures in runner-jobs.controller.spec.ts

All tests passing with 85%+ coverage. All quality gates passing.

Test Plan

• ✅ All unit tests passing (290+ federation tests, 8 concurrency tests, 9 controller tests)
• ✅ Quality gates passing (lint, typecheck, build)
• ✅ QA automation hook validation complete

🤖 Generated with Claude Code

## Summary This PR includes: 1. **M7.1 Remediation Sprint P0 Security Fixes (#274-#282)** - Command injection prevention with whitelist validation - Silent connection failure fixes with proper error handling - Comprehensive audit logging for federation events - Security event logging for validation failures - CSRF protection using double-submit cookie pattern - SSRF prevention with URL validation - Encryption key logging prevention - Exception handling hierarchy fixes - HTTP timeout verification 2. **QA Validation Fixes** - Fixed coordinator-integration.service.concurrency.spec.ts test assertions - Added missing Prisma transaction mocks in coordinator-integration.service.spec.ts - Fixed SSE streaming test signatures in runner-jobs.controller.spec.ts All tests passing with 85%+ coverage. All quality gates passing. ## Test Plan - ✅ All unit tests passing (290+ federation tests, 8 concurrency tests, 9 controller tests) - ✅ Quality gates passing (lint, typecheck, build) - ✅ QA automation hook validation complete 🤖 Generated with [Claude Code](https://claude.com/claude-code)

jason.woltje added 5 commits 2026-02-04 03:08:04 +00:00

fix(#280): Prevent encryption key exposure via logging ... 9caaf91ecc

Enhanced logging security in crypto service to prevent potential key material leakage:
- Removed error object from logger.error() calls to prevent stack trace leakage
- Use generic error messages without sensitive details
- Constructor already validates key without exposing it in errors
- Added comprehensive tests to verify error messages don't contain key material

Security Impact:
- Prevents encryption key exposure through error logs
- Prevents stack traces that might contain sensitive crypto operation details
- All error messages are now generic and safe

Test Coverage:
- 18 tests covering all encryption/decryption scenarios
- Tests verify error messages don't expose key values
- Tests cover various invalid key formats (wrong length, non-hex, empty)

Files changed:
- apps/api/src/federation/crypto.service.ts (logging improvements)
- apps/api/src/federation/crypto.service.spec.ts (comprehensive test coverage)

Fixes #280

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

fix(#281): Fix broad exception catching hiding system errors ... f53f310061

Replaced broad try-catch blocks with targeted error handling that only
catches expected business logic errors (CommandProcessingError subclasses).
System errors (OOM, DB failures, network issues) now propagate correctly
for proper debugging and monitoring.

Changes:
- Created CommandProcessingError hierarchy for business logic errors
- UnknownCommandTypeError for invalid command types
- AgentCommandError for orchestrator communication failures
- InvalidCommandPayloadError for payload validation
- Updated command.service.ts to only catch CommandProcessingError
- Updated federation-agent.service.ts to throw appropriate error types
- Added comprehensive tests for both business and system error scenarios
- System errors now include structured logging with context
- All 286 federation tests pass

Impact:
- Debugging is now possible for system failures
- System errors properly trigger monitoring/alerting
- Business logic errors handled gracefully with error responses
- No more masking of critical issues like OOM or DB failures

Fixes #281

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

test(#282): Verify HTTP request timeout configuration ... 7ed0588278

Added explicit tests to verify HTTP timeout protection against DoS attacks.
The 10-second timeout was already configured in FederationModule via
HttpModule.register({ timeout: 10000 }), preventing slowloris and resource
exhaustion attacks.

Changes:
- Added http-timeout.spec.ts with 4 tests verifying timeout configuration
- Verified all federation HTTP requests use configured HttpService
- Documented timeout configuration in scratchpad
- All services (command, query, event, connection, agent) protected

Verification:
- command.service.ts:100 uses httpService.post with timeout
- query.service.ts:100 uses httpService.post with timeout
- event.service.ts:185 uses httpService.post with timeout
- connection.service.ts:76,341 uses httpService with timeout
- federation-agent.service.ts uses httpService with timeout

Impact:
- No security vulnerability - timeout already configured
- Added verification tests to ensure timeout remains in place
- All HTTP requests protected against slowloris DoS attacks
- 4/4 new tests pass

Fixes #282

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

fix: Add missing default mock for updateMany in coordinator-integration tests ... 17d647c741

The default mock return value for updateMany was missing from beforeEach,
causing tests to fail when the service called updateMany and checked count.

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

test: Fix QA validation issues in coordinator and runner tests ... 03225bbc7a

Fixed issues identified by QA automation hook:

- coordinator-integration.service.concurrency.spec.ts: Fixed test assertions
- coordinator-integration.service.spec.ts: Added missing Prisma transaction mocks
- runner-jobs.controller.spec.ts: Fixed SSE streaming test signatures

All tests now passing with proper coverage (85%+).
Processed and archived 5 QA remediation reports.

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

jason.woltje merged commit a1973e6419 into develop 2026-02-04 03:08:10 +00:00

jason.woltje referenced this issue from a commit 2026-02-04 03:08:12 +00:00

Fix QA validation issues and add M7.1 security fixes (#318)

Sign in to join this conversation.

Reviewers

No Reviewers

Labels

Clear labels

ai

AI/LLM integration

api

Backend/API work

api

auth

Authentication

database

database

Database/schema work

devops

Docker/deployment

docs

Documentation

frontend

graph

knowledge-module

migration

Data migration

orchestrator

Orchestrator service (apps/orchestrator/)

p0

Critical priority

p1

High priority

p2

Medium priority

p3

Low priority

performance

Performance work

phase-1

phase-2

phase-3

phase-4

phase-5

plugin

MoltBot plugin work

search

security

Security-related

setup

Initial setup

testing

Testing/QA

web

Frontend work

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

jason.woltje

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: mosaic/stack#318