mosaic/stack
1
0
Fork 0
Code Issues 10 Pull Requests 1 Actions Packages Projects Releases 2 Wiki Activity
Files
38695b3bb855fa18ad39d97d4fd1d432c10f3372
stack/apps
History
Jason Woltje 38695b3bb8 feat(#286): Add workspace access validation to federation endpoints 
Security improvements:
- Apply WorkspaceGuard to all workspace-scoped federation endpoints
- Enforce workspace membership verification via Prisma
- Prevent cross-workspace access attacks
- Add comprehensive test coverage for workspace isolation

Changes:
- Add WorkspaceGuard to federation connection endpoints:
  - POST /connections/initiate
  - POST /connections/:id/accept
  - POST /connections/:id/reject
  - POST /connections/:id/disconnect
  - GET /connections
  - GET /connections/:id
- Add workspace-access.integration.spec.ts with tests for:
  - Workspace membership verification
  - Cross-workspace access prevention
  - Multiple workspace ID sources (header, param, body)

Part of M7.1 Remediation Sprint P1 security fixes.

Fixes #286

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-03 21:50:13 -06:00
..
api
feat(#286): Add workspace access validation to federation endpoints
2026-02-03 21:50:13 -06:00
coordinator
fix(#180): Update pnpm to 10.27.0 in Dockerfiles
2026-02-01 20:52:43 -06:00
orchestrator
fix(#277): Add comprehensive security event logging for command injection
2026-02-03 20:27:45 -06:00
web
feat(#42): Implement persistent Jarvis chat overlay
2026-02-03 20:24:41 -06:00