stack

mosaic/stack

Fork 0

Files

History

Jason Woltje 744290a438

ci/woodpecker/push/woodpecker Pipeline failed

Details

fix(#276 ): Add comprehensive audit logging for incoming connections

Implemented comprehensive audit logging for all incoming federation
connection attempts to provide visibility and security monitoring.

Changes:
- Added logIncomingConnectionAttempt() to FederationAuditService
- Added logIncomingConnectionCreated() to FederationAuditService
- Added logIncomingConnectionRejected() to FederationAuditService
- Injected FederationAuditService into ConnectionService
- Updated handleIncomingConnectionRequest() to log all connection events

Audit logging captures:
- All incoming connection attempts with remote instance details
- Successful connection creations with connection ID
- Rejected connections with failure reason and error details
- Workspace ID for all events (security compliance)
- All events marked as securityEvent: true

Testing:
- Added 3 new tests for audit logging verification
- All 24 connection service tests passing
- Quality gates: lint, typecheck, build all passing

Security Impact:
- Provides visibility into all incoming connection attempts
- Enables security monitoring and threat detection
- Audit trail for compliance requirements
- Foundation for future authorization controls

Note: This implements Phase 1 (audit logging) of issue #276.
Full authorization (allowlist/denylist, admin approval) will be
implemented in a follow-up issue requiring schema changes.

Fixes #276

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

2026-02-03 20:24:46 -06:00

api

fix(#276 ): Add comprehensive audit logging for incoming connections

2026-02-03 20:24:46 -06:00

coordinator

fix(#180 ): Update pnpm to 10.27.0 in Dockerfiles

2026-02-01 20:52:43 -06:00

orchestrator

fix(#274 ): Add input validation to prevent command injection in git operations

2026-02-03 20:17:47 -06:00

web

Merge branch 'develop' into feature/52-active-projects-widget

2026-02-04 01:36:57 +00:00