Jason Woltje 7ed0588278 test(#282): Verify HTTP request timeout configuration ...

Added explicit tests to verify HTTP timeout protection against DoS attacks.
The 10-second timeout was already configured in FederationModule via
HttpModule.register({ timeout: 10000 }), preventing slowloris and resource
exhaustion attacks.

Changes:
- Added http-timeout.spec.ts with 4 tests verifying timeout configuration
- Verified all federation HTTP requests use configured HttpService
- Documented timeout configuration in scratchpad
- All services (command, query, event, connection, agent) protected

Verification:
- command.service.ts:100 uses httpService.post with timeout
- query.service.ts:100 uses httpService.post with timeout
- event.service.ts:185 uses httpService.post with timeout
- connection.service.ts:76,341 uses httpService with timeout
- federation-agent.service.ts uses httpService with timeout

Impact:
- No security vulnerability - timeout already configured
- Added verification tests to ensure timeout remains in place
- All HTTP requests protected against slowloris DoS attacks
- 4/4 new tests pass

Fixes #282

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

2026-02-03 20:59:35 -06:00

..

api

test(#282): Verify HTTP request timeout configuration

2026-02-03 20:59:35 -06:00

coordinator

fix(#180): Update pnpm to 10.27.0 in Dockerfiles

2026-02-01 20:52:43 -06:00

orchestrator

fix(#277): Add comprehensive security event logging for command injection

2026-02-03 20:27:45 -06:00

web

feat(#42): Implement persistent Jarvis chat overlay

2026-02-03 20:24:41 -06:00