mosaic/stack
1
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases 2 Wiki Activity
Files
e237c404820b1f319c7826b1364cc097f2eb1683
stack/apps
History
Jason Woltje e237c40482 fix(#337): Propagate database errors from guards instead of masking as access denied 
SEC-API-2: WorkspaceGuard now propagates database errors as 500s instead of
returning "access denied". Only Prisma P2025 (record not found) is treated
as "user not a member".

SEC-API-3: PermissionGuard now propagates database errors as 500s instead of
returning null role (which caused permission denied). Only Prisma P2025 is
treated as "not a member".

This prevents connection timeouts, pool exhaustion, and other infrastructure
errors from being misreported to users as authorization failures.

Refs #337

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-05 15:35:11 -06:00
..
api
fix(#337): Propagate database errors from guards instead of masking as access denied
2026-02-05 15:35:11 -06:00
coordinator
feat(#313): Implement FastAPI and agent tracing instrumentation
2026-02-04 14:25:48 -06:00
orchestrator
fix(#337): Return error state from secret scanner on scan failures
2026-02-05 15:30:06 -06:00
web
fix(#337): Sanitize HTML before wiki-link processing in WikiLinkRenderer
2026-02-05 15:25:57 -06:00