cc6a5edfdf
Remove critical security vulnerability where Discord service used hardcoded "default-workspace" ID, bypassing Row-Level Security policies and creating potential for cross-tenant data leakage. Changes: - Add DISCORD_WORKSPACE_ID environment variable requirement - Add validation in connect() to require workspace configuration - Replace hardcoded workspace ID with configured value - Add 3 new tests for workspace configuration - Update .env.example with security documentation Security Impact: - Multi-tenant isolation now properly enforced - Each Discord bot instance must be configured for specific workspace - Service fails fast if workspace ID not configured Breaking Change: - Existing deployments must set DISCORD_WORKSPACE_ID environment variable Tests: All 21 Discord service tests passing (100%) Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
6.1 KiB
6.1 KiB