mosaicstack/stack
1
0
Fork 0
Code Issues 13 Pull Requests Actions Packages Projects Releases 11 Wiki Activity

fix(security): M2-008 Valkey key audit — SCAN over KEYS, restrict /gc to admin (#298)
Some checks failed
ci/woodpecker/push/ci Pipeline failed
Details

Browse Source 
Co-authored-by: Jason Woltje <jason@diversecanvas.com>
Co-committed-by: Jason Woltje <jason@diversecanvas.com>
This commit was merged in pull request #298.
This commit is contained in:
Jason Woltje
2026-03-21 20:45:43 +00:00
committed by jason.woltje
parent 02ff3b3256
commit 5b089392fd
5 changed files with 58 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
apps/gateway/src/commands/command-executor.service.ts
View File

@@ -77,8 +77,8 @@ export class CommandExecutorService {
message: 'Retry last message requested.',
};
case 'gc': {
// User-scoped sweep for non-admin; system-wide for admin
const result = await this.sessionGC.sweepOrphans(userId);
// Admin-only: system-wide GC sweep across all sessions
const result = await this.sessionGC.sweepOrphans();
return {
command: 'gc',
success: true,