mosaicstack/stack
1
0
Fork 0
Code Issues 13 Pull Requests Actions Packages Projects Releases 11 Wiki Activity

fix(security): M2-008 Valkey key audit — SCAN over KEYS, restrict /gc to admin (#298)
Some checks failed
ci/woodpecker/push/ci Pipeline failed
Details

Browse Source 
Co-authored-by: Jason Woltje <jason@diversecanvas.com>
Co-committed-by: Jason Woltje <jason@diversecanvas.com>
This commit was merged in pull request #298.
This commit is contained in:
Jason Woltje
2026-03-21 20:45:43 +00:00
committed by jason.woltje
parent 02ff3b3256
commit 5b089392fd
5 changed files with 58 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
apps/gateway/src/commands/commands.integration.spec.ts
View File

@@ -166,11 +166,11 @@ describe('CommandExecutorService — integration', () => {
expect(result.command).toBe('nonexistent');
});
// /gc handler calls SessionGCService.sweepOrphans
it('/gc calls SessionGCService.sweepOrphans with userId', async () => {
// /gc handler calls SessionGCService.sweepOrphans (admin-only, no userId arg)
it('/gc calls SessionGCService.sweepOrphans without arguments', async () => {
const payload: SlashCommandPayload = { command: 'gc', conversationId };
const result = await executor.execute(payload, userId);
expect(mockSessionGC.sweepOrphans).toHaveBeenCalledWith(userId);
expect(mockSessionGC.sweepOrphans).toHaveBeenCalledWith();
expect(result.success).toBe(true);
expect(result.message).toContain('GC sweep complete');
expect(result.message).toContain('3 orphaned sessions');