fix(mosaic): gateway token recovery review remediations #414

jason.woltje · 2026-04-05T06:05:04Z

jason.woltje commented

2026-04-05 06:05:04 +00:00

Security and correctness remediations from independent code review of PR #411 (CU-03-08). Blockers fixed: session.json mode 0o600 and password no-echo prompt. Important: password trim fix, cross-gateway warning, --password unsafe flag. All 114 tests pass.

jason.woltje added 1 commit 2026-04-05 06:05:06 +00:00

fix(mosaic): address code review findings for gateway token recovery (CU-03-08)

ci/woodpecker/push/ci Pipeline was successful

Details

ci/woodpecker/pr/ci Pipeline was successful

Details

ca214ccc76

- auth.ts: write session.json with mode 0o600 (was world-readable; cookie is a credential)
- login.ts: add promptSecret() using TTY raw mode so password is not echoed to terminal
- login.ts: export promptLine() so token-ops.ts can use it (keeps prompts mockable in tests)
- login.ts: fix password trimming — do not trim() passwords (may have intentional whitespace)
- token-ops.ts: use promptLine/promptSecret from login.ts (replaces inline readline)
- token-ops.ts: persistToken() warns when --gateway targets a different host than meta.json
- gateway.ts: mark --password flag [UNSAFE] in help; emit console.warn when it is used
- recover-token.spec.ts: update mock to include promptLine/promptSecret from ./login.js

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

jason.woltje merged commit 119ff0eb1b into main

2026-04-05 06:13:30 +00:00

jason.woltje referenced this issue from a commit

2026-04-05 06:13:32 +00:00

fix(mosaic): gateway token recovery review remediations (#414)

Sign in to join this conversation.

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: mosaicstack/stack#414