d01e7801ed
security: v1.7.7 hardening release
...
CI / lint-and-test (push) Successful in 51s
Release / build-and-push (push) Successful in 1m57s
- Add WEBHOOK_CLIENT_SECRET validation for Graph webhooks
- Add Redis-backed rate limiting (fetch/ask/write/default tiers)
- Validate LLM_BASE_URL to prevent SSRF (HTTPS only, block private IPs)
- Enforce non-wildcard CORS when AUTH_ENABLED=true
- Add Content-Security-Policy headers
- Fix audit middleware to use verified JWT claims via contextvars
- Cap bulk_tags updates to 10,000 documents
- Return generic error messages to clients (no internal detail leakage)
- Strict AlertCondition Pydantic model for alert rules
- Security warning on MCP stdio server startup
- Remove MongoDB/Redis host ports from docker-compose
- Remove mongo_query from /ask API response
2026-04-27 09:16:57 +02:00
b2f4cabef4
feat: service-level role gating for privacy-sensitive services (Option A)
...
CI / lint-and-test (push) Successful in 25s
- Add PRIVACY_SERVICES and PRIVACY_SERVICE_ROLES config variables
- Add user_can_access_privacy_services(claims) helper in auth.py
- /api/events filters out privacy services for users without required roles
- /api/filter-options excludes privacy services from dropdown options
- /api/ask excludes privacy services from NLQ queries
- /api/events/{id}/explain returns 403 for privacy events if unauthorized
- Teams added to default noisy service exclusion (frontend + backend)
- Update .env.example with privacy config documentation
- Add tests for event filtering, filter-options exclusion, and explain 403
2026-04-22 07:26:21 +02:00
ed310a06de
fix: replace python-jose with PyJWT for robust JWKS signature verification
...
CI / lint-and-test (push) Has been cancelled
python-jose failed to correctly construct RSA public keys from Microsoft
JWKS entries lacking an explicit alg field, causing signature verification
failures. Switch auth.py to PyJWT + jwt.algorithms.RSAAlgorithm.from_jwk()
which handles Entra JWKS correctly. Add cryptography explicitly to deps.
Update auth tests to remove unused python-jose fixture code.
2026-04-14 16:47:54 +02:00
c22c637511
fix: explicitly pass RS256 algorithm to jose.jwk.construct to handle JWKS keys without alg field
CI / lint-and-test (push) Has been cancelled
2026-04-14 16:38:14 +02:00
0bdfae6373
feat: improve auth error logging with exception type details
CI / lint-and-test (push) Has been cancelled
2026-04-14 16:33:32 +02:00
9271b4e461
feat: implement Phase 2 stabilization
...
CI / lint-and-test (push) Has been cancelled
- Cache Graph API tokens with expiry-aware reuse in graph/auth.py
- Add tenacity-based retry/backoff wrapper (utils/http.py) and apply to all Graph/source API calls
- Add Pydantic request/response models (models/api.py) and FastAPI query constraints
- Add unit tests for event_model, auth and integration tests for API endpoints
- Configure ruff linter/formatter in pyproject.toml
- Add GitHub Actions CI pipeline (.github/workflows/ci.yml)
- Add requirements-dev.txt with pytest, mongomock, httpx, ruff
- Clean up typing imports and fix ruff linting across codebase
2026-04-14 12:02:28 +02:00
4f6e16d64d
feat: implement Phase 1 hardening
...
- Verify JWT signatures via JWKS in auth.py
- Fix broken frontend auth button references
- Add Pydantic Settings for env validation (RETENTION_DAYS, CORS_ORIGINS)
- Create MongoDB indexes + TTL on startup
- Add /health endpoint and CORS middleware
- Escape regex input in event queries
- Fix dedupe() return calculation in maintenance.py
- Replace basic logging with structured structlog JSON logs
- Update README and add ROADMAP.md
2026-04-14 11:48:29 +02:00
205b69713e
Added authentication
2025-11-29 14:19:34 +01:00
