Timmy_Foundation/hermes-agent
16
0
Fork 0
Code Issues 38 Pull Requests 2 Actions 18 Packages Projects Releases Wiki Activity
Files
main
hermes-agent/gateway/platforms
History
Allegro 5d0cf71a8b
Some checks failed
Supply Chain Audit / Scan PR for supply chain risks (pull_request) Successful in 30s
Details
Tests / test (pull_request) Failing after 27s
Details
Docker Build and Publish / build-and-push (pull_request) Failing after 38s
Details
security: prevent error information disclosure (V-013, CVSS 7.5) 
Add secure error handling to prevent internal details leaking.

Changes:
- gateway/platforms/api_server.py:
  - Add _handle_error_securely() function
  - Logs full error details with reference ID internally
  - Returns generic error message to client
  - Updates all cron job exception handlers to use secure handler

CVSS: 7.5 (High)
Refs: V-013 in SECURITY_AUDIT_REPORT.md
CWE-209: Generation of Error Message Containing Sensitive Information
2026-03-31 00:06:58 +00:00
..
__init__.py
Enhance CLI with multi-platform messaging integration and configuration management
2026-02-02 19:01:51 -08:00
ADDING_A_PLATFORM.md
docs: finish cron terminology cleanup
2026-03-14 19:20:58 -07:00
api_server.py
security: prevent error information disclosure (V-013, CVSS 7.5)
2026-03-31 00:06:58 +00:00
base.py
feat(discord): add message processing reactions (salvage #1980) (#3871)
2026-03-29 21:55:23 -07:00
dingtalk.py
fix(dingtalk): requirements check passes with only one credential set
2026-03-17 03:50:45 -07:00
discord.py
feat(discord): add message processing reactions (salvage #1980) (#3871)
2026-03-29 21:55:23 -07:00
email.py
fix(email): close SMTP and IMAP connections on failure (#3804)
2026-03-29 15:38:32 -07:00
feishu.py
feat(gateway): add Feishu/Lark platform support (#3817)
2026-03-29 18:17:42 -07:00
homeassistant.py
fix(gateway): add request timeouts to HA, Email, Mattermost, SMS adapters (#3258)
2026-03-26 14:36:07 -07:00
matrix.py
fix: resolve 7 failing CI tests (#3936)
2026-03-30 08:10:14 -07:00
mattermost.py
feat(mattermost): configurable mention behavior — respond without @mention (#3664)
2026-03-28 22:17:43 -07:00
signal.py
feat: add profiles — run multiple isolated Hermes instances (#3681)
2026-03-29 10:41:20 -07:00
slack.py
feat(slack): multi-workspace support via OAuth token file (#3903)
2026-03-30 01:51:48 -07:00
sms.py
fix: store asyncio task references to prevent GC mid-execution (#3267)
2026-03-26 14:36:24 -07:00
telegram_network.py
fix(telegram): honor proxy env vars in fallback transport (salvage #3411) (#3591)
2026-03-28 14:23:27 -07:00
telegram.py
feat(telegram): add webhook mode as alternative to polling (#3880)
2026-03-29 22:36:07 -07:00
webhook.py
feat: add profiles — run multiple isolated Hermes instances (#3681)
2026-03-29 10:41:20 -07:00
wecom.py
feat(gateway): add WeCom (Enterprise WeChat) platform support (#3847)
2026-03-29 21:29:13 -07:00
whatsapp.py
fix(whatsapp): reuse persistent aiohttp session across requests (#3818)
2026-03-29 16:25:20 -07:00