This repository has been archived on 2026-03-24. You can view files and clone it. You cannot open issues or pull requests or push a commit.

Alexander Whitestone 3a8496a3f1 feat: add security middleware suite - CSRF, security headers, and request logging (#102) ...

Implements three security middleware components with full test coverage:

- CSRF Protection: Token generation/validation, safe method allowlist,
  auto-exempt webhooks, constant-time comparison for timing attack prevention

- Security Headers: X-Content-Type-Options, X-Frame-Options, CSP,
  Permissions-Policy, Referrer-Policy, HSTS (production)

- Request Logging: Method/path/status/duration logging with correlation IDs,
  configurable path exclusions, X-Forwarded-For support

Also fixes Discord test isolation issue where settings.discord_token
was not being properly reset between tests.

New files:
- src/dashboard/middleware/{csrf,security_headers,request_logging}.py
- tests/dashboard/middleware/test_{csrf,security_headers,request_logging}.py

Addresses design review recommendations R3, R8, R9, R4.

All tests pass: 1950 passed, 40 skipped

Co-authored-by: Alexander Payne <apayne@MM.local>

2026-02-28 23:21:09 -05:00

..

creative

CI/CD Optimization: Guard Rails, Pre-commit Checks, and Test Fixes (#90)

2026-02-28 11:36:50 -05:00

dashboard

feat: add security middleware suite - CSRF, security headers, and request logging (#102)

2026-02-28 23:21:09 -05:00

e2e

feat: dockerize OpenFang as vendored tool runtime sidecar (#96)

2026-02-28 19:27:48 -05:00

fixtures

test: add integration tests with real media for music video pipeline

2026-02-24 16:48:14 +00:00

functional

CI/CD Optimization: Guard Rails, Pre-commit Checks, and Test Fixes (#90)

2026-02-28 11:36:50 -05:00

hands

refactor: Phase 3 — reorganize tests into module-mirroring subdirectories

2026-02-26 21:21:28 +00:00

infrastructure

feat: automatic error feedback loop with bug report tracker (#80)

2026-02-27 19:51:37 -05:00

integrations

feat: add security middleware suite - CSRF, security headers, and request logging (#102)

2026-02-28 23:21:09 -05:00

lightning

refactor: Phase 3 — reorganize tests into module-mirroring subdirectories

2026-02-26 21:21:28 +00:00

mcp

refactor: Phase 3 — reorganize tests into module-mirroring subdirectories

2026-02-26 21:21:28 +00:00

scripture

refactor: Phase 3 — reorganize tests into module-mirroring subdirectories

2026-02-26 21:21:28 +00:00

security

refactor: Phase 2a — consolidate dashboard routes (27→22 files)

2026-02-26 21:30:39 +00:00

self_coding

fix: resolve portal startup hangs with non-blocking init (#93)

2026-02-28 15:01:48 -05:00

spark

refactor: Phase 3 — reorganize tests into module-mirroring subdirectories

2026-02-26 21:21:28 +00:00

swarm

audit: clean Docker architecture, consolidate test fixtures, add containerized test runner (#94)

2026-02-28 16:11:58 -05:00

timmy

fix: Docker-first test suite, UX improvements, and bug fixes (#100)

2026-02-28 22:14:37 -05:00

tools

fix: Docker-first test suite, UX improvements, and bug fixes (#100)

2026-02-28 22:14:37 -05:00

__init__.py

feat: scaffold Timmy Time Mission Control (v1.0.0 Genesis)

2026-02-19 19:05:01 +00:00

conftest_markers.py

CI/CD Optimization: Guard Rails, Pre-commit Checks, and Test Fixes (#90)

2026-02-28 11:36:50 -05:00

conftest.py

feat: dockerize OpenFang as vendored tool runtime sidecar (#96)

2026-02-28 19:27:48 -05:00

test_autonomy_phase1.py

feat: Phase 1 autonomy upgrades — introspection, heartbeat, source tagging, Discord auto-detect (#101)

2026-02-28 22:49:24 -05:00

test_openfang_client.py

feat: dockerize OpenFang as vendored tool runtime sidecar (#96)

2026-02-28 19:27:48 -05:00

test_openfang_config.py

feat: dockerize OpenFang as vendored tool runtime sidecar (#96)

2026-02-28 19:27:48 -05:00

test_openfang_executor.py

feat: dockerize OpenFang as vendored tool runtime sidecar (#96)

2026-02-28 19:27:48 -05:00

test_openfang_tools.py

feat: dockerize OpenFang as vendored tool runtime sidecar (#96)

2026-02-28 19:27:48 -05:00