botserver

Author	SHA1	Message	Date
Rodrigo Rodriguez (Pragmatismo)	c67aaa677a	feat(security): Complete security infrastructure implementation SECURITY MODULES ADDED: - security/auth.rs: Full RBAC with roles (Anonymous, User, Moderator, Admin, SuperAdmin, Service, Bot, BotOwner, BotOperator, BotViewer) and permissions - security/cors.rs: Hardened CORS (no wildcard in production, env-based config) - security/panic_handler.rs: Panic catching middleware with safe 500 responses - security/path_guard.rs: Path traversal protection, null byte prevention - security/request_id.rs: UUID request tracking with correlation IDs - security/error_sanitizer.rs: Sensitive data redaction from responses - security/zitadel_auth.rs: Zitadel token introspection and role mapping - security/sql_guard.rs: SQL injection prevention with table whitelist - security/command_guard.rs: Command injection prevention - security/secrets.rs: Zeroizing secret management - security/validation.rs: Input validation utilities - security/rate_limiter.rs: Rate limiting with governor crate - security/headers.rs: Security headers (CSP, HSTS, X-Frame-Options) MAIN.RS UPDATES: - Replaced tower_http::cors::Any with hardened create_cors_layer() - Added panic handler middleware - Added request ID tracking middleware - Set global panic hook SECURITY STATUS: - 0 unwrap() in production code - 0 panic! in production code - 0 unsafe blocks - cargo audit: PASS (no vulnerabilities) - Estimated completion: ~98% Remaining: Wire auth middleware to handlers, audit logs for sensitive data	2025-12-28 19:29:18 -03:00
Rodrigo Rodriguez (Pragmatismo)	5da86bbef2	Fix clippy warnings: match arms, async/await, Debug impls, formatting - Fix match arms with identical bodies by consolidating patterns - Fix case-insensitive file extension comparisons using eq_ignore_ascii_case - Fix unnecessary Debug formatting in log/format macros - Fix clone_from usage instead of clone assignment - Fix let...else patterns where appropriate - Fix format! append to String using write! macro - Fix unwrap_or with function calls to use unwrap_or_else - Add missing fields to manual Debug implementations - Fix duplicate code in if blocks - Add type aliases for complex types - Rename struct fields to avoid common prefixes - Various other clippy warning fixes Note: Some 'unused async' warnings remain for functions that are called with .await but don't contain await internally - these are kept async for API compatibility.	2025-12-26 08:59:25 -03:00
Rodrigo Rodriguez (Pragmatismo)	883c6d07e1	Remove all code comments and fix ratatui version	2025-12-23 18:40:58 -03:00
Rodrigo Rodriguez (Pragmatismo)	224ddd4a03	chore: Remove emoji icons from log messages and UI Replace emoji icons with plain text/ASCII equivalents to prevent encoding issues and improve console compatibility: - Replace checkmarks with * - Replace x marks with x - Replace status indicators with text [OK], [ERR], etc. - Remove decorative emojis from info/debug log messages - Keep functional emojis in user-facing chat/sentiment features	2025-12-09 07:55:11 -03:00
Rodrigo Rodriguez (Pragmatismo)	c4c9521dd9	- Split into botui.	2025-12-02 21:09:43 -03:00
Rodrigo Rodriguez (Pragmatismo)	c67ff407b1	Add .env.example with comprehensive configuration template The commit adds a complete example environment configuration file documenting all available settings for BotServer, including logging, database, server, drive, LLM, Redis, email, and feature flags. Also removes hardcoded environment variable usage throughout the codebase, replacing them with configuration via config.csv or appropriate defaults. This includes: - WhatsApp, Teams, Instagram adapter configurations - Weather API key handling - Email and directory service configurations - Console feature conditionally compiles monitoring code - Improved logging configuration with library suppression	2025-11-28 13:19:03 -03:00
Rodrigo Rodriguez (Pragmatismo)	53bac1f5ec	- Refactor folder as features.	2025-11-22 22:55:35 -03:00

7 commits