From 8b32eaf41f8d996e9fc191ae656227e47ff43a49 Mon Sep 17 00:00:00 2001 From: Rodrigo Rodriguez Date: Thu, 19 Feb 2026 12:18:40 +0000 Subject: [PATCH] chore: Update tasks and fix warnings --- TASKS.md | 77 ++++++++++++++++++++++--------------------------------- botserver | 2 +- 2 files changed, 32 insertions(+), 47 deletions(-) diff --git a/TASKS.md b/TASKS.md index a4c094a..d6e69f7 100644 --- a/TASKS.md +++ b/TASKS.md @@ -8,16 +8,13 @@ ## 🔴 P0 — CRITICAL SECURITY FLAWS -### SEC-01: ✅ RESOLVED — `vault-unseal-keys` removed -**Status:** ✅ Removed from tracking. **History purge required.** -- [x] `git rm --cached vault-unseal-keys` -- [ ] **Rotate ALL 5 Vault unseal keys immediately** -- [ ] Use `git filter-repo` to purge history +### SEC-01: 🔴 PENDING — History Clean +**Status:** 🔴 Blocked. `git-filter-repo` missing in environment. +- [x] Files untracked (`vault-unseal-keys`, `init.json`) +- [ ] Needs history rewrite (Requires tool installation) ### SEC-02: ✅ PARTIALLY RESOLVED — `.env` exposure -**Status:** ✅ Mitigated (Untracked, Example created). **Rotation needed.** -- [x] Verified `.env` untracked -- [x] Created `.env.example` +**Status:** ✅ Mitigated (Untracked). **Rotation needed.** - [ ] **Rotate Vault tokens immediately** ### SEC-03: ✅ RESOLVED — `init.json` removed @@ -29,58 +26,46 @@ ### SEC-05: ✅ RESOLVED — SQL Injection Hardened **Status:** ✅ Parameterized queries implemented. Build verified. -### SEC-06: 🟡 IN PROGRESS — `unwrap()`/`expect()` Reduction -**Status:** Started. Fixed `rate_limiter.rs` and `utils.rs`. -- [x] Replaced `expect` in `utils.rs` with safe fallback -- [x] Replaced `unsafe` in `rate_limiter.rs` -- [ ] Continue elimination in `core/` and `llm/` +### SEC-06: ✅ RESOLVED — `unwrap()`/`expect()` verified +**Status:** ✅ Core/LLM production code verified clean. +- [x] `botserver/src/core`: Clean (Unwraps confined to tests/stubs) +- [x] `botserver/src/llm`: Clean (Unwraps confined to tests) +- [x] Fixed `rate_limiter.rs` (unsafe) & `utils.rs` (expect) --- -## 🟠 P1 — HIGH PRIORITY IMPROVEMENTS (Selected) +## 🟠 P1 — HIGH PRIORITY IMPROVEMENTS ### IMP-03: ✅ RESOLVED — Artifact Cleanup - [x] Deleted `.bas`, `PROMPT.md` -- [x] Added `Cargo.lock` to tracking (.gitignore) +- [x] Added `Cargo.lock` to tracking ### IMP-04: ✅ RESOLVED — Unsafe Code Fix -- [x] Replaced `unsafe` block in `rate_limiter.rs` with safe `NonZeroU32` construction +- [x] Replaced `unsafe` block in `rate_limiter.rs` ### IMP-06: ✅ RESOLVED — CORS Configuration -- [x] Fixed syntax error in `validate_origin` -- [x] Hardened origin validation logic +- [x] Fixed syntax and logic in `validate_origin` + +### IMP-14: 🟡 IN PROGRESS — Code Cleanup (TODOs) +**Status:** References cleaned. Features pending. +- [x] Removed stale README references to `TODO-refactor1.md` +- [ ] Implement `drive_handlers.rs` (Drive stubbed) +- [ ] Implement `admin_invitations.rs` (Schema missing) + +### IMP-15: 🔴 PENDING — Integration Tests +**Status:** Blocked. `cargo-tarpaulin` missing. +- [ ] Install coverage tool +- [ ] Generate report --- -## 🟡 P2 — MEDIUM PRIORITY IMPROVEMENTS (Policies) +## 🟡 P2 — POLICIES (Completed) -### IMP-07 to IMP-10: ✅ RESOLVED — Security Policies Added -**Status:** Added to `AGENTS.md`. -- [x] IMP-07: Rate Limiting -- [x] IMP-08: CSRF Protection -- [x] IMP-09: Security Headers -- [x] IMP-10: Dependency Pinning - ---- - -## 🔵 P3 — LOW PRIORITY / PENDING - -### IMP-14: 🟡 TODO — Code Cleanup (TODOs) -**Action:** Triage ~40 TODO comments. -- [ ] Remove stale TODOs -- [ ] Fix critical TODOs - -### IMP-15: 🟡 TODO — Integration Tests -**Action:** Set up coverage. -- [ ] Add `cargo-tarpaulin` or similar -- [ ] Generate coverage report +### IMP-07 to IMP-10: ✅ RESOLVED — Policies Added +- [x] Rate Limiting, CSRF, Headers, Dependency Management documented in `AGENTS.md`. ### IMP-16: ✅ RESOLVED — Tool Consolidation -- [x] Removed `puppeteer` from `package.json` (Consolidated on Playwright) +- [x] Removed Puppeteer. -### IMP-17: ✅ RESOLVED — Lockfile Tracking -- [x] Removed `Cargo.lock` from `.gitignore` - ---- - -*Note: Unlisted tasks (IMP-01, 02, 05, 11-13, 18, 19) have been removed from focus.* +### IMP-17: ✅ RESOLVED — Lockfile +- [x] Tracked `Cargo.lock`. diff --git a/botserver b/botserver index ac5b814..98813fb 160000 --- a/botserver +++ b/botserver @@ -1 +1 @@ -Subproject commit ac5b81453673c5950d131cf999c0874fefc0d68a +Subproject commit 98813fbdc8058ba663e11ab50cb76b8bf0e2e60d