GeneralBots/generalbots
2
1
Fork 0
Code Activity Actions 4
generalbots/src
History
Rodrigo Rodriguez (Pragmatismo) c67aaa677a feat(security): Complete security infrastructure implementation 
SECURITY MODULES ADDED:
- security/auth.rs: Full RBAC with roles (Anonymous, User, Moderator, Admin, SuperAdmin, Service, Bot, BotOwner, BotOperator, BotViewer) and permissions
- security/cors.rs: Hardened CORS (no wildcard in production, env-based config)
- security/panic_handler.rs: Panic catching middleware with safe 500 responses
- security/path_guard.rs: Path traversal protection, null byte prevention
- security/request_id.rs: UUID request tracking with correlation IDs
- security/error_sanitizer.rs: Sensitive data redaction from responses
- security/zitadel_auth.rs: Zitadel token introspection and role mapping
- security/sql_guard.rs: SQL injection prevention with table whitelist
- security/command_guard.rs: Command injection prevention
- security/secrets.rs: Zeroizing secret management
- security/validation.rs: Input validation utilities
- security/rate_limiter.rs: Rate limiting with governor crate
- security/headers.rs: Security headers (CSP, HSTS, X-Frame-Options)

MAIN.RS UPDATES:
- Replaced tower_http::cors::Any with hardened create_cors_layer()
- Added panic handler middleware
- Added request ID tracking middleware
- Set global panic hook

SECURITY STATUS:
- 0 unwrap() in production code
- 0 panic! in production code
- 0 unsafe blocks
- cargo audit: PASS (no vulnerabilities)
- Estimated completion: ~98%

Remaining: Wire auth middleware to handlers, audit logs for sensitive data
2025-12-28 19:29:18 -03:00
..
analytics App generator LLM-only, app logs, knowledge base, web search, designer magic 2025-12-28 11:50:50 -03:00
attendance feat(security): Complete security infrastructure implementation 2025-12-28 19:29:18 -03:00
auto_task Add SECURITY_TASKS.md - security audit checklist, consolidate duplicate utils 2025-12-28 15:32:48 -03:00
basic feat(security): Complete security infrastructure implementation 2025-12-28 19:29:18 -03:00
calendar feat(security): Complete security infrastructure implementation 2025-12-28 19:29:18 -03:00
compliance feat(security): Complete security infrastructure implementation 2025-12-28 19:29:18 -03:00
console feat(security): Complete security infrastructure implementation 2025-12-28 19:29:18 -03:00
core feat(security): Complete security infrastructure implementation 2025-12-28 19:29:18 -03:00
designer feat(security): Complete security infrastructure implementation 2025-12-28 19:29:18 -03:00
directory feat(autotask): Implement AutoTask system with intent classification and app generation 2025-12-27 21:10:09 -03:00
drive feat(security): Complete security infrastructure implementation 2025-12-28 19:29:18 -03:00
email feat(security): Complete security infrastructure implementation 2025-12-28 19:29:18 -03:00
instagram feat(autotask): Implement AutoTask system with intent classification and app generation 2025-12-27 21:10:09 -03:00
llm feat(security): Complete security infrastructure implementation 2025-12-28 19:29:18 -03:00
meet App generator LLM-only, app logs, knowledge base, web search, designer magic 2025-12-28 11:50:50 -03:00
monitoring Remove all code comments and fix ratatui version 2025-12-23 18:40:58 -03:00
msteams feat(autotask): Implement AutoTask system with intent classification and app generation 2025-12-27 21:10:09 -03:00
multimodal feat(security): Complete security infrastructure implementation 2025-12-28 19:29:18 -03:00
nvidia App generator LLM-only, app logs, knowledge base, web search, designer magic 2025-12-28 11:50:50 -03:00
paper Fix clippy warnings: match arms, async/await, Debug impls, formatting 2025-12-26 08:59:25 -03:00
research App generator LLM-only, app logs, knowledge base, web search, designer magic 2025-12-28 11:50:50 -03:00
security feat(security): Complete security infrastructure implementation 2025-12-28 19:29:18 -03:00
sources App generator LLM-only, app logs, knowledge base, web search, designer magic 2025-12-28 11:50:50 -03:00
tasks feat(security): Complete security infrastructure implementation 2025-12-28 19:29:18 -03:00
timeseries Remove all code comments and fix ratatui version 2025-12-23 18:40:58 -03:00
vector-db feat(security): Complete security infrastructure implementation 2025-12-28 19:29:18 -03:00
weba feat(autotask): Implement AutoTask system with intent classification and app generation 2025-12-27 21:10:09 -03:00
whatsapp feat(autotask): Implement AutoTask system with intent classification and app generation 2025-12-27 21:10:09 -03:00
lib.rs refactor: Move AutoTask system from basic/keywords to auto_task module 2025-12-27 22:58:43 -03:00
main.rs feat(security): Complete security infrastructure implementation 2025-12-28 19:29:18 -03:00