vrr/Pulse
2
0
Fork 0
mirror of https://github.com/rcourtman/Pulse.git synced 2026-04-30 04:20:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
2924 commits 5 branches 426 tags 380 MiB
Commit graph

64 commits

Author SHA1 Message Date
rcourtman
4e3811e69e Cover RBAC mutations in permission denial tests 2026-02-04 15:21:02 +00:00
rcourtman
af1a14f3a7 Cover checksum token auth 2026-02-04 13:28:54 +00:00
rcourtman
bbfc5a9fc4 Fix OIDC login bypass test to expect 302 
redirectOIDCError uses http.StatusFound (302) but the test expected
307. The test was stale after the error redirect was introduced.
 2026-02-04 13:27:10 +00:00
rcourtman
0d564bfd8f Clarify download checksum auth 2026-02-04 13:23:55 +00:00
rcourtman
41c10e60d7 Add auth bypass inventory coverage 2026-02-04 13:16:29 +00:00
rcourtman
8951b6f7f9 Require monitoring scope for socket.io 2026-02-04 12:41:12 +00:00
rcourtman
216ccf0be5 Require auth for socket.io js 2026-02-04 12:39:19 +00:00
rcourtman
63a846cf3b Allow bearer tokens for websocket auth 2026-02-04 12:37:46 +00:00
rcourtman
18ed23504d Harden encoded path traversal coverage 2026-02-04 12:36:44 +00:00
rcourtman
36f1504355 Cover bearer token auth for stats 2026-02-04 12:34:47 +00:00
rcourtman
e23a2a793b Cover socket.io query token auth 2026-02-04 12:32:30 +00:00
rcourtman
7fc9a98c47 Cover websocket query token auth 2026-02-04 12:25:25 +00:00
rcourtman
df08e45993 Require passphrase for config export/import 2026-02-04 12:19:53 +00:00
rcourtman
fb06ae00c1 Harden config export/import validation 2026-02-04 12:18:40 +00:00
rcourtman
0c1ff9da7f Reject invalid pulse_url in setup script 2026-02-04 12:16:20 +00:00
rcourtman
4298d87485 Allow setup token via query param for SSH endpoints 2026-02-04 12:15:22 +00:00
rcourtman
3f51dbb7de Assert security status auth token handling 2026-02-04 12:13:48 +00:00
rcourtman
77f23b35f7 Validate setup script input sanitization 2026-02-04 12:12:13 +00:00
rcourtman
f8c4a28600 Guard SSH key generation in containers 2026-02-04 12:10:10 +00:00
rcourtman
8313d66e64 Ensure public endpoints stay public in API mode 2026-02-04 12:06:50 +00:00
rcourtman
1fddbec07f Ensure public download endpoints bypass auth 2026-02-04 12:05:32 +00:00
rcourtman
a49fa8514a Cover OIDC callback public access 2026-02-04 12:03:56 +00:00
rcourtman
11e28689b2 Cover public setup script access 2026-02-04 12:02:27 +00:00
rcourtman
b57fdd2085 Add path traversal regression tests 2026-02-04 12:00:54 +00:00
rcourtman
f707e0ad40 Add audit auth regression checks 2026-02-04 11:59:48 +00:00
rcourtman
9f1877116b Verify security status bootstrap token exposure 2026-02-04 11:58:02 +00:00
rcourtman
e0e4d24428 Cover setup token access for SSH endpoints 2026-02-04 11:56:16 +00:00
rcourtman
f9489db9e0 Add public endpoint regression coverage 2026-02-04 11:52:15 +00:00
rcourtman
d0e0a85861 Cover RBAC trailing slash routes 2026-02-04 11:40:23 +00:00
rcourtman
a73352a396 Add recovery endpoint regression test 2026-02-04 11:39:30 +00:00
rcourtman
aa61c8edc5 Add quick setup and token auth regression tests 2026-02-04 11:38:09 +00:00
rcourtman
0c4b19ddf4 Add SSH security regression coverage 2026-02-04 11:36:11 +00:00
rcourtman
06df067cd7 Cover apply-restart auth guards 2026-02-04 11:30:37 +00:00
rcourtman
a9dc469de7 Add permission denial regression tests 2026-02-04 11:28:09 +00:00
rcourtman
a2b8b21ada Fix rate limit flake in config export/import tests 2026-02-04 11:23:12 +00:00
rcourtman
ee5931ac7d test: extend admin proxy and reset lockout auth coverage 2026-02-04 11:16:53 +00:00
rcourtman
df4ae9d639 test: deny non-admin proxy users on admin endpoints 2026-02-04 11:14:53 +00:00
rcourtman
65a0b7a0e4 test: cover change-password and public export/import guards 2026-02-04 11:12:54 +00:00
rcourtman
5553214256 test: require auth for license status 2026-02-04 11:08:21 +00:00
rcourtman
ed0f85149d test: require auth for logs and update status 2026-02-04 11:00:46 +00:00
rcourtman
ae58e16525 test: include /api/config in monitoring read coverage 2026-02-04 11:00:03 +00:00
rcourtman
764805b0b9 test: require auth for auto-register 2026-02-04 10:59:24 +00:00
rcourtman
d6172b9a86 test: require auth for config export/import in api mode 2026-02-04 10:57:14 +00:00
rcourtman
47a4dc01cf test: require auth for ai status, license features, scheduler health 2026-02-04 10:56:17 +00:00
rcourtman
5850ddf584 test: enforce proxy admin for config export/import and notifications 2026-02-04 10:54:51 +00:00
rcourtman
83311cdf8c test: require settings:write for ai patrol autonomy update 2026-02-04 10:48:56 +00:00
rcourtman
32426aa6ca test: license gate audit verify endpoint 2026-02-04 10:48:11 +00:00
rcourtman
f8b495c54c test: enforce scope on security token endpoints 2026-02-04 10:47:36 +00:00
rcourtman
0a26ef622a test: license gate audit webhook endpoint 2026-02-04 10:46:53 +00:00
rcourtman
1fdb96db1f test: require settings scopes for config export/import 2026-02-04 10:46:19 +00:00