mirror of
https://github.com/ruvnet/RuView.git
synced 2026-05-19 08:10:07 +00:00
47223a98be
Sprint 1 security fixes from quality engineering analysis (issue #170): - Replace XOR-fold fake HMAC with real HMAC-SHA256 (hmac + sha2 crates) in secure_tdm.rs - Add path traversal sanitization on DELETE /api/v1/models/:id and /api/v1/recording/:id - Default bind address changed from 0.0.0.0 to 127.0.0.1 (configurable via --bind-addr / SENSING_BIND_ADDR) - Add PSK authentication to ESP32 OTA firmware upload endpoint (ota_update.c) - Flip WASM signature verification to default-on (CONFIG_WASM_SKIP_SIGNATURE opt-out vs opt-in) - Add 6 new security tests: HMAC key/message sensitivity, determinism, wrong-key rejection, bit-flip detection, enforcing mode - Add clap env feature for environment variable configuration All 106 hardware crate tests pass. Sensing server compiles clean. Closes #170 Co-Authored-By: claude-flow <ruv@ruv.net> |
||
|---|---|---|
| .. | ||
| adr | ||
| ddd | ||
| edge-modules | ||
| research | ||
| build-guide.md | ||
| security-audit-wasm-edge-vendor.md | ||
| user-guide.md | ||
| wifi-mat-user-guide.md | ||
| WITNESS-LOG-028.md | ||