vrr/Ruview
2
0
Fork 0
mirror of https://github.com/ruvnet/RuView.git synced 2026-04-28 05:59:32 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 10
Ruview/docs/qe-reports
History
ruv 924c32547e fix: ADR-080 P0 security + CI remediation from QE analysis 
Address all 5 P0 issues from QE analysis (55/100 score):

- P0-1: Rate limiter bypass — validate X-Forwarded-For against trusted proxy list
- P0-2: Exception detail leak — generic 500 messages, exception_type gated by dev mode
- P0-3: WebSocket JWT in URL (CWE-598) — first-message auth pattern replaces query param
- P0-4: Rust tests not in CI — add rust-tests job gating docker-build and notify
- P0-5: WebSocket path mismatch — use WS_PATH constant instead of hardcoded /ws/sensing

Includes ADR-080 remediation plan and 9 QE reports (4,914 lines).
Firmware validated on ESP32-S3 (COM8): CSI collecting, calibration OK.

Co-Authored-By: claude-flow <ruv@ruv.net>
2026-04-06 16:12:13 -04:00
..
00-qe-queen-summary.md fix: ADR-080 P0 security + CI remediation from QE analysis 2026-04-06 16:12:13 -04:00
01-code-quality-complexity.md fix: ADR-080 P0 security + CI remediation from QE analysis 2026-04-06 16:12:13 -04:00
02-security-review.md fix: ADR-080 P0 security + CI remediation from QE analysis 2026-04-06 16:12:13 -04:00
03-performance-analysis.md fix: ADR-080 P0 security + CI remediation from QE analysis 2026-04-06 16:12:13 -04:00
04-test-analysis.md fix: ADR-080 P0 security + CI remediation from QE analysis 2026-04-06 16:12:13 -04:00
05-quality-experience.md fix: ADR-080 P0 security + CI remediation from QE analysis 2026-04-06 16:12:13 -04:00
06-product-assessment-sfdipot.md fix: ADR-080 P0 security + CI remediation from QE analysis 2026-04-06 16:12:13 -04:00
07-coverage-gaps.md fix: ADR-080 P0 security + CI remediation from QE analysis 2026-04-06 16:12:13 -04:00
EXECUTIVE-SUMMARY.md fix: ADR-080 P0 security + CI remediation from QE analysis 2026-04-06 16:12:13 -04:00