mirror of
https://github.com/ruvnet/RuView.git
synced 2026-04-28 14:09:33 +00:00
924c32547e
Address all 5 P0 issues from QE analysis (55/100 score): - P0-1: Rate limiter bypass — validate X-Forwarded-For against trusted proxy list - P0-2: Exception detail leak — generic 500 messages, exception_type gated by dev mode - P0-3: WebSocket JWT in URL (CWE-598) — first-message auth pattern replaces query param - P0-4: Rust tests not in CI — add rust-tests job gating docker-build and notify - P0-5: WebSocket path mismatch — use WS_PATH constant instead of hardcoded /ws/sensing Includes ADR-080 remediation plan and 9 QE reports (4,914 lines). Firmware validated on ESP32-S3 (COM8): CSI collecting, calibration OK. Co-Authored-By: claude-flow <ruv@ruv.net> |
||
|---|---|---|
| .. | ||
| cd.yml | ||
| ci.yml | ||
| desktop-release.yml | ||
| firmware-ci.yml | ||
| firmware-qemu.yml | ||
| security-scan.yml | ||
| update-submodules.yml | ||
| verify-pipeline.yml | ||