Skip to content

Security + performance audit fixes (19 fixed, 2 partial, 3 deferred)#249

Merged
haowei2000 merged 2 commits into
developfrom
fix/security-perf-audit
Jul 17, 2026
Merged

Security + performance audit fixes (19 fixed, 2 partial, 3 deferred)#249
haowei2000 merged 2 commits into
developfrom
fix/security-perf-audit

Conversation

@haowei2000

Copy link
Copy Markdown
Collaborator

What

Fixes from a deep security + performance audit across all six components (frontend, gateway/API, infra, MCP, connector). The findings were produced by a multi-agent audit, each adversarially verified, and every fix here was then re-reviewed by a second adversarial pass — which caught real bugs in the first-pass fixes (see Review corrections below) that are folded in.

19 fixed · 2 partial · 3 deferred.

Verification (offline)

Crate/app Result
server cargo check ✅ · 172/172 lib tests
connector cargo check ✅ · 98/98 tests
mcp-server cargo check
frontend changed files typecheck clean · 66/66 vitest (only pre-existing PdfViewer.tsx pdfjs errors remain, untouched)

Findings addressed

Security

Performance

Review corrections (first-pass fixes that were wrong, now fixed)

Caught Correction
#4 Redis limiter "fix" was dead, unwired code with a TTL-race → permanent lockout Removed the dead seam; #4 deferred with a real path
#12 retain-only removed the memory bound under an all-live-key flood Added hard-clear fallback
#17 CSP broke audio previews (no media-src) and external avatars (no https: img) Added media-src 'self' blob: + https:
#1 hard ensure_member blocked legitimate non-member bot owners Gate is now member/admin OR bot-owner
#2 missed a bcrypt call in seed.rs Routed through the helper
#10 orphaned stream could stick as plain text on bot crash Offline-finalize guard falls back to Markdown

Behavior changes to note

Deferred (with rationale)

Adds migration 0049_messages_pending_permission_index.sql.

🤖 Generated with Claude Code

haowei2000 and others added 2 commits July 17, 2026 14:21
Deep security + performance audit of frontend, gateway/API, infra, MCP,
and connector. 19 findings fixed, 2 partial, 3 deferred. All fixes were
adversarially re-reviewed; the review's corrections are folded in.

Security
- approval: gate resolve_permission on membership/admin OR bot-owner and
  purge stale approval_delegations + RESPOND grants on member removal (#1)
- agent_bridge: require bot channel membership in handle_acp_event_frame
  before any store write / event-log / broadcast (#3)
- ratelimit: bound eviction (retain live windows + hard-clear fallback) (#12)
- email: never log one-time codes when an email provider is configured (#13)
- CSP: add default/script/style/img/font/connect/media-src; allow https
  images and blob media (#17)
- connector: cap self-update downloads, monotonic anti-downgrade guard,
  bound the loopback pre-auth request body (413) (#14, #24, #15)
- workspace: escape LIKE wildcards; files: normalize content_type to a
  safe allowlist (#22, #23)

Performance
- auth: run all bcrypt hash/verify on spawn_blocking, incl. admin seed (#2)
- db: bounded unread/mention scan (99+), partial index for pending
  permissions, batched Fleet policy resolution (#6, #7, #5)
- gateway: TTL cache for per-trace bot rules, presence roster cache (#8, #9)
- frontend: plain-text streaming render + memoized MarkdownRenderer,
  stable channelFiles memo, offline stream-finalize guard (#10, #11)
- connector: Value::take / mem::take to drop redundant deep clones (#20, #21)

Deferred (documented): #4 Redis-backed cross-replica limiter (interim:
replicaCount=1), #16 httpOnly-cookie session token, #18 Arc fan-out.

Verified offline: server cargo check + 172/172 lib tests; connector cargo
check + 98/98 tests; mcp-server cargo check; frontend typecheck (changed
files clean) + 66/66 vitest.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
cargo fmt --check on the agent packages requires the (mem::take, clone)
tuple from the #21 fix to wrap across lines. Formatting only, no behavior
change.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
@haowei2000
haowei2000 merged commit b8980b2 into develop Jul 17, 2026
10 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant