diff --git a/AUDIT-DEPENDENCIES.md b/AUDIT-DEPENDENCIES.md deleted file mode 100644 index 3b8ddadd..00000000 --- a/AUDIT-DEPENDENCIES.md +++ /dev/null @@ -1,143 +0,0 @@ -# Dependency Security Audit - -**Date:** 2026-02-02 -**Auditor:** Claude Code -**Project:** host-uk/core (Go CLI) - -## Executive Summary - -✅ **No vulnerabilities found** in current dependencies. - -All modules verified successfully with `go mod verify` and `govulncheck`. - ---- - -## Dependency Analysis - -### Direct Dependencies (15) - -| Package | Version | Purpose | Status | -|---------|---------|---------|--------| -| github.com/Snider/Borg | v0.1.0 | Framework utilities | ✅ Verified | -| github.com/getkin/kin-openapi | v0.133.0 | OpenAPI parsing | ✅ Verified | -| github.com/leaanthony/debme | v1.2.1 | Debounce utilities | ✅ Verified | -| github.com/leaanthony/gosod | v1.0.4 | Go service utilities | ✅ Verified | -| github.com/minio/selfupdate | v0.6.0 | Self-update mechanism | ✅ Verified | -| github.com/modelcontextprotocol/go-sdk | v1.2.0 | MCP SDK | ✅ Verified | -| github.com/oasdiff/oasdiff | v1.11.8 | OpenAPI diff | ✅ Verified | -| github.com/spf13/cobra | v1.10.2 | CLI framework | ✅ Verified | -| github.com/stretchr/testify | v1.11.1 | Testing assertions | ✅ Verified | -| golang.org/x/mod | v0.32.0 | Module utilities | ✅ Verified | -| golang.org/x/net | v0.49.0 | Network utilities | ✅ Verified | -| golang.org/x/oauth2 | v0.34.0 | OAuth2 client | ✅ Verified | -| golang.org/x/term | v0.39.0 | Terminal utilities | ✅ Verified | -| golang.org/x/text | v0.33.0 | Text processing | ✅ Verified | -| gopkg.in/yaml.v3 | v3.0.1 | YAML parser | ✅ Verified | - -### Transitive Dependencies - -- **Total modules:** 161 indirect dependencies -- **Verification:** All modules verified via `go mod verify` -- **Integrity:** go.sum contains 18,380 bytes of checksums - -### Notable Indirect Dependencies - -| Package | Purpose | Risk Assessment | -|---------|---------|-----------------| -| github.com/go-git/go-git/v5 | Git operations | Low - well-maintained | -| github.com/ProtonMail/go-crypto | Cryptography | Low - security-focused org | -| github.com/cloudflare/circl | Cryptographic primitives | Low - Cloudflare maintained | -| cloud.google.com/go | Google Cloud SDK | Low - Google maintained | - ---- - -## Vulnerability Scan Results - -### govulncheck Output - -``` -$ govulncheck ./... -No vulnerabilities found. -``` - -### go mod verify Output - -``` -$ go mod verify -all modules verified -``` - ---- - -## Lock Files - -| File | Status | Notes | -|------|--------|-------| -| go.mod | ✅ Committed | 2,995 bytes, properly formatted | -| go.sum | ✅ Committed | 18,380 bytes, integrity hashes present | -| go.work | ✅ Committed | Workspace configuration | -| go.work.sum | ✅ Committed | Workspace checksums | - ---- - -## Supply Chain Assessment - -### Package Sources - -- ✅ All dependencies from official Go module proxy (proxy.golang.org) -- ✅ No private/unverified package sources -- ✅ Checksum database verification enabled (sum.golang.org) - -### Typosquatting Risk - -- **Low risk** - all dependencies are from well-known organizations: - - golang.org/x/* (Go team) - - github.com/spf13/* (Steve Francia - Cobra maintainer) - - github.com/stretchr/* (Stretchr - testify maintainers) - - cloud.google.com/go/* (Google) - -### Build Process Security - -- ✅ Go modules with verified checksums -- ✅ Reproducible builds via go.sum -- ✅ CI runs `go mod verify` before builds - ---- - -## Recommendations - -### Immediate Actions - -None required - no vulnerabilities detected. - -### Ongoing Maintenance - -1. **Enable Dependabot** - Automated dependency updates via GitHub -2. **Regular audits** - Run `govulncheck ./...` in CI pipeline -3. **Version pinning** - All dependencies are properly pinned - -### CI Integration - -Add to CI workflow: - -```yaml -- name: Verify dependencies - run: go mod verify - -- name: Check vulnerabilities - run: | - go install golang.org/x/vuln/cmd/govulncheck@latest - govulncheck ./... -``` - ---- - -## Appendix: Full Dependency Tree - -Run `go mod graph` to generate the complete dependency tree. - -Total dependency relationships: 445 - ---- - -*Audit generated by Claude Code on 2026-02-02* diff --git a/GEMINI.md b/GEMINI.md deleted file mode 100644 index 30a96e55..00000000 --- a/GEMINI.md +++ /dev/null @@ -1,55 +0,0 @@ -# GEMINI.md - -This file provides guidance for agentic interactions within this repository, specifically for Gemini and other MCP-compliant agents. - -## Agentic Context & MCP - -This project is built with an **Agentic** design philosophy. It is not exclusive to any single LLM provider (like Claude). - -- **MCP Support**: The system is designed to leverage the Model Context Protocol (MCP) to provide rich context and tools to agents. -- **Developer Image**: You are running within a standardized developer image (`host-uk/core` dev environment), ensuring consistent tooling and configuration. - -## Core CLI (Agent Interface) - -The `core` command is the primary interface for agents to manage the project. Agents should **always** prefer `core` commands over raw shell commands (like `go test`, `php artisan`, etc.). - -### Key Commands for Agents - -| Task | Command | Notes | -|------|---------|-------| -| **Health Check** | `core doctor` | Verify tools and environment | -| **Repo Status** | `core dev health` | Quick summary of all repos | -| **Work Status** | `core dev work --status` | Detailed dirty/ahead status | -| **Run Tests** | `core go test` | Run Go tests with correct flags | -| **Coverage** | `core go cov` | Generate coverage report | -| **Build** | `core build` | Build the project safely | -| **Search Code** | `core pkg search` | Find packages/repos | - -## Project Architecture - -Core is a Web3 Framework written in Go using Wails v3. - -### Core Framework - -- **Services**: Managed via dependency injection (`ServiceFor[T]()`). -- **Lifecycle**: `OnStartup` and `OnShutdown` hooks. -- **IPC**: Message-passing system for service communication. - -### Development Workflow - -1. **Check State**: `core dev work --status` -2. **Make Changes**: Modify code, add tests. -3. **Verify**: `core go test` (or `core php test` for PHP components). -4. **Commit**: `core dev commit` (or standard git if automated). -5. **Push**: `core dev push` (handles multiple repos). - -## Testing Standards - -- **Suffix Pattern**: - - `_Good`: Happy path - - `_Bad`: Expected errors - - `_Ugly`: Edge cases/panics - -## Go Workspace - -The project uses Go workspaces (`go.work`). Always run `core go work sync` after modifying modules. diff --git a/ISSUES_TRIAGE.md b/ISSUES_TRIAGE.md deleted file mode 100644 index 584d6cfd..00000000 --- a/ISSUES_TRIAGE.md +++ /dev/null @@ -1,166 +0,0 @@ -# Issues Triage - -Generated: 2026-02-02 - -## Summary - -- **Total Open Issues**: 46 -- **High Priority**: 6 -- **Audit Meta-Issues**: 13 (for Jules AI) -- **Audit Derived Issues**: 20 (created from audits) - ---- - -## High Priority Issues - -| # | Title | Labels | -|---|-------|--------| -| 183 | audit: OWASP Top 10 security review | priority:high, jules | -| 189 | audit: Test coverage and quality | priority:high, jules | -| 191 | audit: API design and consistency | priority:high, jules | -| 218 | Increase test coverage for low-coverage packages | priority:high, testing | -| 219 | Add tests for edge cases, error paths, integration | priority:high, testing | -| 168 | feat(crypt): Implement standalone pkg/crypt | priority:high, enhancement | - ---- - -## Audit Meta-Issues (For Jules AI) - -These are high-level audit tasks that spawn sub-issues: - -| # | Title | Complexity | -|---|-------|------------| -| 183 | audit: OWASP Top 10 security review | large | -| 184 | audit: Authentication and authorization flows | medium | -| 186 | audit: Secrets, credentials, and configuration security | medium | -| 187 | audit: Error handling and logging practices | medium | -| 188 | audit: Code complexity and maintainability | large | -| 189 | audit: Test coverage and quality | large | -| 190 | audit: Performance bottlenecks and optimization | large | -| 191 | audit: API design and consistency | large | -| 192 | audit: Documentation completeness and quality | large | -| 193 | audit: Developer experience (DX) review | large | -| 197 | [Audit] Concurrency and Race Condition Analysis | medium | -| 198 | [Audit] CI/CD Pipeline Security | medium | -| 199 | [Audit] Architecture Patterns | large | -| 201 | [Audit] Error Handling and Recovery | medium | -| 202 | [Audit] Configuration Management | medium | - ---- - -## By Category - -### Security (4 issues) - -| # | Title | Priority | -|---|-------|----------| -| 221 | Remove StrictHostKeyChecking=no from SSH commands | - | -| 222 | Sanitize user input in execInContainer to prevent injection | - | -| 183 | audit: OWASP Top 10 security review | high | -| 213 | Add logging for security events (authentication, access) | - | - -### Testing (3 issues) - -| # | Title | Priority | -|---|-------|----------| -| 218 | Increase test coverage for low-coverage packages | high | -| 219 | Add tests for edge cases, error paths, integration | high | -| 220 | Configure branch coverage measurement in test tooling | - | - -### Error Handling (4 issues) - -| # | Title | -|---|-------| -| 227 | Standardize on cli.Error for user-facing errors, deprecate cli.Fatal | -| 228 | Implement panic recovery mechanism with graceful shutdown | -| 229 | Log all errors at handling point with contextual information | -| 230 | Centralize user-facing error strings in i18n translation files | - -### Documentation (6 issues) - -| # | Title | -|---|-------| -| 231 | Update README.md to reflect actual configuration management | -| 233 | Add CONTRIBUTING.md with contribution guidelines | -| 234 | Add CHANGELOG.md to track version changes | -| 235 | Add user documentation: user guide, FAQ, troubleshooting | -| 236 | Add configuration documentation to README | -| 237 | Add Architecture Decision Records (ADRs) | - -### Architecture (3 issues) - -| # | Title | -|---|-------| -| 215 | Refactor Core struct to smaller, focused components | -| 216 | Introduce typed messaging system for IPC (replace interface{}) | -| 232 | Create centralized configuration service | - -### Performance (2 issues) - -| # | Title | -|---|-------| -| 224 | Add streaming API to pkg/io/local for large file handling | -| 225 | Use background goroutines for long-running operations | - -### Logging (3 issues) - -| # | Title | -|---|-------| -| 212 | Implement structured logging (JSON format) | -| 213 | Add logging for security events | -| 214 | Implement log retention policy | - -### New Features (7 issues) - -| # | Title | Priority | -|---|-------|----------| -| 168 | feat(crypt): Implement standalone pkg/crypt | high | -| 167 | feat(config): Implement standalone pkg/config | - | -| 170 | feat(plugin): Consolidate pkg/module into pkg/plugin | - | -| 171 | feat(cli): Implement build variants | - | -| 217 | Implement authentication and authorization features | - | -| 211 | feat(setup): add .core/setup.yaml for dev environment | - | - -### Help System (5 issues) - -| # | Title | Complexity | -|---|-------|------------| -| 133 | feat(help): Implement display-agnostic help system | large | -| 134 | feat(help): Remove Wails dependencies from pkg/help | large | -| 135 | docs(help): Create help content for core CLI | large | -| 136 | feat(help): Add CLI help command | small | -| 138 | feat(help): Implement Catalog and Topic types | large | -| 139 | feat(help): Implement full-text search | small | - ---- - -## Potential Duplicates / Overlaps - -1. **Error Handling**: #187, #201, #227-230 all relate to error handling -2. **Documentation**: #192, #231-237 all relate to documentation -3. **Configuration**: #202, #167, #232 all relate to configuration -4. **Security Audits**: #183, #184, #186, #221, #222 all relate to security - ---- - -## Recommendations - -1. **Close audit meta-issues as work is done**: Issues #183-202 are meta-audit issues that should be closed once their derived issues are created/completed. - -2. **Link related issues**: Create sub-issue relationships: - - #187 (audit: error handling) -> #227, #228, #229, #230 - - #192 (audit: docs) -> #231, #233, #234, #235, #236, #237 - - #202 (audit: config) -> #167, #232 - -3. **Good first issues**: #136, #139 are marked as good first issues - -4. **Consider closing duplicates**: - - #187 vs #201 (both about error handling) - - #192 vs #231-237 (documentation) - -5. **Priority order for development**: - 1. Security fixes (#221, #222) - 2. Test coverage (#218, #219) - 3. Core infrastructure (#168 - crypt, #167 - config) - 4. Error handling standardization (#227-230) - 5. Documentation (#233-237) diff --git a/Makefile b/Makefile deleted file mode 100644 index 7dcdd427..00000000 --- a/Makefile +++ /dev/null @@ -1,20 +0,0 @@ -.PHONY: all dev prod-docs development-docs - -all: - (cd cmd/core-gui && task build) - -.ONESHELL: -dev: - (cd cmd/core-gui && task dev) - -pre-commit: - coderabbit review --prompt-only - -development-docs: - @echo "Running development documentation Website..." - @(cd pkg/core/docs && mkdocs serve -w src) - -prod-docs: - @echo "Generating documentation tp Repo Root..." - @(cd pkg/core/docs && mkdocs build -d public && cp -r src public) - @echo "Documentation generated at docs/index.html" \ No newline at end of file diff --git a/github-projects-recovery.md b/github-projects-recovery.md deleted file mode 100644 index 5ead7321..00000000 --- a/github-projects-recovery.md +++ /dev/null @@ -1,403 +0,0 @@ -# GitHub Projects Recovery — host-uk org - -> Recovered 2026-02-08 from flagged GitHub org before potential data loss. -> Projects 1 (Core.Framework) was empty. Projects 2, 3, 4 captured below. - ---- - -## Project 2: Workstation (43 items) - -> Agentic task queue — issues labelled agent:ready across all host-uk repos. - -| # | Title | Issue | -|---|-------|-------| -| 1 | feat: add workspace.yaml support for unified package commands | #38 | -| 2 | feat: add core setup command for GitHub repo configuration | #45 | -| 3 | docs sync ignores packages_dir from workspace.yaml | #46 | -| 4 | feat: add core qa command area for CI/workflow monitoring | #47 | -| 5 | feat: add core security command to expose Dependabot and code scanning alerts | #48 | -| 6 | feat: add core monitor to aggregate free tier scanner results | #49 | -| 7 | feat: add core qa issues for intelligent issue triage | #61 | -| 8 | feat: add core qa review for PR review status | #62 | -| 9 | feat: add core qa health for aggregate CI health | #63 | -| 10 | feat(dev): add safe git operations for AI agents | #53 | -| 11 | docs(mcp): Document MCP server setup and usage | #125 | -| 12 | feat: Implement persistent MCP server in daemon mode | #118 | -| 13 | chore(io): Migrate pkg/agentic to Medium abstraction | #104 | -| 14 | feat: Evolve pkg/io from Medium abstraction to io.Node (Borg + Enchantrix) | #101 | -| 15 | Add streaming API to pkg/io/local for large file handling | #224 | -| 16 | feat(hooks): Add core ai hook for async test running | #262 | -| 17 | feat(ai): Add core ai spawn for parallel agent tasks | #260 | -| 18 | feat(ai): Add core ai cost for budget tracking | #261 | -| 19 | feat(ai): Add core ai session for session management | #259 | -| 20 | feat(test): Add smart test detection to core test | #258 | -| 21 | feat(test): Add core test --watch continuous testing mode | #257 | -| 22 | feat(collect): Add core collect dispatch event hook system | #256 | -| 23 | feat(collect): Add core collect process command | #255 | -| 24 | feat(collect): Add core collect excavate command | #254 | -| 25 | feat(collect): Add core collect papers command | #253 | -| 26 | feat(collect): Add core collect bitcointalk command | #251 | -| 27 | feat(collect): Add core collect market command | #252 | -| 28 | feat(collect): Add core collect github command | #250 | -| 29 | epic(security): workspace isolation and authorisation hardening | #31 | -| 30 | epic(security): SQL query validation and execution safety | #32 | -| 31 | epic(fix): namespace and import corrections | #33 | -| 32 | epic(chore): configuration and documentation standardisation | #34 | -| 33 | Epic: Webhook Security Hardening | #27 | -| 34 | Epic: API Performance Optimisation | #28 | -| 35 | Epic: MCP API Hardening | #29 | -| 36 | Epic: API Test Coverage | #30 | -| 37 | Epic: Security Hardening | #104 | -| 38 | Epic: Input Validation & Sanitisation | #105 | -| 39 | Epic: Test Coverage | #106 | -| 40 | Epic: Error Handling & Observability | #107 | -| 41 | Epic: Performance Optimisation | #108 | -| 42 | Epic: Code Quality & Architecture | #109 | -| 43 | Epic: Documentation | #110 | - ---- - -## Project 4: Core.GO & Core.CLI (97 items) - -> Go framework and CLI development — host-uk/core repo. Filter by lang:go label. - -| # | Title | Issue | -|---|-------|-------| -| 1 | feat: add workspace.yaml support for unified package commands | #38 | -| 2 | feat: add core setup command for GitHub repo configuration | #45 | -| 3 | docs sync ignores packages_dir from workspace.yaml | #46 | -| 4 | feat: add core qa command area for CI/workflow monitoring | #47 | -| 5 | feat: add core security command to expose Dependabot and code scanning alerts | #48 | -| 6 | feat: add core monitor to aggregate free tier scanner results | #49 | -| 7 | feat(crypt): Implement standalone pkg/crypt with modern cryptographic primitives | #168 | -| 8 | feat(cli): Implement build variants for reduced attack surface | #171 | -| 9 | feat(config): Implement standalone pkg/config with layered configuration | #167 | -| 10 | feat(io): Fix pkg/io import and add symlink-safe path validation | #169 | -| 11 | feat(plugin): Consolidate pkg/module into pkg/plugin with GitHub installation | #170 | -| 12 | feat(help): Implement full-text search | #139 | -| 13 | feat(help): Implement Catalog and Topic types | #138 | -| 14 | feat(help): Implement markdown parsing and section extraction | #137 | -| 15 | feat(help): Remove Wails dependencies from pkg/help | #134 | -| 16 | feat(help): Add CLI help command | #136 | -| 17 | docs(help): Create help content for core CLI | #135 | -| 18 | feat(help): Implement display-agnostic help system for CLI and GUI | #133 | -| 19 | chore(log): Remove deprecated pkg/errors package | #131 | -| 20 | feat(log): Add combined log-and-return error helpers | #129 | -| 21 | chore(log): Create pkg/errors deprecation alias | #128 | -| 22 | feat(log): Unify pkg/errors and pkg/log into single logging package | #127 | -| 23 | feat(mcp): Add TCP transport | #126 | -| 24 | docs(mcp): Document MCP server setup and usage | #125 | -| 25 | feat(mcp): Add MCP command for manual server control | #124 | -| 26 | feat(mcp): Create MCPService for framework integration | #122 | -| 27 | feat(mcp): Add health check integration | #123 | -| 28 | chore(log): Migrate pkg/errors imports to pkg/log | #130 | -| 29 | feat(mcp): Add connection management and graceful draining | #121 | -| 30 | feat(mcp): Add daemon mode detection and auto-start | #119 | -| 31 | feat(mcp): Add Unix socket transport | #120 | -| 32 | feat: Implement persistent MCP server in daemon mode | #118 | -| 33 | chore(io): Migrate internal/cmd/setup to Medium abstraction | #116 | -| 34 | chore(io): Migrate internal/cmd/docs to Medium abstraction | #113 | -| 35 | chore(io): Migrate remaining internal/cmd/* to Medium abstraction | #117 | -| 36 | chore(io): Migrate internal/cmd/dev to Medium abstraction | #114 | -| 37 | chore(io): Migrate internal/cmd/sdk to Medium abstraction | #115 | -| 38 | chore(io): Migrate internal/cmd/php to Medium abstraction | #112 | -| 39 | feat(log): Add error creation functions to pkg/log | #132 | -| 40 | chore(io): Migrate pkg/cache to Medium abstraction | #111 | -| 41 | chore(io): Migrate pkg/devops to Medium abstraction | #110 | -| 42 | chore(io): Migrate pkg/cli to Medium abstraction | #107 | -| 43 | chore(io): Migrate pkg/build to Medium abstraction | #109 | -| 44 | chore(io): Migrate pkg/container to Medium abstraction | #105 | -| 45 | chore(io): Migrate pkg/repos to Medium abstraction | #108 | -| 46 | feat(io): Migrate pkg/mcp to use Medium abstraction | #103 | -| 47 | chore(io): Migrate pkg/release to Medium abstraction | #106 | -| 48 | chore(io): Migrate pkg/agentic to Medium abstraction | #104 | -| 49 | feat(io): Extend Medium interface with missing operations | #102 | -| 50 | fix(php): core php ci improvements needed | #92 | -| 51 | CLI Output: Color contrast audit and terminal adaptation | #99 | -| 52 | feat: Evolve pkg/io from Medium abstraction to io.Node (Borg + Enchantrix) | #101 | -| 53 | Documentation: Improve Accessibility | #89 | -| 54 | Web UI: Audit Angular App Accessibility | #88 | -| 55 | Add configuration documentation to README | #236 | -| 56 | Add Architecture Decision Records (ADRs) | #237 | -| 57 | Add user documentation: user guide, FAQ, troubleshooting guide | #235 | -| 58 | Add CHANGELOG.md to track version changes | #234 | -| 59 | Add CONTRIBUTING.md with contribution guidelines | #233 | -| 60 | Create centralized configuration service to reduce code duplication | #232 | -| 61 | Update README.md to reflect actual configuration management implementation | #231 | -| 62 | Centralize user-facing error strings in i18n translation files | #230 | -| 63 | Log all errors at handling point with contextual information | #229 | -| 64 | Implement panic recovery mechanism with graceful shutdown | #228 | -| 65 | Standardize on cli.Error for user-facing errors, deprecate cli.Fatal | #227 | -| 66 | Add linker flags (-s -w) to reduce binary size | #226 | -| 67 | Use background goroutines for long-running operations to prevent UI blocking | #225 | -| 68 | Add streaming API to pkg/io/local for large file handling | #224 | -| 69 | Fix Go environment to run govulncheck for dependency scanning | #223 | -| 70 | Sanitize user input in execInContainer to prevent injection | #222 | -| 71 | Configure branch coverage measurement in test tooling | #220 | -| 72 | Remove StrictHostKeyChecking=no from SSH commands | #221 | -| 73 | Implement authentication and authorization features described in README | #217 | -| 74 | Add tests for edge cases, error paths, and integration scenarios | #219 | -| 75 | Increase test coverage for low-coverage packages (cli, internal/cmd/dev) | #218 | -| 76 | Introduce typed messaging system for IPC (replace interface{}) | #216 | -| 77 | Refactor Core struct to smaller, focused components (ServiceManager, MessageBus, LifecycleManager) | #215 | -| 78 | Implement structured logging (JSON format) | #212 | -| 79 | Implement log retention policy | #214 | -| 80 | Add logging for security events (authentication, access) | #213 | -| 81 | feat(setup): add .core/setup.yaml for dev environment bootstrapping | #211 | -| 82 | audit: Documentation completeness and quality | #192 | -| 83 | audit: API design and consistency | #191 | -| 84 | [Audit] Concurrency and Race Condition Analysis | #197 | -| 85 | feat(hooks): Add core ai hook for async test running | #262 | -| 86 | feat(ai): Add core ai spawn for parallel agent tasks | #260 | -| 87 | feat(ai): Add core ai cost for budget tracking | #261 | -| 88 | feat(ai): Add core ai session for session management | #259 | -| 89 | feat(test): Add smart test detection to core test | #258 | -| 90 | feat(test): Add core test --watch continuous testing mode | #257 | -| 91 | feat(collect): Add core collect dispatch event hook system | #256 | -| 92 | feat(collect): Add core collect process command | #255 | -| 93 | feat(collect): Add core collect excavate command | #254 | -| 94 | feat(collect): Add core collect bitcointalk command | #251 | -| 95 | feat(collect): Add core collect papers command | #253 | -| 96 | feat(collect): Add core collect market command | #252 | -| 97 | feat(collect): Add core collect github command | #250 | - ---- - -## Project 3: Core.PHP (195 items) - -> Laravel/PHP ecosystem — all core-* packages. Filter by lang:php label. - -| # | Title | Issue | -|---|-------|-------| -| 1 | Dependency: Consider adding security scanning to CI pipeline | #31 | -| 2 | Concurrency: Sanitiser preset registration not thread-safe | #32 | -| 3 | Documentation: Missing SECURITY.md with vulnerability reporting process | #30 | -| 4 | Error Handling: ResilientSession redirect loop potential | #28 | -| 5 | Configuration: ConfigValue encryption may cause issues during APP_KEY rotation | #25 | -| 6 | Testing: Missing test coverage for critical security components | #23 | -| 7 | Security: HadesEncrypt embeds hardcoded public key | #21 | -| 8 | Security: SafeWebhookUrl DNS rebinding vulnerability | #17 | -| 9 | Performance: selectRaw queries may have missing indexes | #19 | -| 10 | Core Bouncer: Request Whitelisting System | #14 | -| 11 | Security: ManagesTokens trait stores tokens in memory without protection | #18 | -| 12 | Trees: Consolidate subscriber monthly command from Commerce module | #12 | -| 13 | Trees: Webhook/API for TFTF confirmation | #13 | -| 14 | CSRF token not automatically attached in bootstrap.js | #17 | -| 15 | Missing exception handling configuration in bootstrap/app.php | #15 | -| 16 | CI workflow only runs on main branch but repo uses dev as main | #14 | -| 17 | Minimal test coverage for a best-practices template | #16 | -| 18 | Missing declare(strict_types=1) in PHP files violates coding standards | #12 | -| 19 | Dependencies using dev-main branches instead of stable versions | #13 | -| 20 | Security: No HTTPS enforcement in production | #11 | -| 21 | Security: SESSION_ENCRYPT=false in .env.example is insecure default | #8 | -| 22 | Security: No rate limiting configured for any routes | #10 | -| 23 | Security: Missing security headers middleware by default | #9 | -| 24 | Security: ActivityLog query vulnerable to SQL wildcard injection | #20 | -| 25 | Missing: Rate limiting not applied to Livewire component methods | #17 | -| 26 | Missing: Log redaction patterns incomplete for common sensitive data | #16 | -| 27 | Code Quality: Livewire components duplicate checkHadesAccess() method | #19 | -| 28 | Error Handling: RemoteServerManager writeFile() has command injection via base64 | #15 | -| 29 | Missing: phpseclib3 not in composer.json dependencies | #18 | -| 30 | Performance: Query logging enabled unconditionally in local environment | #12 | -| 31 | Testing: Test suite does not verify Hades authorization enforcement | #11 | -| 32 | Error Handling: LogReaderService silently fails on file operations | #10 | -| 33 | Security: Telescope hides insufficient request headers in production | #14 | -| 34 | Security: IP validation missing for Server model | #13 | -| 35 | Security: Hades cookie has 1-year expiry with no rotation | #8 | -| 36 | Security: DevController authorize() method undefined | #7 | -| 37 | Security: Missing HADES_TOKEN configuration in .env.example | #9 | -| 38 | Security: Missing workspace authorization check when creating Server records | #6 | -| 39 | Security: SQL injection vulnerability in Database query tool - stacked query bypass | #4 | -| 40 | Security: Server SSH connection test uses StrictHostKeyChecking=no | #5 | -| 41 | Missing: Webhook endpoint URL scheme validation | #19 | -| 42 | Missing: Tests for WebhookSecretRotationService grace period edge cases | #20 | -| 43 | Performance: ApiUsageDaily recordFromUsage performs multiple queries | #18 | -| 44 | Security: API key scopes exposed in 403 error responses | #17 | -| 45 | Missing: Webhook delivery retry job lacks idempotency key | #15 | -| 46 | Configuration: No environment variable validation for API config | #16 | -| 47 | Error Handling: MCP registry YAML files read without validation | #14 | -| 48 | Missing: Index on webhook_deliveries for needsDelivery scope | #12 | -| 49 | Code Quality: WebhookSignature generateSecret uses Str::random instead of cryptographic RNG | #13 | -| 50 | Error Handling: recordUsage() called synchronously on every request | #10 | -| 51 | Security: Rate limit sliding window stores individual timestamps - memory growth concern | #9 | -| 52 | Security: WebhookSecretController lacks authorization checks | #11 | -| 53 | Security: Webhook secret visible in API response after rotation | #7 | -| 54 | Missing: Tests for MCP API Controller tool execution | #8 | -| 55 | Performance: API key lookup requires loading all candidates with matching prefix | #6 | -| 56 | Security: Webhook URL SSRF vulnerability - no validation of internal/private network URLs | #4 | -| 57 | Security: MCP tool execution uses proc_open without output sanitization | #5 | -| 58 | Missing tests for Social API controllers | #2 | -| 59 | Verify ProductApiController implementation | #3 | -| 60 | Session data stored without encryption (SESSION_ENCRYPT=false) | #18 | -| 61 | Mass assignment vulnerability in ContentEditor save method | #17 | -| 62 | AdminPageSearchProvider returns hardcoded URLs without auth checking | #16 | -| 63 | Missing rate limiting on sensitive admin operations | #14 | -| 64 | XSS risk in GlobalSearch component's JSON encoding | #13 | -| 65 | Missing validation for sortField parameter allows SQL injection | #10 | -| 66 | Missing test coverage for critical admin operations | #11 | -| 67 | Cache flush in Platform.php may cause service disruption | #12 | -| 68 | Missing CSRF protection for Livewire file uploads | #9 | -| 69 | N+1 query risk in ContentManager computed properties | #8 | -| 70 | Missing route authentication middleware on admin routes | #7 | -| 71 | Missing authorization check on Dashboard and Console components | #4 | -| 72 | SQL injection risk via LIKE wildcards in search queries | #5 | -| 73 | Bug: CheckMcpQuota middleware checks wrong attribute name | #22 | -| 74 | Security: DataRedactor does not handle object properties | #21 | -| 75 | Performance: QueryDatabase tool fetches all results before truncation | #20 | -| 76 | Documentation: Missing env validation for sensitive configuration | #23 | -| 77 | Security: McpAuditLog hash chain has race condition in transaction | #18 | -| 78 | Configuration: Missing MCP config file with database and security settings | #17 | -| 79 | Security: ApiKeyManager Livewire component missing CSRF and rate limiting | #19 | -| 80 | Error Handling: QueryExecutionService swallows timeout configuration errors | #16 | -| 81 | Security: SqlQueryValidator whitelist regex may allow SQL injection via JOINs | #15 | -| 82 | Test Coverage: Missing tests for critical security components | #14 | -| 83 | Security: McpApiController namespace mismatch and missing authorization | #11 | -| 84 | Security: AuditLogService export method has no authorization check | #13 | -| 85 | Bug: UpgradePlan tool imports RequiresWorkspaceContext from wrong namespace | #10 | -| 86 | Security: McpAuthenticate accepts API key in query string | #8 | -| 87 | Performance: AuditLogService hash chain verification loads entire log table | #12 | -| 88 | Bug: CircuitBreaker imports wrong namespace for CircuitOpenException | #9 | -| 89 | Security: ListTables tool uses MySQL-specific SHOW TABLES query | #7 | -| 90 | Security: ListTables tool exposes all database tables without authorization | #6 | -| 91 | Security: CreateCoupon tool missing strict_types declaration | #4 | -| 92 | Multi-server federation for MCP | #3 | -| 93 | Security: CreateCoupon tool missing workspace context/authorization | #5 | -| 94 | WebSocket support for real-time MCP updates | #2 | -| 95 | Incomplete account deletion may leave orphaned data | #13 | -| 96 | Error handling gap: Webhook secret returned in creation response | #14 | -| 97 | Missing environment validation for sensitive configuration | #18 | -| 98 | Potential timing attack in invitation token verification | #17 | -| 99 | Race condition in workspace default switching | #11 | -| 100 | Missing test coverage for TotpService TOTP verification | #12 | -| 101 | Missing authorisation check in EntitlementApiController::summary | #10 | -| 102 | Missing rate limiting on sensitive entitlement API endpoints | #9 | -| 103 | Security: Hardcoded test credentials in DemoTestUserSeeder | #7 | -| 104 | Security: SQL injection-like pattern in search query | #8 | -| 105 | Complete UserStatsService TODO items | #2 | -| 106 | Security: SSRF protection missing DNS rebinding defence in webhook dispatch job | #6 | -| 107 | Refund::markAsSucceeded not wrapped in transaction with payment update | #28 | -| 108 | Missing strict_types in Refund model | #30 | -| 109 | CreditNoteService::autoApplyCredits lacks transaction wrapper | #27 | -| 110 | Fail-open VAT validation could allow tax evasion | #25 | -| 111 | Missing strict_types in CreditNote model | #29 | -| 112 | Missing tests for CommerceController API endpoints | #26 | -| 113 | API controller returns raw exception messages to clients | #22 | -| 114 | Missing rate limiting on Commerce API endpoints | #23 | -| 115 | ProcessDunning console command lacks mutex/locking for concurrent runs | #24 | -| 116 | Race condition in CreditNote::recordUsage without row locking | #21 | -| 117 | Missing strict_types in PaymentMethodService.php | #20 | -| 118 | Missing strict_types in CreditNoteService.php | #19 | -| 119 | Missing tests for UsageBillingService | #16 | -| 120 | Missing strict_types in RefundService.php | #18 | -| 121 | Missing return type declarations in CreditNote model scopes | #14 | -| 122 | Missing tests for PaymentMethodService | #17 | -| 123 | MySQL-specific raw SQL breaks database portability | #13 | -| 124 | Missing strict_types declaration in UsageBillingService.php | #11 | -| 125 | Weak random number generation in CreditNote reference number | #12 | -| 126 | Missing tests for CreditNoteService | #15 | -| 127 | Missing tests for critical fraud detection paths | #9 | -| 128 | Missing strict_types declaration in TaxService.php | #10 | -| 129 | Missing index validation and SQL injection protection in Coupon scopes | #6 | -| 130 | Missing database transaction in referral payout commission assignment | #8 | -| 131 | Potential N+1 query in StripeGateway::createCheckoutSession | #7 | -| 132 | Race condition in Order number generation | #5 | -| 133 | Missing strict type declaration in SubscriptionService.php | #3 | -| 134 | Warehouse & Fulfillment System | #2 | -| 135 | Race condition in Invoice number generation | #4 | -| 136 | [Audit] Architecture Patterns | #50 | -| 137 | [Audit] Database Query Optimization | #48 | -| 138 | [Audit] Error Handling and Recovery | #51 | -| 139 | [Audit] Concurrency and Race Condition Analysis | #47 | -| 140 | audit: API design and consistency | #44 | -| 141 | audit: Performance bottlenecks and optimization | #43 | -| 142 | [Audit] Multi-Tenancy Security | #23 | -| 143 | fix(composer): simplify dependencies for hello world setup | #21 | -| 144 | [Audit] Database Query Optimization | #23 | -| 145 | audit: Test coverage and quality | #42 | -| 146 | audit: Code complexity and maintainability | #41 | -| 147 | audit: Authentication and authorization flows | #38 | -| 148 | audit: Dependency vulnerabilities and supply chain | #39 | -| 149 | [Audit] Database Query Optimization | #22 | -| 150 | audit: OWASP Top 10 security review | #36 | -| 151 | audit: Input validation and sanitization | #37 | -| 152 | security(mcp): ContentTools.php accepts workspace as request parameter enabling cross-tenant access | #29 | -| 153 | quality(mcp): standardise tool schema and request input patterns to match MCP spec | #30 | -| 154 | epic(security): workspace isolation and authorisation hardening | #31 | -| 155 | epic(security): SQL query validation and execution safety | #32 | -| 156 | epic(fix): namespace and import corrections | #33 | -| 157 | epic(chore): configuration and documentation standardisation | #34 | -| 158 | Epic: Webhook Security Hardening | #27 | -| 159 | Epic: API Performance Optimisation | #28 | -| 160 | Epic: MCP API Hardening | #29 | -| 161 | Epic: API Test Coverage | #30 | -| 162 | security(trees): fix race condition in PlantTreeWithTFTF job | #77 | -| 163 | security(auth): replace LthnHash with bcrypt for password hashing | #78 | -| 164 | security(helpers): fix SSRF in File.php via unvalidated Http::get | #79 | -| 165 | security(input): sanitise route parameters in Sanitiser middleware | #80 | -| 166 | security(trees): validate $model parameter in TreeStatsController | #81 | -| 167 | security(tests): remove hardcoded API token from test file | #82 | -| 168 | quality(bouncer): move env() call to config file in BouncerMiddleware | #83 | -| 169 | security(api): prevent upstream body leakage in BuildsResponse | #84 | -| 170 | security(auth): add session configuration file | #85 | -| 171 | quality(logging): add correlation IDs to request logging | #86 | -| 172 | security(logging): prevent PII leakage in LogsActivity trait | #87 | -| 173 | performance(queries): fix N+1 queries in ConfigResolver, AdminMenuRegistry, activity feed, SeoScoreTrend | #88 | -| 174 | performance(queries): replace ::all() with chunking/cursors | #89 | -| 175 | security(bouncer): review overly permissive bypass patterns | #90 | -| 176 | performance(http): add caching headers middleware | #91 | -| 177 | quality(scanner): refactor ModuleScanner namespace detection | #92 | -| 178 | security(input): extend superglobal sanitisation to cookies and server vars | #93 | -| 179 | docs(arch): add architecture diagram | #94 | -| 180 | docs(decisions): add Architecture Decision Records | #95 | -| 181 | docs(changelog): create formal changelog | #96 | -| 182 | docs(guide): add user guide, FAQ, and troubleshooting | #97 | -| 183 | quality(tenant): fix BelongsToWorkspace trait location discrepancy | #98 | -| 184 | quality(errors): implement custom exception hierarchy | #99 | -| 185 | quality(registry): reduce code duplication in ModuleRegistry | #100 | -| 186 | test(unit): add unit tests for src/ classes | #101 | -| 187 | test(security): add security-specific test suite | #102 | -| 188 | test(integration): add integration tests | #103 | -| 189 | Epic: Performance Optimisation | #108 | -| 190 | Epic: Code Quality & Architecture | #109 | -| 191 | Epic: Documentation | #110 | -| 192 | Epic: Input Validation & Sanitisation | #105 | -| 193 | Epic: Security Hardening | #104 | -| 194 | Epic: Test Coverage | #106 | -| 195 | Epic: Error Handling & Observability | #107 | - ---- - -## Summary - -| Project | Items | Focus | -|---------|-------|-------| -| #1 Core.Framework | 0 (empty) | 10,000ft architectural decisions | -| #2 Workstation | 43 | Agentic task queue, cross-repo | -| #3 Core.PHP | 195 | Laravel/PHP security, quality, tests | -| #4 Core.GO & Core.CLI | 97 | Go framework, CLI, MCP, io abstraction | -| **Total** | **335** | | - -### Categories at a glance - -**Core.PHP (#3)** — Dominated by security findings and audit results: -- ~60 security vulnerabilities (SQL injection, SSRF, XSS, auth bypass, race conditions) -- ~30 missing strict_types / coding standards -- ~25 missing test coverage -- ~15 performance issues (N+1 queries, missing indexes) -- ~10 epics grouping related work -- ~10 audit tasks -- Misc: docs, config, quality - -**Core.GO (#4)** — Feature development and refactoring: -- ~15 io/Medium abstraction migrations -- ~10 MCP server features (transports, daemon, health) -- ~10 help system features -- ~8 log/error unification -- ~8 collect commands (data gathering) -- ~7 ai/test commands -- ~7 documentation/config audit -- Misc: security hardening, accessibility - -**Workstation (#2)** — Subset of #3 and #4 tagged for agentic execution: -- Features ready for AI agent implementation -- Epics spanning both Go and PHP diff --git a/infra.yaml b/infra.yaml deleted file mode 100644 index 8afc7b2d..00000000 --- a/infra.yaml +++ /dev/null @@ -1,268 +0,0 @@ -# Infrastructure Configuration — Host UK Production -# This file is the source of truth for production topology. -# Used by: core prod status, core prod setup, core deploy ansible - -# --- Hosts --- -hosts: - noc: - fqdn: noc.host.uk.com - ip: 77.42.42.205 - private_ip: 10.0.0.4 - type: hcloud - role: bastion - ssh: - user: root - key: ~/.ssh/hostuk - port: 22 - services: - - coolify - - de: - fqdn: de.host.uk.com - ip: 116.202.82.115 - type: hrobot - role: app - ssh: - user: root - key: ~/.ssh/hostuk - port: 22 - services: - - traefik - - app - - web - - horizon - - scheduler - - mcp - - redis - - galera - - de2: - fqdn: de2.host.uk.com - ip: 88.99.195.41 - type: hrobot - role: app - ssh: - user: root - key: ~/.ssh/hostuk - port: 22 - services: - - traefik - - app - - web - - horizon - - scheduler - - mcp - - redis - - galera - - build: - fqdn: build.de.host.uk.com - ip: 46.224.93.62 - private_ip: 10.0.0.5 - type: hcloud - role: builder - ssh: - user: root - key: ~/.ssh/hostuk - port: 22 - services: - - forgejo-runner - -# --- Load Balancer --- -load_balancer: - name: hermes - fqdn: hermes.lb.host.uk.com - provider: hetzner - type: lb11 - location: fsn1 - algorithm: round_robin - backends: - - host: de - port: 80 - - host: de2 - port: 80 - health_check: - protocol: http - path: /health - interval: 15 - listeners: - - frontend: 443 - backend: 80 - protocol: https - proxy_protocol: true - ssl: - certificate: "*.host.uk.com" - san: - - host.uk.com - -# --- Private Network --- -network: - cidr: 10.0.0.0/16 - name: host-uk-internal - -# --- DNS --- -dns: - provider: cloudns - nameservers: - - ns1.lthn.io - - ns2.lthn.io - - ns3.lthn.io - - ns4.lthn.io - zones: - host.uk.com: - records: - - name: "@" - type: A - value: "{{.lb_ip}}" - ttl: 300 - - name: "*" - type: CNAME - value: hermes.lb.host.uk.com - ttl: 300 - - name: hermes.lb - type: A - value: "{{.lb_ip}}" - ttl: 300 - - name: noc - type: A - value: 77.42.42.205 - ttl: 300 - - name: de - type: A - value: 116.202.82.115 - ttl: 300 - - name: de2 - type: A - value: 88.99.195.41 - ttl: 300 - - name: build.de - type: A - value: 46.224.93.62 - ttl: 300 - -# --- SSL --- -ssl: - wildcard: - domains: - - "*.host.uk.com" - - host.uk.com - method: dns-01 - dns_provider: cloudns - termination: load_balancer - -# --- Database --- -database: - engine: mariadb - version: "11" - cluster: galera - nodes: - - host: de - port: 3306 - - host: de2 - port: 3306 - sst_method: mariabackup - backup: - schedule: "0 3 * * *" - destination: s3 - bucket: hostuk - prefix: backup/galera/ - -# --- Cache --- -cache: - engine: redis - version: "7" - sentinel: true - nodes: - - host: de - port: 6379 - - host: de2 - port: 6379 - -# --- Containers (per app server) --- -containers: - app: - image: host-uk/app:latest - port: 9000 - runtime: php-fpm - replicas: 1 - - web: - image: host-uk/web:latest - port: 80 - runtime: nginx - depends_on: [app] - - horizon: - image: host-uk/app:latest - command: php artisan horizon - replicas: 1 - - scheduler: - image: host-uk/app:latest - command: php artisan schedule:work - replicas: 1 - - mcp: - image: host-uk/core:latest - port: 9000 - command: core mcp serve - replicas: 1 - -# --- Object Storage --- -s3: - endpoint: fsn1.your-objectstorage.com - buckets: - hostuk: - purpose: infra - paths: - - backup/galera/ - - backup/coolify/ - - backup/certs/ - host-uk: - purpose: media - paths: - - uploads/ - - assets/ - -# --- CDN --- -cdn: - provider: bunnycdn - origin: hermes.lb.host.uk.com - zones: - - "*.host.uk.com" - -# --- CI/CD --- -cicd: - provider: forgejo - url: https://gitea.snider.dev - runner: build.de - registry: gitea.snider.dev - deploy_hook: coolify - -# --- Monitoring --- -monitoring: - health_endpoints: - - url: https://host.uk.com/health - interval: 60 - - url: https://bio.host.uk.com/health - interval: 60 - alerts: - galera_cluster_size: 2 - redis_sentinel_quorum: 2 - -# --- Backups --- -backups: - daily: - - name: galera - type: mysqldump - destination: s3://hostuk/backup/galera/ - - name: coolify - type: tar - destination: s3://hostuk/backup/coolify/ - - name: certs - type: tar - destination: s3://hostuk/backup/certs/ - weekly: - - name: snapshot - type: hcloud-snapshot - hosts: [noc, build] diff --git a/install.bat b/install.bat index 8f8a4eee..0fc54bc9 100644 --- a/install.bat +++ b/install.bat @@ -27,13 +27,14 @@ if "!VARIANT!"=="{{CORE_VARIANT}}" ( REM === Configuration === set "VERSION=%~1" if "%VERSION%"=="" set "VERSION=latest" -set "REPO=host-uk/core" +set "FORGE=https://forge.lthn.ai" +set "REPO=core/cli" set "BINARY=core" set "INSTALL_DIR=%LOCALAPPDATA%\Programs\core" REM === Resolve Version === if "%VERSION%"=="latest" ( - for /f "tokens=2 delims=:" %%a in ('curl -fsSL --max-time 10 "https://api.github.com/repos/%REPO%/releases/latest" ^| findstr "tag_name"') do ( + for /f "tokens=2 delims=:" %%a in ('curl -fsSL --max-time 10 "%FORGE%/api/v1/repos/%REPO%/releases/latest" ^| findstr "tag_name"') do ( set "VERSION=%%a" set "VERSION=!VERSION:"=!" set "VERSION=!VERSION: =!" @@ -121,7 +122,7 @@ set "_result=%~2" REM Try variant-specific first, then full if not "%_variant%"=="" ( set "_try=%BINARY%-%_variant%-windows-amd64.zip" - curl -fsSLI --max-time 10 "https://github.com/%REPO%/releases/download/!VERSION!/!_try!" 2>nul | findstr /r "HTTP/[12].* [23][0-9][0-9]" >nul + curl -fsSLI --max-time 10 "%FORGE%/%REPO%/releases/download/!VERSION!/!_try!" 2>nul | findstr /r "HTTP/[12].* [23][0-9][0-9]" >nul if not errorlevel 1 ( set "%_result%=!_try!" exit /b 0 @@ -133,7 +134,7 @@ set "%_result%=%BINARY%-windows-amd64.zip" exit /b 0 :download_and_extract -curl -fsSL --connect-timeout 10 "https://github.com/%REPO%/releases/download/!VERSION!/!ARCHIVE!" -o "%TEMP%\!ARCHIVE!" +curl -fsSL --connect-timeout 10 "%FORGE%/%REPO%/releases/download/!VERSION!/!ARCHIVE!" -o "%TEMP%\!ARCHIVE!" if errorlevel 1 ( echo ERROR: Failed to download !ARCHIVE! exit /b 1 diff --git a/install.sh b/install.sh index ecb879f1..8e03a70a 100644 --- a/install.sh +++ b/install.sh @@ -25,7 +25,8 @@ VARIANT="{{CORE_VARIANT}}" # go, php, agent (when MODE=variant) # === Configuration === VERSION="${1:-latest}" -REPO="host-uk/core" +FORGE="https://forge.lthn.ai" +REPO="core/cli" BINARY="core" # === Colours === @@ -62,9 +63,9 @@ detect_platform() { resolve_version() { if [ "$VERSION" = "latest" ]; then info "Fetching latest version..." - VERSION=$(curl -fsSL --max-time 10 "https://api.github.com/repos/${REPO}/releases/latest" | grep '"tag_name"' | sed -E 's/.*"([^"]+)".*/\1/') + VERSION=$(curl -fsSL --max-time 10 "${FORGE}/api/v1/repos/${REPO}/releases/latest" | grep '"tag_name"' | sed -E 's/.*"([^"]+)".*/\1/') if [ -z "$VERSION" ]; then - error "Failed to fetch latest version from GitHub API" + error "Failed to fetch latest version from Forge API" fi fi } @@ -88,7 +89,7 @@ find_archive() { candidates+=("${base}-${OS}-${ARCH}.tar.gz") for archive in "${candidates[@]}"; do - local url="https://github.com/${REPO}/releases/download/${VERSION}/${archive}" + local url="${FORGE}/${REPO}/releases/download/${VERSION}/${archive}" if url_exists "$url"; then ARCHIVE="$archive" DOWNLOAD_URL="$url"