Snider 3993d0583e Secure SSH and TLS connections, and fix CI issues ... Addresses security concerns from OWASP audit and CodeQL by enforcing strict host key verification and TLS certificate verification. Security Changes: - Enforced strict SSH host key checking in pkg/container and devops. - Removed insecure SSH host key verification from pkg/ansible. - Added synchronous host key discovery during VM boot using ssh-keyscan. - Updated UniFi client to enforce TLS certificate verification by default. - Added --insecure flag and config option for UniFi to allow opt-in to skipping TLS verification for self-signed certificates. CI and Maintenance: - Fixed auto-merge workflow by providing repository context to 'gh' command. - Resolved merge conflicts in .github/workflows/auto-merge.yml. - Added unit tests for secured Ansible SSH client. - Fixed formatting issues identified by QA checks.		2026-02-05 03:48:42 +00:00
..
agent-verify.yml	refactor(core): decompose Core into serviceManager + messageBus (#282)	2026-02-04 13:40:16 +00:00
alpha-release.yml	Secure SSH, fix CI auto-merge, and resolve merge conflicts	2026-02-05 03:40:28 +00:00
auto-label.yml	ci(workflows): use host-uk/build@dev for releases (#264)	2026-02-04 08:54:24 +00:00
auto-merge.yml	Secure SSH and TLS connections, and fix CI issues	2026-02-05 03:48:42 +00:00
auto-project.yml	refactor(core): decompose Core into serviceManager + messageBus (#282)	2026-02-04 13:40:16 +00:00
ci.yml	refactor(core): decompose Core into serviceManager + messageBus (#282)	2026-02-04 13:40:16 +00:00
coverage.yml	refactor(core): decompose Core into serviceManager + messageBus (#282)	2026-02-04 13:40:16 +00:00
pr-build.yml	refactor(core): decompose Core into serviceManager + messageBus (#282)	2026-02-04 13:40:16 +00:00
pr-gate.yml	ci(workflows): replace inline pr-gate and auto-merge with org reusable callers (#303)	2026-02-04 17:51:00 +00:00
release.yml	Secure SSH, fix CI auto-merge, and resolve merge conflicts	2026-02-05 03:40:28 +00:00