aitbc
214c1b65ec
ci: migrate from requirements.txt to poetry.lock as source of truth
...
Coverage Phase 1 (70% Target) / test-coverage-70 (push) Has been cancelled
Coverage Phase 2 (85% Target) / test-coverage-85 (push) Has been cancelled
Cross-Node Transaction Testing / transaction-test (push) Has been cancelled
Deploy to Testnet / deploy-testnet (push) Has been cancelled
Integration Tests / test-service-integration (push) Has been cancelled
Multi-Node Stress Testing / stress-test (push) Has been cancelled
Python Tests / test-python (push) Has been cancelled
Security Scanning / security-scan (push) Has been cancelled
Documentation Validation / validate-docs (push) Has been cancelled
Documentation Validation / validate-policies-strict (push) Has been cancelled
CLI Tests / test-cli (push) Has been cancelled
Package Tests / Python package - aitbc-agent-sdk (push) Has been cancelled
Package Tests / Python package - aitbc-core (push) Has been cancelled
Package Tests / Python package - aitbc-crypto (push) Has been cancelled
Package Tests / Python package - aitbc-sdk (push) Has been cancelled
Package Tests / JavaScript package - aitbc-sdk-js (push) Has been cancelled
Package Tests / JavaScript package - aitbc-token (push) Has been cancelled
Smart Contract Tests / test-solidity (map[name:aitbc-contracts path:contracts]) (push) Has been cancelled
Smart Contract Tests / test-solidity (map[name:aitbc-token path:packages/solidity/aitbc-token]) (push) Has been cancelled
Smart Contract Tests / test-foundry (push) Has been cancelled
Smart Contract Tests / lint-solidity (push) Has been cancelled
Smart Contract Tests / deploy-contracts (push) Has been cancelled
- Updated CI workflows to track poetry.lock instead of requirements.txt
- Removed check-requirements-sync.py step from python-tests.yml
- Updated dependency_scanner.py default from requirements.txt to pyproject.toml
- Replaced all print() with click.echo() in deploy_edge_node.py (CLI script)
- Replaced print() with logger.warning() in zk_cache.py
- Updated setup.py files to read dependencies from pyproject.toml via tomli
- Removed
2026-05-25 15:10:12 +02:00
aitbc
573aae065b
feat: complete codebase remediation with all phases
...
Coverage Phase 1 (70% Target) / test-coverage-70 (push) Failing after 19s
Coverage Phase 2 (85% Target) / test-coverage-85 (push) Failing after 18s
Cross-Chain Functionality Tests / test-cross-chain-sync (push) Successful in 3s
Cross-Chain Functionality Tests / test-cross-chain-transactions (push) Successful in 4s
Cross-Chain Functionality Tests / test-multi-chain-consensus (push) Successful in 5s
Deploy to Testnet / deploy-testnet (push) Failing after 21s
Documentation Validation / validate-docs (push) Failing after 13s
Documentation Validation / validate-policies-strict (push) Successful in 4s
Integration Tests / test-service-integration (push) Failing after 2s
Multi-Chain Island Architecture Tests / test-multi-chain-island (push) Successful in 4s
Multi-Node Blockchain Health Monitoring / health-check (push) Failing after 14s
Node Failover Simulation / failover-test (push) Successful in 9s
P2P Network Verification / p2p-verification (push) Successful in 5s
Package Tests / Python package - aitbc-agent-sdk (push) Successful in 51s
Package Tests / Python package - aitbc-core (push) Failing after 3s
Package Tests / Python package - aitbc-crypto (push) Successful in 22s
Package Tests / Python package - aitbc-sdk (push) Successful in 16s
Package Tests / JavaScript package - aitbc-sdk-js (push) Successful in 21s
Package Tests / JavaScript package - aitbc-token (push) Failing after 18s
Production Tests / Production Integration Tests (push) Failing after 1m9s
Python Tests / test-python (push) Failing after 3s
Security Scanning / security-scan (push) Failing after 41s
Smart Contract Tests / test-solidity (map[name:aitbc-contracts path:contracts]) (push) Failing after 6s
Smart Contract Tests / test-solidity (map[name:aitbc-token path:packages/solidity/aitbc-token]) (push) Failing after 7s
Smart Contract Tests / test-foundry (push) Failing after 20s
Smart Contract Tests / lint-solidity (push) Failing after 4s
Smart Contract Tests / deploy-contracts (push) Failing after 5s
Cross-Chain Functionality Tests / aggregate-results (push) Successful in 2s
Multi-Node Stress Testing / stress-test (push) Successful in 2s
Cross-Node Transaction Testing / transaction-test (push) Successful in 3s
Phase 1: Security fixes
- Added CORSMiddleware to marketplace-service with specific origins
- Fixed blockchain-node auth to fail closed on JWT errors
- Added security regression tests (test_cors_configuration.py, test_dispute_auth.py)
Phase 2: Repository cleanup
- Removed 51 fix/backup/legacy files
- Deleted marketplace-service-debug directory
Phase 3.1: Python version constraints
- Updated aitbc-crypto and aitbc-sdk with requires-python >=3.13
- Added explicit [tool.poetry].packages declarations
Phase 3.2: Agent service DI architecture
- Created aitbc-agent-core package with protocols and shared service
- Implemented adapters for agent-management and coordinator-api
- Created factory functions for gradual migration
- Added migration comments to existing integration files
Phase 4.1: Auth/utils extraction
- Created auth.py module with JWT validation and security utilities
- Created utils.py module with common helpers
Phase 4.2: Router decomposition
- Decomposed router.py into 10 domain modules (58 endpoints)
- Created route table snapshot for verification
- Preserved router_old.py as reference
Phase 5: App shell classification
- Documented app shell patterns across services
Phase 6: Quality gates
- Verified mypy type checking (75% error reduction)
- Analyzed logging inconsistencies with structlog migration plan
- Removed unused orjson dependency
Documentation:
- Created comprehensive remediation report
- Added architecture documentation for DI pattern
- Added quality analysis documents
2026-05-24 20:21:23 +02:00
aitbc
13ada12b49
Security fixes: wildcard CORS, JWT auth, zero-address fallback
...
Phase 1 security remediation from codebase analysis:
CORS fixes:
- Replace wildcard CORS with safe localhost defaults in agent-coordinator
- Replace wildcard CORS with safe localhost defaults in marketplace
- Fix 8 additional wildcard CORS instances in coordinator-api apps:
- hermes_enhanced_app.py
- api_gateway.py
- modality_optimization_app.py
- multimodal_app.py
- gpu_multimodal_app.py
- marketplace_enhanced_app.py
- advanced_ai_service.py
- adaptive_learning_app.py
- Add CORS configuration security tests
Blockchain-node auth fixes:
- JWT authentication now fails closed with clear error message
- X-Wallet-Address already gated behind TRUST_X_WALLET_ADDRESS env var
- Remove zero-address fallback from arbitration vote submission
- Add regression test for zero-address rejection in arbitration
Tests:
- Update dispute auth tests to reflect new JWT error message
- Add test_arbitration_vote_zero_address_rejected
- Add test_cors_configuration.py with 5 CORS validation tests
2026-05-24 19:31:26 +02:00
aitbc
99d1666eda
cleanup: remove legacy coordinator-api entrypoints and backup files
...
- Delete unused main_enhanced.py, main_minimal.py, main_simple.py variants
- Delete config.py.backup, main.py.backup, db.py.backup files
- Delete 14 additional backup/temp files across the repo
- Clean up technical debt from report item #6
2026-04-30 08:33:18 +02:00
aitbc
4a649ac631
Migrate marketplace app to centralized aitbc package utilities
...
- Migrate 3 files from logging to aitbc.get_logger
- scripts/real_marketplace_launcher.py, scripts/marketplace.py, scripts/gpu_marketplace_launcher.py
- Remove logging.basicConfig() from all files
2026-04-25 07:12:42 +02:00
aitbc
2c2c2df585
feat: comprehensive security remediation - CodeQL fixes and best practices
...
API Endpoint Tests / test-api-endpoints (push) Successful in 11s
Blockchain Synchronization Verification / sync-verification (push) Failing after 1s
Documentation Validation / validate-docs (push) Successful in 11s
Documentation Validation / validate-policies-strict (push) Successful in 4s
Integration Tests / test-service-integration (push) Successful in 39s
Multi-Node Blockchain Health Monitoring / health-check (push) Successful in 2s
P2P Network Verification / p2p-verification (push) Successful in 3s
Production Tests / Production Integration Tests (push) Failing after 6s
Python Tests / test-python (push) Successful in 10s
Security Scanning / security-scan (push) Failing after 10s
Phase 1: Dependency Vulnerabilities
- Resolved 72/72 GitHub Dependabot vulnerabilities (100%)
- Updated cryptography, ecdsa, black, orjson, python-multipart
Phase 2: CodeQL Static Analysis (25+ categories)
- Fixed 100+ information exposure instances (str(e) → generic messages)
- Fixed 9 clear-text logging/storage instances
- Fixed 9 log injection instances (user data removed from logs)
- Fixed 2 hardcoded credential instances
- Fixed 15 print statements (replaced with logger)
- Added SSRF and path validation (18 alerts with robust validation)
- 20+ additional categories scanned (0 issues found)
Phase 3: CodeQL Infrastructure
- Created GitHub Actions CodeQL workflow
- Created CodeQL suppression file for false positives
- Moved CodeQL database to /var/lib/aitbc/codeql-db
Phase 4: Security Documentation
- Updated SECURITY_FIXES_SUMMARY.md with comprehensive details
- Documented security best practices for developers
Files modified: 48 files across coordinator-api, agent-services, blockchain-node, exchange, wallet, scripts, and infrastructure
2026-04-24 10:42:29 +02:00
aitbc
e60cc3226c
Add sys import to test files and remove obsolete integration tests
...
API Endpoint Tests / test-api-endpoints (push) Successful in 9s
Blockchain Synchronization Verification / sync-verification (push) Failing after 1s
CLI Tests / test-cli (push) Failing after 3s
Documentation Validation / validate-docs (push) Successful in 6s
Documentation Validation / validate-policies-strict (push) Successful in 2s
Integration Tests / test-service-integration (push) Successful in 40s
Multi-Node Blockchain Health Monitoring / health-check (push) Successful in 1s
P2P Network Verification / p2p-verification (push) Successful in 2s
Production Tests / Production Integration Tests (push) Successful in 21s
Python Tests / test-python (push) Successful in 13s
Security Scanning / security-scan (push) Failing after 46s
Smart Contract Tests / test-solidity (map[name:aitbc-token path:packages/solidity/aitbc-token]) (push) Successful in 17s
Smart Contract Tests / lint-solidity (push) Successful in 10s
- Add sys import to 29 test files across agent-coordinator, blockchain-event-bridge, blockchain-node, and coordinator-api
- Remove apps/blockchain-event-bridge/tests/test_integration.py (obsolete bridge integration tests)
- Remove apps/coordinator-api/tests/test_integration.py (obsolete API integration tests)
- Implement GPU registration in marketplace_gpu.py with GPURegistry model persistence
2026-04-23 16:43:17 +02:00
aitbc
522655ef92
Move blockchain app READMEs to centralized documentation
...
API Endpoint Tests / test-api-endpoints (push) Successful in 10s
Blockchain Synchronization Verification / sync-verification (push) Failing after 3s
CLI Tests / test-cli (push) Failing after 4s
Documentation Validation / validate-docs (push) Successful in 8s
Documentation Validation / validate-policies-strict (push) Successful in 4s
Integration Tests / test-service-integration (push) Successful in 38s
Multi-Node Blockchain Health Monitoring / health-check (push) Successful in 2s
P2P Network Verification / p2p-verification (push) Successful in 3s
Security Scanning / security-scan (push) Successful in 40s
Smart Contract Tests / test-solidity (map[name:aitbc-token path:packages/solidity/aitbc-token]) (push) Successful in 15s
Smart Contract Tests / lint-solidity (push) Successful in 8s
- Relocate blockchain-event-bridge README content to docs/apps/blockchain/blockchain-event-bridge.md
- Relocate blockchain-explorer README content to docs/apps/blockchain/blockchain-explorer.md
- Replace app READMEs with redirect notices pointing to new documentation location
- Consolidate documentation in central docs/ directory for better organization
2026-04-23 12:24:48 +02:00
aitbc
ca34b6fee3
Consolidate service scripts into apps directories
...
Integration Tests / test-service-integration (push) Has been cancelled
Python Tests / test-python (push) Has been cancelled
Security Scanning / security-scan (push) Has been cancelled
Systemd Sync / sync-systemd (push) Has been cancelled
- Move blockchain scripts to apps/blockchain-node/scripts/
- Move marketplace scripts to apps/marketplace/scripts/
- Move agent daemon to apps/agent-coordinator/scripts/
- Move monitor to apps/monitor/
- Update systemd service files to point to new locations
- Update internal path references in moved scripts
- Remove empty /opt/aitbc/services directory
2026-04-15 11:56:03 +02:00
AITBC System
b033923756
chore: normalize file permissions across repository
...
- Remove executable permissions from configuration files (.editorconfig, .env.example, .gitignore)
- Remove executable permissions from documentation files (README.md, LICENSE, SECURITY.md)
- Remove executable permissions from web assets (HTML, CSS, JS files)
- Remove executable permissions from data files (JSON, SQL, YAML, requirements.txt)
- Remove executable permissions from source code files across all apps
- Add executable permissions to Python
2026-03-08 11:26:18 +01:00
oib
15427c96c0
chore: update file permissions to executable across repository
...
- Change file mode from 644 to 755 for all project files
- Add chain_id parameter to get_balance RPC endpoint with default "ait-devnet"
- Rename Miner.extra_meta_data to extra_metadata for consistency
2026-03-06 22:17:54 +01:00
oib
bb5363bebc
refactor: consolidate blockchain explorer into single app and update backup ignore patterns
...
- Remove standalone explorer-web app (README, HTML, package files)
- Add /web endpoint to blockchain-explorer for web interface access
- Update .gitignore to exclude application backup archives (*.tar.gz, *.zip)
- Add backup documentation files to .gitignore (BACKUP_INDEX.md, README.md)
- Consolidate explorer functionality into main blockchain-explorer application
2026-03-06 18:14:49 +01:00
