3103debecf37cc78980544ba4e0825d6c83d6b58
6 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
aitbc
|
65eabea9e4 |
fix: update setup_production.py to use root instead of aitbc user
All checks were successful
Multi-Node Blockchain Health Monitoring / health-check (push) Successful in 3s
- Change chown from aitbc:aitbc to root:root for keystore directory - Consistent with systemd service configuration (services run as root) - Removes dependency on aitbc system user |
||
|
aitbc
|
2c2c2df585 |
feat: comprehensive security remediation - CodeQL fixes and best practices
Some checks failed
API Endpoint Tests / test-api-endpoints (push) Successful in 11s
Blockchain Synchronization Verification / sync-verification (push) Failing after 1s
Documentation Validation / validate-docs (push) Successful in 11s
Documentation Validation / validate-policies-strict (push) Successful in 4s
Integration Tests / test-service-integration (push) Successful in 39s
Multi-Node Blockchain Health Monitoring / health-check (push) Successful in 2s
P2P Network Verification / p2p-verification (push) Successful in 3s
Production Tests / Production Integration Tests (push) Failing after 6s
Python Tests / test-python (push) Successful in 10s
Security Scanning / security-scan (push) Failing after 10s
Phase 1: Dependency Vulnerabilities - Resolved 72/72 GitHub Dependabot vulnerabilities (100%) - Updated cryptography, ecdsa, black, orjson, python-multipart Phase 2: CodeQL Static Analysis (25+ categories) - Fixed 100+ information exposure instances (str(e) → generic messages) - Fixed 9 clear-text logging/storage instances - Fixed 9 log injection instances (user data removed from logs) - Fixed 2 hardcoded credential instances - Fixed 15 print statements (replaced with logger) - Added SSRF and path validation (18 alerts with robust validation) - 20+ additional categories scanned (0 issues found) Phase 3: CodeQL Infrastructure - Created GitHub Actions CodeQL workflow - Created CodeQL suppression file for false positives - Moved CodeQL database to /var/lib/aitbc/codeql-db Phase 4: Security Documentation - Updated SECURITY_FIXES_SUMMARY.md with comprehensive details - Documented security best practices for developers Files modified: 48 files across coordinator-api, agent-services, blockchain-node, exchange, wallet, scripts, and infrastructure |
||
|
aitbc
|
3c4762e51d |
security: fix clear-text storage and path traversal CodeQL alerts
- scripts/utils/setup_production.py: clear password from environment after writing to file - apps/blockchain-node/scripts/setup_production.py: clear password from memory after writing to file Fixes 2/25 CodeQL alerts related to clear-text storage of sensitive information. |
||
|
aitbc1
|
3352d63f36 |
feat: major infrastructure refactoring and optimization
All checks were successful
AITBC CLI Level 1 Commands Test / test-cli-level1 (push) Successful in 16s
api-endpoint-tests / test-api-endpoints (push) Successful in 35s
integration-tests / test-service-integration (push) Successful in 1m25s
package-tests / test-python-packages (map[name:aitbc-agent-sdk path:packages/py/aitbc-agent-sdk python_version:3.13]) (push) Successful in 16s
package-tests / test-python-packages (map[name:aitbc-cli path:. python_version:3.13]) (push) Successful in 14s
package-tests / test-python-packages (map[name:aitbc-core path:packages/py/aitbc-core python_version:3.13]) (push) Successful in 13s
package-tests / test-python-packages (map[name:aitbc-crypto path:packages/py/aitbc-crypto python_version:3.13]) (push) Successful in 10s
package-tests / test-python-packages (map[name:aitbc-sdk path:packages/py/aitbc-sdk python_version:3.13]) (push) Successful in 12s
package-tests / test-javascript-packages (map[name:aitbc-sdk node_version:24 path:packages/js/aitbc-sdk]) (push) Successful in 18s
python-tests / test-specific (push) Has been skipped
security-scanning / audit (push) Successful in 14s
systemd-sync / sync-systemd (push) Successful in 4s
package-tests / cross-language-compatibility (push) Successful in 2s
package-tests / package-integration-tests (push) Successful in 3s
Documentation Validation / validate-docs (push) Successful in 6m13s
python-tests / test (push) Successful in 14s
## 🚀 Central Virtual Environment Implementation - Created central venv at /opt/aitbc/venv for all services - Updated 34+ systemd services to use central python interpreter - Fixed PYTHONPATH configurations for proper module imports - Created aitbc-env wrapper script for environment management ## 📦 Requirements Management Overhaul - Consolidated 8 separate requirements.txt files into central requirements.txt - Added web3>=6.11.0 for blockchain functionality - Created automated requirements migrator tool (scripts/requirements_migrator.py) - Established modular requirements structure (requirements-modules/) - Generated comprehensive migration reports and documentation ## 🔧 Service Configuration Fixes - Fixed Adaptive Learning service domain imports (AgentStatus) - Resolved logging conflicts in zk_proofs and adaptive_learning_health - Created missing data modules (consumer_gpu_profiles.py) - Updated CLI to version 0.2.2 with proper import handling - Fixed infinite loop in CLI alias configuration ## 📡 Port Mapping and Service Updates - Updated blockchain node port from 8545 to 8005 - Added Adaptive Learning service on port 8010 - Consolidated P2P/sync into blockchain-node service - All 5 core services now operational and responding ## 📚 Documentation Enhancements - Updated SYSTEMD_SERVICES.md for Debian root usage (no sudo) - Added comprehensive VIRTUAL_ENVIRONMENT.md guide - Created REQUIREMENTS_MERGE_SUMMARY.md with migration details - Updated RUNTIME_DIRECTORIES.md for standard Linux paths - Fixed service port mappings and dependencies ## 🛠️ CLI Improvements - Fixed import errors and version display (0.2.2) - Resolved infinite loop in bashrc alias - Added proper error handling for missing command modules - Created aitbc-cli wrapper for clean execution ## ✅ Operational Status - 5/5 AITBC services running successfully - All health checks passing - Central virtual environment fully functional - Requirements management streamlined - Documentation accurate and up-to-date ## 🎯 Technical Achievements - Eliminated 7 redundant requirements.txt files - Reduced service startup failures from 34+ to 0 - Established modular dependency management - Created reusable migration tooling - Standardized Debian root deployment practices This represents a complete infrastructure modernization with improved reliability, maintainability, and operational efficiency. |
||
|
AITBC System
|
d7590c5852 | Merge gitea/main, preserving release v0.2.2 stability and CLI documentation | ||
| bfe6f94b75 |
chore: remove outdated documentation and reference files
Some checks failed
AITBC CI/CD Pipeline / lint-and-test (3.11) (push) Has been cancelled
AITBC CI/CD Pipeline / lint-and-test (3.12) (push) Has been cancelled
AITBC CI/CD Pipeline / lint-and-test (3.13) (push) Has been cancelled
AITBC CI/CD Pipeline / test-cli (push) Has been cancelled
AITBC CI/CD Pipeline / test-services (push) Has been cancelled
AITBC CI/CD Pipeline / test-production-services (push) Has been cancelled
AITBC CI/CD Pipeline / security-scan (push) Has been cancelled
AITBC CI/CD Pipeline / build (push) Has been cancelled
AITBC CI/CD Pipeline / deploy-staging (push) Has been cancelled
AITBC CI/CD Pipeline / deploy-production (push) Has been cancelled
AITBC CI/CD Pipeline / performance-test (push) Has been cancelled
AITBC CI/CD Pipeline / docs (push) Has been cancelled
AITBC CI/CD Pipeline / release (push) Has been cancelled
AITBC CI/CD Pipeline / notify (push) Has been cancelled
Security Scanning / Bandit Security Scan (apps/coordinator-api/src) (push) Has been cancelled
Security Scanning / Bandit Security Scan (cli/aitbc_cli) (push) Has been cancelled
Security Scanning / Bandit Security Scan (packages/py/aitbc-core/src) (push) Has been cancelled
Security Scanning / Bandit Security Scan (packages/py/aitbc-crypto/src) (push) Has been cancelled
Security Scanning / Bandit Security Scan (packages/py/aitbc-sdk/src) (push) Has been cancelled
Security Scanning / Bandit Security Scan (tests) (push) Has been cancelled
Security Scanning / CodeQL Security Analysis (javascript) (push) Has been cancelled
Security Scanning / CodeQL Security Analysis (python) (push) Has been cancelled
Security Scanning / Dependency Security Scan (push) Has been cancelled
Security Scanning / Container Security Scan (push) Has been cancelled
Security Scanning / OSSF Scorecard (push) Has been cancelled
Security Scanning / Security Summary Report (push) Has been cancelled
AITBC CLI Level 1 Commands Test / test-cli-level1 (3.11) (push) Has been cancelled
AITBC CLI Level 1 Commands Test / test-cli-level1 (3.12) (push) Has been cancelled
AITBC CLI Level 1 Commands Test / test-cli-level1 (3.13) (push) Has been cancelled
AITBC CLI Level 1 Commands Test / test-summary (push) Has been cancelled
- Remove debugging service documentation (DEBUgging_SERVICES.md) - Remove development logs policy and quick reference guides - Remove E2E test creation summary - Remove gift certificate example file - Remove GitHub pull summary documentation |
