oib/aitbc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,152 Commits 1 Branch 2 Tags
55060730b2a7589c09ef00cb0b6fe3b47cc483ba
Commit Graph

8 Commits

Author SHA1 Message Date
aitbc
2c2c2df585 feat: comprehensive security remediation - CodeQL fixes and best practices
Some checks failed
API Endpoint Tests / test-api-endpoints (push) Successful in 11s
Details
Blockchain Synchronization Verification / sync-verification (push) Failing after 1s
Details
Documentation Validation / validate-docs (push) Successful in 11s
Details
Documentation Validation / validate-policies-strict (push) Successful in 4s
Details
Integration Tests / test-service-integration (push) Successful in 39s
Details
Multi-Node Blockchain Health Monitoring / health-check (push) Successful in 2s
Details
P2P Network Verification / p2p-verification (push) Successful in 3s
Details
Production Tests / Production Integration Tests (push) Failing after 6s
Details
Python Tests / test-python (push) Successful in 10s
Details
Security Scanning / security-scan (push) Failing after 10s
Details 
Phase 1: Dependency Vulnerabilities
- Resolved 72/72 GitHub Dependabot vulnerabilities (100%)
- Updated cryptography, ecdsa, black, orjson, python-multipart

Phase 2: CodeQL Static Analysis (25+ categories)
- Fixed 100+ information exposure instances (str(e) → generic messages)
- Fixed 9 clear-text logging/storage instances
- Fixed 9 log injection instances (user data removed from logs)
- Fixed 2 hardcoded credential instances
- Fixed 15 print statements (replaced with logger)
- Added SSRF and path validation (18 alerts with robust validation)
- 20+ additional categories scanned (0 issues found)

Phase 3: CodeQL Infrastructure
- Created GitHub Actions CodeQL workflow
- Created CodeQL suppression file for false positives
- Moved CodeQL database to /var/lib/aitbc/codeql-db

Phase 4: Security Documentation
- Updated SECURITY_FIXES_SUMMARY.md with comprehensive details
- Documented security best practices for developers

Files modified: 48 files across coordinator-api, agent-services, blockchain-node, exchange, wallet, scripts, and infrastructure
 2026-04-24 10:42:29 +02:00
aitbc
d22f795b56 Update README and documentation index for v0.3.2 release
All checks were successful
Documentation Validation / validate-docs (push) Successful in 6s
Details
Documentation Validation / validate-policies-strict (push) Successful in 4s
Details
Python Tests / test-python (push) Successful in 12s
Details 
- Simplify root README to focus on implemented features and quick navigation
  - Replace verbose project structure with concise feature list
  - Remove recent achievements section (moved to release notes)
  - Add direct links to master index and main documentation
- Update MASTER_INDEX.md to focus on documentation catalog
  - Remove project completion status (moved to release notes)
  - Remove learning path sections (kept in individual path
 2026-04-23 17:04:03 +02:00
AITBC System
fe3e8b82e5 refactor: remove Docker configuration files - transitioning to native deployment 
- Remove Dockerfile for CLI multi-stage build
- Remove docker-compose.yml with 20+ service definitions
- Remove containerized deployment infrastructure (blockchain, consensus, network nodes)
- Remove plugin ecosystem services (registry, marketplace, security, analytics)
- Remove global infrastructure and AI agent services
- Remove monitoring stack (Prometheus, Grafana) and nginx reverse proxy
- Remove database services
 2026-03-18 20:44:21 +01:00
AITBC System
6cb51c270c docs(planning): clean up next milestone document and remove completion markers 
- Remove excessive completion checkmarks and status markers throughout document
- Consolidate redundant sections on completed features
- Streamline executive summary and current status sections
- Focus content on upcoming quick wins and active tasks
- Remove duplicate phase completion listings
- Clean up success metrics and KPI sections
- Maintain essential planning information while reducing noise
 2026-03-08 13:42:14 +01:00
AITBC System
b033923756 chore: normalize file permissions across repository 
- Remove executable permissions from configuration files (.editorconfig, .env.example, .gitignore)
- Remove executable permissions from documentation files (README.md, LICENSE, SECURITY.md)
- Remove executable permissions from web assets (HTML, CSS, JS files)
- Remove executable permissions from data files (JSON, SQL, YAML, requirements.txt)
- Remove executable permissions from source code files across all apps
- Add executable permissions to Python
 2026-03-08 11:26:18 +01:00
oib
15427c96c0 chore: update file permissions to executable across repository 
- Change file mode from 644 to 755 for all project files
- Add chain_id parameter to get_balance RPC endpoint with default "ait-devnet"
- Rename Miner.extra_meta_data to extra_metadata for consistency
 2026-03-06 22:17:54 +01:00
oib
f0c7cd321e docs: run automated documentation updates workflow 2026-03-03 20:48:51 +01:00
oib
f353e00172 chore(security): enhance environment configuration, CI workflows, and wallet daemon with security improvements 
- Restructure .env.example with security-focused documentation, service-specific environment file references, and AWS Secrets Manager integration
- Update CLI tests workflow to single Python 3.13 version, add pytest-mock dependency, and consolidate test execution with coverage
- Add comprehensive security validation to package publishing workflow with manual approval gates, secret scanning, and release
 2026-03-03 10:33:46 +01:00