oib/aitbc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,182 Commits 1 Branch 2 Tags
80a9e890c5a8b77e618a7ae5b77a65f96ae6c561
Commit Graph

8 Commits

Author SHA1 Message Date
aitbc
4a649ac631 Migrate marketplace app to centralized aitbc package utilities 
- Migrate 3 files from logging to aitbc.get_logger
- scripts/real_marketplace_launcher.py, scripts/marketplace.py, scripts/gpu_marketplace_launcher.py
- Remove logging.basicConfig() from all files
 2026-04-25 07:12:42 +02:00
aitbc
2c2c2df585 feat: comprehensive security remediation - CodeQL fixes and best practices
Some checks failed
API Endpoint Tests / test-api-endpoints (push) Successful in 11s
Details
Blockchain Synchronization Verification / sync-verification (push) Failing after 1s
Details
Documentation Validation / validate-docs (push) Successful in 11s
Details
Documentation Validation / validate-policies-strict (push) Successful in 4s
Details
Integration Tests / test-service-integration (push) Successful in 39s
Details
Multi-Node Blockchain Health Monitoring / health-check (push) Successful in 2s
Details
P2P Network Verification / p2p-verification (push) Successful in 3s
Details
Production Tests / Production Integration Tests (push) Failing after 6s
Details
Python Tests / test-python (push) Successful in 10s
Details
Security Scanning / security-scan (push) Failing after 10s
Details 
Phase 1: Dependency Vulnerabilities
- Resolved 72/72 GitHub Dependabot vulnerabilities (100%)
- Updated cryptography, ecdsa, black, orjson, python-multipart

Phase 2: CodeQL Static Analysis (25+ categories)
- Fixed 100+ information exposure instances (str(e) → generic messages)
- Fixed 9 clear-text logging/storage instances
- Fixed 9 log injection instances (user data removed from logs)
- Fixed 2 hardcoded credential instances
- Fixed 15 print statements (replaced with logger)
- Added SSRF and path validation (18 alerts with robust validation)
- 20+ additional categories scanned (0 issues found)

Phase 3: CodeQL Infrastructure
- Created GitHub Actions CodeQL workflow
- Created CodeQL suppression file for false positives
- Moved CodeQL database to /var/lib/aitbc/codeql-db

Phase 4: Security Documentation
- Updated SECURITY_FIXES_SUMMARY.md with comprehensive details
- Documented security best practices for developers

Files modified: 48 files across coordinator-api, agent-services, blockchain-node, exchange, wallet, scripts, and infrastructure
 2026-04-24 10:42:29 +02:00
aitbc
e60cc3226c Add sys import to test files and remove obsolete integration tests
Some checks failed
API Endpoint Tests / test-api-endpoints (push) Successful in 9s
Details
Blockchain Synchronization Verification / sync-verification (push) Failing after 1s
Details
CLI Tests / test-cli (push) Failing after 3s
Details
Documentation Validation / validate-docs (push) Successful in 6s
Details
Documentation Validation / validate-policies-strict (push) Successful in 2s
Details
Integration Tests / test-service-integration (push) Successful in 40s
Details
Multi-Node Blockchain Health Monitoring / health-check (push) Successful in 1s
Details
P2P Network Verification / p2p-verification (push) Successful in 2s
Details
Production Tests / Production Integration Tests (push) Successful in 21s
Details
Python Tests / test-python (push) Successful in 13s
Details
Security Scanning / security-scan (push) Failing after 46s
Details
Smart Contract Tests / test-solidity (map[name:aitbc-token path:packages/solidity/aitbc-token]) (push) Successful in 17s
Details
Smart Contract Tests / lint-solidity (push) Successful in 10s
Details 
- Add sys import to 29 test files across agent-coordinator, blockchain-event-bridge, blockchain-node, and coordinator-api
- Remove apps/blockchain-event-bridge/tests/test_integration.py (obsolete bridge integration tests)
- Remove apps/coordinator-api/tests/test_integration.py (obsolete API integration tests)
- Implement GPU registration in marketplace_gpu.py with GPURegistry model persistence
 2026-04-23 16:43:17 +02:00
aitbc
522655ef92 Move blockchain app READMEs to centralized documentation
Some checks failed
API Endpoint Tests / test-api-endpoints (push) Successful in 10s
Details
Blockchain Synchronization Verification / sync-verification (push) Failing after 3s
Details
CLI Tests / test-cli (push) Failing after 4s
Details
Documentation Validation / validate-docs (push) Successful in 8s
Details
Documentation Validation / validate-policies-strict (push) Successful in 4s
Details
Integration Tests / test-service-integration (push) Successful in 38s
Details
Multi-Node Blockchain Health Monitoring / health-check (push) Successful in 2s
Details
P2P Network Verification / p2p-verification (push) Successful in 3s
Details
Security Scanning / security-scan (push) Successful in 40s
Details
Smart Contract Tests / test-solidity (map[name:aitbc-token path:packages/solidity/aitbc-token]) (push) Successful in 15s
Details
Smart Contract Tests / lint-solidity (push) Successful in 8s
Details 
- Relocate blockchain-event-bridge README content to docs/apps/blockchain/blockchain-event-bridge.md
- Relocate blockchain-explorer README content to docs/apps/blockchain/blockchain-explorer.md
- Replace app READMEs with redirect notices pointing to new documentation location
- Consolidate documentation in central docs/ directory for better organization
 2026-04-23 12:24:48 +02:00
aitbc
ca34b6fee3 Consolidate service scripts into apps directories
Some checks failed
Integration Tests / test-service-integration (push) Has been cancelled
Details
Python Tests / test-python (push) Has been cancelled
Details
Security Scanning / security-scan (push) Has been cancelled
Details
Systemd Sync / sync-systemd (push) Has been cancelled
Details 
- Move blockchain scripts to apps/blockchain-node/scripts/
- Move marketplace scripts to apps/marketplace/scripts/
- Move agent daemon to apps/agent-coordinator/scripts/
- Move monitor to apps/monitor/
- Update systemd service files to point to new locations
- Update internal path references in moved scripts
- Remove empty /opt/aitbc/services directory
 2026-04-15 11:56:03 +02:00
AITBC System
b033923756 chore: normalize file permissions across repository 
- Remove executable permissions from configuration files (.editorconfig, .env.example, .gitignore)
- Remove executable permissions from documentation files (README.md, LICENSE, SECURITY.md)
- Remove executable permissions from web assets (HTML, CSS, JS files)
- Remove executable permissions from data files (JSON, SQL, YAML, requirements.txt)
- Remove executable permissions from source code files across all apps
- Add executable permissions to Python
 2026-03-08 11:26:18 +01:00
oib
15427c96c0 chore: update file permissions to executable across repository 
- Change file mode from 644 to 755 for all project files
- Add chain_id parameter to get_balance RPC endpoint with default "ait-devnet"
- Rename Miner.extra_meta_data to extra_metadata for consistency
 2026-03-06 22:17:54 +01:00
oib
bb5363bebc refactor: consolidate blockchain explorer into single app and update backup ignore patterns 
- Remove standalone explorer-web app (README, HTML, package files)
- Add /web endpoint to blockchain-explorer for web interface access
- Update .gitignore to exclude application backup archives (*.tar.gz, *.zip)
- Add backup documentation files to .gitignore (BACKUP_INDEX.md, README.md)
- Consolidate explorer functionality into main blockchain-explorer application
 2026-03-06 18:14:49 +01:00