archy

lfg2025/archy

Fork 0

Commit Graph

Author	SHA1	Message	Date
Dorian	4b5eb4ed29	test: enhance automated pentest suite (PENTEST-01) Rewrite verify-pentest-fixes.sh and test-security.sh with comprehensive security tests covering auth bypass, CSRF protection, rate limiting, input validation (SQL injection, command injection, path traversal), session fixation, SSRF, container isolation, and session lifecycle. Both scripts now pass all checks (35/35 and 14/14). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-11 14:15:53 +00:00
Dorian	e3aa95a103	fix: prevent tokio runtime deadlock in credential issue/verify The credential issuance and verification handlers used Handle::block_on() directly inside the tokio runtime, causing a deadlock. Wrapped with block_in_place() to properly yield the runtime thread. Also completed full feature verification across all 25 test groups (~175 checks) on live server. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-09 07:43:12 +00:00

Author

SHA1

Message

Date

Dorian

4b5eb4ed29

test: enhance automated pentest suite (PENTEST-01)

Rewrite verify-pentest-fixes.sh and test-security.sh with comprehensive
security tests covering auth bypass, CSRF protection, rate limiting,
input validation (SQL injection, command injection, path traversal),
session fixation, SSRF, container isolation, and session lifecycle.
Both scripts now pass all checks (35/35 and 14/14).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-03-11 14:15:53 +00:00

Dorian

e3aa95a103

fix: prevent tokio runtime deadlock in credential issue/verify

The credential issuance and verification handlers used
Handle::block_on() directly inside the tokio runtime, causing a
deadlock. Wrapped with block_in_place() to properly yield the
runtime thread.

Also completed full feature verification across all 25 test groups
(~175 checks) on live server.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-03-09 07:43:12 +00:00

2 Commits