Dorian 7cf87efbaa security: RBAC viewer role, identity label length, error sanitization ...

- RBAC: Viewer role changed from prefix "system." to explicit allowlist
  of safe read-only methods. Prevents Viewer access to system.factory-reset,
  system.shutdown, system.reboot, system.disk-cleanup.
- identity.create: Name/label param now enforces max 100 chars.
- sanitize_error_message: Changed from contains() to starts_with() for
  prefix matching, preventing internal errors that happen to contain
  user-facing keywords from leaking through.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-03-18 22:37:08 +00:00

..

.cargo

refactor: update dependencies and remove unused code

2026-03-12 00:19:30 +00:00

archipelago

security: RBAC viewer role, identity label length, error sanitization

2026-03-18 22:37:08 +00:00

container

fix: Fedimint Guardian UI on port 8175 (not 8174 API)

2026-03-18 17:31:07 +00:00

container-init

mid coding commit

2026-01-24 22:59:20 +00:00

helpers

mid coding commit

2026-01-24 22:59:20 +00:00

js-engine

mid coding commit

2026-01-24 22:59:20 +00:00

models

mid coding commit

2026-01-24 22:59:20 +00:00

parmanode

feat: complete Phase 1 foundation hardening + three-mode UI design doc

2026-03-04 05:23:42 +00:00

performance

Update archipelago: API, auth, container, parmanode, performance, security

2026-01-27 22:27:17 +00:00

security

fix: Phase 7 — key zeroization, OsRng, checked arithmetic, TOTP rate limits

2026-03-18 01:00:57 +00:00

.env.example

Add comprehensive installation and setup documentation

2026-01-27 17:18:21 +00:00

.env.production

Update README and configuration for macOS support

2026-01-28 11:12:19 +00:00

Cargo.lock

fix: BUG-33 CPU threshold, TASK-27 tab icons, TASK-36 iframe errors

2026-03-18 19:24:52 +00:00

Cargo.toml

Refactor configuration and scripts for Archipelago backend and ISO build

2026-02-01 05:42:05 +00:00