mycelium/www_migrate_mycelium
31
0
Fork 0
Code Issues 1 Pull requests Projects Releases 7 Packages 1 Wiki Activity Actions

Release: merge development into main #39

Merged
mik-tf merged 6 commits from development into main 2026-03-02 03:59:54 +00:00
Conversation 0 Commits 6 Files changed 10 +469 -127
mik-tf commented 2026-03-02 03:57:07 +00:00
Member
Copy link

Merges security hardening (#37/#38) and test improvements into main for production release.

Changes

  • Security hardening: CORS, error sanitization, pending session cap, signer verification, float precision, farm_ids validation, RPC timeouts, body size limit
  • Deploy: Caddy security headers, Docker port binding, gateway HTTPS
  • Tests: security smoke tests, CI live backend smoke test step, Makefile targets

All CI checks passed on development (run #112).

Merges security hardening (#37/#38) and test improvements into main for production release. ## Changes - Security hardening: CORS, error sanitization, pending session cap, signer verification, float precision, farm_ids validation, RPC timeouts, body size limit - Deploy: Caddy security headers, Docker port binding, gateway HTTPS - Tests: security smoke tests, CI live backend smoke test step, Makefile targets All CI checks passed on development (run #112).
test: verify independent dev/prod deploys
All checks were successful
Test / check (push) Successful in 2m8s
Details
Deploy Dev / build-and-deploy (push) Successful in 6m52s
Details
0d676baafc
revert: remove test change from deploy verification
All checks were successful
Test / check (push) Successful in 3m35s
Details
Deploy Dev / build-and-deploy (push) Successful in 7m34s
Details
efc22c3ab1
security: harden backend and deploy configuration
Some checks failed
Test / check (pull_request) Failing after 1m27s
Details
a463b408e7 
Restrict CORS to known origins, sanitize all error messages,
add pending session cap, signer verification on submit,
float precision fix, farm_ids validation, RPC timeouts,
body size limit, Caddy security headers, and Docker port binding.

Closes #37

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
test: add security smoke tests, CI smoke test step, Makefile targets
Some checks failed
Test / check (pull_request) Failing after 1m21s
Details
fd8366bdb6 
Add security-smoke-test.sh covering CORS rejection, error sanitization,
body size limits, signer verification, and farm_ids validation.
Wire into CI via live backend smoke test step, and add Makefile targets
for security-smoke-test and run-smoke-tests.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
style: fix rustfmt formatting
All checks were successful
Test / check (pull_request) Successful in 2m50s
Details
28c83d9bb0 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Merge pull request 'Security hardening: CORS, error sanitization, rate limiting, input validation' (#38) from development_security_hardening into development
All checks were successful
Test / check (push) Successful in 2m38s
Details
Test / check (pull_request) Successful in 2m32s
Details
Deploy Dev / build-and-deploy (push) Successful in 7m3s
Details
2f05286da8 
Reviewed-on: #38
mik-tf merged commit 18d5910e0d into main 2026-03-02 03:59:54 +00:00
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels
No items
No labels
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
mycelium/www_migrate_mycelium!39
No description provided.