johan
/
mission-control
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
39 Commits 1 Branch 0 Tags 12 MiB
Commit Graph

8 Commits

Author SHA1 Message Date
Nyk df06c3a2ad feat: v1.2.0 — validation hardening, unit tests, quality improvements 
- Fix task status enum mismatch (blocked → quality_review)
- Add 12 Zod schemas for all unvalidated mutation routes
- Apply validateBody() across 11 API route handlers
- Add readLimiter (120/min) for GET-heavy endpoints
- Extend heavyLimiter to search, backup, cleanup routes
- Add security headers (X-Content-Type-Options, X-Frame-Options, Referrer-Policy)
- Fill auth test stubs with real assertions (safeCompare, requireRole)
- Add validation, rate-limit, and db-helpers unit test suites (60 tests total)
- Replace as-any casts with typed interfaces (SessionQueryRow, UserQueryRow, CountRow)
- Bump version to 1.2.0, add CHANGELOG.md, update README roadmap
 2026-03-02 00:22:59 +07:00
Nyk c104b7e071 Merge remote-tracking branch 'origin/main' into feat/medium-priority-v1.1 
# Conflicts:
#	src/app/api/agents/route.ts
#	src/app/api/alerts/route.ts
#	src/app/api/auth/login/route.ts
#	src/app/api/spawn/route.ts
#	src/app/api/tasks/[id]/route.ts
#	src/app/api/tasks/route.ts
#	src/app/api/webhooks/route.ts
#	src/lib/validation.ts
 2026-02-27 21:47:56 +07:00
Nyk 321a7c2db2 feat: error boundaries, pino logger, a11y, HSTS, zod validation, export limits 2026-02-27 21:37:06 +07:00
Nyk 299faf50e3 feat: add Docker support, session controls, model catalog, API rate limiting 2026-02-27 20:56:02 +07:00
Nyk 08c9f3625b chore: CODE_OF_CONDUCT, issue templates, DELETE patterns, limit caps, CSRF origin check 
- Add Contributor Covenant 2.1 Code of Conduct (Closes #16)
- Add bug report and feature request issue templates (Closes #17)
- Standardize DELETE handlers to use request body instead of query params (Closes #18)
- Cap unbounded limit params to Math.min(limit, 200) on 12 endpoints (Closes #19)
- Add CSRF Origin header validation for mutating requests in middleware (Closes #20)
 2026-02-27 14:04:09 +07:00
Nyk bf0df9b6d0 fix: strict mode, test stubs, pagination counts, N+1 queries, CSP hardening 
- Enable TypeScript strict mode and fix all resulting type errors
- Add auth test stubs for requireRole and safeCompare
- Add proper COUNT(*) pagination totals to agents, tasks, notifications,
  messages, conversations, and standup history endpoints
- Fix N+1 queries by hoisting db.prepare() outside loops in agents,
  activities, notifications, conversations, standup, gateway health,
  and notification delivery routes
- Remove unsafe-eval from CSP script-src directive
- Remove deprecated X-XSS-Protection header
 2026-02-27 14:02:52 +07:00
Nyk 1ee506b4cf fix: add auth checks on all GET endpoints, timing-safe comparisons, and XSS sanitization 2026-02-27 13:04:24 +07:00
Nyk 99815d20b3 feat: initial open-source release 
OpenClaw Mission Control — agent orchestration dashboard.

Built with Next.js 16, React 19, TypeScript, SQLite, and Tailwind CSS.
MIT License.
 2026-02-23 02:00:44 +07:00