c79f96f321
refactor(ssh): consolidate real_ssh into ssh, remove duplication
...
real_ssh was a separate service name pointing to the same template and
behaviour as ssh. Merged them: ssh is now the single real-OpenSSH service.
- Rename templates/real_ssh/ → templates/ssh/
- Remove decnet/services/real_ssh.py
- Deaddeck archetype updated: services=["ssh"]
- Merge test_real_ssh.py into test_ssh.py (includes deaddeck + logging tests)
- Drop decnet.services.real_ssh from test_build module list
2026-04-11 19:51:41 -04:00
08242a4d84
Implement ICS/SCADA and IMAP Bait features
2026-04-10 01:50:08 -04:00
016115a523
fix: clear all addressable technical debt (DEBT-005 through DEBT-025)
...
Security:
- DEBT-008: remove query-string token auth; header-only Bearer now enforced
- DEBT-013: add regex constraint ^[a-z0-9\-]{1,64}$ on decky_name path param
- DEBT-015: stop leaking raw exception detail to API clients; log server-side
- DEBT-016: validate search (max_length=512) and datetime params with regex
Reliability:
- DEBT-014: wrap SSE event_generator in try/except; yield error frame on failure
- DEBT-017: emit log.warning/error on DB init retry; silent failures now visible
Observability / Docs:
- DEBT-020: add 401/422 response declarations to all route decorators
Infrastructure:
- DEBT-018: add HEALTHCHECK to all 24 template Dockerfiles
- DEBT-019: add USER decnet + setcap cap_net_bind_service to all 24 Dockerfiles
- DEBT-024: bump Redis template version 7.0.12 → 7.2.7
Config:
- DEBT-012: validate DECNET_API_PORT and DECNET_WEB_PORT range (1-65535)
Code quality:
- DEBT-010: delete 22 duplicate decnet_logging.py copies; deployer injects canonical
- DEBT-022: closed as false positive (print only in module docstring)
- DEBT-009: closed as false positive (templates already use structured syslog_line)
Build:
- DEBT-025: generate requirements.lock via pip freeze
Testing:
- DEBT-005/006/007: comprehensive test suite added across tests/api/
- conftest: in-memory SQLite + StaticPool + monkeypatched session_factory
- fuzz mark added; default run excludes fuzz; -n logical parallelism
DEBT.md updated: 23/25 items closed; DEBT-011 (Alembic) and DEBT-023 (digest pinning) remain
2026-04-09 19:02:51 -04:00
44de453bb2
refactor: modularize API tests to match router structure
2026-04-09 12:32:31 -04:00
29a2cf2738
refactor: modularize API routes into separate files and clean up dependencies
2026-04-09 11:58:57 -04:00
551664bc43
fix: stabilize test suite by ensuring proper test DB isolation and initialization
2026-04-09 02:31:14 -04:00
69626d705d
feat: implement Bounty Vault for captured credentials and artifacts
2026-04-09 01:52:50 -04:00
13f3d15a36
fix: stabilize tests with synchronous DB init and handle Bandit security findings
2026-04-09 01:33:15 -04:00
8c7ec2953e
fix: handle bcrypt 72-byte limit and increase JWT secret length
2026-04-09 01:11:32 -04:00
0123e1c69e
fix: suppress noisy cleanup warnings in pytest and fix fleet test auth
2026-04-09 01:05:34 -04:00
6c2478ede3
fix: restore missing API endpoints, fix chart rendering, and update date filter formatting
2026-04-08 21:25:59 -04:00
ec503b9ec6
feat: implement advanced live logs with KQL search, histogram, and live/historical modes
2026-04-08 21:01:05 -04:00
6f10e7556f
chore: deleted trash
CI / Lint (ruff) (push) Successful in 11s
CI / Test (pytest) (3.11) (push) Failing after 18s
CI / Test (pytest) (3.12) (push) Failing after 18s
CI / SAST (bandit) (push) Failing after 11s
CI / Dependency audit (pip-audit) (push) Successful in 18s
CI / Open PR to main (push) Has been skipped
2026-04-08 02:07:11 -04:00
32b06afef6
feat: add .env based configuration for API, Web, and Auth options
2026-04-08 01:27:11 -04:00
18de381a43
feat: implement dynamic decky mutation and fix dot-separated INI sections
2026-04-08 00:16:57 -04:00
a9c7ddec2b
fix: enforce absolute paths for state and database files
2026-04-07 23:21:16 -04:00
