DECNET/development at 638236113d51618aaf5e409892ec8308c7a4079e - DECNET - RESACA Chile: Donde la ciberseguridad se chupa una chela.

anti/DECNET

Files

History

anti 638236113d feat(webhooks): non-blocking http:// warning + WH-03 accepted risk

WebhookResponse now carries a `warnings: list[str]` field. When the
subscription's URL starts with http://, an `insecure_url` advisory is
surfaced on every GET/CREATE without blocking the request. HMAC still
detects tampering regardless of transport — only read-confidentiality
is lost over plaintext — and test/dev environments without TLS stay
usable.

Matches the operator-trust posture already established by DA-06
(admin-on-admin protection is out of scope). The alternative — hard
rejection at admin time — was considered and declined; warning-plus-
visibility is the right shape.

THREAT_MODEL WH-03 accepted risk registered; revisit triggers are
multi-admin delegation, a regulated customer, or an operator ticket
asking for a DECNET_WEBHOOK_REQUIRE_HTTPS enforcement knob.

2026-04-24 15:53:30 -04:00

..

refactor: strip DECNET tokens from container-visible surface

2026-04-17 22:57:53 -04:00

docs(profiles): archive locust run artifacts under development/profiles

2026-04-17 22:05:35 -04:00

ast_graph.md

moved: AST graphs into develpment/ folder

2026-04-12 03:42:08 -04:00

BUG_FIXES.md

feat(smtp): fix DATA state machine; add SMTP_OPEN_RELAY mode

2026-04-10 01:03:47 -04:00

BUGS.md

docs(bugs): document SSE /api/v1/stream BrokenPipe storm (BUG-003)

2026-04-17 17:48:42 -04:00

complete_execution_graph.md

moved: AST graphs into develpment/ folder

2026-04-12 03:42:08 -04:00

COVERAGE.md

Docs: Generated full coverage report in development/COVERAGE.md

2026-04-12 03:36:13 -04:00

DEBT.md

docs(debt): DEBT-036 — session-profile ingester (keystroke dynamics)

2026-04-24 10:41:55 -04:00

DEVELOPMENT_V2.md

docs(dev): post-v1 roadmap + check off shipped "Commands executed" item

2026-04-23 21:52:15 -04:00

DEVELOPMENT.md

docs(webhook): roadmap tick + threat-model component

2026-04-24 15:48:14 -04:00

docker-compose.otel.yml

feat: add OpenTelemetry distributed tracing across all DECNET services

2026-04-15 23:23:13 -04:00

EVENTS.md

chore: move development docs to development/ and clean up project root

2026-04-07 20:07:56 -04:00

execution_graphs.md

moved: AST graphs into develpment/ folder

2026-04-12 03:42:08 -04:00

FUTURE.md

docs: Detail attachable Swarm overlay backend in FUTURE.md

2026-04-10 03:00:03 -04:00

HARDENING.md

docs(HARDENING): rewrite roadmap based on live scan findings

2026-04-10 16:38:27 -04:00

ICS_SCADA.md

feat(smtp): fix DATA state machine; add SMTP_OPEN_RELAY mode

2026-04-10 01:03:47 -04:00

IMAP_BAIT.md

feat(smtp): fix DATA state machine; add SMTP_OPEN_RELAY mode

2026-04-10 01:03:47 -04:00

mermaid.svg

moved: mermaid graph to development folder

2026-04-12 03:42:43 -04:00

nmap-output-post-fixes.txt

refactor(ssh): consolidate real_ssh into ssh, remove duplication

2026-04-11 19:51:41 -04:00

NOTES.md

feat: implement dynamic decky mutation and fix dot-separated INI sections

2026-04-08 00:16:57 -04:00

postpostfixnmap.txt

chore: fix unused imports in tests and update development roadmap

2026-04-12 03:46:23 -04:00

REALISM_AUDIT.md

docs: Append bug ledger implementation plan to REALISM_AUDIT.md

2026-04-10 01:58:23 -04:00

SMTP_RELAY.md

feat(smtp): fix DATA state machine; add SMTP_OPEN_RELAY mode

2026-04-10 01:03:47 -04:00

THREAT_MODEL.md

feat(webhooks): non-blocking http:// warning + WH-03 accepted risk

2026-04-24 15:53:30 -04:00