john/tractatus
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
tractatus/src/utils
History
TheFlow b078eec634 security: implement Quick Wins security middleware (inst_041-046) 
- Add security headers middleware (CSP, HSTS, X-Frame-Options, etc.)
- Add rate limiting (100 req/15min public, 5 req/min forms)
- Add input validation and sanitization middleware
- Add response sanitization (hide stack traces, remove sensitive fields)
- Add centralized security event logging to audit trail
- Disable CSRF (deprecated package, will implement modern solution in Phase 3)
- Update security logger to use HOME-based log path

Implements: inst_041, inst_042, inst_043, inst_044, inst_045, inst_046
Refs: docs/plans/security-implementation-roadmap.md
2025-10-14 15:18:49 +13:00
..
db.util.js feat: add governance document and core utilities 2025-10-06 23:34:40 +13:00
document-section-parser.js feat: fix documentation system - cards, PDFs, TOC, and navigation 2025-10-07 22:51:55 +13:00
jwt.util.js feat: add governance document and core utilities 2025-10-06 23:34:40 +13:00
logger.util.js feat: add governance document and core utilities 2025-10-06 23:34:40 +13:00
markdown.util.js feat: fix documentation system - cards, PDFs, TOC, and navigation 2025-10-07 22:51:55 +13:00
mongoose.util.js feat: implement Rule Manager and Project Manager admin systems 2025-10-11 17:16:51 +13:00
security-logger.js security: implement Quick Wins security middleware (inst_041-046) 2025-10-14 15:18:49 +13:00