Redflag

Files

Fimeg 3f9164c7ca fix: complete security vulnerability remediation

Critical Security Fixes:
- Fix JWT secret derivation vulnerability - replace deriveJWTSecret with cryptographically secure GenerateSecureToken
- Secure setup interface - remove JWT secret display and API response exposure
- Fix database migration 012 parameter naming conflict in mark_registration_token_used function
- Restore working Docker Compose environment variable configuration

Security Impact:
- Eliminates system-wide compromise risk from admin credential exposure
- Removes sensitive JWT secret exposure during setup process
- Ensures cryptographically secure JWT token generation
- Fixes agent registration and token creation functionality

Testing:
- Agent registration working properly
- Token consumption tracking functional
- Registration tokens created without 500 errors
- Secure JWT secret generation verified

2025-10-31 10:41:04 -04:00

001_initial_schema.down.sql

Session 4 complete - RedFlag update management platform

2025-10-13 16:46:31 -04:00

001_initial_schema.up.sql

Session 4 complete - RedFlag update management platform

2025-10-13 16:46:31 -04:00

003_create_update_tables.up.sql

v0.1.17: UI fixes, Linux improvements, documentation overhaul

2025-10-30 22:17:48 -04:00

004_fix_update_logs_foreign_key.up.sql

v0.1.17: UI fixes, Linux improvements, documentation overhaul