Vantz Stockwell 463908b18e fix(nats): security review — secure-by-default + per-tenant inbox isolation ...

Two HIGH findings from automated review on the generator, both fixed:
1. Cross-tenant inbox access: per-license users were granted _INBOX.>,
   letting license A subscribe to license B's request-reply responses.
   Now scoped to corrosion.{license}.> ONLY; replies must ride the
   license namespace (corrosion.{license}.reply.<id>) — documented in
   PROTOCOL.md. Agent unchanged (responds to msg.reply); constraint is
   on the requester (internal user has full >).
2. Default-open auth bypass: generator defaulted to stage=open with a
   full-access anonymous user — a stale regen left the broker wide open.
   Now defaults to enforce (secure by default); the explicit 'open'
   migration stage maps anonymous to a harmless corrosion.unclaimed.>
   namespace, never real tenant subjects. Committed bootstrap default
   hardened the same way.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>

2026-06-11 12:39:31 -04:00

.claude

docs: Add CLAUDE.md and Claude Code settings

2026-02-15 12:28:16 -05:00

.gitea/workflows

ci: full test gate — types, frontend build, agent tests, agent<->backend contract suite

2026-06-11 10:59:44 -04:00

backend

feat(api): fleet data model Phase A — License -> Host -> Instance

2026-06-11 12:00:52 -04:00

backend-nest

feat(nats): per-license auth mechanism — agent user/password, scoped broker, generator (non-breaking)

2026-06-11 12:33:27 -04:00

companion-agent

fix(panel): real auto-updating version + remove fake agent footer; rename companion -> Corrosion host agent

2026-06-11 09:03:37 -04:00

contract-tests

ci: full test gate — types, frontend build, agent tests, agent<->backend contract suite

2026-06-11 10:59:44 -04:00

corrosion-host-agent

fix(nats): security review — secure-by-default + per-tenant inbox isolation

2026-06-11 12:39:31 -04:00

docker

fix(nats): security review — secure-by-default + per-tenant inbox isolation

2026-06-11 12:39:31 -04:00

docs

feat: Add Phase 5 store configuration UI

2026-02-15 14:57:30 -05:00

frontend

feat(fleet): Phase B — fleet overview UI + GET /api/fleet read endpoint

2026-06-11 12:32:55 -04:00

infra

fix: Remove Gitea env var pre-config (let wizard handle it)

2026-02-15 13:32:20 -05:00

plugin

feat: Add CorrosionTeleportGUI uMod plugin — in-game teleport CUI

2026-02-22 01:12:34 -05:00

scripts

fix(nats): security review — secure-by-default + per-tenant inbox isolation

2026-06-11 12:39:31 -04:00

.env.example

fix(frontend): env-driven marketing host detection

2026-06-11 10:47:15 -04:00

.gitignore

chore: Update .gitignore — protect MCP credentials, add NestJS outputs

2026-02-16 00:45:10 -05:00

AGENTS.md

fix(marketing): strip dead Discord invite from footer; docs: Scout tier -> sonnet[1m]

2026-06-11 09:28:06 -04:00

CHANGELOG.md

feat(seo): per-route titles + meta descriptions; ci: honest runner test

2026-06-11 10:35:58 -04:00

CLAUDE.md

docs(claude): Lesson 26 — jail-at-entry doesn't jail the recursive walk (security review caught what my review missed)

2026-06-11 12:04:23 -04:00

corrosion-final-push.md

chore: Wave 5 — marketing copy fix + operation log

2026-02-21 13:36:44 -05:00

deploy-remote.sh

fix: Schema alignment and code corrections (COA 2)

2026-02-15 18:23:33 -05:00

generate-sqlx-cache.sh

fix: Schema alignment and code corrections (COA 2)

2026-02-15 18:23:33 -05:00

hardpush.log

feat: Implement Phase 6 B2B hosting integration (minimal viable B2B)

2026-02-15 15:05:17 -05:00

PHASE456_AUDIT.md

fix: Schema alignment and code corrections (COA 2)

2026-02-15 18:23:33 -05:00

Description

Corrosion Admin Panel repository

41 MiB

Releases 18

Corrosion Host Agent v1.0.9 Latest

2026-06-11 09:03:37 -04:00

Languages

Vue 40.1%

TypeScript 25.8%

Rust 24.8%

Go 4%

C# 2.8%

Other 2.3%