chnjinlei/hive
1
0
Fork 0
Code Issues Pull Requests Actions 41 Packages Projects Releases Wiki Activity
2,942 Commits 221 Branches 37 Tags
6b86c602c7917655c24804c199b7c922a74e110a
Commit Graph

19 Commits

Author SHA1 Message Date
Aashutosh Pandey 4df924d3d7 fix(security): prevent error_middleware from leaking internal exception details to HTTP clients (#6903) 
The error_middleware was returning str(e) and type(e).__name__ directly
in JSON responses, which could expose file paths, database connection
strings, API key names, and internal class names to untrusted clients.

Changes:
- Return generic 'Internal server error' message instead of raw exception
- Improve server-side log to include request method and path
- Add unit tests verifying no internal details are leaked

The full exception traceback remains available via logger.exception()
for server-side debugging.

Co-authored-by: Aashutosh Pandey <aashutoshpandey@Aashutoshs-MacBook-Air.local>
 2026-04-06 22:50:43 +08:00
Richard Tang ed8d417bef chore: ruff lint 2026-04-03 20:31:14 -07:00
Timothy 1e848d67bb feat: browser extension setup guide 2026-04-03 17:18:53 -07:00
Richard Tang 537667758a refactor: remove worker input and worker session 2026-04-01 19:16:38 -07:00
Richard Tang 6a77a9a7b2 refactor: rename worker functions for clarity 2026-04-01 19:04:44 -07:00
Richard Tang 944567dc31 chore: ruff lint 2026-03-12 16:23:13 -07:00
Richard Tang 596ce9878d feat: unique run id 2026-03-12 11:09:36 -07:00
bryan 59fee56c54 fix: share server credential store with runner to avoid redundant Aden syncs 2026-03-03 17:35:24 -08:00
Bryan @ Aden d766e68d42 Merge pull request #5494 from Antiarin/security/harden-validate-agent-path 
[Bug][Security]: agent_path accepts arbitrary filesystem paths with no validation
 2026-03-02 16:57:51 +00:00
Rajneesh Chaudhary 5ea9abae83 fix(core): prevent sse critical event queue from blocking event bus (#5533) (#5536) 
Disconnects slow clients instead of blocking the publisher task.

Signed-off-by: Rajneesh180 <rajneeshrehsaan48@gmail.com>
 2026-03-02 17:57:52 +08:00
bryan 09460b28bc refactor: move credentials from shell config to ~/.hive 2026-02-27 15:55:08 -08:00
Antiarin e5b6c8581a feat: implement agent path validation and restrict loading to allowed directories 2026-02-28 02:56:31 +05:30
bryan 9ea6c959ae feat: mid-session credential management and MCP resync 2026-02-26 17:03:06 -08:00
bryan 56335927e7 change from agentid to session id 2026-02-24 15:53:14 -08:00
Timothy eef2fa9ffb feature: session manager, superceding agent manager 2026-02-24 15:00:09 -08:00
bryan de9226aae0 credentials 2026-02-23 14:11:16 -08:00
bryan 35738c8279 react structure 2026-02-22 14:52:15 -08:00
bryan 6661934fed harden server apis and agent loading 2026-02-20 18:28:52 -08:00
bryan d4788e147a backend apis for open hive 2026-02-20 18:01:51 -08:00