allucanget/calminer
2
0
Fork 0
Code Pull Requests Actions Packages Releases Activity

chore: Update changelog with Bandit security scan remediation details
Some checks failed
CI / deploy (push) Has been skipped
Details
CI / test (push) Has been skipped
Details
CI / build (push) Has been skipped
Details
CI / lint (push) Failing after 13s
Details

Browse Source
This commit is contained in:
zwitschi
2025-11-12 11:56:05 +01:00
parent e06a6ae068
commit 4488cacdc9
1 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
changelog.md
View File

@@ -1,5 +1,11 @@
# Changelog # Changelog
## 2025-11-13
- Eliminated Bandit hardcoded-secret findings by replacing literal JWT tokens and passwords across auth/security tests with randomized helpers drawn from `tests/utils/security.py`, ensuring fixtures still assert expected behaviours.
- Centralized Bandit configuration in `pyproject.toml`, reran `bandit -c pyproject.toml -r calminer tests`, and verified the scan now reports zero issues.
- Updated `.github/instructions/TODO.md` and `.github/instructions/DONE.md` to reflect the completed security scan remediation workflow.
## 2025-11-12 ## 2025-11-12
- Diagnosed admin bootstrap failure caused by legacy `roles` schema, added Alembic migration `20251112_00_add_roles_metadata_columns.py` to backfill `display_name`, `description`, `created_at`, and `updated_at`, and verified the migration via full pytest run in the activated `.venv`. - Diagnosed admin bootstrap failure caused by legacy `roles` schema, added Alembic migration `20251112_00_add_roles_metadata_columns.py` to backfill `display_name`, `description`, `created_at`, and `updated_at`, and verified the migration via full pytest run in the activated `.venv`.