Michael Freno 0afdf8b6e8 FRE-4500: Fix security review findings (Critical/High/Medium/Low) ...

- Critical #1: Add auth check to ingest endpoints (use request.user.id)
- Critical #2: Add IDOR protection on group endpoints (userId ownership)
- High #3: Register auth middleware in server.ts (populates request.user)
- High #4: Add Fastify schema validation to all route handlers
- Medium #5: Add NormalizedAlert/CorrelationGroup models to Prisma schema
- Medium #6: Sanitize payload storage in normalizer (depth limit, circular ref)
- Low #7: Restrict CORS origins (use CORS_ORIGIN env var)
Co-Authored-By: Paperclip <noreply@paperclip.ing>

2026-05-02 16:40:01 -04:00

..

src

Consolidate @shieldai/db and @shieldsai/shared-db packages (FRE-4603)

2026-05-02 15:06:02 -04:00

test

Add tier-based scan scheduler and webhook triggers (FRE-4498)

2026-04-30 10:57:56 -04:00

Dockerfile

Add tier-based scan scheduler and webhook triggers (FRE-4498)

2026-04-30 10:57:56 -04:00

package.json

Add cross-service alert correlation system FRE-4500

2026-05-02 01:10:44 -04:00

tsconfig.json

FRE-4471: Scaffold DarkWatch MVP — monorepo, schema, services, API routes, tests

2026-04-29 09:47:45 -04:00

vitest.config.ts

FRE-4500: Fix security review findings (Critical/High/Medium/Low)

2026-05-02 16:40:01 -04:00