91e4985a8e
- FRE-4499 (SpamShield): Verified 6 security fixes (2 High, 4 Medium) - S01: Pre-compiled regex in RuleEngine (ReDoS fix) - S02: SmsClassifier accepts senderPhoneNumber context - S03: AlertServer JWT auth + origin validation - S04: SHA-256 phone hashing (PII protection) - S05: DecisionEngine timeout enforcement via Promise.race - S06: CarrierFactory.getAllCarriers properly async/await - FRE-4500 (Correlation): Verified 7 security fixes (2 Critical, 2 High, 2 Medium, 1 Low) - C1: Ingest endpoints auth via request.user.id - C2: IDOR protection on group endpoints (userId filter) - H3: JWT middleware registered in server.ts - H4: Fastify schema validation on all routes - M6: Payload sanitization with depth limit and circular ref detection - L7: CORS origin restricted to env var - Resolved liveness incidents FRE-4652 and FRE-4654 - All Phase 5 child issues now complete
29 lines
741 B
JSON
29 lines
741 B
JSON
{
|
|
"name": "@shieldai/api",
|
|
"version": "0.1.0",
|
|
"scripts": {
|
|
"dev": "tsx watch src/server.ts",
|
|
"build": "tsc",
|
|
"start": "node dist/server.js",
|
|
"test": "vitest run",
|
|
"test:coverage": "vitest run --coverage",
|
|
"lint": "eslint src/"
|
|
},
|
|
"dependencies": {
|
|
"@fastify/cors": "^10.0.1",
|
|
"@fastify/helmet": "^13.0.1",
|
|
"@fastify/rate-limit": "^9.0.0",
|
|
"@fastify/sensible": "^6.0.1",
|
|
"@shieldai/db": "workspace:*",
|
|
"@shieldai/types": "workspace:*",
|
|
"@shieldai/correlation": "workspace:*",
|
|
"fastify": "^5.2.0",
|
|
"@shieldai/darkwatch": "workspace:*",
|
|
"@shieldai/voiceprint": "workspace:*"
|
|
},
|
|
"devDependencies": {
|
|
"vitest": "^4.1.5",
|
|
"@vitest/coverage-v8": "^4.1.5"
|
|
}
|
|
}
|