Pulse/frontend-modern
rcourtman 524f42cc28 security: complete Phase 1 sensor proxy hardening
Implements comprehensive security hardening for pulse-sensor-proxy:
- Privilege drop from root to unprivileged user (UID 995)
- Hash-chained tamper-evident audit logging with remote forwarding
- Per-UID rate limiting (0.2 QPS, burst 2) with concurrency caps
- Enhanced command validation with 10+ attack pattern tests
- Fuzz testing (7M+ executions, 0 crashes)
- SSH hardening, AppArmor/seccomp profiles, operational runbooks

All 27 Phase 1 tasks complete. Ready for production deployment.
2025-10-20 15:13:37 +00:00
..
public Fix settings security tab navigation 2025-10-11 23:29:47 +00:00
scripts Fix settings security tab navigation 2025-10-11 23:29:47 +00:00
src security: complete Phase 1 sensor proxy hardening 2025-10-20 15:13:37 +00:00
.eslintignore Fix settings security tab navigation 2025-10-11 23:29:47 +00:00
.eslintrc.cjs Fix settings security tab navigation 2025-10-11 23:29:47 +00:00
.gitignore Fix settings security tab navigation 2025-10-11 23:29:47 +00:00
.prettierignore Fix settings security tab navigation 2025-10-11 23:29:47 +00:00
.prettierrc Fix settings security tab navigation 2025-10-11 23:29:47 +00:00
alert_settings_tabs.png Fix settings security tab navigation 2025-10-11 23:29:47 +00:00
index.html Fix settings security tab navigation 2025-10-11 23:29:47 +00:00
package-lock.json fix: upgrade vitest to 3.2.4 2025-10-16 14:43:36 +00:00
package.json fix: upgrade vitest to 3.2.4 2025-10-16 14:43:36 +00:00
postcss.config.js Fix settings security tab navigation 2025-10-11 23:29:47 +00:00
tailwind.config.js Fix settings security tab navigation 2025-10-11 23:29:47 +00:00
tsconfig.json Fix settings security tab navigation 2025-10-11 23:29:47 +00:00
tsconfig.node.json Fix settings security tab navigation 2025-10-11 23:29:47 +00:00
vite.config.ts Fix settings security tab navigation 2025-10-11 23:29:47 +00:00