Skip to content

Consent token files lack restrictive file permissions (+1 more)#90

Merged
danieljustus merged 14 commits into
mainfrom
session/20260522-122322
May 22, 2026
Merged

Consent token files lack restrictive file permissions (+1 more)#90
danieljustus merged 14 commits into
mainfrom
session/20260522-122322

Conversation

@danieljustus
Copy link
Copy Markdown
Owner

@danieljustus danieljustus commented May 22, 2026
edited
Loading

Bundles fixes for multiple open issues. The list below grows as commits land; every linked issue will close automatically on merge.

Milestone: v0.1.2

@danieljustus
fix(consent): enforce 0o600 permissions on token files
154479d 
Add os.chmod(token_file, 0o600) after writing consent tokens.
Also re-permission existing files on verify and list access.

Closes #79
@danieljustus
fix(db): store decrypted temp files in user data dir instead of /tmp
68c3161 
Use tempfile.NamedTemporaryFile(dir=user_data_dir) so decrypted DB
files are in ~/.local/share/openeraseme/ rather than /tmp. Reduces
exposure on shared systems when SIGKILL prevents cleanup.

Closes #80
@danieljustus danieljustus changed the title fix(consent): enforce 0o600 permissions on token files Consent token files lack restrictive file permissions (+1 more) May 22, 2026
danieljustus added 12 commits May 22, 2026 12:34
@danieljustus
security: add pre-commit secrets scanning and CI secrets scan
dcfbbd0 
- Add .pre-commit-config.yaml with detect-private-key hook
- Add secrets-scan CI job using TruffleHog
- Document pre-commit setup in README

Closes #81
@danieljustus
feat: add doctor command for environment checks
3c52805 
- Add  command that checks:
  - Python version (>= 3.11)
  - Required dependencies installed
  - Config directory writable
  - Database accessible
  - Registry loadable
  - Environment variables set

Closes #82
@danieljustus
feat: add actionable next-step guidance to error messages
cac251e 
Improve error messages across the CLI to tell users what to do next:

- 'Not found' errors now suggest the list command to discover valid IDs
- Generic wrapped errors include context-specific next steps
- Missing dependency errors include install instructions
- Missing token/profile errors suggest the command to create them

Files changed:
- services/broker.py, reply.py, auto_confirm.py, manual_task.py
- services/web_form.py, inbox.py, consent.py, captcha.py, scheduler.py
- core/identity.py, adapters/web/confirmation_clicker.py

Closes #83
@danieljustus
feat: add --dry-run support to destructive commands
96ba9df 
Add --dry-run to commands that modify state:
- run-web-form: Show form steps without executing
- solve-captcha: Show captcha parameters without solving
- schedule install: Show scheduler configs without installing
- grant: Show token details without creating it

Closes #84
@danieljustus
refactor: extract shared parse_iso_datetime utility
6248e4d 
- Create core/datetime_utils.py with unified format list
- Replace _parse_dt in deadlines.py, _parse_ts in projection.py,
  _parse_date in himalaya.py with shared utility
- Unify ISO 8601 and RFC 2822 email date formats

Closes #85
@danieljustus
perf: O(1) broker cache key using directory mtime
c9b5476 
Replace per-file mtime stat() calls (1,200+ per lookup) with a single
directory mtime check. Directory mtime changes on add/remove/rename,
covering the main registry update scenario.

Closes #86
@danieljustus
perf: incremental rebuild_all_states() only processes dirty requests
ceb14ad 
Replace full rebuild with incremental approach:
- Find requests with events newer than their last projected event
- Only rebuild state for those requests
- Skip rebuild entirely when no new events exist

Closes #87
@danieljustus
perf: cache validated Broker objects per-file
50d9a00 
Add _BROKER_FILE_CACHE keyed by (file_path, mtime) to avoid
re-validating unchanged broker YAMLs on cache misses.
Reduces cold-start validation from 1,200+ to only changed files.

Closes #88
@danieljustus
feat: add batch_size support to tick engine
46dc93c 
Add --batch-size parameter to limit tick processing per run:
- run_tick() accepts optional batch_size LIMIT
- CLI tick command gets --batch-size option
- Prevents memory spikes on large campaigns

Closes #89
@danieljustus
fix: resolve CI failures on lint, validation and orchestrator tests
5e19c89 
- Fix 7 broker YAMLs with invalid email endpoints (notes moved to notes field)
- Fix ruff lint errors: unused imports, extraneous f-string, long line
- Fix E402 import-not-at-top-of-file in deadlines.py
- Fix orchestrator to skip web_form-only brokers in plan_campaign
- Filter eligible email brokers before applying max_brokers limit

Refs PR #90
@danieljustus
style: ruff format
59f2204
@danieljustus
fix: mypy type errors in orchestrator and db
cc024dd
@danieljustus danieljustus marked this pull request as ready for review May 22, 2026 12:27
Copilot AI review requested due to automatic review settings May 22, 2026 12:27
Copilot AI reviewed May 22, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot encountered an error and was unable to review this pull request. You can try again by re-requesting a review.

@danieljustus danieljustus merged commit b48ca18 into main May 22, 2026
12 of 13 checks passed
@danieljustus danieljustus deleted the session/20260522-122322 branch May 22, 2026 12:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment