Aimpress/cohorta
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
cohorta/.claude/settings.local.json
Vadym Samoilenko 3e1865edbd Apply Jintech security audit remediation (sprint 3) — 87/92 findings fixed 
- Fix missing await on FocusGroup.get_messages() (N-L1)
- Replace time.sleep with asyncio.sleep in key_theme_service and focus_group_service (N-P10)
- Replace flask import with quart in focus_groups.py (N-S3)
- Add logger.error before all 500 returns in focus_groups.py (N-P6)
- Add logging to silent except blocks across routes (N-M10, N-M11)
- Add @rate_limit to 6 remaining AI endpoints (N-H4)
- Add --confirm flag to populate scripts before delete_many (S-H2)
- Remove hardcoded Azure ID fallbacks from msal_service.py and msalConfig.ts (A-M2, F-H4)
- Centralize make_serializable() in utils.py, remove duplicates from 3 route files (N-P7)
- Replace all datetime.utcnow() with datetime.now(timezone.utc) across entire backend (M-L2)
- AuthContext.tsx: only mark token validated on 200 success, not on non-401 errors (F-H2)
- Rename authType → auth_type in auth.py (N-S4)
- Add security_report.md and security_report.pdf with full 92-finding status

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-20 12:51:18 +00:00

58 lines
2.8 KiB
JSON
Raw Permalink Blame History

{
"permissions": {
"allow": [
"Bash(chmod:*)",
"Bash(grep:*)",
"Bash(ls:*)",
"Bash(mkdir:*)",
"Bash(npm run lint)",
"Bash(npx eslint:*)",
"Bash(npm run build:dev:*)",
"WebFetch(domain:ai-sandbox.oliver.solutions)",
"Bash(curl:*)",
"Bash(rg:*)",
"Bash(sed:*)",
"Bash(npm run build:*)",
"Bash(source:*)",
"Bash(python:*)",
"Bash(find:*)",
"Bash(npx tsc:*)",
"WebFetch(domain:platform.openai.com)",
"WebFetch(domain:cookbook.openai.com)",
"Bash(pip uninstall:*)",
"Bash(pip install:*)",
"mcp__gpt5-bridge__call_gpt5",
"WebSearch",
"Bash(pip show:*)",
"Bash(git -C /Volumes/SSD/Projects/Oliver/semblance log --oneline --diff-filter=A -- backend/.env)",
"Bash(git -C /Volumes/SSD/Projects/Oliver/semblance ls-files backend/.env)",
"Bash(cp:*)",
"Bash(git rm:*)",
"Bash(PYTHONPATH=. python3 -c \"from app import create_app; print\\(''''OK''''\\)\")",
"Bash(pip3 show:*)",
"Bash(pip3 install:*)",
"Bash(npm list:*)",
"Bash(npx --yes puppeteer --version)",
"Bash(\"/Applications/Google Chrome.app/Contents/MacOS/Google Chrome\" --headless=new --disable-gpu --no-sandbox --print-to-pdf=\"/Volumes/SSD/Projects/Oliver/semblance/security_report.pdf\" --print-to-pdf-no-header --no-pdf-header-footer \"file:///Volumes/SSD/Projects/Oliver/semblance/security_report.html\")",
"Bash(pip3 list:*)",
"Bash(git restore:*)",
"Bash(for f:*)",
"Bash(do grep:*)",
"Bash(do)",
"Bash(sed -i '' 's/from datetime import datetime, timedelta$/from datetime import datetime, timedelta, timezone/' \"$f\")",
"Bash(sed -i '' 's/from datetime import datetime$/from datetime import datetime, timezone/' \"$f\")",
"Bash(sed -i '' 's/datetime\\\\.utcnow\\(\\)/datetime.now\\(timezone.utc\\)/g' \"$f\")",
"Bash(done)",
"Bash(sed -i '' 's/datetime\\\\.datetime\\\\.utcnow\\(\\)/datetime.datetime.now\\(datetime.timezone.utc\\)/g' /Volumes/SSD/Projects/Oliver/semblance/backend/scripts/populate_db_direct.py /Volumes/SSD/Projects/Oliver/semblance/backend/scripts/populate_db.py)",
"Bash(sed -i '' 's/str\\(datetime\\\\.datetime\\\\.utcnow\\(\\)\\)/datetime.datetime.now\\(datetime.timezone.utc\\).isoformat\\(\\)/g' /Volumes/SSD/Projects/Oliver/semblance/backend/scripts/populate_db.py)",
"Bash(brew install:*)",
"Bash(pandoc security_report.md -o security_report.pdf --pdf-engine=xelatex -V geometry:margin=1in -V fontsize=11pt)",
"Bash(pandoc security_report.md -o security_report.pdf --pdf-engine=wkhtmltopdf)",
"Bash(pandoc security_report.md -o security_report.pdf)",
"Bash(pandoc --list-output-formats)",
"Bash(weasyprint --version)"
],
"deny": []
},
"enableAllProjectMcpServers": false
}
Reference in a new issue View git blame Copy permalink