Vlad Durnea
8ade39ae2d
Some checks failed
CI/CD Pipeline / e2e-tests (push) Has been cancelled
CI/CD Pipeline / build (push) Has been cancelled
CI/CD Pipeline / unit-tests (push) Has been cancelled
CI/CD Pipeline / lint (push) Successful in 3m45s
CI/CD Pipeline / integration-tests (push) Failing after 53s
- Fix 5 source files corrupted with markdown formatting by previous AI - Remove secret logging from auth middleware, signup, and recovery handlers - Add role validation (ALLOWED_ROLES allowlist) to all 10 data_api + storage handlers - Fix JavaScript injection in Deno runtime via double-serialization - Add UUID validation to TUS upload paths to prevent path traversal - Gate token issuance on email confirmation (AUTH_AUTO_CONFIRM env var) - Reject unconfirmed users on login with 403 - Prevent OAuth account takeover (409 on email conflict with different provider) - Replace permissive CORS (allow_origin Any) with ALLOWED_ORIGINS env var - Wire session-based admin auth into control plane, add POST /platform/v1/login - Hide secrets from list_projects API via ProjectSummary struct - Add missing deps (redis, uuid, chrono, tower-http fs feature) - Fix http version mismatch between reqwest 0.11 and axum 0.7 in proxy - Clean up all unused imports across workspace Build: zero errors, zero warnings. Tests: 10 passed, 0 failed. Made-with: Cursor
46 lines
1.1 KiB
TOML
46 lines
1.1 KiB
TOML
[workspace]
|
|
resolver = "2"
|
|
members = [
|
|
"common",
|
|
"gateway",
|
|
"auth",
|
|
"data_api",
|
|
"control_plane",
|
|
"realtime",
|
|
"storage", "functions",
|
|
]
|
|
|
|
[workspace.dependencies]
|
|
tokio = { version = "1.36", features = ["full"] }
|
|
serde = { version = "1.0", features = ["derive"] }
|
|
serde_json = "1.0"
|
|
axum = "0.7"
|
|
tracing = "0.1"
|
|
tracing-subscriber = { version = "0.3", features = ["env-filter", "json"] }
|
|
sqlx = { version = "0.8", features = ["runtime-tokio-rustls", "postgres", "uuid", "chrono", "json", "migrate"] }
|
|
uuid = { version = "1.7", features = ["v4", "serde"] }
|
|
thiserror = "1.0"
|
|
dotenvy = "0.15"
|
|
config = "0.13"
|
|
chrono = { version = "0.4", features = ["serde"] }
|
|
anyhow = "1.0"
|
|
redis = { version = "0.25", features = ["tokio-comp", "aio"] }
|
|
argon2 = "0.5"
|
|
jsonwebtoken = "9.2"
|
|
rand = "0.8"
|
|
regex = "1.10"
|
|
futures = "0.3"
|
|
sha2 = "0.10"
|
|
aws-sdk-s3 = "1.15.0"
|
|
aws-config = "1.1.2"
|
|
aws-types = "1.1.2"
|
|
|
|
# Local dependencies
|
|
common = { path = "common" }
|
|
auth = { path = "auth" }
|
|
data_api = { path = "data_api" }
|
|
control_plane = { path = "control_plane" }
|
|
realtime = { path = "realtime" }
|
|
storage = { path = "storage" }
|
|
functions = { path = "functions" }
|