molecule-core

History

molecule-ai[bot] 059644bc37 fix(wsauth): add removed-workspace JOIN to ValidateToken (#697 ) Defense-in-depth: workspace-scoped ValidateToken now rejects tokens belonging to workspaces with status='removed' at the DB layer, even when revoked_at IS NULL. Mirrors the same guard added to ValidateAnyToken in #696. Updated all test mock patterns (workspace_test, a2a_proxy_test, secrets_test, admin_test_token_test, middleware) to match the new JOIN query. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>		2026-04-17 12:46:27 +00:00
..
cmd/server	feat(platform): wire github-app-auth plugin for per-installation tokens	2026-04-16 12:52:20 -07:00
internal	fix(wsauth): add removed-workspace JOIN to ValidateToken (#697 )	2026-04-17 12:46:27 +00:00
migrations	fix(migrations): TEXT→UUID in 028_workspace_artifacts — unblocks all E2E CI	2026-04-17 02:48:08 -07:00
pkg/provisionhook	fix(github): refresh installation token when TTL < 10 min (#547 ) (#567 )	2026-04-17 00:47:03 +00:00
Dockerfile	fix: address all code review findings + remove exposed secrets	2026-04-16 05:05:49 -07:00
Dockerfile.tenant	fix: address all code review findings + remove exposed secrets	2026-04-16 05:05:49 -07:00
entrypoint-tenant.sh	feat(platform): auto-detect SaaS tenant → control plane provisioner	2026-04-16 11:50:52 -07:00
go.mod	feat(platform): wire github-app-auth plugin for per-installation tokens	2026-04-16 12:52:20 -07:00
go.sum	feat(platform): wire github-app-auth plugin for per-installation tokens	2026-04-16 12:52:20 -07:00