forked from molecule-ai/molecule-core
4b1851a038
Security fixes for the memory backup/restore endpoints merged in PR #1051. ## F1084 / #1131: Memory export exposes all workspaces GET /admin/memories/export now applies redactSecrets() to each content field before including it in the JSON response. Pre-SAFE-T1201 memories (stored before redactSecrets was mandatory on writes) no longer leak credential patterns in the admin export. ## F1085 / #1132: Memory import does not call redactSecrets POST /admin/memories/import now calls redactSecrets() on content before BOTH the deduplication check and the INSERT. This ensures: - Imported memories with embedded credentials cannot land unredacted in agent_memories (SAFE-T1201 / #838 parity with the commit_memory path). - Dedup is performed against the redacted value so two backups with the same original secret both get [REDACTED:*] as their content and are correctly treated as duplicates. ## New tests admin_memories_test.go: 6 tests covering redactSecrets parity on both Export and Import endpoints. Closes #1131. Closes #1132. Co-authored-by: Molecule AI Core-DevOps <core-devops@agents.moleculesai.app> Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com> Co-authored-by: Molecule AI Infra-Runtime-BE <infra-runtime-be@agents.moleculesai.app> |
||
|---|---|---|
| .. | ||
| cmd/server | ||
| internal | ||
| migrations | ||
| pkg/provisionhook | ||
| .gitignore | ||
| Dockerfile | ||
| Dockerfile.tenant | ||
| entrypoint-tenant.sh | ||
| go.mod | ||
| go.sum | ||