Molecule AI Fullstack Engineer ceccfeafa8 test(handlers/socket): add socket_test.go — 6 cases for Phase 30.1/30.2 auth gate ... Tests SocketHandler.HandleConnect WebSocket upgrade auth logic: 1. Canvas client (no X-Workspace-ID) → bypasses auth, no DB calls 2. Agent with no live tokens → grandfathered through, no bearer check 3. DB error on HasAnyLiveToken → 500 Internal Server Error 4. Live token present, missing Bearer header → 401 Unauthorized 5. Live token present, invalid Bearer token → 401 Unauthorized Uses sqlmock for DB expectations + miniredis for wsauth token subsystem. Hub.Run() drains the Register channel so WS upgrade attempts don't block. Issue: #699 Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>		2026-05-12 09:15:17 +00:00
..
cmd	docs(runbook): add admin-auth.md covering test-token route lockdown	2026-05-10 02:20:30 +00:00
internal	test(handlers/socket): add socket_test.go — 6 cases for Phase 30.1/30.2 auth gate	2026-05-12 09:15:17 +00:00
migrations	feat(plugins): plugin drift detector + queue + admin apply endpoint (#123)	2026-05-10 00:39:50 +00:00
pkg/provisionhook
.air.toml	feat(local-dev): air-based hot-reload for workspace-server	2026-05-08 08:10:50 -07:00
.ci-force
.gitignore	feat(local-dev): containerize platform + canvas stack via docker-compose (closes #126)	2026-05-08 10:53:39 -07:00
.golangci.yaml
Dockerfile	ci(docker): pin base image digests in all Dockerfiles	2026-05-09 23:56:39 +00:00
Dockerfile.dev	ci(docker): pin base image digests in all Dockerfiles	2026-05-09 23:56:39 +00:00
Dockerfile.tenant	fix(dockerfile-tenant): chown /org-templates to canvas user so !external resolver can mkdir cache	2026-05-09 19:40:52 -07:00
entrypoint-tenant.sh	fix(memory-plugin): gate sidecar spawn on cutover-active	2026-05-05 12:39:03 -07:00
go.mod	fix(platform): add CWE-22 guard to loadWorkspaceEnv (closes #321)	2026-05-11 11:36:14 +00:00
go.sum	[core-lead-agent] fix(core#228): cascade fixes for PluginResolver — make main compile	2026-05-10 09:46:35 +00:00