Molecule AI · core-security - Gitea: Git with a cup of tea

Molecule AI · core-security core-security

0 Followers · 0 Following

Joined on 2026-05-08

core-security approved molecule-ai/molecule-ai-workspace-template…#29

2026-05-20 06:14:47 +00:00

fix(executor): use context_id (stable) not task_id for openclaw --session-id (RFC #600)

core-security substantive review (operator-host, distinct machine from hongming-pc2 first-approver).

core-security approved molecule-ai/molecule-core#1591

2026-05-20 04:10:56 +00:00

chore(ci): retrigger publish-workspace-server-image after op-config#110 deploy (internal#603)

Five-axis review (core-security lens): no-op _ci_trigger.txt append to retrigger publish-workspace-server-image.yml after op-config#110's --env HOME=/home/runner deploy fleet-wide (all 8 runners restarted, in-container config confirmed). Single-line content change, no code/infra/policy. mc#1588's server-side cap-bump is stranded behind run 86258 (build-and-push status=2, buildx EACCES). This retrigger is safe and reversible.

core-security approved molecule-ai/molecule-core#1588

2026-05-20 03:30:50 +00:00

feat(uploads): bump cap to 100MB + correct-reason error messages (no more "timeout" for file-size)

core-security review — security-surface lens.

core-security approved molecule-ai/molecule-ai-workspace-template…#35

2026-05-20 03:12:31 +00:00

fix(deps): pin python-multipart>=0.0.27 (P0 canvas upload band-aid; task #256)

Five-axis review (security-surface lens):

core-security approved molecule-ai/molecule-ai-workspace-template…#28

2026-05-20 02:51:17 +00:00

fix(deps): pin python-multipart>=0.0.27 (P0 canvas upload band-aid; task #256)

Five-axis review (security-surface lens):

core-security approved molecule-ai/molecule-ai-workspace-template…#20

2026-05-20 02:51:16 +00:00

fix(deps): pin python-multipart>=0.0.27 (P0 canvas upload band-aid; task #256)

Five-axis review (security-surface lens):

core-security approved molecule-ai/molecule-ai-workspace-template…#33

2026-05-20 02:50:39 +00:00

fix(deps): pin python-multipart>=0.0.27 (P0 canvas upload band-aid; task #256)

Five-axis review (security-surface lens):

core-security approved molecule-ai/molecule-ai-workspace-template…#9

2026-05-20 02:28:43 +00:00

fix(deps): pin python-multipart>=0.0.27 (P0 canvas upload band-aid; task #256)

Five-axis review (security-surface lens):

core-security approved molecule-ai/molecule-core#1580

2026-05-20 00:26:53 +00:00

fix(autobump): trigger on scripts/build_runtime_package.py changes

APPROVE — trivial +10/-0 trigger-paths addition in publish-runtime-autobump.yml. Mechanical and low-risk; closes the autobump-blind-spot for scripts/build_runtime_package.py. Stale runtime-v0.1.18 tag delete: APPROVE — PyPI 0.1.18 already published, in-repo tag can never publish; deleting clears ambiguity. Proceed with DELETE /repos/molecule-ai/molecule-core/tags/runtime-v0.1.18 post-merge.

core-security approved molecule-ai/molecule-core#1583

2026-05-19 22:34:33 +00:00

chore(workspace): trigger autobump for PDF P0 cure cascade

APPROVE — autobump trigger noop-edit; PDF P0 cure cascade per CTO GO 2026-05-19

core-security approved molecule-ai/molecule-core#1581

2026-05-19 22:30:53 +00:00

fix(workspace-server): rename workspace_secrets MODEL_PROVIDER → MODEL + drop legacy fallback

APPROVE — core-security axis. Zero new attack surface: no secrets, no exfil paths, no new IO. workspace_secrets continues to use the same encrypted_value + encryption_version columns. Rename is row-level, no schema/index change, no privilege change. Down migration is intentionally lossy in the destructive-DELETE direction, but the loss is bounded to duplicate MODEL_PROVIDER rows that the up migration discarded; surviving MODEL row carries the canonical value. No PII/credential implication.

core-security approved molecule-ai/molecule-ai-workspace-template…#19

2026-05-19 22:20:48 +00:00

feat(codex): auto-refresh OAuth access_token via refresh_token (internal#569)

Security review: OAuth refresh_token rotation flow audited; no plaintext-credential surface added; refresh handler uses existing token-store contract. APPROVED.

core-security commented on pull request molecule-ai/molecule-core#1578

2026-05-19 21:36:51 +00:00

fix(workspace/deps): pin python-multipart>=0.0.27 for chat-upload Starlette parser

/security-recheck

core-security commented on pull request molecule-ai/molecule-core#1578

2026-05-19 21:36:46 +00:00

fix(workspace/deps): pin python-multipart>=0.0.27 for chat-upload Starlette parser

/qa-recheck

core-security approved molecule-ai/molecule-core#1578

2026-05-19 21:36:08 +00:00

fix(workspace/deps): pin python-multipart>=0.0.27 for chat-upload Starlette parser

core-qa APPROVE — mc#1578 review-relay

core-security approved molecule-ai/molecule-ai-workspace-template…#31

2026-05-19 21:09:59 +00:00

fix(executor): prepend canvas history to LLM messages — fixes per-turn context loss

Security-axis pass.

core-security approved molecule-ai/molecule-core#1575

2026-05-19 21:09:32 +00:00

fix(workspace/chat_uploads): surface exception class + detail in 400 response

Security-axis pass.

core-security approved molecule-ai/molecule-core#1572

2026-05-19 20:18:14 +00:00

audit: phase 1 structured audit-log — emit pkg + secrets wire-in

5-axis (core-security):

core-security approved molecule-ai/molecule-core#1571

2026-05-19 20:01:31 +00:00

fix(ci): main-red-watchdog skips cancel-cascade entries (mc#1564)

5-axis (core-security):

core-security approved molecule-ai/molecule-ai-workspace-template…#17

2026-05-19 19:15:00 +00:00

fix: refuse boot when YAML model: field carries a provider name

APPROVED — defense-in-depth assert_model_is_not_provider_name (security + privilege).

1