fix(security-changelog): remove CWE-22 duplicate (docs#41 is canonical)

docs#41 is designated canonical for CWE-22 2026-05-13 entry. Removes duplicate from this PR per TW + hongming-pc2 review guidance. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
fix(docs): fix corrupted security/changelog.md and healthcheck path
2026-05-16 13:41:45 +00:00 · 2026-05-15 11:45:59 +00:00 · 2026-05-15 11:34:24 +00:00 · 2026-05-15 11:32:05 +00:00 · 2026-05-15 11:31:33 +00:00 · 2026-05-14 04:19:32 +00:00
1 changed files with 38 additions and 0 deletions
@@ -8,6 +8,44 @@ Entries are published daily at 23:50 UTC.

 ---

+## 2026-05-14
+
+### 🔒 Security
+- **Canvas accessibility round 3**: WCAG AA contrast fixes, focus-visible rings, and ARIA attribute corrections applied across `ConversationTraceModal`, `ErrorBoundary`, `ExternalConnectModal`, `MissingKeysModal`, `ProviderModelSelector`, `ConversationTraceModal`, `ActivityTab`, `ScheduleTab`, and `SkillsTab`. (`molecule-core` [#936](https://git.moleculesai.app/molecule-ai/molecule-core/pulls/936), [#949](https://git.moleculesai.app/molecule-ai/molecule-core/pulls/949))
+
+### 🧹 Internal
+
+- **CI/CD hardening** (`molecule-core`): publish workflow Docker healthcheck made pipefail-safe (`#952`); `sop-checklist-gate` renamed to `sop-checklist` (`#951`); `continue-on-error` flipped from `true` to `false` on platform-build CI (`#935`); `canvas-deploy-reminder` removed from all-required checks (`#938`); `GITHUB_EVENT_BEFORE` fallback corrected in handlers-postgres-integration detect-changes step (`#937`); publish deploy images on every main push enabled (`#939`); SOP tier-check BURN-IN comment updated to reference `internal#343` (`#934`).
+- **Test coverage additions** (`molecule-core`): OFFSEC-003 test assertions corrected for ZWSP-escaped values (`#946`); `executeDelegation` integration test calls updated for staging (`#945`); unit tests added for `walkOrgWorkspaceNames` and `resolveParentOrgID` in org handlers (`#941`).
+- **`_sanitize_a2a.py` aliases added**: `_A2A_BOUNDARY_START` and `_A2A_BOUNDARY_END` added as convenience aliases for the canonical trust-boundary markers, matching test expectations (`#934`).
+
+---
+
+## 2026-05-13
+
+### ✨ New features
+
+- **Docker HEALTHCHECK for workspace containers**: the workspace `Dockerfile` now includes a `HEALTHCHECK --interval=30s --timeout=5s --retries=3` directive that probes `http://localhost:${PORT:-8000}/.well-known/agent-card.json`. Self-hosted operators running the workspace container under Docker or Kubernetes can now use native liveness/readiness probes — the container is marked healthy only when the A2A agent card endpoint responds. (`molecule-core` [#883](https://git.moleculesai.app/molecule-ai/molecule-core/pulls/883))
+
+### 📚 Documentation
+
+- **Security section expanded**: the [Security hub](/docs/security) now includes a link to the [OWASP Agentic Top 10](/docs/security/owasp-agentic-top-10) risk framework and the [Security Changelog](/docs/security/changelog) alongside the existing SAFE-MCP advisory. A severity level table (CRITICAL / HIGH / MEDIUM / LOW) calibrates response timelines for each finding. (`docs` [#35](https://git.moleculesai.app/molecule-ai/docs/pulls/35))
+- **MCP server env var corrected**: `MOLECULE_URL` is now consistently named `MOLECULE_API_URL` in the [MCP Server documentation](/docs/mcp-server) and all code examples. The old name is no longer referenced on any public surface. (`docs` [#34](https://git.moleculesai.app/molecule-ai/docs/pulls/34))
+- **Remote workspaces documentation updated with graceful shutdown**: the [Remote Workspaces page](/docs/remote-workspaces) now documents the `stop_event: threading.Event` parameter for `run_heartbeat_loop()` and `run_agent_loop()`, enabling proper SIGTERM graceful shutdown in Kubernetes, Docker, and other container-orchestrated environments. The `PLATFORM_URL` default has also been corrected to `http://host.docker.internal:8080` for containerized development. (`docs` [#29](https://git.moleculesai.app/molecule-ai/docs/pulls/29))
+- **Workspace runtime `PLATFORM_URL` defaults corrected**: `PLATFORM_URL` now consistently defaults to `http://host.docker.internal:8080` across all workspace runtime modules (`a2a_cli.py`, `a2a_client.py`, `a2a_mcp_server.py`, and 10 others). Previously some modules defaulted to `http://platform:8080`, causing connection failures in containerized deployments where the Docker host is not named `platform`. (`docs` [#32](https://git.moleculesai.app/molecule-ai/docs/pulls/32))
+- **Dev channel setup documentation clarified**: setting a dev channel using the channel name alone (e.g. `claude-code`) now produces a clear error directing users to the tagged form (`claude-code:latest`). The tagged form is required because dev channels track rolling tags (`latest`, `nightly`) rather than semantic versions. (`docs` [#30](https://git.moleculesai.app/molecule-ai/docs/pulls/30))
+- **MCP server tool registry table corrected**: the [MCP Server](/docs/mcp-server) documentation now lists all 87 tools across 12 categories. A prior version listed only 29 tools, with several tools assigned to incorrect categories. (`molecule-mcp-server` [#5](https://git.moleculesai.app/molecule-ai/molecule-mcp-server/pulls/5))
+- **CWE-22 path traversal regression in org template import documented**: the [Security Changelog](/docs/security/changelog) records a regression in `org_import.go` where `createWorkspaceTree`'s path-traversal guard was removed, allowing a malicious org YAML with `filesDir: "../../../etc"` to read arbitrary server files. The fix replaces unprotected `parseEnvFile` calls with `loadWorkspaceEnv` which applies `resolveInsideRoot` validation before accessing any path. (`docs` [#31](https://git.moleculesai.app/molecule-ai/docs/pulls/31), `molecule-core` [#810](https://git.moleculesai.app/molecule-ai/molecule-core/pulls/810))
+- **EC2 Instance Connect staging IAM permission documented**: the [EC2 provisioner tutorial](/docs/tutorials/aws-ec2-provisioner) and internal observability runbook now document the `ssm:SendCommand` permission required on the EC2 Instance Connect IAM role for staging tenant Vector installation via SSM. (`docs` [#33](https://git.moleculesai.app/molecule-ai/docs/pulls/33))
+
+### 🧹 Internal
+
+- **Internal platform hardening** (`molecule-core`): Go handler checks restored to main (`#871`); main test blockers repaired (`#900`); rows.Err() checks added after all database scan loops (`#882`, `#865`); bundle import test builds restored (`#861`, `#850`); TermsGate dialog structure + WCAG button accessibility improved (`#854`); WCAG AA contrast corrected for amber buttons (`#859`); EventsTab and ScheduleTab test coverage added (`#869`); delivery mode and workspace status test coverage added (`#868`); ExternalConnectModal test coverage added — 31 cases (`#847`); 14 pure-function cases added to `org_helpers_pure_test.go` (`#840`); `pgplugin` store dual-fields test fixed with `regexp.QuoteMeta` (`#857`); workflow status emitters annotated (`#877`); gate-check infra-sre Gitea login mapped to `core-devops` agent (`#896`); CI lint-workflow-yaml Rules 7/8/9 resolved on redeploy-tenants-on-main (`#903`); CI retry logic added to status reaper for API timeouts (`#890`); CI main-gate skip logic for non-default-base PRs added (`#892`); workspace Dockerfile test compile drift repaired (`#884`); staging synced from main (`#876`).
+- **CI tooling migration** (`molecule-core`, `molecule-sdk-python`): `.github/workflows/` renamed to `.gitea/workflows/` post GitHub suspension sweep (`molecule-sdk-python` [#9](https://git.moleculesai.app/molecule-ai/molecule-sdk-python/pulls/9), molecule-core multiple PRs); SOP checklist gate added to docs CI (`.gitea/scripts/sop-checklist-gate.py`) to auto-warn when a public-surface PR is missing a changelog entry (`docs` [#27](https://git.moleculesai.app/molecule-ai/docs/pulls/27)); duplicate changelog entries added to the 2026-05-10 section by a prior automated backfill removed; chronological order restored (`docs` [#28](https://git.moleculesai.app/molecule-ai/docs/pulls/28)).
+- **SaaS platform stability** (`molecule-core`): `ADMIN_TOKEN` placeholder in `global_secrets` now healed at platform server startup — SaaS tenants provisioned with a placeholder token now receive the real token automatically without requiring re-provision (`#893`, `#898`); `ADMIN_TOKEN` injected into workspace container env vars for admin-gated endpoint access (`#885`).
+
+---
+
 ## 2026-05-12

 ### 🔒 Security
Author	SHA1	Message	Date
Molecule AI App & Docs Lead	85d5280799	fix(security-changelog): remove CWE-22 duplicate (docs#41 is canonical) CI / build (pull_request) Waiting to run Details Secret scan / secret-scan (pull_request) Waiting to run Details docs#41 is designated canonical for CWE-22 2026-05-13 entry. Removes duplicate from this PR per TW + hongming-pc2 review guidance. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-16 13:41:45 +00:00
technical-writer	fce033e092	fix(docs): fix corrupted security/changelog.md and healthcheck path Secret scan / secret-scan (pull_request) Successful in 1s Details CI / build (pull_request) Successful in 4m16s Details - security/changelog.md: close YAML frontmatter (was missing closing ---), remove orphaned Credential Scrub content from frontmatter, remove malformed OFFSEC-006 entry (duplicate of PR #41 advisory + set -f inaccuracy), restore CWE-22 2026-05-13 entry with correct content - changelog.mdx: fix healthcheck path to /.well-known/agent-card.json (verified against workspace/boot_routes.py on molecule-core main)	2026-05-15 11:45:59 +00:00
app-lead	c570ddc4cc	fix(docs): remove duplicate OFFSEC-006 section per hongming-pc2 review Secret scan / secret-scan (pull_request) Successful in 2s Details CI / build (pull_request) Failing after 2m33s Details	2026-05-15 11:34:24 +00:00
app-lead	5bc16bbf22	fix(docs): remove duplicate OFFSEC-006 section per hongming-pc2 review (docs#41 has authoritative entry) Secret scan / secret-scan (pull_request) Successful in 1s Details CI / build (pull_request) Successful in 4m35s Details	2026-05-15 11:32:05 +00:00
app-lead	e9aac3629c	fix(docs): remove duplicate OFFSEC-006 entry per hongming-pc2 review (docs#41 has authoritative entry; set -f claim inaccurate) Secret scan / secret-scan (pull_request) Successful in 2m3s Details CI / build (pull_request) Successful in 4m10s Details	2026-05-15 11:31:33 +00:00
documentation-specialist	3992150a47	docs(security): add OFFSEC-006 + CWE-22 regression to Security Changelog Secret scan / secret-scan (pull_request) Successful in 1m29s Details CI / build (pull_request) Successful in 3m24s Details - OFFSEC-006 (2026-05-14): tenant slug SSRF + token exfiltration in promote-tenant-image.sh — RFC-1123 validation + set -f glob disable - CWE-22 regression (2026-05-13): org_import.go path traversal — loadWorkspaceEnv replaces parseEnvFile Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-14 04:19:32 +00:00
documentation-specialist	5830875200	docs(changelog): add 2026-05-14 entry — OFFSEC-006 + canvas a11y + CI hardening Secret scan / secret-scan (pull_request) Successful in 1m0s Details CI / build (pull_request) Successful in 2m57s Details ## 2026-05-14 - 🔒 Security: OFFSEC-006 tenant slug SSRF + token exfiltration fix (core#933) - 🔧 Fixes: canvas WCAG AA round 3 (core#936, #949) - 🧹 Internal: CI hardening + test coverage additions + _sanitize_a2a aliases Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-14 04:16:42 +00:00
documentation-specialist	cece1d6e03	docs(changelog): add 2026-05-13 daily entry CI / build (pull_request) Successful in 4m19s Details ## New features - Docker HEALTHCHECK for workspace containers (core#883) ## Documentation - Security hub backfill: OWASP link + severity table (docs#35) - MOLECULE_URL → MOLECULE_API_URL rename (docs#34) - Remote workspaces graceful shutdown docs (docs#29) - PLATFORM_URL defaults corrected to host.docker.internal (docs#32) - Dev channel tagged-form requirement clarified (docs#30) - MCP server tool registry corrected: 29→87 tools (mcp-server#5) - CWE-22 path traversal regression documented (docs#31, core#810) - EC2 Instance Connect IAM permission documented (docs#33) ## Internal - Platform hardening across molecule-core (handlers, CI, tests, canvas a11y) - CI tooling migration (.github → .gitea) - SaaS ADMIN_TOKEN self-heal on startup Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-14 00:07:00 +00:00