sarman/tftsr-devops_investigation
1
1
Fork 0
Code Issues 4 Pull Requests Actions 34 Packages Projects 3 Releases 6 Wiki Activity
f05b954250
tftsr-devops_investigation/src
History
Shaun Arman f05b954250
Some checks failed
Test / rust-fmt-check (pull_request) Failing after 1m25s
Details
Test / frontend-typecheck (pull_request) Successful in 1m37s
Details
Test / frontend-tests (pull_request) Successful in 1m36s
Details
Test / rust-clippy (pull_request) Failing after 3m18s
Details
PR Review Automation / review (pull_request) Successful in 4m19s
Details
Test / rust-tests (pull_request) Successful in 4m30s
Details
fix(security): address PR review — move attachment handling to backend, auto-redact PII 
Resolves all four findings from the automated review:

[BLOCKER 1] Attachment PII scan error path left pendingFiles intact,
allowing retry with stale file references. Fix: file content is no
longer held in frontend state at all — PendingFile drops the content
field entirely. logFileIds are captured before setPendingFiles([]) and
passed directly to the backend.

[BLOCKER 2] Raw file content stored in PendingFile.content created a
UI-visible PII surface and a data-residency risk. Fix: frontend never
reads or stores file content. The backend loads file data from disk,
auto-redacts PII in-memory using pii::apply_redactions(), and embeds
the clean text into the AI message. No PII ever touches the frontend.

[WARNING 1] String-based attachment header parsing was fragile and
bypassable. Fix: parsing is gone — backend identifies attachments by
log_file_id, reads them directly from the DB/disk path, and applies
redaction at that level.

[WARNING 2] Error message disclosed PII type list to the caller. Fix:
PII types are logged via tracing::warn only; no type details in the
user-facing error or API response.

Additionally: typed chat messages are now auto-redacted rather than
blocked. scanTextForPiiCmd runs on the typed text; detected spans are
replaced in reverse-offset order before the message is sent to the AI
and stored in the DB. The user sees the redacted form in their chat
bubble.

Architecture:
- chat_message now accepts log_file_ids: Option<Vec<String>>
- Backend reads file → detects PII → redacts in memory → embeds
- Frontend: no readTextFile, no content field, no frontend PII gate
2026-05-31 19:20:46 -05:00
..
components fix: lint fixes and formatting cleanup 2026-04-09 20:42:40 -05:00
lib fix(security): address PR review — move attachment handling to backend, auto-redact PII 2026-05-31 19:20:46 -05:00
pages fix(security): address PR review — move attachment handling to backend, auto-redact PII 2026-05-31 19:20:46 -05:00
stores feat: attachment DB storage and cross-incident recall 2026-05-31 17:55:47 -05:00
styles fix: dropdown text invisible on macOS + correct codesign order for DMG 2026-03-30 16:43:00 -05:00
App.tsx feat(mcp): add MCP Server Support with TDD implementation 2026-05-23 16:23:48 -05:00
main.tsx feat: initial implementation of TFTSR IT Triage & RCA application 2026-03-14 22:36:25 -05:00