Jeremie Fraeys
|
4a4d3de8e1
|
feat(security): Manifest security - nonce generation, environment tracking, schema validation
Add cryptographically secure manifest filename nonce generation:
- GenerateManifestNonce() creates 16-byte random nonce (32 hex chars)
- GenerateManifestFilename() creates unique filenames: run_manifest_<nonce>.json
- Prevents enumeration attacks on manifest files
Add ExecutionEnvironment struct to manifest:
- Captures ConfigHash for reproducibility verification
- Records GPU detection method (auto-detected, env override, config, etc.)
- Records sandbox settings (NoNewPrivileges, DropAllCaps, NetworkMode)
- Records compliance mode and manifest nonce
- Records artifact scan exclusions with reason
Add JSON Schema validation:
- schema.json: Canonical schema for manifest validation
- schema_version.go: Schema versioning and compatibility checking
- schema_test.go: Drift detection with SHA-256 hash verification
- Validates required fields (run_id, environment.config_hash, etc.)
- Validates compliance_mode enum values (hipaa, standard)
- Validates no negative sizes in artifacts
Closes: manifest nonce, environment tracking, scan exclusions from security plan
|
2026-02-23 19:43:39 -05:00 |
|