ruv 47223a98be fix: security hardening — replace fake HMAC, add path traversal protection, OTA auth (ADR-050) ... Sprint 1 security fixes from quality engineering analysis (issue #170): - Replace XOR-fold fake HMAC with real HMAC-SHA256 (hmac + sha2 crates) in secure_tdm.rs - Add path traversal sanitization on DELETE /api/v1/models/:id and /api/v1/recording/:id - Default bind address changed from 0.0.0.0 to 127.0.0.1 (configurable via --bind-addr / SENSING_BIND_ADDR) - Add PSK authentication to ESP32 OTA firmware upload endpoint (ota_update.c) - Flip WASM signature verification to default-on (CONFIG_WASM_SKIP_SIGNATURE opt-out vs opt-in) - Add 6 new security tests: HMAC key/message sensitivity, determinism, wrong-key rejection, bit-flip detection, enforcing mode - Add clap env feature for environment variable configuration All 106 hardware crate tests pass. Sensing server compiles clean. Closes #170 Co-Authored-By: claude-flow <ruv@ruv.net>		2026-03-06 13:11:04 -05:00
..
.claude-flow	chore: Update daemon state and metrics	2026-02-28 14:43:34 +00:00
crates	fix: security hardening — replace fake HMAC, add path traversal protection, OTA auth (ADR-050)	2026-03-06 13:11:04 -05:00
data	docs: update README with ADR-045–048, Observatory, adaptive classifier, AMOLED display	2026-03-05 10:20:48 -05:00
docs	feat: Complete Rust port of WiFi-DensePose with modular crates	2026-01-13 03:11:16 +00:00
examples	feat: Add wifi-Mat disaster detection enhancements	2026-01-13 18:23:03 +00:00
patches/ruvector-crv	feat: ADR-033 CRV signal-line integration + ruvector-crv 6-stage pipeline	2026-03-01 22:21:59 -05:00
Cargo.lock	fix: security hardening — replace fake HMAC, add path traversal protection, OTA auth (ADR-050)	2026-03-06 13:11:04 -05:00
Cargo.toml	fix: security hardening — replace fake HMAC, add path traversal protection, OTA auth (ADR-050)	2026-03-06 13:11:04 -05:00