wrenn-releases

tksadik92/wrenn-releases

Fork 0

forked from wrenn/wrenn

Commit Graph

Author	SHA1	Message	Date
pptx704	dd50cfdcb1	fix: security hardening from CSO audit - Add auth failure logging (login, API key, JWT) with IP/email/prefix - Move OAuth JWT from URL params to short-lived cookies to prevent token leakage via browser history, server logs, and Referer headers - Pin Swagger UI to v5.18.2 with SRI integrity hashes - Upgrade Go toolchain to 1.25.8 (fixes 5 called stdlib vulns) - Fix unchecked error in host agent credential refresh - Add .gstack to .gitignore for security report artifacts	2026-04-08 03:46:31 +06:00
pptx704	a3898d68fb	Port envd from e2b with internalized shared packages and Connect RPC - Copy envd source from e2b-dev/infra, internalize shared dependencies into envd/internal/shared/ (keys, filesystem, id, smap, utils) - Switch from gRPC to Connect RPC for all envd services - Update module paths to git.omukk.dev/wrenn/{sandbox,sandbox/envd} - Add proto specs (process, filesystem) with buf-based code generation - Implement full envd: process exec, filesystem ops, port forwarding, cgroup management, MMDS integration, and HTTP API - Update main module dependencies (firecracker SDK, pgx, goose, etc.) - Remove placeholder .gitkeep files replaced by real implementations	2026-03-09 21:03:19 +06:00
pptx704	bd78cc068c	Initial project structure for Wrenn Sandbox Set up directory layout, Makefiles, go.mod files, docker-compose, and empty placeholder files for all packages.	2026-03-09 17:22:47 +06:00

Author

SHA1

Message

Date

pptx704

dd50cfdcb1

fix: security hardening from CSO audit

- Add auth failure logging (login, API key, JWT) with IP/email/prefix
- Move OAuth JWT from URL params to short-lived cookies to prevent
  token leakage via browser history, server logs, and Referer headers
- Pin Swagger UI to v5.18.2 with SRI integrity hashes
- Upgrade Go toolchain to 1.25.8 (fixes 5 called stdlib vulns)
- Fix unchecked error in host agent credential refresh
- Add .gstack to .gitignore for security report artifacts

2026-04-08 03:46:31 +06:00

pptx704

a3898d68fb

Port envd from e2b with internalized shared packages and Connect RPC

- Copy envd source from e2b-dev/infra, internalize shared dependencies
  into envd/internal/shared/ (keys, filesystem, id, smap, utils)
- Switch from gRPC to Connect RPC for all envd services
- Update module paths to git.omukk.dev/wrenn/{sandbox,sandbox/envd}
- Add proto specs (process, filesystem) with buf-based code generation
- Implement full envd: process exec, filesystem ops, port forwarding,
  cgroup management, MMDS integration, and HTTP API
- Update main module dependencies (firecracker SDK, pgx, goose, etc.)
- Remove placeholder .gitkeep files replaced by real implementations

2026-03-09 21:03:19 +06:00

pptx704

bd78cc068c

Initial project structure for Wrenn Sandbox

Set up directory layout, Makefiles, go.mod files, docker-compose,
and empty placeholder files for all packages.

2026-03-09 17:22:47 +06:00

3 Commits