GT AI OS Community Edition v2.0.33

Security hardening release addressing CodeQL and Dependabot alerts: - Fix stack trace exposure in error responses - Add SSRF protection with DNS resolution checking - Implement proper URL hostname validation (replaces substring matching) - Add centralized path sanitization to prevent path traversal - Fix ReDoS vulnerability in email validation regex - Improve HTML sanitization in validation utilities - Fix capability wildcard matching in auth utilities - Update glob dependency to address CVE - Add CodeQL suppression comments for verified false positives 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-12 17:04:45 -05:00
commit b9dfb86260
746 changed files with 232071 additions and 0 deletions
--- a/apps/resource-cluster/app/core/exceptions.py
+++ b/apps/resource-cluster/app/core/exceptions.py
@@ -0,0 +1,45 @@
+"""
+GT 2.0 Resource Cluster Exceptions
+
+Custom exceptions for the resource cluster.
+"""
+
+
+class ResourceClusterError(Exception):
+    """Base exception for resource cluster errors"""
+    pass
+
+
+class ProviderError(ResourceClusterError):
+    """Error from AI model provider"""
+    pass
+
+
+class ModelNotFoundError(ResourceClusterError):
+    """Requested model not found"""
+    pass
+
+
+class CapabilityError(ResourceClusterError):
+    """Capability token validation error"""
+    pass
+
+
+class MCPError(ResourceClusterError):
+    """MCP service error"""
+    pass
+
+
+class DocumentProcessingError(ResourceClusterError):
+    """Document processing error"""
+    pass
+
+
+class RateLimitError(ResourceClusterError):
+    """Rate limit exceeded"""
+    pass
+
+
+class CircuitBreakerError(ProviderError):
+    """Circuit breaker is open"""
+    pass