GT AI OS Community Edition v2.0.33

Security hardening release addressing CodeQL and Dependabot alerts: - Fix stack trace exposure in error responses - Add SSRF protection with DNS resolution checking - Implement proper URL hostname validation (replaces substring matching) - Add centralized path sanitization to prevent path traversal - Fix ReDoS vulnerability in email validation regex - Improve HTML sanitization in validation utilities - Fix capability wildcard matching in auth utilities - Update glob dependency to address CVE - Add CodeQL suppression comments for verified false positives 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-12 17:04:45 -05:00
commit b9dfb86260
746 changed files with 232071 additions and 0 deletions
--- a/packages/utils/dist/tests/setup.js
+++ b/packages/utils/dist/tests/setup.js
@@ -0,0 +1,20 @@
+"use strict";
+/**
+ * Test setup for utility functions
+ */
+// Mock environment variables for testing
+process.env.JWT_SECRET = 'test-jwt-secret-for-testing-only';
+process.env.MASTER_ENCRYPTION_KEY = 'test-master-key-32-bytes-long-test';
+// Mock crypto for consistent testing
+jest.mock('crypto', () => {
+    const originalCrypto = jest.requireActual('crypto');
+    return {
+        ...originalCrypto,
+        randomBytes: jest.fn().mockImplementation((size) => {
+            return Buffer.alloc(size, 'a'); // Return consistent fake random bytes
+        }),
+        randomInt: jest.fn().mockReturnValue(5), // Return consistent fake random int
+    };
+});
+// Global test timeout
+jest.setTimeout(10000);