Files

HackWeasel b9dfb86260 GT AI OS Community Edition v2.0.33

Security hardening release addressing CodeQL and Dependabot alerts:

- Fix stack trace exposure in error responses
- Add SSRF protection with DNS resolution checking
- Implement proper URL hostname validation (replaces substring matching)
- Add centralized path sanitization to prevent path traversal
- Fix ReDoS vulnerability in email validation regex
- Improve HTML sanitization in validation utilities
- Fix capability wildcard matching in auth utilities
- Update glob dependency to address CVE
- Add CodeQL suppression comments for verified false positives

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

2025-12-12 17:04:45 -05:00

1013 B

Raw Blame History

Contributing to GT AI OS Community

Thank you for your interest in GT AI OS Community Edition.

Reporting Issues

All contributions are handled through GitHub Issues.

Bug Reports

To report a bug, please open a new issue at: https://github.com/gt-edge-ai/gt-ai-os-community/issues

Include the following information:

Description of the issue
Steps to reproduce
Expected behavior vs. actual behavior
Platform (macOS, Ubuntu, or DGX)
Relevant error messages or logs

Feature Requests

To request a new feature, open a GitHub Issue with:

Description of the proposed feature
Use case and benefits
Any implementation suggestions (optional)

Questions

For questions about GT AI OS, open a GitHub Issue with "Question:" at the beginning of the title.

Code of Conduct

All participants must adhere to our Code of Conduct.

License

By participating in this project, you agree that any contributions will be licensed under the Apache License 2.0.

1013 B Raw Blame History