EternalAI/scripts
chiguyong a921f64ee0 fix(security): apply ce-code-review fixes (1 P0, 6 P1, 6 P2)
P0:
- sync-token.js: remove dead consumeSyncToken code, use crypto.randomBytes for jti

P1:
- admin-sync.js: add SSRF protection (protocol/host allowlist, block private IPs in prod)
- admin-sync.js: add POST /:roleId/reset for syncing state recovery
- admin-sync.js: use BASE_URL env var instead of forgeable Host header
- admin-sync.js: guard catch block to only rollback syncing->failed (not approved)
- admin-config.js: write-protect SYNC_SECRET from manual override
- admin-config.js: add updatedAt to PUT response
- roles.js: reset reviewStatus to pending_review when editing synced role
- roles.js: filter GET /:id by reviewStatus=synced
- scripts/migrate-existing-roles-to-synced.js: data migration for existing roles

P2:
- server.js: mock-hermes use explicit allowlist [development, test]
- auth.js: ADMIN_JWT_SECRET fail-fast in production
- hermes.js: unify error messages to Chinese
- admin-sync.js: do not leak err.message in response
- admin.js: validate pagination params (page/pageSize bounds)

All 54 E2E tests pass (19 admin-sync-flow + 35 existing).
2026-06-21 16:14:53 +08:00
..
migrate-existing-roles-to-synced.js fix(security): apply ce-code-review fixes (1 P0, 6 P1, 6 P2) 2026-06-21 16:14:53 +08:00
seed-admin.js feat: add admin review + Hermes sync workflow with sync_token auth 2026-06-21 15:25:01 +08:00