onyx-tasks

History

Tristan Michael fa87dbe12b security: additional credential hardening - Use :: separator in scoped keyring keys to prevent ambiguity with usernames containing dots (e.g. com.onyx.webdav.host::user) - Auto-migrate legacy credentials to scoped format on load, removing old unscoped entries after successful migration - Add 10MB response size limit on PROPFIND to prevent memory exhaustion from malicious servers (checks Content-Length header + actual body) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-03 10:43:09 -07:00
..
onyx-cli	security: update callers for hardened credential API	2026-04-03 10:11:40 -07:00
onyx-core	security: additional credential hardening	2026-04-03 10:43:09 -07:00

Tristan Michael fa87dbe12b security: additional credential hardening

- Use :: separator in scoped keyring keys to prevent ambiguity with
  usernames containing dots (e.g. com.onyx.webdav.host::user)
- Auto-migrate legacy credentials to scoped format on load, removing
  old unscoped entries after successful migration
- Add 10MB response size limit on PROPFIND to prevent memory exhaustion
  from malicious servers (checks Content-Length header + actual body)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-04-03 10:43:09 -07:00

onyx-cli

security: update callers for hardened credential API

2026-04-03 10:11:40 -07:00

onyx-core

security: additional credential hardening

2026-04-03 10:43:09 -07:00