Merge branch 'main' into dev_363_edit_ser_res

Author: rakdutta

.dockerignore

@@ -100,6 +100,7 @@ TOKEN_EXPIRY=10080
 # Require all JWT tokens to have expiration claims (true or false)
 REQUIRE_TOKEN_EXPIRATION=false
 
+
 # Used to derive an AES encryption key for secure auth storage
 # Must be a non-empty string (e.g. passphrase or random secret)
 AUTH_ENCRYPTION_SECRET=my-test-salt
@@ -129,6 +130,10 @@ ALLOWED_ORIGINS='["http://localhost", "http://localhost:4444"]'
 # Enable CORS handling in the gateway
 CORS_ENABLED=true
 
+# Enable HTTP Basic Auth for docs endpoints (in addition to Bearer token auth)
+# Uses the same credentials as BASIC_AUTH_USER and BASIC_AUTH_PASSWORD
+DOCS_ALLOW_BASIC_AUTH=false
+
 #####################################
 # Retry Config for HTTP Requests
 #####################################
@@ -284,4 +289,4 @@ DEBUG=false
 
 # Gateway tool name separator
 GATEWAY_TOOL_NAME_SEPARATOR=-
-VALID_SLUG_SEPARATOR_REGEXP= r"^(-{1,2}|[_.])$"
+VALID_SLUG_SEPARATOR_REGEXP= r"^(-{1,2}|[_.])$"

.env.example

@@ -60,7 +60,7 @@ jobs:
   dependencies:
     name: 📦 Dependency Scan
     runs-on: ubuntu-latest
-    
+
     steps:
       # -------------------------------------------------------------
       # 0️⃣  Checkout source
@@ -108,7 +108,7 @@ jobs:
   code-security:
     name: 🔐 Code Security (SAST)
     runs-on: ubuntu-latest
-    
+
     steps:
       # -------------------------------------------------------------
       # 0️⃣  Checkout source
@@ -163,7 +163,7 @@ jobs:
   container-security:
     name: 🐳 Container Security
     runs-on: ubuntu-latest
-    
+
     steps:
       # -------------------------------------------------------------
       # 0️⃣  Checkout source
@@ -223,7 +223,7 @@ jobs:
   iac-security:
     name: 🏗️ IaC Security
     runs-on: ubuntu-latest
-    
+
     steps:
       # -------------------------------------------------------------
       # 0️⃣  Checkout source
@@ -253,7 +253,7 @@ jobs:
                 --json-file-output="snyk-iac-${file%.y*ml}.json" || true
             fi
           done
-          
+
           # Test Containerfiles
           for file in Containerfile*; do
             if [ -f "$file" ]; then
@@ -308,7 +308,7 @@ jobs:
     name: 📋 Generate SBOM
     runs-on: ubuntu-latest
     if: github.event_name == 'push' && github.ref == 'refs/heads/main'
-    
+
     steps:
       # -------------------------------------------------------------
       # 0️⃣  Checkout source
@@ -337,7 +337,7 @@ jobs:
         run: |
           # Get version from pyproject.toml
           VERSION=$(grep -m1 version pyproject.toml | cut -d'"' -f2 || echo "0.0.0")
-          
+
           # Generate CycloneDX format
           snyk sbom \
             --format=cyclonedx1.5+json \
@@ -346,7 +346,7 @@ jobs:
             --version=$VERSION \
             --json-file-output=sbom-cyclonedx.json \
             . || true
-          
+
           # Generate SPDX format
           snyk sbom \
             --format=spdx2.3+json \
@@ -376,7 +376,7 @@ jobs:
     runs-on: ubuntu-latest
     needs: [dependencies, code-security, container-security, iac-security]
     if: always()
-    
+
     steps:
       # -------------------------------------------------------------
       # 0️⃣  Download all artifacts
@@ -397,16 +397,16 @@ jobs:
           echo "**Triggered by:** ${{ github.event_name }}" >> $GITHUB_STEP_SUMMARY
           echo "**Severity Threshold:** ${{ github.event.inputs.severity-threshold || 'high' }}" >> $GITHUB_STEP_SUMMARY
           echo "" >> $GITHUB_STEP_SUMMARY
-          
+
           echo "## 📋 Scan Results" >> $GITHUB_STEP_SUMMARY
           echo "" >> $GITHUB_STEP_SUMMARY
-          
+
           # List all result files
           echo "### 📁 Generated Reports:" >> $GITHUB_STEP_SUMMARY
           find snyk-results -type f -name "*.json" -o -name "*.sarif" | while read -r file; do
             echo "- \`$(basename "$file")\`" >> $GITHUB_STEP_SUMMARY
           done
-          
+
           echo "" >> $GITHUB_STEP_SUMMARY
           echo "---" >> $GITHUB_STEP_SUMMARY
-          echo "*View detailed results in the [Security tab](../../security/code-scanning) or download artifacts from this workflow run.*" >> $GITHUB_STEP_SUMMARY
+          echo "*View detailed results in the [Security tab](../../security/code-scanning) or download artifacts from this workflow run.*" >> $GITHUB_STEP_SUMMARY

.github/workflows/snyk.yml.inactive

@@ -0,0 +1,53 @@
+# .markdownlint-cli2.yaml
+# Configuration for markdownlint-cli2
+
+# Ignore certain paths
+ignores:
+  - "node_modules/**"
+  - ".venv/**"
+  - "venv/**"
+  - "dist/**"
+  - "build/**"
+  - ".git/**"
+  - "htmlcov/**"
+  - "docs/coverage/**"
+  - "site/**"
+  - ".tox/**"
+  - "*.min.md"
+
+# markdownlint configuration
+config:
+  # Enable all rules by default
+  default: true
+
+  # MD003/heading-style - Heading style
+  MD003:
+    style: "atx"  # Require ATX style (e.g., ## Heading)
+
+  # MD007/ul-indent - Unordered list indentation
+  MD007:
+    indent: 4  # Use 4 spaces for list indentation
+
+  # MD009/no-trailing-spaces - Trailing spaces
+  MD009: true  # Flag trailing spaces as errors (default behavior)
+
+  # MD010/no-hard-tabs - Hard tabs
+  MD010: true  # Flag hard tabs as errors (default behavior)
+
+  # MD013/line-length - Line length
+  MD013: false  # Disable line length rule completely
+
+  # Optional: Other commonly configured rules
+  # MD024: false  # Multiple headings with the same content
+  # MD026: false  # Trailing punctuation in heading
+  # MD033: false  # Inline HTML
+  # MD041: false  # First line in file should be a heading
+
+# Show progress while linting
+showProgress: true
+
+# Don't show banner (optional - set to true to suppress version info)
+# noBanner: false
+
+# Fix errors automatically where possible (can be overridden with --fix CLI flag)
+# fix: false

.markdownlint-cli2.yaml

@@ -506,7 +506,7 @@ msg-template=
 #output-format=
 
 # Tells whether to display a full report or only the messages.
-reports=yes
+reports=no
 
 # Activate the evaluation score.
 score=yes