Skip to content

fix(security): harden SDK auth transports#969

Open
bokelley wants to merge 1 commit into
mainfrom
sdk-security-review
Open

fix(security): harden SDK auth transports#969
bokelley wants to merge 1 commit into
mainfrom
sdk-security-review

Conversation

@bokelley

@bokelley bokelley commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

Harden SDK-owned authenticated transports by rejecting non-loopback HTTP for auth/signing, disabling ambient proxy env use, and securing MCP streamable HTTP/SSE factories.
Fail idempotency closed when an idempotency key arrives without caller identity, tighten CLI config file permissions, and preserve AAO divergence SSRF/IP-pinning defaults.
This is an intentional security behavior change for non-loopback plaintext HTTP auth/signing users, who should move to HTTPS or loopback-only local development.
Validated with ruff, commit hooks, expert subagent review, and the full pytest suite: 5970 passed, 33 skipped, 10 deselected, 1 xfailed.

Comment thread src/adcp/exceptions.py
ADCPError.__init__(self, message, agent_id=agent_id, suggestion=suggestion)


class IdempotencyScopeError(ADCPTaskError):
Comment thread src/adcp/config.py
CONFIG_DIR.mkdir(parents=True, exist_ok=True, mode=0o700)
try:
CONFIG_DIR.chmod(0o700)
except OSError:
Comment thread src/adcp/config.py
with open(temp_file, "w") as f:
try:
temp_file.unlink()
except FileNotFoundError:
Comment thread src/adcp/config.py
temp_file.replace(CONFIG_FILE)
try:
CONFIG_FILE.chmod(0o600)
except OSError:
@bokelley bokelley marked this pull request as ready for review July 3, 2026 11:54
@aao-ipr-bot

aao-ipr-bot Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

⚠️ Argus review could not complete

The automated review encountered an issue (possibly reached max turns, timed out, or failed to post the final gh pr review). A human reviewer should take this PR.

View workflow run

This is an automated message from the Argus AI review workflow.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant