fix(security): Phase 1 P0 hardening from cross-project audit
All checks were successful
CI / Lint, Unit Tests & Build (push) Successful in 5m42s
CI / Deploy production (on server) (push) Successful in 33s

Close open uploads, image-proxy SSRF, fail-open AI quotas in production,
auth gaps on app routes, and MCP tenant isolation issues.

Co-authored-by: Cursor <cursoragent@cursor.com>
This commit is contained in:
Antigravity
2026-06-20 16:53:19 +00:00
parent 40f30155c2
commit 4d96605144
16 changed files with 264 additions and 95 deletions

View File

@@ -2,7 +2,7 @@
import { semanticSearchService, SearchResult } from '@/lib/ai/services/semantic-search.service'
import { auth } from '@/auth'
import { reserveUsageOrThrow, QuotaExceededError } from '@/lib/entitlements'
import { reserveUsageOrThrow, QuotaExceededError, QuotaServiceUnavailableError } from '@/lib/entitlements'
export interface SemanticSearchResponse {
results: SearchResult[]
@@ -28,6 +28,11 @@ export async function semanticSearch(
await reserveUsageOrThrow(session.user.id, 'semantic_search');
} catch (err) {
if (err instanceof QuotaExceededError) throw err;
if (err instanceof QuotaServiceUnavailableError || process.env.NODE_ENV === 'production') {
throw err instanceof QuotaServiceUnavailableError
? err
: new QuotaServiceUnavailableError();
}
console.error('[semantic-search] Quota check error (fail-open):', err);
}
}