Yusuf Suleman 7c05ef14c7 fix(gateway): remove no-verify SSL context from proxy (#7) ...

All internal services use plain HTTP (Docker network). The
_internal_ssl_ctx with disabled cert verification was a no-op
for HTTP URLs but suggested TLS bypass was in use.

- Removed _internal_ssl_ctx from config.py
- Removed ssl import from config.py
- proxy.py now calls urlopen() without context parameter
- External calls (OpenAI, SMTP2GO, Open Library) already use
  default TLS verification

Verified: dashboard, trips, fitness, budget, inventory all respond correctly.

2026-03-29 13:46:11 -05:00

..

integrations

fix: TLS verification, cookie hardening, and proxy transport (#7)

2026-03-29 09:13:37 -05:00

auth.py

fix: TLS verification, cookie hardening, and proxy transport (#7)

2026-03-29 09:13:37 -05:00

command.py

fix: security and reliability improvements

2026-03-29 07:02:09 -05:00

config.py

fix(gateway): remove no-verify SSL context from proxy (#7)

2026-03-29 13:46:11 -05:00

dashboard.py

fix: complete remaining remediation (#5, #8, #9)

2026-03-29 10:13:00 -05:00

database.py

fix: remove all default credentials (#2)

2026-03-29 09:10:44 -05:00

Dockerfile

fix: deployment hardening — non-root containers and health checks (#10)

2026-03-29 09:18:42 -05:00

proxy.py

fix(gateway): remove no-verify SSL context from proxy (#7)

2026-03-29 13:46:11 -05:00

responses.py

fix: security hardening across platform

2026-03-29 08:25:50 -05:00

server.py

fix(gateway): enforce API key auth on inventory and budget services (#5)

2026-03-29 09:06:41 -05:00

sessions.py

Refactor gateway into modular architecture

2026-03-29 00:14:46 -05:00