Merged
Conversation
… improve architecture - Split 2000-line electron/ipc/handlers.cjs into 9 domain-specific modules (auth, entities, admin, license, barriers, ahhq, labs, clinical, operations) with shared session state and utilities in shared.cjs - Add 33 comprehensive business logic tests covering priority scoring, donor matching, FHIR validation/import, notification rules, password validation, and entity helper functions - Fix FHIR parameter mismatch (fhir_bundle -> fhir_data) in FHIRImporter - Add React ErrorBoundary component wrapping the entire app - Add .env.example documenting all environment variables - Add docs/ARCHITECTURE.md with system diagrams and module map - Harden LICENSE_FAIL_OPEN to also check app.isPackaged (prevents leak to production) - Harden default credential seeding (suppress console output in production) - Remove unused moment dependency, standardize on date-fns - Convert utils/index.ts to .js for codebase consistency - Upgrade apiClient.js with safeApiCall error handling utility - Add test execution step to CI workflow - Fix pre-existing lint error in LabsPanel.jsx Made-with: Cursor
…etter-sqlite3 compiles Made-with: Cursor
…LE_VERSION mismatch Made-with: Cursor
…ilities
CRITICAL fixes:
- Add input validation for MELD/LAS/PRA/cPRA medical scores with range checking
- Add HLA typing format validation, parsing, and proper match scoring
- Implement HIPAA-compliant audit trail (WHO/WHAT/WHEN/WHERE/WHY) with SHA-256
record hashing for immutability verification
- Sanitize patient names in all notifications to prevent XSS/injection
- Mitigate race conditions in donor matching via patient freshness re-check
- Cache parsed HLA antigens to avoid redundant regex splitting per patient
HIGH fixes:
- Replace generic catch-all error handlers across all Deno functions with
structured logging and safe error responses (no internal details leaked)
- Fix license bypass vulnerability in App.jsx (fail-closed on error)
- Harden license check in electron/main.cjs with clock-skew protection
- Add CSP, X-Frame-Options, X-Content-Type-Options headers in Electron
MEDIUM fixes:
- Refactor App.jsx license state to useReducer with discriminated auth errors
- Extract magic numbers into named constants (functions/lib/constants.ts)
- Sanitize diagnosis text in FHIR export against injection
- Add comprehensive tests for priority score boundaries and HLA matching
- Add HIPAA compliance matrix documentation
New shared modules: functions/lib/{constants,validators,logger,audit}.ts
Made-with: Cursor
CRITICAL (1-8):
1. DevTools disabled in production builds with event listener block
2. HIPAA BAA requirements documented (docs/HIPAA_BAA_REQUIREMENTS.md)
3. Encryption key management procedures documented
4. Audit log immutability enforced via SQLite triggers (no UPDATE/DELETE)
5. Structured error logging with file rotation (electron/ipc/errorLogger.cjs)
6. Medical score validators for electron IPC layer (MELD/LAS/PRA/HLA)
7. Backup integrity verification with SHA-256 checksums
8. SECURITY.md expanded with full threat model and defense-in-depth architecture
HIGH (9-14):
9. Security workflow hardened with fail-on-moderate, lockfile check
10. Data residency controls for export destination validation
11. Disaster recovery plan with RTO/RPO objectives
12. Compliance audit trail report generator for HIPAA reviews
13. Production deployment checklist
14. Secrets management template (.env.PRODUCTION.example)
MEDIUM (15-17):
15. Code signing config added to electron-builder.enterprise.json
16. IPC rate limiting per handler with configurable limits
17. package-lock.json committed for reproducible builds
New IPC handlers registered: backup, dataResidency, auditReport
New docs: BAA, encryption, disaster recovery, deployment, threat model,
API security, operations manual
Made-with: Cursor
… validation, migrations, key rotation, and comprehensive testing Critical: - Enhanced backup verification with actual DB restore test (disasterRecovery.cjs) - Added FHIR R4 structural validation for Patient, Condition, Observation, Bundle - Added database migration strategy with versioned, transactional migrations - Added encryption key rotation service with audit trail and cooldown - Added request context tracing for end-to-end operation linking Testing: - Added compliance validation tests (31 checks: HIPAA, FDA, org isolation, security) - Added performance load tests (5000 patients, 50k audit logs, <1s queries) - Added Playwright E2E test framework with app launch and API verification - Enhanced CI security workflow with Snyk scanning and load test jobs Documentation: - Created incident response runbook (HIPAA breach notification procedures) - Created comprehensive production deployment guide (step-by-step) - Created full API reference for all IPC channels and parameters Made-with: Cursor
…eAuditLogTriggers() Moved HIPAA 164.312(b) audit log immutability triggers from inline init.cjs code to a dedicated exported function in schema.cjs with standardized trigger names (audit_logs_immutable_update, audit_logs_immutable_delete). Updated compliance tests to verify triggers exist in schema.cjs. Made-with: Cursor
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
…cy audit, native module rebuild - Fix shared.cjs: remove duplicate logAudit function and INSERT from bad merge - Fix package.json: remove duplicate test/test:security/test:business scripts from merge - Fix CodeQL: use iterative tag stripping in sanitizePlainText to prevent bypass - Fix dependency audit: update jspdf to 4.2.1 (fixes 9 CVEs), run npm audit fix (0 vulns) - Fix security workflow: add system deps + npm rebuild for native sqlite module - Fix audit flag: use --omit=dev instead of deprecated --production Made-with: Cursor
…-closed crash Made-with: Cursor
Made-with: Cursor
Owner
Author
|
commit |
Made-with: Cursor
Made-with: Cursor
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Brief description of the changes.
Type of Change
Testing
How has this been tested?
Checklist
Compliance Considerations
Screenshots
If applicable, add screenshots.