Skip to content

feat(security): analytics service disclosure control and audit logging#13

Draft
Copilot wants to merge 12 commits into
devfrom
copilot/enhance-analytics-service-security
Draft

feat(security): analytics service disclosure control and audit logging#13
Copilot wants to merge 12 commits into
devfrom
copilot/enhance-analytics-service-security

Conversation

Copy link
Copy Markdown
Contributor

Copilot AI commented Mar 26, 2026
edited
Loading

  • Confirm baseline test status (mvn test green)
  • Inspect pom.xml and identify explicit vulnerable pins (spring-boot, spring-core, spring-security-web/core, tomcat-embed-core)
  • Validate target patched versions via advisory DB (Tomcat 10.1.54, Spring Boot 3.4.5, Spring Security 6.5.9, Spring Framework 6.2.11)
  • Update dependency management to patched lines and remove hard-coded vulnerable pins that bypass BOM
  • Fix compatibility issue by unpinning httpclient5 to BOM-managed compatible version
  • Run focused failing integration/security tests and confirm green
  • Run full mvn test and confirm all tests pass with no exceptions

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

Copilot AI and others added 3 commits March 26, 2026 11:08
@danibanezRepos
feat: add disclosure control layer and audit logging to AnalyticsService
7500c6f 
- DisclosureControlService: minimum-subset rule, categorical k-anonymity
  cell suppression, date histogram suppression, outlier-value stripping,
  correlation suppression on small subsets
- AnalyticsAuditService: structured audit log (per-operation, per-file,
  principal-aware) to dedicated rolling AUDIT logger
- Wire both services into all four AnalyticsService processing paths
- AnalyticsController: request-level audit entries on all endpoints
- logback.xml: rolling audit file appender (daily, 30-day retention)
- logback-test.xml: test override routing AUDIT to console
- application.properties: configurable disclosure thresholds via env vars
- DisclosureControlServiceTest: 12 unit tests covering all suppression rules
- AnalyticsServiceTest, AnalyticsControllerTest: updated mocks

Co-authored-by: danibanezRepos <129841581+danibanezRepos@users.noreply.github.com>
Agent-Logs-Url: https://github.com/tecnomod-um/MEDIATA_node/sessions/2fa23ef0-2cd7-4cc4-93f5-7ef075a0f27d
@danibanezRepos
Changes before error encountered
967e189 
Co-authored-by: danibanezRepos <129841581+danibanezRepos@users.noreply.github.com>
Agent-Logs-Url: https://github.com/tecnomod-um/MEDIATA_node/sessions/ec1c380b-f0f5-482e-aab9-4fa604bb9603
@danibanezRepos
fix(disclosure): generous thresholds, k-anon outlier rule, audit test…
dd9be9d 
…s, fix test data

Co-authored-by: danibanezRepos <129841581+danibanezRepos@users.noreply.github.com>
Agent-Logs-Url: https://github.com/tecnomod-um/MEDIATA_node/sessions/6dcc3c78-f3ba-4696-ac58-f94356e96e34
Copilot AI requested a review from danibanezRepos March 26, 2026 15:00
@danibanezRepos
fix(test): scope doesNotContain("50") to filterKeys section to avoid …
2bfd2c6 
…timestamp false positives

Agent-Logs-Url: https://github.com/tecnomod-um/MEDIATA_node/sessions/eda54196-5b84-43f3-9c4b-bc37b0147893

Co-authored-by: danibanezRepos <129841581+danibanezRepos@users.noreply.github.com>
@danibanezRepos
fix(disclosure): close correlation-matrix and chi-squared leaks for p…
a6954b8 
…er-feature suppressed data

Agent-Logs-Url: https://github.com/tecnomod-um/MEDIATA_node/sessions/d416a3db-5e1d-4f5f-9729-b27a3f005c94

Co-authored-by: danibanezRepos <129841581+danibanezRepos@users.noreply.github.com>
@danibanezRepos
test: improve coverage with FileCleaningController, AnalyticsControll…
f43974a 
…er, AnalyticsProcessingJobs, NodeSyncService, FileService, and DisclosureControlService tests

Agent-Logs-Url: https://github.com/tecnomod-um/MEDIATA_node/sessions/d0a1be68-dc11-4600-9b81-681676eb9b28

Co-authored-by: danibanezRepos <129841581+danibanezRepos@users.noreply.github.com>
@danibanezRepos
Changes before error encountered
36daa0f 
Agent-Logs-Url: https://github.com/tecnomod-um/MEDIATA_node/sessions/6ca1ac27-183c-4d5a-97e7-5bf4975c24c9

Co-authored-by: danibanezRepos <129841581+danibanezRepos@users.noreply.github.com>
Copilot AI and others added 2 commits March 30, 2026 09:29
@danibanezRepos
test: expand coverage - DTOs, DataCleaningService, FileService, Discl…
aab2cb0 
…osureControlService, DataProcessingService

Agent-Logs-Url: https://github.com/tecnomod-um/MEDIATA_node/sessions/2fc42cb3-b5aa-4472-975a-431384fea43c

Co-authored-by: danibanezRepos <129841581+danibanezRepos@users.noreply.github.com>
@danibanezRepos
Changes before error encountered
5d3b904 
Agent-Logs-Url: https://github.com/tecnomod-um/MEDIATA_node/sessions/2fc42cb3-b5aa-4472-975a-431384fea43c

Co-authored-by: danibanezRepos <129841581+danibanezRepos@users.noreply.github.com>
Copilot AI and others added 3 commits April 15, 2026 08:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@danibanezRepos danibanezRepos Awaiting requested review from danibanezRepos

Assignees

@danibanezRepos danibanezRepos

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@danibanezRepos