moose-inventory 2.1 → 2.1.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 439e23e1ec3d1ed0e83f686ddd062c07215f8575febd515dc65657f3bdc70c45
-  data.tar.gz: d07bd1e237be3056bf54f338eccc240b74790378d94d1c40d6bc86f2b3b226f9
+  metadata.gz: ba11da77ca5c7033211f845076713ac540041e719f2a5a8bf4c75d84c98924db
+  data.tar.gz: 1c39004653d1aba885d38e966a91f7bea1c4bc9dc4579b98bdf57e2e333fecc0
 SHA512:
-  metadata.gz: 72d9b7d85c843ad90d5b9d41aea47390c5ec6ea9bca1844bf2e7912e9bdeca39214718652e8f3ef44bda1deb83ff54ab0667e5652b81e516f332263ccf5fd83d
-  data.tar.gz: ddad54b04a60635044cf8d312283bd59fd6c42d8862c5759166ee219a275d2b38469fd358ca839ef1c519903736f932e315fa9f1ad6a8b31e8bfa4e0575f75f6
+  metadata.gz: 5f565f1f646917e1cde181f5f068ffca699452327f4b1d72621cabc2b5997c2022c369b312e842ed6346e860d382f277e7dd7c234a182796c8e80cb70118e007
+  data.tar.gz: ec127be873c29e00feda3d2cde569d583b4d025c66b70e10c5b288f2d59c7f4b21b35bae851d143b244b513269cebae0108815d163efe0483c6aedb8f86488ad

data/.gitignore

@@ -19,3 +19,7 @@ __pycache__/
 /gems/
 moose-inventory.spec
 /.openclaw-security-audit/
+
+# Local inventory databases and SQLite sidecar files
+inventory.db
+inventory.db-*

data/BACKLOG.md

@@ -99,17 +99,20 @@ _No open process conformance items._
 
 # Moose Inventory Architecture Follow-up Backlog
 
-Architecture follow-up status counts: 4 done / 1 open.
+Architecture follow-up status counts: 5 done / 0 open.
 
 ## Open
 
-1. Verify GitHub `release` environment custom `v*` policy behavior on the next real release.
-   - GitHub accepted a custom deployment policy named `v*`, but the API reports the policy object as `type: branch`.
-   - On the next intentional `v*` tag release, verify that the release job can deploy to the `release` environment after required approval.
-   - If GitHub treats the policy as branch-only and blocks tag deployments, adjust the environment policy or document the limitation and rely on the workflow trigger plus tag/version check for tag control.
+_No open architecture follow-up items._
 
 ## Done
 
+1. Verify GitHub `release` environment custom `v*` policy behavior on the next real release.
+   - Verified during the intentional `v2.1` release.
+   - Initial release workflow run `26670139178` was rejected because GitHub treated the existing `v*` deployment policy as `type: branch`, which did not allow tag deployments.
+   - After explicit Russ approval, replaced the branch-typed policy with `v*` `type: tag`, reran and approved the release deployment, and published `moose-inventory` 2.1 successfully.
+   - Documented the verified tag-policy behavior in `docs/release/release-environment-protection.md` and `docs/release/publishing.md`.
+
 1. Expand user database backup/restore guidance beyond SQLite.
    - Added `docs/maintenance/database-backup-restore-guidance.md` documenting SQLite, MySQL/MariaDB, and PostgreSQL backup/restore boundaries.
    - Clarified that Moose Inventory can inspect status, run migrations, run doctor checks, back up SQLite files, and export snapshots, but does not run server-backed dump/restore commands, manage grants/users, or implement destructive restore/sync semantics.
@@ -595,14 +598,18 @@ _No open modernization items._
 
 # Moose Inventory Code Quality Backlog
 
-Code quality status counts: 66 done / 0 open.
+Code quality status counts: 67 done / 0 open.
 
 ## Open
 
-_No open code-quality items._
-
 ## Done
 
+1. Sanitize non-syntax Psych safe-load failures during snapshot import.
+   - Added a `Psych::Exception` rescue after the syntax-specific parse handler so aliases and disallowed classes are rejected with a single sanitized `ERROR:` line instead of Ruby/Psych stack traces.
+   - Added focused CLI regression coverage for alias and disallowed-class payloads during non-mutating `import --preview`.
+   - Verified with targeted snapshot-import fuzzing and `MOOSE_INVENTORY_REQUIRE_SECURITY_TOOLS=1 ./scripts/check.sh` on 2026-05-30.
+   - Evidence: `.openclaw-security-audit/fuzz_snapshot_import_availability_run_2026-05-30T0208Z-after-fix.json`.
+
 1. Add focused specs for `OperationEventSupport` result defaults and event construction.
    - Added direct unit coverage for default empty event payloads, explicit payload preservation, event emission, default `warning_count: 0`, and explicit warning counts.
    - Added the new helper spec to the targeted RuboCop gate.

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    moose-inventory (2.1)
+    moose-inventory (2.1.1)
       indentation (~> 0)
       json (>= 2.7, < 3)
       mysql2 (>= 0.5.7, < 0.6)

data/docs/release/publishing.md

@@ -20,7 +20,7 @@ RubyGems has a trusted publisher configured for the existing `moose-inventory` g
 
 The release workflow requires the GitHub environment name `release`. Current environment protection evidence is documented in `docs/release/release-environment-protection.md`.
 
-As of 2026-05-29, the GitHub `release` environment has required reviewer protection for `RusDavies`, self-review prevention disabled, admin bypass disabled, and a custom deployment policy named `v*`. Self-review prevention is disabled because OpenClaw/automation pushes use Russ's GitHub account; with `RusDavies` as the only required reviewer, enabling self-review prevention could prevent Russ from approving the deployment. The workflow itself still runs only for pushed `v*` tags and verifies tag/version alignment before publishing. Because GitHub reports the custom deployment policy object as `type: branch`, verify tag-deployment behavior on the next real release and adjust the environment policy if needed.
+As of 2026-05-29, the GitHub `release` environment has required reviewer protection for `RusDavies`, self-review prevention disabled, admin bypass disabled, and a custom deployment policy named `v*` with `type: tag`. Self-review prevention is disabled because OpenClaw/automation pushes use Russ's GitHub account; with `RusDavies` as the only required reviewer, enabling self-review prevention could prevent Russ from approving the deployment. The workflow itself still runs only for pushed `v*` tags and verifies tag/version alignment before publishing. Tag deployment behavior was verified by the successful `v2.1` release workflow after replacing the initial branch-typed `v*` policy with a tag-typed policy.
 
 Package provenance hardening beyond RubyGems trusted publishing is evaluated in `docs/release/package-provenance-hardening.md`. Additional checksums, GitHub artifact attestations, signatures, or SBOM publication are future hardening options, not current release blockers.
 

data/docs/release/release-environment-protection.md

@@ -9,14 +9,18 @@ This document records the current GitHub `release` environment protection settin
 Initial confirmation date: 2026-05-29
 Protection configuration date: 2026-05-29
 Self-review adjustment date: 2026-05-29
+Tag policy correction/verification date: 2026-05-29
 
 Confirmation/configuration commands:
 
 ```bash
 gh api repos/RusDavies/moose-inventory/environments/release --jq '.'
 gh api -X PUT repos/RusDavies/moose-inventory/environments/release --input /tmp/moose-env-release.json
-gh api -X POST repos/RusDavies/moose-inventory/environments/release/deployment-branch-policies -f name='v*'
+gh api -X POST repos/RusDavies/moose-inventory/environments/release/deployment-branch-policies -f name='v*' -f type='tag'
+gh api -X DELETE repos/RusDavies/moose-inventory/environments/release/deployment-branch-policies/50646877
 gh api repos/RusDavies/moose-inventory/environments/release/deployment-branch-policies --jq '.'
+gh run rerun 26670139178
+gh api -X POST repos/RusDavies/moose-inventory/actions/runs/26670139178/pending_deployments --input /tmp/moose-approve-deployment.json
 ```
 
 Confirmed repository/environment:
@@ -37,7 +41,7 @@ Confirmed repository/environment:
 | Prevent self-review | Disabled (`prevent_self_review: false`) | Disabled because OpenClaw/automation pushes use Russ's GitHub account. With `RusDavies` as the only required reviewer, self-review prevention could block Russ from approving a release deployment triggered through his own account. |
 | Wait timer | `0` / none | No arbitrary delay is configured. Human review is the intended release friction. |
 | Deployment branch/tag policy mode | Custom branch policies enabled (`protected_branches: false`, `custom_branch_policies: true`) | The environment uses an explicit allow-list rather than all branches/tags. |
-| Custom deployment policy | `v*` | Intended to align environment deployment eligibility with the release workflow's `v*` tag trigger. GitHub API reports this policy object with `type: branch`; verify behavior on the next real release tag and adjust if GitHub does not apply it to tag deployments as expected. |
+| Custom deployment policy | `v*` with `type: tag` | Aligns environment deployment eligibility with the release workflow's `v*` tag trigger. An earlier `type: branch` policy rejected tag `v2.1`; after explicit human approval, it was replaced with a tag policy and verified by the successful `v2.1` release workflow. |
 | Admin bypass | Disabled (`can_admins_bypass: false`) | Admins should not be able to bypass environment protection for this environment through the normal bypass setting. |
 
 ## Current trusted-publishing path
@@ -48,7 +52,7 @@ The current release path relies on these controls:
 2. The GitHub `release` environment requires review by `RusDavies` before the release job can proceed.
 3. Self-review prevention is disabled so `RusDavies` can approve deployments triggered by automation authenticated as Russ's GitHub account.
 4. Admin bypass is disabled for the `release` environment.
-5. The environment has a custom deployment policy named `v*`.
+5. The environment has a custom tag deployment policy named `v*`.
 6. The release workflow verifies that the tag version matches `Moose::Inventory::VERSION`.
 7. The release workflow installs security tools and runs:
 
@@ -59,11 +63,15 @@ The current release path relies on these controls:
 8. RubyGems trusted publishing/OIDC is scoped to repository `RusDavies/moose-inventory`, workflow `release.yml`, and environment `release`.
 9. The package sanity gate verifies the gem payload and executable metadata before publishing.
 
-## Residual verification note
+## Tag-policy verification note
 
-GitHub accepted the custom deployment policy name `v*`, but the deployment-branch-policy API response reports the policy object as `type: branch`. The next real release should verify that a pushed `v*` tag can still deploy to the `release` environment after human approval.
+The first `v2.1` workflow attempt proved that a custom deployment policy named `v*` with API `type: branch` does not permit tag deployments. GitHub rejected the run before any workflow steps executed with:
 
-If GitHub treats the custom policy as branch-only and blocks tag deployments, maintainers should either adjust the environment policy to the supported tag pattern mechanism or document the limitation and rely on the workflow's `v*` tag trigger plus tag/version check as the tag-control layer.
+```text
+Tag "v2.1" is not allowed to deploy to release due to environment protection rules.
+```
+
+After explicit human approval, the branch policy was replaced with a custom deployment policy named `v*` and `type: tag`. The rerun of workflow `26670139178` for tag `v2.1` then entered the required-review gate, was approved by `RusDavies`, completed the full release workflow successfully, and published `moose-inventory` version `2.1` to RubyGems.
 
 ## Change-control note
 

data/docs/security-audit-2026-05-29-snapshot-import-fuzz.md

@@ -0,0 +1,58 @@
+# Snapshot Import Availability Fuzz Audit - 2026-05-29
+
+Repository: `RusDavies/moose-inventory`
+Local path: `/home/skippy/.openclaw/workspace/projects/moose-inventory`
+Commit audited: `48da0472f8fadb7685777987545d51b4b62eb806`
+Version audited: `2.1`
+Audit context: follow-up to `code-security-audit` run `3`
+
+## Scope
+
+This pass targeted snapshot import availability and malformed-input behavior for the local CLI import path:
+
+```bash
+ruby -Ilib bin/moose-inventory --config spec/config/config.yml import SNAPSHOT.yml --preview
+```
+
+The pass used preview mode to keep the fuzz cases non-mutating while still exercising YAML loading, snapshot normalization, validation, and preview generation.
+
+## Cases exercised
+
+| Case | Result | Notes |
+| --- | --- | --- |
+| Baseline valid snapshot | Pass | Preview completed in 0.127s. |
+| Malformed YAML | Graceful rejection | Reported a sanitized `ERROR: Could not parse inventory snapshot ...`. |
+| YAML alias | Ungraceful rejection | Rejected safely, but emitted a Ruby/Psych stack trace. |
+| Disallowed symbol key / duplicate-normalized-key probe | Ungraceful rejection | Rejected safely, but emitted a Ruby/Psych stack trace before project-level validation. |
+| Group cycle | Graceful rejection | Reported `Invalid inventory snapshot: group hierarchy contains a cycle ...`. |
+| Unknown child group reference | Graceful rejection | Reported `Invalid inventory snapshot: group ... references unknown child group ...`. |
+| 5,000 variable entries | Pass | Preview completed in 0.157s. |
+| 250-deep group chain | Pass | Preview completed in 0.142s. |
+| 1,000-deep group chain | Pass | Preview completed in 0.187s. |
+| 3,000-deep group chain | Pass | Preview completed in 0.306s. |
+
+Raw local artifact: `.openclaw-security-audit/fuzz_snapshot_import_availability_run.json`.
+
+## Finding
+
+### P3 / Low: snapshot import does not sanitize all Psych safe-load exceptions
+
+`Application#import` currently rescues `Psych::SyntaxError` around `YAML.safe_load_file`, but safe-load can also raise other Psych exceptions such as `Psych::AliasesNotEnabled` and `Psych::DisallowedClass` before Moose Inventory's snapshot validator runs.
+
+Observed examples:
+
+- YAML alias payload is rejected because aliases are disabled, but the CLI prints a Ruby/Psych stack trace.
+- Symbol-tag payload is rejected because permitted classes are restricted, but the CLI prints a Ruby/Psych stack trace.
+
+Security interpretation:
+
+- The unsafe payloads were rejected, so this is not unsafe deserialization or code execution.
+- The issue is availability/UX hardening and minor information disclosure through local stack traces and filesystem/gem paths.
+- Reachability is local CLI import of an attacker-supplied or untrusted snapshot file.
+- Priority is P3/low because the blast radius is local command failure/noisy logs rather than inventory corruption or privilege escalation.
+
+## Recommended remediation
+
+Add a focused backlog item to handle non-syntax `Psych::Exception` failures in the import path with the same sanitized `ERROR: Could not parse inventory snapshot ...` style, and add regression cases for aliases/disallowed classes.
+
+A later hardening pass may also consider explicit snapshot size/entity/depth limits, but this fuzz pass did not find practical timeout behavior at the bounded sizes tested.

data/lib/moose_inventory/cli/application.rb

@@ -72,6 +72,8 @@ module Moose
           puts "Associations added: #{result.associations}"
         rescue Psych::SyntaxError => e
           abort("ERROR: Could not parse inventory snapshot '#{file}': #{e.message}")
+        rescue Psych::Exception => e
+          abort("ERROR: Could not load inventory snapshot '#{file}': #{e.message}")
         rescue db.exceptions[:moose] => e
           abort("ERROR: #{e.message}")
         end

data/lib/moose_inventory/operations/inventory_snapshot_validator.rb

@@ -3,6 +3,64 @@
 module Moose
   module Inventory
     module Operations
+      # Validates group hierarchy cycle safety without recursive traversal.
+      class GroupCycleValidator
+        def initialize(context:)
+          @context = context
+        end
+
+        def call(groups)
+          visiting = {}
+          visited = {}
+
+          groups.each_key do |root|
+            validate_from_root!(root, groups, visiting, visited)
+          end
+        end
+
+        private
+
+        attr_reader :context
+
+        def validate_from_root!(root, groups, visiting, visited)
+          stack = [[root, false]]
+          until stack.empty?
+            name, expanded = stack.pop
+            next if visited[name]
+
+            if expanded
+              visiting.delete(name)
+              visited[name] = true
+            else
+              queue_group_children!(name, groups, visiting, stack)
+            end
+          end
+        end
+
+        def queue_group_children!(name, groups, visiting, stack)
+          raise_invalid("group hierarchy contains a cycle at '#{name}'") if visiting[name]
+
+          visiting[name] = true
+          stack << [name, true]
+          array_value(groups[name], 'children', label: "group '#{name}' children").reverse_each do |child_name|
+            raise_invalid("group hierarchy contains a cycle at '#{child_name}'") if visiting[child_name]
+
+            stack << [child_name, false]
+          end
+        end
+
+        def array_value(payload, key, label:)
+          value = payload.fetch(key, [])
+          raise_invalid("#{label} must be a list") unless value.is_a?(Array)
+
+          value.map(&:to_s)
+        end
+
+        def raise_invalid(message)
+          raise context.moose_exception_class, "Invalid inventory snapshot: #{message}."
+        end
+      end
+
       # Normalizes and validates portable inventory snapshot input before import.
       class InventorySnapshotValidator
         def initialize(context:)
@@ -73,25 +131,7 @@ module Moose
         end
 
         def validate_group_cycles!(groups)
-          visiting = {}
-          visited = {}
-
-          groups.each_key do |name|
-            visit_group!(name, groups, visiting, visited)
-          end
-        end
-
-        def visit_group!(name, groups, visiting, visited)
-          return if visited[name]
-
-          raise_invalid("group hierarchy contains a cycle at '#{name}'") if visiting[name]
-
-          visiting[name] = true
-          array_value(groups[name], 'children', label: "group '#{name}' children").each do |child_name|
-            visit_group!(child_name, groups, visiting, visited)
-          end
-          visiting.delete(name)
-          visited[name] = true
+          GroupCycleValidator.new(context: context).call(groups)
         end
 
         def array_value(payload, key, label:)

data/lib/moose_inventory/version.rb

@@ -4,6 +4,6 @@ module Moose
   ##
   # The Moose-Tools dynamic inventory management library
   module Inventory
-    VERSION = '2.1'
+    VERSION = '2.1.1'
   end
 end

data/scripts/ci/check_security.sh

@@ -65,4 +65,7 @@ else
   exit 0
 fi
 
-"${OSV_SCANNER[@]}" scan source --lockfile Gemfile.lock .
+# osv-scanner 2.x treats --lockfile as an explicit scan target; adding the
+# repository path as a positional source makes it try to infer an extractor for
+# Gemfile.lock through the directory scanner and fail with exit 127.
+"${OSV_SCANNER[@]}" scan source --lockfile Gemfile.lock

data/spec/lib/moose_inventory/cli/application_import_export_spec.rb

@@ -96,5 +96,37 @@ RSpec.describe Moose::Inventory::Cli::Application do
       expect(@db.models[:host].count).to eq(0)
     end
   end
+
+  it 'sanitizes alias rejection errors while previewing snapshot import' do
+    Dir.mktmpdir do |dir|
+      path = File.join(dir, 'inventory.yml')
+      File.write(path, "---\nversion: 1\ngroups: &groups {}\nhosts: *groups\n")
+
+      actual = runner { @app.start(['import', path, '--preview']) }
+
+      expect(actual[:aborted]).to eq(true)
+      expect(actual[:STDERR]).to include("ERROR: Could not load inventory snapshot '#{path}':")
+      expect(actual[:STDERR]).to include('Alias parsing was not enabled')
+      expect(actual[:STDERR]).not_to include('/psych/')
+      expect(actual[:STDERR]).not_to include('from ')
+      expect(@db.models[:host].count).to eq(0)
+    end
+  end
+
+  it 'sanitizes disallowed class errors while previewing snapshot import' do
+    Dir.mktmpdir do |dir|
+      path = File.join(dir, 'inventory.yml')
+      File.write(path, "---\nversion: 1\ngroups:\n  g: {}\n  :g: {}\nhosts: {}\n")
+
+      actual = runner { @app.start(['import', path, '--preview']) }
+
+      expect(actual[:aborted]).to eq(true)
+      expect(actual[:STDERR]).to include("ERROR: Could not load inventory snapshot '#{path}':")
+      expect(actual[:STDERR]).to include('Tried to load unspecified class: Symbol')
+      expect(actual[:STDERR]).not_to include('/psych/')
+      expect(actual[:STDERR]).not_to include('from ')
+      expect(@db.models[:host].count).to eq(0)
+    end
+  end
 end
 # rubocop:enable Metrics/BlockLength

data/spec/lib/moose_inventory/operations/import_inventory_snapshot_spec.rb

@@ -222,5 +222,18 @@ RSpec.describe Moose::Inventory::Operations::ImportInventorySnapshot, '#preview'
     expect(@db.models[:group].where(name: 'blue').count).to eq(0)
     expect(group.groupvars_dataset[name: 'role'][:value]).to eq('old')
   end
+
+  it 'previews deep acyclic group chains without recursive validator stack exhaustion' do
+    groups = (1..5_000).to_h do |index|
+      child = index < 5_000 ? ["group#{index + 1}"] : []
+      ["group#{index}", { children: child, vars: {} }]
+    end
+
+    preview = operation.preview(snapshot: { version: 1, hosts: {}, groups: groups })
+
+    expect(preview['changes_applied']).to eq(false)
+    expect(preview.dig('summary', 'groups_created')).to eq(5_000)
+    expect(@db.models[:group].count).to eq(0)
+  end
 end
 # rubocop:enable Metrics/BlockLength

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: moose-inventory
 version: !ruby/object:Gem::Version
-  version: '2.1'
+  version: 2.1.1
 platform: ruby
 authors:
 - Russell Davies
@@ -307,6 +307,7 @@ files:
 - docs/security-audit-2026-05-21.md
 - docs/security-audit-2026-05-26-rerun.md
 - docs/security-audit-2026-05-26.md
+- docs/security-audit-2026-05-29-snapshot-import-fuzz.md
 - docs/security/accepted-risk-register.md
 - docs/security/security-privacy-process.md
 - docs/ux/cli-workflow-notes.md