loki-mode 7.48.0 → 7.50.0

package/dashboard/server.py

@@ -55,6 +55,11 @@ from . import app_secrets as secrets_mod
 from . import telemetry as _telemetry
 from .control import atomic_write_json, find_skill_dir, is_process_running
 from .activity_logger import get_activity_logger
+from .api_v2 import (
+    TenantContext,
+    _enforce_project_tenant,
+    resolve_tenant_context,
+)
 
 try:
     from . import __version__ as _version
@@ -267,6 +272,7 @@ class ProjectResponse(BaseModel):
     description: Optional[str]
     prd_path: Optional[str]
     status: str
+    tenant_id: int
     created_at: datetime
     updated_at: datetime
     task_count: int = 0
@@ -1255,14 +1261,25 @@ async def list_projects(
     limit: int = Query(default=50, ge=1, le=500),
     offset: int = Query(default=0, ge=0),
     db: AsyncSession = Depends(get_db),
+    tenant_ctx: TenantContext = Depends(resolve_tenant_context),
 ) -> list[ProjectResponse]:
-    """List projects with pagination. Does not eager-load tasks for efficiency."""
+    """List projects with pagination. Does not eager-load tasks for efficiency.
+
+    Tenant isolation (P3-7): a non-admin authenticated caller only sees
+    projects belonging to their declared tenant (X-Loki-Tenant-ID). A global
+    admin and single-user local mode (auth disabled) see all projects.
+    """
     try:
         from sqlalchemy import func as sa_func
 
         query = select(Project)
         if status:
             query = query.where(Project.status == status)
+        if not tenant_ctx.is_global_admin and tenant_ctx.auth_enabled:
+            # Pin to the caller's tenant. A None tenant_id yields no matches,
+            # which is the correct fail-closed behaviour for a scoped caller
+            # that did not declare a tenant.
+            query = query.where(Project.tenant_id == tenant_ctx.tenant_id)
         query = query.order_by(Project.created_at.desc()).offset(offset).limit(limit)
 
         result = await db.execute(query)
@@ -1295,6 +1312,7 @@ async def list_projects(
                     description=project.description,
                     prd_path=project.prd_path,
                     status=project.status,
+                    tenant_id=project.tenant_id,
                     created_at=project.created_at,
                     updated_at=project.updated_at,
                     task_count=total,
@@ -1311,8 +1329,14 @@ async def list_projects(
 async def create_project(
     project: ProjectCreate,
     db: AsyncSession = Depends(get_db),
+    tenant_ctx: TenantContext = Depends(resolve_tenant_context),
 ) -> ProjectResponse:
-    """Create a new project."""
+    """Create a new project.
+
+    Tenant isolation (P3-7): a non-admin caller may only create projects in
+    their own declared tenant; targeting another tenant returns 403.
+    """
+    tenant_ctx.enforce(project.tenant_id)
     # Validate tenant exists
     tenant_result = await db.execute(
         select(Tenant).where(Tenant.id == project.tenant_id)
@@ -1342,6 +1366,7 @@ async def create_project(
         description=db_project.description,
         prd_path=db_project.prd_path,
         status=db_project.status,
+        tenant_id=db_project.tenant_id,
         created_at=db_project.created_at,
         updated_at=db_project.updated_at,
         task_count=0,
@@ -1353,8 +1378,9 @@ async def create_project(
 async def get_project(
     project_id: int,
     db: AsyncSession = Depends(get_db),
+    tenant_ctx: TenantContext = Depends(resolve_tenant_context),
 ) -> ProjectResponse:
-    """Get a project by ID."""
+    """Get a project by ID, scoped to the caller's tenant boundary."""
     result = await db.execute(
         select(Project)
         .options(selectinload(Project.tasks))
@@ -1365,6 +1391,8 @@ async def get_project(
     if not project:
         raise HTTPException(status_code=404, detail="Project not found")
 
+    tenant_ctx.enforce(project.tenant_id)
+
     task_count = len(project.tasks)
     completed_count = len([t for t in project.tasks if t.status == TaskStatus.DONE])
 
@@ -1374,6 +1402,7 @@ async def get_project(
         description=project.description,
         prd_path=project.prd_path,
         status=project.status,
+        tenant_id=project.tenant_id,
         created_at=project.created_at,
         updated_at=project.updated_at,
         task_count=task_count,
@@ -1386,8 +1415,9 @@ async def update_project(
     project_id: int,
     project_update: ProjectUpdate,
     db: AsyncSession = Depends(get_db),
+    tenant_ctx: TenantContext = Depends(resolve_tenant_context),
 ) -> ProjectResponse:
-    """Update a project."""
+    """Update a project, scoped to the caller's tenant boundary."""
     result = await db.execute(
         select(Project)
         .options(selectinload(Project.tasks))
@@ -1398,6 +1428,8 @@ async def update_project(
     if not project:
         raise HTTPException(status_code=404, detail="Project not found")
 
+    tenant_ctx.enforce(project.tenant_id)
+
     update_data = project_update.model_dump(exclude_unset=True)
     for field, value in update_data.items():
         setattr(project, field, value)
@@ -1420,6 +1452,7 @@ async def update_project(
         description=project.description,
         prd_path=project.prd_path,
         status=project.status,
+        tenant_id=project.tenant_id,
         created_at=project.created_at,
         updated_at=project.updated_at,
         task_count=task_count,
@@ -1432,8 +1465,9 @@ async def delete_project(
     project_id: int,
     request: Request,
     db: AsyncSession = Depends(get_db),
+    tenant_ctx: TenantContext = Depends(resolve_tenant_context),
 ) -> None:
-    """Delete a project."""
+    """Delete a project, scoped to the caller's tenant boundary."""
     result = await db.execute(
         select(Project).where(Project.id == project_id)
     )
@@ -1442,6 +1476,8 @@ async def delete_project(
     if not project:
         raise HTTPException(status_code=404, detail="Project not found")
 
+    tenant_ctx.enforce(project.tenant_id)
+
     audit.log_event(
         action="delete",
         resource_type="project",
@@ -1702,8 +1738,11 @@ async def list_tasks(
 async def create_task(
     task: TaskCreate,
     db: AsyncSession = Depends(get_db),
+    tenant_ctx: TenantContext = Depends(resolve_tenant_context),
 ) -> TaskResponse:
-    """Create a new task."""
+    """Create a new task, scoped to the caller's tenant boundary."""
+    # Enforce the tenant boundary on the target project (also 404s if missing).
+    await _enforce_project_tenant(db, tenant_ctx, task.project_id)
     # Verify project exists
     result = await db.execute(
         select(Project).where(Project.id == task.project_id)
@@ -1777,8 +1816,9 @@ async def create_task(
 async def get_task(
     task_id: int,
     db: AsyncSession = Depends(get_db),
+    tenant_ctx: TenantContext = Depends(resolve_tenant_context),
 ) -> TaskResponse:
-    """Get a task by ID."""
+    """Get a task by ID, scoped to the caller's tenant boundary."""
     result = await db.execute(
         select(Task).where(Task.id == task_id)
     )
@@ -1787,6 +1827,8 @@ async def get_task(
     if not task:
         raise HTTPException(status_code=404, detail="Task not found")
 
+    await _enforce_project_tenant(db, tenant_ctx, task.project_id)
+
     return _task_response_from_db(task)
 
 
@@ -1795,8 +1837,9 @@ async def update_task(
     task_id: int,
     task_update: TaskUpdate,
     db: AsyncSession = Depends(get_db),
+    tenant_ctx: TenantContext = Depends(resolve_tenant_context),
 ) -> TaskResponse:
-    """Update a task."""
+    """Update a task, scoped to the caller's tenant boundary."""
     result = await db.execute(
         select(Task).where(Task.id == task_id)
     )
@@ -1805,6 +1848,8 @@ async def update_task(
     if not task:
         raise HTTPException(status_code=404, detail="Task not found")
 
+    await _enforce_project_tenant(db, tenant_ctx, task.project_id)
+
     update_data = task_update.model_dump(exclude_unset=True)
 
     # Handle status change to/from completed
@@ -1844,8 +1889,9 @@ async def delete_task(
     task_id: int,
     request: Request,
     db: AsyncSession = Depends(get_db),
+    tenant_ctx: TenantContext = Depends(resolve_tenant_context),
 ) -> None:
-    """Delete a task."""
+    """Delete a task, scoped to the caller's tenant boundary."""
     result = await db.execute(
         select(Task).where(Task.id == task_id)
     )
@@ -1854,6 +1900,8 @@ async def delete_task(
     if not task:
         raise HTTPException(status_code=404, detail="Task not found")
 
+    await _enforce_project_tenant(db, tenant_ctx, task.project_id)
+
     project_id = task.project_id
 
     audit.log_event(
@@ -1888,8 +1936,12 @@ async def move_task(
     task_id: int,
     move: TaskMove,
     db: AsyncSession = Depends(get_db),
+    tenant_ctx: TenantContext = Depends(resolve_tenant_context),
 ) -> TaskResponse:
-    """Move a task to a new status/position (for Kanban drag-and-drop)."""
+    """Move a task to a new status/position (for Kanban drag-and-drop).
+
+    Scoped to the caller's tenant boundary.
+    """
     result = await db.execute(
         select(Task).where(Task.id == task_id)
     )
@@ -1898,6 +1950,8 @@ async def move_task(
     if not task:
         raise HTTPException(status_code=404, detail="Task not found")
 
+    await _enforce_project_tenant(db, tenant_ctx, task.project_id)
+
     old_status = task.status
 
     # Validate status transition

package/docs/INSTALLATION.md

@@ -2,7 +2,7 @@
 
 The flagship product of [Autonomi](https://www.autonomi.dev/). Loki Mode is a spec-driven autonomous builder with a built-in trust layer that takes any spec to a deployed product and verifies completion with evidence (quality gates plus a completion council), not just a "done" claim. Complete installation instructions for all platforms and use cases.
 
-**Version:** v7.48.0
+**Version:** v7.50.0
 
 ---
 
@@ -396,7 +396,7 @@ provider works inside the container. Provide auth with your Anthropic API key:
 # Run Loki Mode in Docker (Claude provider, API-key auth)
 docker run --rm -e ANTHROPIC_API_KEY="$ANTHROPIC_API_KEY" \
   -v $(pwd):/workspace -w /workspace \
-  asklokesh/loki-mode:7.48.0 start ./my-spec.md
+  asklokesh/loki-mode:7.50.0 start ./my-spec.md
 ```
 
 ##### docker compose + .env (no host install)

package/docs/siem-integration.md

@@ -72,6 +72,67 @@ loki syslog test --message "Test event from Loki Mode"
 tail -f /var/log/loki-mode.log
 ```
 
+## Event Export Module (CEF + Splunk HEC)
+
+In addition to syslog forwarding, Loki Mode ships a programmatic exporter for
+audit/security events at `src/observability/siem-export.js`. It provides two
+well-specified, vendor-agnostic formats and an SSRF-safe HEC sender.
+
+### Zero egress unless configured
+
+The module follows the same gate as the OTEL bridge: nothing leaves the host
+unless an endpoint env var is set. `createHECSenderFromEnv()` returns `null`
+when `LOKI_SPLUNK_HEC_URL` is unset, so there is no code path to the network.
+Endpoint URLs are validated to be `http:`/`https:` only (the same SSRF guard
+the OTLP exporter uses), so a stray `file://` or `gopher://` endpoint is
+rejected before any request is built.
+
+### Auto-detected environment variables
+
+| Variable | Required | Description |
+|----------|----------|-------------|
+| `LOKI_SPLUNK_HEC_URL` | enables HEC | Splunk HEC collector URL. Presence enables the sender. |
+| `LOKI_SPLUNK_HEC_TOKEN` | no | HEC auth token (sent as `Authorization: Splunk <token>`). |
+| `LOKI_SPLUNK_HEC_INDEX` | no | Target Splunk index. |
+| `LOKI_SPLUNK_HEC_SOURCETYPE` | no | Sourcetype (default `loki:audit`). |
+| `LOKI_CEF_VENDOR` / `LOKI_CEF_PRODUCT` | no | Override CEF vendor/product header fields. |
+
+### CEF (Common Event Format)
+
+`toCEF(entry)` converts a Loki audit entry into a single-line CEF record.
+Header pipes/backslashes and extension `=`/newlines are escaped per the CEF
+spec, so events cannot break the record framing. Failed events
+(`success: false`) are elevated to severity 8.
+
+```
+CEF:0|Autonomi|Loki Mode|7.49.0|revoke_token|revoke_token|8|rt=2026-02-15T14:30:00.000Z suser=alice src=10.0.0.4 cs1=token cs1Label=resourceType outcome=failure msg=expired credential loki.provider=claude loki.cost=4.25
+```
+
+Nested `details` are flattened under the `loki.` namespace. Standard CEF keys
+are used where they exist (`rt`, `suser`, `src`, `outcome`, `msg`, `cs1..cs3`).
+
+### Splunk HEC JSON
+
+`toHEC(entry)` wraps an audit entry in a Splunk HEC envelope (epoch-seconds
+`time`, `sourcetype`, optional `index`, and the raw `event`). `HECSender.send()`
+POSTs it fire-and-forget; network errors are logged, never thrown, so
+observability never breaks the run.
+
+```bash
+export LOKI_SPLUNK_HEC_URL=https://splunk.example.com:8088/services/collector
+export LOKI_SPLUNK_HEC_TOKEN=your-hec-token
+export LOKI_SPLUNK_HEC_INDEX=security
+```
+
+### GitHub Enterprise SAML SSO (docs-only follow-up)
+
+Ingesting GitHub Enterprise SAML/SSO sign-in events is a documented follow-up,
+not a shipped code path. Those events live in the GitHub audit log API and
+require an org-scoped admin token plus an outbound polling client, which is out
+of scope for the local audit path. Recommended approach today: pull the GitHub
+Enterprise audit log via its native streaming to your SIEM (Splunk/Datadog/
+Azure Event Hubs) and correlate on `actor`/`user_id` with Loki Mode events.
+
 ## Splunk Integration
 
 ### Method 1: Splunk Universal Forwarder
@@ -262,6 +323,47 @@ export LOKI_SYSLOG_FORMAT=cef
 # rt=2026-02-15T14:30:00Z suser=user cs1=claude cs1Label=Provider
 ```
 
+## OTEL Vendor Templates (Datadog, Honeycomb)
+
+Loki Mode already emits OpenTelemetry traces/metrics when `LOKI_OTEL_ENDPOINT`
+is set (see `src/observability/otel.js`). Ready-to-use vendor templates live in
+`src/observability/siem-export.js` (`OTEL_TEMPLATES`) and produce the exact set
+of env vars to ship to a vendor. They are recipes, not egress: copy the output
+into your shell.
+
+### Datadog
+
+Datadog ingests OTLP/HTTP via the Datadog Agent's OTLP receiver (default
+`:4318`) or, agentless, via the OpenTelemetry Collector contrib exporter.
+
+```bash
+# Local Datadog Agent OTLP receiver (recommended)
+export LOKI_OTEL_ENDPOINT=http://localhost:4318
+export LOKI_SERVICE_NAME=loki-mode
+
+# Agentless intake (set API key + site)
+export LOKI_OTEL_ENDPOINT=http://localhost:4318
+export OTEL_EXPORTER_OTLP_HEADERS="dd-api-key=YOUR_DD_API_KEY"
+export OTEL_RESOURCE_ATTRIBUTES="deployment.environment=production,dd.site=datadoghq.com"
+```
+
+`site` examples: `datadoghq.com`, `datadoghq.eu`, `us5.datadoghq.com`.
+
+### Honeycomb
+
+Honeycomb ingests OTLP/HTTP directly. Auth is the `x-honeycomb-team` header.
+
+```bash
+export LOKI_OTEL_ENDPOINT=https://api.honeycomb.io   # or https://api.eu1.honeycomb.io
+export LOKI_SERVICE_NAME=loki-mode
+export OTEL_EXPORTER_OTLP_HEADERS="x-honeycomb-team=YOUR_API_KEY,x-honeycomb-dataset=loki"
+```
+
+Note: `OTEL_EXPORTER_OTLP_HEADERS` is honored when the real `@opentelemetry`
+SDK is installed (otel.js prefers it and falls back to the built-in JSON
+exporter). For Datadog the local-agent path holds the API key, so the header is
+optional there.
+
 ## Datadog Security Monitoring
 
 ### Log Collection