- Update flexible-instance-security.test.ts to match new specific error messages
- Update flexible-instance-security-advanced.test.ts for enhanced validation
- Improve security by removing sensitive data from validation error messages
- All 37 security tests now passing
Fixes CI test failures after validation enhancement
🤖 Generated with Claude Code
Co-Authored-By: Claude <noreply@anthropic.com>
- Add InstanceContext interface for runtime configuration
- Implement dual-mode API client (singleton + instance-specific)
- Add secure SHA-256 hashing for cache keys
- Implement LRU cache with TTL (100 instances, 30min expiry)
- Add comprehensive input validation for URLs and API keys
- Sanitize all logging to prevent API key exposure
- Fix session context cleanup and memory management
- Add comprehensive security and integration tests
- Maintain full backward compatibility for single-player usage
Security improvements based on code review:
- Cache keys are now cryptographically hashed
- API credentials never appear in logs
- Memory-bounded cache prevents resource exhaustion
- Input validation rejects invalid/placeholder values
- Proper cleanup of orphaned session contexts
🤖 Generated with Claude Code
Co-Authored-By: Claude <noreply@anthropic.com>
