047583eb9c
- .gitignore (Python, Node, RT/maldev hygiene, secrets) - README.md (project framing, stack, conventions, status) - CHANGELOG.md (team kickoff decisions Q1/Q2/Q3, T2/T3/T4, auth strategy) - tasks/spec-decisions.md (D-001..D-007 arbitrations on top of frozen spec) - tasks/todo.md (sprint 0 backlog: B0.* / F0.* / S0.* / R0.*) - tasks/lessons.md (empty, populated as work progresses) - backend/ frontend/ docs/ scaffolding Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
1.4 KiB
1.4 KiB
Changelog
All notable changes to Mimic. Format inspired by Keep a Changelog.
Versioning starts at 0.1.0 when sprint 0 lands.
[Unreleased]
Team decisions (2026-05-21)
- Q1 — SOC client collaboration in the live cockpit is assumed valid (no PoC sheet).
- Q2 — Mimic is deployed on RT infrastructure (not at client). SOC client connects over the internet through the existing RT reverse proxy (out of Mimic scope).
- Q3 — Project framed as "improve the existing shared sheet workflow", not "rebuild Caldera".
- T2 — C2 credentials stored in a dedicated
c2_credentialtable with version + retirement (Fernet-encryptedconfig_json). Active row per engagement =retired_at IS NULL, max version. - T3 — Jinja templating exposes two accessors:
{{outputs.text}}(stdout) and{{outputs.blob("key")}}(binary, 10 MB cap, UTF-8 with latin-1 fallback). - T4 —
soc_session.token_opaquestores a bcrypt hash; the clear token is delivered out-of-band and never re-displayable. - Auth — v1: local user/password (bcrypt + Flask session). v2: Keycloak OIDC mapping onto the same group model. RBAC is group-based from day one.
Sprint 0 in progress
Repo skeleton, data model, C2Connector ABC, Jinja2 sandbox, local auth + RBAC, flat CRUD,
UX wireframes (mock data). No real connector, no reporting until PR1/PR2/PR3 land.