sync: auto-sync from HOWARD-HOME at 2026-06-22 19:15:51

Author: Howard Enos Machine: HOWARD-HOME Timestamp: 2026-06-22 19:15:51
2026-06-22 19:16:22 -07:00
parent 86c789a7f9
commit 48b6c94b4a
3 changed files with 76 additions and 17 deletions
--- a/session-logs/2026-06/2026-06-22-howard-gururmm-software-uninstall.md
+++ b/session-logs/2026-06/2026-06-22-howard-gururmm-software-uninstall.md
@@ -173,3 +173,53 @@ Parent claudetools (pushed to main): `.claude/scripts/sync.sh` (submodule_update
 - Audit report: `projects/msp-tools/guru-rmm/reports/2026-06-22-spec030-software-uninstall-audit.md`.
 - BCUninstaller (Apache-2.0): https://github.com/BCUninstaller/Bulk-Crap-Uninstaller
 - Engine embed path: server `include_str!("../../../agent/scripts/uninstall-engine.ps1")`.
+
+## Update: 19:15 PT — standards audit, fixes, and re-check
+
+Ran a scoped `/rmm-audit` (3 parallel Opus passes: Rust/API/migrations, TypeScript,
+engine/platform/security) against the actual GuruRMM standards. Core was compliant
+(runtime sqlx, idempotent migrations, no unwrap/panic, injection-safe base64 dispatch,
+audit logging, confirm-gated UI, ASCII engine markers). Fixed all HIGH + MEDIUM:
+platform-parity (server gates on `os_type` → 501 non-Windows; dashboard shows live
+uninstall only on Windows, read-only inventory list elsewhere — per Howard's
+Windows-only-for-now call); admin-gated the fleet knowledge endpoints; stopped
+agent-stderr error leakage; paginated the catalog; hardened the self-uninstall guard;
+surfaced the dashboard knowledge-query error. Then fixed all LOW: `warn!` on audit-write
+failure (via an `audit()` helper), randomized temp filenames, complete TS interfaces,
+stable list keys + empty-states, ASCII-only strings.
+
+Per Howard's request, ran a fresh Opus re-check of the post-fix branch. It caught a
+**CRITICAL regression introduced by my own round-1 fix**: the hardened self-uninstall
+guard read `$Target.install_location`, a field the server's `UninstallTarget` never
+sends → under `Set-StrictMode` that throws → engine exit 3 → every bulk uninstall
+failed, while `-List`/inventory kept working and masked it. Round-1 live tests passed
+only because they used `-List`-shaped targets (which include `install_location`). Fixed
+with a StrictMode-safe `Get-Prop` accessor routed through all `$Target.*` reads;
+verified live with a **server-shaped target** (no `install_location`): 7-Zip removed,
+exit 0; GuruRMM self still refused. Re-check also found + fixed a MEDIUM (knowledge
+classified on attempted tier not outcome → a failed silent attempt mislabeled `silent`
+and its log discarded; now classifies on outcome) and a LOW (`observe()` could null an
+existing unknown's log → `COALESCE`). Logged the testing-shape lesson to errorlog
+(friction): always re-test the destructive path with the actual serialized caller shape.
+
+### Update — Configuration Changes (additional, all on `feat/engine-bcu-improvements`)
+- `server/src/api/software.rs` — os_type gate, admin-gating, error-leak fixes,
+  pagination, `audit()` helper, random temp filenames, knowledge-class-by-outcome
+- `server/src/db/software_knowledge.rs` — `list()` limit param, `observe()` log COALESCE
+- `agent/scripts/uninstall-engine.ps1` — `Get-Prop` StrictMode-safe accessor + guard fix
+- `dashboard/src/components/InventoryTab.tsx` — Windows-only gating (read-only list on
+  other OSs), `isWindows` prop
+- `dashboard/src/components/SoftwareManager.tsx`, `dashboard/src/api/client.ts` — KB error
+  surfacing, ASCII, empty-states, interface completeness
+- `dashboard/src/pages/AgentDetail.tsx` — pass `isWindows` to InventoryTab
+- `reports/2026-06-22-spec030-software-uninstall-audit.md` — audit report + round-2 re-check
+
+### Update — Pending / Incomplete Tasks (current)
+- Still NOT merged (prod untouched). Branch `feat/engine-bcu-improvements` head `0e8323b`.
+- Merge + deploy when ready; post-deploy verify the catalog populates + promote an unknown.
+- Follow-ons unchanged: GuruConnect SPEC-019, rip-and-replace Tier 1.4, Tier 1.5, Linux/macOS.
+
+### Update — Reference (current)
+- Branch head: `0e8323b` (guru-rmm `feat/engine-bcu-improvements`).
+- Key commits this update: `584c3bc` (HIGH/MED), `c3e6259` (LOW), `6c8cbb1` (re-audit
+  CRITICAL/MED/LOW), `0e8323b` (report round-2). Earlier parent sync log `86c789a`.