rene/transceiver-db
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
transceiver-db/sync/history/2026-05-07-magatama-attack-path-fix-guidance-live-deploy.md
Rene Fichtmueller 01d0365fbf sync: record live attack-path guidance fix
2026-05-07 06:40:04 +02:00

77 lines
2.1 KiB
Markdown
Raw Blame History

# MAGATAMA Attack-Path Fix Guidance Live Deploy
Date: 2026-05-07 UTC
## Scope
- MAGATAMA attack-path side panel
- local Mac training API reachability/truth check
## Findings
### 1. `Open Fix Guidance` was a placebo button
The Attack Paths detail sidebar rendered a real CTA labeled `Open Fix Guidance`, but the click handler only executed:
- `toast('Fix guidance opened','info')`
No real drawer, ticket, or finding guidance path opened from that action.
### 2. Local training API was not dead; it was just idle
The local training API service for MAGATAMA lane automation is managed by:
- `org.fichtmueller.magatama-train-api`
Live checks showed:
- LaunchAgent state: running
- port listener on `*:3214`
- health response on localhost when checked outside sandbox restrictions:
- `status = ok`
- `service = magatama-train-api`
- `running = false`
- `pid = null`
Interpretation:
- the API process is healthy and reachable
- it is currently idle between runs
- the remaining proof point for automation is a fresh lane training run that writes back lane-specific run metadata and completes local adoption/version switching
## Fix Applied
File:
- `magatama/packages/dashboard/public/index-v2.html`
Changes:
- added `openFixGuidanceForNode(nodeId)`
- `showNodeDetail(n)` now wires the CTA to the new helper instead of a toast
- if the graph node maps to a real finding:
- MAGATAMA opens the existing finding/ticket detail via `openTicket(id)`
- if the node is synthetic and has no backing finding:
- MAGATAMA now shows a clear warning toast instead of pretending guidance opened
## Live Deployment
Updated file copied to Erik:
- `/opt/magatama/packages/dashboard/public/index-v2.html`
Dashboard restarted:
- `pm2 restart magatama-dashboard`
Remote file verification confirmed presence of:
- `openFixGuidanceForNode`
- `Open Fix Guidance`
## Operational Result
- Attack Paths no longer expose a fake remediation CTA
- the CTA now routes into the actual MAGATAMA guidance/detail path when the node represents a real finding
- local training API health is confirmed, but lane-specific successful return/adoption still needs validation with a fresh real training run
Reference in New Issue View Git Blame Copy Permalink