chore: import upstream snapshot with attribution
CI / Test (ubuntu-latest, Node 18.x, bun) (push) Failing after 15m1s
CI / Test (ubuntu-latest, Node 18.x, npm) (push) Failing after 15m1s
CI / Test (ubuntu-latest, Node 18.x, pnpm) (push) Failing after 15m1s
CI / Test (ubuntu-latest, Node 18.x, yarn) (push) Failing after 15m1s
CI / Test (ubuntu-latest, Node 20.x, bun) (push) Failing after 17m13s
CI / Test (ubuntu-latest, Node 20.x, npm) (push) Failing after 18m42s
CI / Test (ubuntu-latest, Node 20.x, pnpm) (push) Failing after 15m0s
CI / Test (ubuntu-latest, Node 20.x, yarn) (push) Failing after 49m44s
CI / Test (ubuntu-latest, Node 22.x, bun) (push) Failing after 51m55s
CI / Test (ubuntu-latest, Node 22.x, pnpm) (push) Failing after 21m57s
CI / Test (ubuntu-latest, Node 22.x, npm) (push) Failing after 37m39s
CI / Test (ubuntu-latest, Node 22.x, yarn) (push) Failing after 34m7s
CI / Validate Components (push) Failing after 37m15s
CI / Python Tests (push) Failing after 10m1s
CI / Security Scan (push) Failing after 10m1s
CI / Lint (push) Failing after 17m12s
CI / Coverage (push) Failing after 20m19s
CI / Test (macos-latest, Node 18.x, bun) (push) Has been cancelled
CI / Test (macos-latest, Node 18.x, npm) (push) Has been cancelled
CI / Test (macos-latest, Node 18.x, pnpm) (push) Has been cancelled
CI / Test (macos-latest, Node 18.x, yarn) (push) Has been cancelled
CI / Test (windows-latest, Node 18.x, npm) (push) Has been cancelled
CI / Test (windows-latest, Node 18.x, pnpm) (push) Has been cancelled
CI / Test (windows-latest, Node 18.x, yarn) (push) Has been cancelled
CI / Test (macos-latest, Node 20.x, bun) (push) Has been cancelled
CI / Test (macos-latest, Node 20.x, npm) (push) Has been cancelled
CI / Test (macos-latest, Node 20.x, pnpm) (push) Has been cancelled
CI / Test (macos-latest, Node 20.x, yarn) (push) Has been cancelled
CI / Test (windows-latest, Node 20.x, npm) (push) Has been cancelled
CI / Test (windows-latest, Node 20.x, pnpm) (push) Has been cancelled
CI / Test (windows-latest, Node 20.x, yarn) (push) Has been cancelled
CI / Test (macos-latest, Node 22.x, bun) (push) Has been cancelled
CI / Test (macos-latest, Node 22.x, npm) (push) Has been cancelled
CI / Test (macos-latest, Node 22.x, pnpm) (push) Has been cancelled
CI / Test (macos-latest, Node 22.x, yarn) (push) Has been cancelled
CI / Test (windows-latest, Node 22.x, npm) (push) Has been cancelled
CI / Test (windows-latest, Node 22.x, pnpm) (push) Has been cancelled
CI / Test (windows-latest, Node 22.x, yarn) (push) Has been cancelled
CI / Test (ubuntu-latest, Node 18.x, bun) (push) Failing after 15m1s
CI / Test (ubuntu-latest, Node 18.x, npm) (push) Failing after 15m1s
CI / Test (ubuntu-latest, Node 18.x, pnpm) (push) Failing after 15m1s
CI / Test (ubuntu-latest, Node 18.x, yarn) (push) Failing after 15m1s
CI / Test (ubuntu-latest, Node 20.x, bun) (push) Failing after 17m13s
CI / Test (ubuntu-latest, Node 20.x, npm) (push) Failing after 18m42s
CI / Test (ubuntu-latest, Node 20.x, pnpm) (push) Failing after 15m0s
CI / Test (ubuntu-latest, Node 20.x, yarn) (push) Failing after 49m44s
CI / Test (ubuntu-latest, Node 22.x, bun) (push) Failing after 51m55s
CI / Test (ubuntu-latest, Node 22.x, pnpm) (push) Failing after 21m57s
CI / Test (ubuntu-latest, Node 22.x, npm) (push) Failing after 37m39s
CI / Test (ubuntu-latest, Node 22.x, yarn) (push) Failing after 34m7s
CI / Validate Components (push) Failing after 37m15s
CI / Python Tests (push) Failing after 10m1s
CI / Security Scan (push) Failing after 10m1s
CI / Lint (push) Failing after 17m12s
CI / Coverage (push) Failing after 20m19s
CI / Test (macos-latest, Node 18.x, bun) (push) Has been cancelled
CI / Test (macos-latest, Node 18.x, npm) (push) Has been cancelled
CI / Test (macos-latest, Node 18.x, pnpm) (push) Has been cancelled
CI / Test (macos-latest, Node 18.x, yarn) (push) Has been cancelled
CI / Test (windows-latest, Node 18.x, npm) (push) Has been cancelled
CI / Test (windows-latest, Node 18.x, pnpm) (push) Has been cancelled
CI / Test (windows-latest, Node 18.x, yarn) (push) Has been cancelled
CI / Test (macos-latest, Node 20.x, bun) (push) Has been cancelled
CI / Test (macos-latest, Node 20.x, npm) (push) Has been cancelled
CI / Test (macos-latest, Node 20.x, pnpm) (push) Has been cancelled
CI / Test (macos-latest, Node 20.x, yarn) (push) Has been cancelled
CI / Test (windows-latest, Node 20.x, npm) (push) Has been cancelled
CI / Test (windows-latest, Node 20.x, pnpm) (push) Has been cancelled
CI / Test (windows-latest, Node 20.x, yarn) (push) Has been cancelled
CI / Test (macos-latest, Node 22.x, bun) (push) Has been cancelled
CI / Test (macos-latest, Node 22.x, npm) (push) Has been cancelled
CI / Test (macos-latest, Node 22.x, pnpm) (push) Has been cancelled
CI / Test (macos-latest, Node 22.x, yarn) (push) Has been cancelled
CI / Test (windows-latest, Node 22.x, npm) (push) Has been cancelled
CI / Test (windows-latest, Node 22.x, pnpm) (push) Has been cancelled
CI / Test (windows-latest, Node 22.x, yarn) (push) Has been cancelled
This commit is contained in:
@@ -0,0 +1,89 @@
|
||||
---
|
||||
description: Run comprehensive security review
|
||||
agent: everything-claude-code:security-reviewer
|
||||
subtask: true
|
||||
---
|
||||
|
||||
# Security Review Command
|
||||
|
||||
Conduct a comprehensive security review: $ARGUMENTS
|
||||
|
||||
## Your Task
|
||||
|
||||
Analyze the specified code for security vulnerabilities following OWASP guidelines and security best practices.
|
||||
|
||||
## Security Checklist
|
||||
|
||||
### OWASP Top 10
|
||||
|
||||
1. **Injection** (SQL, NoSQL, OS command, LDAP)
|
||||
- Check for parameterized queries
|
||||
- Verify input sanitization
|
||||
- Review dynamic query construction
|
||||
|
||||
2. **Broken Authentication**
|
||||
- Password storage (bcrypt, argon2)
|
||||
- Session management
|
||||
- Multi-factor authentication
|
||||
- Password reset flows
|
||||
|
||||
3. **Sensitive Data Exposure**
|
||||
- Encryption at rest and in transit
|
||||
- Proper key management
|
||||
- PII handling
|
||||
|
||||
4. **XML External Entities (XXE)**
|
||||
- Disable DTD processing
|
||||
- Input validation for XML
|
||||
|
||||
5. **Broken Access Control**
|
||||
- Authorization checks on every endpoint
|
||||
- Role-based access control
|
||||
- Resource ownership validation
|
||||
|
||||
6. **Security Misconfiguration**
|
||||
- Default credentials removed
|
||||
- Error handling doesn't leak info
|
||||
- Security headers configured
|
||||
|
||||
7. **Cross-Site Scripting (XSS)**
|
||||
- Output encoding
|
||||
- Content Security Policy
|
||||
- Input sanitization
|
||||
|
||||
8. **Insecure Deserialization**
|
||||
- Validate serialized data
|
||||
- Implement integrity checks
|
||||
|
||||
9. **Using Components with Known Vulnerabilities**
|
||||
- Run `npm audit`
|
||||
- Check for outdated dependencies
|
||||
|
||||
10. **Insufficient Logging & Monitoring**
|
||||
- Security events logged
|
||||
- No sensitive data in logs
|
||||
- Alerting configured
|
||||
|
||||
### Additional Checks
|
||||
|
||||
- [ ] Secrets in code (API keys, passwords)
|
||||
- [ ] Environment variable handling
|
||||
- [ ] CORS configuration
|
||||
- [ ] Rate limiting
|
||||
- [ ] CSRF protection
|
||||
- [ ] Secure cookie flags
|
||||
|
||||
## Report Format
|
||||
|
||||
### Critical Issues
|
||||
[Issues that must be fixed immediately]
|
||||
|
||||
### High Priority
|
||||
[Issues that should be fixed before release]
|
||||
|
||||
### Recommendations
|
||||
[Security improvements to consider]
|
||||
|
||||
---
|
||||
|
||||
**IMPORTANT**: Security issues are blockers. Do not proceed until critical issues are resolved.
|
||||
Reference in New Issue
Block a user