63 lines
2.5 KiB
Markdown
63 lines
2.5 KiB
Markdown
# Security Policy
|
|
|
|
## Supported Versions
|
|
|
|
| Version | Supported |
|
|
|---------|-----------|
|
|
| 2.3.x | Yes |
|
|
| < 2.3 | No |
|
|
|
|
## Reporting a Vulnerability
|
|
|
|
If you discover a security vulnerability, please report it responsibly:
|
|
|
|
1. **Do NOT open a public GitHub issue**
|
|
2. Use [GitHub private vulnerability reporting](https://github.com/tirth8205/code-review-graph/security/advisories/new)
|
|
— the "Report a vulnerability" button under the repository's **Security** tab. This is the
|
|
canonical reporting channel.
|
|
3. Include:
|
|
- Description of the vulnerability
|
|
- Steps to reproduce
|
|
- Potential impact
|
|
- Suggested fix (if any)
|
|
|
|
We will acknowledge receipt within 48 hours and aim to release a fix within 7 days for critical issues.
|
|
|
|
## Security Model
|
|
|
|
### Threat Surface
|
|
|
|
code-review-graph is a **local development tool**. It:
|
|
- Runs as a local MCP server via stdio or localhost-bound streamable HTTP
|
|
- Stores data in a local SQLite database (`.code-review-graph/graph.db`)
|
|
- Makes no network calls during normal graph and review workflows
|
|
- Only reads source files within the validated repository root
|
|
|
|
### Mitigations
|
|
|
|
| Vector | Mitigation |
|
|
|--------|------------|
|
|
| SQL Injection | All queries use parameterized `?` placeholders |
|
|
| Path Traversal | `_validate_repo_root()` requires `.git`, `.svn`, or `.code-review-graph` directory |
|
|
| Prompt Injection | `_sanitize_name()` strips control characters, caps at 256 chars |
|
|
| XSS (visualization) | `escH()` escapes HTML entities; `</script>` escaped in JSON |
|
|
| Subprocess Injection | No `shell=True`; all git commands use list arguments |
|
|
| Supply Chain | Dependencies pinned with upper bounds; `uv.lock` has SHA256 hashes |
|
|
| CDN Tampering | D3.js loaded with Subresource Integrity (SRI) hash |
|
|
| API Key Leakage | Cloud embedding credentials are loaded from environment/configuration only, never hardcoded |
|
|
|
|
### Optional Network Calls
|
|
|
|
- **Cloud embeddings**: Only when explicitly configured with OpenAI-compatible, Google Gemini, or MiniMax providers. Cloud providers emit an egress warning unless `CRG_ACCEPT_CLOUD_EMBEDDINGS=1` is set.
|
|
- **Local embeddings model download**: One-time download from HuggingFace on first use of `sentence-transformers`
|
|
- **D3.js CDN**: Visualization HTML loads D3.js v7 from `d3js.org` (with SRI verification)
|
|
|
|
## Security Scanning
|
|
|
|
The CI pipeline runs:
|
|
- **Bandit** security scanner on every PR
|
|
- **Ruff** linter for code quality
|
|
- **mypy** type checker
|
|
|
|
Bandit exemptions are documented in `pyproject.toml` with justifications for each skip.
|