Nixius
/
hastebin
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
350 Commits 1 Branch 0 Tags 977 KiB
Commit Graph

32 Commits

Author SHA1 Message Date
Colin edc1680f1c
Add unused code/dependency scanning with knip and depcheck
ci/woodpecker/push/woodpecker Pipeline failed Details 
Adds automated scanning for unused files, exports, and dependencies:
- New CI step (scan-unused) in Woodpecker pipeline
- Pre-push git hook blocks pushes if unused code detected
- npm scripts: scan:unused, scan:deps
- Config files for knip and depcheck to handle dynamic imports
 2026-01-23 09:04:57 -05:00
Colin c461cf2639
Fix HIGH severity vulnerabilities: update glob, mime, and tar dependencies
ci/woodpecker/push/woodpecker Pipeline failed Details 
- Add npm overrides to force secure versions:
  - glob: ^11.1.0 (fixes CVE-2025-64756)
  - mime: ^2.0.3 (fixes CVE-2017-16138)
  - tar: ^7.5.4 (fixes CVE-2026-23745, CVE-2026-23950)
- All tests passing
- Trivy scan shows 0 HIGH/CRITICAL vulnerabilities
- Server functionality verified
 2026-01-21 11:04:38 -05:00
Colin 618a2c1ff7
Security improvements and local testing scripts
ci/woodpecker/push/woodpecker Pipeline failed Details 
- Fix Dockerfile to run as non-root user (node) for security
- Fix phonetic key generator to always start with consonant (test fix)
- Add local security scanning scripts (SBOM, Trivy)
- Update test script to exclude security tests from mocha
- Add npm scripts for security scans
- Update .gitignore for generated files
- Update Woodpecker CI to use modern Trivy syntax and push images
 2026-01-21 10:21:55 -05:00
Leopere 52e5690ee5 Improve documentation and test structure 2025-03-03 10:36:18 -05:00
Leopere c5c44986d8 Add build script to package.json for Docker build 2025-03-01 18:37:27 -05:00
Leopere c0502bc1a4 Add security header testing scripts (both Node.js and Bash versions) 2025-03-01 18:24:46 -05:00
Leopere 6e7b63a408 Fix button alignment and visibility issues, implement CSP improvements with nonce support 2025-03-01 17:49:24 -05:00
colin 52cc4b7879 Update package.json 2024-01-20 22:55:49 +00:00
John Crepezzi 318c5f7ba6 Upgrade uglify and simplify usage 
- Upgrade to the most recent version of uglify
- Use the `UglifyJS.minify(code)` helper which does exactly what we want
 2017-10-31 21:19:22 -04:00
John Crepezzi e4e025f67e Convert random generator to es6 and add some specs for it directly 2017-10-31 20:40:43 -04:00
John Crepezzi e76c845f16 Upgrade testing libraries 
- Upgrade mocha
- Remove should due to limited usage and old style (at least by rspec standards)
- Move spec -> test which is the default
- Update tests accordingly for the above
 2017-10-31 20:03:30 -04:00
John Crepezzi c5b859ec98 Bump node engine version & fix asset compression on start 2017-07-11 21:13:33 -04:00
John Crepezzi 6835eef468 Merge pull request #109 from seejohnrun/rate_limiting 
Added user-configurable rate limiting
 2016-03-10 11:44:57 -10:00
John Crepezzi 84c909a5db Added user-configurable rate limiting 2016-03-06 16:20:40 -05:00
PangeaCake e93f98112b Add `pg` as dependency and update node version 
One of the dependencies seemed to be broken with the previous node version, but this node version worked perfectly
 2015-01-07 14:27:46 -08:00
John Crepezzi 0471b059a0 Support a form-data POST API 
Closes #54
 2014-04-21 14:16:23 -04:00
John Crepezzi e536ba1019 Move to an available npm version 2012-09-27 11:56:49 -04:00
John Crepezzi 85fc36d710 Update npm version 2012-09-27 11:56:15 -04:00
John Crepezzi 5d5ae164f3 Set up node engine version 2012-09-27 11:54:40 -04:00
John Crepezzi 79309c75df Bump version to 0.1.0 2012-09-27 11:51:15 -04:00
John Crepezzi 8f0d6260b0 change how redistogo install works 2012-09-27 11:50:12 -04:00
John Crepezzi 4efc5d47d9 Allow redistogo 2012-09-27 11:46:53 -04:00
John Crepezzi ff8ef54e34 Procfile 2012-09-27 11:38:14 -04:00
John Crepezzi 814a49812a Update server config path 2012-09-19 14:28:52 -04:00
John Crepezzi 16080bdc16 Update description - preparing for npm push 2012-04-21 23:49:39 -04:00
John Crepezzi 45cbdcce70 Force down connect version 2012-03-02 14:07:59 -05:00
John Crepezzi 6e4c087319 Remove hashlib dependency and switch to mocha for testing 2012-01-13 11:17:15 -05:00
John Crepezzi 0875ba6252 Auto-compress javascript assets 2011-11-27 15:49:17 -05:00
John Crepezzi 167c7c4adb Use the new router 2011-11-23 13:14:18 -05:00
John Crepezzi a2d17b28df Remove redundant package dependency 2011-11-18 19:56:09 -05:00
John Crepezzi a1d5f79708 Added Redis store support 2011-11-18 19:55:14 -05:00
John Crepezzi 6bac45efe2 More work on the server 2011-11-18 15:44:28 -05:00