akanealw/Charon
1
0
Fork 0
Code Issues Pull Requests Actions 14 Packages Projects Releases Wiki Activity
2,471 Commits 11 Branches 107 Tags
ac9fd6c073b9b275ca9d53aad4bd29575e4dfd3f
Commit Graph

8 Commits

Author SHA1 Message Date
GitHub Actions
f64e3feef8 chore: clean .gitignore cache 2026-01-26 19:22:05 +00:00
GitHub Actions
e5f0fec5db chore: clean .gitignore cache 2026-01-26 19:21:33 +00:00
GitHub Actions
5ea207ab47 chore: clean git cache 2026-01-02 01:01:54 +00:00
GitHub Actions
aae55a8ae9 chore: clean git cache 2026-01-02 00:59:57 +00:00
GitHub Actions
af8384046c chore: implement instruction compliance remediation 
- Replace Go interface{} with any (Go 1.18+ standard)
- Add database indexes to frequently queried model fields
- Add JSDoc documentation to frontend API client methods
- Remove deprecated docker-compose version keys
- Add concurrency groups to all 25 GitHub Actions workflows
- Add YAML front matter and fix H1→H2 headings in docs

Coverage: Backend 85.5%, Frontend 87.73%
Security: No vulnerabilities detected

Refs: docs/plans/instruction_compliance_spec.md
 2025-12-21 04:08:42 +00:00
GitHub Actions
3149e624f8 fix: consolidate preset UI and fix field name mismatch 
- Remove redundant "Quick Start Presets" section
- Rename "System Presets" to "Quick Presets"
- Add Apply button to each preset card (View, Apply, Clone)
- Sort presets by security_score ascending (Basic → Strict → Paranoid)
- Fix field names: score → security_score, type → preset_type

The score now displays correctly and presets apply as expected.

Tests: 1101 passed, 87.46% coverage
 2025-12-19 18:55:48 +00:00
GitHub Actions
8b49da4d25 fix: resolve SecurityHeaders page rendering issue 
Update frontend API layer to correctly unwrap backend response objects.
Backend returns wrapped responses (e.g., {profiles: [...]}) while frontend
was expecting unwrapped arrays. Fixed 6 API methods in securityHeaders.ts
to properly extract data from response wrappers.

Changes:
- listProfiles(): unwrap .profiles
- getProfile(): unwrap .profile
- createProfile(): unwrap .profile
- updateProfile(): unwrap .profile
- getPresets(): unwrap .presets
- applyPreset(): unwrap .profile
 2025-12-19 18:55:48 +00:00
GitHub Actions
8cf762164f feat: implement HTTP Security Headers management (Issue #20) 
Add comprehensive security header management system with reusable
profiles, interactive builders, and security scoring.

Features:
- SecurityHeaderProfile model with 11+ header types
- CRUD API with 10 endpoints (/api/v1/security/headers/*)
- Caddy integration for automatic header injection
- 3 built-in presets (Basic, Strict, Paranoid)
- Security score calculator (0-100) with suggestions
- Interactive CSP builder with validation
- Permissions-Policy builder
- Real-time security score preview
- Per-host profile assignment

Headers Supported:
- HSTS with preload support
- Content-Security-Policy with report-only mode
- X-Frame-Options, X-Content-Type-Options
- Referrer-Policy, Permissions-Policy
- Cross-Origin-Opener/Resource/Embedder-Policy
- X-XSS-Protection, Cache-Control security

Implementation:
- Backend: models, handlers, services (85% coverage)
- Frontend: React components, hooks (87.46% coverage)
- Tests: 1,163 total tests passing
- Docs: Comprehensive feature documentation

Closes #20
 2025-12-19 18:55:48 +00:00