akanealw/Charon
1
0
Fork 0
Code Issues Pull Requests Actions 14 Packages Projects Releases Wiki Activity
2,478 Commits 11 Branches 107 Tags
ef5efd2e33c89b40aa95fa0b4783fd2ac4e839d9
Commit Graph

5 Commits

Author SHA1 Message Date
GitHub Actions
11e575d6cc fix: stabilize e2e test suite and auth configuration 
- Standardized E2E base URL to 127.0.0.1 to resolve cookie domain 401 errors
- Updated playwright config to strictly exclude security tests from main shards
- Refactored waitForModal helper to prevent strict mode violations on complex modals
- Fixed leak of crowdsec diagnostics tests into standard chromium project
 2026-02-06 07:43:26 +00:00
GitHub Actions
9187d19a60 fix(ci): replace playwright-coverage imports with local test fixture 2026-02-04 22:27:46 +00:00
GitHub Actions
f64e3feef8 chore: clean .gitignore cache 2026-01-26 19:22:05 +00:00
GitHub Actions
e5f0fec5db chore: clean .gitignore cache 2026-01-26 19:21:33 +00:00
GitHub Actions
892b89fc9d feat: break-glass security reset 
Implement dual-registry container publishing to both GHCR and Docker Hub
for maximum distribution reach. Add emergency security reset endpoint
("break-glass" mechanism) to recover from ACL lockout situations.

Key changes:

Docker Hub + GHCR dual publishing with Cosign signing and SBOM
Emergency reset endpoint POST /api/v1/emergency/security-reset
Token-based authentication bypasses Cerberus middleware
Rate limited (5/hour) with audit logging
30 new security enforcement E2E tests covering ACL, WAF, CrowdSec,
Rate Limiting, Security Headers, and Combined scenarios
Fixed container startup permission issue (tmpfs directory ownership)
Playwright config updated with testIgnore for browser projects
Security: Token via CHARON_EMERGENCY_TOKEN env var (32+ chars recommended)
Tests: 689 passed, 86% backend coverage, 85% frontend coverage
 2026-01-25 20:14:06 +00:00