Add 62 blog posts generated from git commit history
All checks were successful
Hugo Build & Deploy / build-deploy (push) Successful in 5s
All checks were successful
Hugo Build & Deploy / build-deploy (push) Successful in 5s
One-shot import of all bojemoi repo commits as Hugo posts. Each post includes metadata, files changed, and diff stats. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Betty
58
content/posts/commits/2026-01-29-commit-ee2d9c7.md
Normal file
58
content/posts/commits/2026-01-29-commit-ee2d9c7.md
Normal file
@@ -0,0 +1,58 @@
|
||||
---
|
||||
title: "Security: Remove hardcoded credentials and add input validation"
|
||||
date: 2026-01-29T16:58:21+01:00
|
||||
draft: false
|
||||
tags: ["commit", "bojemoi", "samsonov", "orchestrator"]
|
||||
categories: ["Git Activity"]
|
||||
summary: "Commit ee2d9c7 par Betty — 6 fichier(s) modifié(s)"
|
||||
author: "Betty"
|
||||
---
|
||||
|
||||
## Commit `ee2d9c7`
|
||||
|
||||
| | |
|
||||
|---|---|
|
||||
| **Repository** | bojemoi |
|
||||
| **Branch** | `main` |
|
||||
| **Auteur** | Betty |
|
||||
| **Hash** | `ee2d9c7ff59ea9dbde783630d20eeac2027c567b` |
|
||||
| **Date** | 2026-01-29 |
|
||||
|
||||
### Description
|
||||
|
||||
BREAKING CHANGE: All secrets now require environment variables
|
||||
|
||||
- config.py: Remove hardcoded POSTGRES_PASSWORD, GITEA_TOKEN, XENSERVER_PASS
|
||||
- Add field validators to reject placeholder values
|
||||
- CORS_ORIGINS now configurable (defaults to specific domains, not "*")
|
||||
- main.py: Fix CORS to use configured origins instead of wildcard
|
||||
- Replace bare except: handlers with proper exception logging
|
||||
- schemas.py: Add input validation patterns
|
||||
- VM/container names: alphanumeric, hyphens, underscores only
|
||||
- Docker images: validate format (registry/image:tag)
|
||||
- Port mappings: validate format and range (1-65535)
|
||||
- Add max length constraints to prevent abuse
|
||||
- plugin_zap.py, plugin_burp.py: Load API keys from environment
|
||||
- ZAP_API_KEY and BURP_API_KEY env vars required
|
||||
- .env.example: Document all required environment variables
|
||||
|
||||
ACTION REQUIRED: Rotate exposed credentials in git history
|
||||
|
||||
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
|
||||
|
||||
### Fichiers modifiés
|
||||
|
||||
```
|
||||
M provisioning/orchestrator/.env.example
|
||||
M provisioning/orchestrator/app/config.py
|
||||
M provisioning/orchestrator/app/main.py
|
||||
M provisioning/orchestrator/app/models/schemas.py
|
||||
M samsonov/pentest_orchestrator/plugins/plugin_burp.py
|
||||
M samsonov/pentest_orchestrator/plugins/plugin_zap.py
|
||||
```
|
||||
|
||||
### Statistiques
|
||||
|
||||
```
|
||||
6 files changed, 353 insertions(+), 144 deletions(-)
|
||||
```
|
||||
Reference in New Issue
Block a user