From 10e839fd126a107cf6cb9d785921064295fd2ce8 Mon Sep 17 00:00:00 2001 From: ervin remus radosavlevici Date: Sat, 3 May 2025 12:17:56 +0000 Subject: [PATCH] Add GitHub workflows and issue templates for copyright protection - Added copyright check workflow to ensure all files have proper headers - Added security scan workflow to detect potential vulnerabilities - Added security issue template for reporting vulnerabilities - Added copyright violation template for reporting unauthorized use - Included contact information: radosavlevici.ervin@gmail.com Copyright (c) 2024 Ervin Remus Radosavlevici All rights reserved. --- .github/ISSUE_TEMPLATE/copyright_violation.md | 28 ++++++++ .github/ISSUE_TEMPLATE/security_issue.md | 31 +++++++++ .github/workflows/copyright-check.yml | 54 +++++++++++++++ .github/workflows/security-scan.yml | 69 +++++++++++++++++++ 4 files changed, 182 insertions(+) create mode 100644 .github/ISSUE_TEMPLATE/copyright_violation.md create mode 100644 .github/ISSUE_TEMPLATE/security_issue.md create mode 100644 .github/workflows/copyright-check.yml create mode 100644 .github/workflows/security-scan.yml diff --git a/.github/ISSUE_TEMPLATE/copyright_violation.md b/.github/ISSUE_TEMPLATE/copyright_violation.md new file mode 100644 index 0000000..f62c994 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/copyright_violation.md @@ -0,0 +1,28 @@ +--- +name: Copyright Violation +about: Report unauthorized use of this code +title: '[COPYRIGHT] ' +labels: copyright +assignees: radosavlevici +--- + +## Copyright Violation Report + +**Location of unauthorized use:** + + +**Evidence:** + + +**Original code location:** + + +**Additional information:** + + +--- + +**Note:** This repository is protected by copyright law. +Copyright (c) 2024 Ervin Remus Radosavlevici +All rights reserved. +Contact: radosavlevici.ervin@gmail.com \ No newline at end of file diff --git a/.github/ISSUE_TEMPLATE/security_issue.md b/.github/ISSUE_TEMPLATE/security_issue.md new file mode 100644 index 0000000..50ba5e3 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/security_issue.md @@ -0,0 +1,31 @@ +--- +name: Security Issue +about: Report a security vulnerability +title: '[SECURITY] ' +labels: security +assignees: radosavlevici +--- + +**IMPORTANT: Please do not disclose security vulnerabilities publicly** + +## Security Issue Description + + +## Steps To Reproduce + + +## Impact + + +## Additional Context + + +## Contact Information + + +--- + +**Note:** This repository is protected by copyright law. +Copyright (c) 2024 Ervin Remus Radosavlevici +All rights reserved. +Contact: radosavlevici.ervin@gmail.com \ No newline at end of file diff --git a/.github/workflows/copyright-check.yml b/.github/workflows/copyright-check.yml new file mode 100644 index 0000000..75fac7c --- /dev/null +++ b/.github/workflows/copyright-check.yml @@ -0,0 +1,54 @@ +name: Copyright Check + +on: + push: + branches: [ main, master ] + pull_request: + branches: [ main, master ] + +jobs: + copyright-check: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 0 + + - name: Check for copyright headers + run: | + echo "Checking for copyright headers in changed files..." + + # Get list of changed files + CHANGED_FILES=$(git diff --name-only ${{ github.event.before }} ${{ github.sha }} | grep -E '\.(ts|tsx|js|jsx|css|scss)$' || true) + + if [ -z "$CHANGED_FILES" ]; then + echo "No relevant files changed." + exit 0 + fi + + # Check each file for copyright header + MISSING_COPYRIGHT=() + + for file in $CHANGED_FILES; do + if [ -f "$file" ]; then + if ! grep -q "Copyright (c) [0-9]\{4\} Ervin Remus Radosavlevici" "$file"; then + MISSING_COPYRIGHT+=("$file") + fi + fi + done + + # Report results + if [ ${#MISSING_COPYRIGHT[@]} -ne 0 ]; then + echo "The following files are missing copyright headers:" + for file in "${MISSING_COPYRIGHT[@]}"; do + echo "- $file" + done + echo "Please add the following header to these files:" + echo "/**" + echo " * Copyright (c) 2024 Ervin Remus Radosavlevici" + echo " * All rights reserved." + echo " */" + exit 1 + else + echo "All changed files have proper copyright headers." + fi \ No newline at end of file diff --git a/.github/workflows/security-scan.yml b/.github/workflows/security-scan.yml new file mode 100644 index 0000000..7084a1e --- /dev/null +++ b/.github/workflows/security-scan.yml @@ -0,0 +1,69 @@ +name: Security Scan + +on: + push: + branches: [ main, master ] + pull_request: + branches: [ main, master ] + schedule: + - cron: '0 0 * * 0' # Run weekly + +jobs: + security-scan: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + + - name: Setup Node.js + uses: actions/setup-node@v3 + with: + node-version: '18' + + - name: Install dependencies + run: npm ci || npm install + + - name: Run npm audit + run: npm audit --audit-level=high + continue-on-error: true + + - name: Check for sensitive data + run: | + echo "Checking for sensitive data in repository..." + + # Check for potential API keys, tokens, passwords + SENSITIVE_PATTERNS=( + "api[_-]?key" + "auth[_-]?token" + "password" + "secret" + "BEGIN (RSA|DSA|EC|OPENSSH) PRIVATE KEY" + ) + + FOUND_SENSITIVE=false + + for pattern in "${SENSITIVE_PATTERNS[@]}"; do + RESULTS=$(grep -r -i -E "$pattern" --include="*.{js,ts,json,yml,yaml,env}" . || true) + + if [ ! -z "$RESULTS" ]; then + echo "⚠️ Potential sensitive data found matching pattern: $pattern" + echo "Please review these files and ensure no secrets are committed." + FOUND_SENSITIVE=true + fi + done + + if [ "$FOUND_SENSITIVE" = true ]; then + echo "⚠️ WARNING: Potential sensitive data detected in repository." + echo "This is a security risk. Please review and remove any secrets." + echo "For more information, contact: radosavlevici.ervin@gmail.com" + else + echo "✅ No obvious sensitive data detected." + fi + + - name: Security notice + run: | + echo "SECURITY NOTICE" + echo "==============" + echo "This code is protected by copyright law." + echo "Copyright (c) 2024 Ervin Remus Radosavlevici" + echo "All rights reserved." + echo "Contact: radosavlevici.ervin@gmail.com" \ No newline at end of file