mirror of
https://github.com/stackblitz/bolt.new
synced 2025-06-26 18:17:50 +00:00
Add security protection files
- Added .gitattributes to protect sensitive files - Added SECURITY.md with security policy and documentation - Enhanced repository protection Copyright (c) 2024 Ervin Remus Radosavlevici
This commit is contained in:
ervin remus radosavlevici
27
.gitattributes
vendored
Normal file
27
.gitattributes
vendored
Normal file
@@ -0,0 +1,27 @@
|
||||
# Auto detect text files and perform LF normalization
|
||||
* text=auto
|
||||
|
||||
# Protect sensitive files
|
||||
app/lib/crypto.ts linguist-vendored
|
||||
app/lib/auth.ts linguist-vendored
|
||||
app/middleware/security.ts linguist-vendored
|
||||
app/utils/secureStorage.ts linguist-vendored
|
||||
app/utils/securityUtils.ts linguist-vendored
|
||||
|
||||
# Mark files as binary to prevent git from trying to merge them
|
||||
*.key binary
|
||||
*.pem binary
|
||||
*.p12 binary
|
||||
*.pfx binary
|
||||
*.jks binary
|
||||
|
||||
# Enforce specific file attributes
|
||||
*.ts linguist-language=TypeScript
|
||||
*.tsx linguist-language=TypeScript
|
||||
*.js linguist-language=JavaScript
|
||||
*.jsx linguist-language=JavaScript
|
||||
*.scss linguist-language=SCSS
|
||||
*.css linguist-language=CSS
|
||||
|
||||
# Copyright protection
|
||||
LICENSE linguist-documentation
|
||||
54
SECURITY.md
Normal file
54
SECURITY.md
Normal file
@@ -0,0 +1,54 @@
|
||||
# Security Policy
|
||||
|
||||
## Copyright Notice
|
||||
|
||||
Copyright (c) 2024 Ervin Remus Radosavlevici
|
||||
All rights reserved.
|
||||
|
||||
## Reporting a Vulnerability
|
||||
|
||||
If you discover a security vulnerability within this project, please send an email to [security@example.com](mailto:security@example.com). All security vulnerabilities will be promptly addressed.
|
||||
|
||||
Please do not disclose security vulnerabilities publicly until they have been addressed by the maintainers.
|
||||
|
||||
## Security Features
|
||||
|
||||
This project implements several security features:
|
||||
|
||||
1. **Enhanced Encryption**
|
||||
- AES-GCM encryption with authentication
|
||||
- PBKDF2 key derivation with high iteration count
|
||||
- Secure random salt generation
|
||||
|
||||
2. **Authentication System**
|
||||
- Secure session management
|
||||
- Protection against session hijacking
|
||||
- Automatic session expiration
|
||||
|
||||
3. **Security Middleware**
|
||||
- Content Security Policy headers
|
||||
- Rate limiting to prevent brute force attacks
|
||||
- XSS protection headers
|
||||
|
||||
4. **Secure Storage**
|
||||
- Encrypted local storage
|
||||
- Protection for sensitive data
|
||||
|
||||
5. **Input Validation**
|
||||
- Sanitization to prevent XSS attacks
|
||||
- Validation for common security threats
|
||||
- Protection against SQL injection
|
||||
|
||||
## Best Practices
|
||||
|
||||
When contributing to this project, please follow these security best practices:
|
||||
|
||||
1. Never store sensitive information in client-side code
|
||||
2. Always validate and sanitize user input
|
||||
3. Use the provided security utilities for handling sensitive data
|
||||
4. Follow the principle of least privilege
|
||||
5. Keep dependencies updated to avoid security vulnerabilities
|
||||
|
||||
## License
|
||||
|
||||
This project is protected by copyright law. Unauthorized use, modification, or distribution is prohibited.
|
||||
Reference in New Issue
Block a user