ankhbayar/Assist_Design
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity
Assist_Design/scripts/security-check.sh
barsa 540c0ba10c Update dependencies and clean up package configurations 
- Upgraded `@eslint/js` and `eslint` to version 9.39.2 for improved linting capabilities.
- Updated `zod` to version 4.2.0 in various dependencies to ensure compatibility and access to the latest features.
- Standardized quotes in `pnpm-lock.yaml` and `pnpm-workspace.yaml` for consistency.
- Removed obsolete `~$MPLETE-GUIDE.docx` file from the documentation directory.
2025-12-15 17:55:54 +09:00

98 lines
2.4 KiB
Bash
Executable File
Raw Permalink Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#!/bin/bash
# Security Check Script
# Run this to perform a comprehensive security check on your project
set -e
echo "🔍 Starting Security Scan..."
echo ""
# Colors for output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
NC='\033[0m' # No Color
# Function to print colored output
print_status() {
local color=$1
local message=$2
echo -e "${color}${message}${NC}"
}
# Check if we're in the right directory
if [ ! -f "package.json" ]; then
print_status "$RED" "❌ Error: package.json not found. Please run this script from the project root."
exit 1
fi
print_status "$YELLOW" "📦 Checking for security vulnerabilities..."
echo ""
# Run security audit
if pnpm audit --audit-level=high; then
print_status "$GREEN" "✅ No high or critical vulnerabilities found!"
else
print_status "$RED" "⚠️ Security vulnerabilities detected!"
echo ""
print_status "$YELLOW" "Generating detailed report..."
pnpm audit --json > security-report.json
print_status "$GREEN" "Report saved to: security-report.json"
echo ""
print_status "$YELLOW" "To fix vulnerabilities, try:"
echo " pnpm security:fix"
echo " or update packages manually"
exit 1
fi
echo ""
print_status "$YELLOW" "📋 Checking for outdated dependencies..."
echo ""
if pnpm outdated --recursive > /dev/null 2>&1; then
print_status "$GREEN" "✅ All dependencies are up to date!"
else
print_status "$YELLOW" " Some dependencies have updates available"
echo ""
pnpm outdated --recursive || true
echo ""
print_status "$YELLOW" "To update safely, run:"
echo " pnpm update:safe"
fi
echo ""
print_status "$YELLOW" "🔍 Running linter..."
echo ""
if pnpm lint; then
print_status "$GREEN" "✅ No linting errors!"
else
print_status "$RED" "⚠️ Linting errors found!"
echo ""
print_status "$YELLOW" "To fix automatically, try:"
echo " pnpm lint:fix"
exit 1
fi
echo ""
print_status "$YELLOW" "📝 Running type check..."
echo ""
if pnpm type-check; then
print_status "$GREEN" "✅ No type errors!"
else
print_status "$RED" "⚠️ Type errors found!"
exit 1
fi
echo ""
print_status "$GREEN" "🎉 All security checks passed!"
echo ""
print_status "$YELLOW" "Recommendations:"
echo " 1. Review any outdated dependencies"
echo " 2. Run tests: pnpm test"
echo " 3. Push changes to trigger CI/CD security scans"
echo ""
Reference in New Issue View Git Blame Copy Permalink