wildberries-sdk 0.1.88 → 0.1.89

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/README.md +19 -0
  2. package/package.json +1 -1
package/README.md CHANGED
@@ -2,6 +2,25 @@
2
2
 
3
3
  Единый npm-пакет с клиентами Wildberries по всем спецификациям.
4
4
 
5
+ ## Безопасность
6
+
7
+ SDK выпускается с security-first процессом:
8
+
9
+ - статический анализ кода CodeQL
10
+ - оценка по OpenSSF Scorecard
11
+ - сканирование секретов TruffleHog (verified-режим)
12
+ - аудит зависимостей Python (pip-audit)
13
+ - npm audit
14
+ - Composer audit
15
+ - Cargo audit
16
+ - проверка уязвимостей Go (govulncheck)
17
+ - в опубликованных пакетах нет захардкоженных API-токенов
18
+
19
+ [![CodeQL](https://github.com/eslazarev/wildberries-sdk/actions/workflows/codeql.yml/badge.svg)](https://github.com/eslazarev/wildberries-sdk/actions/workflows/codeql.yml)
20
+ [![Scorecard](https://github.com/eslazarev/wildberries-sdk/actions/workflows/scorecard.yml/badge.svg)](https://github.com/eslazarev/wildberries-sdk/actions/workflows/scorecard.yml)
21
+ [![Secrets](https://github.com/eslazarev/wildberries-sdk/actions/workflows/secrets.yml/badge.svg)](https://github.com/eslazarev/wildberries-sdk/actions/workflows/secrets.yml)
22
+ [![Dependency Audit](https://github.com/eslazarev/wildberries-sdk/actions/workflows/dependency-audit.yml/badge.svg)](https://github.com/eslazarev/wildberries-sdk/actions/workflows/dependency-audit.yml)
23
+
5
24
  ## Установка
6
25
 
7
26
  ```bash
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "wildberries-sdk",
3
- "version": "0.1.88",
3
+ "version": "0.1.89",
4
4
  "description": "Wildberries OpenAPI clients (generated).",
5
5
  "license": "MIT",
6
6
  "repository": {