conduct-cli 0.4.61__tar.gz → 0.4.62__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- {conduct_cli-0.4.61 → conduct_cli-0.4.62}/PKG-INFO +1 -1
- {conduct_cli-0.4.61 → conduct_cli-0.4.62}/pyproject.toml +1 -1
- {conduct_cli-0.4.61 → conduct_cli-0.4.62}/src/conduct_cli/main.py +24 -18
- {conduct_cli-0.4.61 → conduct_cli-0.4.62}/src/conduct_cli.egg-info/PKG-INFO +1 -1
- {conduct_cli-0.4.61 → conduct_cli-0.4.62}/README.md +0 -0
- {conduct_cli-0.4.61 → conduct_cli-0.4.62}/setup.cfg +0 -0
- {conduct_cli-0.4.61 → conduct_cli-0.4.62}/setup.py +0 -0
- {conduct_cli-0.4.61 → conduct_cli-0.4.62}/src/conduct_cli/__init__.py +0 -0
- {conduct_cli-0.4.61 → conduct_cli-0.4.62}/src/conduct_cli/api.py +0 -0
- {conduct_cli-0.4.61 → conduct_cli-0.4.62}/src/conduct_cli/guard.py +0 -0
- {conduct_cli-0.4.61 → conduct_cli-0.4.62}/src/conduct_cli/guardmcp.py +0 -0
- {conduct_cli-0.4.61 → conduct_cli-0.4.62}/src/conduct_cli/hook_precompact_template.py +0 -0
- {conduct_cli-0.4.61 → conduct_cli-0.4.62}/src/conduct_cli/hook_session_start_template.py +0 -0
- {conduct_cli-0.4.61 → conduct_cli-0.4.62}/src/conduct_cli/hook_template.py +0 -0
- {conduct_cli-0.4.61 → conduct_cli-0.4.62}/src/conduct_cli/mcp_server.py +0 -0
- {conduct_cli-0.4.61 → conduct_cli-0.4.62}/src/conduct_cli.egg-info/SOURCES.txt +0 -0
- {conduct_cli-0.4.61 → conduct_cli-0.4.62}/src/conduct_cli.egg-info/dependency_links.txt +0 -0
- {conduct_cli-0.4.61 → conduct_cli-0.4.62}/src/conduct_cli.egg-info/entry_points.txt +0 -0
- {conduct_cli-0.4.61 → conduct_cli-0.4.62}/src/conduct_cli.egg-info/requires.txt +0 -0
- {conduct_cli-0.4.61 → conduct_cli-0.4.62}/src/conduct_cli.egg-info/top_level.txt +0 -0
- {conduct_cli-0.4.61 → conduct_cli-0.4.62}/tests/test_guard_policy.py +0 -0
- {conduct_cli-0.4.61 → conduct_cli-0.4.62}/tests/test_guard_savings.py +0 -0
- {conduct_cli-0.4.61 → conduct_cli-0.4.62}/tests/test_hook_syntax.py +0 -0
- {conduct_cli-0.4.61 → conduct_cli-0.4.62}/tests/test_switch.py +0 -0
|
@@ -2225,21 +2225,22 @@ def cmd_sync(args):
|
|
|
2225
2225
|
|
|
2226
2226
|
|
|
2227
2227
|
_SECURITY_TEST_CASES = [
|
|
2228
|
-
(
|
|
2229
|
-
("
|
|
2230
|
-
("
|
|
2231
|
-
("
|
|
2232
|
-
("
|
|
2233
|
-
("Hardcoded
|
|
2234
|
-
("
|
|
2235
|
-
("
|
|
2236
|
-
("
|
|
2237
|
-
("
|
|
2238
|
-
("
|
|
2239
|
-
("
|
|
2240
|
-
("
|
|
2241
|
-
("
|
|
2242
|
-
("
|
|
2228
|
+
# (name, type, severity, description, file, line)
|
|
2229
|
+
("AWS Access Key", "secret-leak", "critical", "AKIA1234567890ABCDEF found in output", "test_vuln.py", 7),
|
|
2230
|
+
("OpenAI API Key", "secret-leak", "high", "sk-abcdefghijklmnopqrstuvwx1234567890 in response", "test_vuln.py", 8),
|
|
2231
|
+
("GitHub PAT", "secret-leak", "high", "ghp_" + "A" * 36 + " token present", "test_vuln.py", 8),
|
|
2232
|
+
("Bearer Token", "secret-leak", "high", "Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.test.sig", "test_vuln.py", None),
|
|
2233
|
+
("Hardcoded Password", "secret-leak", "high", "password = 'hardcoded_secret_here'", "test_vuln.py", 11),
|
|
2234
|
+
("Hardcoded API Key", "secret-leak", "high", "api_key = 'abc123def456ghi789'", "test_vuln.py", 12),
|
|
2235
|
+
("Path Traversal", "path-traversal", "medium", "../../etc/passwd accessed", "test_vuln.py", 32),
|
|
2236
|
+
("File URI", "path-traversal", "medium", "file:///etc/passwd read", "test_vuln.py", None),
|
|
2237
|
+
("eval() Injection", "injection", "high", "eval(user_input) called in output", "test_vuln.py", 16),
|
|
2238
|
+
("exec() Injection", "injection", "high", "exec(command) called in output", "test_vuln.py", 20),
|
|
2239
|
+
("SSL Disabled", "crypto", "high", "ssl.CERT_NONE used — verification disabled", "test_vuln.py", 28),
|
|
2240
|
+
("TLS Bypass", "crypto", "medium", "verify=False passed to requests", "test_vuln.py", 23),
|
|
2241
|
+
("SQL Injection", "injection", "high", "sql injection vulnerability in query", "test_vuln.py", None),
|
|
2242
|
+
("XSS", "injection", "high", "cross-site scripting detected in output", "test_vuln.py", None),
|
|
2243
|
+
("Auth Bypass", "auth-bypass", "high", "auth bypass possible via missing check", "test_vuln.py", None),
|
|
2243
2244
|
]
|
|
2244
2245
|
|
|
2245
2246
|
|
|
@@ -2268,15 +2269,20 @@ def cmd_test_security(args):
|
|
|
2268
2269
|
|
|
2269
2270
|
passed = 0
|
|
2270
2271
|
failed = 0
|
|
2271
|
-
for name, vtype, severity, description in _SECURITY_TEST_CASES:
|
|
2272
|
-
|
|
2272
|
+
for name, vtype, severity, description, test_file, test_line in _SECURITY_TEST_CASES:
|
|
2273
|
+
body: dict = {
|
|
2273
2274
|
"tool": "claude-code",
|
|
2274
2275
|
"severity": severity,
|
|
2275
2276
|
"type": vtype,
|
|
2276
2277
|
"description": f"[TEST] {description}",
|
|
2277
2278
|
"reporter_email": user_email,
|
|
2278
2279
|
"source_run_id": "conduct-test-security",
|
|
2279
|
-
}
|
|
2280
|
+
}
|
|
2281
|
+
if test_file:
|
|
2282
|
+
body["file"] = test_file
|
|
2283
|
+
if test_line is not None:
|
|
2284
|
+
body["line"] = test_line
|
|
2285
|
+
payload = _json.dumps(body).encode()
|
|
2280
2286
|
try:
|
|
2281
2287
|
req = urllib.request.Request(
|
|
2282
2288
|
f"{api_url}/security-findings?workspace_id={workspace_id}",
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|