feat: add unified code quality dashboard with multiple validators

- Add validator_type field to scans and violations (architecture, security, performance) - Create security validator with SEC-xxx rules - Create performance validator with PERF-xxx rules - Add base validator class for shared functionality - Add validate_all.py script to run all validators - Update code quality service with validator type filtering - Add validator type tabs to dashboard UI - Add validator type filter to violations list - Update stats response with per-validator breakdown - Add security and performance rules documentation - Add chat-bubble icons to icon library 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-21 20:57:47 +01:00
parent 6a903e16c6
commit 26b3dc9e3b
27 changed files with 5270 additions and 119 deletions
--- a/.security-rules/_main.yaml
+++ b/.security-rules/_main.yaml
@@ -0,0 +1,66 @@
+# Security Rules Configuration
+# ============================
+# Security-focused validation rules for the codebase.
+# Run with: python scripts/validate_security.py
+
+version: "1.0"
+project: "letzshop-product-import"
+
+description: |
+  Security validation rules to detect common vulnerabilities and ensure
+  secure coding practices across the application.
+
+principles:
+  - name: "Defense in Depth"
+    description: "Multiple layers of security controls"
+  - name: "Least Privilege"
+    description: "Minimal access rights for users and processes"
+  - name: "Secure by Default"
+    description: "Secure configurations out of the box"
+  - name: "Fail Securely"
+    description: "Errors should not compromise security"
+  - name: "Input Validation"
+    description: "Never trust user input"
+
+includes:
+  - authentication.yaml
+  - injection.yaml
+  - data_protection.yaml
+  - api_security.yaml
+  - cryptography.yaml
+  - audit.yaml
+
+severity_levels:
+  error:
+    description: "Critical security vulnerability that must be fixed"
+    exit_code: 1
+  warning:
+    description: "Security concern that should be addressed"
+    exit_code: 0
+  info:
+    description: "Security best practice recommendation"
+    exit_code: 0
+
+ignore:
+  files:
+    - "**/test_*.py"
+    - "**/tests/**"
+    - "**/*_test.py"
+    - "**/conftest.py"
+    - "**/migrations/**"
+    - "**/.venv/**"
+    - "**/venv/**"
+    - "**/node_modules/**"
+    - "**/site/**"
+    - "**/scripts/**"
+    - "**/__pycache__/**"
+    - "**/*.pyc"
+  patterns:
+    # Allow test credentials in test files
+    - file: "**/tests/**"
+      pattern: "password.*=.*test"
+      reason: "Test fixtures use dummy credentials"
+    # Allow example patterns in documentation
+    - file: "**/docs/**"
+      pattern: ".*"
+      reason: "Documentation examples"