orion

sboulahtit/orion

Fork 0

Commit Graph

Author	SHA1	Message	Date
Samir Boulahtit	eaab47f2f8	fix: eliminate all 1600 SEC-015 security info findings Add safe-pattern exceptions to the x-html check in validate_security.py for $icon(), $store methods, and window.icons lookups. Suppress remaining 8 legitimate x-html uses (admin-authored content, app-controlled JS) with noqa comments. Security validator now reports 0 errors, 0 warnings, 0 info. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-16 18:02:59 +01:00
Samir Boulahtit	6458ab13d7	docs: update validator noqa proposal with current results Reflect resolved architecture warnings, performance warnings, and current info-only findings (3127) from validate_all output. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-16 14:25:45 +01:00
Samir Boulahtit	1b8a40f1ff	feat(validators): add noqa suppression support to security and performance validators All checks were successful CI / dependency-scanning (push) Successful in 27s Details CI / docs (push) Successful in 35s Details CI / ruff (push) Successful in 8s Details CI / pytest (push) Successful in 34m22s Details CI / validate (push) Successful in 19s Details CI / deploy (push) Successful in 2m25s Details - Add centralized _is_noqa_suppressed() to BaseValidator with normalization (accepts both SEC001 and SEC-001 formats for ruff compatibility) - Wire noqa support into all 21 security and 18 performance check functions - Add ruff external config for SEC/PERF/MOD/EXC codes in pyproject.toml - Convert all 280 Python noqa comments to dashless format (ruff-compatible) - Add site/ to IGNORE_PATTERNS (excludes mkdocs build output) - Suppress 152 false positive findings (test passwords, seed data, validator self-references, Apple Wallet SHA1, etc.) - Security: 79 errors → 0, 60 warnings → 0 - Performance: 80 warnings → 77 (3 test script suppressions) - Add proposal doc with noqa inventory and remaining findings recommendations Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-14 22:56:56 +01:00

Author

SHA1

Message

Date

Samir Boulahtit

eaab47f2f8

fix: eliminate all 1600 SEC-015 security info findings

Add safe-pattern exceptions to the x-html check in validate_security.py
for $icon(), $store methods, and window.icons lookups. Suppress remaining
8 legitimate x-html uses (admin-authored content, app-controlled JS) with
noqa comments. Security validator now reports 0 errors, 0 warnings, 0 info.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-02-16 18:02:59 +01:00

Samir Boulahtit

6458ab13d7

docs: update validator noqa proposal with current results

Reflect resolved architecture warnings, performance warnings, and
current info-only findings (3127) from validate_all output.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-02-16 14:25:45 +01:00

Samir Boulahtit

1b8a40f1ff

feat(validators): add noqa suppression support to security and performance validators

CI / dependency-scanning (push) Successful in 27s

Details

CI / docs (push) Successful in 35s

Details

CI / ruff (push) Successful in 8s

Details

CI / pytest (push) Successful in 34m22s

Details

CI / validate (push) Successful in 19s

Details

CI / deploy (push) Successful in 2m25s

Details

- Add centralized _is_noqa_suppressed() to BaseValidator with normalization
  (accepts both SEC001 and SEC-001 formats for ruff compatibility)
- Wire noqa support into all 21 security and 18 performance check functions
- Add ruff external config for SEC/PERF/MOD/EXC codes in pyproject.toml
- Convert all 280 Python noqa comments to dashless format (ruff-compatible)
- Add site/ to IGNORE_PATTERNS (excludes mkdocs build output)
- Suppress 152 false positive findings (test passwords, seed data, validator
  self-references, Apple Wallet SHA1, etc.)
- Security: 79 errors → 0, 60 warnings → 0
- Performance: 80 warnings → 77 (3 test script suppressions)
- Add proposal doc with noqa inventory and remaining findings recommendations

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-02-14 22:56:56 +01:00

3 Commits