sboulahtit/orion
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
26b3dc9e3b7ec76510e1bef73be1a1aaf13d228b
orion/.security-rules/_main.yaml
Samir Boulahtit 26b3dc9e3b feat: add unified code quality dashboard with multiple validators 
- Add validator_type field to scans and violations (architecture,
  security, performance)
- Create security validator with SEC-xxx rules
- Create performance validator with PERF-xxx rules
- Add base validator class for shared functionality
- Add validate_all.py script to run all validators
- Update code quality service with validator type filtering
- Add validator type tabs to dashboard UI
- Add validator type filter to violations list
- Update stats response with per-validator breakdown
- Add security and performance rules documentation
- Add chat-bubble icons to icon library

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-21 20:57:47 +01:00

67 lines
1.7 KiB
YAML
Raw Blame History

# Security Rules Configuration
# ============================
# Security-focused validation rules for the codebase.
# Run with: python scripts/validate_security.py
version: "1.0"
project: "letzshop-product-import"
description: |
Security validation rules to detect common vulnerabilities and ensure
secure coding practices across the application.
principles:
- name: "Defense in Depth"
description: "Multiple layers of security controls"
- name: "Least Privilege"
description: "Minimal access rights for users and processes"
- name: "Secure by Default"
description: "Secure configurations out of the box"
- name: "Fail Securely"
description: "Errors should not compromise security"
- name: "Input Validation"
description: "Never trust user input"
includes:
- authentication.yaml
- injection.yaml
- data_protection.yaml
- api_security.yaml
- cryptography.yaml
- audit.yaml
severity_levels:
error:
description: "Critical security vulnerability that must be fixed"
exit_code: 1
warning:
description: "Security concern that should be addressed"
exit_code: 0
info:
description: "Security best practice recommendation"
exit_code: 0
ignore:
files:
- "**/test_*.py"
- "**/tests/**"
- "**/*_test.py"
- "**/conftest.py"
- "**/migrations/**"
- "**/.venv/**"
- "**/venv/**"
- "**/node_modules/**"
- "**/site/**"
- "**/scripts/**"
- "**/__pycache__/**"
- "**/*.pyc"
patterns:
# Allow test credentials in test files
- file: "**/tests/**"
pattern: "password.*=.*test"
reason: "Test fixtures use dummy credentials"
# Allow example patterns in documentation
- file: "**/docs/**"
pattern: ".*"
reason: "Documentation examples"
Reference in New Issue View Git Blame Copy Permalink