curo1305
61cef2eacd
- backend/scripts/seed.py: creates test@example.com on dev startup - backend/scripts/start_dev.sh: runs migrations + seed + uvicorn --reload - backend/app/schemas/user.py: password validator (length, case, digit, special char, forbidden words) - scripts/security_check.py: Docker-based scanner for secrets, dangerous patterns, weak crypto, bandit - .githooks/pre-commit: runs security_check.py in python:3.12-slim on every commit Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
1.5 KiB
1.5 KiB
2026-04-12 — Test user, password validation, security hook
Timestamp: 2026-04-12T14:10:00
Summary
Added dev seed user, password strength validation, and a Docker-based pre-commit security check hook.
Files Added
backend/scripts/seed.py— async script that createstest@example.com / Test123!if it doesn't exist; safe to run multiple timesbackend/scripts/start_dev.sh— dev container entrypoint: runsalembic upgrade head→ seed → uvicorn --reloadscripts/security_check.py— security scanner: checks staged files for hardcoded secrets, dangerous patterns (eval/exec/shell=True/pickle), weak crypto (MD5/SHA1/DES), SQL injection risk, debug flags; also runsbanditon Python files.githooks/pre-commit— git hook that runssecurity_check.pyinsidepython:3.12-slimDocker container; activated viagit config core.hooksPath .githookschangelog/2026-04-12_security-validation.md— this file
Files Modified
backend/app/schemas/user.py— added_validate_passwordwith: min 8 chars, uppercase, lowercase, digit, special char, word-boundary check against ~40 forbidden common words;UserCreate.password_strengthfield validatordocker-compose.dev.yml— backend command changed from bareuvicorntosh scripts/start_dev.shCLAUDE.md— added Security hook section documenting what the hook checks and how to activate it on new clonesREADME.md— updated Current State to mention test user, password policy, security hook