privacy.sexy

44r0n7/privacy.sexy

Fork 0

Commit Graph

Author	SHA1	Message	Date
undergroundwires	4765752ee3	Improve security and reliability of macOS updates This commit introduces several improvements to the macOS update process, primarily focusing on enhancing security and reliability: - Add data integrity checks to ensure downloaded updates haven't been tampered with. - Optimize update progress logging in `streamWithProgress` by limiting amount of logs during the download process. - Improve resource management by ensuring proper closure of file read/write streams. - Add retry logic with exponential back-off during file access to handle occassionally seen file system preparation delays on macOS. - Improve decision-making based on user responses. - Improve clarity and informativeness of log messages. - Update error dialogs for better user guidance when updates fail to download, unexpected errors occur or the installer can't be opened. - Add handling for unexpected errors during the update process. - Move to asynchronous functions for more efficient operation. - Move to scoped imports for better code clarity. - Update `Readable` stream type to a more modern variant in Node. - Refactor `ManualUpdater` for improved separation of concerns. - Document the secure update process, and log directory locations. - Rename files to more accurately reflect their purpose. - Add `.DS_Store` in `.gitignore` to avoid unintended files in commits.	2023-12-04 18:28:43 +01:00
undergroundwires	3e5239f7d3	Add SAST security checks with SECURITY.md #178 This commit incorporates Static Analysis Security Testing (SAST) using CodeQL. This integration will enforce consistent security assessments with every change and on a predetermined schedule. This commit also involves a restructure of security checks. The existing security-checks workflow is renamed to better reflect its functionality related to dependency audits. These changes will enhance the project's resilience against potential vulnerabilities in both the codebase and third-party dependencies. Changes include: - Remove older LGTM badge that's replaced by SAST checks. - Rename `checks.security.yaml` to `checks.security.dependencies.yaml`, reinforcing the focus on dependency audits. - Update `README.md`, ensuring the clear representation of security check statuses, including new SAST integration. - Add new `SECURITY.md`, establishing the protocol for reporting vulnerabilities and outlining the project's commitment to robust security testing. - Enhance `docs/tests.md` with detailed information on the newly integrated security checks. - Add reference to SECURITY.md in README.md.	2023-09-28 15:19:09 +02:00

Author

SHA1

Message

Date

undergroundwires

4765752ee3

Improve security and reliability of macOS updates

This commit introduces several improvements to the macOS update process,
primarily focusing on enhancing security and reliability:

- Add data integrity checks to ensure downloaded updates haven't been
  tampered with.
- Optimize update progress logging in `streamWithProgress` by limiting
  amount of logs during the download process.
- Improve resource management by ensuring proper closure of file
  read/write streams.
- Add retry logic with exponential back-off during file access to handle
  occassionally seen file system preparation delays on macOS.
- Improve decision-making based on user responses.
- Improve clarity and informativeness of log messages.
- Update error dialogs for better user guidance when updates fail to
  download, unexpected errors occur or the installer can't be opened.
- Add handling for unexpected errors during the update process.
- Move to asynchronous functions for more efficient operation.
- Move to scoped imports for better code clarity.
- Update `Readable` stream type to a more modern variant in Node.
- Refactor `ManualUpdater` for improved separation of concerns.
- Document the secure update process, and log directory locations.
- Rename files to more accurately reflect their purpose.
- Add `.DS_Store` in `.gitignore` to avoid unintended files in commits.

2023-12-04 18:28:43 +01:00

undergroundwires

3e5239f7d3

Add SAST security checks with SECURITY.md #178

This commit incorporates Static Analysis Security Testing (SAST) using
CodeQL. This integration will enforce consistent security assessments
with every change and on a predetermined schedule.

This commit also involves a restructure of security checks. The existing
security-checks workflow is renamed to better reflect its functionality
related to dependency audits.

These changes will enhance the project's resilience against potential
vulnerabilities in both the codebase and third-party dependencies.

Changes include:

- Remove older LGTM badge that's replaced by SAST checks.
- Rename `checks.security.yaml` to `checks.security.dependencies.yaml`,
  reinforcing the focus on dependency audits.
- Update `README.md`, ensuring the clear representation of security
  check statuses, including new SAST integration.
- Add new `SECURITY.md`, establishing the protocol for reporting
  vulnerabilities and outlining the project's commitment to robust
  security testing.
- Enhance `docs/tests.md` with detailed information on the newly
  integrated security checks.
- Add reference to SECURITY.md in README.md.

2023-09-28 15:19:09 +02:00

2 Commits