zsp/everything-claude-code
1
0
Fork 0
mirror of https://github.com/affaan-m/everything-claude-code.git synced 2026-05-18 14:53:05 +08:00
Code Issues Packages Projects Releases Wiki Activity

security: cover gh-token-monitor token persistence

Browse Source
This commit is contained in:
Affaan Mustafa
2026-05-17 17:46:35 -04:00
parent 6b282aaa43
commit 36d390aa7d
3 changed files with 37 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
tests/ci/scan-supply-chain-iocs.test.js
View File

@@ -365,6 +365,18 @@ function run() {
});
})) passed++; else failed++;
if (test('rejects Mini Shai-Hulud gh-token-monitor token store when home scan is enabled', () => {
withFixture({
'home/.config/gh-token-monitor/token': 'redacted-token-placeholder',
}, rootDir => {
const homeDir = path.join(rootDir, 'home');
const result = scanSupplyChainIocs({ rootDir, home: true, homeDir });
assert.ok(result.findings.some(
finding => finding.indicator === '~/.config/gh-token-monitor/token',
));
});
})) passed++; else failed++;
if (test('rejects installed payload filenames in node_modules', () => {
withFixture({
'node_modules/@tanstack/react-router/router_init.js': '/* payload */',