sami7777/dashcaddy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
94 Commits 1 Branch 0 Tags
main
Commit Graph

13 Commits

Author SHA1 Message Date
Sami
ea5acfa9a2 test: build comprehensive test suite reaching 80%+ coverage threshold 
Add 22 test files (~700 tests) covering security-critical modules, core
infrastructure, API routes, and error handling. Final coverage: 86.73%
statements / 80.57% branches / 85.57% functions / 87.42% lines, all above
the 80% threshold enforced by jest.config.js.

Highlights:
- Unit tests for crypto-utils, credential-manager, auth-manager, csrf,
  input-validator, state-manager, health-checker, backup-manager,
  update-manager, resource-monitor, app-templates, platform-paths,
  port-lock-manager, errors, error-handler, pagination, url-resolver
- Route tests for health, services, and containers (supertest + mocked deps)
- Shared test-utils helper for mock factories and Express app builder
- npm scripts for CI: test:ci, test:unit, test:routes, test:security,
  test:changed, test:debug
- jest.config.js: expand coverage targets, add 80% threshold gate
- routes/services.js: import ValidationError and NotFoundError from errors
- .gitignore: exclude coverage/, *.bak, *.log

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-04-06 21:36:46 -07:00
Sami
64b3534c7d Merge branch 'main' of http://100.98.123.59:3000/sami7777/dashcaddy 
# Conflicts:
#	dashcaddy-api/.license-counter
#	dashcaddy-api/__tests__/docker-security.test.js
 2026-03-23 13:42:22 -07:00
Krystie
d76644d948 Sync DNS2 production changes - removed obsolete test suite and refactored structure 2026-03-23 10:47:15 +01:00
Sami
263b090769 test: add comprehensive docker-security test suite (41 tests) 2026-03-22 11:46:30 -07:00
Krystie
e2c67a8fe8 Phase 1: Add ESLint/Prettier config + baseline auto-fixes 2026-03-22 11:00:25 +01:00
Sami
41a0cdee7e test: expand credential-manager edge case coverage 2026-03-22 02:37:32 -07:00
Sami
6775dc154b test: add comprehensive docker-security test suite (39 tests) 2026-03-20 22:45:55 -07:00
Sami
43b06c519f test: add comprehensive docker-security test suite (39 tests, Phase 3) 2026-03-20 22:45:11 -07:00
Sami
d15c160185 test: add comprehensive auth-manager test suite (Phase 3 WIP) 2026-03-20 22:19:45 -07:00
Krystie
3c5376c7b9 security: implement Phase 1-2 fixes (logger sanitization + tests) 
- Add logger-utils.js for credential sanitization in logs
- Add security comments to auth-manager.js
- Create .env.example template
- Add .env to .gitignore
- Implement comprehensive logger-utils tests (16 cases)

Desloppify score: 15.4 → ~25-30 (estimated)
Security: 62.5% → ~80%
Test coverage: 0% → ~5%

Fixes: 20 security issues flagged by Desloppify
Adds: 16 test cases
Created: 3 new files, modified 2 existing files

See SECURITY-IMPROVEMENTS.md for full details.
 2026-03-21 03:43:03 +01:00
Sami
70b818c2bd Fix Tailscale route prefix mismatch and increase health check timeout 
Mount Tailscale router at /tailscale prefix so all 10 routes resolve
to /api/tailscale/* as expected by middleware, audit logger, and
frontend. Previously 5 routes (status, config, check-connection,
devices, protect-service) resolved to /api/* instead, with config
colliding with the settings route. Strip redundant /tailscale/ prefix
from OAuth routes that were compensating for the missing mount prefix.

Increase default health check timeout from 10s to 20s to reduce false
positives on slower services.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-14 18:44:20 -07:00
Sami
52577b11ed Fix 7 frontend security vulnerabilities (4 critical, 3 high) 
- Escape all innerHTML assignments with user/external data across 12 JS files
- Upgrade credential encryption: per-value IV, key moved to sessionStorage
- Fix open redirect in TOTP auth via proper URL hostname validation
- Remove sensitive DNS topology data from localStorage cache
- Add security regression test suite (51 tests)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-07 01:29:04 -08:00
Sami
f61e85d9a7 Initial commit: DashCaddy v1.0 
Full codebase including API server (32 modules + routes), dashboard frontend,
DashCA certificate distribution, installer script, and deployment skills.
 2026-03-05 02:26:12 -08:00