mirror of
https://github.com/pezkuwichain/pwap.git
synced 2026-04-21 23:47:56 +00:00
159700eade
Security Infrastructure: - Add .gitattributes for merge conflict protection and sensitive file handling - Add SECURITY.md with detailed security policies and procedures - Add pre-commit hook template for local secret detection - Add GitHub Actions workflow for automated security scanning - Add comprehensive documentation for git hooks Code Security Improvements: - Fix AuthContext.tsx: Remove hardcoded credentials, use environment variables - Migrate WalletContext.tsx: Replace Ethereum/MetaMask with Polkadot.js - Refactor lib/wallet.ts: Complete Substrate configuration with asset management - Update TokenSwap.tsx: Add real API integration for balance queries - Update StakingDashboard.tsx: Add blockchain integration placeholders Environment Management: - Update .env with proper security warnings - Update .env.example with comprehensive template - All sensitive data now uses environment variables - Demo mode controllable via VITE_ENABLE_DEMO_MODE flag Security Measures Implemented: ✅ 4-layer protection (gitignore + gitattributes + pre-commit + CI/CD) ✅ Automated secret scanning (TruffleHog + Gitleaks) ✅ Pre-commit hooks prevent accidental commits ✅ CI/CD pipeline validates all PRs ✅ Environment variable validation ✅ Dependency security auditing Breaking Changes: - WalletContext now uses Polkadot.js instead of MetaMask - lib/wallet.ts completely rewritten for Substrate - ASSET_IDs and CHAIN_CONFIG exported from lib/wallet.ts - Demo mode must be explicitly enabled Migration Notes: - Install pre-commit hook: cp .git-hooks/pre-commit.example .git/hooks/pre-commit - Copy environment: cp .env.example .env - Update .env with your credentials - Enable GitHub Actions in repository settings Co-authored-by: Claude <noreply@anthropic.com>
94 lines
2.1 KiB
Plaintext
94 lines
2.1 KiB
Plaintext
# ========================================
|
|
# Git Attributes for PezkuwiChain
|
|
# ========================================
|
|
# Prevents merge conflicts and ensures consistent file handling
|
|
|
|
# ========================================
|
|
# ENVIRONMENT FILES - NO MERGE
|
|
# ========================================
|
|
# Prevent .env files from being merged
|
|
# Always use local version (ours) in case of conflict
|
|
.env merge=ours
|
|
.env.* merge=ours
|
|
|
|
# But allow .env.example to be merged normally
|
|
!.env.example
|
|
|
|
# ========================================
|
|
# SENSITIVE FILES - NO DIFF
|
|
# ========================================
|
|
# Prevent sensitive files from showing diffs
|
|
*.key diff=secret
|
|
*.pem diff=secret
|
|
*.cert diff=secret
|
|
*.p12 diff=secret
|
|
*.pfx diff=secret
|
|
*secret* diff=secret
|
|
*password* diff=secret
|
|
*credential* diff=secret
|
|
|
|
# ========================================
|
|
# LINE ENDINGS
|
|
# ========================================
|
|
# Auto normalize line endings
|
|
* text=auto
|
|
|
|
# Specific file types
|
|
*.js text eol=lf
|
|
*.jsx text eol=lf
|
|
*.ts text eol=lf
|
|
*.tsx text eol=lf
|
|
*.json text eol=lf
|
|
*.md text eol=lf
|
|
*.yml text eol=lf
|
|
*.yaml text eol=lf
|
|
|
|
# Windows batch files
|
|
*.bat text eol=crlf
|
|
*.cmd text eol=crlf
|
|
|
|
# Shell scripts
|
|
*.sh text eol=lf
|
|
|
|
# ========================================
|
|
# BINARY FILES
|
|
# ========================================
|
|
# Mark as binary (no text conversion)
|
|
*.png binary
|
|
*.jpg binary
|
|
*.jpeg binary
|
|
*.gif binary
|
|
*.ico binary
|
|
*.mov binary
|
|
*.mp4 binary
|
|
*.mp3 binary
|
|
*.flv binary
|
|
*.fla binary
|
|
*.swf binary
|
|
*.gz binary
|
|
*.zip binary
|
|
*.7z binary
|
|
*.ttf binary
|
|
*.eot binary
|
|
*.woff binary
|
|
*.woff2 binary
|
|
*.pyc binary
|
|
|
|
# ========================================
|
|
# GENERATED FILES
|
|
# ========================================
|
|
# Mark generated files
|
|
dist/** linguist-generated=true
|
|
build/** linguist-generated=true
|
|
coverage/** linguist-generated=true
|
|
*.min.js linguist-generated=true
|
|
*.min.css linguist-generated=true
|
|
|
|
# ========================================
|
|
# LOCK FILES
|
|
# ========================================
|
|
# Always use local version for lock files in conflicts
|
|
package-lock.json merge=ours
|
|
yarn.lock merge=ours
|
|
pnpm-lock.yaml merge=ours
|