pezkuwichain/pwap
1
0
Fork 0
mirror of https://github.com/pezkuwichain/pwap.git synced 2026-04-21 23:47:56 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
159700eadec7c282511c4aa0f49bbbe27b34c5af
pwap/.gitattributes
T
pezkuwichain 159700eade feat: Add comprehensive GitHub security integration 
Security Infrastructure:
- Add .gitattributes for merge conflict protection and sensitive file handling
- Add SECURITY.md with detailed security policies and procedures
- Add pre-commit hook template for local secret detection
- Add GitHub Actions workflow for automated security scanning
- Add comprehensive documentation for git hooks

Code Security Improvements:
- Fix AuthContext.tsx: Remove hardcoded credentials, use environment variables
- Migrate WalletContext.tsx: Replace Ethereum/MetaMask with Polkadot.js
- Refactor lib/wallet.ts: Complete Substrate configuration with asset management
- Update TokenSwap.tsx: Add real API integration for balance queries
- Update StakingDashboard.tsx: Add blockchain integration placeholders

Environment Management:
- Update .env with proper security warnings
- Update .env.example with comprehensive template
- All sensitive data now uses environment variables
- Demo mode controllable via VITE_ENABLE_DEMO_MODE flag

Security Measures Implemented:
 4-layer protection (gitignore + gitattributes + pre-commit + CI/CD)
 Automated secret scanning (TruffleHog + Gitleaks)
 Pre-commit hooks prevent accidental commits
 CI/CD pipeline validates all PRs
 Environment variable validation
 Dependency security auditing

Breaking Changes:
- WalletContext now uses Polkadot.js instead of MetaMask
- lib/wallet.ts completely rewritten for Substrate
- ASSET_IDs and CHAIN_CONFIG exported from lib/wallet.ts
- Demo mode must be explicitly enabled

Migration Notes:
- Install pre-commit hook: cp .git-hooks/pre-commit.example .git/hooks/pre-commit
- Copy environment: cp .env.example .env
- Update .env with your credentials
- Enable GitHub Actions in repository settings

Co-authored-by: Claude <noreply@anthropic.com>
2025-10-28 21:48:48 +03:00

94 lines
2.1 KiB
Plaintext
Raw Blame History

# ========================================
# Git Attributes for PezkuwiChain
# ========================================
# Prevents merge conflicts and ensures consistent file handling
# ========================================
# ENVIRONMENT FILES - NO MERGE
# ========================================
# Prevent .env files from being merged
# Always use local version (ours) in case of conflict
.env merge=ours
.env.* merge=ours
# But allow .env.example to be merged normally
!.env.example
# ========================================
# SENSITIVE FILES - NO DIFF
# ========================================
# Prevent sensitive files from showing diffs
*.key diff=secret
*.pem diff=secret
*.cert diff=secret
*.p12 diff=secret
*.pfx diff=secret
*secret* diff=secret
*password* diff=secret
*credential* diff=secret
# ========================================
# LINE ENDINGS
# ========================================
# Auto normalize line endings
* text=auto
# Specific file types
*.js text eol=lf
*.jsx text eol=lf
*.ts text eol=lf
*.tsx text eol=lf
*.json text eol=lf
*.md text eol=lf
*.yml text eol=lf
*.yaml text eol=lf
# Windows batch files
*.bat text eol=crlf
*.cmd text eol=crlf
# Shell scripts
*.sh text eol=lf
# ========================================
# BINARY FILES
# ========================================
# Mark as binary (no text conversion)
*.png binary
*.jpg binary
*.jpeg binary
*.gif binary
*.ico binary
*.mov binary
*.mp4 binary
*.mp3 binary
*.flv binary
*.fla binary
*.swf binary
*.gz binary
*.zip binary
*.7z binary
*.ttf binary
*.eot binary
*.woff binary
*.woff2 binary
*.pyc binary
# ========================================
# GENERATED FILES
# ========================================
# Mark generated files
dist/** linguist-generated=true
build/** linguist-generated=true
coverage/** linguist-generated=true
*.min.js linguist-generated=true
*.min.css linguist-generated=true
# ========================================
# LOCK FILES
# ========================================
# Always use local version for lock files in conflicts
package-lock.json merge=ours
yarn.lock merge=ours
pnpm-lock.yaml merge=ours
Reference in New Issue View Git Blame Copy Permalink