sarman/tftsr-devops_investigation
1
0
Fork 0
Code Issues 1 Pull Requests Actions 34 Packages Projects 3 Releases 9 Wiki Activity
63a055d4fe
tftsr-devops_investigation/src-tauri/capabilities/default.json
Shaun Arman 93d396bde3
All checks were successful
Test / frontend-tests (pull_request) Successful in 56s
Details
Test / frontend-typecheck (pull_request) Successful in 1m4s
Details
Test / rust-fmt-check (pull_request) Successful in 2m50s
Details
Test / rust-clippy (pull_request) Successful in 27m48s
Details
Test / rust-tests (pull_request) Successful in 29m52s
Details
chore: add MIT license, security hardening, and repo hygiene 
License:
- Add MIT LICENSE file (Copyright 2025 Shaun Arman)
- Add MIT badge and Support/Buy-Me-A-Coffee section to README
- Update license section from private to MIT with attribution note

Security (from pre-release audit):
- Remove unscoped fs:allow-read and fs:allow-write from Tauri capabilities
  (H5: unscoped fs permissions undermined filesystem sandboxing; the
  scoped app/temp variants already cover all required paths)
- Add SECURITY_AUDIT.md to .gitignore

Repo hygiene:
- Untrack src-tauri/target/ (6347 build artifacts that should never
  have been committed; .gitignore already listed the path)
- Update .gitignore: remove vendor-specific filenames, replace with
  generic internal-doc patterns (TICKET_*.md, ~$*.docx, etc.)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-07 12:50:13 -05:00

29 lines
784 B
JSON
Raw Blame History

{
"$schema": "../node_modules/@tauri-apps/cli/schema/acl-schema.json",
"identifier": "default",
"description": "Default capabilities for TFTSR — least-privilege",
"windows": ["main"],
"permissions": [
"core:path:default",
"core:event:default",
"core:window:default",
"core:app:default",
"core:resources:default",
"core:menu:default",
"core:tray:default",
"dialog:allow-open",
"dialog:allow-save",
"fs:allow-read-text-file",
"fs:allow-write-text-file",
"fs:allow-mkdir",
"fs:allow-app-read-recursive",
"fs:allow-app-write-recursive",
"fs:allow-temp-read-recursive",
"fs:allow-temp-write-recursive",
"fs:scope-app-recursive",
"fs:scope-temp-recursive",
"shell:allow-open",
"http:default"
]
}
Reference in New Issue View Git Blame Copy Permalink