pdm/security-tools
Public Access
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
17 Commits 1 Branch 0 Tags
d9b4592c506393020497bd64b89db3b2f068c82f
Commit Graph

17 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
pdmarf
d9b4592c50 Fix setup.sh to print only current run of npm sudo config audit 
Use tee -a instead of redirect + cat, so only the current run's output
is shown rather than the entire accumulated daily log.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-18 16:37:32 +01:00
pdmarf
72a8f37290 Add check-npm-sudo-config docs and print audit log on setup 
- README: add Scripts section explaining what check-npm-sudo-config.sh
  does, what it checks, and that it is audit-only
- setup.sh: print check-npm-sudo-config log to terminal after initial scan

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-18 16:32:34 +01:00
pdmarf
4eee88a004 Add file logging to check-npm-sudo-config.sh v1.0 2026-04-18 10:07:29 +01:00
pdmarf
d2a0a0f4cc Remove committed logs and ignore all *.log files 2026-04-18 09:58:39 +01:00
pdmarf
94437506fa npm config checker 2026-04-18 09:57:36 +01:00
pdm
080073a7d7 Add npm sudo config audit script 
Checks npm prefix ownership, PATH wiring, cache ownership, shell history
for sudo npm usage, and n/nvm version manager config. Runs daily at 08:10
via cron and on initial setup.sh run.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-18 08:47:32 +00:00
pdmarf
dc299e4262 Only send Telegram alert for critical issues, not warnings 2026-04-17 22:58:14 +01:00
pdmarf
9b35a0b338 Ignore own process in root Node process check 2026-04-17 22:55:36 +01:00
pdmarf
75e1957a26 Add public Gitea URL for non-Tailscale installs 2026-04-17 22:54:51 +01:00
pdmarf
537676801f Add git install instruction for fresh LXC/VM 2026-04-17 22:48:14 +01:00
pdmarf
584257bbef Run all scripts on initial setup 2026-04-17 22:41:02 +01:00
pdmarf
741bb7987f Add setup, activation and update instructions to README 2026-04-17 22:30:20 +01:00
pdmarf
3263790760 Store logs in logs/ folder with 60 day retention 
- Logs go to logs/YYYYMMDD.log per script per day
- Cleanup cron runs at 09:00 daily, deletes logs older than 60 days
- logs/ gitignored
 2026-04-17 22:29:46 +01:00
pdmarf
5d7ac62617 Add Telegram alerts, setup script, and cron registration 
- setup.sh: run once after cloning to configure credentials and register cron jobs
- config.sh gitignored so credentials never enter the repo
- Both scripts notify Telegram on issues/warnings, including hostname
- Cron runs npm-security-check at 08:00 and check-nextjs-rce at 08:05 daily
 2026-04-17 22:11:58 +01:00
pdmarf
130f4f4a34 Add clone instructions to README 2026-04-17 21:53:09 +01:00
pdmarf
2ea06aff70 Add README with Claude Code context path 
Documents the macOS working directory and how to resume Claude Code sessions.
 2026-04-17 21:52:15 +01:00
pdmarf
93b02d0124 Initial commit: consolidate security scripts 
Bring in check-nextjs-rce.sh and README-scanner.md from existing Gitea repo,
plus npm-security-check.sh from local bin/security.
 2026-04-17 21:51:27 +01:00