Pre main dev #125

bvtmsr · 2025-04-18T16:08:04Z

Canvas nesting, UI changes

* adding new login route * adding vscode settings file for auto-complete and adding AddOrLoadProject Section

* adding add new project form * addind add new project form and respective validations

Adding Feature: Login page and User Flow

…overage Add coverage and Cypress configuration files

Feat/adding api

Signed-off-by: Pavan Chindukuri <[email protected]>

Feat/debounce

Feat/revamp

updating read me

Signed-off-by: Chandu Paladugu <[email protected]>

Update devcontainer.json - removed github copilot from vscode extensions list

Signed-off-by: Chandu Paladugu <[email protected]>

…egistry, corrected jackspeak version declaration

dryrunsecurity · 2025-04-18T16:09:58Z

This pull request contains multiple security vulnerabilities, including unencrypted HTTP usage, insecure CORS configuration, WebSocket security concerns, and potential information disclosure risks that could expose the system to unauthorized access and data interception.

💭 Unconfirmed Findings (5)

Vulnerability	HTTP Usage Vulnerability
Description	Critical security issue found in .env file where all URLs use unencrypted HTTP protocol instead of HTTPS, exposing network traffic to potential man-in-the-middle attacks and data interception.

Vulnerability	CORS Configuration Risk
Description	High severity security risk in configuration documentation using wildcard (*) for CORS origins, which allows unrestricted cross-origin access and potentially exposes the server to unauthorized requests.

Vulnerability	Insecure Base URL
Description	Low severity issue in cypress.config.ts using http://localhost:3000 instead of https://, representing an insecure connection protocol not suitable for production environments.

Vulnerability	WebSocket Security Concerns
Description	Multiple security vulnerabilities in WebSocket configuration including lack of explicit authentication, potential command injection risks in terminal process spawning, and overly broad permissions for terminal session creation.

Vulnerability	Potential Information Disclosure
Description	Security risk where multiple documentation files reveal internal project structure, dependencies, and configuration details that could assist potential attackers in understanding the system's architecture.

All finding details can be found in the DryRun Security Dashboard.

…ve the button from UI

pavan-intelops and others added 30 commits January 18, 2024 15:53

fixing bugs and modals issue and nested css issue

5046b88

adding multiple node types

61fe478

adding git platforms section

1b6dd55

masking git personal access token

612b462

Login page (intelops#3)

8290b9a

* adding new login route * adding vscode settings file for auto-complete and adding AddOrLoadProject Section

Feat/add load project (intelops#4)

cd8f3ec

* adding add new project form * addind add new project form and respective validations

adding env.local and adding checks for the env variables

19ed5fe

adding useMutation hooks to post the user to backend

ea364e6

Add coverage and Cypress configuration files

78ce9c6

Merge pull request intelops#30 from pavan-intelops/main

a3d1d13

Adding Feature: Login page and User Flow

Merge pull request intelops#5 from pavan-intelops/feat/cypress-code-c…

02825d5

…overage Add coverage and Cypress configuration files

Merge remote-tracking branch 'origin' into feat/adding-api

99c2ca9

Merge pull request intelops#6 from pavan-intelops/feat/adding-api

a935cc0

Feat/adding api

ci: add .deepsource.toml

14cbfab

Merge remote-tracking branch 'origin' into feat/adding-api

5ae69e6

Signed-off-by: Pavan Chindukuri <[email protected]>

integrating api for git platforms

9b42dba

adding git platform CRUD apis

285733c

finishing git operations api integration

bff3f57

Adding project operations api

3cd60b7

adding post and get projects api and changing in eslint config

ae7ed7e

Merge branch 'intelops:main' into main

e106ab2

adding Creating and Querying projects functionality

b3306bf

adding breadcrumbs and updating zustand store

b1f3af3

adding delete project feature

5c34280

adding save button to save the diagram

8f99cb7

Merge branch 'feat/adding-api'

ade1da6

adding debounce

4149ccd

fix

4f3d67b

Merge pull request intelops#9 from pavan-intelops/feat/debounce

df125e6

Feat/debounce

fixing deepsource issues

14181a2

pavan-intelops and others added 23 commits June 17, 2024 13:18

adding mock llm server and streaming the data in frontend

245a528

setting up base layout and tab nesting and data structure

d64eb5f

adding summary panel and backend server

aaacc7b

building re-usable node status box

ecb8636

adding streaming node boxes

99b78a0

Merge pull request intelops#101 from pavan-intelops/feat/revamp

d1b966e

Feat/revamp

updating read me

3f94e1e

Merge pull request intelops#102 from pavan-intelops/feat/revamp

f88497d

updating read me

Update devcontainer.json

54a9b86

Signed-off-by: Chandu Paladugu <[email protected]>

Merge pull request intelops#103 from intelops/devopstoday11-patch-1

739374e

Update devcontainer.json - removed github copilot from vscode extensions list

Update dependabot.yml

2e914dc

Signed-off-by: Chandu Paladugu <[email protected]>

added settings, removed extension

98bd088

updated whole dockerfile with alpine and installed necessary packages

f8b5ed8

added license details, updated xterm registry to its latest package r…

3f4f138

…egistry, corrected jackspeak version declaration

small space update

b1a35d7

added node-gyp to the list

f57a6d0

updated xterm import to point to latest xterm package registry

dc7bf4f

new test run updates done with new dockerfile and devcontainer json

a700680

added vite installation

3c4a43f

added shebang line at the top

8848426

updated license details in package.json file

8ef2cc9

adjusted the packages versions and some packages to test

d490f46

updated vite install command

82ed523

bvtmsr and others added 6 commits April 18, 2025 21:57

Merge branch 'intelops:main' into pre-main-dev

f6112e6

Project Docs

70f48de

Canvas nesting, Profile UI and Node shapes UI changes

59d616f

Dark/Light mode button toogle Theme from UI Code is commented to remo…

87fb5f3

…ve the button from UI

Removed unnessory Folders and Files

ad9b569

Dark/Light mode button toogle Theme from UI Code is commented to remo…

84f5a2f

…ve the button from UI

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Pre main dev #125

Pre main dev #125

Uh oh!

bvtmsr commented Apr 18, 2025 •

edited

Loading

Uh oh!

dryrunsecurity bot commented Apr 18, 2025 •

edited

Loading

Uh oh!

Uh oh!

Pre main dev #125

Are you sure you want to change the base?

Pre main dev #125

Uh oh!

Conversation

bvtmsr commented Apr 18, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

dryrunsecurity bot commented Apr 18, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Uh oh!

bvtmsr commented Apr 18, 2025 •

edited

Loading

dryrunsecurity bot commented Apr 18, 2025 •

edited

Loading