Implement v1.8.0-beta security workspace milestone#54
Conversation
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: bff3c21c5b
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| const findings = [ | ||
| ...delta.opened.map((item) => ({ | ||
| title: `Newly opened port ${item.port}`, | ||
| severity: ["docker", "redis", "mysql", "postgresql", "mongodb", "elasticsearch", "lnd-grpc"].includes(item.service) ? "HIGH" : "MEDIUM", |
There was a problem hiding this comment.
In the watcher path, currentOpenPorts comes straight from portScan; in electron.js the scanner labels services as Docker, Redis, MySQL, PostgreSQL, etc. This lowercase membership test therefore never matches those high-risk openings, so a newly exposed Redis/Docker/database port is reported only as MEDIUM instead of HIGH. Lowercase item.service (or classify by port) before the check.
Useful? React with 👍 / 👎.
| fix_commands: toArray(source.fix_commands || source.hardening_commands), | ||
| verification_commands: toArray(source.verification_commands), | ||
| rollback_commands: toArray(source.rollback_commands).length | ||
| ? toArray(source.rollback_commands) | ||
| : ["No rollback needed for read-only checks."], |
There was a problem hiding this comment.
When a provider returns legacy fields like fix, commands, verification, or rollback without the newer *_commands arrays, these assignments still add empty arrays (and a default rollback) to the normalized result. ProfessionalResult checks fix_commands/verification_commands/rollback_commands first and treats [] as present, so the real fallback fix/verification/rollback text is hidden; for state-changing generated scripts this can incorrectly show no rollback needed.
Useful? React with 👍 / 👎.
1 participant
Implements the v1.8.0-beta security workspace milestone.
Includes:
Validation: