zhuyuan-bot
|
64af2c4d86
|
🛰️ [Sky-Eye Audit] credential audit report [skip ci]
|
2026-03-25 14:57:54 +00:00 |
zhuyuan-bot
|
0d807036af
|
🛰️ [Sky-Eye Audit] credential audit report [skip ci]
|
2026-03-24 14:56:55 +00:00 |
copilot-swe-agent[bot]
|
c3c5cc15ed
|
🔐 guanghu-token 审计报告: MAIN_REPO_TOKEN 为主要对应 Secret
Phase 1: 排查出 3 个跨仓库令牌 Secret
- MAIN_REPO_TOKEN (federation-bridge + pull-sync-awen) ← guanghu-token
- CROSS_REPO_TOKEN (sync-persona-studio)
- DEPLOY_GITHUB_TOKEN (auto-deploy-drive-bridge)
Phase 4: 安全扫描通过,无硬编码令牌
Co-authored-by: qinfendebingshuo <207279273+qinfendebingshuo@users.noreply.github.com>
Agent-Logs-Url: https://github.com/qinfendebingshuo/guanghulab/sessions/84d6adce-4251-49c6-8413-d574395bef59
|
2026-03-24 07:47:30 +00:00 |
copilot-swe-agent[bot]
|
6d493042c5
|
🛰️ [Sky-Eye Audit] credential validation, hardened error handling, audit workflow
- Add credential-validator.js: reusable JSON structure validator for service account keys
- Add credential-audit.js: full sky-eye audit (credential + dependency scan + YAML check)
- Add skyeye-credential-audit.yml: daily audit workflow
- Harden sync-to-drive.js: use validator with diagnostic reporting
- Harden tcs-semantic-landing.js: add try-catch to buildAuth()
- Harden deploy-drive-bridge.js: add try-catch with receipt writing
- Enhance sync-repo-to-drive.yml: add JSON validation before rclone config
- Enhance self-healer.js: add credential validation + System_Logs directory
- Create System_Logs/ directory for audit reports
Co-authored-by: qinfendebingshuo <207279273+qinfendebingshuo@users.noreply.github.com>
Agent-Logs-Url: https://github.com/qinfendebingshuo/guanghulab/sessions/8bc25538-ab95-4520-a72b-ff0d8405c7c7
|
2026-03-24 02:12:50 +00:00 |