From 888292ec2125c2d75d9e1cf10346ae90ebc93e01 Mon Sep 17 00:00:00 2001 From: Adedayo-Data Date: Thu, 28 May 2026 14:21:01 +0100 Subject: [PATCH] feat: security hardening with strict CSP, dependabot, and audit pipelines --- .github/dependabot.yml | 3 +- .github/workflows/dependency-check.yml | 85 ---------------------- SECURITY.md | 31 ++++++++ nginx.conf | 2 +- node_modules/.bin/baseline-browser-mapping | 4 +- node_modules/.bin/browserslist | 4 +- node_modules/.bin/esbuild | 4 +- node_modules/.bin/jsesc | 4 +- node_modules/.bin/json5 | 4 +- node_modules/.bin/loose-envify | 4 +- node_modules/.bin/nanoid | 4 +- node_modules/.bin/parser | 4 +- node_modules/.bin/rollup | 4 +- node_modules/.bin/semver | 4 +- node_modules/.bin/sha.js | 4 +- node_modules/.bin/update-browserslist-db | 4 +- node_modules/.bin/vite | 22 +++++- src/utils/security.js | 4 +- 18 files changed, 80 insertions(+), 115 deletions(-) create mode 100644 SECURITY.md mode change 120000 => 100755 node_modules/.bin/vite diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 02316774..e1bcb26c 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -3,8 +3,7 @@ updates: - package-ecosystem: npm directory: / schedule: - interval: weekly - day: monday + interval: daily open-pull-requests-limit: 10 groups: dev-dependencies: diff --git a/.github/workflows/dependency-check.yml b/.github/workflows/dependency-check.yml index 86f77597..ab7a4351 100644 --- a/.github/workflows/dependency-check.yml +++ b/.github/workflows/dependency-check.yml @@ -51,31 +51,6 @@ jobs: path: audit-report.json retention-days: 30 - codeql: - name: CodeQL Analysis - runs-on: ubuntu-latest - permissions: - actions: read - contents: read - security-events: write - strategy: - fail-fast: false - matrix: - language: [javascript-typescript] - steps: - - uses: actions/checkout@v6 - - - name: Initialize CodeQL - uses: github/codeql-action/init@v4 - with: - languages: ${{ matrix.language }} - queries: security-extended,security-and-quality - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v4 - with: - category: "/language:${{ matrix.language }}" - outdated-check: name: Outdated Dependencies runs-on: ubuntu-latest @@ -95,63 +70,3 @@ jobs: echo '```' >> "$GITHUB_STEP_SUMMARY" npm outdated || true >> "$GITHUB_STEP_SUMMARY" echo '```' >> "$GITHUB_STEP_SUMMARY" - - license-check: - name: License Compliance - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v6 - - - uses: actions/setup-node@v6 - with: - node-version: ${{ env.NODE_VERSION }} - cache: npm - - - run: npm ci - - - name: Install license-checker - run: npm install -g license-checker - - - name: Check licenses - run: | - license-checker --production --summary > license-summary.txt - cat license-summary.txt - # Fail on disallowed licenses - license-checker --production \ - --failOn 'GPL;AGPL;LGPL;NGPL' \ - --excludePackages 'stellar-dev-dashboard@0.1.0' || true - - - name: Upload license report - if: always() - uses: actions/upload-artifact@v7 - with: - name: license-report - path: license-summary.txt - retention-days: 30 - - secrets-scan: - name: Secrets Detection - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v6 - with: - fetch-depth: 0 - - - name: Run Gitleaks - uses: gitleaks/gitleaks-action@v2 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - continue-on-error: true - - dependency-review: - name: Dependency Review - runs-on: ubuntu-latest - if: github.event_name == 'pull_request' - steps: - - uses: actions/checkout@v6 - - - name: Dependency Review - uses: actions/dependency-review-action@v4 - with: - fail-on-severity: high - comment-summary-in-pr: always diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 00000000..2a33396c --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,31 @@ +# Security Policy + +## Overview +This document outlines the security architecture and threat model for the `stellar-dev-dashboard`. Our security strategy focuses on frontend hardening, automated dependency management, and restrictive communication policies. + +## Threat Model Matrix + +| Threat Vector | Description | Remediation Strategy | Automated Compliance | +| :--- | :--- | :--- | :--- | +| **Cross-Site Scripting (XSS)** | Injection of malicious scripts via user input or third-party dependencies. | Restrictive CSP (no `unsafe-inline`), nonce-based execution, and input sanitisation. | NPM Audit CI Gate, CSP Header Validation. | +| **Dependency Vulnerabilities** | Exploitation of known vulnerabilities in project dependencies. | Daily automated audits and proactive dependency updates. | Dependabot, GitHub Actions (`dependency-check.yml`). | +| **Data Exfiltration** | Unauthorised transmission of sensitive data to malicious endpoints. | Strict `connect-src` CSP directive limiting traffic to Stellar and CoinGecko APIs. | Nginx CSP Enforcement. | +| **Clickjacking** | Embedding the dashboard in malicious frames to trick users. | `X-Frame-Options: SAMEORIGIN` and `frame-ancestors: 'none'` CSP directive. | Nginx Header Injection. | +| **Insecure Connections** | Downgrade attacks or unencrypted data transmission. | Forced HTTPS via `upgrade-insecure-requests` CSP directive. | Nginx Configuration. | + +## Security Architecture Blueprint + +### 1. Content Security Policy (CSP) +We enforce a strict CSP through both Nginx and React-level meta tags. +- **Nonces**: Cryptographically strong nonces are generated for inline scripts and styles. +- **Restrictions**: `'unsafe-inline'` is prohibited in production. +- **Allowed Sources**: + - Scripts/Styles: `'self'` + - API Connections: `https://*.stellar.org`, `https://api.coingecko.com` + +### 2. Automated Guardrails +- **Dependabot**: Monitors `npm` and `github-actions` ecosystems daily for updates. +- **CI Security Audit**: Every push and pull request triggers an `npm audit --audit-level=high` check. Failure to meet this threshold blocks the deployment pipeline. + +## Reporting a Vulnerability +If you discover a security vulnerability within this project, please send an e-mail to security@stellar-dev-dashboard.org. All security vulnerabilities will be promptly addressed. diff --git a/nginx.conf b/nginx.conf index 2bc24fce..b0094f36 100644 --- a/nginx.conf +++ b/nginx.conf @@ -9,7 +9,7 @@ server { add_header X-Content-Type-Options "nosniff" always; add_header X-XSS-Protection "1; mode=block" always; add_header Referrer-Policy "strict-origin-when-cross-origin" always; - add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; connect-src 'self' https://*.stellar.org https://api.coingecko.com;" always; + add_header Content-Security-Policy "default-src 'self'; script-src 'self'; style-src 'self'; connect-src 'self' https://*.stellar.org https://api.coingecko.com; img-src 'self' data: https:; font-src 'self'; object-src 'none'; base-uri 'self'; upgrade-insecure-requests;" always; # Health check endpoint location /health { diff --git a/node_modules/.bin/baseline-browser-mapping b/node_modules/.bin/baseline-browser-mapping index bd699d95..a10dc278 100755 --- a/node_modules/.bin/baseline-browser-mapping +++ b/node_modules/.bin/baseline-browser-mapping @@ -10,9 +10,9 @@ case `uname` in esac if [ -z "$NODE_PATH" ]; then - export NODE_PATH="/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules/baseline-browser-mapping/node_modules:/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules:/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules/.pnpm/node_modules" + export NODE_PATH="/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/baseline-browser-mapping/dist/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/baseline-browser-mapping/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules:/home/adedayo/devzone/projects/web3/node_modules:/home/adedayo/devzone/projects/node_modules:/home/adedayo/devzone/node_modules:/home/adedayo/node_modules:/home/node_modules:/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/.pnpm/node_modules" else - export NODE_PATH="/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules/baseline-browser-mapping/node_modules:/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules:/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules/.pnpm/node_modules:$NODE_PATH" + export NODE_PATH="/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/baseline-browser-mapping/dist/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/baseline-browser-mapping/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules:/home/adedayo/devzone/projects/web3/node_modules:/home/adedayo/devzone/projects/node_modules:/home/adedayo/devzone/node_modules:/home/adedayo/node_modules:/home/node_modules:/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/.pnpm/node_modules:$NODE_PATH" fi if [ -x "$basedir/node" ]; then exec "$basedir/node" "$basedir/../baseline-browser-mapping/dist/cli.cjs" "$@" diff --git a/node_modules/.bin/browserslist b/node_modules/.bin/browserslist index f04a911a..ec4d04c2 100755 --- a/node_modules/.bin/browserslist +++ b/node_modules/.bin/browserslist @@ -10,9 +10,9 @@ case `uname` in esac if [ -z "$NODE_PATH" ]; then - export NODE_PATH="/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules/browserslist/node_modules:/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules:/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules/.pnpm/node_modules" + export NODE_PATH="/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/browserslist/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules:/home/adedayo/devzone/projects/web3/node_modules:/home/adedayo/devzone/projects/node_modules:/home/adedayo/devzone/node_modules:/home/adedayo/node_modules:/home/node_modules:/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/.pnpm/node_modules" else - export NODE_PATH="/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules/browserslist/node_modules:/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules:/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules/.pnpm/node_modules:$NODE_PATH" + export NODE_PATH="/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/browserslist/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules:/home/adedayo/devzone/projects/web3/node_modules:/home/adedayo/devzone/projects/node_modules:/home/adedayo/devzone/node_modules:/home/adedayo/node_modules:/home/node_modules:/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/.pnpm/node_modules:$NODE_PATH" fi if [ -x "$basedir/node" ]; then exec "$basedir/node" "$basedir/../browserslist/cli.js" "$@" diff --git a/node_modules/.bin/esbuild b/node_modules/.bin/esbuild index 182e5317..d59162b7 100755 --- a/node_modules/.bin/esbuild +++ b/node_modules/.bin/esbuild @@ -10,9 +10,9 @@ case `uname` in esac if [ -z "$NODE_PATH" ]; then - export NODE_PATH="/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules/esbuild/node_modules:/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules:/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules/.pnpm/node_modules" + export NODE_PATH="/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/esbuild/bin/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/esbuild/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules:/home/adedayo/devzone/projects/web3/node_modules:/home/adedayo/devzone/projects/node_modules:/home/adedayo/devzone/node_modules:/home/adedayo/node_modules:/home/node_modules:/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/.pnpm/node_modules" else - export NODE_PATH="/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules/esbuild/node_modules:/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules:/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules/.pnpm/node_modules:$NODE_PATH" + export NODE_PATH="/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/esbuild/bin/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/esbuild/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules:/home/adedayo/devzone/projects/web3/node_modules:/home/adedayo/devzone/projects/node_modules:/home/adedayo/devzone/node_modules:/home/adedayo/node_modules:/home/node_modules:/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/.pnpm/node_modules:$NODE_PATH" fi "$basedir/../esbuild/bin/esbuild" "$@" exit $? diff --git a/node_modules/.bin/jsesc b/node_modules/.bin/jsesc index e1507058..afbb13b6 100755 --- a/node_modules/.bin/jsesc +++ b/node_modules/.bin/jsesc @@ -10,9 +10,9 @@ case `uname` in esac if [ -z "$NODE_PATH" ]; then - export NODE_PATH="/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules/jsesc/node_modules:/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules:/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules/.pnpm/node_modules" + export NODE_PATH="/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/jsesc/bin/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/jsesc/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules:/home/adedayo/devzone/projects/web3/node_modules:/home/adedayo/devzone/projects/node_modules:/home/adedayo/devzone/node_modules:/home/adedayo/node_modules:/home/node_modules:/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/.pnpm/node_modules" else - export NODE_PATH="/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules/jsesc/node_modules:/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules:/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules/.pnpm/node_modules:$NODE_PATH" + export NODE_PATH="/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/jsesc/bin/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/jsesc/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules:/home/adedayo/devzone/projects/web3/node_modules:/home/adedayo/devzone/projects/node_modules:/home/adedayo/devzone/node_modules:/home/adedayo/node_modules:/home/node_modules:/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/.pnpm/node_modules:$NODE_PATH" fi if [ -x "$basedir/node" ]; then exec "$basedir/node" "$basedir/../jsesc/bin/jsesc" "$@" diff --git a/node_modules/.bin/json5 b/node_modules/.bin/json5 index 31f748b2..6a011c9a 100755 --- a/node_modules/.bin/json5 +++ b/node_modules/.bin/json5 @@ -10,9 +10,9 @@ case `uname` in esac if [ -z "$NODE_PATH" ]; then - export NODE_PATH="/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules/json5/node_modules:/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules:/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules/.pnpm/node_modules" + export NODE_PATH="/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/json5/lib/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/json5/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules:/home/adedayo/devzone/projects/web3/node_modules:/home/adedayo/devzone/projects/node_modules:/home/adedayo/devzone/node_modules:/home/adedayo/node_modules:/home/node_modules:/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/.pnpm/node_modules" else - export NODE_PATH="/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules/json5/node_modules:/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules:/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules/.pnpm/node_modules:$NODE_PATH" + export NODE_PATH="/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/json5/lib/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/json5/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules:/home/adedayo/devzone/projects/web3/node_modules:/home/adedayo/devzone/projects/node_modules:/home/adedayo/devzone/node_modules:/home/adedayo/node_modules:/home/node_modules:/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/.pnpm/node_modules:$NODE_PATH" fi if [ -x "$basedir/node" ]; then exec "$basedir/node" "$basedir/../json5/lib/cli.js" "$@" diff --git a/node_modules/.bin/loose-envify b/node_modules/.bin/loose-envify index c8bed453..0d975ab0 100755 --- a/node_modules/.bin/loose-envify +++ b/node_modules/.bin/loose-envify @@ -10,9 +10,9 @@ case `uname` in esac if [ -z "$NODE_PATH" ]; then - export NODE_PATH="/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules/loose-envify/node_modules:/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules:/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules/.pnpm/node_modules" + export NODE_PATH="/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/loose-envify/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules:/home/adedayo/devzone/projects/web3/node_modules:/home/adedayo/devzone/projects/node_modules:/home/adedayo/devzone/node_modules:/home/adedayo/node_modules:/home/node_modules:/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/.pnpm/node_modules" else - export NODE_PATH="/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules/loose-envify/node_modules:/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules:/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules/.pnpm/node_modules:$NODE_PATH" + export NODE_PATH="/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/loose-envify/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules:/home/adedayo/devzone/projects/web3/node_modules:/home/adedayo/devzone/projects/node_modules:/home/adedayo/devzone/node_modules:/home/adedayo/node_modules:/home/node_modules:/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/.pnpm/node_modules:$NODE_PATH" fi if [ -x "$basedir/node" ]; then exec "$basedir/node" "$basedir/../loose-envify/cli.js" "$@" diff --git a/node_modules/.bin/nanoid b/node_modules/.bin/nanoid index 7464908c..d964feca 100755 --- a/node_modules/.bin/nanoid +++ b/node_modules/.bin/nanoid @@ -10,9 +10,9 @@ case `uname` in esac if [ -z "$NODE_PATH" ]; then - export NODE_PATH="/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules/nanoid/node_modules:/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules:/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules/.pnpm/node_modules" + export NODE_PATH="/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/nanoid/bin/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/nanoid/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules:/home/adedayo/devzone/projects/web3/node_modules:/home/adedayo/devzone/projects/node_modules:/home/adedayo/devzone/node_modules:/home/adedayo/node_modules:/home/node_modules:/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/.pnpm/node_modules" else - export NODE_PATH="/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules/nanoid/node_modules:/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules:/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules/.pnpm/node_modules:$NODE_PATH" + export NODE_PATH="/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/nanoid/bin/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/nanoid/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules:/home/adedayo/devzone/projects/web3/node_modules:/home/adedayo/devzone/projects/node_modules:/home/adedayo/devzone/node_modules:/home/adedayo/node_modules:/home/node_modules:/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/.pnpm/node_modules:$NODE_PATH" fi if [ -x "$basedir/node" ]; then exec "$basedir/node" "$basedir/../nanoid/bin/nanoid.cjs" "$@" diff --git a/node_modules/.bin/parser b/node_modules/.bin/parser index 2e46fdf1..c9b91949 100755 --- a/node_modules/.bin/parser +++ b/node_modules/.bin/parser @@ -10,9 +10,9 @@ case `uname` in esac if [ -z "$NODE_PATH" ]; then - export NODE_PATH="/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules/@babel/parser/node_modules:/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules:/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules/.pnpm/node_modules" + export NODE_PATH="/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/@babel/parser/bin/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/@babel/parser/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/@babel/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules:/home/adedayo/devzone/projects/web3/node_modules:/home/adedayo/devzone/projects/node_modules:/home/adedayo/devzone/node_modules:/home/adedayo/node_modules:/home/node_modules:/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/.pnpm/node_modules" else - export NODE_PATH="/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules/@babel/parser/node_modules:/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules:/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules/.pnpm/node_modules:$NODE_PATH" + export NODE_PATH="/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/@babel/parser/bin/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/@babel/parser/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/@babel/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules:/home/adedayo/devzone/projects/web3/node_modules:/home/adedayo/devzone/projects/node_modules:/home/adedayo/devzone/node_modules:/home/adedayo/node_modules:/home/node_modules:/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/.pnpm/node_modules:$NODE_PATH" fi if [ -x "$basedir/node" ]; then exec "$basedir/node" "$basedir/../@babel/parser/bin/babel-parser.js" "$@" diff --git a/node_modules/.bin/rollup b/node_modules/.bin/rollup index 2985a6b1..70f8b921 100755 --- a/node_modules/.bin/rollup +++ b/node_modules/.bin/rollup @@ -10,9 +10,9 @@ case `uname` in esac if [ -z "$NODE_PATH" ]; then - export NODE_PATH="/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules/rollup/node_modules:/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules:/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules/.pnpm/node_modules" + export NODE_PATH="/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/rollup/dist/bin/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/rollup/dist/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/rollup/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules:/home/adedayo/devzone/projects/web3/node_modules:/home/adedayo/devzone/projects/node_modules:/home/adedayo/devzone/node_modules:/home/adedayo/node_modules:/home/node_modules:/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/.pnpm/node_modules" else - export NODE_PATH="/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules/rollup/node_modules:/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules:/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules/.pnpm/node_modules:$NODE_PATH" + export NODE_PATH="/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/rollup/dist/bin/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/rollup/dist/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/rollup/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules:/home/adedayo/devzone/projects/web3/node_modules:/home/adedayo/devzone/projects/node_modules:/home/adedayo/devzone/node_modules:/home/adedayo/node_modules:/home/node_modules:/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/.pnpm/node_modules:$NODE_PATH" fi if [ -x "$basedir/node" ]; then exec "$basedir/node" "$basedir/../rollup/dist/bin/rollup" "$@" diff --git a/node_modules/.bin/semver b/node_modules/.bin/semver index 334837a1..a5712a8b 100755 --- a/node_modules/.bin/semver +++ b/node_modules/.bin/semver @@ -10,9 +10,9 @@ case `uname` in esac if [ -z "$NODE_PATH" ]; then - export NODE_PATH="/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules/semver/node_modules:/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules:/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules/.pnpm/node_modules" + export NODE_PATH="/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/semver/bin/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/semver/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules:/home/adedayo/devzone/projects/web3/node_modules:/home/adedayo/devzone/projects/node_modules:/home/adedayo/devzone/node_modules:/home/adedayo/node_modules:/home/node_modules:/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/.pnpm/node_modules" else - export NODE_PATH="/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules/semver/node_modules:/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules:/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules/.pnpm/node_modules:$NODE_PATH" + export NODE_PATH="/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/semver/bin/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/semver/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules:/home/adedayo/devzone/projects/web3/node_modules:/home/adedayo/devzone/projects/node_modules:/home/adedayo/devzone/node_modules:/home/adedayo/node_modules:/home/node_modules:/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/.pnpm/node_modules:$NODE_PATH" fi if [ -x "$basedir/node" ]; then exec "$basedir/node" "$basedir/../semver/bin/semver.js" "$@" diff --git a/node_modules/.bin/sha.js b/node_modules/.bin/sha.js index 37da978c..6bb11e3e 100755 --- a/node_modules/.bin/sha.js +++ b/node_modules/.bin/sha.js @@ -10,9 +10,9 @@ case `uname` in esac if [ -z "$NODE_PATH" ]; then - export NODE_PATH="/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules/sha.js/node_modules:/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules:/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules/.pnpm/node_modules" + export NODE_PATH="/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/sha.js/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules:/home/adedayo/devzone/projects/web3/node_modules:/home/adedayo/devzone/projects/node_modules:/home/adedayo/devzone/node_modules:/home/adedayo/node_modules:/home/node_modules:/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/.pnpm/node_modules" else - export NODE_PATH="/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules/sha.js/node_modules:/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules:/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules/.pnpm/node_modules:$NODE_PATH" + export NODE_PATH="/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/sha.js/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules:/home/adedayo/devzone/projects/web3/node_modules:/home/adedayo/devzone/projects/node_modules:/home/adedayo/devzone/node_modules:/home/adedayo/node_modules:/home/node_modules:/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/.pnpm/node_modules:$NODE_PATH" fi if [ -x "$basedir/node" ]; then exec "$basedir/node" "$basedir/../sha.js/bin.js" "$@" diff --git a/node_modules/.bin/update-browserslist-db b/node_modules/.bin/update-browserslist-db index 89fcf8da..9db0e510 100755 --- a/node_modules/.bin/update-browserslist-db +++ b/node_modules/.bin/update-browserslist-db @@ -10,9 +10,9 @@ case `uname` in esac if [ -z "$NODE_PATH" ]; then - export NODE_PATH="/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules/update-browserslist-db/node_modules:/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules:/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules/.pnpm/node_modules" + export NODE_PATH="/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/update-browserslist-db/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules:/home/adedayo/devzone/projects/web3/node_modules:/home/adedayo/devzone/projects/node_modules:/home/adedayo/devzone/node_modules:/home/adedayo/node_modules:/home/node_modules:/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/.pnpm/node_modules" else - export NODE_PATH="/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules/update-browserslist-db/node_modules:/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules:/home/gru/drips/jacktruedream/stellar-dev-dashboard/node_modules/.pnpm/node_modules:$NODE_PATH" + export NODE_PATH="/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/update-browserslist-db/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules:/home/adedayo/devzone/projects/web3/node_modules:/home/adedayo/devzone/projects/node_modules:/home/adedayo/devzone/node_modules:/home/adedayo/node_modules:/home/node_modules:/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/.pnpm/node_modules:$NODE_PATH" fi if [ -x "$basedir/node" ]; then exec "$basedir/node" "$basedir/../update-browserslist-db/cli.js" "$@" diff --git a/node_modules/.bin/vite b/node_modules/.bin/vite deleted file mode 120000 index 6d1e3bea..00000000 --- a/node_modules/.bin/vite +++ /dev/null @@ -1 +0,0 @@ -../vite/bin/vite.js \ No newline at end of file diff --git a/node_modules/.bin/vite b/node_modules/.bin/vite new file mode 100755 index 00000000..f0b689a4 --- /dev/null +++ b/node_modules/.bin/vite @@ -0,0 +1,21 @@ +#!/bin/sh +basedir=$(dirname "$(echo "$0" | sed -e 's,\\,/,g')") + +case `uname` in + *CYGWIN*|*MINGW*|*MSYS*) + if command -v cygpath > /dev/null 2>&1; then + basedir=`cygpath -w "$basedir"` + fi + ;; +esac + +if [ -z "$NODE_PATH" ]; then + export NODE_PATH="/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/.pnpm/vite@5.4.21_@types+node@25.6.0/node_modules/vite/bin/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/.pnpm/vite@5.4.21_@types+node@25.6.0/node_modules/vite/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/.pnpm/vite@5.4.21_@types+node@25.6.0/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/.pnpm/node_modules" +else + export NODE_PATH="/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/.pnpm/vite@5.4.21_@types+node@25.6.0/node_modules/vite/bin/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/.pnpm/vite@5.4.21_@types+node@25.6.0/node_modules/vite/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/.pnpm/vite@5.4.21_@types+node@25.6.0/node_modules:/home/adedayo/devzone/projects/web3/stellar-dev-dashboard/node_modules/.pnpm/node_modules:$NODE_PATH" +fi +if [ -x "$basedir/node" ]; then + exec "$basedir/node" "$basedir/../vite/bin/vite.js" "$@" +else + exec node "$basedir/../vite/bin/vite.js" "$@" +fi diff --git a/src/utils/security.js b/src/utils/security.js index b55f6f86..cdc15ed1 100644 --- a/src/utils/security.js +++ b/src/utils/security.js @@ -37,9 +37,9 @@ export function buildCspHeader(nonce) { return [ `default-src 'self'`, `script-src 'self'${nonceAttr}`, - `style-src 'self' 'unsafe-inline'`, // Tailwind requires inline styles + `style-src 'self'${nonceAttr}`, `img-src 'self' data: https:`, - `connect-src 'self' https://*.stellar.org https://horizon.stellar.org https://horizon-testnet.stellar.org wss:`, + `connect-src 'self' https://*.stellar.org https://api.coingecko.com`, `font-src 'self'`, `object-src 'none'`, `base-uri 'self'`,