新增简易的8080面板😊

2026-04-17 23:15:15 +08:00
parent c38d2f66d1
commit 9d19d09821
465 changed files with 9235 additions and 35285 deletions
--- a/store/@{FutureOSS}/code-reviewer.disabled/checks/security.py
+++ b/store/@{FutureOSS}/code-reviewer.disabled/checks/security.py
@@ -0,0 +1,85 @@
+"""安全检查器"""
+
+
+class SecurityChecker:
+    """安全检查器"""
+
+    def check(self, filepath: str, content: str) -> list:
+        """执行安全检查"""
+        issues = []
+
+        # 检查硬编码密钥
+        issues.extend(self._check_secrets(filepath, content))
+
+        # 检查危险函数
+        issues.extend(self._check_dangerous_functions(filepath, content))
+
+        # 检查路径穿越
+        issues.extend(self._check_path_traversal(filepath, content))
+
+        return issues
+
+    def _check_secrets(self, filepath: str, content: str) -> list:
+        """检查硬编码密钥"""
+        issues = []
+        patterns = ['password', 'secret', 'token', 'api_key', 'access_token']
+
+        for i, line in enumerate(content.split('\n'), 1):
+            stripped = line.strip()
+            # 跳过注释和模式定义行
+            if stripped.startswith('#') or stripped.startswith('patterns') or "'" in stripped[:20]:
+                continue
+
+            for pattern in patterns:
+                if pattern + ' = "' in line.lower() or pattern + " = '" in line.lower():
+                    issues.append({
+                        "file": filepath,
+                        "line": i,
+                        "severity": "critical",
+                        "type": "hardcoded_secret",
+                        "message": f"发现硬编码密钥: {line.strip()[:50]}"
+                    })
+
+        return issues
+
+    def _check_dangerous_functions(self, filepath: str, content: str) -> list:
+        """检查危险函数"""
+        issues = []
+        dangerous = ['eval(', 'exec(', 'os.system(', 'subprocess.call(', 'subprocess.run(']
+
+        # 跳过检查安全检查器自身
+        if 'code-reviewer/checks/security.py' in filepath:
+            return []
+
+        for i, line in enumerate(content.split('\n'), 1):
+            # 跳过注释和模式定义行
+            stripped = line.strip()
+            if stripped.startswith('#') or 'dangerous' in stripped.lower() or "['" in stripped[:30]:
+                continue
+
+            for func in dangerous:
+                if func in line:
+                    issues.append({
+                        "file": filepath,
+                        "line": i,
+                        "severity": "warning",
+                        "type": "dangerous_function",
+                        "message": f"使用危险函数: {func.strip()}"
+                    })
+
+        return issues
+
+    def _check_path_traversal(self, filepath: str, content: str) -> list:
+        """检查路径穿越风险"""
+        issues = []
+
+        if '../' in content and 'open(' in content:
+            issues.append({
+                "file": filepath,
+                "line": 0,
+                "severity": "warning",
+                "type": "path_traversal_risk",
+                "message": "可能存在路径穿越漏洞"
+            })
+
+        return issues