Skip to content

Retrieve Folders #16

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
baptistebronsin wants to merge 15 commits into
base: main
Choose a base branch
from
Open

Retrieve Folders #16

baptistebronsin wants to merge 15 commits into from

Conversation

@baptistebronsin
Copy link

@baptistebronsin baptistebronsin commented Jun 12, 2025

No description provided.

Thomas and others added 4 commits June 11, 2025 10:51
feat(security-dashboard): ajout de l'analyse de sécurité des mots de …
68dfba2 
…passe et des métriques associées

- Intégration d'une nouvelle fonctionnalité pour analyser les mots de passe et calculer un score de sécurité.
- Ajout d'un hook personnalisé `useCredentials` pour gérer les credentials.
- Création d'une API pour analyser les mots de passe et récupérer les métriques de sécurité.
- Mise à jour de l'interface utilisateur pour afficher les résultats de l'analyse et les mots de passe compromis, faibles, réutilisés et anciens.
- Utilisation de données mockées en développement pour simuler les credentials.
feat(security-dashboard): amélioration de la gestion des métriques de…
22f52d9 
… sécurité

- Ajout de la récupération des métriques de sécurité et de la date du dernier scan depuis le localStorage lors du chargement initial.
- Sauvegarde des métriques et du timestamp dans le localStorage après l'analyse des mots de passe.
- Mise à jour de l'état pour refléter les résultats de l'analyse et la date du dernier scan.
@isalyne34
feat(password-list): add password usage tracking and visibility toggle
e3f73cb
feat(password-list): ajout de la récupération des usages de mots de p…
ee12dca 
…asse

- Intégration d'un nouvel état pour suivre les usages des mots de passe.
- Mise à jour de la fonction `getPasswordUsage` pour récupérer les métriques d'utilisation via une requête POST.
- Affichage des usages de mots de passe dans l'interface utilisateur avec gestion de l'état de chargement.
@baptistebronsin baptistebronsin linked an issue Jun 12, 2025 that may be closed by this pull request
Folder endpoints implementation #12
Open
github-advanced-security[bot]
github-advanced-security bot found potential problems Jun 12, 2025
View reviewed changes
components/security-dashboard.tsx Dismissed
setLastScan(scanTime)

// Sauvegarder les métriques et le timestamp dans le localStorage
localStorage.setItem('securityMetrics', JSON.stringify(result))

Check failure

Code scanning / CodeQL

Clear text storage of sensitive information High

This stores sensitive data returned by
a call to analyzePasswords
Loading
as clear text.

Copilot Autofix

AI 7 months ago

To fix the issue, sensitive data should be encrypted before being stored in localStorage. The Node.js crypto module can be used to encrypt the data. A secure encryption key should be used, and the encrypted data can be stored safely. When retrieving the data, it should be decrypted before use.

Steps to implement the fix:

  1. Import the crypto module.
  2. Define encryption and decryption functions using a secure algorithm (e.g., AES-256).
  3. Encrypt the result object before storing it in localStorage.
  4. Decrypt the data when retrieving it from localStorage.
Suggested changeset 1
components/security-dashboard.tsx

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/components/security-dashboard.tsx b/components/security-dashboard.tsx
--- a/components/security-dashboard.tsx
+++ b/components/security-dashboard.tsx
@@ -12,2 +12,16 @@
 import { toast } from "sonner"
+import crypto from "crypto"
+
+const ENCRYPTION_KEY = crypto.randomBytes(32).toString("hex") // Replace with a securely stored key
+const ENCRYPTION_ALGORITHM = "aes-256-ctr"
+
+function encrypt(text: string): string {
+  const cipher = crypto.createCipher(ENCRYPTION_ALGORITHM, ENCRYPTION_KEY)
+  return cipher.update(text, "utf8", "hex") + cipher.final("hex")
+}
+
+function decrypt(text: string): string {
+  const decipher = crypto.createDecipher(ENCRYPTION_ALGORITHM, ENCRYPTION_KEY)
+  return decipher.update(text, "hex", "utf8") + decipher.final("utf8")
+}
 
@@ -23,4 +37,4 @@
       if (savedMetrics && savedLastScan) {
-        setLastScan(savedLastScan)
-        return JSON.parse(savedMetrics)
+        setLastScan(decrypt(savedLastScan))
+        return JSON.parse(decrypt(savedMetrics))
       }
@@ -52,4 +66,4 @@
       // Sauvegarder les métriques et le timestamp dans le localStorage
-      localStorage.setItem('securityMetrics', JSON.stringify(result))
-      localStorage.setItem('lastSecurityScan', scanTime)
+      localStorage.setItem('securityMetrics', encrypt(JSON.stringify(result)))
+      localStorage.setItem('lastSecurityScan', encrypt(scanTime))
       
EOF
@@ -12,2 +12,16 @@
import { toast } from "sonner"
import crypto from "crypto"

const ENCRYPTION_KEY = crypto.randomBytes(32).toString("hex") // Replace with a securely stored key
const ENCRYPTION_ALGORITHM = "aes-256-ctr"

function encrypt(text: string): string {
const cipher = crypto.createCipher(ENCRYPTION_ALGORITHM, ENCRYPTION_KEY)
return cipher.update(text, "utf8", "hex") + cipher.final("hex")
}

function decrypt(text: string): string {
const decipher = crypto.createDecipher(ENCRYPTION_ALGORITHM, ENCRYPTION_KEY)
return decipher.update(text, "hex", "utf8") + decipher.final("utf8")
}

@@ -23,4 +37,4 @@
if (savedMetrics && savedLastScan) {
setLastScan(savedLastScan)
return JSON.parse(savedMetrics)
setLastScan(decrypt(savedLastScan))
return JSON.parse(decrypt(savedMetrics))
}
@@ -52,4 +66,4 @@
// Sauvegarder les métriques et le timestamp dans le localStorage
localStorage.setItem('securityMetrics', JSON.stringify(result))
localStorage.setItem('lastSecurityScan', scanTime)
localStorage.setItem('securityMetrics', encrypt(JSON.stringify(result)))
localStorage.setItem('lastSecurityScan', encrypt(scanTime))

Copilot is powered by AI and may make mistakes. Always verify output.
Copy link
Author

@baptistebronsin baptistebronsin Jun 12, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This logic is handled by another team. @thomas-brn you know about this?

@baptistebronsin baptistebronsin force-pushed the 12-folder-endpoints-implementation branch from 3798891 to de4dc2f Compare June 12, 2025 21:09
@Razano26 Razano26 changed the base branch from main to feat/stats June 12, 2025 22:11
@baptistebronsin baptistebronsin changed the base branch from feat/stats to main June 13, 2025 10:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Folder endpoints implementation

3 participants

@baptistebronsin @isalyne34