mirror of
https://github.com/HKUDS/DeepTutor.git
synced 2026-03-26 21:48:15 +00:00
a0433d784e
* feat: add comprehensive pre-commit CI hooks - Add safety for dependency vulnerability scanning - Add bandit for Python security linting with appropriate skips - Add interrogate for docstring coverage checking (60% threshold) - Add mypy for type checking with permissive CI configuration - Update requirements.txt with safety and bandit dependencies - Configure all tools for CI compatibility (non-blocking for initial setup) * security: add hardening measures based on upstream issues - Add .gitattributes rules to force LF line endings for critical files (fixes CRLF security issues) - Enhance document validator with MIME type validation and stricter PDF size limits - Fix subprocess security issues by adding shell=False to prevent command injection - Add resource exhaustion protection with separate PDF size limits (50MB vs 100MB general limit) Addresses upstream issues: - #97: Cross-platform deployment failures due to CRLF line endings - #31: Large PDF processing failures and resource exhaustion - Security hardening for subprocess calls to prevent injection attacks * docs: streamline contribution process and pre-commit checks - Update and format CONTRIBUTING.md for clarity - Simplify pull request template - Adjust pre-commit config to be more lenient locally * chore: update .gitignore, .secrets.baseline, pyproject.toml, and requirements.txt for improved configuration and dependency management
19 lines
508 B
Plaintext
19 lines
508 B
Plaintext
*.mp4 filter=lfs diff=lfs merge=lfs -text
|
|
|
|
# Force critical build and script files to use LF line endings for cross-platform compatibility
|
|
# This prevents CRLF-related security issues in Docker containers and shell scripts
|
|
Dockerfile text eol=lf
|
|
docker-compose.yml text eol=lf
|
|
docker-compose.*.yml text eol=lf
|
|
*.sh text eol=lf
|
|
*.py text eol=lf
|
|
*.yaml text eol=lf
|
|
*.yml text eol=lf
|
|
*.md text eol=lf
|
|
*.txt text eol=lf
|
|
*.env text eol=lf
|
|
*.json text eol=lf
|
|
*.toml text eol=lf
|
|
*.cfg text eol=lf
|
|
*.ini text eol=lf
|