git-hardening

5 Commits 3 Branches 5 Tags

Author	SHA1	Message	Date
Flo	078d55982b	chore: Add agentic coding tooling	2026-03-30 13:39:40 +02:00
Flo	2a5302388e	feat(git-harden): implement git-harden.sh script Interactive shell script that audits and hardens global git config. Implements the design spec with: object integrity checks, protocol restrictions, filesystem protection, hook redirection, SSH signing wizard with FIDO2 support, SSH config hardening, and credential helper detection. Supports --audit, -y, and interactive modes. Implements: #5 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>	2026-03-30 13:38:34 +02:00
Flo	10465dac24	Address external review feedback Add Bash 3.2 compatibility constraint (macOS ships ancient bash), add config backup before applying changes, preserve ssh-keygen stderr during FIDO2 key generation, verify key file before enabling signing in -y mode. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-27 16:56:01 +01:00
Flo	9b7cfd8f3b	Address spec review findings Fix incorrect CVE reference for core.fsmonitor, clarify bash/zsh compatibility (shebang is bash, works from zsh sessions), fix -y mode signing behavior to not break commits when no key exists, clarify submodule.recurse scope, add pull.rebase conflict warning, improve SSH config and credential helper detection specifics, add FIDO2 touch prompt, and clarify audit exit code for missing signing keys. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-25 14:40:29 +01:00
Flo	1efd68a408	Add design spec for git-harden.sh Interactive shell script that audits and hardens global git config with security-focused defaults: object integrity, protocol restrictions, filesystem protection, hook control, SSH signing with FIDO2 support, and credential security. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-25 13:50:43 +01:00