florian/git-hardening
Public Access
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
43 Commits 3 Branches 5 Tags
e27bbaaa434e01c47f9bf330280a633dba2a3fa8
Commit Graph

4 Commits

Author SHA1 Message Date
Flo e27bbaaa43 test(interactive): replace blind y-loops with accept_until helper 
Add an accept_until helper that only sends "y" when a new [Y/n] prompt
appears in the tmux pane, replacing the fixed-count blind send loops that
could race ahead of prompts or send stray input. Resilient to changes in
the number of apply-phase prompts.

Relates to #51

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
 2026-06-09 23:54:55 +02:00
Flo fb69304a9b fix: container interactive tests fail on empty GIT_CONFIG_GLOBAL 
Only export GIT_CONFIG_GLOBAL in tmux sessions when already set.
An empty value tells git "no global config" vs unset (uses ~/.gitconfig).
Also fix stat format detection in SSH permissions test.

Co-Authored-By: Claude <noreply@anthropic.com>
 2026-03-31 18:37:15 +02:00
Flo 8037cb7908 feat: v0.2.0 expanded hardening 
Add gitleaks pre-commit hook, global gitignore, plaintext credential
detection, SSH key hygiene audit, 8 new git config settings, and
safe.directory wildcard detection. Fix ssh-keygen macOS compatibility,
FIDO2 detection via ioreg, and interactive test isolation.

Implements docs/specs/2026-03-31-v0.2.0-expanded-hardening.md

Co-Authored-By: Claude <noreply@anthropic.com>
 2026-03-31 14:03:29 +02:00
Flo f1b9d0183d feat: add e2e container test harness 
Implements spec docs/specs/2026-03-30-e2e-container-tests.md:
- 5 Containerfiles (ubuntu, debian, fedora, alpine, arch)
- test/e2e.sh runner with --runtime, --rebuild, single-distro mode
- tmux-based interactive tests (full accept, safety gate decline,
  signing generate, signing skip)
- All scripts pass shellcheck

Closes: #18, #19, #20

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2026-03-31 11:30:40 +02:00