fraqtal/agentic-dev
Template
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
Files
6903c59cc7e34cac17a8af683a86da33b62e7959
agentic-dev/packages/core-shared/src/index.ts
Danijel Martinek 96274ba856 feat(core-shared): add security headers module with CSP builder and nonce util 
Adds framework-agnostic security headers module to core-shared/security:
- SecurityHeadersConfig + CspMode types
- generateNonce() using crypto.randomBytes(16)
- buildSecurityHeaders() emitting all six headers (HSTS, X-Frame-Options,
  X-Content-Type-Options, Referrer-Policy, Permissions-Policy, CSP) with
  prod (strict-dynamic + nonce threading) and dev (unsafe-inline/eval +
  ws/localhost) CSP modes; URL validation throwing InvalidSecurityHeadersConfig
  on malformed allowedConnect/Img/FontOrigins
- Full unit test suite (24 tests, 100% coverage on runtime files)
- Exported from core-shared barrel and ./security subpath

Blocks story 07 (framework adapters) and stories 08-09 (app wiring).

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-20 09:33:13 +00:00

8 lines
240 B
TypeScript
Raw Blame History

export { requireEnv } from "./lib/env";
export { toIsoString } from "./lib/date";
export * from "./audit";
export * from "./di";
export * from "./instrumentation/index";
export * from "./rate-limit/index";
export * from "./security/index";
Reference in New Issue View Git Blame Copy Permalink