Danijel Martinek
96274ba856
Adds framework-agnostic security headers module to core-shared/security: - SecurityHeadersConfig + CspMode types - generateNonce() using crypto.randomBytes(16) - buildSecurityHeaders() emitting all six headers (HSTS, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy, CSP) with prod (strict-dynamic + nonce threading) and dev (unsafe-inline/eval + ws/localhost) CSP modes; URL validation throwing InvalidSecurityHeadersConfig on malformed allowedConnect/Img/FontOrigins - Full unit test suite (24 tests, 100% coverage on runtime files) - Exported from core-shared barrel and ./security subpath Blocks story 07 (framework adapters) and stories 08-09 (app wiring). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
175 lines
3.2 KiB
JSON
175 lines
3.2 KiB
JSON
{
|
|
"generatedAt": "2026-05-20T09:32:45.528Z",
|
|
"commit": "650a97b",
|
|
"repo": {
|
|
"statements": 97.42,
|
|
"branches": 92.47,
|
|
"functions": 97.25,
|
|
"lines": 97.42,
|
|
"counts": {
|
|
"lf": 6040,
|
|
"lh": 5884,
|
|
"brf": 1209,
|
|
"brh": 1118,
|
|
"fnf": 364,
|
|
"fnh": 354
|
|
}
|
|
},
|
|
"byPackage": {
|
|
"@repo/auth": {
|
|
"statements": 93.83,
|
|
"branches": 92.5,
|
|
"functions": 100,
|
|
"lines": 93.83,
|
|
"counts": {
|
|
"lf": 875,
|
|
"lh": 821,
|
|
"brf": 120,
|
|
"brh": 111,
|
|
"fnf": 46,
|
|
"fnh": 46
|
|
}
|
|
},
|
|
"@repo/blog": {
|
|
"statements": 96.35,
|
|
"branches": 88.65,
|
|
"functions": 100,
|
|
"lines": 96.35,
|
|
"counts": {
|
|
"lf": 739,
|
|
"lh": 712,
|
|
"brf": 141,
|
|
"brh": 125,
|
|
"fnf": 29,
|
|
"fnh": 29
|
|
}
|
|
},
|
|
"@repo/core-analytics": {
|
|
"statements": 100,
|
|
"branches": 100,
|
|
"functions": 100,
|
|
"lines": 100,
|
|
"counts": {
|
|
"lf": 52,
|
|
"lh": 52,
|
|
"brf": 12,
|
|
"brh": 12,
|
|
"fnf": 10,
|
|
"fnh": 10
|
|
}
|
|
},
|
|
"@repo/core-api": {
|
|
"statements": 100,
|
|
"branches": 100,
|
|
"functions": 100,
|
|
"lines": 100,
|
|
"counts": {
|
|
"lf": 17,
|
|
"lh": 17,
|
|
"brf": 0,
|
|
"brh": 0,
|
|
"fnf": 0,
|
|
"fnh": 0
|
|
}
|
|
},
|
|
"@repo/core-consent": {
|
|
"statements": 99.72,
|
|
"branches": 94.85,
|
|
"functions": 97.06,
|
|
"lines": 99.72,
|
|
"counts": {
|
|
"lf": 351,
|
|
"lh": 350,
|
|
"brf": 97,
|
|
"brh": 92,
|
|
"fnf": 34,
|
|
"fnh": 33
|
|
}
|
|
},
|
|
"@repo/core-dsr": {
|
|
"statements": 100,
|
|
"branches": 92.48,
|
|
"functions": 97.44,
|
|
"lines": 100,
|
|
"counts": {
|
|
"lf": 697,
|
|
"lh": 697,
|
|
"brf": 133,
|
|
"brh": 123,
|
|
"fnf": 39,
|
|
"fnh": 38
|
|
}
|
|
},
|
|
"@repo/core-shared": {
|
|
"statements": 98.34,
|
|
"branches": 96.33,
|
|
"functions": 93.28,
|
|
"lines": 98.34,
|
|
"counts": {
|
|
"lf": 1265,
|
|
"lh": 1244,
|
|
"brf": 354,
|
|
"brh": 341,
|
|
"fnf": 119,
|
|
"fnh": 111
|
|
}
|
|
},
|
|
"@repo/core-ui": {
|
|
"statements": 100,
|
|
"branches": 91.35,
|
|
"functions": 100,
|
|
"lines": 100,
|
|
"counts": {
|
|
"lf": 412,
|
|
"lh": 412,
|
|
"brf": 104,
|
|
"brh": 95,
|
|
"fnf": 18,
|
|
"fnh": 18
|
|
}
|
|
},
|
|
"@repo/marketing-pages": {
|
|
"statements": 95.93,
|
|
"branches": 83.93,
|
|
"functions": 100,
|
|
"lines": 95.93,
|
|
"counts": {
|
|
"lf": 762,
|
|
"lh": 731,
|
|
"brf": 112,
|
|
"brh": 94,
|
|
"fnf": 32,
|
|
"fnh": 32
|
|
}
|
|
},
|
|
"@repo/media": {
|
|
"statements": 97.15,
|
|
"branches": 90.63,
|
|
"functions": 100,
|
|
"lines": 97.15,
|
|
"counts": {
|
|
"lf": 561,
|
|
"lh": 545,
|
|
"brf": 96,
|
|
"brh": 87,
|
|
"fnf": 24,
|
|
"fnh": 24
|
|
}
|
|
},
|
|
"@repo/navigation": {
|
|
"statements": 98.06,
|
|
"branches": 95,
|
|
"functions": 100,
|
|
"lines": 98.06,
|
|
"counts": {
|
|
"lf": 309,
|
|
"lh": 303,
|
|
"brf": 40,
|
|
"brh": 38,
|
|
"fnf": 13,
|
|
"fnh": 13
|
|
}
|
|
}
|
|
}
|
|
}
|