feat: security scanning API + pre-receive hook blocking (#692) #713

Merged

jmiller merged 3 commits from feature/secret-scanning-clean into dev 2026-06-28 08:46:04 +00:00

Conversation 0 Commits 3 Files Changed 5

+265

3 Commits

Author	SHA1	Message	Date
jmiller	9a4aa0fafb	fix: log error when pre-receive secret scan cannot read commit ... Previously, GetCommit failures were silently swallowed, allowing pushes to proceed without scanning. Now logs the error so admins can diagnose issues while still allowing the push. Claude-Session: https://claude.ai/code/session_011AAFzotGMf3ayvXhEmStCd	2026-06-28 02:35:50 -05:00
jmiller	84df5d7932	feat: register security scanning API routes in router ... Adds /repos/{owner}/{repo}/security/* route group for security alert management, scanning, and configuration endpoints. Claude-Session: https://claude.ai/code/session_011AAFzotGMf3ayvXhEmStCd	2026-06-28 02:33:29 -05:00
jmiller	7b334f94c0	feat: security scanning API endpoints + pre-receive hook blocking (#692) ... Add REST API for security alerts (list, get, update status, trigger scan) and scanner config (get, update). Wire block_on_push into the pre-receive hook so pushes containing detected secrets are rejected with details. Claude-Session: https://claude.ai/code/session_011AAFzotGMf3ayvXhEmStCd	2026-06-28 02:30:04 -05:00