mirror of
https://github.com/complexcaresolutions/cms.c2sgmbh.git
synced 2026-03-17 18:34:13 +00:00
Martin Porwoll
e3987e50dc
- Hardened cron endpoints with coordination and auth improvements - Added API guards and input validation layer - Security observability and secrets health checks - Monitoring types and service improvements - PDF URL validation and newsletter unsubscribe security - Unit tests for security-critical paths Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
24 lines
846 B
Markdown
24 lines
846 B
Markdown
# Git History Security Scan
|
|
|
|
- Generated: 2026-02-17 11:42:09 UTC
|
|
- Repository: payload-cms
|
|
|
|
## Summary
|
|
|
|
- `backup.sql` is not tracked in current HEAD.
|
|
- `backup.sql` exists in git history and must be treated as potentially sensitive.
|
|
- `gitleaks` available: no (install recommended for full-history secret scanning).
|
|
|
|
## backup.sql Commit History
|
|
|
|
```text
|
|
063dae4 2026-02-17 security: harden payload endpoints and access controls
|
|
0a8e191 2025-12-05 chore: add database backup for server migration
|
|
```
|
|
|
|
## Recommended Actions
|
|
|
|
1. Rotate DB credentials if `backup.sql` contained production or staging data.
|
|
2. Rotate SMTP/API/OAuth secrets if dumps included integration credentials.
|
|
3. If required by compliance, rewrite history for `backup.sql` (e.g. `git filter-repo`) and force-push.
|
|
4. Enable periodic full-history scans in CI using gitleaks.
|