hao/websafe-kb
1
0
派生 0
代码 工单 合并请求 1 工作流 软件包 项目 发布 百科 活动

更新: 11 个文件 - 2026-03-18 11:00:06

浏览代码
这个提交包含在:
hao
2026-03-18 11:00:06 -07:00
父节点 1f9d9b1d16
当前提交 62adc24770
修改 11 个文件,包含 7840 行新增137 行删除
下载 Patch 文件 下载 Diff 文件 展开所有文件 折叠所有文件

3385
08-threat-intel/generated/dashboard/advisories.json
查看文件

文件差异内容过多而无法显示 加载差异

28
08-threat-intel/generated/dashboard/architecture.json
查看文件

@@ -1,5 +1,5 @@
{
"generated_at": "2026-03-18T17:52:49+00:00",
"generated_at": "2026-03-18T17:56:12+00:00",
"title": "\u5f53\u524d\u67b6\u6784\u5e93",
"summary": "\u5de5\u4f5c\u53f0\u3001\u63a7\u5236\u9762\u3001\u6570\u636e\u5c42\u3001\u6388\u6743\u8fb9\u754c\u4e0e\u7cfb\u7edf\u8986\u76d6\u7684\u5f53\u524d\u771f\u503c\u89c6\u56fe\u3002",
"sections": [
@@ -31,7 +31,7 @@
},
{
"label": "\u5f53\u524d\u6f0f\u6d1e\u6761\u76ee",
"value": "0"
"value": "89"
}
],
"fields": [
@@ -49,7 +49,7 @@
},
{
"label": "\u751f\u6210\u65f6\u95f4",
"value": "2026-03-18T17:52:49+00:00"
"value": "2026-03-18T17:56:12+00:00"
}
],
"links": [
@@ -5887,11 +5887,11 @@
},
{
"label": "Advisory \u6570",
"value": "0"
"value": "89"
},
{
"label": "\u72b6\u6001\u7c7b\u578b",
"value": "0"
"value": "1"
},
{
"label": "\u6700\u8fd1\u5931\u8d25",
@@ -5903,7 +5903,23 @@
"title": "\u72b6\u6001\u5206\u5e03",
"summary": "verification_status \u5f53\u524d\u8ba1\u6570\u3002",
"open": false,
"items": []
"items": [
{
"title": "\u771f\u5b9e\u7248\u672c\u5df2\u5b9e\u8bc1",
"summary": "\u5f53\u524d\u7d2f\u8ba1 89 \u6761\u3002",
"open": false,
"fields": [
{
"label": "\u72b6\u6001\u7f16\u7801",
"value": "verified-real"
},
{
"label": "\u6570\u91cf",
"value": "89"
}
]
}
]
},
{
"title": "\u6700\u8fd1\u5931\u8d25",

165
08-threat-intel/generated/dashboard/data/completeness.json
查看文件

@@ -1,19 +1,170 @@
{
"generated_at": "2026-03-18T17:52:49+00:00",
"advisory_total": 0,
"latest_statuses": {},
"generated_at": "2026-03-18T17:56:12+00:00",
"advisory_total": 89,
"latest_statuses": {
"verified-real": 89
},
"historical_statuses": {
"verified-real": 136,
"blocked-artifact": 3,
"triage-manual": 1
},
"verified_real": 0,
"verified_real": 89,
"verified_synthetic": 0,
"blocked": 0,
"manual": 0,
"verified_ratio": 0.0,
"complete": false,
"systems": [],
"verified_ratio": 100.0,
"complete": true,
"systems": [
{
"system_id": "gitea",
"display_name": "Gitea",
"total": 37,
"verified_real": 37,
"verified_synthetic": 0,
"blocked": 0,
"manual": 0,
"families": [
{
"family": "authz-bypass",
"total": 3,
"verified_real": 3,
"verified_synthetic": 0,
"blocked": 0,
"manual": 0
},
{
"family": "file-upload",
"total": 2,
"verified_real": 2,
"verified_synthetic": 0,
"blocked": 0,
"manual": 0
},
{
"family": "proxy-boundary",
"total": 26,
"verified_real": 26,
"verified_synthetic": 0,
"blocked": 0,
"manual": 0
},
{
"family": "ssrf",
"total": 1,
"verified_real": 1,
"verified_synthetic": 0,
"blocked": 0,
"manual": 0
},
{
"family": "xss",
"total": 5,
"verified_real": 5,
"verified_synthetic": 0,
"blocked": 0,
"manual": 0
}
]
},
{
"system_id": "nextjs",
"display_name": "Next.js",
"total": 26,
"verified_real": 26,
"verified_synthetic": 0,
"blocked": 0,
"manual": 0,
"families": [
{
"family": "authz-bypass",
"total": 2,
"verified_real": 2,
"verified_synthetic": 0,
"blocked": 0,
"manual": 0
},
{
"family": "deserialization",
"total": 1,
"verified_real": 1,
"verified_synthetic": 0,
"blocked": 0,
"manual": 0
},
{
"family": "proxy-boundary",
"total": 19,
"verified_real": 19,
"verified_synthetic": 0,
"blocked": 0,
"manual": 0
},
{
"family": "ssrf",
"total": 2,
"verified_real": 2,
"verified_synthetic": 0,
"blocked": 0,
"manual": 0
},
{
"family": "xss",
"total": 2,
"verified_real": 2,
"verified_synthetic": 0,
"blocked": 0,
"manual": 0
}
]
},
{
"system_id": "undici",
"display_name": "Undici",
"total": 14,
"verified_real": 14,
"verified_synthetic": 0,
"blocked": 0,
"manual": 0,
"families": [
{
"family": "ssrf",
"total": 14,
"verified_real": 14,
"verified_synthetic": 0,
"blocked": 0,
"manual": 0
}
]
},
{
"system_id": "vite",
"display_name": "Vite",
"total": 12,
"verified_real": 12,
"verified_synthetic": 0,
"blocked": 0,
"manual": 0,
"families": [
{
"family": "proxy-boundary",
"total": 11,
"verified_real": 11,
"verified_synthetic": 0,
"blocked": 0,
"manual": 0
},
{
"family": "xss",
"total": 1,
"verified_real": 1,
"verified_synthetic": 0,
"blocked": 0,
"manual": 0
}
]
}
],
"ingest_health": {
"failure_count": 0,
"failures": []

28
08-threat-intel/generated/dashboard/docs/architecture-library.html
查看文件

@@ -87,7 +87,7 @@
<h1>当前架构库镜像</h1>
<div class="meta">工作台内置镜像页:当前架构库结构化数据镜像。</div>
<pre>{
&quot;generated_at&quot;: &quot;2026-03-18T17:52:49+00:00&quot;,
&quot;generated_at&quot;: &quot;2026-03-18T17:56:12+00:00&quot;,
&quot;title&quot;: &quot;当前架构库&quot;,
&quot;summary&quot;: &quot;工作台、控制面、数据层、授权边界与系统覆盖的当前真值视图。&quot;,
&quot;sections&quot;: [
@@ -119,7 +119,7 @@
},
{
&quot;label&quot;: &quot;当前漏洞条目&quot;,
&quot;value&quot;: &quot;0&quot;
&quot;value&quot;: &quot;89&quot;
}
],
&quot;fields&quot;: [
@@ -137,7 +137,7 @@
},
{
&quot;label&quot;: &quot;生成时间&quot;,
&quot;value&quot;: &quot;2026-03-18T17:52:49+00:00&quot;
&quot;value&quot;: &quot;2026-03-18T17:56:12+00:00&quot;
}
],
&quot;links&quot;: [
@@ -5975,11 +5975,11 @@
},
{
&quot;label&quot;: &quot;Advisory 数&quot;,
&quot;value&quot;: &quot;0&quot;
&quot;value&quot;: &quot;89&quot;
},
{
&quot;label&quot;: &quot;状态类型&quot;,
&quot;value&quot;: &quot;0&quot;
&quot;value&quot;: &quot;1&quot;
},
{
&quot;label&quot;: &quot;最近失败&quot;,
@@ -5991,7 +5991,23 @@
&quot;title&quot;: &quot;状态分布&quot;,
&quot;summary&quot;: &quot;verification_status 当前计数。&quot;,
&quot;open&quot;: false,
&quot;items&quot;: []
&quot;items&quot;: [
{
&quot;title&quot;: &quot;真实版本已实证&quot;,
&quot;summary&quot;: &quot;当前累计 89 条。&quot;,
&quot;open&quot;: false,
&quot;fields&quot;: [
{
&quot;label&quot;: &quot;状态编码&quot;,
&quot;value&quot;: &quot;verified-real&quot;
},
{
&quot;label&quot;: &quot;数量&quot;,
&quot;value&quot;: &quot;89&quot;
}
]
}
]
},
{
&quot;title&quot;: &quot;最近失败&quot;,

10
08-threat-intel/generated/dashboard/docs/testing-completeness-report.html
查看文件

@@ -88,12 +88,12 @@
<div class="meta">工作台内置镜像页89 条 advisory 最新完整度、family 矩阵与 ingest 健康度。</div>
<pre># 全库 Advisory 完整度报告
- 生成时间: `2026-03-18T17:52:49+00:00`
- 最新 advisory 完整度: `0/0` `verified-real`
- 生成时间: `2026-03-18T17:56:12+00:00`
- 最新 advisory 完整度: `89/89` `verified-real`
- 合成验证数量: `0`
- 阻塞数量: `0`
- 人工/待补证据数量: `0`
- 完整度百分比: `0.0%`
- 完整度百分比: `100.0%`
- active source 全绿: `110/110`
- source open alerts: `0`
- 最近一次 source 全绿: `2026-03-18T17:44:31+00:00`
@@ -102,6 +102,10 @@
| 系统 | 总数 | verified-real | verified-synthetic | blocked | manual | family 覆盖 |
| --- | ---: | ---: | ---: | ---: | ---: | --- |
| gitea | 37 | 37 | 0 | 0 | 0 | authz-bypass(3/3), file-upload(2/2), proxy-boundary(26/26), ssrf(1/1), xss(5/5) |
| nextjs | 26 | 26 | 0 | 0 | 0 | authz-bypass(2/2), deserialization(1/1), proxy-boundary(19/19), ssrf(2/2), xss(2/2) |
| undici | 14 | 14 | 0 | 0 | 0 | ssrf(14/14) |
| vite | 12 | 12 | 0 | 0 | 0 | proxy-boundary(11/11), xss(1/1) |
## 历史阻塞项修复纪要

4033
08-threat-intel/generated/dashboard/runs.json
查看文件

文件差异内容过多而无法显示 加载差异

165
08-threat-intel/generated/dashboard/summary.json
查看文件

@@ -1,8 +1,10 @@
{
"generated_at": "2026-03-18T17:52:49+00:00",
"advisory_count": 0,
"generated_at": "2026-03-18T17:56:12+00:00",
"advisory_count": 89,
"run_count": 140,
"statuses": {},
"statuses": {
"verified-real": 89
},
"run_statuses": {
"verified-real": 136,
"blocked-artifact": 3,
@@ -16,15 +18,162 @@
"open_alert_count": 0,
"last_fully_green_run": "2026-03-18T17:44:31+00:00"
},
"systems": [],
"systems": [
{
"system_id": "gitea",
"display_name": "Gitea",
"total": 37,
"verified_real": 37,
"verified_synthetic": 0,
"blocked": 0,
"manual": 0,
"browser_required": 33,
"browser_present": 33,
"latest_update": "2026-03-18T03:55:13+00:00",
"category": "platforms",
"tier": "rolling-24m",
"output_dir": "07-framework-security/platforms/gitea",
"families": [
{
"family": "authz-bypass",
"total": 3,
"verified_real": 3,
"manual": 0
},
{
"family": "file-upload",
"total": 2,
"verified_real": 2,
"manual": 0
},
{
"family": "proxy-boundary",
"total": 26,
"verified_real": 26,
"manual": 0
},
{
"family": "ssrf",
"total": 1,
"verified_real": 1,
"manual": 0
},
{
"family": "xss",
"total": 5,
"verified_real": 5,
"manual": 0
}
]
},
{
"system_id": "nextjs",
"display_name": "Next.js",
"total": 26,
"verified_real": 26,
"verified_synthetic": 0,
"blocked": 0,
"manual": 0,
"browser_required": 21,
"browser_present": 21,
"latest_update": "2026-03-18T03:58:55+00:00",
"category": "frameworks",
"tier": "history-full",
"output_dir": "07-framework-security/frameworks/nextjs",
"families": [
{
"family": "authz-bypass",
"total": 2,
"verified_real": 2,
"manual": 0
},
{
"family": "deserialization",
"total": 1,
"verified_real": 1,
"manual": 0
},
{
"family": "proxy-boundary",
"total": 19,
"verified_real": 19,
"manual": 0
},
{
"family": "ssrf",
"total": 2,
"verified_real": 2,
"manual": 0
},
{
"family": "xss",
"total": 2,
"verified_real": 2,
"manual": 0
}
]
},
{
"system_id": "undici",
"display_name": "Undici",
"total": 14,
"verified_real": 14,
"verified_synthetic": 0,
"blocked": 0,
"manual": 0,
"browser_required": 0,
"browser_present": 0,
"latest_update": "2026-03-18T04:03:36+00:00",
"category": "frameworks",
"tier": "rolling-24m",
"output_dir": "07-framework-security/frameworks/undici",
"families": [
{
"family": "ssrf",
"total": 14,
"verified_real": 14,
"manual": 0
}
]
},
{
"system_id": "vite",
"display_name": "Vite",
"total": 12,
"verified_real": 12,
"verified_synthetic": 0,
"blocked": 0,
"manual": 0,
"browser_required": 12,
"browser_present": 12,
"latest_update": "2026-03-18T04:06:05+00:00",
"category": "frameworks",
"tier": "history-full",
"output_dir": "07-framework-security/frameworks/vite",
"families": [
{
"family": "proxy-boundary",
"total": 11,
"verified_real": 11,
"manual": 0
},
{
"family": "xss",
"total": 1,
"verified_real": 1,
"manual": 0
}
]
}
],
"completeness": {
"advisory_total": 0,
"verified_real": 0,
"advisory_total": 89,
"verified_real": 89,
"verified_synthetic": 0,
"blocked": 0,
"manual": 0,
"verified_ratio": 0.0,
"complete": false,
"verified_ratio": 100.0,
"complete": true,
"source_failure_count": 0,
"active_source_count": 110,
"open_alert_count": 0

149
08-threat-intel/generated/dashboard/systems.json
查看文件

@@ -1 +1,148 @@
[]
[
{
"system_id": "gitea",
"display_name": "Gitea",
"total": 37,
"verified_real": 37,
"verified_synthetic": 0,
"blocked": 0,
"manual": 0,
"browser_required": 33,
"browser_present": 33,
"latest_update": "2026-03-18T03:55:13+00:00",
"category": "platforms",
"tier": "rolling-24m",
"output_dir": "07-framework-security/platforms/gitea",
"families": [
{
"family": "authz-bypass",
"total": 3,
"verified_real": 3,
"manual": 0
},
{
"family": "file-upload",
"total": 2,
"verified_real": 2,
"manual": 0
},
{
"family": "proxy-boundary",
"total": 26,
"verified_real": 26,
"manual": 0
},
{
"family": "ssrf",
"total": 1,
"verified_real": 1,
"manual": 0
},
{
"family": "xss",
"total": 5,
"verified_real": 5,
"manual": 0
}
]
},
{
"system_id": "nextjs",
"display_name": "Next.js",
"total": 26,
"verified_real": 26,
"verified_synthetic": 0,
"blocked": 0,
"manual": 0,
"browser_required": 21,
"browser_present": 21,
"latest_update": "2026-03-18T03:58:55+00:00",
"category": "frameworks",
"tier": "history-full",
"output_dir": "07-framework-security/frameworks/nextjs",
"families": [
{
"family": "authz-bypass",
"total": 2,
"verified_real": 2,
"manual": 0
},
{
"family": "deserialization",
"total": 1,
"verified_real": 1,
"manual": 0
},
{
"family": "proxy-boundary",
"total": 19,
"verified_real": 19,
"manual": 0
},
{
"family": "ssrf",
"total": 2,
"verified_real": 2,
"manual": 0
},
{
"family": "xss",
"total": 2,
"verified_real": 2,
"manual": 0
}
]
},
{
"system_id": "undici",
"display_name": "Undici",
"total": 14,
"verified_real": 14,
"verified_synthetic": 0,
"blocked": 0,
"manual": 0,
"browser_required": 0,
"browser_present": 0,
"latest_update": "2026-03-18T04:03:36+00:00",
"category": "frameworks",
"tier": "rolling-24m",
"output_dir": "07-framework-security/frameworks/undici",
"families": [
{
"family": "ssrf",
"total": 14,
"verified_real": 14,
"manual": 0
}
]
},
{
"system_id": "vite",
"display_name": "Vite",
"total": 12,
"verified_real": 12,
"verified_synthetic": 0,
"blocked": 0,
"manual": 0,
"browser_required": 12,
"browser_present": 12,
"latest_update": "2026-03-18T04:06:05+00:00",
"category": "frameworks",
"tier": "history-full",
"output_dir": "07-framework-security/frameworks/vite",
"families": [
{
"family": "proxy-boundary",
"total": 11,
"verified_real": 11,
"manual": 0
},
{
"family": "xss",
"total": 1,
"verified_real": 1,
"manual": 0
}
]
}
]

2
08-threat-intel/generated/source-catalog-audit.json
查看文件

@@ -1,5 +1,5 @@
{
"generated_at": "2026-03-18T17:41:42+00:00",
"generated_at": "2026-03-18T17:58:07+00:00",
"system_count": 62,
"source_count": 146,
"active_source_count": 110,

2
08-threat-intel/generated/source-catalog-audit.md
查看文件

@@ -1,6 +1,6 @@
# Source Catalog Audit
- generated_at: `2026-03-18T17:41:42+00:00`
- generated_at: `2026-03-18T17:58:07+00:00`
- systems: `62`
- sources: `146`
- active_sources: `110`

10
docs/testing-completeness-report.md
查看文件

@@ -1,11 +1,11 @@
# 全库 Advisory 完整度报告
- 生成时间: `2026-03-18T17:52:49+00:00`
- 最新 advisory 完整度: `0/0` `verified-real`
- 生成时间: `2026-03-18T17:56:12+00:00`
- 最新 advisory 完整度: `89/89` `verified-real`
- 合成验证数量: `0`
- 阻塞数量: `0`
- 人工/待补证据数量: `0`
- 完整度百分比: `0.0%`
- 完整度百分比: `100.0%`
- active source 全绿: `110/110`
- source open alerts: `0`
- 最近一次 source 全绿: `2026-03-18T17:44:31+00:00`
@@ -14,6 +14,10 @@
| 系统 | 总数 | verified-real | verified-synthetic | blocked | manual | family 覆盖 |
| --- | ---: | ---: | ---: | ---: | ---: | --- |
| gitea | 37 | 37 | 0 | 0 | 0 | authz-bypass(3/3), file-upload(2/2), proxy-boundary(26/26), ssrf(1/1), xss(5/5) |
| nextjs | 26 | 26 | 0 | 0 | 0 | authz-bypass(2/2), deserialization(1/1), proxy-boundary(19/19), ssrf(2/2), xss(2/2) |
| undici | 14 | 14 | 0 | 0 | 0 | ssrf(14/14) |
| vite | 12 | 12 | 0 | 0 | 0 | proxy-boundary(11/11), xss(1/1) |
## 历史阻塞项修复纪要