nogoo9 / mcp-server-cloud-fs / 25820453266 / 1
67%
main: 67%

DEFAULT BRANCH: main
Ran
Files 45
Run time 3s
Badge
Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst
coverage: 67.164% (-0.5%) from 67.636%
25820453266.1

push

github

web-flow 
feat: shell && || ; operators, security headers docs, provider setup guide (#10)

* fix(security): remediate SAST findings — Redis TLS + insecure randomness

- Extract DEFAULT_REDIS_URL constant and add runtime console.warn when
  unencrypted redis:// transport is used (recommends rediss:// for TLS)
- Update CLI help text to document rediss:// TLS option
- Replace Math.random() with crypto.randomInt/randomBytes in test files
  (http.e2e, ws.e2e, sqlite.test) for secure randomness
- Add nosemgrep suppressions for intentional redis:// string references
  in warning messages and E2E test fixtures

Semgrep scan: 0 findings (was 3 blocking + 3 code quality)

* docs: add Semgrep SAST badge and v0.4.1 CHANGELOG entry

- Add Semgrep badge to README badge row
- Add v0.4.1 Security section to CHANGELOG documenting Redis TLS
  warning and SAST remediation

* docs: document Redis TLS warning in caching docs and README

- Add VitePress warning callout about redis:// vs rediss:// in
  docs/architecture/caching.md
- Add production TLS example (rediss://) alongside local dev example
- Update README caching table to mention rediss:// and add TLS note

* feat: add --ca-file flag for custom CA certificates

Adds --ca-file <path> CLI flag that reads a PEM CA bundle at startup
and injects it into clients that connect to private-CA endpoints:

- S3-compatible (MinIO, RustFS): via NodeHttpHandler + https.Agent
- Redis (rediss://): via ioredis tls.ca option

Not applied to AWS S3, Azure Blob, or GCS — these connect to public
cloud endpoints with well-known CAs. For runtime-wide CA trust
(all providers), NODE_EXTRA_CA_CERTS remains the recommended approach.

Validation: startup error if the file cannot be read or is not PEM.

Docs: README, docs/reference/cli.md, docs/architecture/caching.md,
CHANGELOG.

* fix: replace any-typed bunServerRef with structural type in ws.ts

The biome-ignore suppression was placed two lines above the actual
annotation, making it ineffective (unus... (continued)

2252 of 3353 relevant lines covered (67.16%)

24.02 hits per line

Source Files on job 25820453266.1