feat: external security reviews & patrick addition#160
Merged
mattaereal merged 3 commits intosecurity-alliance:developfrom Jul 18, 2025
Merged
Conversation
|
The latest updates on your projects. Learn more about Vercel for Git ↗︎
|
Collaborator
|
Overall, this looks good! I will only say that we will need to help people differentiate between a smart-contract-oriented security review (which is what you covered) and the rest. Why? Because not only the processes but also the arrangements and scopes are totally different! What do you think? |
Collaborator
Author
|
Makes sense! Should I make a folder for smart contract reviews in particular? Or abstract this out to be more applicable to all reviews? |
Collaborator
|
If you can/want, I'd say you abstract it, and then create separate categories/sections to delve deeper into the most different, which are smart contracts and other types of web2-related audits. For now, that should suffice. I left a few comments the other day as well, as some suggestions |
PatrickAlphaC
force-pushed
the
fw_external_security_reviews
branch
from
89abdca to
51753cd
Compare
Collaborator
Author
|
Linting issues will be fixed with: https://github.com/security-alliance/frameworks/pull/171/files#diff-deb9bb56fb122db0b605aa5b63f95a4665c905b18dd670e1fa6c877576a94ff1 |
Collaborator
|
I manually added the new contents to the outline, since SUMMARY.md is not being tracked, and only src/config/SUMMARY.develop for this branch is being tracked. Sent a PR to update PR template to address this before submiting future ones |
mattaereal
added a commit
that referenced
this pull request
Aug 5, 2025
) * Code review additions (#145) * add pre-audit prep stage with links to solcurity and simple security toolkit Signed-off-by: Elliot <elliotfriedman3@gmail.com> * add prepare thoroughly section Signed-off-by: Elliot <elliotfriedman3@gmail.com> * prepare thoroughly -> come prepared Signed-off-by: Elliot <elliotfriedman3@gmail.com> --------- Signed-off-by: Elliot <elliotfriedman3@gmail.com> * Updated contributing and readme.md * Removed catpuccin, updated mdbook and admonish. (#147) * Removed catpuccin, updated mdbook and admonish. * Removing deprecated themes from UI, and fixing admonish version on vercel_build * Testing admonish through vercel automated deployment * Updating wordlist.txt * Clean update of logo and favicon. (#151) * Updating develop to the new and more humane beginning of a written Opsec Framework (#154) * Updating Opsec first iteration after re-write, CorPrinciples checkpoint * Updating Opsec structure and initial approach for some of the new contents. * Updating human centered security * Stop tracking generated tagsindex.js file * Updating gitignore * Removing old readme that explained how tags work. * New structure * First iter of Fundamentals * First iter of Fundamentals * Restructuring Opsec once again. Re-wrtitten principles and threat modeling * Forgot attribution. * Added key takeaways and removed redundancy * Updating Risk management and removing overlap from Threat modeling * Fixing broken link * Spellcheck's wordlist update * Spellcheck's wordlist update * Spellcheck's wordlist update * Updating Opsec with latest updates (#157) * Updating Opsec first iteration after re-write, CorPrinciples checkpoint * Updating Opsec structure and initial approach for some of the new contents. * Updating human centered security * Stop tracking generated tagsindex.js file * Updating gitignore * Removing old readme that explained how tags work. * New structure * First iter of Fundamentals * First iter of Fundamentals * Restructuring Opsec once again. Re-wrtitten principles and threat modeling * Forgot attribution. * Added key takeaways and removed redundancy * Updating Risk management and removing overlap from Threat modeling * Fixing broken link * Spellcheck's wordlist update * Spellcheck's wordlist update * Spellcheck's wordlist update * Updating with tincho's review * Fixing grammar issues and spellcheck * Updating wordlist.txt * Initial draft of personal security travel guide! (#158) * Updating Opsec first iteration after re-write, CorPrinciples checkpoint * Updating Opsec structure and initial approach for some of the new contents. * Updating human centered security * Stop tracking generated tagsindex.js file * Updating gitignore * Removing old readme that explained how tags work. * New structure * First iter of Fundamentals * First iter of Fundamentals * Restructuring Opsec once again. Re-wrtitten principles and threat modeling * Forgot attribution. * Added key takeaways and removed redundancy * Updating Risk management and removing overlap from Threat modeling * Fixing broken link * Spellcheck's wordlist update * Spellcheck's wordlist update * Spellcheck's wordlist update * Updating with tincho's review * Fixing grammar issues and spellcheck * Updating wordlist.txt * Security travel guide from Notion * Attribution * Updating naming on opsec travel guide * Updating, and re-ordering paragraphs from opsec travel guide * Attribution to sources * Add Secure Multisig Signing Process (#122) * Add secure multisig signing process * Add multisig best practices page, update msig signing process * Add additional best practices from EF doc * Add final comment for this PR * Removing the old operational-security folder, moving secure-multisig contents within wallet-security, and re-generated the overview of frameworks with AI. * Safe Harbor Docs (#144) Co-authored-by: Matías Aereal Aeón <388605+mattaereal@users.noreply.github.com> * doc: instruction for re-writing history to sign commits (#156) * Tidy plugins (#143) * Tody Plugins Signed-off-by: Robert MacWha <trebor.ahwcam@gmail.com> * doc: fix robert's website --------- Signed-off-by: Robert MacWha <trebor.ahwcam@gmail.com> * feat: overhaul of the Wallet Security section (#164) * docs: update README for new structure * docs: update documentation on custodial vs non-custodial and hot vs cold wallets * docs: add user security guides for beginners and intermediates * docs: add advanced security guides * docs: add key management * docs: add tools and resources * docs: add signing and verifation section * docs: improvements in AA and EIP7701 * docs: improves the entire section * docs: deletion of obsolete sections * docs: add new item hardwallet * docs: fixed typo * docs: Refine wallet security guides for accuracy and clarity * docs: Apply light content adjustments and add 'reviewed' tag. * archive Developer Key Management section for later * small format changes * docs: refactor updated navigation * docs: Update contribution and documentation configuration * feat: fix extra fields & add verbose errors (#167) * feat: fix extra fields & add verbose errors * fix: switch back to book.for_each_mut Also cache all errors instead of just the first * feat: log error when deserializing contributors json * feat: fix UI differences * fix: re-add company attribution * fix: add alias for fact-checked * fix: jitter on hover contributors * fix: urls scrolling * fix: display:content * fix: `fact_checked` spelling * fix: throw error if role alias not found * tidy: role_aliases * Bump crossbeam-channel (#166) Bumps the cargo group with 1 update in the /plugin/mdbook-metadata directory: [crossbeam-channel](https://github.com/crossbeam-rs/crossbeam). Updates `crossbeam-channel` from 0.5.14 to 0.5.15 - [Release notes](https://github.com/crossbeam-rs/crossbeam/releases) - [Changelog](https://github.com/crossbeam-rs/crossbeam/blob/master/CHANGELOG.md) - [Commits](crossbeam-rs/crossbeam@crossbeam-channel-0.5.14...crossbeam-channel-0.5.15) --- updated-dependencies: - dependency-name: crossbeam-channel dependency-version: 0.5.15 dependency-type: indirect dependency-group: cargo ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Fix several misc (#168) * Added some things to gitignore, particularly to use claude. * Correcting attribution * Updating steward, and improving tags UI * Removing spell-check from develop. Only on main from now on. Exploratory. * feat: security testing - solidity focused (#163) * feat: security testing - solidity focused * fix: lint * fix: josselins review * fix: reverse aderyn and slither order * fix: patrickalphac contributor after merge * Introducing Decentralized IR Framework (#165) * added DeIRF framework * new de-irf framework * adjusted summary as requested --------- Co-authored-by: Ken Toler <ken.toler@gmail.com> * feat: external security reviews & patrick addition (#160) * feat: external security reviews & patrick addition * fix: lint * fix: moved smart contract audits to their own section * Adding to the outline the latest pushed content. * Bump mdbook version (#177) * Update vercel_build.sh * Update printed statement * feat: added more information on wallet security (#173) * feat: added more information on wallet security * fix: remove named solutions * Update PULL_REQUEST_TEMPLATE.md (#174) * fix: stewards (#172) * Update tldr.md (#181) Added a line to "While Traveling" * Update README.md (#178) I improved clarity in OpSec overview with simplified explanation and added detail on goal * Update implementation-process.md (#179) Fixed punctuation to make the text clearer, added colons, commas, and cleaned up brackets. * feat: updating linting, devcontainer, and local development (#184) * feat: updating linting, devcontainer, and local development * Update justfile --------- Co-authored-by: Matías Aereal Aeón <388605+mattaereal@users.noreply.github.com> * Going back to 0.4.40 stable. * Fix spelling issues and update wordlist (#188) - Fixed 'asume' -> 'assume' in src/opsec/travel/guide.md - Fixed 'cybercrmiminals' -> 'cybercriminals' in src/opsec/travel/guide.md - Added 78 legitimate technical terms, brand names, and valid words to wordlist.txt - Includes terms like Counterparty, Invariants, Utils, and many others - Cleaned up wordlist formatting and removed invalid entries * Fix typos in mdbook-metadata README.md and add renderer to wordlist - Fix 'pagse' to 'pages' - Fix 'requrie' to 'require' - Fix 'seperate' to 'separate' - Add 'renderer' to wordlist.txt * Update threat-modeling-overview.md (#182) * Clarified 'Team changes' to include onboarding and offboarding key personnel * Added structured 'Further Reading & Tools' section with grouped references and tools * Updating Safe Harbor Documentation (#186) * Enhance Safe Harbor documentation and contributor list - Updated SUMMARY.md to include new resources for Safe Harbor, such as self-checklists and adoption guides. - Removed outdated key terms and protocol documentation from the Safe Harbor section. - Expanded the README.md to provide clearer explanations of Safe Harbor's purpose, adoption process, and benefits, including new visuals and testimonials from industry leaders. - Added Dickson Wu as a contributor in contributors.json with relevant details. * Update Safe Harbor documentation links for consistency - Changed links in various templates and guides to point to local markdown files instead of external Notion pages for better accessibility. - Updated the adoption details in the DAO proposal and non-DAO scope templates to reflect the new link structure. - Revised the self-adoption guide and checklist to ensure all references are consistent with the new documentation format. * Update Safe Harbor section in SUMMARY.md with new resources - Added links to new documentation including self-checklist, self-adoption guide, scope terms, on-chain adoption guide, DAO proposal template, and non-DAO scope template. - Removed outdated protocol and key terms links for improved clarity and organization. * Refactor Safe Harbor documentation for clarity and consistency - Updated the Safe Harbor eligibility checklist title and content for improved clarity. - Added new tags to various templates to enhance categorization. - Revised contact information in multiple documents to use a unified email format. - Ensured all references to Safe Harbor align with the latest documentation standards. * Update src/config/contributors.json Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Remove integration mapping documentation file * Update src/safe-harbor/README.md Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Update src/safe-harbor/scope-terms.md Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Update src/safe-harbor/self-checklist.md Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Update src/safe-harbor/on-chain-adoption-guide.md Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Update src/safe-harbor/README.md Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Update src/safe-harbor/scope-terms.md Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Remove DAO Proposal and Non-DAO Scope Templates from Safe Harbor documentation - Deleted the DAO Proposal Template and Non-DAO Scope Template files to streamline the Safe Harbor resources. - Updated SUMMARY.md and config/SUMMARY.md.develop to reflect the removal of these templates, enhancing clarity and organization. * Refactor Safe Harbor documentation for clarity and consistency - Removed unnecessary horizontal lines from multiple sections in the on-chain adoption guide, scope terms, self-adoption guide, and self-checklist to improve readability. - Enhanced the overall structure of the documents by streamlining formatting. --------- Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Updating outlines. Removing empty frameworks from main * Fixing broken link in PR template * Fixing grammar issues and spellcheck --------- Signed-off-by: Elliot <elliotfriedman3@gmail.com> Signed-off-by: Robert MacWha <trebor.ahwcam@gmail.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Elliot <34463580+ElliotFriedman@users.noreply.github.com> Co-authored-by: engn33r <engn33r@users.noreply.github.com> Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> Co-authored-by: Piña <32434364+pinalikefruit@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Patrick Collins <54278053+PatrickAlphaC@users.noreply.github.com> Co-authored-by: relotnek <kentoler@gmail.com> Co-authored-by: Ken Toler <ken.toler@gmail.com> Co-authored-by: David <100804766+davidthegardens@users.noreply.github.com> Co-authored-by: NFTDreww <158506653+NFTDreww@users.noreply.github.com> Co-authored-by: Godwin Udo <102424075+GodwinDA@users.noreply.github.com> Co-authored-by: Yasir <100064629+damboy0@users.noreply.github.com> Co-authored-by: Dickson Wu <33645481+DicksonWu654@users.noreply.github.com>
scode2277
pushed a commit
that referenced
this pull request
Sep 12, 2025
) * Code review additions (#145) * add pre-audit prep stage with links to solcurity and simple security toolkit Signed-off-by: Elliot <elliotfriedman3@gmail.com> * add prepare thoroughly section Signed-off-by: Elliot <elliotfriedman3@gmail.com> * prepare thoroughly -> come prepared Signed-off-by: Elliot <elliotfriedman3@gmail.com> --------- Signed-off-by: Elliot <elliotfriedman3@gmail.com> * Updated contributing and readme.md * Removed catpuccin, updated mdbook and admonish. (#147) * Removed catpuccin, updated mdbook and admonish. * Removing deprecated themes from UI, and fixing admonish version on vercel_build * Testing admonish through vercel automated deployment * Updating wordlist.txt * Clean update of logo and favicon. (#151) * Updating develop to the new and more humane beginning of a written Opsec Framework (#154) * Updating Opsec first iteration after re-write, CorPrinciples checkpoint * Updating Opsec structure and initial approach for some of the new contents. * Updating human centered security * Stop tracking generated tagsindex.js file * Updating gitignore * Removing old readme that explained how tags work. * New structure * First iter of Fundamentals * First iter of Fundamentals * Restructuring Opsec once again. Re-wrtitten principles and threat modeling * Forgot attribution. * Added key takeaways and removed redundancy * Updating Risk management and removing overlap from Threat modeling * Fixing broken link * Spellcheck's wordlist update * Spellcheck's wordlist update * Spellcheck's wordlist update * Updating Opsec with latest updates (#157) * Updating Opsec first iteration after re-write, CorPrinciples checkpoint * Updating Opsec structure and initial approach for some of the new contents. * Updating human centered security * Stop tracking generated tagsindex.js file * Updating gitignore * Removing old readme that explained how tags work. * New structure * First iter of Fundamentals * First iter of Fundamentals * Restructuring Opsec once again. Re-wrtitten principles and threat modeling * Forgot attribution. * Added key takeaways and removed redundancy * Updating Risk management and removing overlap from Threat modeling * Fixing broken link * Spellcheck's wordlist update * Spellcheck's wordlist update * Spellcheck's wordlist update * Updating with tincho's review * Fixing grammar issues and spellcheck * Updating wordlist.txt * Initial draft of personal security travel guide! (#158) * Updating Opsec first iteration after re-write, CorPrinciples checkpoint * Updating Opsec structure and initial approach for some of the new contents. * Updating human centered security * Stop tracking generated tagsindex.js file * Updating gitignore * Removing old readme that explained how tags work. * New structure * First iter of Fundamentals * First iter of Fundamentals * Restructuring Opsec once again. Re-wrtitten principles and threat modeling * Forgot attribution. * Added key takeaways and removed redundancy * Updating Risk management and removing overlap from Threat modeling * Fixing broken link * Spellcheck's wordlist update * Spellcheck's wordlist update * Spellcheck's wordlist update * Updating with tincho's review * Fixing grammar issues and spellcheck * Updating wordlist.txt * Security travel guide from Notion * Attribution * Updating naming on opsec travel guide * Updating, and re-ordering paragraphs from opsec travel guide * Attribution to sources * Add Secure Multisig Signing Process (#122) * Add secure multisig signing process * Add multisig best practices page, update msig signing process * Add additional best practices from EF doc * Add final comment for this PR * Removing the old operational-security folder, moving secure-multisig contents within wallet-security, and re-generated the overview of frameworks with AI. * Safe Harbor Docs (#144) Co-authored-by: Matías Aereal Aeón <388605+mattaereal@users.noreply.github.com> * doc: instruction for re-writing history to sign commits (#156) * Tidy plugins (#143) * Tody Plugins Signed-off-by: Robert MacWha <trebor.ahwcam@gmail.com> * doc: fix robert's website --------- Signed-off-by: Robert MacWha <trebor.ahwcam@gmail.com> * feat: overhaul of the Wallet Security section (#164) * docs: update README for new structure * docs: update documentation on custodial vs non-custodial and hot vs cold wallets * docs: add user security guides for beginners and intermediates * docs: add advanced security guides * docs: add key management * docs: add tools and resources * docs: add signing and verifation section * docs: improvements in AA and EIP7701 * docs: improves the entire section * docs: deletion of obsolete sections * docs: add new item hardwallet * docs: fixed typo * docs: Refine wallet security guides for accuracy and clarity * docs: Apply light content adjustments and add 'reviewed' tag. * archive Developer Key Management section for later * small format changes * docs: refactor updated navigation * docs: Update contribution and documentation configuration * feat: fix extra fields & add verbose errors (#167) * feat: fix extra fields & add verbose errors * fix: switch back to book.for_each_mut Also cache all errors instead of just the first * feat: log error when deserializing contributors json * feat: fix UI differences * fix: re-add company attribution * fix: add alias for fact-checked * fix: jitter on hover contributors * fix: urls scrolling * fix: display:content * fix: `fact_checked` spelling * fix: throw error if role alias not found * tidy: role_aliases * Bump crossbeam-channel (#166) Bumps the cargo group with 1 update in the /plugin/mdbook-metadata directory: [crossbeam-channel](https://github.com/crossbeam-rs/crossbeam). Updates `crossbeam-channel` from 0.5.14 to 0.5.15 - [Release notes](https://github.com/crossbeam-rs/crossbeam/releases) - [Changelog](https://github.com/crossbeam-rs/crossbeam/blob/master/CHANGELOG.md) - [Commits](crossbeam-rs/crossbeam@crossbeam-channel-0.5.14...crossbeam-channel-0.5.15) --- updated-dependencies: - dependency-name: crossbeam-channel dependency-version: 0.5.15 dependency-type: indirect dependency-group: cargo ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Fix several misc (#168) * Added some things to gitignore, particularly to use claude. * Correcting attribution * Updating steward, and improving tags UI * Removing spell-check from develop. Only on main from now on. Exploratory. * feat: security testing - solidity focused (#163) * feat: security testing - solidity focused * fix: lint * fix: josselins review * fix: reverse aderyn and slither order * fix: patrickalphac contributor after merge * Introducing Decentralized IR Framework (#165) * added DeIRF framework * new de-irf framework * adjusted summary as requested --------- Co-authored-by: Ken Toler <ken.toler@gmail.com> * feat: external security reviews & patrick addition (#160) * feat: external security reviews & patrick addition * fix: lint * fix: moved smart contract audits to their own section * Adding to the outline the latest pushed content. * Bump mdbook version (#177) * Update vercel_build.sh * Update printed statement * feat: added more information on wallet security (#173) * feat: added more information on wallet security * fix: remove named solutions * Update PULL_REQUEST_TEMPLATE.md (#174) * fix: stewards (#172) * Update tldr.md (#181) Added a line to "While Traveling" * Update README.md (#178) I improved clarity in OpSec overview with simplified explanation and added detail on goal * Update implementation-process.md (#179) Fixed punctuation to make the text clearer, added colons, commas, and cleaned up brackets. * feat: updating linting, devcontainer, and local development (#184) * feat: updating linting, devcontainer, and local development * Update justfile --------- Co-authored-by: Matías Aereal Aeón <388605+mattaereal@users.noreply.github.com> * Going back to 0.4.40 stable. * Fix spelling issues and update wordlist (#188) - Fixed 'asume' -> 'assume' in src/opsec/travel/guide.md - Fixed 'cybercrmiminals' -> 'cybercriminals' in src/opsec/travel/guide.md - Added 78 legitimate technical terms, brand names, and valid words to wordlist.txt - Includes terms like Counterparty, Invariants, Utils, and many others - Cleaned up wordlist formatting and removed invalid entries * Fix typos in mdbook-metadata README.md and add renderer to wordlist - Fix 'pagse' to 'pages' - Fix 'requrie' to 'require' - Fix 'seperate' to 'separate' - Add 'renderer' to wordlist.txt * Update threat-modeling-overview.md (#182) * Clarified 'Team changes' to include onboarding and offboarding key personnel * Added structured 'Further Reading & Tools' section with grouped references and tools * Updating Safe Harbor Documentation (#186) * Enhance Safe Harbor documentation and contributor list - Updated SUMMARY.md to include new resources for Safe Harbor, such as self-checklists and adoption guides. - Removed outdated key terms and protocol documentation from the Safe Harbor section. - Expanded the README.md to provide clearer explanations of Safe Harbor's purpose, adoption process, and benefits, including new visuals and testimonials from industry leaders. - Added Dickson Wu as a contributor in contributors.json with relevant details. * Update Safe Harbor documentation links for consistency - Changed links in various templates and guides to point to local markdown files instead of external Notion pages for better accessibility. - Updated the adoption details in the DAO proposal and non-DAO scope templates to reflect the new link structure. - Revised the self-adoption guide and checklist to ensure all references are consistent with the new documentation format. * Update Safe Harbor section in SUMMARY.md with new resources - Added links to new documentation including self-checklist, self-adoption guide, scope terms, on-chain adoption guide, DAO proposal template, and non-DAO scope template. - Removed outdated protocol and key terms links for improved clarity and organization. * Refactor Safe Harbor documentation for clarity and consistency - Updated the Safe Harbor eligibility checklist title and content for improved clarity. - Added new tags to various templates to enhance categorization. - Revised contact information in multiple documents to use a unified email format. - Ensured all references to Safe Harbor align with the latest documentation standards. * Update src/config/contributors.json Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Remove integration mapping documentation file * Update src/safe-harbor/README.md Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Update src/safe-harbor/scope-terms.md Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Update src/safe-harbor/self-checklist.md Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Update src/safe-harbor/on-chain-adoption-guide.md Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Update src/safe-harbor/README.md Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Update src/safe-harbor/scope-terms.md Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Remove DAO Proposal and Non-DAO Scope Templates from Safe Harbor documentation - Deleted the DAO Proposal Template and Non-DAO Scope Template files to streamline the Safe Harbor resources. - Updated SUMMARY.md and config/SUMMARY.md.develop to reflect the removal of these templates, enhancing clarity and organization. * Refactor Safe Harbor documentation for clarity and consistency - Removed unnecessary horizontal lines from multiple sections in the on-chain adoption guide, scope terms, self-adoption guide, and self-checklist to improve readability. - Enhanced the overall structure of the documents by streamlining formatting. --------- Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Updating outlines. Removing empty frameworks from main * Fixing broken link in PR template * Fixing grammar issues and spellcheck --------- Signed-off-by: Elliot <elliotfriedman3@gmail.com> Signed-off-by: Robert MacWha <trebor.ahwcam@gmail.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Elliot <34463580+ElliotFriedman@users.noreply.github.com> Co-authored-by: engn33r <engn33r@users.noreply.github.com> Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> Co-authored-by: Piña <32434364+pinalikefruit@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Patrick Collins <54278053+PatrickAlphaC@users.noreply.github.com> Co-authored-by: relotnek <kentoler@gmail.com> Co-authored-by: Ken Toler <ken.toler@gmail.com> Co-authored-by: David <100804766+davidthegardens@users.noreply.github.com> Co-authored-by: NFTDreww <158506653+NFTDreww@users.noreply.github.com> Co-authored-by: Godwin Udo <102424075+GodwinDA@users.noreply.github.com> Co-authored-by: Yasir <100064629+damboy0@users.noreply.github.com> Co-authored-by: Dickson Wu <33645481+DicksonWu654@users.noreply.github.com>
mattaereal
added a commit
that referenced
this pull request
Sep 19, 2025
* initial Vocs migration and Vercel-ready devcontainer setup - Configured devcontainer and npm scripts with host 0.0.0.0 and port 5173 forwarding - Added vercel_build.sh and vercel.json to enable Vercel deployment - Retained src folder for easier future migration and modular structure - Included initial theme files for later customization * .gitignore updated to show package.json and package-lock.json * Update .gitignore to remove the build folder * Remove dist folder from tracking * completed migration of content to MDX format and restructured navigation - Migrated all files from src/ to docs/pages/ and converted .md to .mdx - Added proper TagProvider components and frontmatter - Updated vocs.config.ts with completed navigation - Removed src/ folder as content migration is complete * fix: resolve dead links and update opsec structure * feat: sync contributors.json with complete contributor metadata * feat: added contributors.mdx component + footer component * fix: added missing import * feat: Update filter component to automatically fetch tags from frontmatter * Update filter to be static + responsive * fix: update filter position if the banner is present + filter theming * feat: sidebar filter and docs cleanup - update blockchain tag color - make sidebar scrollable when filter is open - remove old SUMMARY files - add new manual-review page - reorganize public folder with images in subfolders - remove landing page - add branch-based sidebar filter in vocs.config.ts * fix(build): add Playwright installation in Vercel build for Mermaid rendering * chore(docs): comment out mermaid diagram to isolate build issue * fix(build): force Playwright installation in Vercel build * chore(build): manual Playwright download for Vercel * feat: Add mermaid component * refactor(docs): reorganize contributors positioning + rename stewards&contributors files * feat: integrate main/develop changes, global styling and sets up npm for just commands * Add missing contributors to contributors.json * fix: fixing typos * feat: Add insider-threats framework (DPRK IT Workers) (#193) * feat: Add insider-threats framework (DPRK IT Workers) Signed-off-by: blackbigswan <56428630+shortdoom@users.noreply.github.com> * feat: Fixing based on comments Signed-off-by: blackbigswan <56428630+shortdoom@users.noreply.github.com> --------- Signed-off-by: blackbigswan <56428630+shortdoom@users.noreply.github.com> * Addition of a Mutation Testing Section (#180) * mutation testing section Added: - Mutation Testing Section - Reference to Mutation Testing in Unit Testing * changes based on PR feedback Co-authored-by: Patrick Collins <54278053+PatrickAlphaC@users.noreply.github.com> * Moved the evaluating test suite part to Readme * updated summary as requested * Fixing the linter to take into account subfolders as well (#191) * Fixing the linter to take into account subfolders as well * Mass fixing linting * fixing linting in justfile * Update src/external-security-reviews/README.md Co-authored-by: Dickson Wu <33645481+DicksonWu654@users.noreply.github.com> --------- Co-authored-by: Dickson Wu <33645481+DicksonWu654@users.noreply.github.com> * Update SUMMARY.md.develop --------- Co-authored-by: Patrick Collins <54278053+PatrickAlphaC@users.noreply.github.com> Co-authored-by: Matías Aereal Aeón <388605+mattaereal@users.noreply.github.com> Co-authored-by: Dickson Wu <33645481+DicksonWu654@users.noreply.github.com> * Merge from Main * Merge from main * Update SUMMARY.md.main with new prod-ready pages * Updating main on missing commits due to previous selective-merging (#192) * Code review additions (#145) * add pre-audit prep stage with links to solcurity and simple security toolkit Signed-off-by: Elliot <elliotfriedman3@gmail.com> * add prepare thoroughly section Signed-off-by: Elliot <elliotfriedman3@gmail.com> * prepare thoroughly -> come prepared Signed-off-by: Elliot <elliotfriedman3@gmail.com> --------- Signed-off-by: Elliot <elliotfriedman3@gmail.com> * Updated contributing and readme.md * Removed catpuccin, updated mdbook and admonish. (#147) * Removed catpuccin, updated mdbook and admonish. * Removing deprecated themes from UI, and fixing admonish version on vercel_build * Testing admonish through vercel automated deployment * Updating wordlist.txt * Clean update of logo and favicon. (#151) * Updating develop to the new and more humane beginning of a written Opsec Framework (#154) * Updating Opsec first iteration after re-write, CorPrinciples checkpoint * Updating Opsec structure and initial approach for some of the new contents. * Updating human centered security * Stop tracking generated tagsindex.js file * Updating gitignore * Removing old readme that explained how tags work. * New structure * First iter of Fundamentals * First iter of Fundamentals * Restructuring Opsec once again. Re-wrtitten principles and threat modeling * Forgot attribution. * Added key takeaways and removed redundancy * Updating Risk management and removing overlap from Threat modeling * Fixing broken link * Spellcheck's wordlist update * Spellcheck's wordlist update * Spellcheck's wordlist update * Updating Opsec with latest updates (#157) * Updating Opsec first iteration after re-write, CorPrinciples checkpoint * Updating Opsec structure and initial approach for some of the new contents. * Updating human centered security * Stop tracking generated tagsindex.js file * Updating gitignore * Removing old readme that explained how tags work. * New structure * First iter of Fundamentals * First iter of Fundamentals * Restructuring Opsec once again. Re-wrtitten principles and threat modeling * Forgot attribution. * Added key takeaways and removed redundancy * Updating Risk management and removing overlap from Threat modeling * Fixing broken link * Spellcheck's wordlist update * Spellcheck's wordlist update * Spellcheck's wordlist update * Updating with tincho's review * Fixing grammar issues and spellcheck * Updating wordlist.txt * Initial draft of personal security travel guide! (#158) * Updating Opsec first iteration after re-write, CorPrinciples checkpoint * Updating Opsec structure and initial approach for some of the new contents. * Updating human centered security * Stop tracking generated tagsindex.js file * Updating gitignore * Removing old readme that explained how tags work. * New structure * First iter of Fundamentals * First iter of Fundamentals * Restructuring Opsec once again. Re-wrtitten principles and threat modeling * Forgot attribution. * Added key takeaways and removed redundancy * Updating Risk management and removing overlap from Threat modeling * Fixing broken link * Spellcheck's wordlist update * Spellcheck's wordlist update * Spellcheck's wordlist update * Updating with tincho's review * Fixing grammar issues and spellcheck * Updating wordlist.txt * Security travel guide from Notion * Attribution * Updating naming on opsec travel guide * Updating, and re-ordering paragraphs from opsec travel guide * Attribution to sources * Add Secure Multisig Signing Process (#122) * Add secure multisig signing process * Add multisig best practices page, update msig signing process * Add additional best practices from EF doc * Add final comment for this PR * Removing the old operational-security folder, moving secure-multisig contents within wallet-security, and re-generated the overview of frameworks with AI. * Safe Harbor Docs (#144) Co-authored-by: Matías Aereal Aeón <388605+mattaereal@users.noreply.github.com> * doc: instruction for re-writing history to sign commits (#156) * Tidy plugins (#143) * Tody Plugins Signed-off-by: Robert MacWha <trebor.ahwcam@gmail.com> * doc: fix robert's website --------- Signed-off-by: Robert MacWha <trebor.ahwcam@gmail.com> * feat: overhaul of the Wallet Security section (#164) * docs: update README for new structure * docs: update documentation on custodial vs non-custodial and hot vs cold wallets * docs: add user security guides for beginners and intermediates * docs: add advanced security guides * docs: add key management * docs: add tools and resources * docs: add signing and verifation section * docs: improvements in AA and EIP7701 * docs: improves the entire section * docs: deletion of obsolete sections * docs: add new item hardwallet * docs: fixed typo * docs: Refine wallet security guides for accuracy and clarity * docs: Apply light content adjustments and add 'reviewed' tag. * archive Developer Key Management section for later * small format changes * docs: refactor updated navigation * docs: Update contribution and documentation configuration * feat: fix extra fields & add verbose errors (#167) * feat: fix extra fields & add verbose errors * fix: switch back to book.for_each_mut Also cache all errors instead of just the first * feat: log error when deserializing contributors json * feat: fix UI differences * fix: re-add company attribution * fix: add alias for fact-checked * fix: jitter on hover contributors * fix: urls scrolling * fix: display:content * fix: `fact_checked` spelling * fix: throw error if role alias not found * tidy: role_aliases * Bump crossbeam-channel (#166) Bumps the cargo group with 1 update in the /plugin/mdbook-metadata directory: [crossbeam-channel](https://github.com/crossbeam-rs/crossbeam). Updates `crossbeam-channel` from 0.5.14 to 0.5.15 - [Release notes](https://github.com/crossbeam-rs/crossbeam/releases) - [Changelog](https://github.com/crossbeam-rs/crossbeam/blob/master/CHANGELOG.md) - [Commits](crossbeam-rs/crossbeam@crossbeam-channel-0.5.14...crossbeam-channel-0.5.15) --- updated-dependencies: - dependency-name: crossbeam-channel dependency-version: 0.5.15 dependency-type: indirect dependency-group: cargo ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Fix several misc (#168) * Added some things to gitignore, particularly to use claude. * Correcting attribution * Updating steward, and improving tags UI * Removing spell-check from develop. Only on main from now on. Exploratory. * feat: security testing - solidity focused (#163) * feat: security testing - solidity focused * fix: lint * fix: josselins review * fix: reverse aderyn and slither order * fix: patrickalphac contributor after merge * Introducing Decentralized IR Framework (#165) * added DeIRF framework * new de-irf framework * adjusted summary as requested --------- Co-authored-by: Ken Toler <ken.toler@gmail.com> * feat: external security reviews & patrick addition (#160) * feat: external security reviews & patrick addition * fix: lint * fix: moved smart contract audits to their own section * Adding to the outline the latest pushed content. * Bump mdbook version (#177) * Update vercel_build.sh * Update printed statement * feat: added more information on wallet security (#173) * feat: added more information on wallet security * fix: remove named solutions * Update PULL_REQUEST_TEMPLATE.md (#174) * fix: stewards (#172) * Update tldr.md (#181) Added a line to "While Traveling" * Update README.md (#178) I improved clarity in OpSec overview with simplified explanation and added detail on goal * Update implementation-process.md (#179) Fixed punctuation to make the text clearer, added colons, commas, and cleaned up brackets. * feat: updating linting, devcontainer, and local development (#184) * feat: updating linting, devcontainer, and local development * Update justfile --------- Co-authored-by: Matías Aereal Aeón <388605+mattaereal@users.noreply.github.com> * Going back to 0.4.40 stable. * Fix spelling issues and update wordlist (#188) - Fixed 'asume' -> 'assume' in src/opsec/travel/guide.md - Fixed 'cybercrmiminals' -> 'cybercriminals' in src/opsec/travel/guide.md - Added 78 legitimate technical terms, brand names, and valid words to wordlist.txt - Includes terms like Counterparty, Invariants, Utils, and many others - Cleaned up wordlist formatting and removed invalid entries * Fix typos in mdbook-metadata README.md and add renderer to wordlist - Fix 'pagse' to 'pages' - Fix 'requrie' to 'require' - Fix 'seperate' to 'separate' - Add 'renderer' to wordlist.txt * Update threat-modeling-overview.md (#182) * Clarified 'Team changes' to include onboarding and offboarding key personnel * Added structured 'Further Reading & Tools' section with grouped references and tools * Updating Safe Harbor Documentation (#186) * Enhance Safe Harbor documentation and contributor list - Updated SUMMARY.md to include new resources for Safe Harbor, such as self-checklists and adoption guides. - Removed outdated key terms and protocol documentation from the Safe Harbor section. - Expanded the README.md to provide clearer explanations of Safe Harbor's purpose, adoption process, and benefits, including new visuals and testimonials from industry leaders. - Added Dickson Wu as a contributor in contributors.json with relevant details. * Update Safe Harbor documentation links for consistency - Changed links in various templates and guides to point to local markdown files instead of external Notion pages for better accessibility. - Updated the adoption details in the DAO proposal and non-DAO scope templates to reflect the new link structure. - Revised the self-adoption guide and checklist to ensure all references are consistent with the new documentation format. * Update Safe Harbor section in SUMMARY.md with new resources - Added links to new documentation including self-checklist, self-adoption guide, scope terms, on-chain adoption guide, DAO proposal template, and non-DAO scope template. - Removed outdated protocol and key terms links for improved clarity and organization. * Refactor Safe Harbor documentation for clarity and consistency - Updated the Safe Harbor eligibility checklist title and content for improved clarity. - Added new tags to various templates to enhance categorization. - Revised contact information in multiple documents to use a unified email format. - Ensured all references to Safe Harbor align with the latest documentation standards. * Update src/config/contributors.json Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Remove integration mapping documentation file * Update src/safe-harbor/README.md Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Update src/safe-harbor/scope-terms.md Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Update src/safe-harbor/self-checklist.md Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Update src/safe-harbor/on-chain-adoption-guide.md Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Update src/safe-harbor/README.md Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Update src/safe-harbor/scope-terms.md Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Remove DAO Proposal and Non-DAO Scope Templates from Safe Harbor documentation - Deleted the DAO Proposal Template and Non-DAO Scope Template files to streamline the Safe Harbor resources. - Updated SUMMARY.md and config/SUMMARY.md.develop to reflect the removal of these templates, enhancing clarity and organization. * Refactor Safe Harbor documentation for clarity and consistency - Removed unnecessary horizontal lines from multiple sections in the on-chain adoption guide, scope terms, self-adoption guide, and self-checklist to improve readability. - Enhanced the overall structure of the documents by streamlining formatting. --------- Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Updating outlines. Removing empty frameworks from main * Fixing broken link in PR template * Fixing grammar issues and spellcheck --------- Signed-off-by: Elliot <elliotfriedman3@gmail.com> Signed-off-by: Robert MacWha <trebor.ahwcam@gmail.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Elliot <34463580+ElliotFriedman@users.noreply.github.com> Co-authored-by: engn33r <engn33r@users.noreply.github.com> Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> Co-authored-by: Piña <32434364+pinalikefruit@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Patrick Collins <54278053+PatrickAlphaC@users.noreply.github.com> Co-authored-by: relotnek <kentoler@gmail.com> Co-authored-by: Ken Toler <ken.toler@gmail.com> Co-authored-by: David <100804766+davidthegardens@users.noreply.github.com> Co-authored-by: NFTDreww <158506653+NFTDreww@users.noreply.github.com> Co-authored-by: Godwin Udo <102424075+GodwinDA@users.noreply.github.com> Co-authored-by: Yasir <100064629+damboy0@users.noreply.github.com> Co-authored-by: Dickson Wu <33645481+DicksonWu654@users.noreply.github.com> * quick fix for external security reviews * Adding dobs suggestions * Add Yaniv Sofer as a contributor and update review roles in insider t… (#221) * Add Yaniv Sofer as a contributor and update review roles in insider threats documentation * Add blackbigswan as a contributor and update contributor roles in insider threats documentation * fix: naming change - explicit DPRK IT Workers framework (#223) * fix: changed name of "insider-threats" folder to "dprk-it-workers" * fix: folder name change + delete src folder * Rename README files to "overview" for consistency * Rename opsec/overview folder to core-concepts * merge opsec/core-concepts/overview into opsec/overview * make vercel redirect parent URLs on their overview file * light mode adjustments * fix formatting * fix height image --------- Signed-off-by: blackbigswan <56428630+shortdoom@users.noreply.github.com> Signed-off-by: Elliot <elliotfriedman3@gmail.com> Signed-off-by: Robert MacWha <trebor.ahwcam@gmail.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: blackbigswan <56428630+shortdoom@users.noreply.github.com> Co-authored-by: Nikita Belenkov <nikitov603@gmail.com> Co-authored-by: Patrick Collins <54278053+PatrickAlphaC@users.noreply.github.com> Co-authored-by: Matías Aereal Aeón <388605+mattaereal@users.noreply.github.com> Co-authored-by: Dickson Wu <33645481+DicksonWu654@users.noreply.github.com> Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> Co-authored-by: Elliot <34463580+ElliotFriedman@users.noreply.github.com> Co-authored-by: engn33r <engn33r@users.noreply.github.com> Co-authored-by: Piña <32434364+pinalikefruit@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: relotnek <kentoler@gmail.com> Co-authored-by: Ken Toler <ken.toler@gmail.com> Co-authored-by: David <100804766+davidthegardens@users.noreply.github.com> Co-authored-by: NFTDreww <158506653+NFTDreww@users.noreply.github.com> Co-authored-by: Godwin Udo <102424075+GodwinDA@users.noreply.github.com> Co-authored-by: Yasir <100064629+damboy0@users.noreply.github.com> Co-authored-by: matta <matt@theredguild.org>
mattaereal
added a commit
that referenced
this pull request
Oct 7, 2025
* Incident management playbook (#224) * Create README.md * Incident-Response-Playbooks * removed yaml review part * Update malware.md * Update hacked-dprk.md * Update hacked-drainer.md * Update hacked-elusive-comet.md * updated SUMMARY.develop & deleted resources * Update SUMMARY.md.develop Fixed the playbooks indentation * Update SUMMARY.md.develop * typo & capitalization fixed * Incident management playbooks (#233) * incident-management/playbooks improvements * fix SUMMARY.develop * Vocs Migration (#227) * initial Vocs migration and Vercel-ready devcontainer setup - Configured devcontainer and npm scripts with host 0.0.0.0 and port 5173 forwarding - Added vercel_build.sh and vercel.json to enable Vercel deployment - Retained src folder for easier future migration and modular structure - Included initial theme files for later customization * .gitignore updated to show package.json and package-lock.json * Update .gitignore to remove the build folder * Remove dist folder from tracking * completed migration of content to MDX format and restructured navigation - Migrated all files from src/ to docs/pages/ and converted .md to .mdx - Added proper TagProvider components and frontmatter - Updated vocs.config.ts with completed navigation - Removed src/ folder as content migration is complete * fix: resolve dead links and update opsec structure * feat: sync contributors.json with complete contributor metadata * feat: added contributors.mdx component + footer component * fix: added missing import * feat: Update filter component to automatically fetch tags from frontmatter * Update filter to be static + responsive * fix: update filter position if the banner is present + filter theming * feat: sidebar filter and docs cleanup - update blockchain tag color - make sidebar scrollable when filter is open - remove old SUMMARY files - add new manual-review page - reorganize public folder with images in subfolders - remove landing page - add branch-based sidebar filter in vocs.config.ts * fix(build): add Playwright installation in Vercel build for Mermaid rendering * chore(docs): comment out mermaid diagram to isolate build issue * fix(build): force Playwright installation in Vercel build * chore(build): manual Playwright download for Vercel * feat: Add mermaid component * refactor(docs): reorganize contributors positioning + rename stewards&contributors files * feat: integrate main/develop changes, global styling and sets up npm for just commands * Add missing contributors to contributors.json * fix: fixing typos * feat: Add insider-threats framework (DPRK IT Workers) (#193) * feat: Add insider-threats framework (DPRK IT Workers) Signed-off-by: blackbigswan <56428630+shortdoom@users.noreply.github.com> * feat: Fixing based on comments Signed-off-by: blackbigswan <56428630+shortdoom@users.noreply.github.com> --------- Signed-off-by: blackbigswan <56428630+shortdoom@users.noreply.github.com> * Addition of a Mutation Testing Section (#180) * mutation testing section Added: - Mutation Testing Section - Reference to Mutation Testing in Unit Testing * changes based on PR feedback Co-authored-by: Patrick Collins <54278053+PatrickAlphaC@users.noreply.github.com> * Moved the evaluating test suite part to Readme * updated summary as requested * Fixing the linter to take into account subfolders as well (#191) * Fixing the linter to take into account subfolders as well * Mass fixing linting * fixing linting in justfile * Update src/external-security-reviews/README.md Co-authored-by: Dickson Wu <33645481+DicksonWu654@users.noreply.github.com> --------- Co-authored-by: Dickson Wu <33645481+DicksonWu654@users.noreply.github.com> * Update SUMMARY.md.develop --------- Co-authored-by: Patrick Collins <54278053+PatrickAlphaC@users.noreply.github.com> Co-authored-by: Matías Aereal Aeón <388605+mattaereal@users.noreply.github.com> Co-authored-by: Dickson Wu <33645481+DicksonWu654@users.noreply.github.com> * Merge from Main * Merge from main * Update SUMMARY.md.main with new prod-ready pages * Updating main on missing commits due to previous selective-merging (#192) * Code review additions (#145) * add pre-audit prep stage with links to solcurity and simple security toolkit Signed-off-by: Elliot <elliotfriedman3@gmail.com> * add prepare thoroughly section Signed-off-by: Elliot <elliotfriedman3@gmail.com> * prepare thoroughly -> come prepared Signed-off-by: Elliot <elliotfriedman3@gmail.com> --------- Signed-off-by: Elliot <elliotfriedman3@gmail.com> * Updated contributing and readme.md * Removed catpuccin, updated mdbook and admonish. (#147) * Removed catpuccin, updated mdbook and admonish. * Removing deprecated themes from UI, and fixing admonish version on vercel_build * Testing admonish through vercel automated deployment * Updating wordlist.txt * Clean update of logo and favicon. (#151) * Updating develop to the new and more humane beginning of a written Opsec Framework (#154) * Updating Opsec first iteration after re-write, CorPrinciples checkpoint * Updating Opsec structure and initial approach for some of the new contents. * Updating human centered security * Stop tracking generated tagsindex.js file * Updating gitignore * Removing old readme that explained how tags work. * New structure * First iter of Fundamentals * First iter of Fundamentals * Restructuring Opsec once again. Re-wrtitten principles and threat modeling * Forgot attribution. * Added key takeaways and removed redundancy * Updating Risk management and removing overlap from Threat modeling * Fixing broken link * Spellcheck's wordlist update * Spellcheck's wordlist update * Spellcheck's wordlist update * Updating Opsec with latest updates (#157) * Updating Opsec first iteration after re-write, CorPrinciples checkpoint * Updating Opsec structure and initial approach for some of the new contents. * Updating human centered security * Stop tracking generated tagsindex.js file * Updating gitignore * Removing old readme that explained how tags work. * New structure * First iter of Fundamentals * First iter of Fundamentals * Restructuring Opsec once again. Re-wrtitten principles and threat modeling * Forgot attribution. * Added key takeaways and removed redundancy * Updating Risk management and removing overlap from Threat modeling * Fixing broken link * Spellcheck's wordlist update * Spellcheck's wordlist update * Spellcheck's wordlist update * Updating with tincho's review * Fixing grammar issues and spellcheck * Updating wordlist.txt * Initial draft of personal security travel guide! (#158) * Updating Opsec first iteration after re-write, CorPrinciples checkpoint * Updating Opsec structure and initial approach for some of the new contents. * Updating human centered security * Stop tracking generated tagsindex.js file * Updating gitignore * Removing old readme that explained how tags work. * New structure * First iter of Fundamentals * First iter of Fundamentals * Restructuring Opsec once again. Re-wrtitten principles and threat modeling * Forgot attribution. * Added key takeaways and removed redundancy * Updating Risk management and removing overlap from Threat modeling * Fixing broken link * Spellcheck's wordlist update * Spellcheck's wordlist update * Spellcheck's wordlist update * Updating with tincho's review * Fixing grammar issues and spellcheck * Updating wordlist.txt * Security travel guide from Notion * Attribution * Updating naming on opsec travel guide * Updating, and re-ordering paragraphs from opsec travel guide * Attribution to sources * Add Secure Multisig Signing Process (#122) * Add secure multisig signing process * Add multisig best practices page, update msig signing process * Add additional best practices from EF doc * Add final comment for this PR * Removing the old operational-security folder, moving secure-multisig contents within wallet-security, and re-generated the overview of frameworks with AI. * Safe Harbor Docs (#144) Co-authored-by: Matías Aereal Aeón <388605+mattaereal@users.noreply.github.com> * doc: instruction for re-writing history to sign commits (#156) * Tidy plugins (#143) * Tody Plugins Signed-off-by: Robert MacWha <trebor.ahwcam@gmail.com> * doc: fix robert's website --------- Signed-off-by: Robert MacWha <trebor.ahwcam@gmail.com> * feat: overhaul of the Wallet Security section (#164) * docs: update README for new structure * docs: update documentation on custodial vs non-custodial and hot vs cold wallets * docs: add user security guides for beginners and intermediates * docs: add advanced security guides * docs: add key management * docs: add tools and resources * docs: add signing and verifation section * docs: improvements in AA and EIP7701 * docs: improves the entire section * docs: deletion of obsolete sections * docs: add new item hardwallet * docs: fixed typo * docs: Refine wallet security guides for accuracy and clarity * docs: Apply light content adjustments and add 'reviewed' tag. * archive Developer Key Management section for later * small format changes * docs: refactor updated navigation * docs: Update contribution and documentation configuration * feat: fix extra fields & add verbose errors (#167) * feat: fix extra fields & add verbose errors * fix: switch back to book.for_each_mut Also cache all errors instead of just the first * feat: log error when deserializing contributors json * feat: fix UI differences * fix: re-add company attribution * fix: add alias for fact-checked * fix: jitter on hover contributors * fix: urls scrolling * fix: display:content * fix: `fact_checked` spelling * fix: throw error if role alias not found * tidy: role_aliases * Bump crossbeam-channel (#166) Bumps the cargo group with 1 update in the /plugin/mdbook-metadata directory: [crossbeam-channel](https://github.com/crossbeam-rs/crossbeam). Updates `crossbeam-channel` from 0.5.14 to 0.5.15 - [Release notes](https://github.com/crossbeam-rs/crossbeam/releases) - [Changelog](https://github.com/crossbeam-rs/crossbeam/blob/master/CHANGELOG.md) - [Commits](crossbeam-rs/crossbeam@crossbeam-channel-0.5.14...crossbeam-channel-0.5.15) --- updated-dependencies: - dependency-name: crossbeam-channel dependency-version: 0.5.15 dependency-type: indirect dependency-group: cargo ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Fix several misc (#168) * Added some things to gitignore, particularly to use claude. * Correcting attribution * Updating steward, and improving tags UI * Removing spell-check from develop. Only on main from now on. Exploratory. * feat: security testing - solidity focused (#163) * feat: security testing - solidity focused * fix: lint * fix: josselins review * fix: reverse aderyn and slither order * fix: patrickalphac contributor after merge * Introducing Decentralized IR Framework (#165) * added DeIRF framework * new de-irf framework * adjusted summary as requested --------- Co-authored-by: Ken Toler <ken.toler@gmail.com> * feat: external security reviews & patrick addition (#160) * feat: external security reviews & patrick addition * fix: lint * fix: moved smart contract audits to their own section * Adding to the outline the latest pushed content. * Bump mdbook version (#177) * Update vercel_build.sh * Update printed statement * feat: added more information on wallet security (#173) * feat: added more information on wallet security * fix: remove named solutions * Update PULL_REQUEST_TEMPLATE.md (#174) * fix: stewards (#172) * Update tldr.md (#181) Added a line to "While Traveling" * Update README.md (#178) I improved clarity in OpSec overview with simplified explanation and added detail on goal * Update implementation-process.md (#179) Fixed punctuation to make the text clearer, added colons, commas, and cleaned up brackets. * feat: updating linting, devcontainer, and local development (#184) * feat: updating linting, devcontainer, and local development * Update justfile --------- Co-authored-by: Matías Aereal Aeón <388605+mattaereal@users.noreply.github.com> * Going back to 0.4.40 stable. * Fix spelling issues and update wordlist (#188) - Fixed 'asume' -> 'assume' in src/opsec/travel/guide.md - Fixed 'cybercrmiminals' -> 'cybercriminals' in src/opsec/travel/guide.md - Added 78 legitimate technical terms, brand names, and valid words to wordlist.txt - Includes terms like Counterparty, Invariants, Utils, and many others - Cleaned up wordlist formatting and removed invalid entries * Fix typos in mdbook-metadata README.md and add renderer to wordlist - Fix 'pagse' to 'pages' - Fix 'requrie' to 'require' - Fix 'seperate' to 'separate' - Add 'renderer' to wordlist.txt * Update threat-modeling-overview.md (#182) * Clarified 'Team changes' to include onboarding and offboarding key personnel * Added structured 'Further Reading & Tools' section with grouped references and tools * Updating Safe Harbor Documentation (#186) * Enhance Safe Harbor documentation and contributor list - Updated SUMMARY.md to include new resources for Safe Harbor, such as self-checklists and adoption guides. - Removed outdated key terms and protocol documentation from the Safe Harbor section. - Expanded the README.md to provide clearer explanations of Safe Harbor's purpose, adoption process, and benefits, including new visuals and testimonials from industry leaders. - Added Dickson Wu as a contributor in contributors.json with relevant details. * Update Safe Harbor documentation links for consistency - Changed links in various templates and guides to point to local markdown files instead of external Notion pages for better accessibility. - Updated the adoption details in the DAO proposal and non-DAO scope templates to reflect the new link structure. - Revised the self-adoption guide and checklist to ensure all references are consistent with the new documentation format. * Update Safe Harbor section in SUMMARY.md with new resources - Added links to new documentation including self-checklist, self-adoption guide, scope terms, on-chain adoption guide, DAO proposal template, and non-DAO scope template. - Removed outdated protocol and key terms links for improved clarity and organization. * Refactor Safe Harbor documentation for clarity and consistency - Updated the Safe Harbor eligibility checklist title and content for improved clarity. - Added new tags to various templates to enhance categorization. - Revised contact information in multiple documents to use a unified email format. - Ensured all references to Safe Harbor align with the latest documentation standards. * Update src/config/contributors.json Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Remove integration mapping documentation file * Update src/safe-harbor/README.md Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Update src/safe-harbor/scope-terms.md Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Update src/safe-harbor/self-checklist.md Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Update src/safe-harbor/on-chain-adoption-guide.md Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Update src/safe-harbor/README.md Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Update src/safe-harbor/scope-terms.md Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Remove DAO Proposal and Non-DAO Scope Templates from Safe Harbor documentation - Deleted the DAO Proposal Template and Non-DAO Scope Template files to streamline the Safe Harbor resources. - Updated SUMMARY.md and config/SUMMARY.md.develop to reflect the removal of these templates, enhancing clarity and organization. * Refactor Safe Harbor documentation for clarity and consistency - Removed unnecessary horizontal lines from multiple sections in the on-chain adoption guide, scope terms, self-adoption guide, and self-checklist to improve readability. - Enhanced the overall structure of the documents by streamlining formatting. --------- Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Updating outlines. Removing empty frameworks from main * Fixing broken link in PR template * Fixing grammar issues and spellcheck --------- Signed-off-by: Elliot <elliotfriedman3@gmail.com> Signed-off-by: Robert MacWha <trebor.ahwcam@gmail.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Elliot <34463580+ElliotFriedman@users.noreply.github.com> Co-authored-by: engn33r <engn33r@users.noreply.github.com> Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> Co-authored-by: Piña <32434364+pinalikefruit@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Patrick Collins <54278053+PatrickAlphaC@users.noreply.github.com> Co-authored-by: relotnek <kentoler@gmail.com> Co-authored-by: Ken Toler <ken.toler@gmail.com> Co-authored-by: David <100804766+davidthegardens@users.noreply.github.com> Co-authored-by: NFTDreww <158506653+NFTDreww@users.noreply.github.com> Co-authored-by: Godwin Udo <102424075+GodwinDA@users.noreply.github.com> Co-authored-by: Yasir <100064629+damboy0@users.noreply.github.com> Co-authored-by: Dickson Wu <33645481+DicksonWu654@users.noreply.github.com> * quick fix for external security reviews * Adding dobs suggestions * Add Yaniv Sofer as a contributor and update review roles in insider t… (#221) * Add Yaniv Sofer as a contributor and update review roles in insider threats documentation * Add blackbigswan as a contributor and update contributor roles in insider threats documentation * fix: naming change - explicit DPRK IT Workers framework (#223) * fix: changed name of "insider-threats" folder to "dprk-it-workers" * fix: folder name change + delete src folder * Rename README files to "overview" for consistency * Rename opsec/overview folder to core-concepts * merge opsec/core-concepts/overview into opsec/overview * make vercel redirect parent URLs on their overview file * light mode adjustments * fix formatting * fix height image --------- Signed-off-by: blackbigswan <56428630+shortdoom@users.noreply.github.com> Signed-off-by: Elliot <elliotfriedman3@gmail.com> Signed-off-by: Robert MacWha <trebor.ahwcam@gmail.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: blackbigswan <56428630+shortdoom@users.noreply.github.com> Co-authored-by: Nikita Belenkov <nikitov603@gmail.com> Co-authored-by: Patrick Collins <54278053+PatrickAlphaC@users.noreply.github.com> Co-authored-by: Matías Aereal Aeón <388605+mattaereal@users.noreply.github.com> Co-authored-by: Dickson Wu <33645481+DicksonWu654@users.noreply.github.com> Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> Co-authored-by: Elliot <34463580+ElliotFriedman@users.noreply.github.com> Co-authored-by: engn33r <engn33r@users.noreply.github.com> Co-authored-by: Piña <32434364+pinalikefruit@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: relotnek <kentoler@gmail.com> Co-authored-by: Ken Toler <ken.toler@gmail.com> Co-authored-by: David <100804766+davidthegardens@users.noreply.github.com> Co-authored-by: NFTDreww <158506653+NFTDreww@users.noreply.github.com> Co-authored-by: Godwin Udo <102424075+GodwinDA@users.noreply.github.com> Co-authored-by: Yasir <100064629+damboy0@users.noreply.github.com> Co-authored-by: matta <matt@theredguild.org> * Restructure README.md and CONTRIBUTING.md (#225) * Update README.md * Create CONTRIBUTING.md at root level to make it appear in the main dashboard's navbar * Update contributing.md in the src folder to mirror the CONTRIBUTING.md at root level * Update links in README.md * Add "Fixing Unsigned Commits" section to root level CONTRIBUTING.md * Add "Fixing Unsigned Commits" section to src/contribute/CONTRIBUTING.md * Minor improvements to contributing.md * Update README.md * Update CODE_OF_CONDUCT.md * Update CODE_OF_CONDUCT.md * Update CODE_OF_CONDUCT.md * fix comment docs/pages/contributing.mdx * fix indentation of code blocks * fix typos + align root level CONTRIBUTING.md with docs/contribute/contributing.mdx * vocs alignment * fix typos in CODE_OF_CONDUCT * fix: add Mermaid component for mermaid code block display * fix frontmatter positioning --------- Co-authored-by: Matías Aereal Aeón <388605+mattaereal@users.noreply.github.com> * Fix logo path in README.md (#237) * Update README.md * Update styles.css * Updating telegram's device setting (#243) * Update PULL_REQUEST_TEMPLATE.md to feature the vocs migration (#245) * Bump vite in the npm_and_yarn group across 1 directory (#234) Bumps the npm_and_yarn group with 1 update in the / directory: [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite). Updates `vite` from 6.3.5 to 6.3.6 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v6.3.6/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v6.3.6/packages/vite) --- updated-dependencies: - dependency-name: vite dependency-version: 6.3.6 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * feat: Benchmark component (#241) * feat: create mermaid wrapper script (#242) * chore(images): migrate all images to S3 (#252) * update image links in safe-harbor/overview.mdx * Removing safe-harbor images * update logo links + delete public folder * fix: CONTRIBUTING.md + contributing.mdx (#250) * add error-checking step before pushing changes to CONTRIBUTING.md * add error-checking step before pushing changes to contributing.mdx * add port of local run + fixed a typo in CONTRIBUTING.md * add port of local run + fixed a typo in contributing.mdx * Fix link paths, typos, and indentation in contributing.mdx * Update contributing.mdx to sync with root level CONTRIBUTING file * Fix link paths, typos, and indentation in CONTRIBUTING.md * chore: update tags (#253) * fix(flickering on reload): remove redirects from vercel.json (#249) * fix(theme): prevent light flash by defaulting to dark mode * fix table of content margin * feat: add theme toggle component * chore: removed the vercel's redirects + the default dark mode * remove tags updates * chore(spellcheck): migrate from Aspell to CSpell (#251) * chore(spellcheck): migrate from Aspell to CSpell + fix typos * fix: removed unnecessary dictionaries --------- Signed-off-by: blackbigswan <56428630+shortdoom@users.noreply.github.com> Signed-off-by: Elliot <elliotfriedman3@gmail.com> Signed-off-by: Robert MacWha <trebor.ahwcam@gmail.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: 00xWizard <00xwizard@gmail.com> Co-authored-by: Sara Russo <sararusso984@gmail.com> Co-authored-by: blackbigswan <56428630+shortdoom@users.noreply.github.com> Co-authored-by: Nikita Belenkov <nikitov603@gmail.com> Co-authored-by: Patrick Collins <54278053+PatrickAlphaC@users.noreply.github.com> Co-authored-by: Dickson Wu <33645481+DicksonWu654@users.noreply.github.com> Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> Co-authored-by: Elliot <34463580+ElliotFriedman@users.noreply.github.com> Co-authored-by: engn33r <engn33r@users.noreply.github.com> Co-authored-by: Piña <32434364+pinalikefruit@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: relotnek <kentoler@gmail.com> Co-authored-by: Ken Toler <ken.toler@gmail.com> Co-authored-by: David <100804766+davidthegardens@users.noreply.github.com> Co-authored-by: NFTDreww <158506653+NFTDreww@users.noreply.github.com> Co-authored-by: Godwin Udo <102424075+GodwinDA@users.noreply.github.com> Co-authored-by: Yasir <100064629+damboy0@users.noreply.github.com> Co-authored-by: Antonio Viggiano <agfviggiano@gmail.com>
frameworks-volunteer
pushed a commit
to frameworks-volunteer/frameworks
that referenced
this pull request
Mar 9, 2026
…#160) * feat: external security reviews & patrick addition * fix: lint * fix: moved smart contract audits to their own section
frameworks-volunteer
pushed a commit
to frameworks-volunteer/frameworks
that referenced
this pull request
Mar 9, 2026
…ecurity-alliance#192) * Code review additions (security-alliance#145) * add pre-audit prep stage with links to solcurity and simple security toolkit Signed-off-by: Elliot <elliotfriedman3@gmail.com> * add prepare thoroughly section Signed-off-by: Elliot <elliotfriedman3@gmail.com> * prepare thoroughly -> come prepared Signed-off-by: Elliot <elliotfriedman3@gmail.com> --------- Signed-off-by: Elliot <elliotfriedman3@gmail.com> * Updated contributing and readme.md * Removed catpuccin, updated mdbook and admonish. (security-alliance#147) * Removed catpuccin, updated mdbook and admonish. * Removing deprecated themes from UI, and fixing admonish version on vercel_build * Testing admonish through vercel automated deployment * Updating wordlist.txt * Clean update of logo and favicon. (security-alliance#151) * Updating develop to the new and more humane beginning of a written Opsec Framework (security-alliance#154) * Updating Opsec first iteration after re-write, CorPrinciples checkpoint * Updating Opsec structure and initial approach for some of the new contents. * Updating human centered security * Stop tracking generated tagsindex.js file * Updating gitignore * Removing old readme that explained how tags work. * New structure * First iter of Fundamentals * First iter of Fundamentals * Restructuring Opsec once again. Re-wrtitten principles and threat modeling * Forgot attribution. * Added key takeaways and removed redundancy * Updating Risk management and removing overlap from Threat modeling * Fixing broken link * Spellcheck's wordlist update * Spellcheck's wordlist update * Spellcheck's wordlist update * Updating Opsec with latest updates (security-alliance#157) * Updating Opsec first iteration after re-write, CorPrinciples checkpoint * Updating Opsec structure and initial approach for some of the new contents. * Updating human centered security * Stop tracking generated tagsindex.js file * Updating gitignore * Removing old readme that explained how tags work. * New structure * First iter of Fundamentals * First iter of Fundamentals * Restructuring Opsec once again. Re-wrtitten principles and threat modeling * Forgot attribution. * Added key takeaways and removed redundancy * Updating Risk management and removing overlap from Threat modeling * Fixing broken link * Spellcheck's wordlist update * Spellcheck's wordlist update * Spellcheck's wordlist update * Updating with tincho's review * Fixing grammar issues and spellcheck * Updating wordlist.txt * Initial draft of personal security travel guide! (security-alliance#158) * Updating Opsec first iteration after re-write, CorPrinciples checkpoint * Updating Opsec structure and initial approach for some of the new contents. * Updating human centered security * Stop tracking generated tagsindex.js file * Updating gitignore * Removing old readme that explained how tags work. * New structure * First iter of Fundamentals * First iter of Fundamentals * Restructuring Opsec once again. Re-wrtitten principles and threat modeling * Forgot attribution. * Added key takeaways and removed redundancy * Updating Risk management and removing overlap from Threat modeling * Fixing broken link * Spellcheck's wordlist update * Spellcheck's wordlist update * Spellcheck's wordlist update * Updating with tincho's review * Fixing grammar issues and spellcheck * Updating wordlist.txt * Security travel guide from Notion * Attribution * Updating naming on opsec travel guide * Updating, and re-ordering paragraphs from opsec travel guide * Attribution to sources * Add Secure Multisig Signing Process (security-alliance#122) * Add secure multisig signing process * Add multisig best practices page, update msig signing process * Add additional best practices from EF doc * Add final comment for this PR * Removing the old operational-security folder, moving secure-multisig contents within wallet-security, and re-generated the overview of frameworks with AI. * Safe Harbor Docs (security-alliance#144) Co-authored-by: Matías Aereal Aeón <388605+mattaereal@users.noreply.github.com> * doc: instruction for re-writing history to sign commits (security-alliance#156) * Tidy plugins (security-alliance#143) * Tody Plugins Signed-off-by: Robert MacWha <trebor.ahwcam@gmail.com> * doc: fix robert's website --------- Signed-off-by: Robert MacWha <trebor.ahwcam@gmail.com> * feat: overhaul of the Wallet Security section (security-alliance#164) * docs: update README for new structure * docs: update documentation on custodial vs non-custodial and hot vs cold wallets * docs: add user security guides for beginners and intermediates * docs: add advanced security guides * docs: add key management * docs: add tools and resources * docs: add signing and verifation section * docs: improvements in AA and EIP7701 * docs: improves the entire section * docs: deletion of obsolete sections * docs: add new item hardwallet * docs: fixed typo * docs: Refine wallet security guides for accuracy and clarity * docs: Apply light content adjustments and add 'reviewed' tag. * archive Developer Key Management section for later * small format changes * docs: refactor updated navigation * docs: Update contribution and documentation configuration * feat: fix extra fields & add verbose errors (security-alliance#167) * feat: fix extra fields & add verbose errors * fix: switch back to book.for_each_mut Also cache all errors instead of just the first * feat: log error when deserializing contributors json * feat: fix UI differences * fix: re-add company attribution * fix: add alias for fact-checked * fix: jitter on hover contributors * fix: urls scrolling * fix: display:content * fix: `fact_checked` spelling * fix: throw error if role alias not found * tidy: role_aliases * Bump crossbeam-channel (security-alliance#166) Bumps the cargo group with 1 update in the /plugin/mdbook-metadata directory: [crossbeam-channel](https://github.com/crossbeam-rs/crossbeam). Updates `crossbeam-channel` from 0.5.14 to 0.5.15 - [Release notes](https://github.com/crossbeam-rs/crossbeam/releases) - [Changelog](https://github.com/crossbeam-rs/crossbeam/blob/master/CHANGELOG.md) - [Commits](crossbeam-rs/crossbeam@crossbeam-channel-0.5.14...crossbeam-channel-0.5.15) --- updated-dependencies: - dependency-name: crossbeam-channel dependency-version: 0.5.15 dependency-type: indirect dependency-group: cargo ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Fix several misc (security-alliance#168) * Added some things to gitignore, particularly to use claude. * Correcting attribution * Updating steward, and improving tags UI * Removing spell-check from develop. Only on main from now on. Exploratory. * feat: security testing - solidity focused (security-alliance#163) * feat: security testing - solidity focused * fix: lint * fix: josselins review * fix: reverse aderyn and slither order * fix: patrickalphac contributor after merge * Introducing Decentralized IR Framework (security-alliance#165) * added DeIRF framework * new de-irf framework * adjusted summary as requested --------- Co-authored-by: Ken Toler <ken.toler@gmail.com> * feat: external security reviews & patrick addition (security-alliance#160) * feat: external security reviews & patrick addition * fix: lint * fix: moved smart contract audits to their own section * Adding to the outline the latest pushed content. * Bump mdbook version (security-alliance#177) * Update vercel_build.sh * Update printed statement * feat: added more information on wallet security (security-alliance#173) * feat: added more information on wallet security * fix: remove named solutions * Update PULL_REQUEST_TEMPLATE.md (security-alliance#174) * fix: stewards (security-alliance#172) * Update tldr.md (security-alliance#181) Added a line to "While Traveling" * Update README.md (security-alliance#178) I improved clarity in OpSec overview with simplified explanation and added detail on goal * Update implementation-process.md (security-alliance#179) Fixed punctuation to make the text clearer, added colons, commas, and cleaned up brackets. * feat: updating linting, devcontainer, and local development (security-alliance#184) * feat: updating linting, devcontainer, and local development * Update justfile --------- Co-authored-by: Matías Aereal Aeón <388605+mattaereal@users.noreply.github.com> * Going back to 0.4.40 stable. * Fix spelling issues and update wordlist (security-alliance#188) - Fixed 'asume' -> 'assume' in src/opsec/travel/guide.md - Fixed 'cybercrmiminals' -> 'cybercriminals' in src/opsec/travel/guide.md - Added 78 legitimate technical terms, brand names, and valid words to wordlist.txt - Includes terms like Counterparty, Invariants, Utils, and many others - Cleaned up wordlist formatting and removed invalid entries * Fix typos in mdbook-metadata README.md and add renderer to wordlist - Fix 'pagse' to 'pages' - Fix 'requrie' to 'require' - Fix 'seperate' to 'separate' - Add 'renderer' to wordlist.txt * Update threat-modeling-overview.md (security-alliance#182) * Clarified 'Team changes' to include onboarding and offboarding key personnel * Added structured 'Further Reading & Tools' section with grouped references and tools * Updating Safe Harbor Documentation (security-alliance#186) * Enhance Safe Harbor documentation and contributor list - Updated SUMMARY.md to include new resources for Safe Harbor, such as self-checklists and adoption guides. - Removed outdated key terms and protocol documentation from the Safe Harbor section. - Expanded the README.md to provide clearer explanations of Safe Harbor's purpose, adoption process, and benefits, including new visuals and testimonials from industry leaders. - Added Dickson Wu as a contributor in contributors.json with relevant details. * Update Safe Harbor documentation links for consistency - Changed links in various templates and guides to point to local markdown files instead of external Notion pages for better accessibility. - Updated the adoption details in the DAO proposal and non-DAO scope templates to reflect the new link structure. - Revised the self-adoption guide and checklist to ensure all references are consistent with the new documentation format. * Update Safe Harbor section in SUMMARY.md with new resources - Added links to new documentation including self-checklist, self-adoption guide, scope terms, on-chain adoption guide, DAO proposal template, and non-DAO scope template. - Removed outdated protocol and key terms links for improved clarity and organization. * Refactor Safe Harbor documentation for clarity and consistency - Updated the Safe Harbor eligibility checklist title and content for improved clarity. - Added new tags to various templates to enhance categorization. - Revised contact information in multiple documents to use a unified email format. - Ensured all references to Safe Harbor align with the latest documentation standards. * Update src/config/contributors.json Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Remove integration mapping documentation file * Update src/safe-harbor/README.md Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Update src/safe-harbor/scope-terms.md Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Update src/safe-harbor/self-checklist.md Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Update src/safe-harbor/on-chain-adoption-guide.md Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Update src/safe-harbor/README.md Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Update src/safe-harbor/scope-terms.md Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Remove DAO Proposal and Non-DAO Scope Templates from Safe Harbor documentation - Deleted the DAO Proposal Template and Non-DAO Scope Template files to streamline the Safe Harbor resources. - Updated SUMMARY.md and config/SUMMARY.md.develop to reflect the removal of these templates, enhancing clarity and organization. * Refactor Safe Harbor documentation for clarity and consistency - Removed unnecessary horizontal lines from multiple sections in the on-chain adoption guide, scope terms, self-adoption guide, and self-checklist to improve readability. - Enhanced the overall structure of the documents by streamlining formatting. --------- Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Updating outlines. Removing empty frameworks from main * Fixing broken link in PR template * Fixing grammar issues and spellcheck --------- Signed-off-by: Elliot <elliotfriedman3@gmail.com> Signed-off-by: Robert MacWha <trebor.ahwcam@gmail.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Elliot <34463580+ElliotFriedman@users.noreply.github.com> Co-authored-by: engn33r <engn33r@users.noreply.github.com> Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> Co-authored-by: Piña <32434364+pinalikefruit@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Patrick Collins <54278053+PatrickAlphaC@users.noreply.github.com> Co-authored-by: relotnek <kentoler@gmail.com> Co-authored-by: Ken Toler <ken.toler@gmail.com> Co-authored-by: David <100804766+davidthegardens@users.noreply.github.com> Co-authored-by: NFTDreww <158506653+NFTDreww@users.noreply.github.com> Co-authored-by: Godwin Udo <102424075+GodwinDA@users.noreply.github.com> Co-authored-by: Yasir <100064629+damboy0@users.noreply.github.com> Co-authored-by: Dickson Wu <33645481+DicksonWu654@users.noreply.github.com>
frameworks-volunteer
pushed a commit
to frameworks-volunteer/frameworks
that referenced
this pull request
Mar 9, 2026
* initial Vocs migration and Vercel-ready devcontainer setup - Configured devcontainer and npm scripts with host 0.0.0.0 and port 5173 forwarding - Added vercel_build.sh and vercel.json to enable Vercel deployment - Retained src folder for easier future migration and modular structure - Included initial theme files for later customization * .gitignore updated to show package.json and package-lock.json * Update .gitignore to remove the build folder * Remove dist folder from tracking * completed migration of content to MDX format and restructured navigation - Migrated all files from src/ to docs/pages/ and converted .md to .mdx - Added proper TagProvider components and frontmatter - Updated vocs.config.ts with completed navigation - Removed src/ folder as content migration is complete * fix: resolve dead links and update opsec structure * feat: sync contributors.json with complete contributor metadata * feat: added contributors.mdx component + footer component * fix: added missing import * feat: Update filter component to automatically fetch tags from frontmatter * Update filter to be static + responsive * fix: update filter position if the banner is present + filter theming * feat: sidebar filter and docs cleanup - update blockchain tag color - make sidebar scrollable when filter is open - remove old SUMMARY files - add new manual-review page - reorganize public folder with images in subfolders - remove landing page - add branch-based sidebar filter in vocs.config.ts * fix(build): add Playwright installation in Vercel build for Mermaid rendering * chore(docs): comment out mermaid diagram to isolate build issue * fix(build): force Playwright installation in Vercel build * chore(build): manual Playwright download for Vercel * feat: Add mermaid component * refactor(docs): reorganize contributors positioning + rename stewards&contributors files * feat: integrate main/develop changes, global styling and sets up npm for just commands * Add missing contributors to contributors.json * fix: fixing typos * feat: Add insider-threats framework (DPRK IT Workers) (security-alliance#193) * feat: Add insider-threats framework (DPRK IT Workers) Signed-off-by: blackbigswan <56428630+shortdoom@users.noreply.github.com> * feat: Fixing based on comments Signed-off-by: blackbigswan <56428630+shortdoom@users.noreply.github.com> --------- Signed-off-by: blackbigswan <56428630+shortdoom@users.noreply.github.com> * Addition of a Mutation Testing Section (security-alliance#180) * mutation testing section Added: - Mutation Testing Section - Reference to Mutation Testing in Unit Testing * changes based on PR feedback Co-authored-by: Patrick Collins <54278053+PatrickAlphaC@users.noreply.github.com> * Moved the evaluating test suite part to Readme * updated summary as requested * Fixing the linter to take into account subfolders as well (security-alliance#191) * Fixing the linter to take into account subfolders as well * Mass fixing linting * fixing linting in justfile * Update src/external-security-reviews/README.md Co-authored-by: Dickson Wu <33645481+DicksonWu654@users.noreply.github.com> --------- Co-authored-by: Dickson Wu <33645481+DicksonWu654@users.noreply.github.com> * Update SUMMARY.md.develop --------- Co-authored-by: Patrick Collins <54278053+PatrickAlphaC@users.noreply.github.com> Co-authored-by: Matías Aereal Aeón <388605+mattaereal@users.noreply.github.com> Co-authored-by: Dickson Wu <33645481+DicksonWu654@users.noreply.github.com> * Merge from Main * Merge from main * Update SUMMARY.md.main with new prod-ready pages * Updating main on missing commits due to previous selective-merging (security-alliance#192) * Code review additions (security-alliance#145) * add pre-audit prep stage with links to solcurity and simple security toolkit Signed-off-by: Elliot <elliotfriedman3@gmail.com> * add prepare thoroughly section Signed-off-by: Elliot <elliotfriedman3@gmail.com> * prepare thoroughly -> come prepared Signed-off-by: Elliot <elliotfriedman3@gmail.com> --------- Signed-off-by: Elliot <elliotfriedman3@gmail.com> * Updated contributing and readme.md * Removed catpuccin, updated mdbook and admonish. (security-alliance#147) * Removed catpuccin, updated mdbook and admonish. * Removing deprecated themes from UI, and fixing admonish version on vercel_build * Testing admonish through vercel automated deployment * Updating wordlist.txt * Clean update of logo and favicon. (security-alliance#151) * Updating develop to the new and more humane beginning of a written Opsec Framework (security-alliance#154) * Updating Opsec first iteration after re-write, CorPrinciples checkpoint * Updating Opsec structure and initial approach for some of the new contents. * Updating human centered security * Stop tracking generated tagsindex.js file * Updating gitignore * Removing old readme that explained how tags work. * New structure * First iter of Fundamentals * First iter of Fundamentals * Restructuring Opsec once again. Re-wrtitten principles and threat modeling * Forgot attribution. * Added key takeaways and removed redundancy * Updating Risk management and removing overlap from Threat modeling * Fixing broken link * Spellcheck's wordlist update * Spellcheck's wordlist update * Spellcheck's wordlist update * Updating Opsec with latest updates (security-alliance#157) * Updating Opsec first iteration after re-write, CorPrinciples checkpoint * Updating Opsec structure and initial approach for some of the new contents. * Updating human centered security * Stop tracking generated tagsindex.js file * Updating gitignore * Removing old readme that explained how tags work. * New structure * First iter of Fundamentals * First iter of Fundamentals * Restructuring Opsec once again. Re-wrtitten principles and threat modeling * Forgot attribution. * Added key takeaways and removed redundancy * Updating Risk management and removing overlap from Threat modeling * Fixing broken link * Spellcheck's wordlist update * Spellcheck's wordlist update * Spellcheck's wordlist update * Updating with tincho's review * Fixing grammar issues and spellcheck * Updating wordlist.txt * Initial draft of personal security travel guide! (security-alliance#158) * Updating Opsec first iteration after re-write, CorPrinciples checkpoint * Updating Opsec structure and initial approach for some of the new contents. * Updating human centered security * Stop tracking generated tagsindex.js file * Updating gitignore * Removing old readme that explained how tags work. * New structure * First iter of Fundamentals * First iter of Fundamentals * Restructuring Opsec once again. Re-wrtitten principles and threat modeling * Forgot attribution. * Added key takeaways and removed redundancy * Updating Risk management and removing overlap from Threat modeling * Fixing broken link * Spellcheck's wordlist update * Spellcheck's wordlist update * Spellcheck's wordlist update * Updating with tincho's review * Fixing grammar issues and spellcheck * Updating wordlist.txt * Security travel guide from Notion * Attribution * Updating naming on opsec travel guide * Updating, and re-ordering paragraphs from opsec travel guide * Attribution to sources * Add Secure Multisig Signing Process (security-alliance#122) * Add secure multisig signing process * Add multisig best practices page, update msig signing process * Add additional best practices from EF doc * Add final comment for this PR * Removing the old operational-security folder, moving secure-multisig contents within wallet-security, and re-generated the overview of frameworks with AI. * Safe Harbor Docs (security-alliance#144) Co-authored-by: Matías Aereal Aeón <388605+mattaereal@users.noreply.github.com> * doc: instruction for re-writing history to sign commits (security-alliance#156) * Tidy plugins (security-alliance#143) * Tody Plugins Signed-off-by: Robert MacWha <trebor.ahwcam@gmail.com> * doc: fix robert's website --------- Signed-off-by: Robert MacWha <trebor.ahwcam@gmail.com> * feat: overhaul of the Wallet Security section (security-alliance#164) * docs: update README for new structure * docs: update documentation on custodial vs non-custodial and hot vs cold wallets * docs: add user security guides for beginners and intermediates * docs: add advanced security guides * docs: add key management * docs: add tools and resources * docs: add signing and verifation section * docs: improvements in AA and EIP7701 * docs: improves the entire section * docs: deletion of obsolete sections * docs: add new item hardwallet * docs: fixed typo * docs: Refine wallet security guides for accuracy and clarity * docs: Apply light content adjustments and add 'reviewed' tag. * archive Developer Key Management section for later * small format changes * docs: refactor updated navigation * docs: Update contribution and documentation configuration * feat: fix extra fields & add verbose errors (security-alliance#167) * feat: fix extra fields & add verbose errors * fix: switch back to book.for_each_mut Also cache all errors instead of just the first * feat: log error when deserializing contributors json * feat: fix UI differences * fix: re-add company attribution * fix: add alias for fact-checked * fix: jitter on hover contributors * fix: urls scrolling * fix: display:content * fix: `fact_checked` spelling * fix: throw error if role alias not found * tidy: role_aliases * Bump crossbeam-channel (security-alliance#166) Bumps the cargo group with 1 update in the /plugin/mdbook-metadata directory: [crossbeam-channel](https://github.com/crossbeam-rs/crossbeam). Updates `crossbeam-channel` from 0.5.14 to 0.5.15 - [Release notes](https://github.com/crossbeam-rs/crossbeam/releases) - [Changelog](https://github.com/crossbeam-rs/crossbeam/blob/master/CHANGELOG.md) - [Commits](crossbeam-rs/crossbeam@crossbeam-channel-0.5.14...crossbeam-channel-0.5.15) --- updated-dependencies: - dependency-name: crossbeam-channel dependency-version: 0.5.15 dependency-type: indirect dependency-group: cargo ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Fix several misc (security-alliance#168) * Added some things to gitignore, particularly to use claude. * Correcting attribution * Updating steward, and improving tags UI * Removing spell-check from develop. Only on main from now on. Exploratory. * feat: security testing - solidity focused (security-alliance#163) * feat: security testing - solidity focused * fix: lint * fix: josselins review * fix: reverse aderyn and slither order * fix: patrickalphac contributor after merge * Introducing Decentralized IR Framework (security-alliance#165) * added DeIRF framework * new de-irf framework * adjusted summary as requested --------- Co-authored-by: Ken Toler <ken.toler@gmail.com> * feat: external security reviews & patrick addition (security-alliance#160) * feat: external security reviews & patrick addition * fix: lint * fix: moved smart contract audits to their own section * Adding to the outline the latest pushed content. * Bump mdbook version (security-alliance#177) * Update vercel_build.sh * Update printed statement * feat: added more information on wallet security (security-alliance#173) * feat: added more information on wallet security * fix: remove named solutions * Update PULL_REQUEST_TEMPLATE.md (security-alliance#174) * fix: stewards (security-alliance#172) * Update tldr.md (security-alliance#181) Added a line to "While Traveling" * Update README.md (security-alliance#178) I improved clarity in OpSec overview with simplified explanation and added detail on goal * Update implementation-process.md (security-alliance#179) Fixed punctuation to make the text clearer, added colons, commas, and cleaned up brackets. * feat: updating linting, devcontainer, and local development (security-alliance#184) * feat: updating linting, devcontainer, and local development * Update justfile --------- Co-authored-by: Matías Aereal Aeón <388605+mattaereal@users.noreply.github.com> * Going back to 0.4.40 stable. * Fix spelling issues and update wordlist (security-alliance#188) - Fixed 'asume' -> 'assume' in src/opsec/travel/guide.md - Fixed 'cybercrmiminals' -> 'cybercriminals' in src/opsec/travel/guide.md - Added 78 legitimate technical terms, brand names, and valid words to wordlist.txt - Includes terms like Counterparty, Invariants, Utils, and many others - Cleaned up wordlist formatting and removed invalid entries * Fix typos in mdbook-metadata README.md and add renderer to wordlist - Fix 'pagse' to 'pages' - Fix 'requrie' to 'require' - Fix 'seperate' to 'separate' - Add 'renderer' to wordlist.txt * Update threat-modeling-overview.md (security-alliance#182) * Clarified 'Team changes' to include onboarding and offboarding key personnel * Added structured 'Further Reading & Tools' section with grouped references and tools * Updating Safe Harbor Documentation (security-alliance#186) * Enhance Safe Harbor documentation and contributor list - Updated SUMMARY.md to include new resources for Safe Harbor, such as self-checklists and adoption guides. - Removed outdated key terms and protocol documentation from the Safe Harbor section. - Expanded the README.md to provide clearer explanations of Safe Harbor's purpose, adoption process, and benefits, including new visuals and testimonials from industry leaders. - Added Dickson Wu as a contributor in contributors.json with relevant details. * Update Safe Harbor documentation links for consistency - Changed links in various templates and guides to point to local markdown files instead of external Notion pages for better accessibility. - Updated the adoption details in the DAO proposal and non-DAO scope templates to reflect the new link structure. - Revised the self-adoption guide and checklist to ensure all references are consistent with the new documentation format. * Update Safe Harbor section in SUMMARY.md with new resources - Added links to new documentation including self-checklist, self-adoption guide, scope terms, on-chain adoption guide, DAO proposal template, and non-DAO scope template. - Removed outdated protocol and key terms links for improved clarity and organization. * Refactor Safe Harbor documentation for clarity and consistency - Updated the Safe Harbor eligibility checklist title and content for improved clarity. - Added new tags to various templates to enhance categorization. - Revised contact information in multiple documents to use a unified email format. - Ensured all references to Safe Harbor align with the latest documentation standards. * Update src/config/contributors.json Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Remove integration mapping documentation file * Update src/safe-harbor/README.md Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Update src/safe-harbor/scope-terms.md Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Update src/safe-harbor/self-checklist.md Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Update src/safe-harbor/on-chain-adoption-guide.md Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Update src/safe-harbor/README.md Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Update src/safe-harbor/scope-terms.md Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Remove DAO Proposal and Non-DAO Scope Templates from Safe Harbor documentation - Deleted the DAO Proposal Template and Non-DAO Scope Template files to streamline the Safe Harbor resources. - Updated SUMMARY.md and config/SUMMARY.md.develop to reflect the removal of these templates, enhancing clarity and organization. * Refactor Safe Harbor documentation for clarity and consistency - Removed unnecessary horizontal lines from multiple sections in the on-chain adoption guide, scope terms, self-adoption guide, and self-checklist to improve readability. - Enhanced the overall structure of the documents by streamlining formatting. --------- Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Updating outlines. Removing empty frameworks from main * Fixing broken link in PR template * Fixing grammar issues and spellcheck --------- Signed-off-by: Elliot <elliotfriedman3@gmail.com> Signed-off-by: Robert MacWha <trebor.ahwcam@gmail.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Elliot <34463580+ElliotFriedman@users.noreply.github.com> Co-authored-by: engn33r <engn33r@users.noreply.github.com> Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> Co-authored-by: Piña <32434364+pinalikefruit@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Patrick Collins <54278053+PatrickAlphaC@users.noreply.github.com> Co-authored-by: relotnek <kentoler@gmail.com> Co-authored-by: Ken Toler <ken.toler@gmail.com> Co-authored-by: David <100804766+davidthegardens@users.noreply.github.com> Co-authored-by: NFTDreww <158506653+NFTDreww@users.noreply.github.com> Co-authored-by: Godwin Udo <102424075+GodwinDA@users.noreply.github.com> Co-authored-by: Yasir <100064629+damboy0@users.noreply.github.com> Co-authored-by: Dickson Wu <33645481+DicksonWu654@users.noreply.github.com> * quick fix for external security reviews * Adding dobs suggestions * Add Yaniv Sofer as a contributor and update review roles in insider t… (security-alliance#221) * Add Yaniv Sofer as a contributor and update review roles in insider threats documentation * Add blackbigswan as a contributor and update contributor roles in insider threats documentation * fix: naming change - explicit DPRK IT Workers framework (security-alliance#223) * fix: changed name of "insider-threats" folder to "dprk-it-workers" * fix: folder name change + delete src folder * Rename README files to "overview" for consistency * Rename opsec/overview folder to core-concepts * merge opsec/core-concepts/overview into opsec/overview * make vercel redirect parent URLs on their overview file * light mode adjustments * fix formatting * fix height image --------- Signed-off-by: blackbigswan <56428630+shortdoom@users.noreply.github.com> Signed-off-by: Elliot <elliotfriedman3@gmail.com> Signed-off-by: Robert MacWha <trebor.ahwcam@gmail.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: blackbigswan <56428630+shortdoom@users.noreply.github.com> Co-authored-by: Nikita Belenkov <nikitov603@gmail.com> Co-authored-by: Patrick Collins <54278053+PatrickAlphaC@users.noreply.github.com> Co-authored-by: Matías Aereal Aeón <388605+mattaereal@users.noreply.github.com> Co-authored-by: Dickson Wu <33645481+DicksonWu654@users.noreply.github.com> Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> Co-authored-by: Elliot <34463580+ElliotFriedman@users.noreply.github.com> Co-authored-by: engn33r <engn33r@users.noreply.github.com> Co-authored-by: Piña <32434364+pinalikefruit@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: relotnek <kentoler@gmail.com> Co-authored-by: Ken Toler <ken.toler@gmail.com> Co-authored-by: David <100804766+davidthegardens@users.noreply.github.com> Co-authored-by: NFTDreww <158506653+NFTDreww@users.noreply.github.com> Co-authored-by: Godwin Udo <102424075+GodwinDA@users.noreply.github.com> Co-authored-by: Yasir <100064629+damboy0@users.noreply.github.com> Co-authored-by: matta <matt@theredguild.org>
frameworks-volunteer
pushed a commit
to frameworks-volunteer/frameworks
that referenced
this pull request
Mar 9, 2026
* Incident management playbook (security-alliance#224) * Create README.md * Incident-Response-Playbooks * removed yaml review part * Update malware.md * Update hacked-dprk.md * Update hacked-drainer.md * Update hacked-elusive-comet.md * updated SUMMARY.develop & deleted resources * Update SUMMARY.md.develop Fixed the playbooks indentation * Update SUMMARY.md.develop * typo & capitalization fixed * Incident management playbooks (security-alliance#233) * incident-management/playbooks improvements * fix SUMMARY.develop * Vocs Migration (security-alliance#227) * initial Vocs migration and Vercel-ready devcontainer setup - Configured devcontainer and npm scripts with host 0.0.0.0 and port 5173 forwarding - Added vercel_build.sh and vercel.json to enable Vercel deployment - Retained src folder for easier future migration and modular structure - Included initial theme files for later customization * .gitignore updated to show package.json and package-lock.json * Update .gitignore to remove the build folder * Remove dist folder from tracking * completed migration of content to MDX format and restructured navigation - Migrated all files from src/ to docs/pages/ and converted .md to .mdx - Added proper TagProvider components and frontmatter - Updated vocs.config.ts with completed navigation - Removed src/ folder as content migration is complete * fix: resolve dead links and update opsec structure * feat: sync contributors.json with complete contributor metadata * feat: added contributors.mdx component + footer component * fix: added missing import * feat: Update filter component to automatically fetch tags from frontmatter * Update filter to be static + responsive * fix: update filter position if the banner is present + filter theming * feat: sidebar filter and docs cleanup - update blockchain tag color - make sidebar scrollable when filter is open - remove old SUMMARY files - add new manual-review page - reorganize public folder with images in subfolders - remove landing page - add branch-based sidebar filter in vocs.config.ts * fix(build): add Playwright installation in Vercel build for Mermaid rendering * chore(docs): comment out mermaid diagram to isolate build issue * fix(build): force Playwright installation in Vercel build * chore(build): manual Playwright download for Vercel * feat: Add mermaid component * refactor(docs): reorganize contributors positioning + rename stewards&contributors files * feat: integrate main/develop changes, global styling and sets up npm for just commands * Add missing contributors to contributors.json * fix: fixing typos * feat: Add insider-threats framework (DPRK IT Workers) (security-alliance#193) * feat: Add insider-threats framework (DPRK IT Workers) Signed-off-by: blackbigswan <56428630+shortdoom@users.noreply.github.com> * feat: Fixing based on comments Signed-off-by: blackbigswan <56428630+shortdoom@users.noreply.github.com> --------- Signed-off-by: blackbigswan <56428630+shortdoom@users.noreply.github.com> * Addition of a Mutation Testing Section (security-alliance#180) * mutation testing section Added: - Mutation Testing Section - Reference to Mutation Testing in Unit Testing * changes based on PR feedback Co-authored-by: Patrick Collins <54278053+PatrickAlphaC@users.noreply.github.com> * Moved the evaluating test suite part to Readme * updated summary as requested * Fixing the linter to take into account subfolders as well (security-alliance#191) * Fixing the linter to take into account subfolders as well * Mass fixing linting * fixing linting in justfile * Update src/external-security-reviews/README.md Co-authored-by: Dickson Wu <33645481+DicksonWu654@users.noreply.github.com> --------- Co-authored-by: Dickson Wu <33645481+DicksonWu654@users.noreply.github.com> * Update SUMMARY.md.develop --------- Co-authored-by: Patrick Collins <54278053+PatrickAlphaC@users.noreply.github.com> Co-authored-by: Matías Aereal Aeón <388605+mattaereal@users.noreply.github.com> Co-authored-by: Dickson Wu <33645481+DicksonWu654@users.noreply.github.com> * Merge from Main * Merge from main * Update SUMMARY.md.main with new prod-ready pages * Updating main on missing commits due to previous selective-merging (security-alliance#192) * Code review additions (security-alliance#145) * add pre-audit prep stage with links to solcurity and simple security toolkit Signed-off-by: Elliot <elliotfriedman3@gmail.com> * add prepare thoroughly section Signed-off-by: Elliot <elliotfriedman3@gmail.com> * prepare thoroughly -> come prepared Signed-off-by: Elliot <elliotfriedman3@gmail.com> --------- Signed-off-by: Elliot <elliotfriedman3@gmail.com> * Updated contributing and readme.md * Removed catpuccin, updated mdbook and admonish. (security-alliance#147) * Removed catpuccin, updated mdbook and admonish. * Removing deprecated themes from UI, and fixing admonish version on vercel_build * Testing admonish through vercel automated deployment * Updating wordlist.txt * Clean update of logo and favicon. (security-alliance#151) * Updating develop to the new and more humane beginning of a written Opsec Framework (security-alliance#154) * Updating Opsec first iteration after re-write, CorPrinciples checkpoint * Updating Opsec structure and initial approach for some of the new contents. * Updating human centered security * Stop tracking generated tagsindex.js file * Updating gitignore * Removing old readme that explained how tags work. * New structure * First iter of Fundamentals * First iter of Fundamentals * Restructuring Opsec once again. Re-wrtitten principles and threat modeling * Forgot attribution. * Added key takeaways and removed redundancy * Updating Risk management and removing overlap from Threat modeling * Fixing broken link * Spellcheck's wordlist update * Spellcheck's wordlist update * Spellcheck's wordlist update * Updating Opsec with latest updates (security-alliance#157) * Updating Opsec first iteration after re-write, CorPrinciples checkpoint * Updating Opsec structure and initial approach for some of the new contents. * Updating human centered security * Stop tracking generated tagsindex.js file * Updating gitignore * Removing old readme that explained how tags work. * New structure * First iter of Fundamentals * First iter of Fundamentals * Restructuring Opsec once again. Re-wrtitten principles and threat modeling * Forgot attribution. * Added key takeaways and removed redundancy * Updating Risk management and removing overlap from Threat modeling * Fixing broken link * Spellcheck's wordlist update * Spellcheck's wordlist update * Spellcheck's wordlist update * Updating with tincho's review * Fixing grammar issues and spellcheck * Updating wordlist.txt * Initial draft of personal security travel guide! (security-alliance#158) * Updating Opsec first iteration after re-write, CorPrinciples checkpoint * Updating Opsec structure and initial approach for some of the new contents. * Updating human centered security * Stop tracking generated tagsindex.js file * Updating gitignore * Removing old readme that explained how tags work. * New structure * First iter of Fundamentals * First iter of Fundamentals * Restructuring Opsec once again. Re-wrtitten principles and threat modeling * Forgot attribution. * Added key takeaways and removed redundancy * Updating Risk management and removing overlap from Threat modeling * Fixing broken link * Spellcheck's wordlist update * Spellcheck's wordlist update * Spellcheck's wordlist update * Updating with tincho's review * Fixing grammar issues and spellcheck * Updating wordlist.txt * Security travel guide from Notion * Attribution * Updating naming on opsec travel guide * Updating, and re-ordering paragraphs from opsec travel guide * Attribution to sources * Add Secure Multisig Signing Process (security-alliance#122) * Add secure multisig signing process * Add multisig best practices page, update msig signing process * Add additional best practices from EF doc * Add final comment for this PR * Removing the old operational-security folder, moving secure-multisig contents within wallet-security, and re-generated the overview of frameworks with AI. * Safe Harbor Docs (security-alliance#144) Co-authored-by: Matías Aereal Aeón <388605+mattaereal@users.noreply.github.com> * doc: instruction for re-writing history to sign commits (security-alliance#156) * Tidy plugins (security-alliance#143) * Tody Plugins Signed-off-by: Robert MacWha <trebor.ahwcam@gmail.com> * doc: fix robert's website --------- Signed-off-by: Robert MacWha <trebor.ahwcam@gmail.com> * feat: overhaul of the Wallet Security section (security-alliance#164) * docs: update README for new structure * docs: update documentation on custodial vs non-custodial and hot vs cold wallets * docs: add user security guides for beginners and intermediates * docs: add advanced security guides * docs: add key management * docs: add tools and resources * docs: add signing and verifation section * docs: improvements in AA and EIP7701 * docs: improves the entire section * docs: deletion of obsolete sections * docs: add new item hardwallet * docs: fixed typo * docs: Refine wallet security guides for accuracy and clarity * docs: Apply light content adjustments and add 'reviewed' tag. * archive Developer Key Management section for later * small format changes * docs: refactor updated navigation * docs: Update contribution and documentation configuration * feat: fix extra fields & add verbose errors (security-alliance#167) * feat: fix extra fields & add verbose errors * fix: switch back to book.for_each_mut Also cache all errors instead of just the first * feat: log error when deserializing contributors json * feat: fix UI differences * fix: re-add company attribution * fix: add alias for fact-checked * fix: jitter on hover contributors * fix: urls scrolling * fix: display:content * fix: `fact_checked` spelling * fix: throw error if role alias not found * tidy: role_aliases * Bump crossbeam-channel (security-alliance#166) Bumps the cargo group with 1 update in the /plugin/mdbook-metadata directory: [crossbeam-channel](https://github.com/crossbeam-rs/crossbeam). Updates `crossbeam-channel` from 0.5.14 to 0.5.15 - [Release notes](https://github.com/crossbeam-rs/crossbeam/releases) - [Changelog](https://github.com/crossbeam-rs/crossbeam/blob/master/CHANGELOG.md) - [Commits](crossbeam-rs/crossbeam@crossbeam-channel-0.5.14...crossbeam-channel-0.5.15) --- updated-dependencies: - dependency-name: crossbeam-channel dependency-version: 0.5.15 dependency-type: indirect dependency-group: cargo ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Fix several misc (security-alliance#168) * Added some things to gitignore, particularly to use claude. * Correcting attribution * Updating steward, and improving tags UI * Removing spell-check from develop. Only on main from now on. Exploratory. * feat: security testing - solidity focused (security-alliance#163) * feat: security testing - solidity focused * fix: lint * fix: josselins review * fix: reverse aderyn and slither order * fix: patrickalphac contributor after merge * Introducing Decentralized IR Framework (security-alliance#165) * added DeIRF framework * new de-irf framework * adjusted summary as requested --------- Co-authored-by: Ken Toler <ken.toler@gmail.com> * feat: external security reviews & patrick addition (security-alliance#160) * feat: external security reviews & patrick addition * fix: lint * fix: moved smart contract audits to their own section * Adding to the outline the latest pushed content. * Bump mdbook version (security-alliance#177) * Update vercel_build.sh * Update printed statement * feat: added more information on wallet security (security-alliance#173) * feat: added more information on wallet security * fix: remove named solutions * Update PULL_REQUEST_TEMPLATE.md (security-alliance#174) * fix: stewards (security-alliance#172) * Update tldr.md (security-alliance#181) Added a line to "While Traveling" * Update README.md (security-alliance#178) I improved clarity in OpSec overview with simplified explanation and added detail on goal * Update implementation-process.md (security-alliance#179) Fixed punctuation to make the text clearer, added colons, commas, and cleaned up brackets. * feat: updating linting, devcontainer, and local development (security-alliance#184) * feat: updating linting, devcontainer, and local development * Update justfile --------- Co-authored-by: Matías Aereal Aeón <388605+mattaereal@users.noreply.github.com> * Going back to 0.4.40 stable. * Fix spelling issues and update wordlist (security-alliance#188) - Fixed 'asume' -> 'assume' in src/opsec/travel/guide.md - Fixed 'cybercrmiminals' -> 'cybercriminals' in src/opsec/travel/guide.md - Added 78 legitimate technical terms, brand names, and valid words to wordlist.txt - Includes terms like Counterparty, Invariants, Utils, and many others - Cleaned up wordlist formatting and removed invalid entries * Fix typos in mdbook-metadata README.md and add renderer to wordlist - Fix 'pagse' to 'pages' - Fix 'requrie' to 'require' - Fix 'seperate' to 'separate' - Add 'renderer' to wordlist.txt * Update threat-modeling-overview.md (security-alliance#182) * Clarified 'Team changes' to include onboarding and offboarding key personnel * Added structured 'Further Reading & Tools' section with grouped references and tools * Updating Safe Harbor Documentation (security-alliance#186) * Enhance Safe Harbor documentation and contributor list - Updated SUMMARY.md to include new resources for Safe Harbor, such as self-checklists and adoption guides. - Removed outdated key terms and protocol documentation from the Safe Harbor section. - Expanded the README.md to provide clearer explanations of Safe Harbor's purpose, adoption process, and benefits, including new visuals and testimonials from industry leaders. - Added Dickson Wu as a contributor in contributors.json with relevant details. * Update Safe Harbor documentation links for consistency - Changed links in various templates and guides to point to local markdown files instead of external Notion pages for better accessibility. - Updated the adoption details in the DAO proposal and non-DAO scope templates to reflect the new link structure. - Revised the self-adoption guide and checklist to ensure all references are consistent with the new documentation format. * Update Safe Harbor section in SUMMARY.md with new resources - Added links to new documentation including self-checklist, self-adoption guide, scope terms, on-chain adoption guide, DAO proposal template, and non-DAO scope template. - Removed outdated protocol and key terms links for improved clarity and organization. * Refactor Safe Harbor documentation for clarity and consistency - Updated the Safe Harbor eligibility checklist title and content for improved clarity. - Added new tags to various templates to enhance categorization. - Revised contact information in multiple documents to use a unified email format. - Ensured all references to Safe Harbor align with the latest documentation standards. * Update src/config/contributors.json Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Remove integration mapping documentation file * Update src/safe-harbor/README.md Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Update src/safe-harbor/scope-terms.md Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Update src/safe-harbor/self-checklist.md Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Update src/safe-harbor/on-chain-adoption-guide.md Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Update src/safe-harbor/README.md Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Update src/safe-harbor/scope-terms.md Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Remove DAO Proposal and Non-DAO Scope Templates from Safe Harbor documentation - Deleted the DAO Proposal Template and Non-DAO Scope Template files to streamline the Safe Harbor resources. - Updated SUMMARY.md and config/SUMMARY.md.develop to reflect the removal of these templates, enhancing clarity and organization. * Refactor Safe Harbor documentation for clarity and consistency - Removed unnecessary horizontal lines from multiple sections in the on-chain adoption guide, scope terms, self-adoption guide, and self-checklist to improve readability. - Enhanced the overall structure of the documents by streamlining formatting. --------- Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> * Updating outlines. Removing empty frameworks from main * Fixing broken link in PR template * Fixing grammar issues and spellcheck --------- Signed-off-by: Elliot <elliotfriedman3@gmail.com> Signed-off-by: Robert MacWha <trebor.ahwcam@gmail.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Elliot <34463580+ElliotFriedman@users.noreply.github.com> Co-authored-by: engn33r <engn33r@users.noreply.github.com> Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> Co-authored-by: Piña <32434364+pinalikefruit@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Patrick Collins <54278053+PatrickAlphaC@users.noreply.github.com> Co-authored-by: relotnek <kentoler@gmail.com> Co-authored-by: Ken Toler <ken.toler@gmail.com> Co-authored-by: David <100804766+davidthegardens@users.noreply.github.com> Co-authored-by: NFTDreww <158506653+NFTDreww@users.noreply.github.com> Co-authored-by: Godwin Udo <102424075+GodwinDA@users.noreply.github.com> Co-authored-by: Yasir <100064629+damboy0@users.noreply.github.com> Co-authored-by: Dickson Wu <33645481+DicksonWu654@users.noreply.github.com> * quick fix for external security reviews * Adding dobs suggestions * Add Yaniv Sofer as a contributor and update review roles in insider t… (security-alliance#221) * Add Yaniv Sofer as a contributor and update review roles in insider threats documentation * Add blackbigswan as a contributor and update contributor roles in insider threats documentation * fix: naming change - explicit DPRK IT Workers framework (security-alliance#223) * fix: changed name of "insider-threats" folder to "dprk-it-workers" * fix: folder name change + delete src folder * Rename README files to "overview" for consistency * Rename opsec/overview folder to core-concepts * merge opsec/core-concepts/overview into opsec/overview * make vercel redirect parent URLs on their overview file * light mode adjustments * fix formatting * fix height image --------- Signed-off-by: blackbigswan <56428630+shortdoom@users.noreply.github.com> Signed-off-by: Elliot <elliotfriedman3@gmail.com> Signed-off-by: Robert MacWha <trebor.ahwcam@gmail.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: blackbigswan <56428630+shortdoom@users.noreply.github.com> Co-authored-by: Nikita Belenkov <nikitov603@gmail.com> Co-authored-by: Patrick Collins <54278053+PatrickAlphaC@users.noreply.github.com> Co-authored-by: Matías Aereal Aeón <388605+mattaereal@users.noreply.github.com> Co-authored-by: Dickson Wu <33645481+DicksonWu654@users.noreply.github.com> Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> Co-authored-by: Elliot <34463580+ElliotFriedman@users.noreply.github.com> Co-authored-by: engn33r <engn33r@users.noreply.github.com> Co-authored-by: Piña <32434364+pinalikefruit@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: relotnek <kentoler@gmail.com> Co-authored-by: Ken Toler <ken.toler@gmail.com> Co-authored-by: David <100804766+davidthegardens@users.noreply.github.com> Co-authored-by: NFTDreww <158506653+NFTDreww@users.noreply.github.com> Co-authored-by: Godwin Udo <102424075+GodwinDA@users.noreply.github.com> Co-authored-by: Yasir <100064629+damboy0@users.noreply.github.com> Co-authored-by: matta <matt@theredguild.org> * Restructure README.md and CONTRIBUTING.md (security-alliance#225) * Update README.md * Create CONTRIBUTING.md at root level to make it appear in the main dashboard's navbar * Update contributing.md in the src folder to mirror the CONTRIBUTING.md at root level * Update links in README.md * Add "Fixing Unsigned Commits" section to root level CONTRIBUTING.md * Add "Fixing Unsigned Commits" section to src/contribute/CONTRIBUTING.md * Minor improvements to contributing.md * Update README.md * Update CODE_OF_CONDUCT.md * Update CODE_OF_CONDUCT.md * Update CODE_OF_CONDUCT.md * fix comment docs/pages/contributing.mdx * fix indentation of code blocks * fix typos + align root level CONTRIBUTING.md with docs/contribute/contributing.mdx * vocs alignment * fix typos in CODE_OF_CONDUCT * fix: add Mermaid component for mermaid code block display * fix frontmatter positioning --------- Co-authored-by: Matías Aereal Aeón <388605+mattaereal@users.noreply.github.com> * Fix logo path in README.md (security-alliance#237) * Update README.md * Update styles.css * Updating telegram's device setting (security-alliance#243) * Update PULL_REQUEST_TEMPLATE.md to feature the vocs migration (security-alliance#245) * Bump vite in the npm_and_yarn group across 1 directory (security-alliance#234) Bumps the npm_and_yarn group with 1 update in the / directory: [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite). Updates `vite` from 6.3.5 to 6.3.6 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v6.3.6/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v6.3.6/packages/vite) --- updated-dependencies: - dependency-name: vite dependency-version: 6.3.6 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * feat: Benchmark component (security-alliance#241) * feat: create mermaid wrapper script (security-alliance#242) * chore(images): migrate all images to S3 (security-alliance#252) * update image links in safe-harbor/overview.mdx * Removing safe-harbor images * update logo links + delete public folder * fix: CONTRIBUTING.md + contributing.mdx (security-alliance#250) * add error-checking step before pushing changes to CONTRIBUTING.md * add error-checking step before pushing changes to contributing.mdx * add port of local run + fixed a typo in CONTRIBUTING.md * add port of local run + fixed a typo in contributing.mdx * Fix link paths, typos, and indentation in contributing.mdx * Update contributing.mdx to sync with root level CONTRIBUTING file * Fix link paths, typos, and indentation in CONTRIBUTING.md * chore: update tags (security-alliance#253) * fix(flickering on reload): remove redirects from vercel.json (security-alliance#249) * fix(theme): prevent light flash by defaulting to dark mode * fix table of content margin * feat: add theme toggle component * chore: removed the vercel's redirects + the default dark mode * remove tags updates * chore(spellcheck): migrate from Aspell to CSpell (security-alliance#251) * chore(spellcheck): migrate from Aspell to CSpell + fix typos * fix: removed unnecessary dictionaries --------- Signed-off-by: blackbigswan <56428630+shortdoom@users.noreply.github.com> Signed-off-by: Elliot <elliotfriedman3@gmail.com> Signed-off-by: Robert MacWha <trebor.ahwcam@gmail.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: 00xWizard <00xwizard@gmail.com> Co-authored-by: Sara Russo <sararusso984@gmail.com> Co-authored-by: blackbigswan <56428630+shortdoom@users.noreply.github.com> Co-authored-by: Nikita Belenkov <nikitov603@gmail.com> Co-authored-by: Patrick Collins <54278053+PatrickAlphaC@users.noreply.github.com> Co-authored-by: Dickson Wu <33645481+DicksonWu654@users.noreply.github.com> Co-authored-by: Robert MacWha <trebor.ahwcam@gmail.com> Co-authored-by: Elliot <34463580+ElliotFriedman@users.noreply.github.com> Co-authored-by: engn33r <engn33r@users.noreply.github.com> Co-authored-by: Piña <32434364+pinalikefruit@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: relotnek <kentoler@gmail.com> Co-authored-by: Ken Toler <ken.toler@gmail.com> Co-authored-by: David <100804766+davidthegardens@users.noreply.github.com> Co-authored-by: NFTDreww <158506653+NFTDreww@users.noreply.github.com> Co-authored-by: Godwin Udo <102424075+GodwinDA@users.noreply.github.com> Co-authored-by: Yasir <100064629+damboy0@users.noreply.github.com> Co-authored-by: Antonio Viggiano <agfviggiano@gmail.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Frameworks PR Checklist
Thank you for contributing to the Security Frameworks! Before you open a PR, make sure to read information for contributors and take a look at the following checklist: