b3e8a9a058
Major additions: - Community Next.js app (port 18187) for browsing claims with API docs - stemedb-chaos crate: Fault injection, chaos testing, CRDT properties - Latent ingestion system: Reddit/FDA ingesters with ADK-Go agents - Disputed claims handling: Manual review workflows and validation - Aphoria security scanner: New extractors (SQL injection, command injection, weak crypto, TLS version), policy-based ignores, UAT reports - Docker infrastructure: Dockerfile, docker-compose.yml for full stack - VulnBank demo: Intentionally vulnerable multi-language test corpus SDK & API enhancements: - Source registry handlers for tracking data provenance - Metrics endpoint - Skeptic filtering improvements Code quality: - Split 14 large files (>500 lines) into focused modules - All files now under 500-line limit per project guidelines Documentation: - Chaos testing guide, circuit breakers, observability docs - Phase 7 UAT documentation updates - Martin Kleppmann technical writer agent Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
27 lines
697 B
Go
27 lines
697 B
Go
// VulnBank - Intentionally Vulnerable Demo Application
|
|
// DO NOT USE IN PRODUCTION - Contains security vulnerabilities for testing
|
|
package main
|
|
|
|
import (
|
|
"fmt"
|
|
"log"
|
|
"net/http"
|
|
|
|
"github.com/gorilla/mux"
|
|
)
|
|
|
|
func main() {
|
|
r := mux.NewRouter()
|
|
|
|
// API routes with vulnerabilities
|
|
r.HandleFunc("/api/user", GetUserHandler).Methods("GET")
|
|
r.HandleFunc("/api/verify", VerifyTokenHandler).Methods("POST")
|
|
r.HandleFunc("/api/data", GetExternalDataHandler).Methods("GET")
|
|
r.HandleFunc("/api/hash", HashDataHandler).Methods("POST")
|
|
|
|
fmt.Println("VulnBank - Demo vulnerable application")
|
|
fmt.Println("Run `aphoria scan` to detect vulnerabilities")
|
|
|
|
log.Fatal(http.ListenAndServe(":8080", r))
|
|
}
|