Merge pull request #2 from CodeMonkeyCybersecurity/claude/hera-testing-analysis-011CUqe9ycrVMyd2u5m2oiTC

Claude/hera testing analysis 011 c uqe9ycr v myd2u5m2oi tc

Author: CodeMonkeyCybersecurity

.eslintrc.json

@@ -7,9 +7,7 @@
   "extends": [
     "eslint:recommended"
   ],
-  "plugins": [
-    "webextensions"
-  ],
+  "plugins": [],
   "parserOptions": {
     "ecmaVersion": 2022,
     "sourceType": "module"
@@ -28,10 +26,6 @@
     "no-debugger": "warn",
     "no-constant-condition": ["error", { "checkLoops": false }],
 
-    // Chrome Extension Best Practices
-    "webextensions/no-browser-action-set-icon-without-path": "error",
-    "webextensions/no-browser-action-set-popup-without-popup": "error",
-
     // Async/Await Best Practices
     "require-await": "warn",
     "no-async-promise-executor": "error",

.github/workflows/security.yml

@@ -0,0 +1,58 @@
+name: Security Scan
+
+on:
+  schedule:
+    # Run security scan daily at 00:00 UTC
+    - cron: '0 0 * * *'
+  push:
+    branches: [ main ]
+  pull_request:
+    branches: [ main ]
+
+jobs:
+  security-scan:
+    name: Security Vulnerability Scan
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
+
+    - name: Setup Node.js
+      uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
+      with:
+        node-version: '20.x'
+        cache: 'npm'
+
+    - name: Install dependencies
+      run: npm ci
+
+    - name: Run npm audit
+      run: npm audit --audit-level=moderate
+
+    - name: Run npm audit fix
+      run: npm audit fix --dry-run
+
+    - name: Check for outdated dependencies
+      run: npm outdated
+      continue-on-error: true
+
+  codeql-analysis:
+    name: CodeQL Analysis
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
+
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@5d5cd550d3e189c569da8f16ea8de2d821c9bf7a # v3.31.2
+      with:
+        languages: javascript
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@5d5cd550d3e189c569da8f16ea8de2d821c9bf7a # v3.31.2

.github/workflows/test.yml

@@ -0,0 +1,126 @@
+name: Test Suite
+
+on:
+  push:
+    branches: [ main, develop, 'claude/**' ]
+  pull_request:
+    branches: [ main, develop ]
+
+jobs:
+  test:
+    name: Run Tests
+    runs-on: ubuntu-latest
+
+    strategy:
+      matrix:
+        node-version: [18.x, 20.x]
+
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
+
+    - name: Setup Node.js ${{ matrix.node-version }}
+      uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
+      with:
+        node-version: ${{ matrix.node-version }}
+        cache: 'npm'
+
+    - name: Install dependencies
+      run: npm ci
+
+    - name: Run linter
+      run: npm run lint
+
+    - name: Validate extension
+      run: npm run validate
+
+    - name: Run unit tests
+      run: npm run test:unit
+
+    - name: Run integration tests
+      run: npm run test:integration
+
+    - name: Generate coverage report
+      run: npm run test:coverage
+
+    - name: Upload coverage to Codecov
+      uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 # v4.6.0
+      with:
+        files: ./coverage/lcov.info
+        flags: unittests
+        name: codecov-umbrella
+        fail_ci_if_error: true
+      env:
+        CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
+
+    - name: Archive test results
+      if: always()
+      uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+      with:
+        name: test-results-${{ matrix.node-version }}
+        path: |
+          coverage/
+          html/
+        retention-days: 30
+
+  code-quality:
+    name: Code Quality Checks
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
+
+    - name: Setup Node.js
+      uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
+      with:
+        node-version: '20.x'
+        cache: 'npm'
+
+    - name: Install dependencies
+      run: npm ci
+
+    - name: Run ESLint
+      run: npm run lint
+
+    - name: Check for security vulnerabilities
+      run: npm audit --audit-level=moderate
+
+  build:
+    name: Build Extension
+    runs-on: ubuntu-latest
+    needs: [test, code-quality]
+
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
+
+    - name: Setup Node.js
+      uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
+      with:
+        node-version: '20.x'
+        cache: 'npm'
+
+    - name: Install dependencies
+      run: npm ci
+
+    - name: Validate manifest
+      run: node scripts/validate-extension.js
+
+    - name: Archive extension
+      uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+      with:
+        name: hera-extension
+        path: |
+          manifest.json
+          background.js
+          content-script.js
+          popup.js
+          evidence-collector.js
+          modules/
+          lib/
+          icons/
+          devtools/
+          popup.html
+          devtools.html
+        retention-days: 30

.gitignore

@@ -1,3 +1,7 @@
 /.DS_Store
 /DATA-PERSISTENCE-GUIDE.md
-/ICON_INSTRUCTIONS.md
+/ICON_INSTRUCTIONS.md
+node_modules/
+coverage/
+html/
+.vitest/

.husky/pre-commit

@@ -0,0 +1,13 @@
+#!/usr/bin/env sh
+. "$(dirname -- "$0")/_/husky.sh"
+
+echo "🔍 Running pre-commit checks..."
+
+# Run lint-staged to check only staged files
+npx lint-staged
+
+# Check coverage delta (ensure coverage doesn't decrease)
+echo "📊 Checking test coverage..."
+npm run test:coverage -- --changed
+
+echo "✅ Pre-commit checks passed!"