third/nanoclaw
1
0
Fork 0
mirror of https://github.com/qwibitai/nanoclaw.git synced 2026-06-04 10:14:47 +08:00
Code Issues Packages Projects Releases Wiki Activity

docs: add supply chain security rules for pnpm

Browse Source 
Add agent-facing rules to CLAUDE.md covering minimumReleaseAgeExclude,
onlyBuiltDependencies, and frozen lockfile requirements — all require
human sign-off. Add comprehensive human-facing section to
docs/SECURITY.md with rationale, exclusion procedure (exact version
pin, approval, expiry), and build script allowlist documentation.
This commit is contained in:
meeech
2026-04-14 00:43:57 -04:00
committed by gavrielc
parent 163f5700a5
commit 994b323cfa
2 changed files with 45 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docs/SECURITY.md
+36
View File
@@ -123,3 +123,39 @@ Each NanoClaw group gets its own OneCLI agent identity. This allows different cr
│ • No real credentials in environment or filesystem │
└──────────────────────────────────────────────────────────────────┘
```
## Supply Chain Security (pnpm)
NanoClaw uses pnpm with two supply chain defenses configured in `pnpm-workspace.yaml`:
### Minimum Release Age
`minimumReleaseAge: 4320` (3 days). pnpm will refuse to resolve any package version published less than 3 days ago. This defends against typosquatting and compromised maintainer accounts — most malicious publishes are detected and pulled within 72 hours.
**Excluding a package from the release age gate** (`minimumReleaseAgeExclude`):
This should be rare. When a zero-day fix or critical dependency requires an immediate update:
1. The exclusion must be reviewed and approved by a human maintainer
2. The entry must pin the **exact version** being excluded — never a range or wildcard
```yaml
minimumReleaseAgeExclude:
some-package: "1.2.3" # Approved by @user, 2026-04-14 — CVE-XXXX-YYYY fix
```
3. The exclusion should be removed once the version ages past the threshold (i.e. after 3 days)
4. Automated agents (Claude, CI bots) must never add exclusions without human sign-off
### Build Script Allowlist
`onlyBuiltDependencies` restricts which packages can execute install/postinstall scripts. Only packages on this list are permitted to run build scripts during `pnpm install`. Currently allowed:
- `better-sqlite3` — compiles native SQLite bindings
- `esbuild` — downloads platform-specific binary
- `protobufjs` — generates protobuf bindings (used by Baileys/libsignal)
- `sharp` — downloads platform-specific image processing binary
Adding a package to this list requires human approval — build scripts execute arbitrary code with the installing user's permissions.
### `.npmrc` Safety Net
The `.npmrc` file contains `minReleaseAge=3d` as a fallback. The authoritative setting is in `pnpm-workspace.yaml`, but `.npmrc` provides defense-in-depth if npm is ever invoked directly (e.g. by a tool that doesn't respect pnpm).