security: 보안 강제 시스템 구축 + 하드코딩 비밀번호 제거

보안 감사 결과 CRITICAL 2건, HIGH 5건 발견 → 수정 완료 + 자동화 구축. [보안 수정] - issue-view.js: 하드코딩 비밀번호 → crypto.getRandomValues() 랜덤 생성 - pushSubscriptionController.js: ntfy 비밀번호 → process.env.NTFY_SUB_PASSWORD - DEPLOY-GUIDE.md/PROGRESS.md/migration SQL: 평문 비밀번호 → placeholder - docker-compose.yml/.env.example: NTFY_SUB_PASSWORD 환경변수 추가 [보안 강제 시스템 - 신규] - scripts/security-scan.sh: 8개 규칙 (CRITICAL 2, HIGH 4, MEDIUM 2) 3모드(staged/all/diff), severity, .securityignore, MEDIUM 임계값 - .githooks/pre-commit: 로컬 빠른 피드백 - .githooks/pre-receive-server.sh: Gitea 서버 최종 차단 bypass 거버넌스([SECURITY-BYPASS: 사유] + 사용자 제한 + 로그) - SECURITY-CHECKLIST.md: 10개 카테고리 자동/수동 구분 - docs/SECURITY-GUIDE.md: 운영자 가이드 (워크플로우, bypass, FAQ) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-10 09:44:21 +09:00
parent bbffa47a9d
commit ba9ef32808
257 changed files with 786 additions and 18 deletions
--- a/system2-report/web/public/js/cross-nav.js
+++ b/system2-report/web/public/js/cross-nav.js
@@ -0,0 +1,42 @@
+/**
+ * 크로스시스템 네비게이션 배너
+ * tkreport 페이지 상단에 시스템 간 이동 링크를 제공
+ */
+document.addEventListener('DOMContentLoaded', function() {
+    var path = window.location.pathname;
+    var host = window.location.hostname;
+    var protocol = window.location.protocol;
+
+    // tkqc URL 결정
+    var tkqcUrl;
+    if (host.includes('technicalkorea.net')) {
+        tkqcUrl = protocol + '//tkqc.technicalkorea.net';
+    } else {
+        tkqcUrl = protocol + '//' + host + ':30200';
+    }
+
+    // 현재 페이지 판별
+    var isIssueReport = path.includes('issue-report');
+    var isReportStatus = path.includes('report-status');
+    var isChatReport = path.includes('chat-report');
+
+    var nav = document.createElement('div');
+    nav.id = 'crossNav';
+    nav.innerHTML =
+        '<a href="/pages/safety/issue-report.html" class="cn-link' + (isIssueReport ? ' cn-active' : '') + '">신고하기</a>' +
+        '<a href="/pages/safety/report-status.html" class="cn-link' + (isReportStatus ? ' cn-active' : '') + '">신고현황</a>' +
+        '<a href="/pages/safety/chat-report.html" class="cn-link' + (isChatReport ? ' cn-active' : '') + '">AI 도우미</a>' +
+        '<a href="' + tkqcUrl + '" class="cn-link cn-external">부적합관리(TKQC) &rarr;</a>';
+
+    var style = document.createElement('style');
+    style.textContent =
+        '#crossNav{display:flex;align-items:center;gap:0.25rem;padding:0.5rem 0.75rem;background:#1e293b;overflow-x:auto;-webkit-overflow-scrolling:touch;}' +
+        '.cn-link{color:rgba(255,255,255,0.7);text-decoration:none;font-size:0.8125rem;font-weight:500;padding:0.25rem 0.625rem;border-radius:0.375rem;white-space:nowrap;transition:background 0.15s,color 0.15s;-webkit-tap-highlight-color:transparent;}' +
+        '.cn-link:hover,.cn-link:active{color:#fff;background:rgba(255,255,255,0.1);}' +
+        '.cn-active{color:#fff !important;background:rgba(255,255,255,0.15) !important;font-weight:600;}' +
+        '.cn-external{margin-left:auto;color:#38bdf8;border:1px solid rgba(56,189,248,0.3);font-size:0.75rem;}' +
+        '.cn-external:hover,.cn-external:active{background:rgba(56,189,248,0.15);color:#7dd3fc;}';
+
+    document.head.appendChild(style);
+    document.body.insertBefore(nav, document.body.firstChild);
+});