cc_audit/remote/mod.rs
1//! Remote repository scanning module
2//!
3//! This module provides functionality to scan remote Git repositories
4//! for security vulnerabilities in Claude Code configurations.
5//!
6//! # Features
7//!
8//! - Clone remote repositories with security measures (shallow clone, hooks disabled)
9//! - Support for GitHub authentication (token-based)
10//! - Parse awesome-claude-code repository list
11//! - Batch scanning with parallel clones
12//!
13//! # Security Measures
14//!
15//! - All clones are shallow (depth=1) to minimize attack surface
16//! - Git hooks are disabled during clone to prevent code execution
17//! - Temporary directories are automatically cleaned up
18//! - Authentication tokens are not logged or exposed
19
20pub mod clone;
21pub mod error;
22
23pub use clone::{ClonedRepo, GitCloner, parse_github_url};
24pub use error::RemoteError;
25
26/// Default clone timeout in seconds
27pub const DEFAULT_CLONE_TIMEOUT_SECS: u64 = 300;
28
29/// Default maximum parallel clones
30pub const DEFAULT_PARALLEL_CLONES: usize = 4;
31
32/// Default rate limit retry max attempts
33pub const DEFAULT_RATE_LIMIT_RETRIES: u32 = 5;
34
35/// awesome-claude-code repository URL
36pub const AWESOME_CLAUDE_CODE_URL: &str = "https://github.com/anthropics/awesome-claude-code";
37
38#[cfg(test)]
39mod tests {
40 use super::*;
41
42 #[test]
43 fn test_constants() {
44 assert_eq!(DEFAULT_CLONE_TIMEOUT_SECS, 300);
45 assert_eq!(DEFAULT_PARALLEL_CLONES, 4);
46 assert!(AWESOME_CLAUDE_CODE_URL.contains("github.com"));
47 }
48}