Feature: Implement Web UI & Next.js Dashboard; Fix Docker Deployment#2
Open
dennislee928 wants to merge 174 commits into
Open
Feature: Implement Web UI & Next.js Dashboard; Fix Docker Deployment#2dennislee928 wants to merge 174 commits into
dennislee928 wants to merge 174 commits into
Conversation
Introduce Dockerfile, docker-compose.yml, and related scripts for containerized deployment of HexStrike AI v6.0. Add comprehensive Docker deployment guide (DOCKER.md), environment example, cloud platform configs (Railway, Render, Fly.io), and a test script for Docker deployments. Update README.md with Docker usage instructions and cloud deployment options. Co-Authored-By: Havij <123524072+havij13@users.noreply.github.com>
Introduce Makefile for Docker management, a QUICKSTART.md guide, example GitHub Actions workflow for Docker build/push, and scripts for building and deploying HexStrike AI. Update README.md with Makefile usage instructions. These additions streamline local and cloud deployment, testing, and management for developers. Co-Authored-By: Havij <123524072+havij13@users.noreply.github.com>
Co-Authored-By: Havij <123524072+havij13@users.noreply.github.com>
Changed Dockerfile base image to kalilinux/kali-rolling:2024.3 for improved consistency and updated render.yaml to use 'runtime: docker' instead of 'env: docker'. Co-Authored-By: Havij <123524072+havij13@users.noreply.github.com>
Co-Authored-By: Havij <123524072+havij13@users.noreply.github.com>
Introduced a Dockerfile for building a Kali Linux-based container with security tools and Python dependencies, a docker-entrypoint.sh script for startup and tool verification, and a fly.toml file for Fly.io deployment configuration. These changes enable containerized deployment and cloud hosting of the HexStrike AI server. Co-Authored-By: Havij <123524072+havij13@users.noreply.github.com>
Introduced .dockerignore to exclude unnecessary files from Docker builds and added docker-compose.yml to define the hexstrike service, including environment variables, resource limits, healthcheck, and network configuration. Co-Authored-By: Havij <123524072+havij13@users.noreply.github.com>
Co-Authored-By: Havij <123524072+havij13@users.noreply.github.com>
Added DEPLOYMENT_GUIDE.md with step-by-step instructions for deploying HexStrike AI to Railway, Render, and Fly.io. Introduced Dockerfile.minimal for lightweight Fly.io builds, and added railway.toml and render.yaml for automated deployment configuration on Railway and Render platforms. Co-Authored-By: Havij <123524072+havij13@users.noreply.github.com>
Introduced full Docker support for HexStrike AI v6.0, including Makefile, Docker Compose, example environment/config files, and platform deployment configs. Added comprehensive documentation: QUICKSTART.md, DOCKER.md, and updated README.md with Docker usage and cloud deployment instructions. Provided CI/CD workflow example for GitHub Actions and cross-platform deployment/test scripts for Linux/macOS and Windows.
Appended a trailing newline to .dockerignore, Dockerfile, Dockerfile.minimal, docker-compose.yml, docker-entrypoint.sh, and several documentation files to ensure POSIX compliance and improve file formatting consistency.
Added .cursor/rules/snyk_rules.mdc to enforce Snyk security scanning for new code. Updated Dockerfile to use kalilinux/kali-last-release:latest instead of a specific version. Minor formatting changes were made to several markdown and configuration files.
Enhanced the Dockerfile to install pip, setuptools, and wheel with --break-system-packages and adjusted pip install options for requirements. Moved deployment and quickstart documentation files into the Document directory for better organization.
Added comprehensive documentation files: AI_CLIENT_SETUP_GUIDE.md, API_USAGE.md, DEPLOYMENT_TEST_RESULTS.md, and USAGE_EXAMPLES.md. Introduced a new web interface with templates/index.html, static/css/style.css, and static/js/app.js. Updated hexstrike-ai-mcp.json and hexstrike_server.py to support the new features and integration methods.
Added cross-platform API test scripts (api-test.sh for Linux/macOS and api-test.ps1 for Windows) with detailed documentation in scripts/README_API_TESTS.md. These scripts provide automated and comprehensive endpoint testing for the HexStrike AI API, referencing API_USAGE.md. Also updated the Dockerfile base image to use kalilinux/kali-rolling:latest for improved compatibility.
Improved Dockerfile to handle missing assets directory gracefully with a message. Updated both api-test scripts to expect 'statistics' instead of 'total_errors' in the error statistics endpoint response.
Split installation steps in Dockerfile for better layer caching and maintenance, grouping tools by category and cleaning up after each install. Overhauled Dockerfile.minimal to use Kali base, install only essential tools, add Go and pwntools, and improve comments and structure for clarity and reduced image size.
Introduces Dockerfile.essential for a minimal, essential toolset and updates Dockerfile and Dockerfile.minimal to add error handling for tool installation steps. This ensures the build continues even if some tools fail to install, improving robustness.
Updated Dockerfile, Dockerfile.essential, and Dockerfile.minimal to install Python dependencies within a virtual environment for better isolation. Added Dockerfile.alternative with enhanced security tools, non-root user, healthcheck, and improved build practices.
Introduces a new Next.js-based front-end in the Front-End directory, including configuration, global styles, and API types. Updates all Dockerfiles to copy templates and static directories, ensuring proper web UI deployment. Adjusts API test scripts and documentation to expect a 200 response from the root endpoint after these fixes.
Introduces main dashboard UI components (Dashboard, Header, Sidebar, StatusCard, SystemMetrics, ProcessMonitor) for the front-end, and implements a typed API client for backend communication. Also reorganizes documentation files into a 'Documentations' directory for improved project structure.
FIX :健康檢查超時問題
- 創建快速 /health 端點(<10ms) - 修正 PORT 環境變數讀取 - 添加 render.yaml 配置 - 完整的健康檢查文件
Added 'https://hexstrike-ai.quantumworld' to allowed CORS origins in middleware, config, and server. Updated '/' and '/health' endpoints to support HEAD requests and return minimal responses for faster health checks.
Introduces a new SQLMap output parser in tools/parsers/sqlmap_parser.py and integrates it into the /api/tools/sqlmap endpoint for intelligent output parsing and standardized JSON responses. Updates the API to accept additional parameters (method, level, risk, parse_output), and adds documentation (TOOL_OUTPUT_STANDARDIZATION.md) outlining the standardization approach and implementation plan.
1. 問題診斷 ✅
識別了 16 個安全工具 的輸出問題:
互動式提示 (SQLMap, Hydra, Metasploit, etc.)
非結構化輸出 (CSV, 純文本, 進度條)
冗長技術細節 (淹沒關鍵資訊)
2. SQLMap 完整修復 ✅
批次模式參數 - 消除所有互動提示:
--batch --flush-session --fresh-queries --answers='quit=N,follow=Y,continue=Y'
智能解析器 (tools/parsers/sqlmap_parser.py):
自動提取注入點
識別資料庫類型
檢測 WAF/IPS
生成實用建議
標準化響應 - 前端友善的 JSON 格式:
{ "summary": { "status": "vulnerable/clean/partial", "severity": "critical/high/medium/low/info", "brief": "一句話摘要", "findings_count": 2 }, "findings": [...], "metadata": { "warnings": [...], "recommendations": [...] } }
3. 完整文件 ✅
TOOL_OUTPUT_STANDARDIZATION.md - 完整標準化方案
SQLMAP_OUTPUT_FIX_GUIDE.md - 使用指南與前端範例
TOOL_PRIORITIES_REPORT.md - 16 個工具的優先級分析
QUICK_DEPLOY_SUMMARY.md - 快速部署指令
???啣??? - BaseParser ?質情?粹???蝯曹?閫???亙 - SQLMap/Hydra/John/Hashcat ?箄閫????- 璅???JSON ?踵??澆? - ?寞活璅∪?瘨?�????蝷? ? 閫???典祕雿? - SQLMapParser: ?芸???瘜典暺�炎皜?WAF????DBMS - HydraParser: 閫?????絞閮?閮�??遣霅?- JohnParser: Pot ?辣閫???�脣漲蝯梯???蝣潛??亙遣霅?- HashcatParser: 頛詨?辣閫????閰梯?閮�ash ?孵?撱箄降 ?? 摰??脣漲: - Phase 1: 4/4 撌亙摰? (100%) - 蝮賡??脣漲: 4/16 撌亙 (25%) ? ?寥�脫?璅? - 鈭??內: 100% 瘨 - ?鞈??航?摨? +375% - JSON 蝯???摨? +233% - ?垢?舐?? +150% ?? ?辣: - PHASE1_IMPLEMENTATION_REPORT.md - 摰撖行?勗? - TOOL_PRIORITIES_REPORT.md - 撌亙?芸?蝝???- TOOL_OUTPUT_STANDARDIZATION.md - 璅??獢?- SQLMAP_OUTPUT_FIX_GUIDE.md - SQLMap 雿輻?? - scripts/analyze_tool_outputs.py - 撌亙???單 ?? 銝?甇? Phase 2 銝剖??撌亙
1. 解析器導入失敗 "parse_error": "No module named 'sqlmap_parser'" Python 模組路徑問題 解析器文件可能沒有正確部署到容器中 2. 批次模式參數不完整 SQLMap 仍然有互動提示: "do you want to test this URL? [Y/n/q]" "Do you want to skip test payloads..." "do you want to exploit this SQL injection? [Y/n]"
Introduces LOCAL_TEST_GUIDE.md with step-by-step instructions for local Docker-based testing and adds scripts/local_docker_test.ps1 for automated build, run, parser import, and API endpoint verification. These additions streamline local development and pre-deployment validation. Co-Authored-By: Havij <123524072+havij13@users.noreply.github.com>
Introduces LLMEnhancedDecisionEngine and SecurityKnowledgeBase for GPT-4 and LangChain-powered decision making and knowledge retrieval. Adds new API endpoints for LLM-enhanced scans and RAG knowledge search, updates environment and requirements for AI dependencies, and provides test scripts and unit tests for LLM integration. Also expands README with technical details and future upgrade plans. Co-Authored-By: Havij <123524072+havij13@users.noreply.github.com>
Replaced deprecated langchain imports in llm_engine.py and rag_knowledge_base.py to use langchain_core. Added scripts/simple_llm_test.py for basic LLM integration testing. Also added new Python bytecode cache files. Co-Authored-By: Havij <123524072+havij13@users.noreply.github.com>
Replaced deprecated langchain imports in llm_engine.py and rag_knowledge_base.py to use langchain_core. Added scripts/simple_llm_test.py for basic LLM integration testing. Also added new Python bytecode cache files. Co-Authored-By: Havij <123524072+havij13@users.noreply.github.com>
Added DEPLOY_V7.0.md with step-by-step deployment instructions for HexStrike AI v7.0, including LLM integration details. Added V7.0_TEST_RESULTS.md summarizing development and production test results. Introduced scripts/deploy_v7.ps1 to automate Docker image build, dependency verification, local testing, and Docker Hub push for v7.0 release. Co-Authored-By: Havij <123524072+havij13@users.noreply.github.com>
Introduces two scripts: test_api_simple.ps1 for basic endpoint checks and test_production_api.ps1 for comprehensive production API testing of HexStrike AI. These scripts automate health, intelligence, scanning, bug bounty, CVE, exploit, file management, and advanced feature endpoint validation, providing summary and pass/fail reporting. Co-Authored-By: Havij <123524072+havij13@users.noreply.github.com>
Co-Authored-By: Havij <123524072+havij13@users.noreply.github.com>
Added comprehensive API test reports, logs, and result files for HexStrike AI v7.0, including Markdown summaries, JSON results, and text logs. Introduced a new Bash script for realistic penetration testing and updated the PowerShell test script to improve report formatting. Co-Authored-By: Havij <123524072+havij13@users.noreply.github.com>
Bumps the npm_and_yarn group with 1 update in the /Front-End directory: [js-yaml](https://github.com/nodeca/js-yaml). Updates `js-yaml` from 4.1.0 to 4.1.1 - [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md) - [Commits](nodeca/js-yaml@4.1.0...4.1.1) --- updated-dependencies: - dependency-name: js-yaml dependency-version: 4.1.1 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
…t-End/npm_and_yarn-3c67cbb9cd Bump js-yaml from 4.1.0 to 4.1.1 in /Front-End in the npm_and_yarn group across 1 directory
There was a problem hiding this comment.
Pull request overview
This PR adds a new Next.js-based dashboard frontend and improves deployment reliability by updating Docker build contents and adding CI security tooling, alongside extensive deployment/docs updates.
Changes:
- Add a Next.js 14 dashboard scaffold in
Front-End/(config, Netlify config, linting/testing setup, docs). - Update Docker build artifacts/config to include
templates/andstatic/(fixing missing-template runtime failures) and provide multiple Docker variants. - Add security/quality automation via GitHub Actions security pipeline and Trunk config, plus new/updated operational documentation and test logs.
Reviewed changes
Copilot reviewed 84 out of 500 changed files in this pull request and generated 14 comments.
Show a summary per file
| File | Description |
|---|---|
| Front-End/package-enhanced.json | Adds frontend scripts/deps + Jest config for the dashboard |
| Front-End/next.config.js | Configures static export build + public API URL default |
| Front-End/netlify.toml | Netlify build/publish configuration for static export |
| Front-End/UI-LAYOUT-IMPROVEMENTS.md | Documents UI/layout enhancement work |
| Front-End/README.md | Dashboard readme and local setup instructions |
| Front-End/PHASE-2-4-IMPLEMENTATION.md | Phase implementation summary docs |
| Front-End/NETLIFY_ENV_SETUP.md | Netlify env var setup guide |
| Front-End/NETLIFY_DEPLOY_FIXES.md | Netlify deploy fixes documentation |
| Front-End/DEPLOYMENT_COMMANDS.md | Deployment command cookbook |
| Front-End/DEPLOYMENT.md | Netlify deployment guide |
| Front-End/DEPLOYMENT-READY.md | Deployment-ready checklist/doc |
| Front-End/DEPLOYMENT-BUILD-FIX.md | Build issue remediation notes |
| Front-End/.gitignore | Front-End ignore rules |
| Front-End/.eslintrc.json | Front-End ESLint rules adjustments |
| Documentations/tools/web/gobuster-guide.md | Adds Gobuster tool documentation |
| Documentations/tools/network/nmap-guide.md | Adds Nmap tool documentation |
| Documentations/tools/README.md | Tool docs index/landing page |
| Documentations/TODO_COMPLETE.md | Project TODO completion status doc |
| Documentations/TASKS_STATUS.md | Task/status tracking doc |
| Documentations/RENDER_HEALTH_CHECK_CONFIG.md | Render health check configuration guide |
| Documentations/QUICK_DEPLOY_SUMMARY.md | Quick deploy summary for SQLMap output work |
| Documentations/HOTFIX_502_PORT.md | Render PORT binding hotfix doc |
| Documentations/FLY_FIX.md | Fly.io troubleshooting guide |
| Documentations/FLY_DEPLOYMENT.md | Fly.io deployment guide |
| Documentations/DEPLOYMENT_TEST_RESULTS.md | Deployment/API test result writeup |
| Documentations/DEPLOYMENT_SUMMARY.md | Deployment summary notes |
| Documentations/DEPLOYMENT_SUCCESS.md | Deployment success report doc |
| Documentations/DEPLOYMENT_GUIDE.md | General deployment guide |
| Documentations/DEPLOYMENT-FIX.md | Render deployment fix guide |
| Documentations/CORS_SOLUTION_SUMMARY.md | CORS remediation summary |
| Documentations/CORS_FIX_SUMMARY.md | CORS fix summary (backend-focused) |
| Document/QUICKSTART.md | Quickstart guide (duplicate location vs Documentations) |
| Document/FLY_FIX.md | Fly.io troubleshooting guide (duplicate location vs Documentations) |
| Document/FLY_DEPLOYMENT.md | Fly.io deployment guide (duplicate location vs Documentations) |
| Document/DEPLOYMENT_GUIDE.md | Deployment guide (duplicate location vs Documentations) |
| Dockerfile.render | Render-optimized Dockerfile, now copies templates/static |
| Dockerfile.minimal | Minimal Docker build, now copies templates/static |
| Dockerfile.fixed | Fixed Dockerfile variant, now copies templates/static |
| Dockerfile.essential | Essential Docker build, now copies templates/static |
| Dockerfile.alternative | Alternative Docker build, now copies templates/static |
| Dockerfile | Full Docker build, now copies templates/static |
| DEPLOY_V7.0.md | v7.0 LLM deployment instructions |
| API-Test-Logs/realistic_test_results_20251106_142555.json | Adds stored API test results artifact |
| API-Test-Logs/realistic_test_log_20251106_142555.txt | Adds stored API test log artifact |
| API-Test-Logs/API_Test_Report_Summary.md | Adds API test report summary doc |
| .vscode/settings.json | Adds VS Code settings for kiroAgent |
| .trunk/trunk.yaml | Adds Trunk configuration and pinned tool versions |
| .trunk/configs/ruff.toml | Adds Ruff config for Trunk |
| .trunk/configs/.markdownlint.yaml | Adds markdownlint config for Trunk |
| .trunk/configs/.isort.cfg | Adds isort config for Trunk |
| .trunk/configs/.hadolint.yaml | Adds hadolint config for Trunk |
| .trunk/.gitignore | Adds Trunk working-dir ignores |
| .kiro/steering/tech.md | Adds Kiro “tech stack” steering doc |
| .kiro/steering/suggestion.md | Adds Kiro suggestion/roadmap content |
| .kiro/steering/structure.md | Adds Kiro “project structure” steering doc |
| .kiro/steering/product.md | Adds Kiro “product overview” steering doc |
| .github/workflows/security-pipeline.yml | Adds security pipeline workflow (SAST/SCA/container/IaC/DAST) |
| .github/workflows/docker-build.yml.example | Adds example Docker build workflow |
| .dockerignore | Updates dockerignore rules |
| .cursor/rules/snyk_rules.mdc | Adds Cursor rules for Snyk security scanning |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| "jest": { | ||
| "testEnvironment": "jsdom", | ||
| "setupFilesAfterEnv": ["<rootDir>/jest.setup.js"], | ||
| "moduleNameMapping": { |
There was a problem hiding this comment.
Jest uses moduleNameMapper (not moduleNameMapping). With the current key, the @/ path alias won't be mapped and imports using that alias will fail in tests. Rename moduleNameMapping to moduleNameMapper.
Suggested change
| "moduleNameMapping": { | |
| "moduleNameMapper": { |
| "format:check": "prettier --check \"src/**/*.{ts,tsx,js,jsx,json,css,md}\"", | ||
| "prepare": "husky install" | ||
| }, | ||
| "dependencies": { |
There was a problem hiding this comment.
Several build-time-only packages are duplicated across dependencies and devDependencies (e.g., @types/*, typescript, eslint, eslint-config-next). This inflates production installs and can complicate dependency resolution. Keep these in devDependencies only. Also, @next/font is deprecated in Next.js 13+ in favor of next/font and should be removed.
Comment on lines
+25
to
+34
| "@types/node": "^20.11.0", | ||
| "@types/react": "^18.2.0", | ||
| "@types/react-dom": "^18.2.0", | ||
| "typescript": "^5.4.0", | ||
| "tailwindcss": "^3.4.0", | ||
| "autoprefixer": "^10.4.0", | ||
| "postcss": "^8.4.0", | ||
| "eslint": "^8.57.0", | ||
| "eslint-config-next": "^14.2.0", | ||
| "@next/font": "^14.2.0", |
There was a problem hiding this comment.
Several build-time-only packages are duplicated across dependencies and devDependencies (e.g., @types/*, typescript, eslint, eslint-config-next). This inflates production installs and can complicate dependency resolution. Keep these in devDependencies only. Also, @next/font is deprecated in Next.js 13+ in favor of next/font and should be removed.
Suggested change
| "@types/node": "^20.11.0", | |
| "@types/react": "^18.2.0", | |
| "@types/react-dom": "^18.2.0", | |
| "typescript": "^5.4.0", | |
| "tailwindcss": "^3.4.0", | |
| "autoprefixer": "^10.4.0", | |
| "postcss": "^8.4.0", | |
| "eslint": "^8.57.0", | |
| "eslint-config-next": "^14.2.0", | |
| "@next/font": "^14.2.0", | |
| "tailwindcss": "^3.4.0", | |
| "autoprefixer": "^10.4.0", | |
| "postcss": "^8.4.0", |
Comment on lines
+32
to
+34
| "eslint": "^8.57.0", | ||
| "eslint-config-next": "^14.2.0", | ||
| "@next/font": "^14.2.0", |
There was a problem hiding this comment.
Several build-time-only packages are duplicated across dependencies and devDependencies (e.g., @types/*, typescript, eslint, eslint-config-next). This inflates production installs and can complicate dependency resolution. Keep these in devDependencies only. Also, @next/font is deprecated in Next.js 13+ in favor of next/font and should be removed.
Comment on lines
+62
to
+67
| "devDependencies": { | ||
| "@types/node": "^20.11.0", | ||
| "@types/react": "^18.2.0", | ||
| "@types/react-dom": "^18.2.0", | ||
| "@types/react-window": "^1.8.8", | ||
| "typescript": "^5.4.0", |
There was a problem hiding this comment.
Several build-time-only packages are duplicated across dependencies and devDependencies (e.g., @types/*, typescript, eslint, eslint-config-next). This inflates production installs and can complicate dependency resolution. Keep these in devDependencies only. Also, @next/font is deprecated in Next.js 13+ in favor of next/font and should be removed.
|
|
||
| 更新日期: 2025-10-26 | ||
|
|
||
| ## �� 整體進度 |
There was a problem hiding this comment.
This heading appears to have a character encoding/garbling issue (��). Replace it with the intended text (e.g., ## 整體進度) to avoid broken rendering/searchability.
Suggested change
| ## �� 整體進度 | |
| ## 整體進度 |
| Set these in your Netlify dashboard: | ||
|
|
||
| ``` | ||
| NEXT_PUBLIC_HEXSTRIKE_API_URL=https://hexstrike-ai-v6-0.onrender.com |
There was a problem hiding this comment.
The documented default API URL here conflicts with Front-End/next.config.js, which defaults NEXT_PUBLIC_HEXSTRIKE_API_URL to https://hexstrike-ai.dennisleehappy.org. This can cause misconfiguration during deployment. Update the docs to match the current default, or explicitly explain which URL is canonical and when to use each.
| && rm -rf /var/lib/apt/lists/* | ||
|
|
||
| # Install Go-based security tools | ||
| RUN GO111MODULE=on go install -v github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latest || echo "Nuclei installation failed" |
There was a problem hiding this comment.
Installing Go tools with @latest and downloading templates during image build makes builds non-reproducible and can introduce flaky/slow builds (network dependence, upstream changes). Pin nuclei to a specific version tag and consider managing templates via a pinned release/artifact (or a separate, cacheable layer) to keep Docker builds deterministic and more reliable.
Comment on lines
+36
to
+45
| RUN GO111MODULE=on go install -v github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latest || echo "Nuclei installation failed" | ||
|
|
||
| # Set working directory | ||
| WORKDIR /app | ||
|
|
||
| # Install nuclei templates in app directory (accessible to app user) | ||
| ENV NUCLEI_TEMPLATES_PATH=/app/.nuclei-templates \ | ||
| PATH="/root/go/bin:${PATH}" | ||
| RUN mkdir -p ${NUCLEI_TEMPLATES_PATH} && \ | ||
| /root/go/bin/nuclei -update-templates -td ${NUCLEI_TEMPLATES_PATH} || echo "Nuclei templates installation skipped" |
There was a problem hiding this comment.
Installing Go tools with @latest and downloading templates during image build makes builds non-reproducible and can introduce flaky/slow builds (network dependence, upstream changes). Pin nuclei to a specific version tag and consider managing templates via a pinned release/artifact (or a separate, cacheable layer) to keep Docker builds deterministic and more reliable.
Suggested change
| RUN GO111MODULE=on go install -v github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latest || echo "Nuclei installation failed" | |
| # Set working directory | |
| WORKDIR /app | |
| # Install nuclei templates in app directory (accessible to app user) | |
| ENV NUCLEI_TEMPLATES_PATH=/app/.nuclei-templates \ | |
| PATH="/root/go/bin:${PATH}" | |
| RUN mkdir -p ${NUCLEI_TEMPLATES_PATH} && \ | |
| /root/go/bin/nuclei -update-templates -td ${NUCLEI_TEMPLATES_PATH} || echo "Nuclei templates installation skipped" | |
| RUN GO111MODULE=on go install -v github.com/projectdiscovery/nuclei/v3/cmd/nuclei@v3.3.5 || echo "Nuclei installation failed" | |
| # Set working directory | |
| WORKDIR /app | |
| # Install nuclei templates in app directory (accessible to app user) | |
| ENV NUCLEI_TEMPLATES_PATH=/app/.nuclei-templates \ | |
| PATH="/root/go/bin:${PATH}" \ | |
| NUCLEI_TEMPLATES_VERSION=v9.8.0 | |
| RUN mkdir -p ${NUCLEI_TEMPLATES_PATH} && \ | |
| curl -L "https://github.com/projectdiscovery/nuclei-templates/archive/refs/tags/${NUCLEI_TEMPLATES_VERSION}.tar.gz" \ | |
| | tar -xz --strip-components=1 -C "${NUCLEI_TEMPLATES_PATH}" || echo "Nuclei templates installation skipped" |
Comment on lines
+3
to
+12
| "timestamp": "2025-11-06T14:27:13+0800", | ||
| "server": "https://hexstrike-ai.dennisleehappy.org", | ||
| "test_target": "http://testphp.vulnweb.com", | ||
| "total_tests": 24, | ||
| "passed": 0, | ||
| "failed": 24, | ||
| "skipped": 0, | ||
| "pass_rate": 0 | ||
| }, | ||
| "test_results": [] |
There was a problem hiding this comment.
Committing raw test run artifacts (logs/results) can create noisy diffs and quickly bloat the repo over time. If these are needed, consider moving them to CI artifacts/releases or summarizing key outcomes in markdown and excluding raw logs from version control.
Suggested change
| "timestamp": "2025-11-06T14:27:13+0800", | |
| "server": "https://hexstrike-ai.dennisleehappy.org", | |
| "test_target": "http://testphp.vulnweb.com", | |
| "total_tests": 24, | |
| "passed": 0, | |
| "failed": 24, | |
| "skipped": 0, | |
| "pass_rate": 0 | |
| }, | |
| "test_results": [] | |
| "note": "Example test results schema. Do NOT commit real test run artifacts to version control; store them as CI artifacts or releases instead.", | |
| "timestamp": "YYYY-MM-DDTHH:MM:SSZ", | |
| "server": "https://example-api-server.local", | |
| "test_target": "https://example-test-target.local", | |
| "total_tests": 3, | |
| "passed": 2, | |
| "failed": 1, | |
| "skipped": 0, | |
| "pass_rate": 66.67 | |
| }, | |
| "test_results": [ | |
| { | |
| "name": "GET /health returns 200", | |
| "status": "passed", | |
| "duration_ms": 120 | |
| }, | |
| { | |
| "name": "POST /login rejects invalid credentials", | |
| "status": "passed", | |
| "duration_ms": 245 | |
| }, | |
| { | |
| "name": "GET /admin requires authentication", | |
| "status": "failed", | |
| "duration_ms": 310, | |
| "error": "Expected HTTP 401 but received HTTP 200" | |
| } | |
| ] |
Bumps the npm_and_yarn group with 6 updates in the /Front-End directory: | Package | From | To | | --- | --- | --- | | [next](https://github.com/vercel/next.js) | `14.2.33` | `15.5.14` | | [axios](https://github.com/axios/axios) | `1.13.1` | `1.13.5` | | [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` | | [flatted](https://github.com/WebReflection/flatted) | `3.3.3` | `3.4.2` | | [glob](https://github.com/isaacs/node-glob) | `10.3.10` | `10.5.0` | | [undici](https://github.com/nodejs/undici) | `5.29.0` | `removed` | Updates `next` from 14.2.33 to 15.5.14 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](vercel/next.js@v14.2.33...v15.5.14) Updates `axios` from 1.13.1 to 1.13.5 - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](axios/axios@v1.13.1...v1.13.5) Updates `minimatch` from 3.1.2 to 3.1.5 - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](isaacs/minimatch@v3.1.2...v3.1.5) Updates `flatted` from 3.3.3 to 3.4.2 - [Commits](WebReflection/flatted@v3.3.3...v3.4.2) Updates `glob` from 10.3.10 to 10.5.0 - [Changelog](https://github.com/isaacs/node-glob/blob/main/changelog.md) - [Commits](isaacs/node-glob@v10.3.10...v10.5.0) Removes `undici` --- updated-dependencies: - dependency-name: next dependency-version: 15.5.14 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: axios dependency-version: 1.13.5 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: minimatch dependency-version: 3.1.5 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: flatted dependency-version: 3.4.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: glob dependency-version: 10.5.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: undici dependency-version: dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
…t-End/npm_and_yarn-c047735154 Bump the npm_and_yarn group across 1 directory with 6 updates
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This pull request introduces a new web-based user interface for the HexStrike AI application and addresses critical Docker deployment issues.
Key Changes:
-> avaiable on https://hexstrike-ai.onrender.com
1. Dockerfile Updates
templates/andstatic/directories into the Docker imagejinja2.exceptions.TemplateNotFound: index.htmlerror and ensures the Flask web UI is properly served/) is now expected to return a200 OKstatus, serving theindex.htmldashboard, instead of a500 Internal Server Error2. API Test Script Adjustments
scripts/api-test.shandscripts/api-test.ps1scripts have been modified to reflect the new expected200status for the root endpointscripts/README_API_TESTS.mdhas been updated to document this change3. Next.js 14 Dashboard Implementation
hexstrike-dashboard, has been created in theFront-End/directorysrc/lib/api.ts) has been implemented to interact with the HexStrike AI backendPurpose:
These changes aim to provide a user-friendly web interface for interacting with the HexStrike AI, making it more accessible for monitoring and managing operations. The Dockerfile fixes ensure that the application, including its web UI, deploys correctly on platforms like Render.
Next Steps (after merge and deployment):