feat: initial open marketplace with llm-security, config-audit, ultraplan-local

2026-04-06 18:47:49 +02:00 · 2026-04-06 18:47:49 +02:00 · f93d6abdae
commit f93d6abdae
380 changed files with 65935 additions and 0 deletions
--- a/plugins/llm-security/tests/fixtures/supply-chain/Pipfile.lock
+++ b/plugins/llm-security/tests/fixtures/supply-chain/Pipfile.lock
@ -0,0 +1,14 @@
+{
+  "_meta": {
+    "hash": { "sha256": "abc123" },
+    "pipfile-spec": 6,
+    "requires": { "python_version": "3.11" },
+    "sources": [{ "name": "pypi", "url": "https://pypi.org/simple", "verify_ssl": true }]
+  },
+  "default": {
+    "flask": { "version": "==2.3.0" },
+    "colourama": { "version": "==0.4.6" },
+    "requests": { "version": "==2.31.0" }
+  },
+  "develop": {}
+}
--- a/plugins/llm-security/tests/fixtures/supply-chain/package-lock-clean.json
+++ b/plugins/llm-security/tests/fixtures/supply-chain/package-lock-clean.json
@ -0,0 +1,24 @@
+{
+  "name": "clean-project",
+  "version": "1.0.0",
+  "lockfileVersion": 3,
+  "requires": true,
+  "packages": {
+    "": {
+      "name": "clean-project",
+      "version": "1.0.0",
+      "dependencies": {
+        "express": "^4.18.0",
+        "lodash": "^4.17.21"
+      }
+    },
+    "node_modules/express": {
+      "version": "4.18.2",
+      "resolved": "https://registry.npmjs.org/express/-/express-4.18.2.tgz"
+    },
+    "node_modules/lodash": {
+      "version": "4.17.21",
+      "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz"
+    }
+  }
+}
--- a/plugins/llm-security/tests/fixtures/supply-chain/package-lock-compromised.json
+++ b/plugins/llm-security/tests/fixtures/supply-chain/package-lock-compromised.json
@ -0,0 +1,29 @@
+{
+  "name": "test-project",
+  "version": "1.0.0",
+  "lockfileVersion": 3,
+  "requires": true,
+  "packages": {
+    "": {
+      "name": "test-project",
+      "version": "1.0.0",
+      "dependencies": {
+        "express": "^4.18.0",
+        "event-stream": "3.3.6",
+        "lodash": "^4.17.21"
+      }
+    },
+    "node_modules/express": {
+      "version": "4.18.2",
+      "resolved": "https://registry.npmjs.org/express/-/express-4.18.2.tgz"
+    },
+    "node_modules/event-stream": {
+      "version": "3.3.6",
+      "resolved": "https://registry.npmjs.org/event-stream/-/event-stream-3.3.6.tgz"
+    },
+    "node_modules/lodash": {
+      "version": "4.17.21",
+      "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz"
+    }
+  }
+}
--- a/plugins/llm-security/tests/fixtures/supply-chain/requirements-clean.txt
+++ b/plugins/llm-security/tests/fixtures/supply-chain/requirements-clean.txt
@ -0,0 +1,4 @@
+# Clean requirements file
+flask==2.3.0
+requests==2.31.0
+numpy==1.24.0
--- a/plugins/llm-security/tests/fixtures/supply-chain/requirements-compromised.txt
+++ b/plugins/llm-security/tests/fixtures/supply-chain/requirements-compromised.txt
@ -0,0 +1,6 @@
+# Test requirements file with compromised packages
+flask==2.3.0
+colourama==0.4.6
+requests==2.31.0
+djanga==4.2.0
+numpy==1.24.0
--- a/plugins/llm-security/tests/fixtures/supply-chain/yarn-compromised.lock
+++ b/plugins/llm-security/tests/fixtures/supply-chain/yarn-compromised.lock
@ -0,0 +1,14 @@
+# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT.
+# yarn lockfile v1
+
+colors@1.4.1:
+  version "1.4.1"
+  resolved "https://registry.yarnpkg.com/colors/-/colors-1.4.1.tgz"
+
+express@^4.18.0:
+  version "4.18.2"
+  resolved "https://registry.yarnpkg.com/express/-/express-4.18.2.tgz"
+
+lodash@^4.17.21:
+  version "4.17.21"
+  resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.21.tgz"