Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update building-plugins/ #2

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Update building-plugins/ #2

wants to merge 2 commits into from

Conversation

jschalz
Copy link

@jschalz jschalz commented May 5, 2024

No description provided.

@dryrunsecurity DryRunSecurity
Copy link

dryrunsecurity bot commented May 5, 2024

Hi there 👋, @DryRunSecurity here, below is a summary of our analysis and findings.

DryRun Security Status Findings
Configured Codepaths Analyzer 0 findings
Secrets Analyzer 0 findings
Authn/Authz Analyzer 0 findings
AppSec Analyzer 0 findings
Sensitive Files Analyzer 0 findings

Note

🟢 Risk threshold not exceeded.

Change Summary (click to expand)

The following is a summary of changes in this pull request made by me, your security buddy 🤖.
Note that this summary is auto-generated and not meant to be a definitive list of security issues
but rather a helpful summary from a security perspective.

Summary:

The changes in this pull request focus on updating the documentation for building plugins for the Bulwark platform. The key points include instructions on manual compilation of plugins, the required WASM target, and the need to adapt the WASM binary using the wasm-tools utility and a Bulwark-provided adapter.

From a security perspective, the documentation emphasizes the importance of dependency management, verifying the integrity of compiler outputs, and the use of a Bulwark-provided adapter to ensure the security of the plugin building process. The documentation also covers the Bulwark plugin architecture, which targets the WebAssembly (WASM) instruction format and uses the WebAssembly System Interface (WASI) API, as well as the required Cargo.toml configuration and sample plugin logic.

Overall, the changes in this pull request appear to be focused on providing clear and comprehensive documentation for the plugin building process, with a strong emphasis on security considerations and best practices.

Files Changed:

  1. api/building-plugins/building-plugins-the-hard-way.md:

    • This file provides detailed instructions on the manual compilation of Bulwark plugins, including the required WASM target and the need to adapt the WASM binary using the wasm-tools utility and a Bulwark-provided adapter.
    • The key security considerations highlighted in this file are the importance of dependency management for wasm-tools, verifying the integrity of compiler outputs, and the security of the Bulwark-provided adapter.

  2. api/building-plugins/README.md:

    • This file provides an overview of the Bulwark plugin architecture and the required steps for plugin development, including prerequisites, Cargo.toml configuration, and plugin logic implementation.
    • The changes in this file do not introduce any obvious security concerns, as the documentation focuses on the technical details of building Bulwark plugins without covering any sensitive information or implementation details that could lead to security vulnerabilities.

Powered by DryRun Security

@jschalz jschalz changed the title Update building plugins Update building-plugins/ May 5, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@jschalz