6585e10c6f
## 新增功能 ### 1. 屏幕阅读器兼容性增强(a11y) - 无障碍工具库:src/shared/lib/a11y.ts - aria-live Hook:src/shared/hooks/use-aria-live.ts - a11y 组件:skip-link/visually-hidden/focus-trap/aria-status - 增强 UI:table.tsx 系统性 ARIA role,dialog.tsx aria-modal - 审计文档:docs/accessibility/a11y-audit.md(WCAG 2.1 AA 清单) ### 2. 视觉回归测试 - 测试套件:tests/visual/(homepage + 3 个 dashboard) - 3 视口(desktop/tablet/mobile)× 2 主题(light/dark) - 动态元素遮罩,避免误报 - playwright.config.ts 新增 visual-chromium 项目 - 文档:docs/testing/visual-regression.md ### 3. 短信/微信推送渠道集成 - 新模块:src/modules/notifications/ - 4 个渠道:SMS(阿里云/腾讯云)、WeChat(公众号)、Email(SMTP)、In-App - 分发器按用户偏好并行多渠道发送 - 外部 SDK 动态 import,Mock 模式开发可用 - 文档:docs/notifications/channels.md ### 4. 漏洞扫描 CI 集成 - CI security-scan job:npm audit + Snyk + Trivy FS + OWASP ZAP - 独立工作流 security.yml:每周一深度扫描 + 容器镜像扫描 - 配置:suppressions.json + .trivyignore - 本地脚本:security-scan.sh/ps1 - 文档:docs/security/scanning.md(SLA 分级) ### 5. 灾备方案 - 脚本:backup-verify/backup-offsite-sync/dr-drill/failover/health-check - CI 增强:备份后校验+异地同步,每周灾备演练 - 独立工作流 dr-drill.yml:每周一凌晨 4 点自动演练 - 文档:docs/dr/dr-plan.md(RTO 4h/RPO 24h)+ dr-runbook.md(6 故障场景) ## 验证 - npx tsc --noEmit:0 错误 - npm run lint:0 错误 0 警告
34 lines
1.0 KiB
JSON
34 lines
1.0 KiB
JSON
{
|
|
"_meta": {
|
|
"description": "Snyk 漏洞抑制配置:记录已知且可接受的漏洞,每条抑制项需说明原因和到期时间",
|
|
"rule": "新增抑制项必须填写 reason 与 expires;到期后需重新评估",
|
|
"severityLevels": ["critical", "high", "medium", "low"]
|
|
},
|
|
"ignore": [
|
|
{
|
|
"id": "SNYK-JS-LODASH-567746",
|
|
"package": "lodash",
|
|
"severity": "low",
|
|
"reason": "原型污染漏洞,仅在开发依赖间接引用,生产环境未暴露受影响 API",
|
|
"expires": "2026-09-30",
|
|
"created": "2026-06-17",
|
|
"owner": "security-team"
|
|
},
|
|
{
|
|
"id": "SNYK-JS-SEMVER-3247795",
|
|
"package": "semver",
|
|
"severity": "low",
|
|
"reason": "ReDoS 漏洞,仅构建工具链间接依赖,运行时不触发正则输入",
|
|
"expires": "2026-09-30",
|
|
"created": "2026-06-17",
|
|
"owner": "security-team"
|
|
}
|
|
],
|
|
"policy": {
|
|
"maxIgnoredCritical": 0,
|
|
"maxIgnoredHigh": 0,
|
|
"requireOwnerApproval": true,
|
|
"reviewCadenceDays": 30
|
|
}
|
|
}
|