Update project files and scripts for improved functionality and security

Author: CrisisCore-Systems

.github/workflows/ci.yml

@@ -17,10 +17,15 @@ jobs:
         sudo apt-get update
         sudo apt-get install -y shellcheck ghostscript
     
-    - name: Run ShellCheck
+    - name: Run ShellCheck on all shell scripts
       run: |
-        shellcheck compresskit-pdf
-        shellcheck install.sh
+        find . -type f -name "*.sh" -exec shellcheck -x {} \; || true
+        
+    - name: Run ShellCheck on main scripts (strict mode)
+      run: |
+        shellcheck -x compresskit-pdf
+        shellcheck -x install.sh
+        shellcheck -x run_tests.sh
     
     - name: Test script permissions
       run: |

CHANGELOG.md

@@ -4,6 +4,25 @@ All notable changes to CompressKit will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [1.1.0] - 2024-12-20
+### Added
+- Comprehensive security module with improved path validation
+- Enhanced input validation for all user-facing functions
+- Improved error handling across all components
+- Security incident reporting system
+- Extended test coverage for security functions
+
+### Fixed
+- Critical security vulnerability in safe_path() function that could lead to path traversal
+- Inconsistent error handling in compression module
+- Potential command injection vulnerabilities in file operations
+- Insufficient validation of security-critical parameters
+
+### Changed
+- Consolidated security utilities into a single module
+- Improved test coverage with dedicated security module tests
+- Enhanced documentation with detailed security guides
+
 ## [1.0.0] - 2024-12-09
 ### Added
 - Initial release

SECURITY.md

@@ -4,8 +4,28 @@
 
 | Version | Supported          |
 | ------- | ------------------ |
+| 1.1.x   | :white_check_mark: |
 | 1.0.x   | :white_check_mark: |
 
+## Security Features
+
+CompressKit implements the following security features:
+
+- **Path Traversal Protection**: All file paths are validated using the `safe_path()` function to prevent directory traversal attacks.
+- **Command Execution Protection**: Commands are executed only through `safe_execute()` with a strict allowlist of permitted commands.
+- **Input Validation**: All user inputs are validated using dedicated validation functions.
+- **Secure File Operations**: All file operations follow secure permissions and include validation.
+- **Secure Temporary Files**: Temporary files are created with secure permissions in isolated locations.
+- **Error Handling**: Consistent error handling prevents information leakage.
+- **Security Incident Reporting**: Security incidents are logged and reported to administrators.
+
+## Recent Security Improvements
+
+- Fixed critical issue in `safe_path()` function that could lead to path traversal vulnerabilities
+- Implemented comprehensive security module with improved validation
+- Enhanced test coverage for security-critical functions
+- Added protection against command injection and URL-encoded path attacks
+
 ## Reporting a Vulnerability
 
 If you discover a security vulnerability, please:
@@ -16,4 +36,148 @@ If you discover a security vulnerability, please:
 4. Allow up to 48 hours for initial response
 5. Please keep the vulnerability private until patched
 
+## Security Guidelines for Developers
+
+When contributing to CompressKit:
+
+1. **Always** use `safe_path()` for file path validation
+2. **Always** use `safe_execute()` for command execution
+3. **Always** validate all user inputs
+4. **Always** use secure permissions for files containing sensitive information
+5. **Always** implement proper error handling
+6. **Never** use `eval` or direct command execution
+7. **Never** concatenate user input into paths without validation
+
 Thank you for helping keep CompressKit secure!
+
+## Implementation Examples
+
+### Path Validation with safe_path()
+
+```bash
+# INCORRECT - vulnerable to path traversal
+process_file() {
+    local input_file="$1"
+    cat "$input_file" > output.txt  # VULNERABLE!
+}
+
+# CORRECT - uses safe_path() to validate
+process_file_secure() {
+    local input_file="$1"
+    local safe_file
+    
+    safe_file=$(safe_path "$input_file")
+    if [ $? -ne 0 ] || [ -z "$safe_file" ]; then
+        log_error "Invalid file path"
+        return 1
+    fi
+    
+    cat "$safe_file" > output.txt
+}
+```
+
+### Command Execution with safe_execute()
+
+```bash
+# INCORRECT - vulnerable to command injection
+run_command() {
+    local cmd="$1"
+    eval "$cmd"  # VULNERABLE!
+}
+
+# CORRECT - uses safe_execute() with allowlisting
+run_command_secure() {
+    local cmd="$1"
+    safe_execute "$cmd"
+}
+```
+
+### Input Validation
+
+```bash
+# INCORRECT - no input validation
+set_compression_level() {
+    COMPRESSION_LEVEL="$1"  # VULNERABLE!
+}
+
+# CORRECT - with validation
+set_compression_level_secure() {
+    local level="$1"
+    
+    # Validate input is a number in valid range
+    if [[ ! "$level" =~ ^[0-9]+$ ]] || [ "$level" -lt 1 ] || [ "$level" -gt 9 ]; then
+        log_error "Invalid compression level: $level (must be 1-9)"
+        return 1
+    fi
+    
+    COMPRESSION_LEVEL="$level"
+}
+```
+
+### Secure File Operations
+
+```bash
+# INCORRECT - insecure file creation
+create_config() {
+    echo "setting=value" > config.txt  # VULNERABLE!
+}
+
+# CORRECT - secure file creation with proper permissions
+create_config_secure() {
+    local config_file
+    config_file=$(safe_path "${HOME}/.config/compresskit/config.txt")
+    
+    if [ $? -ne 0 ] || [ -z "$config_file" ]; then
+        log_error "Invalid config file path"
+        return 1
+    fi
+    
+    # Create directory with secure permissions if needed
+    local config_dir=$(dirname "$config_file")
+    if [ ! -d "$config_dir" ]; then
+        mkdir -p "$config_dir" || {
+            log_error "Failed to create config directory"
+            return 1
+        }
+        chmod 700 "$config_dir"
+    fi
+    
+    # Write file with secure permissions
+    echo "setting=value" > "$config_file"
+    chmod 600 "$config_file"
+}
+```
+
+### Error Handling
+
+```bash
+# INCORRECT - poor error handling
+compress_file() {
+    gzip -9 "$1"  # VULNERABLE!
+}
+
+# CORRECT - with proper error handling
+compress_file_secure() {
+    local input_file="$1"
+    local safe_file
+    
+    safe_file=$(safe_path "$input_file")
+    if [ $? -ne 0 ] || [ -z "$safe_file" ]; then
+        log_error "Invalid input file path"
+        return 1
+    fi
+    
+    if [ ! -f "$safe_file" ]; then
+        log_error "Input file does not exist: $safe_file"
+        return 1
+    fi
+    
+    if ! gzip -9 "$safe_file"; then
+        log_error "Compression failed for: $safe_file"
+        return 1
+    fi
+    
+    log_info "Successfully compressed: $safe_file"
+    return 0
+}
+```

docs/ARCHITECTURE.md

@@ -0,0 +1,89 @@
+# CompressKit Architecture
+
+## Overview
+
+CompressKit follows a modular architecture with clear component responsibilities and interactions.
+This document outlines the high-level architecture, component interactions, and design philosophy.
+
+## Component Diagram
+
+```
+┌─────────────────────┐     ┌─────────────────┐     ┌────────────────────┐
+│    compresskit-pdf  │────▶│  Core Library   │────▶│  Compress Engine   │
+└─────────────────────┘     └─────────────────┘     └────────────────────┘
+          │                         │                        │
+          ▼                         ▼                        ▼
+┌─────────────────────┐     ┌─────────────────┐     ┌────────────────────┐
+│       UI Layer      │◀───▶│  Config Manager │     │   Error Handler    │
+└─────────────────────┘     └─────────────────┘     └────────────────────┘
+          │                         │                        │
+          └─────────────────────────┼────────────────────────┘
+                                    ▼
+                          ┌─────────────────┐
+                          │  Logging System │
+                          └─────────────────┘
+```
+
+## Component Responsibilities
+
+### 1. Entry Points
+
+- **compresskit-pdf**: Main executable script that provides the command-line interface
+- **compresskit**: Simplified interface for basic operations
+
+### 2. Core Components
+
+- **lib/core.sh**: Central integration layer for all components
+- **lib/config_manager.sh**: Centralized configuration management
+- **lib/compress.sh**: PDF compression implementation
+- **lib/error_handler.sh**: Error handling and recovery mechanisms
+- **lib/logger.sh**: Logging system
+- **lib/ui.sh**: User interface components
+
+### 3. Security Layer
+
+- **lib/secure_utils.sh**: Security utilities for safe file operations
+
+## Data Flow
+
+1. User invokes `compresskit-pdf` with command-line arguments
+2. Core library validates input and initializes the environment
+3. Configuration is loaded from the config manager
+4. Compression operation is performed by the compress engine
+5. Progress and results are displayed via the UI layer
+6. Errors are captured and handled by the error handler
+7. All operations are logged by the logging system
+
+## Security Considerations
+
+CompressKit implements several security measures:
+
+- Path traversal prevention through `safe_path()` validation
+- Secure temporary file handling
+- Input validation and sanitization
+- Proper permission management
+- Command injection prevention
+
+## Configuration Flow
+
+1. Default configuration paths defined in `config_manager.sh`
+2. Configuration values loaded by `config.sh`
+3. Components request configuration via standard functions
+
+## Error Handling
+
+CompressKit uses a centralized error handling approach:
+
+1. Functions return error codes to indicate success/failure
+2. Error conditions are logged and reported to the user
+3. Recovery mechanisms attempt to handle certain error conditions
+4. Detailed error information is stored in log files
+
+## Logging System
+
+The logging system provides:
+
+- Multiple log levels (ORACLE/DEBUG, HERO/INFO, OMEN/WARNING, DOOM/ERROR)
+- Timestamped log entries
+- Log rotation to prevent excessive log file growth
+- Secure log file handling with proper permissions