openclaw/hermes-agent
1
0
Fork 0
Code Issues Pull Requests Actions 9 Packages Projects Releases Wiki Activity
Files
ce529d60728eff8519422ce025aa9d9673d9108c
hermes-agent/website
History
Teknium 7ab1677362 feat(security): on-demand supply-chain audit via OSV.dev (#31460) 
Adds 'hermes security audit' — a one-shot vulnerability scan against
OSV.dev covering three surfaces a Hermes user actually controls:

  1. The running Python's installed PyPI dists (importlib.metadata)
  2. Plugin requirements.txt / pyproject.toml pins under ~/.hermes/plugins/
  3. Pinned npx/uvx MCP servers in config.yaml

Zero new dependencies (stdlib urllib + importlib.metadata + tomllib +
concurrent.futures). No auth required for OSV's public batch API.

Flags: --json, --fail-on {low,moderate,high,critical} (default: critical),
       --skip-venv, --skip-plugins, --skip-mcp

Output groups findings by source, sorts by severity descending, surfaces
fixed-versions inline. Exit 1 when any finding meets the --fail-on tier.

Deliberately out of scope: globally-installed pip/npm, editor/browser
extensions, daily background scans, auto-blocking of installs. The audit
is on-demand by design — daily scans become noise the user trains
themselves to ignore.
2026-05-24 15:15:16 -07:00
..
docs
feat(security): on-demand supply-chain audit via OSV.dev (#31460)
2026-05-24 15:15:16 -07:00
i18n
feat(kanban): warn users that scratch workspaces are deleted on completion (#30949)
2026-05-23 11:27:00 -07:00
scripts
fix(docs): unique sidebar keys for duplicate skill categories (#26726)
2026-05-15 20:29:20 -07:00
src
docs(user-stories): add 116 stories from the Hermes Discord archive (#23436)
2026-05-10 15:21:40 -07:00
static
rebuild model catalog
2026-05-11 09:54:31 -07:00
.gitignore
docs: publish llms.txt and llms-full.txt for agent-friendly ingestion (#18276)
2026-04-30 23:17:14 -07:00
docusaurus.config.ts
docs: add Korean Kanban documentation
2026-05-18 21:42:13 -07:00
package-lock.json
chore(deps): bump mermaid from 11.13.0 to 11.15.0 in /website (#24011)
2026-05-19 09:19:06 -04:00
package.json
feat(profile): shareable profile distributions via git (#20831)
2026-05-08 10:04:32 -07:00
README.md
docs: replace ASCII diagrams with Mermaid/lists, add linting note
2026-03-21 17:58:30 -07:00
sidebars.ts
docs: dedicated Nous Portal integration page and setup guide (#31296)
2026-05-23 21:07:58 -07:00
tsconfig.json
feat: add documentation website (Docusaurus)
2026-03-05 05:24:55 -08:00

README.md

Website

This website is built using Docusaurus, a modern static website generator.

Installation

yarn

Local Development

yarn start

This command starts a local development server and opens up a browser window. Most changes are reflected live without having to restart the server.

Build

yarn build

This command generates static content into the build directory and can be served using any static contents hosting service.

Deployment

Using SSH:

USE_SSH=true yarn deploy

Not using SSH:

GIT_USER=<Your GitHub username> yarn deploy

If you are using GitHub pages for hosting, this command is a convenient way to build the website and push to the gh-pages branch.

Diagram Linting

CI runs ascii-guard to lint docs for ASCII box diagrams. Use Mermaid (````mermaid`) or plain lists/tables instead of ASCII boxes to avoid CI failures.