feat(plugin): 实现插件安全验证和审计日志功能

- 添加插件签名验证机制，支持远程证书吊销列表 - 增加插件安装时的安全检查和签名验证 - 实现插件版本存储的HMAC完整性校验 - 添加插件审计日志记录插件安装和验证事件 - 增加JS插件沙箱安全限制配置 - 添加插件商店API的签名URL字段支持 - 实现安全配置的自动刷新机制
2025-12-30 22:06:33 +08:00
parent 4d2a2a7117
commit 42e11e0aca
13 changed files with 686 additions and 31 deletions
--- a/web/src/api/index.ts
+++ b/web/src/api/index.ts
@@ -32,9 +32,9 @@ export const enablePlugin = (name: string) => post(`/plugin/${name}/enable`)
 export const disablePlugin = (name: string) => post(`/plugin/${name}/disable`)

 // 扩展商店
-export const getStorePlugins = () => get<{ plugins: StorePluginInfo[], store_url: string }>('/store/plugins')
-export const installStorePlugin = (pluginName: string, downloadUrl: string, clientId: string) =>
-  post('/store/install', { plugin_name: pluginName, download_url: downloadUrl, client_id: clientId })
+export const getStorePlugins = () => get<{ plugins: StorePluginInfo[] }>('/store/plugins')
+export const installStorePlugin = (pluginName: string, downloadUrl: string, signatureUrl: string, clientId: string) =>
+  post('/store/install', { plugin_name: pluginName, download_url: downloadUrl, signature_url: signatureUrl, client_id: clientId })

 // 客户端插件配置
 export const getClientPluginConfig = (clientId: string, pluginName: string) =>