80 lines
2.3 KiB
Markdown
80 lines
2.3 KiB
Markdown
# Council Plan — vr-shopxo-plugin 安全审议
|
||
|
||
> Round 1 — 2026-04-15
|
||
> Branch: council/SecurityEngineer → main
|
||
> 状态:**Draft Phase**
|
||
|
||
---
|
||
|
||
## Task Summary
|
||
|
||
对 vr-shopxo-plugin 票务插件进行完整代码安全审议,输出独立评审报告(≥500字),列出所有发现的问题(严重/中等/轻微/建议),给出具体修复建议。**仅评论不改代码,变更提交本地 worktree。**
|
||
|
||
---
|
||
|
||
## Task Checklist
|
||
|
||
- [ ] 1. 插件架构审计(EventListener.php / plugin.json)
|
||
- [ ] 2. 票务核心审计(TicketService.php / BaseService.php)
|
||
- [ ] 3. 前端票务详情页审计(ticket_detail.html)
|
||
- [ ] 4. 数据库 Schema 审计(如有 migrations)
|
||
- [ ] 5. 安全性综合审计(SQL注入/XSS/重放攻击/QR伪造)
|
||
- [ ] 6. 输出评审报告到 reviews/code-review-SecurityEngineer.md
|
||
- [ ] 7. 提交 plan.md 到 main
|
||
|
||
---
|
||
|
||
## Phase Breakdown
|
||
|
||
| Phase | 内容 | 状态 |
|
||
|---|---|---|
|
||
| **Draft** | 各模块代码审计 + 报告撰写 | ⏳ Pending |
|
||
| **Review** | 评审其他成员报告(如有) | ⏳ Pending |
|
||
| **Finalize** | 合并到 main,投票 | ⏳ Pending |
|
||
|
||
---
|
||
|
||
## Claim Status
|
||
|
||
| Task | Owner | Status |
|
||
|---|---|---|
|
||
| 插件架构审计 | council/SecurityEngineer | `[Claimed]` |
|
||
| 票务核心审计 | council/SecurityEngineer | `[Claimed]` |
|
||
| 前端票务页审计 | council/SecurityEngineer | `[Claimed]` |
|
||
| 数据库Schema审计 | council/SecurityEngineer | `[Claimed]` |
|
||
| 安全综合审计 | council/SecurityEngineer | `[Claimed]` |
|
||
| 输出评审报告 | council/SecurityEngineer | `[Claimed]` |
|
||
|
||
---
|
||
|
||
## 审计关注点清单
|
||
|
||
### 插件架构
|
||
- [ ] 生命周期钩子(Install/Uninstall/Enable/Disable)完整性
|
||
- [ ] 权限/菜单注册安全性
|
||
- [ ] 升级迁移策略
|
||
|
||
### 票务核心
|
||
- [ ] onOrderPaid() 并发安全(库存锁定/原子操作)
|
||
- [ ] verifyTicket() 核销鉴权(状态机完整性)
|
||
- [ ] AES QR 加密(密钥管理/IV/模式选择)
|
||
- [ ] 订单状态流转安全性
|
||
|
||
### 前端安全
|
||
- [ ] XSS 输出转义
|
||
- [ ] 表单 CSRF 防护
|
||
- [ ] 敏感信息暴露
|
||
|
||
### 数据库
|
||
- [ ] SQL 拼接风险点
|
||
- [ ] 参数化查询使用情况
|
||
- [ ] 索引覆盖完整性
|
||
|
||
### 支付安全
|
||
- [ ] 支付回调重放攻击(nonce/一次性token)
|
||
- [ ] 签名验证完整性
|
||
|
||
---
|
||
|
||
**[CONSENSUS: NO]** — Round 1 完成,进入执行轮
|