{"id":51557718,"url":"https://github.com/dev-five-git/security-log","last_synced_at":"2026-07-10T07:01:16.936Z","repository":{"id":357838302,"uuid":"1216621292","full_name":"dev-five-git/security-log","owner":"dev-five-git","description":"보안록 - 당신의 정보는 안전한가요?","archived":false,"fork":false,"pushed_at":"2026-07-02T04:47:23.000Z","size":3369,"stargazers_count":7,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2026-07-02T06:24:45.391Z","etag":null,"topics":["security"],"latest_commit_sha":null,"homepage":"http://security-log.devfive.kr/","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/dev-five-git.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-04-21T04:44:29.000Z","updated_at":"2026-07-02T04:47:27.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/dev-five-git/security-log","commit_stats":null,"previous_names":["dev-five-git/security-log"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/dev-five-git/security-log","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dev-five-git%2Fsecurity-log","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dev-five-git%2Fsecurity-log/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dev-five-git%2Fsecurity-log/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dev-five-git%2Fsecurity-log/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/dev-five-git","download_url":"https://codeload.github.com/dev-five-git/security-log/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dev-five-git%2Fsecurity-log/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":35323809,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-07-10T02:00:06.465Z","response_time":60,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["security"],"created_at":"2026-07-10T07:01:16.004Z","updated_at":"2026-07-10T07:01:16.918Z","avatar_url":"https://github.com/dev-five-git.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Security Log\n\n[![Process case submission](https://github.com/dev-five-git/security-log/actions/workflows/case-submission.yml/badge.svg)](https://github.com/dev-five-git/security-log/actions/workflows/case-submission.yml)\n[![Deploy to GitHub Pages](https://github.com/dev-five-git/security-log/actions/workflows/deploy.yml/badge.svg)](https://github.com/dev-five-git/security-log/actions/workflows/deploy.yml)\n\n**Security Log** is an open-source archive for publicly known cybersecurity incidents and personal data breach cases.\n\nAnyone can submit an incident through the website's case registration page. The submitted content is converted into a GitHub Issue, processed by GitHub Actions, and turned into a data Pull Request. Once the Pull Request is reviewed and merged by a maintainer, the case is reflected on the website.\n\n- Website: https://security-log.devfive.kr\n- Submit a case: https://security-log.devfive.kr/register/\n- Repository: https://github.com/dev-five-git/security-log\n\n---\n\n## Project Purpose\n\nSecurity incidents repeat.\n\nPhishing, account takeover, insider leaks, weak access control, misconfiguration, insufficient encryption, and failure to detect large-scale data exfiltration appear again and again across different incidents. Security Log records these cases in public so that individuals, developers, security practitioners, and organizations can learn from past failures.\n\nThis project aims to:\n\n- Record real cybersecurity incidents and personal data breaches as structured data.\n- Make incident causes, leaked data types, damage scale, timelines, and prevention lessons easy to review.\n- Provide a website-based case submission flow and a GitHub Issue-based public review process.\n- Automatically generate data Pull Requests using GitHub Actions.\n- Build a practical knowledge base for security awareness training, privacy education, and incident response exercises.\n- Preserve repeated security failure patterns as learnable records instead of blaming specific companies or individuals.\n\n---\n\n## How the Service Works\n\nSecurity Log is an open-source record service that combines a static website with a GitHub-based collaboration workflow.\n\n```mermaid\nflowchart TD\n  A[Open the case registration page] --\u003e B[Enter incident information]\n  B --\u003e C[Click Submit]\n  C --\u003e D[Generate GitHub Issue body]\n  D --\u003e E[Copy the body and go to GitHub]\n  E --\u003e F[Create GitHub Issue]\n  F --\u003e G[Run GitHub Actions]\n  G --\u003e H[Create incident data JSON]\n  H --\u003e I[Regenerate static data index]\n  I --\u003e J[Create automatic Pull Request]\n  J --\u003e K[Maintainer review and merge]\n  K --\u003e L[Deploy to GitHub Pages]\n  L --\u003e M[Reflect on the website]\n```\n\n### Automation Summary\n\n1. A user enters incident information on the website's case registration page.\n2. When the user clicks `Submit`, the website generates the body for a GitHub Issue.\n3. The user copies the generated body and moves to the GitHub Issue creation page.\n4. The Issue includes the `case-submission` label.\n5. When an Issue with the `case-submission` label is opened, GitHub Actions runs automatically.\n6. The workflow parses the JSON data in the Issue body and creates an `apps/front/data/{uuid}.json` file.\n7. The workflow regenerates `apps/front/src/static/accidents-data.generated.ts`.\n8. Type checking and linting are executed.\n9. A `case/{issue-number}` branch is created and an automatic Pull Request is opened.\n10. The original Issue is closed automatically, and a comment with the generated PR link is added.\n11. When the PR is merged into the `main` branch, the GitHub Pages deployment workflow runs.\n12. After the build and deployment finish, the new case appears on the website.\n\n---\n\n## How to Submit a Case\n\nThe recommended way to contribute incident data is to use the website's **case registration page**.\n\n### 1. Open the Case Registration Page\n\nGo to:\n\n```txt\nhttps://security-log.devfive.kr/register/\n```\n\n### 2. Enter Incident Information\n\nFill in the following fields on the registration page.\n\n| Field | Description |\n|---|---|\n| Company name | The company, organization, or service involved in the incident |\n| Incident date | The date the incident occurred or was officially disclosed |\n| Country | The country where the incident occurred or whose users were affected |\n| Damage scale | Publicly verifiable damage scale |\n| Incident cause | One of hacking, insider, negligence, technical defect, or unknown |\n| Tags | Keywords for search and classification, separated by commas |\n| Leaked data | Personal information or data types that were leaked |\n| Timeline | Key events from detection to response or disclosure |\n| Cause analysis | Root causes, weaknesses, or failure points behind the incident |\n| Prevention lessons - Personal | Actions individual users can take to reduce risk |\n| Prevention lessons - Corporate | Actions companies or organizations can take to reduce risk |\n\n### 3. Create a GitHub Issue\n\nAfter filling out the form, click `Submit`. The website will generate the body for a GitHub Issue.\n\n1. Copy the Issue body shown in the modal.\n2. Click `Go to GitHub` to open the Issue creation page.\n3. Paste the copied body into the GitHub Issue body field.\n4. Review the content and create the Issue.\n\nOnce the Issue is created, the automation workflow starts and creates a data Pull Request.\n\n### 4. Review and Publication\n\nSubmitted cases are not reflected on the website immediately.\n\nA maintainer must review and merge the generated Pull Request before the case is published. During review, maintainers may request corrections, source improvements, wording changes, or additional context.\n\n---\n\n## What Makes a Good Submission\n\nA good case submission should follow these principles:\n\n- Submit only incidents that can be publicly verified.\n- Use reliable sources such as news articles, company notices, government announcements, investigation reports, privacy authority publications, or KISA materials.\n- Select `unknown` when the cause has not been officially confirmed.\n- Do not include speculation, excessive blame, or unverified internal information.\n- Never include raw leaked personal information, leaked data samples, account credentials, authentication information, tokens, sessions, or cookies.\n- Do not include malware, exploit code, attack procedures, or reproduction steps for intrusion.\n- Focus on which security controls failed rather than blaming a specific company or person.\n\n---\n\n## Incident Cause Categories\n\nThe currently supported cause categories are:\n\n| Value | Display name | Description |\n|---|---|---|\n| `hacking` | Hacking | External attacks, account takeover, intrusion, malware, phishing, and similar causes |\n| `insider` | Insider | Leaks caused by employees, contractors, partners, or other privileged insiders |\n| `negligence` | Negligence | Misconfiguration, weak access control, insufficient encryption, operational mistakes, and similar issues |\n| `technical` | Technical defect | System vulnerabilities, design flaws, software defects, and similar technical failures |\n| `unknown` | Unknown | The cause has not been officially confirmed or remains unclear |\n\n---\n\n## Data Structure\n\nThe website's case registration page converts user input into JSON data inside a GitHub Issue body.\n\nThe Issue automation parses that JSON and creates an `apps/front/data/{uuid}.json` file.\n\n### Example JSON Included in an Issue\n\n```json\n{\n  \"companyName\": \"Company name\",\n  \"date\": \"2026-01-01\",\n  \"country\": \"KR\",\n  \"cause\": \"hacking\",\n  \"damage\": {\n    \"value\": 0,\n    \"unit\": \"만\"\n  },\n  \"tags\": [\"tag1\", \"tag2\"],\n  \"leaks\": [\"Example leaked data item\"],\n  \"causeAnalyses\": [\n    {\n      \"date\": \"2026-01-01\",\n      \"content\": \"Incident development or cause analysis details\"\n    }\n  ],\n  \"rootCauses\": [\"Example root cause\"],\n  \"prevention\": {\n    \"personal\": [\"Personal prevention measure\"],\n    \"corporate\": [\"Corporate prevention measure\"]\n  }\n}\n```\n\n### Stored Incident Data Type\n\nInternally, incident data may contain both Korean and English fields for multilingual display.\n\n```ts\ninterface Accident {\n  id: string\n  companyName: {\n    ko: string\n    en: string\n  }\n  date: string\n  country: string\n  cause: 'hacking' | 'insider' | 'negligence' | 'technical' | 'unknown'\n  damage: {\n    value: number\n    unit: '억' | '만' | '천' | ''\n  }\n  leaks: {\n    ko: string[]\n    en: string[]\n  }\n  causeAnalyses: {\n    date: string\n    content: {\n      ko: string\n      en: string\n    }\n  }[]\n  rootCauses: {\n    ko: string[]\n    en: string[]\n  }\n  prevention: {\n    personal: {\n      ko: string[]\n      en: string[]\n    }\n    corporate: {\n      ko: string[]\n      en: string[]\n    }\n  }\n  tags: {\n    ko: string[]\n    en: string[]\n  }\n  createdAt: string\n  issueUrl?: string\n}\n```\n\n---\n\n## Add Data Through a Pull Request\n\nYou can also add incident data directly through a Pull Request instead of using the website submission flow.\n\n### 1. Add a Data File\n\nCreate a new JSON file under `apps/front/data/`. A UUID-style filename is recommended.\n\n```txt\napps/front/data/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx.json\n```\n\n### 2. Regenerate the Static Index\n\nIf you add or modify a data file, regenerate the static index:\n\n```sh\nnode .github/scripts/generate-index.mjs\n```\n\nThis command reads `apps/front/data/*.json` files and regenerates `apps/front/src/static/accidents-data.generated.ts`.\n\n### 3. Validate Changes\n\n```sh\nbun install\nbunx tsc --noEmit -p apps/front/tsconfig.json\nbun lint\nbun run build\n```\n\n---\n\n## Local Development\n\n### Requirements\n\n- Bun\n- Node.js 22 or later recommended\n- Git\n\n### Installation\n\n```sh\ngit clone https://github.com/dev-five-git/security-log.git\ncd security-log\nbun install\n```\n\n### Run the Development Server\n\n```sh\nbun run dev\n```\n\nOpen the following URL in your browser:\n\n```txt\nhttp://localhost:3000\n```\n\n### Build\n\n```sh\nbun run build\n```\n\n### Test\n\n```sh\nbun test\n```\n\n### Lint\n\n```sh\nbun lint\n```\n\n### Auto-fix Lint Issues\n\n```sh\nbun lint:fix\n```\n\n---\n\n## Tech Stack\n\n- TypeScript\n- Next.js\n- React\n- Bun\n- GitHub Actions\n- GitHub Pages\n- oxlint\n- Devup UI\n\n---\n\n## Repository Structure\n\n```txt\n.\n├── .github\n│   ├── ISSUE_TEMPLATE\n│   │   └── case-submission.md\n│   ├── scripts\n│   │   ├── generate-index.mjs\n│   │   └── process-case-issue.mjs\n│   └── workflows\n│       ├── case-submission.yml\n│       └── deploy.yml\n├── apps\n│   └── front\n│       ├── data\n│       │   └── *.json\n│       └── src\n│           ├── app\n│           │   └── register\n│           ├── components\n│           │   └── pages\n│           │       └── register\n│           ├── lib\n│           │   └── issue-template.ts\n│           └── static\n│               ├── accidents.ts\n│               └── accidents-data.generated.ts\n├── Dockerfile.front\n├── docker-compose.yml\n├── package.json\n└── README.md\n```\n\n### Key Files\n\n| Path | Description |\n|---|---|\n| `apps/front/src/app/register/` | Website case registration page |\n| `apps/front/src/components/pages/register/` | Case registration form, modal, and input components |\n| `apps/front/src/lib/issue-template.ts` | Logic that converts form data into a GitHub Issue title and body |\n| `.github/ISSUE_TEMPLATE/case-submission.md` | Case submission template for users who create an Issue directly on GitHub |\n| `.github/workflows/case-submission.yml` | Workflow that converts a `case-submission` Issue into a data Pull Request |\n| `.github/workflows/deploy.yml` | Workflow that deploys the site to GitHub Pages after changes are merged into `main` |\n| `.github/scripts/process-case-issue.mjs` | Script that parses JSON from the Issue body and creates an incident data file |\n| `.github/scripts/generate-index.mjs` | Script that generates the static data index from `apps/front/data/*.json` |\n| `apps/front/data/` | Incident case JSON data directory |\n| `apps/front/src/static/accidents.ts` | Incident data types, formatting, search, and filtering logic |\n| `apps/front/src/static/accidents-data.generated.ts` | Auto-generated incident data index |\n\n---\n\n## Deployment\n\nThis project is deployed to GitHub Pages through GitHub Actions.\n\nThe deployment workflow runs on:\n\n- Pushes to the `main` branch\n- Pull Requests targeting the `main` branch\n- Manual workflow dispatch\n\nFor Pull Requests, the workflow performs build validation. Actual deployment runs only when changes are pushed to the `main` branch.\n\n---\n\n## Run With Docker Compose\n\nThe repository includes a Docker Compose setup.\n\n```sh\ndocker compose up -d\n```\n\nThe default port is `80`. You can change it with the `PORT` environment variable.\n\n```sh\nPORT=8080 docker compose up -d\n```\n\n---\n\n## Contribution Guide\n\nSecurity Log is a public record project. You can contribute in many ways:\n\n- Submit new cybersecurity incident cases.\n- Fix typos or incorrect data in existing cases.\n- Improve incident causes, prevention lessons, or timelines.\n- Improve multilingual translations.\n- Improve UI/UX.\n- Improve search, filtering, or statistics features.\n- Add tests.\n- Improve documentation.\n\n### Checklist Before Opening a Pull Request\n\nBefore submitting a PR, run:\n\n```sh\nbun install\nbun test\nbun lint\nbun run build\n```\n\nIf you directly modified data files, also run:\n\n```sh\nnode .github/scripts/generate-index.mjs\n```\n\n---\n\n## Data Writing Principles\n\nSecurity Log data is public information intended for education and historical record.\n\n### Information You May Include\n\n- Public incident summary\n- Incident date or disclosure date\n- Damage scale\n- Leaked data types\n- Publicly known incident cause\n- Incident timeline\n- Root causes\n- Prevention lessons for individuals and organizations\n- Tags based on public sources\n\n### Information You Must Not Include\n\n- Raw leaked personal information\n- Accounts, passwords, tokens, sessions, cookies, or other authentication information\n- Non-public internal documents\n- Attack tool usage instructions\n- Vulnerability exploitation procedures\n- Malware code or execution instructions\n- Unverified claims\n- Defamatory statements\n- Sensitive information that can identify a private individual\n\n---\n\n## Security and Reporting Notice\n\nThis repository is a public archive for cybersecurity incident records. It is not an official channel for vulnerability reports, incident reports, or personal data breach reports.\n\nIf you discover an actual security incident, personal data breach, or illegal content, report it to the relevant authority or the affected service operator.\n\nFor security issues related to this service itself or repository operations, do not post sensitive information in a public Issue. Contact the maintainers separately.\n\n---\n\n## FAQ\n\n### Will a submitted case appear on the website immediately?\n\nNo. Cases submitted through the website are converted into a GitHub Issue and then into a Pull Request. A maintainer must review and merge the PR before the case appears on the website.\n\n### Why do I need to copy the GitHub Issue body?\n\nThe registration page converts your input into a GitHub Issue body. Copying and pasting that generated body into GitHub allows the automation workflow to parse the data correctly.\n\n### Why is the Issue closed automatically?\n\nAfter a data Pull Request is created, the original Issue is closed automatically and a comment with the generated PR link is added. Review and corrections continue in the Pull Request.\n\n### What should I do if I do not know the incident cause?\n\nSelect `unknown` if the cause has not been officially confirmed. Avoid guessing between `hacking`, `insider`, `negligence`, or `technical`.\n\n### What should I do if the damage scale is unclear?\n\nUse numbers from official announcements or reliable public sources whenever possible. If the scale is unclear, write conservatively and leave enough context for maintainers to improve it during review.\n\n### Can I create an Issue directly on GitHub?\n\nYes. However, using the website's case registration page is recommended because the generated Issue body includes the JSON block required for automated processing.\n\n### Can I add a data file directly through a Pull Request?\n\nYes. Add or modify `apps/front/data/*.json`, then run `node .github/scripts/generate-index.mjs` to update the static index together with the data change.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdev-five-git%2Fsecurity-log","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdev-five-git%2Fsecurity-log","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdev-five-git%2Fsecurity-log/lists"}