-
Notifications
You must be signed in to change notification settings - Fork 0
security
Load Rift runs local load tests from user-provided collections, so the main security concerns are token handling, generated artifacts, file access, and release integrity.
| Boundary | Source | Notes |
|---|---|---|
| Tauri commands | src-tauri/src/commands/ |
Frontend can invoke registered commands only |
| File selection | src/lib/tauri/dialog.ts |
Collection import and report export are user-driven |
| k6 child process | src-tauri/src/k6/process/runtime.rs |
Generated scripts execute against user-configured targets |
| Temp artifacts | src-tauri/src/k6/process/runtime.rs |
Private by default, optional debug preservation |
| Release assets |
.github/workflows/release.yml, scripts/install-apt-repo.sh
|
Signing and checksum checks protect distribution |
Auth tokens can come from the runner form, runtime variables, or a pasted cURL command. src/app/hooks/useCurlImport.ts clears the pasted command after extracting base URL or bearer token. src/app/persistence.ts persists non-secret runner preferences but does not persist auth token, base URL, advanced JSON, or variable overrides.
The k6 runtime writes script.js, summary.json, and metrics.json into private temp directories. On Unix, directories are set to 0700 and files to 0600 in src-tauri/src/k6/process/runtime.rs. LOADRIFT_PRESERVE_K6_ARTIFACTS=true keeps artifacts for debugging, but preserved files may contain request URLs, headers, bodies, and tokens.
src-tauri/tauri.conf.json sets a restrictive production CSP and a dev CSP for local Vite. src-tauri/capabilities/default.json grants core defaults plus dialog open/save for the main window.
The APT installer in scripts/install-apt-repo.sh verifies a signed checksum and pinned signer fingerprint before installing repository configuration. .github/workflows/release.yml validates signing secrets and fingerprints before publishing signed artifacts.
For runtime debugging flags, see Debugging.