alma
ecf92f7762
- Removed malicious userConfig loader that dynamically imported external config - Removed mergeConfig function that allowed configuration hijacking - Added .gitignore rules to block v0-user-next.config files SECURITY INCIDENT: - Backdoor discovered allowing remote code execution via /adfa route - Attacker installed cryptocurrency miner on production VM - Root-level system compromise with 9+ months of access - Full incident details in SECURITY_INCIDENT_REPORT.md All malware removed from VM. All credentials being rotated. Date: January 10, 2026
41 lines
879 B
JavaScript
41 lines
879 B
JavaScript
/** @type {import('next').NextConfig} */
|
|
const nextConfig = {
|
|
// For Electron compatibility
|
|
output: process.env.ELECTRON_BUILD === 'true' ? 'export' : undefined,
|
|
distDir: '.next',
|
|
eslint: {
|
|
ignoreDuringBuilds: true,
|
|
},
|
|
typescript: {
|
|
ignoreBuildErrors: true,
|
|
},
|
|
images: {
|
|
unoptimized: true,
|
|
},
|
|
devIndicators: {
|
|
buildActivity: false,
|
|
buildActivityPosition: 'bottom-right',
|
|
autoPrerender: false,
|
|
},
|
|
experimental: {
|
|
webpackBuildWorker: true,
|
|
parallelServerBuildTraces: true,
|
|
parallelServerCompiles: true,
|
|
},
|
|
async headers() {
|
|
return [
|
|
{
|
|
source: '/:path*',
|
|
headers: [
|
|
{
|
|
key: 'Content-Security-Policy',
|
|
value: "frame-ancestors 'self' https://espace.slm-lab.net https://connect.slm-lab.net"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
};
|
|
|
|
export default nextConfig;
|