We actively support security updates for the following versions:

@shopdevs/multi-shop-cli implements security for sensitive Shopify theme access credentials:

• Theme tokens stored in shops/credentials/ (never committed)
• Automatic .gitignore configuration prevents accidental commits
• File permissions restricted to owner-only (600)

• JSON schema validation for all configuration
• Input sanitization for user-provided data
• Credential format validation and corruption detection

• Automatic security audits of credential files
• Detection of suspicious token patterns
• File permission monitoring and enforcement
• Credential age tracking for rotation recommendations

• Protection against credential injection attacks
• Validation of token formats and sources
• Sanitization of data before logging
• No sensitive data in error messages or logs

• Shop configuration (committed): Store domains, branch names, authentication method
• Developer credentials (local only): Personal theme access tokens/passwords

• Shopify customer data
• Payment information
• Store analytics or sales data
• Shared/team credentials

• Credential data is never sent to external services
• No telemetry or analytics collection
• No remote logging of sensitive operations

We take security seriously. If you discover a security vulnerability, please follow responsible disclosure:

• Email: security@shopdevs.com
• Subject: [SECURITY] Critical vulnerability in @shopdevs/multi-shop-cli
• Response Time: Within 24 hours

• GitHub: Create a private security advisory
• Email: security@shopdevs.com
• Response Time: Within 72 hours

• Detailed description of the vulnerability
• Steps to reproduce the issue
• Potential impact assessment
• Suggested fix (if available)
• Your contact information

1. Acknowledgment - We confirm receipt within stated timeframes
2. Investigation - We validate and assess the vulnerability
3. Fix Development - We develop and test a security patch
4. Coordinated Disclosure - We work with you on public disclosure timing
5. Recognition - We credit responsible reporters (unless anonymity requested)

• Keep the package updated to latest version
• Use Theme Access App (recommended) over manual tokens
• Rotate theme access credentials periodically (every 6 months)
• Use staging environments for development and testing
• Review credential audit results regularly: multi-shop audit security

• Share credential files between developers
• Commit shops/credentials/ directory to Git
• Use production credentials for development
• Store credentials in environment variables or CI/CD systems
• Ignore security audit warnings

// ✅ Correct: Use SecurityManager
const securityManager = new SecurityManager();
const token = securityManager.getThemeToken(shopId, env);

// ❌ Wrong: Direct file access
const rawCreds = fs.readFileSync("shops/credentials/shop.json");

// ✅ Correct: Structured error handling
try {
  const config = shopManager.loadShopConfig(shopId);
} catch (error) {
  if (error instanceof ShopConfigurationError) {
    logger.error('Configuration error', {
      shopId,
      code: error.code
    });
  }
}

// ❌ Wrong: Exposing sensitive data in errors
catch (error) {
  console.log(`Error: ${JSON.stringify(credentials)}`); // Exposes secrets!
}

// ✅ Correct: Validate all inputs
const validator = new ShopConfigValidator();
const safeConfig = validator.validateConfig(userInput, shopId);

// ❌ Wrong: Using unvalidated input
const domain = userInput.domain; // Potential injection vector

• AES-256 encryption for sensitive data (future feature)
• Integrity validation with checksums
• Automatic permission enforcement (600)
• Credential rotation monitoring

• JSON schema validation for all configuration
• Regular expression validation for shop IDs and domains
• Command injection prevention in Git operations
• Path traversal protection for file operations

• Comprehensive security audit command
• File permission monitoring
• Credential age tracking
• Suspicious activity detection

• Structured error logging without sensitive data
• Operation tracking for forensic analysis
• Automatic cleanup of temporary files
• Graceful degradation on security failures

This package is designed to help maintain compliance with:

• SOC 2 Type II - Security and availability controls
• ISO 27001 - Information security management
• GDPR - Data protection and privacy (for EU merchants)
• PCI DSS - Payment card industry standards (theme-level)

• Initial security model implementation
• Credential protection and validation
• Structured error handling
• Comprehensive audit capabilities

For security-related questions or concerns:

• Security Team: security@shopdevs.com
• General Support: support@shopdevs.com
• Documentation: https://github.com/shopdevs/multi-shop-cli/security

Last updated: January 25, 2025