Apply quick wins: hygiene, CI QA workflow, and detection notes

FoxSecIntel · FoxSecIntel · commit a5e1ba65eb52 · 2026-03-10T12:21:37.000+01:00
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -16,30 +16,12 @@ jobs:
         with:
           python-version: '3.x'
 
-      - name: Install Python deps (if present)
+      - name: Install QA dependencies
         run: |
-          if [ -f requirements.txt ]; then
-            python -m pip install --upgrade pip
-            pip install -r requirements.txt || true
-          fi
-          pip install pytest || true
+          sudo apt-get update
+          sudo apt-get install -y shellcheck
 
-      - name: Python syntax check
+      - name: Run repository QA checks
         run: |
-          py_files=$(find . -type f -name "*.py")
-          if [ -n "$py_files" ]; then
-            python -m py_compile $py_files
-          fi
-
-      - name: Shell syntax check
-        run: |
-          sh_files=$(find . -type f -name "*.sh")
-          if [ -n "$sh_files" ]; then
-            for f in $sh_files; do bash -n "$f"; done
-          fi
-
-      - name: Run pytest (if tests exist)
-        run: |
-          if [ -d tests ]; then
-            pytest -q || true
-          fi
+          chmod +x ./qa_check.sh
+          ./qa_check.sh
diff --git a/.gitignore b/.gitignore
@@ -3,3 +3,10 @@
 *.csv
 *.json
 *.out
+
+# Python cache
+__pycache__/
+*.pyc
+
+# OS noise
+.DS_Store
diff --git a/README.md b/README.md
@@ -21,6 +21,14 @@ A DNS reconnaissance and mail-security toolkit for rapid defensive triage workfl
 - Bulk lookup workflows for subdomains and registration checks
 - Cloudflare detection with resolver and DoH fallback
 
+## Detection notes and limitations
+
+- Cloudflare detection is signal-based, not authoritative attribution.
+- IP range checks use representative Cloudflare ranges and may not be exhaustive.
+- Header checks depend on live HTTP(S) responses and can be affected by WAF behaviour, redirects, or origin restrictions.
+- DNS data can vary by resolver, cache state, and propagation timing.
+- Treat output as triage evidence and verify critical findings with secondary sources.
+
 ## Features
 
 - NS, MX, A/AAAA, TXT, CAA, DMARC, SPF checks
