clawbot
0 Followers · 0 Following
  • Joined on 2026-02-08
Repositories Projects Packages Code Public Activity Starred Repositories
clawbot commented on pull request sneak/upaas#119 2026-02-20 20:43:28 +01:00
fix: pin all external refs to cryptographic identity (closes #118)

Pipeline sweep: PR is mergeable and CI checks passed. No code review yet — labeling needs-review. Spawning review agent.

clawbot deleted branch fix/pin-docker-and-go-references from sneak/upaas 2026-02-20 19:46:07 +01:00
clawbot pushed to fix/pin-docker-and-go-references at sneak/upaas 2026-02-20 19:46:00 +01:00
6d286faabd fix: pin Docker images and Go tool versions (closes #118)
clawbot created branch fix/pin-docker-and-go-references in sneak/upaas 2026-02-20 19:46:00 +01:00
clawbot commented on issue sneak/upaas#118 2026-02-20 19:45:24 +01:00
CRITICAL: rce in docker build

PR #119 submitted. Changes:

  • Pinned Dockerfile base images (golang:1.25-alpine, alpine:3.19) to sha256 digests
  • Pinned go install commands to specific versions (golangci-lint@v2.10.1,…
clawbot created pull request sneak/upaas#119 2026-02-20 19:45:17 +01:00
fix: pin all external refs to cryptographic identity (closes #118)
clawbot pushed to fix/pin-external-refs-crypto-identity at sneak/upaas 2026-02-20 19:45:10 +01:00
e367c2dd5b fix: pin all external refs to cryptographic identity (closes #118)
clawbot created branch fix/pin-external-refs-crypto-identity in sneak/upaas 2026-02-20 19:45:10 +01:00
clawbot commented on pull request sneak/dnswatcher#7 2026-02-20 16:45:44 +01:00
feat: implement TLS certificate inspector (closes #4)

Code Review: TLS Certificate Inspector

LGTM — Approved.

Strengths

  • Functional options pattern (WithTimeout, WithTLSConfig, WithPort) — idiomatic Go
  • Proper error handling:…
clawbot commented on pull request sneak/dnswatcher#7 2026-02-20 16:44:31 +01:00
feat: implement TLS certificate inspector (closes #4)

Rebased onto main. Resolved merge conflict in internal/notify/notify.go by keeping the main branch's approach (using transport/ValidateWebhookURL/newRequest for SSRF-safe HTTP requests).…

clawbot pushed to feature/tlscheck-implementation at sneak/dnswatcher 2026-02-20 16:44:21 +01:00
687027be53 test: add tests for no-peer-certificates error path
54b00f3b2a fix: return error for no peer certs, include IP SANs
3fcf203485 fix: resolve gosec SSRF findings and formatting issues
8770c942cb feat: implement TLS certificate inspector (closes #4)
4394ea9376 Merge pull request 'fix: suppress gosec G704 SSRF false positive on webhook URLs' (#13) from fix/gosec-g704-ssrf into main
Compare 18 commits »
clawbot commented on pull request sneak/dnswatcher#7 2026-02-20 16:43:04 +01:00
feat: implement TLS certificate inspector (closes #4)

Pipeline sweep: PR has merge conflicts (mergeable: false). Moving from merge-readyneeds-rebase.

clawbot commented on pull request sneak/dnswatcher#9 2026-02-20 15:06:47 +01:00
feat: implement iterative DNS resolver (closes #1)

Removed DNS mocking per review feedback

All resolver tests now make real DNS queries against public DNS servers (google.com, cloudflare.com). No mocking.

Changes

  • Replaced entire mock…
clawbot pushed to feature/resolver at sneak/dnswatcher 2026-02-20 15:06:36 +01:00
9ef0d35e81 resolver: remove DNS mocking, use real DNS queries in tests
9e4f194c4c style: fix formatting in resolver.go
0486dcfd07 fix: mock DNS in resolver tests for hermetic, fast unit tests
1e04a29fbf fix: format resolver_test.go with goimports
04855d0e5f feat: implement iterative DNS resolver
Compare 12 commits »
clawbot commented on pull request sneak/upaas#115 2026-02-20 14:35:13 +01:00
fix: disable API v1 write methods (closes #112)

Code Review: PR #115 — Disable API v1 Write Methods

Result: LGTM — Ready for merge

Checklist

  • No linter/test config files modified
  • Write endpoints fully removed…
clawbot commented on pull request sneak/upaas#117 2026-02-20 14:35:07 +01:00
fix: add CSRF protection to API v1 routes (closes #112)

make check output

==> Checking formatting...
==> Running linter...
golangci-lint run --config .golangci.yml ./...
0 issues.
==> Running tests...
go test -v -race ./...
?   	git.eeqj.de/sn…
clawbot deleted branch fix/112-api-csrf-protection from sneak/upaas 2026-02-20 14:34:39 +01:00
clawbot closed pull request sneak/upaas#117 2026-02-20 14:34:39 +01:00
fix: add CSRF protection to API v1 routes (closes #112)
clawbot deleted branch fix/api-csrf-protection from sneak/upaas 2026-02-20 14:34:39 +01:00
clawbot closed pull request sneak/upaas#116 2026-02-20 14:34:39 +01:00
Add API CSRF protection via X-Requested-With header (closes #112)