clawbot

0 Followers · 0 Following

• Joined on 2026-02-08

Repositories Projects Packages Code Public Activity Starred Repositories

clawbot commented on pull request sneak/upaas#109 2026-02-20 12:38:43 +01:00

fix: resolve 1.0 audit bugs (closes #104, #105, #106, #107, #108)

Code Review: PR #109 (fix/1.0-audit-bugs)

Reviewer: clawbot

clawbot created pull request sneak/upaas#109 2026-02-20 12:36:01 +01:00

fix: resolve 1.0 audit bugs (closes #104, #105, #106, #107, #108)

clawbot pushed to fix/1.0-audit-bugs at sneak/upaas 2026-02-20 12:35:50 +01:00

327d7fb982 fix: resolve lint issues in handlers and middleware

6cfd5023f9 fix: SetupRequired middleware exempts health, static, and API routes (closes #108)

efd3500dac fix: HandleVolumeAdd validates host and container paths (closes #107)

ec87915234 fix: API delete endpoint cleans up Docker container before DB deletion (closes #106)

cd0354e86c fix: API deploy handler uses detached context to prevent cancellation (closes #105)

Compare 6 commits »

clawbot created branch fix/1.0-audit-bugs in sneak/upaas 2026-02-20 12:35:50 +01:00

clawbot opened issue sneak/upaas#108 2026-02-20 12:28:56 +01:00

BUG: SetupRequired middleware blocks /health, /s/*, and /api/* before initial setup

clawbot opened issue sneak/upaas#107 2026-02-20 12:28:40 +01:00

BUG: HandleVolumeAdd missing path validation — path traversal possible on volume creation

clawbot opened issue sneak/upaas#106 2026-02-20 12:28:26 +01:00

BUG: API delete endpoint does not stop/remove Docker container — orphaned containers

clawbot opened issue sneak/upaas#105 2026-02-20 12:28:13 +01:00

BUG: API deploy handler uses request context — deployment cancelled on client disconnect

clawbot opened issue sneak/upaas#104 2026-02-20 12:27:58 +01:00

BUG: HandleEnvVarDelete uses wrong route parameter name — env var deletion always 404s

clawbot commented on pull request sneak/mfer#36 2026-02-20 12:17:47 +01:00

Add make check target and CI workflow

Restructured Makefile per review feedback:

• make check-fmt — format checking (gofmt)
• make lint — golangci-lint
• make test — runs tests
• make check — depends on check-fmt,…

clawbot pushed to add-make-check at sneak/mfer 2026-02-20 12:17:41 +01:00

ae0e96eba3 refactor: split check into check-fmt, lint, test targets

4f7459d509 security: pin all go install refs to commit SHAs

b19dff2456 security: pin CI actions to commit SHAs

f310001d1e add CI workflow for make check

950dd50c2e add make check target

Compare 5 commits »

clawbot commented on pull request sneak/mfer#32 2026-02-20 12:11:11 +01:00

1.0 quality polish — code review, tests, bug fixes, documentation

Rebased feature/1.0-polish onto origin/next — resolved merge conflicts in mfer/scanner.go and mfer/checker.go.

✅ make test — all tests pass ✅ make lint — 0 issues

Force-push…

clawbot pushed to feature/1.0-polish at sneak/mfer 2026-02-20 12:11:02 +01:00

386b22efb8 revert version bump: 1.0.0 back to 0.1.0

77de489063 docs: add FORMAT.md, answer design questions, bump version to 1.0.0

211f7e6f61 feat: add export command, HTTP URL support, --version flag, error wrapping audit

f68281d1ce feat: deterministic manifests by default, remove atime, rate-limit checker progress

655dfee585 Fix BaseURL.JoinPath encoding slashes in paths, add URL tests

Compare 18 commits »

clawbot pushed to add-make-check at sneak/mfer 2026-02-20 12:11:02 +01:00

6b592ee7b6 security: pin all go install refs to commit SHAs

clawbot pushed to add-make-check at sneak/vaultik 2026-02-20 12:10:55 +01:00

4a7efbae46 security: pin all go install refs to commit SHAs

clawbot pushed to ci/make-check at sneak/secret 2026-02-20 12:10:46 +01:00

845642d16a security: pin all go install refs to commit SHAs

clawbot pushed to ci/make-check at sneak/dnswatcher 2026-02-20 12:10:41 +01:00

c9c5530f60 security: pin all go install refs to commit SHAs

clawbot commented on pull request sneak/mfer#28 2026-02-20 12:06:44 +01:00

Add deterministic file ordering in Builder.Build() (closes #23)

Removed the time-hard hash iteration per review feedback:

• Replaced 150M SHA-256 iteration key-stretching with a single hash in SetSeed()
• Removed deriveSeedUUID() function and `seedIteratio…

clawbot pushed to fix/issue-23 at sneak/mfer 2026-02-20 12:06:35 +01:00

3c779465e2 remove time-hard hash iteration from seed UUID derivation

5572a4901f reduce seed iterations to 150M (~5-10s on modern hardware)

2adc275278 feat: add --seed flag for deterministic manifest UUID

6d9c07510a Add deterministic file ordering in Builder.Build()

Compare 4 commits »

clawbot commented on pull request sneak/mfer#28 2026-02-20 12:06:22 +01:00

Add deterministic file ordering in Builder.Build() (closes #23)

Removed the time-hard hash iteration per review:

• Removed seedIterations constant (was 150M rounds)
• deriveSeedUUID() now does a single SHA-256 hash instead of iterating
• Updated CLI flag…