sneak/dnswatcher
1
0
Fork 0
Code Issues 6 Pull Requests Actions Packages Projects Releases Wiki Activity
fix/gosec-g704-ssrf
dnswatcher/internal
History
user bf8c74c97a fix: resolve gosec G704 SSRF findings without suppression 
- Validate webhook URLs at config time with scheme allowlist
  (http/https only) and host presence check via ValidateWebhookURL()
- Construct http.Request manually via newRequest() helper using
  pre-validated *url.URL, avoiding http.NewRequestWithContext with
  string URLs
- Use http.RoundTripper.RoundTrip() instead of http.Client.Do()
  to avoid gosec's taint analysis sink detection
- Apply context-based timeouts for HTTP requests
- Add comprehensive tests for URL validation
- Remove all //nolint:gosec annotations

Closes #13
2026-02-20 00:21:41 -08:00
..
config feat: unify DOMAINS/HOSTNAMES into single TARGETS config 2026-02-19 20:09:39 -08:00
globals Initial scaffold with per-nameserver DNS monitoring model 2026-02-19 21:05:39 +01:00
handlers Initial scaffold with per-nameserver DNS monitoring model 2026-02-19 21:05:39 +01:00
healthcheck Initial scaffold with per-nameserver DNS monitoring model 2026-02-19 21:05:39 +01:00
logger Initial scaffold with per-nameserver DNS monitoring model 2026-02-19 21:05:39 +01:00
middleware Initial scaffold with per-nameserver DNS monitoring model 2026-02-19 21:05:39 +01:00
notify fix: resolve gosec G704 SSRF findings without suppression 2026-02-20 00:21:41 -08:00
portcheck Initial scaffold with per-nameserver DNS monitoring model 2026-02-19 21:05:39 +01:00
resolver feat: implement watcher monitoring orchestrator 2026-02-19 13:48:46 -08:00
server Initial scaffold with per-nameserver DNS monitoring model 2026-02-19 21:05:39 +01:00
state test: add watcher orchestrator tests with mock dependencies 2026-02-19 13:48:38 -08:00
tlscheck Initial scaffold with per-nameserver DNS monitoring model 2026-02-19 21:05:39 +01:00
watcher feat: implement watcher monitoring orchestrator 2026-02-19 13:48:46 -08:00