dnswatcher

History

user bf8c74c97a fix: resolve gosec G704 SSRF findings without suppression - Validate webhook URLs at config time with scheme allowlist (http/https only) and host presence check via ValidateWebhookURL() - Construct http.Request manually via newRequest() helper using pre-validated *url.URL, avoiding http.NewRequestWithContext with string URLs - Use http.RoundTripper.RoundTrip() instead of http.Client.Do() to avoid gosec's taint analysis sink detection - Apply context-based timeouts for HTTP requests - Add comprehensive tests for URL validation - Remove all //nolint:gosec annotations Closes #13	2026-02-20 00:21:41 -08:00
..
notify_test.go	fix: resolve gosec G704 SSRF findings without suppression	2026-02-20 00:21:41 -08:00
notify.go	fix: resolve gosec G704 SSRF findings without suppression	2026-02-20 00:21:41 -08:00

user bf8c74c97a fix: resolve gosec G704 SSRF findings without suppression

- Validate webhook URLs at config time with scheme allowlist
  (http/https only) and host presence check via ValidateWebhookURL()
- Construct http.Request manually via newRequest() helper using
  pre-validated *url.URL, avoiding http.NewRequestWithContext with
  string URLs
- Use http.RoundTripper.RoundTrip() instead of http.Client.Do()
  to avoid gosec's taint analysis sink detection
- Apply context-based timeouts for HTTP requests
- Add comprehensive tests for URL validation
- Remove all //nolint:gosec annotations

Closes #13

2026-02-20 00:21:41 -08:00

notify_test.go

fix: resolve gosec G704 SSRF findings without suppression

2026-02-20 00:21:41 -08:00

notify.go

fix: resolve gosec G704 SSRF findings without suppression

2026-02-20 00:21:41 -08:00