sneak/upaas
1
0
Fork 0
Code Issues 14 Pull Requests 2 Actions Packages Projects Releases Wiki Activity
chore/code-cleanup
upaas/internal/middleware
History
clawbot 4f81d9cb70 fix: address review feedback - security hardening and lint cleanup 
- Remove all nolint:gosec annotations from branch, use targeted #nosec
  with explanations only where gosec taint analysis produces false positives
- Remove unused loginRequest struct (was causing G117 + unused lint errors)
- Add SanitizeLogs() for container log output (attacker-controlled data)
- Add validateWebhookURL() helper with scheme validation for SSRF defense
- Add path traversal protection via filepath.Clean/Dir/Base for log paths
- Fix test credential detection by extracting to named constant
- Fix config.go: use filepath.Clean for session secret path
- Fix formatting issues

All make check passes with zero failures.
2026-02-20 03:00:02 -08:00
..
cors_test.go fix: address review feedback - security hardening and lint cleanup 2026-02-20 03:00:02 -08:00
middleware.go fix: restrict CORS to configured origins (closes #40) 2026-02-19 13:45:18 -08:00
ratelimit_test.go fix: resolve all golangci-lint issues 2026-02-15 21:55:24 -08:00
realip_test.go fix: only trust proxy headers from RFC1918/loopback sources (closes #44) 2026-02-15 22:01:54 -08:00