sneak/upaas
1
0
Fork 0
Code Issues 14 Pull Requests 2 Actions Packages Projects Releases Wiki Activity
4f81d9cb70
upaas/internal/handlers
History
clawbot 4f81d9cb70 fix: address review feedback - security hardening and lint cleanup 
- Remove all nolint:gosec annotations from branch, use targeted #nosec
  with explanations only where gosec taint analysis produces false positives
- Remove unused loginRequest struct (was causing G117 + unused lint errors)
- Add SanitizeLogs() for container log output (attacker-controlled data)
- Add validateWebhookURL() helper with scheme validation for SSRF defense
- Add path traversal protection via filepath.Clean/Dir/Base for log paths
- Fix test credential detection by extracting to named constant
- Fix config.go: use filepath.Clean for session secret path
- Fix formatting issues

All make check passes with zero failures.
2026-02-20 03:00:02 -08:00
..
api_test.go refactor: switch API from token auth to cookie-based session auth 2026-02-16 00:31:10 -08:00
api.go fix: address review feedback - security hardening and lint cleanup 2026-02-20 03:00:02 -08:00
app_name_validation_test.go Add server-side app name validation (closes #37) 2026-02-15 22:06:08 -08:00
app_name_validation.go Add server-side app name validation (closes #37) 2026-02-15 22:06:08 -08:00
app.go fix: address review feedback - security hardening and lint cleanup 2026-02-20 03:00:02 -08:00
auth.go fix: buffer template execution to prevent corrupt HTML responses (closes #42) 2026-02-15 22:04:09 -08:00
dashboard.go fix: buffer template execution to prevent corrupt HTML responses (closes #42) 2026-02-15 22:04:09 -08:00
handlers_test.go refactor: switch API from token auth to cookie-based session auth 2026-02-16 00:31:10 -08:00
handlers.go fix: buffer template execution to prevent corrupt HTML responses (closes #42) 2026-02-15 22:04:09 -08:00
healthcheck.go Initial commit with server startup infrastructure 2025-12-29 15:46:03 +07:00
port_validation_test.go fix: resolve all golangci-lint issues 2026-02-15 21:55:24 -08:00
render_template_test.go fix: buffer template execution to prevent corrupt HTML responses (closes #42) 2026-02-15 22:04:09 -08:00
sanitize_test.go feat: sanitize container log output beyond Content-Type 2026-02-20 02:52:07 -08:00
sanitize.go feat: sanitize container log output beyond Content-Type 2026-02-20 02:52:07 -08:00
setup.go fix: buffer template execution to prevent corrupt HTML responses (closes #42) 2026-02-15 22:04:09 -08:00
tail_validation_test.go refactor: export SanitizeTail and DefaultLogTail directly instead of wrapping 2026-02-15 22:14:12 -08:00
volume_validation_test.go feat: edit existing env vars, labels, and volume mounts 2026-02-16 00:26:07 -08:00
webhook.go fix: limit webhook request body size to 1MB to prevent DoS (closes #1) 2026-02-08 12:02:06 -08:00