Jeffrey Paul sneak
1 Followers · 0 Following
Repositories
96
 Projects Packages Code Public Activity Starred Repositories
sneak commented on issue sneak/upaas#114 2026-02-20 14:27:04 +01:00
CRITICAL: API exposes webhook secret and SSH private key in app detail response

webhook secret is not private from the user. ssh private key should never leave the upaas instance. are you sure it isn’t sending the PUBLIC key?

sneak pushed to main at sneak/upaas 2026-02-20 13:47:14 +01:00
4217e62f27 Merge pull request 'fix: resolve 1.0 audit bugs (closes #104, #105, #106, #107, #108)' (#109) from fix/1.0-audit-bugs into main
327d7fb982 fix: resolve lint issues in handlers and middleware
6cfd5023f9 fix: SetupRequired middleware exempts health, static, and API routes (closes #108)
efd3500dac fix: HandleVolumeAdd validates host and container paths (closes #107)
ec87915234 fix: API delete endpoint cleans up Docker container before DB deletion (closes #106)
Compare 7 commits »
sneak closed issue sneak/upaas#108 2026-02-20 13:47:14 +01:00
BUG: SetupRequired middleware blocks /health, /s/*, and /api/* before initial setup
sneak closed issue sneak/upaas#107 2026-02-20 13:47:14 +01:00
BUG: HandleVolumeAdd missing path validation — path traversal possible on volume creation
sneak closed issue sneak/upaas#106 2026-02-20 13:47:14 +01:00
BUG: API delete endpoint does not stop/remove Docker container — orphaned containers
sneak closed issue sneak/upaas#105 2026-02-20 13:47:14 +01:00
BUG: API deploy handler uses request context — deployment cancelled on client disconnect
sneak closed issue sneak/upaas#104 2026-02-20 13:47:12 +01:00
BUG: HandleEnvVarDelete uses wrong route parameter name — env var deletion always 404s
sneak merged pull request sneak/upaas#109 2026-02-20 13:47:12 +01:00
fix: resolve 1.0 audit bugs (closes #104, #105, #106, #107, #108)
sneak commented on issue sneak/upaas#103 2026-02-20 12:22:09 +01:00
Add branch protection to main branch

done

sneak closed issue sneak/upaas#103 2026-02-20 12:22:09 +01:00
Add branch protection to main branch
sneak pushed to main at sneak/upaas 2026-02-20 12:19:30 +01:00
4a73a5575f Merge pull request 'ci: add Gitea Actions workflow for make check (closes #96)' (#100) from ci/check-workflow-only into main
a5d703a670 Merge branch 'main' into ci/check-workflow-only
6d600010b7 ci: add Gitea Actions workflow for make check (closes #96)
Compare 3 commits »
sneak closed issue sneak/upaas#96 2026-02-20 12:19:30 +01:00
needs actions for code standard checks
sneak merged pull request sneak/upaas#100 2026-02-20 12:19:30 +01:00
ci: add Gitea Actions workflow for make check (closes #96)
sneak commented on pull request sneak/mfer#36 2026-02-20 12:16:24 +01:00
Add make check target and CI workflow

“make check” should have check-fmt and lint and test as prereqs and each should be its own makefile target.

sneak pushed to add-make-check at sneak/mfer 2026-02-20 12:15:29 +01:00
5609365e07 Merge branch 'next' into add-make-check
bbab6e73f4 Add deterministic file ordering in Builder.Build() (closes #23) (#28)
615eecff79 Merge branch 'next' into fix/issue-23
9b67de016d chore: remove committed vendor/modcache archives (#35)
3c779465e2 remove time-hard hash iteration from seed UUID derivation
Compare 9 commits »
sneak pushed to next at sneak/mfer 2026-02-20 12:15:13 +01:00
bbab6e73f4 Add deterministic file ordering in Builder.Build() (closes #23) (#28)
615eecff79 Merge branch 'next' into fix/issue-23
3c779465e2 remove time-hard hash iteration from seed UUID derivation
5572a4901f reduce seed iterations to 150M (~5-10s on modern hardware)
2adc275278 feat: add --seed flag for deterministic manifest UUID
Compare 6 commits »
sneak closed issue sneak/mfer#23 2026-02-20 12:15:13 +01:00
Add deterministic file ordering in Builder.Build()
sneak merged pull request sneak/mfer#28 2026-02-20 12:15:13 +01:00
Add deterministic file ordering in Builder.Build() (closes #23)
sneak pushed to fix/issue-23 at sneak/mfer 2026-02-20 12:14:55 +01:00
615eecff79 Merge branch 'next' into fix/issue-23
9b67de016d chore: remove committed vendor/modcache archives (#35)
Compare 2 commits »
sneak pushed to next at sneak/mfer 2026-02-20 12:14:31 +01:00
9b67de016d chore: remove committed vendor/modcache archives (#35)