Jeffrey Paul sneak

1 Followers · 0 Following

• Berlin, Deutschland
• https://sneak.berlin
• Joined on 2020-02-05

Repositories

96

Projects Packages Code Public Activity Starred Repositories

sneak commented on issue sneak/dnswatcher#12 2026-02-20 09:03:02 +01:00

CRITICAL: resolver tests hit real DNS, test suite exceeds 30s

no, dns queries don’t take more than 500ms each. how many are we making???

sneak commented on pull request sneak/secret#17 2026-02-20 08:59:53 +01:00

Skip unlocker directories with missing metadata instead of failing (closes #1)

please make an issue identifying any other places we should be warning the user about anomalous conditions. then make a PR adding calls to our new warn function in those places.

sneak pushed to main at sneak/secret 2026-02-20 08:59:05 +01:00

1c330c697f Merge pull request 'Skip unlocker directories with missing metadata instead of failing (closes #1)' (#17) from clawbot/secret:fix/issue-1 into main

d18e286377 Merge branch 'main' into fix/issue-1

c0f221b1ca Change missing metadata log from Debug to Warn for visibility without --verbose

1a96360f6a Skip unlocker directories with missing metadata instead of failing

Compare 4 commits »

sneak closed issue sneak/secret#1 2026-02-20 08:59:04 +01:00

missing metadata file for single unlocker breaks 'list' command

sneak merged pull request sneak/secret#17 2026-02-20 08:59:04 +01:00

Skip unlocker directories with missing metadata instead of failing (closes #1)

sneak pushed to main at sneak/secret 2026-02-20 08:58:22 +01:00

f49fde3a06 Merge pull request 'Fix getLongTermPrivateKey derivation index hardcoded to 0 (closes #3)' (#8) from clawbot/secret:fix/issue-3 into main

206651f89a Merge branch 'main' into fix/issue-3

596027f210 fix: suppress gosec G204 for validated GPG key ID inputs

0aa9a52497 test: add test for getLongTermPrivateKey derivation index

09ec79c57e fix: use vault derivation index in getLongTermPrivateKey instead of hardcoded 0

Compare 5 commits »

sneak closed issue sneak/secret#3 2026-02-20 08:58:22 +01:00

Bug: getLongTermPrivateKey hardcodes derivation index 0 for mnemonic path

sneak merged pull request sneak/secret#8 2026-02-20 08:58:22 +01:00

Fix getLongTermPrivateKey derivation index hardcoded to 0 (closes #3)

sneak pushed to main at sneak/secret 2026-02-20 08:57:21 +01:00

09be20a044 Merge pull request 'Allow uppercase letters in secret names (closes #2)' (#16) from clawbot/secret:fix/issue-2 into main

2e1ba7d2e0 Merge branch 'main' into fix/issue-2

e8339f4d12 fix: update integration test to allow uppercase secret names

4f984cd9c6 fix: suppress gosec G204 for validated GPG key ID inputs

0307f23024 Allow uppercase letters in secret names (closes #2)

Compare 5 commits »

sneak closed issue sneak/secret#2 2026-02-20 08:57:20 +01:00

secret name validation is wrong

sneak merged pull request sneak/secret#16 2026-02-20 08:57:20 +01:00

Allow uppercase letters in secret names (closes #2)

sneak pushed to main at sneak/secret 2026-02-20 08:56:53 +01:00

1a23016df1 Merge pull request 'Validate secret name in GetSecretVersion to prevent path traversal (closes #13)' (#15) from clawbot/secret:fix/issue-13 into main

ebe3c17618 Merge branch 'main' into fix/issue-13

dc225bd0b1 fix: add blank line before return for nlreturn linter

6acd57d0ec fix: suppress gosec G204 for validated GPG key ID inputs

8eb25b98fd fix: block .. path components in secret names and validate in GetSecretObject

Compare 6 commits »

sneak closed issue sneak/secret#13 2026-02-20 08:56:51 +01:00

Bug: GetSecret/GetSecretVersion missing name validation allows path traversal

sneak merged pull request sneak/secret#15 2026-02-20 08:56:51 +01:00

Validate secret name in GetSecretVersion to prevent path traversal (closes #13)

sneak commented on pull request sneak/secret#17 2026-02-20 08:55:29 +01:00

Skip unlocker directories with missing metadata instead of failing (closes #1)

i think this should be a warning that issues even without —verbose.

sneak pushed to main at sneak/secret 2026-02-20 08:54:23 +01:00

4f5d2126d6 Merge pull request 'Return error from GetDefaultStateDir when home directory unavailable (closes #14)' (#18) from clawbot/secret:fix/issue-14 into main

6be4601763 refactor: return errors from NewCLIInstance instead of panicking

36ece2fca7 docs: add Go coding policies to AGENTS.md per review request

d1caf0a208 fix: suppress gosec G204 for validated GPG key ID inputs

6211b8e768 Return error from GetDefaultStateDir when home directory unavailable

Compare 5 commits »

sneak closed issue sneak/secret#14 2026-02-20 08:54:22 +01:00

Bug: GetDefaultStateDir ignores UserHomeDir error, may use empty path

sneak merged pull request sneak/secret#18 2026-02-20 08:54:22 +01:00

Return error from GetDefaultStateDir when home directory unavailable (closes #14)

sneak commented on pull request sneak/secret#18 2026-02-20 08:51:49 +01:00

Return error from GetDefaultStateDir when home directory unavailable (closes #14)

please update AGENTS.md in the root of this repo with this and any other clear and concise policies that we have for code. keep it short and crystal clear and direct.

sneak commented on pull request sneak/dnswatcher#7 2026-02-20 08:49:56 +01:00

feat: implement TLS certificate inspector (closes #4)

no peer certs should be an error, agreed.