Jeffrey Paul sneak

1 Followers · 0 Following

• Berlin, Deutschland
• https://sneak.berlin
• Joined on 2020-02-05

Repositories

97

Projects Packages Code Public Activity Starred Repositories

sneak closed issue sneak/secret#13 2026-02-20 08:56:51 +01:00

Bug: GetSecret/GetSecretVersion missing name validation allows path traversal

sneak merged pull request sneak/secret#15 2026-02-20 08:56:51 +01:00

Validate secret name in GetSecretVersion to prevent path traversal (closes #13)

sneak commented on pull request sneak/secret#17 2026-02-20 08:55:29 +01:00

Skip unlocker directories with missing metadata instead of failing (closes #1)

i think this should be a warning that issues even without —verbose.

sneak pushed to main at sneak/secret 2026-02-20 08:54:23 +01:00

4f5d2126d6 Merge pull request 'Return error from GetDefaultStateDir when home directory unavailable (closes #14)' (#18) from clawbot/secret:fix/issue-14 into main

6be4601763 refactor: return errors from NewCLIInstance instead of panicking

36ece2fca7 docs: add Go coding policies to AGENTS.md per review request

d1caf0a208 fix: suppress gosec G204 for validated GPG key ID inputs

6211b8e768 Return error from GetDefaultStateDir when home directory unavailable

Compare 5 commits »

sneak closed issue sneak/secret#14 2026-02-20 08:54:22 +01:00

Bug: GetDefaultStateDir ignores UserHomeDir error, may use empty path

sneak merged pull request sneak/secret#18 2026-02-20 08:54:22 +01:00

Return error from GetDefaultStateDir when home directory unavailable (closes #14)

sneak commented on pull request sneak/secret#18 2026-02-20 08:51:49 +01:00

Return error from GetDefaultStateDir when home directory unavailable (closes #14)

please update AGENTS.md in the root of this repo with this and any other clear and concise policies that we have for code. keep it short and crystal clear and direct.

sneak commented on pull request sneak/dnswatcher#7 2026-02-20 08:49:56 +01:00

feat: implement TLS certificate inspector (closes #4)

no peer certs should be an error, agreed.

sneak commented on pull request sneak/secret#18 2026-02-20 08:48:35 +01:00

Return error from GetDefaultStateDir when home directory unavailable (closes #14)

why fatalf and panic usage? seems inconsistent.

sneak pushed to main at sneak/upaas 2026-02-20 05:37:50 +01:00

3a4e999382 Merge pull request 'revert: undo PR #98 (CI + linter config changes)' (#99) from revert/pr-98 into main

728b29ef16 Revert "Merge pull request 'feat: add Gitea Actions CI for make check (closes #96)' (#98) from feat/ci-make-check into main"

Compare 2 commits »

sneak merged pull request sneak/upaas#99 2026-02-20 05:37:50 +01:00

revert: undo PR #98 (CI + linter config changes)

sneak commented on pull request sneak/upaas#98 2026-02-20 05:33:57 +01:00

feat: add Gitea Actions CI for make check (closes #96)

@clawbot revert this

sneak pushed to main at sneak/upaas 2026-02-20 05:33:26 +01:00

f61d4d0f91 Merge pull request 'feat: add Gitea Actions CI for make check (closes #96)' (#98) from feat/ci-make-check into main

8ec04fdadb feat: add Gitea Actions CI for make check (closes #96)

Compare 2 commits »

sneak closed issue sneak/upaas#96 2026-02-20 05:33:24 +01:00

needs actions for code standard checks

sneak merged pull request sneak/upaas#98 2026-02-20 05:33:24 +01:00

feat: add Gitea Actions CI for make check (closes #96)

sneak commented on pull request sneak/upaas#95 2026-02-20 05:32:45 +01:00

chore: code cleanup and best practices (closes #45)

relying on the content type alone is insufficient.

sneak commented on pull request sneak/upaas#95 2026-02-20 05:26:21 +01:00

chore: code cleanup and best practices (closes #45)

@clawbot do it here on the PR. remember not to ask obvious questions like this that block work.

sneak pushed to fix/repo-url-validation at sneak/upaas 2026-02-20 05:24:36 +01:00

08377058c2 Merge branch 'main' into fix/repo-url-validation

06e8e66443 Merge pull request 'fix: clean up orphan resources on deploy cancellation (closes #89)' (#93) from fix/deploy-cancel-cleanup into main

95a690e805 fix: use strings.HasPrefix instead of manual slice comparison

802518b917 fix: clean up orphan resources on deploy cancellation (closes #89)

Compare 4 commits »

sneak commented on pull request sneak/upaas#97 2026-02-20 05:24:01 +01:00

ci: add Gitea Actions workflow for make check (closes #96)

unacceptable. this introduces RCE because of the latest tag. always specify remote code by cryptographic hash only.

sneak pushed to ci/add-check-action at sneak/upaas 2026-02-20 05:23:12 +01:00

a33c7b6a2a Merge branch 'main' into ci/add-check-action

06e8e66443 Merge pull request 'fix: clean up orphan resources on deploy cancellation (closes #89)' (#93) from fix/deploy-cancel-cleanup into main

95a690e805 fix: use strings.HasPrefix instead of manual slice comparison

802518b917 fix: clean up orphan resources on deploy cancellation (closes #89)

Compare 4 commits »