fix: enhance WebSocket origin check and improve email validation in mail service

2026-03-06 13:50:59 +00:00
parent ee224adcf1
commit a69f698440
10 changed files with 639 additions and 857 deletions
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -187,12 +187,12 @@ repos:
        description: "Detects GORM ID leaks and common GORM security mistakes"

      - id: semgrep-scan
-        name: Semgrep Security Scan (Manual)
+        name: Semgrep Security Scan (Blocking - pre-push)
        entry: scripts/pre-commit-hooks/semgrep-scan.sh
        language: script
        pass_filenames: false
        verbose: true
-        stages: [manual]  # Manual stage initially (reversible rollout)
+        stages: [pre-push]

      - id: gitleaks-tuned-scan
        name: Gitleaks Security Scan (Tuned, Manual)